Get 0.81 working with DECC/standard=ansi89 ONLY.
(No support for VAXC)

1.  Obtained .081 distribution from ftp site
2.  unpacked it.
3.  Checked vms_ssleay-0_6_6.zip pieces, only [.crypto.bf]bfspeed.c
    moved in.
4.  $ POSIX
    psx > make -f makefile.ssl > make_vms.com
    psx > exit
5.  Use NEDIT to modify make_vms.com into a vms build file.

Compiling...

6.  [.crypto.des]read_pwd.c  blows up.  Hmm, it has old VMS ifdef's,
    changed all VMS to VMS/__VMS

    have to do mycc/warn=(disable=dollarid)

    Hmm, need prototypes for sys$assign, sys$quiw, and sys$dassgn, those 
    are in <starlet.h>, add an include
 
    That did it.

7.  [.bio]bss_fd.c

#      include <sys/param.h>

     That's coming from e_os.h, fixed it.  __VMS doesn't need it, change
     the #ifdefs around slightly.

8.  [.bio]b_sock.c
    
        i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(char *)&j,&size);
..........^
%CC-W-PTRMISMATCH, In this statement, the referenced type of the pointer 
value "&size" is "int", which is not compatible with "unsigned int".
at line number 182 in file PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.CRYPTO.BIO]B_SOCK.C;1

  should be size_t, not int

        i=ioctl(fd,type,arg);
..........^
%CC-I-IMPLICITFUNC, In this statement, the identifier "ioctl" is implicitly 
declared as a function.
at line number 292 in file PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.CRYPTO.BIO]B_SOCK.C;1

Ugh, ioctl() only in 7.0 and up.  pieces that call the routine holding this 
call are all #ifdef FIONBIO, but FIONBIO is defined even when ioctl isn't!

Have to modify 

  BSS_ACPT.C
  BSS_CONN.C

As well.  Set them to #undef FIONBIO for __VMS_VER < 700000.
VERY unclear whether these can be so casually dropped out of the code 
though!


        ret=accept(sock,(struct sockaddr *)&from,&len);
............^
%CC-W-PTRMISMATCH, In this statement, the referenced type of the pointer 
value "&len" is "int", which is not compatible with "unsigned int".
at line number 457 in file PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.CRYPTO.BIO]B_SOCK.C;1

   should be size_t, not int


9. [.crypo.pkcs7]pk7_doit.c

                                       BIO_write(bio,os->data,os->length);
........................................^
%CC-W-PTRMISMATCH, In this statement, the referenced type of the pointer 
value "os->data" is "unsigned char", which is not compatible with "char".
at line number 117 in file PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-
0_8_1.CRYPTO.PKCS7]PK7_DOIT.C;1

#ifdef'd in a (char *)

                        if (!EVP_SignFinal(&ctx_tmp,buf->data,
.............................^
%CC-W-PTRMISMATCH, In this statement, the referenced type of the pointer 
value "buf->data" is "char", which is not compatible with "unsigned char".
at line number 198 in file PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-
0_8_1.CRYPTO.PKCS7]PK7_DOIT.C;1

#ifdef'd in an (unsigned char *)

10.  The resulting .OLB file is HUGE.  Need to make a shared for it.
     Hmm, looks like the SSL stuff should be in a separate library from
     libcrypto..

11.  APPs
     VERIFY - ENC    are OK
 
12.  [.apps]gendh.c
        EXIT(ret);
........^
%CC-I-IMPLICITFUNC, In this statement, the identifier "exit" is implicitly
declared as a function.
at line number 191 in file 
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.APPS]GENDH.C;1

  Add include for <stdlib.h> to e_os.h.

13.  [.apps]errstr.c

*** This file is a link to ../ssl/ssl.h
.........^
%CC-E-DECLARATION, Invalid declaration. at line number 1 in file 
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.INCLUDE]SSL.H;1

One more include file to move, sigh.  Added code in make_vms.com to move
these all into [.include]

14. [.apps]S_SERVER.c

                FD_SET(fileno(stdin),&readfds);
................^
%CC-I-IMPLICITFUNC, In this statement, the identifier "fileno" is 
implicitly declared as a function. at line number 535 in file 
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.APPS]S_SERVER.C;1

  This is a POSIX extension, not ANSI C.  Add a define for
  _POSIX_C_SOURCE to the compilation line.

%LINK-W-NUDFSYMS, 8 undefined symbols:
%LINK-I-UDFSYM,         APPS_SSL_INFO_CALLBACK
%LINK-I-UDFSYM,         BIO_DUMP_CB
%LINK-I-UDFSYM,         DO_SERVER
%LINK-I-UDFSYM,         EXTRACT_PORT
%LINK-I-UDFSYM,         SET_CERT_STUFF
%LINK-I-UDFSYM,         SOCKET_IOCTL
%LINK-I-UDFSYM,         VERIFY_CALLBACK
%LINK-I-UDFSYM,         VERIFY_DEPTH

Bet some of these are commented out by FIONBIO in the modules, but not in 
the server.  No, the ifdef's are there in the server, but same problem
as for BSS_CONN.C above, FIONBIO defined for OpenVMS <7, but ioctl isn't,
so put in the appropriate ifdef for __VMS_VER < 70000000).

Ok, that took out the socket_ictl undefined symbol, but left the others.
Go look at them.  Ok, some are in s_socket.c in this directory

[.apps]s_socket.c

S_SOCKET.C needs the IFDEF for vms_ver too.  Modified it.  Change
compilation to also do this module. 

        i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(char *)&j,&size);
..........^
%CC-W-PTRMISMATCH, In this statement, the referenced type of the pointer value
"&size" is "int", which is not compatible with "unsigned int". 
at line number 229 in file 
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.APPS]S_SOCKET.C;2

  should be size_t, not int
 

        ret=accept(acc_sock,(struct sockaddr *)&from,&len);
............^
%CC-W-PTRMISMATCH, In this statement, the referenced type of the pointer value
"&len" is "int", which is not compatible with "unsigned int". at line number
378 in file
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.APPS]S_SOCKET.C;2 

  should be size_t, not int

        i=ioctl(fd,type,arg);
..........^
%CC-I-IMPLICITFUNC, In this statement, the identifier "ioctl" is implicitly
declared as a function. at line number 452 in file
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.APPS]S_SOCKET.C;2 

 #ifdef FIONBIO around it

        if ((pid=fork()) == 0)
.................^
%CC-I-IMPLICITFUNC, In this statement, the identifier "fork" is implicitly
declared as a function. at line number 641 in file
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.APPS]S_SOCKET.C;2
%LINK-W-WRNERS, compilation warnings 

 replace with vfork

Ok, that killed two more missing symbols in S_SERVER, where are the rest...
Aha, in [.apps]s_cb.c.  Modified the make_vms to compile/include that.

OK! Clean build of s_server.c


15.  [.APPS]S_CLIENT.C
                        if (read_tty)  FD_SET(fileno(stdin),&readfds);
.......................................^
%CC-I-IMPLICITFUNC, In this statement, the identifier "fileno" is implicitly
declared as a function. at line number 418 in file
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.APPS]S_CLIENT.C;1 

                else if (FD_ISSET(fileno(stdout),&writefds))
.........................^
%CC-I-IMPLICITFUNC, In this statement, the identifier "fileno" is implicitly
declared as a function. at line number 507 in file
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.APPS]S_CLIENT.C;1 

  Cure to both of these, turn on POSIX extensions.

Bunch of missing symbols, almost certainly in s_socket.c and s_cb.c, modify
build to include those.

16.  [.apps]speed.c
        static struct tms tstart,tend;
..........................^
%CC-E-INCOMPNOLINK, In this declaration, "tstart" has no linkage and is of an
incomplete type. at line number 213 in file
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.APPS]SPEED.C;1 

        static struct tms tstart,tend;
.................................^
%CC-E-INCOMPNOLINK, In this declaration, "tend" has no linkage and is of an
incomplete type. at line number 213 in file
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.APPS]SPEED.C;1 

Ok, it doesn't know what tms is.  There is a VMS ifdef in there,
add a second one for __VMS_VER too (TMS is in 7.0 and up).

Then it does this

                times(&tstart);
................^
%CC-W-PTRMISMATCH, In this statement, the referenced type of the pointer value
"&tstart" is "struct tms", which is not compatible wi th "struct tbuffer". at
line number 226 in file
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.APPS]SPEED.C;2 

Barf, take out the tms definition, and redo types with ifdef to be tbuffer_t

Then this happens:
                ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
..............................^
%CC-E-NEEDMEMBER, In this statement, "tms_utime" is not a member of "tend". at
line number 228 in file
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.APPS]SPEED.C;4 

Ah, that got it.

17.  [.apps]s_time.c

Same problems with TMS as for speed.c .  Resolve the same way.
3 missing symbols, all in s_cb.c, modify build to include that.

18. [.test]EXPTEST.C;

is a link, not a file.  Modified make_vms.com to move the real source code
into here for all test programs.

19  [.test]LH_TEST.C
                p=Malloc(i+1);
..................^
%CC-I-IMPLICITFUNC, In this statement, the identifier "Malloc" is implicitly
declared as a function. at line number 80 in file
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.TEST]LH_TEST.C;1 

Hmm, looks like it isn't including crypto.h.  It includes lhash.h, but that
doesn't include anything else.  Add an include to lh_test.c to include
crypto.h.  That did it.

20. [.test]methtest.c
Compiler can't find "meth.h", neither can I skip it.

21. [.test]test.c

                ERR_load_crypto_strings();
................^
%CC-I-IMPLICITFUNC, In this statement, the identifier "ERR_load_crypto_strings"
is implicitly declared as a function. at line number 72 in file
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.TEST]TEST.C;2 

                ERR_print_errors_fp(stderr);
................^
%CC-I-IMPLICITFUNC, In this statement, the identifier "ERR_print_errors_fp" is
implicitly declared as a function. at line number 74 in file
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.TEST]TEST.C;2 

It must not be including err.h, modify it to do so.

22.  Ran all [.test]*.exe.  All seemed to do something and spit out OK
except for LH_TEST.EXE, which just sits there, and TEST.EXE, which complains
that:

unable to load configuration, line 0
539012128:error:02001002:system library:fopen:system
 lib:PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.CRYPTO.CONF]CONF.C;1:127
539012128:error:0E064002:configuation file routines:CONF_load:system
 lib:PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.CRYPTO.CONF]CONF.C;1:128

Hmm, it seems to be looking for ssleay.conf, and there is no such beast in 
the test or any other directory. Ugh, there are two TEST.C files, one in
[.crypto.asn1] and one in [.crypto.conf].  This is the second one.

23.  Now try to make this work with OSU Decthreads.  Move

    BSS_MST.C into [.CRYPTO.BUFFER], use the one for .066
    SSL_TASK.C is already in  [.SSL]
    SSL_THREADED.C into [.SSL]


24. BSS_MST.C problems

   { tu_strnzcpy(buffer,"no DECnet",bufsize-1); return 1; }
.....^
%CC-I-IMPLICITFUNC, In this statement, the identifier "tu_strnzcpy" is 
implicitly declared as a function.
at line number 20 in file WWW_ROOT:[BASE_CODE]DECNET_ACCESS.H;1

    This is because the .h has an ifdef for VMS, not __VMS.  Add a define
    for it in the compilation line.  That, and turning off dollarid 
    warnings, resulted in a clean compile.

25. ssl_task.c problems

        s_ctx=SSL_CTX_new(SSLv2());
..........................^
%CC-I-IMPLICITFUNC, In this statement, the identifier "SSLv2" is implicitly 
declared as a function. at line number 228 in file 
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.SSL]SSL_TASK.C;1

  So where does SSLV2() come form?  Nowhere.  The version of ssl_task.c
  directly from OSU doesn't have this.  What is SSL_CTX_new expecting?
  It wants SSL_METHOD *meth for an argument, so it must want either
  meth=SSLv2_client_method();   or
  meth=SSLv2_server_method();

try the latter, given the part of the code it is in.  Seems to take it ok.
Then it hits this:

        BIO_set_fd ( c_to_s, "", chan );
........^
%CC-W-CVTDIFTYPES, In this statement, """" of type "pointer to char", is 
being converted to "int". at line number 273 in file 
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.SSL]SSL_TASK.C;2

Same message on the next line.  BIO_set_fd comes from bio.h, where it is:

#define BIO_set_fd(b,fd,c)      BIO_ctrl_int(b,BIO_C_SET_FD,c,fd)

Aha, there is a space after the fd, take it out.  Nope, that doesn't do it.
Add an explicit include for bio.h.  Nope.  Step back to just the sslv2
change, run it through the preprocessor, then compile that to find:

        BIO_ctrl_int(c_to_s,104,chan,"");
........^
%CC-W-CVTDIFTYPES, In this statement, """" of type "pointer to char", is 
being converted to "int". at line number 273 in file 
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.SSL]SSL_TASK.C;2

Aha, it's the "".  What does BIO_ctrl_int really want.  Ugh, seen this
before, it's doing this:

long BIO_ctrl_int(b,cmd,larg,iarg)
BIO *b;
int cmd;
long larg;
int iarg;
        {
        int i;

        i=iarg;
        return(BIO_ctrl(b,cmd,larg,(char *)&i));
        }


That is, it's assuming that it can just stick a pointer in and pass it as 
in int.  Piece of crap programming.  The only other place BIO_ctrl_int
gets used it is called like this:

BIO_ctrl_int(b,BIO_C_SET_BUFF_SIZE,size,0)

so, modify the problem lines so that "" -> 0.  Ah, that did it.  Hope
it works!

26.  SSL_THREADED.C problems.
Same three problems.  Change:

        s_ctx=SSL_CTX_new();

at line 114 to

        s_ctx=SSL_CTX_new(SSLv2_server_method());

        BIO_set_fd ( c_to_s, (char *) link, link_type );
        BIO_set_fd ( s_to_c, (char *) link, link_type );
at line 154 to
        BIO_set_fd ( c_to_s, (int)((char *) link), link_type );
        BIO_set_fd ( s_to_c, (int)((char *) link), link_type );


Sent this all off to D. Jones.  He made some changes to ssl_task.c,
ssl_threaded.c, bss_mst.c, and bss_rtcp.  Apparently the fixes in 25
and 26 were wrong - when in doubt, ask the master.  He reports that with 
these fixes the DECNET and MST versions build and work.

27.  Lastly, see if this will build properly into a tserver_ssl.exe that 
will work with OSU 2.3a.

from system account, redirect ssllib, currently it is:

   $  sho log ssllib
   "SSLLIB" = "PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_6_6.CRYPTO]" (LNM$SYSTEM_TABLE)
        = "PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_6_6.SSL]"

   $ define/sys/exec ssllib PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.CRYPTO],-
       PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.SSL]

Move to the [.base_code] subdirectory in the server directory, not system 
account.

   $ set def [.base_code]
   $ cc ssl_server_mst.c
   $ @link_tcpshare ssl "" ssl_server_mst/option

it couldn't find bss_mst.  Ok, just move a copy of the .obj up there.  
Ah rats, then it went to look for SSL-AXP.OLB, which we didn't build, stuck
everything into the one library (why not???).  Ok, modify link_tcpshare.com
to fix both of these.  NO. do this.

   $ define/sys/exec ssllib PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.CRYPTO],-
       PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.CRYPTO.BUFFER],-
       PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.SSL]

modify the make_vms.com so that the full library is call LIBSSLEAY.OLB 
(here, just renamed the existing one).  Made a new .opt file, called
SSL_SERVER_MST2.OPT which contains just these lines:

ssl_server_mst,message_service,decnet_access,tlogger            ! base_code modules
!
ssllib:ssl_threaded.obj,bss_mst.obj
ssllib:libssleay/lib       ! SSLeay library.

    Now try linking it again:

   $ @link_tcpshare ssl "" ssl_server_mst2/option

    OK! That worked.  Now restart the server, see if it works.  It does!!!!

Put this .opt file into the .ZIP for distribution.  It really goes to 
[.base_code] though.


28.  OOOPS, I was building RSA, not RSAREF.  Modify make_vms.com to do 
RSAREF optionally.  This triggers the following error:

                default_RSA_meth=RSA_PKCS1_RSAref();
.................................^
%CC-I-IMPLICITFUNC, In this statement, the identifier "RSA_PKCS1_RSAref" is 
implicitly declared as a function. at line number 87 in file 
PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.CRYPTO.RSA]RSA_LIB.C;1

Must be no prototype. Right, there's no #ifdef RSAref in rsa.h.  Have to 
get rsaref.h included.  Aha, can do it through e_os.h, which is good, since
we don't want to think of modifying anything in the rsa or rsaref areas.
Oh heck, adding that ifdef triggers this one:

     I3    2017 int     BN_print_fp(FILE *fp, BIGNUM *a);
                .........................1
%CC-E-CLOSEPAREN, (1) Missing ")".

So it doesn't know what FILE is, meaning that stdio.h wasn't included
somewhere.  Ok. force that too.  Hope that does it...

RATS!  It triggers a meltdown in BN_PRINT.C.  Bite the bullet and modify
only RSA_LIB.C to conditionally include rsaref.h.  Rollback changes in
e_os.h.

Ugh, some of the APPS aren't happy...

Making program VERIFY
%LINK-W-NUDFSYMS, 8 undefined symbols:
%LINK-I-UDFSYM,         RSAPRIVATEDECRYPT
%LINK-I-UDFSYM,         RSAPRIVATEENCRYPT
%LINK-I-UDFSYM,         RSAPUBLICDECRYPT
%LINK-I-UDFSYM,         RSAPUBLICENCRYPT
%LINK-I-UDFSYM,         R_GETRANDOMBYTESNEEDED
%LINK-I-UDFSYM,         R_RANDOMFINAL
%LINK-I-UDFSYM,         R_RANDOMINIT
%LINK-I-UDFSYM,         R_RANDOMUPDATE

Making program ASN1PARS
%LINK-W-NUDFSYMS, 8 undefined symbols:
%LINK-I-UDFSYM,         RSAPRIVATEDECRYPT
%LINK-I-UDFSYM,         RSAPRIVATEENCRYPT
%LINK-I-UDFSYM,         RSAPUBLICDECRYPT
%LINK-I-UDFSYM,         RSAPUBLICENCRYPT
%LINK-I-UDFSYM,         R_GETRANDOMBYTESNEEDED
%LINK-I-UDFSYM,         R_RANDOMFINAL
%LINK-I-UDFSYM,         R_RANDOMINIT
%LINK-I-UDFSYM,         R_RANDOMUPDATE

These are all referenced from module RSAREF.  Go read the RSAREF.DOC
again.  Oh HELL, the pieces in [.rsaref] are just glue, to hook to the real 
RSAREF.  Sure enough, none of these missing routines are present anywhere.
Go to

  ftp://ftp.rsa.com/rsaref

and download it (the .zip).  Unpack.  Yes, they are there.  Oh fun, oh joy.
 Make a build file for openvms for this too.  Oh great, the files are in 
some bizarro format, look like DOS files.  Grab the .tar.Z instead. That
worked better.  The simplest possible make_vms.com file for it worked.
Ok, so now I have a real RSAREF library.  There don't seem to be any 
SYMBOL conflicts.  Modify the SSLeay make_vms.com to use the
RSAREF.OLB library when it builds the apps, and

Good, it got past the first two with no warnings.

SPEED.C issued warnings because of missing RSA_PKCS1_RSAref prototype,
must be no RSAref.h include, added that.  Ok, all apps and test build.
SPEED ran ok, but it wouldn't do a 2048 bit RSA, only 512 and 1024.

29.  Now, can the server build and run?

modify again, so that SSL_SERVER_MST2.OPT contains just these lines:

ssl_server_mst,message_service,decnet_access,tlogger            ! base_code modules
!
ssllib:ssl_threaded.obj,bss_mst.obj
ssllib:libssleay/lib       ! SSLeay library.
ssllib:rsaref/lib          ! RSAref library


Move to [.base_code], no special privs

   $ define ssllib PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.CRYPTO],-
       PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.CRYPTO.BUFFER],-
       PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.SSLEAY-0_8_1.SSL], -
       PRGDISK:[SHARED.PROGRAMS.INFO_SERVERS.rsaref_2_0]
   $ @link_tcpshare ssl "" ssl_server_mst2/option

Start and stop the server, and...

Good it still works!!!  I was a bit afraid that the certificate might not 
be valid.
