-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Geoff Thorpe via RT wrote: > [EMAIL PROTECTED] - Fri Jul 9 01:06:08 2004]: > >>I finally decided to make the engine equal to other engines and build as >>a shared library. My next step will be extending the OpenSSL_config() >>(if necessary) to allow fine-grained loading of specified engines for >>apps that support it. But this will go to a new RT item. > > OK, but given that your engine can be made 486-proof, in principle I'd > have no objection to placing the engine directly into the core code a la > the BSD cryptodev implementation. Though perhaps starting off with it as > a conventional plug-in would be best, then we could review bundling it > into libcrypto later on (a la BSD's cryptodev).
I'm afraid that once it would be in ~/engines it will never be moved to ~/crypto/engine so I updated the patch :-) Now the engine resides in crypto/engine/eng_padlock.c. As usually find it at http://www.logix.cz/michal/devel/padlock/ >>Incorporated is a check for CPUID instruction availability to be safe on >>486 machines (does really somebody still use them?) > > We have to assume that it's possible, yes. People are using openssl in a > variety of environments, and though 486s are rare on the desktop now > they're far from extinct in the embedded world. There might even be one > or two 386s still roaming wild ... (which poses the question; what about > 386-safe?) AFAIK this way of checking for CPUID is 386-safe as well. >>and it only builds >>with GCC, otherwise an empty module with only a dummy >>ENGINE_load_padlock() is compiled. I don't see a reason to limit this >>module to Linux-only, IMHO bounding it to GCC-only should be enough. > > Well in theory you could allow it to be compiler-agnostic too, but the > issue is how to ensure the code won't fail compilation or execution for > any supported combination. If checking for gcc ensures the code won't > burp on anything else, that's fine. Anyone with special needs can always > look at extending (and testing) it for other compilers later. Unfortunately I don't have a chance to test with non-GCC compiler. But when I tried "gcc -ansi" it complained on the inline assembler. So I better wrapped everything to #ifdef __GNUC__ ... #endif ;-) Michal Ludvig - -- * A mouse is a device used to point at the xterm you want to type in. * Personal homepage - http://www.logix.cz/michal -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA7ykoDDolCcRbIhgRAnPwAKDsuzZxcuDfPxFZXVzbPGbIdVVryACdFuON 4pYfPo5zmDWALcPaWPlRDrU= =ZkT/ -----END PGP SIGNATURE----- ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
