As well as normal reviews, responding to user queries, wiki user requests, OMC business, handling security reports, etc., key activities this month:
- Implemented a feature enabling anti-replay to be switched off - Enabled SSL_OP_NO_TICKET support for TLSv1.3 - Added getters for raw private/public keys to improve X25519/X448/Ed25519/Ed448 support - Worked on numerous SM2 tidy ups - Fixed an issue with incorrect TLSv1.3 ticket nonces - Ported an old patch for binary ecc lambda projective co-ordinates by Billy Brumley to latest master. This work has now been taken over by Billy. - Attended some teleconference calls on the FIPS project - Fixed no-dsa - Fixed a problem with the EAP-FAST support - Fixed no-ec - Continued work started in May around auto-retry in shutdown - Continued work started in May around TLSv1.3 alert severity levels - Worked on and issued security advisory for CVE-2018-0732 - Implemented blinding for ECDSA and DSA - Fixed a problem in s_client which was not correctly reporting TLSv1.3 session data - Investigated and fixed an OSS-fuzz detected issue with the alpn_selected SSL_SESSION data - Fixed enable-ssl3 and enable-ssl3-method - Fixed no-ssl3-method in 1.0.2 - Performed the 1.1.1-pre8 release - Helped investigate test failures in the pyca external tests - Fixed and documented no-sm2 - Fixed a problem where session data was being changed after it is supposed to be immutable - Developed patches for various SM2 issues discovered by Coverity - Fixed a NULL ptr deref in tls_process_cke_dhe() - Fixed various issues relating to the client side cache in TLSv1.3 - Involved in discussions with David Benjamin around Universal PSKs Matt _______________________________________________ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project