PATCH: crypto/openssl/crypto/engine/eng_table.c
Ian FREISLICH
ianf at clue.co.za
Wed Sep 17 12:27:11 UTC 2008
Mike Tancsa wrote:
> At 04:06 AM 9/17/2008, Ian Freislich wrote:
> >Hi
> >
> >I had to apply the following patch to fix the engine cache in openssl
> >so that it will actually use the padlock driver for accelleration.
> >It appears that the original logic was reversed.
>
> Hi,
> For applications (eg sshd), is not
> --- crypto/openssl/crypto/engine/eng_cryptodev.c 2008-02-05
> 13:10:31.000000000 -0500
> +++ crypto/openssl/crypto/engine/eng_cryptodev.c.good 2008-08-21
> 13:10:26.000000000 -0400
> @@ -1127,6 +1127,7 @@
> }
>
> ENGINE_add(engine);
> + ENGINE_set_default_ciphers(engine);
> ENGINE_free(engine);
> ERR_clear_error();
> }
>
> also necessary ?
The patch I posted was sufficient in conjunction with the following
addition to /etc/ssl/openssl.cnf:
openssl_conf = openssl_def
[openssl_def]
engines = openssl_engines
[openssl_engines]
padlock = padlock_engine
[padlock_engine]
default_algorithms = ALL
Ian
--
Ian Freislich
More information about the freebsd-current
mailing list