16 # fields enclosed by brackets "[]" replaced with your own identifying |
16 # fields enclosed by brackets "[]" replaced with your own identifying |
17 # information: Portions Copyright [yyyy] [name of copyright owner] |
17 # information: Portions Copyright [yyyy] [name of copyright owner] |
18 # |
18 # |
19 # CDDL HEADER END |
19 # CDDL HEADER END |
20 # |
20 # |
21 # Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved. |
21 # Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved. |
22 # |
22 # |
|
23 |
23 |
24 |
24 Build Layout |
25 Build Layout |
25 --- |
26 --- |
26 |
27 |
27 OpenSSL build is run four times. Once for regular dynamic 1.0.0 non-fips, once |
28 OpenSSL build is run four times. Once for regular dynamic 1.0.0 non-fips, once |
30 needed to build 0.9.8 FIPS-140 certified libraries. All builds apart from |
31 needed to build 0.9.8 FIPS-140 certified libraries. All builds apart from |
31 static libraries for wanboot are done for 32 and 64 bits. So, in total, OpenSSL |
32 static libraries for wanboot are done for 32 and 64 bits. So, in total, OpenSSL |
32 is built seven times. OpenSSL for wanboot is only build on sparc. |
33 is built seven times. OpenSSL for wanboot is only build on sparc. |
33 |
34 |
34 See also comments in all the Makefiles for more information. |
35 See also comments in all the Makefiles for more information. |
|
36 |
|
37 OpenSSL Version |
|
38 --- |
|
39 |
|
40 For non-FIPS build, we currently deliver OpenSSL 1.0.1e with some updates |
|
41 from OpenSSL 1.0.2 to make T4 instructions embedded in the OpenSSL |
|
42 upstream code. As of April 2013, 1.0.2 is not yet released, and therefore, |
|
43 we have decided to patch the code. |
|
44 The following files/code are copied in from 1.0.2. |
|
45 added: |
|
46 components/openssl/openssl-1.0.1/inline-t4/md5-sparcv9.pl |
|
47 components/openssl/openssl-1.0.1/inline-t4/sparc_arch.h |
|
48 components/openssl/openssl-1.0.1/patches/openssl-t4-inline.sparc-patch |
|
49 TPNO for OpenSSL 1.0.1e is 13003. |
|
50 |
|
51 For FIPS build, we currently deliver OpenSSL 0.9.8y with OpenSSL FIPS module 2.1. |
|
52 TPNO for OpenSSL 0.9.8y is 13019. |
|
53 |
35 |
54 |
36 The non-fips Build. |
55 The non-fips Build. |
37 --- |
56 --- |
38 |
57 |
39 The non-fips build is the main build of OpenSSL and includes the regular |
58 The non-fips build is the main build of OpenSSL and includes the regular |
96 - by-passing version of sparc detection in crypto/sparcv9cap.c |
115 - by-passing version of sparc detection in crypto/sparcv9cap.c |
97 - results in not using FPU for big numbers multiplication |
116 - results in not using FPU for big numbers multiplication |
98 - should be ok - original detection seems broken, FPU gets never used |
117 - should be ok - original detection seems broken, FPU gets never used |
99 - implementation of atoi() |
118 - implementation of atoi() |
100 |
119 |
101 |
120 31_dtls_version.patch |
102 openssl-1.0.0d-aesni-v4.i386-patch |
121 Fix DTLS_BAD_VER bug reported after OpenSSL 1.0.1e is released. |
103 X86-only patch. |
|
104 Add a built-in engine, aesni, to support X86 AES-NI instructions, along with |
|
105 files engines/aesni/aesni-x86[_64].pl. |
|
106 This patch is for OpenSSL 1.0.0d. For newer OpenSSL versions, a newer patch |
|
107 may be needed. |
|
108 |
122 |
109 openssl-1.0.0d-t4-engine.sparc-patch |
123 openssl-1.0.0d-t4-engine.sparc-patch |
110 SPARC-only patch. |
124 SPARC-only patch. |
111 Add a built-in engine, t4, to support SPARC T4 crypto instructions. |
125 Add a built-in engine, t4, to support SPARC T4 crypto instructions. |
112 along with files in directory engines/t4. |
126 along with files in directory engines/t4. |
|
127 |
|
128 openssl-t4-inline.sparc-patch |
|
129 SPARC-only patch. |
|
130 Add patch to support inline T4 instruction in OpenSSL upstream code until |
|
131 OpenSSL 1.0.2 is released. |
113 |
132 |
114 opensslconf.patch |
133 opensslconf.patch |
115 Modifies opensslconf.h so that it is suitable for both 32bit and 64bit installs. |
134 Modifies opensslconf.h so that it is suitable for both 32bit and 64bit installs. |
116 OpenSSL either builds for 32bit or 64bit - it doesn't allow for combined 32bit |
135 OpenSSL either builds for 32bit or 64bit - it doesn't allow for combined 32bit |
117 and 64bit builds. |
136 and 64bit builds. |