Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssl/openssl-1.0.1-fips-140/patches/15-pkcs11_engine-0.9.8a.patch
branchs11u2-sru
changeset 4016 7f9e1e7611b8
parent 2921 8da1e7689d13
equal deleted inserted replaced
4013:29dc96079508 4016:7f9e1e7611b8 
       
     1 #
 
       
     2 # This patch file adds the Solaris's pkcs11 engine.
 
       
     3 # This is Solaris-specific (developed in house): not suitable for upstream.
 
       
     4 #
 
     1 --- /tmp/Configure	Fri Feb 11 14:40:39 2011
 
     5 --- /tmp/Configure	Fri Feb 11 14:40:39 2011
 
     2 +++ openssl-1.0.0d/Configure	Fri Feb 11 14:41:36 2011
 
     6 +++ openssl-1.0.0d/Configure	Fri Feb 11 14:41:36 2011
 
     3 @@ -10,7 +10,7 @@
 
     7 @@ -10,7 +10,7 @@
 
     4  
     8  
     5  # see INSTALL for instructions.
 
     9  # see INSTALL for instructions.
 
    27 +my $pk11_libname="";
 
    31 +my $pk11_libname="";
 
    28 +
 
    32 +
 
    29  my $prefix="";
 
    33  my $prefix="";
 
    30  my $libdir="";
 
    34  my $libdir="";
 
    31  my $openssldir="";
 
    35  my $openssldir="";
 
    32 @@ -876,6 +879,10 @@
 
    36 @@ -882,6 +888,10 @@
 
    33 				$_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
 
    37 				$_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
 
    34 				$flags.=$_." ";
 
    38 				$flags.=$_." ";
 
    35 				}
 
    39 				}
 
    36 +			elsif (/^--pk11-libname=(.*)$/)
 
    40 +			elsif (/^--pk11-libname=(.*)$/)
 
    37 +				{
 
    41 +				{
 
    38 +				$pk11_libname=$1;
 
    42 +				$pk11_libname=$1;
 
    39 +				}
 
    43 +				}
 
    40 			elsif (/^--prefix=(.*)$/)
 
    44 			elsif (/^--prefix=(.*)$/)
 
    41 				{
 
    45 				{
 
    42 				$prefix=$1;
 
    46 				$prefix=$1;
 
    43 @@ -1043,6 +1054,13 @@
 
    47 @@ -1049,6 +1059,13 @@
 
    44  	exit 0;
 
    48  	exit 0;
 
    45  }
 
    49  }
 
    46  
    50  
    47 +if (! $pk11_libname)
 
    51 +if (! $pk11_libname)
 
    48 +        {
 
    52 +        {
 
    52 +        }
 
    56 +        }
 
    53 +
 
    57 +
 
    54  if ($target =~ m/^CygWin32(-.*)$/) {
 
    58  if ($target =~ m/^CygWin32(-.*)$/) {
 
    55  	$target = "Cygwin".$1;
 
    59  	$target = "Cygwin".$1;
 
    56  }
 
    60  }
 
    57 @@ -1209,6 +1226,8 @@
 
    61 @@ -1215,6 +1232,8 @@
 
    58  if ($flags ne "")	{ $cflags="$flags$cflags"; }
 
    62  if ($flags ne "")	{ $cflags="$flags$cflags"; }
 
    59  else			{ $no_user_cflags=1;       }
 
    63  else			{ $no_user_cflags=1;       }
 
    60  
    64  
    61 +$cflags="-DPK11_LIB_LOCATION=\"$pk11_libname\" $cflags";
 
    65 +$cflags="-DPK11_LIB_LOCATION=\"$pk11_libname\" $cflags";
 
    62 +
 
    66 +
 
    63  # Kerberos settings.  The flavor must be provided from outside, either through
 
    67  # Kerberos settings.  The flavor must be provided from outside, either through
 
    64  # the script "config" or manually.
 
    68  # the script "config" or manually.
 
    65  if (!$no_krb5)
 
    69  if (!$no_krb5)
 
    66 @@ -1598,6 +1617,7 @@
 
    70 @@ -1604,6 +1623,7 @@
 
    67  	s/^VERSION=.*/VERSION=$version/;
 
    71  	s/^VERSION=.*/VERSION=$version/;
 
    68  	s/^MAJOR=.*/MAJOR=$major/;
 
    72  	s/^MAJOR=.*/MAJOR=$major/;
 
    69  	s/^MINOR=.*/MINOR=$minor/;
 
    73  	s/^MINOR=.*/MINOR=$minor/;
 
    70 +	s/^PK11_LIB_LOCATION=.*/PK11_LIB_LOCATION=$pk11_libname/;
 
    74 +	s/^PK11_LIB_LOCATION=.*/PK11_LIB_LOCATION=$pk11_libname/;
 
    71 	s/^SHLIB_VERSION_NUMBER=.*/SHLIB_VERSION_NUMBER=$shlib_version_number/;
 
    75  	s/^SHLIB_VERSION_NUMBER=.*/SHLIB_VERSION_NUMBER=$shlib_version_number/;
 
    72  	s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/;
 
    76  	s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/;
 
    73  	s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/;
 
    77  	s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/;
 
    74 --- /tmp/Makefile.org	Fri Feb 11 14:41:54 2011
 
    78 --- /tmp/Makefile.org	Fri Feb 11 14:41:54 2011
 
    75 +++ openssl-1.0.0d/Makefile.org	Fri Feb 11 14:38:01 2011
 
    79 +++ openssl-1.0.0d/Makefile.org	Fri Feb 11 14:38:01 2011
 
    76 @@ -26,6 +26,9 @@
 
    80 @@ -26,6 +26,9 @@
 
    81 +PK11_LIB_LOCATION=
 
    85 +PK11_LIB_LOCATION=
 
    82 +
 
    86 +
 
    83  # Do not edit this manually. Use Configure --openssldir=DIR do change this!
 
    87  # Do not edit this manually. Use Configure --openssldir=DIR do change this!
 
    84  OPENSSLDIR=/usr/local/ssl
 
    88  OPENSSLDIR=/usr/local/ssl
 
    85  
    89  
    86 --- openssl-1.0.1e/engines/Makefile.~1~        Fri Nov 22 13:40:31 2013
 
    90 --- /tmp/Makefile	Mon Feb 14 14:59:22 2011
 
    87 +++ openssl-1.0.1e/engines/Makefile    Fri Nov 22 13:43:46 2013
 
    91 +++ openssl-1.0.0d/engines/Makefile	Mon Feb 14 15:00:35 2011
 
    88 @@ -26,7 +26,8 @@
 
    92 @@ -26,7 +26,8 @@
 
    89  APPS=
 
    93  APPS=
 
    90  
    94  
    91  LIB=$(TOP)/libcrypto.a
 
    95  LIB=$(TOP)/libcrypto.a
 
    92 -LIBNAMES= 4758cca aep atalla cswift gmp chil nuron sureware ubsec padlock capi
 
    96 -LIBNAMES= 4758cca aep atalla cswift gmp chil nuron sureware ubsec padlock capi
 
    93 +LIBNAMES= 4758cca aep atalla cswift gmp chil nuron sureware ubsec padlock capi \
 
    97 +LIBNAMES= 4758cca aep atalla cswift gmp chil nuron sureware ubsec padlock capi \
 
    94 +	pk11
 
    98 +	  pk11
 
    95  
    99  
    96  LIBSRC=	e_4758cca.c \
 
   100  LIBSRC=	e_4758cca.c \
 
    97 	e_aep.c \
 
   101  	e_aep.c \
 
    98 @@ -38,7 +39,8 @@
 
   102 @@ -38,7 +39,8 @@
 
    99 	e_sureware.c \
 
   103  	e_sureware.c \
 
   100 	e_ubsec.c \
 
   104  	e_ubsec.c \
 
   101 	e_padlock.c \
 
   105  	e_padlock.c \
 
   102 -	e_capi.c
 
   106 -	e_capi.c
 
   103 +	e_capi.c \
 
   107 +	e_capi.c \
 
   104 +	e_pk11.c
 
   108 +	e_pk11.c
 
   105  LIBOBJ= e_4758cca.o \
 
   109  LIBOBJ= e_4758cca.o \
 
   106 	e_aep.o \
 
   110  	e_aep.o \
 
   107 	e_atalla.o \
 
   111  	e_atalla.o \
 
   108 @@ -49,7 +51,8 @@
 
   112 @@ -49,7 +51,8 @@
 
   109 	e_sureware.o \
 
   113  	e_sureware.o \
 
   110 	e_ubsec.o \
 
   114  	e_ubsec.o \
 
   111 	e_padlock.o \
 
   115  	e_padlock.o \
 
   112 -	e_capi.o
 
   116 -	e_capi.o
 
   113 +	e_capi.o \
 
   117 +	e_capi.o \
 
   114 +	e_pk11.o
 
   118 +	e_pk11.o
 
   115  
   119  
   116  SRC= $(LIBSRC)
 
   120  SRC= $(LIBSRC)
 
   117  
   121  
   118 @@ -63,7 +66,8 @@
 
   122 @@ -63,7 +66,8 @@
 
   119 	e_nuron_err.c e_nuron_err.h \
 
   123  	e_nuron_err.c e_nuron_err.h \
 
   120 	e_sureware_err.c e_sureware_err.h \
 
   124  	e_sureware_err.c e_sureware_err.h \
 
   121 	e_ubsec_err.c e_ubsec_err.h \
 
   125  	e_ubsec_err.c e_ubsec_err.h \
 
   122 -	e_capi_err.c e_capi_err.h
 
   126 -	e_capi_err.c e_capi_err.h
 
   123 +	e_capi_err.c e_capi_err.h \
 
   127 +	e_capi_err.c e_capi_err.h \
 
   124 +	e_pk11.h e_pk11_uri.h e_pk11_err.h e_pk11_pub.c e_pk11_uri.c e_pk11_err.c
 
   128 +	e_pk11.h e_pk11_uri.h e_pk11_err.h e_pk11_pub.c e_pk11_uri.c e_pk11_err.c
 
   125  
   129  
   126  ALL=    $(GENERAL) $(SRC) $(HEADER)
 
   130  ALL=    $(GENERAL) $(SRC) $(HEADER)
 
   127  
   131  
   128 @@ -78,7 +82,7 @@
 
   132 @@ -78,7 +82,7 @@
 
   129 		for l in $(LIBNAMES); do \
 
   133  		for l in $(LIBNAMES); do \
 
   130 			$(MAKE) -f ../Makefile.shared -e \
 
   134  			$(MAKE) -f ../Makefile.shared -e \
 
   131 				LIBNAME=$$l LIBEXTRAS=e_$$l.o \
 
   135  				LIBNAME=$$l LIBEXTRAS=e_$$l.o \
 
   132 -				LIBDEPS='-L.. -lcrypto $(EX_LIBS)' \
 
   136 -				LIBDEPS='-L.. -lcrypto $(EX_LIBS)' \
 
   133 +				LIBDEPS='-L.. -lcrypto -lcryptoutil $(EX_LIBS)' \
 
   137 +				LIBDEPS='-L.. -lcrypto -lcryptoutil $(EX_LIBS)' \
 
   134 				link_o.$(SHLIB_TARGET); \
 
   138  				link_o.$(SHLIB_TARGET); \
 
   135 		done; \
 
   139  		done; \
 
   136 	else \
 
   140  	else \
 
   137 --- openssl-1.0.1e/crypto/engine/eng_all.c.~1~       Mon Feb 11 07:26:04 2013
 
   141 --- crypto/engine/eng_all.c Thu Sep  5 12:59:50 2013
 
   138 +++ openssl-1.0.1e/crypto/engine/eng_all.c   Wed Nov 20 11:38:05 2013
 
   142 +++ openssl-1.0.1e/crypto/engine/eng_all.c Thu Sep  5 12:59:50 2013
 
   139 @@ -59,6 +59,16 @@
 
   143 @@ -60,6 +60,16 @@
 
   140  #include "cryptlib.h"
 
   144  #include "cryptlib.h"
 
   141  #include "eng_int.h"
 
   145  #include "eng_int.h"
 
   142  
   146 
   143 +/*
 
   147 +/*
 
   144 + * pkcs11 engine no longer is a built-in engine, and ENGINE_load_pk11() needs to be
 
   148 + * pkcs11 engine no longer is a built-in engine, and ENGINE_load_pk11() needs to be
 
   145 + * defined in libcrypto.so for ssh. Instead of load pkcs11 engine, it loads dynamic
 
   149 + * defined in libcrypto.so for ssh.  Instead of load pkcs11 engine, it load dynamic
 
   146 + * engines.
 
   150 + * engines.
 
   147 + */
 
   151 + */
 
   148 +void ENGINE_load_pk11(void)
 
   152 +void ENGINE_load_pk11(void)
 
   149 +	{
 
   153 +	{
 
   150 +	ENGINE_load_dynamic();
 
   154 +	ENGINE_load_dynamic();
 
   151 +	}
 
   155 +	}
 
   152 +
 
   156 +
 
   153  void ENGINE_load_builtin_engines(void)
 
   157  void ENGINE_load_builtin_engines(void)
 
   154 	{
 
   158  {
 
   155 	/* Some ENGINEs need this */
 
   159      /* Some ENGINEs need this */
 
   156 @@ -80,6 +90,9 @@
 
   160 @@ -80,6 +90,9 @@
 
   157 	ENGINE_load_rdrand();
 
   161      ENGINE_load_rdrand();
 
   158  #endif
 
   162  #endif
 
   159 	ENGINE_load_dynamic();
 
   163      ENGINE_load_dynamic();
 
   160 +#ifndef OPENSSL_NO_HW_PKCS11
 
   164 +#ifndef OPENSSL_NO_HW_PKCS11
 
   161 +	ENGINE_load_pk11();
 
   165 +    ENGINE_load_pk11();
 
   162 +#endif
 
   166 +#endif
 
   163  #ifndef OPENSSL_NO_STATIC_ENGINE
 
   167  #ifndef OPENSSL_NO_STATIC_ENGINE
 
   164  #ifndef OPENSSL_NO_HW
 
   168  # ifndef OPENSSL_NO_HW
 
   165  #ifndef OPENSSL_NO_HW_4758_CCA
 
   169  #  ifndef OPENSSL_NO_HW_4758_CCA
 
   166 --- openssl-1.0.1e/crypto/dso/dso_lib.c.~1~       Wed Nov 20 13:10:57 2013
 
   170 --- crypto/dso/dso_lib.c Thu Sep  5 12:59:50 2013
 
   167 +++ openssl-1.0.1e/crypto/dso/dso_lib.c   Wed Nov 20 13:30:46 2013
 
   171 +++ openssl-1.0.1e/crypto/dso/dso_lib.c Thu Sep  5 12:59:50 2013
 
   168 @@ -426,6 +426,26 @@
 
   172 @@ -396,6 +396,24 @@
 
   169 		DSOerr(DSO_F_DSO_CONVERT_FILENAME,DSO_R_NO_FILENAME);
 
   173          DSOerr(DSO_F_DSO_CONVERT_FILENAME, DSO_R_NO_FILENAME);
 
   170 		return(NULL);
 
   174          return (NULL);
 
   171 		}
 
   175      }
 
   172 +	/*
 
   176 +    /*
 
   173 +	 * For pkcs11 engine, use libpk11.so (instead of libpkcs11.so) to
 
   177 +     * For pkcs11 engine, use libpk11.so (instead of libpkcs11.so) to
 
   174 +	 * avoid the name collision with PKCS#11 library.
 
   178 +     * avoid the name collision with PKCS#11 library.
 
   175 +	 */
 
   179 +     */
 
   176 +	if (strcmp(filename, "pkcs11") == 0)
 
   180 +    if (strcmp(filename, "pkcs11") == 0) {
 
   177 +		{
 
   181 +#ifdef  _LP64
 
   178 +#ifdef _LP64
 
   182 +        static const char fullpath[] = "/lib/openssl/engines/64/libpk11.so";
 
   179 +		static const char fullpath[] = "/lib/openssl/engines/64/libpk11.so";
 
       
   180 +#else
 
   183 +#else
 
   181 +		static const char fullpath[] = "/lib/openssl/engines/libpk11.so";
 
   184 +        static const char fullpath[] = "/lib/openssl/engines/libpk11.so";
 
   182 +#endif
 
   185 +#endif
 
   183 +		result = OPENSSL_malloc(strlen(fullpath) + 1);
 
   186 +        result = OPENSSL_malloc(strlen(fullpath) + 1);
 
   184 +		if(result == NULL)
 
   187 +        if(result == NULL) {
 
   185 +			{
 
   188 +            DSOerr(DSO_F_DSO_CONVERT_FILENAME, ERR_R_MALLOC_FAILURE);
 
   186 +			DSOerr(DSO_F_DSO_CONVERT_FILENAME, ERR_R_MALLOC_FAILURE);
 
   189 +            return(NULL);
 
   187 +			return(NULL);
 
   190 +        }
 
   188 +			}
 
   191 +        BUF_strlcpy(result, fullpath, strlen(fullpath) + 1);
 
   189 +		BUF_strlcpy(result, fullpath, sizeof(fullpath));
 
   192 +        return (result);
 
   190 +		return(result);
 
   193 +    }
 
   191 +		}
 
   194      if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) {
 
   192 	if((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0)
 
   195          if (dso->name_converter != NULL)
 
   193 		{
 
   196              result = dso->name_converter(dso, filename);
 
   194 		if(dso->name_converter != NULL)
 
   197 --- /tmp/engine.h       Fri Feb 11 14:46:24 2011
 
   195 --- /tmp/engine.h	Fri Feb 11 14:46:24 2011
 
   198 +++ openssl-1.0.0d/crypto/engine/engine.h       Fri Feb 11 14:47:32 2011
 
   196 +++ openssl-1.0.0d/crypto/engine/engine.h	Fri Feb 11 14:47:32 2011
 
   199 @@ -413,6 +413,7 @@
 
   197 @@ -351,6 +351,7 @@
 
   200  #  endif
 
   198  #endif
 
   201  # endif
 
   199  #endif
 
       
   200  void ENGINE_load_cryptodev(void);
 
   202  void ENGINE_load_cryptodev(void);
 
   201 +void ENGINE_load_pk11(void);
 
   203 +void ENGINE_load_pk11(void);
 
   202  void ENGINE_load_rsax(void);
 
   204  void ENGINE_load_rsax(void);
 
   203  void ENGINE_load_rdrand(void);
 
   205  void ENGINE_load_rdrand(void);
 
   204  void ENGINE_load_builtin_engines(void);
 
   206  void ENGINE_load_builtin_engines(void);
upstream/oracle/userland-gate