Releases: aws/s2n-tls
Releases · aws/s2n-tls
Release: v1.4.3
Weekly release for January 30 2024
What's Changed
- refactor: ossl x509 parsing by @jmayclin in #4351
- feature: Use S2N_FAST_INTEG_TESTS to run pytest in parallel under nix by @dougch in #4368
- test: add additional test certs by @jmayclin in #4353
- chore: bindings release 0.1.2 by @jmayclin in #4376
- test: additional test certs by @jmayclin in #4378
- chore: add valgrind to nix develop by @dougch in #4365
- test: Adds SSLv3 integ test by @maddeleine in #4372
- More specific error for unexpected cert request by @lrstewart in #4381
- Fix SSLv3 detection with AWS-LC by @goatgoose in #4361
- ci: Disable broken rust dry-runs by @lrstewart in #4384
Full Changelog: v1.4.2...v1.4.3
Contributors
goatgoose, lrstewart, and 3 other contributors
Assets 2
Release: v1.4.2
What's Changed
- Add FIPS security rule by @lrstewart in #4315
- bindings: ensure CFLAGS includes come after libcrypto includes by @WesleyRosenblum in #4338
- (feat): Adds API to allow s2n-quic to check for resumption by @maddeleine in #4335
- chore: bindings release 0.1.1 by @WesleyRosenblum in #4341
- Add PQ integration tests between s2n and AWS-LC's libssl by @alexw91 in #4267
- feat: Publishes mdbook to Github Pages by @maddeleine in #4343
- bug: Fixes mdbook action by @maddeleine in #4345
- ktls: improve messaging around freed handshakes by @lrstewart in #4346
- fix(bindings): remove optional cmake dependency by @camshaft in #4347
- fix: stack-use-after-scope variable ordering by @jmayclin in #4355
- ci: cmake asan build by @jmayclin in #4048
- bindings: clean up blinding tests by @lrstewart in #4356
- Move client hello parsing out of unstable by @lrstewart in #4359
- ktls: add method to track key updates by @lrstewart in #4364
- Add new PQ TLS Policies by @alexw91 in #4327
- Fix s2n_shutdown + failed recv bug by @lrstewart in #4350
- bindings: fix handling of s2n_shutdown errors by @lrstewart in #4358
- Fix initialization errors in unit tests by @goatgoose in #4370
- docs(bench): update docs to reflect aws-lc default by @jmayclin in #4336
Full Changelog: v1.4.1...v1.4.2
Contributors
camshaft, alexw91, and 5 other contributors
Assets 2
Release: v1.4.1
Weekly release for December 22 2023
What's Changed
- documentation: fix security policy table by @jmayclin in #4304
- Enforce security rules on security policies by @lrstewart in #4311
- ci: add workflow for rust bench crate by @jmayclin in #4210
- bindings: release rust bindings 0.1.0 by @toidiu in #4313
- Fix incorrect inline assembly usage in s2n_rand_rdrand_impl by @DimasKovas in #4310
- cleanup: add getter for sequence number by @lrstewart in #4317
- ci: fix pep8 linting by @lrstewart in #4319
- ktls: add TLS1.3 support by @lrstewart in #4314
- ci: switch FreeBSD back to vmactions by @lrstewart in #4326
- ci: ignore cbmc prereleases by @lrstewart in #4328
- ci: switch autopep8 action by @lrstewart in #4322
- ci: pin home crate to fix rust build by @lrstewart in #4330
- ktls: handle TLS1.3 key limits by @lrstewart in #4318
- docs: remove gitter references by @lrstewart in #4332
- Add CBMC proof for s2n_stuffer_printf by @lrstewart in #4309
- ci: fix flaky interning test by @lrstewart in #4334
- ktls: add method to enable TLS1.3 by @lrstewart in #4331
- (docs): Reordered and moved usage guide into an mdbook by @maddeleine in #4300
- bindings: match tcp EOF behavior by @lrstewart in #4323
New Contributors
- @DimasKovas made their first contribution in #4310
Full Changelog: v1.4.0...v1.4.1
Contributors
toidiu, lrstewart, and 3 other contributors
Assets 2
Release: v1.4.0
Weekly release for December 06 2023
What's Changed
- Fixes failing FreeBSD build in CI by @maddeleine in #4272
- Change pkey parse methods to return s2n_result by @lrstewart in #4271
- bindings: release 0.0.41 by @maddeleine in #4276
- Detect KEM support at runtime by @WillChilds-Klein in #4101
- Remove p384 restriction by @jmayclin in #4275
- ci: update integ dependencies by @jmayclin in #4261
- test: remove blinding from self_talk_sesion_id test by @jmayclin in #4281
- Bump cross-platform actions to pull in fix for failing to eject a disk by @maddeleine in #4278
- Add API to retrieve the supported groups for a security policy by @goatgoose in #4273
- bindings(rust): make callbacks Send + Sync by @camshaft in #4289
- fix(bindings): pin jobserver in more places and run cargo publish --dry-run in generate.sh by @WesleyRosenblum in #4255
- fix(bindings): enable session tickets after setting callback by @camshaft in #4292
- bench: increase cert chain length by @jmayclin in #4287
- ci: add mainline coverage job by @jmayclin in #4288
- fix: probe for all AES_GCM ktls variants by @camshaft in #4295
- feat(bindings): use aws-lc-sys instead of openssl-sys by @camshaft in #4290
- Remove NULLs in s2n_kex by @lrstewart in #4293
- feat: Adds ConnectionInitializer to Rust bindings by @maddeleine in #4250
- Remove s2n's internal Kyber512 implementation, and rely on AWS-LC for Kyber support by @alexw91 in #4283
- Clean up selecting a signature algorithm by @lrstewart in #4285
- Bump AWS-LC version to v1.17.4 by @alexw91 in #4303
- Update CloudFront's upstream ECC preference list by @zz85 in #4301
- Add basic "security rules" by @lrstewart in #4298
Full Changelog: v1.3.56...v1.4.0
Contributors
zz85, camshaft, and 7 other contributors
Assets 2
Release: v1.3.56
Weekly release for November 01 2023
What's Changed
- bindings: release 0.0.40 by @WesleyRosenblum in #4251
- docs: remove extra security policy item by @jmayclin in #4248
- refactor(bench): remove non-generic connection logic by @jmayclin in #4236
- Clean up sending supported sig algs by @lrstewart in #4254
- Allow TLS 1.2 servers to report client versions from the supported versions extension by @goatgoose in #4249
- Always apply the PARTIAL_CHAIN flag by @goatgoose in #4258
- Update get_client_cert_chain API documentation by @goatgoose in #4260
- ci: Switch from vmactions to cross-platform-actions by @lrstewart in #4266
- Clean up receiving peer sig alg by @lrstewart in #4259
- fix: update permissions to allow dashboard to write to gh-pages. by @dougch in #4228
- ci: Minor cppcheck speedup by @lrstewart in #4268
Full Changelog: v1.3.55...v1.3.56
Contributors
goatgoose, lrstewart, and 3 other contributors
Assets 2
Release: v1.3.55
Weekly release for October 17 2023
What's Changed
- Run clang-format by @goatgoose in #4238
- bindings: release 0.0.39 by @goatgoose in #4235
- feat: Processes post-handshake messages for quic by @maddeleine in #4218
- chore: pin dependency to fix rust MSRV issues by @toidiu in #4243
- feat: Turns off automatic ticket creation for quic by @maddeleine in #4239
- Switch sig schemes from copies to references by @lrstewart in #4237
- Add new PQ TLS 1.3 policies by @WillChilds-Klein in #4247
Full Changelog: v1.3.54...v1.3.55
Contributors
WillChilds-Klein, goatgoose, and 3 other contributors
Assets 2
Release: v1.3.54
What's Changed
- Add an API for TLS 1.3 exporter by @Mark-Simulacrum in #4230
- ci: add ktls + asan build by @lrstewart in #4213
- ktls: forbid renegotiation by @lrstewart in #4229
- ktls: support aes256 by @lrstewart in #4227
New Contributors
- @Mark-Simulacrum made their first contribution in #4230
Full Changelog: v1.3.53...v1.3.54
Contributors
Mark-Simulacrum and lrstewart
Assets 2
Release: v1.3.53
Weekly release for October 05 2023
What's Changed
- Authorize requests to GitHub API in Run CBMC proofs workflow by @qinheping in #4223
- overwrite the random state key only if initialized by @arielb1 in #4225
- ktls: make usable outside of tests by @lrstewart in #4232
New Contributors
- @qinheping made their first contribution in #4223
Full Changelog: v1.3.52...v1.3.53
Contributors
arielb1, qinheping, and lrstewart
Assets 2
Release: v1.3.52
Weekly release for Sept 25 2023
What's Changed
- ci: Add uemu test with ktls enabled by @lrstewart in #4190
- ktls: add sendfile by @lrstewart in #4186
- ci: Upgrade asan to catch use after scope by @lrstewart in #4192
- ci: run duvet when commits are merged into main branch by @toidiu in #4197
- ktls: self-talk tests for send by @lrstewart in #4189
- Reduce allocs in ktls app data send by @lrstewart in #4181
- ktls: recv alerts by @lrstewart in #4199
- bindings: release 0.0.38 by @goatgoose in #4196
- docs: add citations for alert behavior by @toidiu in #4198
- ktls: receive app data by @lrstewart in #4201
- Add asan support to cmake/nix by @lrstewart in #4194
- build: use feature probes for CLOEXEC by @camshaft in #4206
- docs: add rfc citations by @toidiu in #4202
- ktls: fix flaky test by @lrstewart in #4214
- Generalize io handling + add ktls EINTR handling by @lrstewart in #4203
- ktls: clean up enable by @lrstewart in #4212
- feat: send psk_ke_modes ext in first flight by @jmayclin in #4177
- feat: add s2n_strerror_source API by @camshaft in #4209
- docs: generate citations meta data by @toidiu in #4205
- Add API to retrieve parsed supported groups by @goatgoose in #4216
- ktls: release APIs as unstable by @lrstewart in #4217
Full Changelog: v1.3.51...v1.3.52
Contributors
camshaft, goatgoose, and 3 other contributors
Assets 2
Release: v1.3.51
Weekly release for September 11 2023
What's Changed
- bindings: release 0.0.37 by @goatgoose in #4172
- feat(benchmarks): add session resumption support by @jmayclin in #4173
- api :Add S2N_EXTENSION_SUPPORTED_VERSIONS as s2n_tls_extension_type by @raycoll in #4160
- Small sendv doc fix by @lrstewart in #4178
- ktls: send app data by @lrstewart in #4174
- Add testlib to track memory allocations by @lrstewart in #4180
- ci: buildspec for qemu ktls test by @dougch in #4175
- Allow CI to build with default libcrypto by @lrstewart in #4179
- ktls: send alerts by @lrstewart in #4185
- Commit buildspec for s2nGeneralBatch by @lrstewart in #4188
- Add API to disable certificate validity period validation by @goatgoose in #4183
Full Changelog: v1.3.50...v1.3.51
Contributors
goatgoose, raycoll, and 3 other contributors