You are right. The change for EDKII_openssl patch is unreasonable. Actually, this change was based on the openssl version 1.0.2e. The issue has been fixed in the later openssl version. So, just ignore it. I will create another patch for whole 'openssl\ssl' feature requirement to resolve this patch conflict issue.
Thanks. Jiaxin > -----Original Message----- > From: David Woodhouse [mailto:[email protected]] > Sent: Thursday, March 10, 2016 6:43 PM > To: Wu, Jiaxin <[email protected]>; [email protected] > Cc: Ye, Ting <[email protected]>; Fu, Siyuan <[email protected]>; Long, > Qin <[email protected]> > Subject: Re: [edk2] [Patch 2/6] CryptoPkg: Add OpensslTlsLib module to > enable 'openssl\ssl' > > On Wed, 2016-02-24 at 16:15 +0800, Jiaxin Wu wrote: > > > > diff --git a/CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2f.patch > b/CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2f.patch > > index c42b776..f2d8f1a 100644 > > --- a/CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2f.patch > > +++ b/CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2f.patch > > @@ -11,10 +11,19 @@ diff U3 crypto/bio/bio.h crypto/bio/bio.h > > BIO *BIO_new_fp(FILE *stream, int close_flag); > > +# ifndef OPENSSL_NO_FP_API > > # define BIO_s_file_internal BIO_s_file > > # endif > > BIO *BIO_new(BIO_METHOD *type); > > +@@ -655,6 +655,8 @@ > > + BIO *BIO_new_file(const char *filename, const char *mode); > > + BIO *BIO_new_fp(FILE *stream, int close_flag); > > + # define BIO_s_file_internal BIO_s_file > > ++# else > > ++# define BIO_s_file_internal() NULL > > + # endif > > + BIO *BIO_new(BIO_METHOD *type); > > + int BIO_set(BIO *a, BIO_METHOD *type); > > diff U3 crypto/bio/bss_file.c crypto/bio/bss_file.c > > --- crypto/bio/bss_file.c Thu Jan 28 21:38:30 2016 > > +++ crypto/bio/bss_file.c Wed Feb 17 16:01:02 2016 > > @@ -467,6 +467,23 @@ > > return (ret); > > As a general rule, you should never make have been making changes to > this OpenSSL patch without ensuring that a ticket is filed upstream. > > As of this week, there is *nothing* in the EDKII_openssl patch which > isn't a backport of a commit from OpenSSL 1.1. The patch is > autogenerated from a 1.0.2+backports git tree. > > Adding to it like this was *never* acceptable. Sure, you were only > making it a little bit worse at a time, but please don't. It just isn't > the way to do things. > > In this case, perhaps the *only* thing missing was the fact that this > should have been in its own separate commit, with a commit comment > *identifying* the upstream ticket (and OpenSSL 1.1 commit) in which it > was fixed. But that's important to get right too. > > -- > David Woodhouse Open Source Technology Centre > [email protected] Intel Corporation _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
