[edk2-devel] [PATCH v2] CryptoPkg: Upgrade OpenSSL to 1.1.1d
Xiaoyu Lu
xiaoyux.lu at intel.com
Fri Oct 25 01:14:35 UTC 2019
For this patch I think no impact, but if OpenSSL submodule upgraded added or modified files, but OpensslLib[Crypto].inf didn't add or modify them, it may lead build failed.
> -----Original Message-----
> From: Zhang, Shenglei
> Sent: Thursday, October 24, 2019 10:03 PM
> To: Lu, XiaoyuX <xiaoyux.lu at intel.com>; devel at edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang at intel.com>; Gao, Liming
> <liming.gao at intel.com>
> Subject: RE: [PATCH v2] CryptoPkg: Upgrade OpenSSL to 1.1.1d
>
>
> > -----Original Message-----
> > From: Lu, XiaoyuX
> > Sent: Thursday, October 24, 2019 5:40 PM
> > To: Zhang, Shenglei <shenglei.zhang at intel.com>; devel at edk2.groups.io
> > Cc: Wang, Jian J <jian.j.wang at intel.com>; Gao, Liming
> > <liming.gao at intel.com>
> > Subject: RE: [PATCH v2] CryptoPkg: Upgrade OpenSSL to 1.1.1d
> >
> > This patch works for me.
> > But I think process_files.pl changes need in a separated patch. And
> > submodule upgrade patch should go with OpensslLib[Crypto].inf.
>
> Hi Xiaoyu,
>
> Thanks for your proposal.
> I'm not familiar with OpensslLib. Could you elaborate the reason to do this?
>
> Thanks,
> Shenglei
>
> >
> > Thanks,
> > Xiaoyu
> > > -----Original Message-----
> > > From: Zhang, Shenglei
> > > Sent: Wednesday, October 23, 2019 10:48 PM
> > > To: devel at edk2.groups.io
> > > Cc: Wang, Jian J <jian.j.wang at intel.com>; Lu, XiaoyuX
> > > <xiaoyux.lu at intel.com>; Gao, Liming <liming.gao at intel.com>
> > > Subject: [PATCH v2] CryptoPkg: Upgrade OpenSSL to 1.1.1d
> > >
> > > Update openssl from 1.1.1b to 1.1.1d.
> > > Something needs to be noticed is that, there is a bug existing in the
> > > released 1_1_1d version(894da2fb7ed5d314ee5c2fc9fd2d9b8b74111596),
> > > which causes build failure. So we switch the code base to a usable
> > > version, which is 2 commits later than the stable tag.
> > > Now we use the version c3656cc594daac8167721dde7220f0e59ae146fc.
> > > This log is to fix the build failure.
> > > https://bugzilla.tianocore.org/show_bug.cgi?id=2226
> > >
> > > Besides, the absense of "DSO_NONE" in dso_conf.h causes build failure
> > > in OvmfPkg. So update process_files.pl to generate information from
> > > "crypto/include/internal/dso_conf.h.in".
> > >
> > > This patch has been tested on Kaby Lake platform.
> > >
> > > Cc: Jian J Wang <jian.j.wang at intel.com>
> > > Cc: Xiaoyu Lu <xiaoyux.lu at intel.com>
> > > Cc: Liming Gao <liming.gao at intel.com>
> > > Signed-off-by: Shenglei Zhang <shenglei.zhang at intel.com>
> > > ---
> > >
> > > v2: Revert the changes in OpensslLib.inf and OpensslLibCrypto.inf.
> > > The removed header files in INF are added at 8906f076d... to clean
> > > warning message.
> > >
> > > CryptoPkg/Library/Include/internal/dso_conf.h | 16
> ++++++++++++++++
> > > CryptoPkg/Library/OpensslLib/openssl | 2 +-
> > > CryptoPkg/Library/OpensslLib/process_files.pl | 13 ++++++++++++-
> > > 3 files changed, 29 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/CryptoPkg/Library/Include/internal/dso_conf.h
> > > b/CryptoPkg/Library/Include/internal/dso_conf.h
> > > index e69de29bb2d1..43c891588bc2 100644
> > > --- a/CryptoPkg/Library/Include/internal/dso_conf.h
> > > +++ b/CryptoPkg/Library/Include/internal/dso_conf.h
> > > @@ -0,0 +1,16 @@
> > > +/* WARNING: do not edit! */
> > > +/* Generated from crypto/include/internal/dso_conf.h.in */
> > > +/*
> > > + * Copyright 2016-2019 The OpenSSL Project Authors. All Rights
> Reserved.
> > > + *
> > > + * Licensed under the OpenSSL license (the "License"). You may not use
> > > + * this file except in compliance with the License. You can obtain a copy
> > > + * in the file LICENSE in the source distribution or at
> > > + * https://www.openssl.org/source/license.html
> > > + */
> > > +
> > > +#ifndef HEADER_DSO_CONF_H
> > > +# define HEADER_DSO_CONF_H
> > > +# define DSO_NONE
> > > +# define DSO_EXTENSION ".so"
> > > +#endif
> > > diff --git a/CryptoPkg/Library/OpensslLib/openssl
> > > b/CryptoPkg/Library/OpensslLib/openssl
> > > index 50eaac9f3337..c3656cc594da 160000
> > > --- a/CryptoPkg/Library/OpensslLib/openssl
> > > +++ b/CryptoPkg/Library/OpensslLib/openssl
> > > @@ -1 +1 @@
> > > -Subproject commit 50eaac9f3337667259de725451f201e784599687
> > > +Subproject commit c3656cc594daac8167721dde7220f0e59ae146fc
> > > diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl
> > > b/CryptoPkg/Library/OpensslLib/process_files.pl
> > > index e13c0acb4dda..f35bcc8d0f83 100755
> > > --- a/CryptoPkg/Library/OpensslLib/process_files.pl
> > > +++ b/CryptoPkg/Library/OpensslLib/process_files.pl
> > > @@ -106,6 +106,14 @@ BEGIN {
> > > ) == 0 ||
> > > die "Failed to generate opensslconf.h!\n";
> > >
> > > + # Generate dso_conf.h per config data
> > > + system(
> > > + "perl -I. -Mconfigdata util/dofile.pl " .
> > > + "crypto/include/internal/dso_conf.h.in " .
> > > + "> include/internal/dso_conf.h"
> > > + ) == 0 ||
> > > + die "Failed to generate dso_conf.h!\n";
> > > +
> > > chdir($basedir) ||
> > > die "Cannot change to base directory \"" . $basedir . "\"";
> > >
> > > @@ -221,12 +229,15 @@ rename( $new_inf_file, $inf_file ) ||
> > > print "Done!";
> > >
> > > #
> > > -# Copy opensslconf.h generated from OpenSSL Configuration
> > > +# Copy opensslconf.h and dso_conf.h generated from OpenSSL
> > > Configuration
> > > #
> > > print "\n--> Duplicating opensslconf.h into Include/openssl ... ";
> > > copy($OPENSSL_PATH . "/include/openssl/opensslconf.h",
> > > $OPENSSL_PATH . "/../../Include/openssl/") ||
> > > die "Cannot copy opensslconf.h!";
> > > +copy($OPENSSL_PATH . "/include/internal/dso_conf.h",
> > > + $OPENSSL_PATH . "/../../Include/internal/") ||
> > > + die "Cannot copy dso_conf.h!";
> > > print "Done!\n";
> > >
> > > print "\nProcessing Files Done!\n";
> > > --
> > > 2.18.0.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#49437): https://edk2.groups.io/g/devel/message/49437
Mute This Topic: https://groups.io/mt/36495805/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list