OpenSLL - support

World is not so simple as think about it


qiWELLNESS and downloader use Synapse 40.1 Lazarus component to communicate with biotronics portal REST webservices.
That component demands OpenSSL libraries installed on OS system.

Second fact is that we promote idea of multiplatform software for: Win32, Win64, Linux and MAC OS.

So, Synapse supports only OpenSSL librariers up to 1.1.0
Now up to date OS' use libraries 1.1.1x

We got three main issues:

  1. Name of libraries are different up to 1.1.0 and 1.1.1
  2. Synapse is not supported yet, and has no implemented new ssl protocol
  3. New SSL uses newest protocol, does not supported by synapse libraries. The portal provider prefers to use new SSL protocol, and so is interesting, OpenSSL connects only with new one to an Apach server after handshaking.

Solution for 1-st issue
You can use code below with change in ssl_openssl_lib.pas


Solution for 2-nd issue
No


Solution for 3-th issue
No


With Windows we have more problems. E.g. Somebody uses 32bit ver. of biotronics software and have 64bit OS with 64bit newest libraries. 

 

So, I have solution for all that problems:

Turn off SSL for some part of URL where be area for REST interface.

http://biotronics.eu/rest/* - these area will be excluded from SSL for webservices-REST (80)

https://biotronics.eu* and https://biotronka.pl* for all (443)

There is only one inconvenient thing. In the future, nobody can login to rest interface, because of security. So all new therapies, and databases should be added from webside.

 

Source: https://sourceforge.net/p/synalist/feature-requests/19/#51f0

diff -r b08de86c192f components/pascal/import/synapse/ssl_openssl_lib.pas
--- a/components/pascal/import/synapse/ssl_openssl_lib.pas    Thu Apr 19 10:24:18 2018 +0200
+++ b/components/pascal/import/synapse/ssl_openssl_lib.pas    Sat Apr 21 22:42:33 2018 +0200
@@ -103,36 +103,48 @@
 {$IFDEF CIL}
 const
   {$IFDEF LINUX}
-  DLLSSLName = 'libssl.so';
-  DLLUtilName = 'libcrypto.so';
+  DLLSSLNames: array[1..1] of string = ('libssl.so');
+  DLLUtilNames: array[1..1] of string = ('libcrypto.so');
   {$ELSE}
-  DLLSSLName = 'ssleay32.dll';
-  DLLUtilName = 'libeay32.dll';
+  DLLSSLNames: array[1..1] of string = ('ssleay32.dll');
+  DLLUtilNames: array[1..1] of string = ('libeay32.dll');
   {$ENDIF}
 {$ELSE}
 var
   {$IFNDEF MSWINDOWS}
     {$IFDEF DARWIN}
-    DLLSSLName: string = 'libssl.dylib';
-    DLLUtilName: string = 'libcrypto.dylib';
+    DLLSSLNames: array[1..1] of string = ('libssl.dylib');
+    DLLUtilNames: array[1..1] of string = ('libcrypto.dylib');
     {$ELSE}
      {$IFDEF OS2}
       {$IFDEF OS2GCC}
-    DLLSSLName: string = 'kssl.dll';
-    DLLUtilName: string = 'kcrypto.dll';
+    DLLSSLNames: array[1..1] of string = ('kssl.dll');
+    DLLUtilNames: array[1..1] of string = ('kcrypto.dll');
       {$ELSE OS2GCC}
-    DLLSSLName: string = 'ssl.dll';
-    DLLUtilName: string = 'crypto.dll';
+    DLLSSLNames: array[1..1] of string = ('ssl.dll');
+    DLLUtilNames: array[1..1] of string = ('crypto.dll');
       {$ENDIF OS2GCC}
      {$ELSE OS2}
-    DLLSSLName: string = 'libssl.so';
-    DLLUtilName: string = 'libcrypto.so';
+    DLLSSLNames: array[1..5] of string = ('libssl.so',
+                                          {above file only exist in dev-packages that are not installed by default on most distributions}
+                                          'libssl.so.1.1',
+                                          'libssl.so.1.0.2', 'libssl.so.1.0.0',
+                                          'libssl.so.10');
+    DLLUtilNames: array[1..5] of string = ('libcrypto.so',
+                                           {above file only exist in dev-packages that are not installed by default on most distributions}
+                                           'libcrypto.so.1.1',
+                                           'libcrypto.so.1.0.2', 'libcrypto.so.1.0.0',
+                                           'libcrypto.so.10'
+                                           );
      {$ENDIF OS2}
     {$ENDIF}
   {$ELSE}
-  DLLSSLName: string = 'ssleay32.dll';
-  DLLSSLName2: string = 'libssl32.dll';
-  DLLUtilName: string = 'libeay32.dll';
+  DLLSSLNames: array[1..4] of string = ('libssl-1_1.dll', 'ssleay32.dll', 'libssl32.dll',
+                                       {just in case someone renames them:}
+                                       'libssl.dll');
+  DLLUtilNames: array[1..4] of string = ('libcrypto-1_1.dll', 'libeay32.dll',
+                                       {just in case someone renames them:}
+                                        'libcrypto.dll', 'libeay.dll');
   {$ENDIF}
 {$ENDIF}
 
@@ -1861,7 +1873,7 @@
 function InitSSLInterface: Boolean;
 var
   s: string;
-  x: integer;
+  x, i: integer;
 begin
   {pf}
   if SSLLoaded then
@@ -1878,12 +1890,14 @@
       SSLLibHandle := 1;
       SSLUtilHandle := 1;
 {$ELSE}
-      SSLUtilHandle := LoadLib(DLLUtilName);
-      SSLLibHandle := LoadLib(DLLSSLName);
-  {$IFDEF MSWINDOWS}
-      if (SSLLibHandle = 0) then
-        SSLLibHandle := LoadLib(DLLSSLName2);
-  {$ENDIF}
+      for i := low(DLLUtilNames) to high(DLLUtilNames) do begin
+        SSLUtilHandle := LoadLib(DLLUtilNames[i]);
+        if SSLUtilHandle <> 0 then break;
+      end;
+      for i := low(DLLSSLNames) to high(DLLSSLNames) do begin
+        SSLLibHandle := LoadLib(DLLSSLNames[i]);
+        if SSLLibHandle <> 0 then break;
+      end;
 {$ENDIF}
       if (SSLLibHandle <> 0) and (SSLUtilHandle <> 0) then
       begin
English