1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
|
# Changes in catlfish 1.0.1-alpha-dev
## Features
- New configuration option 'storage-sign-quorum-size' determines the
minimum number of storage nodes successfully storing an entry in
order for signing nodes to generate an SCT for it. This prevents a
rouge frontend node from sending out an SCT for an entry that will
never be merged. An effect of this is that the SCT cache is now
mandatory and can not be disabled (closes CATLFISH-28).
- Allow HTTP POST body sizes up to 10MB, when sent in chunks up to 1MB
in size (closes CATLFISH-98).
- Configure and use status server (closes CATLFISH-93).
## Bug fixes
- Don't store, and deliver in get-entries, root cert twice when
included in submission (closes CATLFISH-96).
- Don't use nc(1) for talking to control port. It behaves incorrectly
under some circumstances.
## Improvements
- Start fewer fsync processes when not using fsdb (CATLFISH-102).
# Changes in catlfish 0.10.0 - 2017-02-11
## Incompatible changes
- Local configuration files need two new options: 'configurl' and
'logadminkey'. The former is where the log administrator publishes
the (generated) global config file and the latter can be found in
that file.
- The previous configuration option 'publicaddresses', used by
frontend nodes, is now 'ctapiaddresses' (closes CATLFISH-74). This
actually happened in catlfish 0.9.0.
- The previous configuration option 'addresses' is now
'frontendaddresses', 'storageaddresses', 'signingaddresses', and
'mergeaddresses' (closes CATLFISH-74). This actually happened in
catlfish 0.9.0.
- The previous configuration option 'known_roots', used by primary
merge nodes, is now 'knownroots', to match what's being used by the
other nodes types.
It should be noted that regeneration of Erlang config files is
necessary when upgrading to 0.10.0 from a previous version.
This is indeed recommended for every release, and even recommended
to be done before restarting of nodes, in order to take advantage of
the new config management system.
## Features
- A new database backend, permdb, has been added. This is the
recommended backend.
- Support for managing log configuration and log keys has been
added. Most notably, the log API keys have moved into the global
configuration file and a new logadmin key is used by the log owner
to sign that file. Node operators should regularly download the
global config, verify it and use it together with local config to
generate the Erlang config files used by the system (closes
CATLFISH-77).
- Many configuration options can now be reloaded without restarting
a node (closes CATLFISH-32).
## Improvements
- Most of the merge process has been parallelised. It's now possible
to add both new frontend nodes and new secondary merge nodes to a
running log without risking long delays in publishing of new STH's
(closes CATLFISH-88).
- Tooling both for initiating a log instance and for promoting a
secondary merge node to primary in an existing log instance has been
added.
- The tests now do a better job at testing the merge failover case.
# Changes in catlfish 0.9.0 - 2016-12-04
## Features
- Configuration for selecting database backend added.
- Tool for parsing benchmarking output and generating HTML added.
## Improvements
- A new algorithm for merge backup and merge dist has been implemented.
- Merge-backup is now sending in chunks, improving performance.
- Backup quorum is now configurable.
- Configuration format now supports combined frontend and storage
nodes.
- Support for Erlang R17 and R18 added.
- Large tests added.
# Changes in version 0.8.0 - 2015-09-21
## Incompatible changes
- The file format for persistent storage of log entries has
changed. catlfish-0.8.0 is unable to read a database created by all
previous versions. Previous versions are unable to read a database
created by 0.8.0.
## Features
- Library call for verification of entries added, used by plop.
- New config parameter 'mmd' (maximum merge delay in seconds)
added. Used to determine if an STH is fresh. Default, if not
configured, is 86400, equals 24 hours (closes CATLFISH-51).
- New config group 'ratelimits' added (closes CATLFISH-52).
- Verification of leaf data when read from disk (closes CATLFISH-50).
- A new program, tools/storagegc.py, updates the lastverifiednewentry
file for storage nodes to use in fetchnewentries (closes
CATLFISH-54).
- Test suite is now verifying correct precert handling too.
## Bug fixes
- A bug with merging root certs, i.e. lacking ExtraData has been fixed
(closes CATLFISH-45).
- Merge now fsyncs the logorder file (closes CATLFISH-46).
- A chain returned from the log (get-entries) now always contains a
known root cert (closes CATLFISH-55).
- Extra data for precerts returned from the log is now conformant with
RFC6962 (closes CATLFISH-56).
## Code cleanup
- Dialyzer clean.
# Changes in version 0.7.0 - 2015-04-25
## Features
- Support for secondary merge nodes added.
- HSM support verified to work with SoftHSMv2 and one real HSM.
# Changes in version 0.6.0 - 2015-04-13
## Features
- Pre-cert handling and get-entry-and-proof implemented. Now fully
RFC6962 protocol compliant.
- Submitted X.509 certificates and their chains are now validated.
- Application split into frontend, storage, signing and merge nodes.
Docker packaging added for running them.
- Tools for merging, submitting certs and verifying SCT's added. This
is a separate code base from catlfish and plop.
- A config compiler was added making it possible to generate Erlang
syntax configuration for a complex system from simpler yaml files.
- SCT caching added, not enabled by default.
## Internal bigger changes
- Add Erlang release management and a more controlled start process.
- Use mochiweb for serving httpd (replacing inets) and json encoding
and decoding (replacing jiffy).
- Add system and unit tests.
- catlfish/plop interface clean up.
- Use lager for logging and hackney for http client.
# Changes in version 0.1.1 - 2014-09-20
catlfish version 0.1.1 fixes a major bug in add-chain decoding and
implements get-entry-and-proof.
# catlfish version 0.1.0 "PoC" - 2014-09-15
catlfish version 0.1.0 is the proof of concept release.
## Known bugs and shortcomings
- Knows nothing about x509. Accepts any data. v1/get-roots always
returns the empty list.
- v1/add-pre-chain is not implemented.
- v1/get-entry-and-proof is not implemented.
- HTTP status codes are 200 for errors. They should be 400.
|