* chore(ci): add a cargo timing buildspec (#5176)
* build(deps): update pprof requirement from 0.14 to 0.15
in /bindings/rust/standard (#5334)
* refactor(examples): remove connection pool (#5353)
* ci: Fix the sslyze test for nix (#5283)
* Include application message in Debug impl (#5359)
* build: prevent needless rebuild with S2N_INTERN_LIBCRYPTO=ON and Ninja (#5356)
* build(deps): bump baptiste0928/cargo-install from 3.3.0 to 3.3.1
in /.github/workflows in the all-gha-updates group (#5361)
* tests(integv2): fix flaky session resumption test (#5362)
* tests(integ): add more debug logging (#5363)
* build(deps): bump nixbuild/nix-quick-install-action from 30 to 31
in /.github/workflows in the all-gha-updates group (#5366)
* build(deps): bump nixbuild/nix-quick-install-action from 31 to 32
in /.github/workflows in the all-gha-updates group (#5371)
* fix: policy util should ignore deprecated TLS1.2 kems if missing (#5372)
* chore: apply clippy and fmt fixes (#5386)
* feature: new TLS1.2 + FIPS CRT security policy (#5375)
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/s2n?expand=0&rev=87
* Remove unused negotiate_kem function causing build failure (#5316)
* chore: Bump nixpkgs version to 24.11 (#5294)
* tests: policy snapshot test (#5309)
* fix(benches): use session ticket for resumption (#5305)
* feature: release ML-DSA support (#5307)
* feature: support for ML-DSA handshake signatures (#5303)
* tests: turn verbose mode off by default in integ tests (#5286)
* Revert "build: add pull requests limit for dependabot" (#5302)
* chore: Update Apache test certificates from RSA1024 to RSA2048 (#5285)
* feature: add crypto support for mldsa signing (#5272)
* refactor: remove conn->client_hello_version (#5278)
* build(deps): unpin test-log because of MSRV updates (#5300)
* build: add pull requests limit for dependabot (#5299)
* chore: bindings release 0.3.19 (#5298)
* build(deps): update strum requirement from 0.25 to 0.27
in /bindings/rust/standard (#5292)
* build(deps): update test-log-macros requirement from =0.2.14
to =0.2.17 in /bindings/rust/standard (#5290)
* feat: Add `as_ptr()` API for Config (#5274)
* tests: reduce integ test flakiness + improve debugability (#5282)
* build(deps): update env_logger requirement from 0.10 to 0.11
in /bindings/rust/standard (#5296)
* build(deps): bump aws-actions/configure-aws-credentials from 4.1.0
to 4.2.0 in /.github/workflows in the all-gha-updates group (#5297)
* tests: fix flaky test_serialization (#5288)
* chore: bump standard MSRV to 1.82.0 (#5295)
* chore: Add comments to track dependency requirements (#5287)
* tests: improve coverage for s2n_stream_cipher_null (#5268)
* build(deps): bump astral-sh/setup-uv from 5 to 6 in /.github/workflows
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/s2n?expand=0&rev=81
* feature: openssl-3.0-fips support (#5191)
* ci: defend against unset version number in awslc installer (#5195)
* fix: openssl-3.0-fips should use libcrypto HKDF (#5183)
* fix: remove unnecessary RC4 restriction (#5170)
* fix: openssl-3.0-fips should use separate private rand (#5184)
* ci: move openssl3fips build to existing asan build (#5181)
* chore: include Need By Date section in github issue template (#5187)
* ci: cleanup awslc-fips versioning (#5156)
* chore: bump linting action Ubuntu version (#5186)
* build(deps): update aws-lc-rs version to remove paste deps (#5192)
* test: fix self-talk pkey offload test for openssl-3.0-fips (#5175)
* test: reduce parameter selection (#5161)
* chore: add inline noqa suppression (#5159)
* ci: make start_codebuild.sh work for forks (#5178)
* test(integv2): add partial support for OpenSSL 3.0 provider (#5131)
* (docs): Improve PQ docs (#5173)
* ci: use ruff --diff instead of --check (#5177)
* chore: pin once_cell version to unblock the CI (#5174)
* fix(ruff): resolve linting errors detected by Ruff (#5140)
* fix: mark chachapoly as unavailable with openssl-3.0-fips (#5168)
* tests: fix flaky ja4 test (#5169)
* chore: update git blame ignore commit ID (#5164)
* style: fix redundant return (#5150)
* build(deps): bump nixbuild/nix-quick-install-action from 29 to 30
in /.github/workflows in the all-gha-updates group (#5153)
* refactor: add libcrypto PRF impl for openssl-3.0-fips (#5158)
* chore: binding release 0.3.13 (#5167)
* chore(ci): pin symbolic-common (#5166)
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/s2n?expand=0&rev=73
* tests: try to make s2n_mem_usage_test more useful (#5139)
* chore: git-blame-ignore ruff formatting (#5151)
* chore(bindings): change in rustup behavior (#5160)
* refactor: remove unused prf hmac impls (#5148)
* chore(ci): make the awslc fips install script version aware (#5100)
* fix: memory leak during STEK rotation (#5146)
* refactor: add alternative EVP signing method (#5141)
* refactor: cleanup prf header (#5144)
* feat(bindings): expose context on cert chain (#5132)
* Ruff Formatting and add to CI (#5138)
* chore(nix): Add aws-lc-fips 2022/4 (#5109)
* test(integv2): fixes to allow test_record_padding to partially run (#5099)
* build(deps): update rtshark requirement from 2.9.0 to 3.1.0 in /tests/pcap
in the all-cargo-updates group across 1 directory (#5087)
* tests: use sig schemes as source of truth for valid hash+sig algs (#5129)
- from version 1.5.13
* ci: always set values for command line defines (#5126)
* fix: update callback return value (#5136)
* refactor: always use EVP hashing (#5121)
* ci: add check for third-party-src in disable rand override buildspec (#5137)
* feat: add async cert validation support (#5110)
* chore: remove unused well-known-endpoints.py (#5127)
* fix(bindings): remove mutation behind Arc (#5124)
* chore: binding release 0.3.12 (#5128)
* refactor: use EVP_MD_fetch() if available (#5116)
* feat: Option to disable RAND engine override (#5108)
* fix(bindings): make Context borrow immutable (#5071)
* build(deps): update rand requirement (#5125)
* chore: fix a typo in API comments (#5123)
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/s2n?expand=0&rev=71
* refactor(bench): remove historical benchmarks (#4940)
* fix: pem parsing detection of last cert errors (#4908)
* docs: specify s2n_blob growable conditions (#4943)
* chore(bindings): move tokio examples to dedicated folder (#4954)
* chore: fix GHA for merge-queue (#4973)
* chore(binding): release 0.3.8 (#4969)
* (chore): Installs Nix in AL2023 Buildspec (#4934)
* build(deps): bump the all-gha-updates group in /.github/workflows with 5 updates (#4961)
* feat(s2n-tls-hyper): Add support for negotiating HTTP/2 (#4924)
* tests: allow TLS1.2 with RSA-PSS certs in integ tests (#4949)
* ci: update CRT test ubuntu version to ubuntu24 (#4964)
* feat(bindings): enable application owned certs (#4937)
* ci: batch dependabot updates (#4959)
* ci(refactor): deprecate Omnibus (#4953)
* build(deps): bump actions/cache from 2.1.4 to 4.1.2 in /.github/workflows (#4928)
* build(deps): bump peaceiris/actions-gh-pages from 3 to 4 in /.github/workflows (#4921)
* build(deps): bump cross-platform-actions/action from 0.23.0 to 0.26.0 in /.github/workflows (#4951)
* build(deps): bump github/codeql-action from 2 to 3 in /.github/workflows (#4917)
* ci: add change directory to third-party-src logic (#4950)
* feat: TLS1.2 support for RSA-PSS certificates (#4927)
* feat: feature probe S2N_LIBCRYPTO_SUPPORTS_ENGINE (#4878)
* test(bindings): run unit tests under asan (#4948)
* ci(refactor): remove ASAN from Omnibus and GeneralBatch (#4946)
* ci(refactor): remove fuzz tests from Omnibus (#4945)
* refactor: add a s2n_libcrypto_is_openssl() helper function (#4930)
* fix(s2n-tls-hyper): Add proper IPv6 address formatting (#4938)
* ci: add openssl-1.0.2-fips to fuzz test (#4942)
* ci(refactor): remove Valgrind checks from omnibus and generalBatch (#4913)
* fix(bindings): address clippy issues from 1.83 (#4941)
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/s2n?expand=0&rev=67
- Update to version 1.4.9
* New TLS1.2-only variant of 20230317 policy (#4483)
* ci: add asan runs under gcc (#4402)
* fix: Adds non_exhaustive flag to FingerprintType
* fix: refactor rust bindings fingerprint methods (#4474)
* example(bindings): client hello cb example (#4385)
* feat: getter for TLS1.2 master secrets (#4470)
* bindings: ensure CFLAGS includes come after build script includes (#4475)
* bindings: mark Connection as Sync (#4467)
* Make S2N_CERT_AUTH_OPTIONAL the default for clients (#4390)
* fix(test): narrow valgrind suppressions (#4369)
* fix: pedantic memory leak in handshake test (#4463)
* chore(bindings): release 0.1.7 (#4462)
OBS-URL: https://build.opensuse.org/request/show/1164579
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/s2n?expand=0&rev=43
- Update to version 1.4.4
* allows cmake to force crypto linkage (#4383)
* refactor: consolidate record wiping (#4412)
* build: make CMake test flags more consistent with make (#4392)
* style(bindings): address new clippy lint (#4411)
* refactor: generalize cert sig preference handling (#4379)
* feat: More client hello getters (#4380)
* fix: only initialize default tls 1.3 config in tests (#4302)
* Check fd status before using urandom (#4352)
* utils: add map iteration iterator (#4377)
* chore(bindings): release (#4388)
* chore(bindings): bump aws-lc-sys (#4393)
* s2n-tls-tokio: use s2n_shutdown_send instead of s2n_shutdown (#4374)
* enforce result checking for blob and mem (#4389)
OBS-URL: https://build.opensuse.org/request/show/1148699
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/s2n?expand=0&rev=39
