projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
e_os.h does not belong with the exported headers. Do not put it there
[openssl.git] / STATUS
diff --git a/STATUS b/STATUS
index 47e1bf46981a285cde6a4460e0721b7aae1d1799..e027371a76e69b16921fcfad964d32318494aa6d 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -1,10 +1,11 @@
 
   OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2000/10/23 08:01:41 $
+  ______________                           $Date: 2001/01/23 12:30:43 $
 
   DEVELOPMENT STATE
 
     o  OpenSSL 0.9.7:  Under development...
+    o  OpenSSL 0.9.6a: Bugfix release -- under development...
     o  OpenSSL 0.9.6:  Released on September 24th, 2000
     o  OpenSSL 0.9.5a: Released on April      1st, 2000
     o  OpenSSL 0.9.5:  Released on February  28th, 2000
@@ -16,16 +17,19 @@
 
   RELEASE SHOWSTOPPERS
 
+    o
+
   AVAILABLE PATCHES
 
-    o CA.pl patch (Damien Miller)
+    o
 
   IN PROGRESS
 
     o Steve is currently working on (in no particular order):
         ASN1 code redesign, butchery, replacement.
+        OCSP
         EVP cipher enhancement.
-        Proper (or at least usable) certificate chain verification.
+        Enhanced certificate chain verification.
        Private key, certificate and CRL API and implementation.
        Developing and bugfixing PKCS#7 (S/MIME code).
         Various X509 issues: character sets, certificate request extensions.
@@ -34,17 +38,33 @@
     o Richard is currently working on:
        UTIL (a new set of library functions to support some higher level
              functionality that is currently missing).
-       Dynamic thread-lock support.
        Shared library support for VMS.
+       OCSP
+       Kerberos 5 authentication
+       Constification
 
   NEEDS PATCH
 
-    o  non-blocking socket on AIX
-    o  $(PERL) in */Makefile.ssl
-    o  "Sign the certificate?" - "n" creates empty certificate file
+    o  apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file
+
+    o  #include <openssl/e_os.h> in exported header files is illegal since
+       e_os.h is suitable only for library-internal use.
+
+       (This applies to openssl-0.9.6-stable too; openssl/conf.h is the
+       offending header file.  While it is rarely used itself by applications,
+       it is included by openssl/x509v3.h, which is more likely to be used.)
+
+    o  Whenever strncpy is used, make sure the resulting string is NULL-terminated
+       or an error is reported
 
   OPEN ISSUES
 
+    o  crypto/ex_data.c is not really thread-safe and so must be used
+       with care (e.g., extra locking where necessary, or don't call
+       CRYPTO_get_ex_new_index once multiple threads exist).
+       The current API is not suitable for everything that it pretends
+       to offer.
+
     o  The Makefile hierarchy and build mechanism is still not a round thing:
 
        1. The config vs. Configure scripts
Unnamed repository; edit this file 'description' to name the repository.