Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 14 Jan 2008 00:37:17 +0100
From:      "Simon L. Nielsen" <simon@FreeBSD.org>
To:        Sam Leffler <sam@errno.com>
Cc:        cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   Re: cvs commit: src/crypto/openssl/crypto/engine eng_cryptodev.c
Message-ID:  <20080113233716.GB14893@zaphod.nitro.dk>
In-Reply-To: <478A601A.3060506@errno.com>
References:  <200801131144.m0DBimYT077701@repoman.freebsd.org> <20080113115947.GA1135@zaphod.nitro.dk> <478A601A.3060506@errno.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 2008.01.13 11:01:46 -0800, Sam Leffler wrote:
> Simon L. Nielsen wrote:
>> On 2008.01.13 11:44:47 +0000, Simon L. Nielsen wrote:
>>   
>>> simon       2008-01-13 11:44:47 UTC
>>> 
>>>   FreeBSD src repository
>>> 
>>>   Modified files:
>>>     crypto/openssl/crypto/engine eng_cryptodev.c   Log:
>>>   Unbreak detection of cryptodev support for FreeBSD which was broken
>>>   with OpenSSL 0.9.8 import.
>>>     Note that this does not enable cryptodev by default, as it was the
>>>   case with OpenSSL 0.9.7 in FreeBSD base, but this change makes it
>>>   possible to enable cryptodev at all.
>>>     
>> 
>> With this change it is possible to enable cryptodev by default for
>> openssl(1) with lines like below in etc/ssl/openssl.cnf.
>> Unfortunately openssh does not call the functions to read the config
>> file so it's not possible to enable cryptodev in openssh in a similar
>> fashion. I have yet figure out how to do support cryptodev by default
>> cleanly...
[...]
>
> I gave you a patch to make cryptodev the default (if present) w/o modifying 
> openssl.cnf.  That is how things used to work in freebsd and how things 
> work on systems like openbsd.  Was there a problem w/ it?

I'm not certain that is the correct way and that it won't have any
other side-effects.  I should have found some OpenSSL people to bug
about this, but I haven't gotten around to doing that yet.

Part of what worries me some, is that I can't find out why OpenSSL
stopped just using cryptodev by default, neither in docs nor in the
code.

-- 
Simon L. Nielsen

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080113233716.GB14893>