+ tls_register_engine (&openssl_engine, CRYPTO_ENGINE_OPENSSL);
+
+ om->engine_init = 0;
+
+ /* default ciphers */
+ tls_openssl_set_ciphers
+ ("ALL:!ADH:!LOW:!EXP:!MD5:!RC4-SHA:!DES-CBC3-SHA:@STRENGTH");
+
+ return error;
+}
+/* *INDENT-OFF* */
+VLIB_INIT_FUNCTION (tls_openssl_init) =
+{
+ .runs_after = VLIB_INITS("tls_init"),
+};
+/* *INDENT-ON* */
+
+#ifdef HAVE_OPENSSL_ASYNC
+static clib_error_t *
+tls_openssl_set_command_fn (vlib_main_t * vm, unformat_input_t * input,
+ vlib_cli_command_t * cmd)
+{
+ openssl_main_t *om = &openssl_main;
+ char *engine_name = NULL;
+ char *engine_alg = NULL;
+ char *ciphers = NULL;
+ u8 engine_name_set = 0;
+ int i, async = 0;
+
+ /* By present, it is not allowed to configure engine again after running */
+ if (om->engine_init)
+ {
+ clib_warning ("engine has started!\n");
+ return clib_error_return
+ (0, "engine has started, and no config is accepted");
+ }
+
+ while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (input, "engine %s", &engine_name))
+ {
+ engine_name_set = 1;
+ }
+ else if (unformat (input, "async"))
+ {
+ async = 1;
+ }
+ else if (unformat (input, "alg %s", &engine_alg))
+ {
+ for (i = 0; i < strnlen (engine_alg, MAX_CRYPTO_LEN); i++)
+ engine_alg[i] = toupper (engine_alg[i]);
+ }
+ else if (unformat (input, "ciphers %s", &ciphers))
+ {
+ tls_openssl_set_ciphers (ciphers);
+ }
+ else
+ return clib_error_return (0, "failed: unknown input `%U'",
+ format_unformat_error, input);
+ }
+
+ /* reset parameters if engine is not configured */
+ if (!engine_name_set)
+ {
+ clib_warning ("No engine provided! \n");
+ async = 0;
+ }
+ else
+ {
+ vnet_session_enable_disable (vm, 1);
+ if (openssl_engine_register (engine_name, engine_alg, async) < 0)
+ {
+ return clib_error_return (0, "Failed to register %s polling",
+ engine_name);
+ }
+ else
+ {
+ vlib_cli_output (vm, "Successfully register engine %s\n",
+ engine_name);
+ }
+ }
+ om->async = async;
+