changeset 2710:26eec77abc76

upgrade to openssl 1.0.2o
author Sebastien Jodogne <s.jodogne@gmail.com>
date Mon, 09 Jul 2018 10:52:52 +0200
parents fac458593ac8
children ef97db3760ed 76af9465673d
files NEWS Resources/CMake/OpenSslConfiguration.cmake Resources/Patches/openssl-lsb.diff UnitTestsSources/VersionsTests.cpp
diffstat 4 files changed, 95 insertions(+), 127 deletions(-) [+]
line wrap: on
line diff
--- a/NEWS	Mon Jul 09 10:16:16 2018 +0200
+++ b/NEWS	Mon Jul 09 10:52:52 2018 +0200
@@ -32,6 +32,7 @@
 * Fix generation of DICOMDIR if PatientID is empty
 * Upgraded dependencies for static and Windows builds:
   - boost 1.67.0
+  - openssl 1.0.2o
 
 
 Version 1.3.2 (2018-04-18)
--- a/Resources/CMake/OpenSslConfiguration.cmake	Mon Jul 09 10:16:16 2018 +0200
+++ b/Resources/CMake/OpenSslConfiguration.cmake	Mon Jul 09 10:52:52 2018 +0200
@@ -1,11 +1,7 @@
 if (STATIC_BUILD OR NOT USE_SYSTEM_OPENSSL)
-  # WARNING - We had to repack the upstream ".tar.gz" file to a ZIP
-  # file, as the upstream distribution ships symbolic links that are
-  # not always properly handled when uncompressing on Windows.
-
-  SET(OPENSSL_SOURCES_DIR ${CMAKE_BINARY_DIR}/openssl-1.0.2d)
-  SET(OPENSSL_URL "http://www.orthanc-server.com/downloads/third-party/openssl-1.0.2d.zip")
-  SET(OPENSSL_MD5 "4b2ac15fc6db17f3dadc54482d3eee85")
+  SET(OPENSSL_SOURCES_DIR ${CMAKE_BINARY_DIR}/openssl-1.0.2o)
+  SET(OPENSSL_URL "http://www.orthanc-server.com/downloads/third-party/openssl-1.0.2o.tar.gz")
+  SET(OPENSSL_MD5 "44279b8557c3247cbe324e2322ecd114")
 
   if (IS_DIRECTORY "${OPENSSL_SOURCES_DIR}")
     set(FirstRun OFF)
@@ -15,6 +11,94 @@
 
   DownloadPackage(${OPENSSL_MD5} ${OPENSSL_URL} "${OPENSSL_SOURCES_DIR}")
 
+  if (FirstRun)
+    file(MAKE_DIRECTORY ${OPENSSL_SOURCES_DIR}/include/openssl)
+
+    foreach(header
+      ${OPENSSL_SOURCES_DIR}/crypto/aes/aes.h
+      ${OPENSSL_SOURCES_DIR}/crypto/asn1/asn1.h
+      ${OPENSSL_SOURCES_DIR}/crypto/asn1/asn1_mac.h
+      ${OPENSSL_SOURCES_DIR}/crypto/asn1/asn1t.h
+      ${OPENSSL_SOURCES_DIR}/crypto/bf/blowfish.h
+      ${OPENSSL_SOURCES_DIR}/crypto/bio/bio.h
+      ${OPENSSL_SOURCES_DIR}/crypto/bn/bn.h
+      ${OPENSSL_SOURCES_DIR}/crypto/buffer/buffer.h
+      ${OPENSSL_SOURCES_DIR}/crypto/camellia/camellia.h
+      ${OPENSSL_SOURCES_DIR}/crypto/cast/cast.h
+      ${OPENSSL_SOURCES_DIR}/crypto/cmac/cmac.h
+      ${OPENSSL_SOURCES_DIR}/crypto/cms/cms.h
+      ${OPENSSL_SOURCES_DIR}/crypto/comp/comp.h
+      ${OPENSSL_SOURCES_DIR}/crypto/conf/conf.h
+      ${OPENSSL_SOURCES_DIR}/crypto/conf/conf_api.h
+      ${OPENSSL_SOURCES_DIR}/crypto/crypto.h
+      ${OPENSSL_SOURCES_DIR}/crypto/des/des.h
+      ${OPENSSL_SOURCES_DIR}/crypto/des/des_old.h
+      ${OPENSSL_SOURCES_DIR}/crypto/dh/dh.h
+      ${OPENSSL_SOURCES_DIR}/crypto/dsa/dsa.h
+      ${OPENSSL_SOURCES_DIR}/crypto/dso/dso.h
+      ${OPENSSL_SOURCES_DIR}/crypto/ebcdic.h
+      ${OPENSSL_SOURCES_DIR}/crypto/ec/ec.h
+      ${OPENSSL_SOURCES_DIR}/crypto/ecdh/ecdh.h
+      ${OPENSSL_SOURCES_DIR}/crypto/ecdsa/ecdsa.h
+      ${OPENSSL_SOURCES_DIR}/crypto/engine/engine.h
+      ${OPENSSL_SOURCES_DIR}/crypto/err/err.h
+      ${OPENSSL_SOURCES_DIR}/crypto/evp/evp.h
+      ${OPENSSL_SOURCES_DIR}/crypto/hmac/hmac.h
+      ${OPENSSL_SOURCES_DIR}/crypto/idea/idea.h
+      ${OPENSSL_SOURCES_DIR}/crypto/jpake/jpake.h
+      ${OPENSSL_SOURCES_DIR}/crypto/krb5/krb5_asn.h
+      ${OPENSSL_SOURCES_DIR}/crypto/lhash/lhash.h
+      ${OPENSSL_SOURCES_DIR}/crypto/md2/md2.h
+      ${OPENSSL_SOURCES_DIR}/crypto/md4/md4.h
+      ${OPENSSL_SOURCES_DIR}/crypto/md5/md5.h
+      ${OPENSSL_SOURCES_DIR}/crypto/mdc2/mdc2.h
+      ${OPENSSL_SOURCES_DIR}/crypto/modes/modes.h
+      ${OPENSSL_SOURCES_DIR}/crypto/objects/obj_mac.h
+      ${OPENSSL_SOURCES_DIR}/crypto/objects/objects.h
+      ${OPENSSL_SOURCES_DIR}/crypto/ocsp/ocsp.h
+      ${OPENSSL_SOURCES_DIR}/crypto/opensslconf.h
+      ${OPENSSL_SOURCES_DIR}/crypto/opensslv.h
+      ${OPENSSL_SOURCES_DIR}/crypto/ossl_typ.h
+      ${OPENSSL_SOURCES_DIR}/crypto/pem/pem.h
+      ${OPENSSL_SOURCES_DIR}/crypto/pem/pem2.h
+      ${OPENSSL_SOURCES_DIR}/crypto/pkcs12/pkcs12.h
+      ${OPENSSL_SOURCES_DIR}/crypto/pkcs7/pkcs7.h
+      ${OPENSSL_SOURCES_DIR}/crypto/pqueue/pqueue.h
+      ${OPENSSL_SOURCES_DIR}/crypto/rand/rand.h
+      ${OPENSSL_SOURCES_DIR}/crypto/rc2/rc2.h
+      ${OPENSSL_SOURCES_DIR}/crypto/rc4/rc4.h
+      ${OPENSSL_SOURCES_DIR}/crypto/rc5/rc5.h
+      ${OPENSSL_SOURCES_DIR}/crypto/ripemd/ripemd.h
+      ${OPENSSL_SOURCES_DIR}/crypto/rsa/rsa.h
+      ${OPENSSL_SOURCES_DIR}/crypto/seed/seed.h
+      ${OPENSSL_SOURCES_DIR}/crypto/sha/sha.h
+      ${OPENSSL_SOURCES_DIR}/crypto/srp/srp.h
+      ${OPENSSL_SOURCES_DIR}/crypto/stack/safestack.h
+      ${OPENSSL_SOURCES_DIR}/crypto/stack/stack.h
+      ${OPENSSL_SOURCES_DIR}/crypto/store/store.h
+      ${OPENSSL_SOURCES_DIR}/crypto/symhacks.h
+      ${OPENSSL_SOURCES_DIR}/crypto/ts/ts.h
+      ${OPENSSL_SOURCES_DIR}/crypto/txt_db/txt_db.h
+      ${OPENSSL_SOURCES_DIR}/crypto/ui/ui.h
+      ${OPENSSL_SOURCES_DIR}/crypto/ui/ui_compat.h
+      ${OPENSSL_SOURCES_DIR}/crypto/whrlpool/whrlpool.h
+      ${OPENSSL_SOURCES_DIR}/crypto/x509/x509.h
+      ${OPENSSL_SOURCES_DIR}/crypto/x509/x509_vfy.h
+      ${OPENSSL_SOURCES_DIR}/crypto/x509v3/x509v3.h
+      ${OPENSSL_SOURCES_DIR}/e_os2.h
+      ${OPENSSL_SOURCES_DIR}/ssl/dtls1.h
+      ${OPENSSL_SOURCES_DIR}/ssl/kssl.h
+      ${OPENSSL_SOURCES_DIR}/ssl/srtp.h
+      ${OPENSSL_SOURCES_DIR}/ssl/ssl.h
+      ${OPENSSL_SOURCES_DIR}/ssl/ssl2.h
+      ${OPENSSL_SOURCES_DIR}/ssl/ssl23.h
+      ${OPENSSL_SOURCES_DIR}/ssl/ssl3.h
+      ${OPENSSL_SOURCES_DIR}/ssl/tls1.h
+      )
+    file(COPY ${header} DESTINATION ${OPENSSL_SOURCES_DIR}/include/openssl)
+    endforeach()
+  endif()
+  
   add_definitions(
     -DOPENSSL_THREADS
     -DOPENSSL_IA32_SSE2
@@ -192,9 +276,10 @@
     ${OPENSSL_SOURCES_DIR}/crypto/x509v3/v3prin.c
     ${OPENSSL_SOURCES_DIR}/crypto/x509v3/v3nametest.c
     ${OPENSSL_SOURCES_DIR}/crypto/constant_time_test.c
-    ${OPENSSL_SOURCES_DIR}/crypto/ec/ecp_nistz256_table.c
 
     ${OPENSSL_SOURCES_DIR}/ssl/heartbeat_test.c
+    ${OPENSSL_SOURCES_DIR}/ssl/fatalerrtest.c
+    ${OPENSSL_SOURCES_DIR}/ssl/dtlstest.c
     )
 
 
--- a/Resources/Patches/openssl-lsb.diff	Mon Jul 09 10:16:16 2018 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,118 +0,0 @@
---- ui_openssl.c.orig	2013-09-24 15:06:54.264420779 +0200
-+++ ui_openssl.c	2013-09-24 14:22:43.512312998 +0200
-@@ -291,7 +291,7 @@
- static unsigned short channel = 0;
- #else
- #if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
--static TTY_STRUCT tty_orig,tty_new;
-+//static TTY_STRUCT tty_orig,tty_new;
- #endif
- #endif
- static FILE *tty_in, *tty_out;
-@@ -475,106 +475,21 @@
- /* Internal functions to open, handle and close a channel to the console.  */
- static int open_console(UI *ui)
- 	{
--	CRYPTO_w_lock(CRYPTO_LOCK_UI);
--	is_a_tty = 1;
--
--#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS)
--	tty_in=stdin;
--	tty_out=stderr;
--#else
--#  ifdef OPENSSL_SYS_MSDOS
--#    define DEV_TTY "con"
--#  else
--#    define DEV_TTY "/dev/tty"
--#  endif
--	if ((tty_in=fopen(DEV_TTY,"r")) == NULL)
--		tty_in=stdin;
--	if ((tty_out=fopen(DEV_TTY,"w")) == NULL)
--		tty_out=stderr;
--#endif
--
--#if defined(TTY_get) && !defined(OPENSSL_SYS_VMS)
-- 	if (TTY_get(fileno(tty_in),&tty_orig) == -1)
--		{
--#ifdef ENOTTY
--		if (errno == ENOTTY)
--			is_a_tty=0;
--		else
--#endif
--#ifdef EINVAL
--		/* Ariel Glenn ariel@columbia.edu reports that solaris
--		 * can return EINVAL instead.  This should be ok */
--		if (errno == EINVAL)
--			is_a_tty=0;
--		else
--#endif
--			return 0;
--		}
--#endif
--#ifdef OPENSSL_SYS_VMS
--	status = sys$assign(&terminal,&channel,0,0);
--	if (status != SS$_NORMAL)
--		return 0;
--	status=sys$qiow(0,channel,IO$_SENSEMODE,&iosb,0,0,tty_orig,12,0,0,0,0);
--	if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
--		return 0;
--#endif
- 	return 1;
- 	}
- 
- static int noecho_console(UI *ui)
- 	{
--#ifdef TTY_FLAGS
--	memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig));
--	tty_new.TTY_FLAGS &= ~ECHO;
--#endif
--
--#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
--	if (is_a_tty && (TTY_set(fileno(tty_in),&tty_new) == -1))
--		return 0;
--#endif
--#ifdef OPENSSL_SYS_VMS
--	tty_new[0] = tty_orig[0];
--	tty_new[1] = tty_orig[1] | TT$M_NOECHO;
--	tty_new[2] = tty_orig[2];
--	status = sys$qiow(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0);
--	if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
--		return 0;
--#endif
- 	return 1;
- 	}
- 
- static int echo_console(UI *ui)
- 	{
--#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
--	memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig));
--	tty_new.TTY_FLAGS |= ECHO;
--#endif
--
--#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
--	if (is_a_tty && (TTY_set(fileno(tty_in),&tty_new) == -1))
--		return 0;
--#endif
--#ifdef OPENSSL_SYS_VMS
--	tty_new[0] = tty_orig[0];
--	tty_new[1] = tty_orig[1] & ~TT$M_NOECHO;
--	tty_new[2] = tty_orig[2];
--	status = sys$qiow(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0);
--	if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
--		return 0;
--#endif
- 	return 1;
- 	}
- 
- static int close_console(UI *ui)
- 	{
--	if (tty_in != stdin) fclose(tty_in);
--	if (tty_out != stderr) fclose(tty_out);
--#ifdef OPENSSL_SYS_VMS
--	status = sys$dassgn(channel);
--#endif
--	CRYPTO_w_unlock(CRYPTO_LOCK_UI);
--
- 	return 1;
- 	}
- 
--- a/UnitTestsSources/VersionsTests.cpp	Mon Jul 09 10:16:16 2018 +0200
+++ b/UnitTestsSources/VersionsTests.cpp	Mon Jul 09 10:52:52 2018 +0200
@@ -155,7 +155,7 @@
 #if ORTHANC_ENABLE_SSL == 1
 TEST(Version, OpenSslStatic)
 {
-  ASSERT_EQ(0x1000204fL /* openssl-1.0.2d */, OPENSSL_VERSION_NUMBER);
+  ASSERT_EQ(0x100020ffL /* openssl-1.0.2o */, OPENSSL_VERSION_NUMBER);
 }
 #endif