Add Copyright and license.

Merge some typo fixes, a paragraph documenting another flag,
and some additional explanations and EXAMPLES from OpenSSL.

1 files changed, 138 insertions, 4 deletions

diff --git a/lib/libcrypto/man/CONF_modules_load_file.3 b/lib/libcrypto/man/CONF_modules_load_file.3
index 6e1a0267275..0e594a1544e 100644
--- a/lib/libcrypto/man/CONF_modules_load_file.3
+++ b/lib/libcrypto/man/CONF_modules_load_file.3
@@ -1,6 +1,54 @@
-.\"	$OpenBSD: CONF_modules_load_file.3,v 1.3 2016/11/10 14:34:18 jmc Exp $
+.\"	$OpenBSD: CONF_modules_load_file.3,v 1.4 2016/11/20 19:47:59 schwarze Exp $
+.\"	OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
 .\"
-.Dd $Mdocdate: November 10 2016 $
+.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
+.\" Copyright (c) 2000, 2015 The OpenSSL Project.  All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\"
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in
+.\"    the documentation and/or other materials provided with the
+.\"    distribution.
+.\"
+.\" 3. All advertising materials mentioning features or use of this
+.\"    software must display the following acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+.\"
+.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+.\"    endorse or promote products derived from this software without
+.\"    prior written permission. For written permission, please contact
+.\"    openssl-core@openssl.org.
+.\"
+.\" 5. Products derived from this software may not be called "OpenSSL"
+.\"    nor may "OpenSSL" appear in their names without prior written
+.\"    permission of the OpenSSL Project.
+.\"
+.\" 6. Redistributions of any form whatsoever must retain the following
+.\"    acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+.\" OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd $Mdocdate: November 20 2016 $
 .Dt CONF_MODULES_LOAD_FILE 3
 .Os
 .Sh NAME
@@ -40,11 +88,11 @@ is
 the standard OpenSSL application name
 .Qq openssl_conf
 is used.
-The behaviour can be cutomized using
+The behaviour can be customized using
 .Fa flags .
 .Pp
 .Fn CONF_modules_load
-is idential to
+is identical to
 .Fn CONF_modules_load_file
 except it reads configuration information from
 .Fa cnf .
@@ -67,12 +115,98 @@ Let
 .Fn CONF_modules_load_file
 ignore missing configuration files.
 By default, a missing configuration file returns an error.
+.It CONF_MFLAGS_DEFAULT_SECTION
+If
+.Fa appname
+is not
+.Dv NULL
+but does not exist, fall back to the default section
+.Qq openssl_conf .
 .El
+.Pp
+By using
+.Fn CONF_modules_load_file
+with appropriate flags, an application can customise application
+configuration to best suit its needs.
+In some cases the use of a configuration file is optional and its
+absence is not an error: in this case
+.Dv CONF_MFLAGS_IGNORE_MISSING_FILE
+would be set.
+.Pp
+Errors during configuration may also be handled differently by
+different applications.
+For example in some cases an error may simply print out a warning
+message and the application may continue.
+In other cases an application might consider a configuration file
+error fatal and exit immediately.
+.Pp
+Applications can use the
+.Fn CONF_modules_load
+function if they wish to load a configuration file themselves and
+have finer control over how errors are treated.
 .Sh RETURN VALUES
 These functions return 1 for success and zero or a negative value for
 failure.
 If module errors are not ignored, the return code will reflect the return
 value of the failing module (this will always be zero or negative).
+.Sh EXAMPLES
+Load a configuration file and print out any errors and exit (missing
+file considered fatal):
+.Bd -literal
+if (CONF_modules_load_file(NULL, NULL, 0) <= 0) {
+	fprintf(stderr, "FATAL: error loading configuration file\n");
+	ERR_print_errors_fp(stderr);
+	exit(1);
+}
+.Ed
+.Pp
+Load default configuration file using the section indicated
+by "myapp", tolerate missing files, but exit on other errors:
+.Bd -literal
+if (CONF_modules_load_file(NULL, "myapp",
+    CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
+	fprintf(stderr, "FATAL: error loading configuration file\n");
+	ERR_print_errors_fp(stderr);
+	exit(1);
+}
+.Ed
+.Pp
+Load custom configuration file and section, only print warnings on
+error, missing configuration file ignored:
+.Bd -literal
+if (CONF_modules_load_file("/something/app.cnf", "myapp",
+    CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
+	fprintf(stderr, "WARNING: error loading configuration file\n");
+	ERR_print_errors_fp(stderr);
+}
+.Ed
+.Pp
+Load and parse configuration file manually, custom error handling:
+.Bd -literal
+FILE	*fp;
+CONF	*cnf = NULL;
+long	 eline;
+
+fp = fopen("/somepath/app.cnf", "r");
+if (fp == NULL) {
+	fprintf(stderr, "Error opening configuration file\n");
+	/* Other missing configuration file behaviour */
+} else {
+	cnf = NCONF_new(NULL);
+	if (NCONF_load_fp(cnf, fp, &eline) == 0) {
+		fprintf(stderr, "Error on line %ld of configuration file\n",
+		    eline);
+		ERR_print_errors_fp(stderr);
+		/* Other malformed configuration file behaviour */
+	} else if (CONF_modules_load(cnf, "appname", 0) <= 0) {
+		fprintf(stderr, "Error configuring application\n");
+		ERR_print_errors_fp(stderr);
+		/* Other configuration error behaviour */
+	}
+	fclose(fp);
+	NCONF_free(cnf);
+}
+.Ed
 .Sh SEE ALSO
 .Xr CONF_modules_free 3 ,
 .Xr ERR 3 ,