Release v2.9.21
Changelog
Go Version
- 1.19.12
Dependencies
- github.com/klauspost/compress v1.16.7
- github.com/nats-io/nats.go v1.28.0
- go.uber.org/automaxprocs v1.5.3
- golang.org/x/crypto v0.11.0
- golang.org/x/sys v0.10.0
Added
OCSP
- Add fetch, cache, and verification of client CA's OCSP Response for NATS, WebSocket, and MQTT client mTLS connections (#4362, backported from 2.10)
- Add bi-directional fetch, cache, and verification of CA OCSP Response for LEAF connections (#4362, backported from 2.10)
See ADR-38 OCSP Peer Verification
General
- Add UTC log timestamp option (#4331, backported from 2.10)
Improved
JetStream
- Don't error to server logs if message was deleted for consumer (#4328)
- Improve publish performance for zero-interest subjects (#4359) Thanks to @antlad for reporting the issue!
- Sync and reset message rejected count to ensure replicas don’t incorrectly discard messages (#4365, #4366)
Fixed
General
- Leaking memory on usage of
getHash()
(#4329) Thanks to @VuongUranus for reporting the issue! - Server reload with highly active accounts and service imports could cause panic or dataloss (#4327)
- Fix detection of an unusable configuration file (#4358)
- NOTE: as a side effect of this fix, the server will no longer startup with an empty config file
- Fix a few system service imports going missing after configuration reload (#4360)
OCSP
- Fix local-determination of issuer CA at startup (#4362)
- Remove constraint that all (super)cluster node peers must be issued by the same CA (#4362)
Embedded
- Don't require TLS for in-process client connection (#4323)
JetStream
- Fix serializability guarantee for concurrent publish when using expected-last-subject-sequence (#4319)
- Report correct consumer count in paged list response (#4339)
- Fix not validating single token filtered consumer (#4338)
- Fix stream recovery of message block with sequence gaps (#4344)
- Fix panic when re-calculating first sequence of SimpleState info (#4346)
- Fix stream store accounting drift (#4357)