Loading INSTALL.VMS +22 −8 Original line number Diff line number Diff line Loading @@ -127,15 +127,29 @@ The logical names that are set up are the following: SSLROOT a dotted concealed logical name pointing at the root directory. SSLLIB points at the directory where CRYPTORTL.OLB and SSLRTL.OLB are installed. SSLINCLUDE points at the directory where the header files are installed. SSLEXE points at the directory where the applications are installed. SSLCERTS the place where the certificates are stored. SSLPRIVATE I'm actually not sure what this is used for. SSLCERTS Initially an empty directory, this is the default location for certificate files. SSLMISC Various scripts. SSLPRIVATE Initially an empty directory, this is the default location for private key files. SSLEXE Contains the openssl binary and a few other utility programs. SSLINCLUDE Contains the header files needed if you want to compile programs with libcrypto or libssl. SSLLIB Contains the OpenSSL library files (LIBCRYPTO.OLB and LIBSSL.OLB) themselves. OPENSSL Same as SSLINCLUDE. This is because the standard way to include OpenSSL header files from version 0.9.3 and on is: #include <openssl/header.h> For more info on this issue, see the INSTALL. file (the NOTE in section 4 of "Installation in Detail"). You don't need to "deleting old header files"!!! Backward portability: ===================== Loading apps/openssl-vms.cnf +43 −19 Original line number Diff line number Diff line Loading @@ -3,10 +3,17 @@ # This is mostly being used for generation of certificate requests. # RANDFILE = $ENV::HOME.rnd oid_file = $ENV::HOME.oid RANDFILE = $ENV::HOME/.rnd oid_file = $ENV::HOME/.oid oid_section = new_oids # To use this configuration file with the "-extfile" option of the # "openssl x509" utility, name here the section containing the # X.509v3 extensions to use: # extensions = # (Alternatively, use a configuration file that has only # X.509v3 extensions in its main [= default] section.) [ new_oids ] # We can add new OIDs in here for use by 'ca' and 'req'. Loading Loading @@ -35,6 +42,11 @@ private_key = $dir.private]cakey.pem# The private key RANDFILE = $dir.private].rand # private random number file x509_extensions = usr_cert # The extentions to add to the cert # Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs # so this is commented out by default to leave a V1 CRL. # crl_extensions = crl_ext default_days = 365 # how long to certify for default_crl_days= 30 # how long before next CRL default_md = md5 # which md to use. Loading Loading @@ -131,23 +143,25 @@ basicConstraints=CA:FALSE # For normal client use this is typical # nsCertType = client, email # This is typical also # and for everything including object signing: # nsCertType = client, email, objsign keyUsage = nonRepudiation, digitalSignature, keyEncipherment # This is typical in keyUsage for a client certificate. # keyUsage = nonRepudiation, digitalSignature, keyEncipherment # This will be displayed in Netscape's comment listbox. nsComment = "OpenSSL Generated Certificate" # PKIX recommendations # PKIX recommendations harmless if included in all certificates. subjectKeyIdentifier=hash authorityKeyIdentifier=keyid,issuer:always # This stuff is for subjectAltName and issuerAltname. # Import the email address. subjectAltName=email:copy # subjectAltName=email:copy # Copy subject details issuerAltName=issuer:copy # issuerAltName=issuer:copy #nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem #nsBaseUrl Loading @@ -160,8 +174,6 @@ issuerAltName=issuer:copy # Extensions for a typical CA # It's a CA certificate basicConstraints = CA:true # PKIX recommendation. Loading @@ -172,19 +184,31 @@ authorityKeyIdentifier=keyid:always,issuer:always # This is what PKIX recommends but some broken software chokes on critical # extensions. #basicConstraints = critical,CA:true # So we do this instead. basicConstraints = CA:true # Key usage: again this should really be critical. keyUsage = cRLSign, keyCertSign # Key usage: this is typical for a CA certificate. However since it will # prevent it being used as an test self-signed certificate it is best # left out by default. # keyUsage = cRLSign, keyCertSign # Some might want this also # nsCertType = sslCA, emailCA # Include email address in subject alt name: another PKIX recommendation subjectAltName=email:copy # subjectAltName=email:copy # Copy issuer details issuerAltName=issuer:copy # issuerAltName=issuer:copy # RAW DER hex encoding of an extension: beware experts only! # 1.2.3.5=RAW:02:03 # You can even override a supported extension: # basicConstraints= critical, RAW:30:03:01:01:FF [ crl_ext ] # CRL extensions. # Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. # issuerAltName=issuer:copy authorityKeyIdentifier=keyid:always,issuer:always crypto/md5/md5_locl.h +4 −0 Original line number Diff line number Diff line Loading @@ -127,7 +127,11 @@ void md5_block_data_order (MD5_CTX *c, const void *p,int num); */ #endif #ifndef FLAT_INC #include "../md32_common.h" #else #include "md32_common.h" #endif /* #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z))) Loading install.com +1 −1 Original line number Diff line number Diff line Loading @@ -53,7 +53,7 @@ $ IF F$PARSE("WRK_SSLROOT:[VMS]") .EQS. "" THEN - CREATE/DIR/LOG WRK_SSLROOT:[VMS] $ $ SDIRS := CRYPTO,SSL,RSAREF,APPS,VMS!,TEST,TOOLS $ EXHEADER := e_os.h $ EXHEADER := e_os.h,e_os2.h $ $ COPY 'EXHEADER' WRK_SSLINCLUDE: /LOG $ Loading makevms.com +1 −1 Original line number Diff line number Diff line Loading @@ -220,7 +220,7 @@ $ IF F$PARSE("SYS$DISK:[.INCLUDE.OPENSSL]") .EQS. "" THEN - $! $! Copy All The ".H" Files From The Main Directory. $! $ EXHEADER := e_os.h $ EXHEADER := e_os.h,e_os2.h $ COPY 'EXHEADER' SYS$DISK:[.INCLUDE.OPENSSL] $! $! Copy All The ".H" Files From The [.CRYPTO] Directory Tree. Loading Loading
INSTALL.VMS +22 −8 Original line number Diff line number Diff line Loading @@ -127,15 +127,29 @@ The logical names that are set up are the following: SSLROOT a dotted concealed logical name pointing at the root directory. SSLLIB points at the directory where CRYPTORTL.OLB and SSLRTL.OLB are installed. SSLINCLUDE points at the directory where the header files are installed. SSLEXE points at the directory where the applications are installed. SSLCERTS the place where the certificates are stored. SSLPRIVATE I'm actually not sure what this is used for. SSLCERTS Initially an empty directory, this is the default location for certificate files. SSLMISC Various scripts. SSLPRIVATE Initially an empty directory, this is the default location for private key files. SSLEXE Contains the openssl binary and a few other utility programs. SSLINCLUDE Contains the header files needed if you want to compile programs with libcrypto or libssl. SSLLIB Contains the OpenSSL library files (LIBCRYPTO.OLB and LIBSSL.OLB) themselves. OPENSSL Same as SSLINCLUDE. This is because the standard way to include OpenSSL header files from version 0.9.3 and on is: #include <openssl/header.h> For more info on this issue, see the INSTALL. file (the NOTE in section 4 of "Installation in Detail"). You don't need to "deleting old header files"!!! Backward portability: ===================== Loading
apps/openssl-vms.cnf +43 −19 Original line number Diff line number Diff line Loading @@ -3,10 +3,17 @@ # This is mostly being used for generation of certificate requests. # RANDFILE = $ENV::HOME.rnd oid_file = $ENV::HOME.oid RANDFILE = $ENV::HOME/.rnd oid_file = $ENV::HOME/.oid oid_section = new_oids # To use this configuration file with the "-extfile" option of the # "openssl x509" utility, name here the section containing the # X.509v3 extensions to use: # extensions = # (Alternatively, use a configuration file that has only # X.509v3 extensions in its main [= default] section.) [ new_oids ] # We can add new OIDs in here for use by 'ca' and 'req'. Loading Loading @@ -35,6 +42,11 @@ private_key = $dir.private]cakey.pem# The private key RANDFILE = $dir.private].rand # private random number file x509_extensions = usr_cert # The extentions to add to the cert # Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs # so this is commented out by default to leave a V1 CRL. # crl_extensions = crl_ext default_days = 365 # how long to certify for default_crl_days= 30 # how long before next CRL default_md = md5 # which md to use. Loading Loading @@ -131,23 +143,25 @@ basicConstraints=CA:FALSE # For normal client use this is typical # nsCertType = client, email # This is typical also # and for everything including object signing: # nsCertType = client, email, objsign keyUsage = nonRepudiation, digitalSignature, keyEncipherment # This is typical in keyUsage for a client certificate. # keyUsage = nonRepudiation, digitalSignature, keyEncipherment # This will be displayed in Netscape's comment listbox. nsComment = "OpenSSL Generated Certificate" # PKIX recommendations # PKIX recommendations harmless if included in all certificates. subjectKeyIdentifier=hash authorityKeyIdentifier=keyid,issuer:always # This stuff is for subjectAltName and issuerAltname. # Import the email address. subjectAltName=email:copy # subjectAltName=email:copy # Copy subject details issuerAltName=issuer:copy # issuerAltName=issuer:copy #nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem #nsBaseUrl Loading @@ -160,8 +174,6 @@ issuerAltName=issuer:copy # Extensions for a typical CA # It's a CA certificate basicConstraints = CA:true # PKIX recommendation. Loading @@ -172,19 +184,31 @@ authorityKeyIdentifier=keyid:always,issuer:always # This is what PKIX recommends but some broken software chokes on critical # extensions. #basicConstraints = critical,CA:true # So we do this instead. basicConstraints = CA:true # Key usage: again this should really be critical. keyUsage = cRLSign, keyCertSign # Key usage: this is typical for a CA certificate. However since it will # prevent it being used as an test self-signed certificate it is best # left out by default. # keyUsage = cRLSign, keyCertSign # Some might want this also # nsCertType = sslCA, emailCA # Include email address in subject alt name: another PKIX recommendation subjectAltName=email:copy # subjectAltName=email:copy # Copy issuer details issuerAltName=issuer:copy # issuerAltName=issuer:copy # RAW DER hex encoding of an extension: beware experts only! # 1.2.3.5=RAW:02:03 # You can even override a supported extension: # basicConstraints= critical, RAW:30:03:01:01:FF [ crl_ext ] # CRL extensions. # Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. # issuerAltName=issuer:copy authorityKeyIdentifier=keyid:always,issuer:always
crypto/md5/md5_locl.h +4 −0 Original line number Diff line number Diff line Loading @@ -127,7 +127,11 @@ void md5_block_data_order (MD5_CTX *c, const void *p,int num); */ #endif #ifndef FLAT_INC #include "../md32_common.h" #else #include "md32_common.h" #endif /* #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z))) Loading
install.com +1 −1 Original line number Diff line number Diff line Loading @@ -53,7 +53,7 @@ $ IF F$PARSE("WRK_SSLROOT:[VMS]") .EQS. "" THEN - CREATE/DIR/LOG WRK_SSLROOT:[VMS] $ $ SDIRS := CRYPTO,SSL,RSAREF,APPS,VMS!,TEST,TOOLS $ EXHEADER := e_os.h $ EXHEADER := e_os.h,e_os2.h $ $ COPY 'EXHEADER' WRK_SSLINCLUDE: /LOG $ Loading
makevms.com +1 −1 Original line number Diff line number Diff line Loading @@ -220,7 +220,7 @@ $ IF F$PARSE("SYS$DISK:[.INCLUDE.OPENSSL]") .EQS. "" THEN - $! $! Copy All The ".H" Files From The Main Directory. $! $ EXHEADER := e_os.h $ EXHEADER := e_os.h,e_os2.h $ COPY 'EXHEADER' SYS$DISK:[.INCLUDE.OPENSSL] $! $! Copy All The ".H" Files From The [.CRYPTO] Directory Tree. Loading
