CryptoPkg/OpensslLib: Regenerate OpenSSL patch

All the OpenSSL changes we carry in our EDKII_openssl patch for 1.0.2
are now merged into upstream OpenSSL and will be in the upcoming 1.1
release.

As a first step towards switching out our original hacks for backported
versions of the commits which were actually accepted into OpenSSL 1.1,
just regenerate the *existing* patch against the 1.0.2f release using
'git diff'.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>
Tested-by: Qin Long <qin.long@intel.com>

diff --git a/CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2f.patch b/CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2f.patch
index 541ef45a5636f9f77651fa87880fc73ba50af27a..edd2425b11a22a94dae160a9894ce252d48db8e4 100644 (file)
--- a/CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2f.patch
+++ b/CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2f.patch
@@ -1,7 +1,8 @@
-diff U3 crypto/bio/bio.h crypto/bio/bio.h\r
---- crypto/bio/bio.h   Thu Jan 28 21:56:08 2016\r
-+++ crypto/bio/bio.h   Wed Feb 17 16:43:40 2016\r
-@@ -650,10 +650,10 @@\r
+diff --git a/crypto/bio/bio.h b/crypto/bio/bio.h\r
+index 6e2293b..325e5d2 100644\r
+--- a/crypto/bio/bio.h\r
++++ b/crypto/bio/bio.h\r
+@@ -650,10 +650,10 @@ int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,\r

  int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,\r
                          asn1_ps_func **psuffix_free);\r
  \r
  int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,\r
                          asn1_ps_func **psuffix_free);\r
  \r


@@ -13,10 +14,11 @@ diff U3 crypto/bio/bio.h crypto/bio/bio.h
  #  define BIO_s_file_internal    BIO_s_file\r
  # endif\r
  BIO *BIO_new(BIO_METHOD *type);\r
  #  define BIO_s_file_internal    BIO_s_file\r
  # endif\r
  BIO *BIO_new(BIO_METHOD *type);\r

-diff U3 crypto/bio/bss_file.c crypto/bio/bss_file.c\r
---- crypto/bio/bss_file.c      Thu Jan 28 21:38:30 2016\r
-+++ crypto/bio/bss_file.c      Wed Feb 17 16:01:02 2016\r
-@@ -467,6 +467,23 @@\r
+diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c\r
+index bfba93e..4f13d1b 100644\r
+--- a/crypto/bio/bss_file.c\r
++++ b/crypto/bio/bss_file.c\r
+@@ -467,6 +467,23 @@ static int MS_CALLBACK file_puts(BIO *bp, const char *str)\r

      return (ret);\r
  }\r
  \r
      return (ret);\r
  }\r
  \r


@@ -40,10 +42,97 @@ diff U3 crypto/bio/bss_file.c crypto/bio/bss_file.c
  # endif                         /* OPENSSL_NO_STDIO */\r
  \r
  #endif                          /* HEADER_BSS_FILE_C */\r
  # endif                         /* OPENSSL_NO_STDIO */\r
  \r
  #endif                          /* HEADER_BSS_FILE_C */\r

-diff U3 crypto/dh/dh_pmeth.c crypto/dh/dh_pmeth.c\r
---- crypto/dh/dh_pmeth.c       Thu Jan 28 21:56:08 2016\r
-+++ crypto/dh/dh_pmeth.c       Wed Feb 17 16:15:58 2016\r
-@@ -449,6 +449,9 @@\r
+diff --git a/crypto/crypto.h b/crypto/crypto.h\r
+index c450d7a..d6e804e 100644\r
+--- a/crypto/crypto.h\r
++++ b/crypto/crypto.h\r
+@@ -235,15 +235,15 @@ typedef struct openssl_item_st {\r
+ # ifndef OPENSSL_NO_LOCKING\r
+ #  ifndef CRYPTO_w_lock\r
+ #   define CRYPTO_w_lock(type)     \\r
+-        CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)\r
++        CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,NULL,0)\r
+ #   define CRYPTO_w_unlock(type)   \\r
+-        CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)\r
++        CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,NULL,0)\r
+ #   define CRYPTO_r_lock(type)     \\r
+-        CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)\r
++        CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,NULL,0)\r
+ #   define CRYPTO_r_unlock(type)   \\r
+-        CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)\r
++        CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,NULL,0)\r
+ #   define CRYPTO_add(addr,amount,type)    \\r
+-        CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)\r
++        CRYPTO_add_lock(addr,amount,type,NULL,0)\r
+ #  endif\r
+ # else\r
+ #  define CRYPTO_w_lock(a)\r
+@@ -378,19 +378,19 @@ int CRYPTO_is_mem_check_on(void);\r
+ # define MemCheck_off()  CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)\r
+ # define is_MemCheck_on() CRYPTO_is_mem_check_on()\r
+ \r
+-# define OPENSSL_malloc(num)     CRYPTO_malloc((int)num,__FILE__,__LINE__)\r
+-# define OPENSSL_strdup(str)     CRYPTO_strdup((str),__FILE__,__LINE__)\r
++# define OPENSSL_malloc(num)     CRYPTO_malloc((int)num,NULL,0)\r
++# define OPENSSL_strdup(str)     CRYPTO_strdup((str),NULL,0)\r
+ # define OPENSSL_realloc(addr,num) \\r
+-        CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)\r
++        CRYPTO_realloc((char *)addr,(int)num,NULL,0)\r
+ # define OPENSSL_realloc_clean(addr,old_num,num) \\r
+-        CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__)\r
++        CRYPTO_realloc_clean(addr,old_num,num,NULL,0)\r
+ # define OPENSSL_remalloc(addr,num) \\r
+-        CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)\r
++        CRYPTO_remalloc((char **)addr,(int)num,NULL,0)\r
+ # define OPENSSL_freeFunc        CRYPTO_free\r
+ # define OPENSSL_free(addr)      CRYPTO_free(addr)\r
+ \r
+ # define OPENSSL_malloc_locked(num) \\r
+-        CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)\r
++        CRYPTO_malloc_locked((int)num,NULL,0)\r
+ # define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)\r
+ \r
+ const char *SSLeay_version(int type);\r
+@@ -545,7 +545,7 @@ void CRYPTO_set_mem_debug_options(long bits);\r
+ long CRYPTO_get_mem_debug_options(void);\r
+ \r
+ # define CRYPTO_push_info(info) \\r
+-        CRYPTO_push_info_(info, __FILE__, __LINE__);\r
++        CRYPTO_push_info_(info, NULL, 0);\r
+ int CRYPTO_push_info_(const char *info, const char *file, int line);\r
+ int CRYPTO_pop_info(void);\r
+ int CRYPTO_remove_all_info(void);\r
+@@ -588,7 +588,7 @@ void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);\r
+ \r
+ /* die if we have to */\r
+ void OpenSSLDie(const char *file, int line, const char *assertion);\r
+-# define OPENSSL_assert(e)       (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1))\r
++# define OPENSSL_assert(e)       (void)((e) ? 0 : (OpenSSLDie(NULL, 0, #e),1))\r
+ \r
+ unsigned long *OPENSSL_ia32cap_loc(void);\r
+ # define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))\r
+@@ -605,14 +605,14 @@ void OPENSSL_init(void);\r
+ #  define fips_md_init_ctx(alg, cx) \\r
+         int alg##_Init(cx##_CTX *c) \\r
+         { \\r
+-        if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \\r
++        if (FIPS_mode()) OpenSSLDie(NULL, 0, \\r
+                 "Low level API call to digest " #alg " forbidden in FIPS mode!"); \\r
+         return private_##alg##_Init(c); \\r
+         } \\r
+         int private_##alg##_Init(cx##_CTX *c)\r
+ \r
+ #  define fips_cipher_abort(alg) \\r
+-        if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \\r
++        if (FIPS_mode()) OpenSSLDie(NULL, 0, \\r
+                 "Low level API call to cipher " #alg " forbidden in FIPS mode!")\r
+ \r
+ # else\r
+diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c\r
+index b58e3fa..e5f345a 100644\r
+--- a/crypto/dh/dh_pmeth.c\r
++++ b/crypto/dh/dh_pmeth.c\r
+@@ -449,6 +449,9 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,\r

          *keylen = ret;\r
          return 1;\r
      } else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {\r
          *keylen = ret;\r
          return 1;\r
      } else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {\r


@@ -53,7 +142,7 @@ diff U3 crypto/dh/dh_pmeth.c crypto/dh/dh_pmeth.c
          unsigned char *Z = NULL;\r
          size_t Zlen = 0;\r
          if (!dctx->kdf_outlen || !dctx->kdf_oid)\r
          unsigned char *Z = NULL;\r
          size_t Zlen = 0;\r
          if (!dctx->kdf_outlen || !dctx->kdf_oid)\r

-@@ -478,6 +481,7 @@\r
+@@ -478,6 +481,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,\r

              OPENSSL_free(Z);\r
          }\r
          return ret;\r
              OPENSSL_free(Z);\r
          }\r
          return ret;\r


@@ -61,10 +150,11 @@ diff U3 crypto/dh/dh_pmeth.c crypto/dh/dh_pmeth.c
      }\r
      return 1;\r
  }\r
      }\r
      return 1;\r
  }\r

-diff U3 crypto/pem/pem.h crypto/pem/pem.h\r
---- crypto/pem/pem.h   Thu Jan 28 21:56:08 2016\r
-+++ crypto/pem/pem.h   Wed Feb 17 15:56:26 2016\r
-@@ -324,6 +324,7 @@\r
+diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h\r
+index d3b23fc..d61605b 100644\r
+--- a/crypto/pem/pem.h\r
++++ b/crypto/pem/pem.h\r
+@@ -324,6 +324,7 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \\r

  \r
  #  define DECLARE_PEM_read_fp(name, type) /**/\r
  #  define DECLARE_PEM_write_fp(name, type) /**/\r
  \r
  #  define DECLARE_PEM_read_fp(name, type) /**/\r
  #  define DECLARE_PEM_write_fp(name, type) /**/\r


@@ -72,10 +162,11 @@ diff U3 crypto/pem/pem.h crypto/pem/pem.h
  #  define DECLARE_PEM_write_cb_fp(name, type) /**/\r
  # else\r
  \r
  #  define DECLARE_PEM_write_cb_fp(name, type) /**/\r
  # else\r
  \r

-diff U3 crypto/pkcs7/pk7_smime.c crypto/pkcs7/pk7_smime.c\r
---- crypto/pkcs7/pk7_smime.c   Thu Jan 28 21:56:08 2016\r
-+++ crypto/pkcs7/pk7_smime.c   Wed Feb 17 16:22:45 2016\r
-@@ -254,7 +254,8 @@\r
+diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c\r
+index c4d3724..0996c39 100644\r
+--- a/crypto/pkcs7/pk7_smime.c\r
++++ b/crypto/pkcs7/pk7_smime.c\r
+@@ -254,7 +254,8 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,\r

      STACK_OF(PKCS7_SIGNER_INFO) *sinfos;\r
      PKCS7_SIGNER_INFO *si;\r
      X509_STORE_CTX cert_ctx;\r
      STACK_OF(PKCS7_SIGNER_INFO) *sinfos;\r
      PKCS7_SIGNER_INFO *si;\r
      X509_STORE_CTX cert_ctx;\r


@@ -85,7 +176,7 @@ diff U3 crypto/pkcs7/pk7_smime.c crypto/pkcs7/pk7_smime.c
      int i, j = 0, k, ret = 0;\r
      BIO *p7bio = NULL;\r
      BIO *tmpin = NULL, *tmpout = NULL;\r
      int i, j = 0, k, ret = 0;\r
      BIO *p7bio = NULL;\r
      BIO *tmpin = NULL, *tmpout = NULL;\r

-@@ -275,12 +276,6 @@\r
+@@ -275,12 +276,6 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,\r

          return 0;\r
      }\r
  \r
          return 0;\r
      }\r
  \r


@@ -98,7 +189,7 @@ diff U3 crypto/pkcs7/pk7_smime.c crypto/pkcs7/pk7_smime.c
      sinfos = PKCS7_get_signer_info(p7);\r
  \r
      if (!sinfos || !sk_PKCS7_SIGNER_INFO_num(sinfos)) {\r
      sinfos = PKCS7_get_signer_info(p7);\r
  \r
      if (!sinfos || !sk_PKCS7_SIGNER_INFO_num(sinfos)) {\r

-@@ -355,9 +350,14 @@\r
+@@ -355,9 +350,14 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,\r

      } else\r
          tmpout = out;\r
  \r
      } else\r
          tmpout = out;\r
  \r


@@ -114,7 +205,7 @@ diff U3 crypto/pkcs7/pk7_smime.c crypto/pkcs7/pk7_smime.c
          if (i <= 0)\r
              break;\r
          if (tmpout)\r
          if (i <= 0)\r
              break;\r
          if (tmpout)\r

-@@ -394,6 +394,9 @@\r
+@@ -394,6 +394,9 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,\r

      }\r
      BIO_free_all(p7bio);\r
      sk_X509_free(signers);\r
      }\r
      BIO_free_all(p7bio);\r
      sk_X509_free(signers);\r


@@ -124,9 +215,10 @@ diff U3 crypto/pkcs7/pk7_smime.c crypto/pkcs7/pk7_smime.c
      return ret;\r
  }\r
  \r
      return ret;\r
  }\r
  \r

-diff U3 crypto/rand/rand_unix.c crypto/rand/rand_unix.c\r
---- crypto/rand/rand_unix.c    Thu Jan 28 21:38:32 2016\r
-+++ crypto/rand/rand_unix.c    Wed Feb 17 15:40:02 2016\r
+diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c\r
+index 266111e..f60fac6 100644\r
+--- a/crypto/rand/rand_unix.c\r
++++ b/crypto/rand/rand_unix.c\r

 @@ -116,7 +116,7 @@\r
  #include <openssl/rand.h>\r
  #include "rand_lcl.h"\r
 @@ -116,7 +116,7 @@\r
  #include <openssl/rand.h>\r
  #include "rand_lcl.h"\r


@@ -136,7 +228,7 @@ diff U3 crypto/rand/rand_unix.c crypto/rand/rand_unix.c
  \r
  # include <sys/types.h>\r
  # include <sys/time.h>\r
  \r
  # include <sys/types.h>\r
  # include <sys/time.h>\r

-@@ -439,7 +439,7 @@\r
+@@ -439,7 +439,7 @@ int RAND_poll(void)\r

                                   * defined(OPENSSL_SYS_VXWORKS) ||\r
                                   * defined(OPENSSL_SYS_NETWARE)) */\r
  \r
                                   * defined(OPENSSL_SYS_VXWORKS) ||\r
                                   * defined(OPENSSL_SYS_NETWARE)) */\r
  \r


@@ -145,9 +237,10 @@ diff U3 crypto/rand/rand_unix.c crypto/rand/rand_unix.c
  int RAND_poll(void)\r
  {\r
      return 0;\r
  int RAND_poll(void)\r
  {\r
      return 0;\r

-diff U3 crypto/rsa/rsa_ameth.c crypto/rsa/rsa_ameth.c\r
---- crypto/rsa/rsa_ameth.c     Thu Jan 28 21:56:08 2016\r
-+++ crypto/rsa/rsa_ameth.c     Wed Feb 17 15:09:46 2016\r
+diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c\r
+index 4e06218..f591f0f 100644\r
+--- a/crypto/rsa/rsa_ameth.c\r
++++ b/crypto/rsa/rsa_ameth.c\r

 @@ -68,10 +68,12 @@\r
  #endif\r
  #include "asn1_locl.h"\r
 @@ -68,10 +68,12 @@\r
  #endif\r
  #include "asn1_locl.h"\r


@@ -161,7 +254,7 @@ diff U3 crypto/rsa/rsa_ameth.c crypto/rsa/rsa_ameth.c
  \r
  static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)\r
  {\r
  \r
  static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)\r
  {\r

-@@ -665,6 +667,7 @@\r
+@@ -665,6 +667,7 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,\r

      return rv;\r
  }\r
  \r
      return rv;\r
  }\r
  \r


@@ -169,7 +262,7 @@ diff U3 crypto/rsa/rsa_ameth.c crypto/rsa/rsa_ameth.c
  static int rsa_cms_verify(CMS_SignerInfo *si)\r
  {\r
      int nid, nid2;\r
  static int rsa_cms_verify(CMS_SignerInfo *si)\r
  {\r
      int nid, nid2;\r

-@@ -683,6 +686,7 @@\r
+@@ -683,6 +686,7 @@ static int rsa_cms_verify(CMS_SignerInfo *si)\r

      }\r
      return 0;\r
  }\r
      }\r
      return 0;\r
  }\r


@@ -177,7 +270,7 @@ diff U3 crypto/rsa/rsa_ameth.c crypto/rsa/rsa_ameth.c
  \r
  /*\r
   * Customised RSA item verification routine. This is called when a signature\r
  \r
  /*\r
   * Customised RSA item verification routine. This is called when a signature\r

-@@ -705,6 +709,7 @@\r
+@@ -705,6 +709,7 @@ static int rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,\r

      return -1;\r
  }\r
  \r
      return -1;\r
  }\r
  \r


@@ -185,7 +278,7 @@ diff U3 crypto/rsa/rsa_ameth.c crypto/rsa/rsa_ameth.c
  static int rsa_cms_sign(CMS_SignerInfo *si)\r
  {\r
      int pad_mode = RSA_PKCS1_PADDING;\r
  static int rsa_cms_sign(CMS_SignerInfo *si)\r
  {\r
      int pad_mode = RSA_PKCS1_PADDING;\r

-@@ -729,6 +734,7 @@\r
+@@ -729,6 +734,7 @@ static int rsa_cms_sign(CMS_SignerInfo *si)\r

      X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsassaPss), V_ASN1_SEQUENCE, os);\r
      return 1;\r
  }\r
      X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsassaPss), V_ASN1_SEQUENCE, os);\r
      return 1;\r
  }\r


@@ -193,7 +286,7 @@ diff U3 crypto/rsa/rsa_ameth.c crypto/rsa/rsa_ameth.c
  \r
  static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,\r
                           X509_ALGOR *alg1, X509_ALGOR *alg2,\r
  \r
  static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,\r
                           X509_ALGOR *alg1, X509_ALGOR *alg2,\r

-@@ -785,6 +791,7 @@\r
+@@ -785,6 +791,7 @@ static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg,\r

      return pss;\r
  }\r
  \r
      return pss;\r
  }\r
  \r


@@ -201,7 +294,7 @@ diff U3 crypto/rsa/rsa_ameth.c crypto/rsa/rsa_ameth.c
  static int rsa_cms_decrypt(CMS_RecipientInfo *ri)\r
  {\r
      EVP_PKEY_CTX *pkctx;\r
  static int rsa_cms_decrypt(CMS_RecipientInfo *ri)\r
  {\r
      EVP_PKEY_CTX *pkctx;\r

-@@ -857,7 +864,9 @@\r
+@@ -857,7 +864,9 @@ static int rsa_cms_decrypt(CMS_RecipientInfo *ri)\r

          X509_ALGOR_free(maskHash);\r
      return rv;\r
  }\r
          X509_ALGOR_free(maskHash);\r
      return rv;\r
  }\r


@@ -211,7 +304,7 @@ diff U3 crypto/rsa/rsa_ameth.c crypto/rsa/rsa_ameth.c
  static int rsa_cms_encrypt(CMS_RecipientInfo *ri)\r
  {\r
      const EVP_MD *md, *mgf1md;\r
  static int rsa_cms_encrypt(CMS_RecipientInfo *ri)\r
  {\r
      const EVP_MD *md, *mgf1md;\r

-@@ -920,6 +929,7 @@\r
+@@ -920,6 +929,7 @@ static int rsa_cms_encrypt(CMS_RecipientInfo *ri)\r

          ASN1_STRING_free(os);\r
      return rv;\r
  }\r
          ASN1_STRING_free(os);\r
      return rv;\r
  }\r


@@ -219,10 +312,11 @@ diff U3 crypto/rsa/rsa_ameth.c crypto/rsa/rsa_ameth.c
  \r
  const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] = {\r
      {\r
  \r
  const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] = {\r
      {\r

-diff U3 crypto/x509/x509_vfy.c crypto/x509/x509_vfy.c\r
---- crypto/x509/x509_vfy.c     Thu Jan 28 21:56:08 2016\r
-+++ crypto/x509/x509_vfy.c     Wed Feb 17 16:09:58 2016\r
-@@ -940,6 +940,8 @@\r
+diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c\r
+index 0429767..7ddc21c 100644\r
+--- a/crypto/x509/x509_vfy.c\r
++++ b/crypto/x509/x509_vfy.c\r
+@@ -940,6 +940,8 @@ static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)\r

          ctx->current_crl = crl;\r
      if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)\r
          ptime = &ctx->param->check_time;\r
          ctx->current_crl = crl;\r
      if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)\r
          ptime = &ctx->param->check_time;\r


@@ -231,7 +325,7 @@ diff U3 crypto/x509/x509_vfy.c crypto/x509/x509_vfy.c
      else\r
          ptime = NULL;\r
  \r
      else\r
          ptime = NULL;\r
  \r

-@@ -1663,6 +1665,8 @@\r
+@@ -1663,6 +1665,8 @@ static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)\r

  \r
      if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)\r
          ptime = &ctx->param->check_time;\r
  \r
      if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)\r
          ptime = &ctx->param->check_time;\r


@@ -240,10 +334,11 @@ diff U3 crypto/x509/x509_vfy.c crypto/x509/x509_vfy.c
      else\r
          ptime = NULL;\r
  \r
      else\r
          ptime = NULL;\r
  \r

-diff U3 crypto/x509/x509_vfy.h crypto/x509/x509_vfy.h\r
---- crypto/x509/x509_vfy.h     Thu Jan 28 21:56:08 2016\r
-+++ crypto/x509/x509_vfy.h     Wed Feb 17 16:08:18 2016\r
-@@ -438,6 +438,8 @@\r
+diff --git a/crypto/x509/x509_vfy.h b/crypto/x509/x509_vfy.h\r
+index 2663e1c..98d0b4c 100644\r
+--- a/crypto/x509/x509_vfy.h\r
++++ b/crypto/x509/x509_vfy.h\r
+@@ -438,6 +438,8 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);\r

   * will force the behaviour to match that of previous versions.\r
   */\r
  # define X509_V_FLAG_NO_ALT_CHAINS               0x100000\r
   * will force the behaviour to match that of previous versions.\r
   */\r
  # define X509_V_FLAG_NO_ALT_CHAINS               0x100000\r


@@ -252,10 +347,11 @@ diff U3 crypto/x509/x509_vfy.h crypto/x509/x509_vfy.h
  \r
  # define X509_VP_FLAG_DEFAULT                    0x1\r
  # define X509_VP_FLAG_OVERWRITE                  0x2\r
  \r
  # define X509_VP_FLAG_DEFAULT                    0x1\r
  # define X509_VP_FLAG_OVERWRITE                  0x2\r

-diff U3 crypto/x509v3/ext_dat.h crypto/x509v3/ext_dat.h\r
---- crypto/x509v3/ext_dat.h    Thu Jan 28 21:56:08 2016\r
-+++ crypto/x509v3/ext_dat.h    Wed Feb 17 16:13:30 2016\r
-@@ -127,8 +127,10 @@\r
+diff --git a/crypto/x509v3/ext_dat.h b/crypto/x509v3/ext_dat.h\r
+index c3a6fce..01edd2a 100644\r
+--- a/crypto/x509v3/ext_dat.h\r
++++ b/crypto/x509v3/ext_dat.h\r
+@@ -127,8 +127,10 @@ static const X509V3_EXT_METHOD *standard_exts[] = {\r

      &v3_idp,\r
      &v3_alt[2],\r
      &v3_freshest_crl,\r
      &v3_idp,\r
      &v3_alt[2],\r
      &v3_freshest_crl,\r


@@ -266,95 +362,11 @@ diff U3 crypto/x509v3/ext_dat.h crypto/x509v3/ext_dat.h
  };\r
  \r
  /* Number of standard extensions */\r
  };\r
  \r
  /* Number of standard extensions */\r

-diff U3 crypto/crypto.h crypto/crypto.h\r
---- crypto/crypto.h    Thu Jan 28 21:38:30 2016\r
-+++ crypto/crypto.h    Wed Feb 17 16:33:00 2016\r
-@@ -235,15 +235,15 @@\r
- # ifndef OPENSSL_NO_LOCKING\r
- #  ifndef CRYPTO_w_lock\r
- #   define CRYPTO_w_lock(type)     \\r
--        CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)\r
-+        CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,NULL,0)\r
- #   define CRYPTO_w_unlock(type)   \\r
--        CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)\r
-+        CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,NULL,0)\r
- #   define CRYPTO_r_lock(type)     \\r
--        CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)\r
-+        CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,NULL,0)\r
- #   define CRYPTO_r_unlock(type)   \\r
--        CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)\r
-+        CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,NULL,0)\r
- #   define CRYPTO_add(addr,amount,type)    \\r
--        CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)\r
-+        CRYPTO_add_lock(addr,amount,type,NULL,0)\r
- #  endif\r
- # else\r
- #  define CRYPTO_w_lock(a)\r
-@@ -378,19 +378,19 @@\r
- # define MemCheck_off()  CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)\r
- # define is_MemCheck_on() CRYPTO_is_mem_check_on()\r
- \r
--# define OPENSSL_malloc(num)     CRYPTO_malloc((int)num,__FILE__,__LINE__)\r
--# define OPENSSL_strdup(str)     CRYPTO_strdup((str),__FILE__,__LINE__)\r
-+# define OPENSSL_malloc(num)     CRYPTO_malloc((int)num,NULL,0)\r
-+# define OPENSSL_strdup(str)     CRYPTO_strdup((str),NULL,0)\r
- # define OPENSSL_realloc(addr,num) \\r
--        CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)\r
-+        CRYPTO_realloc((char *)addr,(int)num,NULL,0)\r
- # define OPENSSL_realloc_clean(addr,old_num,num) \\r
--        CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__)\r
-+        CRYPTO_realloc_clean(addr,old_num,num,NULL,0)\r
- # define OPENSSL_remalloc(addr,num) \\r
--        CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)\r
-+        CRYPTO_remalloc((char **)addr,(int)num,NULL,0)\r
- # define OPENSSL_freeFunc        CRYPTO_free\r
- # define OPENSSL_free(addr)      CRYPTO_free(addr)\r
- \r
- # define OPENSSL_malloc_locked(num) \\r
--        CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)\r
-+        CRYPTO_malloc_locked((int)num,NULL,0)\r
- # define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)\r
- \r
- const char *SSLeay_version(int type);\r
-@@ -545,7 +545,7 @@\r
- long CRYPTO_get_mem_debug_options(void);\r
- \r
- # define CRYPTO_push_info(info) \\r
--        CRYPTO_push_info_(info, __FILE__, __LINE__);\r
-+        CRYPTO_push_info_(info, NULL, 0);\r
- int CRYPTO_push_info_(const char *info, const char *file, int line);\r
- int CRYPTO_pop_info(void);\r
- int CRYPTO_remove_all_info(void);\r
-@@ -588,7 +588,7 @@\r
- \r
- /* die if we have to */\r
- void OpenSSLDie(const char *file, int line, const char *assertion);\r
--# define OPENSSL_assert(e)       (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1))\r
-+# define OPENSSL_assert(e)       (void)((e) ? 0 : (OpenSSLDie(NULL, 0, #e),1))\r
- \r
- unsigned long *OPENSSL_ia32cap_loc(void);\r
- # define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))\r
-@@ -605,14 +605,14 @@\r
- #  define fips_md_init_ctx(alg, cx) \\r
-         int alg##_Init(cx##_CTX *c) \\r
-         { \\r
--        if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \\r
-+        if (FIPS_mode()) OpenSSLDie(NULL, 0, \\r
-                 "Low level API call to digest " #alg " forbidden in FIPS mode!"); \\r
-         return private_##alg##_Init(c); \\r
-         } \\r
-         int private_##alg##_Init(cx##_CTX *c)\r
- \r
- #  define fips_cipher_abort(alg) \\r
--        if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \\r
-+        if (FIPS_mode()) OpenSSLDie(NULL, 0, \\r
-                 "Low level API call to cipher " #alg " forbidden in FIPS mode!")\r
- \r
- # else\r
-diff U3 e_os.h e_os.h\r
---- e_os.h     Thu Jan 28 21:56:08 2016\r
-+++ e_os.h     Wed Feb 17 15:52:08 2016\r
-@@ -136,7 +136,7 @@\r
+diff --git a/e_os.h b/e_os.h\r
+index 1fa36c1..3e9dae2 100644\r
+--- a/e_os.h\r
++++ b/e_os.h\r
+@@ -136,7 +136,7 @@ extern "C" {\r

  #  define MSDOS\r
  # endif\r
  \r
  #  define MSDOS\r
  # endif\r
  \r


@@ -363,10 +375,11 @@ diff U3 e_os.h e_os.h
  #  define GETPID_IS_MEANINGLESS\r
  # endif\r
  \r
  #  define GETPID_IS_MEANINGLESS\r
  # endif\r
  \r

-diff U3 e_os2.h e_os2.h\r
---- e_os2.h    Thu Jan 28 21:56:08 2016\r
-+++ e_os2.h    Wed Feb 17 15:53:08 2016\r
-@@ -97,7 +97,14 @@\r
+diff --git a/e_os2.h b/e_os2.h\r
+index 7be9989..909e22f 100644\r
+--- a/e_os2.h\r
++++ b/e_os2.h\r
+@@ -97,7 +97,14 @@ extern "C" {\r

   * For 32 bit environment, there seems to be the CygWin environment and then\r
   * all the others that try to do the same thing Microsoft does...\r
   */\r
   * For 32 bit environment, there seems to be the CygWin environment and then\r
   * all the others that try to do the same thing Microsoft does...\r
   */\r

diff --git a/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt b/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt
index 433f626c65d65f10a442d1c76fbd1502ba0d1271..7803949d5445b5874da9811c7718e439ff143042 100644 (file)
--- a/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt
+++ b/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt
@@ -46,7 +46,7 @@ cryptography. This patch will enable openssl building under UEFI environment.
        Install Cygwin or get the patch utility binary from\r
           http://gnuwin32.sourceforge.net/packages/patch.htm\r
     2) cd $(WORKSPACE)\CryptoPkg\Library\OpensslLib\openssl-1.0.2f\r
        Install Cygwin or get the patch utility binary from\r
           http://gnuwin32.sourceforge.net/packages/patch.htm\r
     2) cd $(WORKSPACE)\CryptoPkg\Library\OpensslLib\openssl-1.0.2f\r

-    3) patch -p0 -i ..\EDKII_openssl-1.0.2f.patch\r
+    3) patch -p1 -i ..\EDKII_openssl-1.0.2f.patch\r

     4) cd ..\r
     5) Install.cmd\r
 \r
     4) cd ..\r
     5) Install.cmd\r
 \r


@@ -55,7 +55,7 @@ cryptography. This patch will enable openssl building under UEFI environment.
     1) Make sure the patch utility has been installed in your machine.\r
        Patch utility is available from http://directory.fsf.org/project/patch/\r
     2) cd $(WORKSPACE)/CryptoPkg/Library/OpensslLib/openssl-1.0.2f\r
     1) Make sure the patch utility has been installed in your machine.\r
        Patch utility is available from http://directory.fsf.org/project/patch/\r
     2) cd $(WORKSPACE)/CryptoPkg/Library/OpensslLib/openssl-1.0.2f\r

-    3) patch -p0 -i ../EDKII_openssl-1.0.2f.patch\r
+    3) patch -p1 -i ../EDKII_openssl-1.0.2f.patch\r

     4) cd ..\r
     5) ./Install.sh\r
 \r
     4) cd ..\r
     5) ./Install.sh\r
 \r