Releases: Ericsson/xcm
v1.11.0
This release extends the XCM socket attribute API. It is also a rewrite of the library-internal XCM socket attribute handling machinery. All API changes are backward compatible.
Generic Socket Attribute Extension
The API is extended to support dynamically-sized lists in the socket attribute tree. The API documentation is extended to cover both new API functionality, and describe the XCM socket attribute data model.
A new function xcm_attr_get_list_len() is added to retrieve the length of a list.
The socket attribute name syntax is properly documented and extended to support list indexing (using ALGOL 60-like syntax, with brackets).
Elements in a list may be retrieved using the regular xcm_attr_get*() family of functions, provided the socket attribute name (path) is constructed by the caller. To make it easier to access lists (and any other future dynamic elements), a new family of functions xcm_attr_getf*() is introduced, which provides a printf formatting-like string formatting service.
Refer to the API documentation for details and examples:
https://ericsson.github.io/xcm/doc/v1.11.1/
The XCM attribute namespace was always hierarchical, but the implementation was a flat name -> <set of callbacks + meta data>
mapping. This worked well when attributes were organized into pseudo dictionaries. It didn't work well with dynamically-sized lists of
attributes.
The new framework does proper parsing of the socket attribute name (path). The socket attribute tree is represented as a tree proper, with dictionaries and lists are predominantly interior nodes, and strings, integers etc as leaf nodes.
See commit 94b261d for more details.
TLS certificate attributes
A number of X.509 certificate-related socket attributes are added in this release:
tls.peer.cert.subject.cn (for the CN part of the subject field DN)
tls.peer.cert.san.dns[] (DNS type SANs)
tls.peer.cert.san.emails[] (RFC 822 type SANs)
tls.peer.cert.san.dirs[].cn (the CN part of the directory name type SAN DNs)
Other Improvements
In addition, v1.11.0 includes the following improvements:
- Fix incorrect log format strings.
- Clean up test directory structure.
- Modernize doxygen.conf.
- Shorten API documentation overviews and various other minor documentation tweaks.
The API/ABI version is bumped to 0.26.
v1.10.1
Release v1.10.1 contains the following improvements:
- Reduced worst-case stack usage. (Issue #100)
- Fix bug causing the DNS name resolution process to time out too quickly on c-ares v1.1.7 or later, when a large XCM "dns.timeout" was configured.
- Have the SCTP transport properly handle multi-chunk SCTP messages. (Issue #32)
- Work around valgrind memcheck false positive in unit test.
- Modernize gencert test tool to avoid Python deprecation warnings.
The ABI/API remains unchanged.
The API documentation and user manual for this release can be found at:
https://ericsson.github.io/xcm/doc/v1.10.1/
v1.10.0
Release v1.10.0 contains the following improvements:
- Support for transport-agnostic address syntax checking is added to the <xcm_addr.h> API.
- xcm_close() is now guaranteed (API-wise) to never fail. The function signature remains the same.
- An XCM-level relay utility 'xcmrelay' is added. xcmrelay binds a server port, and for each inbound connection creates an outbound connection to a remote address. The program relays data (or messages) between the inbound and the corresponding outbound connection.
- Python test cases are modernized (e.g., moved from Python's unittest module to pytest).
- A non-blocking, libevent-based, example program is added (echod.c).
- Fix bug where the 'xcm' command-line tool failed to call xcm_close() on closed connections, which in turn many generate a SSL-level error at the remote peer.
- Improved 'xcm' command-line program usage information.
The ABI/API is bumped to 0.25.
The API documentation and user manual for this release can be found at:
https://ericsson.github.io/xcm/doc/v1.10.0/
v1.9.2
Release v1.9.2 contains the following improvements:
- Work around bug causing all certificate verification to fail in case CRL checking was enabled, and there was a CRL issued by a non-root CA. The root cause of the failure is a bug in OpenSSL effectively preventing to the use of partial chains and CRL checking simultaneously. To work around this issue, the XCM TLS transport disallows partial chains (i.e., chains of trust where the trust anchor is a non-root CA) if (and only if) CRL checking is enabled.
- Log cause of certificate verification failures.
- Fail test runs on Valgrind memory leaks. Prior to this fix, any memory-related errors would just cause printouts on stderr during test execution.
The ABI/API remains unchanged.
The API documentation and user manual for this release can be found at:
https://ericsson.github.io/xcm/doc/v1.9.2/
v1.9.1
Release v1.9.1 contains the following improvements:
- Fix bug causing xcm_remote_addr() to return NULL in case SO_PASSCRED was not set by the peer. Issue #85.
- Fix bug where errno wasn't properly set on xcm_remote_addr(), xcm_local_addr(), or xcm_attr_get(..., "xcm.remote_addr") failures. See issue #84.
- The Python XCM wrapper module now allows the retrieval of double-type socket attributes.
- Test improvements, including
- Fix race condition cause occasionally failures in the UTLS remote address test case.
- Lengthened test CRL update interval, to avoid test certificates going invalid.
- Extend test IP addresses to avoid collisions.
- Fix cosmetic memory leak in utest.
- Various documentation improvements, including:
- Make example select calls valid.
- Rephrase overview in API documentation.
- Add missing BTCP references.
The ABI/API remains unchanged.
The API documentation and user manual for this release can be found at:
https://ericsson.github.io/xcm/doc/v1.9.1/
v1.9.0
Release v1.9.0 contains the following improvements:
BTCP Transport
XCM v1.9.0 introduces a new XCM transport BTCP, including the appropriate extensions to <xcm_addr.h>. API-wise, BTCP presents a XCM bytestream type service. On the wire, XCM BTCP is just "raw" TCP, with no XCM-specific wire protocol elements.
There are two primary drivers behind BTCP. One is that it provides a clean and easy way to share TCP/BSD socket-related functionality between XCM BTLS and the XCM TCP transports, and helps assure that TCP-level options and behaviors are the same for both XCM TCP and XCM BTLS/TLS/UTLS.
Already prior to the introduction of BTCP, DNS and BSD sockets-related code was shared between BTLS and TCP (e.g., tcp_attr). The requirement to support RFC 6555-style "Happy Eyeballs" DNS and TCP connection establishment procedures increased the incentive to realize BTCP.
In v1.9.0, XCM BTLS uses the new BTCP transport as mapping layer between OpenSSL and the BSD sockets API. In OpenSSL speak, such a module is referred to as a "BIO". The BTLS transport now has a custom BIO which relays data between OpenSSL and BTCP. An upside of this change is that XCM no longer needs to configure libc to ignore SIGPIPE (which is not something shared libraries should do, generally). Ignoring SIGPIPE was required since the standard OpenSSL BIO previously used by XCM issued the send() syscall without the MSG_NOSIGNAL flag set. Without SIGPIPE filtering, such SIGPIPE UNIX signals would be delivered to the process in case the connection was broken on send(), likely much to the surprise of most applications.
The second reason is for the introduction of BTCP is symmetry (or completeness). XCM BTCP is to XCM TCP what XCM BTLS is to XCM TLS.
Happy Eyeballs
New in v1.9.0 is support for configurable DNS-based TCP connection establishment algorithms.
The DNS resolver (glibc or C-ares) sorts the A and AAA records and returns them to the higher layer in the order of preference. XCM versions prior to v1.9.0 always only attempted to connect to the first, most preferred, address in this list. If that connection attempt failed, an error was returned to the caller.
In v1.9.0, the application may control which algorithm (or mechanism) is used to translate the list of addresses into an established TCP connection using a new XCM socket attribute "dns.algorithm". The default algorithm is "single", which is identical to legacy XCM behavior.
If the "sequential" method is specified, all addresses provided by DNS will be probed, one-by-one, in resolver-controlled priority order.
If the "happy_eyeballs" algorithm is configured, the XCM socket maintains two concurrent tracks, where one attempts to connect to all IPv6 addresses, one-by-one, in priority order, and the other does the same, but for the IPv4 subset. All this pretty much in accordance to RFC 6555.
The "dns.algorithm" attribute is available in all TCP-based transports; UTLS, TLS, BTLS, TCP, and BTCP.
To keep core BTCP transport complexity low, the responsibility for managing BSD socket creation and TCP connection establishment is moved out from xcm_tp_btcp.c to a new module tconnect.c.
v1.9.0 also sports a new "tcp.connect_timeout" socket attribute, which allows the user to specify a TCP connection establishment-specific timeouts. The default is 3 s, which is roughly the same as older XCM versions.
Certificate Revocation Verification
Starting in this release, XCM may optionally be configured to check the remote peer's certificate (and other certificates in the chain of trust) against a set of certificate revocation lists (CRLs). The full chain is checked against the CRLs.
CRL checking is supported in all XCM transports using TLS, including for UTLS connection sockets of the TLS type.
CRL checking is disabled by default. It is enabled by setting the new "tls.check_crl" socket attribute to true.
The actual CRL bundle is supplied by setting one of the new "tls.crl_file" or "tls.crl" socket attributes.
The CRL bundle is cached and re-read/re-parsed on change in the same manner as the cert.pem, key.pem and tc.pem files. Already-established TLS connections will not be torn down.
CRL checking is available on both socket serving in the TLS client and server roles.
Other Improvements
- Avoid redundant epoll instance updates in the TLS transport, reducing message send and receive overhead with ~5%.
- Fix DNS-related test failures occuring on non-C-ares builds.
- Improve API documentation in regards to MT safety.
- Various minor refactorings.
- Use SOCK_NONBLOCK to avoid fnctl() calls and reduce overhead for socket creation.
- Improve "dns.timeout" attribute documentation.
- Introduce directory subtree under libxcm/, to make navigating the source code easier.
- Enable the BTLS address parsning test cases.
- Extend invalid address test cases.
- Missing SPDX license headers are added to various Python source files.
- Fix 'xcm' command-line tool floating point attribute bug.
The API/ABI version is bumped to 0.24.
The API documentation and user manual for this release can be found at:
https://ericsson.github.io/xcm/doc/v1.9.0/
v1.8.0
Release v1.8.0 contains the following improvements:
- XCM switches over from using the glibc resolver to the c-ares DNS library. It is still possible to build a library which uses glibc and getaddrinfo_a(), with the --disable-cares configure option. c-ares has the following number of advantages over glibc's resolver:
- Does not leak memory.
- Better performance.
- Allows to programmatically tweak DNS timeout parameters.
- Much cleaner API.
- Does not use a background thread. The glibc threads caused a number of issues, in particular since they failed to block UNIX signals.
- A new attribute "dns.timeout" is added, which allows an application to specify the maximum time out for the DNS resolution process. The default is 10 seconds. This attribute is only available if libxcm is built with c-ares support.
- Support for double-precision floating point socket attributes are added to <xcm_attr.h> and <xcm_attr_map.h> APIs.
The API/ABI version is bumped to 0.23.
The API documentation and user manual for this release can be found at:
https://ericsson.github.io/xcm/doc/v1.8.0/
v1.7.0
Release v1.7.0 contains the following improvements:
Library:
- Support for configuring TLS credentials by-value by means of three new socket attributes ("tls.cert", "tls.key", and "tls.tc") are added.
- Convenience functions for accessing binary type attributes are introduced into the <xcm_attr.h> and <xcm_attr_map.h> APIs.
- The 'xcm' command-line tool now allows configuring binary attributes on the sockets it creates.
- The use of OpenSSL API calls marked obsolete in OpenSSL 3.0.0 is discontinued.
Documentation:
- Certificate file documentation restructured.
- Various spelling fixes.
- Improvements to xcm_finish() documentation.
- Fix error (suggesting the function would always return 0 on success) in xcm_fd() documentation.
- Doxygen configuration cleaned up.
Test suite:
- Race condition in TCP keepalive test case fixed.
- Deprecated Python APIs are longer used in the Python test suite.
- Bytestream testcases added to the Python test suite.
- TLS test case for multiple CAs with same subject added.
- A memory leak in the TLS multi-record test case is fixed.
- TLS spammer test case no longer times out.
- Authority key ids are added to all XCM test certificates
v1.6.2
Release v1.6.2 contains the following improvements:
- Bugfix for TLS header parsing issue, where a XCM header split into multiple TLS protocol-level records triggered a library assertion.
- The user manual is extended to include information on the XCM tracing facilities.
- Library version is now logged.
- The default compiler flags no longer terminate the build upon encountering compiler warnings.
API/ABI remains unchanged.
The API documentation and user manual for this release can be found at:
https://ericsson.github.io/xcm/doc/v1.6.2/
v1.6.1
Release v1.6.1 contains the following improvements:
- Reduce the control interface poll frequency, which in turn gives a slight performance boost, especially for UX socket users (~5-10%), in ping-pong scenarios.
- Fix bug #62 "Connection establishment with DNS name may create socket in the wrong namespace".
- Fix bug which prevented test suite to be run in Valgrind.
- Fix IPv6 scope related SCTP build issue.
API/ABI remains unchanged.
The API documentation and user manual for this release can be found at:
https://ericsson.github.io/xcm/doc/v1.6.1/