Hello,
in the request tracker under item #843 there are patches for 0.9.7c
(created and tested on Fujitsu BS2000) and 0.9.7j (updated by Jeremy
Grieshop for z/OS).
Because i saw no actions to incorporate the patches into the official
sources in the last ten years i saved afterwards the work to commit our
patches for newer OpenSSL versions.
If there is interest i can provide patches for lines 0.9.8, 1.0.0 and
1.0.1 too; it will probably take some days because i have first to look
at the patches and maybe remove some non-EBCDIC related parts.
Best regards,
Richard
Am 29.04.2014 13:52, schrieb mclellan, dave:
We are active and continuing users of the z/OS port of OpenSSL, have just
rebuilt 1.0.1c without heartbeats on a maintenance stream and are upgrading to
1.0.g on a future release stream. Just as example of staying current on z/OS.
We use z/OS on the server side only, and generates server certs from a Windows
machine, and transfer the certs to USS using binary FTP. The server does not
require a client cert since we couldn't get that working and have never had
time to look into it. We don't use the openssl CLI on z/OS.
We have even considered the port for Fujitsu BS2000 but don't have a business
priority for it.
All this to say that we sure hope that z/OS and OpenSSL continue to be real,
and I'm glad to have read Tim's response.
+-+-+-+-+-+-+-+-+-
Dave McLellan, VMAX Software Engineering, EMC Corporation, 176 South St.
Mail Stop 176-V1 1/P-36, Hopkinton, MA 01749
Office: 508-249-1257, Mobile: 978-500-2546, dave.mclel...@emc.com
+-+-+-+-+-+-+-+-+-
-----Original Message-----
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Stephan Mühlstrasser
Sent: Tuesday, April 29, 2014 4:48 AM
To: Tim Hudson; openssl-users@openssl.org
Subject: Re: State of EBCDIC support in OpenSSL
Am 29.04.14 10:28, schrieb Tim Hudson:
Bug reports on EBCDIC with patches are definitely interesting as there
is an active community of OpenSSL z/OS users - at the very least the
other users will benefit from any work you have already done.
I can provide bug reports, but at the moment I cannot promise that I can come
up with corresponding patches as well.
I did some research in the OpenSSL mailing list archives, and from that I have the
impression that there's little activity from OpenSSL z/OS users over the last few years.
Are there other places where you see the "active community of OpenSSL z/OS
users"?
For the broader context I think you'll find the issue for handling
such platforms will usually be the typical one of regular platform access.
Checking, adjusting, and confirming patches which are platform
specific that are non-trivial basically requires access to the platform.
One thing to consider is if you (or anyone else) is able to provide
permanent (or semi-permanent) access (via ssh) to a z/OS platform with
USS installed that places the user into a standard shell environment
with the compilers accessible.
I'm sorry, but I can't help with platform access, as we only have a z/OS
development system for porting our software, not even a real zSeries machine.
I would expect that IBM itself should be interested in a working OpenSSL port
for zSeries. We have a very old version of OpenSSL on our system that we
downloaded from the IBM website in the past. This version is for example able
to print out certificates correctly.
Today the IBM website about open source software available for z/OS point to
openssl.org for getting OpenSSL:
http://www-03.ibm.com/systems/z/os/zos/features/unix/bpxa1ty1.html
"The free unsupported version of OpenSSL previously offered here is no longer
available. Instead, we refer you to the functionally equivalent version available from
the official OpenSSL project website."
If someone from IBM is reading this, please consider the request by Tim for
access to a z/OS platform.
Stephan
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
