SSL Libraries

All other questions regarding DCMTK

Moderator: Moderator Team

Post Reply
Message
Author
Hossbach
Posts: 3
Joined: Tue, 2017-03-21, 13:09
Location: Clear Guide Medical, Inc.
Contact:

SSL Libraries

#1 Post by Hossbach »

I just spent some time trying to build DCMTK with SSL support, on Windows (64 bit) using Visual Studio. I would like to avoid having OpenSSL anywhere near our software, so I tried LibreSSL, since
* building it on Windows is tremendously pain-free;
* it should be more or less compatible to the OpenSSL API;
* less trouble should be hidden inside it.
However, I did not succeed, and, frankly, I don't even understand what the compiler is complaining about.

I'll provide more details later, but for now I wanted to ask if anyone has tried this before? Maybe successfully?

Thanks,
Martin

Michael Onken
DCMTK Developer
Posts: 2048
Joined: Fri, 2004-11-05, 13:47
Location: Oldenburg, Germany
Contact:

Re: SSL Libraries

#2 Post by Michael Onken »

Hi Martin,

I tried on Linux some months ago, and some minor changes were required to compile DCMTK with LibreSSL but as far as I can remember it worked.

However, I did not test whether the SSL-based parts of DCMTK were doing something useful afterwards.

Best regards,
Michael

Hossbach
Posts: 3
Joined: Tue, 2017-03-21, 13:09
Location: Clear Guide Medical, Inc.
Contact:

Re: SSL Libraries

#3 Post by Hossbach »

I tried again today. With the changes that have happened in the DCMTK git repository, I actually managed to build DCMTK with libressl, and that required three (minor) changes:

* libressl doesn't have "RAND_screen()". I replaced it with "RAND_poll()", but I'm not sure that is ok...?

* a few of these ...

Code: Select all

#ifdef HAVE_WINDOWS_H
// this must be undefined for some Winsock functions to be available
#undef WIN32_LEAN_AND_MEAN
#include <windows.h>
#endif
needed to be wrapped in BEGIN_EXTERN_C ... END_EXTERN_C

* Library names are different, of course.

I'll try to beautify this and then provide you with a patch.

Martin

Michael Onken
DCMTK Developer
Posts: 2048
Joined: Fri, 2004-11-05, 13:47
Location: Oldenburg, Germany
Contact:

Re: SSL Libraries

#4 Post by Michael Onken »

Hi,

from what I read in the OpenSSL documentation (see also Reseed section) that should be just fine. If you use poll() only the system's PRNG is used, while screen() was used to add screen content as an extra entropy source on Windows. My DCMTK colleague Marco (who implemented OpenSSL support in DCMTK) may oppose if I'm wrong.

Best,
Michael

Hossbach
Posts: 3
Joined: Tue, 2017-03-21, 13:09
Location: Clear Guide Medical, Inc.
Contact:

Re: SSL Libraries

#5 Post by Hossbach »

I made some changes to allow compiling and linking against LibreSSL, and also to enable DcmSCP to use TLS. I have a patch, but I'm not sure what to do with it...? Also, not sure if those changes match your design ideas, but I'd like to at least start the discussion.

Jan Schlamelcher
OFFIS DICOM Team
OFFIS DICOM Team
Posts: 318
Joined: Mon, 2014-03-03, 09:51
Location: Oldenburg, Germany

Re: SSL Libraries

#6 Post by Jan Schlamelcher »

You may send it to dicom@offis.de, we'll have a look at it and perhaps add it to our bug tracker as feature request if it isn't ready to be used right away.

Post Reply

Who is online

Users browsing this forum: Ahrefs [Bot], Google [Bot] and 1 guest