Jung-uk Kim wrote:
Author: jkim
Date: Wed Dec 12 21:56:47 2018
New Revision: 342009
URL: https://svnweb.freebsd.org/changeset/base/342009
Log:
Enable devcryptoeng for OpenSSL.
Since OpenSSL 1.1.1, the good old BSD-specific cryptodev engine has been
deprecated in favor of this new engine. However, this engine is not
throughly tested on FreeBSD because it was originally written for Linux.
http://cryptodev-linux.org/
Also, the author actually meant to enable it by default on BSD platforms but
he failed to do so because there was a bug in the Configure script.
https://github.com/openssl/openssl/pull/7882
Now they found that it was more generic issue.
https://github.com/openssl/openssl/pull/7885
Therefore, we need to enable this engine on head to give it more exposure.
Modified:
head/secure/lib/libcrypto/Makefile
head/secure/lib/libcrypto/opensslconf.h.in
Modified: head/secure/lib/libcrypto/Makefile
==============================================================================
--- head/secure/lib/libcrypto/Makefile Wed Dec 12 21:56:45 2018
(r342008)
+++ head/secure/lib/libcrypto/Makefile Wed Dec 12 21:56:47 2018
(r342009)
@@ -192,8 +192,8 @@ SRCS+= ecp_nistz256-x86.S ecp_nistz256.c
.endif
# engine
-SRCS+= eng_all.c eng_cnf.c eng_ctrl.c eng_dyn.c eng_err.c eng_fat.c
-SRCS+= eng_init.c eng_lib.c eng_list.c eng_openssl.c eng_pkey.c
+SRCS+= eng_all.c eng_cnf.c eng_ctrl.c eng_devcrypto.c eng_dyn.c eng_err.c
+SRCS+= eng_fat.c eng_init.c eng_lib.c eng_list.c eng_openssl.c eng_pkey.c
SRCS+= eng_rdrand.c eng_table.c tb_asnmth.c tb_cipher.c tb_dh.c
tb_digest.c
SRCS+= tb_dsa.c tb_eckey.c tb_pkmeth.c tb_rand.c tb_rsa.c
Modified: head/secure/lib/libcrypto/opensslconf.h.in
==============================================================================
--- head/secure/lib/libcrypto/opensslconf.h.in Wed Dec 12 21:56:45 2018
(r342008)
+++ head/secure/lib/libcrypto/opensslconf.h.in Wed Dec 12 21:56:47 2018
(r342009)
@@ -46,9 +46,6 @@ extern "C" {
#ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
# define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
#endif
-#ifndef OPENSSL_NO_DEVCRYPTOENG
-# define OPENSSL_NO_DEVCRYPTOENG
-#endif
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
# define OPENSSL_NO_EC_NISTP_64_GCC_128
#endif
I'm now getting "Could not open /dev/crypto: No such file or directory"
from every other utility unless cryptodev is loaded; given that it's not
in GENERIC, this is somewhat unexpected change in behavior.
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"