The Secure Socket Layer (SSL) application provides secure socket communication over TCP/IP.
The following environment configuration parameters are defined for the SSL application. Refer to application(3) for more information about configuration parameters.
debug = true | false <optional>
false
.
debugdir = path() | false <optional>
debug
and msgdebug
to be printed to a file named
ssl_esock.<pid>.log
in the directory specified by
debugdir
, where <pid>
is the operating system
specific textual representation of the process indentifier
of the external port program of the SSL application. Default
is false
, i.e. no log file is produced.
msgdebug = true | false <optional>
debug = true
and causes also the contents
of low level messages to be printed to standard output.
Default is false
.
port_program = string() | false <optional>
ssl_esock
.
pproxylsport = integer() | false <optional>
pproxylsbacklog = integer() | false <optional>
The current implementation of the SSL application is based on the SSLeay package version 0.9.0. It can be downloaded from several of the mirror sites listed at the sitehttp://www.openssl.org. For the relation between SSLeay and OpenSSL, see below.
The user has to fetch the SSLeay package, compile and install
the libraries libcrypto.so
and libssl.so
(UNIX),
or the libraries libeay32.dll
and ssleay32.dll
(WIN32). The WIN32 libraries must be compiled and linked with
WinSock2.
In order to build SSLeay-0.9.0 for WinSock2 on Windows NT 4.0 do as follows:
crypto/bio/b_sock.c:int BIO_sock_init()
remove
the call to WSACancelBlockingCall()
.
crypto/bn/bn.h
replace
#define BN_ULLONG unsigned _int64
by
#define BN_ULLONG unsigned __int64
.
crypto/bn/bn_mulw.c:bn_add_words()
replace
return(ll&BN_MASK2);
by
return (BN_ULONG)(ll&BN_MASK2);
.
apps/s_socket.c:sock_cleanup()
remove call to
WSACancelBlockingCall()
.
"VC-WIN32","cl:::BN_LLONG RC4_INDEX ".$x86_gcc_opts.":::"
by "VC-WIN32","cl:::RC4_INDEX ".$x86_gcc_opts.":::"
.
mf-ddl.nt
replace wsock32.lib
by
ws2_32.lib
.
The ssl_esock
port program has to be built by linking
object files and libraries. An example Makefile
is
provided in the ssl-X.Y/priv/obj
directory, where also
the object files are found.
The last version of the SSLeay package was 0.9.0b. It was continued by the open source project OpenSSL, and its first release was 0.9.1c.
There should be no problems in using an OpenSSL release instead of the SSLeay 0.9.0 release on Unix (that has however not been tested). For WIN32 there are problems (even if you follow the procedure above). The OpenSSL support for WIN32 seems not to be whole-hearted; in particular the implimenation still relies on the now obsolete Winsock 1.1 interface.
There are also commercially available SSL libraries, e.g. C/SSL from Baltimore Technologies Ltd, and SSL-C from RSA Data Security Australia Pty Ltd, which may be supported by the SSL application in the future.
Users must be aware of export restrictions and patent rights concerning cryptographic software.
application(3)