# HG changeset patch
# User Sebastien Jodogne <s.jodogne@gmail.com>
# Date 1585838720 -7200
# Node ID cdb429340112d721e6b16771f2c41860e4df3f9a
# Parent  552703b3711447d8edf3f518febcea974ddc9c72
Fix OpenSSL initialization on Linux Standard Base

diff -r 552703b37114 -r cdb429340112 NEWS
--- a/NEWS	Thu Apr 02 14:50:49 2020 +0200
+++ b/NEWS	Thu Apr 02 16:45:20 2020 +0200
@@ -6,6 +6,7 @@
 -----------
 
 * Source code repository moved from BitBucket to self-hosted server
+* Fix OpenSSL initialization on Linux Standard Base
 * Fix lookup form in Orthanc Explorer (wildcards not allowed in StudyDate)
 * Fix signature of "OrthancPluginRegisterStorageCommitmentScpCallback()" in plugins SDK
 * Error reporting on failure while initializing SSL
diff -r 552703b37114 -r cdb429340112 Resources/CMake/OpenSslConfigurationStatic-1.1.1.cmake
--- a/Resources/CMake/OpenSslConfigurationStatic-1.1.1.cmake	Thu Apr 02 14:50:49 2020 +0200
+++ b/Resources/CMake/OpenSslConfigurationStatic-1.1.1.cmake	Thu Apr 02 16:45:20 2020 +0200
@@ -231,10 +231,14 @@
     )
  
 elseif ("${CMAKE_SYSTEM_VERSION}" STREQUAL "LinuxStandardBase")
-  # In order for "crypto/mem_sec.c" to compile on LSB
   add_definitions(
+    # In order for "crypto/mem_sec.c" to compile on LSB
     -DOPENSSL_NO_SECURE_MEMORY
-    -DOPENSSL_RAND_SEED_OS
+
+    # The "OPENSSL_RAND_SEED_OS" value implies a syscall() to
+    # "__NR_getrandom" (i.e. system call "getentropy(2)") in
+    # "rand_unix.c", which is not available in LSB.
+    -DOPENSSL_RAND_SEED_DEVRANDOM
     )
 
 else()
diff -r 552703b37114 -r cdb429340112 Resources/Patches/openssl-1.1.1f.patch
--- a/Resources/Patches/openssl-1.1.1f.patch	Thu Apr 02 14:50:49 2020 +0200
+++ b/Resources/Patches/openssl-1.1.1f.patch	Thu Apr 02 16:45:20 2020 +0200
@@ -1,12 +1,19 @@
 diff -urEb openssl-1.1.1f.orig/crypto/rand/rand_unix.c openssl-1.1.1f/crypto/rand/rand_unix.c
---- openssl-1.1.1f.orig/crypto/rand/rand_unix.c	2020-04-02 13:14:23.195439492 +0200
-+++ openssl-1.1.1f/crypto/rand/rand_unix.c	2020-04-02 13:15:18.079473769 +0200
-@@ -387,7 +387,7 @@
- #  endif
- 
-     /* Linux supports this since version 3.17 */
--#  if defined(__linux) && defined(__NR_getrandom)
-+#  if defined(__linux) && defined(__NR_getrandom) && !defined(__LSB_VERSION__)
-     return syscall(__NR_getrandom, buf, buflen, 0);
- #  elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND)
-     return sysctl_random(buf, buflen);
+--- openssl-1.1.1f.orig/crypto/rand/rand_unix.c	2020-03-31 14:17:45.000000000 +0200
++++ openssl-1.1.1f/crypto/rand/rand_unix.c	2020-04-02 16:38:56.091240847 +0200
+@@ -445,6 +445,7 @@
+              * system call and this should always succeed which renders
+              * this alternative but essentially identical source moot.
+              */
++#if !defined(__LSB_VERSION__)  // "syscall()" is not available in LSB
+             if (uname(&un) == 0) {
+                 kernel[0] = atoi(un.release);
+                 p = strchr(un.release, '.');
+@@ -455,6 +456,7 @@
+                     return 0;
+                 }
+             }
++#endif
+             /* Open /dev/random and wait for it to be readable */
+             if ((fd = open(DEVRANDOM_WAIT, O_RDONLY)) != -1) {
+                 if (DEVRANDM_WAIT_USE_SELECT && fd < FD_SETSIZE) {