Bug 1379737

Summary: OpenSSL engines inconsistencies
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Jan Stefl <jstefl>
Component: opensslAssignee: Jean-frederic Clere <jclere>
Status: CLOSED EOL QA Contact: Jan Stefl <jstefl>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.4.10   
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-08-19 12:44:29 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jan Stefl 2016-09-27 14:33:13 UTC 
There are incosistencies in provided OpenSSL engines:
1. There is missing 'libgost.so' on all RHEL/archs.
   This engine is present on all other os/archs.

2. On Windows, engines are present in JWS/httpd only
  2.1 Should they be present on Windows at all?
  2.2 If positive, they should be present in EAP natives utils 
      for Windows as well (and JWS tomcat as well - but this 
      is out of scope of this BZ)
Comment 2 Jean-frederic Clere 2016-09-27 15:06:25 UTC 
libgost.so is for the gost engine (some Russian crypto engines).
in rhel it is explicitly disabled (no-mdc2 no-rc5 no-ec2m no-gost no-srp ...  in the configure)

Probably it is wrong to have it... but that is a minor problem.
Comment 4 Jean-frederic Clere 2016-09-27 15:12:32 UTC 
for windows and probably solaris if the engines were in EAP6.4.0 and are gone in EAP-6.4.10 it is a regression and that deserve another BZ.
Comment 5 Jan Stefl 2016-09-27 15:30:11 UTC 
It is not regression against 6.4.0. Engines was present on Solaris and not present on Windows, as it is now. So I will not create new BZ.

However I am a little confused that we deliver those engines for RHEL and Solaris and not for Windows.
Comment 6 Jean-frederic Clere 2016-09-27 15:35:17 UTC 
Not all the engines are supported on windows some are unix-like platforms only.
Comment 7 Jan Stefl 2016-09-27 16:03:31 UTC 
Ok, that makes sense. 
Adding list of engines what we deliver on Solaris (and Windows on JWS/httpd) for reference.

lib4758cca.so
libaep.so  
libatalla.so  
libcapi.so  
libchil.so  
libcswift.so  
libgmp.so  
libgost.so  
libnuron.so  
libpadlock.so  
libsureware.so  
libubsec.so
Comment 10 Red Hat Bugzilla 2023-09-14 03:31:29 UTC 
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days