[Info-vax] $GETTIM and $GETTIM_PREC on modern systems
Mark Daniel
mark.daniel at wasd.vsm.com.au
Thu Jul 7 21:36:54 EDT 2022
On 8/7/22 10:09 am, Stephen Hoffman wrote:
> On 2022-07-08 00:14:55 +0000, Mark Daniel said:
>
>> Question posted at
>>
>>> https://forum.vmssoftware.com/viewtopic.php?f=21&t=8509&sid=07767e84ea266b91e0bb9511d966b1a6
>>>
Thanks for the response Hoff.
> I asked the OpenVMS developers about that back around its launch; about
> why a whole new API was needed. Would have been simpler to announce an
> increase to the (AFAIK then-undocumented) accuracy of $gettim.
>
> Also pointed out the naming was wrong; that the new API was offering
> better accurancy, while both old and new API offered the same precision.
>
> For OpenSSL, not a huge fan of efforts to acquire (undocumented) entropy
> from a timekeeping-related API. And OpenSSL needs better contacts with VSI.
Agreed. It has become such an integral part of the OS infrastructure.
At least it seems updated releases are promptly being issued by VSI.
> V8.3 is sixteen years old. If the sites are that far back and clearly
> not upgrading OpenVMS, what are the chances they're also upgrading SSL?
> Using an LTS interval of 10 years knocks V8.4 off the list, too.
I recently updated one. Tried using the VSI latest PCSI release,
ignoring the "needs V8.4" warning, and continued on. Installed OK. IVP
failed of course. And when OPENSSL executable ACCVIOed (presumably) on
the unresolved $GETTIME_PREC. Without that it would have been fine.
Fell back to the WASD OpenSSL build which explicitly uses $GETTIM to
allow V8.4, V8.3, and presumably further back. Would be nice if WASD no
longer needed its own OpenSSL to keep current.
Then I started tinkering with dynamically loading SYS$GETTIM_PREC and if
unavailable falling back to SYS$GETTIM. Tested working for V8.4 and
V8.3 and submitted the change via an OpenSSL bug report.
https://github.com/openssl/openssl/issues/18727
OpenSSL used the concept with their own code which tested OK across V8.4
and V8.3.
Now the need at all for SYS$GETTIM_PREC is now being questioned. If
eliminated the V8.4 dependency goes with it.
https://github.com/openssl/openssl/pull/18730
Hence the question of VSI.
> VSI had been discussing entropy a while back, but how much of that made
> it into the release? The entropy engine was listed, but I've not poked
> at it. Entropy discussion, from a few years ago:
OpenSSL are prepping for it. From...
> https://raw.githubusercontent.com/levitte/openssl/fix-18727-111/crypto/rand/rand_vms.c
Look for...
/*
* SYS$GET_ENTROPY METHOD
* ======================
*
* This is a high entropy method based on a new system service that is
* based on getentropy() from FreeBSD 12. It's only used if available,
* and its availability is detected at run-time.
*
* We assume that this function provides full entropy random output.
*/
#define PUBLIC_VECTORS "SYS$LIBRARY:SYS$PUBLIC_VECTORS.EXE"
#define GET_ENTROPY "SYS$GET_ENTROPY"
8< snip 8<
> https://groups.google.com/g/comp.os.vms/c/BmIXV0gN3n8/m/mETohq6qAgAJ
>
> Yeah; my usual hammer-lock grasp of the obvious on full display here, of
> course.
>
> Shorter URL: https://forum.vmssoftware.com/viewtopic.php?f=21&t=8509
--
Anyone, who using social-media, forms an opinion regarding anything
other than the relative cuteness of this or that puppy-dog, needs
seriously to examine their critical thinking.
More information about the Info-vax
mailing list