2 OpenSSL STATUS Last modified at
3 ______________ $Date: 2001/03/15 06:15:26 $
7 o OpenSSL 0.9.6a: In development...
8 Beta 1 released on March 13th, 2001
9 HP-UX 10.20 (hpux-parisc-cc) - PASSED [normal+engine]
10 HP-UX 10.20 (hpux-parisc-gcc) - PASSED [normal+engine]
11 HP-UX 11.00 32bit (hpux-parisc-gcc) - FAILED [engine]
12 "openssl speed rsa1024 -engine cswift" fails unless
13 libswift.sl is renamed to libswift.so.
15 HP MPE/iX - PASSED [presumed normal]
16 Linux 2.2.17 SMP (linux-elf) - PASSED [normal+engine]
17 Windows (VC-WIN32) - FAILED [presumed normal]
18 Missing line in ms/32all.bat:
19 perl util\mkfiles.pl >MINFO
21 In randfile.c, line 214, signed and unsigned int are mixed.
23 In s_client.c and s_server.c, RAND_status() needs to get
24 declared (#include <openssl/rand.h>)
26 OpenVMS (any version) - FAILED [normal+engine]
27 Missing instructions in building script.
29 AIX 4.3 - FAILED [engine]
30 Needs -DDSO_DLFCN and -DHAVE_DLFCN_H to work.
31 Irix 6.5.11 - FAILED [presumed normal]
33 solaris64-sparcv9-cc (SunOS 5.8) - PASSED [normal+engine]
34 o OpenSSL 0.9.6: Released on September 24th, 2000
35 o OpenSSL 0.9.5a: Released on April 1st, 2000
36 o OpenSSL 0.9.5: Released on February 28th, 2000
37 o OpenSSL 0.9.4: Released on August 09th, 1999
38 o OpenSSL 0.9.3a: Released on May 29th, 1999
39 o OpenSSL 0.9.3: Released on May 25th, 1999
40 o OpenSSL 0.9.2b: Released on March 22th, 1999
41 o OpenSSL 0.9.1c: Released on December 23th, 1998
47 o CA.pl patch (Damien Miller)
51 o Steve is currently working on (in no particular order):
52 ASN1 code redesign, butchery, replacement.
53 EVP cipher enhancement.
54 Proper (or at least usable) certificate chain verification.
55 Private key, certificate and CRL API and implementation.
56 Developing and bugfixing PKCS#7 (S/MIME code).
57 Various X509 issues: character sets, certificate request extensions.
58 o Geoff and Richard are currently working on:
59 ENGINE (the new code that gives hardware support among others).
60 o Richard is currently working on:
61 UTIL (a new set of library functions to support some higher level
62 functionality that is currently missing).
63 Dynamic thread-lock support.
64 Shared library support for VMS.
68 o non-blocking socket on AIX
69 o $(PERL) in */Makefile.ssl
70 o "Sign the certificate?" - "n" creates empty certificate file
74 o internal_verify doesn't know about X509.v3 (basicConstraints
77 o The Makefile hierarchy and build mechanism is still not a round thing:
79 1. The config vs. Configure scripts
80 It's the same nasty situation as for Apache with APACI vs.
81 src/Configure. It confuses.
82 Suggestion: Merge Configure and config into a single configure
83 script with a Autoconf style interface ;-) and remove
84 Configure and config. Or even let us use GNU Autoconf
85 itself. Then we can avoid a lot of those platform checks
86 which are currently in Configure.
88 o Support for Shared Libraries has to be added at least
89 for the major Unix platforms. The details we can rip from the stuff
90 Ralf has done for the Apache src/Configure script. Ben wants the
91 solution to be really simple.
93 Status: Ralf will look how we can easily incorporate the
94 compiler PIC and linker DSO flags from Apache
95 into the OpenSSL Configure script.
97 Ulf: +1 for using GNU autoconf and libtool (but not automake,
98 which apparently is not flexible enough to generate
102 o The perl/ stuff needs a major overhaul. Currently it's
103 totally obsolete. Either we clean it up and enhance it to be up-to-date
104 with the C code or we also could replace it with the really nice
105 Net::SSLeay package we can find under
106 http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a
107 longer time and it works fine and is a nice Perl module. Best would be
108 to convince the author to work for the OpenSSL project and create a
109 Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for
112 Status: Ralf thinks we should both contact the author of Net::SSLeay
113 and look how much effort it is to bring Eric's perl/ stuff up