Hi all, I found Marton Anka's blog (http://codefromthe70s.org/sslimprov.asp) when I was struggling to build static OpenSSL libraries using MSVC6/WinXP. The biggest problem of all was that MASM 6.15 is no longer up to the task this side of 0.9.8e, which nobody mentions anywhere, so I'll mention it now for the sake of fellow-googlers everywhere. If you're still using VC6, you *need* nasm.exe (http://sourceforge.net/projects/nasm/) for the assembler builds. Up to 0.9.8h the OpenSSL build system doesn't know nasm.exe exists, so you have to either rename the binary to nasmw.exe or edit your .mak file manually before compiling.
My patch adds a deprecation notice to the MASM build in 0.9.8-stable, giving that download link. In openssl-0.9.8h the worst of the problems Marton wrote about has already been addressed, in that shared and static builds now link to the correct C runtime. However there is still no way to know the difference between them, or between release and debug builds. The problems he described in no-hw builds are also still extant - this surely must affect all platforms. I'd therefore like to offer two patches based loosely on Marton's work, against 0.9.8-stable and 0.9.9-dev snaps dated 29th June. The first (engine-*.patch) initializes the engine variable to NULL prior to use (since it's used regardless), and sidesteps unnecessary includes for no-hw builds. In order to prevent this breaking the build, configure has to do more or less as it claims... which it currently does not, because in mk1mf.pl all the configure options are negative. There being no way to set a default negative while also allowing a potential positive, I added three positive switches for the stuff that's supposed to be disabled by default, added a check for them and set the negatives to 1. This means enable-gmp, enable-montasm and enable-rfc3779 should work; no-gmp and friends should (still) have no effect; CFLAGS should now match the configure output, except in HEAD where OPENSSL_BN_ASM_MONT (and OPENSSL_BN_ASM_PART_WORDS) are apparently defined by default and can't be switched off (? on win32??). I kinda gave up there. The second (build-*.patch) offers debug builds for all VC config scripts. It also names the output libs according to type (static/debug) and cleans up a couple of typos along the way. It removes /opt:ref (set by default in release builds and shouldn't be set at all in debug) and adds /Zi to debug builds (needed to produce .pdb files). I made 32-all.bat interactive while I was at it - guessing wildly when it came to dealing with 'choice' - but it seems to me that it would be reasonably straightforward to extend that script to make it check/accept all configuration options, and even more so if the checking part could be in a called perl script. Also note, in build-HEAD.patch there's a trivial fix in ssl/s3_both.c that allows current CVS HEAD to build under VC6. Even if you disregard the rest of this stuff, please don't disregard those 5 special chars :\ Thanks, - Steph
engine-head.patch
Description: Binary data
build-0.9.8.patch
Description: Binary data
build-head.patch
Description: Binary data
engine-0.9.8.patch
Description: Binary data
