On Fri, 2016-03-11 at 17:38 +0000, David Woodhouse wrote: > On Fri, 2016-03-11 at 09:25 -0800, James Bottomley wrote: > > > > > With the ssl/ directory enabled? > > > > Yes, if you crack the package, this is the contents: > > > > /usr/include/edk2 > > /usr/include/edk2/Base.h > > /usr/include/edk2/Guid > > /usr/include/edk2/Guid/GlobalVariable.h > > /usr/include/edk2/Guid/ImageAuthentication.h > > /usr/include/edk2/Library > > /usr/include/edk2/Library/BaseCryptLib.h > > /usr/include/edk2/ProcessorBind.h > > /usr/include/edk2/Protocol > > /usr/include/edk2/Protocol/Hash.h > > /usr/include/edk2/Protocol/Pkcs7Verify.h > > /usr/include/edk2/Uefi > > /usr/include/edk2/Uefi/UefiBaseType.h > > /usr/lib64/edk2 > > /usr/lib64/edk2/OpensslLib.lib > > > > It's the OpensslLib.lib that allows you to link all openssl > > functions > > in EFI. It's cheating quite a bit because the headers aren't > > present, > > so you use the Linux headers from openssl-devel when you compile. > > That's dangerous and likely to break; various structures change. > > But still, the OpensslLib in EDK2 only builds libcrypto; the contents > of the crypto/ directory of OpenSSL. > > The discussion here is about building libssl, from ssl/. > > Jiaxin proposed building it as a separate library. I asked why not > just build it into the *same* OpensslLib.
Oh, right, sorry misunderstood. It does look like my build is currently without this component, since we mostly only care about the pkcs7 and x509 functions. > Did you *really* enable the building of openssl-1.0.2x/ssl/*.c in the > above builds? Or are you talking about something different? No, and since I'm not using it, separating it is fine with me. James
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel