Skip to content

v/0.101.0
Compare
Choose a tag to compare
@ctz ctz released this 26 Jul 12:13
· 365 commits to main since this release
v/0.101.0
This tag was signed with the committer’s verified signature.
cpu Daniel McCarney
GPG key ID: 08FB2BFC470E75B4
Learn about vigilant mode.
05e736f
This commit was signed with the committer’s verified signature.
cpu Daniel McCarney
GPG key ID: 08FB2BFC470E75B4
Learn about vigilant mode.

Release notes

  • Breaking change: added EndEntity::verify_is_valid_tls_client_cert
    argument for certificate revocation lists.
  • Breaking change: removed Time::try_from.
  • Breaking change: removed From<DnsNameRef<'_> impl for DnsName.
  • Breaking change: replaced AsRef<[u8]> with AsRef<str> for DnsNameRef.
  • Added certificate revocation list (CRL) support.
  • Improved specificity of errors returned from
    EndEntityCert::verify_is_valid_tls_client_cert and
    EndEntityCert::verify_is_valid_tls_server_cert.
  • Improved error specificity for malformed subject alternate names.
  • Added EndEntityCert::dns_names method for returning a list of DNS subject
    alternate names from an end entity cert.
  • Changed EndEntityCert::verify_is_valid_for_subject_name to ignore invalid
    names when verifying cert is valid for a provided subject.
  • MSRV increased to Rust 1.57.

What's Changed

  • Remove "very first prototype" language by @jsha in #41
  • add a method to collect DNS names from a certificate by @cpu in #42
  • stronger deprecations. by @cpu in #48
  • cert verification rustdoc comment touchups. by @cpu in #51
  • subject_name: more specific errs for invalid names. by @cpu in #60
  • Update MSRV to 1.57 to match rustls by @djc in #62
  • cert: retain parsed Cert serial number. by @cpu in #61
  • More test generation (take 2) by @cpu in #64
  • tests: further cleanup/generalization. by @cpu in #65
  • tests: misc coverage for calendar.rs, der.rs by @cpu in #71
  • Configure clippy in lib.rs, remove helper scripts. by @cpu in #72
  • subject_name: rm unused err return for IP subj. cmp. by @cpu in #74
  • ignore invalid value validating dns name list by @patricio78 in #69
  • tests: rename name_constraints test suite to be more generalized. by @cpu in #75
  • Replace license-file with license in Cargo manifest by @djc in #77
  • Starting on webpki CRL parsing support. by @cpu in #44
  • crl: remove exports of untrusted::Input. by @cpu in #83
  • Continued webpki CRL support. by @cpu in #66
  • der/signed_data: introduce support for larger DER values. by @cpu in #73
  • Add CRL processing KeyUsage validation. by @cpu in #82
  • docs: tidy README for fork. by @cpu in #78
  • CRL structural tweaks by @djc in #84
  • ci: forbid warnings from cargo test by @cpu in #86
  • tests: avoid alloc requirement for client revocation tests. by @cpu in #87
  • return most specific error from path building failures by @cpu in #89
  • crl: explicitly number RevocationReason codes. by @cpu in #90
  • Small breaking API changes removing deprecated items. by @cpu in #91
  • tests: avoid messy testfile churn from generate.py by @cpu in #93
  • Only check library against MSRV by @djc in #95
  • ci: enforce generate.py produces no diff. by @cpu in #97
  • lib: remove stale html_root_url doc attribute. by @cpu in #99
  • der/crl: fix support for large CRL DER. by @cpu in #98
  • build(deps): bump cryptography from 40.0.2 to 41.0.0 by @dependabot in #103
  • ci: add merge_group trigger to ci tasks. by @cpu in #104
  • Don't distribute 3-clause BSD test artifacts by @ctz in #102
  • docs: sync SECURITY.md backport policy w/ Rustls. by @cpu in #106
  • docs: fix small typo in SECURITY.md by @cpu in #107
  • Owned CRL representation and associated updates. by @cpu in #100

New Contributors

Full Changelog: v/0.100.1...v/0.101.0

Contributors

patricio78, djc, and 4 other contributors
Assets 2
Loading