projects / thirdparty / openssl.git / blame
| Commit | Line | Data |
|---|---|---|
| 75b8dfc0 RE |
1 | |
| 2 | OpenSSL STATUS Last modified at | |
| 7f060601 | 3 | ______________ $Date: 2000/05/26 23:51:09 $ |
| 75b8dfc0 RE |
4 | |
| 5 | DEVELOPMENT STATE | |
| 6 | ||
| 3e3844b5 RL |
7 | o OpenSSL 0.9.6: Under development... |
| 8 | o OpenSSL 0.9.5a: Released on April 1st, 2000 | |
| 74cdf6f7 | 9 | o OpenSSL 0.9.5: Released on February 28th, 2000 |
| d91e201e | 10 | o OpenSSL 0.9.4: Released on August 09th, 1999 |
| 5132cadf RE |
11 | o OpenSSL 0.9.3a: Released on May 29th, 1999 |
| 12 | o OpenSSL 0.9.3: Released on May 25th, 1999 | |
| 85b283ff | 13 | o OpenSSL 0.9.2b: Released on March 22th, 1999 |
| 9cb0969f | 14 | o OpenSSL 0.9.1c: Released on December 23th, 1998 |
| 75b8dfc0 RE |
15 | |
| 16 | RELEASE SHOWSTOPPERS | |
| 17 | ||
| 18 | AVAILABLE PATCHES | |
| 19 | ||
| 0b62b302 | 20 | o CA.pl patch (Damien Miller) |
| 189b6a60 | 21 | |
| 75b8dfc0 RE |
22 | IN PROGRESS |
| 23 | ||
| 67d5ac03 | 24 | o Steve is currently working on (in no particular order): |
| 7f060601 | 25 | EVP cipher enhancement. |
| 67d5ac03 | 26 | Proper (or at least usable) certificate chain verification. |
| 1d48dd00 | 27 | Private key, certificate and CRL API and implementation. |
| 5a9a4b29 | 28 | Developing and bugfixing PKCS#7 (S/MIME code). |
| 87c49f62 | 29 | Various X509 issues: character sets, certificate request extensions. |
| 679ab7c3 | 30 | |
| 75b8dfc0 RE |
31 | NEEDS PATCH |
| 32 | ||
| 2c0ff02f | 33 | o non-blocking socket on AIX |
| e6d0b6ec | 34 | o $(PERL) in */Makefile.ssl |
| acafc0b4 | 35 | o "Sign the certificate?" - "n" creates empty certificate file |
| acafc0b4 | 36 | |
| 75b8dfc0 RE |
37 | OPEN ISSUES |
| 38 | ||
| ab3f0c66 RE |
39 | o internal_verify doesn't know about X509.v3 (basicConstraints |
| 40 | CA flag ...) | |
| 41 | ||
| 2ec077d8 RE |
42 | o The Makefile hierarchy and build mechanism is still not a round thing: |
| 43 | ||
| 44 | 1. The config vs. Configure scripts | |
| 45 | It's the same nasty situation as for Apache with APACI vs. | |
| 46 | src/Configure. It confuses. | |
| 47 | Suggestion: Merge Configure and config into a single configure | |
| 48 | script with a Autoconf style interface ;-) and remove | |
| 49 | Configure and config. Or even let us use GNU Autoconf | |
| 50 | itself. Then we can avoid a lot of those platform checks | |
| 51 | which are currently in Configure. | |
| 52 | ||
| a6f20a1e RE |
53 | o Support for Shared Libraries has to be added at least |
| 54 | for the major Unix platforms. The details we can rip from the stuff | |
| 55 | Ralf has done for the Apache src/Configure script. Ben wants the | |
| 56 | solution to be really simple. | |
| 57 | ||
| 58 | Status: Ralf will look how we can easily incorporate the | |
| 59 | compiler PIC and linker DSO flags from Apache | |
| 60 | into the OpenSSL Configure script. | |
| 61 | ||
| eb025998 UM |
62 | Ulf: +1 for using GNU autoconf and libtool (but not automake, |
| 63 | which apparently is not flexible enough to generate | |
| 64 | libcrypto) | |
| 65 | ||
| 66 | ||
| a6f20a1e RE |
67 | o The perl/ stuff needs a major overhaul. Currently it's |
| 68 | totally obsolete. Either we clean it up and enhance it to be up-to-date | |
| 69 | with the C code or we also could replace it with the really nice | |
| 70 | Net::SSLeay package we can find under | |
| 71 | http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a | |
| 72 | longer time and it works fine and is a nice Perl module. Best would be | |
| 73 | to convince the author to work for the OpenSSL project and create a | |
| 74 | Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for | |
| 75 | us. | |
| 76 | ||
| 77 | Status: Ralf thinks we should both contact the author of Net::SSLeay | |
| 78 | and look how much effort it is to bring Eric's perl/ stuff up | |
| 79 | to date. | |
| 68a8a41b | 80 | Paul +1 |
| a6f20a1e | 81 | |
| 69d1dfba RE |
82 | WISHES |
| 83 | ||
| 48c843c3 | 84 | o |