Release summary
- Removed s2n's internal DRBG and delegates randomness generation to libcrypto when supported.
- Added the strict CNSA 2.0 TLS policy and a transitional policy from CNSA 1.0 to 2.0
- mTLS TLS1.3 handshakes are ~4% faster
What's Changed
- chore(s2n-tls): v0.3.35 release by @boquan-fang in #5765
- fix: update memory snapshots by @jmayclin in #5771
- fix: make get_alert idempotent by @jmayclin in #5767
- chore: fix crate name by @jmayclin in #5769
- chore: delete unused s2n_stuffer_alloc_ro functions by @firedog1234 in #5757
- fix: add required metadata for subscriber by @jmayclin in #5776
- docs: add comments about sslv3 weaknesses by @WesleyRosenblum in #5777
- fix(bindings): replace bare as usize casts in Tokio I/O callbacks by @WesleyRosenblum in #5780
- feat(s2n-metric-subscriber): add supported parameters by @jmayclin in #5768
- build(deps): bump jidicula/clang-format-action from 4.16.0 to 4.17.0 in /.github/workflows in the all-gha-updates group by @dependabot[bot] in #5784
- refactor(rand): deprecate internal DRBG implementation by @kaukabrizvi in #5775
- docs: clarify integrity protection requirements for connection serialization by @WesleyRosenblum in #5782
- build(deps): bump the all-gha-updates group in /.github/workflows with 2 updates by @dependabot[bot] in #5787
- feat: add strict and interop CNSA 2.0 policies by @CarolYeh910 in #5760
- ci: add 'style' to PR title check by @CarolYeh910 in #5792
- fix(aws-lc): Update test for aws/aws-lc#3101 by @alexw91 in #5788
- feat(build): Add option to enforce correct libcrypto feature probing by @goatgoose in #5579
- ci: fix install_awslc_fips script by @CarolYeh910 in #5790
- fix: Gates rolling hash of all supported hash algorithms to TLS1.2 by @maddeleine in #5803
- chore: remove codeowners by @dougch in #5797
- docs: clean up DRBG references across docs, APIs, and templates by @kaukabrizvi in #5789
- fix: reject certs with literal-IP CN and no SAN by @CarolYeh910 in #5804
- ci: upgrade nix awslc version by @CarolYeh910 in #5805
- fix(ci): update MSRV for extended crates from 1.72 to 1.77 by @jouho in #5810
New Contributors
- @firedog1234 made their first contribution in #5757
Full Changelog: 1.7.1...v1.7.2
Contributors
alexw91, goatgoose, and 10 other contributors
