upstream/oracle/userland-gate: components/openssl/openssl-1.0.1-fips-140/patches/201-openssl

4002 95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	1	#
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	2	# Patch developed in-house. Solaris-specific; not suitable for upstream.
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	3	#
363 9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	4	--- openssl-0.9.8m/apps/openssl.c Thu Oct 15 19:28:02 2009
9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	5	+++ openssl-0.9.8m/apps/openssl.c Fri Feb 26 16:12:30 2010
4002 95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	6	@@ -135,6 +135,9 @@
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	7	# include <openssl/fips.h>
1586 2d3ec080d6a3 PSARC/2013/383 OpenSSL FIPS 140-2 version update Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 363 diff changeset	8	#endif
363 9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	9
9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	10	+/* Solaris OpenSSL */
9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	11	+#include <dlfcn.h>
9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	12	+
4002 95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	13	/*
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	14	* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	15	* the base prototypes (we cast each variable inside the function to the
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	16	@@ -155,9 +158,10 @@
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	17	BIO *bio_err = NULL;
363 9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	18	#endif
9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	19
9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	20	+static int *modes;
9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	21	+
9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	22	static void lock_dbg_cb(int mode, int type, const char *file, int line)
4002 95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	23	{
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	24	- static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	25	const char *errstr = NULL;
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	26	int rw;
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	27
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	28	@@ -167,7 +168,7 @@
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	29	goto err;
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	30	}
363 9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	31
4002 95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	32	- if (type < 0 \|\| type >= CRYPTO_NUM_LOCKS) {
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	33	+ if (type < 0 \|\| type >= CRYPTO_num_locks()) {
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	34	errstr = "type out of bounds";
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	35	goto err;
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	36	}
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	37	@@ -305,6 +306,14 @@
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	38	if (getenv("OPENSSL_DEBUG_LOCKING") != NULL)
1586 2d3ec080d6a3 PSARC/2013/383 OpenSSL FIPS 140-2 version update Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 363 diff changeset	39	#endif
4002 95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	40	{
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	41	+ modes = OPENSSL_malloc(CRYPTO_num_locks() * sizeof (int));
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	42	+ if (modes == NULL) {
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	43	+ ERR_load_crypto_strings();
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	44	+ BIO_printf(bio_err,"Memory allocation failure\n");
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	45	+ ERR_print_errors(bio_err);
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	46	+ EXIT(1);
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	47	+ }
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	48	+ memset(modes, 0, CRYPTO_num_locks() * sizeof (int));
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	49	CRYPTO_set_locking_callback(lock_dbg_cb);
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	50	}
363 9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	51
4002 95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	52	@@ -308,18 +320,28 @@
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	53	CRYPTO_set_locking_callback(lock_dbg_cb);
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	54	}
363 9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	55
9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	56	+/*
9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	57	+ * Solaris OpenSSL
9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	58	+ * Add a further check for the FIPS_mode_set() symbol before calling to
9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	59	+ * allow openssl(1openssl) to be run against both fips and non-fips libraries.
9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	60	+ */
4002 95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	61	if (getenv("OPENSSL_FIPS")) {
363 9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	62	-#ifdef OPENSSL_FIPS
4002 95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	63	- if (!FIPS_mode_set(1)) {
363 9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	64	+
4002 95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	65	+ int (*FIPS_mode_set)(int);
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	66	+ FIPS_mode_set = (int (*)(int)) dlsym(RTLD_NEXT, "FIPS_mode_set");
363 9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	67	+
4002 95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	68	+ if (FIPS_mode_set != NULL) {
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	69	+ if (!(*FIPS_mode_set)(1)) {
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	70	ERR_load_crypto_strings();
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	71	ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	72	EXIT(1);
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	73	}
363 9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	74	-#else
4002 95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	75	- fprintf(stderr, "FIPS mode not supported.\n");
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	76	+ } else {
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	77	+ fprintf(stderr, "Failed to enable FIPS mode. "
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	78	+ "For more information about running in FIPS mode see openssl(5).\n");
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	79	EXIT(1);
363 9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	80	-#endif
4002 95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	81	}
95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	82	+ }
363 9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	83
4002 95b8f35fcdd5 20735615 Upgrade OpenSSL version to 1.0.1m Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: 1641 diff changeset	84	apps_startup();
363 9c0cad004039 7039910 move OpenSSL from SFW to Userland gate Jan Pechanec <Jan.Pechanec@Oracle.COM> parents: diff changeset	85

author	Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
	Thu, 28 May 2015 09:54:36 -0700
changeset 4370	7043c27399f1
parent 4002	components/openssl/openssl-1.0.1-fips-140/patches/26-openssl_fips.patch@95b8f35fcdd5
permissions	-rw-r--r--