As well as normal reviews, responding to user queries, wiki user requests, OMC business, handling security reports, etc., key activities this month:
- Fixed a mem leak in CMS_RecipientInfo_set0_pkey() and added some CMS tests - Added a note around performance and Nagle's algorithm on the SSL_connect() man page - Performend the 1.1.1 pre6 release - Fixed some errors and missing info in the CMS docs - Add getter for X509_VERIFY_PARAM_get_hostflags - Fixed SSL_get_shared_ciphers() to actually return the shared ciphers rather than the client ciphers - Fixed SSL_has_pending() in DTLS - Attended the OMC f2f in Ottawa - Fixed a failure in the event of an out-of-order CCS in DTLS - Fixed s_server/s_client to correctly use the DTLS timer - Ensure we resend the last DTLS flight if we don't get any app data from the peer - Fixed the ticket callbacks in TLSv1.3 and added associated tests - Fixed various "no" config options (multiple times in the month!) - Implemented a preference for SHA-256 when using "old style" PSKs to aid backwards compatibility - Fixed a DTLS problem where we did a memcpy of a NULL pointer of zero length, which is undefined behaviour - Implemented configurable number of TLSv1.3 session tickets - Implemented support for TLSv1.3 drafts 26/27/28 all at the same time - Made BN_GF2m_mod_arr more constant time as a defence against side channel attacks - Reverted an earlier change to pkeyutl to avoid EVP_PKEY_sign() for EdDSA. Also fixed a number of other issues with this application. - Fixed "ca" so that it can use EdDSA - Fixed some undefined behaviour in X509_NAME_cmp() - Modified TLSv1.3 stateless tickets so that they are not cached unnecessarily - Fixed a bug where post-handshake auth Finished messages used the wrong key - Added some sanity checks for a point to check it is defined for the right curve before we perform operations on it - Updated the "Connected Commands" section of the s_server/s_client docs - Create a PR (ongoing) for doing auto-retry in shutdown to fix test issues reported in CPython - Fixed mathematics error in calculating "a ^ 0 mod -1" - Performed the 1.1.1 pre7 release - Fixed most of the outstanding Coverity defects - Major tidy up of the SM2 code Matt _______________________________________________ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project