Simon L. Nielsen wrote:
On 2008.01.13 11:44:47 +0000, Simon L. Nielsen wrote:
simon 2008-01-13 11:44:47 UTC
FreeBSD src repository
Modified files:
crypto/openssl/crypto/engine eng_cryptodev.c
Log:
Unbreak detection of cryptodev support for FreeBSD which was broken
with OpenSSL 0.9.8 import.
Note that this does not enable cryptodev by default, as it was the
case with OpenSSL 0.9.7 in FreeBSD base, but this change makes it
possible to enable cryptodev at all.
With this change it is possible to enable cryptodev by default for
openssl(1) with lines like below in etc/ssl/openssl.cnf.
Unfortunately openssh does not call the functions to read the config
file so it's not possible to enable cryptodev in openssh in a similar
fashion. I have yet figure out how to do support cryptodev by default
cleanly...
Oh, and I just remembered that I forgot to thank Mike Tancsa / Sentex
for providing hardware used for testing this. So... thanks! :-)
[openssl_init]
engines = engine_section
[engine_section]
cryptodev = cryptodev_section
[ cryptodev_section ]
engine_id = cryptodev
default_algorithms = ALL
(Note that the above was copied from a config file I haven't touched
in month so I'm 100% the exact section above is enough, but it's
close...)
I gave you a patch to make cryptodev the default (if present) w/o
modifying openssl.cnf. That is how things used to work in freebsd and
how things work on systems like openbsd. Was there a problem w/ it?
Sam
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
