On 28/06/2024 16:29, BENTLEY Thom via openssl-users wrote:
Thanks. Yes, I saw that they became opaque.
The code I’m building works fine with 1.1.1w but we need to move to
3.0.8 at least.
Here are the errors I see.
dcmdsig:
16:34:48:290
19>C:\repos\mmi-director-dcmtk-3.6.8\dcmtk-3.6.8\dcmsign\libsrc\sitstamp.cc(1342,5): error C2027: use of undefined type 'TS_verify_ctx'
16:34:48:290
19>C:\repos\mmi-director-dcmtk-3.6.8\openssl-3.0.8\include\openssl\ts.h(405,16):
16:34:48:290 19>see declaration of 'TS_verify_ctx'
It looks to me like DCMTK needs updating to use OpenSSL 3.x
This particular error occurs because line 1342 of sitstamp.cc looks like
this:
TS_VERIFY_CTS_set_certs(ctx, NULL);
Earlier on in that file we see this:
#ifndef HAVE_OPENSSL_PROTOTYPE_TS_VERIFY_CTS_SET_CERTS
#define TS_VERIFY_CTS_set_certs(x,y) ((x)->certs = (y))
#endif
So if HAVE_OPENSSL_PROTOTYPE_TS_VERIFY_CTS_SET_CERTS isn't defined then
it will attempt to look inside the TS_VERIFY_CTX structure - which is
not allowed from 1.1.1 onwards because it is opaque.
My guess is the setting of
HAVE_OPENSSL_PROTOTYPE_TS_VERIFY_CTS_SET_CERTS is going wrong with
OpenSSL 3.X
It seems to get defined by Cmake/dcmtkPrepare.cmake:
CHECK_FUNCTIONWITHHEADER_EXISTS("TS_VERIFY_CTS_set_certs(0,0)"
"openssl/ts.h" HAVE_OPENSSL_PROTOTYPE_TS_VERIFY_CTS_SET_CERTS)
Indeed that function header does *not* exist in 3.x because it is
instead a macro:
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define TS_VERIFY_CTS_set_certs(ctx, cert)
TS_VERIFY_CTX_set_certs(ctx,cert)
# endif
In 1.1.1 this was a full C function so the cmake detection would have
worked correctly there.
Matt
dcmpstat:
16:36:48:689
34>C:\repos\mmi-director-dcmtk-3.6.8\openssl-3.0.8\include\openssl\types.h(104,30): error C2371: 'EVP_MD_CTX': redefinition; different basic types
16:36:48:753 34>(compiling source file
'../../../dcmtk-3.6.8/dcmpstat/libsrc/dvsighdl.cc')
16:36:48:753
34>C:\repos\mmi-director-dcmtk-3.6.8\dcmtk-3.6.8\dcmsign\include\dcmtk\dcmsign\simdmac.h(39,30):
16:36:48:753 34>see declaration of 'EVP_MD_CTX'
dcmtls:
16:35:16:392
26>C:\repos\mmi-director-dcmtk-3.6.8\dcmtk-3.6.8\dcmtls\libsrc\tlsciphr.cc(238,32): error C2027: use of undefined type 'ssl_ctx_st'
16:35:16:392
26>C:\repos\mmi-director-dcmtk-3.6.8\dcmtk-3.6.8\dcmtls\include\dcmtk\dcmtls\tlslayer.h(37,8):
16:35:16:392 26>see declaration of 'ssl_ctx_st'
**
**
*Thom Bentley *| Senior Software Engineer |Medidata, a Dassault Systèmes
company <http://www.mdsol.com/>
*From:*Tomas Mraz <tomas@xxxxxxxxxxx>
*Sent:* Friday, June 28, 2024 10:15 AM
*To:* BENTLEY Thom <Thom.BENTLEY@xxxxxxx>; openssl-users@xxxxxxxxxxx
*Subject:* Re: Missing header file ts_local.h in install location.
TS_VERIFY_CTX is an opaque structure since version 1. 1. 0. You may not
access its members directly. To set them you need to use the various
TS_VERIFY_CTX_set* functions. If there are any particular accessors
missing, please report that as a
TS_VERIFY_CTX is an opaque structure since version 1.1.0. You may not
access its members directly. To set them you need to use the various
TS_VERIFY_CTX_set* functions.
If there are any particular accessors missing, please report that as a
bug to
https://urldefense.com/v3/__https://github.com/openssl/openssl__;!!FbCVDoc3r24SyHFW!8NySO-tJ589YiMdFNLtEu_6Hc7knvKgfTOXGkAFWjfEMxLaE5oRe3igKb4JOdd9HiiJ8sLVdiV6SYZo$ <https://urldefense.com/v3/__https:/github.com/openssl/openssl__;!!FbCVDoc3r24SyHFW!8NySO-tJ589YiMdFNLtEu_6Hc7knvKgfTOXGkAFWjfEMxLaE5oRe3igKb4JOdd9HiiJ8sLVdiV6SYZo$>[github[.]com]
Tomas Mraz, OpenSSL
On Fri, 2024-06-28 at 14:09 +0000, BENTLEY Thom via openssl-users
wrote:
Hi All,
I build and installed version 3.0.8 on Windows with Visual Studio
using the instructions provided.
I copied the bin, include, and lib directories to a location that
would be found by the CMake for the
DCMTK toolkit version 3.6.8.
When I attempt to build the DCMTK toolkit, I see that the ts.h value
can’t find the definition ofTS_verify_ctx.
That’s because of the missing ts_local.h as far as I can see.
Is there something I missed in the build of the libraries and the
install package?
Thank.
Thom Bentley| Senior Software Engineer |
Medidata, a Dassault Systèmes company
This email and any attachments are intended solely for the use of the
individual or entity to whom it is addressed and may be confidential
and/or privileged.
If you are not one of the named recipients or have received this
email in error,
(i) you should not read, disclose, or copy it,
(ii) please notify sender of your receipt by reply email and delete
this email and all attachments,
(iii) Dassault Systèmes does not accept or assume any liability or
responsibility for any use of or reliance on this email.
Please be informed that your personal data are processed according to
our data privacy policy as described on our website. Should you have
any questions related to personal data protection, please contact 3DS
Data Protection Officerhttps://www.3ds.com/privacy-policy/contact/
--
Tomáš Mráz, OpenSSL
This email and any attachments are intended solely for the use of the
individual or entity to whom it is addressed and may be confidential
and/or privileged.
If you are not one of the named recipients or have received this email
in error,
(i) you should not read, disclose, or copy it,
(ii) please notify sender of your receipt by reply email and delete this
email and all attachments,
(iii) Dassault Systèmes does not accept or assume any liability or
responsibility for any use of or reliance on this email.
Please be informed that your personal data are processed according to
our data privacy policy as described on our website. Should you have any
questions related to personal data protection, please contact 3DS Data
Protection Officer https://www.3ds.com/privacy-policy/contact/
<https://www.3ds.com/privacy-policy/contact/>
