]>
Commit | Line | Data |
---|---|---|
75b8dfc0 RE |
1 | |
2 | OpenSSL STATUS Last modified at | |
81a6c781 | 3 | ______________ $Date: 2001/03/22 10:59:41 $ |
75b8dfc0 RE |
4 | |
5 | DEVELOPMENT STATE | |
6 | ||
c5e8580e | 7 | o OpenSSL 0.9.7: Under development... |
a14280d4 | 8 | o OpenSSL 0.9.6a: Bugfix release -- under development... |
81a6c781 BM |
9 | Beta 1 released on March 13th, 2001 |
10 | HP-UX 10.20 (hpux-parisc-cc) - PASSED [normal+engine] | |
11 | HP-UX 10.20 (hpux-parisc-gcc) - PASSED [normal+engine] | |
12 | HP-UX 11.00 32bit (hpux-parisc-gcc) - FAILED [engine] | |
13 | "openssl speed rsa1024 -engine cswift" fails unless | |
14 | libswift.sl is renamed to libswift.so. | |
15 | [CORRECTED] | |
16 | HP MPE/iX - PASSED [presumed normal] | |
17 | Linux 2.2.17 SMP (linux-elf) - PASSED [normal+engine] | |
18 | Windows (VC-WIN32) - FAILED [presumed normal] | |
19 | Missing line in ms/32all.bat: | |
20 | perl util\mkfiles.pl >MINFO | |
21 | [CORRECTED] | |
22 | In randfile.c, line 214, signed and unsigned int are mixed. | |
23 | [CORRECTED] | |
24 | In s_client.c and s_server.c, RAND_status() needs to get | |
25 | declared (#include <openssl/rand.h>) | |
26 | [CORRECTED] | |
27 | OpenVMS (any version) - FAILED [normal+engine] | |
28 | Missing instructions in building script. | |
29 | [CORRECTED] | |
30 | AIX 4.3 - FAILED [engine] | |
31 | Needs -DDSO_DLFCN and -DHAVE_DLFCN_H to work. | |
32 | [CORRECTED] (but will not be automagically configured) | |
33 | Irix 6.5.11 - FAILED [presumed normal] | |
34 | BN_sqr test fails. | |
35 | solaris64-sparcv9-cc (SunOS 5.8) - PASSED [normal+engine] | |
36 | BSDI 4.0.1 (bsdi-elf-gcc) - FAILED [engine] | |
37 | Needs -DDSO_DLFCN, -DHAVE_DLFCN_H and -ldl to work. | |
38 | [CORRECTED] | |
39 | mingw32 w/ gcc 2.95.2 - PASSED [presumed normal] | |
40 | Beta 2 released on March 21st, 2001 | |
16221173 RL |
41 | o OpenSSL 0.9.6: Released on September 24th, 2000 |
42 | o OpenSSL 0.9.5a: Released on April 1st, 2000 | |
43 | o OpenSSL 0.9.5: Released on February 28th, 2000 | |
44 | o OpenSSL 0.9.4: Released on August 09th, 1999 | |
45 | o OpenSSL 0.9.3a: Released on May 29th, 1999 | |
46 | o OpenSSL 0.9.3: Released on May 25th, 1999 | |
47 | o OpenSSL 0.9.2b: Released on March 22th, 1999 | |
48 | o OpenSSL 0.9.1c: Released on December 23th, 1998 | |
75b8dfc0 RE |
49 | |
50 | RELEASE SHOWSTOPPERS | |
51 | ||
52 | AVAILABLE PATCHES | |
53 | ||
54 | IN PROGRESS | |
55 | ||
67d5ac03 | 56 | o Steve is currently working on (in no particular order): |
75c4f7e0 | 57 | ASN1 code redesign, butchery, replacement. |
36f554d4 | 58 | OCSP |
7f060601 | 59 | EVP cipher enhancement. |
36f554d4 | 60 | Enhanced certificate chain verification. |
1d48dd00 | 61 | Private key, certificate and CRL API and implementation. |
5a9a4b29 | 62 | Developing and bugfixing PKCS#7 (S/MIME code). |
87c49f62 | 63 | Various X509 issues: character sets, certificate request extensions. |
1e552869 RL |
64 | o Geoff and Richard are currently working on: |
65 | ENGINE (the new code that gives hardware support among others). | |
66 | o Richard is currently working on: | |
67 | UTIL (a new set of library functions to support some higher level | |
68 | functionality that is currently missing). | |
79d2eb64 | 69 | Shared library support for VMS. |
257341b5 RL |
70 | OCSP |
71 | Kerberos 5 authentication | |
72 | Constification | |
679ab7c3 | 73 | |
75b8dfc0 RE |
74 | NEEDS PATCH |
75 | ||
91b842c9 | 76 | o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file |
acafc0b4 | 77 | |
bbd1c84e BM |
78 | o OpenSSL_0_9_6-stable: |
79 | #include <openssl/e_os.h> in exported header files is illegal since | |
d0a8af61 BM |
80 | e_os.h is suitable only for library-internal use. |
81 | ||
f2c46006 BM |
82 | o Whenever strncpy is used, make sure the resulting string is NULL-terminated |
83 | or an error is reported | |
84 | ||
40753f76 BM |
85 | OPEN ISSUES |
86 | ||
a14280d4 BM |
87 | o crypto/ex_data.c is not really thread-safe and so must be used |
88 | with care (e.g., extra locking where necessary, or don't call | |
89 | CRYPTO_get_ex_new_index once multiple threads exist). | |
90 | The current API is not suitable for everything that it pretends | |
91 | to offer. | |
92 | ||
2ec077d8 RE |
93 | o The Makefile hierarchy and build mechanism is still not a round thing: |
94 | ||
95 | 1. The config vs. Configure scripts | |
96 | It's the same nasty situation as for Apache with APACI vs. | |
97 | src/Configure. It confuses. | |
98 | Suggestion: Merge Configure and config into a single configure | |
99 | script with a Autoconf style interface ;-) and remove | |
100 | Configure and config. Or even let us use GNU Autoconf | |
101 | itself. Then we can avoid a lot of those platform checks | |
102 | which are currently in Configure. | |
103 | ||
a6f20a1e RE |
104 | o Support for Shared Libraries has to be added at least |
105 | for the major Unix platforms. The details we can rip from the stuff | |
106 | Ralf has done for the Apache src/Configure script. Ben wants the | |
107 | solution to be really simple. | |
108 | ||
109 | Status: Ralf will look how we can easily incorporate the | |
110 | compiler PIC and linker DSO flags from Apache | |
111 | into the OpenSSL Configure script. | |
112 | ||
eb025998 UM |
113 | Ulf: +1 for using GNU autoconf and libtool (but not automake, |
114 | which apparently is not flexible enough to generate | |
115 | libcrypto) | |
116 | ||
117 | ||
a6f20a1e RE |
118 | o The perl/ stuff needs a major overhaul. Currently it's |
119 | totally obsolete. Either we clean it up and enhance it to be up-to-date | |
120 | with the C code or we also could replace it with the really nice | |
121 | Net::SSLeay package we can find under | |
122 | http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a | |
123 | longer time and it works fine and is a nice Perl module. Best would be | |
124 | to convince the author to work for the OpenSSL project and create a | |
125 | Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for | |
126 | us. | |
127 | ||
128 | Status: Ralf thinks we should both contact the author of Net::SSLeay | |
129 | and look how much effort it is to bring Eric's perl/ stuff up | |
130 | to date. | |
68a8a41b | 131 | Paul +1 |
a6f20a1e | 132 | |
69d1dfba RE |
133 | WISHES |
134 | ||
48c843c3 | 135 | o |