[stunnel-users] Stunnel - supports static OpenSSL engines?

• Previous message (by thread): [stunnel-users] TPM based mutual tls authentication
• Next message (by thread): [stunnel-users] My home ISP blocking ssh protocol
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

Does Stunnel support static-linked engines for OpenSSL? From my
experiments, my guess would be that it doesn't, but I may be
overlooking something and would welcome a confirmation.

Why I need it: During development of an urelated app, after many many
failed attempts, I finally managed to get OpenSSL 1.1.x working with a
CAPI engine - but the only functional setup involved CAPI built
directly into libcrypto. Every other setup, in both Visual Studio and
MinGW, led to some problem or another. I would love to extend this
success to my Stunnel setup, where I am now forced to stick with
version 5.49 because the newer versions use OpenSSL 1.1.x which simply
doesn't seem to be able to function correctly with the dynamic CAPI
engine.

What I need from Stunnel, basically, is for it to try to use
ENGINE_by_id('capi') first and only when that fails, attempt to load a
dynamic engine using ENGINE_by_id('dynamic') and the necessary
ENGINE_ctrl_cmd_string commands. I can build a functional static-built
OpenSSL libraries myself.

If Stunnel wanted to incorporate that, I am all for it, provided that
there is some way of specifying whether a static engine or a dynamic
engine is preferred. My Configure command is:

perl Configure shared enable-static-engine enable-zlib
--with-zlib-include=C:\Zlib --with-zlib-lib=C:\Zlib\zlib.lib VC-WIN64A

Pepak

• Previous message (by thread): [stunnel-users] TPM based mutual tls authentication
• Next message (by thread): [stunnel-users] My home ISP blocking ssh protocol
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]