You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CHANGELOG.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,6 +1,6 @@
1
1
# Change Log
2
2
3
-
### v. 0.7.0.beta8 (next)
3
+
### v. 0.7.0.beta8
4
4
5
5
**Security**: (`fio`) Slowloris mitigation is now part of the core library, where `FIO_SLOWLORIS_LIMIT` pending calls to `write` (currently 1,024 backlogged calls) will flag the connection as an attacker and either close the connection or ignore it. This protocol independent approach improves security.
<p>If set, facil.io will prefer the <code>poll</code> system call over <code>epoll</code> or <code>kqueue</code>.</p>
4356
+
<p>If set, facil.io will prefer the specified polling system call (<code>poll</code>, <code>epoll</code> or <code>kqueue</code>) rather then attempting to auto-detect the correct system call.</p>
4360
4357
4358
+
<p>To set any of these flag while using the facil.io <code>makefile</code>, set the <code>FIO_FORCE_POLL</code> / <code>FIO_FORCE_EPOLL</code> / <code>FIO_FORCE_KQUEUE</code> environment variable to true. i.e.:</p>
4359
+
<divclass="highlight"><preclass="highlight shell"><code><spanclass="nv">FIO_FORCE_POLL</span><spanclass="o">=</span>1 make
4360
+
</code></pre></div>
4361
4361
<p>It should be noted that for most use-cases, <code>epoll</code> and <code>kqueue</code> will perform better.</p>
<p>When this macro is true (1), facil.io will enable the <code>FIO_LOG_STATE(msg, ...)</code> macro to print some default information level messages to stderr (startup / shutdown messages, etc').</p>
<p>This macro sets the maximum number of IO events facil.io will pre-schedule at the beginning of each cycle, when using <code>epoll</code> or <code>kqueue</code> (not when using <code>poll</code>).</p>
<p>If true (1), compiles the facil.io pub/sub API.</p>
4395
+
<p>If true (1), compiles the facil.io pub/sub API. By default, this is true.</p>
4402
4396
4403
4397
<h2id="weak-functions">Weak functions</h2>
4404
4398
4405
-
<p>Weak functions are functions that can be over-ridden during the compilation / linking stage.</p>
4399
+
<p>Weak functions are functions that can be overridden during the compilation / linking stage.</p>
4406
4400
4407
4401
<p>This provides control over some operations such as thread creation and process forking, which could be important when integrating facil.io into a VM engine such as Ruby or JavaScript.</p>
<p><strong>Security</strong>: (<code>fio</code>) Slowloris mitigation is now part of the core library, where <code>FIO_SLOWLORIS_LIMIT</code> pending calls to <code>write</code> (currently 1,024 backlogged calls) will flag the connection as an attacker and either close the connection or ignore it. This protocol independent approach improves security.</p>
268
268
269
269
<p><strong>Security</strong>: (<code>http</code>) HTTP/1.1 client throttling - new requests will not be consumed until pending responses were sent. Since HTTP/1.1 is a response-request protocol, this protocol specific approach should protect the HTTP application against slow clients.</p>
270
270
271
-
<p><strong>Fix</strong>: (<code>fio</code>): fixed <code>fio_pending</code>not decrementing packet count before reaching zero.</p>
271
+
<p><strong>Fix</strong>: (<code>fio</code>) fixed fallback implementation for <code>fio_atomic_xchange</code>when missing atomic primitives in compiler (older compilers). Credit to @Low-power for identifying and fixing the issue (PR #55).</p>
272
272
273
-
<p><strong>Fix</strong>: (<code>fio</code>): fixed logging message for overflowing log messages. Credit to @weskerfoot (Wesley Kerfoot) and @adam12 (Adam Daniels) for exposing the issue (issue iodine/#56).</p>
273
+
<p><strong>Fix</strong>: (<code>fio</code>) fixed a possible unreleased lock when a memory allocation failed (no memory in the system). Credit to @Low-power for identifying and fixing the issue (PR #54).</p>
274
+
275
+
<p><strong>Fix</strong>: (<code>fio</code>) fixed the <code>fio_sock_sendfile_from_fd</code> fall-back for a missing <code>sendfile</code>. Credit to @Low-power for identifying and fixing the typo (PR #49).</p>
276
+
277
+
<p><strong>Fix</strong>: (<code>fio</code>) fixed <code>fio_pending</code> not decrementing packet count before reaching zero.</p>
278
+
279
+
<p><strong>Fix</strong>: (<code>fio</code>) fixed logging message for overflowing log messages. Credit to @weskerfoot (Wesley Kerfoot) and @adam12 (Adam Daniels) for exposing the issue (issue iodine/#56).</p>
274
280
275
281
<p><strong>Fix</strong>: (<code>fio</code>, <code>fio_risky_hash</code>) Florian Weber (@Florianjw) <ahref="https://www.reddit.com/r/crypto/comments/9kk5gl/break_my_ciphercollectionpost/eekxw2f/?context=3">exposed a byte ordering error (last 7 byte reading order) and took time challenge the algorithm</a>. The exposed errors were fixed and the exposed a possible attack on RiskyHash using a variation on a Meet-In-The-Middle attack, written by Hening Makholm (@hmakholm). This prompted an update and fixes to the function.</p>
<p><strong>Fix</strong>: (<code>fio</code>) fixed logging error message for long error messages.</p>
296
302
303
+
<p><strong>Update</strong>: (<code>fio</code> / <code>makefile</code>) improved detection for polling system call, <code>sendfile</code>, etc'.</p>
304
+
305
+
<p><strong>Update</strong>: (<code>fio</code>) improved signal handling. Signal handling now propagates to pre-existing signal handlers. In addition, the <code>fio_signal_handler_reset</code> function was made public, allowing facil.io signal handlers to be removed immediately following startup (using <code>fio_state_callback_add</code> with <code>FIO_CALL_PRE_START</code> to call <code>fio_signal_handler_reset</code>).</p>
306
+
297
307
<p><strong>Update</strong>: (<code>fio</code>) improved pub/sub memory usage to minimize message copying in cluster mode (same memory is used for IPC and local-process message publishing).</p>
298
308
299
309
<p><strong>Update</strong>: (<code>fio</code>) updated the non-cryptographic PRG algorithm for performance and speed. Now the <code>fio_rand</code> functions are modeled after the <code>xoroshiro128+</code> algorithm, with an automated re-seeding counter based on RiskyHash. This should improve performance for non cryptographic random requirements.</p>
300
310
311
+
<p><strong>Compatibility</strong>: (<code>fio</code>) mitigate undefined MAP_ANONYMOUS on MacOS <= 10.10. Credit to @xicreative (Evan Pavlica) for iodine/PR#61.</p>
312
+
313
+
<p><strong>Compatibility</strong>: (<code>fio</code>) various Solaris OS compatibility patches, courtesy of @Low-power (PR #52, #53).</p>
314
+
301
315
<h3id="v-0-7-0-beta7">v. 0.7.0.beta7</h3>
302
316
303
317
<p><strong>BREAK</strong>: (<code>fio_tls</code>) breaking API changes to the SSL/TLS API... I know, I'm sorry, especially since there's a small and misleading change in argument ordering for <code>fio_tls_cert_add</code> and <code>fio_tls_new</code>... but if we don't fix the API now, before the 0.7.0 release, bad design might ruin our Wednesday meditation for all eternity.</p>
0 commit comments