This file is divided in the following parts:
+ Requirements - Mandatory reading.
Checking the distribution - Mandatory reading.
Compilation - Mandatory reading.
Logical names - Mandatory reading.
TODO - Things that are to come.
+Requirements:
+=============
+
+To build and install OpenSSL, you will need:
+
+ * Perl 5 with core modules. If you don't want to build it yourself,
+ we suggest you look here: http://sourceforge.net/projects/vmsperlkit/files/
+ * DEC C or some other ANSI C compiler. VAX C is *not* supported.
+ [Note: OpenSSL has only been tested with DEC C. Compiling with
+ a different ANSI C compiler may require some work]
+
Checking the distribution:
==========================
There have been reports of places where the distribution didn't quite get
-through, for example if you've copied the tree from a NFS-mounted unix
+through, for example if you've copied the tree from a NFS-mounted Unix
mount point.
The easiest way to check if everything got through as it should is to check
-for oen of the following files:
+for one of the following files:
[.CRYPTO]OPENSSLCONF.H_IN
[.CRYPTO]OPENSSLCONF_H.IN
or MAKExxx.COM (in the program directories) and read the comments at
the top to understand how to use them. However, if you want to
compile all you can get, the simplest is to use MAKEVMS.COM in the top
-directory. The syntax is trhe following:
+directory. The syntax is the following:
- @MAKEVMS <option> <rsaref-p> <debug-p> [<compiler>]
+ @MAKEVMS <option> <bits> <debug-p> [<compiler>]
<option> must be one of the following:
CONFIG Just build the "[.CRYPTO]OPENSSLCONF.H" file.
BUILDINF Just build the "[.INCLUDE]BUILDINF.H" file.
SOFTLINKS Just copies some files, to simulate Unix soft links.
- BUILDALL Same as ALL, except CONFIG, BUILDINF and SOFTILNKS aren't done.
+ BUILDALL Same as ALL, except CONFIG, BUILDINF and SOFTLINKS aren't done.
RSAREF Just build the "[.xxx.EXE.RSAREF]LIBRSAGLUE.OLB" library.
CRYPTO Just build the "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library.
SSL Just build the "[.xxx.EXE.SSL]LIBSSL.OLB" library.
- SSL_TASK Just build the "[.xxx.EXE.SSL]SSL_TASK.EXE" program.
TEST Just build the "[.xxx.EXE.TEST]" test programs for OpenSSL.
APPS Just build the "[.xxx.EXE.APPS]" application programs for OpenSSL.
-<rsaref-p> must be one of the following:
-
- RSAREF compile using the RSAREF Library
- NORSAREF compile without using RSAREF
-
-Note 0: The RASREF library IS NO LONGER NEEDED. The RSA patent
- expires September 20, 2000, and RSA Security chose to make
- the algorithm public domain two weeks before that.
+<bits> must be one of the following:
-Note 1: If you still want to use RSAREF, the library is NOT INCLUDED
- and you have to download it. RSA Security doesn't carry it
- any more, but there are a number of places where you can find
- it. You have to get the ".tar-Z" file as the ".zip" file
- doesn't have the directory structure stored. You have to
- extract the file into the [.RSAREF] directory as that is where
- the scripts will look for the files.
-
-Note 2: I have never done this, so I've no idea if it works or not.
+ "" compile using default pointer size
+ 32 compile using 32 bit pointer size
+ 64 compile using 64 bit pointer size
<debug-p> must be one of the following:
GNUC For GNU C.
-You will find the crypto library in [.xxx.EXE.CRYPTO], called LIBCRYPTO.OLB,
-where xxx is VAX or AXP. You will find the SSL library in [.xxx.EXE.SSL],
-named LIBSSL.OLB, and you will find a bunch of useful programs in
-[.xxx.EXE.APPS]. However, these shouldn't be used right off unless it's
-just to test them. For production use, make sure you install first, see
-Installation below.
+You will find the crypto library in [.xxx.EXE.CRYPTO] (where xxx is VAX,
+ALPHA or IA64), called SSL_LIBCRYPTO32.OLB or SSL_LIBCRYPTO.OLB depending
+on how it was built. You will find the SSL library in [.xxx.EXE.SSL],
+named SSL_LIBSSL32.OLB or SSL_LIBSSL.OLB, and you will find a bunch of
+useful programs in [.xxx.EXE.APPS]. However, these shouldn't be used
+right off unless it's just to test them. For production use, make sure
+you install first, see Installation below.
Note 1: Some programs in this package require a TCP/IP library.
OPENSSL_NO_ASM with value YES, the assembler parts of OpenSSL will
not be used. Instead, plain C implementations are
used. This is good to try if something doesn't work.
- OPENSSL_NO_'alg' with value YES, the corresponding crypto algorithm
- will not be implemented. Supported algorithms to
- do this with are: RSA, DSA, DH, MD2, MD4, MD5, RIPEMD,
- SHA, DES, MDC2, CR2, RC4, RC5, IDEA, BF, CAST, HMAC,
- SSL2. So, for example, having the logical name
- OPENSSL_NO_RSA with the value YES means that the
- LIBCRYPTO.OLB library will not contain an RSA
- implementation.
-
+ OPENSSL_NO_'alg' with value YES, the corresponding crypto algorithm,
+ protocol or other routine will not be implemented if
+ disabling it is supported. Supported algorithms to
+ do this with are: AES, BF, CAMELLIA, CAST, CMS, COMP,
+ DES, DGRAM, DH, DSA, EC, EC2M, ECDH, ECDSA, ENGINE,
+ ERR, GOST, HEARTBEATS, HMAC, IDEA, MD2, MD4,
+ MD5, OCB, OCSP, PSK, RC2, RC4, RC5, RMD160, RSA, SCTP,
+ SEED, SOCK, SRP, SRTP, WHIRLPOOL. So, for
+ example, having the logical name OPENSSL_NO_RSA with
+ the value YES means that the LIBCRYPTO.OLB library
+ will not contain an RSA implementation.
+ OPENSSL_EXPERIMENTAL_'alg'
+ with value YES, the corresponding experimental
+ algorithm is enabled. Note that is also requires
+ the application using this to define the C macro
+ OPENSSL_EXPERIMENTAL_'alg'. Supported algorithms
+ to do this with are: JPAKE, STORE.
Test:
=====
Installation is easy, just do the following:
- @INSTALL <root>
+ @INSTALL <root> <bits>
<root> is the directory in which everything will be installed,
subdirectories, libraries, header files, programs and startup command
procedures.
+<bits> works the same way as for MAKEVMS.COM
+
N.B.: INSTALL.COM builds a new directory structure, different from
the directory tree where you have now build OpenSSL.
sets up the symbols to the applications. Should be called
from for example SYS$MANAGER:SYLOGIN.COM
+ OPENSSL_UNDO.COM
+
+ deassigns the logical names created with OPENSSL_STARTUP.COM.
+
The logical names that are set up are the following:
SSLROOT a dotted concealed logical name pointing at the
SSLCERTS Initially an empty directory, this is the default
location for certificate files.
- SSLMISC Various scripts.
SSLPRIVATE Initially an empty directory, this is the default
location for private key files.
programs.
SSLINCLUDE Contains the header files needed if you want to
compile programs with libcrypto or libssl.
- SSLLIB Contains the OpenSSL library files (LIBCRYPTO.OLB
- and LIBSSL.OLB) themselves.
+ SSLLIB Contains the OpenSSL library files themselves:
+ - SSL_LIBCRYPTO32.OLB and SSL_LIBSSL32.OLB or
+ - SSL_LIBCRYPTO.OLB and SSL_LIBSSL.OLB
OPENSSL Same as SSLINCLUDE. This is because the standard
way to include OpenSSL header files from version
The USER_CCDISABLEWARNINGS is there because otherwise, DEC C will complain
that those macros have been changed.
-Note: Currently, this is only usefull for library compilation. The
+Note: Currently, this is only useful for library compilation. The
programs will still be linked with the current version of the
C library shareable image, and will thus complain if they are
faced with an older version of the same C library shareable image.
--
Richard Levitte <richard@levitte.org>
-2000-02-27
+2000-02-27, 2011-03-18