svn commit: r342009 - head/secure/lib/libcrypto

Yuri Pankov yuripv at yuripv.net
Thu Dec 13 06:07:51 UTC 2018


Jung-uk Kim wrote:
> Author: jkim
> Date: Wed Dec 12 21:56:47 2018
> New Revision: 342009
> URL: https://svnweb.freebsd.org/changeset/base/342009
> 
> Log:
>    Enable devcryptoeng for OpenSSL.
>    
>    Since OpenSSL 1.1.1, the good old BSD-specific cryptodev engine has been
>    deprecated in favor of this new engine.  However, this engine is not
>    throughly tested on FreeBSD because it was originally written for Linux.
>    
>    http://cryptodev-linux.org/
>    
>    Also, the author actually meant to enable it by default on BSD platforms but
>    he failed to do so because there was a bug in the Configure script.
>    
>    https://github.com/openssl/openssl/pull/7882
>    
>    Now they found that it was more generic issue.
>    
>    https://github.com/openssl/openssl/pull/7885
>    
>    Therefore, we need to enable this engine on head to give it more exposure.
> 
> Modified:
>    head/secure/lib/libcrypto/Makefile
>    head/secure/lib/libcrypto/opensslconf.h.in
> 
> Modified: head/secure/lib/libcrypto/Makefile
> ==============================================================================
> --- head/secure/lib/libcrypto/Makefile	Wed Dec 12 21:56:45 2018	(r342008)
> +++ head/secure/lib/libcrypto/Makefile	Wed Dec 12 21:56:47 2018	(r342009)
> @@ -192,8 +192,8 @@ SRCS+=	ecp_nistz256-x86.S ecp_nistz256.c
>   .endif
>   
>   # engine
> -SRCS+=	eng_all.c eng_cnf.c eng_ctrl.c eng_dyn.c eng_err.c eng_fat.c
> -SRCS+=	eng_init.c eng_lib.c eng_list.c eng_openssl.c eng_pkey.c
> +SRCS+=	eng_all.c eng_cnf.c eng_ctrl.c eng_devcrypto.c eng_dyn.c eng_err.c
> +SRCS+=	eng_fat.c eng_init.c eng_lib.c eng_list.c eng_openssl.c eng_pkey.c
>   SRCS+=	eng_rdrand.c eng_table.c tb_asnmth.c tb_cipher.c tb_dh.c tb_digest.c
>   SRCS+=	tb_dsa.c tb_eckey.c tb_pkmeth.c tb_rand.c tb_rsa.c
>   
> 
> Modified: head/secure/lib/libcrypto/opensslconf.h.in
> ==============================================================================
> --- head/secure/lib/libcrypto/opensslconf.h.in	Wed Dec 12 21:56:45 2018	(r342008)
> +++ head/secure/lib/libcrypto/opensslconf.h.in	Wed Dec 12 21:56:47 2018	(r342009)
> @@ -46,9 +46,6 @@ extern "C" {
>   #ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
>   # define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
>   #endif
> -#ifndef OPENSSL_NO_DEVCRYPTOENG
> -# define OPENSSL_NO_DEVCRYPTOENG
> -#endif
>   #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
>   # define OPENSSL_NO_EC_NISTP_64_GCC_128
>   #endif

I'm now getting "Could not open /dev/crypto: No such file or directory" 
from every other utility unless cryptodev is loaded; given that it's not 
in GENERIC, this is somewhat unexpected change in behavior.


More information about the svn-src-head mailing list