Hello,
I have made an attempt to build 0.9.8k on OpenVMS - and this is a disaster :( This was the very first time that tried to build openssl on VMS from original openssl.org release and I find out that provided VMS build scripts are not up to date. Some ten years ago extremely lot of effort is put into the OpenVMS port of openssl. I see also that there were still some efforts to update those scripts too as the source has evolved/developed but the scripts have not been tested and do not build the libraries and the executables correctly... moreover the VMS build supports just VAX and AXP architecture but not IA64. Then I realized that the HP SSL releases made from the official openssl.org releases do compile and build correctly. Seems HP put en extra effort every time to update and tune the VMS build scripts for a chosen openssl.org release. The following questions arise and I would like to discuss with somebody what the possibilities are and how to solve those issues. 1. I understand that the openssl license does not force HP to share, provide, publish and merge back the HP changes to the openssl.org source. I also understand that if HP would like to make sure that the next openssl.org release would be VMS compatible that HP would submit the changes... But the HP sources are public as well and the working solution is available for everybody. The question is: Is it legal to use HP's solution and merge into the openssl source? 2. Is there anybody here that works for HP and who is willing to do it? 3. HP SSL is a well done VMS port of openssl, unfortunately it is released every 3-4 year. The current latest release is 1.3 that is based 0.9.7e (released Oct 2004) that is a few years old release. My opinion is that a security product should be released much more often - specially that the OpenVMS users are so dependent of the HP SSL releases and the openssl.org releases do not build on VMS. Does anybody can take up that question with HP? As I am personally very interested that openssl runs and builds correctly on OpenVMS, I am willing to contribute... just wonder why this is not done so far? Is there any special reason or just nobody needed it? Nobody wanted to hassle around with it? With making a proper functional make/build scripts for VMS everybody would benefit. Primarily we, OpenVMS users would benefit as well as HP who could skip the development and maintenance of its own SSL releases. Please respond and advice. Thank you. Regards, Zoltan Arpadffy
