Skip to content

Release v2.0.2
Compare
Choose a tag to compare
@NATS-CI NATS-CI released this 15 Jul 16:42
v2.0.2
6a40503
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Changelog

Go Version

  • 1.11.12: Both release executables and Docker images are built with this Go release.

Changed

  • Default TLS Timeout bumped to 2 seconds (as opposed to 0.5s) (#1042)

Added

  • Support to extend leafnodes remote TLS timeout (#1042)
  • Allow operator to be inline JWT (#1045)
  • Made ReadOperatorJWT public for embedded use cases. Thanks to @ripienaar for the report (#1052)
  • Ability to disable sublist cache globally for all accounts. Thanks to @azrle for the report (#1055)
  • Ability to set a limit to the trace of the payload of a message. Thanks to @andyxning for the contribution (#1057)

Improved

  • Add default port (7422) for Leafnode remote connections (#1049)
  • Reduce server PINGs when data is flowing (#1048)
  • Allow remotes leafnode to specify an array of URLs. Thanks to @ripienaar for the report (#1069)

Fixed

  • Messages not distributed evenly when sourced from leafnode (#1040)
  • Help link in top level monitoring (#1043)
  • Check of max payload could be bypassed if size overruns an int 32. Note that the client would first have to be authorized to connect. This fix is for CVE-2019-13126. Thanks to Aviv Sasson and Ariel Zelivansky from Twistlock for the security report (#1053)
  • Sending to client libraries an updated MaxPayload through INFO protocol when a bound account's MaxPayload is not the same as the server the client is connected to (#1059)
  • Routing of responses across leafnodes (#1060)
  • Subscriptions were not propagated correctly upon new leafnode joining the network. Thanks to @antmanler for the report and fix! (#1067)
  • Prevent multiple solicited leafnodes from forming cycles. Thanks to @ripienaar for the report (#1070)
  • Report possible error starting the monitoring port. Thanks to @andyxning for the contribution (#1064)
  • Allow use of insecure for remote leafnode and gateways again. Thanks to @ripienaar for the report (#1071, #1073)
  • Report authorization error and use TLS hostname for IPs on leafnodes (#1072)
  • Leafnode URLs may be missing in INFO protocol sent to Leafnodes connections (#1074)
  • Server now read pending data on closed connection to be able to report error (for instance in case of an authorization error sent by remote server) (#1075)

Complete Changes

v2.0.0...v2.0.2

Assets 10
Loading