toidiu
toidiu
### Description of changes: Adds a new security policy with AES256, SHA384 and support for TLS1.3 ### Testing: Verified that we can connect via tls1.3/tls1.2 and rsa/ecdsa ``` # ./build/bin/s2nd...
### Problem: > The Openssl function used to parse signatures off certificates does not differentiate between any rsa_pss signature schemes. The above openssl limitation means we cannot choose a subset...
### Problem: In https://github.com/aws/s2n-tls/pull/3425 we removed codecov and gcov. - [ ] Also remove lcov and - [ ] remove the now unused post build step. ### Requirements / Acceptance...
### Problem: [badssl](https://github.com/chromium/badssl.com) project exposes different endpoints for testing different tls configuration. however it is volunteer maintained and seems to suffer form cert expiration. Currently the badssl endpoints are disabled...
A place to track new events or additional data to existing events. The original event work can found at: https://github.com/awslabs/s2n-quic/issues/439 - [x] https://github.com/aws/s2n-quic/issues/1416 - [ ] platform fatal IO error...
### Description of changes: Upgrading to new rust version broke docdiff (parsing html docs). This PR fixes the doc parsing. There have been numerous changes, which makes the diff quite...
ack range received event was added in https://github.com/aws/s2n-quic/pull/1414. Also add the Sent variant
Testing showed that Ack delay on the peer yields marginal gains, so more concrete test data is needed prior to implementing this feature. --- As proposed originally in https://datatracker.ietf.org/doc/html/draft-ietf-quic-ack-frequency, reducing...
### Description of changes: Add BPF probes events. ### Call-outs: The probe crate needs **rust toolchain >= 1.59** and since we test with `all-features` and `all-targets` I was not able...
### Problem: We currently expect a server name: https://github.com/aws/s2n-quic/blob/821f5c2d6a841c759640955a41ac28116a4aca87/quic/s2n-quic-transport/src/endpoint/mod.rs#L1067 Even though the public api takes an optional server name. The `expect` is due to rustls requiring a server_name: https://docs.rs/rustls/latest/rustls/struct.ClientConnection.html#method.new ---...