Skip to content

Swift 4 Support.
Compare
Choose a tag to compare
@billabt billabt released this 29 Sep 19:25
· 381 commits to master since this release
0.12.5
da6fdfe

This release minimally requires use of the swift-3.1.1-RELEASE toolchain or the swift-4.0.0-RELEASE toolchain which is recommended.

  • Compatible with Xcode 9.0 (9A235) General Release or higher using one of the above toolchains.

  • This version supports Apple Secure Transport on Apple Platforms and OpenSSL on Linux.

  • At present on Apple platforms, only PKCS12 files are accepted in the Configuration. You should use the init function described below and further in the README.md.

  • Also, on Apple platforms, changing of the cipherSuite property is not supported. Please use the default.

  • Added new parameter to init function in Configuration that allows optionally specifying a password for the PKCS12 certificate chain file. That signature now looks like this:

    public init(withChainFilePath chainFilePath: String?, withPassword password: String? = nil, usingSelfSignedCerts selfSigned: Bool = true)

  • Loosened up the too stringent certificate verification process.

  • Added client support when using Secure Transport on Apple platforms.

  • Added optional connection verification callback feature. See the section Extending Connection Verification in the README.md.

  • Added optional connection verification bypass feature. See the section Skipping Connection Verification in the README.md.

  • Allow use on iOS, tvOS and watchOS as well as macOS.

  • Use version 0.10.24 on master if you wish to use the version that uses OpenSSL on both platforms.

  • This version now merged onto master.

  • Added CI (PR#2).

  • Fixed Kitura issue -> #852

  • A new, defaulted to nil, optional parameter has been added to the end of each of the Configuration init functions. This feature allows the setting of the cipherSuite. If this parameter is set to nil, the default cipherSuite for the platform will be used. Note: Setting the cipher suite on Apple platforms is currently not supported and attempting to do so may result in unpredictable behavior. See the README.md for more information.

  • Added a new Configuration initializer that allows creating a Configuration that does NOT contain a backing certificate or certificate chain.

  • Fixed issue #959 from Kitura.

  • Added support (currently on Linux only) for creating a configuration that is based on PEM formatted certificate passed in as a string. Issue #10. See the README.md for information about the new configuration API. Note: This functionality has had only minimal testing. Use with caution and report any anomalies.

  • Fixed issue #11 by implementing issue #12 alleviating a performance hit when processing the PKCS12 file on macOS.

  • Fix for issue #983 from Kitura. On macOS, the SSLContext must only be used by one thread at a time. Access to use of it must be protected. Introduced a new SSLReadWriteDispatcher struct that allows for sync'ing access to the context when doing reads and writes. This effectively forces reads and write to occur serially.

  • Related to the above fix, apparently on Linux, simultaneous reads and writes are not thread safe. Used the previously introduced SSLReadWriteDispatcher struct that allows for sync'ing access when doing reads and writes. This effectively forces reads and write to occur serially.

  • Also on Linux, added a check to see if the remote connection has gone away prior to issuing a SSL_shutdown() request. This should alleviate the problem of apps receiving a SIGPIPE when attempting to shutdown SSL after the remote has already terminated.

  • Fixed issue #16. Default cipher suite was not being enabled on macOS.

  • More on issue #16. Enabled ECDH ciphers if linking with OpenSSL 1.0.2 or higher.

  • Fixed issue #18 and #19.

  • Merged PR #20.

  • Bug fixes related to rejected PR #21. On Linux, after SSL_read or SSL_write, need to get the last error using SSL_get_error(). The error is NOT in the return code. If returning from SSL_write and the error is SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE, an SSLError.retryNeeded exception is thrown. If we're returning from SSL_read under the same circumstances, we set the errno to EAGAIN and return -1.

  • Add an option to allow clients to connect to servers that are using self-signed certificates. PR #24.

  • The initializer used to create a configuration without a backing certificate should (when being used as a client) allow self-signed certificates. Reference closed PR #25.

  • Added podspec for cocoapod integration. PR #27.

  • Update podspec to include watchOS and tvOS. PR #29

  • Support of Xcode 9 Beta.

  • Fix for problem with using the default Configuration initializer. PR #30

  • Fix for problem when importing PKCS12 that causes index out of bounds and subsequent crash. PR #31

  • Support for ALPN. PR #26. Important Note: Usage of this functionality is dependent on the availability of version 1.0.2 of OpenSSL or higher at build and runtime.

  • Fix for using client certificates (Issue #28) via PR #33.

  • Automatically enabled ECDH ciphers if linking with OpenSSL v1.0.2 or higher. See related issue #16. Previously, this required the setting of a compile time switch. That requirement has been eliminated.

  • Reverted PR #33 to fix issue #36.

  • Changed the default enabled cipher list from "DEFAULT" to "DEFAULT:!DH". This effectively disables DH ciphers which is fine since currently there's no API to allow setup of the required DH keys.

  • Swift 4 Support.

  • Remove support for watchOS. See BlueSocket issue #87 for more information.

Assets 2
Loading