1 --- openssl-1.0.0g/Makefile.org 2010-01-27 08:06:58.000000000 -0800 |
|
2 +++ openssl-1.0.0g-1/Makefile.org 2012-03-26 03:04:08.440194448 -0700 |
|
3 @@ -109,7 +109,13 @@ |
|
4 ZLIB_INCLUDE= |
|
5 LIBZLIB= |
|
6 |
|
7 +# For wanboot, we only need crypto and ssl. |
|
8 +# 'apps' are not patched to work in stand-alone environment anyway. |
|
9 +ifeq ($(PLATFORM), solaris64-sparcv9-cc-sunw-wanboot) |
|
10 +DIRS= crypto ssl |
|
11 +else |
|
12 DIRS= crypto ssl engines apps test tools |
|
13 +endif |
|
14 ENGDIRS= ccgost |
|
15 SHLIBDIRS= crypto ssl |
|
16 |
|
17 --- openssl-1.0.0g/Makefile 2012-01-18 05:42:28.000000000 -0800 |
|
18 +++ openssl-1.0.0g-1/Makefile 2012-03-26 03:03:59.170540344 -0700 |
|
19 @@ -111,7 +111,13 @@ |
|
20 ZLIB_INCLUDE= |
|
21 LIBZLIB= |
|
22 |
|
23 +# For wanboot, we only need crypto and ssl. |
|
24 +# 'apps' are not patched to work in stand-alone environment anyway. |
|
25 +ifeq ($(PLATFORM), solaris64-sparcv9-cc-sunw-wanboot) |
|
26 +DIRS= crypto ssl |
|
27 +else |
|
28 DIRS= crypto ssl engines apps test tools |
|
29 +endif |
|
30 ENGDIRS= ccgost |
|
31 SHLIBDIRS= crypto ssl |
|
32 |
|
33 --- openssl-1.0.0e/crypto/cryptlib.c 2011-06-22 08:39:00.000000000 -0700 |
|
34 +++ openssl-1.0.0e_patched/crypto/cryptlib.c 2011-12-12 06:17:45.422476900 -0800 |
|
35 @@ -871,6 +871,10 @@ |
|
36 MessageBox (NULL,buf,_T("OpenSSL: FATAL"),MB_OK|MB_ICONSTOP); |
|
37 } |
|
38 #else |
|
39 +/* Solaris libsa.a used for WAN boot doesn't provide for vfprintf(). Since |
|
40 + * * OPENSSL_showfatal() is not used anywhere else then here we can safely use |
|
41 + * * the code from 0.9.7d version. */ |
|
42 +#ifndef _BOOT |
|
43 void OPENSSL_showfatal (const char *fmta,...) |
|
44 { va_list ap; |
|
45 |
|
46 @@ -878,14 +882,21 @@ |
|
47 vfprintf (stderr,fmta,ap); |
|
48 va_end (ap); |
|
49 } |
|
50 +#endif /* _BOOT */ |
|
51 int OPENSSL_isservice (void) { return 0; } |
|
52 #endif |
|
53 |
|
54 void OpenSSLDie(const char *file,int line,const char *assertion) |
|
55 { |
|
56 +#ifndef _BOOT |
|
57 OPENSSL_showfatal( |
|
58 "%s(%d): OpenSSL internal error, assertion failed: %s\n", |
|
59 file,line,assertion); |
|
60 +#else |
|
61 + fprintf(stderr, |
|
62 + "%s(%d): OpenSSL internal error, assertion failed: %s\n", |
|
63 + file,line,assertion); |
|
64 +#endif |
|
65 #if !defined(_WIN32) || defined(__CYGWIN__) |
|
66 abort(); |
|
67 #else |
|
68 --- openssl-1.0.0e/crypto/err/err_all.c 2009-08-09 07:58:05.000000000 -0700 |
|
69 +++ openssl-1.0.0e_patched/crypto/err/err_all.c 2011-12-13 05:22:01.205351400 -0800 |
|
70 @@ -142,7 +142,9 @@ |
|
71 ERR_load_X509V3_strings(); |
|
72 ERR_load_PKCS12_strings(); |
|
73 ERR_load_RAND_strings(); |
|
74 +#ifndef _BOOT |
|
75 ERR_load_DSO_strings(); |
|
76 +#endif /* _BOOT */ |
|
77 ERR_load_TS_strings(); |
|
78 #ifndef OPENSSL_NO_ENGINE |
|
79 ERR_load_ENGINE_strings(); |
|
80 --- openssl-1.0.0e/crypto/evp/evp_key.c 2010-03-27 12:27:50.000000000 -0700 |
|
81 +++ openssl-1.0.0e_patched/crypto/evp/evp_key.c 2011-12-13 05:19:32.956908600 -0800 |
|
82 @@ -84,7 +84,7 @@ |
|
83 else |
|
84 return(prompt_string); |
|
85 } |
|
86 - |
|
87 +#ifndef _BOOT |
|
88 /* For historical reasons, the standard function for reading passwords is |
|
89 * in the DES library -- if someone ever wants to disable DES, |
|
90 * this function will fail */ |
|
91 @@ -111,6 +111,7 @@ |
|
92 OPENSSL_cleanse(buff,BUFSIZ); |
|
93 return ret; |
|
94 } |
|
95 +#endif /* !_BOOT */ |
|
96 |
|
97 int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, |
|
98 const unsigned char *salt, const unsigned char *data, int datal, |
|
99 --- openssl-1.0.0e/crypto/rand/rand_unix.c 2009-04-06 07:31:36.000000000 -0700 |
|
100 +++ openssl-1.0.0e_patched/crypto/rand/rand_unix.c 2011-12-19 07:28:39.988944800 -0800 |
|
101 @@ -122,7 +122,11 @@ |
|
102 #include <sys/time.h> |
|
103 #include <sys/times.h> |
|
104 #include <sys/stat.h> |
|
105 +#ifdef _BOOT |
|
106 +#include <sys/fcntl.h> |
|
107 +#else |
|
108 #include <fcntl.h> |
|
109 +#endif |
|
110 #include <unistd.h> |
|
111 #include <time.h> |
|
112 #if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually everywhere */ |
|
113 @@ -253,6 +257,11 @@ |
|
114 const char **egdsocket = NULL; |
|
115 #endif |
|
116 |
|
117 +#ifdef _BOOT |
|
118 +/* open() is provided by standalone libsa not visible from here */ |
|
119 +extern int open(const char *, int); |
|
120 +#endif |
|
121 + |
|
122 #ifdef DEVRANDOM |
|
123 memset(randomstats,0,sizeof(randomstats)); |
|
124 /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD |
|
125 @@ -295,9 +304,13 @@ |
|
126 { |
|
127 int try_read = 0; |
|
128 |
|
129 -#if defined(OPENSSL_SYS_BEOS_R5) |
|
130 +#if defined(OPENSSL_SYS_BEOS_R5) || defined(_BOOT) |
|
131 /* select() is broken in BeOS R5, so we simply |
|
132 * try to read something and snooze if we couldn't */ |
|
133 + /* |
|
134 + * select() is not available when linking stand-alone |
|
135 + * library for wanboot |
|
136 + */ |
|
137 try_read = 1; |
|
138 |
|
139 #elif defined(OPENSSL_SYS_LINUX) |
|
140 @@ -355,6 +368,7 @@ |
|
141 else |
|
142 r = -1; |
|
143 |
|
144 +#ifndef _BOOT |
|
145 /* Some Unixen will update t in select(), some |
|
146 won't. For those who won't, or if we |
|
147 didn't use select() in the first place, |
|
148 @@ -366,13 +380,17 @@ |
|
149 } |
|
150 while ((r > 0 || |
|
151 (errno == EINTR || errno == EAGAIN)) && usec != 0 && n < ENTROPY_NEEDED); |
|
152 +#else /* _BOOT */ |
|
153 + } |
|
154 + while (r > 0 && n < ENTROPY_NEEDED); |
|
155 +#endif /* _BOOT */ |
|
156 |
|
157 close(fd); |
|
158 } |
|
159 } |
|
160 #endif /* defined(DEVRANDOM) */ |
|
161 |
|
162 -#ifdef DEVRANDOM_EGD |
|
163 +#if defined(DEVRANDOM_EGD) && !defined(_BOOT) |
|
164 /* Use an EGD socket to read entropy from an EGD or PRNGD entropy |
|
165 * collecting daemon. */ |
|
166 |
|
167 @@ -395,6 +413,7 @@ |
|
168 } |
|
169 #endif |
|
170 |
|
171 +#ifndef _BOOT |
|
172 /* put in some default random data, we need more than just this */ |
|
173 l=curr_pid; |
|
174 RAND_add(&l,sizeof(l),0.0); |
|
175 @@ -403,6 +422,7 @@ |
|
176 |
|
177 l=time(NULL); |
|
178 RAND_add(&l,sizeof(l),0.0); |
|
179 +#endif /* !_BOOT */ |
|
180 |
|
181 #if defined(OPENSSL_SYS_BEOS) |
|
182 { |
|
183 |
|
184 --- openssl-1.0.0e/crypto/rand/randfile.c 2011-03-19 02:44:37.000000000 -0700 |
|
185 +++ openssl-1.0.0e_patched/crypto/rand/randfile.c 2011-12-13 05:26:51.884824200 -0800 |
|
186 @@ -57,7 +57,9 @@ |
|
187 */ |
|
188 |
|
189 /* We need to define this to get macros like S_IFBLK and S_IFCHR */ |
|
190 +#ifndef _BOOT |
|
191 #define _XOPEN_SOURCE 500 |
|
192 +#endif /* _BOOT */ |
|
193 |
|
194 #include <errno.h> |
|
195 #include <stdio.h> |
|
196 --- openssl-1.0.0e/crypto/x509v3/v3_utl.c 2009-07-27 14:08:53.000000000 -0700 |
|
197 +++ openssl-1.0.0e_patched/crypto/x509v3/v3_utl.c 2011-12-13 05:10:08.844191400 -0800 |
|
198 @@ -659,9 +659,52 @@ |
|
199 } |
|
200 } |
|
201 |
|
202 +#if defined(_BOOT) |
|
203 +/* This function was copied from bio/b_sock.c */ |
|
204 +static int get_ip(const char *str, unsigned char ip[4]) |
|
205 + { |
|
206 + unsigned int tmp[4]; |
|
207 + int num=0,c,ok=0; |
|
208 + |
|
209 + tmp[0]=tmp[1]=tmp[2]=tmp[3]=0; |
|
210 + |
|
211 + for (;;) |
|
212 + { |
|
213 + c= *(str++); |
|
214 + if ((c >= '0') && (c <= '9')) |
|
215 + { |
|
216 + ok=1; |
|
217 + tmp[num]=tmp[num]*10+c-'0'; |
|
218 + if (tmp[num] > 255) return(0); |
|
219 + } |
|
220 + else if (c == '.') |
|
221 + { |
|
222 + if (!ok) return(-1); |
|
223 + if (num == 3) return(0); |
|
224 + num++; |
|
225 + ok=0; |
|
226 + } |
|
227 + else if (c == '\0' && (num == 3) && ok) |
|
228 + break; |
|
229 + else |
|
230 + return(0); |
|
231 + } |
|
232 + ip[0]=tmp[0]; |
|
233 + ip[1]=tmp[1]; |
|
234 + ip[2]=tmp[2]; |
|
235 + ip[3]=tmp[3]; |
|
236 + return(1); |
|
237 + } |
|
238 +#endif /* _BOOT */ |
|
239 + |
|
240 static int ipv4_from_asc(unsigned char *v4, const char *in) |
|
241 { |
|
242 int a0, a1, a2, a3; |
|
243 + |
|
244 +#if defined(_BOOT) |
|
245 + if (get_ip(in, v4) != 1) |
|
246 + return 0; |
|
247 +#else /* _BOOT */ |
|
248 if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4) |
|
249 return 0; |
|
250 if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255) |
|
251 @@ -671,6 +716,7 @@ |
|
252 v4[1] = a1; |
|
253 v4[2] = a2; |
|
254 v4[3] = a3; |
|
255 +#endif /* _BOOT */ |
|
256 return 1; |
|
257 } |
|
258 |
|
259 --- openssl-1.0.0e/e_os.h 2011-12-19 04:17:51.631087400 -0800 |
|
260 +++ openssl-1.0.0e_patched/e_os.h 2011-12-19 04:15:15.776668900 -0800 |
|
261 @@ -207,10 +207,19 @@ |
|
262 #define get_last_socket_error() errno |
|
263 #define clear_socket_error() errno=0 |
|
264 #define ioctlsocket(a,b,c) ioctl(a,b,c) |
|
265 +#ifdef _BOOT |
|
266 +#include <netinet/in.h> |
|
267 +extern int socket_read(int, void *, size_t, int); |
|
268 +extern int socket_close(int); |
|
269 +#define closesocket(s) socket_close(s) |
|
270 +#define readsocket(s,b,n) socket_read((s),(b),(n), 200) |
|
271 +#define writesocket(s,b,n) send((s),(b),(n), 0) |
|
272 +#else /* !_BOOT */ |
|
273 #define closesocket(s) close(s) |
|
274 #define readsocket(s,b,n) read((s),(b),(n)) |
|
275 #define writesocket(s,b,n) write((s),(b),(n)) |
|
276 #endif |
|
277 +#endif |
|
278 |
|
279 #ifdef WIN16 /* never the case */ |
|
280 # define MS_CALLBACK _far _loadds |
|
281 --- openssl-1.0.0e/crypto/sparcv9cap.c 2010-09-05 12:48:01.000000000 -0700 |
|
282 +++ openssl-1.0.0e_patched/crypto/sparcv9cap.c 2011-12-23 05:24:02.011607700 -0800 |
|
283 @@ -12,7 +12,11 @@ |
|
284 #define SPARCV9_VIS2 (1<<3) /* reserved */ |
|
285 #define SPARCV9_FMADD (1<<4) /* reserved for SPARC64 V */ |
|
286 |
|
287 +#ifndef _BOOT |
|
288 static int OPENSSL_sparcv9cap_P=SPARCV9_TICK_PRIVILEGED; |
|
289 +#else |
|
290 +static int OPENSSL_sparcv9cap_P = SPARCV9_VIS1; |
|
291 +#endif |
|
292 |
|
293 int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num) |
|
294 { |
|
295 @@ -32,6 +36,7 @@ |
|
296 void _sparcv9_vis2_probe(void); |
|
297 void _sparcv9_fmadd_probe(void); |
|
298 |
|
299 +#ifndef _BOOT |
|
300 unsigned long OPENSSL_rdtsc(void) |
|
301 { |
|
302 if (OPENSSL_sparcv9cap_P&SPARCV9_TICK_PRIVILEGED) |
|
303 @@ -43,8 +48,19 @@ |
|
304 else |
|
305 return _sparcv9_rdtick(); |
|
306 } |
|
307 +#endif |
|
308 + |
|
309 +#if defined(_BOOT) |
|
310 +/* |
|
311 + * Hardcoding sparc capabilities for wanboot. |
|
312 + * Older CPUs are EOLed anyway. |
|
313 + */ |
|
314 +void OPENSSL_cpuid_setup(void) |
|
315 + { |
|
316 + OPENSSL_sparcv9cap_P = SPARCV9_VIS1; |
|
317 + } |
|
318 |
|
319 -#if 0 && defined(__sun) && defined(__SVR4) |
|
320 +#elif 0 && defined(__sun) && defined(__SVR4) |
|
321 /* This code path is disabled, because of incompatibility of |
|
322 * libdevinfo.so.1 and libmalloc.so.1 (see below for details) |
|
323 */ |
|
324 --- openssl-1.0.0e/crypto/sparccpuid.S 2010-09-05 12:48:01.000000000 -0700 |
|
325 +++ openssl-1.0.0e_patched/crypto/sparccpuid.S 2012-02-13 07:42:58.259478325 -0800 |
|
326 @@ -397,6 +397,11 @@ |
|
327 .type OPENSSL_cleanse,#function |
|
328 .size OPENSSL_cleanse,.-OPENSSL_cleanse |
|
329 |
|
330 +#ifndef _BOOT |
|
331 .section ".init",#alloc,#execinstr |
|
332 call OPENSSL_cpuid_setup |
|
333 nop |
|
334 +#else |
|
335 + nop |
|
336 + nop |
|
337 +#endif |
|
338 --- openssl-1.0.0e/crypto/Makefile 2010-07-26 15:09:59.000000000 -0700 |
|
339 +++ openssl-1.0.0e_patched/crypto/Makefile 2011-12-22 08:26:22.041955800 -0800 |
|
340 @@ -34,8 +34,8 @@ |
|
341 |
|
342 LIB= $(TOP)/libcrypto.a |
|
343 SHARED_LIB= libcrypto$(SHLIB_EXT) |
|
344 -LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c |
|
345 -LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o $(CPUID_OBJ) |
|
346 +LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c wanboot-stubs.c |
|
347 +LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o wanboot-stubs.o $(CPUID_OBJ) |
|
348 |
|
349 SRC= $(LIBSRC) |
|
350 |
|