# HG changeset patch # User Alain Mazy # Date 1586350206 -7200 # Node ID 37e20bbf25f5eb3627ef298b88c73c22889d80dd # Parent 09f091b6b569a052c0cff163efbfe1d215f02f84# Parent c81ac6ff232b378f8fc4257b1bb418fe8a236464 merge diff -r 09f091b6b569 -r 37e20bbf25f5 Core/DicomNetworking/DicomUserConnection.cpp --- a/Core/DicomNetworking/DicomUserConnection.cpp Wed Apr 08 14:49:54 2020 +0200 +++ b/Core/DicomNetworking/DicomUserConnection.cpp Wed Apr 08 14:50:06 2020 +0200 @@ -1211,7 +1211,7 @@ void DicomUserConnection::Store(std::string& sopClassUid /* out */, std::string& sopInstanceUid /* out */, - const char* buffer, + const void* buffer, size_t size, const std::string& moveOriginatorAET, uint16_t moveOriginatorID) diff -r 09f091b6b569 -r 37e20bbf25f5 Core/DicomNetworking/DicomUserConnection.h --- a/Core/DicomNetworking/DicomUserConnection.h Wed Apr 08 14:49:54 2020 +0200 +++ b/Core/DicomNetworking/DicomUserConnection.h Wed Apr 08 14:50:06 2020 +0200 @@ -160,14 +160,14 @@ void Store(std::string& sopClassUid /* out */, std::string& sopInstanceUid /* out */, - const char* buffer, + const void* buffer, size_t size, const std::string& moveOriginatorAET, uint16_t moveOriginatorID); void Store(std::string& sopClassUid /* out */, std::string& sopInstanceUid /* out */, - const char* buffer, + const void* buffer, size_t size) { Store(sopClassUid, sopInstanceUid, buffer, size, "", 0); // Not a C-Move diff -r 09f091b6b569 -r 37e20bbf25f5 Core/Enumerations.cpp --- a/Core/Enumerations.cpp Wed Apr 08 14:49:54 2020 +0200 +++ b/Core/Enumerations.cpp Wed Apr 08 14:50:06 2020 +0200 @@ -189,6 +189,9 @@ case ErrorCode_BadGeometry: return "Geometry error encountered in Stone"; + case ErrorCode_SslInitialization: + return "Cannot initialize SSL encryption, check out your certificates"; + case ErrorCode_SQLiteNotOpened: return "SQLite: The database is not opened"; diff -r 09f091b6b569 -r 37e20bbf25f5 Core/Enumerations.h --- a/Core/Enumerations.h Wed Apr 08 14:49:54 2020 +0200 +++ b/Core/Enumerations.h Wed Apr 08 14:50:06 2020 +0200 @@ -180,6 +180,7 @@ ErrorCode_DatabaseUnavailable = 36 /*!< The database is currently not available (probably a transient situation) */, ErrorCode_CanceledJob = 37 /*!< This job was canceled */, ErrorCode_BadGeometry = 38 /*!< Geometry error encountered in Stone */, + ErrorCode_SslInitialization = 39 /*!< Cannot initialize SSL encryption, check out your certificates */, ErrorCode_SQLiteNotOpened = 1000 /*!< SQLite: The database is not opened */, ErrorCode_SQLiteAlreadyOpened = 1001 /*!< SQLite: Connection is already open */, ErrorCode_SQLiteCannotOpen = 1002 /*!< SQLite: Unable to open the database */, diff -r 09f091b6b569 -r 37e20bbf25f5 Core/HttpServer/HttpServer.cpp --- a/Core/HttpServer/HttpServer.cpp Wed Apr 08 14:49:54 2020 +0200 +++ b/Core/HttpServer/HttpServer.cpp Wed Apr 08 14:50:06 2020 +0200 @@ -72,7 +72,8 @@ #endif #if ORTHANC_ENABLE_SSL == 1 -#include +# include +# include #endif #define ORTHANC_REALM "Orthanc Secure Area" @@ -1182,8 +1183,35 @@ if (!pimpl_->context_) { - throw OrthancException(ErrorCode_HttpPortInUse, - " (port = " + boost::lexical_cast(port_) + ")"); + bool isSslError = false; + +#if ORTHANC_ENABLE_SSL == 1 + for (;;) + { + unsigned long code = ERR_get_error(); + if (code == 0) + { + break; + } + else + { + isSslError = true; + char message[1024]; + ERR_error_string_n(code, message, sizeof(message) - 1); + LOG(ERROR) << "OpenSSL error: " << message; + } + } +#endif + + if (isSslError) + { + throw OrthancException(ErrorCode_SslInitialization); + } + else + { + throw OrthancException(ErrorCode_HttpPortInUse, + " (port = " + boost::lexical_cast(port_) + ")"); + } } LOG(WARNING) << "HTTP server listening on port: " << GetPortNumber() diff -r 09f091b6b569 -r 37e20bbf25f5 Core/Toolbox.cpp --- a/Core/Toolbox.cpp Wed Apr 08 14:49:54 2020 +0200 +++ b/Core/Toolbox.cpp Wed Apr 08 14:50:06 2020 +0200 @@ -1680,21 +1680,36 @@ #endif + +#if ORTHANC_ENABLE_SSL == 0 + /** + * OpenSSL is disabled + **/ void Toolbox::InitializeOpenSsl() { -#if ORTHANC_ENABLE_SSL == 1 + } + + void Toolbox::FinalizeOpenSsl() + { + } + + +#elif (ORTHANC_ENABLE_SSL == 1 && \ + OPENSSL_VERSION_NUMBER < 0x10100000L) + /** + * OpenSSL < 1.1.0 + **/ + void Toolbox::InitializeOpenSsl() + { // https://wiki.openssl.org/index.php/Library_Initialization SSL_library_init(); SSL_load_error_strings(); OpenSSL_add_all_algorithms(); ERR_load_crypto_strings(); -#endif } - void Toolbox::FinalizeOpenSsl() { -#if ORTHANC_ENABLE_SSL == 1 // Finalize OpenSSL // https://wiki.openssl.org/index.php/Library_Initialization#Cleanup #ifdef FIPS_mode_set @@ -1710,8 +1725,28 @@ CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); ERR_free_strings(); + } + + +#elif (ORTHANC_ENABLE_SSL == 1 && \ + OPENSSL_VERSION_NUMBER >= 0x10100000L) + /** + * OpenSSL >= 1.1.0. In this case, the initialization is + * automatically done by the functions of OpenSSL. + * https://wiki.openssl.org/index.php/Library_Initialization + **/ + void Toolbox::InitializeOpenSsl() + { + } + + void Toolbox::FinalizeOpenSsl() + { + } + +#else +# error "Support your platform here" #endif - } + std::string Toolbox::GenerateUuid() diff -r 09f091b6b569 -r 37e20bbf25f5 NEWS --- a/NEWS Wed Apr 08 14:49:54 2020 +0200 +++ b/NEWS Wed Apr 08 14:50:06 2020 +0200 @@ -2,12 +2,26 @@ =============================== +REST API +-------- + +* API version has been upgraded to 6 +* Added: + - "/modalities/{id}/store-straight": Synchronously send the DICOM instance in POST + body to another modality (alternative to command-line tools such as "storescu") + + Maintenance ----------- * Source code repository moved from BitBucket to self-hosted server +* Fix OpenSSL initialization on Linux Standard Base * Fix lookup form in Orthanc Explorer (wildcards not allowed in StudyDate) * Fix signature of "OrthancPluginRegisterStorageCommitmentScpCallback()" in plugins SDK +* Error reporting on failure while initializing SSL +* Upgraded dependencies for static builds (notably on Windows): + - civetweb 1.12 + - openssl 1.1.1f Version 1.6.0 (2020-03-18) diff -r 09f091b6b569 -r 37e20bbf25f5 OrthancServer/Database/SQLiteDatabaseWrapper.cpp --- a/OrthancServer/Database/SQLiteDatabaseWrapper.cpp Wed Apr 08 14:49:54 2020 +0200 +++ b/OrthancServer/Database/SQLiteDatabaseWrapper.cpp Wed Apr 08 14:50:06 2020 +0200 @@ -295,19 +295,36 @@ int64_t SQLiteDatabaseWrapper::GetTableRecordCount(const std::string& table) { - char buf[128]; - sprintf(buf, "SELECT COUNT(*) FROM %s", table.c_str()); - SQLite::Statement s(db_, buf); + /** + * "Generally one cannot use SQL parameters/placeholders for + * database identifiers (tables, columns, views, schemas, etc.) or + * database functions (e.g., CURRENT_DATE), but instead only for + * binding literal values." => To avoid any SQL injection, we + * check that the "table" parameter has only alphabetic + * characters. + * https://stackoverflow.com/a/1274764/881731 + **/ + for (size_t i = 0; i < table.size(); i++) + { + if (!isalpha(table[i])) + { + throw OrthancException(ErrorCode_ParameterOutOfRange); + } + } - if (!s.Step()) + // Don't use "SQLITE_FROM_HERE", otherwise "table" would be cached + SQLite::Statement s(db_, "SELECT COUNT(*) FROM " + table); + + if (s.Step()) + { + int64_t c = s.ColumnInt(0); + assert(!s.Step()); + return c; + } + else { throw OrthancException(ErrorCode_InternalError); } - - int64_t c = s.ColumnInt(0); - assert(!s.Step()); - - return c; } diff -r 09f091b6b569 -r 37e20bbf25f5 OrthancServer/OrthancRestApi/OrthancRestModalities.cpp --- a/OrthancServer/OrthancRestApi/OrthancRestModalities.cpp Wed Apr 08 14:49:54 2020 +0200 +++ b/OrthancServer/OrthancRestApi/OrthancRestModalities.cpp Wed Apr 08 14:50:06 2020 +0200 @@ -55,6 +55,8 @@ static const char* const KEY_QUERY = "Query"; static const char* const KEY_NORMALIZE = "Normalize"; static const char* const KEY_RESOURCES = "Resources"; + static const char* const SOP_CLASS_UID = "SOPClassUID"; + static const char* const SOP_INSTANCE_UID = "SOPInstanceUID"; static RemoteModalityParameters MyGetModalityUsingSymbolicName(const std::string& name) @@ -975,6 +977,29 @@ } + static void DicomStoreStraight(RestApiPostCall& call) + { + ServerContext& context = OrthancRestApi::GetContext(call); + + const std::string& localAet = context.GetDefaultLocalApplicationEntityTitle(); + RemoteModalityParameters remote = + MyGetModalityUsingSymbolicName(call.GetUriComponent("id", "")); + + DicomUserConnection connection(localAet, remote); + connection.Open(); + + std::string sopClassUid, sopInstanceUid; + connection.Store(sopClassUid, sopInstanceUid, + call.GetBodyData(), call.GetBodySize()); + + Json::Value answer = Json::objectValue; + answer[SOP_CLASS_UID] = sopClassUid; + answer[SOP_INSTANCE_UID] = sopInstanceUid; + + call.GetOutput().AnswerJson(answer); + } + + /*************************************************************************** * DICOM C-Move SCU ***************************************************************************/ @@ -1312,8 +1337,6 @@ { static const char* const ORTHANC_RESOURCES = "Resources"; static const char* const DICOM_INSTANCES = "DicomInstances"; - static const char* const SOP_CLASS_UID = "SOPClassUID"; - static const char* const SOP_INSTANCE_UID = "SOPInstanceUID"; ServerContext& context = OrthancRestApi::GetContext(call); @@ -1564,6 +1587,7 @@ Register("/modalities/{id}/find-instance", DicomFindInstance); Register("/modalities/{id}/find", DicomFind); Register("/modalities/{id}/store", DicomStore); + Register("/modalities/{id}/store-straight", DicomStoreStraight); // New in 1.6.1 Register("/modalities/{id}/move", DicomMove); // For Query/Retrieve diff -r 09f091b6b569 -r 37e20bbf25f5 OrthancServer/main.cpp --- a/OrthancServer/main.cpp Wed Apr 08 14:49:54 2020 +0200 +++ b/OrthancServer/main.cpp Wed Apr 08 14:50:06 2020 +0200 @@ -700,6 +700,7 @@ PrintErrorCode(ErrorCode_DatabaseUnavailable, "The database is currently not available (probably a transient situation)"); PrintErrorCode(ErrorCode_CanceledJob, "This job was canceled"); PrintErrorCode(ErrorCode_BadGeometry, "Geometry error encountered in Stone"); + PrintErrorCode(ErrorCode_SslInitialization, "Cannot initialize SSL encryption, check out your certificates"); PrintErrorCode(ErrorCode_SQLiteNotOpened, "SQLite: The database is not opened"); PrintErrorCode(ErrorCode_SQLiteAlreadyOpened, "SQLite: Connection is already open"); PrintErrorCode(ErrorCode_SQLiteCannotOpen, "SQLite: Unable to open the database"); diff -r 09f091b6b569 -r 37e20bbf25f5 Plugins/Include/orthanc/OrthancCPlugin.h --- a/Plugins/Include/orthanc/OrthancCPlugin.h Wed Apr 08 14:49:54 2020 +0200 +++ b/Plugins/Include/orthanc/OrthancCPlugin.h Wed Apr 08 14:50:06 2020 +0200 @@ -243,6 +243,7 @@ OrthancPluginErrorCode_DatabaseUnavailable = 36 /*!< The database is currently not available (probably a transient situation) */, OrthancPluginErrorCode_CanceledJob = 37 /*!< This job was canceled */, OrthancPluginErrorCode_BadGeometry = 38 /*!< Geometry error encountered in Stone */, + OrthancPluginErrorCode_SslInitialization = 39 /*!< Cannot initialize SSL encryption, check out your certificates */, OrthancPluginErrorCode_SQLiteNotOpened = 1000 /*!< SQLite: The database is not opened */, OrthancPluginErrorCode_SQLiteAlreadyOpened = 1001 /*!< SQLite: Connection is already open */, OrthancPluginErrorCode_SQLiteCannotOpen = 1002 /*!< SQLite: Unable to open the database */, diff -r 09f091b6b569 -r 37e20bbf25f5 Resources/CMake/CivetwebConfiguration.cmake --- a/Resources/CMake/CivetwebConfiguration.cmake Wed Apr 08 14:49:54 2020 +0200 +++ b/Resources/CMake/CivetwebConfiguration.cmake Wed Apr 08 14:50:06 2020 +0200 @@ -1,7 +1,20 @@ if (STATIC_BUILD OR NOT USE_SYSTEM_CIVETWEB) - set(CIVETWEB_SOURCES_DIR ${CMAKE_BINARY_DIR}/civetweb-1.11) - set(CIVETWEB_URL "http://orthanc.osimis.io/ThirdPartyDownloads/civetweb-1.11.tar.gz") - set(CIVETWEB_MD5 "b6d2175650a27924bccb747cbe084cd4") + + ## WARNING: "civetweb-1.12.tar.gz" comes with a subfolder + ## "civetweb-1.12/test/nonlatin" that cannot be removed by "hg purge + ## --all" on Windows hosts. We thus created a custom + ## "civetweb-1.12-fixed.tar.gz" as follows: + ## + ## $ cd /tmp + ## $ wget http://orthanc.osimis.io/ThirdPartyDownloads/civetweb-1.12.tar.gz + ## $ tar xvf civetweb-1.12.tar.gz + ## $ rm -rf civetweb-1.12/src/third_party/ civetweb-1.12/test/ + ## $ tar cvfz civetweb-1.12-fixed.tar.gz civetweb-1.12 + ## + + set(CIVETWEB_SOURCES_DIR ${CMAKE_BINARY_DIR}/civetweb-1.12) + set(CIVETWEB_URL "http://orthanc.osimis.io/ThirdPartyDownloads/civetweb-1.12-fixed.tar.gz") + set(CIVETWEB_MD5 "016ed7cd26cbc46b5941f0cbfb2e4ac8") if (IS_DIRECTORY "${CIVETWEB_SOURCES_DIR}") set(FirstRun OFF) @@ -13,7 +26,7 @@ execute_process( COMMAND ${PATCH_EXECUTABLE} -p0 -N -i - ${ORTHANC_ROOT}/Resources/Patches/civetweb-1.11.patch + ${ORTHANC_ROOT}/Resources/Patches/civetweb-1.12.patch WORKING_DIRECTORY ${CMAKE_BINARY_DIR} RESULT_VARIABLE Failure ) diff -r 09f091b6b569 -r 37e20bbf25f5 Resources/CMake/OpenSslConfigurationStatic-1.1.1.cmake --- a/Resources/CMake/OpenSslConfigurationStatic-1.1.1.cmake Wed Apr 08 14:49:54 2020 +0200 +++ b/Resources/CMake/OpenSslConfigurationStatic-1.1.1.cmake Wed Apr 08 14:50:06 2020 +0200 @@ -1,6 +1,6 @@ -SET(OPENSSL_SOURCES_DIR ${CMAKE_BINARY_DIR}/openssl-1.1.1d) -SET(OPENSSL_URL "http://orthanc.osimis.io/ThirdPartyDownloads/openssl-1.1.1d.tar.gz") -SET(OPENSSL_MD5 "3be209000dbc7e1b95bcdf47980a3baa") +SET(OPENSSL_SOURCES_DIR ${CMAKE_BINARY_DIR}/openssl-1.1.1f) +SET(OPENSSL_URL "http://orthanc.osimis.io/ThirdPartyDownloads/openssl-1.1.1f.tar.gz") +SET(OPENSSL_MD5 "3f486f2f4435ef14b81814dbbc7b48bb") if (IS_DIRECTORY "${OPENSSL_SOURCES_DIR}") set(FirstRun OFF) @@ -16,18 +16,18 @@ #define PLATFORM \"\" #define compiler_flags \"\" ") - file(WRITE ${OPENSSL_SOURCES_DIR}/crypto/include/internal/bn_conf.h "") - file(WRITE ${OPENSSL_SOURCES_DIR}/crypto/include/internal/dso_conf.h "") + file(WRITE ${OPENSSL_SOURCES_DIR}/crypto/bn_conf.h "") + file(WRITE ${OPENSSL_SOURCES_DIR}/crypto/dso_conf.h "") configure_file( - ${ORTHANC_ROOT}/Resources/Patches/openssl-1.1.1d-conf.h.in + ${ORTHANC_ROOT}/Resources/Patches/openssl-1.1.1-conf.h.in ${OPENSSL_SOURCES_DIR}/include/openssl/opensslconf.h ) # Apply the patches execute_process( COMMAND ${PATCH_EXECUTABLE} -p0 -N -i - ${ORTHANC_ROOT}/Resources/Patches/openssl-1.1.1d.patch + ${ORTHANC_ROOT}/Resources/Patches/openssl-1.1.1f.patch WORKING_DIRECTORY ${CMAKE_BINARY_DIR} RESULT_VARIABLE Failure ) @@ -231,9 +231,22 @@ ) elseif ("${CMAKE_SYSTEM_VERSION}" STREQUAL "LinuxStandardBase") - # In order for "crypto/mem_sec.c" to compile on LSB add_definitions( + # In order for "crypto/mem_sec.c" to compile on LSB -DOPENSSL_NO_SECURE_MEMORY + + # The "OPENSSL_RAND_SEED_OS" value implies a syscall() to + # "__NR_getrandom" (i.e. system call "getentropy(2)") in + # "rand_unix.c", which is not available in LSB. + -DOPENSSL_RAND_SEED_DEVRANDOM + ) + +else() + # Fixes error "OpenSSL error: error:2406C06E:random number + # generator:RAND_DRBG_instantiate:error retrieving entropy" that was + # present in Orthanc 1.6.0, if statically linking on Ubuntu 18.04 + add_definitions( + -DOPENSSL_RAND_SEED_OS ) endif() diff -r 09f091b6b569 -r 37e20bbf25f5 Resources/CMake/OrthancFrameworkParameters.cmake --- a/Resources/CMake/OrthancFrameworkParameters.cmake Wed Apr 08 14:49:54 2020 +0200 +++ b/Resources/CMake/OrthancFrameworkParameters.cmake Wed Apr 08 14:50:06 2020 +0200 @@ -17,7 +17,7 @@ # Version of the Orthanc API, can be retrieved from "/system" URI in # order to check whether new URI endpoints are available even if using # the mainline version of Orthanc -set(ORTHANC_API_VERSION "5") +set(ORTHANC_API_VERSION "6") ##################################################################### diff -r 09f091b6b569 -r 37e20bbf25f5 Resources/ErrorCodes.json --- a/Resources/ErrorCodes.json Wed Apr 08 14:49:54 2020 +0200 +++ b/Resources/ErrorCodes.json Wed Apr 08 14:50:06 2020 +0200 @@ -217,6 +217,11 @@ "Name": "BadGeometry", "Description": "Geometry error encountered in Stone" }, + { + "Code": 39, + "Name": "SslInitialization", + "Description": "Cannot initialize SSL encryption, check out your certificates" + }, diff -r 09f091b6b569 -r 37e20bbf25f5 Resources/LinuxStandardBaseToolchain.cmake --- a/Resources/LinuxStandardBaseToolchain.cmake Wed Apr 08 14:49:54 2020 +0200 +++ b/Resources/LinuxStandardBaseToolchain.cmake Wed Apr 08 14:50:06 2020 +0200 @@ -1,4 +1,12 @@ -# LSB_CC=gcc-4.8 LSB_CXX=g++-4.8 cmake .. -DCMAKE_BUILD_TYPE=Debug -DCMAKE_TOOLCHAIN_FILE=../Resources/LinuxStandardBaseToolchain.cmake -DUSE_LEGACY_JSONCPP=ON -DUSE_LEGACY_LIBICU=ON -DBOOST_LOCALE_BACKEND=icu -G Ninja +# +# Full build, as used on the BuildBot CIS: +# +# $ LSB_CC=gcc-4.8 LSB_CXX=g++-4.8 cmake .. -DCMAKE_BUILD_TYPE=Debug -DCMAKE_TOOLCHAIN_FILE=../Resources/LinuxStandardBaseToolchain.cmake -DUSE_LEGACY_JSONCPP=ON -DUSE_LEGACY_LIBICU=ON -DBOOST_LOCALE_BACKEND=icu -DENABLE_PKCS11=ON -G Ninja +# +# Or, more lightweight version (without libp11 and ICU): +# +# $ LSB_CC=gcc-4.8 LSB_CXX=g++-4.8 cmake .. -DCMAKE_BUILD_TYPE=Debug -DCMAKE_TOOLCHAIN_FILE=../Resources/LinuxStandardBaseToolchain.cmake -DUSE_LEGACY_JSONCPP=ON -G Ninja +# INCLUDE(CMakeForceCompiler) diff -r 09f091b6b569 -r 37e20bbf25f5 Resources/Patches/civetweb-1.12.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/Resources/Patches/civetweb-1.12.patch Wed Apr 08 14:50:06 2020 +0200 @@ -0,0 +1,29 @@ +diff -urEb civetweb-1.12.orig/include/civetweb.h civetweb-1.12/include/civetweb.h +--- civetweb-1.12.orig/include/civetweb.h 2020-04-02 12:07:20.727054140 +0200 ++++ civetweb-1.12/include/civetweb.h 2020-04-02 12:07:42.734996559 +0200 +@@ -1614,6 +1614,9 @@ + struct mg_error_data *error); + #endif + ++// Added by SJ ++CIVETWEB_API void mg_disable_keep_alive(struct mg_connection *conn); ++ + #ifdef __cplusplus + } + #endif /* __cplusplus */ +diff -urEb civetweb-1.12.orig/src/civetweb.c civetweb-1.12/src/civetweb.c +--- civetweb-1.12.orig/src/civetweb.c 2020-04-02 12:07:20.731054129 +0200 ++++ civetweb-1.12/src/civetweb.c 2020-04-02 12:07:52.250971600 +0200 +@@ -20704,5 +20704,12 @@ + return 1; + } + ++// Added by SJ ++void mg_disable_keep_alive(struct mg_connection *conn) ++{ ++ if (conn != NULL) { ++ conn->must_close = 1; ++ } ++} + + /* End of civetweb.c */ diff -r 09f091b6b569 -r 37e20bbf25f5 Resources/Patches/libp11-0.4.0.patch --- a/Resources/Patches/libp11-0.4.0.patch Wed Apr 08 14:49:54 2020 +0200 +++ b/Resources/Patches/libp11-0.4.0.patch Wed Apr 08 14:50:06 2020 +0200 @@ -1,6 +1,6 @@ diff -urEb libp11-0.4.0.orig/src/atfork.c libp11-0.4.0/src/atfork.c ---- libp11-0.4.0.orig/src/atfork.c 2020-03-05 20:48:55.447852662 +0100 -+++ libp11-0.4.0/src/atfork.c 2020-03-05 20:49:05.983770656 +0100 +--- libp11-0.4.0.orig/src/atfork.c 2020-04-02 17:03:55.340634019 +0200 ++++ libp11-0.4.0/src/atfork.c 2020-04-02 17:04:10.152619121 +0200 @@ -25,7 +25,7 @@ #include #include @@ -11,8 +11,8 @@ #ifdef __sun # pragma fini(lib_deinit) diff -urEb libp11-0.4.0.orig/src/engine.h libp11-0.4.0/src/engine.h ---- libp11-0.4.0.orig/src/engine.h 2020-03-05 20:48:55.447852662 +0100 -+++ libp11-0.4.0/src/engine.h 2020-03-05 20:49:05.983770656 +0100 +--- libp11-0.4.0.orig/src/engine.h 2020-04-02 17:03:55.340634019 +0200 ++++ libp11-0.4.0/src/engine.h 2020-04-02 17:04:10.152619121 +0200 @@ -29,7 +29,7 @@ #define _ENGINE_PKCS11_H @@ -23,8 +23,8 @@ #include "libp11.h" diff -urEb libp11-0.4.0.orig/src/libp11-int.h libp11-0.4.0/src/libp11-int.h ---- libp11-0.4.0.orig/src/libp11-int.h 2020-03-05 20:48:55.447852662 +0100 -+++ libp11-0.4.0/src/libp11-int.h 2020-03-05 20:49:05.983770656 +0100 +--- libp11-0.4.0.orig/src/libp11-int.h 2020-04-02 17:03:55.340634019 +0200 ++++ libp11-0.4.0/src/libp11-int.h 2020-04-02 17:04:10.152619121 +0200 @@ -20,7 +20,7 @@ #define _LIBP11_INT_H @@ -35,13 +35,15 @@ #include "libp11.h" diff -urEb libp11-0.4.0.orig/src/p11_key.c libp11-0.4.0/src/p11_key.c ---- libp11-0.4.0.orig/src/p11_key.c 2020-03-05 20:48:55.447852662 +0100 -+++ libp11-0.4.0/src/p11_key.c 2020-03-05 20:49:24.959625180 +0100 -@@ -21,6 +21,10 @@ +--- libp11-0.4.0.orig/src/p11_key.c 2020-04-02 17:03:55.340634019 +0200 ++++ libp11-0.4.0/src/p11_key.c 2020-04-02 17:05:39.892516032 +0200 +@@ -21,6 +21,12 @@ #include #include -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L // OpenSSL 1.0.2 ++#if OPENSSL_VERSION_NUMBER >= 0x10100105L // File renamed in OpenSSL 1.1.1e ++# include ++#elif OPENSSL_VERSION_NUMBER >= 0x10100000L // OpenSSL 1.0.2 +# include +#endif + @@ -49,13 +51,15 @@ #define strncasecmp strnicmp #endif diff -urEb libp11-0.4.0.orig/src/p11_rsa.c libp11-0.4.0/src/p11_rsa.c ---- libp11-0.4.0.orig/src/p11_rsa.c 2020-03-05 20:48:55.447852662 +0100 -+++ libp11-0.4.0/src/p11_rsa.c 2020-03-05 20:49:20.095662204 +0100 -@@ -27,6 +27,10 @@ +--- libp11-0.4.0.orig/src/p11_rsa.c 2020-04-02 17:03:55.340634019 +0200 ++++ libp11-0.4.0/src/p11_rsa.c 2020-04-02 17:05:49.176504198 +0200 +@@ -27,6 +27,12 @@ #include #include -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L // OpenSSL 1.0.2 ++#if OPENSSL_VERSION_NUMBER >= 0x10100105L // File renamed in OpenSSL 1.1.1e ++# include ++#elif OPENSSL_VERSION_NUMBER >= 0x10100000L // OpenSSL 1.0.2 +# include +#endif + diff -r 09f091b6b569 -r 37e20bbf25f5 Resources/Patches/openssl-1.1.1-conf.h.in --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/Resources/Patches/openssl-1.1.1-conf.h.in Wed Apr 08 14:50:06 2020 +0200 @@ -0,0 +1,122 @@ +/* + * {- join("\n * ", @autowarntext) -} + * + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +#ifdef OPENSSL_ALGORITHM_DEFINES +# error OPENSSL_ALGORITHM_DEFINES no longer supported +#endif + + +/* + * Sometimes OPENSSSL_NO_xxx ends up with an empty file and some compilers + * don't like that. This will hopefully silence them. + */ +#define NON_EMPTY_TRANSLATION_UNIT static void *dummy = &dummy; + +/* + * Applications should use -DOPENSSL_API_COMPAT= to suppress the + * declarations of functions deprecated in or before . Otherwise, they + * still won't see them if the library has been built to disable deprecated + * functions. + */ +#ifndef DECLARE_DEPRECATED +# define DECLARE_DEPRECATED(f) f; +# ifdef __GNUC__ +# if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0) +# undef DECLARE_DEPRECATED +# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); +# endif +# endif +#endif + +#ifndef OPENSSL_FILE +# ifdef OPENSSL_NO_FILENAMES +# define OPENSSL_FILE "" +# define OPENSSL_LINE 0 +# else +# define OPENSSL_FILE __FILE__ +# define OPENSSL_LINE __LINE__ +# endif +#endif + +#ifndef OPENSSL_MIN_API +# define OPENSSL_MIN_API 0 +#endif + +#if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < OPENSSL_MIN_API +# undef OPENSSL_API_COMPAT +# define OPENSSL_API_COMPAT OPENSSL_MIN_API +#endif + +/* + * Do not deprecate things to be deprecated in version 1.2.0 before the + * OpenSSL version number matches. + */ +#if OPENSSL_VERSION_NUMBER < 0x10200000L +# define DEPRECATEDIN_1_2_0(f) f; +#elif OPENSSL_API_COMPAT < 0x10200000L +# define DEPRECATEDIN_1_2_0(f) DECLARE_DEPRECATED(f) +#else +# define DEPRECATEDIN_1_2_0(f) +#endif + +#if OPENSSL_API_COMPAT < 0x10100000L +# define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f) +#else +# define DEPRECATEDIN_1_1_0(f) +#endif + +#if OPENSSL_API_COMPAT < 0x10000000L +# define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f) +#else +# define DEPRECATEDIN_1_0_0(f) +#endif + +#if OPENSSL_API_COMPAT < 0x00908000L +# define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f) +#else +# define DEPRECATEDIN_0_9_8(f) +#endif + + +#define OPENSSL_UNISTD + +#if 0 +/* Generate 80386 code? */ +{- ${processor} eq "386" ? "#define" : "#undef" -} I386_ONLY + +#undef OPENSSL_UNISTD +#define OPENSSL_UNISTD {- ${unistd} -} + +{- ${export_var_as_fn} ? "#define" : "#undef" -} OPENSSL_EXPORT_VAR_AS_FUNCTION + +/* + * The following are cipher-specific, but are part of the public API. + */ +#if !defined(OPENSSL_SYS_UEFI) +{- ${bn_ll} ? "# define" : "# undef" -} BN_LLONG +/* Only one for the following should be defined */ +{- ${b64l} ? "# define" : "# undef" -} SIXTY_FOUR_BIT_LONG +{- ${b64} ? "# define" : "# undef" -} SIXTY_FOUR_BIT +{- ${b32} ? "# define" : "# undef" -} THIRTY_TWO_BIT +#endif + +#define RC4_INT {- ${rc4_int} -} +#endif + +#ifdef __cplusplus +} +#endif diff -r 09f091b6b569 -r 37e20bbf25f5 Resources/Patches/openssl-1.1.1d-conf.h.in --- a/Resources/Patches/openssl-1.1.1d-conf.h.in Wed Apr 08 14:49:54 2020 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,122 +0,0 @@ -/* - * {- join("\n * ", @autowarntext) -} - * - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef OPENSSL_ALGORITHM_DEFINES -# error OPENSSL_ALGORITHM_DEFINES no longer supported -#endif - - -/* - * Sometimes OPENSSSL_NO_xxx ends up with an empty file and some compilers - * don't like that. This will hopefully silence them. - */ -#define NON_EMPTY_TRANSLATION_UNIT static void *dummy = &dummy; - -/* - * Applications should use -DOPENSSL_API_COMPAT= to suppress the - * declarations of functions deprecated in or before . Otherwise, they - * still won't see them if the library has been built to disable deprecated - * functions. - */ -#ifndef DECLARE_DEPRECATED -# define DECLARE_DEPRECATED(f) f; -# ifdef __GNUC__ -# if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0) -# undef DECLARE_DEPRECATED -# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); -# endif -# endif -#endif - -#ifndef OPENSSL_FILE -# ifdef OPENSSL_NO_FILENAMES -# define OPENSSL_FILE "" -# define OPENSSL_LINE 0 -# else -# define OPENSSL_FILE __FILE__ -# define OPENSSL_LINE __LINE__ -# endif -#endif - -#ifndef OPENSSL_MIN_API -# define OPENSSL_MIN_API 0 -#endif - -#if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < OPENSSL_MIN_API -# undef OPENSSL_API_COMPAT -# define OPENSSL_API_COMPAT OPENSSL_MIN_API -#endif - -/* - * Do not deprecate things to be deprecated in version 1.2.0 before the - * OpenSSL version number matches. - */ -#if OPENSSL_VERSION_NUMBER < 0x10200000L -# define DEPRECATEDIN_1_2_0(f) f; -#elif OPENSSL_API_COMPAT < 0x10200000L -# define DEPRECATEDIN_1_2_0(f) DECLARE_DEPRECATED(f) -#else -# define DEPRECATEDIN_1_2_0(f) -#endif - -#if OPENSSL_API_COMPAT < 0x10100000L -# define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f) -#else -# define DEPRECATEDIN_1_1_0(f) -#endif - -#if OPENSSL_API_COMPAT < 0x10000000L -# define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f) -#else -# define DEPRECATEDIN_1_0_0(f) -#endif - -#if OPENSSL_API_COMPAT < 0x00908000L -# define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f) -#else -# define DEPRECATEDIN_0_9_8(f) -#endif - - -#define OPENSSL_UNISTD - -#if 0 -/* Generate 80386 code? */ -{- ${processor} eq "386" ? "#define" : "#undef" -} I386_ONLY - -#undef OPENSSL_UNISTD -#define OPENSSL_UNISTD {- ${unistd} -} - -{- ${export_var_as_fn} ? "#define" : "#undef" -} OPENSSL_EXPORT_VAR_AS_FUNCTION - -/* - * The following are cipher-specific, but are part of the public API. - */ -#if !defined(OPENSSL_SYS_UEFI) -{- ${bn_ll} ? "# define" : "# undef" -} BN_LLONG -/* Only one for the following should be defined */ -{- ${b64l} ? "# define" : "# undef" -} SIXTY_FOUR_BIT_LONG -{- ${b64} ? "# define" : "# undef" -} SIXTY_FOUR_BIT -{- ${b32} ? "# define" : "# undef" -} THIRTY_TWO_BIT -#endif - -#define RC4_INT {- ${rc4_int} -} -#endif - -#ifdef __cplusplus -} -#endif diff -r 09f091b6b569 -r 37e20bbf25f5 Resources/Patches/openssl-1.1.1f.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/Resources/Patches/openssl-1.1.1f.patch Wed Apr 08 14:50:06 2020 +0200 @@ -0,0 +1,19 @@ +diff -urEb openssl-1.1.1f.orig/crypto/rand/rand_unix.c openssl-1.1.1f/crypto/rand/rand_unix.c +--- openssl-1.1.1f.orig/crypto/rand/rand_unix.c 2020-03-31 14:17:45.000000000 +0200 ++++ openssl-1.1.1f/crypto/rand/rand_unix.c 2020-04-02 16:38:56.091240847 +0200 +@@ -445,6 +445,7 @@ + * system call and this should always succeed which renders + * this alternative but essentially identical source moot. + */ ++#if !defined(__LSB_VERSION__) // "syscall()" is not available in LSB + if (uname(&un) == 0) { + kernel[0] = atoi(un.release); + p = strchr(un.release, '.'); +@@ -455,6 +456,7 @@ + return 0; + } + } ++#endif + /* Open /dev/random and wait for it to be readable */ + if ((fd = open(DEVRANDOM_WAIT, O_RDONLY)) != -1) { + if (DEVRANDM_WAIT_USE_SELECT && fd < FD_SETSIZE) { diff -r 09f091b6b569 -r 37e20bbf25f5 Resources/Samples/ImportDicomFiles/ImportDicomFiles.py --- a/Resources/Samples/ImportDicomFiles/ImportDicomFiles.py Wed Apr 08 14:49:54 2020 +0200 +++ b/Resources/Samples/ImportDicomFiles/ImportDicomFiles.py Wed Apr 08 14:50:06 2020 +0200 @@ -72,7 +72,10 @@ # Authentication (for some weird reason, this method does # not always work) # http://en.wikipedia.org/wiki/Basic_access_authentication - headers['authorization'] = 'Basic ' + base64.b64encode(username + ':' + password) + creds_str = username + ':' + password + creds_str_bytes = creds_str.encode("ascii") + creds_str_bytes_b64 = b'Basic ' + base64.b64encode(creds_str_bytes) + headers['authorization'] = creds_str_bytes_b64.decode("ascii") resp, content = h.request(URL, 'POST', body = content, @@ -85,6 +88,8 @@ sys.stdout.write(" => failure (Is it a DICOM file? Is there a password?)\n") except: + type, value, traceback = sys.exc_info() + sys.stderr.write(str(value)) sys.stdout.write(" => unable to connect (Is Orthanc running? Is there a password?)\n") diff -r 09f091b6b569 -r 37e20bbf25f5 UnitTestsSources/VersionsTests.cpp --- a/UnitTestsSources/VersionsTests.cpp Wed Apr 08 14:49:54 2020 +0200 +++ b/UnitTestsSources/VersionsTests.cpp Wed Apr 08 14:50:06 2020 +0200 @@ -185,7 +185,7 @@ TEST(Version, OpenSslStatic) { ASSERT_TRUE(OPENSSL_VERSION_NUMBER == 0x1000210fL /* openssl-1.0.2p */ || - OPENSSL_VERSION_NUMBER == 0x1010104fL /* openssl-1.1.1d */); + OPENSSL_VERSION_NUMBER == 0x1010106fL /* openssl-1.1.1f */); } #endif @@ -208,7 +208,7 @@ TEST(Version, Civetweb) { ASSERT_EQ(1, CIVETWEB_VERSION_MAJOR); - ASSERT_EQ(11, CIVETWEB_VERSION_MINOR); + ASSERT_EQ(12, CIVETWEB_VERSION_MINOR); ASSERT_EQ(0, CIVETWEB_VERSION_PATCH); } #endif