Monthly Status Report (March 2022)
Tomas Mraz
tomas at openssl.org
Fri Apr 1 13:23:31 UTC 2022
My key activities this month were:
- triage of newly reported issues, investigating bugs, and responding
to questions
- participation on the meetings
- cooperation with Mark and Tim on the hiring process
- participation on QUIC design, proposal for congestion control
pluggable algorithm API
- participation on the CVE-2022-0778 handling including the release
review
- reviews of various PRs:
- I've reviewed more than 80 PRs this month
- Notable PRs reviewed:
- Add TFO support to socket BIO and s_client/s_server #8962
- enable CMS sign/verify for provider-implemented PKEYs #17733
- Add ASYNC_set_mem_functions ASYNC_get_mem_functions #17762
- adding external oqsprovider testing #17832
- Add SSL_kDHEPSK and SSL_kECDHEPSK as PFS ciphersuites for
SECLEVEL >= 3 #17763
- EVP_MD performance fix (refcount cache contention) #17857
- Remove statistics tracking from LHASH #17935
- Decoder resolution performance optimizations #17921
- submitted 15 PRs:
- In particular:
- The PRs for all the branches handling CVE-2022-0778
- Replace handling of negative verification result with
SSL_set_retry_verify() #17825
- DH: Make padding always on when X9.42 KDF is used #17859
- tls_process_server_hello: Disallow repeated HRR #17936
- Import only named params into FIPS module #17998
--
Tomáš Mráz, OpenSSL
More information about the openssl-project
mailing list