0.23.20

Release notes:

• Support hybrid key exchange optimization: this improves efficiency of hybrid post-quantum key exchanges when the classical half of the hybrid is selected, which will be common during the post-quantum transition. This optimization is described in and allowed by draft-ietf-tls-hybrid-design; we plan to produce a short report soon illustrating its benefits.

This release, like 0.23.18, has an MSRV of 1.71. We are aware of a compiler bug in 1.71 that may affect rustls and recommend 1.73 or later.

What's Changed

• fix codecov.io upload by @ctz in #2236
• bench: optionally record individual handshake latencies by @ctz in #2224
• CI: enable doc tests on all CI hosts (and update CI doc test comments) by @brodycj in #2242
• replace unnecessary use of .map_or() with .is_some_and() by @brodycj in #2240
• Document a MSRV policy by @ctz in #2243
• Assorted clippy fixes by @ctz in #2245
• Normalise syntax of test_for_each_provider! by @ctz in #2222
• openssl-tests: fix clippy::zombie_processes warnings by @ctz in #2248
• performance headlines / landing page by @ctz in #2246
• multithreading benchmarking write-up by @ctz in #2207
• 2024-11-28-threading report: fix link by @ctz in #2250
• README: link to more providers by @ctz in #2251
• Port version bump to 0.23.19 to main by @djc in #2254
• Lock file maintenance by @renovate-bot in #2253
• Implement post-quantum hybrid KX optimisation by @ctz in #2136
• style.css: fix <pre> blowing out page width by @ctz in #2255
• docs: reduce permission scope by @cpu in #2261
• Lock file maintenance by @renovate-bot in #2262
• Restructure hybrid key exchange implementation by @ctz in #2259
• Improve fuzzing coverage and improve processed data tracking by @ctz in #2249
• openssl-tests: install openssl from source by @ctz in #2263
• examples: use inner hostname in ech-client HTTPS DNS query by @cpu in #2268
• server: remove ClientHello constructor by @djc in #2270
• fix rustls-provider-example hpke no-std support by @brodycj in #2269
• nit: remove trailing space from doc comments by @brodycj in #2273
• Release notes for rustls 0.23.20 & rustls-post-quantum 0.2.0 by @ctz in #2272

Full Changelog: v/0.23.18...v/0.23.20

rustls-post-quantum 0.2.1

Administrative release -- fixes the crate README. See https://github.com/rustls/rustls/releases/tag/rustls-post-quantum-v%2F0.2.0

What's Changed

• Fix rustls-post-quantum readme by @ctz in #2275

Full Changelog: rustls-post-quantum-v/0.2.0...rustls-post-quantum-v/0.2.1

rustls-post-quantum 0.2.0

Release notes:

• Move to standardized X25519MLKEM768. This removes support for the previous -- pre-standardization -- X25519Kyber768Draft00, which is a breaking change.
• Support MLKEM768 separately. Thanks to @dconnolly.

In the near future we plan to integrate rustls-post-quantum into the core rustls crate.

What's Changed

• rustls-post-quantum: correct formatting by @ctz in #1850
• Add path for rustls-post-quantum -> rustls dependency by @ctz in #1865
• docs: update ROADMAP post-quantum kex item by @cpu in #1894
• post-quantum: move from kyber768 to ML-KEM768 by @ctz in #2175
• Implement post-quantum hybrid KX optimisation by @ctz in #2136
• Release notes for rustls 0.23.20 & rustls-post-quantum 0.2.0 by @ctz in #2272

Full Changelog: rustls-post-quantum-v/0.1.0...rustls-post-quantum-v/0.2.0

0.23.19

This release is functionally equivalent to 0.23.18, except the MSRV has been relaxed back to 1.63. The next release, 0.23.20, will return to an MSRV of 1.71. This release is intended to give users with conservative MSRV requirements a release that contains the fix for RUSTSEC-2024-0399.

Note that this is a one-off; there will not be future releases with MSRV 1.63 (for future security fixes or otherwise).

What's Changed

• Prepare 0.23.19 by @ctz in #2244

Full Changelog: v/0.23.18...v/0.23.19

0.23.18

Release notes:

• Availability issue: correct a panic in the Acceptor API when a client hello is fragmented over several TLS messages. This was introduced in 0.23.13. It does not affect earlier versions. Thank you to @kvinwang for the report and fix.
• Avoid sending TLS1.2 session ticket extension for TLS1.3-only handshakes. Thank you to @link2xt for the report and fix.
• Improve TLS1.2 receive performance when using aws-lc-rs.
• Move crate minimum supported Rust version to 1.71.

What's Changed

• ci: enable bindgen feature on correct aws-lc-sys by @ctz in #2215
• fix(deps): update rust crate asn1 to 0.19 by @renovate-bot in #2216
• Upgrade hickory-resolver to alpha 3 by @djc in #2218
• Extract benchmark tool from core crate by @ctz in #2208
• raw_key_openssl_interop.rs: reformat imports by @ctz in #2219
• Avoid inefficient aws-lc-rs open_within() by @ctz in #2221
• Move MSRV to 1.71 by @ctz in #2220
• fix(deps): update rust crate asn1 to 0.20 by @renovate-bot in #2223
• chore(deps): lock file maintenance by @renovate-bot in #2217
• fix: do not send session_ticket(35) extension for TLS 1.3 by @link2xt in #2203
• tests: linearize new test code helper by @djc in #2225
• rustls-bench: fix warnings with no features by @ctz in #2226
• Manage dependencies via the workspace by @djc in #2229
• Fix panicking in Acceptor::accept() by @kvinwang in #2231
• Add reproducer for bug 2227 by @ctz in #2233
• Prepare 0.23.18 by @ctz in #2234

New Contributors

• @kvinwang made their first contribution in #2231

Full Changelog: v/0.23.17...v/0.23.18

0.23.17

• Performance improvement: by default rustls servers now send fewer TLS1.3 tickets to a client. The old default was 4 tickets, now it is 2. The number can be tuned if needed by setting ServerConfig::send_tls13_tickets.
• Performance improvement: the default ticket rotator now has improved multithreaded performance.

What's Changed

• Add note about ed25519 browser support by @ctz in #2186
• doc(no_inline) rustls::pki_types re-export by @ctz in #2188
• server: default send_tls13_tickets 4 -> 2 by @cpu in #2187
• build: bump nightly for cargo-check-external-types by @ctz in #2191
• Assorted "design" documentation, and record stance on custom TLS extension APIs by @ctz in #2189
• cancel-in-progress github action runs keyed on PR/ref by @ctz in #2197
• minor improvements to internal test imports by @brodycj in #2199
• Introduce TicketRotator, a version of TicketSwitcher with improved thread scalability by @ctz in #2193
• Support multithreaded benchmarks by @ctz in #2192
• Static site for rustls.dev, including home for performance reports by @ctz in #2201
• add arm performance results by @ctz in #2206
• StoresServerSessions: guarantee keys are high entropy by @ctz in #2209
• fix(deps): update rust crate zlib-rs to 0.4 by @renovate-bot in #2210
• chore(deps): update codecov/codecov-action action to v5 by @renovate-bot in #2211
• Prepare 0.23.17 by @ctz in #2214

Full Changelog: v/0.23.16...v/0.23.17

0.23.16

Release notes

• Add support for RFC 7250 raw public keys.

What's Changed

• ci: update ECH daily-test configuration by @cpu in #2161
• Support for Raw Public Keys (RFC 7250) by @holodorum in #2062
• ci: restore defo.ie ECH daily test by @cpu in #2164
• bench: avoid debug_assert by @ctz in #2163
• client/tls12: remove stale ref to SCT verification by @cpu in #2166
• Remove crossbuilds and coverage from merge_checks by @ctz in #2165
• bench: match default BoringSSL/OpenSSL ticket count by @ctz in #2167
• Faster TLS1.3 server resumption by @ctz in #2168
• Markdown fixes in manual by @ctz in #2169
• Change link to the NSS Key Log Format by @yedayak in #2170
• consistent APIs for connection FIPS indicator by @cpu in #2174
• Make ciphersuite enum smaller by @ctz in #2172
• automate dead link checking of documentation by @cpu in #2173
• Lychee linkcheck tweaks by @cpu in #2176
• ci: loosen lychee-action version by @cpu in #2178
• fix(deps): update rust crate asn1 to 0.18 by @renovate-bot in #2180
• post-quantum: move from kyber768 to ML-KEM768 by @ctz in #2175
• Expose ConfigBuilder::crypto_provider() by @djc in #2181
• chore(deps): lock file maintenance by @renovate-bot in #2185
• Don't warn on UserCanceled alerts by @djc in #2184
• Bump version to 0.23.16 by @djc in #2183

0.23.15

Release notes

• Improve performance when reading plaintext data in small increments (#2154)

What's Changed

• chore(deps): lock file maintenance by @renovate-bot in #2150
• chore(deps): lock file maintenance by @renovate-bot in #2153
• fix: renamed structs to correct naming inconsistency by @hex1c in #2152
• Improve receive performance by @ctz in #2155
• list ECH as a feature, fix some low-hanging nightly clippy findings. by @cpu in #2157
• Use re-exported pki-types everywhere by @djc in #2158
• bench: decrease bench allocator traffic by @ctz in #2160
• Prepare 0.23.15 by @ctz in #2156

New Contributors

• @hex1c made their first contribution in #2152

Full Changelog: v/0.23.14...v/0.23.15

0.23.14

Release notes

• Breaking change for no_std users: The return type of CryptoProvider::install_default() would change depending on the std crate feature. This was unintended and is corrected in this release. But that does mean this semver-compatible release contains a breaking API change, albeit only for users who omit the std crate feature. Our apologies in advance.
• Performance improvements especially for servers doing a full TLS1.3 handshake, and clients doing a resumed TLS1.2 handshake.
• Improvements to example code: demonstrate usage of TLS1.3 early data (thanks to @tahmid-23) & using clap for CLI.

What's Changed

• Allow SupportedKxGroup to be version-specific by @ctz in #2112
• Improve early data examples by @tahmid-23 in #2102
• chore(deps): lock file maintenance by @renovate-bot in #2124
• Send flights of handshake messages in single message by @ctz in #2120
• Fix daily connect-tests by @cpu in #2127
• Fix links in howto section of manual by @ctz in #2129
• Lower noise in ci-bench by @ctz in #2123
• examples: convert tlsserver-mio from docopt to clap by @djc in #2126
• Small refactors by @liujustin604 in #2130
• chore(deps): lock file maintenance by @renovate-bot in #2131
• Remove remaining uses of docopt by @ctz in #2132
• Eliminate large copies in resumption code paths by @ctz in #2122
• Eliminate an allocation in signature verification by @ctz in #2135
• chore(deps): lock file maintenance by @renovate-bot in #2139
• Fix tls13_packed_handshake test bitrot by @ctz in #2141
• Migrate to pki-types PEM decoder by @ctz in #2140
• Cargo: hashbrown 0.14 -> 0.15 by @cpu in #2143
• fix(deps): update rust crate brotli to v7 by @renovate-bot in #2144
• Refer to FIPS cert in fips.rs by @ctz in #2145
• default crypto provider improvements by @brodycj in #2089
• Update bogo by @ctz in #2146
• Take aws-lc-rs 1.10 by @ctz in #2147
• Prepare 0.23.14 by @ctz in #2149

New Contributors

• @liujustin604 made their first contribution in #2130

Full Changelog: v/0.23.13...v/0.23.14

0.23.13

• Add new custom-provider crate feature to disable installation of built-in provider. This may be useful in situations where your application wishes to ensure consistent use of a custom crypto provider throughout the dependency tree. Thanks to @stormshield-gt
• Ensure only max_early_data_size bytes of early data will be accepted, if it is read while it is being received. Thanks to @tahmid-23 for the report and fix.
• Use the ticket construction recommended by RFC5077 for the default aws-lc-rs ticketer.
• Take aws-lc-rs 1.9 -- this removes the build-time requirement for NASM on Windows. There is an environment variable which reenables the old behaviour of building these artifacts from source.

What's Changed

• Spell checker pass by @ctz in #2053
• Fix clippy lints stabilised in 1.80 by @ctz in #2055
• Update CLI of example tlsserver-mio to support early data and disabling resumption (closes #2058) by @Leonie-Theobald in #2059
• Take upstream bogo changes, and expand testing using it by @ctz in #2057
• Enable one more bogo ECH test, update skip reason for another by @cpu in #2061
• Rewrite message deframer by @ctz in #2049
• Remove default_fips_provider() item without aws_lc_rs by @ctz in #2064
• Fix daily-tests failures by @ctz in #2065
• Avoid hanging if the client disconnects while self.wants_write() by @lasiotus in #2060
• fix(deps): update rust crate asn1 to 0.17 by @renovate-bot in #2067
• chore(deps): lock file maintenance by @renovate-bot in #2069
• Remove unused code in ServerConnection::new by @DragonDev1906 in #2073
• aws_lc_rs: implement RFC 5077 recommended ticketer by @cpu in #2066
• Optimise crate size by @ctz in #2077
• chore(deps): lock file maintenance by @renovate-bot in #2080
• Add end entity and client public keys in PEM format for testing by @holodorum in #2078
• Crypto: add feature to disable installation of built-in provider by @stormshield-gt in #2082
• Reinstate coverage of CryptoProvider provider fns by @ctz in #2083
• remove Send + Sync not needed from client session storage field by @brodycj in #2087
• chore: remove trailing spaces by @brodycj in #2090
• polyfill: allow dead code w/o built-in providers, no-std by @cpu in #2091
• nit(ci): remove extra blank line from .github/workflows/build.yml by @brodycj in #2094
• ci: trim daily-tests powerset by @cpu in #2093
• Ensure only max_early_data_size will be read after reading from ReadEarlyData by @tahmid-23 in #2097
• nit(ci): remove a trailing space from daily-tests.yml by @brodycj in #2098
• ci: cross-target build & test updates by @brodycj in #2095
• chore(deps): lock file maintenance by @renovate-bot in #2105
• Tidy logging macros by @ctz in #2106
• nit: move rustls::crypto::CryptoProvider documentation item by @brodycj in #2107
• Fix excessively long first rustdoc paragraphs by @ctz in #2109
• Remove FFDHE constants from programs that don't use FFDHE by @ctz in #2092
• Mention rustls-wolfcrypt-provider in providers docs by @gasbytes in #2110
• fix(deps): update rust crate zlib-rs to 0.3 by @renovate-bot in #2111
• Take aws-lc-rs 1.9 by @ctz in #2118

New Contributors

• @Leonie-Theobald made their first contribution in #2059
• @lasiotus made their first contribution in #2060
• @DragonDev1906 made their first contribution in #2073
• @holodorum made their first contribution in #2078
• @stormshield-gt made their first contribution in #2082
• @tahmid-23 made their first contribution in #2097
• @gasbytes made their first contribution in #2110

Full Changelog: v/0.23.12...v/0.23.13