Bug 186857 - padlock engine module is gone!?
Summary: padlock engine module is gone!?
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: openssl
Version: rawhide
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Brian Brock
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-03-27 03:40 UTC by udo
Modified: 2007-11-30 22:11 UTC (History)
0 users

Fixed In Version: openssl-0.9.8a-6
Clone Of:
Environment:
Last Closed: 2006-04-04 22:58:22 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description udo 2006-03-27 03:40:51 UTC
Description of problem:
openssl ships without padlock module for VIA C3 hardware encryption, etc.

Version-Release number of selected component (if applicable): 0.9.8a 


How reproducible: openssl engine padlock


Steps to Reproduce:
1.# openssl engine padlock
  
Actual results: 2108:error:25066067:DSO support routines:DLFCN_LOAD:could not
load the shared
library:dso_dlfcn.c:162:filename(/usr/lib/openssl/engines/libpadlock.so):
/usr/lib/openssl/engines/libpadlock.so: cannot open shared object file: No such
file or directory
2108:error:25070067:DSO support routines:DSO_load:could not load the shared
library:dso_lib.c:244:
2108:error:260B6084:engine routines:DYNAMIC_LOAD:dso not found:eng_dyn.c:450:
2108:error:2606A074:engine routines:ENGINE_by_id:no such
engine:eng_list.c:415:id=padlock 




Expected results:
$ openssl engine padlock
(padlock) VIA PadLock (RNG, ACE)

Additional info:

Comment 1 Tomas Mraz 2006-03-27 07:28:46 UTC
Gone? It was never there. It is not included in the upstream sources.
-> Enhancement request.


Comment 2 udo 2006-03-27 14:17:56 UTC
No. It is in the 0.9.8 sources. See crypto/engine under the openssl build tree, etc.
It just does not show up in the functionality of the rpm

Comment 3 udo 2006-03-27 14:28:46 UTC
See also http://www.linuxjournal.com/article/8042 and
http://www.logix.cz/michal/devel/padlock/ where it says: Since 2004-08-02 the
OpenSSL CVS has the PadLock engine in it. There is no need for the separate
patch anymore.

Comment 4 Tomas Mraz 2006-03-27 15:27:02 UTC
Ah, the reason why it doesn't work is that the openssl sources now disable
static engines as they were moved to separate shared libraries. However the
padlock support wasn't moved. So the engine code is still included but it is not
initialized in ENGINE_load_builtin_engines(). If you call openssl library from
an executable you can add ENGINE_load_padlock() call and it should initialize
it. If you just use the openssl utility you will have to wait for an updated
package.


Comment 5 udo 2006-03-27 15:45:24 UTC
Thanks for the explanation!
Will the patch at
http://www.logix.cz/michal/devel/padlock/openssh-3.8p1-engines.diff also work
well enough?

Comment 6 Tomas Mraz 2006-03-27 16:21:33 UTC
It will not suffice. You have to call ENGINE_load_padlock() after
ENGINE_load_builtin_engines().



Note You need to log in before you can comment on or make changes to this bug.