OpenSSL on VMS

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

OpenSSL on VMS

Steve Thompson
All,

I'm porting a large multi-threaded SSL-enabled application from Unix to
VMS. This is the first time that I've used OpenSSL on VMS, and I have a
couple of questions related to OpenSSL on VMS that I'd appreciate some
input on. The Unix version is currently working OK on multiple platforms
(linux, AIX, Tru64, Solaris) using OpenSSL 0.9.7g, and I'm using the same
version on VMS (builds OK). I'm using VMS 7.1 on Alpha and MultiNet 4.2
Rev A (neither of which can be changed due to customer requirements).

(1) I currently obtain sockets by doing an $ASSIGN to INET0:. I assume
that these sockets cannot be passed to SSL_set_fd(), since they are VMS
channel numbers. At least, I can't get it to work, even if dividing them
by CHANNELSIZE. Do I need to assign to BG0: instead?

(2) I see that OpenSSL makes extensive use of select(). Under MultiNet, I
do not use multinet_select() because it is not thread safe (I've tried it,
and I've seen the source). Instead I use my own selection routine (which
calls IO$_SELECT). BTW, the UCX version of select() appears to work
properly in a multi-threaded environment. This seems to indicate that
OpenSSL cannot be used with MultiNet in a threaded environment (unless I
change the OpenSSL source to use my own selection routine). Is this true?

TMIA,
Steve
----------------------------------------------------------------------------
Steve Thompson                 E-mail:      [hidden email]
Voyager Software LLC           Web:         http://www.vgersoft.com
39 Smugglers Path              VSW Support: [hidden email]
Ithaca, NY 14850
  "186,300 miles per second: it's not just a good idea, it's the law"
----------------------------------------------------------------------------
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL on VMS

Richard Levitte - VMS Whacker
Hey Steve,

I guess I'm the one supposed to answer your query :-).

In message <[hidden email]> on Fri, 24 Jun 2005 09:29:33 -0400 (EDT), Steve Thompson <[hidden email]> said:

smt> (1) I currently obtain sockets by doing an $ASSIGN to INET0:. I
smt>     assume that these sockets cannot be passed to SSL_set_fd(),
smt>     since they are VMS channel numbers. At least, I can't get it
smt>     to work, even if dividing them by CHANNELSIZE. Do I need to
smt>     assign to BG0: instead?

Well, there are actually several ways to handle this.  The routines
implemented in OpenSSL support BSD socket calls using the UCX or
TCP/IP Services libraries or emulation layers.  However, nothing stops
you from implementing your own BIO that does things the way you want.
You might get inspired from [.CRYPTO.BIO]BSS_RTCP.C.

Dividing the channel number with CHANNELSIZE is an error.

smt> (2) I see that OpenSSL makes extensive use of select(). Under
smt>     MultiNet, I do not use multinet_select() because it is not
smt>     thread safe (I've tried it, and I've seen the source).
smt>     Instead I use my own selection routine (which calls
smt>     IO$_SELECT). BTW, the UCX version of select() appears to work
smt>     properly in a multi-threaded environment. This seems to
smt>     indicate that OpenSSL cannot be used with MultiNet in a
smt>     threaded environment (unless I change the OpenSSL source to
smt>     use my own selection routine). Is this true?

Not sure I understand.  When you say "the UCX version", do you mean
the real UCX library, or are you talking about the UCX emulation
library that comes with MultiNet?  In any case, if you find BSD socket
calls not to be good enough, create a BIO that suits your needs.

Cheers,
Richard

-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

--
Richard Levitte                         [hidden email]
                                        http://richard.levitte.org/

"When I became a man I put away childish things, including
 the fear of childishness and the desire to be very grown up."
                                                -- C.S. Lewis
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]