Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
Please include the patches mentioned below to add support for the VIA PadLock hardware crypto-engine (present on many Mini-ITX boards) to the OpenSSL ebuilds. OpenSSL 0.9.8 http://www.logix.cz/michal/devel/padlock/openssl-0.9.8b-sha.diff OpenSSL 0.9.7 http://www.logix.cz/michal/devel/padlock/openssl-0.9.7d-padlock-glue.diff http://www.logix.cz/michal/devel/padlock/openssl-0.9.7d-padlock-engine.diff
needs to go through upstream: openssl-dev@openssl.org
The patch was already posted there, all found issues were resolved, the patch was re-posted, but there was no further reaction on openssl-dev. See the original post at: http://www.mail-archive.com/openssl-dev@openssl.org/msg20394.html See the new patch which addresses all issues at: http://www.mail-archive.com/openssl-dev@openssl.org/msg21415.html As you can see there was no response for almost two months. I was hoping Gentoo could incorporate this very useful patch quicker than openssl itself. The patch should be removed when openssl itself somes with it, of course.
*** Bug 148629 has been marked as a duplicate of this bug. ***
*** Bug 148784 has been marked as a duplicate of this bug. ***
Many could you provide an ebuild with patch for an overlay ?
s/many/maybe
For who has a crypto engine platform like VIA C3 Padlock, there is an option to enable during the ./configure that enable OpenSSH to use the crypto HW engine. The option is --with-ssl-engine, I have modified the 4.5_p1-r1.ebuild to include this parameter and the system goes well. No code patch, just a simple option to enable in the ebuid. I hope that my experience may help someone. Best regards Franco Tampieri
*** Bug 182719 has been marked as a duplicate of this bug. ***
Please add useflag --with-ssl-engine, I use it in general for all installs of openssl. Otherwise, openssl does not build any engine which is included, i.e. Padlock: openssl engine padlock 12766:error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library:dso_dlfcn.c:162:filename(/usr/lib/engines/libpadlock.so): /usr/lib/engines/libpadlock.so: cannot open shared object file: No such file or directory12766:error:25070067:DSO support routines:DSO_load:could not load the shared library:dso_lib.c:244:12766:error:260B6084:engine routines:DYNAMIC_LOAD:dso not found:eng_dyn.c:450:12766:error:2606A074:engine routines:ENGINE_by_id:no such engine:eng_list.c:415:id=padlock padlock is now included in 0.98 source.
hm, seems it is not working in the newer sources anymore any idea?
*** Bug 185263 has been marked as a duplicate of this bug. ***
What happened with this? This is still an issue, but why has there not been any action for more than two years? Have I missed something? dev-libs/openssl-0.9.8k-r1 does not seem to have padlock support (--with-ssl-engine). In my opinion there should be a USE flag for padlock.
I get: udat ~ # equery list openssl [ Searching for package 'openssl' in all categories among: ] * installed packages [I--] [ ] dev-libs/openssl-0.9.8k (0) udat ~ # openssl engine padlock (padlock) VIA PadLock (no-RNG, ACE) So everything seems to be fine (upstream). IMHO there's no need for a padlock USE flag. If at all, there maybe could be a USE flag to match the "--with-ssl-engine" configure option. But as this option seems to be enabled by default now, I see no real need to add a USE flag. Anyway, this would IMHO be a different issue requiring a new bug report.
