- SSL certs are no longer stored in the host database. This was
done not only for security reasons but there is simply no need
to do such thing anymore.
- The host will longer support multiple SSL certs and will instead
have just a single cert for all TCP connections. This required a
change to the client header format that simply replaced the the
common name with padding. The host will also no longer send the
HOST_CERT type id during session initialization. HOST_CERT was
also removed as a type id.
- The cert and privite key are now pointed to files in the local
file system by the environment variables: MRCI_PRIV_KEY and
MRCI_PUB_KEY.
- The host will still create a default self-signed cert if a valid
cert and private key is not defined in the above environmental
vars. Since the host only support single certs now, the default
cert needed to be expanded to include subject alternative names.
The host will try to detect it's WAN ip address using ipify.org
and then assign SANs for all detected local LAN interfaces.
- Since the cert is now handled by environmental vars and nothing
related to it stored in the database, all the core commands
related to cert management were removed.
fixed some errors found in the documentation and fully updated the internal
commands docs as well.
also updated the internal module to now respond to KILL_CMD so it can now be
signaled to terminate gracefully.
-the add_mod command now requires the -mod_path argument as it should.
-the session now filter out bad NEW_CMD frames based on bad command names and incorrect
frame sizes.
-modules running in list mode can now send ERR frames to the session to log error
messages to the host database.