Revisions of s2n
buildservice-autocommit
accepted
request 1179907
from
Dirk Mueller (dirkmueller)
(revision 54)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
accepted
request 1179903
from
John Paul Adrian Glaubitz (glaubitz)
(revision 53)
- Update to version 1.4.16 * Merge pull request from GHSA-52xf-5p2m-9wrv * chore(bindings): release 0.2.7 (#4580) * fix: Validate received signature algorithm in EVP verify (#4574) * refactor: add try_compile feature probe for RSA-PSS signing (#4569) * feat: Configurable blinding (#4562) * docs: document s2n_cert_auth_type behavior (#4454) * fix: init implicit iv for serialization feature (#4572) * [Nix] adjust pytest retrys (#4558) * fix: cert verify test fix (#4545) * fix: update default security policies (#4523) * feat(bindings): Associate an application context with a Connection (#4563) * chore(bindings): version bump (#4566) * Additional test cases for s2n_constant_time_equals() (#4559) * test: backwards compatibility test for the serialization feature (#4548) * chore(bench): upgrade rustls (#4554)
buildservice-autocommit
accepted
request 1178685
from
John Paul Adrian Glaubitz (glaubitz)
(revision 52)
baserev update by copy to link target
John Paul Adrian Glaubitz (glaubitz)
accepted
request 1178472
from
John Paul Adrian Glaubitz (glaubitz)
(revision 51)
- Update to version 1.4.15 * bug(nix:corretto): use autoPatchelfHook on all systems and ignore als… (#4561) * feat(bindings): Add API to check for resumption (#4552) * fix: Send zero-length NST when session key is expired (#4532) * feat: add key preferences to rfc9151 policy (#4540) * chore: bindings release 0.2.5 (#4551) * refactor: Avoid unnecessary s2n_hmac calls in s2n_record_write (#4539) * feat: Modify s2nd/c to do serialization/deserialization (#4533)
buildservice-autocommit
accepted
request 1173649
from
Dirk Mueller (dirkmueller)
(revision 50)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
accepted
request 1173613
from
John Paul Adrian Glaubitz (glaubitz)
(revision 49)
- Update to version 1.4.14 * fix: Increase received signature scheme limit (#4544) * fix: Fix a bug in tls1.3 code path (#4513) * ci: grep for S2N_RESULT_ERR without setting s2n_errno (#4534) * style(bindings): fix new clippy lints (#4536) * bin: tool to print security policies (#4524) * feat[bindings]: fips feature flag (#4527) * feat: set certificate_authorities from trust store (#4509)
buildservice-autocommit
accepted
request 1172872
from
Dirk Mueller (dirkmueller)
(revision 48)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
accepted
request 1172753
from
John Paul Adrian Glaubitz (glaubitz)
(revision 47)
- Update to version 1.4.13 * chore(bindings): release 0.2.4 (#4530) * nix gdb/lldb utils (#4460) * binding: Add s2n_connection_get_session on the Connection (#4522) * chore: update s2n-core team (#4520) * fix: Python integ tests are flaky on arm (#4512) * ci: Nix libcrypto helpers (#4422) * ci: Remove actions-rs (#4514) * chore(bindings): Pin `zeroize` to avoid MSRV increase (#4519) * feat: add missing numbered security policies (#4511) * docs(bindings): fix client hello doc tests (#4495) * docs: add more warnings about security policy defaults (#4507) * feat: add basic support for certificate_authorities (#4506) * fix: Fix redundant code (#4504) * chore: Rust bindings bump v1.4.12 (#4505) * fix(sidetrail): Invalid stream cipher struct in proof wrapper (#4484) * refactor: rename error + extension iana for consistency (#4503) - from version 1.4.12 * feat: Serialization Rust APIs (#4493) * refactor: combine TLS1.2 and TLS1.3 sig scheme representations (#4498) * feat: Release C APIs for serialization (#4501) * fix: Wipe conn->in on all record parse failures (#4499)
buildservice-autocommit
accepted
request 1167980
from
John Paul Adrian Glaubitz (glaubitz)
(revision 46)
baserev update by copy to link target
John Paul Adrian Glaubitz (glaubitz)
accepted
request 1167792
from
John Paul Adrian Glaubitz (glaubitz)
(revision 45)
- Update to version 1.4.11 * chore(bindings): release 0.2.2 (#4497) * feat(binding): add key update request api (#4469) * tests: Serialization feature with post-handshake features (#4489) * fix: add missing TLS1.3 p521 sig schemes (#4496) * fix: correct broken early data test (#4494) * fix: better errors for all client auth failures (#4492) - from version 1.4.10 * feat: add s2n_peek_buffered (#4490) * feat: reduce read syscalls to improve performance (#4485) * feat: connection serialization (#4468) * chore(bindings): release 0.2.1 (#4486) * fix(bindings): print cargo commands to stdout (#4482)
buildservice-autocommit
accepted
request 1165449
from
John Paul Adrian Glaubitz (glaubitz)
(revision 44)
baserev update by copy to link target
John Paul Adrian Glaubitz (glaubitz)
accepted
request 1164579
from
John Paul Adrian Glaubitz (glaubitz)
(revision 43)
- Update to version 1.4.9 * New TLS1.2-only variant of 20230317 policy (#4483) * ci: add asan runs under gcc (#4402) * fix: Adds non_exhaustive flag to FingerprintType * fix: refactor rust bindings fingerprint methods (#4474) * example(bindings): client hello cb example (#4385) * feat: getter for TLS1.2 master secrets (#4470) * bindings: ensure CFLAGS includes come after build script includes (#4475) * bindings: mark Connection as Sync (#4467) * Make S2N_CERT_AUTH_OPTIONAL the default for clients (#4390) * fix(test): narrow valgrind suppressions (#4369) * fix: pedantic memory leak in handshake test (#4463) * chore(bindings): release 0.1.7 (#4462)
buildservice-autocommit
accepted
request 1161464
from
Dirk Mueller (dirkmueller)
(revision 42)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
accepted
request 1160585
from
John Paul Adrian Glaubitz (glaubitz)
(revision 41)
- Update to version 1.4.8 * feat: Add additional EC key validation for FIPS (#4452) * refactor: UBSAN build and address out of bound reads (#4440) * Add s2n_stuffer_shift (#4458) * style: fix declarations without initial value (#4404) * feat: Add FIPS mode getter API (#4450) * remove unnecessary includes (#4451) * refactor: clang-tidy null deref and undefined mod (#4436) * refactor: make memmove vs memcpy behavior clearer (#4447) * fix(bindings): Apply with_system_certs to Config builder (#4456) - from version 1.4.7 * api: add key update request functionality (#4453) * style: manual initial value fix (#4449) - from version 1.4.6 * docs: Specify the return value of S2N_FAILURE for IO APIs (#4446) * refactor: enforce stuffer return check (#4399) * refactor: fix unread variable warnings (#4405) * fix: Unsets global libcrypto rand (#4424) * Relax HRR consistency requirements for second client hello (#4429) * fix: prevent enabling ktls with a buffered record header fragment (#4426) * feat: add cert key preferences (#4434) * chore: bindings bump 0.1.6 (#4437) * test: add cert chain with mixed key sizes (#4433) * feat: apply cert signature preferences locally (#4407) * docs: Extend license check to .rs files (#4428) * fix(test): fix dangling pointers in cert verify test (#4430) * Add Rust bindings for certificate chains (#4398) - from version 1.4.5 * fix: parse fragmented sslv2 client hellos (#4425) * chore(ci): Give OpenBSD CI job a performance boost (#4427)
buildservice-autocommit
accepted
request 1149122
from
Dirk Mueller (dirkmueller)
(revision 40)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
accepted
request 1148699
from
John Paul Adrian Glaubitz (glaubitz)
(revision 39)
- Update to version 1.4.4 * allows cmake to force crypto linkage (#4383) * refactor: consolidate record wiping (#4412) * build: make CMake test flags more consistent with make (#4392) * style(bindings): address new clippy lint (#4411) * refactor: generalize cert sig preference handling (#4379) * feat: More client hello getters (#4380) * fix: only initialize default tls 1.3 config in tests (#4302) * Check fd status before using urandom (#4352) * utils: add map iteration iterator (#4377) * chore(bindings): release (#4388) * chore(bindings): bump aws-lc-sys (#4393) * s2n-tls-tokio: use s2n_shutdown_send instead of s2n_shutdown (#4374) * enforce result checking for blob and mem (#4389)
buildservice-autocommit
accepted
request 1145089
from
Dirk Mueller (dirkmueller)
(revision 38)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
accepted
request 1144885
from
John Paul Adrian Glaubitz (glaubitz)
(revision 37)
- Update to version 1.4.3 * ci: Disable broken rust dry-runs (#4384) * Fix SSLv3 detection with AWS-LC (#4361) * More specific error for unexpected cert request (#4381) * test: Adds SSLv3 integ test (#4372) * chore: add valgrind to nix develop (#4365) * test: additional test certs (#4378) * chore: bindings release 0.1.2 (#4376) * test: add additional test certs (#4353) * feature: Use S2N_FAST_INTEG_TESTS to run pytest in parallel under nix (#4368) * refactor: ossl x509 parsing (#4351)
Ana Guerrero (anag+factory)
accepted
request 1141844
from
Dirk Mueller (dirkmueller)
(revision 36)
initialized devel package after accepting 1141844
Dirk Mueller (dirkmueller)
accepted
request 1141736
from
John Paul Adrian Glaubitz (glaubitz)
(revision 35)
- Update to version 1.4.2 * docs(bench): update docs to reflect aws-lc default (#4336) * Fix initialization errors in unit tests (#4370) * bindings: fix handling of s2n_shutdown errors (#4358) * Fix s2n_shutdown + failed recv bug (#4350) * Add new PQ TLS Policies (#4327) * ktls: add method to track key updates (#4364) * Move client hello parsing out of unstable (#4359) * bindings: clean up blinding tests (#4356) * ci: cmake asan buildspec (#4048) * fix: stack-use-after-scope variable ordering (#4355) * fix(bindings): remove optional cmake dependency (#4347) * ktls: improve messaging around freed handshakes (#4346) * bug: Fixes mdbook action (#4345) * feat: Publishes mdbook to Github Pages (#4343) * Add PQ integration tests between s2n and AWS-LC's libssl (#4267) * chore: bindings release 0.1.1 (#4341) * (feat): Adds API to allow s2n-quic to check for resumption (#4335) * bindings: ensure CFLAGS includes come after libcrypto includes (#4338) * Add FIPS security rule (#4315)
Displaying revisions 1 - 20 of 54