Support tls openssl1_1_1q #137
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Jing He <jing.j.he@intel.com>
* Linux: fix Nix detection Detect the `OS_ID` of Nix by probing for the presence of the `NIX_STORE` environment variable instead of `NIX_PATH`. The latter is only set in a `nix-shell` session but isn't when building a derivation through `nix-build`. In contrast, the `NIX_STORE` environment variable is set in both cases. Signed-off-by: Vincent Haupert <mail@vincent-haupert.de> * Linux: call binaries relative to PATH Using an absolute path to call binaries is incompatible with distributions which do not follow the Filesystem Hierachy Standard; Nix is an example. Also, it is inconsistent with the rest of the code base, let alone superfluous. Signed-off-by: Vincent Haupert <mail@vincent-haupert.de> * Linux: properly extract GCC major version Calling `gcc -dumpversion` yields the full version string, e.g., `10.3.0`. The `build_openssl.sh` bash script uses the `-ge` number comparison operator to check if the returned version is at least 8. This results in an error if the returned GCC version includes a patch version; "10.3.0" isn't a valid number. This commit fixes the version detection by only extracting the relevant major version of GCC. Signed-off-by: Vincent Haupert <mail@vincent-haupert.de>
* add a built flag "SKIP_INTELCPU_CHECK" for non-intel platform, ref #113 * Update README.md Signed-off-by: Jing He <jing.j.he@intel.com>
* update build scripts, removing OPENSSL_INSTALL_DIR * update tsgxssl file to remove full path Signed-off-by: Jing He <jing.j.he@intel.com>
* use the _t.h of the generated version instead of the saved one Signed-off-by: Jing He <jing.j.he@intel.com> * fix the last file Signed-off-by: Jing He <jing.j.he@intel.com> * remove unnecessary including of sgx_trts.h Signed-off-by: Jing He <jing.j.he@intel.com> * correct the tcommon.h file name Signed-off-by: Jing He <jing.j.he@intel.com>
* add build dependence path for td migration build * revert untrusted part changes, since only need trusted part
* upgrade for openssl 1.1.1p Signed-off-by: Jing He <jing.j.he@intel.com> * generated by: $ diff ../openssl_source/openssl-1.1.1p/crypto/bn/x86_64-mont5.s ../openssl_source/openssl-1.1.1o/crypto/bn/x86_64-mont5.s Signed-off-by: Jing He <jing.j.he@intel.com> * generated by: (WSL) $ diff ../openssl_source/openssl-1.1.1p/crypto/bn/x86_64-mont5.asm ../openssl_source/openssl-1.1.1o/crypto/bn/x86_64-mont5.asm Signed-off-by: Jing He <jing.j.he@intel.com> * upgrade for openssl 1.1.1p Signed-off-by: Jing He <jing.j.he@intel.com>
Signed-off-by: Jing He <jing.j.he@intel.com>
* update for OpenSSL upgrading to 1.1.1q Signed-off-by: Jing He <jing.j.he@intel.com> * update Signed-off-by: Jing He <jing.j.he@intel.com>
Signed-off-by: Zhang, Lili Z <lili.z.zhang@intel.com> Signed-off-by: Zhang, Lili Z <lili.z.zhang@intel.com>
jinghe-INTC
approved these changes
Sep 22, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
support tls openssl1.1.1q, sync with master branch.