[PATCH 1/2] OpenSSL: Initialise PKCS#11 engine even if found with ENGINE_by_id()

David Woodhouse dwmw2 at infradead.org
Tue Jun 7 05:08:13 PDT 2016

On Tue, 2016-06-07 at 13:02 +0100, David Woodhouse wrote:
> Recent versions of engine_pkcs11 are set up to be autoloaded on demand
> with ENGINE_by_id() because they don't need explicit configuration.
> But if we *do* want to explicitly configure them with a PKCS#11 module
> path, we should still do so.
> We can't tell whether it was already initialised, but it's harmless to
> repeat the MODULE_PATH command if it was.
> Signed-off-by: David Woodhouse <David.Woodhouse at intel.com>

Apologies, Evolution appears to have eaten the whitespace in those
patches and turned some spaces in to non-breaking spaces. I'll go file
a bug later, but in the meantime they're both at
 git:// or http://git.infradead.org/users/dwmw2/hostap.git

I tested with the use case we *care* about, which is a simple:


We should probably make it work without specifying the private_key
separately, like it does for PKCS#12 files.

David Woodhouse                            Open Source Technology Centre
David.Woodhouse at intel.com                              Intel Corporation
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5760 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/hostap/attachments/20160607/54bb5062/attachment.bin>

More information about the Hostap mailing list