X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=STATUS;h=820a10ba42ed541a6f85dfca2efdc1f4e56b7ed8;hb=3cc1f498a171f9268859a443ae8d4cd7fce6a43b;hp=47e1bf46981a285cde6a4460e0721b7aae1d1799;hpb=705bfcf8e73d7d27b8770c4d250b2245e535edfc;p=oweals%2Fopenssl.git

diff --git a/STATUS b/STATUS
index 47e1bf4698..820a10ba42 100644
--- a/STATUS
+++ b/STATUS
@@ -1,10 +1,11 @@
 
   OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2000/10/23 08:01:41 $
+  ______________                           $Date: 2001/06/11 09:55:54 $
 
   DEVELOPMENT STATE
 
     o  OpenSSL 0.9.7:  Under development...
+    o  OpenSSL 0.9.6a: Released on April      5th, 2001
     o  OpenSSL 0.9.6:  Released on September 24th, 2000
     o  OpenSSL 0.9.5a: Released on April      1st, 2000
     o  OpenSSL 0.9.5:  Released on February  28th, 2000
@@ -18,14 +19,13 @@
 
   AVAILABLE PATCHES
 
-    o CA.pl patch (Damien Miller)
-
   IN PROGRESS
 
     o Steve is currently working on (in no particular order):
         ASN1 code redesign, butchery, replacement.
+        OCSP
         EVP cipher enhancement.
-        Proper (or at least usable) certificate chain verification.
+        Enhanced certificate chain verification.
 	Private key, certificate and CRL API and implementation.
 	Developing and bugfixing PKCS#7 (S/MIME code).
         Various X509 issues: character sets, certificate request extensions.
@@ -34,17 +34,32 @@
     o Richard is currently working on:
 	UTIL (a new set of library functions to support some higher level
 	      functionality that is currently missing).
-	Dynamic thread-lock support.
 	Shared library support for VMS.
+	OCSP
+	Kerberos 5 authentication
+	Constification
 
   NEEDS PATCH
 
-    o  non-blocking socket on AIX
-    o  $(PERL) in */Makefile.ssl
-    o  "Sign the certificate?" - "n" creates empty certificate file
+    o  engine_list.c memory leaks in 0.9.7-dev (built-in engines)
+
+    o  apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file
+
+    o  OpenSSL_0_9_6-stable:
+       #include <openssl/e_os.h> in exported header files is illegal since
+       e_os.h is suitable only for library-internal use.
+
+    o  Whenever strncpy is used, make sure the resulting string is NULL-terminated
+       or an error is reported
 
   OPEN ISSUES
 
+    o  crypto/ex_data.c is not really thread-safe and so must be used
+       with care (e.g., extra locking where necessary, or don't call
+       CRYPTO_get_ex_new_index once multiple threads exist).
+       The current API is not suitable for everything that it pretends
+       to offer.
+
     o  The Makefile hierarchy and build mechanism is still not a round thing:
 
        1. The config vs. Configure scripts
@@ -87,4 +102,14 @@
 
   WISHES
 
-    o 
+    o  SRP in TLS.
+       [wished by:
+        Dj <derek@yo.net>, Tom Wu <tom@arcot.com>,
+        Tom Holroyd <tomh@po.crl.go.jp>]
+
+       See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt
+       as well as http://www-cs-students.stanford.edu/~tjw/srp/.
+
+       Tom Holroyd tells us there is a SRP patch for OpenSSH at
+       http://members.tripod.com/professor_tom/archives/, that could
+       be useful.