X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=STATUS;h=7853d9ff50ed3b17f34512c22b2bbdfab7b38505;hp=a77abd346ef77b90ff8c08354f8a1d043fb82ef6;hb=17d6bb815813bab443a29cfd821d876afc9ecfef;hpb=528f6b81db3c746542b1ff8d4e32189b33d6d400 diff --git a/STATUS b/STATUS index a77abd346e..7853d9ff50 100644 --- a/STATUS +++ b/STATUS @@ -1,10 +1,12 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2001/06/04 16:23:15 $ + ______________ $Date: 2002/03/11 09:36:04 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... + o OpenSSL 0.9.6c: Released on December 21st, 2001 + o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 @@ -17,8 +19,26 @@ RELEASE SHOWSTOPPERS + o BIGNUM library failures on 64-bit platforms (0.9.7-dev): + - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc + and other 64-bit platforms + + Checked on Result + alpha-cc (Tru64 version 4.0) works + linux-alpha+bwx-gcc doesn't work. Reported by + Sean O'Riordain + OpenBSD-sparc64 doesn't work. BN_mod_mul breaks. + + Needs checked on + [add platforms here] + + - BN_mod_mul verification fails for mips3-sgi-irix + unless configured with no-asm + AVAILABLE PATCHES + o + IN PROGRESS o Steve is currently working on (in no particular order): @@ -32,32 +52,26 @@ o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: + UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. - OCSP Kerberos 5 authentication Constification + OCSP NEEDS PATCH - o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file + o An (optional) countermeasure against the predictable-IV CBC + weakness in SSL/TLS should be added; see + http://www.openssl.org/~bodo/tls-cbc.txt - o OpenSSL_0_9_6-stable: - #include in exported header files is illegal since - e_os.h is suitable only for library-internal use. + o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file - o Whenever strncpy is used, make sure the resulting string is NULL-terminated - or an error is reported + o "OpenSSL STATUS" is never up-to-date. OPEN ISSUES - o crypto/ex_data.c is not really thread-safe and so must be used - with care (e.g., extra locking where necessary, or don't call - CRYPTO_get_ex_new_index once multiple threads exist). - The current API is not suitable for everything that it pretends - to offer. - o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts @@ -82,24 +96,12 @@ which apparently is not flexible enough to generate libcrypto) - - o The perl/ stuff needs a major overhaul. Currently it's - totally obsolete. Either we clean it up and enhance it to be up-to-date - with the C code or we also could replace it with the really nice - Net::SSLeay package we can find under - http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a - longer time and it works fine and is a nice Perl module. Best would be - to convince the author to work for the OpenSSL project and create a - Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for - us. - - Status: Ralf thinks we should both contact the author of Net::SSLeay - and look how much effort it is to bring Eric's perl/ stuff up - to date. - Paul +1 - WISHES + o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] + where the callback function can request that the function be aborted. + [Gregory Stark , ] + o SRP in TLS. [wished by: Dj , Tom Wu ,