Releases: libzig/libfast
Releases · libzig/libfast
0.0.15
0.0.14
0.0.13
🐛 Bug Fixes
- Enforce strict drain deadline expiry semantics
🚜 Refactor
- Split connection CID and reset tests into module
- Split connection retry/VN tests into dedicated module
- Split connection frame-legality tests into separate file
📚 Documentation
- Expand README with practical client/server examples
- Add concise lsquic acknowledgment
- Thank lsquic project and contributors
🧪 Testing
- Extend path-validation state transition regressions
- Add RTT ack-delay boundary and empty-ack regressions
- Extend recovery gate and persistent-reset model vectors
- Add strict loss-time threshold boundary regression
- Add repeated-loss floor and post-reset growth vectors
- Expand packet bookkeeping and sent-history lifecycle vectors
- Add MAX_STREAMS and MAX_STREAM_DATA monotonic regressions
- Add PTO noop and path validation replacement regressions
- Add ACK-round retransmission queue ordering regression
- Cover replayed-ack loss frontier progression
- Add path validation queue and mismatch regressions
- Add max-observed and explicit-ack-list regressions
- Add amplification saturation and budget-min regressions
- Cover PTO non-ack deadline and probe sizing
- Add PTO probe queue and deadline refresh regressions
- Add congestion residual-ack and reset-state regressions
- Add sent-history isolation and unsent-ack semantics
- Add PTO reset and backoff-cap regressions
- Add PTO deadline and retransmission ordering regressions
- Add drain timeout clamp boundary regressions
- Add ACK ordering and replay idempotence regressions
- Add recovery exit and window boundary vectors
- Cover recovery epoch rollover and inflight saturation
- Add congestion avoidance ack-growth vector
- Add congestion lifecycle stability regression
- Add mixed ACK-loss send lifecycle regression
- Add packet bookkeeping interop vectors
- Add packet buffer capacity ladder interop vectors
- Add lsquic stream frame generation vectors
- Keep latest NEW_TOKEN across multi-frame packet
- Add lsquic packet header generation vectors
- Add lsquic RTT progression parity vector
- Add ack-merge duplicate packet regression
- Add lsquic varint and ACK capacity interop vectors
- Expand interop module with ACK and short-header truncation
- Add malformed VN vectors to interop module
- Add dedicated lsquic interop vector module
- Add lsquic-style control-frame truncation matrix
- Add lsquic-style ACK truncation corpus
- Add lsquic-style packet truncation decode corpus
- Extend lsquic ACK sparse and packet-number vectors
- Extend malformed packet corpus for oversized CID lengths
- Add lsquic ACK and packet-number compatibility vectors
- Add lsquic compatibility vectors for varint and VN
⚙️ Miscellaneous Tasks
- Gate live lsquic interop behind env toggle
Build
- Add optional live lsquic interop harness target
0.0.12
⛰️ Features
- Track connection uptime in stats and fuzz decode matrix
- Enrich connection stats with recovery counters
- Route handshake_done and decode crypto frames
- Expose invalid packet stats and regressions
- Decode crypto and padding frames in receive loop
- Enforce long-header version policy and VN behavior
- Make draining timeout-based and idempotent
- Add version negotiation path and bit validation
- Tighten stream EOF and reset read semantics
- Harden stream overlap conflict policy
- Add out-of-order stream reassembly and final-size checks
- Add packet-space ACK validation and PTO tuning
- Enforce packet-space-aware ACK recovery
- Decode ACK delay using peer transport params
- Process full ACK packet sets in recovery
- Apply ACK range hints to recovery updates
- Validate ACK range encoding invariants
- Reject ACKs for unsent packet numbers
- Parse ACK ranges in receive path
- Detect stateless reset on header decode failure
- Harden retry state and expose retry scid
- Add retry integrity validation hook
- Process Retry packets in client receive flow
- Enforce token policy and stateless reset handling
- Add batch drain helper for CID control payloads
- Coalesce pending CID control frames into one payload
- Add queued NEW_CONNECTION_ID frame pop API
- Expose peer CID inventory read API
- Reject duplicate stateless reset tokens across peer CIDs
- Enforce active_connection_id_limit for peer CIDs
- Support monotonic retire_prior_to in NEW_CONNECTION_ID adverts
- Queue and encode local NEW_CONNECTION_ID advertisements
- Add helper to encode pending RETIRE_CONNECTION_ID frame
- Expose pending RETIRE_CONNECTION_ID pop API
- Decode and track NEW_CONNECTION_ID and RETIRE_CONNECTION_ID
- Decode and track BLOCKED family frame signals
- Apply MAX_STREAMS and MAX_STREAM_DATA frame updates
- Handle MAX_DATA frame updates at runtime
- Process multiple frames per received packet
🧪 Testing
- Verify invalid-packet counters on retry and VN paths
- Stress version handling under mixed packet flows
- Extend connecting and packet-space legality matrix
- Add initial and handshake mixed-ordering regressions
- Expand zero-rtt legality and mixed ordering coverage
- Expand handshake packet-space legality coverage
- Stress draining state under repeated stimuli
- Broaden frame decode boundary corpus
- Extend packet decode edge-case coverage
- Harden transport-params and close-state regressions
- Expand malformed varint boundary coverage
- Stress mixed-frame failure determinism
- Harden close and path malformed regressions
- Add ACK space and CID stress scenarios
- Stress CID edge cases and retire dedup
- Expand malformed packet negative corpus
0.0.11
⛰️ Features
- Support server-side tls handshake completion path
- Add server-side tls clienthello processing API
- Add serverhello builder from clienthello
- Integrate server alpn selection from clienthello
- Enforce zero-rtt frame allowlist with regressions
- Enforce strict initial handshake frame allowlist
- Enforce crypto frame legality by packet space
- Tighten handshake_done legality across packet spaces
- Tighten unknown reserved frame handling by packet space
- Propagate alpn mismatch as deterministic handshake close
- Add server-side alpn selection policy helper
- Normalize negotiation result across tls and ssh
- Add explicit mode capability matrix
- Enforce packet-space frame legality matrix
- Require integrated tls server hello for readiness
- Consume tls transport params from server hello
- Enforce tls alpn verification and establish gating
- Gate stream read and close on negotiation readiness
- Gate app stream traffic on negotiated handshake
- Add handshake negotiated readiness check
- Add negotiation snapshot API
- Expose negotiated alpn in connected metadata
- Wire tls config alpn into connect handshake
- Parse tls extensions and capture alpn
- Encode tls extensions and client params
- Refine connection state transitions and frame validation
🐛 Bug Fixes
- Reject reserved frame types in application space
- Unify tls handshake failure taxonomy and close mapping
- Validate ssh handshake transport params
- Close on stream receive flow control violations
- Enforce local receive stream data limits
- Enforce negotiated per-stream data limits
- Apply peer transport params via API
- Enforce transport parameter validation and stream limits
🧪 Testing
- Add targeted loss detection and ack safety regressions
- Add targeted pto and ack-eliciting recovery regressions
- Harden connection-level flow-control edge conformance
- Add packet-space frame legality matrix baseline
- Extend packet-space legality regressions for token and cid frames
- Add ALPN boundary validation in integrated tls path
- Reject duplicate tls extensions in integrated handshake path
- Expand tls handshake failure matrix coverage
- Add paired tls ssh regression scenarios
- Enforce closeStream readiness semantics
⚙️ Miscellaneous Tasks
- Add dedicated dual-mode regression ci target
0.0.10
0.0.9
0.0.8
0.0.7
0.0.6
⛰️ Features
- Handle challenge-response validation and amplification gates
- Enforce send budget from cwnd and amplification
- Schedule retransmissions and PTO probes
- Wire ack handling into loss and congestion state
- Finalize draining-to-closed transition semantics
- Route stream reset and stop frames into state
- Decode and route control frames in poll loop
- Enforce bidirectional stream policy and channel IDs
- Make closeStream send FIN with half-close behavior
- Encode and decode variable-length packet numbers
- Add peer certificate and hostname verification hooks
- Enforce tls peer verification policy invariants
- Verify Finished data during handshake completion
- Track real handshake transcript bytes
- Parse ServerHello and validate cipher suite
- Parse inbound packet headers in poll loop
🐛 Bug Fixes
- Align connection lifecycle with transport and event types
🚜 Refactor
- Remove page allocator usage in secret derivation
📚 Documentation
- Mark release and compliance slice done
- Mark fuzz and negative testing slice done
- Mark path validation slice done
- Mark secret lifecycle hardening slice done
- Mark recovery harness slice done
- Mark congestion wiring slice done
- Mark retransmission scheduler slice done
- Mark ack integration slice done
- Mark connection close semantics slice done
- Mark stream receive send slice done
- Mark frame decode coverage slice done
- Mark ssh cleanup compatibility slice done
- Mark ssh bidi stream policy slice done
- Mark fin close semantics slice done
- Mark packet number slice done
- Mark handshake vector slice done
- Mark certificate validation slice done
- Mark certificate validation slice in progress
- Mark transcript and finished slice done
- Mark transcript slice in progress
- Mark tls serverhello slice done
- Mark epoch 1 slices as done
- Define production-readiness epochs and slices
🧪 Testing
- Add malformed decode corpus and fuzz smoke tests
- Relax reordering retransmit bound for stability
- Add loss reordering and timeout stress scenarios
- Stabilize ack congestion integration assertion
- Validate ssh transport cleanup flow control behavior
- Add deterministic handshake vector and state machine guards
⚙️ Miscellaneous Tasks
- Remove completed roadmap file
- Add ci gates license and security policy