# HG changeset patch # User Sebastien Jodogne # Date 1531126372 -7200 # Node ID 26eec77abc763be4e44560fc964708b4eec3c0ad # Parent fac458593ac897430ecb6daeaffd6b63cec12c29 upgrade to openssl 1.0.2o diff -r fac458593ac8 -r 26eec77abc76 NEWS --- a/NEWS Mon Jul 09 10:16:16 2018 +0200 +++ b/NEWS Mon Jul 09 10:52:52 2018 +0200 @@ -32,6 +32,7 @@ * Fix generation of DICOMDIR if PatientID is empty * Upgraded dependencies for static and Windows builds: - boost 1.67.0 + - openssl 1.0.2o Version 1.3.2 (2018-04-18) diff -r fac458593ac8 -r 26eec77abc76 Resources/CMake/OpenSslConfiguration.cmake --- a/Resources/CMake/OpenSslConfiguration.cmake Mon Jul 09 10:16:16 2018 +0200 +++ b/Resources/CMake/OpenSslConfiguration.cmake Mon Jul 09 10:52:52 2018 +0200 @@ -1,11 +1,7 @@ if (STATIC_BUILD OR NOT USE_SYSTEM_OPENSSL) - # WARNING - We had to repack the upstream ".tar.gz" file to a ZIP - # file, as the upstream distribution ships symbolic links that are - # not always properly handled when uncompressing on Windows. - - SET(OPENSSL_SOURCES_DIR ${CMAKE_BINARY_DIR}/openssl-1.0.2d) - SET(OPENSSL_URL "http://www.orthanc-server.com/downloads/third-party/openssl-1.0.2d.zip") - SET(OPENSSL_MD5 "4b2ac15fc6db17f3dadc54482d3eee85") + SET(OPENSSL_SOURCES_DIR ${CMAKE_BINARY_DIR}/openssl-1.0.2o) + SET(OPENSSL_URL "http://www.orthanc-server.com/downloads/third-party/openssl-1.0.2o.tar.gz") + SET(OPENSSL_MD5 "44279b8557c3247cbe324e2322ecd114") if (IS_DIRECTORY "${OPENSSL_SOURCES_DIR}") set(FirstRun OFF) @@ -15,6 +11,94 @@ DownloadPackage(${OPENSSL_MD5} ${OPENSSL_URL} "${OPENSSL_SOURCES_DIR}") + if (FirstRun) + file(MAKE_DIRECTORY ${OPENSSL_SOURCES_DIR}/include/openssl) + + foreach(header + ${OPENSSL_SOURCES_DIR}/crypto/aes/aes.h + ${OPENSSL_SOURCES_DIR}/crypto/asn1/asn1.h + ${OPENSSL_SOURCES_DIR}/crypto/asn1/asn1_mac.h + ${OPENSSL_SOURCES_DIR}/crypto/asn1/asn1t.h + ${OPENSSL_SOURCES_DIR}/crypto/bf/blowfish.h + ${OPENSSL_SOURCES_DIR}/crypto/bio/bio.h + ${OPENSSL_SOURCES_DIR}/crypto/bn/bn.h + ${OPENSSL_SOURCES_DIR}/crypto/buffer/buffer.h + ${OPENSSL_SOURCES_DIR}/crypto/camellia/camellia.h + ${OPENSSL_SOURCES_DIR}/crypto/cast/cast.h + ${OPENSSL_SOURCES_DIR}/crypto/cmac/cmac.h + ${OPENSSL_SOURCES_DIR}/crypto/cms/cms.h + ${OPENSSL_SOURCES_DIR}/crypto/comp/comp.h + ${OPENSSL_SOURCES_DIR}/crypto/conf/conf.h + ${OPENSSL_SOURCES_DIR}/crypto/conf/conf_api.h + ${OPENSSL_SOURCES_DIR}/crypto/crypto.h + ${OPENSSL_SOURCES_DIR}/crypto/des/des.h + ${OPENSSL_SOURCES_DIR}/crypto/des/des_old.h + ${OPENSSL_SOURCES_DIR}/crypto/dh/dh.h + ${OPENSSL_SOURCES_DIR}/crypto/dsa/dsa.h + ${OPENSSL_SOURCES_DIR}/crypto/dso/dso.h + ${OPENSSL_SOURCES_DIR}/crypto/ebcdic.h + ${OPENSSL_SOURCES_DIR}/crypto/ec/ec.h + ${OPENSSL_SOURCES_DIR}/crypto/ecdh/ecdh.h + ${OPENSSL_SOURCES_DIR}/crypto/ecdsa/ecdsa.h + ${OPENSSL_SOURCES_DIR}/crypto/engine/engine.h + ${OPENSSL_SOURCES_DIR}/crypto/err/err.h + ${OPENSSL_SOURCES_DIR}/crypto/evp/evp.h + ${OPENSSL_SOURCES_DIR}/crypto/hmac/hmac.h + ${OPENSSL_SOURCES_DIR}/crypto/idea/idea.h + ${OPENSSL_SOURCES_DIR}/crypto/jpake/jpake.h + ${OPENSSL_SOURCES_DIR}/crypto/krb5/krb5_asn.h + ${OPENSSL_SOURCES_DIR}/crypto/lhash/lhash.h + ${OPENSSL_SOURCES_DIR}/crypto/md2/md2.h + ${OPENSSL_SOURCES_DIR}/crypto/md4/md4.h + ${OPENSSL_SOURCES_DIR}/crypto/md5/md5.h + ${OPENSSL_SOURCES_DIR}/crypto/mdc2/mdc2.h + ${OPENSSL_SOURCES_DIR}/crypto/modes/modes.h + ${OPENSSL_SOURCES_DIR}/crypto/objects/obj_mac.h + ${OPENSSL_SOURCES_DIR}/crypto/objects/objects.h + ${OPENSSL_SOURCES_DIR}/crypto/ocsp/ocsp.h + ${OPENSSL_SOURCES_DIR}/crypto/opensslconf.h + ${OPENSSL_SOURCES_DIR}/crypto/opensslv.h + ${OPENSSL_SOURCES_DIR}/crypto/ossl_typ.h + ${OPENSSL_SOURCES_DIR}/crypto/pem/pem.h + ${OPENSSL_SOURCES_DIR}/crypto/pem/pem2.h + ${OPENSSL_SOURCES_DIR}/crypto/pkcs12/pkcs12.h + ${OPENSSL_SOURCES_DIR}/crypto/pkcs7/pkcs7.h + ${OPENSSL_SOURCES_DIR}/crypto/pqueue/pqueue.h + ${OPENSSL_SOURCES_DIR}/crypto/rand/rand.h + ${OPENSSL_SOURCES_DIR}/crypto/rc2/rc2.h + ${OPENSSL_SOURCES_DIR}/crypto/rc4/rc4.h + ${OPENSSL_SOURCES_DIR}/crypto/rc5/rc5.h + ${OPENSSL_SOURCES_DIR}/crypto/ripemd/ripemd.h + ${OPENSSL_SOURCES_DIR}/crypto/rsa/rsa.h + ${OPENSSL_SOURCES_DIR}/crypto/seed/seed.h + ${OPENSSL_SOURCES_DIR}/crypto/sha/sha.h + ${OPENSSL_SOURCES_DIR}/crypto/srp/srp.h + ${OPENSSL_SOURCES_DIR}/crypto/stack/safestack.h + ${OPENSSL_SOURCES_DIR}/crypto/stack/stack.h + ${OPENSSL_SOURCES_DIR}/crypto/store/store.h + ${OPENSSL_SOURCES_DIR}/crypto/symhacks.h + ${OPENSSL_SOURCES_DIR}/crypto/ts/ts.h + ${OPENSSL_SOURCES_DIR}/crypto/txt_db/txt_db.h + ${OPENSSL_SOURCES_DIR}/crypto/ui/ui.h + ${OPENSSL_SOURCES_DIR}/crypto/ui/ui_compat.h + ${OPENSSL_SOURCES_DIR}/crypto/whrlpool/whrlpool.h + ${OPENSSL_SOURCES_DIR}/crypto/x509/x509.h + ${OPENSSL_SOURCES_DIR}/crypto/x509/x509_vfy.h + ${OPENSSL_SOURCES_DIR}/crypto/x509v3/x509v3.h + ${OPENSSL_SOURCES_DIR}/e_os2.h + ${OPENSSL_SOURCES_DIR}/ssl/dtls1.h + ${OPENSSL_SOURCES_DIR}/ssl/kssl.h + ${OPENSSL_SOURCES_DIR}/ssl/srtp.h + ${OPENSSL_SOURCES_DIR}/ssl/ssl.h + ${OPENSSL_SOURCES_DIR}/ssl/ssl2.h + ${OPENSSL_SOURCES_DIR}/ssl/ssl23.h + ${OPENSSL_SOURCES_DIR}/ssl/ssl3.h + ${OPENSSL_SOURCES_DIR}/ssl/tls1.h + ) + file(COPY ${header} DESTINATION ${OPENSSL_SOURCES_DIR}/include/openssl) + endforeach() + endif() + add_definitions( -DOPENSSL_THREADS -DOPENSSL_IA32_SSE2 @@ -192,9 +276,10 @@ ${OPENSSL_SOURCES_DIR}/crypto/x509v3/v3prin.c ${OPENSSL_SOURCES_DIR}/crypto/x509v3/v3nametest.c ${OPENSSL_SOURCES_DIR}/crypto/constant_time_test.c - ${OPENSSL_SOURCES_DIR}/crypto/ec/ecp_nistz256_table.c ${OPENSSL_SOURCES_DIR}/ssl/heartbeat_test.c + ${OPENSSL_SOURCES_DIR}/ssl/fatalerrtest.c + ${OPENSSL_SOURCES_DIR}/ssl/dtlstest.c ) diff -r fac458593ac8 -r 26eec77abc76 Resources/Patches/openssl-lsb.diff --- a/Resources/Patches/openssl-lsb.diff Mon Jul 09 10:16:16 2018 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,118 +0,0 @@ ---- ui_openssl.c.orig 2013-09-24 15:06:54.264420779 +0200 -+++ ui_openssl.c 2013-09-24 14:22:43.512312998 +0200 -@@ -291,7 +291,7 @@ - static unsigned short channel = 0; - #else - #if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__) --static TTY_STRUCT tty_orig,tty_new; -+//static TTY_STRUCT tty_orig,tty_new; - #endif - #endif - static FILE *tty_in, *tty_out; -@@ -475,106 +475,21 @@ - /* Internal functions to open, handle and close a channel to the console. */ - static int open_console(UI *ui) - { -- CRYPTO_w_lock(CRYPTO_LOCK_UI); -- is_a_tty = 1; -- --#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS) -- tty_in=stdin; -- tty_out=stderr; --#else --# ifdef OPENSSL_SYS_MSDOS --# define DEV_TTY "con" --# else --# define DEV_TTY "/dev/tty" --# endif -- if ((tty_in=fopen(DEV_TTY,"r")) == NULL) -- tty_in=stdin; -- if ((tty_out=fopen(DEV_TTY,"w")) == NULL) -- tty_out=stderr; --#endif -- --#if defined(TTY_get) && !defined(OPENSSL_SYS_VMS) -- if (TTY_get(fileno(tty_in),&tty_orig) == -1) -- { --#ifdef ENOTTY -- if (errno == ENOTTY) -- is_a_tty=0; -- else --#endif --#ifdef EINVAL -- /* Ariel Glenn ariel@columbia.edu reports that solaris -- * can return EINVAL instead. This should be ok */ -- if (errno == EINVAL) -- is_a_tty=0; -- else --#endif -- return 0; -- } --#endif --#ifdef OPENSSL_SYS_VMS -- status = sys$assign(&terminal,&channel,0,0); -- if (status != SS$_NORMAL) -- return 0; -- status=sys$qiow(0,channel,IO$_SENSEMODE,&iosb,0,0,tty_orig,12,0,0,0,0); -- if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL)) -- return 0; --#endif - return 1; - } - - static int noecho_console(UI *ui) - { --#ifdef TTY_FLAGS -- memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig)); -- tty_new.TTY_FLAGS &= ~ECHO; --#endif -- --#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS) -- if (is_a_tty && (TTY_set(fileno(tty_in),&tty_new) == -1)) -- return 0; --#endif --#ifdef OPENSSL_SYS_VMS -- tty_new[0] = tty_orig[0]; -- tty_new[1] = tty_orig[1] | TT$M_NOECHO; -- tty_new[2] = tty_orig[2]; -- status = sys$qiow(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0); -- if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL)) -- return 0; --#endif - return 1; - } - - static int echo_console(UI *ui) - { --#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS) -- memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig)); -- tty_new.TTY_FLAGS |= ECHO; --#endif -- --#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS) -- if (is_a_tty && (TTY_set(fileno(tty_in),&tty_new) == -1)) -- return 0; --#endif --#ifdef OPENSSL_SYS_VMS -- tty_new[0] = tty_orig[0]; -- tty_new[1] = tty_orig[1] & ~TT$M_NOECHO; -- tty_new[2] = tty_orig[2]; -- status = sys$qiow(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0); -- if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL)) -- return 0; --#endif - return 1; - } - - static int close_console(UI *ui) - { -- if (tty_in != stdin) fclose(tty_in); -- if (tty_out != stderr) fclose(tty_out); --#ifdef OPENSSL_SYS_VMS -- status = sys$dassgn(channel); --#endif -- CRYPTO_w_unlock(CRYPTO_LOCK_UI); -- - return 1; - } - diff -r fac458593ac8 -r 26eec77abc76 UnitTestsSources/VersionsTests.cpp --- a/UnitTestsSources/VersionsTests.cpp Mon Jul 09 10:16:16 2018 +0200 +++ b/UnitTestsSources/VersionsTests.cpp Mon Jul 09 10:52:52 2018 +0200 @@ -155,7 +155,7 @@ #if ORTHANC_ENABLE_SSL == 1 TEST(Version, OpenSslStatic) { - ASSERT_EQ(0x1000204fL /* openssl-1.0.2d */, OPENSSL_VERSION_NUMBER); + ASSERT_EQ(0x100020ffL /* openssl-1.0.2o */, OPENSSL_VERSION_NUMBER); } #endif