# HG changeset patch # User Sebastien Jodogne # Date 1618998974 -7200 # Node ID 0524d6e93672b32fa57747d880e7355851d8b00e # Parent 9a911840648411dcd4530c0b8ee22c698325bae6 upgrade to openssl 1.1.1k diff -r 9a9118406484 -r 0524d6e93672 NEWS --- a/NEWS Wed Apr 21 10:44:49 2021 +0200 +++ b/NEWS Wed Apr 21 11:56:14 2021 +0200 @@ -30,6 +30,7 @@ * Fix "OrthancServer/Resources/Samples/Python/Replicate.py" for Python 3.x * Upgraded dependencies for static builds (notably on Windows and LSB): - civetweb 1.14 + - openssl 1.1.1k Version 1.9.1 (2021-02-25) diff -r 9a9118406484 -r 0524d6e93672 OrthancFramework/Resources/CMake/OpenSslConfigurationStatic-1.1.1.cmake --- a/OrthancFramework/Resources/CMake/OpenSslConfigurationStatic-1.1.1.cmake Wed Apr 21 10:44:49 2021 +0200 +++ b/OrthancFramework/Resources/CMake/OpenSslConfigurationStatic-1.1.1.cmake Wed Apr 21 11:56:14 2021 +0200 @@ -18,9 +18,9 @@ # . -SET(OPENSSL_SOURCES_DIR ${CMAKE_BINARY_DIR}/openssl-1.1.1g) -SET(OPENSSL_URL "http://orthanc.osimis.io/ThirdPartyDownloads/openssl-1.1.1g.tar.gz") -SET(OPENSSL_MD5 "76766e98997660138cdaf13a187bd234") +SET(OPENSSL_SOURCES_DIR ${CMAKE_BINARY_DIR}/openssl-1.1.1k) +SET(OPENSSL_URL "http://orthanc.osimis.io/ThirdPartyDownloads/openssl-1.1.1k.tar.gz") +SET(OPENSSL_MD5 "c4e7d95f782b08116afa27b30393dd27") if (IS_DIRECTORY "${OPENSSL_SOURCES_DIR}") set(FirstRun OFF) @@ -47,7 +47,7 @@ # Apply the patches execute_process( COMMAND ${PATCH_EXECUTABLE} -p0 -N -i - ${CMAKE_CURRENT_LIST_DIR}/../Patches/openssl-1.1.1g.patch + ${CMAKE_CURRENT_LIST_DIR}/../Patches/openssl-1.1.1k.patch WORKING_DIRECTORY ${CMAKE_BINARY_DIR} RESULT_VARIABLE Failure ) diff -r 9a9118406484 -r 0524d6e93672 OrthancFramework/Resources/Patches/openssl-1.1.1-conf.h.in --- a/OrthancFramework/Resources/Patches/openssl-1.1.1-conf.h.in Wed Apr 21 10:44:49 2021 +0200 +++ b/OrthancFramework/Resources/Patches/openssl-1.1.1-conf.h.in Wed Apr 21 11:56:14 2021 +0200 @@ -1,7 +1,7 @@ /* * {- join("\n * ", @autowarntext) -} * - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -19,7 +19,6 @@ # error OPENSSL_ALGORITHM_DEFINES no longer supported #endif - /* * Sometimes OPENSSSL_NO_xxx ends up with an empty file and some compilers * don't like that. This will hopefully silence them. @@ -39,6 +38,11 @@ # undef DECLARE_DEPRECATED # define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); # endif +# elif defined(__SUNPRO_C) +# if (__SUNPRO_C >= 0x5130) +# undef DECLARE_DEPRECATED +# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); +# endif # endif #endif diff -r 9a9118406484 -r 0524d6e93672 OrthancFramework/Resources/Patches/openssl-1.1.1g.patch --- a/OrthancFramework/Resources/Patches/openssl-1.1.1g.patch Wed Apr 21 10:44:49 2021 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,19 +0,0 @@ -diff -urEb openssl-1.1.1g.orig/crypto/rand/rand_unix.c openssl-1.1.1g/crypto/rand/rand_unix.c ---- openssl-1.1.1g.orig/crypto/rand/rand_unix.c 2020-05-05 17:58:08.785998440 +0200 -+++ openssl-1.1.1g/crypto/rand/rand_unix.c 2020-05-05 17:58:55.201881117 +0200 -@@ -445,6 +445,7 @@ - * system call and this should always succeed which renders - * this alternative but essentially identical source moot. - */ -+#if !defined(__LSB_VERSION__) // "syscall()" is not available in LSB - if (uname(&un) == 0) { - kernel[0] = atoi(un.release); - p = strchr(un.release, '.'); -@@ -455,6 +456,7 @@ - return 0; - } - } -+#endif - /* Open /dev/random and wait for it to be readable */ - if ((fd = open(DEVRANDOM_WAIT, O_RDONLY)) != -1) { - if (DEVRANDM_WAIT_USE_SELECT && fd < FD_SETSIZE) { diff -r 9a9118406484 -r 0524d6e93672 OrthancFramework/Resources/Patches/openssl-1.1.1k.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/OrthancFramework/Resources/Patches/openssl-1.1.1k.patch Wed Apr 21 11:56:14 2021 +0200 @@ -0,0 +1,19 @@ +diff -urEb openssl-1.1.1k.orig/crypto/rand/rand_unix.c openssl-1.1.1k/crypto/rand/rand_unix.c +--- openssl-1.1.1k.orig/crypto/rand/rand_unix.c 2021-04-21 11:33:05.241258372 +0200 ++++ openssl-1.1.1k/crypto/rand/rand_unix.c 2021-04-21 11:34:48.705287133 +0200 +@@ -455,6 +455,7 @@ + * system call and this should always succeed which renders + * this alternative but essentially identical source moot. + */ ++#if !defined(__LSB_VERSION__) // "syscall()" is not available in LSB + if (uname(&un) == 0) { + kernel[0] = atoi(un.release); + p = strchr(un.release, '.'); +@@ -465,6 +466,7 @@ + return 0; + } + } ++#endif + /* Open /dev/random and wait for it to be readable */ + if ((fd = open(DEVRANDOM_WAIT, O_RDONLY)) != -1) { + if (DEVRANDM_WAIT_USE_SELECT && fd < FD_SETSIZE) { diff -r 9a9118406484 -r 0524d6e93672 OrthancServer/UnitTestsSources/VersionsTests.cpp --- a/OrthancServer/UnitTestsSources/VersionsTests.cpp Wed Apr 21 10:44:49 2021 +0200 +++ b/OrthancServer/UnitTestsSources/VersionsTests.cpp Wed Apr 21 11:56:14 2021 +0200 @@ -178,7 +178,7 @@ TEST(Version, OpenSslStatic) { ASSERT_TRUE(OPENSSL_VERSION_NUMBER == 0x1000210fL /* openssl-1.0.2p */ || - OPENSSL_VERSION_NUMBER == 0x1010107fL /* openssl-1.1.1g */); + OPENSSL_VERSION_NUMBER == 0x101010bfL /* openssl-1.1.1k */); } #endif