Make openVMS seeding less dependent of OpenVMS version [master, 3.1, 3.0]#18731
Make openVMS seeding less dependent of OpenVMS version [master, 3.1, 3.0]#18731levitte wants to merge 2 commits intoopenssl:masterfrom
Conversation
levitte
added
approval: otc review pending
approval: review pending
|
This is the port of #18730 for higher OpenSSL versions |
t8m
added
triaged: bug
|
This PR is in a state where it requires action by @openssl/otc but the last update was 30 days ago |
|
This PR is in a state where it requires action by @openssl/otc but the last update was 61 days ago |
|
I expect this is having difficulty getting reviews due to lack of VMS experience. Though I have no direct experience with VMS, this patch looks right to me, and I've read the reference material for the relevant VMS system calls and think it makes sense. Moreover, there is a third party report of this working in #18727. So I'm approving this. |
hlandau
removed
the
approval: review pending
|
This PR is in a state where it requires action by @openssl/otc but the last update was 30 days ago |
|
@levitte this is waiting on update |
|
Yes I know. I've been away on other stuff, but I actually started looking again this morning. |
levitte
changed the title
|
Rebased on a fresher master, and changes completely remade with data |
|
Do note that this change assumes that |
levitte
added
approval: review pending
hlandau
left a comment
hlandau
left a comment
There was a problem hiding this comment.
One nit, otherwise looks good.
|
Apparently, I hadn't rebase on a fresh enough master, and got some pyca related build failures. |
|
@mgdaniel, if you wanna test on openssl 3.0, this is the appropriate URL for rand_vms.c. |
hlandau
added
approval: done
|
@t8m Reapprove? |
t8m
added
approval: done
|
Hi Richard, others.
Grabbed the RAND_VMS.C as indicated and built under 1.1.1l which I had
lurking, using OpenVMS V8.4-2L1. Made sure the new code was being employed
with a simple
sys$gettim((void*)&data.time);
printf("++++++++++1 %llu\n", data.time);
Moved the resulting OPENSSL.EXE to another V8.4-2L2 system and OK, then to
OpenVMS V8.3 (the bigger test) and also OK. Looks like less version
dependency and therefore greater portability has been achieved.
Many thanks, Mark.
…On Tue, 25 Oct 2022 22:21:09 -0700 ***@***.*** wrote:
@mgdaniel, if you wanna test on openssl 3.0, this is the appropriate URL for rand_vms.c.
Although, mind you, the 1.1.1 change is exactly the same in practice, so it should be sufficient for us if you try that.
https://raw.githubusercontent.com/openssl/openssl/ba0127fa7c73c7f64d2f96b214c51482256b3546/providers/implementations/rands/seeding/rand_vms.c
--
Reply to this email directly or view it on GitHub:
#18731 (comment)
You are receiving this because you were mentioned.
Message ID: ***@***.***>
|
|
Great! Thanks for the help, @mgdaniel |
SYS$GETTIM_PREC is a very new function, only available on OpenVMS v8.4. OpenSSL binaries built on OpenVMS v8.4 become unusable on older OpenVM versions, but building for the older CRTL version will make the high precision time functions unavailable. Tests have shown that on Alpha and Itanium, the time update granularity between SYS$GETTIM and SYS$GETTIM_PREC is marginal, so the former plus a sequence number turns out to be better to guarantee a unique nonce. Fixes openssl#18727
|
#19493 removes |
SYS$GETTIM_PREC is a very new function, only available on OpenVMS v8.4. OpenSSL binaries built on OpenVMS v8.4 become unusable on older OpenVM versions, but building for the older CRTL version will make the high precision time functions unavailable. Tests have shown that on Alpha and Itanium, the time update granularity between SYS$GETTIM and SYS$GETTIM_PREC is marginal, so the former plus a sequence number turns out to be better to guarantee a unique nonce. Fixes #18727 Reviewed-by: Hugo Landau <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #18731)
SYS$GETTIM_PREC is a very new function, only available on OpenVMS v8.4. OpenSSL binaries built on OpenVMS v8.4 become unusable on older OpenVM versions, but building for the older CRTL version will make the high precision time functions unavailable. Tests have shown that on Alpha and Itanium, the time update granularity between SYS$GETTIM and SYS$GETTIM_PREC is marginal, so the former plus a sequence number turns out to be better to guarantee a unique nonce. Fixes #18727 Reviewed-by: Hugo Landau <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #18731) (cherry picked from commit 7056dc9)
SYS$GETTIM_PREC is a very new function, only available on OpenVMS v8.4. OpenSSL binaries built on OpenVMS v8.4 become unusable on older OpenVM versions, but building for the older CRTL version will make the high precision time functions unavailable. Tests have shown that on Alpha and Itanium, the time update granularity between SYS$GETTIM and SYS$GETTIM_PREC is marginal, so the former plus a sequence number turns out to be better to guarantee a unique nonce. Fixes #18727 Reviewed-by: Hugo Landau <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #18731) (cherry picked from commit 7056dc9)
|
Merged master: 7056dc9 Make openVMS seeding less dependent of OpenVMS version 3.1: 868141d Make openVMS seeding less dependent of OpenVMS version 3.0: bc84a93 Make openVMS seeding less dependent of OpenVMS version NOTE: I kept the removal of |
SYS$GETTIM_PREC is a very new function, only available on OpenVMS v8.4. OpenSSL binaries built on OpenVMS v8.4 become unusable on older OpenVM versions, but building for the older CRTL version will make the high precision time functions unavailable. Tests have shown that on Alpha and Itanium, the time update granularity between SYS$GETTIM and SYS$GETTIM_PREC is marginal, so the former plus a sequence number turns out to be better to guarantee a unique nonce. Fixes openssl#18727 Reviewed-by: Hugo Landau <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from openssl#18731)
7 participants
SYS$GETTIM_PRECis a very new function, only available on OpenVMS v8.4.OpenSSL binaries built on OpenVMS v8.4 become unusable on older OpenVMS
versions, but building for the older CRTL version will make the high
precision time functions unavailable.
Tests have shown that on Alpha and Itanium, the time update granularity
between
SYS$GETTIMandSYS$GETTIM_PRECis marginal, so the former plusa sequence number turns out to be better to guarantee a unique nonce.
Fixes #18727