cvs commit: src/crypto/openssl/crypto/engine eng_cryptodev.c
Sam Leffler
sam at errno.com
Sun Jan 13 11:01:47 PST 2008
Simon L. Nielsen wrote:
> On 2008.01.13 11:44:47 +0000, Simon L. Nielsen wrote:
>
>> simon 2008-01-13 11:44:47 UTC
>>
>> FreeBSD src repository
>>
>> Modified files:
>> crypto/openssl/crypto/engine eng_cryptodev.c
>> Log:
>> Unbreak detection of cryptodev support for FreeBSD which was broken
>> with OpenSSL 0.9.8 import.
>>
>> Note that this does not enable cryptodev by default, as it was the
>> case with OpenSSL 0.9.7 in FreeBSD base, but this change makes it
>> possible to enable cryptodev at all.
>>
>
> With this change it is possible to enable cryptodev by default for
> openssl(1) with lines like below in etc/ssl/openssl.cnf.
> Unfortunately openssh does not call the functions to read the config
> file so it's not possible to enable cryptodev in openssh in a similar
> fashion. I have yet figure out how to do support cryptodev by default
> cleanly...
>
> Oh, and I just remembered that I forgot to thank Mike Tancsa / Sentex
> for providing hardware used for testing this. So... thanks! :-)
>
>
>
> [openssl_init]
> engines = engine_section
>
> [engine_section]
> cryptodev = cryptodev_section
>
> [ cryptodev_section ]
> engine_id = cryptodev
> default_algorithms = ALL
>
>
> (Note that the above was copied from a config file I haven't touched
> in month so I'm 100% the exact section above is enough, but it's
> close...)
>
>
I gave you a patch to make cryptodev the default (if present) w/o
modifying openssl.cnf. That is how things used to work in freebsd and
how things work on systems like openbsd. Was there a problem w/ it?
Sam
More information about the cvs-src
mailing list