[Pkg-openssl-devel] Bug#345656: Missing engines from crypto/engine when making a shared library

[Kurt Roeckx]

Hi,

It seems tht when building a shared version of the library, all
the engines in crypto/engine/ get compiled in, but are
unavailable.  Those in engines/ get compiled as a shared library
and are available.

If you make a static library, or link against the static library
they do work as expected.

The problem seems to be that the Makefile for cryto/engine/ does
not support making shared libraries.  The engines in it will not
get loaded if the library is build shared.

The code in crypto/engine/eng_all.c: looks something like:

void ENGINE_load_builtin_engines(void)
{
        ENGINE_load_dynamic();
#ifndef OPENSSL_NO_STATIC_ENGINE
#ifndef OPENSSL_NO_HW
        ENGINE_load_4758cca();
        ENGINE_load_aep();
        ENGINE_load_atalla();
        ENGINE_load_cswift();
        ENGINE_load_chil();
        ENGINE_load_nuron();
        ENGINE_load_sureware();
        ENGINE_load_ubsec();
        ENGINE_load_padlock();
#endif
        ENGINE_load_cryptodev();
        ENGINE_load_gmp();
#endif

Most of those engines are in engines/ except for 2 of them:
padlock and cryptodev.  They are in crypto/engine/

This means that currently padlock and cryptodev are not working
in a shared version of the library.

I see 2 solutions to this:
- Also provide them as shared libraries
- Don't put them into the #ifndef OPENSSL_NO_STATIC_ENGINE

Also see:
http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/2005-December/000572.html
And:
http://bugs.debian.org/345656


Kurt