Monthly Status: June

Dr Paul Dale pauli at
Wed Jun 30 09:24:04 UTC 2021

Significant activities throughout June were:

  * Fix new Coverity issues 26 real, 4 false positives
  * Address all outstanding (ancient) Coverity issues
  * Fix threads test ordering problem
  * Fix address sanitiser problems in apps relating to uninitialised BN
  * Investigation memory leak in dlopen() that's a known problem with
  * Investigate and fix memory leak when threading in property code
  * Investigation and remediation of several threading problems
  * Add locks to obj_dat.c and obj_xref.c to make the OBJ subsection
    thread safe (post 3.0 after discussion)
  * Added decoded caching to avoid lots of allocations and repeated
    algorithm recreation
  * Implemented a property list find function
  * Add a key manager check to better reuse existing key managers in
    light of algorithm cache flushes
  * Convert SHA one short functions to be functions not macros, to
    accept NULL arguments in a way compatible to 1.1.1
  * Add a memory sanitiser build
  * Tweak the time of execution of CI jobs so they run more widely
  * Fix double to integer conversions in light of the VMS experience
  * Add integer size sanity checks in light of the VMS experience
  * Add tests to evp_test for EVP_Q_ functions
  * Change the way XTS and AEAD ciphers are filtered in apps to unify
    this behaviour
  * Earlier detection of bad digest in req command
  * Covert command line apps to use libctx and property query more
  * Add a -digest option to spkac command
  * Fix auto DH problem where the chosen group didn't necessarily meet
    the current security level
  * Add RSA key size vs entropy checks in FIPS mode
  * Updates to the FIPS checksum script
  * Remove SM2 encoder and decoder from the FIPS provider ... hmmm.
  * Add digest, cipher and PKEY algorithm life cycle documentation
    (including pretty pictures)
  * Update platform policy to allow configuration additions to stable
  * Clean up all remaining TODO notes in the code
  * Update NEWS to current status
  * Fix documentation of up-calls from providers to libcrypto
  * Deprecation of ERR_GET_FUNC()
  * Create a list of things to do after 3.0 for future discussion

In addition were minor pull requests, reviewing, OMC and OTC business, 
et al.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openssl-project mailing list