Dear OpenSSL Development Team, This purpose of this letter is to document the patches that Stratus Technologies made to OpenSSL version 0.9.6g to port it to the Stratus VOS operating system and to ask your permission to call the resulting product "VOS OpenSSL". This is the first time that we have requested permission to use this name.
Stratus is a manufacturer of fault-tolerant computer systems (http://www.stratus.com) and VOS is our proprietary operating system. We have customers in the banking, travel and transportation, credit card, telecommunications, security, government, and related fields. VOS has support for building and executing C programs that require a POSIX environment. We have used our POSIX environment to host this port of OpenSSL to VOS. We have ported OpenSSL 0.9.6g to VOS Release 14.5.0 running on Stratus Continuum systems with Hewlett-Packard PA-RISC PA8000, PA8500, or PA8600 CPUs. We did not make any changes to any of the cryptographic algorithms; most of our changes are for build issues. Our changes were intentionally limited to the minimum set necessary to get the OpenSSL source code to build on VOS and pass its test cases. On the advice of counsel, we are not distributing binaries for the RC5 or IDEA ciphers. Instead, we are informing customers how to rebuild the product to include support for these ciphers when they hold a license for them. I have prepared two sets of patches. The first set is the generic patches that I think are reasonable to apply to the master copy of OpenSSL. The second set is the VOS-specific patches that I think apply only to our copy. The second set presumes that the first set has already been applied. All of these patches have been tested on Stratus VOS. The generic patches have also been tested on Solaris 2.8. The patched product passes all relevant tests on both platforms. I'd like to respectfully request that you apply the generic patches, or as many of them as you deem fit, to the master copy of the OpenSSL code base. Doing so will simply future ports to VOS, and will help other environments that require an executable suffix (e.g, VOS and Cygwin). Should you wish, I'll be happy to provide a version of the generic patches against 0.9.7 at your request. I would like to take this opportunity to thank you for providing this product as open source, and furthermore for providing a high quality product that has been easy for us to port to our system. I have ported many hundreds of thousands of lines of open source code to VOS, and this project has been one of the easiest we have undertaken. Finally, we respect your right to review these changes per your stated policy, and we simply ask that you undertake your review in an expeditious manner. We await your permission to use the name "VOS OpenSSL" in conjunction with this version. If you have any questions about these changes, please do not hesitate to contact me directly. Questions of a legal nature should be directed to Elaine Martel at the address listed above. Sincerely, Paul Green Senior Technical Consultant Stratus Technologies, Inc. Attachments (contained in "vospatches.tar.gz"): orig_vs_middle.txt openssl-0.9.6g versus "VOS-generic" patches. middle_vs_final.txt "VOS-generic" versus "VOS-specific" patches. Summary of changes: SECTION 1. GENERIC PATCHES Changed File Reason for Change (see below) ---------------------- ----------------------------- Configure 1, 2, 3 Makefile.org 4 apps/Makefile.ssl 3, 4 config 1, 3 crypto/Makefile.ssl 4 crypto/rand/rand_egd.c 5 ssl/Makefile.ssl 4 test/Makefile.ssl 3, 4 tools/Makefile.ssl 4 I respectfully request that you consider making the following changes to the master copy of OpenSSL. These patches add support for the following capabilities. 1. The configuration scripts now recognize and support the Stratus VOS operating system. 2. The search for the perl5 interpreter is deferred until the executable file suffix has been determined. 3. The configuration script and makefiles have been changed to provide the ability to specify an optional suffix on the names of executable files. VOS requires the suffix ".pm" to appear on the name of every executable file. (The use of this suffix is optional on a VOS command line). 4. Switches that are given to the top-level make command (e.g., in the openssl directory) are now automatically passed down to the next level of make files. With more work (patching more of the Makefile.ssl files in lower-level directories), these switches can be passed all the way down to the bottom-most makefiles. This is really only an issue for makefiles that invoke the make command, so I didn't change all of the makefiles. This change makes it easy to use, say, the -d switch to figure out what is going wrong with a build, or the -n switch to run the build but skip executing commands. These changes were tested with GNU make. They may or may not apply to other makes. However, I believe that support for the MFLAGS variable has been around for years and is present in most make commands, and I also believe that the changes would not disrupt any make command that does not recognize the MFLAGS variable. 5. The entropy gathering daemon is not built when the target system is Stratus VOS. The code in this daemon is highly Unix-specific and not applicable to the VOS POSIX runtime environment. There are already escapes for other non-Unix operating systems in this same area. SECTION 2. VOS-SPECIFIC PATCHES Please do not make any of the following changes to the master copy of OpenSSL. These changes are either to work around bugs or shortcomings in VOS which we intend to fix, or are specific to our development process and build environment. None of them have been tested on other platforms, and most of them are completely inappropriate for other platforms. Changed File Reason for Change (see below) ---------------------- ----------------------------- Configure 6, 7, 8 Makefile.org 6, 7, 8, 9, 11 apps/Makefile.ssl 6, 7, 8, 9 apps/openssl.cnf 6, 12 config 6 crypto/Makefile.ssl 6, 8, 13 crypto/rand/rand_egd.c 6 demos/maurice/Makefile 14, 15 demos/maurice/example1.c 16 demos/maurice/example2.c 16 demos/maurice/example4.c 16, 17 demos/maurice/loadkeys.c 16 demos/maurice/loadkeys.h 16 demos/ssl/* 18 demos/state_machine/Makefile 14, 19 demos/state_machine/state_machine.c 20 ssl/Makefile.ssl 6, 8 test/Makefile.ssl 6, 8, 10 tools/Makefile.ssl 6, 8 tools/c_rehash.in 6, 9 6. We inserted modification histories for the files that we changed. 7. We changed the build process to look for perl by the name of perl5.6.1.pm (or perl.pm) to avoid issues finding an obsolete version of perl that we have. 8. We changed the use of "make" to "gmake" because we have two different versions of make, and our modern GNU version is named "gmake". 9. We explicitly provided the VOS executable file suffix (.pm) when looking for various programs (perl, openssl, etc.). This was to work around various unfixed bugs in the VOS POSIX environment. 10. We neutered the makefile logic to avoid building or testing the IDEA and RC5 ciphers, for reasons explained above. 11. Since VOS doesn't support man pages, we changed the Makefile to create text files instead of man pages. 12. We changed openssl.cnf to avoid picking up the .rnd seed file from the home directory; instead we specified it via an environment variable. This let us ensure that the build process started its run with the same seed each time, no matter which users runs the build. 13. Added a two files (vosstubs.c, syslog.h) to implement the syslog() function, which we are missing in our version of POSIX. 14. Explicitly provided the VOS executable suffix (.pm) in a number of makefiles. Without these changes, we rebuild the target every time. 15. Changed some of the test cases to explicitly specify the RANDFILE environment variable. 16. Changed the examples to initialize the random number generator from a file, since VOS does not have /dev/random, nor an entropy-gathering daemon. Some of the test cases were referencing the BSD <strings.h> instead of the standard C/POSIX file <string.h>. 17. Corrected the size of an automatic variable. 18. Renamed cli.cpp to ssl-client.c, renamed serv.cpp to ssl-server.c, removed inetd-srv.cpp. Added code to ssl-client.c and ssl-server.c to handle some command line options. Added code to ssl-client.c to initialize the pseudo-random number generator. 19. Added server.pem file for running the test cases. Rewrote the test target commands for VOS. 20. Worked around a bug in our POSIX environment relating to waiting on stdin when it is not attached. Thanks PG -- Paul Green, Senior Technical Consultant, Stratus Technologies. 111 Powdermill Rd, Maynard, MA 01754 USA. Voice: +1 978-461-7557; FAX: +1 978-461-3610. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
