All Versions
Latest Version
Avg Release Cycle
110 days
Latest Release
1381 days ago

Changelog History
Page 1

  • v6.18 Changes

    May 21, 2020
    • 👍 Allow OpenSSL session reuse on 2-way SSL
    • ⚡️ Updated certs for OpenSSL tests
    • 🛠 Fixed OpenSSL error status issue
    • ➕ Added HTTP proxy client example
    • Fixed deferencing mg_http_free_proto_data_endpoints
    • 🛠 Fixed typedef bool for MSC
  • v6.17 Changes

    February 11, 2020

    🐛 Bug fixes

    • 📜 An integer overflow bug in parse_mqtt(), CVE-2019-19307
    • MQTT ping logic improved
    • Leak fix for invalid CA
    • 🏗 Make SSL and non-SSL build binary compatible
    • 👉 Make 30x replies keep opened HTTP/1.1 connection
  • v6.16 Changes

    September 30, 2019

    🐛 Bug fixes

    • A bug in mg_http_parse() is fixed. Associated fuzzer test added.
  • v6.15 Changes

    June 13, 2019

    🐛 Bug fixes

    • 🚑 A critical MQTT heap-based overflow in parse_mqtt() fixed - credit goes to Yakun Zhang and Zheng Huang of Baidu Security Labs for discovering and reporting the issue
    • 🛠 mg_resolve2() incorrect memory init fixed
    • Fixed locking in lwip_net_if
    • Fixed callback invocation in mg_net_if_lwip

    🔋 Features

  • v6.14 Changes

    March 04, 2019

    API changes

    • Added MG_MK_STR_N(), mg_str_starts_with(), mg_strfree()
    • Added mbuf_clear(), mbuf_append_and_free(), mbuf_move()
    • ➕ Added ability for multipart data handler to provide pushback
    • Made MG_CTL_MSG_MESSAGE_SIZE overridable

    🐛 Bug fixes

    • 🛠 Fixed digest auth result comparison
    • 📊 Read all available data during recv poll
    • 👀 Ensure that user sees all the data before connection is closed
    • Check for NULL in tcp_recved_tcpip()
    • Send extra options with OPTIONS
    • 👍 Properly support MQTT wildcards when matching topics
    • 🛠 Fix handling of WS handshake error response

    Other changes

    • 🌲 Log file:line instead of function; add cs_log_set_file_level()
  • v6.13 Changes

    October 08, 2018
    • When processing chunked response, make sure chunk size is reasonable
    • 🏁 Open uploaded file in binary mode (Windows)
    • 🔨 Refactored polling, cleaned up net_if interface somewhat
    • LwIP: Trim recv_mbuf when we know the size of the data
    • 🛠 Fix unused variable warnings when build w/o logging
    • Added net_if_null
    • ⚡️ Minor doc updates
  • v6.12 Changes

    August 13, 2018

    🔒 Security fix

    🚀 This release fixes a security issue, reported at

    🖐 ( Fix body length calculation in mg_handle_cgi)

    🔄 Change List:

    Add mg_url_encode_opt() - a parametrized version of mg_url_encode()


    mg_file_upload_handler: Support multiple files

    ➕ Add host name verification for OpenSSL

    ➕ Add mg_strstrip: trims whitespace at both ends of a string

    🛠 Fix http pipelining

    🛠 Fix buffer size passed to inet_ntop()

    🛠 Fix an edge case in multipart HTTP upload parsing

    Fix mg_http_parse_header (treat ; as a delimiter)

    mg_lwip: Fix race during clean connection teardown

    Fix a bug in mg_mgr_init_opt with opts.num_ifaces

    Fix build with CS_ENABLE_STDIO=0

    🛠 Fix warnings on newer versions of GCC

    🖐 Fix body length calculation in mg_handle_cgi

    Don't touch send_mbuf when sending MQTT messages

  • v6.11 Changes

    February 08, 2018
    • 🛠 Fix socket leak when there are too many open file descriptors
    • 🛠 Fix publish-subscribe example
    • 📜 Fix mg_parse_multipart in case of malformed request
    • Websocket: Respond to Ping with Pong
    • Websocket: Properly close a connection with Close frame (in response to a client's close and when protocol failure is detected)
    • 👍 Websocket: Fix support of fragmented messages
    • 👍 Websocket: Add support for control frames interjected in the middle of a fragmented message
    • Digest authentication: Fix nonce validity check (expired nonce or nonce from the future did not cause the the check to fail)
    • Digest authentication: Fix nonce request value; it worked before because nonce validity check was broken as well
    • Digest authentication: Add nonce argument to mg_http_create_digest_auth_header(): clients should use the value received from the server's authentication request.
    • Fail if passed a NULL handler to mg_bind or mg_bind_opt.
    • ✅ Publish sources and tests
    • ✂ Remove tunneling functionality which was used by nobody
    • ➕ Add UDP client example
    • Don't use user_data in mqtt server
    • Deprecate mg_http_parse_header() and implement mg_http_parse_header2() instead, which allocates a new buffer if the client-provided one is not large enough (similarly to asprintf).
    • 🛠 Fix limitations of header value lengths, e.g. when parsing authentication headers such as nonce, etc.
  • v6.10 Changes

    October 31, 2017

    API changes

    • 👍 SOCKS5 client and server support
    • Timer value is no longer cleared after MG_EV_TIMER event if it was not changed. User's handler must set it to 0 explicitly to avoid repeated invocation.

    🛠 FIxes

    • SSL/TLS listener fix for TI SimpleLink networking interface
    • 🚧 Double-counting of recved bytes in LWIP interface caused issues
    • 📜 MQTT SUBSCRIBE command parsing in the broker code could cause crashes
    • 🛠 FIxed CGI script connection lifetime management
  • v6.9 Changes

    September 13, 2017

    API changes:

    • MG_ENABLE_CALLBACK_USERDATA - if set, changes signature of event handler function to include user_data argument. Disabled by default for now, in the future this will become the default.
    • mg_set_nameserver() - specify DNS server to use
    • mg_assemble_uri() - assemble a URI from parts
    • mg_connect_ws() now accepts http:// URLs

    🐛 Bug fixes:

    • 🛠 Fix parsing of MQTT QoS > 0 PUBLISH messages
    • Properly shut down the SSL connection (send "close notify" TLS message)
    • Fix mg_get_http_var() return value
    • 🛠 Fix MQTT handshake; change client protocol to version 3.1.1
    • 🛠 Fix Handling of multiple MQTT messages per RECV event
    • Update to make lwip_net_if thread-safe
    • 🏁 Use DhcpNameServer on Windows
    • 🛠 Fix MQTT message parsing issues
    • 🛠 Fix DNS name uncompression that could lead to infinite loop
    • 🛠 Fix WS frame reassembly issues