Upgrade openssl version to 0.98w.

Signed-off by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13289 6f19259b-4bc3-4df7-8a09-765794883524

diff --git a/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8l.patch b/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8l.patch
deleted file mode 100644 (file)
index d14b08e..0000000
--- a/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8l.patch
+++ /dev/null
@@ -1,159 +0,0 @@
---- crypto/bio/bss_file.c      Thu Jan 15 17:14:12 1970\r
-+++ crypto/bio/bss_file.c      Thu Jan 15 17:14:12 1970\r
-@@ -421,6 +421,23 @@\r
-       return(ret);\r
-       }\r
- \r
-+#else\r
-+\r
-+BIO_METHOD *BIO_s_file(void)\r
-+      {\r
-+      return NULL;\r
-+      }\r
-+\r
-+BIO *BIO_new_file(const char *filename, const char *mode)\r
-+      {\r
-+      return NULL;\r
-+      }\r
-+\r
-+BIO *BIO_new_fp(FILE *stream, int close_flag)\r
-+      {\r
-+      return NULL;\r
-+      }\r
-+\r
- #endif /* OPENSSL_NO_STDIO */\r
- \r
- #endif /* HEADER_BSS_FILE_C */\r
---- crypto/err/err.c\r
-+++ crypto/err/err.c\r
-@@ -313,7 +313,12 @@\r
-       es->err_data_flags[i]=flags;\r
-       }\r
- \r
-+/* Add EFIAPI for UEFI version. */\r
-+#if defined(OPENSSL_SYS_UEFI)\r
-+void EFIAPI ERR_add_error_data(int num, ...)\r
-+#else\r
- void ERR_add_error_data(int num, ...)\r
-+#endif\r
-       {\r
-       va_list args;\r
-       int i,n,s;\r
---- crypto/err/err.h\r
-+++ crypto/err/err.h\r
-@@ -286,8 +286,14 @@\r
- #endif\r
- #ifndef OPENSSL_NO_BIO\r
- void ERR_print_errors(BIO *bp);\r
-+\r
-+/* Add EFIAPI for UEFI version. */\r
-+#if defined(OPENSSL_SYS_UEFI)\r
-+void EFIAPI ERR_add_error_data(int num, ...);\r
-+#else\r
- void ERR_add_error_data(int num, ...);\r
- #endif\r
-+#endif\r
- void ERR_load_strings(int lib,ERR_STRING_DATA str[]);\r
- void ERR_unload_strings(int lib,ERR_STRING_DATA str[]);\r
- void ERR_load_ERR_strings(void);\r
---- crypto/opensslconf.h\r
-+++ crypto/opensslconf.h\r
-@@ -162,6 +162,9 @@\r
- /* The prime number generation stuff may not work when\r
-  * EIGHT_BIT but I don't care since I've only used this mode\r
-  * for debuging the bignum libraries */\r
-+\r
-+/* Bypass following definition for UEFI version. */\r
-+#if !defined(OPENSSL_SYS_UEFI)\r
- #undef SIXTY_FOUR_BIT_LONG\r
- #undef SIXTY_FOUR_BIT\r
- #define THIRTY_TWO_BIT\r
-@@ -169,6 +172,8 @@\r
- #undef EIGHT_BIT\r
- #endif\r
- \r
-+#endif\r
-+\r
- #if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)\r
- #define CONFIG_HEADER_RC4_LOCL_H\r
- /* if this is defined data[i] is used instead of *data, this is a %20\r
---- crypto/pkcs7/pk7_smime.c   2009-03-15 21:36:02.000000000 +0800\r
-+++ crypto/pkcs7/pk7_smime.c   2011-09-13 14:11:36.019454700 +0800\r
-@@ -88,7 +88,10 @@\r
-       if (!PKCS7_content_new(p7, NID_pkcs7_data))\r
-               goto err;\r
- \r
--      if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) {\r
-+  /* \r
-+    NOTE: Update to SHA-256 digest algorithm for UEFI version.\r
-+  */\r
-+      if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha256()))) {\r
-               PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);\r
-               goto err;\r
-       }\r
---- crypto/rand/rand_egd.c     Thu Jan 15 17:14:12 1970\r
-+++ crypto/rand/rand_egd.c     Thu Jan 15 17:14:12 1970\r
-@@ -95,7 +95,7 @@\r
-  *   RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.\r
-  */\r
- \r
--#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS)\r
-+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI)\r
- int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)\r
-       {\r
-       return(-1);\r
---- crypto/rand/rand_unix.c    Thu Jan 15 17:14:12 1970\r
-+++ crypto/rand/rand_unix.c    Thu Jan 15 17:14:12 1970\r
-@@ -116,7 +116,7 @@\r
- #include <openssl/rand.h>\r
- #include "rand_lcl.h"\r
- \r
--#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))\r
-+#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_UEFI))\r
- \r
- #include <sys/types.h>\r
- #include <sys/time.h>\r
-@@ -322,7 +322,7 @@\r
- #endif /* !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) */\r
- \r
- \r
--#if defined(OPENSSL_SYS_VXWORKS)\r
-+#if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)\r
- int RAND_poll(void)\r
-       {\r
-       return 0;\r
---- crypto/x509/x509_vfy.c     Thu Jan 15 17:14:12 1970\r
-+++ crypto/x509/x509_vfy.c     Thu Jan 15 17:14:12 1970\r
-@@ -391,7 +391,12 @@\r
- \r
- static int check_chain_extensions(X509_STORE_CTX *ctx)\r
- {\r
--#ifdef OPENSSL_NO_CHAIN_VERIFY\r
-+//#ifdef OPENSSL_NO_CHAIN_VERIFY\r
-+#if defined(OPENSSL_NO_CHAIN_VERIFY) || defined(OPENSSL_SYS_UEFI)\r
-+  /* \r
-+    NOTE: Bypass KU Flags Checking for UEFI version. There are incorrect KU flag setting\r
-+          in Authenticode Signing Certificates. \r
-+  */\r
-       return 1;\r
- #else\r
-       int i, ok=0, must_be_ca, plen = 0;\r
-@@ -904,6 +909,10 @@\r
- \r
- static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)\r
-       {\r
-+#if defined(OPENSSL_SYS_UEFI)\r
-+  /* Bypass Certificate Time Checking for UEFI version. */\r
-+  return 1;\r
-+#else\r
-       time_t *ptime;\r
-       int i;\r
- \r
-@@ -947,6 +956,7 @@\r
-               }\r
- \r
-       return 1;\r
-+#endif  \r
-       }\r
- \r
- static int internal_verify(X509_STORE_CTX *ctx)\r

diff --git a/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch b/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch
new file mode 100644 (file)
index 0000000..3b31248
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8w.patch
@@ -0,0 +1,174 @@
+Index: crypto/bio/bss_file.c\r
+===================================================================\r
+--- crypto/bio/bss_file.c      (revision 1)\r
++++ crypto/bio/bss_file.c      (working copy)\r
+@@ -428,6 +428,23 @@\r
+       return(ret);\r
+       }\r
+ \r
++#else\r
++\r
++BIO_METHOD *BIO_s_file(void)\r
++      {\r
++      return NULL;\r
++      }\r
++\r
++BIO *BIO_new_file(const char *filename, const char *mode)\r
++      {\r
++      return NULL;\r
++      }\r
++\r
++BIO *BIO_new_fp(FILE *stream, int close_flag)\r
++      {\r
++      return NULL;\r
++      }\r
++\r
+ #endif /* OPENSSL_NO_STDIO */\r
+ \r
+ #endif /* HEADER_BSS_FILE_C */\r
+Index: crypto/err/err.c\r
+===================================================================\r
+--- crypto/err/err.c   (revision 1)\r
++++ crypto/err/err.c   (working copy)\r
+@@ -313,7 +313,12 @@\r
+       es->err_data_flags[i]=flags;\r
+       }\r
+ \r
++/* Add EFIAPI for UEFI version. */\r
++#if defined(OPENSSL_SYS_UEFI)\r
++void EFIAPI ERR_add_error_data(int num, ...)\r
++#else\r
+ void ERR_add_error_data(int num, ...)\r
++#endif\r
+       {\r
+       va_list args;\r
+       int i,n,s;\r
+Index: crypto/err/err.h\r
+===================================================================\r
+--- crypto/err/err.h   (revision 1)\r
++++ crypto/err/err.h   (working copy)\r
+@@ -286,8 +286,14 @@\r
+ #endif\r
+ #ifndef OPENSSL_NO_BIO\r
+ void ERR_print_errors(BIO *bp);\r
++\r
++/* Add EFIAPI for UEFI version. */\r
++#if defined(OPENSSL_SYS_UEFI)\r
++void EFIAPI ERR_add_error_data(int num, ...);\r
++#else\r
+ void ERR_add_error_data(int num, ...);\r
+ #endif\r
++#endif\r
+ void ERR_load_strings(int lib,ERR_STRING_DATA str[]);\r
+ void ERR_unload_strings(int lib,ERR_STRING_DATA str[]);\r
+ void ERR_load_ERR_strings(void);\r
+Index: crypto/opensslconf.h\r
+===================================================================\r
+--- crypto/opensslconf.h       (revision 1)\r
++++ crypto/opensslconf.h       (working copy)\r
+@@ -162,6 +162,9 @@\r
+ /* The prime number generation stuff may not work when\r
+  * EIGHT_BIT but I don't care since I've only used this mode\r
+  * for debuging the bignum libraries */\r
++\r
++/* Bypass following definition for UEFI version. */\r
++#if !defined(OPENSSL_SYS_UEFI)\r
+ #undef SIXTY_FOUR_BIT_LONG\r
+ #undef SIXTY_FOUR_BIT\r
+ #define THIRTY_TWO_BIT\r
+@@ -169,6 +172,8 @@\r
+ #undef EIGHT_BIT\r
+ #endif\r
+ \r
++#endif\r
++\r
+ #if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)\r
+ #define CONFIG_HEADER_RC4_LOCL_H\r
+ /* if this is defined data[i] is used instead of *data, this is a %20\r
+Index: crypto/pkcs7/pk7_smime.c\r
+===================================================================\r
+--- crypto/pkcs7/pk7_smime.c   (revision 1)\r
++++ crypto/pkcs7/pk7_smime.c   (working copy)\r
+@@ -88,7 +88,10 @@\r
+       if (!PKCS7_content_new(p7, NID_pkcs7_data))\r
+               goto err;\r
+ \r
+-      if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) {\r
++  /* \r
++    NOTE: Update to SHA-256 digest algorithm for UEFI version.\r
++  */\r
++      if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha256()))) {\r
+               PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);\r
+               goto err;\r
+       }\r
+Index: crypto/rand/rand_egd.c\r
+===================================================================\r
+--- crypto/rand/rand_egd.c     (revision 1)\r
++++ crypto/rand/rand_egd.c     (working copy)\r
+@@ -95,7 +95,7 @@\r
+  *   RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.\r
+  */\r
+ \r
+-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS)\r
++#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI)\r
+ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)\r
+       {\r
+       return(-1);\r
+Index: crypto/rand/rand_unix.c\r
+===================================================================\r
+--- crypto/rand/rand_unix.c    (revision 1)\r
++++ crypto/rand/rand_unix.c    (working copy)\r
+@@ -116,7 +116,7 @@\r
+ #include <openssl/rand.h>\r
+ #include "rand_lcl.h"\r
+ \r
+-#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))\r
++#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_UEFI))\r
+ \r
+ #include <sys/types.h>\r
+ #include <sys/time.h>\r
+@@ -322,7 +322,7 @@\r
+ #endif /* !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) */\r
+ \r
+ \r
+-#if defined(OPENSSL_SYS_VXWORKS)\r
++#if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)\r
+ int RAND_poll(void)\r
+       {\r
+       return 0;\r
+Index: crypto/x509/x509_vfy.c\r
+===================================================================\r
+--- crypto/x509/x509_vfy.c     (revision 1)\r
++++ crypto/x509/x509_vfy.c     (working copy)\r
+@@ -386,7 +386,11 @@\r
+ \r
+ static int check_chain_extensions(X509_STORE_CTX *ctx)\r
+ {\r
+-#ifdef OPENSSL_NO_CHAIN_VERIFY\r
++#if defined(OPENSSL_NO_CHAIN_VERIFY) || defined(OPENSSL_SYS_UEFI)\r
++  /* \r
++    NOTE: Bypass KU Flags Checking for UEFI version. There are incorrect KU flag setting\r
++          in Authenticode Signing Certificates. \r
++  */\r
+       return 1;\r
+ #else\r
+       int i, ok=0, must_be_ca, plen = 0;\r
+@@ -899,6 +903,10 @@\r
+ \r
+ static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)\r
+       {\r
++#if defined(OPENSSL_SYS_UEFI)\r
++  /* Bypass Certificate Time Checking for UEFI version. */\r
++  return 1;\r
++#else\r
+       time_t *ptime;\r
+       int i;\r
+ \r
+@@ -942,6 +950,7 @@\r
+               }\r
+ \r
+       return 1;\r
++#endif        \r
+       }\r
+ \r
+ static int internal_verify(X509_STORE_CTX *ctx)\r

diff --git a/CryptoPkg/Library/OpensslLib/Install.cmd b/CryptoPkg/Library/OpensslLib/Install.cmd
index 8dd91c0ab13a71af4f51b21e2fe16367178a4ba6..a2a88e44e58d20d6c520e89a78960b4b50a76000 100644 (file)
--- a/CryptoPkg/Library/OpensslLib/Install.cmd
+++ b/CryptoPkg/Library/OpensslLib/Install.cmd
@@ -1,4 +1,4 @@
-cd openssl-0.9.8l\r
+cd openssl-0.9.8w\r

 copy e_os2.h              ..\..\..\Include\openssl\r
 copy crypto\crypto.h  ..\..\..\Include\openssl\r
 copy crypto\tmdiff.h  ..\..\..\Include\openssl\r
 copy e_os2.h              ..\..\..\Include\openssl\r
 copy crypto\crypto.h  ..\..\..\Include\openssl\r
 copy crypto\tmdiff.h  ..\..\..\Include\openssl\r

diff --git a/CryptoPkg/Library/OpensslLib/Install.sh b/CryptoPkg/Library/OpensslLib/Install.sh
index 43b6cb49469139fe922dee9e4e0e4c3e32ecf0e8..fa910b2d7d6ea0e2729582a0789928856990ed84 100644 (file)
--- a/CryptoPkg/Library/OpensslLib/Install.sh
+++ b/CryptoPkg/Library/OpensslLib/Install.sh
@@ -1,6 +1,6 @@
 #!/bin/sh\r
 
 #!/bin/sh\r
 

-cd openssl-0.9.8l
+cd openssl-0.9.8w\r

 cp e_os2.h ../../../Include/openssl
 cp crypto/crypto.h ../../../Include/openssl
 cp crypto/tmdiff.h ../../../Include/openssl
 cp e_os2.h ../../../Include/openssl
 cp crypto/crypto.h ../../../Include/openssl
 cp crypto/tmdiff.h ../../../Include/openssl

diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index 2034457367d7c2edce7ed430c6e164c34c97c7ad..e8bec20fb3f803b19a1eb5399ed4b77c2ee0f447 100644 (file)
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -1,7 +1,7 @@
 ## @file\r
 # OpenSSL Library implementation.\r
 # \r
 ## @file\r
 # OpenSSL Library implementation.\r
 # \r

-#  Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>\r
+#  Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>\r

 #  This program and the accompanying materials\r
 #  are licensed and made available under the terms and conditions of the BSD License\r
 #  which accompanies this distribution.  The full text of the license may be found at\r
 #  This program and the accompanying materials\r
 #  are licensed and made available under the terms and conditions of the BSD License\r
 #  which accompanies this distribution.  The full text of the license may be found at\r


@@ -19,7 +19,7 @@
   MODULE_TYPE                    = BASE\r
   VERSION_STRING                 = 1.0\r
   LIBRARY_CLASS                  = OpensslLib\r
   MODULE_TYPE                    = BASE\r
   VERSION_STRING                 = 1.0\r
   LIBRARY_CLASS                  = OpensslLib\r

-  DEFINE OPENSSL_PATH            = openssl-0.9.8l\r
+  DEFINE OPENSSL_PATH            = openssl-0.9.8w\r

   DEFINE OPENSSL_FLAGS           = -DOPENSSL_SYSNAME_UWIN -DOPENSSL_SYS_UEFI -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_SEED -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SOCK -DOPENSSL_NO_CMS -DOPENSSL_NO_JPAKE -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_ERR -DOPENSSL_NO_KRB5 -DOPENSSL_NO_DYNAMIC_ENGINE -DGETPID_IS_MEANINGLESS -DOPENSSL_NO_STDIO -DOPENSSL_NO_FP_API -DOPENSSL_NO_DGRAM -DOPENSSL_NO_ASM\r
   DEFINE OPENSSL_EXFLAGS         = -DOPENSSL_SMALL_FOOTPRINT -DOPENSSL_NO_SHA0 -DOPENSSL_NO_SHA512 -DOPENSSL_NO_LHASH -DOPENSSL_NO_HW -DOPENSSL_NO_OCSP -DOPENSSL_NO_LOCKING -DOPENSSL_NO_DEPRECATED\r
   \r
   DEFINE OPENSSL_FLAGS           = -DOPENSSL_SYSNAME_UWIN -DOPENSSL_SYS_UEFI -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_SEED -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SOCK -DOPENSSL_NO_CMS -DOPENSSL_NO_JPAKE -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_ERR -DOPENSSL_NO_KRB5 -DOPENSSL_NO_DYNAMIC_ENGINE -DGETPID_IS_MEANINGLESS -DOPENSSL_NO_STDIO -DOPENSSL_NO_FP_API -DOPENSSL_NO_DGRAM -DOPENSSL_NO_ASM\r
   DEFINE OPENSSL_EXFLAGS         = -DOPENSSL_SMALL_FOOTPRINT -DOPENSSL_NO_SHA0 -DOPENSSL_NO_SHA512 -DOPENSSL_NO_LHASH -DOPENSSL_NO_HW -DOPENSSL_NO_OCSP -DOPENSSL_NO_LOCKING -DOPENSSL_NO_DEPRECATED\r
   \r

diff --git a/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt b/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt
index c35f88d55e75295c27e164f75c7ff3f28010998e..7641da8e4aff285006683a9d3d204ffe163727f4 100644 (file)
--- a/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt
+++ b/CryptoPkg/Library/OpensslLib/Patch-HOWTO.txt
@@ -17,45 +17,45 @@ cryptography. This patch will enable openssl building under UEFI environment.
 ================================================================================\r
                                 OpenSSL-Version\r
 ================================================================================\r
 ================================================================================\r
                                 OpenSSL-Version\r
 ================================================================================\r

-  Current supported OpenSSL version for UEFI Crypto Library is 0.9.8l.\r
-    http://www.openssl.org/source/openssl-0.9.8l.tar.gz\r
+  Current supported OpenSSL version for UEFI Crypto Library is 0.9.8w.\r
+    http://www.openssl.org/source/openssl-0.9.8w.tar.gz\r

 \r
 \r
 ================================================================================\r
                       HOW to Install Openssl for UEFI Building\r
 ================================================================================\r
 \r
 \r
 ================================================================================\r
                       HOW to Install Openssl for UEFI Building\r
 ================================================================================\r

-1.  Download OpenSSL 0.9.8l from official website:\r
-       http://www.openssl.org/source/openssl-0.9.8l.tar.gz\r
+1.  Download OpenSSL 0.9.8w from official website:\r
+       http://www.openssl.org/source/openssl-0.9.8w.tar.gz\r

 \r
 \r

-    NOTE: Some web browsers may rename the downloaded TAR file to openssl-0.9.8l.tar.tar.\r
-          When you do the download, rename the "openssl-0.9.8l.tar.tar" to\r
-          "openssl-0.9.8l.tar.gz" or rename the local downloaded file with ".tar.tar"\r
+    NOTE: Some web browsers may rename the downloaded TAR file to openssl-0.9.8w.tar.tar.\r
+          When you do the download, rename the "openssl-0.9.8w.tar.tar" to\r
+          "openssl-0.9.8w.tar.gz" or rename the local downloaded file with ".tar.tar"\r

           extension to ".tar.gz".\r
 \r
           extension to ".tar.gz".\r
 \r

-2.  Extract TAR into CryptoPkg/Library/OpenSslLib/openssl-0.9.8l\r
+2.  Extract TAR into CryptoPkg/Library/OpenSslLib/openssl-0.9.8w\r

 \r
     NOTE: If you use WinZip to unpack the openssl source in Windows, please \r
           uncheck the WinZip smart CR/LF conversion option (WINZIP: Options --> \r
           Configuration --> Miscellaneous --> "TAR file smart CR/LF conversion").\r
   \r
 \r
     NOTE: If you use WinZip to unpack the openssl source in Windows, please \r
           uncheck the WinZip smart CR/LF conversion option (WINZIP: Options --> \r
           Configuration --> Miscellaneous --> "TAR file smart CR/LF conversion").\r
   \r

-3.  Apply this patch: EDKII_openssl-0.9.8l.patch, and make installation\r
+3.  Apply this patch: EDKII_openssl-0.9.8w.patch, and make installation\r

 \r
     For Windows Environment:\r
     ------------------------\r
     1) Make sure the patch utility has been installed in your machine.\r
        Install Cygwin or get the patch utility binary from \r
           http://gnuwin32.sourceforge.net/packages/patch.htm\r
 \r
     For Windows Environment:\r
     ------------------------\r
     1) Make sure the patch utility has been installed in your machine.\r
        Install Cygwin or get the patch utility binary from \r
           http://gnuwin32.sourceforge.net/packages/patch.htm\r

-    2) cd $(WORKSPACE)\CryptoPkg\Library\OpensslLib\openssl-0.9.8l\r
-    3) patch -p0 -i ..\EDKII_openssl-0.9.8l.patch\r
+    2) cd $(WORKSPACE)\CryptoPkg\Library\OpensslLib\openssl-0.9.8w\r
+    3) patch -p0 -i ..\EDKII_openssl-0.9.8w.patch\r

     4) cd ..\r
     4) cd ..\r

-    5) install.cmd\r
+    5) Install.cmd\r

 \r
     For Linux* Environment:\r
     -----------------------\r
     1) Make sure the patch utility has been installed in your machine.\r
        Patch utility is available from http://directory.fsf.org/project/patch/\r
 \r
     For Linux* Environment:\r
     -----------------------\r
     1) Make sure the patch utility has been installed in your machine.\r
        Patch utility is available from http://directory.fsf.org/project/patch/\r

-    2) cd $(WORKSPACE)/CryptoPkg/Library/OpensslLib/openssl-0.9.8l\r
-    3) patch -p0 -i ../EDKII_openssl-0.9.8l.patch\r
+    2) cd $(WORKSPACE)/CryptoPkg/Library/OpensslLib/openssl-0.9.8w\r
+    3) patch -p0 -i ../EDKII_openssl-0.9.8w.patch\r

     4) cd ..\r
     4) cd ..\r

-    5) ./install.sh\r
+    5) ./Install.sh\r

 \r
 \r