Upgrade openssl version to 0.98w.

Signed-off by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13289 6f19259b-4bc3-4df7-8a09-765794883524
author: tye1 <tye1@6f19259b-4bc3-4df7-8a09-765794883524> 2012-05-07 10:29:58 +0000
committer: tye1 <tye1@6f19259b-4bc3-4df7-8a09-765794883524> 2012-05-07 10:29:58 +0000
commit: 5359174326a48e8392457e43484da84361cf7560 (patch)
tree: d4023cdf725613d6d93624321877c62ee33fb795 /CryptoPkg/Library
parent: 7c9fbd79d1fc8b817acb72c61cc19605d2f24907 (diff)
download: edk2-platforms-5359174326a48e8392457e43484da84361cf7560.tar.xz
5 files changed, 56 insertions, 41 deletions
diff --git a/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8l.patch b/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch
index d14b08e770..3b312482ee 100644
--- a/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8l.patch
+++ b/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch
@@ -1,6 +1,8 @@
---- crypto/bio/bss_file.c	Thu Jan 15 17:14:12 1970
-+++ crypto/bio/bss_file.c	Thu Jan 15 17:14:12 1970
-@@ -421,6 +421,23 @@
+Index: crypto/bio/bss_file.c
+===================================================================
+--- crypto/bio/bss_file.c	(revision 1)
++++ crypto/bio/bss_file.c	(working copy)
+@@ -428,6 +428,23 @@
  	return(ret);
  	}
  
@@ -24,8 +26,10 @@
  #endif /* OPENSSL_NO_STDIO */
  
  #endif /* HEADER_BSS_FILE_C */
---- crypto/err/err.c
-+++ crypto/err/err.c
+Index: crypto/err/err.c
+===================================================================
+--- crypto/err/err.c	(revision 1)
++++ crypto/err/err.c	(working copy)
 @@ -313,7 +313,12 @@
  	es->err_data_flags[i]=flags;
  	}
@@ -39,8 +43,10 @@
  	{
  	va_list args;
  	int i,n,s;
---- crypto/err/err.h
-+++ crypto/err/err.h
+Index: crypto/err/err.h
+===================================================================
+--- crypto/err/err.h	(revision 1)
++++ crypto/err/err.h	(working copy)
 @@ -286,8 +286,14 @@
  #endif
  #ifndef OPENSSL_NO_BIO
@@ -56,8 +62,10 @@
  void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
  void ERR_unload_strings(int lib,ERR_STRING_DATA str[]);
  void ERR_load_ERR_strings(void);
---- crypto/opensslconf.h
-+++ crypto/opensslconf.h
+Index: crypto/opensslconf.h
+===================================================================
+--- crypto/opensslconf.h	(revision 1)
++++ crypto/opensslconf.h	(working copy)
 @@ -162,6 +162,9 @@
  /* The prime number generation stuff may not work when
   * EIGHT_BIT but I don't care since I've only used this mode
@@ -77,8 +85,10 @@
  #if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
  #define CONFIG_HEADER_RC4_LOCL_H
  /* if this is defined data[i] is used instead of *data, this is a %20
---- crypto/pkcs7/pk7_smime.c	2009-03-15 21:36:02.000000000 +0800
-+++ crypto/pkcs7/pk7_smime.c	2011-09-13 14:11:36.019454700 +0800
+Index: crypto/pkcs7/pk7_smime.c
+===================================================================
+--- crypto/pkcs7/pk7_smime.c	(revision 1)
++++ crypto/pkcs7/pk7_smime.c	(working copy)
 @@ -88,7 +88,10 @@
  	if (!PKCS7_content_new(p7, NID_pkcs7_data))
  		goto err;
@@ -91,8 +101,10 @@
  		PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
  		goto err;
  	}
---- crypto/rand/rand_egd.c	Thu Jan 15 17:14:12 1970
-+++ crypto/rand/rand_egd.c	Thu Jan 15 17:14:12 1970
+Index: crypto/rand/rand_egd.c
+===================================================================
+--- crypto/rand/rand_egd.c	(revision 1)
++++ crypto/rand/rand_egd.c	(working copy)
 @@ -95,7 +95,7 @@
   *   RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
   */
@@ -102,8 +114,10 @@
  int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
  	{
  	return(-1);
---- crypto/rand/rand_unix.c	Thu Jan 15 17:14:12 1970
-+++ crypto/rand/rand_unix.c	Thu Jan 15 17:14:12 1970
+Index: crypto/rand/rand_unix.c
+===================================================================
+--- crypto/rand/rand_unix.c	(revision 1)
++++ crypto/rand/rand_unix.c	(working copy)
 @@ -116,7 +116,7 @@
  #include <openssl/rand.h>
  #include "rand_lcl.h"
@@ -122,14 +136,15 @@
  int RAND_poll(void)
  	{
  	return 0;
---- crypto/x509/x509_vfy.c	Thu Jan 15 17:14:12 1970
-+++ crypto/x509/x509_vfy.c	Thu Jan 15 17:14:12 1970
-@@ -391,7 +391,12 @@
+Index: crypto/x509/x509_vfy.c
+===================================================================
+--- crypto/x509/x509_vfy.c	(revision 1)
++++ crypto/x509/x509_vfy.c	(working copy)
+@@ -386,7 +386,11 @@
  
  static int check_chain_extensions(X509_STORE_CTX *ctx)
  {
 -#ifdef OPENSSL_NO_CHAIN_VERIFY
-+//#ifdef OPENSSL_NO_CHAIN_VERIFY
 +#if defined(OPENSSL_NO_CHAIN_VERIFY) || defined(OPENSSL_SYS_UEFI)
 +  /* 
 +    NOTE: Bypass KU Flags Checking for UEFI version. There are incorrect KU flag setting
@@ -138,7 +153,7 @@
  	return 1;
  #else
  	int i, ok=0, must_be_ca, plen = 0;
-@@ -904,6 +909,10 @@
+@@ -899,6 +903,10 @@
  
  static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)
  	{
@@ -149,11 +164,11 @@
  	time_t *ptime;
  	int i;
  
-@@ -947,6 +956,7 @@
+@@ -942,6 +950,7 @@
  		}
  
  	return 1;
-+#endif  
++#endif	
  	}
  
  static int internal_verify(X509_STORE_CTX *ctx)
diff --git a/CryptoPkg/Library/OpensslLib/Install.cmd b/CryptoPkg/Library/OpensslLib/Install.cmd
index 8dd91c0ab1..a2a88e44e5 100644
--- a/CryptoPkg/Library/OpensslLib/Install.cmd
+++ b/CryptoPkg/Library/OpensslLib/Install.cmd
@@ -1,4 +1,4 @@
-cd openssl-0.9.8l
+cd openssl-0.9.8w
 copy e_os2.h              ..\..\..\Include\openssl
 copy crypto\crypto.h  ..\..\..\Include\openssl
 copy crypto\tmdiff.h  ..\..\..\Include\openssl
diff --git a/CryptoPkg/Library/OpensslLib/Install.sh b/CryptoPkg/Library/OpensslLib/Install.sh
index 43b6cb4946..fa910b2d7d 100644
--- a/CryptoPkg/Library/OpensslLib/Install.sh
+++ b/CryptoPkg/Library/OpensslLib/Install.sh
@@ -1,6 +1,6 @@
 #!/bin/sh
 
-cd openssl-0.9.8l
+cd openssl-0.9.8w
 cp e_os2.h ../../../Include/openssl
 cp crypto/crypto.h ../../../Include/openssl
 cp crypto/tmdiff.h ../../../Include/openssl
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index 2034457367..e8bec20fb3 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -1,7 +1,7 @@
 ## @file
 # OpenSSL Library implementation.
 # 
-#  Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>
+#  Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD License
 #  which accompanies this distribution.  The full text of the license may be found at
@@ -19,7 +19,7 @@
   MODULE_TYPE                    = BASE
   VERSION_STRING                 = 1.0
   LIBRARY_CLASS                  = OpensslLib
-  DEFINE OPENSSL_PATH            = openssl-0.9.8l
+  DEFINE OPENSSL_PATH            = openssl-0.9.8w
   DEFINE OPENSSL_FLAGS           = -DOPENSSL_SYSNAME_UWIN -DOPENSSL_SYS_UEFI -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_SEED -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SOCK -DOPENSSL_NO_CMS -DOPENSSL_NO_JPAKE -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_ERR -DOPENSSL_NO_KRB5 -DOPENSSL_NO_DYNAMIC_ENGINE -DGETPID_IS_MEANINGLESS -DOPENSSL_NO_STDIO -DOPENSSL_NO_FP_API -DOPENSSL_NO_DGRAM -DOPENSSL_NO_ASM
   DEFINE OPENSSL_EXFLAGS         = -DOPENSSL_SMALL_FOOTPRINT -DOPENSSL_NO_SHA0 -DOPENSSL_NO_SHA512 -DOPENSSL_NO_LHASH -DOPENSSL_NO_HW -DOPENSSL_NO_OCSP -DOPENSSL_NO_LOCKING -DOPENSSL_NO_DEPRECATED
   
diff --git a/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt b/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt
index c35f88d55e..7641da8e4a 100644
--- a/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt
+++ b/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt
@@ -17,45 +17,45 @@ cryptography. This patch will enable openssl building under UEFI environment.
 ================================================================================
                                 OpenSSL-Version
 ================================================================================
-  Current supported OpenSSL version for UEFI Crypto Library is 0.9.8l.
-    http://www.openssl.org/source/openssl-0.9.8l.tar.gz
+  Current supported OpenSSL version for UEFI Crypto Library is 0.9.8w.
+    http://www.openssl.org/source/openssl-0.9.8w.tar.gz
 
 
 ================================================================================
                       HOW to Install Openssl for UEFI Building
 ================================================================================
-1.  Download OpenSSL 0.9.8l from official website:
-   	http://www.openssl.org/source/openssl-0.9.8l.tar.gz
+1.  Download OpenSSL 0.9.8w from official website:
+   	http://www.openssl.org/source/openssl-0.9.8w.tar.gz
 
-    NOTE: Some web browsers may rename the downloaded TAR file to openssl-0.9.8l.tar.tar.
-          When you do the download, rename the "openssl-0.9.8l.tar.tar" to
-          "openssl-0.9.8l.tar.gz" or rename the local downloaded file with ".tar.tar"
+    NOTE: Some web browsers may rename the downloaded TAR file to openssl-0.9.8w.tar.tar.
+          When you do the download, rename the "openssl-0.9.8w.tar.tar" to
+          "openssl-0.9.8w.tar.gz" or rename the local downloaded file with ".tar.tar"
           extension to ".tar.gz".
 
-2.  Extract TAR into CryptoPkg/Library/OpenSslLib/openssl-0.9.8l
+2.  Extract TAR into CryptoPkg/Library/OpenSslLib/openssl-0.9.8w
 
     NOTE: If you use WinZip to unpack the openssl source in Windows, please 
           uncheck the WinZip smart CR/LF conversion option (WINZIP: Options --> 
           Configuration --> Miscellaneous --> "TAR file smart CR/LF conversion").
   
-3.  Apply this patch: EDKII_openssl-0.9.8l.patch, and make installation
+3.  Apply this patch: EDKII_openssl-0.9.8w.patch, and make installation
 
     For Windows Environment:
     ------------------------
     1) Make sure the patch utility has been installed in your machine.
        Install Cygwin or get the patch utility binary from 
           http://gnuwin32.sourceforge.net/packages/patch.htm
-    2) cd $(WORKSPACE)\CryptoPkg\Library\OpensslLib\openssl-0.9.8l
-    3) patch -p0 -i ..\EDKII_openssl-0.9.8l.patch
+    2) cd $(WORKSPACE)\CryptoPkg\Library\OpensslLib\openssl-0.9.8w
+    3) patch -p0 -i ..\EDKII_openssl-0.9.8w.patch
     4) cd ..
-    5) install.cmd
+    5) Install.cmd
 
     For Linux* Environment:
     -----------------------
     1) Make sure the patch utility has been installed in your machine.
        Patch utility is available from http://directory.fsf.org/project/patch/
-    2) cd $(WORKSPACE)/CryptoPkg/Library/OpensslLib/openssl-0.9.8l
-    3) patch -p0 -i ../EDKII_openssl-0.9.8l.patch
+    2) cd $(WORKSPACE)/CryptoPkg/Library/OpensslLib/openssl-0.9.8w
+    3) patch -p0 -i ../EDKII_openssl-0.9.8w.patch
     4) cd ..
-    5) ./install.sh
+    5) ./Install.sh
author	tye1 <tye1@6f19259b-4bc3-4df7-8a09-765794883524>	2012-05-07 10:29:58 +0000
committer	tye1 <tye1@6f19259b-4bc3-4df7-8a09-765794883524>	2012-05-07 10:29:58 +0000
commit	5359174326a48e8392457e43484da84361cf7560 (patch)
tree	d4023cdf725613d6d93624321877c62ee33fb795 /CryptoPkg/Library
parent	7c9fbd79d1fc8b817acb72c61cc19605d2f24907 (diff)
download	edk2-platforms-5359174326a48e8392457e43484da84361cf7560.tar.xz