summaryrefslogtreecommitdiff
path: root/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8zf.patch
diff options
context:
space:
mode:
Diffstat (limited to 'CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8zf.patch')
-rw-r--r--CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8zf.patch279
1 files changed, 279 insertions, 0 deletions
diff --git a/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8zf.patch b/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8zf.patch
new file mode 100644
index 0000000000..4abe62c52e
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8zf.patch
@@ -0,0 +1,279 @@
+Index: crypto/bio/bss_file.c
+===================================================================
+--- crypto/bio/bss_file.c (revision 1)
++++ crypto/bio/bss_file.c (working copy)
+@@ -418,6 +418,23 @@
+ return (ret);
+ }
+
++#else
++
++BIO_METHOD *BIO_s_file(void)
++{
++ return NULL;
++}
++
++BIO *BIO_new_file(const char *filename, const char *mode)
++{
++ return NULL;
++}
++
++BIO *BIO_new_fp(FILE *stream, int close_flag)
++{
++ return NULL;
++}
++
+ # endif /* OPENSSL_NO_STDIO */
+
+ #endif /* HEADER_BSS_FILE_C */
+Index: crypto/crypto.h
+===================================================================
+--- crypto/crypto.h (revision 1)
++++ crypto/crypto.h (working copy)
+@@ -239,15 +239,15 @@
+ # ifndef OPENSSL_NO_LOCKING
+ # ifndef CRYPTO_w_lock
+ # define CRYPTO_w_lock(type) \
+- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
++ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,NULL,0)
+ # define CRYPTO_w_unlock(type) \
+- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
++ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,NULL,0)
+ # define CRYPTO_r_lock(type) \
+- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
++ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,NULL,0)
+ # define CRYPTO_r_unlock(type) \
+- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
++ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,NULL,0)
+ # define CRYPTO_add(addr,amount,type) \
+- CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
++ CRYPTO_add_lock(addr,amount,type,NULL,0)
+ # endif
+ # else
+ # define CRYPTO_w_lock(a)
+@@ -374,19 +374,19 @@
+ # define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)
+ # define is_MemCheck_on() CRYPTO_is_mem_check_on()
+
+-# define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__)
+-# define OPENSSL_strdup(str) CRYPTO_strdup((str),__FILE__,__LINE__)
++# define OPENSSL_malloc(num) CRYPTO_malloc((int)num,NULL,0)
++# define OPENSSL_strdup(str) CRYPTO_strdup((str),NULL,0)
+ # define OPENSSL_realloc(addr,num) \
+- CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)
++ CRYPTO_realloc((char *)addr,(int)num,NULL,0)
+ # define OPENSSL_realloc_clean(addr,old_num,num) \
+- CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__)
++ CRYPTO_realloc_clean(addr,old_num,num,NULL,0)
+ # define OPENSSL_remalloc(addr,num) \
+- CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)
++ CRYPTO_remalloc((char **)addr,(int)num,NULL,0)
+ # define OPENSSL_freeFunc CRYPTO_free
+ # define OPENSSL_free(addr) CRYPTO_free(addr)
+
+ # define OPENSSL_malloc_locked(num) \
+- CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)
++ CRYPTO_malloc_locked((int)num,NULL,0)
+ # define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
+
+ const char *SSLeay_version(int type);
+@@ -531,7 +531,7 @@
+ long CRYPTO_get_mem_debug_options(void);
+
+ # define CRYPTO_push_info(info) \
+- CRYPTO_push_info_(info, __FILE__, __LINE__);
++ CRYPTO_push_info_(info, NULL, 0);
+ int CRYPTO_push_info_(const char *info, const char *file, int line);
+ int CRYPTO_pop_info(void);
+ int CRYPTO_remove_all_info(void);
+@@ -578,7 +578,7 @@
+
+ /* die if we have to */
+ void OpenSSLDie(const char *file, int line, const char *assertion);
+-# define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1))
++# define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(NULL, 0, #e),1))
+
+ unsigned long *OPENSSL_ia32cap_loc(void);
+ # define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
+@@ -585,10 +585,10 @@
+ int OPENSSL_isservice(void);
+
+ # ifdef OPENSSL_FIPS
+-# define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \
++# define FIPS_ERROR_IGNORED(alg) OpenSSLDie(NULL, 0, \
+ alg " previous FIPS forbidden algorithm error ignored");
+
+-# define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \
++# define FIPS_BAD_ABORT(alg) OpenSSLDie(NULL, 0, \
+ #alg " Algorithm forbidden in FIPS mode");
+
+ # ifdef OPENSSL_FIPS_STRICT
+Index: crypto/err/err.c
+===================================================================
+--- crypto/err/err.c (revision 1)
++++ crypto/err/err.c (working copy)
+@@ -321,7 +321,12 @@
+ es->err_data_flags[i] = flags;
+ }
+
++/* Add EFIAPI for UEFI version. */
++#if defined(OPENSSL_SYS_UEFI)
++void EFIAPI ERR_add_error_data(int num, ...)
++#else
+ void ERR_add_error_data(int num, ...)
++#endif
+ {
+ va_list args;
+ int i, n, s;
+Index: crypto/err/err.h
+===================================================================
+--- crypto/err/err.h (revision 1)
++++ crypto/err/err.h (working copy)
+@@ -285,7 +285,13 @@
+ # endif
+ # ifndef OPENSSL_NO_BIO
+ void ERR_print_errors(BIO *bp);
++
++/* Add EFIAPI for UEFI version. */
++#if defined(OPENSSL_SYS_UEFI)
++void EFIAPI ERR_add_error_data(int num, ...);
++#else
+ void ERR_add_error_data(int num, ...);
++#endif
+ # endif
+ void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
+ void ERR_unload_strings(int lib, ERR_STRING_DATA str[]);
+Index: crypto/opensslconf.h
+===================================================================
+--- crypto/opensslconf.h (revision 1)
++++ crypto/opensslconf.h (working copy)
+@@ -162,6 +162,9 @@
+ /* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
++
++/* Bypass following definition for UEFI version. */
++#if !defined(OPENSSL_SYS_UEFI)
+ #undef SIXTY_FOUR_BIT_LONG
+ #undef SIXTY_FOUR_BIT
+ #define THIRTY_TWO_BIT
+@@ -169,6 +172,8 @@
+ #undef EIGHT_BIT
+ #endif
+
++#endif
++
+ #if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+ #define CONFIG_HEADER_RC4_LOCL_H
+ /* if this is defined data[i] is used instead of *data, this is a %20
+Index: crypto/pkcs7/pk7_smime.c
+===================================================================
+--- crypto/pkcs7/pk7_smime.c (revision 1)
++++ crypto/pkcs7/pk7_smime.c (working copy)
+@@ -90,7 +90,14 @@
+ if (!PKCS7_content_new(p7, NID_pkcs7_data))
+ goto err;
+
++#if defined(OPENSSL_SYS_UEFI)
++ /*
++ * NOTE: Update to SHA-256 digest algorithm for UEFI version.
++ */
++ if (!(si = PKCS7_add_signature(p7, signcert, pkey, EVP_sha256()))) {
++#else
+ if (!(si = PKCS7_add_signature(p7, signcert, pkey, EVP_sha1()))) {
++#endif
+ PKCS7err(PKCS7_F_PKCS7_SIGN, PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
+ goto err;
+ }
+@@ -175,7 +182,8 @@
+ STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
+ PKCS7_SIGNER_INFO *si;
+ X509_STORE_CTX cert_ctx;
+- char buf[4096];
++ char *buf = NULL;
++ int bufsiz;
+ int i, j = 0, k, ret = 0;
+ BIO *p7bio;
+ BIO *tmpin, *tmpout;
+@@ -286,6 +294,12 @@
+ } else
+ tmpout = out;
+
++ bufsiz = 4096;
++ buf = OPENSSL_malloc (bufsiz);
++ if (buf == NULL) {
++ goto err;
++ }
++
+ /* We now have to 'read' from p7bio to calculate digests etc. */
+ for (;;) {
+ i = BIO_read(p7bio, buf, sizeof(buf));
+@@ -328,6 +342,10 @@
+
+ sk_X509_free(signers);
+
++ if (buf != NULL) {
++ OPENSSL_free (buf);
++ }
++
+ return ret;
+ }
+
+Index: crypto/rand/rand_egd.c
+===================================================================
+--- crypto/rand/rand_egd.c (revision 1)
++++ crypto/rand/rand_egd.c (working copy)
+@@ -95,7 +95,7 @@
+ * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
+ */
+
+-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS)
++#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI)
+ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
+ {
+ return (-1);
+Index: crypto/rand/rand_unix.c
+===================================================================
+--- crypto/rand/rand_unix.c (revision 1)
++++ crypto/rand/rand_unix.c (working copy)
+@@ -116,7 +116,7 @@
+ #include <openssl/rand.h>
+ #include "rand_lcl.h"
+
+-#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))
++#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_UEFI))
+
+ # include <sys/types.h>
+ # include <sys/time.h>
+@@ -332,7 +332,7 @@
+ * defined(OPENSSL_SYS_VXWORKS) ||
+ * defined(OPENSSL_SYS_NETWARE)) */
+
+-#if defined(OPENSSL_SYS_VXWORKS)
++#if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)
+ int RAND_poll(void)
+ {
+ return 0;
+Index: crypto/x509/x509_vfy.c
+===================================================================
+--- crypto/x509/x509_vfy.c (revision 1)
++++ crypto/x509/x509_vfy.c (working copy)
+@@ -871,6 +871,10 @@
+
+ static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)
+ {
++#if defined(OPENSSL_SYS_UEFI)
++ /* Bypass Certificate Time Checking for UEFI version. */
++ return 1;
++#else
+ time_t *ptime;
+ int i;
+
+@@ -910,6 +914,7 @@
+ }
+
+ return 1;
++#endif
+ }
+
+ static int internal_verify(X509_STORE_CTX *ctx)