Not sure which version this is; let's call it v3 despite the fact that I think it's actually the first time all this lot has been posted together in a single coherent series.
All the OpenSSL fixes are filed in upstream RT and in my git tree at http://git.infradead.org/users/dwmw2/openssl.git/ — and backported to OpenSSL 1.0.2 in the OpenSSL_1_0_2-stable branch of the same repo. This series cleans up a number of our outstanding OpenSSL patches to match what's been submitted upstream, including the use of OPENSSL_SYS_UEFI instead of abusing OPENSSL_SYSNAME_UWIN. It also cleans up places in our code where we access OpenSSL "internal" structures which are going to be made opaque in OpenSSL 1.1 and accessor functions should be used instead. The build infrastructure is fixed to be more consistent with the way that OpenSSL is usually built — all the OPENSSL_NO_xxx definitions are moved into opensslconf.h, and the file list is properly synchronised with the result of 'make files' in the suitably-configured OpenSSL source. A script is provided which allows the opensslconf.h file and the list of files in OpensslLib.inf to be automatically updated. This script is not required during a normal build; it's only for when we update the OpenSSL which is used by the EDK II repository. Finally, we remove CryptoPkg/include/openssl and instead use the real OpenSSL include directory. This Just Works on POSIX-compliant platforms, and has symlinks to the original files. In OpenSSL 1.1 it'll work even on Windows, as those files have been *moved* to the include/openssl/ directory of the OpenSSL source tree. For the time being, Install.sh can die and Install.cmd is updated to copy the files to $(OPENSSL_PATH)/include/openssl to work around Windows' lack of symlinks. Both the final commit (using OpenSSL HEAD) and the penultimate (still using a patched 1.0.2d) have been build-tested for IA32 and X86 both using GCC on Linux and VS2008 under Windows. And also using MinGW32/MingGW64 under Linux, although the final link there fails due to calls to __chkstk_ms (see GCC PR#67169). Git tree at http://git.infradead.org/users/dwmw2/edk2.git David Woodhouse (16): CryptoPkg/BaseCryptLib: Add missing OpenSSL includes CryptoPkg/BaseCryptLib: Use i2d_X509_NAME() instead of abusing X509_NAME CryptoPkg/BaseCryptLib: Use accessor functions for X509_ATTRIBUTE CryptoPkg/BaseCryptLib: Use accessor functions for ASN1_OBJECT CryptoPkg/BaseCryptLib: Clean up checking of PKCS#7 contents type CryptoPkg/BaseCryptLib: Use X509_V_FLAG_PARTIAL_CHAIN CryptoPkg/BaseCryptLib: Use X509_V_FLAG_NO_CHECK_TIME CryptoPkg/OpensslLib: Undefine NO_BUILTIN_VA_FUNCS to fix varargs breakage CryptoPkg: Fix OpenSSL BN wordsize and OPENSSL_SYS_UEFI handling CryptoPkg/OpensslLib: Eliminate GETPID_IS_MEANINGLESS definition CryptoPkg/OpensslLib: Move OPENSSL_NO_xxx defines into opensslconf.h CryptoPkg: Use OpenSSL include directory directly CryptoPkg/OpensslLib: Include complete copy of opensslconf.h CryptoPkg/OpensslLib: Update OpenSSL patch CryptoPkg/OpensslLib: Automatically configure OpenSSL and generate file list CryptoPkg: Support building with OpenSSL HEAD (1.1.0-devel) CryptoPkg/CryptoPkg.dec | 2 + CryptoPkg/Include/OpenSslSupport.h | 26 ++ CryptoPkg/Include/openssl/README | 1 - CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h | 10 +- CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c | 7 +- CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c | 1 + CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c | 94 +--- CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c | 1 + CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c | 1 + CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c | 102 +--- CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 18 +- CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/InternalCryptLib.h | 8 - CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2d.patch | 380 --------------- CryptoPkg/Library/OpensslLib/Install.cmd | 77 --- CryptoPkg/Library/OpensslLib/Install.sh | 79 ---- CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt | 44 ++ CryptoPkg/Library/OpensslLib/OpensslLib.inf | 480 ++----------------- CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt | 61 --- CryptoPkg/Library/OpensslLib/opensslconf.h | 488 ++++++++++++++++++++ CryptoPkg/Library/OpensslLib/process_files.sh | 38 ++ 20 files changed, 691 insertions(+), 1227 deletions(-) -- David Woodhouse Open Source Technology Centre david.woodho...@intel.com Intel Corporation
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
