swift-nio-ssl

SemVer Patch

• Enable X509_V_FLAG_TRUSTED_FIRST so the trust store is searched for issuer certificates before searching the untrusted certificates when building a certificates chain. (#220)
• Update BoringSSL to 53a17f55247101105ae35767d5c5a6c311843a8e. (#218)
• link swift-nio-extras in docs (#208)

Semver Patch

• Fixed a rare crash when tearing down connections. (#217)
• Updated BoringSSL to 7c522995d1ea5386b3223a19b0f62e73c1f76b17. (#216)

Semver Patch

• Support @_implementationOnly on Swift 5.3. (#212)
• Fixed broken docker builds. (#209, #214)
• Fixed some flaky tests. (#213)

Semver Patch

• Fixed an issue whereby stopTLS had no timeout, so attempting to remove a handler from a pipeline could wedge it open. Timing out now fires an error and fails the promise, but does not close the channel. (#205, #206)

SemVer Minor

• universal bootstrap support (#185)
• Fix for unprocessed data before closing throwing unnecessary errors (#198, patch credit to @agnosticdev)

SemVer Patch

• Update BoringSSL to 5298ef99bf2b2d77600b3bb74dd572027bf495be (#200)
• Get rid of do { ... } catch { ... } for expected errors (#19, patch credit to @shekhar-rajak)
• fix typo in README (#195, patch credit to @realdoug)
• Add Build Podspec Script (#193, patch credit to @Jake-Prickett)
• update docs generation script to work better with selinux (#194)
• Adjust import to allow for CocoaPod support (#192 , patch credit to @Jake-Prickett)
• Mitigate Folly/BoringSSL static linking issue. (#191)
• Removed explicit Equatable implementations. (#187, patch credit to @agnosticdev)
• Replace NIOSSLError.unableToAllocateBoringSSLObject with fatalError (#186, patch credit to @agnosticdev)
• Swapped applicationProtocols check for encodedApplicationProtocols. (#184, patch credit to @agnosticdev)

Semver Patch

• Replace calls to deprecated SwiftNIO functions. (#183)

SemVer Patch

• Update BoringSSL to 21a879a78a60c8667468a9eba994c8365eaf92ea. (#182)
• tell github that Sources/CNIOBoringSSL is vendored (#180)
• Avoid curried thunks (workaround SR-12115) (#176)
• improve docker security (#178)

SemVer Minor

• Provide better certificate verification callback (#171)
• Add hashability to Certificate and PrivateKey (#169)

SemVer Patch

• enable @_implementationOnly for Swift 5.3 (#174)
• Add API for dumping certificate bytes. (#172)
• Allow testing deprecated functions. (#170)
• Update BoringSSL to 0deb91ab3f7e24307572497f0f7438684590bf92 (#167)

SemVer Minor

• Remove unsafe code from hostname verification (#166)
• Better errors when we fail hostname verification (#165)

SemVer Patch

• Add missing cases to == for NIOSSLError and BoringSSLError (#163)
• tests: remove unused varible (#162)
• test lots of closes (#161)

SemVer Patch

• Add regression limits for allocation tests. (#160)
• Update BoringSSL to 134fb89c4f9da7903d9aa81c6bd1d3c466782de1 (#159)
• Update Code of Conduct project maintainer email address (#157)
• Refactor doUnbufferWrites reduce memory pressure (#155)
• Add benchmarks. (#154)
• add harness for performance tests (#156)
• Add allocation counter tests. (#153)
• Add regression test for executable stacks. (#152)

Semver Patch

• Fixed an issue where some symbols were not correctly namespaced on Linux. (#150)
• Updated testing. (#145)
• Updated BoringSSL to 6ba98ff. (#149)

Semver Patch

• Raised minimum dependency on SwiftNIO to 2.9.0 and removed build warnings. (#144)
• Cleaned up internal use of the Swift pointer APIs to better reflect best practices. (#143)

Semver Patch

• Fixed compilation on Linux aarch64. (#141)
• Improved testing. (#138)
• Updated BoringSSL. (#142)

Semver Patch

• Fixed the namespacing of a number of BoringSSL functions. (#131)
• Fix up some inline assembly. (#137)
• CI and documentation fixes (#132, #133)

SemVer Minor

• Use UInt8 instead of Int8 for buffer types (#127)

SemVer Patch

• Avoid using a deprecated enum case in the README (#126)
• Use CInt and CUnsignedInt when calling C APIs (#128)
• Don't pass read-only bytes as mutable to BoringSSL (#129)

Semver Patch

• Resolved an issue where compilation on 64-bit ARM platforms would fail due to missing compiler defines. (#125)

Semver Minor

• Added support for loading multiple certificates from a single PEM file or buffer, deprecated the old mechanism for doing so. (#123)

Semver Patch

• Changed the BoringSSL header namespacing strategy to work better with swift package generate-xcodeproj-based Xcode projects. (#122)
• Fix a crash when attempting to load a private key that is password protected without providing a password. (#119)
• Clean up documentation. (#120)

Semver Minor

• Added support for TLS client authentication via renegotiation on the client side. (#111)
• Hid BoringSSL properly from users. (#117)

Semver Patch

• Updated BoringSSL to a86c69888b9a416f5249aacb4690a765be064969. (#118)
• Miscellaneous testing improvements. (#114)

Semver Patch

• Removed assembly helpers for 32-bit Apple platforms, fixing compile issues. (#109)
• Updated BoringSSL to cef9d3f38d72f13412c79157c25753e22cb05f7e. (#109)

Semver Minor

• Add a timeout to TLS shutdown, ensuring that channels don't get stuck open. (#100)
• Add a callback that enables SSLKEYLOGFILE support. (#98)

Semver Patch

• Correctly set SSL_VERIFY_FAIL_IF_NO_PEER_CERT when turning on cert verification. (#107)
• Fix an issue where we use non-thread-safe buffers to print error strings. (#102)
• Update BoringSSL. (#108)
• Improve API docs. (#103)