Yes, there are two different libubsec.so libraries: 1) The one built in OpenSSL with "./config shared"; this is the stub library that contains "bind_engine", etc.
2) The one provided by the Broadcom SDK; this is the actual library that contains "ubsec_bits_to_bytes", etc. If I put 1) in the "right" place (/usr/local/ssl/lib/engines), then ENGINE_by_id ("ubsec") succeeds. If I remove it from that directory, then ENGINE_by_id ("ubsec") fails. So I put 1) in the "right" place. Then I load the "dynamic" engine: Engine = ENGINE_by_id ("dynamic"); and give it the following commands: Return = ENGINE_ctrl_cmd_string (Engine, "SO_PATH", "ubsec", 0); Return = ENGINE_ctrl_cmd_string (Engine, "LOAD", NULL, 0); Both succeed; it find the library in in /usr/local/ssl/lib/engines/, which is the OpenSSL stub. But when I run: Return = ENGINE_set_default (Engine, ENGINE_METHOD_ALL); It fails, because it can't find the "ubsec_bits_to_bytes" symbol. So it smells like it wants the Broadcom library in the "LOAD" command, so I change that to: Return = ENGINE_ctrl_cmd_string (Engine, "SO_PATH", "/usr/lib/libubsec.so", 0); Which is where the Broadcom library is. Now the "LOAD" command fails, because it can't find the "bind_engine" symbol. So now it's looking for the OpenSSL stub library there! So then I renamed the Broadcom library to /usr/lib/bc.libubsec.so, and said: Return = ENGINE_ctrl_cmd_string (Engine, "SO_PATH", "/usr/lib/bc.libubsec.so", 0); And I got the same error. So how do I get around this problem of the OpenSSL stub and the Broadcom library having the same name? Where should I place each in order for them both to be loaded? Thanks again. -----Original Message----- From: Geoff Thorpe [mailto:[EMAIL PROTECTED] Sent: Thursday, October 27, 2005 10:10 PM To: openssl-dev@openssl.org Cc: Martin Del Vecchio Subject: Re: Problem using Broadcom uBSec engine in 0.9.8 On October 27, 2005 02:47 pm, Martin Del Vecchio wrote: > I get an error similar to what I was seeing before; it can't find the > symbol > 'ubsec_bytes_to_bits': > > error:2506406A:DSO support routines:DLFCN_BIND_FUNC:could not bind > to the requested symbol name (dso_dlfcn.c:261) > -> symname(ubsec_bytes_to_bits): > /usr/local/ssl/lib/engines/libubsec.so: undefined symbol: > ubsec_bytes_to_bits OK, you need to know that the ubsec engine itself is a stub that uses a broadcom-provided library to do the actual ubsec operations, the engine merely slides functionality into openssl that is based on the the broadcom SDK. I think what's happening is that you've got the engine library loading *itself* rather than the broadcom support library. The error you see is just the first symbol that the ubsec engine tries to bind to - and of course none of the expected symbols exist because it's not the broadcom library, it's the engine library. I don't have broadcom hardware nor their SDK, libraries/drivers, etc, so you may need to dig around to get to the bottom of this. But first off, figure out which library is which :-) If the broadcom-provided lib is called libubsec.so, that'd be an unfortunate name-conflict but it shouldn't be catastrophic, because openssl doesn't look for engine libraries in arbitrary locations (doing so would have unquantifiable security consequences) but in an openssl-specific location. The ubsec engine, on the other hand, should pick up the broadcom library using standard library locations - and this is either missing or in a directory that isn't getting searched (LD_LIBRARY_PATH might help here) - it seems you've "fixed" this problem by moving/copying the engine library somewhere visible instead so that it loads itself instead of the broadcom lib. Hope that helps, Geoff -- Geoff Thorpe [EMAIL PROTECTED] http://www.geoffthorpe.net/ Self-interest and materialistic desire are parts of who we are, but not all. To base a social and economic system on these traits is dangerously fundamentalist. -- Joel Bakan ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]