equal
deleted
inserted
replaced
22 # |
22 # |
23 |
23 |
24 Build Layout |
24 Build Layout |
25 --- |
25 --- |
26 |
26 |
27 OpenSSL build is run four times. Once for regular dynamic 1.0.0 non-fips, once |
27 OpenSSL build is run four times. Once for regular dynamic 1.0.1 non-fips, once |
28 for static 1.0.0 bits to link with standalone wanboot binary, once for 0.9.8 |
28 for static 1.0.1 bits to link with standalone wanboot binary, once for 1.0.1 |
29 fips-140, and once for 0.9.8 FIPS-140 canister (in the openssl-fips component) |
29 fips-140, and once for 1.0.1 FIPS-140 canister (in the openssl-fips component) |
30 needed to build 0.9.8 FIPS-140 certified libraries. All builds apart from |
30 needed to build 1.0.1 FIPS-140 certified libraries. All builds apart from |
31 static libraries for wanboot are done for 32 and 64 bits. So, in total, OpenSSL |
31 static libraries for wanboot are done for 32 and 64 bits. So, in total, OpenSSL |
32 is built seven times. OpenSSL for wanboot is only build on sparc. |
32 is built seven times. OpenSSL for wanboot is only build on sparc. |
33 |
33 |
34 See also comments in all the Makefiles for more information. |
34 See also comments in all the Makefiles for more information. |
35 |
35 |
136 and 64bit builds. |
136 and 64bit builds. |
137 |
137 |
138 The fips Build |
138 The fips Build |
139 --- |
139 --- |
140 |
140 |
141 FIPS-140 certified libraries for Solaris private use. We wait for OpenSSL 1.0.0 |
141 FIPS-140 certified libraries for Solaris private use. We wait for OpenSSL 1.0.1 |
142 to be FIPS-140 certified in which time we can ship only 1.0.0 with S11 and make |
142 to be FIPS-140 certified in which time we can ship only 1.0.1 with S11 and make |
143 it a public interface. |
143 it a public interface. (To be done next) |
144 |
144 |
145 Patches |
145 Patches |
146 --- |
146 --- |
147 |
147 |
148 All the patches from 1.0.0 are used in 0.9.8 as well aside from |
148 All the patches from 1.0.1 (non-fips) are used in 1.0.1 (fips) as well aside from |
149 14-manpage_openssl.patch which is not needed since we do not deliver 0.9.8 man |
149 14-manpage_openssl.patch which is not needed since we do not deliver 1.0.1 man |
150 pages. Additional patches: |
150 pages. Once we make fips version public, we should deliver man page. |
151 |
|
152 01-7009105.patch |
|
153 Fixing a bug introduces in 0.9.8q and fixed in 0.9.8r. |
|
154 |
|
155 sparc-01-ccwrap.patch |
|
156 Workaround so that fingerprinting the canister during runtime and comparing it |
|
157 with the saved fingerprint works correctly. |
|
158 |
151 |
159 The wanboot Build |
152 The wanboot Build |
160 ---- |
153 ---- |
161 |
154 |
162 There are some significant differences when building OpenSSL for wanboot. |
155 There are some significant differences when building OpenSSL for wanboot. |