2 OpenSSL STATUS Last modified at
3 ______________ $Date: 2001/03/22 15:15:58 $
7 o OpenSSL 0.9.6a: Bugfix release -- under development...
8 Beta 1 released on March 13th, 2001
9 HP-UX 10.20 (hpux-parisc-cc) - PASSED [normal+engine]
10 HP-UX 10.20 (hpux-parisc-gcc) - PASSED [normal+engine]
11 HP-UX 11.00 32bit (hpux-parisc-gcc) - FAILED [engine]
12 "openssl speed rsa1024 -engine cswift" fails unless
13 libswift.sl is renamed to libswift.so.
15 HP MPE/iX - PASSED [presumed normal]
16 Linux 2.2.17 SMP (linux-elf) - PASSED [normal+engine]
17 Windows (VC-WIN32) - FAILED [presumed normal]
18 Missing line in ms/32all.bat:
19 perl util\mkfiles.pl >MINFO
21 In randfile.c, line 214, signed and unsigned int are mixed.
23 In s_client.c and s_server.c, RAND_status() needs to get
24 declared (#include <openssl/rand.h>)
26 OpenVMS (any version) - FAILED [normal+engine]
27 Missing instructions in building script.
29 AIX 4.3 - FAILED [engine]
30 Needs -DDSO_DLFCN and -DHAVE_DLFCN_H to work.
31 [CORRECTED] (but will not be automagically configured)
32 Irix 6.5.11 - FAILED [presumed normal]
34 solaris64-sparcv9-cc (SunOS 5.8) - PASSED [normal+engine]
35 BSDI 4.0.1 (bsdi-elf-gcc) - FAILED [engine]
36 Needs -DDSO_DLFCN, -DHAVE_DLFCN_H and -ldl to work.
38 mingw32 w/ gcc 2.95.2 - PASSED [presumed normal]
40 Beta 2 released on March 21st, 2001
41 OpenVMS (tested on VMS 7.2-1 for Alpha) - PASSED [presumed normal]
42 solaris64-sparcv9-cc (SunOS 5.8) - PASSED [normal]
44 o OpenSSL 0.9.6: Released on September 24th, 2000
45 o OpenSSL 0.9.5a: Released on April 1st, 2000
46 o OpenSSL 0.9.5: Released on February 28th, 2000
47 o OpenSSL 0.9.4: Released on August 09th, 1999
48 o OpenSSL 0.9.3a: Released on May 29th, 1999
49 o OpenSSL 0.9.3: Released on May 25th, 1999
50 o OpenSSL 0.9.2b: Released on March 22th, 1999
51 o OpenSSL 0.9.1c: Released on December 23th, 1998
59 o Steve is currently working on (in no particular order):
60 ASN1 code redesign, butchery, replacement.
62 EVP cipher enhancement.
63 Enhanced certificate chain verification.
64 Private key, certificate and CRL API and implementation.
65 Developing and bugfixing PKCS#7 (S/MIME code).
66 Various X509 issues: character sets, certificate request extensions.
67 o Geoff and Richard are currently working on:
68 ENGINE (the new code that gives hardware support among others).
69 o Richard is currently working on:
70 UTIL (a new set of library functions to support some higher level
71 functionality that is currently missing).
72 Shared library support for VMS.
74 Kerberos 5 authentication
79 o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file
81 o OpenSSL_0_9_6-stable:
82 #include <openssl/e_os.h> in exported header files is illegal since
83 e_os.h is suitable only for library-internal use.
85 o Whenever strncpy is used, make sure the resulting string is NULL-terminated
86 or an error is reported
90 o crypto/ex_data.c is not really thread-safe and so must be used
91 with care (e.g., extra locking where necessary, or don't call
92 CRYPTO_get_ex_new_index once multiple threads exist).
93 The current API is not suitable for everything that it pretends
96 o The Makefile hierarchy and build mechanism is still not a round thing:
98 1. The config vs. Configure scripts
99 It's the same nasty situation as for Apache with APACI vs.
100 src/Configure. It confuses.
101 Suggestion: Merge Configure and config into a single configure
102 script with a Autoconf style interface ;-) and remove
103 Configure and config. Or even let us use GNU Autoconf
104 itself. Then we can avoid a lot of those platform checks
105 which are currently in Configure.
107 o Support for Shared Libraries has to be added at least
108 for the major Unix platforms. The details we can rip from the stuff
109 Ralf has done for the Apache src/Configure script. Ben wants the
110 solution to be really simple.
112 Status: Ralf will look how we can easily incorporate the
113 compiler PIC and linker DSO flags from Apache
114 into the OpenSSL Configure script.
116 Ulf: +1 for using GNU autoconf and libtool (but not automake,
117 which apparently is not flexible enough to generate
121 o The perl/ stuff needs a major overhaul. Currently it's
122 totally obsolete. Either we clean it up and enhance it to be up-to-date
123 with the C code or we also could replace it with the really nice
124 Net::SSLeay package we can find under
125 http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a
126 longer time and it works fine and is a nice Perl module. Best would be
127 to convince the author to work for the OpenSSL project and create a
128 Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for
131 Status: Ralf thinks we should both contact the author of Net::SSLeay
132 and look how much effort it is to bring Eric's perl/ stuff up