We are pleased to announce the release of OpenSRF 3.0.2, a message routing network that offers scalability and failover support for individual services and entire servers with minimal development and deployment overhead.
OpenSRF 3.0.2 is a bugfix release, but all users of OpenSRF 3.0.1 are advised to upgrade as soon as possible. In particular, users of NGINX as a reverse proxy for Evergreen systems are encouraged to upgrade to take advantage of a more secure NGINX configuration.
The following bugs are fixed in OpenSRF 3.0.2:
- LP#1684970: When running behind a proxy such as NGINX, the HTTP translator was not getting the IP address of the user agent. As a consequence, it was possible that two different HTTP translator clients could end up talking to the same OpenSRF worker process. This issue is resolved by using the
remoteip
Apache module to extract the user agent’s IP address from the X-Real-IP HTTP header. - LP#1702978: OpenSRF could fail to retrieve memcached values whose keys contain the % character. This resulted in breaking authentication in Evergreen when the username or barcode contained a %.
- LP#1711145: The sample NGINX configuration file shipped with OpenSRF had weak SSL settings. As of this release, it now
- Enables http2
- Adds a commented section on enabling SSL everywhere.
- Apply a 5-minute proxy read timeout to avoid too-short timeouts on long API calls.
- Adds a commented section on sending NGINX logs to syslog.
- Includes INSTALL notes on generating the dhparam file.
- LP#1776510: The JavaScript client code was not detecting when the WebSockets gateway threw a transport error, e.g. when a request was made of a nonexistent service. This situation can now be caught by error-handling callbacks.
To download OpenSRF, please visit the downloads page.
We would also like to thank the following people who contributed to the release:
- Galen Charlton
- Bill Erickson
- Mike Rylander
- Jason Stephenson
- Cesar Velez