Sorry for the long delay. It looks like my ISP has enabled aggressive SPAM
detection without notifying their customers.
First off, my apologies for posting my solutions here: I was working with
SSL source files published by HP which are significantly different than the
source files published here (at openssl.org). It is really is too bad that
the OpenVMS engineers at HP did not put their changes back into the public
code base. That they see fit to use open source software for their own
purposes but do not contribute to improving it, might be one reason why many
people think VMS is dead. Just my two cents worth.
In the HP code bases "HP-OpenSSL-1.2" running through "HP-OpenSSL-1.4-453"
have a problem were a missing "conditional compile" prevents the execution
of the statement "i=write". This might have something to do with the fact
that someone removed some/all of the VMS conditionals in the public code
base (at least for file "s_client.c") as the code base transitioned to
OpenSSL-0.9.7
Lastly, it looks like the public version of s_client.c ha never worked
properly on VMS. While it is true that the initial SSL handshake does work,
it will crap-out (technical term for early exit) with the message "bad
select 38" before you get the chance to type a command to the connect
server. This is caused by a restriction (shortcoming?) of VMS which does not
allow the use of the UNIX i/o statement "select()" to test non-network
devices like stdin. In fact, error "38" as defined in file "UCX$INETDEF.H"
as "ENOTSOCK" which is mapped to VMS code "SS$_NOTNETDEV" (Socket operation
on nonsocket).
To get around the problem, an OpenVMS engineer at Compaq (before this
company was purchased by HP) wrote some routines which allow "s_client.c" to
open a connection to stdin via a socket. Since they never copyrighted that
code, I wonder if it would be okay to add these routines to the SSL public
code base. HP appears to have VMS on minimal life support (it is being
maintained only; not developed) so the OS needs all the help it can get.
Anyway, for more details please check out the following links:
http://www3.sympatico.ca/n.rieck/docs/openvms_notes_ssl.html
http://www3.sympatico.ca/n.rieck/demo_vms_html/openvms_demo_index.html#openssl
Neil Rieck
Kitchener / Waterloo / Cambridge,
Ontario, Canada.
http://www3.sympatico.ca/n.rieck/
-----Original Message-----
From: Richard Levitte
Sent: Wednesday, March 14, 2012 7:07 AM
To: openssl-dev@openssl.org ; n.ri...@sympatico.ca
Subject: Re: Fixes to the VMS version(s) of OpenSSL
In message <blu0-smtp682c83767b322d11850a9887...@phx.gbl> on Mon, 12 Mar
2012 07:02:10 -0400, Neil Rieck <n.ri...@sympatico.ca> said:
n.rieck> Team,
n.rieck>
n.rieck> * A few weeks back, I discovered a problem with the command
“OpenSSL s_client” which (I think)
n.rieck> has been broken in VMS since 2006.
n.rieck> * While I was only working with HP-specific OpenSSL source code
kits available from the HP, the
n.rieck> problem still exists in the public sources available from your
site.
n.rieck> * I have posted my changes to file “s_client.c” here:
n.rieck>
http://www3.sympatico.ca/n.rieck/docs/openvms_notes_ssl.html#s_client-fix
Glaring things, that (miss)handling of select() on VMS, isn't it (or
well, VMS really misshandles select(), but that's another story)?
Your fixes really don't catch it all, there's this piece of code that
really is an issue:
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
#if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
else if (_kbhit())
#else
else if ((_kbhit()) || (WAIT_OBJECT_0 ==
WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0)))
#endif
#elif defined (OPENSSL_SYS_NETWARE)
else if (_kbhit())
#else
else if (FD_ISSET(fileno(stdin),&readfds))
#endif
There's a fix in newer OpenSSL versions, with a variant for BeOS R5
that tries reading stdin in non-blocking mode to see if there's
anything there... I'm just now seeing if that can be hijacked for VMS
as well, in that case I think we're good to go for a back port.
The first change (an extra \n) seem to be cosmetic only, or does it
actually change the function in a crutial way? Considering you have
marked it optional, I'll guess that it doesn't?
Cheers,
Richard
--
Richard Levitte rich...@levitte.org
http://richard.levitte.org/
"Life is a tremendous celebration - and I'm invited!"
-- from a friend's blog, translated from Swedish
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
