Including openssl/e_os.h in the OpenSSL 0.9.6 branch is legal, since

[openssl.git] / STATUS

diff --git a/STATUS b/STATUS
index a544a2afd11798669fd3d773ebaa990f97af981a..9cb462759156adef1d4901e61c2a16c2ba9131fd 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -1,89 +1,13 @@
 
   OpenSSL STATUS                           Last modified at
 
   OpenSSL STATUS                           Last modified at

-  ______________                           $Date: 2001/04/03 09:02:07 $
+  ______________                           $Date: 2002/02/20 14:07:07 $

 
   DEVELOPMENT STATE
 
     o  OpenSSL 0.9.7:  Under development...
 
   DEVELOPMENT STATE
 
     o  OpenSSL 0.9.7:  Under development...

-    o  OpenSSL 0.9.6a: Bugfix release -- under development...
-                       Beta 1 released on March 13th, 2001
-       HP-UX 10.20 (hpux-parisc-cc)            - PASSED [normal+engine]
-       HP-UX 10.20 (hpux-parisc-gcc)           - PASSED [normal+engine]
-       HP-UX 11.00 32bit (hpux-parisc-gcc)     - FAILED [engine]
-               "openssl speed rsa1024 -engine cswift" fails unless
-               libswift.sl is renamed to libswift.so.
-               [CORRECTED]
-       HP MPE/iX                               - PASSED [presumed normal]
-       Linux 2.2.17 SMP (linux-elf)            - PASSED [normal+engine]
-       Windows (VC-WIN32)                      - FAILED [presumed normal]
-               Missing line in ms/32all.bat:
-                       perl util\mkfiles.pl >MINFO
-               [CORRECTED]
-               In randfile.c, line 214, signed and unsigned int are mixed.
-               [CORRECTED]
-               In s_client.c and s_server.c, RAND_status() needs to get
-               declared (#include <openssl/rand.h>)
-               [CORRECTED]
-       OpenVMS (any version)                   - FAILED [normal+engine]
-               Missing instructions in building script.
-               [CORRECTED]
-       AIX 4.3                                 - FAILED [engine]
-               Needs -DDSO_DLFCN and -DHAVE_DLFCN_H to work.
-               [CORRECTED] (but will not be automagically configured)
-       Irix 6.5.11                             - FAILED [presumed normal]
-               BN_sqr test fails.
-        solaris64-sparcv9-cc (SunOS 5.8)        - PASSED [normal+engine]
-       BSDI 4.0.1 (bsdi-elf-gcc)               - FAILED [engine]
-               Needs -DDSO_DLFCN, -DHAVE_DLFCN_H and -ldl to work.
-               [CORRECTED]
-       mingw32 w/ gcc 2.95.2                   - PASSED [presumed normal]
-
-                       Beta 2 released on March 21st, 2001
-       OpenVMS (tested on VMS 7.2-1 for Alpha) - PASSED [presumed normal]
-        solaris64-sparcv9-cc (SunOS 5.8)        - PASSED [normal]
-       AIX 4.3                                 - FAILED [engine]
-               (because it's not automagically configured to use DSO)
-               [CORRECTED]
-       BSDI 4.0.1 (bsdi-elf-gcc)               - PASSED [engine]
-       HP-UX 11.00 32bit (hpux-parisc-gcc)     - PASSED [engine]
-       Solaris 8 (solaris-sparv8-gcc)          - PASSED [presumed normal]
-               There seems to be something wrong with installing shared
-               libraries, however.
-       UnixWare 2.1.3 (unixware-2.1-pentium)   - PASSED [presumed normal]
-       SCO Open Server 5.0.4 (sco5-cc-pentium) - PASSED [presumed normal]
-       SCO Open Server 5.0.4 (sco5-gcc)        - PASSED [presumed normal]
-       Caldera eDesktop 2.4 (linux-elf)        - PASSED [presumed normal]
-       Caldera eServer 2.3 (linux-elf)         - PASSED [presumed normal]
-       Red Hat 6.2 (linux-elf)                 - PASSED [presumed normal]
-       SCO Open Server 3 (3.2v4.2) (sco3-gcc)  - FAILED [presumed normal]
-               Too many -L when linking the application "openssl"
-               [CORRECTED]
-       Solaris 7 (solaris-sparcv9-cc)          - PASSED [engine]
-
-                       Beta 3 released on March 30th, 2001
-       RedHat 6.2/Linux 2.2.14 (linux-elf)     - PASSED [normal+engine]
-       HP-UX 11.0 32-bit (hpux-parisc-gcc)     - PASSED [engine]
-       AIX 4.3 (aix43-gcc)                     - PASSED [engine]
-       FreeBSD 4.1 (FreeBSD-elf)               - PASSED [engine]
-       Solaris 2.7 (solaris-sparcv9-cc)        - PASSED [engine]
-       BSDi 4.0.1 (bsdi-elf-gcc)               - PASSED [engine]
-       HP-UX 10.20, w/ ANSI-C and w/ gcc       - PASSED [normal+engine]
-       Irix                                    - PASSED [presumed normal]
-       OpenVMS/Alpha 7.2-1 w/ UCX 5.1, CC 6.4  - PASSED [normal]
-               There's a small warning about ebcdic.c being empty
-               [CORRECTED]
-       OpenVMS/VAX 7.2-1 w/ UCX 5.1, CC 6.4    - PASSED [normal]
-               There's a small warning about ebcdic.c being empty
-               [CORRECTED]
-       Win32 (VC-NT and VC-WIN32, static)      - PASSED [normal]
-       OpenVMS/VAX 6.2 w/ CC 6.2-003           - FAILED [normal]
-               libfisdef.h and LIB$M_FIS_MIXEDCASE do not exist in
-               that version of OpenVMS.
-               [CORRECTED]
-       DGUX R4.11MU06 88k (dgux-R4-gcc)        - FAILED [normal]
-               The entry in Configure had a typo.
-               [CORRECTED]
-
+    o  OpenSSL 0.9.6c: Released on December  21st, 2001
+    o  OpenSSL 0.9.6b: Released on July       9th, 2001
+    o  OpenSSL 0.9.6a: Released on April      5th, 2001

     o  OpenSSL 0.9.6:  Released on September 24th, 2000
     o  OpenSSL 0.9.5a: Released on April      1st, 2000
     o  OpenSSL 0.9.5:  Released on February  28th, 2000
     o  OpenSSL 0.9.6:  Released on September 24th, 2000
     o  OpenSSL 0.9.5a: Released on April      1st, 2000
     o  OpenSSL 0.9.5:  Released on February  28th, 2000


@@ -95,8 +19,21 @@
 
   RELEASE SHOWSTOPPERS
 
 
   RELEASE SHOWSTOPPERS
 

+    o BIGNUM library failures on 64-bit platforms (0.9.7-dev):
+      - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc
+
+       Checked on                      Result
+       alpha-cc (Tru64 version 4.0)    works
+       linux-alpha+bwx-gcc             doesn't work. Reported by
+                                       Sean O'Riordain <seanpor@acm.org>
+
+       Needs checked on
+       [add platforms here]
+

   AVAILABLE PATCHES
 
   AVAILABLE PATCHES
 

+    o 
+

   IN PROGRESS
 
     o Steve is currently working on (in no particular order):
   IN PROGRESS
 
     o Steve is currently working on (in no particular order):


@@ -110,31 +47,33 @@
     o Geoff and Richard are currently working on:
        ENGINE (the new code that gives hardware support among others).
     o Richard is currently working on:
     o Geoff and Richard are currently working on:
        ENGINE (the new code that gives hardware support among others).
     o Richard is currently working on:

+       UI (User Interface)

        UTIL (a new set of library functions to support some higher level
              functionality that is currently missing).
        Shared library support for VMS.
        UTIL (a new set of library functions to support some higher level
              functionality that is currently missing).
        Shared library support for VMS.

-       OCSP

        Kerberos 5 authentication
        Constification
        Kerberos 5 authentication
        Constification

+       OCSP

 
   NEEDS PATCH
 
 
   NEEDS PATCH
 

-    o  apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file
+    o  An (optional) countermeasure against the predictable-IV CBC
+       weakness in SSL/TLS should be added; see
+       http://www.openssl.org/~bodo/tls-cbc.txt

 
 

-    o  OpenSSL_0_9_6-stable:
-       #include <openssl/e_os.h> in exported header files is illegal since
-       e_os.h is suitable only for library-internal use.
+    o  All 'openssl' subprograms taking '-des' and '-des3' options should
+       include AES support (0.9.7-dev)
+
+    o  'openssl speed' should include AES support (0.9.7-dev)
+
+    o  apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file

 
     o  Whenever strncpy is used, make sure the resulting string is NULL-terminated
        or an error is reported
 
 
     o  Whenever strncpy is used, make sure the resulting string is NULL-terminated
        or an error is reported
 

-  OPEN ISSUES
+    o  "OpenSSL STATUS" is never up-to-date.

 
 

-    o  crypto/ex_data.c is not really thread-safe and so must be used
-       with care (e.g., extra locking where necessary, or don't call
-       CRYPTO_get_ex_new_index once multiple threads exist).
-       The current API is not suitable for everything that it pretends
-       to offer.
+  OPEN ISSUES

 
     o  The Makefile hierarchy and build mechanism is still not a round thing:
 
 
     o  The Makefile hierarchy and build mechanism is still not a round thing:
 


@@ -178,4 +117,18 @@
 
   WISHES
 
 
   WISHES
 

-    o 
+    o  Add variants of DH_generate_parameters() and BN_generate_prime() [etc?]
+       where the callback function can request that the function be aborted.
+       [Gregory Stark <ghstark@pobox.com>, <rayyang2000@yahoo.com>]
+
+    o  SRP in TLS.
+       [wished by:
+        Dj <derek@yo.net>, Tom Wu <tom@arcot.com>,
+        Tom Holroyd <tomh@po.crl.go.jp>]
+
+       See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt
+       as well as http://www-cs-students.stanford.edu/~tjw/srp/.
+
+       Tom Holroyd tells us there is a SRP patch for OpenSSH at
+       http://members.tripod.com/professor_tom/archives/, that could
+       be useful.