From owner-cvs-src@FreeBSD.ORG  Sun Jan 13 12:19:39 2008
Return-Path: <owner-cvs-src@FreeBSD.ORG>
Delivered-To: cvs-src@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 0475E16A417;
	Sun, 13 Jan 2008 12:19:39 +0000 (UTC)
	(envelope-from simon@zaphod.nitro.dk)
Received: from mx.nitro.dk (zarniwoop.nitro.dk [83.92.207.38])
	by mx1.freebsd.org (Postfix) with ESMTP id BDA5813C442;
	Sun, 13 Jan 2008 12:19:38 +0000 (UTC)
	(envelope-from simon@zaphod.nitro.dk)
Received: from zaphod.nitro.dk (unknown [192.168.3.39])
	by mx.nitro.dk (Postfix) with ESMTP id 7CE581E8C22;
	Sun, 13 Jan 2008 11:59:49 +0000 (UTC)
Received: by zaphod.nitro.dk (Postfix, from userid 3000)
	id 439E3114A1; Sun, 13 Jan 2008 12:59:49 +0100 (CET)
Date: Sun, 13 Jan 2008 12:59:48 +0100
From: "Simon L. Nielsen" <simon@FreeBSD.org>
To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
Message-ID: <20080113115947.GA1135@zaphod.nitro.dk>
References: <200801131144.m0DBimYT077701@repoman.freebsd.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200801131144.m0DBimYT077701@repoman.freebsd.org>
User-Agent: Mutt/1.5.16 (2007-06-09)
Cc: 
Subject: Re: cvs commit: src/crypto/openssl/crypto/engine eng_cryptodev.c
X-BeenThere: cvs-src@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-Post: <mailto:cvs-src@freebsd.org>
List-Help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Jan 2008 12:19:39 -0000

On 2008.01.13 11:44:47 +0000, Simon L. Nielsen wrote:
> simon       2008-01-13 11:44:47 UTC
> 
>   FreeBSD src repository
> 
>   Modified files:
>     crypto/openssl/crypto/engine eng_cryptodev.c 
>   Log:
>   Unbreak detection of cryptodev support for FreeBSD which was broken
>   with OpenSSL 0.9.8 import.
>   
>   Note that this does not enable cryptodev by default, as it was the
>   case with OpenSSL 0.9.7 in FreeBSD base, but this change makes it
>   possible to enable cryptodev at all.

With this change it is possible to enable cryptodev by default for
openssl(1) with lines like below in etc/ssl/openssl.cnf.
Unfortunately openssh does not call the functions to read the config
file so it's not possible to enable cryptodev in openssh in a similar
fashion. I have yet figure out how to do support cryptodev by default
cleanly...

Oh, and I just remembered that I forgot to thank Mike Tancsa / Sentex
for providing hardware used for testing this.  So... thanks! :-)



[openssl_init]
engines = engine_section

[engine_section]
cryptodev = cryptodev_section

[ cryptodev_section ]
engine_id = cryptodev
default_algorithms = ALL


(Note that the above was copied from a config file I haven't touched
in month so I'm 100% the exact section above is enough, but it's
close...)

-- 
Simon L. Nielsen