66 @@ -1598,6 +1617,7 @@ |
66 @@ -1598,6 +1617,7 @@ |
67 s/^VERSION=.*/VERSION=$version/; |
67 s/^VERSION=.*/VERSION=$version/; |
68 s/^MAJOR=.*/MAJOR=$major/; |
68 s/^MAJOR=.*/MAJOR=$major/; |
69 s/^MINOR=.*/MINOR=$minor/; |
69 s/^MINOR=.*/MINOR=$minor/; |
70 + s/^PK11_LIB_LOCATION=.*/PK11_LIB_LOCATION=$pk11_libname/; |
70 + s/^PK11_LIB_LOCATION=.*/PK11_LIB_LOCATION=$pk11_libname/; |
71 s/^SHLIB_VERSION_NUMBER=.*/SHLIB_VERSION_NUMBER=$shlib_version_number/; |
71 s/^SHLIB_VERSION_NUMBER=.*/SHLIB_VERSION_NUMBER=$shlib_version_number/; |
72 s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/; |
72 s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/; |
73 s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/; |
73 s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/; |
74 --- /tmp/Makefile.org Fri Feb 11 14:41:54 2011 |
74 --- /tmp/Makefile.org Fri Feb 11 14:41:54 2011 |
75 +++ openssl-1.0.0d/Makefile.org Fri Feb 11 14:38:01 2011 |
75 +++ openssl-1.0.0d/Makefile.org Fri Feb 11 14:38:01 2011 |
76 @@ -26,6 +26,9 @@ |
76 @@ -26,6 +26,9 @@ |
81 +PK11_LIB_LOCATION= |
81 +PK11_LIB_LOCATION= |
82 + |
82 + |
83 # Do not edit this manually. Use Configure --openssldir=DIR do change this! |
83 # Do not edit this manually. Use Configure --openssldir=DIR do change this! |
84 OPENSSLDIR=/usr/local/ssl |
84 OPENSSLDIR=/usr/local/ssl |
85 |
85 |
86 --- /tmp/Makefile Fri Feb 11 14:42:03 2011 |
86 --- openssl-1.0.1e/engines/Makefile.~1~ Fri Nov 22 13:40:31 2013 |
87 +++ openssl-1.0.0d/crypto/engine/Makefile Fri Feb 11 14:45:43 2011 |
87 +++ openssl-1.0.1e/engines/Makefile Fri Nov 22 13:43:46 2013 |
88 @@ -22,13 +22,13 @@ |
88 @@ -26,7 +26,8 @@ |
89 tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_ecdh.c tb_rand.c tb_store.c \ |
89 APPS= |
90 tb_cipher.c tb_digest.c tb_pkmeth.c tb_asnmth.c \ |
90 |
91 eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c \ |
91 LIB=$(TOP)/libcrypto.a |
92 - eng_rsax.c eng_rdrand.c |
92 -LIBNAMES= 4758cca aep atalla cswift gmp chil nuron sureware ubsec padlock capi |
93 + eng_rsax.c eng_rdrand.c hw_pk11.c hw_pk11_pub.c hw_pk11_uri.c |
93 +LIBNAMES= 4758cca aep atalla cswift gmp chil nuron sureware ubsec padlock capi \ |
94 LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \ |
94 + pk11 |
95 eng_table.o eng_pkey.o eng_fat.o eng_all.o \ |
95 |
96 tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_ecdh.o tb_rand.o tb_store.o \ |
96 LIBSRC= e_4758cca.c \ |
97 tb_cipher.o tb_digest.o tb_pkmeth.o tb_asnmth.o \ |
97 e_aep.c \ |
98 eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o \ |
98 @@ -38,7 +39,8 @@ |
99 - eng_rsax.o eng_rdrand.o |
99 e_sureware.c \ |
100 + eng_rsax.o eng_rdrand.o hw_pk11.o hw_pk11_pub.o hw_pk11_uri.o |
100 e_ubsec.c \ |
101 |
101 e_padlock.c \ |
|
102 - e_capi.c |
|
103 + e_capi.c \ |
|
104 + e_pk11.c |
|
105 LIBOBJ= e_4758cca.o \ |
|
106 e_aep.o \ |
|
107 e_atalla.o \ |
|
108 @@ -49,7 +51,8 @@ |
|
109 e_sureware.o \ |
|
110 e_ubsec.o \ |
|
111 e_padlock.o \ |
|
112 - e_capi.o |
|
113 + e_capi.o \ |
|
114 + e_pk11.o |
|
115 |
102 SRC= $(LIBSRC) |
116 SRC= $(LIBSRC) |
103 |
117 |
104 --- /tmp/eng_all.c Fri Feb 11 14:46:11 2011 |
118 @@ -63,7 +66,8 @@ |
105 +++ openssl-1.0.0d/crypto/engine/eng_all.c Fri Feb 11 14:38:01 2011 |
119 e_nuron_err.c e_nuron_err.h \ |
106 @@ -80,6 +80,9 @@ |
120 e_sureware_err.c e_sureware_err.h \ |
|
121 e_ubsec_err.c e_ubsec_err.h \ |
|
122 - e_capi_err.c e_capi_err.h |
|
123 + e_capi_err.c e_capi_err.h \ |
|
124 + e_pk11.h e_pk11_uri.h e_pk11_err.h e_pk11_pub.c e_pk11_uri.c e_pk11_err.c |
|
125 |
|
126 ALL= $(GENERAL) $(SRC) $(HEADER) |
|
127 |
|
128 @@ -78,7 +82,7 @@ |
|
129 for l in $(LIBNAMES); do \ |
|
130 $(MAKE) -f ../Makefile.shared -e \ |
|
131 LIBNAME=$$l LIBEXTRAS=e_$$l.o \ |
|
132 - LIBDEPS='-L.. -lcrypto $(EX_LIBS)' \ |
|
133 + LIBDEPS='-L.. -lcrypto -lcryptoutil $(EX_LIBS)' \ |
|
134 link_o.$(SHLIB_TARGET); \ |
|
135 done; \ |
|
136 else \ |
|
137 --- openssl-1.0.1e/crypto/engine/eng_all.c.~1~ Mon Feb 11 07:26:04 2013 |
|
138 +++ openssl-1.0.1e/crypto/engine/eng_all.c Wed Nov 20 11:38:05 2013 |
|
139 @@ -59,6 +59,16 @@ |
|
140 #include "cryptlib.h" |
|
141 #include "eng_int.h" |
|
142 |
|
143 +/* |
|
144 + * pkcs11 engine no longer is a built-in engine, and ENGINE_load_pk11() needs to be |
|
145 + * defined in libcrypto.so for ssh. Instead of load pkcs11 engine, it loads dynamic |
|
146 + * engines. |
|
147 + */ |
|
148 +void ENGINE_load_pk11(void) |
|
149 + { |
|
150 + ENGINE_load_dynamic(); |
|
151 + } |
|
152 + |
|
153 void ENGINE_load_builtin_engines(void) |
|
154 { |
|
155 /* Some ENGINEs need this */ |
|
156 @@ -80,6 +90,9 @@ |
107 ENGINE_load_rdrand(); |
157 ENGINE_load_rdrand(); |
108 #endif |
158 #endif |
109 ENGINE_load_dynamic(); |
159 ENGINE_load_dynamic(); |
110 +#ifndef OPENSSL_NO_HW_PKCS11 |
160 +#ifndef OPENSSL_NO_HW_PKCS11 |
111 + ENGINE_load_pk11(); |
161 + ENGINE_load_pk11(); |
112 +#endif |
162 +#endif |
113 #ifndef OPENSSL_NO_STATIC_ENGINE |
163 #ifndef OPENSSL_NO_STATIC_ENGINE |
114 #ifndef OPENSSL_NO_HW |
164 #ifndef OPENSSL_NO_HW |
115 #ifndef OPENSSL_NO_HW_4758_CCA |
165 #ifndef OPENSSL_NO_HW_4758_CCA |
|
166 --- openssl-1.0.1e/crypto/dso/dso_lib.c.~1~ Wed Nov 20 13:10:57 2013 |
|
167 +++ openssl-1.0.1e/crypto/dso/dso_lib.c Wed Nov 20 13:30:46 2013 |
|
168 @@ -426,6 +426,26 @@ |
|
169 DSOerr(DSO_F_DSO_CONVERT_FILENAME,DSO_R_NO_FILENAME); |
|
170 return(NULL); |
|
171 } |
|
172 + /* |
|
173 + * For pkcs11 engine, use libpk11.so (instead of libpkcs11.so) to |
|
174 + * avoid the name collision with PKCS#11 library. |
|
175 + */ |
|
176 + if (strcmp(filename, "pkcs11") == 0) |
|
177 + { |
|
178 +#ifdef _LP64 |
|
179 + static const char fullpath[] = "/lib/openssl/engines/64/libpk11.so"; |
|
180 +#else |
|
181 + static const char fullpath[] = "/lib/openssl/engines/libpk11.so"; |
|
182 +#endif |
|
183 + result = OPENSSL_malloc(strlen(fullpath) + 1); |
|
184 + if(result == NULL) |
|
185 + { |
|
186 + DSOerr(DSO_F_DSO_CONVERT_FILENAME, ERR_R_MALLOC_FAILURE); |
|
187 + return(NULL); |
|
188 + } |
|
189 + BUF_strlcpy(result, fullpath, sizeof(fullpath)); |
|
190 + return(result); |
|
191 + } |
|
192 if((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) |
|
193 { |
|
194 if(dso->name_converter != NULL) |
116 --- /tmp/engine.h Fri Feb 11 14:46:24 2011 |
195 --- /tmp/engine.h Fri Feb 11 14:46:24 2011 |
117 +++ openssl-1.0.0d/crypto/engine/engine.h Fri Feb 11 14:47:32 2011 |
196 +++ openssl-1.0.0d/crypto/engine/engine.h Fri Feb 11 14:47:32 2011 |
118 @@ -351,6 +351,7 @@ |
197 @@ -351,6 +351,7 @@ |
119 #endif |
198 #endif |
120 #endif |
199 #endif |