SSLeay 0.5.0 12-12-95 This is going out before it should really be released. I leave for 11 weeks holidays on the 22-12-95 and so I either sit on this for 11 weeks or get things out. It is still going to change a lot in the next week so if you do grab this version, please test and give me feed back ASAP, inculuding questions on how to do things with the library. This will prompt me to write documentation so I don't have to answer the same question again :-). This 'pre' release version is for people who are interested in the library. The applications will have to be changed to use the new version of the SSL interface. I intend to finish more documentation before I leave but until then, look at the programs in the apps directory. As far as code goes, it is much much nicer than the old version. The current library works, has no memory leaks (as far as I can tell) and is far more bug free that 0.4.5d. There are no global variable of consequence (I believe) and I will produce some documentation that tell where to look for those people that do want to do multi-threaded stuff. There should be more documentation. Have a look in the doc directory. I'll be adding more before I leave, it is a start by mostly documents the crypto library. Tim Hudson will update the web page ASAP. The spelling and grammar are crap but it is better than nothing :-) Reasons to start playing with version 0.5.0 - All the programs in the apps directory build into one ssleay binary. - There is a new version of the 'req' program that generates certificate requests, there is even documentation for this one :-) - There is a demo certification authorithy program. Currently it will look at the simple database and update it. It will generate CRL from the data base. You need to edit the database by hand to revoke a certificate, it is my aim to use perl5/Tk but I don't have time to do this right now. It will generate the certificates but the management scripts still need to be written. This is not a hard task. - Things have been cleaned up alot. - Have a look at the enc and dgst programs in the apps directory. - It supports v3 of x509 certiticates. Major things missing. - I have been working on (and thinging about) the distributed x509 hierachy problem. I have not had time to put my solution in place. It will have to wait until I come back. - I have not put in CRL checking in the certificate verification but it would not be hard to do. I was waiting until I could generate my own CRL (which has only been in the last week) and I don't have time to put it in correctly. - Montgomery multiplication need to be implemented. I know the algorithm, just ran out of time. - PKCS#7. I can load and write the DER version. I need to re-work things to support BER (if that means nothing, read the ASN1 spec :-). - Testing of the higher level digital envelope routines. I have not played with the *_seal() and *_open() type functions. They are written but need testing. The *_sign() and *_verify() functions are rock solid. - PEM. Doing this and PKCS#7 have been dependant on the distributed x509 heirachy problem. I started implementing my ideas, got distracted writing a CA program and then ran out of time. I provide the functionality of RSAref at least. - Re work the asm. code for the x86. I've changed by low level bignum interface again, so I really need to tweak the x86 stuff. gcc is good enough for the other boxes. .