diff --git a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt index e8b0bab010..d152138129 100644 --- a/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt +++ b/CryptoPkg/Library/OpensslLib/OpenSSL-HOWTO.txt @@ -18,7 +18,7 @@ on the cryptography. OpenSSL-Version ============================================================================= EDKII supports building with the latest release of OpenSSL. - The latest official release is OpenSSL-1.1.0e (Released at 2017-Feb-16). + The latest official release is OpenSSL-1.1.0g (Released at 2017-Nov-02). NOTE: Only latest release version was fully validated. And no guarantees on build & functionality if using other versions. @@ -28,13 +28,13 @@ on the cryptography. 1. Clone the latest official OpenSSL release into the directory CryptoPkg/Library/OpensslLib/openssl/ - Use OpenSSL-1.1.0e release as one example: - (OpenSSL_1_1_0e below is the tag name for the OpenSSL-1.1.0e release) + Use OpenSSL-1.1.0g release as one example: + (OpenSSL_1_1_0g below is the tag name for the OpenSSL-1.1.0g release) > cd CryptoPkg/Library/OpensslLib - > git clone -b OpenSSL_1_1_0e https://github.com/openssl/openssl openssl + > git clone -b OpenSSL_1_1_0g https://github.com/openssl/openssl openssl or > git clone https://github.com/openssl/openssl openssl - > git checkout OpenSSL_1_1_0e + > git checkout OpenSSL_1_1_0g Or 2. Download the latest OpenSSL release package from the official website: https://www.openssl.org/source/ diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf index 1d15da6660..5302ad7fb5 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf @@ -95,6 +95,7 @@ $(OPENSSL_PATH)/crypto/asn1/x_algor.c $(OPENSSL_PATH)/crypto/asn1/x_bignum.c $(OPENSSL_PATH)/crypto/asn1/x_info.c + $(OPENSSL_PATH)/crypto/asn1/x_int64.c $(OPENSSL_PATH)/crypto/asn1/x_long.c $(OPENSSL_PATH)/crypto/asn1/x_pkey.c $(OPENSSL_PATH)/crypto/asn1/x_sig.c @@ -539,10 +540,11 @@ # C4389: 'operator' : signed/unsigned mismatch (xxxx) # C4702: unreachable code # C4706: assignment within conditional expression + # C4819: The file contains a character that cannot be represented in the current code page # - MSFT:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4389 /wd4702 /wd4706 - MSFT:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 - MSFT:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 + MSFT:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4389 /wd4702 /wd4706 /wd4819 + MSFT:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 /wd4819 + MSFT:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 /wd4819 INTEL:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) /w INTEL:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) /w @@ -551,10 +553,12 @@ # # Suppress the following build warnings in openssl so we don't break the build with -Werror # -Werror=maybe-uninitialized: there exist some other paths for which the variable is not initialized. + # -Werror=format: Check calls to printf and scanf, etc., to make sure that the arguments supplied have + # types appropriate to the format string specified. # GCC:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized - GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -DNO_MSABI_VA_FUNCS - GCC:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized + GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-error=format -DNO_MSABI_VA_FUNCS + GCC:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-error=format GCC:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS) GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS) diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf index 6fc8884da4..0c7f9e9e66 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf @@ -95,6 +95,7 @@ $(OPENSSL_PATH)/crypto/asn1/x_algor.c $(OPENSSL_PATH)/crypto/asn1/x_bignum.c $(OPENSSL_PATH)/crypto/asn1/x_info.c + $(OPENSSL_PATH)/crypto/asn1/x_int64.c $(OPENSSL_PATH)/crypto/asn1/x_long.c $(OPENSSL_PATH)/crypto/asn1/x_pkey.c $(OPENSSL_PATH)/crypto/asn1/x_sig.c @@ -500,10 +501,11 @@ # C4389: 'operator' : signed/unsigned mismatch (xxxx) # C4702: unreachable code # C4706: assignment within conditional expression + # C4819: The file contains a character that cannot be represented in the current code page # - MSFT:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4389 /wd4702 /wd4706 - MSFT:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 - MSFT:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 + MSFT:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4389 /wd4702 /wd4706 /wd4819 + MSFT:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 /wd4819 + MSFT:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) /wd4090 /wd4244 /wd4245 /wd4267 /wd4306 /wd4389 /wd4702 /wd4706 /wd4819 INTEL:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) /w INTEL:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) /w @@ -512,10 +514,12 @@ # # Suppress the following build warnings in openssl so we don't break the build with -Werror # -Werror=maybe-uninitialized: there exist some other paths for which the variable is not initialized. + # -Werror=format: Check calls to printf and scanf, etc., to make sure that the arguments supplied have + # types appropriate to the format string specified. # GCC:*_*_IA32_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized - GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -DNO_MSABI_VA_FUNCS - GCC:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized + GCC:*_*_X64_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-error=format -DNO_MSABI_VA_FUNCS + GCC:*_*_IPF_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-error=maybe-uninitialized -Wno-error=format GCC:*_*_ARM_CC_FLAGS = $(OPENSSL_FLAGS) GCC:*_*_AARCH64_CC_FLAGS = $(OPENSSL_FLAGS) diff --git a/CryptoPkg/Library/OpensslLib/buildinf.h b/CryptoPkg/Library/OpensslLib/buildinf.h index 3d967d2a86..c5ca293c72 100644 --- a/CryptoPkg/Library/OpensslLib/buildinf.h +++ b/CryptoPkg/Library/OpensslLib/buildinf.h @@ -1,2 +1,2 @@ #define PLATFORM "UEFI" -#define DATE "Tues Mar 21 01:23:45 PDT 2017" +#define DATE "Fri Dec 22 01:23:45 PDT 2017"