Re: OTC VOTE: Accept PR #15763

[Kurt Roeckx]

On Tue, Jun 29, 2021 at 10:50:36AM +0100, Matt Caswell wrote:
> topic: Accept PR #15763 for 1.1.1 subject to the normal review process

+1


Kurt

Monthly Status: June

[Dr Paul Dale]

Significant activities throughout June were:

 * Fix new Coverity issues 26 real, 4 false positives
 * Address all outstanding (ancient) Coverity issues
 * Fix threads test ordering problem
 * Fix address sanitiser problems in apps relating to uninitialised BN
   pointers
 * Investigation memory leak in dlopen() that's a known problem with
   valgrind
 * Investigate and fix memory leak when threading in property code
 * Investigation and remediation of several threading problems
 * Add locks to obj_dat.c and obj_xref.c to make the OBJ subsection
   thread safe (post 3.0 after discussion)
 * Added decoded caching to avoid lots of allocations and repeated
   algorithm recreation
 * Implemented a property list find function
 * Add a key manager check to better reuse existing key managers in
   light of algorithm cache flushes
 * Convert SHA one short functions to be functions not macros, to
   accept NULL arguments in a way compatible to 1.1.1
 * Add a memory sanitiser build
 * Tweak the time of execution of CI jobs so they run more widely
 * Fix double to integer conversions in light of the VMS experience
 * Add integer size sanity checks in light of the VMS experience
 * Add tests to evp_test for EVP_Q_ functions
 * Change the way XTS and AEAD ciphers are filtered in apps to unify
   this behaviour
 * Earlier detection of bad digest in req command
 * Covert command line apps to use libctx and property query more
   extensively
 * Add a -digest option to spkac command
 * Fix auto DH problem where the chosen group didn't necessarily meet
   the current security level
 * Add RSA key size vs entropy checks in FIPS mode
 * Updates to the FIPS checksum script
 * Remove SM2 encoder and decoder from the FIPS provider ... hmmm.
 * Add digest, cipher and PKEY algorithm life cycle documentation
   (including pretty pictures)
 * Update platform policy to allow configuration additions to stable
   branches
 * Clean up all remaining TODO notes in the code
 * Update NEWS to current status
 * Fix documentation of up-calls from providers to libcrypto
 * Deprecation of ERR_GET_FUNC()
 * Create a list of things to do after 3.0 for future discussion

In addition were minor pull requests, reviewing, OMC and OTC business, 
et al.