As well as normal reviews, responding to user queries, wiki user requests, OMC business, handling security reports, etc., key activities this month:
- Ongoing work on the Design documentation for the FIPS release - Fixed some coverity issues - Fixed BIO callback return code handling - Fixed an issue with DTLSv1_listen() which was leaving messages on the underlying fd causing application level issues - Developed a Configure option "no-atexit" (not yet merged) - Fixed the EVP_PKEY_CTX_set_rsa_pss_keygen_md macro - Fixed an issue with the client certificate callback in TLSv1.3 - Fixed a DTLS issue with duplicated messages coming from the next epoch - Reviewing the CMP code - Removed the artificial limit on the size of the ClientHello - Fixed a DTLS memory leak - Investigated tls_cbc_digest_record issues - Fixed an issue in s_server when the identity is unknown - Fixed an issue where we negotiated TLSv1.3 even though our certificate is not TLSv1.3 capable - Fixed an issue where we use_ecc() was returning 1 due to TLSv1.3 ciphersuites - even though those ciphersuites were disabled. - Fixed an issue where HKDF state was not reset between runs - Fixed ca_names handling to have separate behaviour on the client and server to avoid sending overly large ClientHellos - Reviewing the Kernel TLS code - Reviewing SRP documentation updates Matt _______________________________________________ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project