Skip to content

@cpq cpq released this Mar 9, 2021 · 44 commits to master since this release

  • Added mg_mqtt_next_unsub()
  • Added chunked HTTP client support and MG_EV_HTTP_CHUNK event
  • Restored mg_mqtt_{ping,pong,disconnect} functions
  • Fixed Cygwin and QNX builds
  • Added struct mg_mgr::userdata pointer
  • Added struct mg_http_message::head which contains HTTP line and all headers
  • Add ability to use in-memory CA PEM for mbedtls
  • Improved unicode handling on Win32
  • Improved ESP32 example to use SPIFFS and static serving
  • Improved TLS SNI
Assets 2

@cpq cpq released this Jan 26, 2021 · 89 commits to master since this release

Overview

This is a bugfix and cleanup release after the major version 7.0 release. A significant number of small issues were fixed, and some new examples added.

  • Continuous integration test switched from CircleCI to Github Actions
  • Added socks5 example
  • Added esp32 example
  • Added esp8266 example
  • Added mingw test
  • Added mbedtls test
  • Added openssl test
  • Added reverse proxy example
  • Added proxy client example
  • Added MQTT server example
  • Many TLS related fixes
  • Fixed DNS resolution timeout
  • Added SSI to mg_http_serve_dir()
  • Fixed file descriptor leak for local cache codepath
Assets 2

@cpq cpq released this Dec 12, 2020 · 209 commits to master since this release

Overview

This is a major release, aimed primarily at refactoring and cleanup of the codebase. The main focus is made on the embedded usage.
The documentation has been fully revamped, and published at https://cesanta.com/docs. Porting from the 6.x version is straightforward, as all concepts stayed intact, with the exception of CGI. The CGI support has been removed.

Non-amalgamated sources

The non-amalgamated sources are kept in src/, and amalgamation is performed by Makefile. Set -DMG_ENABLE_LINES compiler option to enable non-amalgamated diagnostics.

CI tests and coverage

A Circle CI tests are established, to test on the common platforms and compilers, for both ISO C and ISO C++ mode. Also, an automatic test coverage tracking is performed.

The plan for the next releases is to add platform-specific examples (like for ESP32, STM32, etc) and integrate them into CI, to ensure they do not break as development continues.

Continuous fuzzing test

Mongoose is integrated into Google's https://oss-fuzz.com/ service, to enable continuous fuzzing code tests. This helps to find security issues early on.

Assets 2

@cpq cpq released this May 21, 2020 · 277 commits to master since this release

  • Allow OpenSSL session reuse on 2-way SSL
  • Updated certs for OpenSSL tests
  • Fixed OpenSSL error status issue
  • Added HTTP proxy client example
  • Fixed deferencing mg_http_free_proto_data_endpoints
  • Fixed typedef bool for MSC
Assets 2

@cpq cpq released this Feb 11, 2020 · 288 commits to master since this release

Bug fixes

  • An integer overflow bug in parse_mqtt(), CVE-2019-19307
  • MQTT ping logic improved
  • Leak fix for invalid CA
  • Make SSL and non-SSL build binary compatible
  • Make 30x replies keep opened HTTP/1.1 connection
Assets 2
  • 6.16
  • c41a221
  • Compare
    Choose a tag to compare
    Search for a tag
  • 6.16
  • c41a221
  • Compare
    Choose a tag to compare
    Search for a tag

@cpq cpq released this Sep 30, 2019 · 306 commits to master since this release

Bug fixes

Assets 2

@cpq cpq released this Jun 13, 2019 · 313 commits to master since this release

Bug fixes

  • A critical MQTT heap-based overflow in parse_mqtt() fixed - credit goes to Yakun Zhang and Zheng Huang of Baidu Security Labs for discovering and reporting the issue
  • mg_resolve2() incorrect memory init fixed
  • Fixed locking in lwip_net_if
  • Fixed callback invocation in mg_net_if_lwip

Features

Assets 2

@rojer rojer released this Mar 4, 2019 · 333 commits to master since this release

API changes

  • Added MG_MK_STR_N(), mg_str_starts_with(), mg_strfree()
  • Added mbuf_clear(), mbuf_append_and_free(), mbuf_move()
  • Added ability for multipart data handler to provide pushback
  • Made MG_CTL_MSG_MESSAGE_SIZE overridable

Bug fixes

  • Fixed digest auth result comparison
  • Read all available data during recv poll
  • Ensure that user sees all the data before connection is closed
  • Check for NULL in tcp_recved_tcpip()
  • Send extra options with OPTIONS
  • Properly support MQTT wildcards when matching topics
  • Fix handling of WS handshake error response

Other changes

  • Log file:line instead of function; add cs_log_set_file_level()
Assets 2
  • 6.13
  • 95afa32
  • Compare
    Choose a tag to compare
    Search for a tag
  • 6.13
  • 95afa32
  • Compare
    Choose a tag to compare
    Search for a tag

@rojer rojer released this Oct 8, 2018 · 359 commits to master since this release

  • When processing chunked response, make sure chunk size is reasonable
  • Open uploaded file in binary mode (Windows)
  • Refactored polling, cleaned up net_if interface somewhat
  • LwIP: Trim recv_mbuf when we know the size of the data
  • Fix unused variable warnings when build w/o logging
  • Added net_if_null
  • Minor doc updates
Assets 2

@rojer rojer released this Aug 13, 2018 · 381 commits to master since this release

Security fix

This release fixes a security issue, reported at https://www.cvedetails.com/cve/CVE-2018-10945/

( Fix body length calculation in mg_handle_cgi)

Change List:

  • Add mg_url_encode_opt() - a parametrized version of mg_url_encode()

  • Add MG_HIDE_SERVER_INFO

  • mg_file_upload_handler: Support multiple files

  • Add host name verification for OpenSSL

  • Add mg_strstrip: trims whitespace at both ends of a string

  • Fix http pipelining

  • Fix buffer size passed to inet_ntop()

  • Fix an edge case in multipart HTTP upload parsing

  • Fix mg_http_parse_header (treat ; as a delimiter)

  • mg_lwip: Fix race during clean connection teardown

  • Fix a bug in mg_mgr_init_opt with opts.num_ifaces

  • Fix build with CS_ENABLE_STDIO=0

  • Fix warnings on newer versions of GCC

  • Fix body length calculation in mg_handle_cgi

  • Don't touch send_mbuf when sending MQTT messages

Assets 2