Releases: hivesolutions/netius
Releases · hivesolutions/netius
Release list
1.58.1
Fixed
- Proxy no longer crashes when handling request data on a connection whose back-end link has already been torn down
- Proxy no longer crashes when handling a partial request body on a connection whose back-end link has already been torn down
1.58.0
Added
ReverseProxyServersupport for WebSocket (Connection: Upgrade+Upgrade: websocket) requests, which are now forwarded to the resolved back-end through a raw byte tunnel (the switching protocols response and subsequent frames flow back transparently); the back-end target honours the same regex / host / forward rule resolution and load balancing as regular HTTP requestsProxyServer.is_upgradeandProxyServer.tunnelhelpers factoring out the raw tunnel establishment (back-end connection, connection mapping, optional initial request forwarding and acknowledge response) shared by the WebSocket upgrade andCONNECTcode paths
Changed
ForwardProxyServerCONNECThandling now uses the sharedProxyServer.tunnelhelper instead of an inline tunnel setup (behaviour preserved, the200 Connection establishedacknowledge is still sent on tunnel establishment)
1.57.0
1.56.1
Fixed
ProxyServernow preserves thecontent-encodingresponse header when running in dynamic mode (body is forwarded byte-identical and must remain decodable by the client); non-dynamic mode keeps the existing pop behaviour since the proxy may re-encode
1.56.0
Added
- Test scaffolding for HTTP/2 (
HTTP2ParserTestcovering frame size, SETTINGS / PUSH_PROMISE / PING / GOAWAY / WINDOW_UPDATE assertions and parse round-trips for SETTINGS, PING, GOAWAY and WINDOW_UPDATE;HTTP2ServerTestcovering_has_hpack,_has_alpn,_has_npn,info_dictandget_protocols) ConsulProxyServersupport for two new redirect tags:proxy.redirect=<host>(or<host>;<protocol>tuple form) registers a host redirect for the service domain and propagates it to tag aliases and host-suffix expansions, mirroring the existingproxy.redirect-ssl=truepropagation;proxy.redirect-regex=<pattern>;<target>,...registers regex redirect rules inself.redirect_regex, mirroring the shape ofproxy.auth-regex
Fixed
HTTP2Parser.parsenow flushes zero-length payload frames (eg: SETTINGS with the ACK flag, DATA with END_STREAM and no body) instead of leaving the parser stuck inPAYLOAD_STATEuntil subsequent bytes arriveHTTP2Parsernow syncs the HPACK encoder / decoder dynamic table sizes withSETTINGS_HEADER_TABLE_SIZE— the encoder is bounded by the peer's advertised value and the decoder capsmax_allowed_table_sizeat our own;HTTP2Connection.set_settingspropagates peer-driven changes to the live encoder, fixing a latent interop bug where the encoder could emit indices outside the peer's table windowReverseProxyServernow initializesx_forwarded_portandx_forwarded_prototoNonein__init__; previously they were only set insideon_serveunderif self.env, so any embedded usage that calledserve(env=False)raisedAttributeErroron the first inbound requestConsulProxyServer._build_hostsnow sweeps consul-managed alias keys fromself.redirecton each rebuild cycle, so redirect entries created for tag aliases (eg:api) and host-suffix expansions (eg:api.example.com) no longer leak across rebuilds when the underlying service is removed; also incidentally fixes the same pre-existing leak forproxy.redirect-ssl=true
1.55.0
Added
on_confighook onAbstractBasethat subclasses can override to react toSIGHUPreload signals (chains to the existing"config"trigger via super)ConsulProxyServer.on_configoverride that schedules an extra_consul_tick(timeout=0)onSIGHUP, allowing operators to force a Consul service refresh without waiting for the next poll cycle
Changed
bind_configSIGHUP handler now deferson_configto the main event loop viadelay(immediately=True)instead of running it synchronously in the signal handler context, so subclass overrides don't have to worry about signal-handler reentrancy
1.54.2
1.54.1
1.54.0
Added
bind_configandunbind_configmethods onAbstractBasethat bindSIGHUPto a handler triggering a"config"event, allowing agents to react to configuration reload signals (eg: TLS certificate reload)
Changed
SIGHUPno longer raisesSystemExitviabind_signals— it is now reserved for the new"config"reload handler. Operators relying onSIGHUPfor shutdown should switch toSIGINT,SIGTERMorSIGQUIT- Add
NO_SUITABLE_KEY_SHAREtoSSL_SILENT_REASONS