svn commit: r342009 - head/secure/lib/libcrypto
Yuri Pankov
yuripv at yuripv.net
Thu Dec 13 06:07:51 UTC 2018
Jung-uk Kim wrote:
> Author: jkim
> Date: Wed Dec 12 21:56:47 2018
> New Revision: 342009
> URL: https://svnweb.freebsd.org/changeset/base/342009
>
> Log:
> Enable devcryptoeng for OpenSSL.
>
> Since OpenSSL 1.1.1, the good old BSD-specific cryptodev engine has been
> deprecated in favor of this new engine. However, this engine is not
> throughly tested on FreeBSD because it was originally written for Linux.
>
> http://cryptodev-linux.org/
>
> Also, the author actually meant to enable it by default on BSD platforms but
> he failed to do so because there was a bug in the Configure script.
>
> https://github.com/openssl/openssl/pull/7882
>
> Now they found that it was more generic issue.
>
> https://github.com/openssl/openssl/pull/7885
>
> Therefore, we need to enable this engine on head to give it more exposure.
>
> Modified:
> head/secure/lib/libcrypto/Makefile
> head/secure/lib/libcrypto/opensslconf.h.in
>
> Modified: head/secure/lib/libcrypto/Makefile
> ==============================================================================
> --- head/secure/lib/libcrypto/Makefile Wed Dec 12 21:56:45 2018 (r342008)
> +++ head/secure/lib/libcrypto/Makefile Wed Dec 12 21:56:47 2018 (r342009)
> @@ -192,8 +192,8 @@ SRCS+= ecp_nistz256-x86.S ecp_nistz256.c
> .endif
>
> # engine
> -SRCS+= eng_all.c eng_cnf.c eng_ctrl.c eng_dyn.c eng_err.c eng_fat.c
> -SRCS+= eng_init.c eng_lib.c eng_list.c eng_openssl.c eng_pkey.c
> +SRCS+= eng_all.c eng_cnf.c eng_ctrl.c eng_devcrypto.c eng_dyn.c eng_err.c
> +SRCS+= eng_fat.c eng_init.c eng_lib.c eng_list.c eng_openssl.c eng_pkey.c
> SRCS+= eng_rdrand.c eng_table.c tb_asnmth.c tb_cipher.c tb_dh.c tb_digest.c
> SRCS+= tb_dsa.c tb_eckey.c tb_pkmeth.c tb_rand.c tb_rsa.c
>
>
> Modified: head/secure/lib/libcrypto/opensslconf.h.in
> ==============================================================================
> --- head/secure/lib/libcrypto/opensslconf.h.in Wed Dec 12 21:56:45 2018 (r342008)
> +++ head/secure/lib/libcrypto/opensslconf.h.in Wed Dec 12 21:56:47 2018 (r342009)
> @@ -46,9 +46,6 @@ extern "C" {
> #ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
> # define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
> #endif
> -#ifndef OPENSSL_NO_DEVCRYPTOENG
> -# define OPENSSL_NO_DEVCRYPTOENG
> -#endif
> #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
> # define OPENSSL_NO_EC_NISTP_64_GCC_128
> #endif
I'm now getting "Could not open /dev/crypto: No such file or directory"
from every other utility unless cryptodev is loaded; given that it's not
in GENERIC, this is somewhat unexpected change in behavior.
More information about the svn-src-head
mailing list