On 05/09/19 07:23, Xiaoyu lu wrote:
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1089
>
> OpenSSL configure mechanism use --with-rand-seed=xxx option to configure
> random number generation.
>
> OpenSSL_1_1_0j(74f2d9c1ec5f5510e1d3da5a9f03c28df0977762)
> we use default --with-rand-seed=os option to for building it.
>
> But OpenSSL_1_1_1b(50eaac9f3337667259de725451f201e784599687)
> only support seeding NONE for UEFI(rand_unix.c line 93).
(1) Please insert the following sentence here (no need to repost just
for this; can be done before pushing):
----
This OpenSSL change was introduced in commit
8389ec4b4950 ("Add --with-rand-seed", 2017-07-22).
----
with that:
Reviewed-by: Laszlo Ersek <ler...@redhat.com>
Thanks
Laszlo
> So add --with-rand-seed=none to process_files.pl.
>
> Cc: Jian J Wang <jian.j.w...@intel.com>
> Cc: Ting Ye <ting...@intel.com>
> Signed-off-by: Xiaoyu Lu <xiaoyux...@intel.com>
> ---
> CryptoPkg/Library/OpensslLib/process_files.pl | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl
> b/CryptoPkg/Library/OpensslLib/process_files.pl
> index f6e1f43..6c136cc 100755
> --- a/CryptoPkg/Library/OpensslLib/process_files.pl
> +++ b/CryptoPkg/Library/OpensslLib/process_files.pl
> @@ -90,7 +90,10 @@ BEGIN {
> "no-threads",
> "no-ts",
> "no-ui",
> - "no-whirlpool"
> + "no-whirlpool",
> + # OpenSSL1_1_1b doesn't support default rand-seed-os for UEFI
> + # UEFI only support --with-rand-seed=none
> + "--with-rand-seed=none"
> ) == 0 ||
> die "OpenSSL Configure failed!\n";
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#40331): https://edk2.groups.io/g/devel/message/40331
Mute This Topic: https://groups.io/mt/31552208/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
