From owner-freebsd-geom@FreeBSD.ORG Thu Jun 11 17:14:17 2009 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5EABA1065697 for ; Thu, 11 Jun 2009 17:14:17 +0000 (UTC) (envelope-from listat@apz.fi) Received: from basestar1.apz.fi (basestar1.apz.fi [62.237.4.40]) by mx1.freebsd.org (Postfix) with ESMTP id 1A5808FC1F for ; Thu, 11 Jun 2009 17:14:16 +0000 (UTC) (envelope-from listat@apz.fi) Received: from localhost (localhost [127.0.0.1]) by basestar1.apz.fi (Postfix) with ESMTP id 8DAA4272C59 for ; Thu, 11 Jun 2009 20:14:14 +0300 (EEST) X-Virus-Scanned: by amavisd-new at basestar1. Got none of those nasty buggers! Received: from basestar1.apz.fi ([127.0.0.1]) by localhost (basestar1.apz.fi [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hi4O8ElzVpml for ; Thu, 11 Jun 2009 20:14:09 +0300 (EEST) Received: from [214.1.1.1] (adsl-109-212-210.kymp.net [77.109.212.210]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by basestar1.apz.fi (Postfix) with ESMTPSA id 97311272C57 for ; Thu, 11 Jun 2009 20:14:09 +0300 (EEST) Message-ID: <4A313B5E.3040300@apz.fi> Date: Thu, 11 Jun 2009 20:14:06 +0300 From: =?ISO-8859-1?Q?Ari_Sovij=E4rvi?= User-Agent: Mozilla-Thunderbird 2.0.0.19 (X11/20090103) MIME-Version: 1.0 To: freebsd-geom@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Subject: Geli and EVP_camellia_256_cbc X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Jun 2009 17:14:17 -0000 Ivan Voras wrote: > Possibly your world is not in sync. > /usr/lib> strings libssl.so | grep EVP > EVP_des_cbc > EVP_add_cipher > EVP_des_ede3_cbc > EVP_rc4 > EVP_rc2_cbc > EVP_aes_128_cbc > EVP_aes_192_cbc > EVP_aes_256_cbc > EVP_camellia_128_cbc > EVP_camellia_256_cbc That command does not list camellia, as it's disabled in sparc64 builds. Looking at openssl's source (especially crypto/openssl/crypto/evp/e_camellia.c), there's a condition not to build camellia if OPENSSL_NO_CAMELLIA is defined. In opensslconf-sparc64.h again that gets set, but that condition isn't in geom, so apparently in sparc64 geli is broken to my understanding. Could someone with more in-depth knowledge about geli verify this finding, or alternatively try this on a sparc64 system? I have couple of the systems online, one with 7.1 and the other with 7.2, both seem to behave the same way. I've also have one i386 7.2 system (from the same source), and it seems to work. -- Ari Sovijärvi