tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: /dev/crypto missing

I erroneously thought that if pseudo-device crypto wasn't in the kernel,
crypto would be done in userland. That's not the case:

What makes you think crypto isn't being done in userland?

Just a bad guess that the reason for pseudo-device crypto was to do some things in the kernel.

The problem looks to me like the server returns garbage on a TLS
connection, which gets mixed up with an OpenSSL debugging message --
or possibly it is garbage _because_ it got mixed up with the OpenSSL
debugging message.  Maybe OpenSSL should handle ENXIO quietly like it
handles ENOENT there, but it looks like there's a deeper problem if
crap that OpenSSL printed got included in the TLS stream!

If this is the case, then why isn't crypto in every kernel configuration
by default, except perhaps special cases?

/dev/crypto is totally obsolete as it exists today.  Really the only
reason it continues to exist is to test opencrypto drivers from
userland before using them in the kernel.

Hmmm... Then I wonder what's really going on. This is from trying to use bozohttpd with TLS on an Amiga with exactly the same configuration as used on ARM and amd64. I'll have to look in to this a bit more and perhaps open a PR.


Home | Main Index | Thread Index | Old Index