# HG changeset patch # User Sebastien Jodogne # Date 1583422975 -3600 # Node ID faa695f433d5c9efbb1fa93e90a1d443b39e81aa # Parent d737173197e14c1a5675281813bff8874bbf30b2 upgraded OpenSSL to 1.1.1d diff -r d737173197e1 -r faa695f433d5 Core/Toolbox.cpp --- a/Core/Toolbox.cpp Thu Mar 05 14:19:12 2020 +0100 +++ b/Core/Toolbox.cpp Thu Mar 05 16:42:55 2020 +0100 @@ -1700,7 +1700,11 @@ #ifdef FIPS_mode_set FIPS_mode_set(0); #endif + +#if !defined(OPENSSL_NO_ENGINE) ENGINE_cleanup(); +#endif + CONF_modules_unload(1); EVP_cleanup(); CRYPTO_cleanup_all_ex_data(); diff -r d737173197e1 -r faa695f433d5 NEWS --- a/NEWS Thu Mar 05 14:19:12 2020 +0100 +++ b/NEWS Thu Mar 05 16:42:55 2020 +0100 @@ -48,6 +48,7 @@ * Fix issue #168 (Plugins can't read private tags from the configuration file) * Upgraded dependencies for static builds (notably on Windows): - dcmtk 3.6.5 + - openssl 1.1.1d Version 1.5.8 (2019-10-16) diff -r d737173197e1 -r faa695f433d5 Resources/CMake/LibCurlConfiguration.cmake --- a/Resources/CMake/LibCurlConfiguration.cmake Thu Mar 05 14:19:12 2020 +0100 +++ b/Resources/CMake/LibCurlConfiguration.cmake Thu Mar 05 16:42:55 2020 +0100 @@ -60,7 +60,7 @@ ) endif() - if (NOT EXISTS "${CURL_SOURCES_DIR}/lib/curl_config.h") + if (NOT EXISTS "${CURL_SOURCES_DIR}/lib/vauth/vauth/vauth.h") #file(WRITE ${CURL_SOURCES_DIR}/lib/curl_config.h "") file(WRITE ${CURL_SOURCES_DIR}/lib/vauth/vauth/vauth.h "#include \"../vauth.h\"\n") diff -r d737173197e1 -r faa695f433d5 Resources/CMake/OpenSslConfiguration.cmake --- a/Resources/CMake/OpenSslConfiguration.cmake Thu Mar 05 14:19:12 2020 +0100 +++ b/Resources/CMake/OpenSslConfiguration.cmake Thu Mar 05 16:42:55 2020 +0100 @@ -1,335 +1,10 @@ if (STATIC_BUILD OR NOT USE_SYSTEM_OPENSSL) - SET(OPENSSL_SOURCES_DIR ${CMAKE_BINARY_DIR}/openssl-1.0.2p) - SET(OPENSSL_URL "http://orthanc.osimis.io/ThirdPartyDownloads/openssl-1.0.2p.tar.gz") - SET(OPENSSL_MD5 "ac5eb30bf5798aa14b1ae6d0e7da58df") - - if (IS_DIRECTORY "${OPENSSL_SOURCES_DIR}") - set(FirstRun OFF) + if (OPENSSL_STATIC_VERSION STREQUAL "1.0.2") + include(${CMAKE_CURRENT_LIST_DIR}/OpenSslConfigurationStatic-1.0.2.cmake) + elseif (OPENSSL_STATIC_VERSION STREQUAL "1.1.1") + include(${CMAKE_CURRENT_LIST_DIR}/OpenSslConfigurationStatic-1.1.1.cmake) else() - set(FirstRun ON) - endif() - - DownloadPackage(${OPENSSL_MD5} ${OPENSSL_URL} "${OPENSSL_SOURCES_DIR}") - - if (FirstRun) - file(MAKE_DIRECTORY ${OPENSSL_SOURCES_DIR}/include/openssl) - - foreach(header - ${OPENSSL_SOURCES_DIR}/crypto/aes/aes.h - ${OPENSSL_SOURCES_DIR}/crypto/asn1/asn1.h - ${OPENSSL_SOURCES_DIR}/crypto/asn1/asn1_mac.h - ${OPENSSL_SOURCES_DIR}/crypto/asn1/asn1t.h - ${OPENSSL_SOURCES_DIR}/crypto/bf/blowfish.h - ${OPENSSL_SOURCES_DIR}/crypto/bio/bio.h - ${OPENSSL_SOURCES_DIR}/crypto/bn/bn.h - ${OPENSSL_SOURCES_DIR}/crypto/buffer/buffer.h - ${OPENSSL_SOURCES_DIR}/crypto/camellia/camellia.h - ${OPENSSL_SOURCES_DIR}/crypto/cast/cast.h - ${OPENSSL_SOURCES_DIR}/crypto/cmac/cmac.h - ${OPENSSL_SOURCES_DIR}/crypto/cms/cms.h - ${OPENSSL_SOURCES_DIR}/crypto/comp/comp.h - ${OPENSSL_SOURCES_DIR}/crypto/conf/conf.h - ${OPENSSL_SOURCES_DIR}/crypto/conf/conf_api.h - ${OPENSSL_SOURCES_DIR}/crypto/crypto.h - ${OPENSSL_SOURCES_DIR}/crypto/des/des.h - ${OPENSSL_SOURCES_DIR}/crypto/des/des_old.h - ${OPENSSL_SOURCES_DIR}/crypto/dh/dh.h - ${OPENSSL_SOURCES_DIR}/crypto/dsa/dsa.h - ${OPENSSL_SOURCES_DIR}/crypto/dso/dso.h - ${OPENSSL_SOURCES_DIR}/crypto/ebcdic.h - ${OPENSSL_SOURCES_DIR}/crypto/ec/ec.h - ${OPENSSL_SOURCES_DIR}/crypto/ecdh/ecdh.h - ${OPENSSL_SOURCES_DIR}/crypto/ecdsa/ecdsa.h - ${OPENSSL_SOURCES_DIR}/crypto/engine/engine.h - ${OPENSSL_SOURCES_DIR}/crypto/err/err.h - ${OPENSSL_SOURCES_DIR}/crypto/evp/evp.h - ${OPENSSL_SOURCES_DIR}/crypto/hmac/hmac.h - ${OPENSSL_SOURCES_DIR}/crypto/idea/idea.h - ${OPENSSL_SOURCES_DIR}/crypto/jpake/jpake.h - ${OPENSSL_SOURCES_DIR}/crypto/krb5/krb5_asn.h - ${OPENSSL_SOURCES_DIR}/crypto/lhash/lhash.h - ${OPENSSL_SOURCES_DIR}/crypto/md2/md2.h - ${OPENSSL_SOURCES_DIR}/crypto/md4/md4.h - ${OPENSSL_SOURCES_DIR}/crypto/md5/md5.h - ${OPENSSL_SOURCES_DIR}/crypto/mdc2/mdc2.h - ${OPENSSL_SOURCES_DIR}/crypto/modes/modes.h - ${OPENSSL_SOURCES_DIR}/crypto/objects/obj_mac.h - ${OPENSSL_SOURCES_DIR}/crypto/objects/objects.h - ${OPENSSL_SOURCES_DIR}/crypto/ocsp/ocsp.h - ${OPENSSL_SOURCES_DIR}/crypto/opensslconf.h - ${OPENSSL_SOURCES_DIR}/crypto/opensslv.h - ${OPENSSL_SOURCES_DIR}/crypto/ossl_typ.h - ${OPENSSL_SOURCES_DIR}/crypto/pem/pem.h - ${OPENSSL_SOURCES_DIR}/crypto/pem/pem2.h - ${OPENSSL_SOURCES_DIR}/crypto/pkcs12/pkcs12.h - ${OPENSSL_SOURCES_DIR}/crypto/pkcs7/pkcs7.h - ${OPENSSL_SOURCES_DIR}/crypto/pqueue/pqueue.h - ${OPENSSL_SOURCES_DIR}/crypto/rand/rand.h - ${OPENSSL_SOURCES_DIR}/crypto/rc2/rc2.h - ${OPENSSL_SOURCES_DIR}/crypto/rc4/rc4.h - ${OPENSSL_SOURCES_DIR}/crypto/rc5/rc5.h - ${OPENSSL_SOURCES_DIR}/crypto/ripemd/ripemd.h - ${OPENSSL_SOURCES_DIR}/crypto/rsa/rsa.h - ${OPENSSL_SOURCES_DIR}/crypto/seed/seed.h - ${OPENSSL_SOURCES_DIR}/crypto/sha/sha.h - ${OPENSSL_SOURCES_DIR}/crypto/srp/srp.h - ${OPENSSL_SOURCES_DIR}/crypto/stack/safestack.h - ${OPENSSL_SOURCES_DIR}/crypto/stack/stack.h - ${OPENSSL_SOURCES_DIR}/crypto/store/store.h - ${OPENSSL_SOURCES_DIR}/crypto/symhacks.h - ${OPENSSL_SOURCES_DIR}/crypto/ts/ts.h - ${OPENSSL_SOURCES_DIR}/crypto/txt_db/txt_db.h - ${OPENSSL_SOURCES_DIR}/crypto/ui/ui.h - ${OPENSSL_SOURCES_DIR}/crypto/ui/ui_compat.h - ${OPENSSL_SOURCES_DIR}/crypto/whrlpool/whrlpool.h - ${OPENSSL_SOURCES_DIR}/crypto/x509/x509.h - ${OPENSSL_SOURCES_DIR}/crypto/x509/x509_vfy.h - ${OPENSSL_SOURCES_DIR}/crypto/x509v3/x509v3.h - ${OPENSSL_SOURCES_DIR}/e_os2.h - ${OPENSSL_SOURCES_DIR}/ssl/dtls1.h - ${OPENSSL_SOURCES_DIR}/ssl/kssl.h - ${OPENSSL_SOURCES_DIR}/ssl/srtp.h - ${OPENSSL_SOURCES_DIR}/ssl/ssl.h - ${OPENSSL_SOURCES_DIR}/ssl/ssl2.h - ${OPENSSL_SOURCES_DIR}/ssl/ssl23.h - ${OPENSSL_SOURCES_DIR}/ssl/ssl3.h - ${OPENSSL_SOURCES_DIR}/ssl/tls1.h - ) - file(COPY ${header} DESTINATION ${OPENSSL_SOURCES_DIR}/include/openssl) - endforeach() - - file(RENAME - ${OPENSSL_SOURCES_DIR}/include/openssl/e_os2.h - ${OPENSSL_SOURCES_DIR}/include/openssl/e_os2_source.h) - - # The following patch of "e_os2.h" prevents from building OpenSSL - # as a DLL under Windows. Otherwise, symbols have inconsistent - # linkage if ${OPENSSL_SOURCES} is used to create a DLL (notably - # if building an Orthanc plugin such as MySQL). - file(WRITE ${OPENSSL_SOURCES_DIR}/include/openssl/e_os2.h " -#include \"e_os2_source.h\" -#if defined(_WIN32) -# undef OPENSSL_EXPORT -# undef OPENSSL_IMPORT -# undef OPENSSL_EXTERN -# undef OPENSSL_GLOBAL -# define OPENSSL_EXPORT -# define OPENSSL_IMPORT -# define OPENSSL_EXTERN extern -# define OPENSSL_GLOBAL -#endif -") - endif() - - add_definitions( - -DOPENSSL_THREADS - -DOPENSSL_IA32_SSE2 - -DOPENSSL_NO_ASM - -DOPENSSL_NO_DYNAMIC_ENGINE - -DNO_WINDOWS_BRAINDEATH - - -DOPENSSL_NO_BF - -DOPENSSL_NO_CAMELLIA - -DOPENSSL_NO_CAST - -DOPENSSL_NO_EC_NISTP_64_GCC_128 - -DOPENSSL_NO_GMP - -DOPENSSL_NO_GOST - -DOPENSSL_NO_HW - -DOPENSSL_NO_JPAKE - -DOPENSSL_NO_IDEA - -DOPENSSL_NO_KRB5 - -DOPENSSL_NO_MD2 - -DOPENSSL_NO_MDC2 - #-DOPENSSL_NO_MD4 # MD4 is necessary for MariaDB/MySQL client - -DOPENSSL_NO_RC2 - -DOPENSSL_NO_RC4 - -DOPENSSL_NO_RC5 - -DOPENSSL_NO_RFC3779 - -DOPENSSL_NO_SCTP - -DOPENSSL_NO_STORE - -DOPENSSL_NO_SEED - -DOPENSSL_NO_WHIRLPOOL - -DOPENSSL_NO_RIPEMD - ) - - include_directories( - ${OPENSSL_SOURCES_DIR} - ${OPENSSL_SOURCES_DIR}/crypto - ${OPENSSL_SOURCES_DIR}/crypto/asn1 - ${OPENSSL_SOURCES_DIR}/crypto/modes - ${OPENSSL_SOURCES_DIR}/crypto/evp - ${OPENSSL_SOURCES_DIR}/include - ) - - set(OPENSSL_SOURCES_SUBDIRS - ${OPENSSL_SOURCES_DIR}/crypto - ${OPENSSL_SOURCES_DIR}/crypto/aes - ${OPENSSL_SOURCES_DIR}/crypto/asn1 - ${OPENSSL_SOURCES_DIR}/crypto/bio - ${OPENSSL_SOURCES_DIR}/crypto/bn - ${OPENSSL_SOURCES_DIR}/crypto/buffer - ${OPENSSL_SOURCES_DIR}/crypto/cmac - ${OPENSSL_SOURCES_DIR}/crypto/cms - ${OPENSSL_SOURCES_DIR}/crypto/comp - ${OPENSSL_SOURCES_DIR}/crypto/conf - ${OPENSSL_SOURCES_DIR}/crypto/des - ${OPENSSL_SOURCES_DIR}/crypto/dh - ${OPENSSL_SOURCES_DIR}/crypto/dsa - ${OPENSSL_SOURCES_DIR}/crypto/dso - ${OPENSSL_SOURCES_DIR}/crypto/engine - ${OPENSSL_SOURCES_DIR}/crypto/err - ${OPENSSL_SOURCES_DIR}/crypto/evp - ${OPENSSL_SOURCES_DIR}/crypto/hmac - ${OPENSSL_SOURCES_DIR}/crypto/lhash - ${OPENSSL_SOURCES_DIR}/crypto/md4 - ${OPENSSL_SOURCES_DIR}/crypto/md5 - ${OPENSSL_SOURCES_DIR}/crypto/modes - ${OPENSSL_SOURCES_DIR}/crypto/objects - ${OPENSSL_SOURCES_DIR}/crypto/ocsp - ${OPENSSL_SOURCES_DIR}/crypto/pem - ${OPENSSL_SOURCES_DIR}/crypto/pkcs12 - ${OPENSSL_SOURCES_DIR}/crypto/pkcs7 - ${OPENSSL_SOURCES_DIR}/crypto/pqueue - ${OPENSSL_SOURCES_DIR}/crypto/rand - ${OPENSSL_SOURCES_DIR}/crypto/rsa - ${OPENSSL_SOURCES_DIR}/crypto/sha - ${OPENSSL_SOURCES_DIR}/crypto/srp - ${OPENSSL_SOURCES_DIR}/crypto/stack - ${OPENSSL_SOURCES_DIR}/crypto/ts - ${OPENSSL_SOURCES_DIR}/crypto/txt_db - ${OPENSSL_SOURCES_DIR}/crypto/ui - ${OPENSSL_SOURCES_DIR}/crypto/x509 - ${OPENSSL_SOURCES_DIR}/crypto/x509v3 - ${OPENSSL_SOURCES_DIR}/ssl - ) - - if (ENABLE_OPENSSL_ENGINES) - list(APPEND OPENSSL_SOURCES_SUBDIRS - ${OPENSSL_SOURCES_DIR}/engines - ) - endif() - - list(APPEND OPENSSL_SOURCES_SUBDIRS - # EC, ECDH and ECDSA are necessary for PKCS11, and for contacting - # HTTPS servers that use TLS certificate encrypted with ECDSA - # (check the output of a recent version of the "sslscan" - # command). Until Orthanc <= 1.4.1, these features were only - # enabled if ENABLE_PKCS11 support was set to "ON". - # https://groups.google.com/d/msg/orthanc-users/2l-bhYIMEWg/oMmK33bYBgAJ - ${OPENSSL_SOURCES_DIR}/crypto/ec - ${OPENSSL_SOURCES_DIR}/crypto/ecdh - ${OPENSSL_SOURCES_DIR}/crypto/ecdsa - ) - - foreach(d ${OPENSSL_SOURCES_SUBDIRS}) - AUX_SOURCE_DIRECTORY(${d} OPENSSL_SOURCES) - endforeach() - - list(REMOVE_ITEM OPENSSL_SOURCES - ${OPENSSL_SOURCES_DIR}/crypto/LPdir_unix.c - ${OPENSSL_SOURCES_DIR}/crypto/LPdir_vms.c - ${OPENSSL_SOURCES_DIR}/crypto/LPdir_win.c - ${OPENSSL_SOURCES_DIR}/crypto/LPdir_win32.c - ${OPENSSL_SOURCES_DIR}/crypto/LPdir_wince.c - ${OPENSSL_SOURCES_DIR}/crypto/armcap.c - ${OPENSSL_SOURCES_DIR}/crypto/bf/bfs.cpp - ${OPENSSL_SOURCES_DIR}/crypto/bio/bss_rtcp.c - ${OPENSSL_SOURCES_DIR}/crypto/bn/exp.c - ${OPENSSL_SOURCES_DIR}/crypto/conf/cnf_save.c - ${OPENSSL_SOURCES_DIR}/crypto/conf/test.c - ${OPENSSL_SOURCES_DIR}/crypto/des/des.c - ${OPENSSL_SOURCES_DIR}/crypto/des/des3s.cpp - ${OPENSSL_SOURCES_DIR}/crypto/des/des_opts.c - ${OPENSSL_SOURCES_DIR}/crypto/des/dess.cpp - ${OPENSSL_SOURCES_DIR}/crypto/des/read_pwd.c - ${OPENSSL_SOURCES_DIR}/crypto/des/speed.c - ${OPENSSL_SOURCES_DIR}/crypto/evp/e_dsa.c - ${OPENSSL_SOURCES_DIR}/crypto/evp/m_ripemd.c - ${OPENSSL_SOURCES_DIR}/crypto/lhash/lh_test.c - ${OPENSSL_SOURCES_DIR}/crypto/md4/md4.c - ${OPENSSL_SOURCES_DIR}/crypto/md4/md4s.cpp - ${OPENSSL_SOURCES_DIR}/crypto/md4/md4test.c - ${OPENSSL_SOURCES_DIR}/crypto/md5/md5s.cpp - ${OPENSSL_SOURCES_DIR}/crypto/pkcs7/bio_ber.c - ${OPENSSL_SOURCES_DIR}/crypto/pkcs7/pk7_enc.c - ${OPENSSL_SOURCES_DIR}/crypto/ppccap.c - ${OPENSSL_SOURCES_DIR}/crypto/rand/randtest.c - ${OPENSSL_SOURCES_DIR}/crypto/s390xcap.c - ${OPENSSL_SOURCES_DIR}/crypto/sparcv9cap.c - ${OPENSSL_SOURCES_DIR}/crypto/x509v3/tabtest.c - ${OPENSSL_SOURCES_DIR}/crypto/x509v3/v3conf.c - ${OPENSSL_SOURCES_DIR}/ssl/ssl_task.c - ${OPENSSL_SOURCES_DIR}/crypto/LPdir_nyi.c - ${OPENSSL_SOURCES_DIR}/crypto/aes/aes_x86core.c - ${OPENSSL_SOURCES_DIR}/crypto/bio/bss_dgram.c - ${OPENSSL_SOURCES_DIR}/crypto/bn/bntest.c - ${OPENSSL_SOURCES_DIR}/crypto/bn/expspeed.c - ${OPENSSL_SOURCES_DIR}/crypto/bn/exptest.c - ${OPENSSL_SOURCES_DIR}/crypto/engine/enginetest.c - ${OPENSSL_SOURCES_DIR}/crypto/evp/evp_test.c - ${OPENSSL_SOURCES_DIR}/crypto/hmac/hmactest.c - ${OPENSSL_SOURCES_DIR}/crypto/md5/md5.c - ${OPENSSL_SOURCES_DIR}/crypto/md5/md5test.c - ${OPENSSL_SOURCES_DIR}/crypto/o_dir_test.c - ${OPENSSL_SOURCES_DIR}/crypto/pkcs7/dec.c - ${OPENSSL_SOURCES_DIR}/crypto/pkcs7/enc.c - ${OPENSSL_SOURCES_DIR}/crypto/pkcs7/sign.c - ${OPENSSL_SOURCES_DIR}/crypto/pkcs7/verify.c - ${OPENSSL_SOURCES_DIR}/crypto/rsa/rsa_test.c - ${OPENSSL_SOURCES_DIR}/crypto/sha/sha.c - ${OPENSSL_SOURCES_DIR}/crypto/sha/sha1.c - ${OPENSSL_SOURCES_DIR}/crypto/sha/sha1t.c - ${OPENSSL_SOURCES_DIR}/crypto/sha/sha1test.c - ${OPENSSL_SOURCES_DIR}/crypto/sha/sha256t.c - ${OPENSSL_SOURCES_DIR}/crypto/sha/sha512t.c - ${OPENSSL_SOURCES_DIR}/crypto/sha/shatest.c - ${OPENSSL_SOURCES_DIR}/crypto/srp/srptest.c - - ${OPENSSL_SOURCES_DIR}/crypto/bn/divtest.c - ${OPENSSL_SOURCES_DIR}/crypto/bn/bnspeed.c - ${OPENSSL_SOURCES_DIR}/crypto/des/destest.c - ${OPENSSL_SOURCES_DIR}/crypto/dh/p192.c - ${OPENSSL_SOURCES_DIR}/crypto/dh/p512.c - ${OPENSSL_SOURCES_DIR}/crypto/dh/p1024.c - ${OPENSSL_SOURCES_DIR}/crypto/des/rpw.c - ${OPENSSL_SOURCES_DIR}/ssl/ssltest.c - ${OPENSSL_SOURCES_DIR}/crypto/dsa/dsagen.c - ${OPENSSL_SOURCES_DIR}/crypto/dsa/dsatest.c - ${OPENSSL_SOURCES_DIR}/crypto/dh/dhtest.c - ${OPENSSL_SOURCES_DIR}/crypto/pqueue/pq_test.c - ${OPENSSL_SOURCES_DIR}/crypto/des/ncbc_enc.c - - ${OPENSSL_SOURCES_DIR}/crypto/evp/evp_extra_test.c - ${OPENSSL_SOURCES_DIR}/crypto/evp/verify_extra_test.c - ${OPENSSL_SOURCES_DIR}/crypto/x509/verify_extra_test.c - ${OPENSSL_SOURCES_DIR}/crypto/x509v3/v3prin.c - ${OPENSSL_SOURCES_DIR}/crypto/x509v3/v3nametest.c - ${OPENSSL_SOURCES_DIR}/crypto/constant_time_test.c - - ${OPENSSL_SOURCES_DIR}/ssl/heartbeat_test.c - ${OPENSSL_SOURCES_DIR}/ssl/fatalerrtest.c - ${OPENSSL_SOURCES_DIR}/ssl/dtlstest.c - ${OPENSSL_SOURCES_DIR}/ssl/bad_dtls_test.c - ${OPENSSL_SOURCES_DIR}/ssl/clienthellotest.c - ${OPENSSL_SOURCES_DIR}/ssl/sslv2conftest.c - - ${OPENSSL_SOURCES_DIR}/crypto/ec/ecp_nistz256.c - ${OPENSSL_SOURCES_DIR}/crypto/ec/ecp_nistz256_table.c - ${OPENSSL_SOURCES_DIR}/crypto/ec/ectest.c - ${OPENSSL_SOURCES_DIR}/crypto/ecdh/ecdhtest.c - ${OPENSSL_SOURCES_DIR}/crypto/ecdsa/ecdsatest.c - ) - - - if ("${CMAKE_SYSTEM_NAME}" STREQUAL "Windows") - set_source_files_properties( - ${OPENSSL_SOURCES} - PROPERTIES COMPILE_DEFINITIONS - "OPENSSL_SYSNAME_WIN32;SO_WIN32;WIN32_LEAN_AND_MEAN;L_ENDIAN") - - if (ENABLE_OPENSSL_ENGINES) - link_libraries(crypt32) - endif() + message(FATAL_ERROR "Unsupported version of OpenSSL: ${OPENSSL_STATIC_VERSION}") endif() source_group(ThirdParty\\OpenSSL REGULAR_EXPRESSION ${OPENSSL_SOURCES_DIR}/.*) diff -r d737173197e1 -r faa695f433d5 Resources/CMake/OpenSslConfigurationStatic-1.0.2.cmake --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/Resources/CMake/OpenSslConfigurationStatic-1.0.2.cmake Thu Mar 05 16:42:55 2020 +0100 @@ -0,0 +1,332 @@ +SET(OPENSSL_SOURCES_DIR ${CMAKE_BINARY_DIR}/openssl-1.0.2p) +SET(OPENSSL_URL "http://orthanc.osimis.io/ThirdPartyDownloads/openssl-1.0.2p.tar.gz") +SET(OPENSSL_MD5 "ac5eb30bf5798aa14b1ae6d0e7da58df") + +if (IS_DIRECTORY "${OPENSSL_SOURCES_DIR}") + set(FirstRun OFF) +else() + set(FirstRun ON) +endif() + +DownloadPackage(${OPENSSL_MD5} ${OPENSSL_URL} "${OPENSSL_SOURCES_DIR}") + +if (FirstRun) + file(MAKE_DIRECTORY ${OPENSSL_SOURCES_DIR}/include/openssl) + + foreach(header + ${OPENSSL_SOURCES_DIR}/crypto/aes/aes.h + ${OPENSSL_SOURCES_DIR}/crypto/asn1/asn1.h + ${OPENSSL_SOURCES_DIR}/crypto/asn1/asn1_mac.h + ${OPENSSL_SOURCES_DIR}/crypto/asn1/asn1t.h + ${OPENSSL_SOURCES_DIR}/crypto/bf/blowfish.h + ${OPENSSL_SOURCES_DIR}/crypto/bio/bio.h + ${OPENSSL_SOURCES_DIR}/crypto/bn/bn.h + ${OPENSSL_SOURCES_DIR}/crypto/buffer/buffer.h + ${OPENSSL_SOURCES_DIR}/crypto/camellia/camellia.h + ${OPENSSL_SOURCES_DIR}/crypto/cast/cast.h + ${OPENSSL_SOURCES_DIR}/crypto/cmac/cmac.h + ${OPENSSL_SOURCES_DIR}/crypto/cms/cms.h + ${OPENSSL_SOURCES_DIR}/crypto/comp/comp.h + ${OPENSSL_SOURCES_DIR}/crypto/conf/conf.h + ${OPENSSL_SOURCES_DIR}/crypto/conf/conf_api.h + ${OPENSSL_SOURCES_DIR}/crypto/crypto.h + ${OPENSSL_SOURCES_DIR}/crypto/des/des.h + ${OPENSSL_SOURCES_DIR}/crypto/des/des_old.h + ${OPENSSL_SOURCES_DIR}/crypto/dh/dh.h + ${OPENSSL_SOURCES_DIR}/crypto/dsa/dsa.h + ${OPENSSL_SOURCES_DIR}/crypto/dso/dso.h + ${OPENSSL_SOURCES_DIR}/crypto/ebcdic.h + ${OPENSSL_SOURCES_DIR}/crypto/ec/ec.h + ${OPENSSL_SOURCES_DIR}/crypto/ecdh/ecdh.h + ${OPENSSL_SOURCES_DIR}/crypto/ecdsa/ecdsa.h + ${OPENSSL_SOURCES_DIR}/crypto/engine/engine.h + ${OPENSSL_SOURCES_DIR}/crypto/err/err.h + ${OPENSSL_SOURCES_DIR}/crypto/evp/evp.h + ${OPENSSL_SOURCES_DIR}/crypto/hmac/hmac.h + ${OPENSSL_SOURCES_DIR}/crypto/idea/idea.h + ${OPENSSL_SOURCES_DIR}/crypto/jpake/jpake.h + ${OPENSSL_SOURCES_DIR}/crypto/krb5/krb5_asn.h + ${OPENSSL_SOURCES_DIR}/crypto/lhash/lhash.h + ${OPENSSL_SOURCES_DIR}/crypto/md2/md2.h + ${OPENSSL_SOURCES_DIR}/crypto/md4/md4.h + ${OPENSSL_SOURCES_DIR}/crypto/md5/md5.h + ${OPENSSL_SOURCES_DIR}/crypto/mdc2/mdc2.h + ${OPENSSL_SOURCES_DIR}/crypto/modes/modes.h + ${OPENSSL_SOURCES_DIR}/crypto/objects/obj_mac.h + ${OPENSSL_SOURCES_DIR}/crypto/objects/objects.h + ${OPENSSL_SOURCES_DIR}/crypto/ocsp/ocsp.h + ${OPENSSL_SOURCES_DIR}/crypto/opensslconf.h + ${OPENSSL_SOURCES_DIR}/crypto/opensslv.h + ${OPENSSL_SOURCES_DIR}/crypto/ossl_typ.h + ${OPENSSL_SOURCES_DIR}/crypto/pem/pem.h + ${OPENSSL_SOURCES_DIR}/crypto/pem/pem2.h + ${OPENSSL_SOURCES_DIR}/crypto/pkcs12/pkcs12.h + ${OPENSSL_SOURCES_DIR}/crypto/pkcs7/pkcs7.h + ${OPENSSL_SOURCES_DIR}/crypto/pqueue/pqueue.h + ${OPENSSL_SOURCES_DIR}/crypto/rand/rand.h + ${OPENSSL_SOURCES_DIR}/crypto/rc2/rc2.h + ${OPENSSL_SOURCES_DIR}/crypto/rc4/rc4.h + ${OPENSSL_SOURCES_DIR}/crypto/rc5/rc5.h + ${OPENSSL_SOURCES_DIR}/crypto/ripemd/ripemd.h + ${OPENSSL_SOURCES_DIR}/crypto/rsa/rsa.h + ${OPENSSL_SOURCES_DIR}/crypto/seed/seed.h + ${OPENSSL_SOURCES_DIR}/crypto/sha/sha.h + ${OPENSSL_SOURCES_DIR}/crypto/srp/srp.h + ${OPENSSL_SOURCES_DIR}/crypto/stack/safestack.h + ${OPENSSL_SOURCES_DIR}/crypto/stack/stack.h + ${OPENSSL_SOURCES_DIR}/crypto/store/store.h + ${OPENSSL_SOURCES_DIR}/crypto/symhacks.h + ${OPENSSL_SOURCES_DIR}/crypto/ts/ts.h + ${OPENSSL_SOURCES_DIR}/crypto/txt_db/txt_db.h + ${OPENSSL_SOURCES_DIR}/crypto/ui/ui.h + ${OPENSSL_SOURCES_DIR}/crypto/ui/ui_compat.h + ${OPENSSL_SOURCES_DIR}/crypto/whrlpool/whrlpool.h + ${OPENSSL_SOURCES_DIR}/crypto/x509/x509.h + ${OPENSSL_SOURCES_DIR}/crypto/x509/x509_vfy.h + ${OPENSSL_SOURCES_DIR}/crypto/x509v3/x509v3.h + ${OPENSSL_SOURCES_DIR}/e_os2.h + ${OPENSSL_SOURCES_DIR}/ssl/dtls1.h + ${OPENSSL_SOURCES_DIR}/ssl/kssl.h + ${OPENSSL_SOURCES_DIR}/ssl/srtp.h + ${OPENSSL_SOURCES_DIR}/ssl/ssl.h + ${OPENSSL_SOURCES_DIR}/ssl/ssl2.h + ${OPENSSL_SOURCES_DIR}/ssl/ssl23.h + ${OPENSSL_SOURCES_DIR}/ssl/ssl3.h + ${OPENSSL_SOURCES_DIR}/ssl/tls1.h + ) + file(COPY ${header} DESTINATION ${OPENSSL_SOURCES_DIR}/include/openssl) + endforeach() + + file(RENAME + ${OPENSSL_SOURCES_DIR}/include/openssl/e_os2.h + ${OPENSSL_SOURCES_DIR}/include/openssl/e_os2_source.h) + + # The following patch of "e_os2.h" prevents from building OpenSSL + # as a DLL under Windows. Otherwise, symbols have inconsistent + # linkage if ${OPENSSL_SOURCES} is used to create a DLL (notably + # if building an Orthanc plugin such as MySQL). + file(WRITE ${OPENSSL_SOURCES_DIR}/include/openssl/e_os2.h " +#include \"e_os2_source.h\" +#if defined(_WIN32) +# undef OPENSSL_EXPORT +# undef OPENSSL_IMPORT +# undef OPENSSL_EXTERN +# undef OPENSSL_GLOBAL +# define OPENSSL_EXPORT +# define OPENSSL_IMPORT +# define OPENSSL_EXTERN extern +# define OPENSSL_GLOBAL +#endif +") +endif() + +add_definitions( + -DOPENSSL_THREADS + -DOPENSSL_IA32_SSE2 + -DOPENSSL_NO_ASM + -DOPENSSL_NO_DYNAMIC_ENGINE + -DNO_WINDOWS_BRAINDEATH + + -DOPENSSL_NO_BF + -DOPENSSL_NO_CAMELLIA + -DOPENSSL_NO_CAST + -DOPENSSL_NO_EC_NISTP_64_GCC_128 + -DOPENSSL_NO_GMP + -DOPENSSL_NO_GOST + -DOPENSSL_NO_HW + -DOPENSSL_NO_JPAKE + -DOPENSSL_NO_IDEA + -DOPENSSL_NO_KRB5 + -DOPENSSL_NO_MD2 + -DOPENSSL_NO_MDC2 + #-DOPENSSL_NO_MD4 # MD4 is necessary for MariaDB/MySQL client + -DOPENSSL_NO_RC2 + -DOPENSSL_NO_RC4 + -DOPENSSL_NO_RC5 + -DOPENSSL_NO_RFC3779 + -DOPENSSL_NO_SCTP + -DOPENSSL_NO_STORE + -DOPENSSL_NO_SEED + -DOPENSSL_NO_WHIRLPOOL + -DOPENSSL_NO_RIPEMD + ) + +include_directories( + ${OPENSSL_SOURCES_DIR} + ${OPENSSL_SOURCES_DIR}/crypto + ${OPENSSL_SOURCES_DIR}/crypto/asn1 + ${OPENSSL_SOURCES_DIR}/crypto/modes + ${OPENSSL_SOURCES_DIR}/crypto/evp + ${OPENSSL_SOURCES_DIR}/include + ) + +set(OPENSSL_SOURCES_SUBDIRS + ${OPENSSL_SOURCES_DIR}/crypto + ${OPENSSL_SOURCES_DIR}/crypto/aes + ${OPENSSL_SOURCES_DIR}/crypto/asn1 + ${OPENSSL_SOURCES_DIR}/crypto/bio + ${OPENSSL_SOURCES_DIR}/crypto/bn + ${OPENSSL_SOURCES_DIR}/crypto/buffer + ${OPENSSL_SOURCES_DIR}/crypto/cmac + ${OPENSSL_SOURCES_DIR}/crypto/cms + ${OPENSSL_SOURCES_DIR}/crypto/comp + ${OPENSSL_SOURCES_DIR}/crypto/conf + ${OPENSSL_SOURCES_DIR}/crypto/des + ${OPENSSL_SOURCES_DIR}/crypto/dh + ${OPENSSL_SOURCES_DIR}/crypto/dsa + ${OPENSSL_SOURCES_DIR}/crypto/dso + ${OPENSSL_SOURCES_DIR}/crypto/engine + ${OPENSSL_SOURCES_DIR}/crypto/err + ${OPENSSL_SOURCES_DIR}/crypto/evp + ${OPENSSL_SOURCES_DIR}/crypto/hmac + ${OPENSSL_SOURCES_DIR}/crypto/lhash + ${OPENSSL_SOURCES_DIR}/crypto/md4 + ${OPENSSL_SOURCES_DIR}/crypto/md5 + ${OPENSSL_SOURCES_DIR}/crypto/modes + ${OPENSSL_SOURCES_DIR}/crypto/objects + ${OPENSSL_SOURCES_DIR}/crypto/ocsp + ${OPENSSL_SOURCES_DIR}/crypto/pem + ${OPENSSL_SOURCES_DIR}/crypto/pkcs12 + ${OPENSSL_SOURCES_DIR}/crypto/pkcs7 + ${OPENSSL_SOURCES_DIR}/crypto/pqueue + ${OPENSSL_SOURCES_DIR}/crypto/rand + ${OPENSSL_SOURCES_DIR}/crypto/rsa + ${OPENSSL_SOURCES_DIR}/crypto/sha + ${OPENSSL_SOURCES_DIR}/crypto/srp + ${OPENSSL_SOURCES_DIR}/crypto/stack + ${OPENSSL_SOURCES_DIR}/crypto/ts + ${OPENSSL_SOURCES_DIR}/crypto/txt_db + ${OPENSSL_SOURCES_DIR}/crypto/ui + ${OPENSSL_SOURCES_DIR}/crypto/x509 + ${OPENSSL_SOURCES_DIR}/crypto/x509v3 + ${OPENSSL_SOURCES_DIR}/ssl + ) + +if (ENABLE_OPENSSL_ENGINES) + list(APPEND OPENSSL_SOURCES_SUBDIRS + ${OPENSSL_SOURCES_DIR}/engines + ) +endif() + +list(APPEND OPENSSL_SOURCES_SUBDIRS + # EC, ECDH and ECDSA are necessary for PKCS11, and for contacting + # HTTPS servers that use TLS certificate encrypted with ECDSA + # (check the output of a recent version of the "sslscan" + # command). Until Orthanc <= 1.4.1, these features were only + # enabled if ENABLE_PKCS11 support was set to "ON". + # https://groups.google.com/d/msg/orthanc-users/2l-bhYIMEWg/oMmK33bYBgAJ + ${OPENSSL_SOURCES_DIR}/crypto/ec + ${OPENSSL_SOURCES_DIR}/crypto/ecdh + ${OPENSSL_SOURCES_DIR}/crypto/ecdsa + ) + +foreach(d ${OPENSSL_SOURCES_SUBDIRS}) + AUX_SOURCE_DIRECTORY(${d} OPENSSL_SOURCES) +endforeach() + +list(REMOVE_ITEM OPENSSL_SOURCES + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_unix.c + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_vms.c + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_win.c + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_win32.c + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_wince.c + ${OPENSSL_SOURCES_DIR}/crypto/armcap.c + ${OPENSSL_SOURCES_DIR}/crypto/bf/bfs.cpp + ${OPENSSL_SOURCES_DIR}/crypto/bio/bss_rtcp.c + ${OPENSSL_SOURCES_DIR}/crypto/bn/exp.c + ${OPENSSL_SOURCES_DIR}/crypto/conf/cnf_save.c + ${OPENSSL_SOURCES_DIR}/crypto/conf/test.c + ${OPENSSL_SOURCES_DIR}/crypto/des/des.c + ${OPENSSL_SOURCES_DIR}/crypto/des/des3s.cpp + ${OPENSSL_SOURCES_DIR}/crypto/des/des_opts.c + ${OPENSSL_SOURCES_DIR}/crypto/des/dess.cpp + ${OPENSSL_SOURCES_DIR}/crypto/des/read_pwd.c + ${OPENSSL_SOURCES_DIR}/crypto/des/speed.c + ${OPENSSL_SOURCES_DIR}/crypto/evp/e_dsa.c + ${OPENSSL_SOURCES_DIR}/crypto/evp/m_ripemd.c + ${OPENSSL_SOURCES_DIR}/crypto/lhash/lh_test.c + ${OPENSSL_SOURCES_DIR}/crypto/md4/md4.c + ${OPENSSL_SOURCES_DIR}/crypto/md4/md4s.cpp + ${OPENSSL_SOURCES_DIR}/crypto/md4/md4test.c + ${OPENSSL_SOURCES_DIR}/crypto/md5/md5s.cpp + ${OPENSSL_SOURCES_DIR}/crypto/pkcs7/bio_ber.c + ${OPENSSL_SOURCES_DIR}/crypto/pkcs7/pk7_enc.c + ${OPENSSL_SOURCES_DIR}/crypto/ppccap.c + ${OPENSSL_SOURCES_DIR}/crypto/rand/randtest.c + ${OPENSSL_SOURCES_DIR}/crypto/s390xcap.c + ${OPENSSL_SOURCES_DIR}/crypto/sparcv9cap.c + ${OPENSSL_SOURCES_DIR}/crypto/x509v3/tabtest.c + ${OPENSSL_SOURCES_DIR}/crypto/x509v3/v3conf.c + ${OPENSSL_SOURCES_DIR}/ssl/ssl_task.c + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_nyi.c + ${OPENSSL_SOURCES_DIR}/crypto/aes/aes_x86core.c + ${OPENSSL_SOURCES_DIR}/crypto/bio/bss_dgram.c + ${OPENSSL_SOURCES_DIR}/crypto/bn/bntest.c + ${OPENSSL_SOURCES_DIR}/crypto/bn/expspeed.c + ${OPENSSL_SOURCES_DIR}/crypto/bn/exptest.c + ${OPENSSL_SOURCES_DIR}/crypto/engine/enginetest.c + ${OPENSSL_SOURCES_DIR}/crypto/evp/evp_test.c + ${OPENSSL_SOURCES_DIR}/crypto/hmac/hmactest.c + ${OPENSSL_SOURCES_DIR}/crypto/md5/md5.c + ${OPENSSL_SOURCES_DIR}/crypto/md5/md5test.c + ${OPENSSL_SOURCES_DIR}/crypto/o_dir_test.c + ${OPENSSL_SOURCES_DIR}/crypto/pkcs7/dec.c + ${OPENSSL_SOURCES_DIR}/crypto/pkcs7/enc.c + ${OPENSSL_SOURCES_DIR}/crypto/pkcs7/sign.c + ${OPENSSL_SOURCES_DIR}/crypto/pkcs7/verify.c + ${OPENSSL_SOURCES_DIR}/crypto/rsa/rsa_test.c + ${OPENSSL_SOURCES_DIR}/crypto/sha/sha.c + ${OPENSSL_SOURCES_DIR}/crypto/sha/sha1.c + ${OPENSSL_SOURCES_DIR}/crypto/sha/sha1t.c + ${OPENSSL_SOURCES_DIR}/crypto/sha/sha1test.c + ${OPENSSL_SOURCES_DIR}/crypto/sha/sha256t.c + ${OPENSSL_SOURCES_DIR}/crypto/sha/sha512t.c + ${OPENSSL_SOURCES_DIR}/crypto/sha/shatest.c + ${OPENSSL_SOURCES_DIR}/crypto/srp/srptest.c + + ${OPENSSL_SOURCES_DIR}/crypto/bn/divtest.c + ${OPENSSL_SOURCES_DIR}/crypto/bn/bnspeed.c + ${OPENSSL_SOURCES_DIR}/crypto/des/destest.c + ${OPENSSL_SOURCES_DIR}/crypto/dh/p192.c + ${OPENSSL_SOURCES_DIR}/crypto/dh/p512.c + ${OPENSSL_SOURCES_DIR}/crypto/dh/p1024.c + ${OPENSSL_SOURCES_DIR}/crypto/des/rpw.c + ${OPENSSL_SOURCES_DIR}/ssl/ssltest.c + ${OPENSSL_SOURCES_DIR}/crypto/dsa/dsagen.c + ${OPENSSL_SOURCES_DIR}/crypto/dsa/dsatest.c + ${OPENSSL_SOURCES_DIR}/crypto/dh/dhtest.c + ${OPENSSL_SOURCES_DIR}/crypto/pqueue/pq_test.c + ${OPENSSL_SOURCES_DIR}/crypto/des/ncbc_enc.c + + ${OPENSSL_SOURCES_DIR}/crypto/evp/evp_extra_test.c + ${OPENSSL_SOURCES_DIR}/crypto/evp/verify_extra_test.c + ${OPENSSL_SOURCES_DIR}/crypto/x509/verify_extra_test.c + ${OPENSSL_SOURCES_DIR}/crypto/x509v3/v3prin.c + ${OPENSSL_SOURCES_DIR}/crypto/x509v3/v3nametest.c + ${OPENSSL_SOURCES_DIR}/crypto/constant_time_test.c + + ${OPENSSL_SOURCES_DIR}/ssl/heartbeat_test.c + ${OPENSSL_SOURCES_DIR}/ssl/fatalerrtest.c + ${OPENSSL_SOURCES_DIR}/ssl/dtlstest.c + ${OPENSSL_SOURCES_DIR}/ssl/bad_dtls_test.c + ${OPENSSL_SOURCES_DIR}/ssl/clienthellotest.c + ${OPENSSL_SOURCES_DIR}/ssl/sslv2conftest.c + + ${OPENSSL_SOURCES_DIR}/crypto/ec/ecp_nistz256.c + ${OPENSSL_SOURCES_DIR}/crypto/ec/ecp_nistz256_table.c + ${OPENSSL_SOURCES_DIR}/crypto/ec/ectest.c + ${OPENSSL_SOURCES_DIR}/crypto/ecdh/ecdhtest.c + ${OPENSSL_SOURCES_DIR}/crypto/ecdsa/ecdsatest.c + ) + + +if ("${CMAKE_SYSTEM_NAME}" STREQUAL "Windows") + set_source_files_properties( + ${OPENSSL_SOURCES} + PROPERTIES COMPILE_DEFINITIONS + "OPENSSL_SYSNAME_WIN32;SO_WIN32;WIN32_LEAN_AND_MEAN;L_ENDIAN") + + if (ENABLE_OPENSSL_ENGINES) + link_libraries(crypt32) + endif() +endif() diff -r d737173197e1 -r faa695f433d5 Resources/CMake/OpenSslConfigurationStatic-1.1.1.cmake --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/Resources/CMake/OpenSslConfigurationStatic-1.1.1.cmake Thu Mar 05 16:42:55 2020 +0100 @@ -0,0 +1,224 @@ +SET(OPENSSL_SOURCES_DIR ${CMAKE_BINARY_DIR}/openssl-1.1.1d) +SET(OPENSSL_URL "http://orthanc.osimis.io/ThirdPartyDownloads/openssl-1.1.1d.tar.gz") +SET(OPENSSL_MD5 "3be209000dbc7e1b95bcdf47980a3baa") + +if (IS_DIRECTORY "${OPENSSL_SOURCES_DIR}") + set(FirstRun OFF) +else() + set(FirstRun ON) +endif() + +DownloadPackage(${OPENSSL_MD5} ${OPENSSL_URL} "${OPENSSL_SOURCES_DIR}") + +if (FirstRun) + file(WRITE ${AUTOGENERATED_DIR}/openssl_cversion.c " +#include \"internal/cryptlib.h\" +unsigned long OpenSSL_version_num(void) +{ + return OPENSSL_VERSION_NUMBER; +} +") + file(WRITE ${OPENSSL_SOURCES_DIR}/crypto/include/internal/bn_conf.h "") + file(WRITE ${OPENSSL_SOURCES_DIR}/crypto/include/internal/dso_conf.h "") + + # Apply the patches + execute_process( + COMMAND ${PATCH_EXECUTABLE} -p0 -N -i + ${ORTHANC_ROOT}/Resources/Patches/openssl-1.1.1d.patch + WORKING_DIRECTORY ${CMAKE_BINARY_DIR} + RESULT_VARIABLE Failure + ) + + if (Failure) + message(FATAL_ERROR "Error while patching a file") + endif() +else() + message("The patches for OpenSSL have already been applied") +endif() + +add_definitions( + -DOPENSSL_THREADS + -DOPENSSL_IA32_SSE2 + -DOPENSSL_NO_ASM + -DOPENSSL_NO_DYNAMIC_ENGINE + + -DOPENSSL_NO_BF + -DOPENSSL_NO_CAMELLIA + -DOPENSSL_NO_CAST + -DOPENSSL_NO_EC_NISTP_64_GCC_128 + -DOPENSSL_NO_GMP + -DOPENSSL_NO_GOST + -DOPENSSL_NO_HW + -DOPENSSL_NO_JPAKE + -DOPENSSL_NO_IDEA + -DOPENSSL_NO_KRB5 + -DOPENSSL_NO_MD2 + -DOPENSSL_NO_MDC2 + #-DOPENSSL_NO_MD4 # MD4 is necessary for MariaDB/MySQL client + -DOPENSSL_NO_RC2 + -DOPENSSL_NO_RC4 + -DOPENSSL_NO_RC5 + -DOPENSSL_NO_RFC3779 + -DOPENSSL_NO_SCTP + -DOPENSSL_NO_STORE + -DOPENSSL_NO_SEED + -DOPENSSL_NO_WHIRLPOOL + -DOPENSSL_NO_RIPEMD + + -DOPENSSLDIR="/usr/local/ssl" + ) + + +if ("${CMAKE_SYSTEM_VERSION}" STREQUAL "LinuxStandardBase") + # In order for "crypto/mem_sec.c" to compile on LSB + add_definitions(-DOPENSSL_NO_SECURE_MEMORY) +endif() + + +include_directories( + ${OPENSSL_SOURCES_DIR} + ${OPENSSL_SOURCES_DIR}/crypto + ${OPENSSL_SOURCES_DIR}/crypto/asn1 + ${OPENSSL_SOURCES_DIR}/crypto/ec/curve448 + ${OPENSSL_SOURCES_DIR}/crypto/ec/curve448/arch_32 + ${OPENSSL_SOURCES_DIR}/crypto/evp + ${OPENSSL_SOURCES_DIR}/crypto/include + ${OPENSSL_SOURCES_DIR}/crypto/modes + ${OPENSSL_SOURCES_DIR}/include + ) + + +set(OPENSSL_SOURCES_SUBDIRS + ${OPENSSL_SOURCES_DIR}/crypto + ${OPENSSL_SOURCES_DIR}/crypto/aes + ${OPENSSL_SOURCES_DIR}/crypto/aria + ${OPENSSL_SOURCES_DIR}/crypto/asn1 + ${OPENSSL_SOURCES_DIR}/crypto/async + ${OPENSSL_SOURCES_DIR}/crypto/async/arch + ${OPENSSL_SOURCES_DIR}/crypto/bio + ${OPENSSL_SOURCES_DIR}/crypto/blake2 + ${OPENSSL_SOURCES_DIR}/crypto/bn + ${OPENSSL_SOURCES_DIR}/crypto/buffer + ${OPENSSL_SOURCES_DIR}/crypto/chacha + ${OPENSSL_SOURCES_DIR}/crypto/cmac + ${OPENSSL_SOURCES_DIR}/crypto/cms + ${OPENSSL_SOURCES_DIR}/crypto/comp + ${OPENSSL_SOURCES_DIR}/crypto/conf + ${OPENSSL_SOURCES_DIR}/crypto/ct + ${OPENSSL_SOURCES_DIR}/crypto/des + ${OPENSSL_SOURCES_DIR}/crypto/dh + ${OPENSSL_SOURCES_DIR}/crypto/dsa + ${OPENSSL_SOURCES_DIR}/crypto/dso + ${OPENSSL_SOURCES_DIR}/crypto/ec + ${OPENSSL_SOURCES_DIR}/crypto/ec/curve448 + ${OPENSSL_SOURCES_DIR}/crypto/ec/curve448/arch_32 + ${OPENSSL_SOURCES_DIR}/crypto/err + ${OPENSSL_SOURCES_DIR}/crypto/evp + ${OPENSSL_SOURCES_DIR}/crypto/hmac + ${OPENSSL_SOURCES_DIR}/crypto/kdf + ${OPENSSL_SOURCES_DIR}/crypto/lhash + ${OPENSSL_SOURCES_DIR}/crypto/md4 + ${OPENSSL_SOURCES_DIR}/crypto/md5 + ${OPENSSL_SOURCES_DIR}/crypto/modes + ${OPENSSL_SOURCES_DIR}/crypto/objects + ${OPENSSL_SOURCES_DIR}/crypto/ocsp + ${OPENSSL_SOURCES_DIR}/crypto/pem + ${OPENSSL_SOURCES_DIR}/crypto/pkcs12 + ${OPENSSL_SOURCES_DIR}/crypto/pkcs7 + ${OPENSSL_SOURCES_DIR}/crypto/poly1305 + ${OPENSSL_SOURCES_DIR}/crypto/pqueue + ${OPENSSL_SOURCES_DIR}/crypto/rand + ${OPENSSL_SOURCES_DIR}/crypto/ripemd + ${OPENSSL_SOURCES_DIR}/crypto/rsa + ${OPENSSL_SOURCES_DIR}/crypto/sha + ${OPENSSL_SOURCES_DIR}/crypto/siphash + ${OPENSSL_SOURCES_DIR}/crypto/sm2 + ${OPENSSL_SOURCES_DIR}/crypto/sm3 + ${OPENSSL_SOURCES_DIR}/crypto/sm4 + ${OPENSSL_SOURCES_DIR}/crypto/srp + ${OPENSSL_SOURCES_DIR}/crypto/stack + ${OPENSSL_SOURCES_DIR}/crypto/store + ${OPENSSL_SOURCES_DIR}/crypto/ts + ${OPENSSL_SOURCES_DIR}/crypto/txt_db + ${OPENSSL_SOURCES_DIR}/crypto/ui + ${OPENSSL_SOURCES_DIR}/crypto/x509 + ${OPENSSL_SOURCES_DIR}/crypto/x509v3 + ${OPENSSL_SOURCES_DIR}/ssl + ${OPENSSL_SOURCES_DIR}/ssl/record + ${OPENSSL_SOURCES_DIR}/ssl/statem + ) + +if (ENABLE_OPENSSL_ENGINES) + # Engines support is not done yet, as Orthanc only needs it for + # OpenSSL < 1.1.0 + + #add_definitions( + # -DENGINESDIR="/usr/local/lib/engines-1.1" + # ) + + #list(APPEND OPENSSL_SOURCES_SUBDIRS + # ${OPENSSL_SOURCES_DIR}/engines + # ${OPENSSL_SOURCES_DIR}/crypto/engine + # ) + + add_definitions(-DOPENSSL_NO_ENGINE) +else() + add_definitions(-DOPENSSL_NO_ENGINE) +endif() + +list(APPEND OPENSSL_SOURCES_SUBDIRS + # EC, ECDH and ECDSA are necessary for PKCS11, and for contacting + # HTTPS servers that use TLS certificate encrypted with ECDSA + # (check the output of a recent version of the "sslscan" + # command). Until Orthanc <= 1.4.1, these features were only + # enabled if ENABLE_PKCS11 support was set to "ON". + # https://groups.google.com/d/msg/orthanc-users/2l-bhYIMEWg/oMmK33bYBgAJ + ${OPENSSL_SOURCES_DIR}/crypto/ec + ${OPENSSL_SOURCES_DIR}/crypto/ecdh + ${OPENSSL_SOURCES_DIR}/crypto/ecdsa + ) + +foreach(d ${OPENSSL_SOURCES_SUBDIRS}) + AUX_SOURCE_DIRECTORY(${d} OPENSSL_SOURCES) +endforeach() + +list(APPEND OPENSSL_SOURCES ${AUTOGENERATED_DIR}/openssl_cversion.c) + +list(REMOVE_ITEM OPENSSL_SOURCES + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_nyi.c + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_unix.c + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_vms.c + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_win.c + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_win32.c + ${OPENSSL_SOURCES_DIR}/crypto/LPdir_wince.c + ${OPENSSL_SOURCES_DIR}/crypto/aes/aes_x86core.c + ${OPENSSL_SOURCES_DIR}/crypto/armcap.c + ${OPENSSL_SOURCES_DIR}/crypto/bio/bss_dgram.c + ${OPENSSL_SOURCES_DIR}/crypto/cversion.c + ${OPENSSL_SOURCES_DIR}/crypto/des/ncbc_enc.c + ${OPENSSL_SOURCES_DIR}/crypto/ec/ecp_nistz256.c + ${OPENSSL_SOURCES_DIR}/crypto/ec/ecp_nistz256_table.c + ${OPENSSL_SOURCES_DIR}/crypto/engine/eng_devcrypto.c + ${OPENSSL_SOURCES_DIR}/crypto/ppccap.c + ${OPENSSL_SOURCES_DIR}/crypto/s390xcap.c + ${OPENSSL_SOURCES_DIR}/crypto/sparcv9cap.c + ) + +# Check out "${OPENSSL_SOURCES_DIR}/Configurations/README": "this is +# default if no option is specified, it works on any supported system" +set(OPENSSL_DEFINITIONS "THIRTY_TWO_BIT") + +if ("${CMAKE_SYSTEM_NAME}" STREQUAL "Windows") + set(OPENSSL_DEFINITIONS + "${OPENSSL_DEFINITIONS};OPENSSL_SYSNAME_WIN32;SO_WIN32;WIN32_LEAN_AND_MEAN;L_ENDIAN") + + if (ENABLE_OPENSSL_ENGINES) + link_libraries(crypt32) + endif() +endif() + +set_source_files_properties( + ${OPENSSL_SOURCES} + PROPERTIES COMPILE_DEFINITIONS + "${OPENSSL_DEFINITIONS};DSO_NONE;NO_WINDOWS_BRAINDEATH" + ) diff -r d737173197e1 -r faa695f433d5 Resources/CMake/OrthancFrameworkParameters.cmake --- a/Resources/CMake/OrthancFrameworkParameters.cmake Thu Mar 05 14:19:12 2020 +0100 +++ b/Resources/CMake/OrthancFrameworkParameters.cmake Thu Mar 05 16:42:55 2020 +0100 @@ -73,6 +73,7 @@ set(USE_LEGACY_LIBICU OFF CACHE BOOL "Use icu icu4c-58_2, latest version not requiring a C++11 compiler (for LSB and old versions of Visual Studio)") set(MSVC_MULTIPLE_PROCESSES OFF CACHE BOOL "Add the /MP option to build with multiple processes if using Visual Studio") set(EMSCRIPTEN_SET_LLVM_WASM_BACKEND OFF CACHE BOOL "Sets the compiler flags required to use the LLVM Web Assembly backend in emscripten") +set(OPENSSL_STATIC_VERSION "1.1.1" CACHE STRING "Version of OpenSSL to be used in static builds (can be \"1.0.2\", or \"1.1.1\")") mark_as_advanced(USE_GOOGLE_TEST_DEBIAN_PACKAGE) mark_as_advanced(SYSTEM_MONGOOSE_USE_CALLBACKS) diff -r d737173197e1 -r faa695f433d5 Resources/Patches/openssl-1.1.1d.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/Resources/Patches/openssl-1.1.1d.patch Thu Mar 05 16:42:55 2020 +0100 @@ -0,0 +1,12 @@ +diff -urEb openssl-1.1.1d.orig/crypto/rand/rand_unix.c openssl-1.1.1d/crypto/rand/rand_unix.c +--- openssl-1.1.1d.orig/crypto/rand/rand_unix.c 2019-09-10 15:13:07.000000000 +0200 ++++ openssl-1.1.1d/crypto/rand/rand_unix.c 2020-03-05 16:29:33.030136203 +0100 +@@ -340,7 +340,7 @@ + # endif + + /* Linux supports this since version 3.17 */ +-# if defined(__linux) && defined(__NR_getrandom) ++# if defined(__linux) && defined(__NR_getrandom) && !defined(__LSB_VERSION__) + return syscall(__NR_getrandom, buf, buflen, 0); + # elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND) + return sysctl_random(buf, buflen); diff -r d737173197e1 -r faa695f433d5 UnitTestsSources/VersionsTests.cpp --- a/UnitTestsSources/VersionsTests.cpp Thu Mar 05 14:19:12 2020 +0100 +++ b/UnitTestsSources/VersionsTests.cpp Thu Mar 05 16:42:55 2020 +0100 @@ -184,7 +184,8 @@ #if ORTHANC_ENABLE_SSL == 1 TEST(Version, OpenSslStatic) { - ASSERT_EQ(0x1000210fL /* openssl-1.0.2p */, OPENSSL_VERSION_NUMBER); + ASSERT_TRUE(OPENSSL_VERSION_NUMBER == 0x1000210fL /* openssl-1.0.2p */ || + OPENSSL_VERSION_NUMBER == 0x1010104fL /* openssl-1.1.1d */); } #endif