--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/pam_pkcs11/patches/03-module_ISA_fix.patch Tue Sep 20 12:05:25 2016 -0700
@@ -0,0 +1,258 @@
+#
+# This patch is to add the ISA (Instruction Set Architecture) support to
+# module paths in the pam_pkcs11.conf configuration file of the PAM_PKCS11
+# component, so that the PAM_PKCS11 module can be used for both 32 and
+# 64 bit applications at the same time. This patch is for Solaris only.
+#
+--- pam_pkcs11-0.6.8_ORIG/src/common/strings.h Sat Oct 23 11:36:36 2010
++++ pam_pkcs11-0.6.8_NEW/src/common/strings.h Thu Sep 1 13:47:52 2016
+@@ -125,6 +125,16 @@
+ */
+ M_EXTERN char *trim(const char *str);
+
++#ifdef MODULE_ISA_FIX
++/**
++ * Expand PAM_ISA ("/$ISA/") in a path.
++ * For example, /usr/lib/$ISA/libpkcs11.so will be expanded to
++ * /usr/lib/64/libpkcs11.so for 64 bit applications and to
++ * /usr/lib/32/libpkcs11.so for 32 bit applications.
++ */
++M_EXTERN int expand_isa_path(const char *in, char *out, size_t out_len);
++#endif
++
+ #undef M_EXTERN
+
+ #endif
+--- pam_pkcs11-0.6.8_ORIG/src/common/strings.c Sat Oct 23 11:36:36 2010
++++ pam_pkcs11-0.6.8_NEW/src/common/strings.c Fri Sep 2 10:08:11 2016
+@@ -34,6 +34,17 @@
+ #include <unistd.h>
+ #include "strings.h"
+
++#ifdef MODULE_ISA_FIX
++#include <sys/param.h>
++
++#define PAM_ISA "/$ISA/"
++#ifdef _LP64
++#define PAM_ISA_DIR "/64/"
++#else /* !_LP64 */
++#define PAM_ISA_DIR "/32/"
++#endif /* _LP64 */
++#endif
++
+ /*
+ check for null or blank string
+ */
+@@ -182,4 +193,33 @@
+ return res;
+ }
+
++
++#ifdef MODULE_ISA_FIX
++/*
++ * Expand PAM_ISA ("/$ISA/") in a module path.
++ */
++int expand_isa_path(const char *in, char *out, size_t out_len) {
++ char *isa;
++ char buf[MAXPATHLEN];
++
++ if (strlcpy(buf, in, sizeof (buf)) >= sizeof (buf)) { /* too long */
++ return 1;
++ }
++
++ /* Check for Instruction Set Architecture indicator */
++ if ((isa = strstr(buf, PAM_ISA)) != NULL) {
++ *isa = '\000';
++ isa += strlen(PAM_ISA);
++ if (snprintf(out, out_len, "%s%s%s", buf, PAM_ISA_DIR,
++ isa) >= out_len) {
++ return 1;
++ }
++ } else if (strlcpy(out, in, out_len) >= out_len) {
++ return 1;
++ }
++
++ return 0;
++}
++#endif
++
+ #endif /* __STRINGS_C_ */
+--- pam_pkcs11-0.6.8_ORIG/src/pam_pkcs11/pam_pkcs11.c Sat Apr 7 09:55:19 2012
++++ pam_pkcs11-0.6.8_NEW/src/pam_pkcs11/pam_pkcs11.c Thu Sep 1 13:54:27 2016
+@@ -57,6 +57,10 @@
+ #endif
+ #define LOGNAME "PAM-PKCS11" /* name for log-file entries */
+
++#ifdef MODULE_ISA_FIX
++#include <sys/param.h>
++#endif
++
+ /*
+ * comodity function that returns 1 on null, empty o spaced string
+ */
+@@ -198,6 +202,9 @@
+ char env_temp[256] = "";
+ char **issuer, **serial;
+ const char *login_token_name = NULL;
++#ifdef MODULE_ISA_FIX
++ char real_pkcs11_modulepath[MAXPATHLEN];
++#endif
+
+ pam_prompt(pamh, PAM_TEXT_INFO , NULL, _("Smartcard authentification starts"));
+
+@@ -315,9 +322,28 @@
+ return PAM_IGNORE;
+ }
+
++#ifdef MODULE_ISA_FIX
++ /* get the real pkcs11 module path */
++ rv = expand_isa_path(configuration->pkcs11_modulepath,
++ real_pkcs11_modulepath, sizeof (real_pkcs11_modulepath));
++ if (rv) {
++ pam_syslog(pamh, LOG_ERR,
++ "load_pkcs11_module(): problem with pkcs11 module path");
++ return PAM_AUTHINFO_UNAVAIL;
++ } else {
++ DBG1("The real PKCS11 module path is %s", real_pkcs11_modulepath);
++ }
++#endif
++
+ /* load pkcs #11 module */
+ DBG("loading pkcs #11 module...");
++
++#ifdef MODULE_ISA_FIX
++ rv = load_pkcs11_module(real_pkcs11_modulepath, &ph);
++#else
+ rv = load_pkcs11_module(configuration->pkcs11_modulepath, &ph);
++#endif
++
+ if (rv != 0) {
+ ERR2("load_pkcs11_module() failed loading %s: %s",
+ configuration->pkcs11_modulepath, get_error());
+--- pam_pkcs11-0.6.8_ORIG/src/pam_pkcs11/mapper_mgr.c Sat Jul 9 05:20:48 2011
++++ pam_pkcs11-0.6.8_NEW/src/pam_pkcs11/mapper_mgr.c Thu Sep 1 13:57:17 2016
+@@ -38,6 +38,10 @@
+ #include "../mappers/mapperlist.h"
+ #include "mapper_mgr.h"
+
++#ifdef MODULE_ISA_FIX
++#include <sys/param.h>
++#endif
++
+ struct mapper_listitem *root_mapper_list;
+
+ /*
+@@ -54,6 +58,9 @@
+ int old_level=get_debug_level();
+ const char *libname = NULL;
+ mapper_module * res = NULL;
++#ifdef MODULE_ISA_FIX
++ char real_libname[MAXPATHLEN];
++#endif
+
+ /* get module info */
+ root = scconf_find_block(ctx,NULL,"pam_pkcs11");
+@@ -93,7 +100,17 @@
+ }
+ } else if (blk) { /* assume dynamic module */
+ DBG1("Loading dynamic module for mapper '%s'",name);
++#ifdef MODULE_ISA_FIX
++ if (expand_isa_path(libname, real_libname, sizeof (real_libname))) {
++ DBG1("Problem in module path %s", libname);
++ return NULL;
++ } else {
++ DBG1("Module path is %s", real_libname);
++ }
++ handler= dlopen(real_libname, RTLD_NOW);
++#else
+ handler= dlopen(libname,RTLD_NOW);
++#endif
+ if (!handler) {
+ DBG3("dlopen failed for module: %s path: %s Error: %s",name,libname,dlerror());
+ return NULL;
+--- pam_pkcs11-0.6.8_ORIG/src/tools/pkcs11_inspect.c Fri Apr 6 13:08:25 2012
++++ pam_pkcs11-0.6.8_NEW/src/tools/pkcs11_inspect.c Thu Sep 1 13:58:46 2016
+@@ -32,6 +32,10 @@
+ #include "../pam_pkcs11/pam_config.h"
+ #include "../pam_pkcs11/mapper_mgr.h"
+
++#ifdef MODULE_ISA_FIX
++#include <sys/param.h>
++#endif
++
+ int main(int argc, const char **argv) {
+ int i, rv;
+ pkcs11_handle_t *ph;
+@@ -39,6 +43,9 @@
+ unsigned int slot_num = 0;
+ cert_object_t **certs;
+ int cert_count;
++#ifdef MODULE_ISA_FIX
++ char real_pkcs11_modulepath[MAXPATHLEN];
++#endif
+
+ /* first of all check whether debugging should be enabled */
+ for (i = 0; i < argc; i++)
+@@ -67,7 +74,19 @@
+
+ /* load pkcs #11 module */
+ DBG("loading pkcs #11 module...");
++
++#ifdef MODULE_ISA_FIX
++ rv = expand_isa_path(configuration->pkcs11_modulepath,
++ real_pkcs11_modulepath, sizeof (real_pkcs11_modulepath));
++ if (rv) {
++ ERR("Error in the PKCS11 module path");
++ return 1;
++ }
++ rv = load_pkcs11_module(real_pkcs11_modulepath, &ph);
++#else
+ rv = load_pkcs11_module(configuration->pkcs11_modulepath, &ph);
++#endif
++
+ if (rv != 0) {
+ ERR2("load_pkcs11_module(%s) failed: %s", configuration->pkcs11_modulepath,
+ get_error());
+--- pam_pkcs11-0.6.8_ORIG/src/tools/pklogin_finder.c Fri Apr 6 13:08:25 2012
++++ pam_pkcs11-0.6.8_NEW/src/tools/pklogin_finder.c Thu Sep 1 13:59:18 2016
+@@ -32,6 +32,10 @@
+ #include "../pam_pkcs11/pam_config.h"
+ #include "../pam_pkcs11/mapper_mgr.h"
+
++#ifdef MODULE_ISA_FIX
++#include <sys/param.h>
++#endif
++
+ int main(int argc, const char **argv) {
+ int i, rv;
+ char *user = NULL;
+@@ -40,6 +44,9 @@
+ cert_object_t **certs;
+ int cert_count;
+ unsigned int slot_num = 0;
++#ifdef MODULE_ISA_FIX
++ char real_pkcs11_modulepath[MAXPATHLEN];
++#endif
+
+
+ /* first of all check whether debugging should be enabled */
+@@ -69,7 +76,19 @@
+
+ /* load pkcs #11 module */
+ DBG("loading pkcs #11 module...");
++
++#ifdef MODULE_ISA_FIX
++ rv = expand_isa_path(configuration->pkcs11_modulepath,
++ real_pkcs11_modulepath, sizeof (real_pkcs11_modulepath));
++ if (rv) {
++ ERR("Error in the PKCS11 module path");
++ return 1;
++ }
++ rv = load_pkcs11_module(real_pkcs11_modulepath, &ph);
++#else
+ rv = load_pkcs11_module(configuration->pkcs11_modulepath, &ph);
++#endif
++
+ if (rv != 0) {
+ DBG1("load_pkcs11_module() failed: %s", get_error());
+ return 1;