Releases · rustls/rustls

Full Changelog: v/0.5.1...v/0.5.2

@frewsxcv

What's Changed

Address some rust-clippy issues. by @frewsxcv in #30

Full Changelog: v/0.5.0...v/0.5.1

@frewsxcv

Tickets.
Coverage testing.
Benchmarking.
Massive performance improvements (from ~1Gbps to ~6Gbps per core).
OSX support.
Minor API corrections and additional testing.

What's Changed

Address some issues brought up by rust-clippy. by @frewsxcv in #27
Remove unnecessary indirection with &Vec, use &[T]. by @frewsxcv in #29

Full Changelog: v/0.1.2...v/0.5.0

@ctz

Introduce client-side support for 0-RTT data in TLS1.3.
Fix a bug in rustls::Stream for non-blocking transports.
Move TLS1.3 support from draft 23 to final RFC8446 version.
Don't offer (e.g.) TLS1.3 if no TLS1.3 suites are configured.
Support stateful resumption in TLS1.3. Stateless resumption
was previously supported, but is not the default configuration.
Breaking API change: generate() removed from StoresServerSessions trait.
Breaking API change: take() added to StoresServerSessions trait.

What's Changed

Support final TLS1.3 version by @ctz in #191
Support stateful resumption in TLS1.3 by @ctz in #197

Full Changelog: v/0.13.1...v/0.14.0

Fix a bug in rustls::Stream for non-blocking transports
(backport).

Full Changelog: v/0.13.0...v/0.13.1

@stepancheg

Move TLS1.3 support from draft 22 to 23.
Add support for SSLKEYLOGFILE; not enabled by default.
Add support for basic usage in QUIC.
ServerConfig::set_single_cert and company now report errors.
Add support for vectored IO: writev_tls can now be used to
optimise system call usage.
Support ECDSA signing for server and client authentication.
Add type like rustls::Stream which owns its underlying TCP stream
and rustls session.

What's Changed

Document what Session::write_tls returns by @stepancheg in #154
Allow Stream instantiation with Session parameter by @stepancheg in #155
Prevent Stream::read() from prematurely returning 0 by @tchebb in #159
Implement support for the QUIC TransportParameters extension by @djc in #162
Allow passing extra extensions to the Client, to be added to the handshake by @djc in #168
Update ring and webpki dependencies. by @briansmith in #172
Send only info log for CloseNotify by @sorpaas in #182
Do less unwrapping. by @briansmith in #179

New Contributors

@tchebb made their first contribution in #159
@sorpaas made their first contribution in #182

Full Changelog: v/0.12.0...v/0.13.0

@briansmith

New API for learning negotiated cipher suite.
Move TLS1.3 support from draft 18 to 22.
Allow server-side MTU configuration.
Tested against latest BoringSSL test suite.
Support RFC5705 exporters.
Provide ResolvesServerCertUsingSNI for doing SNI-based
certificate switching.
Allow disabling SNI extension on clients, for use with
custom server certificate verifiers where the hostname
may not make sense.
DNS names are now typesafe, using webpki::DNSName.
Update dependencies.

What's Changed

Use webpki 0.18 to validate SNI hostname before cert selection. by @briansmith in #106
Give the certificate resolver a webpki::DNSNameRef. by @briansmith in #107
Take the DNS hostname as a webpki::DNSNameRef in ClientSession. by @briansmith in #108
More flexible and safer client authentication API. by @briansmith in #110
Validate client certificates using the id-kp-clientAuth EKU. by @briansmith in #111
Avoid cloning ALPN protocol in get_alpn_protocol(). by @briansmith in #114
Use ring 0.12.1's Eq implementation for digest::Algorithm. by @briansmith in #117
Remove obsolete comment about validating DNS name syntax. by @briansmith in #118
Use safer type ascription workaround in bogo_shim.rs. by @briansmith in #119
Avoid else after return. by @briansmith in #120
Lower logging priority by @crawford in #121
Avoid "error: non-scalar cast: T as f64" errors in bench example. by @briansmith in #103
Split and rename WebPKIClientAuth. by @briansmith in #112
client: make ClientSessionImpl Sync-compatible by @Keruspe in #97
bump base64 to 0.7 by @alex in #122
Add support for disabling SNI by @bvinc in #125
Don't verify SNI names match the certificate on the server side by @bvinc in #126
Add debug log when certificate does not match SNI by @matthauck in #131
Fix a typo by @quininer in #128
Document SAN requirement on certs by @sanmai-NL in #135
bump base64 dependency to 0.8 by @alex in #136
bump base64 dependency to 0.9 by @alex in #142
TLS1.3 draft 22 by @ctz in #141
Add Session::get_negotiated_ciphersuite() by @ymjing in #139

New Contributors

@crawford made their first contribution in #121
@bvinc made their first contribution in #125
@matthauck made their first contribution in #131
@sanmai-NL made their first contribution in #135
@ymjing made their first contribution in #139

Full Changelog: v/0.11.0...v/0.12.0

@briansmith

New server API for learning requested SNI name.
Server now checks selected certificate for validity.
Remove time crate dependency.
Follow webpki interface changes.
Update dependencies.

What's Changed

Use ok_or_else() in server-side certificate resolution. by @briansmith in #94
Add SNI to server session & expose it to the application. by @briansmith in #96
0.11.0: Update dependencies. by @briansmith in #99

Full Changelog: v/0.10.0...v/0.11.0

@quininer

Request and verify SCTs using sct crate. This doesn't happen
unless you pass in some certificate transparency logs -- example code
does this.
Request OCSP stapled response and pass to cert verifier.
Note that OCSP verification is not implemented, but this is the public
API public change required to support this.
Allow OCSP and SCT stapling for servers.
Refactor handshake state machines.
Bind verifications to final state -- note API change for custom cert
verification.

What's Changed

Fix Session::complete_io eof cause infinite loop by @quininer in #87
Use deque to avoid shifting entire vector by @sevagh in #85
Dummy Debug implemnetation for ClientSession and ServerSession by @stepancheg in #76
Update docopt to 0.8. by @moderation in #92

New Contributors

@sevagh made their first contribution in #85
@moderation made their first contribution in #92

Full Changelog: v/0.9.0...v/0.10.0

Full Changelog: v/0.1.1...v/0.1.2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

What's Changed

Contributors

Uh oh!

What's Changed

Contributors

Uh oh!

What's Changed

Contributors

Uh oh!

Uh oh!

What's Changed

New Contributors

Contributors

Uh oh!

What's Changed

New Contributors

Contributors

Uh oh!

What's Changed

Contributors

Uh oh!

What's Changed

New Contributors

Contributors

Uh oh!

Uh oh!

Releases: rustls/rustls

v/0.5.2

Uh oh!

v/0.5.1

What's Changed

Contributors

Uh oh!

v/0.5.0

What's Changed

Contributors

Uh oh!

v/0.14.0

What's Changed

Contributors

Uh oh!

v/0.13.1

Uh oh!

v/0.13.0

What's Changed

New Contributors

Contributors

Uh oh!

v/0.12.0

What's Changed

New Contributors

Contributors

Uh oh!

v/0.11.0

What's Changed

Contributors

Uh oh!

v/0.10.0

What's Changed

New Contributors

Contributors

Uh oh!

v/0.1.2

Uh oh!