From dd0a0d90dbe9ddaa3994eec75afa5ff0bbc42d1f Mon Sep 17 00:00:00 2001
From: Leonardo Di Donato <leodidonato@gmail.com>
Date: Mon, 20 Jan 2020 20:28:48 +0000
Subject: [PATCH] build: openssl cmake module (and inclusion)

Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
---
 CMakeLists.txt              |  9 +--------
 cmake/modules/OpenSSL.cmake | 29 +++++++++++++++++++++++++++++
 2 files changed, 30 insertions(+), 8 deletions(-)
 create mode 100644 cmake/modules/OpenSSL.cmake

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 520e3c90..add88e56 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -139,14 +139,7 @@ ExternalProject_Add(
 include(yaml-cpp)
 
 # OpenSSL
-find_package(OpenSSL REQUIRED)
-message(STATUS "Found OpenSSL: include: ${OPENSSL_INCLUDE_DIR}, lib: ${OPENSSL_LIBRARIES}")
-find_program(OPENSSL_BINARY openssl)
-if(NOT OPENSSL_BINARY)
-  message(FATAL_ERROR "Couldn't find the openssl command line in PATH")
-else()
-  message(STATUS "Found openssl binary: ${OPENSSL_BINARY}")
-endif()
+include(OpenSSL)
 
 # libcurl
 include(cURL)
diff --git a/cmake/modules/OpenSSL.cmake b/cmake/modules/OpenSSL.cmake
new file mode 100644
index 00000000..0ac831d6
--- /dev/null
+++ b/cmake/modules/OpenSSL.cmake
@@ -0,0 +1,29 @@
+if(NOT USE_BUNDLED_DEPS)
+  find_package(OpenSSL REQUIRED)
+  message(STATUS "Found openssl: include: ${OPENSSL_INCLUDE_DIR}, lib: ${OPENSSL_LIBRARIES}")
+  find_program(OPENSSL_BINARY openssl)
+  if(NOT OPENSSL_BINARY)
+    message(FATAL_ERROR "Couldn't find the openssl command line in PATH")
+  else()
+    message(STATUS "Found openssl: binary: ${OPENSSL_BINARY}")
+  endif()
+else()
+  set(OPENSSL_BUNDLE_DIR "${PROJECT_BINARY_DIR}/openssl-prefix/src/openssl")
+  set(OPENSSL_INSTALL_DIR "${OPENSSL_BUNDLE_DIR}/target")
+  set(OPENSSL_INCLUDE_DIR "${PROJECT_BINARY_DIR}/openssl-prefix/src/openssl/include")
+  set(OPENSSL_LIBRARY_SSL "${OPENSSL_INSTALL_DIR}/lib/libssl.a")
+  set(OPENSSL_LIBRARY_CRYPTO "${OPENSSL_INSTALL_DIR}/lib/libcrypto.a")
+
+  message(STATUS "Using bundled openssl in '${OPENSSL_BUNDLE_DIR}'")
+
+  externalproject_add(
+    openssl
+    # START CHANGE for CVE-2017-3735, CVE-2017-3731, CVE-2017-3737, CVE-2017-3738, CVE-2017-3736
+    URL "https://s3.amazonaws.com/download.draios.com/dependencies/openssl-1.0.2n.tar.gz"
+    URL_MD5 "13bdc1b1d1ff39b6fd42a255e74676a4"
+    # END CHANGE for CVE-2017-3735, CVE-2017-3731, CVE-2017-3737, CVE-2017-3738, CVE-2017-3736
+    CONFIGURE_COMMAND ./config shared --prefix=${OPENSSL_INSTALL_DIR}
+    BUILD_COMMAND ${CMD_MAKE}
+    BUILD_IN_SOURCE 1
+    INSTALL_COMMAND ${CMD_MAKE} install)
+endif()