[Pkg-openssl-devel] Bug#431918: openssl: multiple causes for libssl0.9.8 - unable to load crypto engines

Carsten Wolff carsten at wolffcarsten.de
Tue Dec 22 10:02:52 UTC 2009 

Package: openssl
Version: 0.9.8k-7
Severity: normal

I think there are multiple causes for this bug.

1) If I use the package from squeeze with the above mentioned version and try
   to use the padlock engine, openssl tries to load a shared object for this
   engine, even though "padlock" is a builtin, static engine:

root at gateway:~# openssl speed -evp aes-256-ecb -engine padlock
invalid engine "padlock"
2852:error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library:dso_dlfcn.c:162:filename(/usr/lib/ssl/engines/libpadlock.so): /usr/lib/ssl/engines/libpadlock.so: cannot open shared object file: No such file or directory
2852:error:25070067:DSO support routines:DSO_load:could not load the shared library:dso_lib.c:244:
2852:error:260B6084:engine routines:DYNAMIC_LOAD:dso not found:eng_dyn.c:450:
2852:error:2606A074:engine routines:ENGINE_by_id:no such engine:eng_list.c:415:id=padlock
2852:error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library:dso_dlfcn.c:162:filename(libpadlock.so): libpadlock.so: cannot open shared object file: No such file or directory
2852:error:25070067:DSO support routines:DSO_load:could not load the shared library:dso_lib.c:244:
2852:error:260B6084:engine routines:DYNAMIC_LOAD:dso not found:eng_dyn.c:450:

2) If I follow the hints from http://www.logix.cz/michal/devel/padlock/#openssl098-static
   and add patches to above package to make a shared libpadlock.so, the problem changes to
   the one, Bastian reported. The error changes to the same
   "DLFCN_BIND_FUNC:could not bind to the requested symbol name:dso_dlfcn.c:261:symname(bind_engine)"

I chose the VIA nano over the Intel Atom partly because of it's crypto-features.
It would be nice, if I could use them in userspace (kernel support works great).
If I can do anything more to help figure this out, please let me know.

Cheers
Carsten

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-1-amd64-via (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages openssl depends on:
ii  libc6                  2.10.2-2          GNU C Library: Shared libraries
ii  libssl0.9.8            0.9.8k-7          SSL shared libraries
ii  zlib1g                 1:1.2.3.3.dfsg-15 compression library - runtime

openssl recommends no packages.

Versions of packages openssl suggests:
ii  ca-certificates               20090814   Common CA certificates

-- no debconf information

More information about the Pkg-openssl-devel mailing list