[Info-vax] Once again trying to use the SSL ported to VMS

David Froble davefroble at gmail.com
Mon Nov 28 22:03:39 EST 2011 

On Nov 28, 6:05 pm, Steven Schweda <sms.antin... at gmail.com> wrote:
> On Nov 28, 2:00 pm, David Froble <davefro... at gmail.com> wrote:
>
> > It's my observation that the OpenSSL port to VMS is actually a port to
> > C on VMS.  [...]
>
>    OpenSSL is software written (mostly) in C, so that's what
> you get when it's ported to VMS.
>
>    I've done very little with OpenSSL, other than try to get
> the VMS builders to work, and then use the results with other
> programs (already) written in C (by others), so I know
> nothing, but, ...
>
> > [...] Not ranting, just explaining.
>
>    Had me fooled.

Caustic as ever, I see.

Not that I'm going to complain, your help with SSH is probably the
reason I got things working.  Thanks.

> > [...] I could
> > not find much about what "RETURN_NULL()" is, though I can guess it is
> > initializing a new structure to NULL.  The symbol does not resolve in
> > the linker.  The only place I've found it is in another example
> > program.
>
> > #define RETURN_NULL(x) if ((x)==NULL) exit(1)

My problem with this is, I'm not sure what C considers (a) NULL.  If I
can test the variable/pointer/whatever for a value of zero, that's
simple, but there is nothing I can find that tells me a test for zero
would be appropriate, thus my "assume".

>    Around here, it's defined in SSL_EXAMPLES.H, which seems
> to be used by SSL$TCP_SERVER_QIO_SSL.C:
>
> ALP $ search SSL$TCP_SERVER_QIO_SSL.C SSL_EXAMPLES.H
>  *             See SSL_EXAMPLES.H for more information and further
> debug
> #include "SSL$EXAMPLES:ssl_examples.h" /* SSL callbacks and error
> handling  */
>
> So, not particularly mysterious.  It doesn't initialize
> anything.  It checks its argument, and if it's NULL, then it
> calls exit() (with a non-zero/error code).  For example:
>
>    /* Create a SSL_CTX structure */
>    ctx = SSL_CTX_new(meth);
>    RETURN_NULL(ctx);
>
> Apparently, SSL_CTX_new() allocates some storage, and returns
> a pointer to that storage.  If it returns NULL, then you're
> doomed (probably because the allocation failed), so exit(1)
> probably makes some sense.

SSL_CTX_new() does seem to allocate some storage, and the return value
I'm assuming is a pointer to the storage.  It is non-zero, so I've
assumed it was successful.  Doesn't make sense to return a pointer to
storage that was never allocated.

>    Have you tried looking at what passes for documentation at
> openssl.org?

No I have not, and from the way you phrased that, I'm probably going
to be disappointed.  We'll see.

> > I assume decc$socket_fd() is a DEC C routine,
>
>    Why assume anything?  Around here:
>
>       help TCPIP_Services Programming_Interfaces Socket_API_Functions
> -
>        decc$socket_fd

Yes, I had found that, but if you read it, you'll see that while it
says that a small integer value is returned, I'm not sure what that
means.  Does it mean a byte, a word, or just a low value.  Since it's
returning a value, I'm assuming that I can store it in a longword.

> >  and I assume that the
> > channel is being passed to it By Value.
>
>    Again, what's to assume?  If you can't read C, then this
> may be a tough nut to crack.

No, I do not read C very well.  Very poorly in fact, and that is much
of my problem.  I'm making a LOT of assumptions.  I think most are
reasonable, but there is no guarantee that any software is
"reasonable".

> >   I don't know what it's doing,
> > and I don't know what type of data it returns.  I can "hope" that
> > "sock" is a pointer, to be stored in a longword.
>
>       help TCPIP_Services Programming_Interfaces Socket_API_Functions
> -
>        decc$socket_fd
>
> > Back to ranting.  [...]
>
>    I thought so.

Why not?  I don't have high blood pressure.  :-)

Also possibly justified, as some of the stuff in the examples doesn't
work as described.

If I tried to sell a product such as I'm finding this (SSL port) to
be, I wouldn't keep many customers.

>    The documentation of this stuff may be sub-ideal, but you
> don't seem to be taking proper advantage of what is
> available.

Probably guilty as charged.

More information about the Info-vax mailing list