My key activities this month were: - triage of newly reported issues, investigating bugs, and responding to questions - participation on the meetings - cooperation with Mark and Tim on the hiring process - participation on QUIC design, proposal for congestion control pluggable algorithm API - participation on the CVE-2022-0778 handling including the release review
- reviews of various PRs: - I've reviewed more than 80 PRs this month - Notable PRs reviewed: - Add TFO support to socket BIO and s_client/s_server #8962 - enable CMS sign/verify for provider-implemented PKEYs #17733 - Add ASYNC_set_mem_functions ASYNC_get_mem_functions #17762 - adding external oqsprovider testing #17832 - Add SSL_kDHEPSK and SSL_kECDHEPSK as PFS ciphersuites for SECLEVEL >= 3 #17763 - EVP_MD performance fix (refcount cache contention) #17857 - Remove statistics tracking from LHASH #17935 - Decoder resolution performance optimizations #17921 - submitted 15 PRs: - In particular: - The PRs for all the branches handling CVE-2022-0778 - Replace handling of negative verification result with SSL_set_retry_verify() #17825 - DH: Make padding always on when X9.42 KDF is used #17859 - tls_process_server_hello: Disallow repeated HRR #17936 - Import only named params into FIPS module #17998 -- Tomáš Mráz, OpenSSL