pion/dtls (github.com/pion/dtls/v2)
### [`v3.0.3`](https://redirect.github.com/pion/dtls/releases/tag/v3.0.3)
[Compare Source](https://redirect.github.com/pion/dtls/compare/v3.0.2...v3.0.3)
#### Changelog
- [`98a05d6`](https://redirect.github.com/pion/dtls/commit/98a05d681d3affae2d055a70d3273cbb35425b5a) Fix incorrect client retransmissions
- [`d7f5fee`](https://redirect.github.com/pion/dtls/commit/d7f5fee0dff3d752088ccb09f5c23aab828db18b) Update module golang.org/x/net to v0.29.0
- [`0be603a`](https://redirect.github.com/pion/dtls/commit/0be603adb705d3c95d7a0377585ecaf1b19a9cc7) Update module golang.org/x/crypto to v0.27.0
- [`0790369`](https://redirect.github.com/pion/dtls/commit/07903697a77065b5ccd75e4ff8821a7799e9d23f) Update module golang.org/x/net to v0.28.0
- [`f13eec1`](https://redirect.github.com/pion/dtls/commit/f13eec1209dec3135f7e8f32e7cfd51c587106f4) Update module golang.org/x/crypto to v0.26.0
- [`e193dc2`](https://redirect.github.com/pion/dtls/commit/e193dc2e8ad58190d396122230f067da0e6c22cc) Update go.mod version to 1.20
### [`v3.0.2`](https://redirect.github.com/pion/dtls/releases/tag/v3.0.2)
[Compare Source](https://redirect.github.com/pion/dtls/compare/v3.0.1...v3.0.2)
#### Changelog
- [`1a02350`](https://redirect.github.com/pion/dtls/commit/1a023506fc9e0de3f5078aee5225c21063e775e4) Fix race between Conn.Close and Conn.Handshake
- [`032d60c`](https://redirect.github.com/pion/dtls/commit/032d60cd97a035a0231940557da954a0b6444725) Update CI configs to v0.11.15
- [`f6ecbc2`](https://redirect.github.com/pion/dtls/commit/f6ecbc2b1621b17f4ecc44e08401ad55df1df71d) Update docker.io/library/golang Docker tag to v1.23
- [`fd18984`](https://redirect.github.com/pion/dtls/commit/fd18984005d282752cfc8b0a654a67aac82fe331) Fix pkg.go.dev link
### [`v3.0.1`](https://redirect.github.com/pion/dtls/releases/tag/v3.0.1)
[Compare Source](https://redirect.github.com/pion/dtls/compare/v3.0.0...v3.0.1)
#### Changelog
- [`e20b162`](https://redirect.github.com/pion/dtls/commit/e20b162) Fix multiple calls to Handshake
- [`f3e8a9e`](https://redirect.github.com/pion/dtls/commit/f3e8a9e) Fix segfault in State::serialize method
- [`5a72b12`](https://redirect.github.com/pion/dtls/commit/5a72b12) Update module github.com/pion/transport/v3 to v3.0.7
- [`c5ab822`](https://redirect.github.com/pion/dtls/commit/c5ab822) Update module golang.org/x/net to v0.27.0
- [`23674bd`](https://redirect.github.com/pion/dtls/commit/23674bd) Update module golang.org/x/crypto to v0.25.0
- [`7ab74fb`](https://redirect.github.com/pion/dtls/commit/7ab74fb) Add support for MKI in use_srtp
- [`7139e0e`](https://redirect.github.com/pion/dtls/commit/7139e0e) Fix time units in example
- [`2ed7caa`](https://redirect.github.com/pion/dtls/commit/2ed7caa) Update module github.com/pion/transport/v3 to v3.0.6
### [`v3.0.0`](https://redirect.github.com/pion/dtls/releases/tag/v3.0.0)
[Compare Source](https://redirect.github.com/pion/dtls/compare/v2.2.12...v3.0.0)
Pion DTLS v3.0.0 is now available. Pion DTLS is a Go implementation of [DTLS](https://en.wikipedia.org/wiki/Datagram_Transport_Layer_Security). It allows for secure communication over UDP. It is commonly used for VPNs, WebRTC and other real-time protocols.
This release includes 115 commits from 17 authors. This release added [Connection Identifiers](https://datatracker.ietf.org/doc/rfc9146/), concurrent handshaking when Accepting inbound connections, Censorship Circumvention and better resilience against packet loss during handshaking.
A special thank you to [kevmo314](https://redirect.github.com/kevmo314) and [hasheddan](https://redirect.github.com/hasheddan) for all their hard work on making this release happen.
This release contains breaking changes. Please read the following carefully, the breakage can't be caught at compile time. Each change will have a linked commit. Looking at `examples/` in the linked commit should show what code you need to change in your application.
#### Breaking Changes
Before `/v2` Pion DTLS would handshake on Server or Client creation. This design caused the `Accept` implementation to be blocking. A new connection couldn't be accept until the previous one had finished.
This design also doesn't match the `crypto/tls` implementation in stdlib. This mismatch would cause frustration/confusion for users.
Now the handshaking only occurs when `Read`,`Write` or `Handshake` is called. In most cases users shouldn't notice a difference.
If you do want a Handshake performed without a `Read` or `Write` this is the change needed.
##### Before
```go
dtlsConn, err := dtls.Client(dtlsEndpoint, dtlsConfig)
if err != nil {
// handle error
}
// Perform logic from negotiated SRTP Profile
srtpProfile, ok := dtlsConn.SelectedSRTPProtectionProfile()
```
##### After
```go
dtlsConn, err = dtls.Client(dtlsEndpoint, dtlsEndpoint.RemoteAddr(), dtlsConfig)
if err != nil {
// handle error
}
err = dtlsConn.Handshake()
if err != nil {
// Explicitly perform handshake
}
// Perform logic from negotiated SRTP Profile
srtpProfile, ok := dtlsConn.SelectedSRTPProtectionProfile()
```
This change was made in [e4064683](https://redirect.github.com/pion/dtls/commit/e4064683d277f946e5d1a4b359ca4e552c23131c)
#### New Features
##### Connection IDs
Connection IDs is a new feature added to the DTLS protocol itself. This change allows for clients to change IPs/Ports during a session. This allows for devices to roam (like phones) or for low power devices to shut down and reconnect without losing their DTLS session!
Connection ID generation is pluggable via the dtls.Config structure, and a random CID generator with a static size is provided for convenience. A [new example](https://redirect.github.com/pion/dtls/blob/master/examples/dial/cid/main.go) has been added to demonstrate this functionality.
For those interested in digging deeper into the full set of changes, the majority of work was done in [#570](https://redirect.github.com/pion/dtls/pull/570).
##### Censorship Circumvention
Software that is used to circumvent censorship like [snowflake](https://snowflake.torproject.org/) uses Pion. To block this (and other) software goverments have looked for patterns and differences in Pion DTLS and [blocked it](https://www.wired.com/story/tor-browser-russia-blocks/).
This new release contains hooks that allows users to randomize and circumvent these blocks. Users can modify ClientHello, ServerHello and CertificateRequest. Users can also smuggle information in a ServerHello/ClientHello RandomBytes.
You can see them all here [here](https://redirect.github.com/pion/dtls/blob/master/config.go#L196-L214)
#### Changelog
The complete log between v2.2.7 and v3.0.0:
- [`0a8d838`](https://redirect.github.com/pion/dtls/commit/0a8d838) Prepare /v3
- [`b6fd38e`](https://redirect.github.com/pion/dtls/commit/b6fd38e) Update module github.com/pion/transport/v3 to v3.0.5
- [`e406468`](https://redirect.github.com/pion/dtls/commit/e406468) Perform handshake on first read/write
- [`6178064`](https://redirect.github.com/pion/dtls/commit/6178064) Mark NULL and AES256CM SRTP ciphers as supported
- [`bc3159a`](https://redirect.github.com/pion/dtls/commit/bc3159a) Added DTLS-SRTP IDs for NULL and AES256CM ciphers
- [`d013d0c`](https://redirect.github.com/pion/dtls/commit/d013d0c) On Read Retransmit send FSM to SENDING
- [`ec76652`](https://redirect.github.com/pion/dtls/commit/ec76652) Retransmit last flight when in finished
- [`602dc71`](https://redirect.github.com/pion/dtls/commit/602dc71) Make localConnectionID thread safe
- [`0a1b73a`](https://redirect.github.com/pion/dtls/commit/0a1b73a) Respect disableRetransmitBackoff
- [`a6d9640`](https://redirect.github.com/pion/dtls/commit/a6d9640) Add OnConnectionAttempt to Config
- [`48d6748`](https://redirect.github.com/pion/dtls/commit/48d6748) Implement retransmit backoff according to 4.2.4.1
- [`45e16a0`](https://redirect.github.com/pion/dtls/commit/45e16a0) Update module golang.org/x/net to v0.26.0
- [`a5d1fac`](https://redirect.github.com/pion/dtls/commit/a5d1fac) Flight3: respect curves configuration
- [`61b3466`](https://redirect.github.com/pion/dtls/commit/61b3466) Add ability to select cert based on ch rand bytes
- [`eddca22`](https://redirect.github.com/pion/dtls/commit/eddca22) Update module golang.org/x/crypto to v0.24.0
- [`edc7ad0`](https://redirect.github.com/pion/dtls/commit/edc7ad0) Limit size of encrypted packet queue
- [`fbbdf66`](https://redirect.github.com/pion/dtls/commit/fbbdf66) Update module golang.org/x/net to v0.25.0
- [`efd6737`](https://redirect.github.com/pion/dtls/commit/efd6737) Add test for PSK and Identity
- [`cb62aac`](https://redirect.github.com/pion/dtls/commit/cb62aac) Fix typo in test
- [`494c1a3`](https://redirect.github.com/pion/dtls/commit/494c1a3) Remove testify dependency
- [`adec94a`](https://redirect.github.com/pion/dtls/commit/adec94a) Update golang Docker tag to v1.22
- [`8738ce1`](https://redirect.github.com/pion/dtls/commit/8738ce1) Add handshake hooking
- [`2c36d63`](https://redirect.github.com/pion/dtls/commit/2c36d63) Update module golang.org/x/net to v0.24.0
- [`d606c79`](https://redirect.github.com/pion/dtls/commit/d606c79) Update module golang.org/x/crypto to v0.22.0
- [`f6f666e`](https://redirect.github.com/pion/dtls/commit/f6f666e) Update module golang.org/x/net to v0.23.0 \[SECURITY]
- [`e008bc4`](https://redirect.github.com/pion/dtls/commit/e008bc4) Update CI configs to v0.11.12
- [`3e667b0`](https://redirect.github.com/pion/dtls/commit/3e667b0) Update go.mod version to 1.19
- [`ae51db9`](https://redirect.github.com/pion/dtls/commit/ae51db9) Update CI configs to v0.11.7
- [`8244c45`](https://redirect.github.com/pion/dtls/commit/8244c45) Update CI configs to v0.11.4
- [`0ad9cfd`](https://redirect.github.com/pion/dtls/commit/0ad9cfd) Update module github.com/pion/transport/v3 to v3.0.2
- [`8a93e0e`](https://redirect.github.com/pion/dtls/commit/8a93e0e) Fix TestErrorsTemporary
- [`38e39e4`](https://redirect.github.com/pion/dtls/commit/38e39e4) Update module golang.org/x/net to v0.22.0
- [`a245727`](https://redirect.github.com/pion/dtls/commit/a245727) Update module golang.org/x/crypto to v0.21.0
- [`5e95b5c`](https://redirect.github.com/pion/dtls/commit/5e95b5c) Update module github.com/stretchr/testify to v1.9.0
- [`35a00d3`](https://redirect.github.com/pion/dtls/commit/35a00d3) Fix linter errors
- [`96b8c29`](https://redirect.github.com/pion/dtls/commit/96b8c29) Fix linter errors
- [`2597464`](https://redirect.github.com/pion/dtls/commit/2597464) Update module golang.org/x/net to v0.20.0
- [`42b6772`](https://redirect.github.com/pion/dtls/commit/42b6772) Update module golang.org/x/crypto to v0.18.0
- [`bb54a30`](https://redirect.github.com/pion/dtls/commit/bb54a30) If not found in the cache return nil
- [`3427819`](https://redirect.github.com/pion/dtls/commit/3427819) Format code
- [`798b32a`](https://redirect.github.com/pion/dtls/commit/798b32a) Fix flight1parse processing exception
- [`ba72fba`](https://redirect.github.com/pion/dtls/commit/ba72fba) Update CI configs to v0.11.3
- [`520d84c`](https://redirect.github.com/pion/dtls/commit/520d84c) Update CI configs to v0.11.0
- [`cfa868c`](https://redirect.github.com/pion/dtls/commit/cfa868c) Remove 'AUTHORS.txt' from README.md
- [`b4a403c`](https://redirect.github.com/pion/dtls/commit/b4a403c) Remove 'Generate Authors' workflow
- [`9ffd96c`](https://redirect.github.com/pion/dtls/commit/9ffd96c) Drop invalid record silently during handshake
- [`3e8a7d7`](https://redirect.github.com/pion/dtls/commit/3e8a7d7) Update module golang.org/x/crypto to v0.17.0 \[SECURITY]
- [`dc751e3`](https://redirect.github.com/pion/dtls/commit/dc751e3) Update module golang.org/x/net to v0.19.0
- [`3f3d833`](https://redirect.github.com/pion/dtls/commit/3f3d833) Update module golang.org/x/crypto to v0.16.0
- [`a8f7062`](https://redirect.github.com/pion/dtls/commit/a8f7062) Use atomic to avoid stale SRTP protection profile
- [`9cc3df9`](https://redirect.github.com/pion/dtls/commit/9cc3df9) Respect Algorithm value in CertificateRequest
- [`7faf25f`](https://redirect.github.com/pion/dtls/commit/7faf25f) Update module golang.org/x/net to v0.17.0 \[SECURITY]
- [`c864545`](https://redirect.github.com/pion/dtls/commit/c864545) Update module golang.org/x/net to v0.15.0
- [`28431d9`](https://redirect.github.com/pion/dtls/commit/28431d9) Export CipherSuiteID in connection State
- [`8401874`](https://redirect.github.com/pion/dtls/commit/8401874) Update module golang.org/x/crypto to v0.13.0
- [`744e27a`](https://redirect.github.com/pion/dtls/commit/744e27a) Update actions/checkout action to v4
- [`2b584af`](https://redirect.github.com/pion/dtls/commit/2b584af) Specifying underlying type of conn ID atomic.Value
- [`70caf30`](https://redirect.github.com/pion/dtls/commit/70caf30) Use atomic.Value to maintain Go 1.13 compatibility
- [`60064c6`](https://redirect.github.com/pion/dtls/commit/60064c6) Update module github.com/pion/transport/v3 to v3.0.1
- [`ef50d6b`](https://redirect.github.com/pion/dtls/commit/ef50d6b) Update AUTHORS.txt
- [`7e5003a`](https://redirect.github.com/pion/dtls/commit/7e5003a) Update AUTHORS.txt
- [`dbc7fd9`](https://redirect.github.com/pion/dtls/commit/dbc7fd9) Update module github.com/pion/transport/v3 to v3.0.0
- [`a681f67`](https://redirect.github.com/pion/dtls/commit/a681f67) Correctly identify client and server with PSK ID
- [`e85f106`](https://redirect.github.com/pion/dtls/commit/e85f106) Update module github.com/pion/transport/v2 to v2.2.2
- [`7bf18f8`](https://redirect.github.com/pion/dtls/commit/7bf18f8) Update module golang.org/x/net to v0.14.0
- [`609e5be`](https://redirect.github.com/pion/dtls/commit/609e5be) Clear CIDs on potential session resumption
- [`e142ee1`](https://redirect.github.com/pion/dtls/commit/e142ee1) Serialize CIDs in state
- [`37fbc04`](https://redirect.github.com/pion/dtls/commit/37fbc04) Add CID send only client example
- [`6df50a6`](https://redirect.github.com/pion/dtls/commit/6df50a6) Add CID listener example
- [`f5875c1`](https://redirect.github.com/pion/dtls/commit/f5875c1) Set UDP routing if CID is enabled
- [`e663309`](https://redirect.github.com/pion/dtls/commit/e663309) Add CID routing unit tests
- [`9db84b5`](https://redirect.github.com/pion/dtls/commit/9db84b5) Add CID based datagram routing
- [`a8998af`](https://redirect.github.com/pion/dtls/commit/a8998af) Add UDP net.PacketListener unit tests
- [`71db42b`](https://redirect.github.com/pion/dtls/commit/71db42b) Introduce UDP net.PacketListener
- [`3afeb7d`](https://redirect.github.com/pion/dtls/commit/3afeb7d) Add PacketBuffer unit tests
- [`eb305b1`](https://redirect.github.com/pion/dtls/commit/eb305b1) Introduce net PacketBuffer
- [`703da0c`](https://redirect.github.com/pion/dtls/commit/703da0c) Consume net package in tests
- [`4f53ce1`](https://redirect.github.com/pion/dtls/commit/4f53ce1) Introduce net package
- [`f1d8b0a`](https://redirect.github.com/pion/dtls/commit/f1d8b0a) Wrap Alerts when CID is negotiated
- [`3082313`](https://redirect.github.com/pion/dtls/commit/3082313) Convert nil CIDs to empty byte slice
- [`83b1254`](https://redirect.github.com/pion/dtls/commit/83b1254) Fix name of cipher suite initialization function
- [`818feb8`](https://redirect.github.com/pion/dtls/commit/818feb8) Set timeout to 10 minutes on e2e workflow
- [`d29c6f0`](https://redirect.github.com/pion/dtls/commit/d29c6f0) Add basic connection ID generators
- [`2f2bc8d`](https://redirect.github.com/pion/dtls/commit/2f2bc8d) Add e2e CID tests
- [`ee04141`](https://redirect.github.com/pion/dtls/commit/ee04141) Update tests to wrap net.Conn
- [`f960a37`](https://redirect.github.com/pion/dtls/commit/f960a37) Wrap net.Conn in DTLS listener
- [`afb61f1`](https://redirect.github.com/pion/dtls/commit/afb61f1) Update DTLS Conn to use PacketConn and CID
- [`d082911`](https://redirect.github.com/pion/dtls/commit/d082911) Add Conn to PacketConn utility
- [`e5420de`](https://redirect.github.com/pion/dtls/commit/e5420de) Update handshaker to handle CID extension
- [`8922879`](https://redirect.github.com/pion/dtls/commit/8922879) Update ciphersuites to support CIDs
- [`8ba47cb`](https://redirect.github.com/pion/dtls/commit/8ba47cb) Implement AEAD additional data with CID
- [`27fd131`](https://redirect.github.com/pion/dtls/commit/27fd131) Add local and remote CID to state
- [`9a37bfd`](https://redirect.github.com/pion/dtls/commit/9a37bfd) Implement AddUint48 utility
- [`1ce6f27`](https://redirect.github.com/pion/dtls/commit/1ce6f27) Add CID content type
- [`6af61b1`](https://redirect.github.com/pion/dtls/commit/6af61b1) Allow packets to specify CID wrapped
- [`b7b1e44`](https://redirect.github.com/pion/dtls/commit/b7b1e44) Add support for CID related generators
- [`2005135`](https://redirect.github.com/pion/dtls/commit/2005135) Add support for parsing CID records
- [`9e4a4e7`](https://redirect.github.com/pion/dtls/commit/9e4a4e7) Add DTLS connection ID extension
- [`e9b3ce0`](https://redirect.github.com/pion/dtls/commit/e9b3ce0) Update pion/transport to latest
- [`a1d270f`](https://redirect.github.com/pion/dtls/commit/a1d270f) Update module golang.org/x/crypto to v0.12.0
- [`a6eca6c`](https://redirect.github.com/pion/dtls/commit/a6eca6c) Update CI configs to v0.10.11
- [`eb34e7d`](https://redirect.github.com/pion/dtls/commit/eb34e7d) Update module golang.org/x/net to v0.13.0
- [`c9eb5f2`](https://redirect.github.com/pion/dtls/commit/c9eb5f2) Update module golang.org/x/net to v0.12.0
- [`b033847`](https://redirect.github.com/pion/dtls/commit/b033847) Clean up unneccessary nested logic
- [`7307f62`](https://redirect.github.com/pion/dtls/commit/7307f62) Fix return of nil alertErrors
- [`b905606`](https://redirect.github.com/pion/dtls/commit/b905606) Add unmarshal unit tests for extensions
- [`0736d45`](https://redirect.github.com/pion/dtls/commit/0736d45) Fix parsing supported EC point formats
- [`93704b3`](https://redirect.github.com/pion/dtls/commit/93704b3) Add Daniel Mangum to AUTHORS.txt
- [`cabe5b8`](https://redirect.github.com/pion/dtls/commit/cabe5b8) Enable Supported Signature Algorithms
- [`265bf11`](https://redirect.github.com/pion/dtls/commit/265bf11) Enable Elliptic Curve Supported Point Formats
- [`d7303d0`](https://redirect.github.com/pion/dtls/commit/d7303d0) Wait for OpenSSL server shutdown in e2e test
- [`159122f`](https://redirect.github.com/pion/dtls/commit/159122f) Update e2e Go image to 1.20
- [`8a11cf2`](https://redirect.github.com/pion/dtls/commit/8a11cf2) Remove extraneous error checks in handshaker
- [`4fc3d8f`](https://redirect.github.com/pion/dtls/commit/4fc3d8f) Update module golang.org/x/net to v0.11.0
- [`4b76abf`](https://redirect.github.com/pion/dtls/commit/4b76abf) Update module golang.org/x/crypto to v0.10.0
### [`v2.2.12`](https://redirect.github.com/pion/dtls/releases/tag/v2.2.12)
[Compare Source](https://redirect.github.com/pion/dtls/compare/v2.2.11...v2.2.12)
#### Changelog
- [`48e76cc`](https://redirect.github.com/pion/dtls/commit/48e76cc) Mark NULL and AES256CM SRTP ciphers as supported
- [`8cd9236`](https://redirect.github.com/pion/dtls/commit/8cd9236) Added DTLS-SRTP IDs for NULL and AES256CM ciphers
### [`v2.2.11`](https://redirect.github.com/pion/dtls/releases/tag/v2.2.11)
[Compare Source](https://redirect.github.com/pion/dtls/compare/v2.2.10...v2.2.11)
#### Changelog
- [`9f5ddeb`](https://redirect.github.com/pion/dtls/commit/9f5ddeb) simplify error type check
- [`3f0bd2a`](https://redirect.github.com/pion/dtls/commit/3f0bd2a) Fix typing for alertErrors
- [`24571ec`](https://redirect.github.com/pion/dtls/commit/24571ec) remove unused vars, factor out function
- [`cfeb9ca`](https://redirect.github.com/pion/dtls/commit/cfeb9ca) Limit size of encrypted packet queue
### [`v2.2.10`](https://redirect.github.com/pion/dtls/releases/tag/v2.2.10)
[Compare Source](https://redirect.github.com/pion/dtls/compare/v2.2.9...v2.2.10)
#### Changelog
- [`ebdb8bd`](https://redirect.github.com/pion/dtls/commit/ebdb8bd) Update dependencies
### [`v2.2.9`](https://redirect.github.com/pion/dtls/releases/tag/v2.2.9)
[Compare Source](https://redirect.github.com/pion/dtls/compare/v2.2.8...v2.2.9)
#### Changelog
- [`d391e69`](https://redirect.github.com/pion/dtls/commit/d391e69) Drop invalid record silently during handshake
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR contains the following updates:
v2.2.8-0.20240501061905-2c36d63320a0->v3.0.3Release Notes
pion/dtls (github.com/pion/dtls/v2)
### [`v3.0.3`](https://redirect.github.com/pion/dtls/releases/tag/v3.0.3) [Compare Source](https://redirect.github.com/pion/dtls/compare/v3.0.2...v3.0.3) #### Changelog - [`98a05d6`](https://redirect.github.com/pion/dtls/commit/98a05d681d3affae2d055a70d3273cbb35425b5a) Fix incorrect client retransmissions - [`d7f5fee`](https://redirect.github.com/pion/dtls/commit/d7f5fee0dff3d752088ccb09f5c23aab828db18b) Update module golang.org/x/net to v0.29.0 - [`0be603a`](https://redirect.github.com/pion/dtls/commit/0be603adb705d3c95d7a0377585ecaf1b19a9cc7) Update module golang.org/x/crypto to v0.27.0 - [`0790369`](https://redirect.github.com/pion/dtls/commit/07903697a77065b5ccd75e4ff8821a7799e9d23f) Update module golang.org/x/net to v0.28.0 - [`f13eec1`](https://redirect.github.com/pion/dtls/commit/f13eec1209dec3135f7e8f32e7cfd51c587106f4) Update module golang.org/x/crypto to v0.26.0 - [`e193dc2`](https://redirect.github.com/pion/dtls/commit/e193dc2e8ad58190d396122230f067da0e6c22cc) Update go.mod version to 1.20 ### [`v3.0.2`](https://redirect.github.com/pion/dtls/releases/tag/v3.0.2) [Compare Source](https://redirect.github.com/pion/dtls/compare/v3.0.1...v3.0.2) #### Changelog - [`1a02350`](https://redirect.github.com/pion/dtls/commit/1a023506fc9e0de3f5078aee5225c21063e775e4) Fix race between Conn.Close and Conn.Handshake - [`032d60c`](https://redirect.github.com/pion/dtls/commit/032d60cd97a035a0231940557da954a0b6444725) Update CI configs to v0.11.15 - [`f6ecbc2`](https://redirect.github.com/pion/dtls/commit/f6ecbc2b1621b17f4ecc44e08401ad55df1df71d) Update docker.io/library/golang Docker tag to v1.23 - [`fd18984`](https://redirect.github.com/pion/dtls/commit/fd18984005d282752cfc8b0a654a67aac82fe331) Fix pkg.go.dev link ### [`v3.0.1`](https://redirect.github.com/pion/dtls/releases/tag/v3.0.1) [Compare Source](https://redirect.github.com/pion/dtls/compare/v3.0.0...v3.0.1) #### Changelog - [`e20b162`](https://redirect.github.com/pion/dtls/commit/e20b162) Fix multiple calls to Handshake - [`f3e8a9e`](https://redirect.github.com/pion/dtls/commit/f3e8a9e) Fix segfault in State::serialize method - [`5a72b12`](https://redirect.github.com/pion/dtls/commit/5a72b12) Update module github.com/pion/transport/v3 to v3.0.7 - [`c5ab822`](https://redirect.github.com/pion/dtls/commit/c5ab822) Update module golang.org/x/net to v0.27.0 - [`23674bd`](https://redirect.github.com/pion/dtls/commit/23674bd) Update module golang.org/x/crypto to v0.25.0 - [`7ab74fb`](https://redirect.github.com/pion/dtls/commit/7ab74fb) Add support for MKI in use_srtp - [`7139e0e`](https://redirect.github.com/pion/dtls/commit/7139e0e) Fix time units in example - [`2ed7caa`](https://redirect.github.com/pion/dtls/commit/2ed7caa) Update module github.com/pion/transport/v3 to v3.0.6 ### [`v3.0.0`](https://redirect.github.com/pion/dtls/releases/tag/v3.0.0) [Compare Source](https://redirect.github.com/pion/dtls/compare/v2.2.12...v3.0.0) Pion DTLS v3.0.0 is now available. Pion DTLS is a Go implementation of [DTLS](https://en.wikipedia.org/wiki/Datagram_Transport_Layer_Security). It allows for secure communication over UDP. It is commonly used for VPNs, WebRTC and other real-time protocols. This release includes 115 commits from 17 authors. This release added [Connection Identifiers](https://datatracker.ietf.org/doc/rfc9146/), concurrent handshaking when Accepting inbound connections, Censorship Circumvention and better resilience against packet loss during handshaking. A special thank you to [kevmo314](https://redirect.github.com/kevmo314) and [hasheddan](https://redirect.github.com/hasheddan) for all their hard work on making this release happen. This release contains breaking changes. Please read the following carefully, the breakage can't be caught at compile time. Each change will have a linked commit. Looking at `examples/` in the linked commit should show what code you need to change in your application. #### Breaking Changes Before `/v2` Pion DTLS would handshake on Server or Client creation. This design caused the `Accept` implementation to be blocking. A new connection couldn't be accept until the previous one had finished. This design also doesn't match the `crypto/tls` implementation in stdlib. This mismatch would cause frustration/confusion for users. Now the handshaking only occurs when `Read`,`Write` or `Handshake` is called. In most cases users shouldn't notice a difference. If you do want a Handshake performed without a `Read` or `Write` this is the change needed. ##### Before ```go dtlsConn, err := dtls.Client(dtlsEndpoint, dtlsConfig) if err != nil { // handle error } // Perform logic from negotiated SRTP Profile srtpProfile, ok := dtlsConn.SelectedSRTPProtectionProfile() ``` ##### After ```go dtlsConn, err = dtls.Client(dtlsEndpoint, dtlsEndpoint.RemoteAddr(), dtlsConfig) if err != nil { // handle error } err = dtlsConn.Handshake() if err != nil { // Explicitly perform handshake } // Perform logic from negotiated SRTP Profile srtpProfile, ok := dtlsConn.SelectedSRTPProtectionProfile() ``` This change was made in [e4064683](https://redirect.github.com/pion/dtls/commit/e4064683d277f946e5d1a4b359ca4e552c23131c) #### New Features ##### Connection IDs Connection IDs is a new feature added to the DTLS protocol itself. This change allows for clients to change IPs/Ports during a session. This allows for devices to roam (like phones) or for low power devices to shut down and reconnect without losing their DTLS session! Connection ID generation is pluggable via the dtls.Config structure, and a random CID generator with a static size is provided for convenience. A [new example](https://redirect.github.com/pion/dtls/blob/master/examples/dial/cid/main.go) has been added to demonstrate this functionality. For those interested in digging deeper into the full set of changes, the majority of work was done in [#570](https://redirect.github.com/pion/dtls/pull/570). ##### Censorship Circumvention Software that is used to circumvent censorship like [snowflake](https://snowflake.torproject.org/) uses Pion. To block this (and other) software goverments have looked for patterns and differences in Pion DTLS and [blocked it](https://www.wired.com/story/tor-browser-russia-blocks/). This new release contains hooks that allows users to randomize and circumvent these blocks. Users can modify ClientHello, ServerHello and CertificateRequest. Users can also smuggle information in a ServerHello/ClientHello RandomBytes. You can see them all here [here](https://redirect.github.com/pion/dtls/blob/master/config.go#L196-L214) #### Changelog The complete log between v2.2.7 and v3.0.0: - [`0a8d838`](https://redirect.github.com/pion/dtls/commit/0a8d838) Prepare /v3 - [`b6fd38e`](https://redirect.github.com/pion/dtls/commit/b6fd38e) Update module github.com/pion/transport/v3 to v3.0.5 - [`e406468`](https://redirect.github.com/pion/dtls/commit/e406468) Perform handshake on first read/write - [`6178064`](https://redirect.github.com/pion/dtls/commit/6178064) Mark NULL and AES256CM SRTP ciphers as supported - [`bc3159a`](https://redirect.github.com/pion/dtls/commit/bc3159a) Added DTLS-SRTP IDs for NULL and AES256CM ciphers - [`d013d0c`](https://redirect.github.com/pion/dtls/commit/d013d0c) On Read Retransmit send FSM to SENDING - [`ec76652`](https://redirect.github.com/pion/dtls/commit/ec76652) Retransmit last flight when in finished - [`602dc71`](https://redirect.github.com/pion/dtls/commit/602dc71) Make localConnectionID thread safe - [`0a1b73a`](https://redirect.github.com/pion/dtls/commit/0a1b73a) Respect disableRetransmitBackoff - [`a6d9640`](https://redirect.github.com/pion/dtls/commit/a6d9640) Add OnConnectionAttempt to Config - [`48d6748`](https://redirect.github.com/pion/dtls/commit/48d6748) Implement retransmit backoff according to 4.2.4.1 - [`45e16a0`](https://redirect.github.com/pion/dtls/commit/45e16a0) Update module golang.org/x/net to v0.26.0 - [`a5d1fac`](https://redirect.github.com/pion/dtls/commit/a5d1fac) Flight3: respect curves configuration - [`61b3466`](https://redirect.github.com/pion/dtls/commit/61b3466) Add ability to select cert based on ch rand bytes - [`eddca22`](https://redirect.github.com/pion/dtls/commit/eddca22) Update module golang.org/x/crypto to v0.24.0 - [`edc7ad0`](https://redirect.github.com/pion/dtls/commit/edc7ad0) Limit size of encrypted packet queue - [`fbbdf66`](https://redirect.github.com/pion/dtls/commit/fbbdf66) Update module golang.org/x/net to v0.25.0 - [`efd6737`](https://redirect.github.com/pion/dtls/commit/efd6737) Add test for PSK and Identity - [`cb62aac`](https://redirect.github.com/pion/dtls/commit/cb62aac) Fix typo in test - [`494c1a3`](https://redirect.github.com/pion/dtls/commit/494c1a3) Remove testify dependency - [`adec94a`](https://redirect.github.com/pion/dtls/commit/adec94a) Update golang Docker tag to v1.22 - [`8738ce1`](https://redirect.github.com/pion/dtls/commit/8738ce1) Add handshake hooking - [`2c36d63`](https://redirect.github.com/pion/dtls/commit/2c36d63) Update module golang.org/x/net to v0.24.0 - [`d606c79`](https://redirect.github.com/pion/dtls/commit/d606c79) Update module golang.org/x/crypto to v0.22.0 - [`f6f666e`](https://redirect.github.com/pion/dtls/commit/f6f666e) Update module golang.org/x/net to v0.23.0 \[SECURITY] - [`e008bc4`](https://redirect.github.com/pion/dtls/commit/e008bc4) Update CI configs to v0.11.12 - [`3e667b0`](https://redirect.github.com/pion/dtls/commit/3e667b0) Update go.mod version to 1.19 - [`ae51db9`](https://redirect.github.com/pion/dtls/commit/ae51db9) Update CI configs to v0.11.7 - [`8244c45`](https://redirect.github.com/pion/dtls/commit/8244c45) Update CI configs to v0.11.4 - [`0ad9cfd`](https://redirect.github.com/pion/dtls/commit/0ad9cfd) Update module github.com/pion/transport/v3 to v3.0.2 - [`8a93e0e`](https://redirect.github.com/pion/dtls/commit/8a93e0e) Fix TestErrorsTemporary - [`38e39e4`](https://redirect.github.com/pion/dtls/commit/38e39e4) Update module golang.org/x/net to v0.22.0 - [`a245727`](https://redirect.github.com/pion/dtls/commit/a245727) Update module golang.org/x/crypto to v0.21.0 - [`5e95b5c`](https://redirect.github.com/pion/dtls/commit/5e95b5c) Update module github.com/stretchr/testify to v1.9.0 - [`35a00d3`](https://redirect.github.com/pion/dtls/commit/35a00d3) Fix linter errors - [`96b8c29`](https://redirect.github.com/pion/dtls/commit/96b8c29) Fix linter errors - [`2597464`](https://redirect.github.com/pion/dtls/commit/2597464) Update module golang.org/x/net to v0.20.0 - [`42b6772`](https://redirect.github.com/pion/dtls/commit/42b6772) Update module golang.org/x/crypto to v0.18.0 - [`bb54a30`](https://redirect.github.com/pion/dtls/commit/bb54a30) If not found in the cache return nil - [`3427819`](https://redirect.github.com/pion/dtls/commit/3427819) Format code - [`798b32a`](https://redirect.github.com/pion/dtls/commit/798b32a) Fix flight1parse processing exception - [`ba72fba`](https://redirect.github.com/pion/dtls/commit/ba72fba) Update CI configs to v0.11.3 - [`520d84c`](https://redirect.github.com/pion/dtls/commit/520d84c) Update CI configs to v0.11.0 - [`cfa868c`](https://redirect.github.com/pion/dtls/commit/cfa868c) Remove 'AUTHORS.txt' from README.md - [`b4a403c`](https://redirect.github.com/pion/dtls/commit/b4a403c) Remove 'Generate Authors' workflow - [`9ffd96c`](https://redirect.github.com/pion/dtls/commit/9ffd96c) Drop invalid record silently during handshake - [`3e8a7d7`](https://redirect.github.com/pion/dtls/commit/3e8a7d7) Update module golang.org/x/crypto to v0.17.0 \[SECURITY] - [`dc751e3`](https://redirect.github.com/pion/dtls/commit/dc751e3) Update module golang.org/x/net to v0.19.0 - [`3f3d833`](https://redirect.github.com/pion/dtls/commit/3f3d833) Update module golang.org/x/crypto to v0.16.0 - [`a8f7062`](https://redirect.github.com/pion/dtls/commit/a8f7062) Use atomic to avoid stale SRTP protection profile - [`9cc3df9`](https://redirect.github.com/pion/dtls/commit/9cc3df9) Respect Algorithm value in CertificateRequest - [`7faf25f`](https://redirect.github.com/pion/dtls/commit/7faf25f) Update module golang.org/x/net to v0.17.0 \[SECURITY] - [`c864545`](https://redirect.github.com/pion/dtls/commit/c864545) Update module golang.org/x/net to v0.15.0 - [`28431d9`](https://redirect.github.com/pion/dtls/commit/28431d9) Export CipherSuiteID in connection State - [`8401874`](https://redirect.github.com/pion/dtls/commit/8401874) Update module golang.org/x/crypto to v0.13.0 - [`744e27a`](https://redirect.github.com/pion/dtls/commit/744e27a) Update actions/checkout action to v4 - [`2b584af`](https://redirect.github.com/pion/dtls/commit/2b584af) Specifying underlying type of conn ID atomic.Value - [`70caf30`](https://redirect.github.com/pion/dtls/commit/70caf30) Use atomic.Value to maintain Go 1.13 compatibility - [`60064c6`](https://redirect.github.com/pion/dtls/commit/60064c6) Update module github.com/pion/transport/v3 to v3.0.1 - [`ef50d6b`](https://redirect.github.com/pion/dtls/commit/ef50d6b) Update AUTHORS.txt - [`7e5003a`](https://redirect.github.com/pion/dtls/commit/7e5003a) Update AUTHORS.txt - [`dbc7fd9`](https://redirect.github.com/pion/dtls/commit/dbc7fd9) Update module github.com/pion/transport/v3 to v3.0.0 - [`a681f67`](https://redirect.github.com/pion/dtls/commit/a681f67) Correctly identify client and server with PSK ID - [`e85f106`](https://redirect.github.com/pion/dtls/commit/e85f106) Update module github.com/pion/transport/v2 to v2.2.2 - [`7bf18f8`](https://redirect.github.com/pion/dtls/commit/7bf18f8) Update module golang.org/x/net to v0.14.0 - [`609e5be`](https://redirect.github.com/pion/dtls/commit/609e5be) Clear CIDs on potential session resumption - [`e142ee1`](https://redirect.github.com/pion/dtls/commit/e142ee1) Serialize CIDs in state - [`37fbc04`](https://redirect.github.com/pion/dtls/commit/37fbc04) Add CID send only client example - [`6df50a6`](https://redirect.github.com/pion/dtls/commit/6df50a6) Add CID listener example - [`f5875c1`](https://redirect.github.com/pion/dtls/commit/f5875c1) Set UDP routing if CID is enabled - [`e663309`](https://redirect.github.com/pion/dtls/commit/e663309) Add CID routing unit tests - [`9db84b5`](https://redirect.github.com/pion/dtls/commit/9db84b5) Add CID based datagram routing - [`a8998af`](https://redirect.github.com/pion/dtls/commit/a8998af) Add UDP net.PacketListener unit tests - [`71db42b`](https://redirect.github.com/pion/dtls/commit/71db42b) Introduce UDP net.PacketListener - [`3afeb7d`](https://redirect.github.com/pion/dtls/commit/3afeb7d) Add PacketBuffer unit tests - [`eb305b1`](https://redirect.github.com/pion/dtls/commit/eb305b1) Introduce net PacketBuffer - [`703da0c`](https://redirect.github.com/pion/dtls/commit/703da0c) Consume net package in tests - [`4f53ce1`](https://redirect.github.com/pion/dtls/commit/4f53ce1) Introduce net package - [`f1d8b0a`](https://redirect.github.com/pion/dtls/commit/f1d8b0a) Wrap Alerts when CID is negotiated - [`3082313`](https://redirect.github.com/pion/dtls/commit/3082313) Convert nil CIDs to empty byte slice - [`83b1254`](https://redirect.github.com/pion/dtls/commit/83b1254) Fix name of cipher suite initialization function - [`818feb8`](https://redirect.github.com/pion/dtls/commit/818feb8) Set timeout to 10 minutes on e2e workflow - [`d29c6f0`](https://redirect.github.com/pion/dtls/commit/d29c6f0) Add basic connection ID generators - [`2f2bc8d`](https://redirect.github.com/pion/dtls/commit/2f2bc8d) Add e2e CID tests - [`ee04141`](https://redirect.github.com/pion/dtls/commit/ee04141) Update tests to wrap net.Conn - [`f960a37`](https://redirect.github.com/pion/dtls/commit/f960a37) Wrap net.Conn in DTLS listener - [`afb61f1`](https://redirect.github.com/pion/dtls/commit/afb61f1) Update DTLS Conn to use PacketConn and CID - [`d082911`](https://redirect.github.com/pion/dtls/commit/d082911) Add Conn to PacketConn utility - [`e5420de`](https://redirect.github.com/pion/dtls/commit/e5420de) Update handshaker to handle CID extension - [`8922879`](https://redirect.github.com/pion/dtls/commit/8922879) Update ciphersuites to support CIDs - [`8ba47cb`](https://redirect.github.com/pion/dtls/commit/8ba47cb) Implement AEAD additional data with CID - [`27fd131`](https://redirect.github.com/pion/dtls/commit/27fd131) Add local and remote CID to state - [`9a37bfd`](https://redirect.github.com/pion/dtls/commit/9a37bfd) Implement AddUint48 utility - [`1ce6f27`](https://redirect.github.com/pion/dtls/commit/1ce6f27) Add CID content type - [`6af61b1`](https://redirect.github.com/pion/dtls/commit/6af61b1) Allow packets to specify CID wrapped - [`b7b1e44`](https://redirect.github.com/pion/dtls/commit/b7b1e44) Add support for CID related generators - [`2005135`](https://redirect.github.com/pion/dtls/commit/2005135) Add support for parsing CID records - [`9e4a4e7`](https://redirect.github.com/pion/dtls/commit/9e4a4e7) Add DTLS connection ID extension - [`e9b3ce0`](https://redirect.github.com/pion/dtls/commit/e9b3ce0) Update pion/transport to latest - [`a1d270f`](https://redirect.github.com/pion/dtls/commit/a1d270f) Update module golang.org/x/crypto to v0.12.0 - [`a6eca6c`](https://redirect.github.com/pion/dtls/commit/a6eca6c) Update CI configs to v0.10.11 - [`eb34e7d`](https://redirect.github.com/pion/dtls/commit/eb34e7d) Update module golang.org/x/net to v0.13.0 - [`c9eb5f2`](https://redirect.github.com/pion/dtls/commit/c9eb5f2) Update module golang.org/x/net to v0.12.0 - [`b033847`](https://redirect.github.com/pion/dtls/commit/b033847) Clean up unneccessary nested logic - [`7307f62`](https://redirect.github.com/pion/dtls/commit/7307f62) Fix return of nil alertErrors - [`b905606`](https://redirect.github.com/pion/dtls/commit/b905606) Add unmarshal unit tests for extensions - [`0736d45`](https://redirect.github.com/pion/dtls/commit/0736d45) Fix parsing supported EC point formats - [`93704b3`](https://redirect.github.com/pion/dtls/commit/93704b3) Add Daniel Mangum to AUTHORS.txt - [`cabe5b8`](https://redirect.github.com/pion/dtls/commit/cabe5b8) Enable Supported Signature Algorithms - [`265bf11`](https://redirect.github.com/pion/dtls/commit/265bf11) Enable Elliptic Curve Supported Point Formats - [`d7303d0`](https://redirect.github.com/pion/dtls/commit/d7303d0) Wait for OpenSSL server shutdown in e2e test - [`159122f`](https://redirect.github.com/pion/dtls/commit/159122f) Update e2e Go image to 1.20 - [`8a11cf2`](https://redirect.github.com/pion/dtls/commit/8a11cf2) Remove extraneous error checks in handshaker - [`4fc3d8f`](https://redirect.github.com/pion/dtls/commit/4fc3d8f) Update module golang.org/x/net to v0.11.0 - [`4b76abf`](https://redirect.github.com/pion/dtls/commit/4b76abf) Update module golang.org/x/crypto to v0.10.0 ### [`v2.2.12`](https://redirect.github.com/pion/dtls/releases/tag/v2.2.12) [Compare Source](https://redirect.github.com/pion/dtls/compare/v2.2.11...v2.2.12) #### Changelog - [`48e76cc`](https://redirect.github.com/pion/dtls/commit/48e76cc) Mark NULL and AES256CM SRTP ciphers as supported - [`8cd9236`](https://redirect.github.com/pion/dtls/commit/8cd9236) Added DTLS-SRTP IDs for NULL and AES256CM ciphers ### [`v2.2.11`](https://redirect.github.com/pion/dtls/releases/tag/v2.2.11) [Compare Source](https://redirect.github.com/pion/dtls/compare/v2.2.10...v2.2.11) #### Changelog - [`9f5ddeb`](https://redirect.github.com/pion/dtls/commit/9f5ddeb) simplify error type check - [`3f0bd2a`](https://redirect.github.com/pion/dtls/commit/3f0bd2a) Fix typing for alertErrors - [`24571ec`](https://redirect.github.com/pion/dtls/commit/24571ec) remove unused vars, factor out function - [`cfeb9ca`](https://redirect.github.com/pion/dtls/commit/cfeb9ca) Limit size of encrypted packet queue ### [`v2.2.10`](https://redirect.github.com/pion/dtls/releases/tag/v2.2.10) [Compare Source](https://redirect.github.com/pion/dtls/compare/v2.2.9...v2.2.10) #### Changelog - [`ebdb8bd`](https://redirect.github.com/pion/dtls/commit/ebdb8bd) Update dependencies ### [`v2.2.9`](https://redirect.github.com/pion/dtls/releases/tag/v2.2.9) [Compare Source](https://redirect.github.com/pion/dtls/compare/v2.2.8...v2.2.9) #### Changelog - [`d391e69`](https://redirect.github.com/pion/dtls/commit/d391e69) Drop invalid record silently during handshakeConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.