tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: /dev/crypto missing (John Klos) writes:

>I erroneously thought that if pseudo-device crypto wasn't in the kernel, 
>crypto would be done in userland. That's not the case:

>openssl s_client -debug -connect
>Could not open /dev/crypto: Device not configured

Crypto is done in userland. The error message comes from initializing all
builtin crypto engines, whether they get used or not.

% openssl engine
(devcrypto) /dev/crypto engine
(dynamic) Dynamic engine loading support

This also means that openssl (the library, not the command) eats one file
descriptor if /dev/crypto exists.

Only ENOENT is suppressed, deleting the /dev/crypto entry makes the
error message go away. You could expand that to also hide ENXIO or
rewrite devcrypto as a dynamic engine.

                                Michael van Elst
                                "A potential Snark may lurk in every tree."

Home | Main Index | Thread Index | Old Index