- OpenSSL 0.9.8-beta3 31 May 2005
+ OpenSSL 0.9.8zh-dev
- Copyright (c) 1998-2005 The OpenSSL Project
+ Copyright (c) 1998-2011 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
All rights reserved.
actually logically part of it. It includes routines for the following:
Ciphers
- libdes - EAY's libdes DES encryption package which has been floating
- around the net for a few years. It includes 15
- 'modes/variations' of DES (1, 2 and 3 key versions of ecb,
- cbc, cfb and ofb; pcbc and a more general form of cfb and
- ofb) including desx in cbc mode, a fast crypt(3), and
- routines to read passwords from the keyboard.
+ libdes - EAY's libdes DES encryption package which was floating
+ around the net for a few years, and was then relicensed by
+ him as part of SSLeay. It includes 15 'modes/variations'
+ of DES (1, 2 and 3 key versions of ecb, cbc, cfb and ofb;
+ pcbc and a more general form of cfb and ofb) including desx
+ in cbc mode, a fast crypt(3), and routines to read
+ passwords from the keyboard.
RC4 encryption,
RC2 encryption - 4 different modes, ecb, cbc, cfb and ofb.
Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb.
should be contacted if that algorithm is to be used; their web page is
http://www.ascom.ch/.
- The MDC2 algorithm is patented by IBM.
+ NTT and Mitsubishi have patents and pending patents on the Camellia
+ algorithm, but allow use at no charge without requiring an explicit
+ licensing agreement: http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
INSTALLATION
------------
SUPPORT
-------
+ See the OpenSSL website www.openssl.org for details of how to obtain
+ commercial technical support.
+
If you have any problems with OpenSSL then please take the following steps
first:
- Stack Traceback (if the application dumps core)
Report the bug to the OpenSSL project via the Request Tracker
- (http://www.openssl.org/support/rt2.html) by mail to:
+ (http://www.openssl.org/support/rt.html) by mail to:
+
+ rt@openssl.org
+
+ In order to avoid spam, this is a moderated mailing list, and it might
+ take a day for the ticket to show up. (We also scan posts to make sure
+ that security disclosures aren't publically posted by mistake.) Mail to
+ this address is recorded in the public RT (request tracker) database (see
+ https://www.openssl.org/support/rt.html for details) and also forwarded
+ the public openssl-dev mailing list. Confidential mail may be sent to
+ openssl-security@openssl.org (PGP key available from the key servers).
- openssl-bugs@openssl.org
+ Please do NOT use this for general assistance or support queries.
+ Just because something doesn't work the way you expect does not mean it
+ is necessarily a bug in OpenSSL.
- Note that mail to openssl-bugs@openssl.org is recorded in the publicly
- readable request tracker database and is forwarded to a public
- mailing list. Confidential mail may be sent to openssl-security@openssl.org
- (PGP key available from the key servers).
+ You can also make GitHub pull requests. If you do this, please also send
+ mail to rt@openssl.org with a link to the PR so that we can more easily
+ keep track of it.
HOW TO CONTRIBUTE TO OpenSSL
----------------------------
Development is coordinated on the openssl-dev mailing list (see
http://www.openssl.org for information on subscribing). If you
- would like to submit a patch, send it to openssl-dev@openssl.org with
+ would like to submit a patch, send it to openssl-bugs@openssl.org with
the string "[PATCH]" in the subject. Please be sure to include a
textual explanation of what your patch does.
+ If you are unsure as to whether a feature will be useful for the general
+ OpenSSL community please discuss it on the openssl-dev mailing list first.
+ Someone may be already working on the same thing or there may be a good
+ reason as to why that feature isn't implemented.
+
+ Patches should be as up to date as possible, preferably relative to the
+ current Git or the last snapshot. They should follow our coding style
+ (see http://openssl.org/about/codingstyle.txt) and compile without
+ warnings using the --strict-warnings flag. OpenSSL compiles on many
+ varied platforms: try to ensure you only use portable features.
+
Note: For legal reasons, contributions from the US can be accepted only
if a TSU notification and a copy of the patch are sent to crypt@bis.doc.gov
(formerly BXA) with a copy to the ENC Encryption Request Coordinator;