From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: mx.groups.io;
 dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.88, mailfrom: jian.j.wang@intel.com)
Received: from mga01.intel.com (mga01.intel.com [192.55.52.88])
 by groups.io with SMTP; Fri, 21 Jun 2019 02:28:04 -0700
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga004.fm.intel.com ([10.253.24.48])
  by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 21 Jun 2019 02:28:03 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.63,399,1557212400"; 
   d="scan'208";a="183361469"
Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205])
  by fmsmga004.fm.intel.com with ESMTP; 21 Jun 2019 02:28:03 -0700
Received: from fmsmsx124.amr.corp.intel.com (10.18.125.39) by
 fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS)
 id 14.3.439.0; Fri, 21 Jun 2019 02:28:03 -0700
Received: from shsmsx102.ccr.corp.intel.com (10.239.4.154) by
 fmsmsx124.amr.corp.intel.com (10.18.125.39) with Microsoft SMTP Server (TLS)
 id 14.3.439.0; Fri, 21 Jun 2019 02:28:03 -0700
Received: from shsmsx107.ccr.corp.intel.com ([169.254.9.173]) by
 shsmsx102.ccr.corp.intel.com ([169.254.2.33]) with mapi id 14.03.0439.000;
 Fri, 21 Jun 2019 17:28:01 +0800
From: "Wang, Jian J" <jian.j.wang@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>, "Lu, XiaoyuX"
	<xiaoyux.lu@intel.com>, Laszlo Ersek <lersek@redhat.com>
Subject: Re: [edk2-devel] [PATCH v2 1/1] CryptoPkg/OpensslLib: disable autoload-config for OpenSSL
Thread-Topic: [edk2-devel] [PATCH v2 1/1] CryptoPkg/OpensslLib: disable
 autoload-config for OpenSSL
Thread-Index: AQHVJy0atcEZxhg9j02qSbsnHWAwA6al2NKw
Date: Fri, 21 Jun 2019 09:28:00 +0000
Message-ID: <D827630B58408649ACB04F44C51000362592ABAD@SHSMSX107.ccr.corp.intel.com>
References: <1561010113-19564-1-git-send-email-xiaoyux.lu@intel.com>
In-Reply-To: <1561010113-19564-1-git-send-email-xiaoyux.lu@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiZTdiM2Y1OWYtMTU0ZC00MGYzLWFkMDYtMDc4YzBkODRhMjFhIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiMElVanpkNzd1amN1anFZb0x3MW1nM29Db0xLRWFnZTJQTmtwdXVEWjJaQ3FLTmx6V2UyTkdiTWd2TDN2KzdRdyJ9
x-ctpclassification: CTP_NT
dlp-product: dlpe-windows
dlp-version: 11.0.600.7
dlp-reaction: no-action
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Return-Path: jian.j.wang@intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Pushed at b86fbe1f980102eee3e55eed92ac91937aee638e

Regards,
Jian


> -----Original Message-----
> From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of
> Xiaoyu Lu
> Sent: Thursday, June 20, 2019 1:55 PM
> To: devel@edk2.groups.io; Laszlo Ersek <lersek@redhat.com>; Wang, Jian J
> <jian.j.wang@intel.com>
> Cc: Lu, XiaoyuX <xiaoyux.lu@intel.com>
> Subject: [edk2-devel] [PATCH v2 1/1] CryptoPkg/OpensslLib: disable autol=
oad-
> config for OpenSSL
>=20
> Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=3D1926
>=20
> This problem was found by Rebecca Cran <rebecca@bluestop.org>.
> REF: https://edk2.groups.io/g/devel/topic/32100684
>=20
> OpenSSL will automatically load a system config file which configures
> default ssl options. In UEFI, It will cause TlsInitialize failed
> without OPENSSL_INIT_NO_LOAD_CONFIG flag. we don't use this feature,
> So disable it.
>=20
> Re-run process_files.py to generate OpensslLib[Crypto].inf files.
>=20
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Signed-off-by: Xiaoyu Lu <xiaoyux.lu@intel.com>
> Reviewed-by: Rebecca Cran <rebecca@bluestop.org>
> Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
> ---
>  CryptoPkg/Library/Include/openssl/opensslconf.h | 3 +++
>  CryptoPkg/Library/OpensslLib/process_files.pl   | 1 +
>  2 files changed, 4 insertions(+)
>=20
> diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h
> b/CryptoPkg/Library/Include/openssl/opensslconf.h
> index 07fa2d3ce280..2b4d538e92d2 100644
> --- a/CryptoPkg/Library/Include/openssl/opensslconf.h
> +++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
> @@ -115,6 +115,9 @@ extern "C" {
>  #ifndef OPENSSL_NO_AUTOERRINIT
>  # define OPENSSL_NO_AUTOERRINIT
>  #endif
> +#ifndef OPENSSL_NO_AUTOLOAD_CONFIG
> +# define OPENSSL_NO_AUTOLOAD_CONFIG
> +#endif
>  #ifndef OPENSSL_NO_CAPIENG
>  # define OPENSSL_NO_CAPIENG
>  #endif
> diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl
> b/CryptoPkg/Library/OpensslLib/process_files.pl
> index 2783ff54f95a..3e8669e30fd7 100755
> --- a/CryptoPkg/Library/OpensslLib/process_files.pl
> +++ b/CryptoPkg/Library/OpensslLib/process_files.pl
> @@ -53,6 +53,7 @@ BEGIN {
>                  "no-async",
>                  "no-autoalginit",
>                  "no-autoerrinit",
> +                "no-autoload-config",
>                  "no-bf",
>                  "no-blake2",
>                  "no-camellia",
> --
> 2.7.4
>=20
>=20
>=20