Re: [openssl-dev] Tuesday's code health day

2017-03-16 Thread Matt Caswell 


On 16/03/17 16:29, Salz, Rich via openssl-dev wrote:
> Our most recent code health Tuesday was a success.  Nearly a dozen people 
> worked to achieved the following:
> 
> - Our external contributors wrote completely new unit test for previously 
> untested API's (stack, LHASH, and RSA_padding_add_PKCS1_PSS_mgf1) , and added 
> a large external test suite (Python Cryptography).  Rock on!
> - We rolled the BoringSSL tests forward to a new version and fixed several 
> previously-failing tests

"several" probably undersells that :-)

Previously 1183 BoringSSL tests were explicitly disabled. Now only 247
are explicitly disabled, i.e. we fixed 936 tests! That's at the same
time as adding new ones due to rolling the BoringSSL tests forward.

Matt


> - We improved testing support on VMS and for Strawberry Perl
> - The DTLS and SRP tests were ported to the new test framework
> - Test for output support of non-ASCII characters in certificate names
> - There were also code-health requests that addressed other areas such as 
> eliminating warnings and dead code, and improving code clarity - those are 
> also very welcome!
> 
> We thank the community for their interest, support, and help in improving 
> OpenSSL. We hope you'll join our next Code Health Tuesday, planned for March 
> 28.  Watch for details!
> 
> --  
> Senior Architect, Akamai Technologies
> Member, OpenSSL Dev Team
> IM: richs...@jabber.at Twitter: RichSalz
> 
> 
-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] Tuesday's code health day

2017-03-16 Thread Salz, Rich via openssl-dev 
Our most recent code health Tuesday was a success.  Nearly a dozen people 
worked to achieved the following:

- Our external contributors wrote completely new unit test for previously 
untested API's (stack, LHASH, and RSA_padding_add_PKCS1_PSS_mgf1) , and added a 
large external test suite (Python Cryptography).  Rock on!
- We rolled the BoringSSL tests forward to a new version and fixed several 
previously-failing tests
- We improved testing support on VMS and for Strawberry Perl
- The DTLS and SRP tests were ported to the new test framework
- Test for output support of non-ASCII characters in certificate names
- There were also code-health requests that addressed other areas such as 
eliminating warnings and dead code, and improving code clarity - those are also 
very welcome!

We thank the community for their interest, support, and help in improving 
OpenSSL. We hope you'll join our next Code Health Tuesday, planned for March 
28.  Watch for details!

--  
Senior Architect, Akamai Technologies
Member, OpenSSL Dev Team
IM: richs...@jabber.at Twitter: RichSalz


-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] TLSv1.3 draft 19 support

2017-03-16 Thread Short, Todd via openssl-dev 
Thanks Matt!
--
-Todd Short
// tsh...@akamai.com
// "One if by land, two if by sea, three if by the Internet."

On Mar 16, 2017, at 10:35 AM, Matt Caswell 
> wrote:

All,

I have just pushed to master the updates necessary for TLSv1.3 draft-19
support. This covers most of the required changes with the exception of
CertificateRequests which are waiting on PR 2918 to be merged.

Unfortunately there aren't other draft-19 implementations out there yet
(that I know of) so there has been no inter-operability testing.
Therefore I don't claim it to be bug free!! :-(

As and when other implementations come along I will test it and fix
anything we find.

The immediate impact of this is that anyone using master for testing
will find they are no longer able to negotiate TLSv1.3 with any
implementations still using draft-18 (i.e. most/all of them). To enable
people to still do that we have created a new branch "tlsv1.3-draft-18"
in the repo which was done immediately before pulling in the draft-19
changes. I plan to maintain that branch with any required draft-18
interoperability fixes for a short time.

Matt

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] TLSv1.3 draft 19 support

2017-03-16 Thread Matt Caswell 
All,

I have just pushed to master the updates necessary for TLSv1.3 draft-19
support. This covers most of the required changes with the exception of
CertificateRequests which are waiting on PR 2918 to be merged.

Unfortunately there aren't other draft-19 implementations out there yet
(that I know of) so there has been no inter-operability testing.
Therefore I don't claim it to be bug free!! :-(

As and when other implementations come along I will test it and fix
anything we find.

The immediate impact of this is that anyone using master for testing
will find they are no longer able to negotiate TLSv1.3 with any
implementations still using draft-18 (i.e. most/all of them). To enable
people to still do that we have created a new branch "tlsv1.3-draft-18"
in the repo which was done immediately before pulling in the draft-19
changes. I plan to maintain that branch with any required draft-18
interoperability fixes for a short time.

Matt

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev