Skip to content

Release: v1.5.10

Latest
Latest
Compare
Choose a tag to compare
@crypto-transport-libs-ci-bot crypto-transport-libs-ci-bot released this 16 Dec 23:55
v1.5.10
2e79e7e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Weekly release for December 16 2024

Release Summary:

  • Updated CMake version from 3.0 to 3.9.
  • Added TLS1.2 support for RSA-PSS certificates. Previously, RSA-PSS certificates could only be used with TLS1.3.
  • Customers can now use application owned certs from the rust bindings. This allows rust consumers of s2n-tls to load certificates for many domains on a single config, and also allows certificates to be shared across a config.
  • Fixed a bug in certificate pem parsing. We now correctly reject certificate chains where the last certificate is unexpectedly significantly truncated (for example, missing the final "-- END CERTIFICATE --" marker).

What's Changed

  • ci: add open fds valgrind check by @boquan-fang in #4851
  • chore: add a cargo audit action by @dougch in #4862
  • chore: bindings release 0.3.7 by @lrstewart in #4894
  • test: add rust well-known-endpoint tests by @jmayclin in #4884
  • test(s2n-tls-hyper): Add localhost http tests by @goatgoose in #4838
  • ci: fixes for cargo audit by @dougch in #4895
  • ci: grant dependabot status update permissions by @dougch in #4898
  • doc: add information about s2n-tls software architecture by @boquan-fang in #4868
  • test: remove load system certs functionality for s2n_default_tls13_config by @toidiu in #4897
  • tests: pin tests to a numbered TLS1.2 policy by @toidiu in #4905
  • build(deps): bump JulienKode/team-labeler-action from 0.1.1 to 1.3 in /.github/workflows by @dependabot in #4889
  • build(deps): bump nixbuild/nix-quick-install-action from 21 to 29 in /.github/workflows by @dependabot in #4890
  • test(s2n-tls-hyper): matching on s2n-tls error by @jmayclin in #4906
  • build(deps): bump actions/checkout from 3 to 4 in /.github/workflows by @dependabot in #4888
  • ci: Move kTLS test out of GeneralBatch by @dougch in #4904
  • doc: document generating bindings with prebuilt libs2n by @jouho in #4872
  • feat: add alert mappings for certificate errors by @camshaft in #4919
  • test: pin optional client auth test to a TLS 1.2 policy by @toidiu in #4914
  • test: expand s2n_record_read testing to both TLS1.3 and TLS1.2 by @toidiu in #4903
  • build(deps): bump aws-actions/configure-aws-credentials from 4.0.1 to 4.0.2 in /.github/workflows by @dependabot in #4892
  • chore: Ocsp timeout adjustment by @dougch in #4866
  • chore(bindings): feature gate network tests by @jmayclin in #4907
  • ci: add awslc-fips and openssl-1.0.2-fips to valgrind by @boquan-fang in #4912
  • upgrade cmake version to 3.9 by @jouho in #4933
  • chore: add new team member by @CarolYeh910 in #4939
  • (chore): Fixes team-label github action by @maddeleine in #4935
  • test: pin tests to TLS 1.2/TLS 1.3 policy by @toidiu in #4926
  • fix(bindings): address clippy issues from 1.83 by @jmayclin in #4941
  • ci(refactor): remove Valgrind checks from omnibus and generalBatch by @boquan-fang in #4913
  • ci: add openssl-1.0.2-fips to fuzz test by @boquan-fang in #4942
  • fix(s2n-tls-hyper): Add proper IPv6 address formatting by @goatgoose in #4938
  • refactor: add a s2n_libcrypto_is_openssl() helper function by @toidiu in #4930
  • ci(refactor): remove fuzz tests from Omnibus by @boquan-fang in #4945
  • ci(refactor): remove ASAN from Omnibus and GeneralBatch by @boquan-fang in #4946
  • test(bindings): run unit tests under asan by @jmayclin in #4948
  • feat: feature probe S2N_LIBCRYPTO_SUPPORTS_ENGINE by @toidiu in #4878
  • feat: TLS1.2 support for RSA-PSS certificates by @lrstewart in #4927
  • ci: add change directory to third-party-src logic by @boquan-fang in #4950
  • build(deps): bump github/codeql-action from 2 to 3 in /.github/workflows by @dependabot in #4917
  • build(deps): bump cross-platform-actions/action from 0.23.0 to 0.26.0 in /.github/workflows by @dependabot in #4951
  • build(deps): bump peaceiris/actions-gh-pages from 3 to 4 in /.github/workflows by @dependabot in #4921
  • build(deps): bump actions/cache from 2.1.4 to 4.1.2 in /.github/workflows by @dependabot in #4928
  • ci(refactor): deprecate Omnibus by @boquan-fang in #4953
  • ci: batch dependabot updates by @jmayclin in #4959
  • feat(bindings): enable application owned certs by @jmayclin in #4937
  • ci: update CRT test ubuntu version to ubuntu24 by @boquan-fang in #4964
  • tests: allow TLS1.2 with RSA-PSS certs in integ tests by @lrstewart in #4949
  • feat(s2n-tls-hyper): Add support for negotiating HTTP/2 by @goatgoose in #4924
  • build(deps): bump the all-gha-updates group in /.github/workflows with 5 updates by @dependabot in #4961
  • (chore): Installs Nix in AL2023 Buildspec by @maddeleine in #4934
  • chore(binding): release 0.3.8 by @boquan-fang in #4969
  • chore: fix GHA for merge-queue by @dougch in #4973
  • chore(bindings): move tokio examples to dedicated folder by @jmayclin in #4954
  • docs: specify s2n_blob growable conditions by @jmayclin in #4943
  • fix: pem parsing detection of last cert errors by @lrstewart in #4908
  • refactor(bench): remove historical benchmarks by @jmayclin in #4940

New Contributors

Full Changelog: v1.5.9...v1.5.10

Contributors

camshaft, goatgoose, and 9 other contributors
Assets 2
Loading