[PATCH] package: openssl: Enable built engines per default
Eneas U de Queiroz
cotequeiroz at gmail.com
Fri Apr 23 13:31:10 BST 2021
On Fri, Apr 23, 2021 at 3:11 AM Florian Eckert <fe at dev.tdt.de> wrote:
> How about if we create a uci default script and check on the running
> system what is installed?
> And then we could generate a file and add or remove an include line form
> the openssl.cnf [1]?
Hi Florian, Daniel
I think we can manage something like that. The .include option can
load all files in a directory (/etc/ssl/engines.d/), and won't fail if
there aren't any files--the directory itself must exist. Each engine
package can install its own file there, ahd have a post-install script
that adds a line to an "engines.cnf" file if there isn't any:
add_engine() {
# $1 = engine name (engine .so file without the .so extension)
grep -q "$1=$1" /etc/ssl/engines.d/engines.cnf && return
echo "$1=$1" >> /etc/ssl/engines.d/engines.cnf
}
/etc/ssl/engines.d/engines.cnf would start out with just the [engines]
header and some comments explaining its use and warning not to edit
something that would break things.
What do you think?
Cheers,
Eneas
More information about the openwrt-devel
mailing list