]> git.proxmox.com Git - mirror_edk2.git/commitdiff
projects / mirror_edk2.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 9508a4a)
Nt32Pkg: exclude libssl functionality from OpensslLib if TLS_ENABLE=FALSE
authorLaszlo Ersek <lersek@redhat.com>
Thu, 23 Feb 2017 20:46:06 +0000 (21:46 +0100)
committerLaszlo Ersek <lersek@redhat.com>
Mon, 27 Feb 2017 09:42:09 +0000 (10:42 +0100)
Ease security analysis by excluding libssl functionality from the
OpensslLib instance we use with TLS_ENABLE=FALSE.

Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Tomas Hoger <thoger@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Nt32Pkg/Nt32Pkg.dsc patch | blob | blame | history

diff --git a/Nt32Pkg/Nt32Pkg.dsc b/Nt32Pkg/Nt32Pkg.dsc
index 47e37ecae134094104cb995089e7bdce36b47f71..499b1fe8abe0e8b3c75ec1bf8e3f0a247cb62a88 100644 (file)
--- a/Nt32Pkg/Nt32Pkg.dsc
+++ b/Nt32Pkg/Nt32Pkg.dsc
@@ -159,7 +159,11 @@
   CpuExceptionHandlerLib|MdeModulePkg/Library/CpuExceptionHandlerLibNull/CpuExceptionHandlerLibNull.inf\r
   LockBoxLib|MdeModulePkg/Library/LockBoxNullLib/LockBoxNullLib.inf\r
   IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf\r
+!if $(TLS_ENABLE) == TRUE\r
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf\r
+!else\r
+  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf\r
+!endif\r
   \r
 !if $(SECURE_BOOT_ENABLE) == TRUE\r
   PlatformSecureLib|Nt32Pkg/Library/PlatformSecureLib/PlatformSecureLib.inf\r
EFI Development Kit II mirror for PVE