Skip to content

API and TLS updates, Hash Map security and more...

Compare
Choose a tag to compare
@boazsegev boazsegev released this 18 Jan 12:28
· 199 commits to master since this release

I spent a bunch of time learning about Hash Map and Hash function security concerns, realizing Hash Map security should be prioritized over a goof Hash function. I also Implemented a TLS client in iodine (the Ruby wrapper for facil.io) and learned a bunch of stuff that required some API changes.

On the positive side, it appears that the 0.7.x API is fairly finalized and facil.io could probably move to a 0.7.0 release soon.

The main changes in the this beta release are:

BREAK: (fio_tls) breaking API changes to the SSL/TLS API... I know, I'm sorry, especially since there's a small and misleading change in argument ordering for fio_tls_cert_add and fio_tls_new... but if we don't fix the API now, before the 0.7.0 release, bad design might ruin our Wednesday meditation for all eternity.

BREAK: (http) breaking API changes to http_connect were required in order to support Unix Socket connections in client mode.

Deprecation: (http) deprecating the http_url_parse in favor of fio_url_parse (moved the function to the core library and rewrote it in part).

Security: facil.io hash maps now limit the number of full-collisions allowed in a hash map. This mitigates the effects of hash flooding attacks. As a side effect, hash maps that are under attack might return false results for collision objects.

Fix: (websocket) fixed an issue with the WebSocket parser where network byte order for long message lengths wasn't always respected and integer bit size was wrong for larger payloads. Credit to Marouane Elmidaoui (@moxgeek) for exposing the issue.

Fix: (http) fixed udata in WebSocket client callback for failed WebSocket client connections.

Fix: (fio) logging message when listening to a Unix Socket.

Fix: (fio) numerous minor design fixes, such as Big-Endian string memory access, allowing fio.h to be used as a header only library (requires FIO_FORCE_MALLOC) and other adjustments.

Fix: (fio) fixed unaligned memory access in SipHash implementation and added secret randomization for each application restart.

Fix: (redis) fixed an issue where destroying the Redis engine and exiting pre-maturely, before running facio.io (fio_start), will cause a segmentation fault during cleanup.

Update: (fio) added Risky Hash, for fast hashing of safe data. This is a fast hashing function (about twice as fast as the default SipHash1-3 secure function) that wasn't tested for security. For this reason it should be limited to internal / safe data, such as CLI argument names.