Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssl/openssl-1.0.1-fips-140/patches/15-pkcs11_engine-0.9.8a.patch
branchs11-update
changeset 4006 c737cefdce54
parent 2921 8da1e7689d13 
--- a/components/openssl/openssl-1.0.1-fips-140/patches/15-pkcs11_engine-0.9.8a.patch	Sat Mar 21 08:00:32 2015 -0700
+++ b/components/openssl/openssl-1.0.1-fips-140/patches/15-pkcs11_engine-0.9.8a.patch	Sun Mar 22 13:14:43 2015 -0700
@@ -1,3 +1,7 @@
+#
+# This patch file adds the Solaris's pkcs11 engine.
+# This is Solaris-specific (developed in house): not suitable for upstream.
+#
 --- /tmp/Configure	Fri Feb 11 14:40:39 2011
 +++ openssl-1.0.0d/Configure	Fri Feb 11 14:41:36 2011
 @@ -10,7 +10,7 @@
@@ -29,7 +33,7 @@
  my $prefix="";
  my $libdir="";
  my $openssldir="";
-@@ -876,6 +879,10 @@
+@@ -882,6 +888,10 @@
 				$_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
 				$flags.=$_." ";
 				}
@@ -40,7 +44,7 @@
 			elsif (/^--prefix=(.*)$/)
 				{
 				$prefix=$1;
-@@ -1043,6 +1054,13 @@
+@@ -1049,6 +1059,13 @@
  	exit 0;
  }
  
@@ -54,7 +58,7 @@
  if ($target =~ m/^CygWin32(-.*)$/) {
  	$target = "Cygwin".$1;
  }
-@@ -1209,6 +1226,8 @@
+@@ -1215,6 +1232,8 @@
  if ($flags ne "")	{ $cflags="$flags$cflags"; }
  else			{ $no_user_cflags=1;       }
  
@@ -63,12 +67,12 @@
  # Kerberos settings.  The flavor must be provided from outside, either through
  # the script "config" or manually.
  if (!$no_krb5)
-@@ -1598,6 +1617,7 @@
+@@ -1604,6 +1623,7 @@
  	s/^VERSION=.*/VERSION=$version/;
  	s/^MAJOR=.*/MAJOR=$major/;
  	s/^MINOR=.*/MINOR=$minor/;
 +	s/^PK11_LIB_LOCATION=.*/PK11_LIB_LOCATION=$pk11_libname/;
-	s/^SHLIB_VERSION_NUMBER=.*/SHLIB_VERSION_NUMBER=$shlib_version_number/;
+ 	s/^SHLIB_VERSION_NUMBER=.*/SHLIB_VERSION_NUMBER=$shlib_version_number/;
  	s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/;
  	s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/;
 --- /tmp/Makefile.org	Fri Feb 11 14:41:54 2011
@@ -83,32 +87,32 @@
  # Do not edit this manually. Use Configure --openssldir=DIR do change this!
  OPENSSLDIR=/usr/local/ssl
  
---- openssl-1.0.1e/engines/Makefile.~1~        Fri Nov 22 13:40:31 2013
-+++ openssl-1.0.1e/engines/Makefile    Fri Nov 22 13:43:46 2013
+--- /tmp/Makefile	Mon Feb 14 14:59:22 2011
++++ openssl-1.0.0d/engines/Makefile	Mon Feb 14 15:00:35 2011
 @@ -26,7 +26,8 @@
  APPS=
  
  LIB=$(TOP)/libcrypto.a
 -LIBNAMES= 4758cca aep atalla cswift gmp chil nuron sureware ubsec padlock capi
 +LIBNAMES= 4758cca aep atalla cswift gmp chil nuron sureware ubsec padlock capi \
-+	pk11
++	  pk11
  
  LIBSRC=	e_4758cca.c \
-	e_aep.c \
+ 	e_aep.c \
 @@ -38,7 +39,8 @@
-	e_sureware.c \
-	e_ubsec.c \
-	e_padlock.c \
+ 	e_sureware.c \
+ 	e_ubsec.c \
+ 	e_padlock.c \
 -	e_capi.c
 +	e_capi.c \
 +	e_pk11.c
  LIBOBJ= e_4758cca.o \
-	e_aep.o \
-	e_atalla.o \
+ 	e_aep.o \
+ 	e_atalla.o \
 @@ -49,7 +51,8 @@
-	e_sureware.o \
-	e_ubsec.o \
-	e_padlock.o \
+ 	e_sureware.o \
+ 	e_ubsec.o \
+ 	e_padlock.o \
 -	e_capi.o
 +	e_capi.o \
 +	e_pk11.o
@@ -116,9 +120,9 @@
  SRC= $(LIBSRC)
  
 @@ -63,7 +66,8 @@
-	e_nuron_err.c e_nuron_err.h \
-	e_sureware_err.c e_sureware_err.h \
-	e_ubsec_err.c e_ubsec_err.h \
+ 	e_nuron_err.c e_nuron_err.h \
+ 	e_sureware_err.c e_sureware_err.h \
+ 	e_ubsec_err.c e_ubsec_err.h \
 -	e_capi_err.c e_capi_err.h
 +	e_capi_err.c e_capi_err.h \
 +	e_pk11.h e_pk11_uri.h e_pk11_err.h e_pk11_pub.c e_pk11_uri.c e_pk11_err.c
@@ -126,23 +130,23 @@
  ALL=    $(GENERAL) $(SRC) $(HEADER)
  
 @@ -78,7 +82,7 @@
-		for l in $(LIBNAMES); do \
-			$(MAKE) -f ../Makefile.shared -e \
-				LIBNAME=$$l LIBEXTRAS=e_$$l.o \
+ 		for l in $(LIBNAMES); do \
+ 			$(MAKE) -f ../Makefile.shared -e \
+ 				LIBNAME=$$l LIBEXTRAS=e_$$l.o \
 -				LIBDEPS='-L.. -lcrypto $(EX_LIBS)' \
 +				LIBDEPS='-L.. -lcrypto -lcryptoutil $(EX_LIBS)' \
-				link_o.$(SHLIB_TARGET); \
-		done; \
-	else \
---- openssl-1.0.1e/crypto/engine/eng_all.c.~1~       Mon Feb 11 07:26:04 2013
-+++ openssl-1.0.1e/crypto/engine/eng_all.c   Wed Nov 20 11:38:05 2013
-@@ -59,6 +59,16 @@
+ 				link_o.$(SHLIB_TARGET); \
+ 		done; \
+ 	else \
+--- crypto/engine/eng_all.c Thu Sep  5 12:59:50 2013
++++ openssl-1.0.1e/crypto/engine/eng_all.c Thu Sep  5 12:59:50 2013
+@@ -60,6 +60,16 @@
  #include "cryptlib.h"
  #include "eng_int.h"
- 
+
 +/*
 + * pkcs11 engine no longer is a built-in engine, and ENGINE_load_pk11() needs to be
-+ * defined in libcrypto.so for ssh. Instead of load pkcs11 engine, it loads dynamic
++ * defined in libcrypto.so for ssh.  Instead of load pkcs11 engine, it load dynamic
 + * engines.
 + */
 +void ENGINE_load_pk11(void)
@@ -151,52 +155,50 @@
 +	}
 +
  void ENGINE_load_builtin_engines(void)
-	{
-	/* Some ENGINEs need this */
+ {
+     /* Some ENGINEs need this */
 @@ -80,6 +90,9 @@
-	ENGINE_load_rdrand();
+     ENGINE_load_rdrand();
  #endif
-	ENGINE_load_dynamic();
+     ENGINE_load_dynamic();
 +#ifndef OPENSSL_NO_HW_PKCS11
-+	ENGINE_load_pk11();
++    ENGINE_load_pk11();
 +#endif
  #ifndef OPENSSL_NO_STATIC_ENGINE
- #ifndef OPENSSL_NO_HW
- #ifndef OPENSSL_NO_HW_4758_CCA
---- openssl-1.0.1e/crypto/dso/dso_lib.c.~1~       Wed Nov 20 13:10:57 2013
-+++ openssl-1.0.1e/crypto/dso/dso_lib.c   Wed Nov 20 13:30:46 2013
-@@ -426,6 +426,26 @@
-		DSOerr(DSO_F_DSO_CONVERT_FILENAME,DSO_R_NO_FILENAME);
-		return(NULL);
-		}
-+	/*
-+	 * For pkcs11 engine, use libpk11.so (instead of libpkcs11.so) to
-+	 * avoid the name collision with PKCS#11 library.
-+	 */
-+	if (strcmp(filename, "pkcs11") == 0)
-+		{
-+#ifdef _LP64
-+		static const char fullpath[] = "/lib/openssl/engines/64/libpk11.so";
+ # ifndef OPENSSL_NO_HW
+ #  ifndef OPENSSL_NO_HW_4758_CCA
+--- crypto/dso/dso_lib.c Thu Sep  5 12:59:50 2013
++++ openssl-1.0.1e/crypto/dso/dso_lib.c Thu Sep  5 12:59:50 2013
+@@ -396,6 +396,24 @@
+         DSOerr(DSO_F_DSO_CONVERT_FILENAME, DSO_R_NO_FILENAME);
+         return (NULL);
+     }
++    /*
++     * For pkcs11 engine, use libpk11.so (instead of libpkcs11.so) to
++     * avoid the name collision with PKCS#11 library.
++     */
++    if (strcmp(filename, "pkcs11") == 0) {
++#ifdef  _LP64
++        static const char fullpath[] = "/lib/openssl/engines/64/libpk11.so";
 +#else
-+		static const char fullpath[] = "/lib/openssl/engines/libpk11.so";
++        static const char fullpath[] = "/lib/openssl/engines/libpk11.so";
 +#endif
-+		result = OPENSSL_malloc(strlen(fullpath) + 1);
-+		if(result == NULL)
-+			{
-+			DSOerr(DSO_F_DSO_CONVERT_FILENAME, ERR_R_MALLOC_FAILURE);
-+			return(NULL);
-+			}
-+		BUF_strlcpy(result, fullpath, sizeof(fullpath));
-+		return(result);
-+		}
-	if((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0)
-		{
-		if(dso->name_converter != NULL)
---- /tmp/engine.h	Fri Feb 11 14:46:24 2011
-+++ openssl-1.0.0d/crypto/engine/engine.h	Fri Feb 11 14:47:32 2011
-@@ -351,6 +351,7 @@
- #endif
- #endif
++        result = OPENSSL_malloc(strlen(fullpath) + 1);
++        if(result == NULL) {
++            DSOerr(DSO_F_DSO_CONVERT_FILENAME, ERR_R_MALLOC_FAILURE);
++            return(NULL);
++        }
++        BUF_strlcpy(result, fullpath, strlen(fullpath) + 1);
++        return (result);
++    }
+     if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) {
+         if (dso->name_converter != NULL)
+             result = dso->name_converter(dso, filename);
+--- /tmp/engine.h       Fri Feb 11 14:46:24 2011
++++ openssl-1.0.0d/crypto/engine/engine.h       Fri Feb 11 14:47:32 2011
+@@ -413,6 +413,7 @@
+ #  endif
+ # endif
  void ENGINE_load_cryptodev(void);
 +void ENGINE_load_pk11(void);
  void ENGINE_load_rsax(void);
upstream/oracle/userland-gate