[openssl-project] Monthly Status Report (March)

Matt Caswell matt at openssl.org
Wed Apr 4 15:07:15 UTC 2018


As well as normal reviews, responding to user queries, wiki user
requests, OMC business, handling security reports, etc., key activities
this month:

- Performed the 1.1.1 beta 1 (pre-3) release
- Performed a security release for 1.1.0 and 1.0.2
- Carried out a number of different tasks around the re-licensing,
reviewing and investigating old commits and rewriting some where required
- Implemented the TLSv1.3 anti-replay mechanism
- Fixed numerous "no-" compilation options
- Investigated and fixed a text canonicalisation bug in CMS
- Major overhaul of the genpkey documentation which was very out of date
- Investigated and developed a fix for SSL config problems where engines
cannot be loaded prior to the initialisation of libssl
- Implemented changes to tolerate a Certificate using a non-supported
group on the server side.
- Fixed a bug where generating a key for certain unusual EC curves
failed due to an attempt to write out the ASN.1 with a bad OID
- Fixed a travis problem where builds were failing due to excessive log size
- Fixed various problems with the ca application
- Implemented a capability to import "raw" keys for various algorithms
via EVP (e.g. X25519/Ed25519/X448/Ed448 etc).
- Fixed a TLSv1.3 server side session caching issue
- Implemented a new ciphersuite configuration approach for TLSv1.3
- Updated for support of TLSv1.3 draft-26
- Stopped ossl_shim from negotiating TLSv1.3 which was causing travis
failures
- Fixed some issues with SSL_stateless() in order to give more
information to callers
- Implemented fixes for PSK support to enable old-style PSKs to be used
in TLSv1.3
- Completed and committed support for X448/Ed448
- Performed some interoperability testing for Ed25519/Ed448


Matt


More information about the openssl-project mailing list