Date: Tue, 22 Apr 2003 17:20:06 +0100 From: "Diarmuid O'Neill" Subject: Patch to STunnel 3.2* to support OpenSSL engines (usually for crypto hardware accelerators). Hi, Please find enclosed a patch I've tested on 3.22 and 3.23. It adds support for OpenSSL engines. Files modified... stunnel.8 configure.ac To add the --enable-ssl-engine rule. options.c ssl.c prototypes.h Because I've modified the configure.ac script the user must run autoconf to generate the new configure file. This adds a new ./configure option --enable-ssl-engine which defines SSL_ENGINE. This is required because the non engine version of OpenSSL-0.9.6 does not include the engine header files . I was going to include the modified configure script but it was very different, probably because I used a newer version of autoconf. What do you think? If the user is building with openssl-engine-0.9.6* they will require the OpenSSL patch I've included to fix a bug in OpenSSL. I've sent this patch on the OpenSSL team [RT ticket 588], this is not required if using OpenSSL 0.9.7. I've tested this patch with an SSL accelerator and seen an improvement of 300% in terms of SSL Transactions per second. Thanks, Diarmuid. Ed note: OpenSSL versions 0.9.6(something) require an additional patch, which Diarmuid has made available at http://www.aet.tu-cottbus.de/rt2/Ticket/Display.html?id=588 No patch needed if you use the OpenSSL 0.9.7 branch.