1 diff -ruN ../a/openssl-0.9.8o/Configure openssl-0.9.8o/Configure |
|
2 --- ../a/openssl-0.9.8o/Configure 2010-05-20 10:36:23.000000000 -0700 |
|
3 +++ openssl-0.9.8o/Configure 2010-09-22 18:32:18.922795700 -0700 |
|
4 @@ -12,7 +12,7 @@ |
|
5 |
|
6 # see INSTALL for instructions. |
|
7 |
|
8 -my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [enable-montasm] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n"; |
|
9 +my $usage="Usage: Configure --pk11-libname=PK11_LIB_LOCATION [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [enable-montasm] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n"; |
|
10 |
|
11 # Options: |
|
12 # |
|
13 @@ -21,6 +21,9 @@ |
|
14 # --prefix prefix for the OpenSSL include, lib and bin directories |
|
15 # (Default: the OPENSSLDIR directory) |
|
16 # |
|
17 +# --pk11-libname PKCS#11 library name. |
|
18 +# (Default: none) |
|
19 +# |
|
20 # --install_prefix Additional prefix for package builders (empty by |
|
21 # default). This needn't be set in advance, you can |
|
22 # just as well use "make INSTALL_PREFIX=/whatever install". |
|
23 @@ -587,6 +590,9 @@ |
|
24 my $idx_ranlib = $idx++; |
|
25 my $idx_arflags = $idx++; |
|
26 |
|
27 +# PKCS#11 engine patch |
|
28 +my $pk11_libname=""; |
|
29 + |
|
30 my $prefix=""; |
|
31 my $libdir=""; |
|
32 my $openssldir=""; |
|
33 @@ -825,6 +831,10 @@ |
|
34 { |
|
35 $flags.=$_." "; |
|
36 } |
|
37 + elsif (/^--pk11-libname=(.*)$/) |
|
38 + { |
|
39 + $pk11_libname=$1; |
|
40 + } |
|
41 elsif (/^--prefix=(.*)$/) |
|
42 { |
|
43 $prefix=$1; |
|
44 @@ -960,6 +970,13 @@ |
|
45 exit 0; |
|
46 } |
|
47 |
|
48 +if (! $pk11_libname) |
|
49 + { |
|
50 + print STDERR "You must set --pk11-libname for PKCS#11 library.\n"; |
|
51 + print STDERR "See README.pkcs11 for more information.\n"; |
|
52 + exit 1; |
|
53 + } |
|
54 + |
|
55 if ($target =~ m/^CygWin32(-.*)$/) { |
|
56 $target = "Cygwin".$1; |
|
57 } |
|
58 @@ -1126,6 +1143,8 @@ |
|
59 if ($flags ne "") { $cflags="$flags$cflags"; } |
|
60 else { $no_user_cflags=1; } |
|
61 |
|
62 +$cflags="-DPK11_LIB_LOCATION=\"$pk11_libname\" $cflags"; |
|
63 + |
|
64 # Kerberos settings. The flavor must be provided from outside, either through |
|
65 # the script "config" or manually. |
|
66 if (!$no_krb5) |
|
67 @@ -1489,6 +1508,7 @@ |
|
68 s/^VERSION=.*/VERSION=$version/; |
|
69 s/^MAJOR=.*/MAJOR=$major/; |
|
70 s/^MINOR=.*/MINOR=$minor/; |
|
71 + s/^PK11_LIB_LOCATION=.*/PK11_LIB_LOCATION=$pk11_libname/; |
|
72 s/^SHLIB_VERSION_NUMBER=.*/SHLIB_VERSION_NUMBER=$shlib_version_number/; |
|
73 s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/; |
|
74 s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/; |
|
75 diff -ruN ../a/openssl-0.9.8o/Makefile.org openssl-0.9.8o/Makefile.org |
|
76 --- ../a/openssl-0.9.8o/Makefile.org 2010-01-27 08:06:36.000000000 -0800 |
|
77 +++ openssl-0.9.8o/Makefile.org 2010-09-22 18:32:19.152576100 -0700 |
|
78 @@ -26,6 +26,9 @@ |
|
79 INSTALL_PREFIX= |
|
80 INSTALLTOP=/usr/local/ssl |
|
81 |
|
82 +# You must set this through --pk11-libname configure option. |
|
83 +PK11_LIB_LOCATION= |
|
84 + |
|
85 # Do not edit this manually. Use Configure --openssldir=DIR do change this! |
|
86 OPENSSLDIR=/usr/local/ssl |
|
87 |
|
88 diff -ruN ../a/openssl-0.9.8o/crypto/engine/Makefile openssl-0.9.8o/crypto/engine/Makefile |
|
89 --- ../a/openssl-0.9.8o/crypto/engine/Makefile 2009-09-27 07:04:32.000000000 -0700 |
|
90 +++ openssl-0.9.8o/crypto/engine/Makefile 2010-09-22 18:32:19.109972600 -0700 |
|
91 @@ -21,12 +21,14 @@ |
|
92 eng_table.c eng_pkey.c eng_fat.c eng_all.c \ |
|
93 tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_ecdh.c tb_rand.c tb_store.c \ |
|
94 tb_cipher.c tb_digest.c \ |
|
95 - eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c eng_padlock.c |
|
96 + eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c eng_padlock.c \ |
|
97 + hw_pk11.c hw_pk11_pub.c hw_pk11_uri.c |
|
98 LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \ |
|
99 eng_table.o eng_pkey.o eng_fat.o eng_all.o \ |
|
100 tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_ecdh.o tb_rand.o tb_store.o \ |
|
101 tb_cipher.o tb_digest.o \ |
|
102 - eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o eng_padlock.o |
|
103 + eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o eng_padlock.o \ |
|
104 + hw_pk11.o hw_pk11_pub.o hw_pk11_uri.o |
|
105 |
|
106 SRC= $(LIBSRC) |
|
107 |
|
108 diff -ruN ../a/openssl-0.9.8o/crypto/engine/eng_all.c openssl-0.9.8o/crypto/engine/eng_all.c |
|
109 --- ../a/openssl-0.9.8o/crypto/engine/eng_all.c 2010-02-28 16:30:11.000000000 -0800 |
|
110 +++ openssl-0.9.8o/crypto/engine/eng_all.c 2010-09-22 18:33:15.326949000 -0700 |
|
111 @@ -72,6 +72,9 @@ |
|
112 ENGINE_load_padlock(); |
|
113 #endif |
|
114 ENGINE_load_dynamic(); |
|
115 +#ifndef OPENSSL_NO_HW_PKCS11 |
|
116 + ENGINE_load_pk11(); |
|
117 +#endif |
|
118 #ifndef OPENSSL_NO_STATIC_ENGINE |
|
119 #ifndef OPENSSL_NO_HW |
|
120 #ifndef OPENSSL_NO_HW_4758_CCA |
|
121 diff -ruN ../a/openssl-0.9.8o/crypto/engine/engine.h openssl-0.9.8o/crypto/engine/engine.h |
|
122 --- ../a/openssl-0.9.8o/crypto/engine/engine.h 2010-02-09 06:18:15.000000000 -0800 |
|
123 +++ openssl-0.9.8o/crypto/engine/engine.h 2010-09-22 18:32:19.063758100 -0700 |
|
124 @@ -337,6 +337,7 @@ |
|
125 void ENGINE_load_ubsec(void); |
|
126 #endif |
|
127 void ENGINE_load_cryptodev(void); |
|
128 +void ENGINE_load_pk11(void); |
|
129 void ENGINE_load_padlock(void); |
|
130 void ENGINE_load_builtin_engines(void); |
|
131 #ifdef OPENSSL_SYS_WIN32 |
|