Config file updates from stable branch

CHANGES

@@ -43,6 +43,15 @@
          *) applies to 0.9.6a ... 0.9.6d and 0.9.7
          +) applies to 0.9.7 only
 
+  +) Move default behaviour to CONF_modules_load_file(). Is appname is NULL
+     use "openssl_conf" if filename is NULL use default openssl config file.
+     [Steve Henson]
+
+  +) Add an argument to OPENSSL_config() to allow the use of an alternative
+     config section name. Add a new flag to tolerate a missing config file
+     and move code to CONF_modules_load_file().
+     [Steve Henson]
+
   *) Add information about CygWin 1.3 and on, and preserve proper
      configuration for the versions before that.
      [Corinna Vinschen <vinschen@redhat.com> and Richard Levitte]

crypto/conf/conf.h

@@ -112,6 +112,7 @@ typedef void conf_finish_func(CONF_IMODULE *md);
 #define CONF_MFLAGS_IGNORE_RETURN_CODES	0x2
 #define CONF_MFLAGS_SILENT		0x4
 #define CONF_MFLAGS_NO_DSO		0x8
+#define CONF_MFLAGS_IGNORE_MISSING_FILE	0x10
 
 int CONF_set_default_method(CONF_METHOD *meth);
 void CONF_set_nconf(CONF *conf,LHASH *hash);
@@ -127,7 +128,7 @@ void CONF_free(LHASH *conf);
 int CONF_dump_fp(LHASH *conf, FILE *out);
 int CONF_dump_bio(LHASH *conf, BIO *out);
 
-void OPENSSL_config(void);
+void OPENSSL_config(const char *config_name);
 
 /* New conf code.  The semantics are different from the functions above.
    If that wasn't the case, the above functions would have been replaced */

crypto/conf/conf_mall.c

@@ -81,30 +81,16 @@ void OPENSSL_load_builtin_modules(void)
 
 static int openssl_configured = 0;
 
-void OPENSSL_config(void)
+void OPENSSL_config(const char *config_name)
 	{
-	int err_exit = 0;
-	char *file;
 	if (openssl_configured)
 		return;
 
 	OPENSSL_load_builtin_modules();
 
-	file = CONF_get1_default_config_file();
-	if (!file)
-		return;
-
 	ERR_clear_error();
-	if (CONF_modules_load_file(file, "openssl_config", 0) <= 0)
-		{
-		if (ERR_GET_REASON(ERR_peek_last_error()) == CONF_R_NO_SUCH_FILE)
-			ERR_clear_error();
-		else
-			err_exit = 1;
-		}
-
-	OPENSSL_free(file);
-	if (err_exit)
+	if (CONF_modules_load_file(NULL, NULL,
+					CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0)
 		{
 		BIO *bio_err;
 		ERR_load_crypto_strings();
@@ -113,6 +99,7 @@ void OPENSSL_config(void)
 			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 			BIO_printf(bio_err,"Auto configuration failed\n");
 			ERR_print_errors(bio_err);
+			BIO_free(bio_err);
 			}
 		exit(1);
 		}

crypto/conf/conf_mod.c

@@ -163,18 +163,40 @@ int CONF_modules_load(const CONF *cnf, const char *appname,
 int CONF_modules_load_file(const char *filename, const char *appname,
 			   unsigned long flags)
 	{
+	char *file;
 	CONF *conf = NULL;
 	int ret = 0;
 	conf = NCONF_new(NULL);
 	if (!conf)
 		goto err;
 
-	if (NCONF_load(conf, filename, NULL) <= 0)
+	if (filename == NULL)
+		{
+		file = CONF_get1_default_config_file();
+		if (!file)
+			goto err;
+		}
+	else
+		file = (char *)filename;
+	if (appname == NULL)
+		appname = "openssl_conf";
+
+	if (NCONF_load(conf, file, NULL) <= 0)
+		{
+		if ((flags & CONF_MFLAGS_IGNORE_MISSING_FILE) &&
+		  (ERR_GET_REASON(ERR_peek_last_error()) == CONF_R_NO_SUCH_FILE))
+			{
+			ERR_clear_error();
+			ret = 1;
+			}
 		goto err;
+		}
 
 	ret = CONF_modules_load(conf, appname, flags);
 
 	err:
+	if (filename == NULL)
+		OPENSSL_free(file);
 	NCONF_free(conf);
 
 	return ret;
@@ -189,7 +211,7 @@ static int module_run(const CONF *cnf, char *name, char *value,
 	md = module_find(name);
 
 	/* Module not found: try to load DSO */
-	if (!md)
+	if (!md && !(flags & CONF_MFLAGS_NO_DSO))
 		md = module_load_dso(cnf, name, value, flags);
 
 	if (!md)
@@ -248,11 +270,6 @@ static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
 		goto err;
 		}
         ffunc = (conf_finish_func *)DSO_bind_func(dso, DSO_mod_finish_name);
-	if (!ffunc)
-		{
-		errcode = CONF_R_MISSING_FINISH_FUNCTION;
-		goto err;
-		}
 	/* All OK, add module */
 	md = module_add(dso, name, ifunc, ffunc);
 
@@ -450,7 +467,8 @@ void CONF_modules_finish(void)
 
 static void module_finish(CONF_IMODULE *imod)
 	{
-	imod->pmod->finish(imod);
+	if (imod->pmod->finish)
+		imod->pmod->finish(imod);
 	imod->pmod->links--;
 	OPENSSL_free(imod->name);
 	OPENSSL_free(imod->value);