Make VIA Padlock engine more platform friendly and eliminate compiler

[openssl.git] / STATUS

diff --git a/STATUS b/STATUS
index 5d510b0801fafdb6ae38a28376819d733a3797b7..fe860ae309a24f3821f331b51bcc75df8e03434e 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -1,67 +1,21 @@
 
   OpenSSL STATUS                           Last modified at
 
   OpenSSL STATUS                           Last modified at

-  ______________                           $Date: 2001/03/30 20:54:12 $
+  ______________                           $Date: 2003/02/28 15:17:45 $

 
   DEVELOPMENT STATE
 
 
   DEVELOPMENT STATE
 

-    o  OpenSSL 0.9.7:  Under development...
-    o  OpenSSL 0.9.6a: Bugfix release -- under development...
-                       Beta 1 released on March 13th, 2001
-       HP-UX 10.20 (hpux-parisc-cc)            - PASSED [normal+engine]
-       HP-UX 10.20 (hpux-parisc-gcc)           - PASSED [normal+engine]
-       HP-UX 11.00 32bit (hpux-parisc-gcc)     - FAILED [engine]
-               "openssl speed rsa1024 -engine cswift" fails unless
-               libswift.sl is renamed to libswift.so.
-               [CORRECTED]
-       HP MPE/iX                               - PASSED [presumed normal]
-       Linux 2.2.17 SMP (linux-elf)            - PASSED [normal+engine]
-       Windows (VC-WIN32)                      - FAILED [presumed normal]
-               Missing line in ms/32all.bat:
-                       perl util\mkfiles.pl >MINFO
-               [CORRECTED]
-               In randfile.c, line 214, signed and unsigned int are mixed.
-               [CORRECTED]
-               In s_client.c and s_server.c, RAND_status() needs to get
-               declared (#include <openssl/rand.h>)
-               [CORRECTED]
-       OpenVMS (any version)                   - FAILED [normal+engine]
-               Missing instructions in building script.
-               [CORRECTED]
-       AIX 4.3                                 - FAILED [engine]
-               Needs -DDSO_DLFCN and -DHAVE_DLFCN_H to work.
-               [CORRECTED] (but will not be automagically configured)
-       Irix 6.5.11                             - FAILED [presumed normal]
-               BN_sqr test fails.
-        solaris64-sparcv9-cc (SunOS 5.8)        - PASSED [normal+engine]
-       BSDI 4.0.1 (bsdi-elf-gcc)               - FAILED [engine]
-               Needs -DDSO_DLFCN, -DHAVE_DLFCN_H and -ldl to work.
-               [CORRECTED]
-       mingw32 w/ gcc 2.95.2                   - PASSED [presumed normal]
-
-                       Beta 2 released on March 21st, 2001
-       OpenVMS (tested on VMS 7.2-1 for Alpha) - PASSED [presumed normal]
-        solaris64-sparcv9-cc (SunOS 5.8)        - PASSED [normal]
-       AIX 4.3                                 - FAILED [engine]
-               (because it's not automagically configured to use DSO)
-               [CORRECTED]
-       BSDI 4.0.1 (bsdi-elf-gcc)               - PASSED [engine]
-       HP-UX 11.00 32bit (hpux-parisc-gcc)     - PASSED [engine]
-       Solaris 8 (solaris-sparv8-gcc)          - PASSED [presumed normal]
-               There seems to be something wrong with installing shared
-               libraries, however.
-       UnixWare 2.1.3 (unixware-2.1-pentium)   - PASSED [presumed normal]
-       SCO Open Server 5.0.4 (sco5-cc-pentium) - PASSED [presumed normal]
-       SCO Open Server 5.0.4 (sco5-gcc)        - PASSED [presumed normal]
-       Caldera eDesktop 2.4 (linux-elf)        - PASSED [presumed normal]
-       Caldera eServer 2.3 (linux-elf)         - PASSED [presumed normal]
-       Red Hat 6.2 (linux-elf)                 - PASSED [presumed normal]
-       SCO Open Server 3 (3.2v4.2) (sco3-gcc)  - FAILED [presumed normal]
-               Too many -L when linking the application "openssl"
-               [CORRECTED]
-       Solaris 7 (solaris-sparcv9-cc)          - PASSED [engine]
-
-                       Beta 3 released on March 30th, 2001
-
+    o  OpenSSL 0.9.8:  Under development...
+    o  OpenSSL 0.9.7a: Released on February  19th, 2003
+    o  OpenSSL 0.9.7:  Released on December  31st, 2002
+    o  OpenSSL 0.9.6i: Released on February  19th, 2003
+    o  OpenSSL 0.9.6h: Released on December   5th, 2002
+    o  OpenSSL 0.9.6g: Released on August     9th, 2002
+    o  OpenSSL 0.9.6f: Released on August     8th, 2002
+    o  OpenSSL 0.9.6e: Released on July      30th, 2002
+    o  OpenSSL 0.9.6d: Released on May        9th, 2002
+    o  OpenSSL 0.9.6c: Released on December  21st, 2001
+    o  OpenSSL 0.9.6b: Released on July       9th, 2001
+    o  OpenSSL 0.9.6a: Released on April      5th, 2001

     o  OpenSSL 0.9.6:  Released on September 24th, 2000
     o  OpenSSL 0.9.5a: Released on April      1st, 2000
     o  OpenSSL 0.9.5:  Released on February  28th, 2000
     o  OpenSSL 0.9.6:  Released on September 24th, 2000
     o  OpenSSL 0.9.5a: Released on April      1st, 2000
     o  OpenSSL 0.9.5:  Released on February  28th, 2000


@@ -71,10 +25,16 @@
     o  OpenSSL 0.9.2b: Released on March     22th, 1999
     o  OpenSSL 0.9.1c: Released on December  23th, 1998
 
     o  OpenSSL 0.9.2b: Released on March     22th, 1999
     o  OpenSSL 0.9.1c: Released on December  23th, 1998
 

+  [See also http://www.openssl.org/support/rt2.html]
+

   RELEASE SHOWSTOPPERS
 
   RELEASE SHOWSTOPPERS
 

+    o 
+

   AVAILABLE PATCHES
 
   AVAILABLE PATCHES
 

+    o 
+

   IN PROGRESS
 
     o Steve is currently working on (in no particular order):
   IN PROGRESS
 
     o Steve is currently working on (in no particular order):


@@ -88,32 +48,29 @@
     o Geoff and Richard are currently working on:
        ENGINE (the new code that gives hardware support among others).
     o Richard is currently working on:
     o Geoff and Richard are currently working on:
        ENGINE (the new code that gives hardware support among others).
     o Richard is currently working on:

+       UI (User Interface)

        UTIL (a new set of library functions to support some higher level
              functionality that is currently missing).
        Shared library support for VMS.
        UTIL (a new set of library functions to support some higher level
              functionality that is currently missing).
        Shared library support for VMS.

-       OCSP
-       Kerberos 5 authentication
+       Kerberos 5 authentication (Heimdal)

        Constification
        Constification

+       Compression
+       Attribute Certificate support
+       Certificate Pair support
+       Storage Engines (primarly an LDAP storage engine)
+       Certificate chain validation with full RFC 3280 compatibility

 
   NEEDS PATCH
 
 
   NEEDS PATCH
 

-    o  apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file
+    o  0.9.8-dev: COMPLEMENTOFALL and COMPLEMENTOFDEFAULT do not
+       handle ECCdraft cipher suites correctly.

 
 

-    o  OpenSSL_0_9_6-stable:
-       #include <openssl/e_os.h> in exported header files is illegal since
-       e_os.h is suitable only for library-internal use.
+    o  apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file

 
 

-    o  Whenever strncpy is used, make sure the resulting string is NULL-terminated
-       or an error is reported
+    o  "OpenSSL STATUS" is never up-to-date.

 
   OPEN ISSUES
 
 
   OPEN ISSUES
 

-    o  crypto/ex_data.c is not really thread-safe and so must be used
-       with care (e.g., extra locking where necessary, or don't call
-       CRYPTO_get_ex_new_index once multiple threads exist).
-       The current API is not suitable for everything that it pretends
-       to offer.
-

     o  The Makefile hierarchy and build mechanism is still not a round thing:
 
        1. The config vs. Configure scripts
     o  The Makefile hierarchy and build mechanism is still not a round thing:
 
        1. The config vs. Configure scripts


@@ -138,22 +95,20 @@
                     which apparently is not flexible enough to generate
                     libcrypto)
 
                     which apparently is not flexible enough to generate
                     libcrypto)
 

+  WISHES

 
 

-    o  The perl/ stuff needs a major overhaul. Currently it's
-       totally obsolete. Either we clean it up and enhance it to be up-to-date
-       with the C code or we also could replace it with the really nice
-       Net::SSLeay package we can find under
-       http://www.neuronio.pt/SSLeay.pm.html.  Ralf uses this package for a
-       longer time and it works fine and is a nice Perl module. Best would be
-       to convince the author to work for the OpenSSL project and create a
-       Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for
-       us.
+    o  Add variants of DH_generate_parameters() and BN_generate_prime() [etc?]
+       where the callback function can request that the function be aborted.
+       [Gregory Stark <ghstark@pobox.com>, <rayyang2000@yahoo.com>]

 
 

-       Status: Ralf thinks we should both contact the author of Net::SSLeay
-               and look how much effort it is to bring Eric's perl/ stuff up
-               to date.
-               Paul +1
+    o  SRP in TLS.
+       [wished by:
+        Dj <derek@yo.net>, Tom Wu <tom@arcot.com>,
+        Tom Holroyd <tomh@po.crl.go.jp>]

 
 

-  WISHES
+       See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt
+       as well as http://www-cs-students.stanford.edu/~tjw/srp/.

 
 

-    o 
+       Tom Holroyd tells us there is a SRP patch for OpenSSH at
+       http://members.tripod.com/professor_tom/archives/, that could
+       be useful.