| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
New features:
- Ability to add authenticators to filemaps.
- Python: Add support for CRLs in kore.domain().
Bug fixes:
- The Kore parent process will use the correct exit code if a worker
process calls fatalx().
- Fix a bug in kore.recvmsg() related to the returned length of the
ancdata.
- Several bug fixes for concurrency when using Python 3.10.x.
Other changes:
- Removed useless debug messages all across the board.
- Added more format attributes where useful.
- Added KORE_TMPDIR define (default /tmp) for single binary builds.
|
|
|
|
Bug fixes:
- Fixed incorrect order in kore.connection.x509dict
|
|
Bug fixes:
- Fixed building single apps with PYTHON=1 flavor set.
- Fixed building Kore with CURL=1 and TLS_BACKEND set to none.
- Fixed TLS client authentication, it incorrectly always returned 403.
OK wiz@
|
|
Changes:
- Removed OpenSSL 1.0.2 support.
- TLS 1.3 is now the default for tls_version.
- Fixed support for Python 3.10 and higher.
- Kore ships with the ffdhe4096 DH parameters.
- Changed the routing configuration context.
- JSON API error handling functions no longer take a kore_json context as
parameter.
- Removed stale out-of-date examples.
- Changed the way the workers log to the parent process.
- Changed kore.domain() and kore.server() for Python API, name is now a
keyword, if omitted defaults to "default".
- Added new HTTP APIs for obtaining headers as native C types.
- http_state_create() no longer takes an onfree callback.
- Updated log levels in the ACME process.
- New logfile configuration option, allowing all Kore logs to go to the given
file instead of stdout.
- New kodev commands: cflags, ldflags and gen.
- New TLS_BACKEND option to compile without TLS.
- New privsep configuration context.
- New @kore.route("url", methods=[]) decorator in Python API.
- New http_response_json() API function.
- New http_response_close() API function.
- New kore_signal_trap() API function.
- New kore_worker_signal() API hook.
- New kore.connection.x509dict in Python API.
- New koreapp.workerstop, koreapp.workerstart hooks for Python.
- New kore.task_id() for Python, returning current coroutine ID.
- New kore.sigtrap() for Python, trapping a given signal.
- New kore.privsep() for Python, for setting up the new privsep
configuration.
- New curlopt keyword for kore.httpclient, allowing setting of specific curl
options directly into it.
- New TARGET_PLATFORM environment variable for cross building Linux.
- New on_body, on_headers and on_free route handlers.
- New kore_mem_zero() function.
- New http.protocol() for Python API.
- Removed run_as and root configuration options.
- Removed keymgr_runas and keymgr_root configuration options.
- Removed acme_runas and acme_root configuration options.
- Added ability for parent to send messages via the msg framework to workers.
- Added several new system calls to seccomp whitelist filters.
- Added support for overriding previously set headers with
http_response_header().
- Added support for 100 in http_response_* APIs.
- Added new "docker" deployment target for Python.
- Updated the pgsql code to understand PGRES_PIPELINE_SYNC and
PGRES_PIPELINE_ABORTED.
- Modified Kore child handling code to wait for processes in its worker
process group.
- And much more..
Bug fixes:
- All kore_pool elements are now always properly aligned on a boundary of 8.
- execve() now takes an environment pointer instead of NULL.
- Fixed a problem in kore.socket.recvfrom() Python API.
- Fixed several wrong log messages while parsing configuration.
- Fixed a bug in the kore_http client related to OPTIONS and DELETE methods.
- Fixed potential uninitialised parameter in accesslog.
- Fixed small bugs in several examples.
- Fix bug in several kore_json_create_*() API functions with regards to
variadic arguments.
- Fixed dependencies in the Kore Makefile.
- Fixed how Kore obtains paths to openssl on Mac platforms.
|
|
|
|
|
|
|
|
|
|
|
|
This tool makes it easy to quickly spin up a static serving webserver.
|
|
ChangeLog:
This minor release improves on internal APIs and has some minor bug fixes.
New tool: kore-serve
This tool makes it easy to spin up static serving webserver quickly. To
build it, run make tools-build and make tools-install.
JSON API Improvements:
- More strict parsing of JSON objects.
- Allow int64_t and uint64_t as JSON numbers.
Additionally the parser has been tested heavily in a security critical
product. This work was sponsored by my employer, Tutus Data.
ACME improvements:
- Added and enabled POST-as-GET.
- Fixed a bug on LibreSSL where multi-domain setup could fail to
renew certificates.
Python API improvements:
- Adds async socket.recvmsg to the Python API.
Other changes:
- Enabled TLS 1.3 for LibreSSL 3.2.2
- All Kore hooks prototypes now live inside of kore/hooks.h.
- Renamed "foreground" to "kore_foreground".
- Kore will now install its sources under $PREFIX/share/kore, allowing
kodev build to build single binaries out of the box.
- kodev source command added (shows the location of the built-in source
code).
- Added missing seccomp_tracing to the example configuration.
- Added kore build scripts under misc.
- Linux: added missing seccomp calls for certain platforms.
- Added kore_default_getopt(), which should be called from
kore_parent_configure() in single binary builds if you want to retain
the argument parsing.
|
|
ChangeLog:
This patch release fixes an issue with the accept lock and pulls in a few
patches from NetBSD and OpenBSD ports to make maintainer life a little bit
easier.
Important changes:
- Pull in NetBSD and OpenBSD ports patches
- Only reset accept_avail if we actually grabbed the accept lock
- Fixed building with multiple make jobs if PYTHON=1 was specified
Small changes:
- Added BEERS file
- Fixed a few typos
- Removed lingering x86 seccomp code (Linux)
|
|
ChangeLog:
- Fully priviledge seperated ACME support with Let's Encrypt or any
compatible ACME provider.
- A better way of writing Kore Python applications.
- Full seccomp sandboxing for acme, keymgr and worker processes on Linux.
- Ability to mix TLS and non-TLS servers in a single configuration.
- Many improvements to the Python asynchronous runtime.
- Configuration based redirection.
- A complete builtin and easy to use JSON parser.
- Several bug fixes and speed improvements.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Kore is an easy to use web application framework for writing scalable
web APIs in C.
Its main goals are security, scalability and allowing rapid development
and deployment of such APIs. Because of this Kore is an ideal candidate
for building robust, scalable and secure web things.
OK kamil@
|
