As well as normal reviews, responding to user queries, wiki user requests, OMC business, handling security reports, etc., key activities this month:
- Ongoing review work on the CMP contribution - Fixed some issues with the XTS documentation - Updated WPACKET to be able to do "end first" writing to support DER_w_* functions - Make X509_STORE_CTX libctx aware - Updated the CT code to be library context aware - Enabled export_to functions to have access to the libctx - Made PrivateKey loading libctx aware - Enabled Ed25519/Ed448 signing/verifying to be libctx aware - Investigated and created a POC for CVE-2020-1967 - Made X509_verify() libctx aware - PR to run sslapitest with the FIPS module - PR to run ssl_test_new with the FIPS module - Investigated and fixed issue on website where the scripts failed if we only had one tarball - PR to run ssl_test_old with the FIPS module - Ensured calls to EC_POINT_point2buf use a libctx - Ensure import_to functions pass a libctx - Fixed an issue in libssl which resulted in no alert being sent even though a fatal error occurred - Wrote a wiki page about 3.0 - Performed the 1.1.1g release - Fixed no-des - Fixed no-ec - Fixed no-dh and no-dsa - Fixed no-deprecated tests when the GOST engine is present - Fixed no-err - Performed the alpha1 release - Fixed ssl_test_old when SSLv3 is enabled - Fixed typo in the makefile templates meaning that fips.so and legacy.so were not being installed - Fixed the raw provider key implementation - Performed the 1.0.2v release for premium support customers - Updated to the testsuite to centralise environment variable setting and fix a problem with test_includes Matt