how to use "my" openssl engine in openvpn?

How to customize and extend your OpenVPN installation.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
zahra
OpenVpn Newbie
Posts: 1
Joined: Tue Jun 30, 2015 9:34 am

how to use "my" openssl engine in openvpn?

Post by zahra » Tue Jun 30, 2015 9:41 am

Hi all
I created an engine in OpenSSL and I want to use it in OpenVPN. I made .so file and copied that to /usr/local/lib directory (this directory is fixed in OpenSSL configuration). I changed openssl.cnf. So OpenSSL recognized my engine. After that I changed option.c file in src directory in OpenVPN-2.3.2. I defined o->engine by my engine id. But that does not work...
this is my engine code:

Code: Select all

static int bind_fn(ENGINE * e, const char *id)
{    
    if (!ENGINE_set_id(e, "sample") ||
    !ENGINE_set_name(e, "sample engine")) {    
    return 0;    
} else {    
        return 1;    
}    
}    
IMPLEMENT_DYNAMIC_CHECK_FN();    
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn);
and I added below line in openssl.cnf:

Code: Select all

openssl_conf = openssl_def

[openssl_def]
engines = engines_section

[engines_section]
sample = sample_section

[sample_section]
engine_id = sample
dynamic_path = /path/sample_engine.so   
init = 0    
default_algorithms = ALL    
[req]     
distinguished_name = req_distinguished_name     

[req_distinguished_name]     
CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet
finally in init_options method of options.c in openvpn src directory, I added this commands:

Code: Select all

const char * id = "sample";    
o->engine = id;
But sample engine is not recognized in openvpn :cry:

bigbrett
OpenVpn Newbie
Posts: 1
Joined: Thu May 25, 2017 7:08 pm

Re: how to use "my" openssl engine in openvpn?

Post by bigbrett » Thu Jun 01, 2017 8:54 pm

did you ever figure this out?

Post Reply