From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: mx.groups.io;
 dkim=missing; spf=pass (domain: redhat.com, ip: 209.132.183.28, mailfrom: lersek@redhat.com)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
 by groups.io with SMTP; Tue, 11 Jun 2019 03:08:46 -0700
Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 89B3B87633;
	Tue, 11 Jun 2019 10:08:37 +0000 (UTC)
Received: from lacos-laptop-7.usersys.redhat.com (ovpn-117-206.ams2.redhat.com [10.36.117.206])
	by smtp.corp.redhat.com (Postfix) with ESMTP id A7FC519C70;
	Tue, 11 Jun 2019 10:08:35 +0000 (UTC)
Subject: Re: [edk2-devel] EDK II Stable Tag release edk2-stable201905 completed
To: Leif Lindholm <leif.lindholm@linaro.org>,
 "Gao, Liming" <liming.gao@intel.com>
Cc: "devel@edk2.groups.io" <devel@edk2.groups.io>,
 "sssky307@163.com" <sssky307@163.com>,
 "'announce@edk2.groups.io'" <announce@edk2.groups.io>,
 "Kinney, Michael D" <michael.d.kinney@intel.com>,
 "afish@apple.com" <afish@apple.com>
References: <4A89E2EF3DFEDB4C8BFDE51014F606A14E46CD3D@SHSMSX104.ccr.corp.intel.com>
 <7606aa6e.d162.16b40a3cb45.Coremail.sssky307@163.com>
 <4A89E2EF3DFEDB4C8BFDE51014F606A14E46DF7E@SHSMSX104.ccr.corp.intel.com>
 <20190610140014.botd5fxrrrrus4a5@bivouac.eciton.net>
From: "Laszlo Ersek" <lersek@redhat.com>
Message-ID: <cdb95f70-d8b9-2858-d984-99266894c6f1@redhat.com>
Date: Tue, 11 Jun 2019 12:08:34 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <20190610140014.botd5fxrrrrus4a5@bivouac.eciton.net>
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Tue, 11 Jun 2019 10:08:37 +0000 (UTC)
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit

On 06/10/19 16:00, Leif Lindholm wrote:
> On Mon, Jun 10, 2019 at 01:50:43PM +0000, Gao, Liming wrote:
>> edk2 submodule are from github openssl and berkeley-softfloat-3. If you can access edk2, you can also access them. Why you system redirect github openssl to boringssl?
>>
>> * [CryptoPkg/Library/OpensslLib/openssl](https://github.com/openssl/openssl/blob/50eaac9f3337667259de725451f201e784599687/LICENSE)
>> * [ArmPkg/Library/ArmSoftFloatLib/berkeley-softfloat-3](https://github.com/ucb-bar/berkeley-softfloat-3/blob/b64af41c3276f97f0e181920400ee056b9c88037/COPYING.txt)
> 
> Argh, no. OpenSSL has boringssl as a git submodule.
> 
> edk2/CryptoPkg/Library/OpensslLib/openssl$ cat .gitmodules
> [submodule "boringssl"]
>         path = boringssl
>         url = https://boringssl.googlesource.com/boringssl
> ...
> 

That's right, but it shouldn't matter. In edk2, I always use

$ git submodule update --init --force

and I never pass the "--recursive" flag. This is also how I tested the
upgrade to OpenSSL-1.1.1b, before edk2-stable201905 was tagged. The
boringssl sub-sub-module is not needed for edk2's purposes.

We might want to drop "--recursive" from "OpenSSL-HOWTO.txt", instead.

Thanks
Laszlo