static int parse_server_options(SSL_TEST_SERVER_CONF *server, const CONF *conf, const char *server_section) { STACK_OF(CONF_VALUE) *sk_conf; int i; size_t j; sk_conf = NCONF_get_section(conf, server_section); TEST_check(sk_conf != NULL); for (i = 0; i < sk_CONF_VALUE_num(sk_conf); i++) { int found = 0; const CONF_VALUE *option = sk_CONF_VALUE_value(sk_conf, i); for (j = 0; j < OSSL_NELEM(ssl_test_server_options); j++) { if (strcmp(option->name, ssl_test_server_options[j].name) == 0) { if (!ssl_test_server_options[j].parse(server, option->value)) { fprintf(stderr, "Bad value %s for option %s\n", option->value, option->name); return 0; } found = 1; break; } } if (!found) { fprintf(stderr, "Unknown test option: %s\n", option->name); return 0; } } return 1; }
static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf) { STACK_OF(CONF_VALUE) *elist; CONF_VALUE *cval; int i; #ifdef ENGINE_CONF_DEBUG fprintf(stderr, "Called engine module: name %s, value %s\n", CONF_imodule_get_name(md), CONF_imodule_get_value(md)); #endif /* Value is a section containing ENGINEs to configure */ elist = NCONF_get_section(cnf, CONF_imodule_get_value(md)); if (!elist) { ENGINEerr(ENGINE_F_INT_ENGINE_MODULE_INIT, ENGINE_R_ENGINES_SECTION_ERROR); return 0; } for (i = 0; i < sk_CONF_VALUE_num(elist); i++) { cval = sk_CONF_VALUE_value(elist, i); if (!int_engine_configure(cval->name, cval->value, cnf)) return 0; } return 1; }
/* char *value: Value */ static X509_EXTENSION * do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value) { const X509V3_EXT_METHOD *method; X509_EXTENSION *ext; STACK_OF(CONF_VALUE) *nval; void *ext_struc; if (ext_nid == NID_undef) { X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_UNKNOWN_EXTENSION_NAME); return NULL; } if (!(method = X509V3_EXT_get_nid(ext_nid))) { X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_UNKNOWN_EXTENSION); return NULL; } /* Now get internal extension representation based on type */ if (method->v2i) { if (*value == '@') nval = NCONF_get_section(conf, value + 1); else nval = X509V3_parse_list(value); if (sk_CONF_VALUE_num(nval) <= 0) { X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_INVALID_EXTENSION_STRING); ERR_asprintf_error_data("name=%s,section=%s", OBJ_nid2sn(ext_nid), value); return NULL; } ext_struc = method->v2i(method, ctx, nval); if (*value != '@') sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); if (!ext_struc) return NULL; } else if (method->s2i) { if (!(ext_struc = method->s2i(method, ctx, value))) return NULL; } else if (method->r2i) { if (!ctx->db || !ctx->db_meth) { X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_NO_CONFIG_DATABASE); return NULL; } if (!(ext_struc = method->r2i(method, ctx, value))) return NULL; } else { X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); ERR_asprintf_error_data("name=%s", OBJ_nid2sn(ext_nid)); return NULL; } ext = do_ext_i2d(method, ext_nid, crit, ext_struc); if (method->it) ASN1_item_free(ext_struc, ASN1_ITEM_ptr(method->it)); else method->ext_free(ext_struc); return ext; }
STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,const char *section) { if (conf == NULL) { return NULL; } else { CONF ctmp; CONF_set_nconf(&ctmp, conf); return NCONF_get_section(&ctmp, section); } }
static int alg_module_init (CONF_IMODULE * md, const CONF * cnf) { int i; const char *oid_section; STACK_OF (CONF_VALUE) * sktmp; CONF_VALUE *oval; oid_section = CONF_imodule_get_value (md); if (!(sktmp = NCONF_get_section (cnf, oid_section))) { EVPerr (EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION); return 0; } for (i = 0; i < sk_CONF_VALUE_num (sktmp); i++) { oval = sk_CONF_VALUE_value (sktmp, i); if (!strcmp (oval->name, "fips_mode")) { int m; if (!X509V3_get_value_bool (oval, &m)) { EVPerr (EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE); return 0; } if (m > 0) { #ifdef OPENSSL_FIPS if (!FIPS_mode () && !FIPS_mode_set (1)) { EVPerr (EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_SETTING_FIPS_MODE); return 0; } #else EVPerr (EVP_F_ALG_MODULE_INIT, EVP_R_FIPS_MODE_NOT_SUPPORTED); return 0; #endif } } else { EVPerr (EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION); ERR_add_error_data (4, "name=", oval->name, ", value=", oval->value); } } return 1; }
static gboolean ConfigX509CertReq(X509_REQ *req, // OUT CONF *config) // IN { int idx; X509_NAME *subject; gboolean ret = FALSE; const char *dname; gchar *err = NULL; if (!X509_REQ_set_version(req, 0L)) { Error("Failed to set the certificate request version: %s.\n", GetSSLError(&err)); goto exit; } subject = X509_REQ_get_subject_name(req); if (!subject) { Error("Failed to get the certificate request subject name: %s.\n", GetSSLError(&err)); goto exit; } dname = NCONF_get_string(config, "req", "distinguished_name"); if (dname) { STACK_OF(CONF_VALUE) *dn_sk = NCONF_get_section(config, dname); if (!dn_sk) { Error("Failed to get section %s: %s.\n", dname, GetSSLError(&err)); goto exit; } for (idx = 0; idx < sk_CONF_VALUE_num(dn_sk); idx++) { CONF_VALUE *v = sk_CONF_VALUE_value(dn_sk, idx); if (!X509_NAME_add_entry_by_txt(subject, v->name, MBSTRING_ASC, v->value, -1, -1, 0)) { Error("Failed to set certificate request pair %s/%s: %s.\n", v->name, v->value, GetSSLError(&err)); goto exit; } } } ret = TRUE; exit: g_free(err); return ret; }
/* TODO(3.0): the config module functions should be passed a library context */ static int alg_module_init(CONF_IMODULE *md, const CONF *cnf) { int i; const char *oid_section; STACK_OF(CONF_VALUE) *sktmp; CONF_VALUE *oval; OSSL_TRACE2(CONF, "Loading EVP module: name %s, value %s\n", CONF_imodule_get_name(md), CONF_imodule_get_value(md)); oid_section = CONF_imodule_get_value(md); if ((sktmp = NCONF_get_section(cnf, oid_section)) == NULL) { EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION); return 0; } for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { oval = sk_CONF_VALUE_value(sktmp, i); if (strcmp(oval->name, "fips_mode") == 0) { int m; if (!X509V3_get_value_bool(oval, &m)) { EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE); return 0; } /* * fips_mode is deprecated and should not be used in new * configurations. Old configurations are likely to ONLY * have this, so we assume that no default properties have * been set before this. */ if (m > 0) EVP_set_default_properties(NULL, "fips=yes"); } else if (strcmp(oval->name, "default_properties") == 0) { EVP_set_default_properties(NULL, oval->value); } else { EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION); ERR_add_error_data(4, "name=", oval->name, ", value=", oval->value); return 0; } } return 1; }
static int oid_module_init(CONF_IMODULE *md, const CONF *cnf) { int i; const char *oid_section; STACK_OF(CONF_VALUE) *sktmp; CONF_VALUE *oval; oid_section = CONF_imodule_get_value(md); if (!(sktmp = NCONF_get_section(cnf, oid_section))) { ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION); return 0; } for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { oval = sk_CONF_VALUE_value(sktmp, i); if (!do_create(oval->value, oval->name)) { ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ADDING_OBJECT); return 0; } } return 1; }
SSL_TEST_CTX *SSL_TEST_CTX_create(const CONF *conf, const char *test_section) { STACK_OF(CONF_VALUE) *sk_conf; SSL_TEST_CTX *ctx; int i; size_t j; sk_conf = NCONF_get_section(conf, test_section); OPENSSL_assert(sk_conf != NULL); ctx = SSL_TEST_CTX_new(); OPENSSL_assert(ctx != NULL); for (i = 0; i < sk_CONF_VALUE_num(sk_conf); i++) { int found = 0; const CONF_VALUE *option = sk_CONF_VALUE_value(sk_conf, i); for (j = 0; j < OSSL_NELEM(ssl_test_ctx_options); j++) { if (strcmp(option->name, ssl_test_ctx_options[j].name) == 0) { if (!ssl_test_ctx_options[j].parse(ctx, option->value)) { fprintf(stderr, "Bad value %s for option %s\n", option->value, option->name); goto err; } found = 1; break; } } if (!found) { fprintf(stderr, "Unknown test option: %s\n", option->name); goto err; } } goto done; err: SSL_TEST_CTX_free(ctx); ctx = NULL; done: return ctx; }
static int stbl_module_init(CONF_IMODULE *md, const CONF *cnf) { int i; const char *stbl_section; STACK_OF(CONF_VALUE) *sktmp; CONF_VALUE *mval; stbl_section = CONF_imodule_get_value(md); if ((sktmp = NCONF_get_section(cnf, stbl_section)) == NULL) { ASN1err(ASN1_F_STBL_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION); return 0; } for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { mval = sk_CONF_VALUE_value(sktmp, i); if (!do_tcreate(mval->value, mval->name)) { ASN1err(ASN1_F_STBL_MODULE_INIT, ASN1_R_INVALID_VALUE); return 0; } } return 1; }
int main(int argc, char **argv) { BIO *sbio = NULL, *out = NULL; int i, len, rv; char tmpbuf[1024]; SSL_CTX *ctx = NULL; SSL_CONF_CTX *cctx = NULL; SSL *ssl = NULL; CONF *conf = NULL; STACK_OF(CONF_VALUE) *sect = NULL; CONF_VALUE *cnf; const char *connect_str = "localhost:4433"; long errline = -1; ERR_load_crypto_strings(); ERR_load_SSL_strings(); SSL_library_init(); conf = NCONF_new(NULL); if (NCONF_load(conf, "connect.cnf", &errline) <= 0) { if (errline <= 0) fprintf(stderr, "Error processing config file\n"); else fprintf(stderr, "Error on line %ld\n", errline); goto end; } sect = NCONF_get_section(conf, "default"); if (sect == NULL) { fprintf(stderr, "Error retrieving default section\n"); goto end; } ctx = SSL_CTX_new(SSLv3_client_method()); cctx = SSL_CONF_CTX_new(); SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT); SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_FILE); SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); for (i = 0; i < sk_CONF_VALUE_num(sect); i++) { cnf = sk_CONF_VALUE_value(sect, i); rv = SSL_CONF_cmd(cctx, cnf->name, cnf->value); if (rv > 0) continue; if (rv != -2) { fprintf(stderr, "Error processing %s = %s\n", cnf->name, cnf->value); ERR_print_errors_fp(stderr); goto end; } if (!strcmp(cnf->name, "Connect")) { connect_str = cnf->value; } else { fprintf(stderr, "Unknown configuration option %s\n", cnf->name); goto end; } } if (!SSL_CONF_CTX_finish(cctx)) { fprintf(stderr, "Finish error\n"); ERR_print_errors_fp(stderr); goto err; } /* * We'd normally set some stuff like the verify paths and * mode here * because as things stand this will connect to * any server whose * certificate is signed by any CA. */ sbio = BIO_new_ssl_connect(ctx); BIO_get_ssl(sbio, &ssl); if (!ssl) { fprintf(stderr, "Can't locate SSL pointer\n"); goto end; } /* Don't want any retries */ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); /* We might want to do other things with ssl here */ BIO_set_conn_hostname(sbio, connect_str); out = BIO_new_fp(stdout, BIO_NOCLOSE); if (BIO_do_connect(sbio) <= 0) { fprintf(stderr, "Error connecting to server\n"); ERR_print_errors_fp(stderr); goto end; } if (BIO_do_handshake(sbio) <= 0) { fprintf(stderr, "Error establishing SSL connection\n"); ERR_print_errors_fp(stderr); goto end; } /* Could examine ssl here to get connection info */ BIO_puts(sbio, "GET / HTTP/1.0\n\n"); for (;;) { len = BIO_read(sbio, tmpbuf, 1024); if (len <= 0) break; BIO_write(out, tmpbuf, len); } end: SSL_CONF_CTX_free(cctx); BIO_free_all(sbio); BIO_free(out); NCONF_free(conf); return 0; }
int main(int argc, char *argv[]) { char *port = "*:4433"; BIO *in = NULL; BIO *ssl_bio, *tmp; SSL_CTX *ctx; SSL_CONF_CTX *cctx = NULL; CONF *conf = NULL; STACK_OF(CONF_VALUE) *sect = NULL; CONF_VALUE *cnf; long errline = -1; char buf[512]; int ret = EXIT_FAILURE, i; ctx = SSL_CTX_new(TLS_server_method()); conf = NCONF_new(NULL); if (NCONF_load(conf, "accept.cnf", &errline) <= 0) { if (errline <= 0) fprintf(stderr, "Error processing config file\n"); else fprintf(stderr, "Error on line %ld\n", errline); goto err; } sect = NCONF_get_section(conf, "default"); if (sect == NULL) { fprintf(stderr, "Error retrieving default section\n"); goto err; } cctx = SSL_CONF_CTX_new(); SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_SERVER); SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CERTIFICATE); SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_FILE); SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); for (i = 0; i < sk_CONF_VALUE_num(sect); i++) { int rv; cnf = sk_CONF_VALUE_value(sect, i); rv = SSL_CONF_cmd(cctx, cnf->name, cnf->value); if (rv > 0) continue; if (rv != -2) { fprintf(stderr, "Error processing %s = %s\n", cnf->name, cnf->value); ERR_print_errors_fp(stderr); goto err; } if (strcmp(cnf->name, "Port") == 0) { port = cnf->value; } else { fprintf(stderr, "Unknown configuration option %s\n", cnf->name); goto err; } } if (!SSL_CONF_CTX_finish(cctx)) { fprintf(stderr, "Finish error\n"); ERR_print_errors_fp(stderr); goto err; } /* Setup server side SSL bio */ ssl_bio = BIO_new_ssl(ctx, 0); if ((in = BIO_new_accept(port)) == NULL) goto err; /* * This means that when a new connection is accepted on 'in', The ssl_bio * will be 'duplicated' and have the new socket BIO push into it. * Basically it means the SSL BIO will be automatically setup */ BIO_set_accept_bios(in, ssl_bio); again: /* * The first call will setup the accept socket, and the second will get a * socket. In this loop, the first actual accept will occur in the * BIO_read() function. */ if (BIO_do_accept(in) <= 0) goto err; for (;;) { i = BIO_read(in, buf, 512); if (i == 0) { /* * If we have finished, remove the underlying BIO stack so the * next time we call any function for this BIO, it will attempt * to do an accept */ printf("Done\n"); tmp = BIO_pop(in); BIO_free_all(tmp); goto again; } if (i < 0) { if (BIO_should_retry(in)) continue; goto err; } fwrite(buf, 1, i, stdout); fflush(stdout); } ret = EXIT_SUCCESS; err: if (ret != EXIT_SUCCESS) ERR_print_errors_fp(stderr); BIO_free(in); return ret; }
static int ssl_module_init(CONF_IMODULE *md, const CONF *cnf) { size_t i, j, cnt; int rv = 0; const char *ssl_conf_section; STACK_OF(CONF_VALUE) *cmd_lists; ssl_conf_section = CONF_imodule_get_value(md); cmd_lists = NCONF_get_section(cnf, ssl_conf_section); if (sk_CONF_VALUE_num(cmd_lists) <= 0) { if (cmd_lists == NULL) CONFerr(CONF_F_SSL_MODULE_INIT, CONF_R_SSL_SECTION_NOT_FOUND); else CONFerr(CONF_F_SSL_MODULE_INIT, CONF_R_SSL_SECTION_EMPTY); ERR_add_error_data(2, "section=", ssl_conf_section); goto err; } cnt = sk_CONF_VALUE_num(cmd_lists); ssl_module_free(md); ssl_names = OPENSSL_zalloc(sizeof(*ssl_names) * cnt); if (ssl_names == NULL) goto err; ssl_names_count = cnt; for (i = 0; i < ssl_names_count; i++) { struct ssl_conf_name_st *ssl_name = ssl_names + i; CONF_VALUE *sect = sk_CONF_VALUE_value(cmd_lists, (int)i); STACK_OF(CONF_VALUE) *cmds = NCONF_get_section(cnf, sect->value); if (sk_CONF_VALUE_num(cmds) <= 0) { if (cmds == NULL) CONFerr(CONF_F_SSL_MODULE_INIT, CONF_R_SSL_COMMAND_SECTION_NOT_FOUND); else CONFerr(CONF_F_SSL_MODULE_INIT, CONF_R_SSL_COMMAND_SECTION_EMPTY); ERR_add_error_data(4, "name=", sect->name, ", value=", sect->value); goto err; } ssl_name->name = OPENSSL_strdup(sect->name); if (ssl_name->name == NULL) goto err; cnt = sk_CONF_VALUE_num(cmds); ssl_name->cmds = OPENSSL_zalloc(cnt * sizeof(struct ssl_conf_cmd_st)); if (ssl_name->cmds == NULL) goto err; ssl_name->cmd_count = cnt; for (j = 0; j < cnt; j++) { const char *name; CONF_VALUE *cmd_conf = sk_CONF_VALUE_value(cmds, (int)j); struct ssl_conf_cmd_st *cmd = ssl_name->cmds + j; /* Skip any initial dot in name */ name = strchr(cmd_conf->name, '.'); if (name != NULL) name++; else name = cmd_conf->name; cmd->cmd = OPENSSL_strdup(name); cmd->arg = OPENSSL_strdup(cmd_conf->value); if (cmd->cmd == NULL || cmd->arg == NULL) goto err; } } rv = 1; err: if (rv == 0) ssl_module_free(md); return rv; }
static int int_engine_configure(char *name, char *value, const CONF *cnf) { int i; int ret = 0; long do_init = -1; STACK_OF(CONF_VALUE) *ecmds; CONF_VALUE *ecmd; char *ctrlname, *ctrlvalue; ENGINE *e = NULL; name = skip_dot(name); #ifdef ENGINE_CONF_DEBUG fprintf(stderr, "Configuring engine %s\n", name); #endif /* Value is a section containing ENGINE commands */ ecmds = NCONF_get_section(cnf, value); if (!ecmds) { ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_ENGINE_SECTION_ERROR); return 0; } for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) { ecmd = sk_CONF_VALUE_value(ecmds, i); ctrlname = skip_dot(ecmd->name); ctrlvalue = ecmd->value; #ifdef ENGINE_CONF_DEBUG fprintf(stderr, "ENGINE conf: doing ctrl(%s,%s)\n", ctrlname, ctrlvalue); #endif /* First handle some special pseudo ctrls */ /* Override engine name to use */ if (!strcmp(ctrlname, "engine_id")) name = ctrlvalue; /* Load a dynamic ENGINE */ else if (!strcmp(ctrlname, "dynamic_path")) { e = ENGINE_by_id("dynamic"); if (!e) goto err; if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", ctrlvalue, 0)) goto err; if (!ENGINE_ctrl_cmd_string(e, "LIST_ADD", "2", 0)) goto err; if (!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)) goto err; } /* ... add other pseudos here ... */ else { /* At this point we need an ENGINE structural reference * if we don't already have one. */ if (!e) { e = ENGINE_by_id(name); if (!e) return 0; } /* Allow "EMPTY" to mean no value: this allows a valid * "value" to be passed to ctrls of type NO_INPUT */ if (!strcmp(ctrlvalue, "EMPTY")) ctrlvalue = NULL; if (!strcmp(ctrlname, "init")) { if (!NCONF_get_number_e(cnf, value, "init", &do_init)) goto err; if (do_init == 1) { if (!int_engine_init(e)) goto err; } else if (do_init != 0) { ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_INVALID_INIT_VALUE); goto err; } } else if (!strcmp(ctrlname, "default_algorithms")) { if (!ENGINE_set_default_string(e, ctrlvalue)) goto err; } else if (!ENGINE_ctrl_cmd_string(e, ctrlname, ctrlvalue, 0)) return 0; } } if (e && (do_init == -1) && !int_engine_init(e)) goto err; ret = 1; err: if (e) ENGINE_free(e); return ret; }
int main(int argc, char *argv[]) { int i; long i_val, err = 0; char *key, *s_val; STACK_OF(CONF_VALUE) *sec; CONF_VALUE *item; CONF *conf; conf = NCONF_new(NCONF_default( )); if (!NCONF_load(conf, CONFFILE, &err)) { if (err == 0) int_error("Error opening configuration file"); else { fprintf(stderr, "Error in %s on line %li\n", CONFFILE, err); int_error("Errors parsing configuration file"); } } if (!(s_val = NCONF_get_string(conf, NULL, GLOB_VAR))) { fprintf(stderr, "Error finding \"%s\" in [%s]\n", GLOB_VAR, NULL); int_error("Error finding string"); } printf("Sec: %s, Key: %s, Val: %s\n", NULL, GLOB_VAR, s_val); #if (OPENSSL_VERSION_NUMBER > 0x00907000L) if (!(err = NCONF_get_number_e(conf, NULL, GLOB_NUM, &i_val))) { fprintf(stderr, "Error finding \"%s\" in [%s]\n", GLOB_NUM, NULL); int_error("Error finding number"); } #else if (!(s_val = NCONF_get_string(conf, NULL, GLOB_NUM))) { fprintf(stderr, "Error finding \"%s\" in [%s]\n", GLOB_VAR, NULL); int_error("Error finding number"); } i_val = atoi(s_val); #endif printf("Sec: %s, Key: %s, Val: %i\n", NULL, GLOB_VAR, i_val); if (!(key = NCONF_get_string(conf, PARAMS, SEC_NAME))) { fprintf(stderr, "Error finding \"%s\" in [%s]\n", SEC_NAME, PARAMS); int_error("Error finding string"); } printf("Sec: %s, Key: %s, Val: %s\n", PARAMS, SEC_NAME, key); if (!(sec = NCONF_get_section(conf, key))) { fprintf(stderr, "Error finding [%s]\n", key); int_error("Error finding string"); } for (i = 0; i < sk_CONF_VALUE_num(sec); i++) { item = sk_CONF_VALUE_value(sec, i); printf("Sec: %s, Key: %s, Val: %s\n", item->section, item->name, item->value); } NCONF_free(conf); return 0; }
SSL_TEST_CTX *SSL_TEST_CTX_create(const CONF *conf, const char *test_section) { STACK_OF(CONF_VALUE) *sk_conf; SSL_TEST_CTX *ctx; int i; size_t j; sk_conf = NCONF_get_section(conf, test_section); TEST_check(sk_conf != NULL); ctx = SSL_TEST_CTX_new(); TEST_check(ctx != NULL); for (i = 0; i < sk_CONF_VALUE_num(sk_conf); i++) { int found = 0; const CONF_VALUE *option = sk_CONF_VALUE_value(sk_conf, i); /* Subsections */ if (strcmp(option->name, "client") == 0) { if (!parse_client_options(&ctx->extra.client, conf, option->value)) goto err; } else if (strcmp(option->name, "server") == 0) { if (!parse_server_options(&ctx->extra.server, conf, option->value)) goto err; } else if (strcmp(option->name, "server2") == 0) { if (!parse_server_options(&ctx->extra.server2, conf, option->value)) goto err; } else if (strcmp(option->name, "resume-client") == 0) { if (!parse_client_options(&ctx->resume_extra.client, conf, option->value)) goto err; } else if (strcmp(option->name, "resume-server") == 0) { if (!parse_server_options(&ctx->resume_extra.server, conf, option->value)) goto err; } else if (strcmp(option->name, "resume-server2") == 0) { if (!parse_server_options(&ctx->resume_extra.server2, conf, option->value)) goto err; } else { for (j = 0; j < OSSL_NELEM(ssl_test_ctx_options); j++) { if (strcmp(option->name, ssl_test_ctx_options[j].name) == 0) { if (!ssl_test_ctx_options[j].parse(ctx, option->value)) { fprintf(stderr, "Bad value %s for option %s\n", option->value, option->name); goto err; } found = 1; break; } } if (!found) { fprintf(stderr, "Unknown test option: %s\n", option->name); goto err; } } } goto done; err: SSL_TEST_CTX_free(ctx); ctx = NULL; done: return ctx; }