Conscrypt 2.5.0 released

[Pete Bentley]

We're pleased to announce that we've released Conscrypt 2.5.0 and it should now be available via Maven Central.

This release includes the following notable changes:

=== SSLEngine-based SSLSocket now the default ===

Conscrypt contains two implementations of SSLSocket: ConscryptFileDescriptorSocket and ConscryptEngineSocket.  The file-descriptor based socket is more complex, harder to maintain and won't work on very recent versions of openjdk, the latter is implemented on top of SSLSocket.

In Conscrypt 2.4.0 we achieved close to feature parity between the two implementations and have since made further fixes and improvements based on feedback from Android 11 betas where this implementation is the default.  We are now also making this the default implementation on openjdk.

To opt out (e.g. in case of bugs) and use the old implementation, either set the Java property org.conscrypt.useEngineSocketByDefault to false, or call Conscrypt.setUseEngineSocketByDefault(false) during program startup.

There are still some known issues although we have not received any reports of these causing issues in the wild:-

* There is at least one corner case (SSLSocket wrapping a Socket with autoClose set to false and not running on Android) where a thread blocked in an IO system call will never be awoken if another thread closes the SSLSocket.  This should not be a problem for "unwrapped" sockets or where autoClose is set to true.

* write timeouts and handshake timeouts are currently unimplemented no-ops.  Handshake timeouts will probably never be implemented.  And of course there are no public APIs for these.

* The SSLSocket API contracts remain unchanged but the timing and exact subtype of thrown exceptions may vary between implementations.

=== TrustManager Improvements ===

Conscrypt now ships with an RFC 2818-compliant ConscryptHostnameVerifier on both Android and openjdk, which means that Conscrypt's TrustManager should work "out of the box" on openjdk.  This is a slight behaviour change on Android - previously Conscrypt would use the platform's hostname verifier on Android and when running on older Android versions the two may behave slightly differently. However the version shipping with Conscrypt is equivalent to the hostname verifier on both Android 10 and 11.  See the implementation notes for more details.

Other performance improvements:-

* Don't generate stack traces when throwing ShortBufferException.  Saves CPU time on openjdk 8 which can throw an excessive number of these

* Added implementations the ByteBuffer overloads for AeadCipher.doFinal() which reduce the number of copies for the common case.  We intend to improve further over time.