From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.43; helo=mga05.intel.com; envelope-from=ting.ye@intel.com; receiver=edk2-devel@lists.01.org Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 5C2F321CB87B0 for ; Sun, 24 Dec 2017 23:09:51 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 24 Dec 2017 23:14:44 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.45,453,1508828400"; d="scan'208";a="186896872" Received: from fmsmsx108.amr.corp.intel.com ([10.18.124.206]) by orsmga005.jf.intel.com with ESMTP; 24 Dec 2017 23:14:43 -0800 Received: from fmsmsx121.amr.corp.intel.com (10.18.125.36) by FMSMSX108.amr.corp.intel.com (10.18.124.206) with Microsoft SMTP Server (TLS) id 14.3.319.2; Sun, 24 Dec 2017 23:14:43 -0800 Received: from shsmsx151.ccr.corp.intel.com (10.239.6.50) by fmsmsx121.amr.corp.intel.com (10.18.125.36) with Microsoft SMTP Server (TLS) id 14.3.319.2; Sun, 24 Dec 2017 23:14:43 -0800 Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.213]) by SHSMSX151.ccr.corp.intel.com ([169.254.3.218]) with mapi id 14.03.0319.002; Mon, 25 Dec 2017 15:14:41 +0800 From: "Ye, Ting" To: "Long, Qin" , "edk2-devel@lists.01.org" Thread-Topic: [PATCH] CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0g Thread-Index: AQHTeu4d/67g+QmBjUaBJiDsaFoHw6NTqi6Q Date: Mon, 25 Dec 2017 07:14:41 +0000 Message-ID: References: <20171222062827.8076-1-qin.long@intel.com> In-Reply-To: <20171222062827.8076-1-qin.long@intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH] CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0g X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Dec 2017 07:09:51 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Ye Ting -----Original Message----- From: Long, Qin=20 Sent: Friday, December 22, 2017 2:28 PM To: edk2-devel@lists.01.org Cc: Ye, Ting Subject: [PATCH] CryptoPkg/OpensslLib: Update OpenSSL version to 1.1.0g Update the supported OpenSSL version to the latest 1.1.0g (02-Nov-2017). The changes includes: - Re-generate the OpensslLib[crypto].inf using process_files.pl script to reflect the openssl source changes. - Update OpenSSL-HOWTO.txt - On Visual Studio Build: adding "/wd4819" to disable one addition build warning issue, which was already fixed in OpenSSL-HEAD https://github.com/openssl/openssl/pull/4691. - On GCC Build: openssl-1.1.0g introduced one additional build warning: ...\openssl\crypto\asn1\x_int64.c:105:32: error: format '%ld' expects argument of type 'long int', but argument 3 has type 'int64_t {aka long long int}' [-Werror=3Dformat=3D] return BIO_printf(out, "%"BIO_PRI64"d\n", **(int64_t **)pval); ^ Adding "-Wno-error=3Dformat" to GCC build flag to suppress this warning= , since we have no real printf usage in BaseCryptLib, and BIO_printf() was already wrappered as the dummy implementation in CryptoPkg. Cc: Ye Ting Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Long Qin --- CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt | 10 +++++----- CryptoPkg/Library/OpensslLib/OpensslLib.inf | 14 +++++++++----- CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 14 +++++++++----- CryptoPkg/Library/OpensslLib/buildinf.h | 2 +- 4 files changed, 24 insertions(+), 16 deletions(-) diff --git a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt b/CryptoPkg/Lib= rary/OpensslLib/OpenSSL-HOWTO.txt index e8b0bab010..d152138129 100644 --- a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt +++ b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt @@ -18,7 +18,7 @@ on the cryptography. OpenSSL-Version =3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D EDKII supports building with the latest release of OpenSSL. - The latest official release is OpenSSL-1.1.0e (Released at 2017-Feb-16). + The latest official release is OpenSSL-1.1.0g (Released at 2017-Nov-02). NOTE: Only latest release version was fully validated. And no guarantees on build & functionality if using other versions= . =20 @@ -28,13 +28,13 @@ on the cryptography. 1. Clone the latest official OpenSSL release into the directory CryptoPkg/Library/OpensslLib/openssl/ =20 - Use OpenSSL-1.1.0e release as one example: - (OpenSSL_1_1_0e below is the tag name for the OpenSSL-1.1.0e release) + Use OpenSSL-1.1.0g release as one example: + (OpenSSL_1_1_0g below is the tag name for the OpenSSL-1.1.0g=20 + release) > cd CryptoPkg/Library/OpensslLib - > git clone -b OpenSSL_1_1_0e https://github.com/openssl/openssl open= ssl + > git clone -b OpenSSL_1_1_0g https://github.com/openssl/openssl=20 + openssl or > git clone https://github.com/openssl/openssl openssl - > git checkout OpenSSL_1_1_0e + > git checkout OpenSSL_1_1_0g Or 2. Download the latest OpenSSL release package from the official website: https://www.openssl.org/source/ diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Librar= y/OpensslLib/OpensslLib.inf index 1d15da6660..5302ad7fb5 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf @@ -95,6 +95,7 @@ $(OPENSSL_PATH)/crypto/asn1/x_algor.c $(OPENSSL_PATH)/crypto/asn1/x_bignum.c $(OPENSSL_PATH)/crypto/asn1/x_info.c + $(OPENSSL_PATH)/crypto/asn1/x_int64.c $(OPENSSL_PATH)/crypto/asn1/x_long.c $(OPENSSL_PATH)/crypto/asn1/x_pkey.c $(OPENSSL_PATH)/crypto/asn1/x_sig.c @@ -539,10 +540,11 @@ # C4389: 'operator' : signed/unsigned mismatch (xxxx) # C4702: unreachable code # C4706: assignment within conditional expression + # C4819: The file contains a character that cannot be represented in t= he current code page # - MSFT:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) /wd4090 /wd4244 /wd4245 /wd4267 /wd4389 /wd4702 /wd4706 - MSFT:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 - MSFT:*_*_IPF_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 + MSFT:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) /wd4090 /wd4244 /wd4245 /wd4267 /wd4389 /wd4702 /wd4706 /wd4819 + MSFT:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 /wd4819 + MSFT:*_*_IPF_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 /wd4819 =20 INTEL:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) /w INTEL:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) /w @@ -551,10 +553,12 @@ # # Suppress the following build warnings in openssl so we don't break the= build with -Werror # -Werror=3Dmaybe-uninitialized: there exist some other paths for whic= h the variable is not initialized. + # -Werror=3Dformat: Check calls to printf and scanf, etc., to make sur= e that the arguments supplied have + # types appropriate to the format string specified. # GCC:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-err= or=3Dmaybe-uninitialized - GCC:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-err= or=3Dmaybe-uninitialized -DNO_MSABI_VA_FUNCS - GCC:*_*_IPF_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-err= or=3Dmaybe-uninitialized + GCC:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-err= or=3Dmaybe-uninitialized -Wno-error=3Dformat -DNO_MSABI_VA_FUNCS + GCC:*_*_IPF_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-err= or=3Dmaybe-uninitialized -Wno-error=3Dformat GCC:*_*_ARM_CC_FLAGS =3D $(OPENSSL_FLAGS) GCC:*_*_AARCH64_CC_FLAGS =3D $(OPENSSL_FLAGS) =20 diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/= Library/OpensslLib/OpensslLibCrypto.inf index 6fc8884da4..0c7f9e9e66 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf @@ -95,6 +95,7 @@ $(OPENSSL_PATH)/crypto/asn1/x_algor.c $(OPENSSL_PATH)/crypto/asn1/x_bignum.c $(OPENSSL_PATH)/crypto/asn1/x_info.c + $(OPENSSL_PATH)/crypto/asn1/x_int64.c $(OPENSSL_PATH)/crypto/asn1/x_long.c $(OPENSSL_PATH)/crypto/asn1/x_pkey.c $(OPENSSL_PATH)/crypto/asn1/x_sig.c @@ -500,10 +501,11 @@ # C4389: 'operator' : signed/unsigned mismatch (xxxx) # C4702: unreachable code # C4706: assignment within conditional expression + # C4819: The file contains a character that cannot be represented in t= he current code page # - MSFT:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) /wd4090 /wd4244 /wd4245 /wd4267 /wd4389 /wd4702 /wd4706 - MSFT:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 - MSFT:*_*_IPF_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 + MSFT:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) /wd4090 /wd4244 /wd4245 /wd4267 /wd4389 /wd4702 /wd4706 /wd4819 + MSFT:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 /wd4819 + MSFT:*_*_IPF_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 /wd4819 =20 INTEL:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) /w INTEL:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) /w @@ -512,10 +514,12 @@ # # Suppress the following build warnings in openssl so we don't break the= build with -Werror # -Werror=3Dmaybe-uninitialized: there exist some other paths for whic= h the variable is not initialized. + # -Werror=3Dformat: Check calls to printf and scanf, etc., to make sur= e that the arguments supplied have + # types appropriate to the format string specified. # GCC:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-err= or=3Dmaybe-uninitialized - GCC:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-err= or=3Dmaybe-uninitialized -DNO_MSABI_VA_FUNCS - GCC:*_*_IPF_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-err= or=3Dmaybe-uninitialized + GCC:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-err= or=3Dmaybe-uninitialized -Wno-error=3Dformat -DNO_MSABI_VA_FUNCS + GCC:*_*_IPF_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-err= or=3Dmaybe-uninitialized -Wno-error=3Dformat GCC:*_*_ARM_CC_FLAGS =3D $(OPENSSL_FLAGS) GCC:*_*_AARCH64_CC_FLAGS =3D $(OPENSSL_FLAGS) =20 diff --git a/CryptoPkg/Library/OpensslLib/buildinf.h b/CryptoPkg/Library/Op= ensslLib/buildinf.h index 3d967d2a86..c5ca293c72 100644 --- a/CryptoPkg/Library/OpensslLib/buildinf.h +++ b/CryptoPkg/Library/OpensslLib/buildinf.h @@ -1,2 +1,2 @@ #define PLATFORM "UEFI" -#define DATE "Tues Mar 21 01:23:45 PDT 2017" +#define DATE "Fri Dec 22 01:23:45 PDT 2017" -- 2.15.1.windows.2