[edk2-devel] [PATCH 1/1] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1g
Wang, Jian J
jian.j.wang at intel.com
Thu Jul 16 08:12:48 UTC 2020
Guomin,
Thank you very much for this upgrade.
Just one comment. The opensslconf.h and dso_conf.h generated after calling
process_files.pl are unix EOL. But the EOL in the patch is correct. I guess you
converted them manually. I'd suggest that you update process_files.pl to do
it automatically.
Regards,
Jian
> -----Original Message-----
> From: Jiang, Guomin <guomin.jiang at intel.com>
> Sent: Friday, July 10, 2020 10:28 AM
> To: devel at edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang at intel.com>; Lu, XiaoyuX <xiaoyux.lu at intel.com>;
> GuoMinJ <newexplorerj at gmail.com>
> Subject: [PATCH 1/1] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1g
>
> Upgrade openssl to 1.1.1g. the directory have been reorganized,
> openssl moved crypto/include/internal to include/crypto folder.
> So we change directory to match the re-organization.
>
> Cc: Jian J Wang <jian.j.wang at intel.com>
> Cc: Xiaoyu Lu <xiaoyux.lu at intel.com>
> Signed-off-by: GuoMinJ <newexplorerj at gmail.com>
> ---
> CryptoPkg/CryptoPkg.dec | 1 -
> CryptoPkg/Library/OpensslLib/OpensslLib.inf | 58 +++++++++----------
> .../Library/OpensslLib/OpensslLibCrypto.inf | 50 ++++++++--------
> .../Include/{internal => crypto}/dso_conf.h | 32 +++++-----
> .../Library/Include/openssl/opensslconf.h | 3 -
> .../Library/BaseCryptLib/Hash/CryptSm3.c | 2 +-
> .../BaseCryptLib/Pk/CryptPkcs7VerifyEku.c | 4 +-
> CryptoPkg/Library/OpensslLib/rand_pool.c | 2 +-
> CryptoPkg/Library/OpensslLib/openssl | 2 +-
> CryptoPkg/Library/OpensslLib/process_files.pl | 10 ++--
> 10 files changed, 80 insertions(+), 84 deletions(-)
> rename CryptoPkg/Library/Include/{internal => crypto}/dso_conf.h (76%)
>
> diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec
> index 4d1a1368a8d4..5888941bab4c 100644
> --- a/CryptoPkg/CryptoPkg.dec
> +++ b/CryptoPkg/CryptoPkg.dec
> @@ -23,7 +23,6 @@ [Includes.Common.Private]
> Private
> Library/Include
> Library/OpensslLib/openssl/include
> - Library/OpensslLib/openssl/crypto/include
>
> [LibraryClasses]
> ## @libraryclass Provides basic library functions for cryptographic primitives.
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> index c8ec9454bd90..dbbe5386a10c 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> @@ -477,45 +477,45 @@ [Sources]
> $(OPENSSL_PATH)/crypto/s390x_arch.h
> $(OPENSSL_PATH)/crypto/sparc_arch.h
> $(OPENSSL_PATH)/crypto/vms_rms.h
> - $(OPENSSL_PATH)/crypto/aes/aes_locl.h
> + $(OPENSSL_PATH)/crypto/aes/aes_local.h
> $(OPENSSL_PATH)/crypto/asn1/asn1_item_list.h
> - $(OPENSSL_PATH)/crypto/asn1/asn1_locl.h
> + $(OPENSSL_PATH)/crypto/asn1/asn1_local.h
> $(OPENSSL_PATH)/crypto/asn1/charmap.h
> $(OPENSSL_PATH)/crypto/asn1/standard_methods.h
> $(OPENSSL_PATH)/crypto/asn1/tbl_standard.h
> - $(OPENSSL_PATH)/crypto/async/async_locl.h
> + $(OPENSSL_PATH)/crypto/async/async_local.h
> $(OPENSSL_PATH)/crypto/async/arch/async_null.h
> $(OPENSSL_PATH)/crypto/async/arch/async_posix.h
> $(OPENSSL_PATH)/crypto/async/arch/async_win.h
> - $(OPENSSL_PATH)/crypto/bio/bio_lcl.h
> - $(OPENSSL_PATH)/crypto/bn/bn_lcl.h
> + $(OPENSSL_PATH)/crypto/bio/bio_local.h
> + $(OPENSSL_PATH)/crypto/bn/bn_local.h
> $(OPENSSL_PATH)/crypto/bn/bn_prime.h
> $(OPENSSL_PATH)/crypto/bn/rsaz_exp.h
> - $(OPENSSL_PATH)/crypto/comp/comp_lcl.h
> + $(OPENSSL_PATH)/crypto/comp/comp_local.h
> $(OPENSSL_PATH)/crypto/conf/conf_def.h
> - $(OPENSSL_PATH)/crypto/conf/conf_lcl.h
> - $(OPENSSL_PATH)/crypto/dh/dh_locl.h
> - $(OPENSSL_PATH)/crypto/dso/dso_locl.h
> - $(OPENSSL_PATH)/crypto/evp/evp_locl.h
> - $(OPENSSL_PATH)/crypto/hmac/hmac_lcl.h
> - $(OPENSSL_PATH)/crypto/lhash/lhash_lcl.h
> - $(OPENSSL_PATH)/crypto/md5/md5_locl.h
> - $(OPENSSL_PATH)/crypto/modes/modes_lcl.h
> + $(OPENSSL_PATH)/crypto/conf/conf_local.h
> + $(OPENSSL_PATH)/crypto/dh/dh_local.h
> + $(OPENSSL_PATH)/crypto/dso/dso_local.h
> + $(OPENSSL_PATH)/crypto/evp/evp_local.h
> + $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
> + $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
> + $(OPENSSL_PATH)/crypto/md5/md5_local.h
> + $(OPENSSL_PATH)/crypto/modes/modes_local.h
> $(OPENSSL_PATH)/crypto/objects/obj_dat.h
> - $(OPENSSL_PATH)/crypto/objects/obj_lcl.h
> + $(OPENSSL_PATH)/crypto/objects/obj_local.h
> $(OPENSSL_PATH)/crypto/objects/obj_xref.h
> - $(OPENSSL_PATH)/crypto/ocsp/ocsp_lcl.h
> - $(OPENSSL_PATH)/crypto/pkcs12/p12_lcl.h
> - $(OPENSSL_PATH)/crypto/rand/rand_lcl.h
> - $(OPENSSL_PATH)/crypto/rsa/rsa_locl.h
> - $(OPENSSL_PATH)/crypto/sha/sha_locl.h
> + $(OPENSSL_PATH)/crypto/ocsp/ocsp_local.h
> + $(OPENSSL_PATH)/crypto/pkcs12/p12_local.h
> + $(OPENSSL_PATH)/crypto/rand/rand_local.h
> + $(OPENSSL_PATH)/crypto/rsa/rsa_local.h
> + $(OPENSSL_PATH)/crypto/sha/sha_local.h
> $(OPENSSL_PATH)/crypto/siphash/siphash_local.h
> - $(OPENSSL_PATH)/crypto/sm3/sm3_locl.h
> - $(OPENSSL_PATH)/crypto/store/store_locl.h
> - $(OPENSSL_PATH)/crypto/ui/ui_locl.h
> - $(OPENSSL_PATH)/crypto/x509/x509_lcl.h
> + $(OPENSSL_PATH)/crypto/sm3/sm3_local.h
> + $(OPENSSL_PATH)/crypto/store/store_local.h
> + $(OPENSSL_PATH)/crypto/ui/ui_local.h
> + $(OPENSSL_PATH)/crypto/x509/x509_local.h
> $(OPENSSL_PATH)/crypto/x509v3/ext_dat.h
> - $(OPENSSL_PATH)/crypto/x509v3/pcy_int.h
> + $(OPENSSL_PATH)/crypto/x509v3/pcy_local.h
> $(OPENSSL_PATH)/crypto/x509v3/standard_exts.h
> $(OPENSSL_PATH)/crypto/x509v3/v3_admis.h
> $(OPENSSL_PATH)/ssl/bio_ssl.c
> @@ -562,13 +562,13 @@ [Sources]
> $(OPENSSL_PATH)/ssl/t1_trce.c
> $(OPENSSL_PATH)/ssl/tls13_enc.c
> $(OPENSSL_PATH)/ssl/tls_srp.c
> - $(OPENSSL_PATH)/ssl/packet_locl.h
> + $(OPENSSL_PATH)/ssl/packet_local.h
> $(OPENSSL_PATH)/ssl/ssl_cert_table.h
> - $(OPENSSL_PATH)/ssl/ssl_locl.h
> + $(OPENSSL_PATH)/ssl/ssl_local.h
> $(OPENSSL_PATH)/ssl/record/record.h
> - $(OPENSSL_PATH)/ssl/record/record_locl.h
> + $(OPENSSL_PATH)/ssl/record/record_local.h
> $(OPENSSL_PATH)/ssl/statem/statem.h
> - $(OPENSSL_PATH)/ssl/statem/statem_locl.h
> + $(OPENSSL_PATH)/ssl/statem/statem_local.h
> # Autogenerated files list ends here
> buildinf.h
> rand_pool_noise.h
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> index 2f232e3e1289..616ccd9f62d1 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> @@ -477,45 +477,45 @@ [Sources]
> $(OPENSSL_PATH)/crypto/s390x_arch.h
> $(OPENSSL_PATH)/crypto/sparc_arch.h
> $(OPENSSL_PATH)/crypto/vms_rms.h
> - $(OPENSSL_PATH)/crypto/aes/aes_locl.h
> + $(OPENSSL_PATH)/crypto/aes/aes_local.h
> $(OPENSSL_PATH)/crypto/asn1/asn1_item_list.h
> - $(OPENSSL_PATH)/crypto/asn1/asn1_locl.h
> + $(OPENSSL_PATH)/crypto/asn1/asn1_local.h
> $(OPENSSL_PATH)/crypto/asn1/charmap.h
> $(OPENSSL_PATH)/crypto/asn1/standard_methods.h
> $(OPENSSL_PATH)/crypto/asn1/tbl_standard.h
> - $(OPENSSL_PATH)/crypto/async/async_locl.h
> + $(OPENSSL_PATH)/crypto/async/async_local.h
> $(OPENSSL_PATH)/crypto/async/arch/async_null.h
> $(OPENSSL_PATH)/crypto/async/arch/async_posix.h
> $(OPENSSL_PATH)/crypto/async/arch/async_win.h
> - $(OPENSSL_PATH)/crypto/bio/bio_lcl.h
> - $(OPENSSL_PATH)/crypto/bn/bn_lcl.h
> + $(OPENSSL_PATH)/crypto/bio/bio_local.h
> + $(OPENSSL_PATH)/crypto/bn/bn_local.h
> $(OPENSSL_PATH)/crypto/bn/bn_prime.h
> $(OPENSSL_PATH)/crypto/bn/rsaz_exp.h
> - $(OPENSSL_PATH)/crypto/comp/comp_lcl.h
> + $(OPENSSL_PATH)/crypto/comp/comp_local.h
> $(OPENSSL_PATH)/crypto/conf/conf_def.h
> - $(OPENSSL_PATH)/crypto/conf/conf_lcl.h
> - $(OPENSSL_PATH)/crypto/dh/dh_locl.h
> - $(OPENSSL_PATH)/crypto/dso/dso_locl.h
> - $(OPENSSL_PATH)/crypto/evp/evp_locl.h
> - $(OPENSSL_PATH)/crypto/hmac/hmac_lcl.h
> - $(OPENSSL_PATH)/crypto/lhash/lhash_lcl.h
> - $(OPENSSL_PATH)/crypto/md5/md5_locl.h
> - $(OPENSSL_PATH)/crypto/modes/modes_lcl.h
> + $(OPENSSL_PATH)/crypto/conf/conf_local.h
> + $(OPENSSL_PATH)/crypto/dh/dh_local.h
> + $(OPENSSL_PATH)/crypto/dso/dso_local.h
> + $(OPENSSL_PATH)/crypto/evp/evp_local.h
> + $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
> + $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
> + $(OPENSSL_PATH)/crypto/md5/md5_local.h
> + $(OPENSSL_PATH)/crypto/modes/modes_local.h
> $(OPENSSL_PATH)/crypto/objects/obj_dat.h
> - $(OPENSSL_PATH)/crypto/objects/obj_lcl.h
> + $(OPENSSL_PATH)/crypto/objects/obj_local.h
> $(OPENSSL_PATH)/crypto/objects/obj_xref.h
> - $(OPENSSL_PATH)/crypto/ocsp/ocsp_lcl.h
> - $(OPENSSL_PATH)/crypto/pkcs12/p12_lcl.h
> - $(OPENSSL_PATH)/crypto/rand/rand_lcl.h
> - $(OPENSSL_PATH)/crypto/rsa/rsa_locl.h
> - $(OPENSSL_PATH)/crypto/sha/sha_locl.h
> + $(OPENSSL_PATH)/crypto/ocsp/ocsp_local.h
> + $(OPENSSL_PATH)/crypto/pkcs12/p12_local.h
> + $(OPENSSL_PATH)/crypto/rand/rand_local.h
> + $(OPENSSL_PATH)/crypto/rsa/rsa_local.h
> + $(OPENSSL_PATH)/crypto/sha/sha_local.h
> $(OPENSSL_PATH)/crypto/siphash/siphash_local.h
> - $(OPENSSL_PATH)/crypto/sm3/sm3_locl.h
> - $(OPENSSL_PATH)/crypto/store/store_locl.h
> - $(OPENSSL_PATH)/crypto/ui/ui_locl.h
> - $(OPENSSL_PATH)/crypto/x509/x509_lcl.h
> + $(OPENSSL_PATH)/crypto/sm3/sm3_local.h
> + $(OPENSSL_PATH)/crypto/store/store_local.h
> + $(OPENSSL_PATH)/crypto/ui/ui_local.h
> + $(OPENSSL_PATH)/crypto/x509/x509_local.h
> $(OPENSSL_PATH)/crypto/x509v3/ext_dat.h
> - $(OPENSSL_PATH)/crypto/x509v3/pcy_int.h
> + $(OPENSSL_PATH)/crypto/x509v3/pcy_local.h
> $(OPENSSL_PATH)/crypto/x509v3/standard_exts.h
> $(OPENSSL_PATH)/crypto/x509v3/v3_admis.h
> # Autogenerated files list ends here
> diff --git a/CryptoPkg/Library/Include/internal/dso_conf.h
> b/CryptoPkg/Library/Include/crypto/dso_conf.h
> similarity index 76%
> rename from CryptoPkg/Library/Include/internal/dso_conf.h
> rename to CryptoPkg/Library/Include/crypto/dso_conf.h
> index 43c891588bc2..95f4db2b1586 100644
> --- a/CryptoPkg/Library/Include/internal/dso_conf.h
> +++ b/CryptoPkg/Library/Include/crypto/dso_conf.h
> @@ -1,16 +1,16 @@
> -/* WARNING: do not edit! */
> -/* Generated from crypto/include/internal/dso_conf.h.in */
> -/*
> - * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
> - *
> - * Licensed under the OpenSSL license (the "License"). You may not use
> - * this file except in compliance with the License. You can obtain a copy
> - * in the file LICENSE in the source distribution or at
> - * https://www.openssl.org/source/license.html
> - */
> -
> -#ifndef HEADER_DSO_CONF_H
> -# define HEADER_DSO_CONF_H
> -# define DSO_NONE
> -# define DSO_EXTENSION ".so"
> -#endif
> +/* WARNING: do not edit! */
> +/* Generated from include/crypto/dso_conf.h.in */
> +/*
> + * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
> + *
> + * Licensed under the OpenSSL license (the "License"). You may not use
> + * this file except in compliance with the License. You can obtain a copy
> + * in the file LICENSE in the source distribution or at
> + * https://www.openssl.org/source/license.html
> + */
> +
> +#ifndef OSSL_CRYPTO_DSO_CONF_H
> +# define OSSL_CRYPTO_DSO_CONF_H
> +# define DSO_NONE
> +# define DSO_EXTENSION ".so"
> +#endif
> diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h
> b/CryptoPkg/Library/Include/openssl/opensslconf.h
> index 62c2736cb0b5..3a2544ea5ccc 100644
> --- a/CryptoPkg/Library/Include/openssl/opensslconf.h
> +++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
> @@ -247,9 +247,6 @@ extern "C" {
> #ifndef OPENSSL_NO_DYNAMIC_ENGINE
> # define OPENSSL_NO_DYNAMIC_ENGINE
> #endif
> -#ifndef OPENSSL_NO_AFALGENG
> -# define OPENSSL_NO_AFALGENG
> -#endif
>
>
> /*
> diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3.c
> b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3.c
> index eacf4826c4f7..235331c2a038 100644
> --- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3.c
> +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3.c
> @@ -7,7 +7,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> **/
>
> #include "InternalCryptLib.h"
> -#include "internal/sm3.h"
> +#include "crypto/sm3.h"
>
> /**
> Retrieves the size, in bytes, of the context buffer required for SM3 hash
> operations.
> diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c
> b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c
> index 229c244b2657..c9fdb65b99d1 100644
> --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c
> +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c
> @@ -15,13 +15,13 @@
> #include <openssl/asn1.h>
> #include <openssl/x509.h>
> #include <openssl/bio.h>
> -#include <internal/x509_int.h>
> +#include <crypto/x509.h>
> #include <openssl/pkcs7.h>
> #include <openssl/bn.h>
> #include <openssl/x509_vfy.h>
> #include <openssl/pem.h>
> #include <openssl/evp.h>
> -#include <internal/asn1_int.h>
> +#include <crypto/asn1.h>
>
> /**
> This function will return the leaf signer certificate in a chain. This is
> diff --git a/CryptoPkg/Library/OpensslLib/rand_pool.c
> b/CryptoPkg/Library/OpensslLib/rand_pool.c
> index 9f3983f7c35b..9e0179b03490 100644
> --- a/CryptoPkg/Library/OpensslLib/rand_pool.c
> +++ b/CryptoPkg/Library/OpensslLib/rand_pool.c
> @@ -7,7 +7,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
>
> **/
>
> -#include "internal/rand_int.h"
> +#include "crypto/rand.h"
> #include <openssl/aes.h>
>
> #include <Uefi.h>
> diff --git a/CryptoPkg/Library/OpensslLib/openssl
> b/CryptoPkg/Library/OpensslLib/openssl
> index c3656cc594da..e2e09d9fba11 160000
> --- a/CryptoPkg/Library/OpensslLib/openssl
> +++ b/CryptoPkg/Library/OpensslLib/openssl
> @@ -1 +1 @@
> -Subproject commit c3656cc594daac8167721dde7220f0e59ae146fc
> +Subproject commit e2e09d9fba1187f8d6aafaa34d4172f56f1ffb72
> diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl
> b/CryptoPkg/Library/OpensslLib/process_files.pl
> index 65d07a2aed44..4ca81ce4fc50 100755
> --- a/CryptoPkg/Library/OpensslLib/process_files.pl
> +++ b/CryptoPkg/Library/OpensslLib/process_files.pl
> @@ -111,8 +111,8 @@ BEGIN {
> # Generate dso_conf.h per config data
> system(
> "perl -I. -Mconfigdata util/dofile.pl " .
> - "crypto/include/internal/dso_conf.h.in " .
> - "> include/internal/dso_conf.h"
> + "include/crypto/dso_conf.h.in " .
> + "> include/crypto/dso_conf.h"
> ) == 0 ||
> die "Failed to generate dso_conf.h!\n";
>
> @@ -267,9 +267,9 @@ copy($OPENSSL_PATH .
> "/include/openssl/opensslconf.h",
> $OPENSSL_PATH . "/../../Include/openssl/") ||
> die "Cannot copy opensslconf.h!";
> print "Done!";
> -print "\n--> Duplicating dso_conf.h into Include/internal ... ";
> -copy($OPENSSL_PATH . "/include/internal/dso_conf.h",
> - $OPENSSL_PATH . "/../../Include/internal/") ||
> +print "\n--> Duplicating dso_conf.h into Include/crypto ... ";
> +copy($OPENSSL_PATH . "/include/crypto/dso_conf.h",
> + $OPENSSL_PATH . "/../../Include/crypto/") ||
> die "Cannot copy dso_conf.h!";
> print "Done!\n";
>
> --
> 2.25.1.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#62670): https://edk2.groups.io/g/devel/message/62670
Mute This Topic: https://groups.io/mt/75411613/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list