From: "Arpadffy Zoltan" <zoltan.arpad...@scientificgames.se>
> I have made an attempt to build 0.9.8k on OpenVMS - and this is a
> disaster :(
That is a gross understatement.
> This was the very first time that tried to build openssl on VMS from
> original openssl.org release and I find out that provided VMS build
> scripts are not up to date.
It was similar at 0.9.8j, which was where I tried it the first time.
> Some ten years ago extremely lot of effort is put into the OpenVMS port
> of openssl.
I guess that the job was done, and everyone went home.
> I see also that there were still some efforts to update those scripts
> too as the source has evolved/developed but the scripts have not been
> tested and do not build the libraries and the executables correctly...
> moreover the VMS build supports just VAX and AXP architecture but not
> IA64.
You're an optimist. The standard builders don't work on VAX, either.
I made some attempts to update and improve these things, first with
0.9.8j, then with 0.9.8k. Despite some apparent interest from the one
fellow in the OpenSSL group who seems to remain interested in VMS, I've
seen no evidence that any of my changes have been adopted in the 1.0.0
beta code. A recent (7-MAY-2009) posting here, "Compilation results on
OpenVMS", suggests that he's satisfied with the existing garbage (or
something very like it).
> Then I realized that the HP SSL releases made from the official
> openssl.org releases do compile and build correctly.
>
> Seems HP put en extra effort every time to update and tune the VMS build
> scripts for a chosen openssl.org release.
Back in January 2009, I did exchange a few private messages with a
fellow from HP who claimed to be interested in my revised 0_9_8j kits.
I haven't heard anything from him recently. (For all I know, some other
fellow in India might have his job by now.)
> 3. HP SSL is a well done VMS port of openssl, unfortunately it is
> released every 3-4 year. The current latest release is 1.3 that is based
> 0.9.7e (released Oct 2004) that is a few years old release. My opinion
> is that a security product should be released much more often -
> specially that the OpenVMS users are so dependent of the HP SSL releases
> and the openssl.org releases do not build on VMS. Does anybody can take
> up that question with HP?
I'm not a paying HP customer, so I don't complain much to HP. I do
use OpenSSL from time to time, and when I tried 0_9_8j, I was as amazed
as anyone to discover how bad the standard VMS builders were.
> As I am personally very interested that openssl runs and builds
> correctly on OpenVMS, I am willing to contribute... just wonder why this
> is not done so far?
I can only speculate.
> Is there any special reason or just nobody needed it? Nobody wanted to
> hassle around with it?
Apparently, someone does, but he seems to like what he has.
> With making a proper functional make/build scripts for VMS everybody
> would benefit.
>
> Primarily we, OpenVMS users would benefit as well as HP who could skip
> the development and maintenance of its own SSL releases.
The benefits to non-VMS users might be pretty small, but for some
values of "everybody", I agree.
> Please respond and advice.
My latest response can be found at:
http://antinode.info/ftp/openssl/0_9_8k/openssl-0_9_8k_s1.zip
You're welcome to try it, and to complain if you find any problems. I
don't do very much with OpenSSL, so my testing has not been very
extensive. (And the VMS-specific tests in the standard kit don't seem
to have been updated much in recent times.)
So far, I haven't been tempted to try again with the 1.0.0 beta code.
Having had exactly zero apparent success in getting any changes into
the (miserably bad) standard code, I don't feel qualified to advise
anyone on this topic.
------------------------------------------------------------------------
Steven M. Schweda s...@antinode-info
382 South Warwick Street (+1) 651-699-9818
Saint Paul MN 55105-2547
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
