facil.io v0.7.0.beta8 Release Notes
Release Date: 2019-03-03 // about 5 years ago-
๐ We've been hard at work authoring this (hopefully last) beta release to the 0.7.x facil.io.
โก๏ธ There's just one or two planned API updates for the HTTP module (which is why we're still in beta phase). These changes shouldn't effect any code, but they will effect ABI compatibility, so if you need ABI compatibility, you'll need to wait a bit longer.
โก๏ธ Here's what this update includes:
๐ Security : (
fio
) Slowloris mitigation is now part of the core library, whereFIO_SLOWLORIS_LIMIT
pending calls towrite
(currently 1,024 backlogged calls) will flag the connection as an attacker and either close the connection or ignore it. This protocol independent approach improves security.๐ Security : (
http
) HTTP/1.1 client throttling - new requests will not be consumed until pending responses were sent. Since HTTP/1.1 is a response-request protocol, this protocol specific approach should protect the HTTP application against slow clients.๐ Fix : (
fio
) fixed fallback implementation forfio_atomic_xchange
when missing atomic primitives in compiler (older compilers). Credit to @Low-power for identifying and fixing the issue (PR #55).๐ Fix : (
fio
) fixed a possible unreleased lock when a memory allocation failed (no memory in the system). Credit to @Low-power for identifying and fixing the issue (PR #54).๐ Fix : (
fio
) fixed thefio_sock_sendfile_from_fd
fall-back for a missingsendfile
. Credit to @Low-power for identifying and fixing the typo (PR #49).๐ Fix : (
fio
) fixedfio_pending
not decrementing packet count before reaching zero.๐ Fix : (
fio
) fixed logging message for overflowing log messages. Credit to @weskerfoot (Wesley Kerfoot) and @adam12 (Adam Daniels) for exposing the issue (issue iodine/#56).๐ Fix : (
fio
,fio_risky_hash
) Florian Weber (@Florianjw) exposed a byte ordering error (last 7 byte reading order) and took time challenge the algorithm. The exposed errors were fixed and the exposed a possible attack on RiskyHash using a variation on a Meet-In-The-Middle attack, written by Hening Makholm (@hmakholm). This prompted an update and fixes to the function.๐ Fix : (
fio
) fixedfio_str_resize
where data might be lost if data was written beyond the current size and the requested size is larger then the String's capacity (i.e., whenfio_str_resize
is (mis)used as an alternative tofio_str_capa_assert
).๐ Fix : (
json
/redis
) fixed JSON formatting error caused by buffer reallocation when multiple (more then 48) escape sequences were detected. This issue also effected the Redis command callback handler (which was using JSON for IPC).๐ Fix : (
redis
) fixed a potential doublefree
call.๐ Fix : (
redis
) fixed a recursive endless loop when converting nested Hash Tables to Redis objects (which normally wouldn't happen anyway, since they would be processed as JSON).๐ Fix : (
redis
) fixed Redis reconnection. Address and port data was mistakingly written at the wrong address, causing it to be overwritten by incoming (non-pub/sub) data.๐ Fix : (
redis
) fixed a race condition in the Redis reconnection logic which might have caused more then a single pub/sub connection to be established and the first pending command to be sent again.๐ Fix : (
fio
) fix capacity maximization log to accommodate issues wheregetrlimit
would return arlim_max
that's too high forrlim_cur
(macOS).๐ Fix : (
fio
) fix uninitializedkqueue
message infio_poll_remove_fd
.๐ Fix : (
http
) possible fix forhttp_connect
, wherehost
header length might have been left uninitialized, resulting in possible errors.๐ Fix : (
fio
) fixed logging error message for long error messages.โก๏ธ Update : (
fio
/makefile
) improved detection for polling system call,sendfile
, etc'.โก๏ธ Update : (
fio
) improved signal handling. Signal handling now propagates to pre-existing signal handlers. In addition, thefio_signal_handler_reset
function was made public, allowing facil.io signal handlers to be removed immediately following startup (usingfio_state_callback_add
withFIO_CALL_PRE_START
to callfio_signal_handler_reset
).โก๏ธ Update : (
fio
) improved pub/sub memory usage to minimize message copying in cluster mode (same memory is used for IPC and local-process message publishing).โก๏ธ Update : (
fio
) updated the non-cryptographic PRG algorithm for performance and speed. Now thefio_rand
functions are modeled after thexoroshiro128+
algorithm, with an automated re-seeding counter based on RiskyHash. This should improve performance for non cryptographic random requirements.Compatibility : (
fio
) mitigate undefined MAP_ANONYMOUS on MacOS <= 10.10. Credit to @xicreative (Evan Pavlica) for iodine/PR#61.Compatibility : (
fio
) various Solaris OS compatibility patches, courtesy of @Low-power (PR #52, #53).