equal
deleted
inserted
replaced
23 |
23 |
24 |
24 |
25 Build Layout |
25 Build Layout |
26 --- |
26 --- |
27 |
27 |
28 OpenSSL build is run four times. Once for regular dynamic 1.0.0 non-fips, once |
28 OpenSSL build is run four times. Once for regular dynamic 1.0.1 non-fips, once |
29 for static 1.0.0 bits to link with standalone wanboot binary, once for 0.9.8 |
29 for static 1.0.1 bits to link with standalone wanboot binary, once for 1.0.1 |
30 fips-140, and once for 0.9.8 FIPS-140 canister (in the openssl-fips component) |
30 fips-140, and once for 1.0.1 FIPS-140 canister (in the openssl-fips component) |
31 needed to build 0.9.8 FIPS-140 certified libraries. All builds apart from |
31 needed to build 1.0.1 FIPS-140 certified libraries. All builds apart from |
32 static libraries for wanboot are done for 32 and 64 bits. So, in total, OpenSSL |
32 static libraries for wanboot are done for 32 and 64 bits. So, in total, OpenSSL |
33 is built seven times. OpenSSL for wanboot is only build on sparc. |
33 is built seven times. OpenSSL for wanboot is only build on sparc. |
34 |
34 |
35 See also comments in all the Makefiles for more information. |
35 See also comments in all the Makefiles for more information. |
36 |
36 |
133 and 64bit builds. |
133 and 64bit builds. |
134 |
134 |
135 The fips Build |
135 The fips Build |
136 --- |
136 --- |
137 |
137 |
138 FIPS-140 certified libraries for Solaris private use. We wait for OpenSSL 1.0.0 |
138 FIPS-140 certified libraries for Solaris private use. Since OpenSSL 1.0.1 is |
139 to be FIPS-140 certified in which time we can ship only 1.0.0 with S11 and make |
139 now FIPS-140 certified, we can ship only 1.0.1 with S12 and S11.2 and make |
140 it a public interface. |
140 it a public interface. (To be done next) |
141 |
141 |
142 Patches |
142 Patches |
143 --- |
143 --- |
144 |
144 |
145 All the patches from 1.0.0 are used in 0.9.8 as well aside from |
145 All the patches from 1.0.1 (non-fips) are used in 1.0.1(fips) as well aside from |
146 14-manpage_openssl.patch which is not needed since we do not deliver 0.9.8 man |
146 14-manpage_openssl.patch which is not needed since we do not deliver 1.0.1(fips) man |
147 pages. Additional patches: |
147 pages. Once we make fips version public, we should deliver man page. |
148 |
|
149 01-7009105.patch |
|
150 Fixing a bug introduces in 0.9.8q and fixed in 0.9.8r. |
|
151 |
|
152 sparc-01-ccwrap.patch |
|
153 Workaround so that fingerprinting the canister during runtime and comparing it |
|
154 with the saved fingerprint works correctly. |
|
155 |
148 |
156 The wanboot Build |
149 The wanboot Build |
157 ---- |
150 ---- |
158 |
151 |
159 There are some significant differences when building OpenSSL for wanboot. |
152 There are some significant differences when building OpenSSL for wanboot. |