Hi folks Sorry it's taken me so long to check in with a _tested_ patch to enable hardware crypto in OpenSSL.
I just spent six hours getting one of the C3 thin clients at work booting a usable local Linux install. Their USB HDD support is soooooooo buggy. I ended up having to solder up a broken 44-pin-to-40-pin IDE adapter. Argh. Anyway, it's finally running so I should be able to test out the patched sd. The patch works on hardware _without_ hardware crypto, it's just hardware with hardware crypto that I've had trouble getting to. Rather than unconditionally enabling hw crypto, though, I'm wondering if this is something that should really be user-controllable. If we read openssl.cnf during startup that'd give the user a chance to control engine use - in particular, to blacklist a known-broken engine that causes problems. If the unconditional patch works I'll post it, then see if I can get the sd (at least) to read openssl.cnf and follow up with a second patch. Oh, by the way, newer VIA chips like the 2nd revision C7 and the Nano support hardware SHA-1 and SHA-256 too :-) -- Craig Ringer ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Bacula-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/bacula-devel
