Hi all.. I found the same problem recently, but I also found someone's post on
the Internet that suggested a change to
the /usr/src/crypto/openssl/crypto/engine/eng_cryptodev.c file. I made the
change to the file and it definitely does force openssl to use the crypto
hardware. I am not sure if there is any backlash to this patch, but I have
used it on 2 of my servers with the Hifn 7955 hardware and it seems to be
fine.
--- eng_cryptodev.c.orig 2008-02-05 18:10:31.000000000 +0000
+++ eng_cryptodev.c 2008-06-14 18:25:36.175353823 +0100
@@ -1127,6 +1127,7 @@
}
ENGINE_add(engine);
+ ENGINE_set_default_ciphers(engine);
ENGINE_free(engine);
ERR_clear_error();
}
>0n Wed, May 21, 2008 at 08:19:26PM -0700, Sam Leffler wrote:
>
> >Unfortunately openssl doesn't use the accelerator by default. This
means
> >all apps that use openssl likewise are not automatically accelerated. I
> >suggested a patch but it was not accepted. I can't recall how you force
> >openssl and/or consumers to use the device.
>
>How annoying is that. Why wasn't the patch accepted ?
>
> -aW
>
>
>IMPORTANT: This email remains the property of the Australian Defence
Organisation and is subject to the jurisdiction of section 70 of the CRIMES
ACT 1914. Ifyou have received this email in error, you are requested to
contact the sender and delete the email.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
