--- a/components/openssl/openssl-fips/Makefile	Thu Feb 02 10:53:40 2012 -0800
+++ b/components/openssl/openssl-fips/Makefile	Tue Feb 07 12:53:01 2012 -0800
@@ -38,12 +38,7 @@
 include $(WS_TOP)/make-rules/prep.mk
 include $(WS_TOP)/make-rules/configure.mk
 
-# To build x86 FIPS canister, gcc needs to be used so it must be
-# in the PATH. This is because according to the "OpenSSL FIPS 140-2
-# Security Policy" document, no file in the source distribution may
-# be changed in any way and as a result, gcc is chosen because
-# otherwise "-fast" is erroneously passed to the Studio cc compiler.
-PATH=$(SPRO_VROOT)/bin:/usr/bin:/usr/gnu/bin:/usr/perl5/bin:$(SFWBIN)
+PATH=$(SPRO_VROOT)/bin:/usr/bin:/usr/gnu/bin:/usr/perl5/bin
 
 # In order to build a 32bit version on a 64bit system the isalist(1) command
 # must be substituted for the 32bit build so that amd64|sparcv9 is not part of
@@ -54,7 +49,7 @@
 # run as shown there. Nothing from the tarball can be modified. We use the U2
 # command set, see below.
 FAKE_ISALIST = 32/isalist
-FAKE_MAKE = gmake
+FAKE_MAKE = fips-gmake
 FAKE_CC = cc
 FAKE_APPS = $(FAKE_ISALIST) $(FAKE_MAKE) $(FAKE_CC)
 
@@ -83,7 +78,8 @@
 COMPONENT_INSTALL_ARGS =
 COMPONENT_INSTALL_TARGETS = install
 CONFIGURE_ENV += FIPS_SITE_LD=$(LD) PATH=$(FIPS_PATH_$(BITS))
-COMPONENT_BUILD_ENV += FIPS_SITE_LD=$(LD) REALCC=$(CC) MYMAKE=$(MAKE)
+# Add COMPONENT_DIR to PATH so cc wrapper can be found.
+COMPONENT_BUILD_ENV += FIPS_SITE_LD=$(LD) REALCC=$(CC) MYMAKE=$(MAKE) PATH=$(COMPONENT_DIR):$(PATH)
 
 $(BUILD_32_and_64): $(FAKE_APPS)
 
@@ -94,7 +90,7 @@
 
 # We must make the "install" target a no-op (but must run it to be compliant).
 # See above for more information.
-install:	GMAKE = $(COMPONENT_DIR)/gmake
+install:	GMAKE = $(COMPONENT_DIR)/fips-gmake
 install:	$(BUILD_DIR_32)/.verified $(BUILD_DIR_64)/.verified
 
 # This is a recommended set of commands to verify that the FIPS-140 mode can be

--- a/components/openssl/openssl-fips/cc.sh	Thu Feb 02 10:53:40 2012 -0800
+++ b/components/openssl/openssl-fips/cc.sh	Tue Feb 07 12:53:01 2012 -0800
@@ -21,14 +21,30 @@
 #
 
 #
-# Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
 #
 
-# Very simple cc wrapper whose only purpose is to ensure that cc behaves as
-# desired when linking the fipscanister.o object. Currently that means adding
-# "-W2,-Rfully_unroll to the compiler options. As the fips module is only built
-# with Sun Studio on sparc (gcc is used on x86) this workaround will only happen
-# on sparc, in fact the compiler bug this is working around is sparc specific
-# anyway.
+# The fips module is built with Sun Studio cc compile on sparc and x86.
+# On x86, this cc wrapper is used to remove "-fast" from the compiler
+# option. According to the "OpenSSL FIPS 140-2 Security Policy"
+# document, no file in the source distribution may be changed in any way
+# and as a result, this wrapper is used to remove the -fast that is
+# passed to the Studio cc compiler.
+# On sparc, this wrapper is just a pass through to cc.
+
+MACH=`uname -p`
 
-exec $REALCC -W2,-Rfully_unroll "$@"
+if [ "$MACH" = "sparc" ]; then
+	exec $REALCC "$@"
+else
+	CC_CMD=""
+	while [ $# -ne 0 ]; do
+        	if [ "$1" != "-fast" ]; then
+                	CC_CMD="$CC_CMD '$1'"
+        	fi
+        	shift;
+	done
+
+	eval $REALCC $CC_CMD
+fi
+

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openssl/openssl-fips/fips-gmake.sh	Tue Feb 07 12:53:01 2012 -0800
@@ -0,0 +1,31 @@
+#!/bin/ksh93
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+
+#
+# Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
+#
+
+# Make "make install" a no-op. Everything else gets passed through make.
+
+if [[ $1 != install ]]; then
+	$MYMAKE "$@"
+fi

--- a/components/openssl/openssl-fips/gmake.sh	Thu Feb 02 10:53:40 2012 -0800
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,31 +0,0 @@
-#!/bin/ksh93
-#
-# CDDL HEADER START
-#
-# The contents of this file are subject to the terms of the
-# Common Development and Distribution License (the "License").
-# You may not use this file except in compliance with the License.
-#
-# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
-# or http://www.opensolaris.org/os/licensing.
-# See the License for the specific language governing permissions
-# and limitations under the License.
-#
-# When distributing Covered Code, include this CDDL HEADER in each
-# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
-# If applicable, add the following below this CDDL HEADER, with the
-# fields enclosed by brackets "[]" replaced with your own identifying
-# information: Portions Copyright [yyyy] [name of copyright owner]
-#
-# CDDL HEADER END
-#
-
-#
-# Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
-#
-
-# Make "make install" a no-op. Everything else gets passed through make.
-
-if [[ $1 != install ]]; then
-	$MYMAKE "$@"
-fi