Mercurial > hg > orthanc
comparison Resources/CMake/OpenSslConfiguration.cmake @ 2789:2a4ac74da1ed
Fix HTTPS requests to sites using a certificate encrypted with ECDSA
| author | Sebastien Jodogne <s.jodogne@gmail.com> |
|---|---|
| date | Thu, 26 Jul 2018 14:02:20 +0200 |
| parents | 73bc0c32547c |
| children | 57e2d65d37ce |
comparison
equal
deleted
inserted
replaced
| 2788:959bd8857eb5 | 2789:2a4ac74da1ed |
|---|---|
| 206 if (ENABLE_OPENSSL_ENGINES) | 206 if (ENABLE_OPENSSL_ENGINES) |
| 207 list(APPEND OPENSSL_SOURCES_SUBDIRS | 207 list(APPEND OPENSSL_SOURCES_SUBDIRS |
| 208 ${OPENSSL_SOURCES_DIR}/engines | 208 ${OPENSSL_SOURCES_DIR}/engines |
| 209 ) | 209 ) |
| 210 endif() | 210 endif() |
| 211 | 211 |
| 212 if (ENABLE_PKCS11) | 212 list(APPEND OPENSSL_SOURCES_SUBDIRS |
| 213 list(APPEND OPENSSL_SOURCES_SUBDIRS | 213 # EC, ECDH and ECDSA are necessary for PKCS11, and for contacting |
| 214 # EC, ECDH and ECDSA are necessary for PKCS11 | 214 # HTTPS servers that use TLS certificate encrypted with ECDSA |
| 215 ${OPENSSL_SOURCES_DIR}/crypto/ec | 215 # (check the output of a recent version of the "sslscan" |
| 216 ${OPENSSL_SOURCES_DIR}/crypto/ecdh | 216 # command). Until Orthanc <= 1.4.1, these features were only |
| 217 ${OPENSSL_SOURCES_DIR}/crypto/ecdsa | 217 # enabled if ENABLE_PKCS11 support was set to "ON". |
| 218 ) | 218 # https://groups.google.com/d/msg/orthanc-users/2l-bhYIMEWg/oMmK33bYBgAJ |
| 219 else() | 219 ${OPENSSL_SOURCES_DIR}/crypto/ec |
| 220 add_definitions( | 220 ${OPENSSL_SOURCES_DIR}/crypto/ecdh |
| 221 -DOPENSSL_NO_EC | 221 ${OPENSSL_SOURCES_DIR}/crypto/ecdsa |
| 222 -DOPENSSL_NO_ECDH | 222 ) |
| 223 -DOPENSSL_NO_ECDSA | |
| 224 ) | |
| 225 endif() | |
| 226 | 223 |
| 227 foreach(d ${OPENSSL_SOURCES_SUBDIRS}) | 224 foreach(d ${OPENSSL_SOURCES_SUBDIRS}) |
| 228 AUX_SOURCE_DIRECTORY(${d} OPENSSL_SOURCES) | 225 AUX_SOURCE_DIRECTORY(${d} OPENSSL_SOURCES) |
| 229 endforeach() | 226 endforeach() |
| 230 | 227 |