(mirror of https://github.com/vyos/efi-boot-shim.git) https://git.amelek.net/vyos/efi-boot-shim.git/atom?h=12 2017-04-11T14:42:19+00:00 2017-04-11T14:42:19+00:00 Gary Lin glin@suse.com 2017-04-10T09:23:29+00:00 urn:sha1:e9cc33d6f2b7f35c6f5e349fd83fb9ae0bc66226 Disable DES completely since it's already old and insecure. This makes MokManager not support the DES based password hash but probably no one is using it. Signed-off-by: Gary Lin <glin@suse.com> 2017-04-11T14:42:19+00:00 Gary Lin glin@suse.com 2017-04-10T08:55:17+00:00 urn:sha1:80d49f758ead0180bfe6161931838e0578248303 MD4 is known to be insecure and shim never uses it. Signed-off-by: Gary Lin <glin@suse.com> 2017-04-11T14:42:18+00:00 Gary Lin glin@suse.com 2017-03-31T08:34:14+00:00 urn:sha1:0f3dfc01e2d5e7df882c963dd8dc4a0dfbfc96ad - Delete the old openssl files and use the script to copy the new files - Add "-DNO_SYSLOG" to CFLAGS and add crypto/include to the include path Signed-off-by: Gary Lin <glin@suse.com> 2017-03-24T22:28:30+00:00 Gary Lin glin@suse.com 2017-03-15T07:42:28+00:00 urn:sha1:f48505bfb2b479694c01f7c56bd3548dfe243f46 Signed-off-by: Gary Lin <glin@suse.com> 2016-11-30T17:57:34+00:00 Gary Lin glin@suse.com 2016-10-13T07:57:25+00:00 urn:sha1:b371a682fb67ff945a8095437b9b33cab549bb49 Signed-off-by: Gary Lin <glin@suse.com> 2016-09-06T19:05:36+00:00 Gary Lin glin@suse.com 2016-07-21T04:28:11+00:00 urn:sha1:8dcfecc6c76effa8afe0d4b6eca95023d51f1e03 Signed-off-by: Gary Lin <glin@suse.com> 2016-09-06T19:05:36+00:00 Gary Lin glin@suse.com 2016-03-17T06:59:04+00:00 urn:sha1:0297aa3cf34ca3a95a6e95db7aff82020aefa0e5 Signed-off-by: Gary Lin <glin@suse.com> 2016-09-06T19:05:34+00:00 Gary Lin glin@suse.com 2015-12-15T02:48:10+00:00 urn:sha1:e571428e21280c28d0d591b70f13add7d8dbfe81 Also update Cryptlib to edk2 r19218 - Undefine NO_BUILTIN_VA_FUNCS in Cryptlib/OpenSSL/ for x86_64 to use the gcc builtins and remove all EFIAPI from the functions - Move the most of defines into the headers instead of Makefile - Remove the global variable 'timeval' - Remove the unused code: crypto/pqueue/* and crypto/ts/* - Include bn.h in MokManager.c due to the changes in openssl Signed-off-by: Gary Lin <glin@suse.com> 2015-11-09T14:50:50+00:00 Gary Ching-Pang Lin glin@suse.com 2015-10-27T04:00:13+00:00 urn:sha1:5a49bad020792483b5abd137861f906c55bf9dca It turned out that my previous crash fix(*) was wrong. We actually always used the gcc built-in va functions instead of the "real" va functions for EFIAPI, and we are just lucky that ERR_add_error_data didn't crash before. This commit copies the va functions from MdePkg/Include/Base.h in edk2 and introdues NO_BUILTIN_VA_FUNCS for x86_64, so that all the x86_64 build will adopt the new va functions. For safety, I also added EFIAPI to all the functions which use va_* to avoid the potential trouble. (*) a7f4b26cc35204165bd04e75c34e8e7aa2a87ecc Signed-off-by: Gary Ching-Pang Lin <glin@suse.com> 2015-07-28T15:46:38+00:00 Gary Ching-Pang Lin glin@suse.com 2015-07-15T08:33:32+00:00 urn:sha1:a7f4b26cc35204165bd04e75c34e8e7aa2a87ecc Without declaring EFIAPI for ERR_add_error_vdata, shim would crash while verifying the loaded image. Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>