Releases: litespeedtech/lsquic
Releases · litespeedtech/lsquic
Release list
Limit header sets, spec compliance fixes
Fix content-length handling plus latest ls-qpack
- [FIX] Reject HTTP messages with multiple conflicting content-length
fields. - [FIX] Use ls-qpack v2.6.5 to pick up a fix for a latent use-after-free.
- [IMPROVEMENT] Handle unexpected stream readv/writev args correctly.
- [DOCS] Update docs about the now-defunct push promises.
Bytes-scheduled underflow and other fixes
Deprecate gQUIC; various fixes
- [API] Deprecate all gQUIC versions.
- [FIX] http1x: check size of Cookie: header.
- [FIX] Add checks to gQUIC client session resume code.
- [FIX] 32-bit parser bounds checks.
- [FIX] Use ls-qpack v2.6.3 to pick up a bunch of fixes.
- [DOCS] FAQ: example programs do work with google.com etc.
Fixes for priority handling and preferred address transport params
- [FIX] Only ignore Priority: header after PRIORITY_UPDATE and in
client mode. - [FIX] Transport params: reject partial preferred address families.
- [IMPROVEMENT] PRIORITY_UPDATE frame handling.
Header validation, recvmmsg, edge case fixes
- [FIX] Content-length check in QPACK decoder handler.
- [FIX] HTTP/1.x module: stricter validation for field names and values.
- [FIX] Sample tools: fix recvmmsg receive batching (issue #434).
- [FIX] crypto object ownership on promotion failure.
- [IMPROVEMENT] Use ls-hpack v2.3.5.
Better hset handling and refactorings
- [IMPROVEMENT, API] Refactor: drop mini-conn promotion shortcut.
- [IMPROVEMENT, API] Improve multiple incoming header set handling.
- Remove unused push promise support. API stays unchanged for now.
Use EAGAIN for pending headers
Release 4.6.4 - [IMPROVEMENT] Use EAGAIN for pending headers (follow up to 4.6.3)
Two small fixes for edge cases
- [FIX] Reject overlapping header sends, making code safer.
- [FIX] Follow spec: max datagram size of zero disables datagrams.
- [IMPROVEMENT] Include statement for vc_compat.h to use quotes.
Fix ACK generation edge case; better hashing; other improvements
�- [FIX] Prevent ACK frame generation overflow (unlikely).
- [IMPROVEMENT] Update README BoringSSL version to current date tag.
- [IMPROVEMENT] Address unterminated-string-initialization warnings.
- [IMPROVEMENT] Cast 1 to uint64_t to future-proof code.
- [IMPROVEMENT] Use better random number for hashes.
- [IMPROVEMENT] Inconsistent capitalization fo ws2tcpip.h.