From f93f78ea70f14f0ca17e122588b85f947adfa569 Mon Sep 17 00:00:00 2001 From: Qin Long Date: Tue, 16 Jun 2015 00:52:17 +0000 Subject: [PATCH] CryptoPkg: Update openssl patch file from 0.9.8zf to 1.0.2c This patch adds a patch file for openssl-1.0.2c, and removes the patch file for openssl-0.9.8zf. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qin Long Reviewed-by: Ard Biesheuvel git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17633 6f19259b-4bc3-4df7-8a09-765794883524 --- .../OpensslLib/EDKII_openssl-0.9.8zf.patch | 279 -------------- .../OpensslLib/EDKII_openssl-1.0.2c.patch | 346 ++++++++++++++++++ 2 files changed, 346 insertions(+), 279 deletions(-) delete mode 100644 CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8zf.patch create mode 100644 CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2c.patch diff --git a/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8zf.patch b/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8zf.patch deleted file mode 100644 index 4abe62c52e..0000000000 --- a/CryptoPkg/Library/OpensslLib/EDKII_openssl-0.9.8zf.patch +++ /dev/null @@ -1,279 +0,0 @@ -Index: crypto/bio/bss_file.c -=================================================================== ---- crypto/bio/bss_file.c (revision 1) -+++ crypto/bio/bss_file.c (working copy) -@@ -418,6 +418,23 @@ - return (ret); - } - -+#else -+ -+BIO_METHOD *BIO_s_file(void) -+{ -+ return NULL; -+} -+ -+BIO *BIO_new_file(const char *filename, const char *mode) -+{ -+ return NULL; -+} -+ -+BIO *BIO_new_fp(FILE *stream, int close_flag) -+{ -+ return NULL; -+} -+ - # endif /* OPENSSL_NO_STDIO */ - - #endif /* HEADER_BSS_FILE_C */ -Index: crypto/crypto.h -=================================================================== ---- crypto/crypto.h (revision 1) -+++ crypto/crypto.h (working copy) -@@ -239,15 +239,15 @@ - # ifndef OPENSSL_NO_LOCKING - # ifndef CRYPTO_w_lock - # define CRYPTO_w_lock(type) \ -- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) -+ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,NULL,0) - # define CRYPTO_w_unlock(type) \ -- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) -+ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,NULL,0) - # define CRYPTO_r_lock(type) \ -- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__) -+ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,NULL,0) - # define CRYPTO_r_unlock(type) \ -- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__) -+ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,NULL,0) - # define CRYPTO_add(addr,amount,type) \ -- CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__) -+ CRYPTO_add_lock(addr,amount,type,NULL,0) - # endif - # else - # define CRYPTO_w_lock(a) -@@ -374,19 +374,19 @@ - # define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE) - # define is_MemCheck_on() CRYPTO_is_mem_check_on() - --# define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) --# define OPENSSL_strdup(str) CRYPTO_strdup((str),__FILE__,__LINE__) -+# define OPENSSL_malloc(num) CRYPTO_malloc((int)num,NULL,0) -+# define OPENSSL_strdup(str) CRYPTO_strdup((str),NULL,0) - # define OPENSSL_realloc(addr,num) \ -- CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__) -+ CRYPTO_realloc((char *)addr,(int)num,NULL,0) - # define OPENSSL_realloc_clean(addr,old_num,num) \ -- CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__) -+ CRYPTO_realloc_clean(addr,old_num,num,NULL,0) - # define OPENSSL_remalloc(addr,num) \ -- CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__) -+ CRYPTO_remalloc((char **)addr,(int)num,NULL,0) - # define OPENSSL_freeFunc CRYPTO_free - # define OPENSSL_free(addr) CRYPTO_free(addr) - - # define OPENSSL_malloc_locked(num) \ -- CRYPTO_malloc_locked((int)num,__FILE__,__LINE__) -+ CRYPTO_malloc_locked((int)num,NULL,0) - # define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr) - - const char *SSLeay_version(int type); -@@ -531,7 +531,7 @@ - long CRYPTO_get_mem_debug_options(void); - - # define CRYPTO_push_info(info) \ -- CRYPTO_push_info_(info, __FILE__, __LINE__); -+ CRYPTO_push_info_(info, NULL, 0); - int CRYPTO_push_info_(const char *info, const char *file, int line); - int CRYPTO_pop_info(void); - int CRYPTO_remove_all_info(void); -@@ -578,7 +578,7 @@ - - /* die if we have to */ - void OpenSSLDie(const char *file, int line, const char *assertion); --# define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1)) -+# define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(NULL, 0, #e),1)) - - unsigned long *OPENSSL_ia32cap_loc(void); - # define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc())) -@@ -585,10 +585,10 @@ - int OPENSSL_isservice(void); - - # ifdef OPENSSL_FIPS --# define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \ -+# define FIPS_ERROR_IGNORED(alg) OpenSSLDie(NULL, 0, \ - alg " previous FIPS forbidden algorithm error ignored"); - --# define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \ -+# define FIPS_BAD_ABORT(alg) OpenSSLDie(NULL, 0, \ - #alg " Algorithm forbidden in FIPS mode"); - - # ifdef OPENSSL_FIPS_STRICT -Index: crypto/err/err.c -=================================================================== ---- crypto/err/err.c (revision 1) -+++ crypto/err/err.c (working copy) -@@ -321,7 +321,12 @@ - es->err_data_flags[i] = flags; - } - -+/* Add EFIAPI for UEFI version. */ -+#if defined(OPENSSL_SYS_UEFI) -+void EFIAPI ERR_add_error_data(int num, ...) -+#else - void ERR_add_error_data(int num, ...) -+#endif - { - va_list args; - int i, n, s; -Index: crypto/err/err.h -=================================================================== ---- crypto/err/err.h (revision 1) -+++ crypto/err/err.h (working copy) -@@ -285,7 +285,13 @@ - # endif - # ifndef OPENSSL_NO_BIO - void ERR_print_errors(BIO *bp); -+ -+/* Add EFIAPI for UEFI version. */ -+#if defined(OPENSSL_SYS_UEFI) -+void EFIAPI ERR_add_error_data(int num, ...); -+#else - void ERR_add_error_data(int num, ...); -+#endif - # endif - void ERR_load_strings(int lib, ERR_STRING_DATA str[]); - void ERR_unload_strings(int lib, ERR_STRING_DATA str[]); -Index: crypto/opensslconf.h -=================================================================== ---- crypto/opensslconf.h (revision 1) -+++ crypto/opensslconf.h (working copy) -@@ -162,6 +162,9 @@ - /* The prime number generation stuff may not work when - * EIGHT_BIT but I don't care since I've only used this mode - * for debuging the bignum libraries */ -+ -+/* Bypass following definition for UEFI version. */ -+#if !defined(OPENSSL_SYS_UEFI) - #undef SIXTY_FOUR_BIT_LONG - #undef SIXTY_FOUR_BIT - #define THIRTY_TWO_BIT -@@ -169,6 +172,8 @@ - #undef EIGHT_BIT - #endif - -+#endif -+ - #if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H) - #define CONFIG_HEADER_RC4_LOCL_H - /* if this is defined data[i] is used instead of *data, this is a %20 -Index: crypto/pkcs7/pk7_smime.c -=================================================================== ---- crypto/pkcs7/pk7_smime.c (revision 1) -+++ crypto/pkcs7/pk7_smime.c (working copy) -@@ -90,7 +90,14 @@ - if (!PKCS7_content_new(p7, NID_pkcs7_data)) - goto err; - -+#if defined(OPENSSL_SYS_UEFI) -+ /* -+ * NOTE: Update to SHA-256 digest algorithm for UEFI version. -+ */ -+ if (!(si = PKCS7_add_signature(p7, signcert, pkey, EVP_sha256()))) { -+#else - if (!(si = PKCS7_add_signature(p7, signcert, pkey, EVP_sha1()))) { -+#endif - PKCS7err(PKCS7_F_PKCS7_SIGN, PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR); - goto err; - } -@@ -175,7 +182,8 @@ - STACK_OF(PKCS7_SIGNER_INFO) *sinfos; - PKCS7_SIGNER_INFO *si; - X509_STORE_CTX cert_ctx; -- char buf[4096]; -+ char *buf = NULL; -+ int bufsiz; - int i, j = 0, k, ret = 0; - BIO *p7bio; - BIO *tmpin, *tmpout; -@@ -286,6 +294,12 @@ - } else - tmpout = out; - -+ bufsiz = 4096; -+ buf = OPENSSL_malloc (bufsiz); -+ if (buf == NULL) { -+ goto err; -+ } -+ - /* We now have to 'read' from p7bio to calculate digests etc. */ - for (;;) { - i = BIO_read(p7bio, buf, sizeof(buf)); -@@ -328,6 +342,10 @@ - - sk_X509_free(signers); - -+ if (buf != NULL) { -+ OPENSSL_free (buf); -+ } -+ - return ret; - } - -Index: crypto/rand/rand_egd.c -=================================================================== ---- crypto/rand/rand_egd.c (revision 1) -+++ crypto/rand/rand_egd.c (working copy) -@@ -95,7 +95,7 @@ - * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. - */ - --#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) -+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI) - int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) - { - return (-1); -Index: crypto/rand/rand_unix.c -=================================================================== ---- crypto/rand/rand_unix.c (revision 1) -+++ crypto/rand/rand_unix.c (working copy) -@@ -116,7 +116,7 @@ - #include - #include "rand_lcl.h" - --#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) -+#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_UEFI)) - - # include - # include -@@ -332,7 +332,7 @@ - * defined(OPENSSL_SYS_VXWORKS) || - * defined(OPENSSL_SYS_NETWARE)) */ - --#if defined(OPENSSL_SYS_VXWORKS) -+#if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI) - int RAND_poll(void) - { - return 0; -Index: crypto/x509/x509_vfy.c -=================================================================== ---- crypto/x509/x509_vfy.c (revision 1) -+++ crypto/x509/x509_vfy.c (working copy) -@@ -871,6 +871,10 @@ - - static int check_cert_time(X509_STORE_CTX *ctx, X509 *x) - { -+#if defined(OPENSSL_SYS_UEFI) -+ /* Bypass Certificate Time Checking for UEFI version. */ -+ return 1; -+#else - time_t *ptime; - int i; - -@@ -910,6 +914,7 @@ - } - - return 1; -+#endif - } - - static int internal_verify(X509_STORE_CTX *ctx) diff --git a/CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2c.patch b/CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2c.patch new file mode 100644 index 0000000000..54e14d8af9 --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2c.patch @@ -0,0 +1,346 @@ +diff U3 crypto/bio/bio.h crypto/bio/bio.h +--- crypto/bio/bio.h Thu Jun 11 21:50:12 2015 ++++ crypto/bio/bio.h Fri Jun 12 11:00:52 2015 +@@ -646,10 +646,10 @@ + int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix, + asn1_ps_func **psuffix_free); + +-# ifndef OPENSSL_NO_FP_API + BIO_METHOD *BIO_s_file(void); + BIO *BIO_new_file(const char *filename, const char *mode); + BIO *BIO_new_fp(FILE *stream, int close_flag); ++# ifndef OPENSSL_NO_FP_API + # define BIO_s_file_internal BIO_s_file + # endif + BIO *BIO_new(BIO_METHOD *type); +diff U3 crypto/bio/bss_file.c crypto/bio/bss_file.c +--- crypto/bio/bss_file.c Thu Jun 11 21:01:06 2015 ++++ crypto/bio/bss_file.c Fri Jun 12 11:01:28 2015 +@@ -460,6 +460,23 @@ + return (ret); + } + ++# else ++ ++BIO_METHOD *BIO_s_file(void) ++{ ++ return NULL; ++} ++ ++BIO *BIO_new_file(const char *filename, const char *mode) ++{ ++ return NULL; ++} ++ ++BIO *BIO_new_fp(FILE *stream, int close_flag) ++{ ++ return NULL; ++} ++ + # endif /* OPENSSL_NO_STDIO */ + + #endif /* HEADER_BSS_FILE_C */ +diff U3 crypto/dh/dh_pmeth.c crypto/dh/dh_pmeth.c +--- crypto/dh/dh_pmeth.c Thu Jun 11 21:50:12 2015 ++++ crypto/dh/dh_pmeth.c Fri Jun 12 11:08:48 2015 +@@ -449,6 +449,9 @@ + *keylen = ret; + return 1; + } else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) { ++#ifdef OPENSSL_NO_CMS ++ return 0; ++#else + unsigned char *Z = NULL; + size_t Zlen = 0; + if (!dctx->kdf_outlen || !dctx->kdf_oid) +@@ -478,6 +481,7 @@ + OPENSSL_free(Z); + } + return ret; ++#endif + } + return 1; + } +diff U3 crypto/pem/pem.h crypto/pem/pem.h +--- crypto/pem/pem.h Thu Jun 11 21:50:12 2015 ++++ crypto/pem/pem.h Fri Jun 12 10:58:18 2015 +@@ -324,6 +324,7 @@ + + # define DECLARE_PEM_read_fp(name, type) /**/ + # define DECLARE_PEM_write_fp(name, type) /**/ ++# define DECLARE_PEM_write_fp_const(name, type) /**/ + # define DECLARE_PEM_write_cb_fp(name, type) /**/ + # else + +diff U3 crypto/pkcs7/pk7_smime.c crypto/pkcs7/pk7_smime.c +--- crypto/pkcs7/pk7_smime.c Thu Jun 11 21:01:06 2015 ++++ crypto/pkcs7/pk7_smime.c Fri Jun 12 11:23:38 2015 +@@ -254,7 +254,8 @@ + STACK_OF(PKCS7_SIGNER_INFO) *sinfos; + PKCS7_SIGNER_INFO *si; + X509_STORE_CTX cert_ctx; +- char buf[4096]; ++ char *buf = NULL; ++ int bufsiz; + int i, j = 0, k, ret = 0; + BIO *p7bio; + BIO *tmpin, *tmpout; +@@ -365,9 +366,14 @@ + } else + tmpout = out; + ++ bufsiz = 4096; ++ buf = OPENSSL_malloc(bufsiz); ++ if (buf == NULL) { ++ goto err; ++ } + /* We now have to 'read' from p7bio to calculate digests etc. */ + for (;;) { +- i = BIO_read(p7bio, buf, sizeof(buf)); ++ i = BIO_read(p7bio, buf, bufsiz); + if (i <= 0) + break; + if (tmpout) +@@ -406,6 +412,10 @@ + BIO_free_all(p7bio); + + sk_X509_free(signers); ++ ++ if (buf != NULL) { ++ OPENSSL_free(buf); ++ } + + return ret; + } +diff U3 crypto/rand/rand_unix.c crypto/rand/rand_unix.c +--- crypto/rand/rand_unix.c Thu Jun 11 21:01:06 2015 ++++ crypto/rand/rand_unix.c Fri Jun 12 10:51:21 2015 +@@ -116,7 +116,7 @@ + #include + #include "rand_lcl.h" + +-#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) ++#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_UEFI)) + + # include + # include +@@ -439,7 +439,7 @@ + * defined(OPENSSL_SYS_VXWORKS) || + * defined(OPENSSL_SYS_NETWARE)) */ + +-#if defined(OPENSSL_SYS_VXWORKS) ++#if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI) + int RAND_poll(void) + { + return 0; +diff U3 crypto/rsa/rsa_ameth.c crypto/rsa/rsa_ameth.c +--- crypto/rsa/rsa_ameth.c Thu Jun 11 21:50:12 2015 ++++ crypto/rsa/rsa_ameth.c Fri Jun 12 10:45:38 2015 +@@ -68,10 +68,12 @@ + #endif + #include "asn1_locl.h" + ++#ifndef OPENSSL_NO_CMS + static int rsa_cms_sign(CMS_SignerInfo *si); + static int rsa_cms_verify(CMS_SignerInfo *si); + static int rsa_cms_decrypt(CMS_RecipientInfo *ri); + static int rsa_cms_encrypt(CMS_RecipientInfo *ri); ++#endif + + static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) + { +@@ -665,6 +667,7 @@ + return rv; + } + ++#ifndef OPENSSL_NO_CMS + static int rsa_cms_verify(CMS_SignerInfo *si) + { + int nid, nid2; +@@ -683,6 +686,7 @@ + } + return 0; + } ++#endif + + /* + * Customised RSA item verification routine. This is called when a signature +@@ -705,6 +709,7 @@ + return -1; + } + ++#ifndef OPENSSL_NO_CMS + static int rsa_cms_sign(CMS_SignerInfo *si) + { + int pad_mode = RSA_PKCS1_PADDING; +@@ -729,6 +734,7 @@ + X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsassaPss), V_ASN1_SEQUENCE, os); + return 1; + } ++#endif + + static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, + X509_ALGOR *alg1, X509_ALGOR *alg2, +@@ -785,6 +791,7 @@ + return pss; + } + ++#ifndef OPENSSL_NO_CMS + static int rsa_cms_decrypt(CMS_RecipientInfo *ri) + { + EVP_PKEY_CTX *pkctx; +@@ -857,7 +864,9 @@ + X509_ALGOR_free(maskHash); + return rv; + } ++#endif + ++#ifndef OPENSSL_NO_CMS + static int rsa_cms_encrypt(CMS_RecipientInfo *ri) + { + const EVP_MD *md, *mgf1md; +@@ -920,6 +929,7 @@ + ASN1_STRING_free(os); + return rv; + } ++#endif + + const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] = { + { +diff U3 crypto/x509/x509_vfy.c crypto/x509/x509_vfy.c +--- crypto/x509/x509_vfy.c Thu Jun 11 21:52:58 2015 ++++ crypto/x509/x509_vfy.c Fri Jun 12 11:29:37 2015 +@@ -1647,6 +1647,10 @@ + + static int check_cert_time(X509_STORE_CTX *ctx, X509 *x) + { ++#ifdef OPENSSL_SYS_UEFI ++ /* Bypass Certificate Time Checking for UEFI version. */ ++ return 1; ++#else + time_t *ptime; + int i; + +@@ -1686,6 +1690,7 @@ + } + + return 1; ++#endif + } + + static int internal_verify(X509_STORE_CTX *ctx) +diff U3 crypto/x509v3/ext_dat.h crypto/x509v3/ext_dat.h +--- crypto/x509v3/ext_dat.h Thu Jun 11 21:50:12 2015 ++++ crypto/x509v3/ext_dat.h Fri Jun 12 11:11:03 2015 +@@ -127,8 +127,10 @@ + &v3_idp, + &v3_alt[2], + &v3_freshest_crl, ++#ifndef OPENSSL_SYS_UEFI + &v3_ct_scts[0], + &v3_ct_scts[1], ++#endif + }; + + /* Number of standard extensions */ +diff U3 crypto/crypto.h crypto/crypto.h +--- crypto/crypto.h Thu Jun 11 21:01:06 2015 ++++ crypto/crypto.h Fri Jun 12 11:33:27 2015 +@@ -235,15 +235,15 @@ + # ifndef OPENSSL_NO_LOCKING + # ifndef CRYPTO_w_lock + # define CRYPTO_w_lock(type) \ +- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) ++ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,NULL,0) + # define CRYPTO_w_unlock(type) \ +- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) ++ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,NULL,0) + # define CRYPTO_r_lock(type) \ +- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__) ++ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,NULL,0) + # define CRYPTO_r_unlock(type) \ +- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__) ++ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,NULL,0) + # define CRYPTO_add(addr,amount,type) \ +- CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__) ++ CRYPTO_add_lock(addr,amount,type,NULL,0) + # endif + # else + # define CRYPTO_w_lock(a) +@@ -378,19 +378,19 @@ + # define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE) + # define is_MemCheck_on() CRYPTO_is_mem_check_on() + +-# define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) +-# define OPENSSL_strdup(str) CRYPTO_strdup((str),__FILE__,__LINE__) ++# define OPENSSL_malloc(num) CRYPTO_malloc((int)num,NULL,0) ++# define OPENSSL_strdup(str) CRYPTO_strdup((str),NULL,0) + # define OPENSSL_realloc(addr,num) \ +- CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__) ++ CRYPTO_realloc((char *)addr,(int)num,NULL,0) + # define OPENSSL_realloc_clean(addr,old_num,num) \ +- CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__) ++ CRYPTO_realloc_clean(addr,old_num,num,NULL,0) + # define OPENSSL_remalloc(addr,num) \ +- CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__) ++ CRYPTO_remalloc((char **)addr,(int)num,NULL,0) + # define OPENSSL_freeFunc CRYPTO_free + # define OPENSSL_free(addr) CRYPTO_free(addr) + + # define OPENSSL_malloc_locked(num) \ +- CRYPTO_malloc_locked((int)num,__FILE__,__LINE__) ++ CRYPTO_malloc_locked((int)num,NULL,0) + # define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr) + + const char *SSLeay_version(int type); +@@ -545,7 +545,7 @@ + long CRYPTO_get_mem_debug_options(void); + + # define CRYPTO_push_info(info) \ +- CRYPTO_push_info_(info, __FILE__, __LINE__); ++ CRYPTO_push_info_(info, NULL, 0); + int CRYPTO_push_info_(const char *info, const char *file, int line); + int CRYPTO_pop_info(void); + int CRYPTO_remove_all_info(void); +@@ -588,7 +588,7 @@ + + /* die if we have to */ + void OpenSSLDie(const char *file, int line, const char *assertion); +-# define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1)) ++# define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(NULL, 0, #e),1)) + + unsigned long *OPENSSL_ia32cap_loc(void); + # define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc())) +@@ -605,14 +605,14 @@ + # define fips_md_init_ctx(alg, cx) \ + int alg##_Init(cx##_CTX *c) \ + { \ +- if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \ ++ if (FIPS_mode()) OpenSSLDie(NULL, 0, \ + "Low level API call to digest " #alg " forbidden in FIPS mode!"); \ + return private_##alg##_Init(c); \ + } \ + int private_##alg##_Init(cx##_CTX *c) + + # define fips_cipher_abort(alg) \ +- if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \ ++ if (FIPS_mode()) OpenSSLDie(NULL, 0, \ + "Low level API call to cipher " #alg " forbidden in FIPS mode!") + + # else +diff U3 crypto/opensslconf.h crypto/opensslconf.h +--- crypto/opensslconf.h Thu Jun 11 21:55:38 2015 ++++ crypto/opensslconf.h Fri Jun 12 10:28:27 2015 +@@ -159,9 +159,12 @@ + /* Should we define BN_DIV2W here? */ + + /* Only one for the following should be defined */ ++/* Bypass the following definitions for UEFI version. */ ++#if !defined(OPENSSL_SYS_UEFI) + #undef SIXTY_FOUR_BIT_LONG + #undef SIXTY_FOUR_BIT + #define THIRTY_TWO_BIT ++#endif + #endif + + #if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)