On Thu, 2016-02-18 at 00:33 +0800, Qin Long wrote:
>
> ---- crypto/pkcs7/pk7_smime.c Thu Jun 11 21:01:06 2015
> -+++ crypto/pkcs7/pk7_smime.c Fri Jun 12 11:23:38 2015
> +--- crypto/pkcs7/pk7_smime.c Thu Jan 28 21:56:08 2016
> ++++ crypto/pkcs7/pk7_smime.c Wed Feb 17 16:22:45 2016
> @@ -254,7 +254,8 @@
> STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
> PKCS7_SIGNER_INFO *si;
> @@ -114,20 +114,19 @@ diff U3 crypto/pkcs7/pk7_smime.c
> crypto/pkcs7/pk7_smime.c
> if (i <= 0)
> break;
> if (tmpout)
> -@@ -394,6 +394,10 @@
> +@@ -394,6 +394,9 @@
> }
> BIO_free_all(p7bio);
> sk_X509_free(signers);
> -+
> + if (buf != NULL) {
> -+ OPENSSL_free(buf);
> ++ OPENSSL_free(buf);
> + }
> return ret;
> }
> This bit of code addresses OpenSSL RT#3955, although you don't actually *mention* that fact anywhere. A different fix has been committed to OpenSSL to close that RT. We should not be carrying patches which *differ* from the fixes that went into OpenSSL upstream. That's why part of my patch series (qv) actually *replaces* this whole EDKII_openssl-1.0.2X.patch with a cleanly generated one from a 1.0.2- based git tree, *with* its full changelog: http://git.infradead.org/users/dwmw2/edk2.git/commitdiff/cf8dd4aee409 I mention this just to reinforce the need for that change, even before we make the switch to OpenSSL 1.1. FWIW I was unable to apply the patch from your email; if there was ever a trick to managing the bogus line endings, I've forgotten it. Can we *please* keep native line endings in the git tree and let it be checked out into the native form — like everyone else does? -- David Woodhouse Open Source Technology Centre david.woodho...@intel.com Intel Corporation
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
