Releases: cloudflare/quiche
Releases · cloudflare/quiche
🔧 0.22.0
Breaking Changes:
- The
quiche_conn_stream_recv()
andquiche_conn_stream_send()
FFI functions now take an additional parameterout_error_code
used to return more specific error information to the caller (similarly to what the Rust API already does).
Highlights:
- Added number of acked bytes to the
Stats
structure. - The
libquiche.so
library, that exposes FFI bindings for C, will now have SONAME information. - Added configuration option to change the anti-amplification limit factor (default will still be "3", per RFC 9000).
- Many more bug fixes and performance improvements.
Full changelog at 0.21.0...0.22.0
🛰️ 0.21.0
Highlights:
- Added initial implementation of path MTU discovery. Note that this feature is experimental and might have bugs.
- Added support to build against the "quictls" OpenSSL fork. Note that some features (e.g. 0-RTT) do not work yet in this mode.
- Many more bug fixes and performance improvements.
Full changelog at 0.20.0...0.21.0
🔒 0.20.1
- Added a limit to how many connection IDs are locally queued for retirement. Without the limit an attacker could cause a server to queue an unbounded number of retired connection IDs, leading to a slow but steady increase in memory usage (CVE-2024-1410).
- Added a limit to the maximum
CRYPTO
frame data offset that can be buffered. Without the limit an attacker could cause a server to queue an unbounded number of bytes, leading to a slow but steady increase in memory usage (CVE-2024-1765).
Full changelog at 0.20.0...0.20.1
🦦 0.19.2
- Added a limit to how many connection IDs are locally queued for retirement. Without the limit an attacker could cause a server to queue an unbounded number of retired connection IDs, leading to a slow but steady increase in memory usage (CVE-2024-1410).
- Added a limit to the maximum
CRYPTO
frame data offset that can be buffered. Without the limit an attacker could cause a server to queue an unbounded number of bytes, leading to a slow but steady increase in memory usage (CVE-2024-1765).
Full changelog at 0.19.1...0.19.2
🔐 0.20.0
- Added a limit to how many
PATH_CHALLENGE
frames are queued. Without the limit an attacker could cause a server to queue an unbounded number of frames, leading to a slow but steady increase in memory usage (CVE-2023-6193).
Breaking Changes:
- Some methods related to connection IDs have been renamed to be more consistent. These are:
Connection::new_source_cid()
->Connection::new_scid()
Connection::active_source_cids()
->Connection::active_scids()
Connection::source_cids_left()
->Connection::scids_left()
Connection::retire_destination_cid()
->Connection::retire_dcid()
.
Highlights:
- Many new methods are now exposed via the FFI API that can be used by non-Rust code.
- Many more bug fixes and performance improvements.
Full changelog at 0.19.0...0.20.0
🛡️ 0.19.1
- Added a limit to how many
PATH_CHALLENGE
frames are queued. Without the limit an attacker could cause a server to queue an unbounded number of frames, leading to a slow but steady increase in memory usage (CVE-2023-6193).
Full changelog at 0.19.0...0.19.1
🛩️ 0.19.0
Breaking Changes:
- Removed several fields from
Stats
(specifically fields representing transport parameters that were moved toConnection::peer_transport_params()
).
Highlights:
- Added experimental support for the BBRv2 congestion control algorithm.
⚠️ Note that more work is needed on this (particularly implementing changes to update to the newer BBRv3), so it's not quite production-ready yet, and will later be merged with the existing BBRv1 implementation. - Added
Connection::peer_transport_params()
which returnsTransportParams
representing the connection's peer's transport parameters. - Many more bug fixes and performance improvements.
Full changelog at 0.18.0...0.19.0
🔀 0.18.0
Breaking Changes:
- Removed pre-RFC QUIC and HTTP/3 support (specifically for drafts 27, 28 and 29). Now only the final QUIC and HTTP/3 versions are supported.
- Removed the HTTP/3 DATAGRAM API (specifically the
h3::Event::Datagram
enum variant andh3::Connection::dgram_send()
/h3::Connection::dgram_recv()
/h3::Connection::dgram_max_writable_len()
methods). Applications should use the transport-level APIsConnection::dgram_send()
andConnection::dgram_recv()
(see this change for example). - Replaced
Config::with_boring_ssl_ctx()
withConfig::with_boring_ssl_ctx_builder()
which takes aSslContextBuilder
rather thanSslContext
directly, for safety reasons.
Highlights:
- Massively improved the stream prioritization implementation, which is now much more accurate and reliable (this is largely transparent to applications, as the API hasn't changed).
- Added support for the final specification of DATAGRAMs (RFC 9297). Currently both draft and final versions are supported, but the draft support will be removed in a future release.
- Added some APIs to make working with migration and multiple CIDs easier. Specifically
Connection::source_ids()
which returns all active source IDs, andConnection::retired_scids()
which returns the number of retired source IDs that haven't been returned to the application yet. - Added
Config::set_initial_congestion_window_packets()
to configure the initial congestion window size. - Many more bug fixes and performance improvements.
Full changelog at 0.17.2...0.18.0
🏃♀️ 0.17.2
Highlights:
- Added
Config::set_max_pacing_rate()
to configure the maximum rate for pacing. - Many more bug fixes and performance improvements.
Full changelog at 0.17.1...0.17.2
🗝️ 0.17.1
Breaking Changes:
- The minimum required rust version was bumped to 1.66.
Highlights:
- Added
Connection::send_ack_eliciting()
(andConnection::send_ack_eliciting_on_path()
) for the application to explicitly elicit an acknowledgment from the peer. - Added
Connection::timeout_instant()
to return timeout asstd::time::Instant
instead ofstd::time::Duration
. - Added initial support for detecting stateless resets (note that this only covers some specific cases currently).
- Added support for handling peer-initiated key updates.
- Many more bug fixes and performance improvements.
Full changelog at 0.16.0...0.17.1