1 --- openssl-0.9.8m/apps/openssl.c Thu Oct 15 19:28:02 2009 |
|
2 +++ openssl-0.9.8m/apps/openssl.c Fri Feb 26 16:12:30 2010 |
|
3 @@ -130,6 +130,9 @@ |
|
4 #include "s_apps.h" |
|
5 #include <openssl/err.h> |
|
6 |
|
7 +/* Solaris OpenSSL */ |
|
8 +#include <dlfcn.h> |
|
9 + |
|
10 /* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with the |
|
11 * base prototypes (we cast each variable inside the function to the required |
|
12 * type of "FUNCTION*"). This removes the necessity for macro-generated wrapper |
|
13 @@ -151,9 +154,10 @@ |
|
14 #endif |
|
15 |
|
16 |
|
17 +static int *modes; |
|
18 + |
|
19 static void lock_dbg_cb(int mode, int type, const char *file, int line) |
|
20 { |
|
21 - static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */ |
|
22 const char *errstr = NULL; |
|
23 int rw; |
|
24 |
|
25 @@ -164,7 +168,7 @@ |
|
26 goto err; |
|
27 } |
|
28 |
|
29 - if (type < 0 || type >= CRYPTO_NUM_LOCKS) |
|
30 + if (type < 0 || type >= CRYPTO_num_locks()) |
|
31 { |
|
32 errstr = "type out of bounds"; |
|
33 goto err; |
|
34 @@ -235,19 +239,29 @@ |
|
35 |
|
36 in_FIPS_mode = 0; |
|
37 |
|
38 +/* |
|
39 + * Solaris OpenSSL |
|
40 + * Add a further check for the FIPS_mode_set() symbol before calling to |
|
41 + * allow openssl(1openssl) to be run against both fips and non-fips libraries. |
|
42 + */ |
|
43 if(getenv("OPENSSL_FIPS")) { |
|
44 -#ifdef OPENSSL_FIPS |
|
45 - if (!FIPS_mode_set(1)) { |
|
46 + |
|
47 + int (*FIPS_mode_set)(int); |
|
48 + FIPS_mode_set = (int (*)(int)) dlsym(RTLD_NEXT, "FIPS_mode_set"); |
|
49 + |
|
50 + if (FIPS_mode_set != NULL) { |
|
51 + if (!(*FIPS_mode_set)(1)) { |
|
52 ERR_load_crypto_strings(); |
|
53 ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); |
|
54 EXIT(1); |
|
55 } |
|
56 in_FIPS_mode = 1; |
|
57 -#else |
|
58 - fprintf(stderr, "FIPS mode not supported.\n"); |
|
59 + } else { |
|
60 + fprintf(stderr, "Failed to enable FIPS mode. " |
|
61 + "For more information about running in FIPS mode see openssl(5).\n"); |
|
62 EXIT(1); |
|
63 -#endif |
|
64 } |
|
65 + } |
|
66 |
|
67 if (bio_err == NULL) |
|
68 if ((bio_err=BIO_new(BIO_s_file())) != NULL) |
|
69 @@ -272,6 +286,14 @@ |
|
70 if (getenv("OPENSSL_DEBUG_LOCKING") != NULL) |
|
71 #endif |
|
72 { |
|
73 + modes = OPENSSL_malloc(CRYPTO_num_locks() * sizeof (int)); |
|
74 + if (modes == NULL) { |
|
75 + ERR_load_crypto_strings(); |
|
76 + BIO_printf(bio_err,"Memory allocation failure\n"); |
|
77 + ERR_print_errors(bio_err); |
|
78 + EXIT(1); |
|
79 + } |
|
80 + memset(modes, 0, CRYPTO_num_locks() * sizeof (int)); |
|
81 CRYPTO_set_locking_callback(lock_dbg_cb); |
|
82 } |
|
83 |
|
84 @@ -379,6 +401,8 @@ |
|
85 BIO_free(bio_err); |
|
86 bio_err=NULL; |
|
87 } |
|
88 + |
|
89 + if (modes != NULL) OPENSSL_free(modes); |
|
90 OPENSSL_EXIT(ret); |
|
91 } |
|
92 |
|