Monthly Status Report (June)

[Matt Caswell]

As well as normal reviews, responding to user queries, wiki user
requests, OMC business, handling security reports, etc., key activities
this month:

- Continued work on making the threading code provider aware - leading to that
PR being merged.
- Continued to handle feedback and issues with the PRs to enable RAND in the
FIPS module - ultimately resulting in this code being merged
- Added the ability for "make doc-nits" to complain about newly added symbols
that do not have documentation
- Fixed "enable-ssl3"
- Investigated a memory corruption issue, which turned out to be a documentation
bug in the d2i docs - and then fixed those docs
- Implemented a PACKET/WPACKET version of some simple ASN.1 utils for DSA
- Made the BIGNUM code available from within the FIPS provider
- Fixed a compilation issue with gcc 7.4.0 not recognising a "fall through" comment
- Fixed the no-dh build
- Implemented some significant updates to allow TLSv1.3 even in a no-ec build.
This was made possible by the recent integration of TLSv1.3 FFDHE support. This
work also fixed the no-ec build.
- Fixed building with enable-trace
- Fixed a number of race conditions in the TLSv1.3 handling of supported groups
and some other similar fields
- Fixed a bug in the FIPS provider which was creating an OPENSSL_CTX twice by
mistake
- Moved the public SIV mode functions to internal headers. There was no need for
these functions to be public, and it reduced the number of newly added
undocumented symbols.
- Documented the ECP_CIPHER_fetch and EVP_CIPHER_up_ref functions
- Created a PR to move PKCS#3 DH to the default provider
- Fixed a bug which resulted in an assertion failure in master
- Fixed a mem leak in evp_test
- Resolved a crash in rc5 when using a key longer than 2040 bits



Matt