All Versions
11
Latest Version
Avg Release Cycle
108 days
Latest Release
144 days ago

Changelog History
Page 1

  • v6.16

    September 30, 2019

    🐛 Bug fixes

    • A bug in mg_http_parse() is fixed. Associated fuzzer test added.

  • v6.15

    June 13, 2019

    🐛 Bug fixes

    • 🚑 A critical MQTT heap-based overflow in parse_mqtt() fixed - credit goes to Yakun Zhang and Zheng Huang of Baidu Security Labs for discovering and reporting the issue
    • 🛠 mg_resolve2() incorrect memory init fixed
    • Fixed locking in lwip_net_if
    • Fixed callback invocation in mg_net_if_lwip

    🔋 Features

  • v6.14

    March 04, 2019

    API changes

    • Added MG_MK_STR_N(), mg_str_starts_with(), mg_strfree()
    • Added mbuf_clear(), mbuf_append_and_free(), mbuf_move()
    • ➕ Added ability for multipart data handler to provide pushback
    • Made MG_CTL_MSG_MESSAGE_SIZE overridable

    🐛 Bug fixes

    • 🛠 Fixed digest auth result comparison
    • 📊 Read all available data during recv poll
    • 👀 Ensure that user sees all the data before connection is closed
    • Check for NULL in tcp_recved_tcpip()
    • Send extra options with OPTIONS
    • 👍 Properly support MQTT wildcards when matching topics
    • 🛠 Fix handling of WS handshake error response

    Other changes

    • 🌲 Log file:line instead of function; add cs_log_set_file_level()

  • v6.13

    October 08, 2018
    • When processing chunked response, make sure chunk size is reasonable
    • 🏁 Open uploaded file in binary mode (Windows)
    • ♻️ Refactored polling, cleaned up net_if interface somewhat
    • LwIP: Trim recv_mbuf when we know the size of the data
    • 🛠 Fix unused variable warnings when build w/o logging
    • Added net_if_null
    • ⚡️ Minor doc updates

  • v6.12

    August 13, 2018

    🔒 Security fix

    🚀 This release fixes a security issue, reported at https://www.cvedetails.com/cve/CVE-2018-10945/

    🖐 ( Fix body length calculation in mg_handle_cgi)

    🔄 Change List:

    Add mg_url_encode_opt() - a parametrized version of mg_url_encode()

    Add MG_HIDE_SERVER_INFO

    mg_file_upload_handler: Support multiple files

    ➕ Add host name verification for OpenSSL

    ➕ Add mg_strstrip: trims whitespace at both ends of a string

    🛠 Fix http pipelining

    🛠 Fix buffer size passed to inet_ntop()

    🛠 Fix an edge case in multipart HTTP upload parsing

    Fix mg_http_parse_header (treat ; as a delimiter)

    mg_lwip: Fix race during clean connection teardown

    Fix a bug in mg_mgr_init_opt with opts.num_ifaces

    Fix build with CS_ENABLE_STDIO=0

    🛠 Fix warnings on newer versions of GCC

    🖐 Fix body length calculation in mg_handle_cgi

    Don't touch send_mbuf when sending MQTT messages

  • v6.11

    February 08, 2018
    • 🛠 Fix socket leak when there are too many open file descriptors
    • 🛠 Fix publish-subscribe example
    • 📜 Fix mg_parse_multipart in case of malformed request
    • Websocket: Respond to Ping with Pong
    • Websocket: Properly close a connection with Close frame (in response to a client's close and when protocol failure is detected)
    • 👍 Websocket: Fix support of fragmented messages
    • 👍 Websocket: Add support for control frames interjected in the middle of a fragmented message
    • Digest authentication: Fix nonce validity check (expired nonce or nonce from the future did not cause the the check to fail)
    • Digest authentication: Fix nonce request value; it worked before because nonce validity check was broken as well
    • Digest authentication: Add nonce argument to mg_http_create_digest_auth_header(): clients should use the value received from the server's authentication request.
    • Fail if passed a NULL handler to mg_bind or mg_bind_opt.
    • ✅ Publish sources and tests
    • ✂ Remove tunneling functionality which was used by nobody
    • ➕ Add UDP client example
    • Don't use user_data in mqtt server
    • Deprecate mg_http_parse_header() and implement mg_http_parse_header2() instead, which allocates a new buffer if the client-provided one is not large enough (similarly to asprintf).
    • 🛠 Fix limitations of header value lengths, e.g. when parsing authentication headers such as nonce, etc.

  • v6.10

    October 31, 2017

    API changes

    • 👍 SOCKS5 client and server support
    • Timer value is no longer cleared after MG_EV_TIMER event if it was not changed. User's handler must set it to 0 explicitly to avoid repeated invocation.

    🛠 FIxes

    • SSL/TLS listener fix for TI SimpleLink networking interface
    • 🚧 Double-counting of recved bytes in LWIP interface caused issues
    • 📜 MQTT SUBSCRIBE command parsing in the broker code could cause crashes
    • 🛠 FIxed CGI script connection lifetime management

  • v6.9

    September 13, 2017

    API changes:

    • MG_ENABLE_CALLBACK_USERDATA - if set, changes signature of event handler function to include user_data argument. Disabled by default for now, in the future this will become the default.
    • mg_set_nameserver() - specify DNS server to use
    • mg_assemble_uri() - assemble a URI from parts
    • mg_connect_ws() now accepts http:// URLs

    🐛 Bug fixes:

    • 🛠 Fix parsing of MQTT QoS > 0 PUBLISH messages
    • 🛠 Fix MQTT PUB{ACK,REC,REL,COMP} and UNSUBACK flags
    • Properly shut down the SSL connection (send "close notify" TLS message)
    • Fix mg_get_http_var() return value
    • 🛠 Fix MQTT handshake; change client protocol to version 3.1.1
    • 🛠 Fix Handling of multiple MQTT messages per RECV event
    • Update to make lwip_net_if thread-safe
    • 🏁 Use DhcpNameServer on Windows
    • 🛠 Fix MQTT message parsing issues
    • 🛠 Fix DNS name uncompression that could lead to infinite loop
    • 🛠 Fix WS frame reassembly issues

    #855

  • v6.8

    May 19, 2017

  • v6.7

    January 16, 2017

    🆕 New platforms supported

    👍 A bunch of new platforms are now supported by Mongoose:

    • 🏁 Windows CE 6.0 : See example;
    • TI Tiva TM4C129 : See example;
    • PIC32 Harmony TCP/IP : In addition to "bare metal", Mongoose is now able to use PIC32 Harmony TCP/IP Stack. Checkout example here;
    • nRF 51/52 : Find example for nRF 51 here and for nRF52 here;
    • mbed : Mongoose is now can be a part of a project based on mbed. Checkout example here;
    • ESP32 : Mongoose 6.7 can be compiled for ESP32 platform.

    Other new features

    • NXP Kinetis K64 support improved: New example is here;
    • mbedTLS native support: In addition to OpenSSL, Mongoose 6.7 can use mbedTLS;
    • SNTP client added : Mongoose 6.7 for working with Internet time servers.

    🛠 A lot of improvements and bugfixes

    👀 See a list of closed issues here.