Monthly Status Report (June)
As well as normal reviews, responding to user queries, wiki user requests, OMC business, support customer issues, CLA submissions, handling security reports, etc., key activities this month: - PR to make the ASN.1 code libctx aware - PR to teach ASN1_item_verify_ctx() how to handle provided keys - Fixed dtls1_handle_timeout() to only call dtls1_start_timer() once - Implemented fix for name constraints to check we got the type that we were expecting - Fixed the generate_ssl_tests.pl script so that it be run standalone - Added a generic SubjectPublicKeyInfo decoder that works out the type of key that is contained inside it and calls the appropriate decoder to finish the decoding. - Add up calls for some OBJ_* functions - Fixed clean up code so that encoder/decoder/loader stores are cleaned before the provider store - Wrote and published the beta1 blog post - Performed the beta1 release - Fix to ensure we remove libctx DRBG state before removing the provider store - Refactored the provider initialisation code so that no locks are held during init - Implemented fix to avoid an "excessive message size" error for large session ticket messages - Fixed the release script to ensure ordinals are created - Investigated and fixed various build errors with mingw Matt
Monthly Status Report (June 2021)
My key activities this month were: - triage of newly reported issues and responding to questions - re-triage of issues/PRs in Assessed milestone completed, the milestone is now closed - participation on the meetings - reviews of various PRs: - I've reviewed more than 100 PRs this month - Notable PRs reviewed: - Decoding PKCS#8: separate decoding of encrypted and unencrypted PKCS#8 #15498 - s390x: EVP_CipherInit_ex sequences lead to wrong results #15521 - DECODER & ENCODER: use property definitions instead of getting implementation parameters #15570 - Refactor XXX_do_all_provided() to behave like XXX_fetch() #15604 - property: improve ossl_property_find_property() function #15614 - Add a generic SubjectPublicKeyInfo decoder #15662 - Add various OBJ functions as callbacks #15681 - Don't hold any locks while calling the provider init function #15854 - property: add locking to the property string database #15871 - ENCODER & DECODER: Make a tighter coupling between en/decoders and keymgmt #15933 - submitted 24 PRs: - In particular: - Move libssl related defines used by fips provider to prov_ssl.h #15609 - X509_digest_sig: Handle RSA-PSS and EDDSA certificates #15618 - Elimination of some sources not needed in the FIPS_MODULE #15622 - Do not duplicate symbols between libcrypto and libssl in static builds #15714 - Multiple PRs fixing build and test issues on AIX - Only the fips module dependencies are relevant for fips.module.sources #15903 - Multiple fixes related to reading PEM key files #15949 -- Tomáš Mráz No matter how far down the wrong road you've gone, turn back. Turkish proverb [You'll know whether the road is wrong if you carefully listen to your conscience.]