❦ 10 janvier 2013 00:24 CET, Willy Tarreau <[email protected]> :
>> It depends how AES-NI is compiled in your OpenSSL. On Ubuntu, AES-NI
>> support is builtin and selected automatically. But if people are using
>> implementations from Intel for older versions of OpenSSL, the engine
>> needs to be selected by hand. See:
>>
>> https://groups.google.com/forum/?fromgroups=#!msg/mailing.openssl.dev/Z8PwfK53C2E/pdkktMcnpAEJ
>
> Interesting. Are these implementations still in use ? This seems more
> like early experimentations than definitive releases to me. I don't
> know if such versions were shipped in any LTS distro, so most likely
> they'll quickly disappear. Am I wrong ?
I think you are right. Maybe engine are useful on Cavium cards but I
really don't know because I have never been able to get one to test (but
it seems that you patch OpenSSL directly, no additional engines). I
suppose people buying expensive crypto hardware will be able to request
the feature if they need it.
--
printk("Illegal format on cdrom. Pester manufacturer.\n");
2.2.16 /usr/src/linux/fs/isofs/inode.c
