As well as normal reviews, responding to user queries, wiki user requests, OMC business, handling security reports, etc., key activities this month:
- Spent the week starting 3rd September attending the OpenSSL FIPS summit in Brisbane. Working on the OpenSSL strategy for FIPS and the design of the new module. - Clarified the documentation for the return values of SSL_client_version() - Fixed the handling of session tickets following a resumption with an external PSK, i.e. we treat it like a resumption and send one ticket back to the client - Updated and merged the fix for handling applications with clients that only write/servers that only read to avoid EPIPE while sending the new session tickets - Fix a problem where we were attempting to use an RSA-PSS cert for key exchange - A lot of work tracking and managing the release criteria status in the lead up to the 1.1.1 release - Performed the 1.1.1 release - Merged fixes for the EVP_DigestSign* docs - Updates to enable processing of NewSessionTickets and KeyUpdate messages even after we've sent a close_notify - Fixed a doc error wrt SSL_set_post_handshake_auth() - Wrote an published a blog entry about the 1.1.1 release - Fixed a bug in certificate callbacks when used with TLSv1.3 - Fixed a bug where SNI data can get reset mid-handshake - Fixed a number of issues identified by Coverity - Improve documentation around the -early_data option to s_server, and make sure we error out if attempting to use it in conjunction with -www - Significant and ongoing work on the OpenSSL Strategy and FIPS design documents - Fixed a bug with SNI in 1.1.1 - Fixed a bug with max psk len for TLSv1.3 - Fixed some no-* options Matt _______________________________________________ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
