From fabdb6c29022846ed10fde235db0a7c53f21a6b1 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 20 Feb 2006 20:17:35 +1100 Subject: - (dtucker) [INSTALL configure.ac openbsd-compat/openssl-compat.{c,h}] Add optional enabling of OpenSSL's (hardware) Engine support, via configure --with-ssl-engine. Based in part on a diff by michal at logix.cz. --- openbsd-compat/openssl-compat.c | 20 ++++++++++++++++++-- openbsd-compat/openssl-compat.h | 15 ++++++++------- 2 files changed, 26 insertions(+), 9 deletions(-) (limited to 'openbsd-compat') diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c index b690e8fe6..763f84734 100644 --- a/openbsd-compat/openssl-compat.c +++ b/openbsd-compat/openssl-compat.c @@ -1,4 +1,4 @@ -/* $Id: openssl-compat.c,v 1.2 2005/06/17 11:15:21 dtucker Exp $ */ +/* $Id: openssl-compat.c,v 1.3 2006/02/20 09:17:36 dtucker Exp $ */ /* * Copyright (c) 2005 Darren Tucker @@ -18,7 +18,11 @@ #include "includes.h" -#define SSH_DONT_REDEF_EVP +#ifdef USE_OPENSSL_ENGINE +# include +#endif + +#define SSH_DONT_OVERLOAD_OPENSSL_FUNCS #include "openssl-compat.h" #ifdef SSH_OLD_EVP @@ -44,3 +48,15 @@ ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *evp) return 1; } #endif + +void +ssh_SSLeay_add_all_algorithms(void) +{ + SSLeay_add_all_algorithms(); + +#ifdef USE_OPENSSL_ENGINE + /* Enable use of crypto hardware */ + ENGINE_load_builtin_engines(); + ENGINE_register_all_complete(); +#endif +} diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h index 8a015ec43..1196d71ea 100644 --- a/openbsd-compat/openssl-compat.h +++ b/openbsd-compat/openssl-compat.h @@ -1,4 +1,4 @@ -/* $Id: openssl-compat.h,v 1.3 2005/12/19 06:40:40 dtucker Exp $ */ +/* $Id: openssl-compat.h,v 1.4 2006/02/20 09:17:36 dtucker Exp $ */ /* * Copyright (c) 2005 Darren Tucker @@ -54,21 +54,22 @@ extern const EVP_CIPHER *evp_acss(void); * define SSH_DONT_OVERLOAD_OPENSSL_FUNCS before including this file and * implement the ssh_* equivalents. */ -#ifdef SSH_OLD_EVP - -# ifndef SSH_DONT_REDEF_EVP +#ifndef SSH_DONT_OVERLOAD_OPENSSL_FUNCS +# ifdef SSH_OLD_EVP # ifdef EVP_Cipher # undef EVP_Cipher # endif - # define EVP_CipherInit(a,b,c,d,e) ssh_EVP_CipherInit((a),(b),(c),(d),(e)) # define EVP_Cipher(a,b,c,d) ssh_EVP_Cipher((a),(b),(c),(d)) # define EVP_CIPHER_CTX_cleanup(a) ssh_EVP_CIPHER_CTX_cleanup((a)) -# endif +# endif /* SSH_OLD_EVP */ + +# define SSLeay_add_all_algorithms() ssh_SSLeay_add_all_algorithms() +void ssh_SSLeay_add_all_algorithms(void); int ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *, unsigned char *, int); int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int); int ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *); -#endif +#endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */ -- cgit v1.2.3