diff -urN squid-2.5.STABLE1.orig/configure squid-2.5.STABLE1/configure
--- squid-2.5.STABLE1.orig/configure	Tue Sep 24 21:00:03 2002
+++ squid-2.5.STABLE1/configure	Wed Nov 20 11:49:19 2002
@@ -3727,6 +3727,7 @@
 	openssl/err.h \
 	openssl/md5.h \
 	openssl/ssl.h \
+	openssl/engine.h \
 	poll.h \
 	pwd.h \
 	regex.h \
diff -urN squid-2.5.STABLE1.orig/configure.in squid-2.5.STABLE1/configure.in
--- squid-2.5.STABLE1.orig/configure.in	Tue Sep 24 21:00:03 2002
+++ squid-2.5.STABLE1/configure.in	Wed Nov 20 11:48:18 2002
@@ -1170,6 +1170,7 @@
 	openssl/err.h \
 	openssl/md5.h \
 	openssl/ssl.h \
+	openssl/engine.h \
 	poll.h \
 	pwd.h \
 	regex.h \
diff -urN squid-2.5.STABLE1.orig/include/autoconf.h.in squid-2.5.STABLE1/include/autoconf.h.in
--- squid-2.5.STABLE1.orig/include/autoconf.h.in	Mon Jul 15 22:29:47 2002
+++ squid-2.5.STABLE1/include/autoconf.h.in	Wed Nov 20 11:48:57 2002
@@ -705,6 +705,9 @@
 /* Define if you have the <openssl/ssl.h> header file.  */
 #undef HAVE_OPENSSL_SSL_H
 
+/* Define if you have the <openssl/engine.h> header file.  */
+#undef HAVE_OPENSSL_ENGINE_H
+
 /* Define if you have the <poll.h> header file.  */
 #undef HAVE_POLL_H
 
diff -urN squid-2.5.STABLE1.orig/src/cf.data.pre squid-2.5.STABLE1/src/cf.data.pre
--- squid-2.5.STABLE1.orig/src/cf.data.pre	Wed Nov 20 10:33:12 2002
+++ squid-2.5.STABLE1/src/cf.data.pre	Wed Nov 20 11:48:18 2002
@@ -143,6 +143,15 @@
 	messages.
 DOC_END
 
+NAME: ssl_engine
+TYPE: string
+LOC: Config.SSL.ssl_engine
+DEFAULT: none
+DOC_START
+	The openssl engine to use. You will need to set this if you
+	would like to use hardware SSL acceleration for example.
+DOC_END
+
 NAME: icp_port udp_port
 TYPE: ushort
 DEFAULT: 3130
diff -urN squid-2.5.STABLE1.orig/src/ssl_support.c squid-2.5.STABLE1/src/ssl_support.c
--- squid-2.5.STABLE1.orig/src/ssl_support.c	Sun Jul 21 01:30:02 2002
+++ squid-2.5.STABLE1/src/ssl_support.c	Wed Nov 20 11:48:18 2002
@@ -236,6 +236,23 @@
 	ssl_initialized = 1;
 	SSL_load_error_strings();
 	SSLeay_add_ssl_algorithms();
+#ifdef HAVE_OPENSSL_ENGINE_H
+        if ( Config.SSL.ssl_engine ) {
+            ENGINE *e;
+            if ( !(e = ENGINE_by_id(Config.SSL.ssl_engine)) ) {
+                fatalf("Unable to find SSL engine '%s'\n", Config.SSL.ssl_engine);
+            }
+            if ( !ENGINE_set_default(e,ENGINE_METHOD_ALL) ) {
+                ssl_error = ERR_get_error();
+                fatalf("Failed to initialise SSL engine: %s\n",
+                    ERR_error_string(ssl_error, NULL));
+            }
+        }
+#else
+        if ( Config.SSL.ssl_engine ) {
+            fatalf("Your OpenSSL has no SSL engine support\n");
+        }
+#endif
     }
     if (!keyfile)
 	keyfile = certfile;
diff -urN squid-2.5.STABLE1.orig/src/ssl_support.h squid-2.5.STABLE1/src/ssl_support.h
--- squid-2.5.STABLE1.orig/src/ssl_support.h	Fri Oct 19 23:34:49 2001
+++ squid-2.5.STABLE1/src/ssl_support.h	Wed Nov 20 11:48:18 2002
@@ -42,6 +42,9 @@
 #if HAVE_OPENSSL_ERR_H
 #include <openssl/err.h>
 #endif
+#if HAVE_OPENSSL_ENGINE_H
+#include <openssl/engine.h>
+#endif
 
 SSL_CTX *sslCreateContext(const char *certfile, const char *keyfile, int version, const char *cipher, const char *options);
 int ssl_read_method(int, char *, int);
diff -urN squid-2.5.STABLE1.orig/src/structs.h squid-2.5.STABLE1/src/structs.h
--- squid-2.5.STABLE1.orig/src/structs.h	Wed Nov 20 10:33:12 2002
+++ squid-2.5.STABLE1/src/structs.h	Wed Nov 20 11:48:18 2002
@@ -675,6 +675,7 @@
 #if USE_SSL
     struct {
 	int unclean_shutdown;
+	char *ssl_engine;
     } SSL;
 #endif
     wordlist *ext_methods;