--- a/components/openssl/openssl-1.0.1/patches/15-pkcs11_engine-0.9.8a.patch Tue Mar 24 10:15:01 2015 -0700
+++ b/components/openssl/openssl-1.0.1/patches/15-pkcs11_engine-0.9.8a.patch Tue Mar 24 20:05:38 2015 -0700
@@ -1,3 +1,7 @@
+#
+# This patch file adds the Solaris's pkcs11 engine.
+# This is Solaris-specific (developed in house): not suitable for upstream.
+#
--- /tmp/Configure Fri Feb 11 14:40:39 2011
+++ openssl-1.0.0d/Configure Fri Feb 11 14:41:36 2011
@@ -10,7 +10,7 @@
@@ -29,7 +33,7 @@
my $prefix="";
my $libdir="";
my $openssldir="";
-@@ -876,6 +879,10 @@
+@@ -882,6 +888,10 @@
$_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
$flags.=$_." ";
}
@@ -40,7 +44,7 @@
elsif (/^--prefix=(.*)$/)
{
$prefix=$1;
-@@ -1043,6 +1054,13 @@
+@@ -1049,6 +1059,13 @@
exit 0;
}
@@ -54,7 +58,7 @@
if ($target =~ m/^CygWin32(-.*)$/) {
$target = "Cygwin".$1;
}
-@@ -1209,6 +1226,8 @@
+@@ -1215,6 +1232,8 @@
if ($flags ne "") { $cflags="$flags$cflags"; }
else { $no_user_cflags=1; }
@@ -63,7 +67,7 @@
# Kerberos settings. The flavor must be provided from outside, either through
# the script "config" or manually.
if (!$no_krb5)
-@@ -1598,6 +1617,7 @@
+@@ -1604,6 +1623,7 @@
s/^VERSION=.*/VERSION=$version/;
s/^MAJOR=.*/MAJOR=$major/;
s/^MINOR=.*/MINOR=$minor/;
@@ -83,8 +87,8 @@
# Do not edit this manually. Use Configure --openssldir=DIR do change this!
OPENSSLDIR=/usr/local/ssl
---- openssl-1.0.1f/engines/Makefile.~1~ Thu Jan 30 10:42:05 2014
-+++ openssl-1.0.1f/engines/Makefile Thu Jan 30 10:45:27 2014
+--- /tmp/Makefile Mon Feb 14 14:59:22 2011
++++ openssl-1.0.0d/engines/Makefile Mon Feb 14 15:00:35 2011
@@ -26,7 +26,8 @@
APPS=
@@ -134,15 +138,15 @@
link_o.$(SHLIB_TARGET); \
done; \
else \
---- openssl-1.0.1f/crypto/engine/eng_all.c.~1~ Thu Jan 30 10:55:48 2014
-+++ openssl-1.0.1f/crypto/engine/eng_all.c Thu Jan 30 10:57:29 2014
-@@ -59,6 +59,16 @@
+--- crypto/engine/eng_all.c Thu Sep 5 12:59:50 2013
++++ openssl-1.0.1e/crypto/engine/eng_all.c Thu Sep 5 12:59:50 2013
+@@ -60,6 +60,16 @@
#include "cryptlib.h"
#include "eng_int.h"
-
+
+/*
+ * pkcs11 engine no longer is a built-in engine, and ENGINE_load_pk11() needs to be
-+ * defined in libcrypto.so for ssh. Instead of load pkcs11 engine, it loads dynamic
++ * defined in libcrypto.so for ssh. Instead of load pkcs11 engine, it load dynamic
+ * engines.
+ */
+void ENGINE_load_pk11(void)
@@ -151,42 +155,40 @@
+ }
+
void ENGINE_load_builtin_engines(void)
- {
- /* Some ENGINEs need this */
---- openssl-1.0.1f/crypto/dso/dso_lib.c.~1~ Thu Jan 30 11:04:41 2014
-+++ openssl-1.0.1f/crypto/dso/dso_lib.c Thu Jan 30 11:29:40 2014
-@@ -426,6 +426,26 @@
- DSOerr(DSO_F_DSO_CONVERT_FILENAME,DSO_R_NO_FILENAME);
- return(NULL);
- }
-+/*
-+ * For pkcs11 engine, use libpk11.so (instead of libpkcs11.so) to
-+ * avoid the name collision with PKCS#11 library.
-+ */
-+ if (strcmp(filename, "pkcs11") == 0)
-+ {
-+#ifdef _LP64
-+ static const char fullpath[] = "/lib/openssl/engines/64/libpk11.so";
+ {
+ /* Some ENGINEs need this */
+--- crypto/dso/dso_lib.c Thu Sep 5 12:59:50 2013
++++ openssl-1.0.1e/crypto/dso/dso_lib.c Thu Sep 5 12:59:50 2013
+@@ -396,6 +396,24 @@
+ DSOerr(DSO_F_DSO_CONVERT_FILENAME, DSO_R_NO_FILENAME);
+ return (NULL);
+ }
++ /*
++ * For pkcs11 engine, use libpk11.so (instead of libpkcs11.so) to
++ * avoid the name collision with PKCS#11 library.
++ */
++ if (strcmp(filename, "pkcs11") == 0) {
++#ifdef _LP64
++ static const char fullpath[] = "/lib/openssl/engines/64/libpk11.so";
+#else
-+ static const char fullpath[] = "/lib/openssl/engines/libpk11.so";
++ static const char fullpath[] = "/lib/openssl/engines/libpk11.so";
+#endif
-+ result = OPENSSL_malloc(strlen(fullpath) + 1);
-+ if (result == NULL)
-+ {
-+ DSOerr(DSO_F_DSO_CONVERT_FILENAME, ERR_R_MALLOC_FAILURE);
-+ return(NULL);
-+ }
-+ BUF_strlcpy(result, fullpath, sizeof(fullpath));
-+ return(result);
-+ }
- if((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0)
- {
- if(dso->name_converter != NULL)
++ result = OPENSSL_malloc(strlen(fullpath) + 1);
++ if(result == NULL) {
++ DSOerr(DSO_F_DSO_CONVERT_FILENAME, ERR_R_MALLOC_FAILURE);
++ return(NULL);
++ }
++ BUF_strlcpy(result, fullpath, strlen(fullpath) + 1);
++ return (result);
++ }
+ if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) {
+ if (dso->name_converter != NULL)
+ result = dso->name_converter(dso, filename);
--- /tmp/engine.h Fri Feb 11 14:46:24 2011
+++ openssl-1.0.0d/crypto/engine/engine.h Fri Feb 11 14:47:32 2011
-@@ -351,6 +351,7 @@
- #endif
- #endif
+@@ -413,6 +413,7 @@
+ # endif
+ # endif
void ENGINE_load_cryptodev(void);
+void ENGINE_load_pk11(void);
void ENGINE_load_rsax(void);