Start to reduce some of the header bloat.

[openssl.git] / STATUS

diff --git a/STATUS b/STATUS
index 46cc28c36df981d33a72ecc7fb24e8494d0ce2b0..a5f2b4008b2752533a23c79cbf9c6bc4baa70e6b 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -1,58 +1,69 @@
 
   OpenSSL STATUS                           Last modified at
 
   OpenSSL STATUS                           Last modified at

-  ______________                           $Date: 2000/09/11 20:32:35 $
+  ______________                           $Date: 2001/07/17 14:39:26 $

 
   DEVELOPMENT STATE
 
 
   DEVELOPMENT STATE
 

-    o  OpenSSL 0.9.6:  Under development (in release cycle)...
-                       Proposed release date September 24, 2000
-                       0.9.6-beta1 is available:
-                       OpenBSD-x86 2.7                 - failed (ftime/TIMEB)
-                       hpux-parisc-cc 10.20            - passed
-                       hpux-parisc-gcc 10.20           - passed
-                       linux-elf                       - passed
-                       Solaris [engine]                - failed (speed cswift)
-    o  OpenSSL 0.9.5a: Released on April     1st, 2000
-    o  OpenSSL 0.9.5:  Released on February 28th, 2000
-    o  OpenSSL 0.9.4:  Released on August   09th, 1999
-    o  OpenSSL 0.9.3a: Released on May      29th, 1999
-    o  OpenSSL 0.9.3:  Released on May      25th, 1999
-    o  OpenSSL 0.9.2b: Released on March    22th, 1999
-    o  OpenSSL 0.9.1c: Released on December 23th, 1998
+    o  OpenSSL 0.9.7:  Under development...
+    o  OpenSSL 0.9.6b: Released on July       9th, 2001
+    o  OpenSSL 0.9.6a: Released on April      5th, 2001
+    o  OpenSSL 0.9.6:  Released on September 24th, 2000
+    o  OpenSSL 0.9.5a: Released on April      1st, 2000
+    o  OpenSSL 0.9.5:  Released on February  28th, 2000
+    o  OpenSSL 0.9.4:  Released on August    09th, 1999
+    o  OpenSSL 0.9.3a: Released on May       29th, 1999
+    o  OpenSSL 0.9.3:  Released on May       25th, 1999
+    o  OpenSSL 0.9.2b: Released on March     22th, 1999
+    o  OpenSSL 0.9.1c: Released on December  23th, 1998

 
   RELEASE SHOWSTOPPERS
 
   AVAILABLE PATCHES
 
 
   RELEASE SHOWSTOPPERS
 
   AVAILABLE PATCHES
 

-    o CA.pl patch (Damien Miller)
+    o IA-64 (a.k.a. Intel Itanium) public-key operation performance 
+      patch for Linux is available for download at
+      http://www.openssl.org/~appro/096b.linux-ia64.diff. As URL
+      suggests the patch is relative to OpenSSL 0.9.6b.

 
   IN PROGRESS
 
     o Steve is currently working on (in no particular order):
         ASN1 code redesign, butchery, replacement.
 
   IN PROGRESS
 
     o Steve is currently working on (in no particular order):
         ASN1 code redesign, butchery, replacement.

+        OCSP

         EVP cipher enhancement.
         EVP cipher enhancement.

-        Proper (or at least usable) certificate chain verification.
+        Enhanced certificate chain verification.

        Private key, certificate and CRL API and implementation.
        Developing and bugfixing PKCS#7 (S/MIME code).
         Various X509 issues: character sets, certificate request extensions.
     o Geoff and Richard are currently working on:
        ENGINE (the new code that gives hardware support among others).
     o Richard is currently working on:
        Private key, certificate and CRL API and implementation.
        Developing and bugfixing PKCS#7 (S/MIME code).
         Various X509 issues: character sets, certificate request extensions.
     o Geoff and Richard are currently working on:
        ENGINE (the new code that gives hardware support among others).
     o Richard is currently working on:

+       UI (User Interface)

        UTIL (a new set of library functions to support some higher level
              functionality that is currently missing).
        UTIL (a new set of library functions to support some higher level
              functionality that is currently missing).

-       Dynamic thread-lock support.

        Shared library support for VMS.
        Shared library support for VMS.

+       Kerberos 5 authentication
+       Constification
+       OCSP

 
   NEEDS PATCH
 
 
   NEEDS PATCH
 

-    o  non-blocking socket on AIX
-    o  $(PERL) in */Makefile.ssl
-    o  "Sign the certificate?" - "n" creates empty certificate file
+    o  apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file
+
+    o  OpenSSL_0_9_6-stable:
+       #include <openssl/e_os.h> in exported header files is illegal since
+       e_os.h is suitable only for library-internal use.
+
+    o  Whenever strncpy is used, make sure the resulting string is NULL-terminated
+       or an error is reported

 
   OPEN ISSUES
 
 
   OPEN ISSUES
 

-    o internal_verify doesn't know about X509.v3 (basicConstraints
-      CA flag ...)
+    o  crypto/ex_data.c is not really thread-safe and so must be used
+       with care (e.g., extra locking where necessary, or don't call
+       CRYPTO_get_ex_new_index once multiple threads exist).
+       The current API is not suitable for everything that it pretends
+       to offer.

 
     o  The Makefile hierarchy and build mechanism is still not a round thing:
 
 
     o  The Makefile hierarchy and build mechanism is still not a round thing:
 


@@ -96,4 +107,14 @@
 
   WISHES
 
 
   WISHES
 

-    o 
+    o  SRP in TLS.
+       [wished by:
+        Dj <derek@yo.net>, Tom Wu <tom@arcot.com>,
+        Tom Holroyd <tomh@po.crl.go.jp>]
+
+       See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt
+       as well as http://www-cs-students.stanford.edu/~tjw/srp/.
+
+       Tom Holroyd tells us there is a SRP patch for OpenSSH at
+       http://members.tripod.com/professor_tom/archives/, that could
+       be useful.