Download


Size Date Name SHA256 Signature
989917 2018-07-18 kore-3.1.0.tar.gz kore-3.1.0.tar.gz.sha256 Minisign signature

Changelog for the 3.1.0 release

Allow on-the-fly reloading of keys and certificates.

The Kore keymgr process is able to reload its private keys and certificates when it receives a SIGUSR1.

This change makes all paths for certkey and certfile relative to the newly introduced keymgr_root_path configuration option. Additionally the keymgr process can get its own user to drop privileges towards, separate from the worker processes, configurable via keymgr_runas_user.

HTTP improvements

Kore will calculate the sha256 hash of the incoming HTTP body while receiving it over the wire.
The result can be obtained via the new http_body_digest function.

int http_body_digest(struct http_request *req, char *out, size_t len);

The HTTP header validation has been improved as well, no longer allowing illegal characters.

You can now restrict the methods available to a page handler via the configuration. Restricting this means Kore will respond to a client with a HTTP_STATUS_METHOD_NOT_ALLOWED immediately after parsing the Request-line instead of waiting for the entire HTTP body to arrive.

restrict /path get post head

PGSQL improvements

A new pgsql state was added: KORE_PGSQL_STATE_NOTIFY which indicates you received a notification on that pgsql connection. You can obtain the channel and extra parameters via the notify member inside of the kore_pgsql data structure.

if (sql->state == KORE_PGSQL_STATE_NOTIFY) {
	printf("notification on channel %s, %s\n", sql->notify.channel, sql->notify.extra);
} 

You may queue up for notifications by sending a LISTEN channel query over that kore_pgsql connection.

Other changes

  • - Fixed a problem with zero-copy HTTP parsing.
  • - No longer compile in kore_module_handler for NOHTTP builds.
  • - The keymgr process on OpenBSD is now pledge'd.
  • - Added kore_worker_make_busy().

API breakage vs 3.0.0 release

The following defines their value have changed:

  • HTTP_METHOD_GET, new value: 0x0001
  • HTTP_METHOD_POST, new value: 0x0002
  • HTTP_METHOD_PUT, new value: 0x0004
  • HTTP_METHOD_DELETE, new value: 0x0010
  • HTTP_METHOD_HEAD, new value: 0x0020
  • HTTP_METHOD_OPTIONS, new value: 0x0040
  • HTTP_METHOD_PATCH, new value: 0x0080