v/0.21.0

rustls/rustls

版本发布时间: 2023-07-07 22:22:45

rustls/rustls最新发布版本:v/0.23.15(2024-10-16 21:21:05)

Support for connecting to peers named with IP addresses. This means rustls now depends on a fork of webpki - rustls-webpki - with a suitably extended API.
Breaking change: StoresClientSessions trait renamed to ClientSessionStore and reworked to allow storage of multiple TLS1.3 tickets and avoid reuse of them. This is a privacy improvement, see RFC8446 appendix C.4.
Breaking change: the DistinguishedNames type alias no longer exists; the public API now exports a DistinguishedName type, and the ClientCertVerifier::client_auth_root_subjects() method now returns a &[DistinguishedName] instead (with the lifetime constrained to the verifier's).
Breaking change: the ClientCertVerifier methods client_auth_mandatory() and client_auth_root_subjects() no longer return an Option. You can now use an Acceptor to decide whether to accept the connection based on information from the ClientHello (like server name).
Breaking change: rework rustls::Error to avoid String usage in PeerMisbehavedError, PeerIncompatibleError and certificate errors. Especially note that custom certificate verifiers should move to use the new certificate errors. Error is now non_exhaustive, and so are the inner enums used in its variants.
Breaking change: replace webpki::Error appearing in the public API in RootCertStore::add.
The number of tickets sent by a TLS1.3 server is now configurable via ServerConfig::send_tls13_tickets. Previously one ticket was sent, now the default is four.
Breaking change: remove deprecated methods from Acceptor.
Breaking change: AllowAnyAuthenticatedClient and AllowAnyAnonymousOrAuthenticatedClient new functions now return Self. A boxed function was added to both types to easily acquire an Arc<dyn ClientCertVerifier>.
Breaking change: NoClientAuth::new was renamed to boxed.
Breaking change: the QUIC API has changed to provide QUIC-specific ClientConnection and ServerConnection types, instead of using an extension trait.
Breaking change: the QUIC Secrets constructor was changed to take a Side instead of bool.
Breaking change: the export_keying_material function on a Connection was changed from returning Result<(), Error> to Result<T, Error> where T: AsMut<[u8]>.
Breaking change: the sni_hostname function on a Connection was renamed to server_name.
Breaking change: remove alternative type names deprecated in 0.20.0 (RSASigningKey vs. RsaSigningKey etc.)
Breaking change: the client config session_storage and enable_tickets fields have been replaced by a more misuse resistant Resumption type that combines the two options.

What's Changed

Update development dependencies, migrate to 2021 edition by @djc in https://github.com/rustls/rustls/pull/1140
Use Side enum in QUIC APIs (including public API) by @djc in https://github.com/rustls/rustls/pull/1168
Replace doc(hidden) with pub(crate) where those semantics are intended. by @briansmith in https://github.com/rustls/rustls/pull/939
examples: set rust-version to help guide clippy by @djc in https://github.com/rustls/rustls/pull/1175
In-place handshake joining by @djc in https://github.com/rustls/rustls/pull/1171
TLS 1.3: update record layer directly from key schedule by @djc in https://github.com/rustls/rustls/pull/1167
Remove string content from PeerMisbehavedError and PeerIncompatibleError by @ctz in https://github.com/rustls/rustls/pull/1178
Rework client persistence interface for RFC8446 C.4 client tracking prevention by @ctz in https://github.com/rustls/rustls/pull/1145
Auto-shrink MessageDeframer::buf while at rest by @larsfillmore in https://github.com/rustls/rustls/pull/1180
Rework certificate errors by @ctz in https://github.com/rustls/rustls/pull/1182
Remove string content from rustls::Error by @ctz in https://github.com/rustls/rustls/pull/1176
Fix outdated commentary in rand.rs by @ctz in https://github.com/rustls/rustls/pull/1183
Improve client/server fuzzer drivers by @ctz in https://github.com/rustls/rustls/pull/1185
Changelog items for alpha1 by @ctz in https://github.com/rustls/rustls/pull/1187
improve & test ServerName debug output - workaround by @brodybits in https://github.com/rustls/rustls/pull/1192
Lints: use Self and fix missing semicolons by @nyurik in https://github.com/rustls/rustls/pull/1195
TLS 1.3: Immediately update keys when requested by @jbr in https://github.com/rustls/rustls/pull/1150
Harmonize certificate verifiers construction API by @thalesfragoso in https://github.com/rustls/rustls/pull/1189
Improve error reporting for corrupt messages by @complexspaces in https://github.com/rustls/rustls/pull/1172
small script fixes, gitignore updates. by @cpu in https://github.com/rustls/rustls/pull/1201
docs: fix broken x509-parser FromDer trait links. by @cpu in https://github.com/rustls/rustls/pull/1208
docs: add rustdoc for DigitallySignedStruct. by @cpu in https://github.com/rustls/rustls/pull/1207
Remove trytls shim and helper script. by @cpu in https://github.com/rustls/rustls/pull/1204
docs: add small README for fuzz testing suite. by @cpu in https://github.com/rustls/rustls/pull/1209
chore: delete admin/format-bench. by @cpu in https://github.com/rustls/rustls/pull/1206
msgs: yield Result instead of Option from Reader/Codec by @djc in https://github.com/rustls/rustls/pull/1198
feat: impl safer export_keyring_material interface. by @cpu in https://github.com/rustls/rustls/pull/1211
fix: fail to compile with logging feature disabled by @bebecue in https://github.com/rustls/rustls/pull/1213
Allow user provides more specified certificate validation error as AlertDescription in verifier by @zkonge in https://github.com/rustls/rustls/pull/1199
Adds more certificate errors. by @zkonge in https://github.com/rustls/rustls/pull/1215
CI: update workflow actions, Go tooling. by @cpu in https://github.com/rustls/rustls/pull/1214
Bump webpki to 0.100.0 by @Jarema in https://github.com/rustls/rustls/pull/1220
CONTRIBUTING.md: fix a broken link by @vvv in https://github.com/rustls/rustls/pull/1219
build(deps): bump actions/setup-go from 3 to 4 by @dependabot in https://github.com/rustls/rustls/pull/1223
fuzz: cargo fmt updates and a clippy fix by @cpu in https://github.com/rustls/rustls/pull/1221
Improve caching API for TLS 1.2 by @djc in https://github.com/rustls/rustls/pull/1226
Make ClientSessionValue private by @djc in https://github.com/rustls/rustls/pull/1227
Move three internal enums to public API by @jsha in https://github.com/rustls/rustls/pull/1229
QUIC: introduce separate types for QUIC sessions by @djc in https://github.com/rustls/rustls/pull/1216
Privatize ClientSessionValue APIs by @djc in https://github.com/rustls/rustls/pull/1230
Avoid ClientSessionCommon leaking into public API by @ctz in https://github.com/rustls/rustls/pull/1232
QUIC: restore fixes dropped from the connection type split. by @cpu in https://github.com/rustls/rustls/pull/1236
Move DigitallySignedStruct out of msgs by @djc in https://github.com/rustls/rustls/pull/1231
Remove DecomposedSignatureScheme trait and some public enum cleanup by @djc in https://github.com/rustls/rustls/pull/1234
Make Error and macro-defined enums non-exhaustive by @djc in https://github.com/rustls/rustls/pull/1238
Acceptor: remove deprecated methods and add docs by @jsha in https://github.com/rustls/rustls/pull/1241
Error: hide subvariants of InvalidMessage by @jsha in https://github.com/rustls/rustls/pull/1243
Create newtype wrappers and remove Vec aliases by @djc in https://github.com/rustls/rustls/pull/1245
anchors: add a pointer from add to add_parseable. by @cpu in https://github.com/rustls/rustls/pull/1248
client: centralize and linearize resumption preparation by @djc in https://github.com/rustls/rustls/pull/1239
error: restore PartialEq implementation by @jsha in https://github.com/rustls/rustls/pull/1252
examples: make logging non-optional. by @cpu in https://github.com/rustls/rustls/pull/1258
anchors: tweak rustdoc comment about malformed roots. by @cpu in https://github.com/rustls/rustls/pull/1249
ClientCertVerifier: remove "abort connection" return values by @jsha in https://github.com/rustls/rustls/pull/1242
no-default-features: clippy fixes and CI coverage. by @cpu in https://github.com/rustls/rustls/pull/1255
document secret_extraction feature flag by @jsha in https://github.com/rustls/rustls/pull/1261
Remove deprecated type aliases by @djc in https://github.com/rustls/rustls/pull/1263
Reduce CIFuzz timeout to 300s by @djc in https://github.com/rustls/rustls/pull/1260
Further client resumption tweaks by @djc in https://github.com/rustls/rustls/pull/1251
Prepare 0.21.0 release by @djc in https://github.com/rustls/rustls/pull/1262

New Contributors

@larsfillmore made their first contribution in https://github.com/rustls/rustls/pull/1180
@brodybits made their first contribution in https://github.com/rustls/rustls/pull/1192
@nyurik made their first contribution in https://github.com/rustls/rustls/pull/1195
@thalesfragoso made their first contribution in https://github.com/rustls/rustls/pull/1189
@bebecue made their first contribution in https://github.com/rustls/rustls/pull/1213
@zkonge made their first contribution in https://github.com/rustls/rustls/pull/1199
@Jarema made their first contribution in https://github.com/rustls/rustls/pull/1220
@vvv made their first contribution in https://github.com/rustls/rustls/pull/1219

Full Changelog: https://github.com/rustls/rustls/compare/v/0.20.8...v/0.21.0

相关地址：原始地址下载(tar) 下载(zip)

查看：2023-07-07发行的版本