* Which is the current version of OpenSSL?
The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 1.0.0 was released on Mar 29th, 2010.
+OpenSSL 1.0.0d was released on Feb 8th, 2011.
In addition to the current stable release, you can also access daily
snapshots of the OpenSSL development version at <URL:
unsure whether it is a bug or not submit a query to the openssl-users mailing
list.
+
* I'm SURE I've found a bug, how do I report it?
Bug reports with no security implications should be sent to the request
-tracker. This can be done my mailing the report to <rt@openssl.org> (or its
+tracker. This can be done by mailing the report to <rt@openssl.org> (or its
alias <openssl-bugs@openssl.org>), please note that messages sent to the
request tracker also appear in the public openssl-dev mailing list.
See also <URL: http://www.openssl.org/support/rt.html>
+
* I've found a security issue, how do I report it?
If you think your bug has security implications then please send it to
acknowledging receipt then resend or mail it directly to one of the
more active team members (e.g. Steve).
-[PROG] Questions about programming with OpenSSL
-
-* Is OpenSSL thread-safe?
-* I've compiled a program under Windows and it crashes: why?
-* How do I read or write a DER encoded buffer using the ASN1 functions?
-* OpenSSL uses DER but I need BER format: does OpenSSL support BER?
-* I've tried using <M_some_evil_pkcs12_macro> and I get errors why?
-* I've called <some function> and it fails, why?
-* I just get a load of numbers for the error output, what do they mean?
-* Why do I get errors about unknown algorithms?
-* Why can't the OpenSSH configure script detect OpenSSL?
-* Can I use OpenSSL's SSL library with non-blocking I/O?
-* Why doesn't my server application receive a client certificate?
-* Why does compilation fail due to an undefined symbol NID_uniqueIdentifier?
-* I think I've detected a memory leak, is this a bug?
-* Why does Valgrind complain about the use of uninitialized data?
-* Why doesn't a memory BIO work when a file does?
-* Where are the declarations and implementations of d2i_X509() etc?
-
-
[PROG] ========================================================================
* Is OpenSSL thread-safe?
Multi-threaded applications must provide two callback functions to
OpenSSL by calling CRYPTO_set_locking_callback() and
CRYPTO_set_id_callback(), for all versions of OpenSSL up to and
-including 0.9.8[abc...]. As of version 0.9.9, CRYPTO_set_id_callback()
+including 0.9.8[abc...]. As of version 1.0.0, CRYPTO_set_id_callback()
and associated APIs are deprecated by CRYPTO_THREADID_set_callback()
and friends. This is described in the threads(3) manpage.
projects / openssl.git / blobdiff