Update module github.com/pion/dtls/v2 to v3 #713
Closed
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v2.2.12
->v3.0.1
Release Notes
pion/dtls (github.com/pion/dtls/v2)
v3.0.1
Compare Source
Changelog
e20b162
Fix multiple calls to Handshakef3e8a9e
Fix segfault in State::serialize method5a72b12
Update module github.com/pion/transport/v3 to v3.0.7c5ab822
Update module golang.org/x/net to v0.27.023674bd
Update module golang.org/x/crypto to v0.25.07ab74fb
Add support for MKI in use_srtp7139e0e
Fix time units in example2ed7caa
Update module github.com/pion/transport/v3 to v3.0.6v3.0.0
Compare Source
Pion DTLS v3.0.0 is now available. Pion DTLS is a Go implementation of DTLS. It allows for secure communication over UDP. It is commonly used for VPNs, WebRTC and other real-time protocols.
This release includes 115 commits from 17 authors. This release added Connection Identifiers, concurrent handshaking when Accepting inbound connections, Censorship Circumvention and better resilience against packet loss during handshaking.
A special thank you to kevmo314 and hasheddan for all their hard work on making this release happen.
This release contains breaking changes. Please read the following carefully, the breakage can't be caught at compile time. Each change will have a linked commit. Looking at
examples/
in the linked commit should show what code you need to change in your application.Breaking Changes
Before
/v2
Pion DTLS would handshake on Server or Client creation. This design caused theAccept
implementation to be blocking. A new connection couldn't be accept until the previous one had finished.This design also doesn't match the
crypto/tls
implementation in stdlib. This mismatch would cause frustration/confusion for users.Now the handshaking only occurs when
Read
,Write
orHandshake
is called. In most cases users shouldn't notice a difference.If you do want a Handshake performed without a
Read
orWrite
this is the change needed.Before
After
This change was made in e4064683
New Features
Connection IDs
Connection IDs is a new feature added to the DTLS protocol itself. This change allows for clients to change IPs/Ports during a session. This allows for devices to roam (like phones) or for low power devices to shut down and reconnect without losing their DTLS session!
Connection ID generation is pluggable via the dtls.Config structure, and a random CID generator with a static size is provided for convenience. A new example has been added to demonstrate this functionality.
For those interested in digging deeper into the full set of changes, the majority of work was done in #570.
Censorship Circumvention
Software that is used to circumvent censorship like snowflake uses Pion. To block this (and other) software goverments have looked for patterns and differences in Pion DTLS and blocked it.
This new release contains hooks that allows users to randomize and circumvent these blocks. Users can modify ClientHello, ServerHello and CertificateRequest. Users can also smuggle information in a ServerHello/ClientHello RandomBytes.
You can see them all here here
Changelog
The complete log between v2.2.7 and v3.0.0:
0a8d838
Prepare /v3b6fd38e
Update module github.com/pion/transport/v3 to v3.0.5e406468
Perform handshake on first read/write6178064
Mark NULL and AES256CM SRTP ciphers as supportedbc3159a
Added DTLS-SRTP IDs for NULL and AES256CM ciphersd013d0c
On Read Retransmit send FSM to SENDINGec76652
Retransmit last flight when in finished602dc71
Make localConnectionID thread safe0a1b73a
Respect disableRetransmitBackoffa6d9640
Add OnConnectionAttempt to Config48d6748
Implement retransmit backoff according to 4.2.4.145e16a0
Update module golang.org/x/net to v0.26.0a5d1fac
Flight3: respect curves configuration61b3466
Add ability to select cert based on ch rand byteseddca22
Update module golang.org/x/crypto to v0.24.0edc7ad0
Limit size of encrypted packet queuefbbdf66
Update module golang.org/x/net to v0.25.0efd6737
Add test for PSK and Identitycb62aac
Fix typo in test494c1a3
Remove testify dependencyadec94a
Update golang Docker tag to v1.228738ce1
Add handshake hooking2c36d63
Update module golang.org/x/net to v0.24.0d606c79
Update module golang.org/x/crypto to v0.22.0f6f666e
Update module golang.org/x/net to v0.23.0 [SECURITY]e008bc4
Update CI configs to v0.11.123e667b0
Update go.mod version to 1.19ae51db9
Update CI configs to v0.11.78244c45
Update CI configs to v0.11.40ad9cfd
Update module github.com/pion/transport/v3 to v3.0.28a93e0e
Fix TestErrorsTemporary38e39e4
Update module golang.org/x/net to v0.22.0a245727
Update module golang.org/x/crypto to v0.21.05e95b5c
Update module github.com/stretchr/testify to v1.9.035a00d3
Fix linter errors96b8c29
Fix linter errors2597464
Update module golang.org/x/net to v0.20.042b6772
Update module golang.org/x/crypto to v0.18.0bb54a30
If not found in the cache return nil3427819
Format code798b32a
Fix flight1parse processing exceptionba72fba
Update CI configs to v0.11.3520d84c
Update CI configs to v0.11.0cfa868c
Remove 'AUTHORS.txt' from README.mdb4a403c
Remove 'Generate Authors' workflow9ffd96c
Drop invalid record silently during handshake3e8a7d7
Update module golang.org/x/crypto to v0.17.0 [SECURITY]dc751e3
Update module golang.org/x/net to v0.19.03f3d833
Update module golang.org/x/crypto to v0.16.0a8f7062
Use atomic to avoid stale SRTP protection profile9cc3df9
Respect Algorithm value in CertificateRequest7faf25f
Update module golang.org/x/net to v0.17.0 [SECURITY]c864545
Update module golang.org/x/net to v0.15.028431d9
Export CipherSuiteID in connection State8401874
Update module golang.org/x/crypto to v0.13.0744e27a
Update actions/checkout action to v42b584af
Specifying underlying type of conn ID atomic.Value70caf30
Use atomic.Value to maintain Go 1.13 compatibility60064c6
Update module github.com/pion/transport/v3 to v3.0.1ef50d6b
Update AUTHORS.txt7e5003a
Update AUTHORS.txtdbc7fd9
Update module github.com/pion/transport/v3 to v3.0.0a681f67
Correctly identify client and server with PSK IDe85f106
Update module github.com/pion/transport/v2 to v2.2.27bf18f8
Update module golang.org/x/net to v0.14.0609e5be
Clear CIDs on potential session resumptione142ee1
Serialize CIDs in state37fbc04
Add CID send only client example6df50a6
Add CID listener examplef5875c1
Set UDP routing if CID is enablede663309
Add CID routing unit tests9db84b5
Add CID based datagram routinga8998af
Add UDP net.PacketListener unit tests71db42b
Introduce UDP net.PacketListener3afeb7d
Add PacketBuffer unit testseb305b1
Introduce net PacketBuffer703da0c
Consume net package in tests4f53ce1
Introduce net packagef1d8b0a
Wrap Alerts when CID is negotiated3082313
Convert nil CIDs to empty byte slice83b1254
Fix name of cipher suite initialization function818feb8
Set timeout to 10 minutes on e2e workflowd29c6f0
Add basic connection ID generators2f2bc8d
Add e2e CID testsee04141
Update tests to wrap net.Connf960a37
Wrap net.Conn in DTLS listenerafb61f1
Update DTLS Conn to use PacketConn and CIDd082911
Add Conn to PacketConn utilitye5420de
Update handshaker to handle CID extension8922879
Update ciphersuites to support CIDs8ba47cb
Implement AEAD additional data with CID27fd131
Add local and remote CID to state9a37bfd
Implement AddUint48 utility1ce6f27
Add CID content type6af61b1
Allow packets to specify CID wrappedb7b1e44
Add support for CID related generators2005135
Add support for parsing CID records9e4a4e7
Add DTLS connection ID extensione9b3ce0
Update pion/transport to latesta1d270f
Update module golang.org/x/crypto to v0.12.0a6eca6c
Update CI configs to v0.10.11eb34e7d
Update module golang.org/x/net to v0.13.0c9eb5f2
Update module golang.org/x/net to v0.12.0b033847
Clean up unneccessary nested logic7307f62
Fix return of nil alertErrorsb905606
Add unmarshal unit tests for extensions0736d45
Fix parsing supported EC point formats93704b3
Add Daniel Mangum to AUTHORS.txtcabe5b8
Enable Supported Signature Algorithms265bf11
Enable Elliptic Curve Supported Point Formatsd7303d0
Wait for OpenSSL server shutdown in e2e test159122f
Update e2e Go image to 1.208a11cf2
Remove extraneous error checks in handshaker4fc3d8f
Update module golang.org/x/net to v0.11.04b76abf
Update module golang.org/x/crypto to v0.10.0Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.