On 28/09/2013 14:56, Dr Stephen Henson wrote: > On 28/09/2013 14:42, Kaspar Brand wrote: >> >> If the ability to specify relative path names with SSLOpenSSLConfCmd is >> considered an absolutely essential feature, then OpenSSL could perhaps >> "standardize" its option names somewhat - e.g. by always naming those >> which take a file name argument with "...File". We could then handle >> such a case in mod_ssl as illustrated by the attached patch. >> > > An alternative would be to specify a callback to OpenSSL which can be used to > "transform" a filename which is called whenever any option name requires a > file. >
On second thoughts that could prove messy and might involve processing the same command more than once. How about something like: int SSL_CONF_cmd_type(SSL_CONF_CTX *cctx, const char *cmd); which can return things like... SSL_CONF_TYPE_INVALID: unrecognised name. SSL_CONF_TYPE_FILE: file name. SSL_CONF_TYPE_DIR: directory name. ... others ... SSL_CONF_TYPE_STR: string with no special meaning. Steve. -- Dr Stephen Henson. OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 +1 877-673-6775 shen...@opensslfoundation.com