search for: engine_load_private_key

...rity reasons. This has apparently caused a problem with PHP/libcurl: [...conf.d]$ /etc/init.d/httpd restart Stopping httpd: [FAILED] Starting httpd: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp4.so into server: /usr/lib/libcurl.so.2: undefined symbol: ENGINE_load_private_key I have searched for a solution to this and come up dry, even on openssh.com. On a local forum it has been suggested that I need a version of libcurl to be compatible with OpenSSH 3.7.1p2. If so, what version would that be? If not, what would you suggest? Otherwise I need to revert to OpenSSH 3.5...

...gt; /* the engine isn't available */ > ERR_print_errors_fp(stderr); > error("ENGINE_get_last failed."); > goto finish; > } > > // Fetch and store the private key through the engine > pk = ENGINE_load_private_key(eng, engkey, NULL, (void *)passphrase); > if (pk == NULL) { > ERR_print_errors_fp(stderr); > debug("ENGINE_load_private_key failed"); > (void)ERR_get_error(); > goto finish; > } else if (pk->type == E...

Engine keys are private key files which are only understood by openssl external engines. ?The problem is they can't be loaded with the usual openssl methods, they have to be loaded via ENGINE_load_private_key(). ?Because they're files, they fit well into openssh pub/private file structure, so they're not very appropriately handled by the pkcs11 interface because it assumes the private keys are already present in some token (so there's no way to pass in a file name). The candidate I have for...

I've architected this in a way that looks future proof at least to the openssl provider transition. What will happen in openssl 3.0.0 is that providers become active and will accept keys via URI. The current file mechanisms will still be available but internally it will become a file URI. To support the provider interface, openssl will have to accept keys by URI instead of file and may

...te UI method", __func__); + ERR_print_errors_fp(stderr); + return ret; + } + UI_method_set_reader(ui, ui_read); + + if (!ENGINE_init(e)) { + verbose("%s: failed to init engine %s", __func__, engine); + ERR_print_errors_fp(stderr); + return ret; + } + + d.passphrase = pin; + pk = ENGINE_load_private_key(e, file, ui, &d); + ENGINE_finish(e); + + if (d.ret == -2) + return SSH_ERR_KEY_WRONG_PASSPHRASE; + + if (!pk) { + verbose("%s: engine returned no key", __func__); + ERR_print_errors_fp(stderr); + return ret; + } + + /* here's a nasty problem: most engines don't tell us th...