rust/rustls
rust
/
rustls
mirror of https://github.com/ctz/rustls
1
0
Fork 0
Code Issues Releases Wiki Activity
rustls/RELEASE_NOTES.md

16 KiB
Raw Permalink Blame History

Release history:

  • 0.20.8 (2023-01-12)
    • Yield an error from ConnectionCommon::read_tls() if buffers are full. Both a full deframer buffer and a full incoming plaintext buffer will now cause an error to be returned. Callers should call process_new_packets() and read out the plaintext data from reader() after each successful call to read_tls().
    • The minimum supported Rust version is now 1.57.0 due to some dependencies requiring it.
  • 0.20.7 (2022-10-18)
    • Expose secret extraction API under the secret_extraction cargo feature. This is designed to enable switching from rustls to kTLS (kernel TLS offload) after a successful TLS 1.2/1.3 handshake, for example.
    • Move filtering of signature schemes after config selection, avoiding the need for linking in encryption/decryption code for all cipher suites at the cost of exposing more signature schemes in the ClientHello emitted by the Acceptor.
    • Expose AlertDescription, ContentType, and HandshakeType, SignatureAlgorithm, and NamedGroup as part of the stable API. Previously they were part of the unstable internals API, but were referenced by parts of the stable API.
    • We now have a Discord channel for community discussions.
    • The minimum supported Rust version is now 1.56.0 due to several dependencies requiring it.
  • 0.20.6 (2022-05-18)
    • 0.20.5 included a change to track more context for the Error::CorruptMessage which made API-incompatible changes to the Error type. We yanked 0.20.5 and have reverted that change as part of 0.20.6.
  • 0.20.5 (2022-05-14)
    • Correct compatbility with servers which return no TLS extensions and take advantage of a special case encoding.
    • Remove spurious warn-level logging introduced in 0.20.3.
    • Expose cipher suites in ClientHello type.
    • Allow verification of IP addresses with dangerous_config enabled.
    • Retry I/O operations in ConnectionCommon::complete_io() when interrupted.
    • Fix server::ResolvesServerCertUsingSni case sensitivity.
  • 0.20.4 (2022-02-19)
    • Correct regression in QUIC 0-RTT support.
  • 0.20.3 (2022-02-13)
    • Support loading ECDSA keys in SEC1 format.
    • Support receipt of 0-RTT "early data" in TLS1.3 servers. It is not enabled by default; opt in by setting ServerConfig::max_early_data_size to a non-zero value.
    • Support sending of data with the first server flight. This is also not enabled by default either: opt in by setting ServerConfig::send_half_rtt_data.
    • Support read_buf interface when compiled with nightly. This means data can be safely read out of a rustls connection into a buffer without the buffer requiring initialisation first. Set the read_buf feature to use this.
    • Improve efficiency when writing vectors of TLS types.
    • Reduce copying and improve efficiency in TLS1.2 handshake.
  • 0.20.2 (2021-11-21)
    • Fix CipherSuite::as_str() value (as introduced in 0.20.1).
  • 0.20.1 (2021-11-14)
    • Allow cipher suite enum items to be stringified.
    • Improve documentation of configuration builder types.
    • Ensure unused cipher suites can be removed at link-time.
    • Ensure single-use error types implement std::error::Error, and are public.
  • 0.20.0 (2021-09-26)
    • Breaking change: Connection is now an enum instead of a trait. You can abstract over ClientConnection and ServerConnection with a bound like where C: Deref<ConnectionCommon<SD>>, SD: SideData.
    • Breaking change: the SNI arguments to ClientCertVerifier methods have been removed. The Acceptor API now allows selecting a ServerConfig based on the ClientHello instead.
    • Unclean TCP closure is now tracked by the library. This means a new error is possible when reading plaintext: ErrorKind::UnexpectedEof will be returned in this case.
    • Breaking change: insulate the rustls public API from webpki API changes:
      • PKI errors are now reported using rustls-specific errors.
      • There is now a rustls-specific root trust anchor type.
    • Breaking change: the following types are no longer exposed in the crate root, and can instead be imported through the client module exposed in the crate root: ResolvesClientCert, StoresClientSessions, WriteEarlyData, ClientSessionMemoryCache, NoClientSessionStorage, HandshakeSignatureValid, ServerCertVerified, ServerCertVerifier, WebPkiVerifier and DangerousClientConfig.
    • Breaking change: the following types are no longer exposed in the crate root, and can instead be imported through the server module exposed in the crate root: AllowAnonymousOrAuthenticatedClient, AllowAnyAuthenticatedClient, NoClientAuth, ResolvesServerCertUsingSni, NoServerSessionStorage, ServerSessionMemoryCache, StoresServerSessions, ClientHello, ProducesTickets, ResolvesServerCert, ClientCertVerified and ClientCertVerifier.
    • Breaking API change: QuicExt::write_hs() now returns a KeyChange type that returns handshake or 1-RTT keys. In the case of 1-RTT keys, a KeyChange also includes a Secrets type that must be used to derive further key updates, independent from the rustls Connection. The QuicExt::next_1rtt_keys() method has been removed.
    • Breaking API change: QUIC header protection keys now use a new type that directly exposes a masking/unmasking operation.
  • 0.20.0-beta2 (2021-07-04)
    • Breaking change: internal buffers are now limited to 64 kB by default. Use Connection::set_buffer_limit to change the buffer limits to suit your application.
    • Breaking API change: PEM parsing now lives in the rustls-pemfile crate. This means rustls::internals::pemfile and rustls::RootCertStore::add_pem_file no longer exist.
    • Breaking API change: ServerCertVerifier::verify_server_cert and ClientCertVerifier::verify_client_cert pass the end-entity and intermediate certificates separately. This means rustls deals with the case where the certificate chain is empty, rather than leaving that to ServerCertVerifier/ClientCertVerifier implementation.
    • Breaking API change: SupportedCipherSuite is now an enum with TLS 1.2 and TLS 1.3 variants. Some of its methods have moved to the inner Tls12CipherSuite and Tls13CipherSuite types. Instead of usable_for_version(), it now has a version() method. get_hash() has been renamed to hash_algorithm() and usable_for_sigalg() to usable_for_signature_algorithm().
    • There are now 80% fewer unreachable unwraps in the core crate thanks to large refactoring efforts.
    • Breaking API change: the WebPkiError variant of rustls::Error now includes which operation failed.
    • Breaking API changes: These public API items have been renamed to meet naming guidelines:
      • rustls::TLSError to rustls::Error.
      • rustls::ResolvesServerCertUsingSNI to rustls::ResolvesServerCertUsingSni.
      • rustls::WebPKIVerifier to rustls::WebPkiVerifier.
      • rustls::ciphersuites to rustls::cipher_suites.
      • rustls::ALL_CIPHERSUITES to ALL_CIPHER_SUITES; rustls::DEFAULT_CIPHERSUITES to DEFAULT_CIPHER_SUITES.
      • rustls::ClientHello::sigschemes to rustls::ClientHello::signature_schemes.
      • rustls::RootCertStore::get_subjects to rustls::RootCertStore::subjects.
      • rustls::ServerSession to rustls::ServerConnection.
      • rustls::ClientSession to rustls::ClientConnection.
      • rustls::ServerSession::get_sni_hostname to rustls::ServerConnection::sni_hostname.
      • rustls::ClientConfig::ciphersuites to rustls::ClientConfig::cipher_suites.
      • rustls::ServerConfig::ciphersuites to rustls::ServerConfig::cipher_suites.
      • rustls::ProducesTickets::get_lifetime to rustls::ProducesTickets::lifetime.
      • rustls::Session: get_peer_certificates to peer_certificates, get_alpn_protocol to alpn_protocol, get_protocol_version to protocol_version, get_negotiated_ciphersuite to negotiated_cipher_suite.
    • Breaking API change: ResolvesServerCert::resolve and ResolvesClientCert::resolve now return Option<Arc<CertifiedKey>> instead of Option<CertifiedKey>. CertifiedKey is now an immutable type.
    • Breaking API change: peer_certificates returns a borrow rather than a copy on the internally stored certificate chain.
    • Breaking API change: ClientConnection's DNS name parameter is now a new enum, ServerName, to allow future support for ECH and servers named by IP address.
  • 0.19.1 (2021-04-17):
    • Backport: fix security issue: there was a reachable panic in servers if a client sent an invalid ClientECDiffieHellmanPublic encoding, due to an errant unwrap() when parsing the encoding.
  • 0.19.0 (2020-11-22):
    • Ensured that get_peer_certificates is both better documented, and works uniformly for both full-handshake and resumed sessions.
    • Fix bug: fully qualified hostnames should have had their trailing dot stripped when quoted in the SNI extension.
  • 0.18.1 (2020-08-16):
    • Fix DoS vulnerability in TLS1.3 "Middlebox Compatibility Mode" CCS handling. This is thought to be quite minor -- see this commit message for a full discussion.
  • 0.18.0 (2020-07-04):
    • Allow custom certificate validation implementations to also handle handshake signature computation. This allows uses in non-web contexts, where webpki is not likely to process the certificates in use. Thanks to @DemiMarie-parity.
    • Performance improvements. Thanks to @nviennot.
    • Fixed client authentication being unduly rejected by client when server uses the superseded certificate_types field of CertificateRequest.
    • Breaking API change: The writev_tls API has been removed, in favour of using vectored IO support now offered by std::io::Write.
    • Added ed25519 support for authentication; thanks to @potatosalad.
    • Support removal of unused ciphersuites at link-time. To use this, call ClientConfig::with_ciphersuites instead of ClientConfig::new.
  • 0.17.0 (2020-02-22):
    • Breaking API change: ALPN protocols offered by the client are passed to the server certificate resolution trait (ResolvesServerCert).
    • Breaking API change: The server certificate resolution trait now takes a struct containing its arguments, so new data can be passed to these functions without further breaking changes.
    • Signature schemes offered by the client are now filtered to those compatible with the client-offered ciphersuites. Prior to this change it was likely that server key type switching would not work for clients that offer signature schemes mismatched with their ciphersuites.
    • Add manual with goal-oriented documentation, and rationale for design decisions.
    • Breaking API change: AlwaysResolvesClientCert::new is now fallible, as is ClientConfig::set_single_client_cert.
  • 0.16.0 (2019-08-10):
    • Optimisation of read path for polled non-blocking IO.
    • Correct an omission in TLS1.3 middlebox compatibility mode, causing handshake failures with servers behind buggy middleboxes.
    • Move to ring 0.16.
    • Assorted refactoring to reduce memory usage during and after handshake.
    • Update other dependencies.
  • 0.15.2 (2019-04-02):
    • Moved example code around for benefit of Fuchsia.
    • Example code fixes for Windows -- Windows is now a tested platform.
    • QUIC-specific bug fixes.
    • Update dependencies.
  • 0.15.1 (2019-01-29):
    • Fix incorrect offering of SHA1.
  • 0.15.0 (2019-01-20):
    • Update dependencies.
    • Breaking API change: ALPN protocols are now encoded as a Vec<u8>, not a String. This alters the type of:
      • ClientConfig::alpn_protocols
      • ClientConfig::set_protocols
      • ServerConfig::alpn_protocols
      • ServerConfig::set_protocols
      • Session::get_alpn_protocol
    • Emit a warning when receiving an invalid SNI extension, such as one including an IP address.
    • Extended QUIC support for later QUIC drafts.
    • Correct bug where we'd send more than one fatal alert for handshake failure cases.
    • Discontinue support for SHA1 signatures.
    • Move to Rust 2018 edition.
  • 0.14.0 (2018-09-30):
    • Introduce client-side support for 0-RTT data in TLS1.3.
    • Fix a bug in rustls::Stream for non-blocking transports.
    • Move TLS1.3 support from draft 23 to final RFC8446 version.
    • Don't offer (e.g.) TLS1.3 if no TLS1.3 suites are configured.
    • Support stateful resumption in TLS1.3. Stateless resumption was previously supported, but is not the default configuration.
    • Breaking API change: generate() removed from StoresServerSessions trait.
    • Breaking API change: take() added to StoresServerSessions trait.
  • 0.13.1 (2018-08-17):
    • Fix a bug in rustls::Stream for non-blocking transports (backport).
  • 0.13.0 (2018-07-15):
    • Move TLS1.3 support from draft 22 to 23.
    • Add support for SSLKEYLOGFILE; not enabled by default.
    • Add support for basic usage in QUIC.
    • ServerConfig::set_single_cert and company now report errors.
    • Add support for vectored IO: writev_tls can now be used to optimise system call usage.
    • Support ECDSA signing for server and client authentication.
    • Add type like rustls::Stream which owns its underlying TCP stream and rustls session.
  • 0.12.0 (2018-01-06):
    • New API for learning negotiated cipher suite.
    • Move TLS1.3 support from draft 18 to 22.
    • Allow server-side MTU configuration.
    • Tested against latest BoringSSL test suite.
    • Support RFC5705 exporters.
    • Provide ResolvesServerCertUsingSNI for doing SNI-based certificate switching.
    • Allow disabling SNI extension on clients, for use with custom server certificate verifiers where the hostname may not make sense.
    • DNS names are now typesafe, using webpki::DNSName.
    • Update dependencies.
  • 0.11.0 (2017-08-28):
    • New server API for learning requested SNI name.
    • Server now checks selected certificate for validity.
    • Remove time crate dependency.
    • Follow webpki interface changes.
    • Update dependencies.
  • 0.10.0 (2017-08-12):
    • Request and verify SCTs using sct crate. This doesn't happen unless you pass in some certificate transparency logs -- example code does this.
    • Request OCSP stapled response and pass to cert verifier. Note that OCSP verification is not implemented, but this is the public API public change required to support this.
    • Allow OCSP and SCT stapling for servers.
    • Refactor handshake state machines.
    • Bind verifications to final state -- note API change for custom cert verification.
  • 0.9.0 (2017-06-16):
    • Update dependencies.
    • Add IO helper function (complete_io) to rustls::Session.
    • Add blocking stream type -- rustls::Stream -- to ease use on top of blocking sockets.
  • 0.8.0 (2017-05-14):
    • Add dangerous_configuration feature for unsafe features.
  • 0.7.0 (2017-05-08):
    • Update dependencies.
  • 0.6.0 (2017-05-06):
    • Update dependencies.
    • Expose ring's new support for PKCS#8-format private keys.
    • New API for applying limitation to internal buffer sizes.
  • 0.5.8 (2017-03-16):
    • Fix build on later rustc.
  • 0.5.7 (2017-02-27):
    • No changes from 0.5.6; republished with nightly cargo for category support.
  • 0.5.6 (2017-02-19):
    • RFC7627 extended master secret support
    • Assorted documentation improvements
  • 0.5.5 (2017-02-03):
    • Crate categories.
    • Protocol errors now permanent for given session.
    • Exposed ResolvesServerCert trait for customising certification selection.
    • Exposed SignatureScheme enum.
  • 0.5.4 (2017-01-26):
    • First release with TLS1.3-draft-18 support.
    • More performance improvements (now ~15Gbps per core).
    • New API to learn version of negotiated connection.
  • 0.5.0 (2016-09-27):
    • Tickets.
    • Coverage testing.
    • Benchmarking.
    • Massive performance improvements (from ~1Gbps to ~6Gbps per core).
    • OSX support.
    • Minor API corrections and additional testing.