Releases: aws/aws-lc
Releases · aws/aws-lc
v1.53.1
What's Changed
- Add timeouts to PQ TLS Integ Tests by @alexw91 in #2464
- Split ssl handshake tests by @justsmth in #2489
- Add password prompting support & EVP_read_pw_string by @smittals2 in #2419
- Impl BIO_ADDR_xxx functions by @justsmth in #2439
- Update mlkem-native to v1 by @hanno-becker in #2451
- Prepare v1.53.1 by @justsmth in #2492
Full Changelog: v1.53.0...v1.53.1
Contributors
alexw91, hanno-becker, and 2 other contributors
Assets 2
v1.53.0
What's Changed
- Add build with hardened flag by @m271828 in #2396
- Openssl tool output ordered by options provided by @justsmth in #2452
- [SCRUTINICE] Remove redundant condition check by @nhatnghiho in #2450
- Support relro in delocator by @torben-hansen in #2455
- Explicitly don't allow buffers aliasing in ctr-drbg implementation by @torben-hansen in #2458
- Remove unused Windows afunix.h by @justsmth in #2461
- Revert "Rework memory BIOs and implement BIO_seek (2nd try) (#2433)" by @justsmth in #2466
- Use max_cert_list for TLSv1.3 NewSessionTicket by @skmcgrail in #2453
- ML-KEM memory safety by @m271828 in #2263
- Simplify Compiler CI jobs by @justsmth in #2430
- Improve support for multilib-style distros in our test scripts by @justsmth in #2467
- Fix Ruby mainline and nginx CI by @samuel40791765 in #2460
- Add hardened build back in by @m271828 in #2474
- Fix OCSP integration test failures by @samuel40791765 in #2480
- Fix some theoretical missing earlyclobber markers in inline assembly by @torben-hansen in #2477
- Simplify sshkdf and kbkdf by @torben-hansen in #2478
- Run 3p module tests on python 3.13, add patch for 3.14 by @WillChilds-Klein in #2476
- [UPSTREAM] Fix BIO_eof for BIO pairs by @justsmth in #2440
- Fix service indicator in HKDF, more paranoid zeroization, and simplify logic by @torben-hansen in #2482
- Prepare v1.53.0 by @justsmth in #2471
New Contributors
Full Changelog: v1.52.1...v1.53.0
Contributors
skmcgrail, WillChilds-Klein, and 5 other contributors
Assets 2
v1.52.1
What's Changed
- Increase default salt from 8 to 16 bytes for PKCS#8 & PKCS#12 by @xnox in #2409
- fix(nix): Make sure bssl is in the PATH; workaround nix build failure… by @dougch in #2431
- Fix path-has-spaces test by @justsmth in #2436
- Create pre-production stage for CI pipeline by @nhatnghiho in #2282
- Fix CI cross-mingw by @justsmth in #2437
- Display X509 fingerprint after hash by @justsmth in #2444
- Prepare v1.52.1 by @justsmth in #2445
New Contributors
Full Changelog: v1.52.0...v1.52.1
Contributors
xnox, nhatnghiho, and 2 other contributors
Assets 2
v1.52.0
What's Changed
- Set OPENSSL_NO_EXTERNAL_PSK_TLS13 to indicate lack of TLS 1.3 PSK by @WillChilds-Klein in #2399
- BIO datagram functions by @justsmth in #2321
- Reject NewSessionTicket messages with empty tickets in TLS 1.3 by @justsmth in #2367
- Ensure that AVX512 is not used on macOS by @justsmth in #2363
- Fix socket test issues by @torben-hansen in #2404
- Remove python CI patch for main by @WillChilds-Klein in #2407
- Remove xmlsec patch by @smittals2 in #2405
- Fix clang tidy ci by @justsmth in #2375
- Mark fallible container operations as
nodiscardby @justsmth in #2366 - Remove extra va_end in err_add_error_vdata by @justsmth in #2364
- Check for QUIC in SSL_process_quic_post_handshake by @justsmth in #2365
- Add missing symbols for Unbound by @nhatnghiho in #2352
- Update mlkem-native by @hanno-becker in #2406
- CI for iOS by @justsmth in #2389
- Squelch clang-tidy by @justsmth in #2414
- Clang-tidy is still noisy by @justsmth in #2417
- Add back two rules for clang-tidy by @smittals2 in #2418
- Implement BIO_dump by @kingstjo in #2331
- Make ASN1_get_object a direct call by @samuel40791765 in #2332
- Add Python 3.9 CI patch by @WillChilds-Klein in #2415
- Rework memory BIOs and implement BIO_seek by @nhatnghiho in #2380
- ML-DSA: ASN.1 Module - add parsing of BOTH private key format by @jakemas in #2416
- Detection of unused results by @justsmth in #2411
- Fix gtest_util.sh failure detection by @justsmth in #2423
- Remove unused docs/configs by @torben-hansen in #2427
- ML-DSA: Add ML-DSA keyGen to break-kat.go by @jakemas in #2422
- Fix CI for mingw by @justsmth in #2428
- Bump AWSLC_API_VERSION for X509_STORE_CTX_set_verify_crit_oids by @samuel40791765 in #2426
- Revert "Rework memory BIOs and implement BIO_seek (#2380)" by @samuel40791765 in #2432
- Resolve SSL_PRIVATE_METHOD and certificate slots functionality by @skmcgrail in #2429
Full Changelog: v1.51.1...v1.52.0
Contributors
skmcgrail, WillChilds-Klein, and 8 other contributors
Assets 2
v1.51.2
What's Changed
Full Changelog: v1.51.1...v1.51.2
Contributors
justsmth
Assets 2
v1.51.1
Contributors
justsmth and ognevny
Assets 2
v1.51.0
What's Changed
- Fix ImplDispatchTest for 32-bit x86 build by @dkostic in #2386
- No need for MacOS large/xlarge by @justsmth in #2384
- Revert "Update patch for Postgres (#2232)" by @samuel40791765 in #2358
- Fix socat test by @justsmth in #2388
- Remove special s2n-bignum source code processing at buid-time by @torben-hansen in #2385
- Correct typo in malloc debug environment variable by @torben-hansen in #2391
- Fix PQ Integration tests by @alexw91 in #2392
- Remove patch for IbmTpm by @smittals2 in #2393
- Support allowing specific unknown critical extensions by @samuel40791765 in #2377
- Add Xmlsec to our CI by @smittals2 in #2333
- Bump to v1.51.0 by @samuel40791765 in #2395
Full Changelog: v1.50.1...v1.51.0
Contributors
alexw91, samuel40791765, and 4 other contributors
Assets 2
v1.50.1
What's Changed
- Fix GCC 4.8 docker img; Also w/ GCC 7.5 by @justsmth in #2344
- Fix LibRdKafka CI by @smittals2 in #2372
- Expand .clang-tidy configuration by @justsmth in #2356
- nginx-1.28.0 aws-lc-nginx.patch by @robvanoostenrijk in #2373
- s2n bignum import method change by @torben-hansen in #2324
- Fix a theoretical overflow in BIO_printf by @justsmth in #2369
- Fix tpm2-tss integration test by @justsmth in #2370
- Bump to v1.50.1 by @justsmth in #2378
Full Changelog: v1.50.0...v1.50.1
Contributors
robvanoostenrijk, torben-hansen, and 2 other contributors
Assets 2
v1.50.0
What's Changed
- Remove FFDHE and SECLEVEL python test patches by @WillChilds-Klein in #2307
- Remove unused ENABLE_DILITHIUM CMake option by @andrewhop in #2304
- SSL_in_*_init macros by @justsmth in #2302
- Fix link to bcm.c in FIPS.md by @justsmth in #2309
- Test build with CMake v4.0 by @justsmth in #2251
- Update formal verification section in README.md by @pennyannn in #2301
- Add CI for Xtrabackup by @samuel40791765 in #2275
- Add Libwebsockets to our CI by @smittals2 in #2290
- Implement legacy callback with BIO_set_callback by @kingstjo in #2285
- Import mlkem-native by @hanno-becker in #2176
- Split out socket BIO tests by @justsmth in #2320
- Run clang tidy by @justsmth in #2323
- Tweaking clang-tidy config by @justsmth in #2329
- Reinstate indefinite length and [UNIVERSAL 0] support in crypto/asn1 by @samuel40791765 in #2306
- Implemented no-op CRYPTO_mem_ctrl by @kingstjo in #2295
- SCRUTINICE Fixes by @smittals2 in #2326
- Fix clang-tidy lints by @justsmth in #2328
- Reinstate support for constructed strings in crypto/asn1 by @samuel40791765 in #2310
- Migrate jobs from ubuntu-20.04 to ubuntu-22.04 by @skmcgrail in #2337
- Add SecP384r1MLKEM1024 by @alexw91 in #2327
- Test on 13.5 and 14.2 FreeBSD which are non-EOL, Fix Workflow by @skmcgrail in #2338
- Add FIPS callback tests for x86 AL2023 and arm AL2/AL2023 by @andrewhop in #2311
- Checkout full depth of repo for tag ci check to work on push events by @skmcgrail in #2343
- Fix CMake (< v3.20) warning by @justsmth in #2345
- Add MLDSA44 and MLDSA87 to OBJ_find_sigid_algs by @lrstewart in #2348
- Bump AWSLC_API_VERSION to account for OBJ_find_sigid_algs bug by @lrstewart in #2349
- GCC-10 & Clang-10 testing for Ubuntu-20.04 via container by @skmcgrail in #2346
- Fix CI - MySQL 2025-04 by @justsmth in #2355
- Stop more background process that might be holding any apt locks in the EC2 test framework by @andrewhop in #2317
- Add AES CBC cipher to speed.cc by @andrewhop in #2315
- Add X509_VERIFY_PARAM_get_hostflags by @WillChilds-Klein in #2359
- Enable IPv6 for curl integ by @justsmth in #2357
- Add null check for EVP_get_digestbyobj by @samuel40791765 in #2360
- Bump to v1.50.0 by @justsmth in #2354
New Contributors
- @lrstewart made their first contribution in #2348
Full Changelog: v1.49.1...v1.50.0
Contributors
skmcgrail, WillChilds-Klein, and 9 other contributors
Assets 2
v1.49.1
What's Changed
- FIPS Integrity Hash Tooling by @skmcgrail in #2296
- Add more build options to match callback build by @andrewhop in #2279
- Add req to OpenSSL CLI tool by @smittals2 in #2284
- Turn on better logging for EC2 test framework by @andrewhop in #2298
Full Changelog: v1.49.0...v1.49.1
Contributors
skmcgrail, andrewhop, and smittals2