Mercurial > hg > orthanc
comparison Resources/CMake/OpenSslConfiguration.cmake @ 2789:2a4ac74da1ed
Fix HTTPS requests to sites using a certificate encrypted with ECDSA
author | Sebastien Jodogne <s.jodogne@gmail.com> |
---|---|
date | Thu, 26 Jul 2018 14:02:20 +0200 |
parents | 73bc0c32547c |
children | 57e2d65d37ce |
comparison
equal
deleted
inserted
replaced
2788:959bd8857eb5 | 2789:2a4ac74da1ed |
---|---|
206 if (ENABLE_OPENSSL_ENGINES) | 206 if (ENABLE_OPENSSL_ENGINES) |
207 list(APPEND OPENSSL_SOURCES_SUBDIRS | 207 list(APPEND OPENSSL_SOURCES_SUBDIRS |
208 ${OPENSSL_SOURCES_DIR}/engines | 208 ${OPENSSL_SOURCES_DIR}/engines |
209 ) | 209 ) |
210 endif() | 210 endif() |
211 | 211 |
212 if (ENABLE_PKCS11) | 212 list(APPEND OPENSSL_SOURCES_SUBDIRS |
213 list(APPEND OPENSSL_SOURCES_SUBDIRS | 213 # EC, ECDH and ECDSA are necessary for PKCS11, and for contacting |
214 # EC, ECDH and ECDSA are necessary for PKCS11 | 214 # HTTPS servers that use TLS certificate encrypted with ECDSA |
215 ${OPENSSL_SOURCES_DIR}/crypto/ec | 215 # (check the output of a recent version of the "sslscan" |
216 ${OPENSSL_SOURCES_DIR}/crypto/ecdh | 216 # command). Until Orthanc <= 1.4.1, these features were only |
217 ${OPENSSL_SOURCES_DIR}/crypto/ecdsa | 217 # enabled if ENABLE_PKCS11 support was set to "ON". |
218 ) | 218 # https://groups.google.com/d/msg/orthanc-users/2l-bhYIMEWg/oMmK33bYBgAJ |
219 else() | 219 ${OPENSSL_SOURCES_DIR}/crypto/ec |
220 add_definitions( | 220 ${OPENSSL_SOURCES_DIR}/crypto/ecdh |
221 -DOPENSSL_NO_EC | 221 ${OPENSSL_SOURCES_DIR}/crypto/ecdsa |
222 -DOPENSSL_NO_ECDH | 222 ) |
223 -DOPENSSL_NO_ECDSA | |
224 ) | |
225 endif() | |
226 | 223 |
227 foreach(d ${OPENSSL_SOURCES_SUBDIRS}) | 224 foreach(d ${OPENSSL_SOURCES_SUBDIRS}) |
228 AUX_SOURCE_DIRECTORY(${d} OPENSSL_SOURCES) | 225 AUX_SOURCE_DIRECTORY(${d} OPENSSL_SOURCES) |
229 endforeach() | 226 endforeach() |
230 | 227 |