As well as normal reviews, responding to user queries, wiki user requests, OMC business, handling security reports, etc., key activities this month:
- Worked on and pushed the PR to add SHA256 support to the FIPS provider - Fixed no-sm2/no-sm3/no-ec - Corrected some documentation for SSL_CIPHER_description() - Worked on and pushed the PR to create a legacy provider and put MD2 in it - Fixed a crash in X509_STORE_CTX_get_by_subject - Significant review work on the CMP chunk 3 PR - Came up with a proposed fix for possible mem leaks in custom X509_LOOKUP_METHODs (later superseded by another fix) - Investigated reported issues with AES-BIGE and later created a PR to improve documentation/comments - Significant work on creating a PR to move the basic AES ciphers into the default provider - Significant work on the PR making EVP available in the FIPS provider - In response to CVE-2019-9498 and CVE-2019-9499 backported a hardening commit to 1.0.2 to reject invalid EC point co-ords during EC_POINT_set_affine_coordinates_* - Significant review work of the KTLS Sendfile PR - Investigated and came up with PR to fix issues with OpenSSL being intolerant to key_update while writes are pending - Added some clarification to the ChaCha20 docs and added some new test vectors - Fixed some KTLS issues - Fixed no-ec2m - Fixed an issue with EVP_CIPHER_CTX_rand_key - Fixed a problem in rc5 where it would attempt to use a key length longer than the maximum permissible - Fixed no-srp Matt