Cryptography and SSL/TLS Toolkit



NCONF_new_ex, NCONF_new, NCONF_free, NCONF_default, NCONF_load, NCONF_get0_libctx, NCONF_get_section, NCONF_get_section_names - functionality to Load and parse configuration files manually


#include <openssl/conf.h>

typedef struct {
    char *section;
    char *name;
    char *value;

CONF *NCONF_new_ex(OSSL_LIB_CTX *libctx, CONF_METHOD *meth);
void NCONF_free(CONF *conf);
CONF_METHOD *NCONF_default(void);
int NCONF_load(CONF *conf, const char *file, long *eline);
OSSL_LIB_CTX *NCONF_get0_libctx(const CONF *conf);

STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf, const char *name);
STACK_OF(OPENSSL_CSTRING) *NCONF_get_section_names(const CONF *conf);


NCONF_new_ex() creates a new CONF object in heap memory and assigns to it a context libctx that can be used during loading. If the method table meth is set to NULL then the default value of NCONF_default() is used.

NCONF_new() is similar to NCONF_new_ex() but sets the libctx to NULL.

NCONF_free() frees the data associated with conf and then frees the conf object. If the argument is NULL, nothing is done.

NCONF_load() parses the file named filename and adds the values found to conf. If an error occurs file and eline list the file and line that the load failed on if they are not NULL.

NCONF_default() gets the default method table for processing a configuration file.

NCONF_get0_libctx() gets the library context associated with the conf parameter.

NCONF_get_section_names() gets the names of the sections associated with the conf as STACK_OF(OPENSSL_CSTRING) strings. The individual strings are associated with the conf and will be invalid after conf is freed. The returned stack must be freed with sk_OPENSSL_CSTRING_free().

NCONF_get_section() gets the config values associated with the conf from the config section name as STACK_OF(CONF_VALUE) structures. The returned stack is associated with the conf and will be invalid after conf is freed. It must not be freed by the caller.


NCONF_load() returns 1 on success or 0 on error.

NCONF_new_ex() and NCONF_new() return a newly created CONF object or NULL if an error occurs.




NCONF_new_ex(), NCONF_get0_libctx(), and NCONF_get_section_names() were added in OpenSSL 3.0.

Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at