openssl/STATUS
1998-12-31 12:52:23 +00:00

68 lines
2.9 KiB
Text

OpenSSL STATUS Last modified at
______________ $Date: 1998/12/31 12:52:23 $
DEVELOPMENT STATE
o OpenSSL 0.9.2: Under development.
o OpenSSL 0.9.1c: Released on December 23th, 1998
RELEASE SHOWSTOPPERS
AVAILABLE PATCHES
IN PROGRESS
o Ben is folding in his patches
NEEDS PATCH
OPEN ISSUES
o The installation under "make install" produces a very
installation layout: $prefix/certs and $prefix/private dirs. That's
not nice. Ralf suggests to move the two certs and private dirs either
to $prefix/etc/, $prefix/lib/ or $prefix/share. Alternatively
we could also not install the certs at all.
Status: Ralf +1 for both not installing the certs at all and
moving it to $prefix/etc/. +0 for $prefix/lib/
and $prefix/share.
o Support for Shared Libraries has to be added at least
for the major Unix platforms. The details we can rip from the stuff
Ralf has done for the Apache src/Configure script. Ben wants the
solution to be really simple.
Status: Ralf will look how we can easily incorporate the
compiler PIC and linker DSO flags from Apache
into the OpenSSL Configure script.
o The perl/ stuff needs a major overhaul. Currently it's
totally obsolete. Either we clean it up and enhance it to be up-to-date
with the C code or we also could replace it with the really nice
Net::SSLeay package we can find under
http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a
longer time and it works fine and is a nice Perl module. Best would be
to convince the author to work for the OpenSSL project and create a
Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for
us.
Status: Ralf thinks we should both contact the author of Net::SSLeay
and look how much effort it is to bring Eric's perl/ stuff up
to date.
o Ralf has ported Stephen's pkcs12 program to OpenSSL (the
ASN.1 stuff Eric recently changed :-( ), but needs some help from
Stephen at two source locations. Stephen itself also has ported his
internal pkcs12 0.53 version to OpenSSL, but thinks we still shouldn't
incorporate it into OpenSSL because it needs more cleanups. Ralf still
thinks pkcs12 should be incorporated better now than later because it's
nasty to not have it in the core - one always has to install it
manually and a lot of people use it. So, should we incorporate it?
BTW, we have to be carefully because of the pkcs12 license: There are
some things which don't match the OpenSSL license, so Stephen has to
change it for us when we want to incorporate the code.
Status: Ralf +1, Stephen -0