]>
Commit | Line | Data |
---|---|---|
75b8dfc0 RE |
1 | |
2 | OpenSSL STATUS Last modified at | |
7f060601 | 3 | ______________ $Date: 2000/05/26 23:51:09 $ |
75b8dfc0 RE |
4 | |
5 | DEVELOPMENT STATE | |
6 | ||
3e3844b5 RL |
7 | o OpenSSL 0.9.6: Under development... |
8 | o OpenSSL 0.9.5a: Released on April 1st, 2000 | |
74cdf6f7 | 9 | o OpenSSL 0.9.5: Released on February 28th, 2000 |
d91e201e | 10 | o OpenSSL 0.9.4: Released on August 09th, 1999 |
5132cadf RE |
11 | o OpenSSL 0.9.3a: Released on May 29th, 1999 |
12 | o OpenSSL 0.9.3: Released on May 25th, 1999 | |
85b283ff | 13 | o OpenSSL 0.9.2b: Released on March 22th, 1999 |
9cb0969f | 14 | o OpenSSL 0.9.1c: Released on December 23th, 1998 |
75b8dfc0 RE |
15 | |
16 | RELEASE SHOWSTOPPERS | |
17 | ||
18 | AVAILABLE PATCHES | |
19 | ||
0b62b302 | 20 | o CA.pl patch (Damien Miller) |
189b6a60 | 21 | |
75b8dfc0 RE |
22 | IN PROGRESS |
23 | ||
67d5ac03 | 24 | o Steve is currently working on (in no particular order): |
7f060601 | 25 | EVP cipher enhancement. |
67d5ac03 | 26 | Proper (or at least usable) certificate chain verification. |
1d48dd00 | 27 | Private key, certificate and CRL API and implementation. |
5a9a4b29 | 28 | Developing and bugfixing PKCS#7 (S/MIME code). |
87c49f62 | 29 | Various X509 issues: character sets, certificate request extensions. |
679ab7c3 | 30 | |
75b8dfc0 RE |
31 | NEEDS PATCH |
32 | ||
2c0ff02f | 33 | o non-blocking socket on AIX |
e6d0b6ec | 34 | o $(PERL) in */Makefile.ssl |
acafc0b4 | 35 | o "Sign the certificate?" - "n" creates empty certificate file |
acafc0b4 | 36 | |
75b8dfc0 RE |
37 | OPEN ISSUES |
38 | ||
ab3f0c66 RE |
39 | o internal_verify doesn't know about X509.v3 (basicConstraints |
40 | CA flag ...) | |
41 | ||
2ec077d8 RE |
42 | o The Makefile hierarchy and build mechanism is still not a round thing: |
43 | ||
44 | 1. The config vs. Configure scripts | |
45 | It's the same nasty situation as for Apache with APACI vs. | |
46 | src/Configure. It confuses. | |
47 | Suggestion: Merge Configure and config into a single configure | |
48 | script with a Autoconf style interface ;-) and remove | |
49 | Configure and config. Or even let us use GNU Autoconf | |
50 | itself. Then we can avoid a lot of those platform checks | |
51 | which are currently in Configure. | |
52 | ||
a6f20a1e RE |
53 | o Support for Shared Libraries has to be added at least |
54 | for the major Unix platforms. The details we can rip from the stuff | |
55 | Ralf has done for the Apache src/Configure script. Ben wants the | |
56 | solution to be really simple. | |
57 | ||
58 | Status: Ralf will look how we can easily incorporate the | |
59 | compiler PIC and linker DSO flags from Apache | |
60 | into the OpenSSL Configure script. | |
61 | ||
eb025998 UM |
62 | Ulf: +1 for using GNU autoconf and libtool (but not automake, |
63 | which apparently is not flexible enough to generate | |
64 | libcrypto) | |
65 | ||
66 | ||
a6f20a1e RE |
67 | o The perl/ stuff needs a major overhaul. Currently it's |
68 | totally obsolete. Either we clean it up and enhance it to be up-to-date | |
69 | with the C code or we also could replace it with the really nice | |
70 | Net::SSLeay package we can find under | |
71 | http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a | |
72 | longer time and it works fine and is a nice Perl module. Best would be | |
73 | to convince the author to work for the OpenSSL project and create a | |
74 | Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for | |
75 | us. | |
76 | ||
77 | Status: Ralf thinks we should both contact the author of Net::SSLeay | |
78 | and look how much effort it is to bring Eric's perl/ stuff up | |
79 | to date. | |
68a8a41b | 80 | Paul +1 |
a6f20a1e | 81 | |
69d1dfba RE |
82 | WISHES |
83 | ||
48c843c3 | 84 | o |