Skip to content

0.0.11

Choose a tag to compare

View all tags
@bresilla bresilla released this 28 Feb 23:32
· 134 commits to main since this release
0.0.11
e824998

⛰️ Features

  • Support server-side tls handshake completion path
  • Add server-side tls clienthello processing API
  • Add serverhello builder from clienthello
  • Integrate server alpn selection from clienthello
  • Enforce zero-rtt frame allowlist with regressions
  • Enforce strict initial handshake frame allowlist
  • Enforce crypto frame legality by packet space
  • Tighten handshake_done legality across packet spaces
  • Tighten unknown reserved frame handling by packet space
  • Propagate alpn mismatch as deterministic handshake close
  • Add server-side alpn selection policy helper
  • Normalize negotiation result across tls and ssh
  • Add explicit mode capability matrix
  • Enforce packet-space frame legality matrix
  • Require integrated tls server hello for readiness
  • Consume tls transport params from server hello
  • Enforce tls alpn verification and establish gating
  • Gate stream read and close on negotiation readiness
  • Gate app stream traffic on negotiated handshake
  • Add handshake negotiated readiness check
  • Add negotiation snapshot API
  • Expose negotiated alpn in connected metadata
  • Wire tls config alpn into connect handshake
  • Parse tls extensions and capture alpn
  • Encode tls extensions and client params
  • Refine connection state transitions and frame validation

🐛 Bug Fixes

  • Reject reserved frame types in application space
  • Unify tls handshake failure taxonomy and close mapping
  • Validate ssh handshake transport params
  • Close on stream receive flow control violations
  • Enforce local receive stream data limits
  • Enforce negotiated per-stream data limits
  • Apply peer transport params via API
  • Enforce transport parameter validation and stream limits

🧪 Testing

  • Add targeted loss detection and ack safety regressions
  • Add targeted pto and ack-eliciting recovery regressions
  • Harden connection-level flow-control edge conformance
  • Add packet-space frame legality matrix baseline
  • Extend packet-space legality regressions for token and cid frames
  • Add ALPN boundary validation in integrated tls path
  • Reject duplicate tls extensions in integrated handshake path
  • Expand tls handshake failure matrix coverage
  • Add paired tls ssh regression scenarios
  • Enforce closeStream readiness semantics

⚙️ Miscellaneous Tasks

  • Add dedicated dual-mode regression ci target
Assets 2
Loading