From 53ddf0cc10b698ec5f2972127325fbdd743f7811 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Mon, 5 Feb 2007 18:42:12 +0000
Subject: [PATCH] FIPS portability patches.

Submitted by:  Brad House <brad@mainstreetsoftworks.com>
---
 CHANGES                  |  3 +++
 Configure                |  3 ++-
 crypto/dso/dso_dlfcn.c   | 11 +++++++++++
 fips-1.0/fips_canister.c |  8 +++++++-
 fips-1.0/fipsld          | 15 +++++++++++++++
 5 files changed, 38 insertions(+), 2 deletions(-)

diff --git a/CHANGES b/CHANGES
index 4106f0d706..4e53b4efe8 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,9 @@
 
  Changes between 0.9.7l and 0.9.7m-fips2 [xx XXX xxxx]
 
+  *) FIPS portability patches.
+     [Brad House <brad@mainstreetsoftworks.com>]
+
   *) Move error strings for remaing libraries into separate files to avoid 
      unnecessary dependencies for fipscanister.o which doesn't require the
      loading of error strings.
diff --git a/Configure b/Configure
index f001f693b4..5c186e341f 100755
--- a/Configure
+++ b/Configure
@@ -460,13 +460,14 @@ my %table=(
 # SCO 5 - Ben Laurie <ben@algroup.co.uk> says the -O breaks the SCO cc.
 "sco5-cc",  "cc:-belf::(unknown)::-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "sco5-gcc",  "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-
+"sco6-cc",  "cc:-O::-Kpthread::-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 # IBM's AIX.
 "aix3-cc",    "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::",
 "aix-gcc",    "gcc:-O3 -DB_ENDIAN::-D_THREAD_SAFE:AIX::BN_LLONG RC4_CHAR:asm/aix_ppc32.o:::::::::dlfcn:",
 "aix-cc",     "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384::-qthreaded:AIX::BN_LLONG RC4_CHAR:asm/aix_ppc32.o:::::::::dlfcn:aix-shared::-q32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
 "aix64-cc",   "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384::-qthreaded:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:asm/aix_ppc64.o:::::::::dlfcn:aix-shared::-q64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
+"aix64-gcc",   "gcc:-maix64 -O -DB_ENDIAN::-D_THREAD_SAFE:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:asm/aix_ppc64.o:::::::::dlfcn:aix-shared::-maix64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
 
 #
 # Cray T90 and similar (SDSC)
diff --git a/crypto/dso/dso_dlfcn.c b/crypto/dso/dso_dlfcn.c
index 0422a4859a..6974d02f22 100644
--- a/crypto/dso/dso_dlfcn.c
+++ b/crypto/dso/dso_dlfcn.c
@@ -294,6 +294,15 @@ static char *dlfcn_name_converter(DSO *dso, const char *filename)
 	return(translated);
 	}
 
+/* This section uses dladdr() which appears to be a GNU extension, though
+ * some other OS's have adopted it.  Specifically, AIX4, AIX5, and SCO5
+ * do not support dladdr().
+ * No reference to DSO_pathbyaddr() is made, and appears to be a function
+ * which was added during construction of FIPS support in OpenSSL.  It appears
+ * that it has been replaced by FIPS_ref_point() in fipscanister.c
+ * Removing the below code fixes compile-time issues on the afore-mentioned
+ * OS's */
+#ifdef DEADBEEF_0
 #ifdef OPENSSL_FIPS
 static void dlfcn_ref_point(){}
 
@@ -322,4 +331,6 @@ int DSO_pathbyaddr(void *addr,char *path,int sz)
 	return -1;
 	}
 #endif
+#endif /* DEADBEEF_0 */
+
 #endif /* DSO_DLFCN */
diff --git a/fips-1.0/fips_canister.c b/fips-1.0/fips_canister.c
index 7dec62bb64..37258c4dbf 100644
--- a/fips-1.0/fips_canister.c
+++ b/fips-1.0/fips_canister.c
@@ -77,13 +77,19 @@ static void *instruction_pointer(void)
 # elif	defined(__ppc__) || defined(__powerpc) || defined(__powerpc__) || \
 	defined(__POWERPC__) || defined(_POWER) || defined(__PPC__) || \
 	defined(__PPC64__) || defined(__powerpc64__)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
+/* GCC on AIX cannot use inline ASM since the assembler used is the
+ * native assembler, not GNU as. Prevent INSTRUCTION_POINTER_IMPLEMENTED
+ * from being defined. It will use the fallback method which is the
+ * same as xlC uses for AIX in FIPS_ref_point() */
+#   ifndef (_AIX)
+#     define INSTRUCTION_POINTER_IMPLEMENTED
     void *scratch;
     __asm __volatile (	"mfspr	%1,8\n\t"	/* save lr */
 			"bl	.+4\n\t"
 			"mfspr	%0,8\n\t"	/* mflr ret */
 			"mtspr	8,%1"		/* restore lr */
 			: "=r"(ret),"=r"(scratch) );
+#   endif /* !_AIX */
 # elif	defined(__sparc) || defined(__sparc__) || defined(__sparcv9)
 #   define INSTRUCTION_POINTER_IMPLEMENTED
     void *scratch;
diff --git a/fips-1.0/fipsld b/fips-1.0/fipsld
index d5fd785fab..92c864ede4 100755
--- a/fips-1.0/fipsld
+++ b/fips-1.0/fipsld
@@ -22,6 +22,21 @@ CC=${FIPSLD_CC:-${CC}}
     [ $# -ge 1 ]
 ) && exec ${CC} "$@"
 
+# If using an auto-tooled (autoconf/automake/libtool) project,
+# configure will fail when testing the compiler or even performing
+# simple checks.  Pass-thru to compiler directly if not linking
+# to libcrypto, allowing auto-tooled applications to utilize fipsld
+# (e.g.  CC=/usr/local/ssl/bin/fipsld FIPSLD_CC=gcc ./configure && make )
+case "$*" in
+	*libcrypto.a*)
+	;;
+	*-lcrypto*)
+	;;
+	*)
+		exec ${CC} $*
+	;;
+esac
+
 # Turn on debugging output?
 (   while [ "x$1" != "x" -a "x$1" != "x-DDEBUG_FINGERPRINT_PREMAIN" ]; do shift; done;
     [ $# -ge 1 ]
-- 
2.25.1