Skip to content

Releases: mirleft/ocaml-tls

1.0.2

04 Sep 08:25
@hannesm hannesm
v1.0.2
75cb3b6
Compare
Choose a tag to compare
1.0.2 Latest
Latest

CHANGES:

  • tls-lwt: read now has an optional ?off:int argument (#510 @hannesm)
  • Use the kdf package instead of hkdf (#509 @hannesm)

Contributors

hannesm
Assets 3
Loading

1.0.1

25 Aug 14:22
@hannesm hannesm
v1.0.1
0a6bc91
Compare
Choose a tag to compare
1.0.1

CHANGES:

Contributors

dinosaure
Assets 3
Loading

1.0.0

21 Aug 22:32
@hannesm hannesm
v1.0.0
95a90b6
Compare
Choose a tag to compare
1.0.0

CHANGES:

  • API breaking change: remove usage of Cstruct.t inside of TLS, use bytes
    and string instead (#497 by @art-w, @hannesm, @dinosaure, @reynir)
    Performance is up to 3x improved (bandwidth), 2x improvement for handshake/s
    on an Intel Core(TM) i7-5600U CPU @ 2.60GHz
  • FEATURE: add tls-miou-unix package, which adds miou support for TLS
    (#494 #503 @dinosaure)
  • FEATURE: tls-lwt and tls-async: allow TLS over an existing connection
    Tls_lwt.client_of_channels : Tls.Config.client -> ?host:[host] Domain_name.t -> Lwt_io.input_channel * Lwt_io.output_channel -> t Lwt.tandTls_lwt.server_of_channels : Tls.Config.server -> Lwt_io.input_channel * Lwt_io.output_channel -> t Lwt.t`
    (#499 @art-w @MisterDA)
  • API breaking changes: revise errors - reduce the polymorphic variant
    in size, align it with RFC specified errors, be in parts more precise
    about errors, in other parts skip data (#505, @hannesm - fixes #491)
    NB: if you relied on a specific error constructor, please open an issue
  • Remove unused constructors from Packet.{alert_type, compression_methods,
    client_certificate_type, extension_type} (#505, @hannesm)
    NB: if you relied on specific constructors, please open an issue
  • API breaking change: Tls.Config.{server,client} now return a result
    type instead of raising an exception (#502, @hannesm, fixes #411)
  • FEATURE: add bench/speed.exe, a benchmark for bandwidth (for different
    ciphersuites) and handshakes (different key exchanges and private keys)
    (#500 @hannesm @dinosaure @reynir)
  • BUGFIX: tests/feedback.exe update with TLS 1.3 semantics, run as test
    (#501, @hannesm - reported by @dinosaure)

Contributors

hannesm, dinosaure, and 3 other contributors
Assets 3
Loading

0.17.5

14 May 08:26
@hannesm hannesm
v0.17.5
c493430
Compare
Choose a tag to compare
0.17.5

CHANGES:

Contributors

Neustradamus, hannesm, and reynir
Assets 3
Loading

0.17.4

26 Mar 20:11
@hannesm hannesm
v0.17.4
fc78dd8
Compare
Choose a tag to compare
0.17.4

CHANGES:

  • tls: handle half-closed connection properly: a received CLOSE_NOTIFY does not
    lead to a CLOSE_NOTIFY to be sent (a send_close_notify sends it explicitly)
    (#488 @hannesm)
  • tls: modify return type of handle_tls - the Alert is now in the right hand
    side, and `Eof is explicit in the second part of the tuple
    (#488 @hannesm)
  • tls: remove can_handle_appdata, the function handshake_in_progress is
    available (#488 @hannesm)
  • tls-mirage: avoid exceptions in reneg and rekey (#487 @hannesm)
  • tls: remove HEARTBEAT decoding - HEARTBEAT was never supported in this
    library, the decoder was superfluous (#487 @hannesm)
  • tls-mirage: provide underlying : flow -> FLOW.flow (#487 @hannesm,
    fixes #425 @dinosaure)
  • tls-mirage: implement mirage-flow 4 API (val shutdown) (#488 @hannesm)
  • tls-eio: adapt to half-closed connections (#488 @talex5)
  • tls-eio: implement Eio.Resource.Close (#489 @paurkedal, reviewed by @talex5)

Contributors

paurkedal, hannesm, and 2 other contributors
Assets 3
Loading

0.17.3

20 Nov 13:08
@hannesm hannesm
v0.17.3
766eb22
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
0.17.3

CHANGES:

  • tls: provide Engine.export_key_material, which implements RFC 5705 (and 8446)
    TLS EKM (#482 @hannesm)
  • tls: fix protocol_version in Engine.epoch (TLS 1.3 always pretended TLS 1.0)
    (#482 @hannesm)
  • tls: add the side (`Client or `Server) to epoch_data
    (#482 @hannesm)
  • BREAKING tls: Engine.epoch - return result instead of custom variant
    (#483 @hannesm)

Contributors

hannesm
Assets 3
Loading

0.17.2

24 Sep 17:30
@hannesm hannesm
v0.17.2
1175137
Compare
Choose a tag to compare
0.17.2

CHANGES:

Contributors

talex5
Assets 3
Loading

0.17.1

03 Jul 19:41
@hannesm hannesm
v0.17.1
a421e3a
Compare
Choose a tag to compare
0.17.1

CHANGES:

Contributors

tmcgilchrist, hannesm, and torinnd
Assets 3
Loading

0.17.0

01 Mar 15:52
@hannesm hannesm
v0.17.0
7c3fda0
Compare
Choose a tag to compare
0.17.0

CHANGES:

  • tls-async: remove ocaml < 5.0.0 constraint (#471 #474 @hannesm)
  • remove dependency on ppx, especially ppx_cstruct and ppx_sexp_conv across
    the libraries (#473 @hannesm, discussion in #472)

Contributors

hannesm
Assets 3
Loading

0.16.0

14 Feb 14:16
@hannesm hannesm
v0.16.0
d49476a
Compare
Choose a tag to compare
0.16.0

CHANGES:

  • BREAKING: new opam package tls-lwt (formerly tls.lwt), in dune:
    (libraries tls.lwt) should now be libraries (tls-lwt)
    (#468 @hannesm, reported #449 by @mbacarella)
  • tls: update to mirage-crypto 0.11 API (#468 @hannesm)
  • tls: relax SignatureAlgorithms extension handling to allow OpenSSL
    interoperability tests with TLS 1.0 and TLS 1.1 (#469 @hannesm)
  • tls: remove Utils.filter_map and and Utils.option, use Stdlib instead (#455
    @hannesm)
  • tls: do not globally open Utils (#455 @hannesm)
  • tls: export log source of Tracing module (#461 @bikallem)
  • tls: remove unused ciphersuites to reduce binary size (#467 @hannesm)
  • tls-lwt: do not catch out of memory exception (#469 @hannesm)
  • tls-eio: add fuzz testing using crowbar (#456 #463 @talex5)
  • tls-eio: update to eio 0.7 (#456 @talex5)
  • tls-eio: fix test for develop with vendoring (#462 @bikallem)

Contributors

mbacarella, hannesm, and 2 other contributors
Assets 3
Loading