From owner-freebsd-current@FreeBSD.ORG Wed Sep 17 12:53:31 2008 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5708E1065673 for ; Wed, 17 Sep 2008 12:53:31 +0000 (UTC) (envelope-from mike@sentex.net) Received: from smarthost1.sentex.ca (smarthost1.sentex.ca [64.7.153.18]) by mx1.freebsd.org (Postfix) with ESMTP id 03F5F8FC1C for ; Wed, 17 Sep 2008 12:53:30 +0000 (UTC) (envelope-from mike@sentex.net) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by smarthost1.sentex.ca (8.14.2/8.14.2) with ESMTP id m8HCDN0B014313; Wed, 17 Sep 2008 08:13:23 -0400 (EDT) (envelope-from mike@sentex.net) Received: from mdt-xp.sentex.net (simeon.sentex.ca [192.168.43.27]) by lava.sentex.ca (8.13.8/8.13.3) with ESMTP id m8HCDMgc043508 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 17 Sep 2008 08:13:22 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <200809171213.m8HCDMgc043508@lava.sentex.ca> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Wed, 17 Sep 2008 08:13:21 -0400 To: "Ian Freislich" , current@freebsd.org From: Mike Tancsa In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Scanned-By: MIMEDefang 2.64 on 64.7.153.18 Cc: Subject: Re: PATCH: crypto/openssl/crypto/engine/eng_table.c X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Sep 2008 12:53:31 -0000 At 04:06 AM 9/17/2008, Ian Freislich wrote: >Hi > >I had to apply the following patch to fix the engine cache in openssl >so that it will actually use the padlock driver for accelleration. >It appears that the original logic was reversed. Hi, For applications (eg sshd), is not --- crypto/openssl/crypto/engine/eng_cryptodev.c 2008-02-05 13:10:31.000000000 -0500 +++ crypto/openssl/crypto/engine/eng_cryptodev.c.good 2008-08-21 13:10:26.000000000 -0400 @@ -1127,6 +1127,7 @@ } ENGINE_add(engine); + ENGINE_set_default_ciphers(engine); ENGINE_free(engine); ERR_clear_error(); } also necessary ? ---Mike >RCS file: /home/ncvs/src/crypto/openssl/crypto/engine/eng_table.c,v >retrieving revision 1.1.1.2 >diff -u -d -r1.1.1.2 eng_table.c >--- eng_table.c 29 Jul 2006 19:10:18 -0000 1.1.1.2 >+++ eng_table.c 12 Jun 2008 07:52:52 -0000 >@@ -135,7 +135,7 @@ > { > fnd = OPENSSL_malloc(sizeof(ENGINE_PILE)); > if(!fnd) goto end; >- fnd->uptodate = 0; >+ fnd->uptodate = 1; > fnd->nid = *nids; > fnd->sk = sk_ENGINE_new_null(); > if(!fnd->sk) >@@ -152,7 +152,7 @@ > if(!sk_ENGINE_push(fnd->sk, e)) > goto end; > /* "touch" this ENGINE_PILE */ >- fnd->uptodate = 1; >+ fnd->uptodate = 0; > if(setdefault) > { > if(!engine_unlocked_init(e)) >@@ -180,7 +180,7 @@ > { > sk_ENGINE_delete(pile->sk, n); > /* "touch" this ENGINE_CIPHER */ >- pile->uptodate = 1; >+ pile->uptodate = 0; > } > if(pile->funct == e) > { > > >-- >Ian Freislich > >_______________________________________________ >freebsd-current@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-current >To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"