From: Long Qin <qin.long@intel.com>
To: edk2-devel@lists.01.org
Cc: ting.ye@intel.com
Subject: [PATCH] CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0g
Date: Fri, 22 Dec 2017 14:28:27 +0800 [thread overview]
Message-ID: <20171222062827.8076-1-qin.long@intel.com> (raw)
Update the supported OpenSSL version to the latest 1.1.0g (02-Nov-2017).
The changes includes:
- Re-generate the OpensslLib[crypto].inf using process_files.pl script
to reflect the openssl source changes.
- Update OpenSSL-HOWTO.txt
- On Visual Studio Build: adding "/wd4819" to disable one addition build
warning issue, which was already fixed in OpenSSL-HEAD
https://github.com/openssl/openssl/pull/4691.
- On GCC Build: openssl-1.1.0g introduced one additional build warning:
...\openssl\crypto\asn1\x_int64.c:105:32: error: format '%ld' expects
argument of type 'long int', but argument 3 has type 'int64_t
{aka long long int}' [-Werror=format=]
return BIO_printf(out, "%"BIO_PRI64"d\n", **(int64_t **)pval);
^
Adding "-Wno-error=format" to GCC build flag to suppress this warning,
since we have no real printf usage in BaseCryptLib, and BIO_printf()
was already wrappered as the dummy implementation in CryptoPkg.
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Long Qin <qin.long@intel.com>
---
CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt | 10 +++++-----
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 14 +++++++++-----
CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 14 +++++++++-----
CryptoPkg/Library/OpensslLib/buildinf.h | 2 +-
4 files changed, 24 insertions(+), 16 deletions(-)
diff --git a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
index e8b0bab010..d152138129 100644
--- a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
+++ b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt
@@ -18,7 +18,7 @@ on the cryptography.
OpenSSL-Version
=============================================================================
EDKII supports building with the latest release of OpenSSL.
- The latest official release is OpenSSL-1.1.0e (Released at 2017-Feb-16).
+ The latest official release is OpenSSL-1.1.0g (Released at 2017-Nov-02).
NOTE: Only latest release version was fully validated.
And no guarantees on build & functionality if using other versions.
@@ -28,13 +28,13 @@ on the cryptography.
1. Clone the latest official OpenSSL release into the directory
CryptoPkg/Library/OpensslLib/openssl/
- Use OpenSSL-1.1.0e release as one example:
- (OpenSSL_1_1_0e below is the tag name for the OpenSSL-1.1.0e release)
+ Use OpenSSL-1.1.0g release as one example:
+ (OpenSSL_1_1_0g below is the tag name for the OpenSSL-1.1.0g release)
> cd CryptoPkg/Library/OpensslLib
- > git clone -b OpenSSL_1_1_0e https://github.com/openssl/openssl openssl
+ > git clone -b OpenSSL_1_1_0g https://github.com/openssl/openssl openssl
or
> git clone https://github.com/openssl/openssl openssl
- > git checkout OpenSSL_1_1_0e
+ > git checkout OpenSSL_1_1_0g
Or
2. Download the latest OpenSSL release package from the official website:
https://www.openssl.org/source/
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index 1d15da6660..5302ad7fb5 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -95,6 +95,7 @@
$(OPENSSL_PATH)/crypto/asn1/x_algor.c
$(OPENSSL_PATH)/crypto/asn1/x_bignum.c
$(OPENSSL_PATH)/crypto/asn1/x_info.c
+ $(OPENSSL_PATH)/crypto/asn1/x_int64.c
$(OPENSSL_PATH)/crypto/asn1/x_long.c
$(OPENSSL_PATH)/crypto/asn1/x_pkey.c
$(OPENSSL_PATH)/crypto/asn1/x_sig.c
@@ -539,10 +540,11 @@
# C4389: 'operator' : signed/unsigned mismatch (xxxx)
# C4702: unreachable code
# C4706: assignment within conditional expression
+ # C4819: The file contains a character that cannot be represented in the current code page
#
- MSFT:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4389 /wd4702 /wd4706
- MSFT:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706
- MSFT:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706
+ MSFT:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4389 /wd4702 /wd4706 /wd4819
+ MSFT:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 /wd4819
+ MSFT:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 /wd4819
INTEL:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) /w
INTEL:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) /w
@@ -551,10 +553,12 @@
#
# Suppress the following build warnings in openssl so we don't break the build with -Werror
# -Werror=maybe-uninitialized: there exist some other paths for which the variable is not initialized.
+ # -Werror=format: Check calls to printf and scanf, etc., to make sure that the arguments supplied have
+ # types appropriate to the format string specified.
#
GCC:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized
- GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -DNO_MSABI_VA_FUNCS
- GCC:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized
+ GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-error=format -DNO_MSABI_VA_FUNCS
+ GCC:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-error=format
GCC:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS)
GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS)
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
index 6fc8884da4..0c7f9e9e66 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
@@ -95,6 +95,7 @@
$(OPENSSL_PATH)/crypto/asn1/x_algor.c
$(OPENSSL_PATH)/crypto/asn1/x_bignum.c
$(OPENSSL_PATH)/crypto/asn1/x_info.c
+ $(OPENSSL_PATH)/crypto/asn1/x_int64.c
$(OPENSSL_PATH)/crypto/asn1/x_long.c
$(OPENSSL_PATH)/crypto/asn1/x_pkey.c
$(OPENSSL_PATH)/crypto/asn1/x_sig.c
@@ -500,10 +501,11 @@
# C4389: 'operator' : signed/unsigned mismatch (xxxx)
# C4702: unreachable code
# C4706: assignment within conditional expression
+ # C4819: The file contains a character that cannot be represented in the current code page
#
- MSFT:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4389 /wd4702 /wd4706
- MSFT:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706
- MSFT:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706
+ MSFT:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4389 /wd4702 /wd4706 /wd4819
+ MSFT:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 /wd4819
+ MSFT:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 /wd4819
INTEL:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) /w
INTEL:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) /w
@@ -512,10 +514,12 @@
#
# Suppress the following build warnings in openssl so we don't break the build with -Werror
# -Werror=maybe-uninitialized: there exist some other paths for which the variable is not initialized.
+ # -Werror=format: Check calls to printf and scanf, etc., to make sure that the arguments supplied have
+ # types appropriate to the format string specified.
#
GCC:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized
- GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -DNO_MSABI_VA_FUNCS
- GCC:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized
+ GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-error=format -DNO_MSABI_VA_FUNCS
+ GCC:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-error=format
GCC:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS)
GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS)
diff --git a/CryptoPkg/Library/OpensslLib/buildinf.h b/CryptoPkg/Library/OpensslLib/buildinf.h
index 3d967d2a86..c5ca293c72 100644
--- a/CryptoPkg/Library/OpensslLib/buildinf.h
+++ b/CryptoPkg/Library/OpensslLib/buildinf.h
@@ -1,2 +1,2 @@
#define PLATFORM "UEFI"
-#define DATE "Tues Mar 21 01:23:45 PDT 2017"
+#define DATE "Fri Dec 22 01:23:45 PDT 2017"
--
2.15.1.windows.2
next reply other threads:[~2017-12-22 6:23 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-22 6:28 Long Qin [this message]
2017-12-25 7:14 ` [PATCH] CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0g Ye, Ting
2017-12-26 19:24 ` Ard Biesheuvel
2017-12-27 1:41 ` Long, Qin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171222062827.8076-1-qin.long@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox