rustls/rustls v/0.23.28

0.23.28

on GitHub

• New feature: expose number of TLS1.3 tickets received via ClientConnection::tls13_tickets_received(). Thanks to @Frando.
• New feature: add ClientHello::named_groups() -- see #2484 for background.
• New feature: support for secp256r1mlkem768 key exchange. This is not offered by default, but rustls::crypto::aws_lc_rs::kx_group::SECP256R1MLKEM768 can be added to a custom CryptoProvider::kx_groups. Thanks to @cjpatton.
• Improve error reporting for unsupported signature schemes.

What's Changed

• fuzz: remove Cargo patch for webpki by @cpu in #2450
• Update verifybench test data by @ctz in #2453
• Update dependencies by @djc in #2452
• manual: add a short howto debugging section by @cpu in #2451
• chore(deps): update dependency go to v1.24.3 by @renovate-bot in #2454
• SECURITY.md: temporal updates by @ctz in #2456
• internals: clean up item order around ClientHelloPayload by @djc in #2457
• Small clippy fixes by @cpu in #2458
• Rework clippy setup by @ctz in #2460
• Nightly clippy fixes by @ctz in #2461
• Upgrade to criterion 0.6 by @djc in #2464
• Move some tests about; reduce duplication of test helper code by @ctz in #2462
• Enable more lints on internal crates by @ctz in #2465
• Fix "Format (unstable)" job in CI by @ctz in #2466
• Fix nightly docs by @ctz in #2467
• Support rustls-graviola in rustls-bench by @ctz in #2469
• Fix bug in crypto::aws_lc_rs::pq::hybrid::Layout by @cjpatton in #2470
• Support secp256r1mlkem768 by @ctz in #2471
• Convert more low-level integration tests into unit tests by @ctz in #2472
• Disable clippy::clone_on_ref_ptr lint by @ctz in #2474
• Prefer x.clone() to Arc::clone(&x) by @ctz in #2475
• feat: expose the number of received TLS1.3 resumption tickets by @Frando in #2476
• Convert more low-level integration tests into unit tests by @ctz in #2473
• Eliminate redundant HandshakeMessagePayload::typ field by @ctz in #2478
• Introduce specific error for unsupported signatures by @ctz in #2479
• Take semver-compatible updates by @ctz in #2481
• Further precursor refactors from "Improve TLS extension representation" by @ctz in #2482
• Only include renegotiation SCSV for TLS1.2 attempts by @ctz in #2486
• ci-bench: low-noise benchmarks with rustls-fuzzing-provider by @ctz in #2483
• Expose named_groups extension in ClientHello by @ctz in #2488
• Prepare 0.23.28 by @ctz in #2499

New Contributors

• @cjpatton made their first contribution in #2470
• @Frando made their first contribution in #2476

Full Changelog: v/0.23.27...v/0.23.28