--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openssl/openssl-1.0.1-fips-140/patches/26-openssl_fips.patch Mon Dec 09 15:11:31 2013 -0800
@@ -0,0 +1,82 @@
+--- openssl-0.9.8m/apps/openssl.c Thu Oct 15 19:28:02 2009
++++ openssl-0.9.8m/apps/openssl.c Fri Feb 26 16:12:30 2010
+@@ -133,6 +133,9 @@
+ #include <openssl/fips.h>
+ #endif
+
++/* Solaris OpenSSL */
++#include <dlfcn.h>
++
+ /* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with the
+ * base prototypes (we cast each variable inside the function to the required
+ * type of "FUNCTION*"). This removes the necessity for macro-generated wrapper
+@@ -152,9 +155,10 @@
+ #endif
+
+
++static int *modes;
++
+ static void lock_dbg_cb(int mode, int type, const char *file, int line)
+ {
+- static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
+ const char *errstr = NULL;
+ int rw;
+
+@@ -165,7 +169,7 @@
+ goto err;
+ }
+
+- if (type < 0 || type >= CRYPTO_NUM_LOCKS)
++ if (type < 0 || type >= CRYPTO_num_locks())
+ {
+ errstr = "type out of bounds";
+ goto err;
+@@ -310,6 +314,14 @@
+ if (getenv("OPENSSL_DEBUG_LOCKING") != NULL)
+ #endif
+ {
++ modes = OPENSSL_malloc(CRYPTO_num_locks() * sizeof (int));
++ if (modes == NULL) {
++ ERR_load_crypto_strings();
++ BIO_printf(bio_err,"Memory allocation failure\n");
++ ERR_print_errors(bio_err);
++ EXIT(1);
++ }
++ memset(modes, 0, CRYPTO_num_locks() * sizeof (int));
+ CRYPTO_set_locking_callback(lock_dbg_cb);
+ }
+
+@@ -313,18 +325,28 @@
+ CRYPTO_set_locking_callback(lock_dbg_cb);
+ }
+
++/*
++ * Solaris OpenSSL
++ * Add a further check for the FIPS_mode_set() symbol before calling to
++ * allow openssl(1openssl) to be run against both fips and non-fips libraries.
++ */
+ if(getenv("OPENSSL_FIPS")) {
+-#ifdef OPENSSL_FIPS
+- if (!FIPS_mode_set(1)) {
++
++ int (*FIPS_mode_set)(int);
++ FIPS_mode_set = (int (*)(int)) dlsym(RTLD_NEXT, "FIPS_mode_set");
++
++ if (FIPS_mode_set != NULL) {
++ if (!(*FIPS_mode_set)(1)) {
+ ERR_load_crypto_strings();
+ ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
+ EXIT(1);
+ }
+-#else
+- fprintf(stderr, "FIPS mode not supported.\n");
++ } else {
++ fprintf(stderr, "Failed to enable FIPS mode. "
++ "For more information about running in FIPS mode see openssl(5).\n");
+ EXIT(1);
+-#endif
+ }
++ }
+
+ apps_startup();
+