nanomsg / nng

This release is just a set of improvements to fix some documentation bugs. These fixes are necessary for some of the automatic tooling we use for publication of documentation.

If already running v1.3.1, there is no urgency to update.

This is a bug fix release that rolls up a bunch of bug fixes.

• WebSocket and HTTP support for IPv6 addresses (note: IPv6 scopes are still not supported) (#844, #1224)
• Build fixes for NetBSD, OpenBSD, and Android (#1232, #1237)
• Serious framing error in TLS (regression introduced in 1.3.0) (#1235)
• nng_msg_clear was clearing the header; now it only clears the body (#1252)
• Use-after-free segfault in rep protocol (#1241)
• NNG_OPT_RECONNMAXT zero did not prevent exponential backoff (#1230)
• Use-after-free in TLS (#1239)
• Hangs in nng_close fixed (#1236, #1219)
• Fixes to ease inclusion in other projects
• Numerous minor doc bugs fixed
• Various test suite bugs fixed

Also there are two minor feature enhancements:

• Support for obtaining the peer process ID using IPC on modern macOS
• nngcat now supports data from standard input when the file is specified as "-" (#1007)

It is recommended that all users using v1.3.0 upgrade to v1.3.1.

Features

• Support for TLS 1.3 and external TLS providers.
  There is now an API whereby external "engines" can be developed
  for different TLS implementations. The first of these, for wolfSSL,
  is available. Set this with the NNG_TLS_ENGINE cmake option.
  The default is still to use Mbed TLS. The wolfSSL plugin is
  available under a different license (GPLv3 or commercial), and also
  provides support for TLS 1.3 and FIPS 140-2 capable solutions.

• Message cloning and related performance improvements. This is not
  a feature, so much as a rather large improvement in terms of performance.
  All workloads will see some benefit -- some will see substantial benefits.

• Numerous other performance improvements. Much effort was made to
  reducing allocations, improving cache effectiveness, and eliminating
  extra context switches. This work is not yet done, but this is a big
  step in the right direction.

• HTTP Server support for "non-exclusive" registration -- a given handler
  may be registered as a fallback handler (e.g. for a directory), even if
  more specific handlers are registered.

• Performance test programs grew more options to select different
  protocols and to change the URL to test across different transports.

Notable Bug Fixes

• Thread count is limited.
  Previously we would spawn potentially vast numbers of threads based on the
  number of available cores. By default we set an upper limit on this that
  is about 20 threads. Tune this with the NNG_MAX_TASKQ_WORKERS cmake option.

• Raw mode fixes for XREQ and XRESPONDENT. These protocols used the raw mode
  inconsistently, leaving the header in the message body. This is corrected
  and the protocol headers are kept in the message headers. There is some small
  risk that some applications broken, but we are not aware of any that used
  RAW mode to parse message headers.

• HTTP Server root URL handling had a few issues which are resolved.

• Some platforms had difficult building due to inconsistencies in the
  handling of atomics.

• Numerous test suites uncovered small (rare) races, etc. The tests
  themselves were often racy. Fixes to both NNG and the tests have been
  made, while increasing overall test coverage.

• REP protocol with SENDFD was inconsistent (#1088).

Other Changes

• Polyamorous Pair v1 mode is changed, such that a new API call is needed
  to use it. Further, this mode will likely be removed in a future release.
  Note that this mode also does not work with other implementations, nor
  does it support operation with nng_device().

• Maximum hop count across nng_device() proxies is now limited to 15.
  This limit should be sufficient for all reasonable configurations,
  and forcing this allowed us to to inline the header for performance
  reasons.

• The nng_msg_options support was removed. It was not used for anything.

This is another release to fix builds for older compiles without support for C11 atomics.

If you were able to build prior releases, there is no need to update to this release. Generally speaking, the use of older compilers will give less than ideal results; if at all possible upgrading to modern compilers is strongly recommended. The performance different is likely to be significant.

This release fixes a mistake that prevented the code from building for people on older compilers or older operating systems. Users of v1.2.4 do not need to upgrade.

This fix contains an URGENT bug fix, and all users using v1.2.x where x <= 3 should upgrade at their earliest opportunity.

The bugs fixed are:

• #1132 Masking error in LMQ leads to corruption
• #1131 (openindiana) compile error
• fix reported versions in nng.h and CMakeLists.txt

The critical bug here is #1132 which leads to use after free heap corruption, and unpredictable results once the receive or send queue wraps. The other two bugs are less critical, but should help Solaris and illumos users, and correct a bug where we reported wrong the ABI version (which could cause compatibility problems when mixing older versions with v1.2.x.)

This release fixes a number of important bugs. It's highly recommended that folks using v1.2.0, v1.2.1, or v1.2.2 upgrade to this release.

Specifically fixed:

• #1079 Use after free in tcp dialer
• #1075 WebSocket use after free
• #1064 Potential deadlock in statistics code
• #1065 resolver leaks work structures

There were also several fixes to the test suite included with these changes.

Version 1.2 is a minor feature release of NNG.

• Notably it includes support for non-SP protocol usages -- for example NNG can be used to make generic websocket or HTTP applications now.
• The default maximum receive size is lifted. (If you use NNG on an untrusted network, please set an explicit limit instead of relying on the defaults!)
• Substantial work on performance. Most protocols should see a nice boost.
• Numerous bugs fixed.

Hopefully the next release won't be so far in the future. Thanks to everyone for their patience.

This release fixes two bugs that were affecting some people:

• Crashes in the websocket code. (#986) Folks using the websocket transport are highly encouraged to update. This bug could have led to either application crashes or data corruption in transit.

• Windows client connections not supporting NNG_OPT_LOCADDR (#1062)

This release also includes changes to the way tests are created and managed, so that more tests are run, they are easier to write, easier to collect coverage for, and easier to diagnose when they fail. This won't impact built libraries, but it should have a big improvement on the overall quality of the library over time. This will be an ongoing work.

We're also making better use of GitHub actions to test on more systems, and more configurations. While this has helped to uncover some real bugs in the library, it has also started uncovering brittleness in the test suites themselves. This is the source of a lot of false failures; we will continue working on this going forward.