Releases: cesanta/mongoose
Mongoose 7.6
- Fixed
mg_check_ip_acl()
- API change for
mg_wakeup()
- added ability to pass specific data to the mongoose task - API change for
mg_mqtt_pub()
andmg_mqtt_sub()
- usingstruct mg_str
instead ofstruct mg_str *
- Added embedded FatFS support,
mg_fs_fat
- API change for
mg_http_upload()
- added FS parameter - API change for
struct mg_fs
- open and close calls acceptvoid *
, notstruct mg_fd *
- Fixed
mg_url_port()
- Added FS parameter to the
struct mg_tls
, in order to let TLS code to read certs from any FS - Fixed DNS resolution issue: propagating DNS errors to the resolving connection
- Added ability to override stat() call for POSIX FS
- Improved UDP - not calling connect()
- Added SSDP search example
- Added huge-response example
- Added realpath() convenience macro for Win32
- Use
int64_t
for millisecond values in timers and formg_millis()
- Removed
mg_time()
andusleep()
- Made mongoose friendly to the baremetal Keil build
Mongoose 7.5
- Add
MG_HTTP_INDEX
build var, default to "index.html", to let user to change directory index file - Added
MG_CUSTOM_TLS
build flag, to enable any 3rd party TLS library integration (or make tweaks to existing integrations) - Added example for mg_http_bauth()
- Added documentation for mg_http_get_header_var()
- Added CIFuzz integration
- Fixed captive portal example
- Added json-rpc-via-ws example
- Fixed FD_CLOEXEC handling
- Added Add examples/mqtt-client-aws-iot
- Add user and pass to struct mg_mqtt_opts
- Fixed comma handling in mg_http_get_header_var()
- Fixed UDP handling on Windows
- Added mbedTLS CRL support
- Fixed mg_random() on ESP32
Mongoose 7.4
- Added example for NXP RT1020 on Microsoft AzureOS
- Added support for Microsoft AzureOS
- Better diagnostics in mg_open_listener, #1359
- Including ipv6 wrapping brackets [] in the result of mg_url_host()
- Support multiple serving directories (web roots):
opts.root_dir = "/path1,/uri1=/some/other/path"
. See 2139fbc - Security enhancement in MQTT codepath
- Removed
realpath()
from the virtualised FS API - Enhanced OpenSSL handshake codepath
- API change mg_iobuf_{append,delete} -> mg_iobuf_{add,del}
- Added WS defragmentation logic
- Added Add mg_check_ip_acl()
- API change: mg_next_comma_entry() -> mg_commalist()
- Added stm32-nucleo-f746z example
- Fixed HTTP chunk handling for larger chunks
- Enhanced FREERTOS + LWIP support - works out of the box!
- Refactored mg_mkpipe() and multithreading support
- Sending MG_EV_WS_OPEN to server connections, too
- Added MQTT over Websocket example
- Added virtualised FS support and built-in ability to pack static files into server binary and serve files without a "real" FS
- Added RISCV target to unit test
Mongoose 7.3
- Improved SSI file serving: added Content-Type header
- Improved compiler compatibility, using traditional header guards instead of
#pragma one
- When listening on port 0, exposing the actual port
- Disabled SSL 1.1 for OpenSSL
- Fixed C++ mg_str constructor shadowing
- Using FD_CLOEXEC on opened sockets on UNIX-like systems
- Support for new mbedtls 3.x
- Improved C++ interop with
#ifdef __cplusplus
- Improved MQTT API: added
qos
andretain
params tomg_mqtt_{pub,sub}
- Optimised RAM usage -
mg_iobuf_append()
- Added MG_ARCH_FREERTOS_LWIP
- Added stm32f7 example with FreeRTOS+TCP stack
- Re-enabled Range header support (partial downloads)
- Multiple documentation fixes
- Improved
mg_random()
for Espressif builds - Added multiple unit tests
- Added an ability to load mbedTLS certs from memory
- Added multipart form upload
Mongoose 7.2
- Added
mg_mqtt_next_unsub()
- Added chunked HTTP client support and
MG_EV_HTTP_CHUNK
event - Restored
mg_mqtt_{ping,pong,disconnect}
functions - Fixed Cygwin and QNX builds
- Added
struct mg_mgr::userdata
pointer - Added
struct mg_http_message::head
which contains HTTP line and all headers - Add ability to use in-memory CA PEM for mbedtls
- Improved unicode handling on Win32
- Improved ESP32 example to use SPIFFS and static serving
- Improved TLS SNI
Mongoose 7.1
Overview
This is a bugfix and cleanup release after the major version 7.0 release. A significant number of small issues were fixed, and some new examples added.
- Continuous integration test switched from CircleCI to Github Actions
- Added socks5 example
- Added esp32 example
- Added esp8266 example
- Added mingw test
- Added mbedtls test
- Added openssl test
- Added reverse proxy example
- Added proxy client example
- Added MQTT server example
- Many TLS related fixes
- Fixed DNS resolution timeout
- Added SSI to
mg_http_serve_dir()
- Fixed file descriptor leak for local cache codepath
Mongoose 7.0
Overview
This is a major release, aimed primarily at refactoring and cleanup of the codebase. The main focus is made on the embedded usage.
The documentation has been fully revamped, and published at https://cesanta.com/docs. Porting from the 6.x version is not straightforward, despite all concepts stayed intact. The major changes include:
-
CGI support has been removed
-
WebDAV support has been removed
-
Socks5 support has been factored to the example
-
Digest auth support has been removed. The anticipated usage is Basic + TLS
Non-amalgamated sources
The non-amalgamated sources are kept in src/
, and amalgamation is performed by Makefile. Set -DMG_ENABLE_LINES
compiler option to enable non-amalgamated diagnostics.
CI tests and coverage
A Circle CI tests are established, to test on the common platforms and compilers, for both ISO C and ISO C++ mode. Also, an automatic test coverage tracking is performed.
The plan for the next releases is to add platform-specific examples (like for ESP32, STM32, etc) and integrate them into CI, to ensure they do not break as development continues.
Continuous fuzzing test
Mongoose is integrated into Google's https://oss-fuzz.com/ service, to enable continuous fuzzing code tests. This helps to find security issues early on.
Mongoose 6.18
- Allow OpenSSL session reuse on 2-way SSL
- Updated certs for OpenSSL tests
- Fixed OpenSSL error status issue
- Added HTTP proxy client example
- Fixed deferencing mg_http_free_proto_data_endpoints
- Fixed typedef bool for MSC
Mongoose 6.17
Bug fixes
- An integer overflow bug in
parse_mqtt()
, CVE-2019-19307 - MQTT ping logic improved
- Leak fix for invalid CA
- Make SSL and non-SSL build binary compatible
- Make 30x replies keep opened HTTP/1.1 connection
Mongoose 6.16
Bug fixes
- A critical issue in mg_http_parse() is fixed. Associated fuzzer test added.
This is a fix for the CVE-2019-13503 in the Common Vulnerability and Exposure database: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13503