OpenSSL STATUS Last modified at
- ______________ $Date: 2002/12/26 22:25:02 $
+ ______________ $Date: 2004/03/17 12:01:16 $
DEVELOPMENT STATE
o OpenSSL 0.9.8: Under development...
- o OpenSSL 0.9.7-beta6: Released on December 17th, 2002
- Solaris on Sun Ultra (Workshop 6 update 1) - PASSED with warnings
- (warnings fixed)
- Redhat 8 on i386 (gcc 3.2) - PASSED
- Debian GNU/Linux on i386 (kernel 2.4.19, gxx 2.95.4) - PASSED
- Windows CE on HPC Pro 2.11 - PASSED
- Windows CE on HPC 2000 - PASSED
- Windows CE on PocketPC 2000 - PASSED
- Windows CE on PocketPC 2002 - PASSED
- VMS (>=6.0 on any platform, DEC C) - ERROR
- (errors fixed
- PR: 407, 413)
- Windows XP, with Kerberos 5 - ERROR
- Windows 2000 (Cygwin) - ERROR
- (PR: 404)
- SCO OpenServer, Unixware? - ERROR
- o OpenSSL 0.9.7-beta5: Released on December 5th, 2002
- o OpenSSL 0.9.7-beta4: Released on November 19th, 2002
- o OpenSSL 0.9.7-beta3: Released on July 30th, 2002
- o OpenSSL 0.9.7-beta2: Released on June 16th, 2002
- o OpenSSL 0.9.7-beta1: Released on June 1st, 2002
+ o OpenSSL 0.9.7d: Released on March 17th, 2004
+ o OpenSSL 0.9.7c: Released on September 30th, 2003
+ o OpenSSL 0.9.7b: Released on April 10th, 2003
+ o OpenSSL 0.9.7a: Released on February 19th, 2003
+ o OpenSSL 0.9.7: Released on December 31st, 2002
+ o OpenSSL 0.9.6m: Released on March 17th, 2004
+ o OpenSSL 0.9.6l: Released on November 4th, 2003
+ o OpenSSL 0.9.6k: Released on September 30th, 2003
+ o OpenSSL 0.9.6j: Released on April 10th, 2003
+ o OpenSSL 0.9.6i: Released on February 19th, 2003
o OpenSSL 0.9.6h: Released on December 5th, 2002
o OpenSSL 0.9.6g: Released on August 9th, 2002
o OpenSSL 0.9.6f: Released on August 8th, 2002
RELEASE SHOWSTOPPERS
- o BN_mod_mul verification fails for mips3-sgi-irix
- unless configured with no-asm
-
- o [2002-11-21]
- PR 343 mentions that scrubbing memory with 'memset(ptr, 0, n)' may
- be optimized away in modern compilers. This is definitely not good
- and needs to be fixed immediately. The formula to use is presented
- in:
-
- http://online.securityfocus.com/archive/82/297918/2002-10-27/2002-11-02/0
-
- The problem report that mentions this is:
-
- https://www.aet.TU-Cottbus.DE/rt2/Ticket/Display.html?id=343
+ o
AVAILABLE PATCHES
Shared library support for VMS.
Kerberos 5 authentication (Heimdal)
Constification
- Compression
- Attribute Certificate support
- Certificate Pair support
- Storage Engines (primarly an LDAP storage engine)
- Certificate chain validation with full RFC 3280 compatibility
NEEDS PATCH
- o 0.9.8-dev: COMPLEMENTOFALL and COMPLEMENTOFDEFAULT do not
- handle ECCdraft cipher suites correctly.
-
o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file
o "OpenSSL STATUS" is never up-to-date.