Mercurial > hg > orthanc

changeset 4635:0524d6e93672

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
upgrade to openssl 1.1.1k
author Sebastien Jodogne <s.jodogne@gmail.com>
date Wed, 21 Apr 2021 11:56:14 +0200
parents 9a9118406484
children 7e2c1196b98b
files NEWS OrthancFramework/Resources/CMake/OpenSslConfigurationStatic-1.1.1.cmake OrthancFramework/Resources/Patches/openssl-1.1.1-conf.h.in OrthancFramework/Resources/Patches/openssl-1.1.1g.patch OrthancFramework/Resources/Patches/openssl-1.1.1k.patch OrthancServer/UnitTestsSources/VersionsTests.cpp
diffstat 6 files changed, 31 insertions(+), 26 deletions(-) [+]
line wrap: on
line diff
--- a/NEWS	Wed Apr 21 10:44:49 2021 +0200
+++ b/NEWS	Wed Apr 21 11:56:14 2021 +0200
@@ -30,6 +30,7 @@
 * Fix "OrthancServer/Resources/Samples/Python/Replicate.py" for Python 3.x
 * Upgraded dependencies for static builds (notably on Windows and LSB):
   - civetweb 1.14
+  - openssl 1.1.1k
 
 
 Version 1.9.1 (2021-02-25)
--- a/OrthancFramework/Resources/CMake/OpenSslConfigurationStatic-1.1.1.cmake	Wed Apr 21 10:44:49 2021 +0200
+++ b/OrthancFramework/Resources/CMake/OpenSslConfigurationStatic-1.1.1.cmake	Wed Apr 21 11:56:14 2021 +0200
@@ -18,9 +18,9 @@
 # <http://www.gnu.org/licenses/>.
 
 
-SET(OPENSSL_SOURCES_DIR ${CMAKE_BINARY_DIR}/openssl-1.1.1g)
-SET(OPENSSL_URL "http://orthanc.osimis.io/ThirdPartyDownloads/openssl-1.1.1g.tar.gz")
-SET(OPENSSL_MD5 "76766e98997660138cdaf13a187bd234")
+SET(OPENSSL_SOURCES_DIR ${CMAKE_BINARY_DIR}/openssl-1.1.1k)
+SET(OPENSSL_URL "http://orthanc.osimis.io/ThirdPartyDownloads/openssl-1.1.1k.tar.gz")
+SET(OPENSSL_MD5 "c4e7d95f782b08116afa27b30393dd27")
 
 if (IS_DIRECTORY "${OPENSSL_SOURCES_DIR}")
   set(FirstRun OFF)
@@ -47,7 +47,7 @@
   # Apply the patches
   execute_process(
     COMMAND ${PATCH_EXECUTABLE} -p0 -N -i
-    ${CMAKE_CURRENT_LIST_DIR}/../Patches/openssl-1.1.1g.patch
+    ${CMAKE_CURRENT_LIST_DIR}/../Patches/openssl-1.1.1k.patch
     WORKING_DIRECTORY ${CMAKE_BINARY_DIR}
     RESULT_VARIABLE Failure
     )
--- a/OrthancFramework/Resources/Patches/openssl-1.1.1-conf.h.in	Wed Apr 21 10:44:49 2021 +0200
+++ b/OrthancFramework/Resources/Patches/openssl-1.1.1-conf.h.in	Wed Apr 21 11:56:14 2021 +0200
@@ -1,7 +1,7 @@
 /*
  * {- join("\n * ", @autowarntext) -}
  *
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -19,7 +19,6 @@
 # error OPENSSL_ALGORITHM_DEFINES no longer supported
 #endif
 
-
 /*
  * Sometimes OPENSSSL_NO_xxx ends up with an empty file and some compilers
  * don't like that.  This will hopefully silence them.
@@ -39,6 +38,11 @@
 #   undef DECLARE_DEPRECATED
 #   define DECLARE_DEPRECATED(f)    f __attribute__ ((deprecated));
 #  endif
+# elif defined(__SUNPRO_C)
+#  if (__SUNPRO_C >= 0x5130)
+#   undef DECLARE_DEPRECATED
+#   define DECLARE_DEPRECATED(f)    f __attribute__ ((deprecated));
+#  endif
 # endif
 #endif
 
--- a/OrthancFramework/Resources/Patches/openssl-1.1.1g.patch	Wed Apr 21 10:44:49 2021 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,19 +0,0 @@
-diff -urEb openssl-1.1.1g.orig/crypto/rand/rand_unix.c openssl-1.1.1g/crypto/rand/rand_unix.c
---- openssl-1.1.1g.orig/crypto/rand/rand_unix.c	2020-05-05 17:58:08.785998440 +0200
-+++ openssl-1.1.1g/crypto/rand/rand_unix.c	2020-05-05 17:58:55.201881117 +0200
-@@ -445,6 +445,7 @@
-              * system call and this should always succeed which renders
-              * this alternative but essentially identical source moot.
-              */
-+#if !defined(__LSB_VERSION__)  // "syscall()" is not available in LSB
-             if (uname(&un) == 0) {
-                 kernel[0] = atoi(un.release);
-                 p = strchr(un.release, '.');
-@@ -455,6 +456,7 @@
-                     return 0;
-                 }
-             }
-+#endif
-             /* Open /dev/random and wait for it to be readable */
-             if ((fd = open(DEVRANDOM_WAIT, O_RDONLY)) != -1) {
-                 if (DEVRANDM_WAIT_USE_SELECT && fd < FD_SETSIZE) {
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/OrthancFramework/Resources/Patches/openssl-1.1.1k.patch	Wed Apr 21 11:56:14 2021 +0200
@@ -0,0 +1,19 @@
+diff -urEb openssl-1.1.1k.orig/crypto/rand/rand_unix.c openssl-1.1.1k/crypto/rand/rand_unix.c
+--- openssl-1.1.1k.orig/crypto/rand/rand_unix.c	2021-04-21 11:33:05.241258372 +0200
++++ openssl-1.1.1k/crypto/rand/rand_unix.c	2021-04-21 11:34:48.705287133 +0200
+@@ -455,6 +455,7 @@
+              * system call and this should always succeed which renders
+              * this alternative but essentially identical source moot.
+              */
++#if !defined(__LSB_VERSION__)  // "syscall()" is not available in LSB
+             if (uname(&un) == 0) {
+                 kernel[0] = atoi(un.release);
+                 p = strchr(un.release, '.');
+@@ -465,6 +466,7 @@
+                     return 0;
+                 }
+             }
++#endif
+             /* Open /dev/random and wait for it to be readable */
+             if ((fd = open(DEVRANDOM_WAIT, O_RDONLY)) != -1) {
+                 if (DEVRANDM_WAIT_USE_SELECT && fd < FD_SETSIZE) {
--- a/OrthancServer/UnitTestsSources/VersionsTests.cpp	Wed Apr 21 10:44:49 2021 +0200
+++ b/OrthancServer/UnitTestsSources/VersionsTests.cpp	Wed Apr 21 11:56:14 2021 +0200
@@ -178,7 +178,7 @@
 TEST(Version, OpenSslStatic)
 {
   ASSERT_TRUE(OPENSSL_VERSION_NUMBER == 0x1000210fL /* openssl-1.0.2p */ ||
-              OPENSSL_VERSION_NUMBER == 0x1010107fL /* openssl-1.1.1g */);
+              OPENSSL_VERSION_NUMBER == 0x101010bfL /* openssl-1.1.1k */);
 }
 #endif