projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Updates
[openssl.git] / STATUS
diff --git a/STATUS b/STATUS
index 67ecd83a9820d9009c3fb20a468e18160753bd69..b0ce2122d57d8c16effdae7f259ad014dfbfa3f2 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -1,10 +1,36 @@
 
   OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2002/02/21 17:23:04 $
+  ______________                           $Date: 2002/12/26 22:25:02 $
 
   DEVELOPMENT STATE
 
-    o  OpenSSL 0.9.7:  Under development...
+    o  OpenSSL 0.9.8:  Under development...
+    o  OpenSSL 0.9.7-beta6: Released on December 17th, 2002
+       Solaris on Sun Ultra (Workshop 6 update 1)      - PASSED with warnings
+                                                         (warnings fixed)
+       Redhat 8 on i386 (gcc 3.2)                      - PASSED
+       Debian GNU/Linux on i386 (kernel 2.4.19, gxx 2.95.4) - PASSED
+       Windows CE on HPC Pro 2.11                      - PASSED
+       Windows CE on HPC 2000                          - PASSED
+       Windows CE on PocketPC 2000                     - PASSED
+       Windows CE on PocketPC 2002                     - PASSED
+       VMS (>=6.0 on any platform, DEC C)              - ERROR
+                                                         (errors fixed
+                                                         PR: 407, 413)
+       Windows XP, with Kerberos 5                     - ERROR
+       Windows 2000 (Cygwin)                           - ERROR
+                                                         (PR: 404)
+       SCO OpenServer, Unixware?                       - ERROR
+    o  OpenSSL 0.9.7-beta5: Released on December  5th, 2002
+    o  OpenSSL 0.9.7-beta4: Released on November 19th, 2002
+    o  OpenSSL 0.9.7-beta3: Released on July     30th, 2002
+    o  OpenSSL 0.9.7-beta2: Released on June     16th, 2002
+    o  OpenSSL 0.9.7-beta1: Released on June      1st, 2002
+    o  OpenSSL 0.9.6h: Released on December   5th, 2002
+    o  OpenSSL 0.9.6g: Released on August     9th, 2002
+    o  OpenSSL 0.9.6f: Released on August     8th, 2002
+    o  OpenSSL 0.9.6e: Released on July      30th, 2002
+    o  OpenSSL 0.9.6d: Released on May        9th, 2002
     o  OpenSSL 0.9.6c: Released on December  21st, 2001
     o  OpenSSL 0.9.6b: Released on July       9th, 2001
     o  OpenSSL 0.9.6a: Released on April      5th, 2001
@@ -17,18 +43,24 @@
     o  OpenSSL 0.9.2b: Released on March     22th, 1999
     o  OpenSSL 0.9.1c: Released on December  23th, 1998
 
+  [See also http://www.openssl.org/support/rt2.html]
+
   RELEASE SHOWSTOPPERS
 
-    o BIGNUM library failures on 64-bit platforms (0.9.7-dev):
-      - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc
+    o BN_mod_mul verification fails for mips3-sgi-irix
+      unless configured with no-asm
+
+    o [2002-11-21]
+      PR 343 mentions that scrubbing memory with 'memset(ptr, 0, n)' may
+      be optimized away in modern compilers.  This is definitely not good
+      and needs to be fixed immediately.  The formula to use is presented
+      in:
+
+      http://online.securityfocus.com/archive/82/297918/2002-10-27/2002-11-02/0
 
-       Checked on                      Result
-       alpha-cc (Tru64 version 4.0)    works
-       linux-alpha+bwx-gcc             doesn't work. Reported by
-                                       Sean O'Riordain <seanpor@acm.org>
+      The problem report that mentions this is:
 
-       Needs checked on
-       [add platforms here]
+      https://www.aet.TU-Cottbus.DE/rt2/Ticket/Display.html?id=343
 
   AVAILABLE PATCHES
 
@@ -51,21 +83,21 @@
        UTIL (a new set of library functions to support some higher level
              functionality that is currently missing).
        Shared library support for VMS.
-       Kerberos 5 authentication
+       Kerberos 5 authentication (Heimdal)
        Constification
-       OCSP
+       Compression
+       Attribute Certificate support
+       Certificate Pair support
+       Storage Engines (primarly an LDAP storage engine)
+       Certificate chain validation with full RFC 3280 compatibility
 
   NEEDS PATCH
 
-    o  An (optional) countermeasure against the predictable-IV CBC
-       weakness in SSL/TLS should be added; see
-       http://www.openssl.org/~bodo/tls-cbc.txt
+    o  0.9.8-dev: COMPLEMENTOFALL and COMPLEMENTOFDEFAULT do not
+       handle ECCdraft cipher suites correctly.
 
     o  apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file
 
-    o  Whenever strncpy is used, make sure the resulting string is NULL-terminated
-       or an error is reported
-
     o  "OpenSSL STATUS" is never up-to-date.
 
   OPEN ISSUES
@@ -94,22 +126,6 @@
                     which apparently is not flexible enough to generate
                     libcrypto)
 
-
-    o  The perl/ stuff needs a major overhaul. Currently it's
-       totally obsolete. Either we clean it up and enhance it to be up-to-date
-       with the C code or we also could replace it with the really nice
-       Net::SSLeay package we can find under
-       http://www.neuronio.pt/SSLeay.pm.html.  Ralf uses this package for a
-       longer time and it works fine and is a nice Perl module. Best would be
-       to convince the author to work for the OpenSSL project and create a
-       Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for
-       us.
-
-       Status: Ralf thinks we should both contact the author of Net::SSLeay
-               and look how much effort it is to bring Eric's perl/ stuff up
-               to date.
-               Paul +1
-
   WISHES
 
     o  Add variants of DH_generate_parameters() and BN_generate_prime() [etc?]
Unnamed repository; edit this file 'description' to name the repository.