OpenSSL STATUS Last modified at
- ______________ $Date: 1999/04/29 21:56:13 $
+ ______________ $Date: 1999/05/20 01:42:57 $
DEVELOPMENT STATE
- o OpenSSL 0.9.3: Under development...
- Proposed freeze date: Mon May 8th, 1999
- Proposed release date: Mon May 17th, 1999
+ o OpenSSL 0.9.3: Freezed... only bugfixes and cleanups allowed!
+ Proposed release date: Mon May 24th, 1999
+ Release manager: Ben Laurie <ben@openssl.org>
+ !! Important: Any non-bugfix, non-cleanup
+ !! and non-documentation commits should
+ !! be approved by Ben, first.
+
o OpenSSL 0.9.2b: Released on March 22th, 1999
o OpenSSL 0.9.1c: Released on December 23th, 1998
- [ Proposed new numbering scheme: <major>.<minor>[<patchlevel>]
- 0.9.1c is 0913
- 1.0 is 010000
- 1.0 a is 010001
- 1.8 z is 01081a ]
-
RELEASE SHOWSTOPPERS
- o Compilation warnings: ctype-related int vs. char
o BSD/OS: assembler functions must not have leading underscores
- o exptest and rsa_oaep_test fail with irix64-*
- (Don Badrak <dbadrak@geo.census.gov>: "Re: Problems to compile openssl
- on IRIX 6.2", openssl-users)
- o BN_add test fails on Caldera OpenLinux 1.3
- (Marc Christensen <Marc.Christensen@m.cc.utah.edu>
- "Compiles but fails big number test?", openssl-users)
-
+
AVAILABLE PATCHES
o OCSP (titchenert@certco.com)
o getenv in ca.c and x509_def.c (jaltman@watsun.cc.columbia.edu)
- o linux dynamic libs (colin@field.medicine.adelaide.edu.au)
- o MingW support (niklas@canit.se)
IN PROGRESS
o Steve is currently working on (in no particular order):
Proper (or at least usable) certificate chain verification.
Documentation on X509 V3 extension code.
- PKCS#12 code cleanup and enhancement.
PKCS #8 and PKCS#5 v2.0 support.
Private key, certificate and CRL API and implementation.
+ Checking and bugfixing PKCS#7 (S/MIME code).
o Mark is currently working on:
Folding in any changes that are in the C2Net code base that were
o broken demos
o salzr@certco.com (Rich Salz): Bug in X509_name_print
<29E0A6D39ABED111A36000A0C99609CA2C2BA4@macertco-srv1.ma.certco.com>
+ o [ Compilation warnings: ctype-related int vs. char ]
+ => now casts (unsigned char), maybe those arrays should have
+ members of that type rather than plain char (i.e.
+ unsigned char *p; ....; if (isspace(*p)) ...; where it's now
+ char *p; ....; if (isspace((unsigned char)*p)) ...;)
o $(PERL) in */Makefile.ssl
o "Sign the certificate?" - "n" creates empty certificate file
o dubious declaration of crypt() in des.h
WISHES
- o Damien Miller:
- "How about making the each of the locations compile-time defined. I
- would like to (for example) put binaries in /usr/bin, configuration
- data, certs and keys in /etc/openssl/certs and /etc/openssl/keys, etc.
- This would also be a great boon to binary package makers. The
- SSLeay-0.9.1b RPM already includes some patches which do some of this.
- I can forward them if you wish."
-
o Mats Nilsson <mats.nilsson@xware.se>:
"Add reference counting to all substructures of X509 etc. For instance,
X509_NAME lacks a reference counter, while EVP_PKEY has one. I'm