Monthly Status Report (January)

[Matt Caswell]

As well as normal reviews, responding to user queries, wiki user
requests, OMC business, handling security reports, etc., key activities
this month:

- Further work and eventual merge of the fix for the
SSL_get_servername() issue
- Fixed New Year "make update" issues
- Deprecated the low level Blowfish APIs
- Deprecated the low level Camellia APIs
- Deprecated the low level CAST APIs
- Continued working on deprecation of the low level AES APIs
- Fixed HMAC_CTX to not store a key for any longer than needed
- Continued review of the CMP contribution
- Updates to the website to remove various 1.0.2 references
- Proposed and published the 3.0 timeline
- Fixed a seg fault in EVP_DigestSignUpdate
- PR to make libssl provider aware
- Fixed bug where drbg_delete_thread_state was registered twice
- Fixed a bug in init_thread_stop
- Converted rand_bytes_ex and rand_priv_bytes_ex to public functions
- Implemented the NULL cipher in the default provider
- Introduced the SSL_CTX_new_with_libctx function
- PR to make the RSA ASYM_CIPHER implementation available inside the
FIPS provider
- Fix to detect EOF correctly in libssl
- Modified EVP_PKEY_CTX_new_from_pkey() to take a propquery parameter
- Updated libssl to use RAND_bytes_ex() and RAND_priv_bytes_ex()
- Fixed common test framework options with some tests
- Fixed problem where doc-nits was ignoring ASN1 functions when checking
for undocumented symbols
- Modified doc-nits to not complain about documented symbols when
checking missingcrypto111.txt and missingssl111.txt
- Investigated and proposed fixes for various travis failures
- Fixed builds with no-dh


Matt