Hi,
> Which version of openssl is the ports tree based on? I don't know about
> the world version, but the problem with the ports one seems to be (so
> far) just a matter of paths. I don't "do bsd", but I assume that tweaking
> with LD_LIBRARY_PATH or some such thing ought to be able to convince
> openssl to find libubsec.so. Whether the result will be
> version-compatible is another issue, but you might be lucky.
the ports version is OpenSSL 0.9.7g 11 Apr 2005
(world version is OpenSSL 0.9.7d 17 Mar 2004)
the issue with LD_LIBRARY_PATH appears to be void as there is NO
libubsec.so on the filesystem. its simply not made. where can
I get it from??? (on Redhat and Fedora Core < 3 this file
appears in the mystical 'hycrypto' package)
I've attempted to actualy make a libubsec.so by hand using the
files provided by OpenSSL... eg
cd openssl-0.9.7g/crypto/engine
cc -o tmp_ubsec.o -I.. -I../.. -I../../include -fPIC -DENGINE_DYNAMIC_SUPPOR
T -DOPENSSL_THREADS -pthread -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENS
SL_NO_KRB5 -DTERMIOS -DL_ENDIAN -O -pipe -Wl,-rpath,/usr/local/lib -Wall -D
SHA1_ASM -DMD5_ASM -DRMD160_ASM -c hw_ubsec.c
cc -o tmp_ubsec_err.o -I.. -I../.. -I../../include -fPIC -DENGINE_DYNAMIC_SU
PPORT -DOPENSSL_THREADS -pthread -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DO
PENSSL_NO_KRB5 -DTERMIOS -DL_ENDIAN -O -pipe -Wl,-rpath,/usr/local/lib -Wal
l -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -c hw_ubsec_err.c
then link this all up as a nice ELF 32-bit LSB shared object...
gcc -shared -o dyn_ubsec.so tmp_ubsec.o tmp_ubsec_err.o -L../.. -lcrypto
then attempted to actually USE this file as in the docs that OpenSSL
provides.. README.ENGINE
# /usr/local/bin/openssl engine ubsec -vvvv -pre SO_PATH:./dyn_ubsec.so -t
(ubsec) UBSEC hardware engine support
[Success]: SO_PATH:./dyn_ubsec.so
[ unavailable ]
39977:error:2506406A:DSO support routines:DLFCN_BIND_FUNC:could not bind to the
requested symbol name:dso_dlfcn.c:252:symname(ubsec_bytes_to_bits): Undefined
symbol "ubsec_bytes_to_bits"
39977:error:2506C06A:DSO support routines:DSO_bind_func:could not bind to the
requested symbol name:dso_lib.c:294:
39977:error:84069067:ubsec engine:UBSEC_INIT:dso failure:hw_ubsec.c:418:
SO_PATH: Specifies the path to the 'ubsec' shared library
(input flags): STRING
...so, failure is still my no.1 success :-)
I'm wondering a couple of things.
1) according to some folk, /dev/crypto should *just work* - and,
for some userland test tools (eg cryptotest) it does
2) why doesnt openssl just USE the ubsec engine? its been statically
compiled in - so it should be able to utilise... or does it HAVE
to use the DSO system?
Alan
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
