Bug 186857 – padlock engine module is gone!?

Bug 186857 - padlock engine module is gone!?

Summary:	padlock engine module is gone!?

Status:	CLOSED RAWHIDE

Aliases:	None

Product:	Fedora
Classification:	Fedora
Component:	openssl (Show other bugs)
Sub Component:
Version:	rawhide
Hardware:	i386 Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Tomas Mraz
QA Contact:	Brian Brock
Docs Contact:

URL:
Whiteboard:
Keywords:	FutureFeature

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2006-03-26 22:40 EST by udo
Modified:	2007-11-30 17:11 EST (History)
CC List:	0 users

See Also:
Fixed In Version:	openssl-0.9.8a-6
Doc Type:	Enhancement
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2006-04-04 18:58:22 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description udo 2006-03-26 22:40:51 EST

Description of problem:
openssl ships without padlock module for VIA C3 hardware encryption, etc.

Version-Release number of selected component (if applicable): 0.9.8a 


How reproducible: openssl engine padlock


Steps to Reproduce:
1.# openssl engine padlock
  
Actual results: 2108:error:25066067:DSO support routines:DLFCN_LOAD:could not
load the shared
library:dso_dlfcn.c:162:filename(/usr/lib/openssl/engines/libpadlock.so):
/usr/lib/openssl/engines/libpadlock.so: cannot open shared object file: No such
file or directory
2108:error:25070067:DSO support routines:DSO_load:could not load the shared
library:dso_lib.c:244:
2108:error:260B6084:engine routines:DYNAMIC_LOAD:dso not found:eng_dyn.c:450:
2108:error:2606A074:engine routines:ENGINE_by_id:no such
engine:eng_list.c:415:id=padlock 




Expected results:
$ openssl engine padlock
(padlock) VIA PadLock (RNG, ACE)

Additional info:

Comment 1 Tomas Mraz 2006-03-27 02:28:46 EST

Gone? It was never there. It is not included in the upstream sources.
-> Enhancement request.

Comment 2 udo 2006-03-27 09:17:56 EST

No. It is in the 0.9.8 sources. See crypto/engine under the openssl build tree, etc.
It just does not show up in the functionality of the rpm

Comment 3 udo 2006-03-27 09:28:46 EST

See also http://www.linuxjournal.com/article/8042 and
http://www.logix.cz/michal/devel/padlock/ where it says: Since 2004-08-02 the
OpenSSL CVS has the PadLock engine in it. There is no need for the separate
patch anymore.

Comment 4 Tomas Mraz 2006-03-27 10:27:02 EST

Ah, the reason why it doesn't work is that the openssl sources now disable
static engines as they were moved to separate shared libraries. However the
padlock support wasn't moved. So the engine code is still included but it is not
initialized in ENGINE_load_builtin_engines(). If you call openssl library from
an executable you can add ENGINE_load_padlock() call and it should initialize
it. If you just use the openssl utility you will have to wait for an updated
package.

Comment 5 udo 2006-03-27 10:45:24 EST

Thanks for the explanation!
Will the patch at
http://www.logix.cz/michal/devel/padlock/openssh-3.8p1-engines.diff also work
well enough?

Comment 6 Tomas Mraz 2006-03-27 11:21:33 EST

It will not suffice. You have to call ENGINE_load_padlock() after
ENGINE_load_builtin_engines().

Note You need to log in before you can comment on or make changes to this bug.