yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
emqx/changes/v4.3.22-en.md

6.1 KiB
Raw Permalink Blame History

v4.3.22

This marks the last release of EMQX v4.3 Opensource Edition.

Enhancements

  • Make sure listener's tls_versions config value is one or more of tlsv1, tlsv1.1, tlsv1.2, tlsv1.3 #9260.

  • Remove useless information from the dashboard listener failure log #9260.

  • We now trigger the 'message.acked' hook after the CoAP gateway sends a message to the device and receives the ACK from the device #9264. With this change, the CoAP gateway can be combined with the offline message caching function (in the emqx enterprise), so that CoAP devices are able to read the missed messages from the database when it is online again.

  • Support to use placeholders like ${var} in the HTTP Headers of rule-engine's Webhook actions #9239.

  • Asynchronously refresh the resources and rules during emqx boot-up #9199. This is to avoid slowing down the boot if some resources spend long time establishing the connection.

  • Add a warning log if the ACL check failed for subscription #9124. This is to make the ACL deny logging for subscription behave the same as for publish.

  • JWT ACL claim supports all action to imply the rules applie to both pub and sub #9044.

  • Added a log censor to avoid logging sensitive data #9189. If the data to be logged is a map or key-value list which contains sensitive key words such as password, the value is obfuscated as ******.

  • Enhanced log security in ACL modules, sensitive data will be obscured #9242.

  • Add management.bootstrap_apps_file configuration to bulk import default app/secret when EMQX initializes the database #9273.

  • Added two new configs for deterministic order of authentication and ACL checks #9283. The two new global config names are auth_order and acl_order. When multiple ACL or auth plugins (or modules) are enabled, without this config, the order (in which each backend is queried) is determined by the start/restart order of the plugin (or module). Meaning, if a plugin (or module) is restarted after initial boot, it may get ordered to the end of the list. With this config, you may set the order with a comma-speapated ACL or auth plugin names (or aliases). For example: acl_order = jwt,http, this will make sure jwt is always checked before http, meaning if JWT is not found (or no acl cliam) for a client, then the ACL check will fallback to use the HTTP backend.

  • Added configurations to enable more client.disconnected events (and counter bumps) #9267. Prior to this change, the client.disconnected event (and counter bump) is triggered when a client performs a 'normal' disconnect, or is 'kicked' by system admin, but NOT triggered when a stale connection had to be 'discarded' (for clean session) or 'takeovered' (for non-clean session) by new connection. Now it is possible to set configs broker.client_disconnect_discarded and broker.client_disconnect_takeovered to on to enable the event in these scenarios.

  • For Rule-Engine resource creation failure, delay before the first retry #9313. Prior to this change, the retry delay was added after the retry failure.

Bug fixes

  • Fix that after uploading a backup file with an non-ASCII filename, HTTP API GET /data/export fails with status code 500 #9224.

  • Improve the display of rule's 'Maximum Speed' counter to only reserve 2 decimal places #9185. This is to avoid displaying floats like 0.30000000000000004 on the dashboard.

  • Fix the issue that emqx prints too many error logs when connecting to mongodb but auth failed #9184.

  • Fix that after receiving publish in idle mode the emqx-sn gateway may panic #9024.

  • "Pause due to rate limit" log level demoted from warning to notice #9134.

  • Restore old emqx_auth_jwt module API, so the hook callback functions registered in older version will not be invalidated after hot-upgrade #9144.

  • Fixed the response status code for the /status endpoint #9210. Before the fix, it always returned 200 even if the EMQX application was not running. Now it returns 503 in that case.

  • Fix message delivery related event encoding #9226 For rule-engine's input events like $events/message_delivered, and $events/message_dropped, if the message was delivered to a shared-subscription, the encoding (to JSON) of the event will fail. Affected versions: v4.3.21, v4.4.10, e4.3.16 and e4.4.10.

  • Make sure Rule-Engine API supports Percent-encoding rule_id and resource_id in HTTP request path #9190. Note that the id in POST /api/v4/rules should be literals (not encoded) when creating a rule or resource. See docs Create Rule Create Resource.

  • Calling 'DELETE /alarms/deactivated' now deletes deactived alarms on all nodes, including remote nodes, not just the local node #9280.

  • When republishing messages or bridge messages to other brokers, check the validity of the topic and make sure it does not have topic wildcards #9291.

  • Disable authorization for api/v4/emqx_prometheus endpoint on management api listener (default 8081) #9294.