GitPedia
Home/c2FmZQ/tlsproxy/Changelog
c2FmZQ

c2FmZQ/tlsproxy

TLSPROXY is a TLS termination proxy that provides automatic TLS encryption for various network services. It supports SSO, client authentication, and can act as a web server or reverse proxy.

30 Releases
Latest: 2w ago
v0.25.7Latest
c2FmZQ-botc2FmZQ-bot·2w ago·June 7, 2026
GitHub

📦 :wrench: Misc

  • Update go: 1.26.4
  • Update go dependencies:
  • upgraded github.com/c2FmZQ/tlsproxy/jwks v0.0.0-20260508202130-0a0e9b94ffe3 => v0.0.0-20260607003827-7389b812f9da
  • upgraded github.com/c2FmZQ/http3-go v0.59.0 => v0.60.0
  • upgraded github.com/c2FmZQ/quic-api v0.59.0 => v0.60.0
  • upgraded github.com/quic-go/quic-go v0.59.1 => v0.60.0
  • [Compare with v0.25.5](https://github.com/c2FmZQ/tlsproxy/compare/v0.25.5...v0.25.7)
v0.25.5
c2FmZQ-botc2FmZQ-bot·1mo ago·May 22, 2026
GitHub

📦 :wrench: Misc

  • Update go dependencies:
  • upgraded github.com/c2FmZQ/tlsproxy/jwks v0.0.0-20260408211437-f3a70db0dbf0 => v0.0.0-20260508202130-0a0e9b94ffe3
  • upgraded github.com/quic-go/quic-go v0.59.0 => v0.59.1
  • upgraded golang.org/x/crypto v0.51.0 => v0.52.0
  • upgraded golang.org/x/net v0.54.0 => v0.55.0
  • upgraded golang.org/x/sys v0.44.0 => v0.45.0
  • [Compare with v0.25.4](https://github.com/c2FmZQ/tlsproxy/compare/v0.25.4...v0.25.5)
v0.25.4
c2FmZQ-botc2FmZQ-bot·1mo ago·May 8, 2026
GitHub

📦 :wrench: Misc

  • Update go: 1.26.3
  • Update go dependencies:
  • upgraded github.com/c2FmZQ/tlsproxy/jwks v0.0.0-20260308015521-e84033c86e36 => v0.0.0-20260408211437-f3a70db0dbf0
  • upgraded github.com/fxamacker/cbor/v2 v2.9.1 => v2.9.2
  • upgraded github.com/pires/go-proxyproto v0.11.0 => v0.12.0
  • upgraded golang.org/x/crypto v0.49.0 => v0.51.0
  • upgraded golang.org/x/net v0.52.0 => v0.53.0
  • upgraded golang.org/x/sys v0.43.0 => v0.44.0
  • + 3 more
v0.25.3
c2FmZQ-botc2FmZQ-bot·2mo ago·April 8, 2026
GitHub

📦 :wrench: Misc

  • Update go: 1.26.2
  • Update go dependencies:
  • upgraded github.com/c2FmZQ/ech v0.4.0 => v0.4.2
  • upgraded github.com/c2FmZQ/tlsproxy/jwks v0.0.0-20260210222347-c2dddf848fef => v0.0.0-20260308015521-e84033c86e36
  • upgraded github.com/fxamacker/cbor/v2 v2.9.0 => v2.9.1
  • upgraded github.com/russellhaering/goxmldsig v1.5.0 => v1.6.0
  • upgraded golang.org/x/crypto v0.48.0 => v0.49.0
  • upgraded golang.org/x/net v0.51.0 => v0.52.0
  • + 4 more
v0.25.2
c2FmZQ-botc2FmZQ-bot·3mo ago·March 8, 2026
GitHub

📦 :wrench: Misc

  • Update go: 1.26.1
  • Update go dependencies:
  • upgraded github.com/c2FmZQ/ech v0.3.7 => v0.4.0
  • upgraded github.com/c2FmZQ/tlsproxy/jwks v0.0.0-20260131152559-a997fb69198a => v0.0.0-20260210222347-c2dddf848fef
  • upgraded github.com/c2FmZQ/tpm v0.4.3 => v0.5.0
  • upgraded github.com/google/go-tpm-tools v0.4.5 => v0.4.7
  • upgraded golang.org/x/net v0.50.0 => v0.51.0
  • [Compare with v0.25.1](https://github.com/c2FmZQ/tlsproxy/compare/v0.25.1...v0.25.2)
v0.25.1
c2FmZQ-botc2FmZQ-bot·4mo ago·February 10, 2026
GitHub

📦 :wrench: Misc

  • Update go: 1.26.0
  • Update go dependencies:
  • upgraded github.com/c2FmZQ/tlsproxy/jwks v0.0.0-20260130170702-223855195ae7 => v0.0.0-20260131152559-a997fb69198a
  • upgraded github.com/pires/go-proxyproto v0.9.2 => v0.11.0
  • upgraded golang.org/x/crypto v0.47.0 => v0.48.0
  • upgraded golang.org/x/net v0.49.0 => v0.50.0
  • upgraded golang.org/x/sys v0.40.0 => v0.41.0
  • upgraded golang.org/x/text v0.33.0 => v0.34.0
  • + 1 more
v0.25.0
c2FmZQ-botc2FmZQ-bot·4mo ago·January 31, 2026
GitHub

:star2: New feature

  • Implement distributed authentication trust via TrustedIssuers. See `trustedIssuers`.

📦 :wrench: Misc

  • Refactored JWKS into a new module.
  • Update go dependencies:
  • added github.com/c2FmZQ/tlsproxy/jwks v0.0.0-20260130170702-223855195ae7
  • upgraded github.com/golang-jwt/jwt/v5 v5.3.0 => v5.3.1
  • upgraded github.com/pires/go-proxyproto v0.8.1 => v0.9.2
  • [Compare with v0.24.2](https://github.com/c2FmZQ/tlsproxy/compare/v0.24.2...v0.25.0)
v0.24.2
c2FmZQ-botc2FmZQ-bot·5mo ago·January 17, 2026
GitHub

📦 :wrench: Misc

  • Update go: 1.25.6
  • Update go dependencies:
  • upgraded github.com/c2FmZQ/storage v0.3.1 => v0.3.2
  • upgraded golang.org/x/crypto v0.46.0 => v0.47.0
  • upgraded golang.org/x/net v0.48.0 => v0.49.0
  • [Compare with v0.24.1](https://github.com/c2FmZQ/tlsproxy/compare/v0.24.1...v0.24.2)
v0.24.1
c2FmZQ-botc2FmZQ-bot·5mo ago·January 13, 2026
GitHub

📦 :wrench: Misc

  • Update go dependencies:
  • upgraded github.com/c2FmZQ/http3-go v0.57.0 => v0.59.0
  • upgraded github.com/c2FmZQ/quic-api v0.57.0 => v0.59.0
  • upgraded github.com/quic-go/quic-go v0.58.0 => v0.59.0
  • [Compare with v0.24.0](https://github.com/c2FmZQ/tlsproxy/compare/v0.24.0...v0.24.1)
v0.24.0
c2FmZQ-botc2FmZQ-bot·5mo ago·December 31, 2025
GitHub

:star: Feature improvement

  • Add two new SSO rule options:
  • `SkipLoginPage` redirects requests directly to the IDP's login page.
  • `Return403ForGetRequests` returns a simple 403 (Forbidden) response for GET requests. Normally, GET requests get a login page.
  • Add `TokenLifetime` to OIDC, SAML, and Passkey providers. This optional field set the lifetime of auth tokens set by tlsproxy.

📦 :wrench: Misc

  • Update go: 1.25.5
  • Update go dependencies:
  • upgraded github.com/c2FmZQ/http3-go v0.56.0 => v0.57.0
  • upgraded github.com/c2FmZQ/quic-api v0.56.0 => v0.57.0
  • upgraded github.com/google/go-tpm v0.9.7 => v0.9.8
  • upgraded github.com/quic-go/quic-go v0.56.0 => v0.58.0
  • upgraded github.com/quic-go/qpack v0.5.1 => v0.6.0
  • upgraded golang.org/x/crypto v0.45.0 => v0.46.0
  • + 5 more
v0.23.2
c2FmZQ-botc2FmZQ-bot·7mo ago·November 20, 2025
GitHub

📦 :wrench: Misc

  • Update go: 1.25.4
  • Update go dependencies:
  • upgraded github.com/c2FmZQ/ech v0.3.6 => v0.3.7
  • upgraded github.com/c2FmZQ/http3-go v0.55.0 => v0.56.0
  • upgraded github.com/c2FmZQ/quic-api v0.55.0 => v0.56.0
  • upgraded github.com/google/go-tpm v0.9.6 => v0.9.7
  • upgraded github.com/quic-go/quic-go v0.55.0 => v0.56.0
  • upgraded golang.org/x/crypto v0.43.0 => v0.45.0
  • + 4 more
v0.23.1
c2FmZQ-botc2FmZQ-bot·8mo ago·October 14, 2025
GitHub

📦 :wrench: Misc

  • Replace the 🛂 emoji with a svg icon.
  • Update go: 1.25.3
  • Update go dependencies:
  • upgraded golang.org/x/crypto v0.42.0 => v0.43.0
  • upgraded golang.org/x/mod v0.28.0 => v0.29.0
  • upgraded golang.org/x/net v0.45.0 => v0.46.0
  • upgraded golang.org/x/sys v0.36.0 => v0.37.0
  • upgraded golang.org/x/text v0.29.0 => v0.30.0
  • + 3 more
v0.23.0
c2FmZQ-botc2FmZQ-bot·8mo ago·October 7, 2025
GitHub

📦 :wrench: Misc

  • Clean up the ssh CA request parsing. When a specific ttl is desired, the request must now use `content-type: application/x-www-form-urlencoded`.
  • Update go: 1.25.2
  • Update go dependencies:
  • upgraded github.com/c2FmZQ/http3-go v0.54.0 => v0.55.0
  • upgraded github.com/c2FmZQ/quic-api v0.54.0 => v0.55.0
  • upgraded github.com/quic-go/quic-go v0.54.0 => v0.55.0
  • upgraded golang.org/x/net v0.44.0 => v0.45.0
  • [Compare with v0.22.2](https://github.com/c2FmZQ/tlsproxy/compare/v0.22.2...v0.23.0)
v0.22.2
c2FmZQ-botc2FmZQ-bot·9mo ago·September 25, 2025
GitHub

📦 :wrench: Misc

  • New tests and refactoring.
  • Update go dependencies:
  • upgraded github.com/c2FmZQ/storage v0.3.0 => v0.3.1
  • upgraded github.com/c2FmZQ/tpm v0.4.1 => v0.4.3
  • [Compare with v0.22.1](https://github.com/c2FmZQ/tlsproxy/compare/v0.22.1...v0.22.2)
v0.22.1
c2FmZQ-botc2FmZQ-bot·9mo ago·September 20, 2025
GitHub

🐛 :wrench: Bug fix

  • Fix minor language matching bug. Undee some conditions, the UI would pick the wrong language from the browser.
  • [Compare with v0.22.0](https://github.com/c2FmZQ/tlsproxy/compare/v0.22.0...v0.22.1)
v0.22.0
c2FmZQ-botc2FmZQ-bot·9mo ago·September 19, 2025
GitHub

:star2: New feature

  • New translations for 40 languages, mostly AI-generated.

📦 :wrench: Misc

  • Update go: 1.25.1
  • Update go dependencies:
  • upgraded github.com/google/go-tpm v0.9.5 => v0.9.6
  • upgraded golang.org/x/crypto v0.41.0 => v0.42.0
  • upgraded golang.org/x/mod v0.27.0 => v0.28.0
  • upgraded golang.org/x/net v0.43.0 => v0.44.0
  • upgraded golang.org/x/sync v0.16.0 => v0.17.0
  • upgraded golang.org/x/sys v0.35.0 => v0.36.0
  • + 4 more
v0.21.0
c2FmZQ-botc2FmZQ-bot·9mo ago·September 13, 2025
GitHub

📦 :wrench: Misc

  • Better CSRF protection for local http handlers.
  • Only show groups when the groups scope is granted.
  • Require the openid scope to access /userinfo.
  • [Compare with v0.20.0](https://github.com/c2FmZQ/tlsproxy/compare/v0.20.0...v0.21.0)
v0.20.0
c2FmZQ-botc2FmZQ-bot·9mo ago·September 4, 2025
GitHub

:star2: New features

  • Groups for access control. See [examples/sso](https://github.com/c2FmZQ/tlsproxy/tree/main/examples/sso#groups)
  • Device authorization flow (RFC 8628) to access backend services from non-browser environments, e.g. shell scripts.
  • Parts of this change also add scopes to all the endpoints so that the permissions of tokens issued with oauth2
  • can be limited. By default, all the proxied http(s) endpoints that require SSO also require the *sso* scope.
  • Built-in endpoints have their own required scopes as well, e.g. ssh, pki, etc.
  • New `maximumCertificateLifetime` attribute for `sshCertificateAuthorities`.

📦 :wrench: Misc

  • Fix parsing of SSH Cert request. Sometimes, the requested TTL wasn't parsed correctly.
  • Update go dependencies:
  • upgraded github.com/beevik/etree v1.5.1 => v1.6.0
  • upgraded go.uber.org/mock v0.5.2 => v0.6.0
  • [Compare with v0.19.0](https://github.com/c2FmZQ/tlsproxy/compare/v0.19.0...v0.20.0)
v0.19.0
c2FmZQ-botc2FmZQ-bot·10mo ago·August 14, 2025
GitHub

:star: Feature improvement

  • Before:
  • ```yaml
  • sso:
  • provider: <provider>
  • paths:
  • /foo
  • forceReAuth: 1h
  • acl:
  • + 18 more

📦 :wrench: Misc

  • Update go: 1.25.0
  • Update go dependencies:
  • upgraded golang.org/x/crypto v0.40.0 => v0.41.0
  • upgraded golang.org/x/mod v0.26.0 => v0.27.0
  • upgraded golang.org/x/net v0.42.0 => v0.43.0
  • upgraded golang.org/x/sys v0.34.0 => v0.35.0
  • upgraded golang.org/x/text v0.27.0 => v0.28.0
  • upgraded golang.org/x/tools v0.35.0 => v0.36.0
  • + 1 more
v0.18.1
c2FmZQ-botc2FmZQ-bot·10mo ago·August 6, 2025
GitHub

📦 :wrench: Misc

  • Update go: 1.24.6
  • [Compare with v0.18.0](https://github.com/c2FmZQ/tlsproxy/compare/v0.18.0...v0.18.1)
v0.18.0
c2FmZQ-botc2FmZQ-bot·10mo ago·August 4, 2025
GitHub

:star: Feature improvement

  • Add a simple html form to facilitate acquiring SSH certificates outside of the sshterm app. The form is served from `certificateEndpoint` when the http method is GET.

📦 :wrench: Misc

  • Update go dependencies:
  • upgraded github.com/fxamacker/cbor/v2 v2.8.0 => v2.9.0
  • upgraded github.com/golang-jwt/jwt/v5 v5.2.2 => v5.3.0
  • upgraded software.sslmate.com/src/go-pkcs12 v0.5.0 => v0.6.0
  • [Compare with v0.17.0](https://github.com/c2FmZQ/tlsproxy/compare/v0.17.0...v0.18.0)
v0.17.0
c2FmZQ-botc2FmZQ-bot·11mo ago·July 24, 2025
GitHub

📦 :wrench: Misc

  • Enable QUIC Stream Resets with Partial Delivery.
  • Forward QUIC stream errors.
  • Update go dependencies:
  • upgraded github.com/c2FmZQ/http3-go v0.53.0 => v0.54.0
  • upgraded github.com/c2FmZQ/quic-api v0.53.0 => v0.54.0
  • upgraded github.com/quic-go/quic-go v0.53.0 => v0.54.0
  • [Compare with v0.16.3](https://github.com/c2FmZQ/tlsproxy/compare/v0.16.3...v0.17.0)
v0.16.3
c2FmZQ-botc2FmZQ-bot·11mo ago·July 17, 2025
GitHub

📦 :wrench: Misc

  • Replace github.com/c2FmZQ/quic-go-api with github.com/c2FmZQ/quic-api and github.com/c2FmZQ/http3-go, which allows a cleaner integration with the mainline quic-go library.
  • Update go dependencies:
  • upgraded golang.org/x/crypto v0.39.0 => v0.40.0
  • upgraded golang.org/x/net v0.41.0 => v0.42.0
  • upgraded golang.org/x/sys v0.33.0 => v0.34.0
  • [Compare with v0.16.2](https://github.com/c2FmZQ/tlsproxy/compare/v0.16.2...v0.16.3)
v0.16.2
c2FmZQ-botc2FmZQ-bot·11mo ago·July 9, 2025
GitHub

📦 :wrench: Misc

  • :warning: This version includes a change to the storage library that makes it very difficult to rollback to an earlier version after upgrading to this version without losing data.
  • Update go: 1.24.5
  • Update go dependencies:
  • upgraded github.com/c2FmZQ/storage v0.2.5 => v0.3.0
  • [Compare with v0.16.1](https://github.com/c2FmZQ/tlsproxy/compare/v0.16.1...v0.16.2)
v0.16.1
c2FmZQ-botc2FmZQ-bot·11mo ago·July 1, 2025
GitHub

📦 :wrench: Misc

  • TLSPROXY now uses a [quic-go fork](https://github.com/c2FmZQ/quic-go-api/tree/v0.53.0) to workaround an API change that broke integration (https://github.com/c2FmZQ/tlsproxy/issues/211).
  • Update go dependencies:
  • upgraded github.com/c2FmZQ/ech v0.3.6
  • upgraded github.com/c2FmZQ/ech/publish v0.1.2
  • upgraded github.com/c2FmZQ/ech/quic v0.3.6
  • upgraded github.com/google/pprof v0.0.0-20250602020802-c6617b811d0e => v0.0.0-20250630185457-6e76a2b096b5
  • upgraded github.com/hashicorp/go-retryablehttp v0.7.7 => v0.7.8
  • upgraded github.com/quic-go/quic-go v0.52.0 => v0.53.0
  • + 4 more
v0.16.0
c2FmZQ-botc2FmZQ-bot·1y ago·June 6, 2025
GitHub

:star2: New features

  • Config options that accept multiple values can now be specified on one line if there is only one value, e.g.
  • ```
  • addresses: 192.168.0.1:80
  • ```
  • is equivalent to:
  • ```
  • addresses:
  • 192.168.0.1:80
  • + 11 more

📦 :wrench: Misc

  • Update go: 1.24.4
  • Update go dependencies:
  • upgraded github.com/c2FmZQ/storage v0.2.4 => v0.2.5
  • upgraded github.com/c2FmZQ/tpm v0.4.0 => v0.4.1
  • upgraded github.com/google/go-tpm v0.9.4 => v0.9.5
  • upgraded github.com/google/go-tpm-tools v0.4.4 => v0.4.5
  • upgraded github.com/google/pprof v0.0.0-20250501235452-c0086092b71a => v0.0.0-20250602020802-c6617b811d0e
  • upgraded github.com/quic-go/quic-go v0.51.0 => v0.52.0
  • + 5 more
v0.15.10
c2FmZQ-botc2FmZQ-bot·1y ago·May 15, 2025
GitHub

🐛 :wrench: Bug Fix

  • [Let's Encrypt is removing support for OCSP](https://letsencrypt.org/2024/12/05/ending-ocsp/). This change broke some assumptions in TLSPROXY which resulted in failed requests and some crashes. This release fixes that problem. OCSP stapling will only be enabled when the certificate authority supports it.
  • [Compare with v0.15.9](https://github.com/c2FmZQ/tlsproxy/compare/v0.15.9...v0.15.10)
v0.15.9
c2FmZQ-botc2FmZQ-bot·1y ago·May 6, 2025
GitHub

📦 :wrench: Misc

  • Update go: 1.24.3
  • Update go dependencies:
  • upgraded github.com/google/go-tpm v0.9.3 => v0.9.4
  • upgraded github.com/google/pprof v0.0.0-20250418163039-24c5476c6587 => v0.0.0-20250501235452-c0086092b71a
  • upgraded github.com/pires/go-proxyproto v0.8.0 => v0.8.1
  • upgraded go.uber.org/mock v0.5.1 => v0.5.2
  • upgraded golang.org/x/crypto v0.37.0 => v0.38.0
  • upgraded golang.org/x/net v0.39.0 => v0.40.0
  • + 5 more
v0.15.8
c2FmZQ-botc2FmZQ-bot·1y ago·April 30, 2025
GitHub

📦 :wrench: Misc

  • Update go dependencies:
  • upgraded github.com/beevik/etree v1.5.0 => v1.5.1
  • upgraded github.com/google/pprof v0.0.0-20250317173921-a4b03ec1a45e => v0.0.0-20250418163039-24c5476c6587
  • upgraded github.com/onsi/ginkgo/v2 v2.23.3 => v2.23.4
  • upgraded github.com/quic-go/quic-go v0.50.1 => v0.51.0
  • upgraded go.uber.org/mock v0.5.0 => v0.5.1
  • upgraded golang.org/x/crypto v0.36.0 => v0.37.0
  • upgraded golang.org/x/exp v0.0.0-20250305212735-054e65f0b394 => v0.0.0-20250408133849-7e4ce0ab07d0
  • + 6 more
v0.15.7
c2FmZQ-botc2FmZQ-bot·1y ago·April 2, 2025
GitHub

📦 :wrench: Misc

  • Update go: 1.24.2
  • Update go dependencies:
  • upgraded github.com/fxamacker/cbor/v2 v2.7.0 => v2.8.0
  • [Compare with v0.15.6](https://github.com/c2FmZQ/tlsproxy/compare/v0.15.6...v0.15.7)
View all releases on GitHub
← Back to tlsproxy wiki