OpenSSL bugfix
Mike Tancsa
mike at sentex.net
Mon Sep 26 07:34:44 PDT 2005
Looking at the commit logs, there has not been an update to openssl
in some time (if its not broken, why 'fix' it) so I am not sure who
to ask about it. There is however, one somewhat critical bug that
effects users who have the ACE padlock engine in their VIA CPUs. I
filled out a PR (http://www.freebsd.org/cgi/query-pr.cgi?pr=86598)
with the details. The patch / fix is trivial and it has been in the
OpenSSL cvs (http://cvs.openssl.org/chngview?cn=13061) repo since
April and is part of official release 0.9.8. Any chance someone
could commit the patch and perhaps MFC it so it makes it for
6.0R? Committing the patch would be a lot less work than a full
import, and VIA C3/C7 users would then be able to make use of the
super fast crypto.
Without the patch/fix, users will get sporadic encryption failures
when using the padlock engine via openssl apps-- typically, using openvpn.
---Mike
--------------------------------------------------------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike at sentex.net
Providing Internet since 1994 www.sentex.net
Cambridge, Ontario Canada www.sentex.net/mike
More information about the freebsd-current
mailing list