Mercurial > hg > orthanc
diff Resources/CMake/OpenSslConfigurationStatic-1.1.1.cmake @ 3720:faa695f433d5
upgraded OpenSSL to 1.1.1d
| author | Sebastien Jodogne <s.jodogne@gmail.com> |
|---|---|
| date | Thu, 05 Mar 2020 16:42:55 +0100 |
| parents | |
| children | c575fb0adf91 |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/Resources/CMake/OpenSslConfigurationStatic-1.1.1.cmake Thu Mar 05 16:42:55 2020 +0100 @@ -0,0 +1,224 @@ +SET(OPENSSL_SOURCES_DIR ${CMAKE_BINARY_DIR}/openssl-1.1.1d) +SET(OPENSSL_URL "http://orthanc.osimis.io/ThirdPartyDownloads/openssl-1.1.1d.tar.gz") +SET(OPENSSL_MD5 "3be209000dbc7e1b95bcdf47980a3baa") + +if (IS_DIRECTORY "${OPENSSL_SOURCES_DIR}") + set(FirstRun OFF) +else() + set(FirstRun ON) +endif() + +DownloadPackage(${OPENSSL_MD5} ${OPENSSL_URL} "${OPENSSL_SOURCES_DIR}") + +if (FirstRun) + file(WRITE ${AUTOGENERATED_DIR}/openssl_cversion.c " +#include \"internal/cryptlib.h\" +unsigned long OpenSSL_version_num(void) +{ + return OPENSSL_VERSION_NUMBER; +} +") + file(WRITE ${OPENSSL_SOURCES_DIR}/crypto/include/internal/bn_conf.h "") + file(WRITE ${OPENSSL_SOURCES_DIR}/crypto/include/internal/dso_conf.h "") + + # Apply the patches + execute_process( + COMMAND ${PATCH_EXECUTABLE} -p0 -N -i + ${ORTHANC_ROOT}/Resources/Patches/openssl-1.1.1d.patch + WORKING_DIRECTORY ${CMAKE_BINARY_DIR} + RESULT_VARIABLE Failure + ) + + if (Failure) + message(FATAL_ERROR "Error while patching a file") + endif() +else() + message("The patches for OpenSSL have already been applied") +endif() + +add_definitions( + -DOPENSSL_THREADS + -DOPENSSL_IA32_SSE2 + -DOPENSSL_NO_ASM + -DOPENSSL_NO_DYNAMIC_ENGINE + + -DOPENSSL_NO_BF + -DOPENSSL_NO_CAMELLIA + -DOPENSSL_NO_CAST + -DOPENSSL_NO_EC_NISTP_64_GCC_128 + -DOPENSSL_NO_GMP + -DOPENSSL_NO_GOST + -DOPENSSL_NO_HW + -DOPENSSL_NO_JPAKE + -DOPENSSL_NO_IDEA + -DOPENSSL_NO_KRB5 + -DOPENSSL_NO_MD2 + -DOPENSSL_NO_MDC2 + #-DOPENSSL_NO_MD4 # MD4 is necessary for MariaDB/MySQL client + -DOPENSSL_NO_RC2 + -DOPENSSL_NO_RC4 + -DOPENSSL_NO_RC5 + -DOPENSSL_NO_RFC3779 + -DOPENSSL_NO_SCTP + -DOPENSSL_NO_STORE + -DOPENSSL_NO_SEED + -DOPENSSL_NO_WHIRLPOOL + -DOPENSSL_NO_RIPEMD + + -DOPENSSLDIR="/usr/local/ssl" + ) + + +if ("${CMAKE_SYSTEM_VERSION}" STREQUAL "LinuxStandardBase") + # In order for "crypto/mem_sec.c" to compile on LSB + add_definitions(-DOPENSSL_NO_SECURE_MEMORY) +endif() + + +include_directories( + ${OPENSSL_SOURCES_DIR} + ${OPENSSL_SOURCES_DIR}/crypto + ${OPENSSL_SOURCES_DIR}/crypto/asn1 + ${OPENSSL_SOURCES_DIR}/crypto/ec/curve448 + ${OPENSSL_SOURCES_DIR}/crypto/ec/curve448/arch_32 + ${OPENSSL_SOURCES_DIR}/crypto/evp + ${OPENSSL_SOURCES_DIR}/crypto/include + ${OPENSSL_SOURCES_DIR}/crypto/modes + ${OPENSSL_SOURCES_DIR}/include + ) + + +set(OPENSSL_SOURCES_SUBDIRS + ${OPENSSL_SOURCES_DIR}/crypto + ${OPENSSL_SOURCES_DIR}/crypto/aes + ${OPENSSL_SOURCES_DIR}/crypto/aria + ${OPENSSL_SOURCES_DIR}/crypto/asn1 + ${OPENSSL_SOURCES_DIR}/crypto/async + ${OPENSSL_SOURCES_DIR}/crypto/async/arch + ${OPENSSL_SOURCES_DIR}/crypto/bio + ${OPENSSL_SOURCES_DIR}/crypto/blake2 + ${OPENSSL_SOURCES_DIR}/crypto/bn + ${OPENSSL_SOURCES_DIR}/crypto/buffer + ${OPENSSL_SOURCES_DIR}/crypto/chacha + ${OPENSSL_SOURCES_DIR}/crypto/cmac + ${OPENSSL_SOURCES_DIR}/crypto/cms + ${OPENSSL_SOURCES_DIR}/crypto/comp + ${OPENSSL_SOURCES_DIR}/crypto/conf + ${OPENSSL_SOURCES_DIR}/crypto/ct + ${OPENSSL_SOURCES_DIR}/crypto/des + ${OPENSSL_SOURCES_DIR}/crypto/dh + ${OPENSSL_SOURCES_DIR}/crypto/dsa + ${OPENSSL_SOURCES_DIR}/crypto/dso + ${OPENSSL_SOURCES_DIR}/crypto/ec + ${OPENSSL_SOURCES_DIR}/crypto/ec/curve448 + ${OPENSSL_SOURCES_DIR}/crypto/ec/curve448/arch_32 + ${OPENSSL_SOURCES_DIR}/crypto/err + ${OPENSSL_SOURCES_DIR}/crypto/evp + ${OPENSSL_SOURCES_DIR}/crypto/hmac + ${OPENSSL_SOURCES_DIR}/crypto/kdf + ${OPENSSL_SOURCES_DIR}/crypto/lhash + ${OPENSSL_SOURCES_DIR}/crypto/md4 + ${OPENSSL_SOURCES_DIR}/crypto/md5 + ${OPENSSL_SOURCES_DIR}/crypto/modes + ${OPENSSL_SOURCES_DIR}/crypto/objects + ${OPENSSL_SOURCES_DIR}/crypto/ocsp + ${OPENSSL_SOURCES_DIR}/crypto/pem + ${OPENSSL_SOURCES_DIR}/crypto/pkcs12 + ${OPENSSL_SOURCES_DIR}/crypto/pkcs7 + ${OPENSSL_SOURCES_DIR}/crypto/poly1305 + ${OPENSSL_SOURCES_DIR}/crypto/pqueue + ${OPENSSL_SOURCES_DIR}/crypto/rand + ${OPENSSL_SOURCES_DIR}/crypto/ripemd + ${OPENSSL_SOURCES_DIR}/crypto/rsa + ${OPENSSL_SOURCES_DIR}/crypto/sha + ${OPENSSL_SOURCES_DIR}/crypto/siphash + ${OPENSSL_SOURCES_DIR}/crypto/sm2 + ${OPENSSL_SOURCES_DIR}/crypto/sm3 + ${OPENSSL_SOURCES_DIR}/crypto/sm4 + ${OPENSSL_SOURCES_DIR}/crypto/srp + ${OPENSSL_SOURCES_DIR}/crypto/stack + ${OPENSSL_SOURCES_DIR}/crypto/store + ${OPENSSL_SOURCES_DIR}/crypto/ts + ${OPENSSL_SOURCES_DIR}/crypto/txt_db + ${OPENSSL_SOURCES_DIR}/crypto/ui + ${OPENSSL_SOURCES_DIR}/crypto/x509 + ${OPENSSL_SOURCES_DIR}/crypto/x509v3 + ${OPENSSL_SOURCES_DIR}/ssl + ${OPENSSL_SOURCES_DIR}/ssl/record + ${OPENSSL_SOURCES_DIR}/ssl/statem + ) + +if (ENABLE_OPENSSL_ENGINES) + # Engines support is not done yet, as Orthanc only needs it for + # OpenSSL < 1.1.0 + + #add_definitions( + # -DENGINESDIR="/usr/local/lib/engines-1.1" + # ) + + #list(APPEND OPENSSL_SOURCES_SUBDIRS + # ${OPENSSL_SOURCES_DIR}/engines + # ${OPENSSL_SOURCES_DIR}/crypto/engine + # ) + + add_definitions(-DOPENSSL_NO_ENGINE) +else() + add_definitions(-DOPENSSL_NO_ENGINE) +endif() + +list(APPEND OPENSSL_SOURCES_SUBDIRS + # EC, ECDH and ECDSA are necessary for PKCS11, and for contacting + # HTTPS servers that use TLS certificate encrypted with ECDSA + # (check the output of a recent version of the "sslscan" + # command). Until Orthanc <= 1.4.1, these features were only + # enabled if ENABLE_PKCS11 support was set to "ON". + # https://groups.google.com/d/msg/orthanc-users/2l-bhYIMEWg/oMmK33bYBgAJ + ${OPENSSL_SOURCES_DIR}/crypto/ec + ${OPENSSL_SOURCES_DIR}/crypto/ecdh + ${OPENSSL_SOURCES_DIR}/crypto/ecdsa + ) + +foreach(d ${OPENSSL_SOURCES_SUBDIRS}) + AUX_SOURCE_DIRECTORY(${d} OPENSSL_SOURCES) +endforeach() + +list(APPEND OPENSSL_SOURCES ${AUTOGENERATED_DIR}/openssl_cversion.c) + +list(REMOVE_ITEM OPENSSL_SOURCES + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_nyi.c + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_unix.c + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_vms.c + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_win.c + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_win32.c + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_wince.c + ${OPENSSL_SOURCES_DIR}/crypto/aes/aes_x86core.c + ${OPENSSL_SOURCES_DIR}/crypto/armcap.c + ${OPENSSL_SOURCES_DIR}/crypto/bio/bss_dgram.c + ${OPENSSL_SOURCES_DIR}/crypto/cversion.c + ${OPENSSL_SOURCES_DIR}/crypto/des/ncbc_enc.c + ${OPENSSL_SOURCES_DIR}/crypto/ec/ecp_nistz256.c + ${OPENSSL_SOURCES_DIR}/crypto/ec/ecp_nistz256_table.c + ${OPENSSL_SOURCES_DIR}/crypto/engine/eng_devcrypto.c + ${OPENSSL_SOURCES_DIR}/crypto/ppccap.c + ${OPENSSL_SOURCES_DIR}/crypto/s390xcap.c + ${OPENSSL_SOURCES_DIR}/crypto/sparcv9cap.c + ) + +# Check out "${OPENSSL_SOURCES_DIR}/Configurations/README": "this is +# default if no option is specified, it works on any supported system" +set(OPENSSL_DEFINITIONS "THIRTY_TWO_BIT") + +if ("${CMAKE_SYSTEM_NAME}" STREQUAL "Windows") + set(OPENSSL_DEFINITIONS + "${OPENSSL_DEFINITIONS};OPENSSL_SYSNAME_WIN32;SO_WIN32;WIN32_LEAN_AND_MEAN;L_ENDIAN") + + if (ENABLE_OPENSSL_ENGINES) + link_libraries(crypt32) + endif() +endif() + +set_source_files_properties( + ${OPENSSL_SOURCES} + PROPERTIES COMPILE_DEFINITIONS + "${OPENSSL_DEFINITIONS};DSO_NONE;NO_WINDOWS_BRAINDEATH" + )