[openssl-project] Monthly Status Report (June)

[Matt Caswell]

As well as normal reviews, responding to user queries, wiki user
requests, OMC business, handling security reports, etc., key activities
this month:

- Implemented a feature enabling anti-replay to be switched off
- Enabled SSL_OP_NO_TICKET support for TLSv1.3
- Added getters for raw private/public keys to improve
X25519/X448/Ed25519/Ed448 support
- Worked on numerous SM2 tidy ups
- Fixed an issue with incorrect TLSv1.3 ticket nonces
- Ported an old patch for binary ecc lambda projective co-ordinates by
Billy Brumley to latest master. This work has now been taken over by Billy.
- Attended some teleconference calls on the FIPS project
- Fixed no-dsa
- Fixed a problem with the EAP-FAST support
- Fixed no-ec
- Continued work started in May around auto-retry in shutdown
- Continued work started in May around TLSv1.3 alert severity levels
- Worked on and issued security advisory for CVE-2018-0732
- Implemented blinding for ECDSA and DSA
- Fixed a problem in s_client which was not correctly reporting TLSv1.3
session data
- Investigated and fixed an OSS-fuzz detected issue with the
alpn_selected SSL_SESSION data
- Fixed enable-ssl3 and enable-ssl3-method
- Fixed no-ssl3-method in 1.0.2
- Performed the 1.1.1-pre8 release
- Helped investigate test failures in the pyca external tests
- Fixed and documented no-sm2
- Fixed a problem where session data was being changed after it is
supposed to be immutable
- Developed patches for various SM2 issues discovered by Coverity
- Fixed a NULL ptr deref in tls_process_cke_dhe()
- Fixed various issues relating to the client side cache in TLSv1.3
- Involved in discussions with David Benjamin around Universal PSKs


Matt