From owner-cvs-src@FreeBSD.ORG Sun Jan 13 23:37:14 2008 Return-Path: Delivered-To: cvs-src@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E853616A419; Sun, 13 Jan 2008 23:37:14 +0000 (UTC) (envelope-from simon@benji.nitro.dk) Received: from mx.nitro.dk (zarniwoop.nitro.dk [83.92.207.38]) by mx1.freebsd.org (Postfix) with ESMTP id 96E3213C455; Sun, 13 Jan 2008 23:37:14 +0000 (UTC) (envelope-from simon@benji.nitro.dk) Received: from benji.nitro.dk (unknown [192.168.3.39]) by mx.nitro.dk (Postfix) with ESMTP id A89841E8C08; Sun, 13 Jan 2008 23:37:13 +0000 (UTC) Received: by benji.nitro.dk (Postfix, from userid 2000) id 74D10FD47; Mon, 14 Jan 2008 00:37:17 +0100 (CET) Date: Mon, 14 Jan 2008 00:37:17 +0100 From: "Simon L. Nielsen" To: Sam Leffler Message-ID: <20080113233716.GB14893@zaphod.nitro.dk> References: <200801131144.m0DBimYT077701@repoman.freebsd.org> <20080113115947.GA1135@zaphod.nitro.dk> <478A601A.3060506@errno.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <478A601A.3060506@errno.com> User-Agent: Mutt/1.5.17 (2007-11-01) Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/crypto/openssl/crypto/engine eng_cryptodev.c X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Jan 2008 23:37:15 -0000 On 2008.01.13 11:01:46 -0800, Sam Leffler wrote: > Simon L. Nielsen wrote: >> On 2008.01.13 11:44:47 +0000, Simon L. Nielsen wrote: >> >>> simon 2008-01-13 11:44:47 UTC >>> >>> FreeBSD src repository >>> >>> Modified files: >>> crypto/openssl/crypto/engine eng_cryptodev.c Log: >>> Unbreak detection of cryptodev support for FreeBSD which was broken >>> with OpenSSL 0.9.8 import. >>> Note that this does not enable cryptodev by default, as it was the >>> case with OpenSSL 0.9.7 in FreeBSD base, but this change makes it >>> possible to enable cryptodev at all. >>> >> >> With this change it is possible to enable cryptodev by default for >> openssl(1) with lines like below in etc/ssl/openssl.cnf. >> Unfortunately openssh does not call the functions to read the config >> file so it's not possible to enable cryptodev in openssh in a similar >> fashion. I have yet figure out how to do support cryptodev by default >> cleanly... [...] > > I gave you a patch to make cryptodev the default (if present) w/o modifying > openssl.cnf. That is how things used to work in freebsd and how things > work on systems like openbsd. Was there a problem w/ it? I'm not certain that is the correct way and that it won't have any other side-effects. I should have found some OpenSSL people to bug about this, but I haven't gotten around to doing that yet. Part of what worries me some, is that I can't find out why OpenSSL stopped just using cryptodev by default, neither in docs nor in the code. -- Simon L. Nielsen