> > Ah, right. You'll also need to ensure that the initialisation order allows > > the engine to be properly initialised (including maybe some control > > commands to prepare anything the engine needs) *before* the key is > > loaded. I have a vague recollection that this isn't the case? Though I > > could be wide of the mark here. > > I think init of the engine may be ok, but I'm not sure where my > problem lies right now. Maybe in password input, or somewhere else...
Yep, passphrase entry is at least part of the problem with calling ENGINE_load_private_key. After a few different attempts, I'm a bit stumped. The load key call wants a UI* passed to it, which eventually has UI_process() called on it by the engine. I've tried various ways of stuffing the modssl_read_bio_cb_fn pointer and the server rec into this structure, with a custom flush function which'd get called by UI_process. I haven't been able to test this approach yet, since it appears that openssl's UI_STRING and UI_METHOD structs aren't declared in a way that works in ui.h. For instance, any mention of sizeof(UI_STRING) brings an incomplete type error. Any help would be appreciated, I may not be using the ui interface correctly. Thanks, Kent > > > Ahh, I see. Thanks for the info. I guess the next step is to poke > > > the apache2 guys for openssl 0.9.8 support. I did try compiling 2.1 > > > beta with it without luck. > > > > I'd suggest you contact Joe Orton - in fact he's probably on this list > > too. If the 2.1 beta (and/or cvs HEAD) don't properly handle 0.9.8, then > > there's a problem. > > Yep, I was wrong about this.. I'm working on 2.1.8 right now which > compiles fine. I'll post when I can narrow down the problem any more. > > Thanks for the help, > Kent > -- Kent Yoder IBM LTC Security Dev. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
