# Changes in catlfish 1.0.1-alpha-dev ## Features - New configuration option 'storage-sign-quorum-size' determines the minimum number of storage nodes successfully storing an entry in order for signing nodes to generate an SCT for it. This prevents a rouge frontend node from sending out an SCT for an entry that will never be merged. An effect of this is that the SCT cache is now mandatory and can not be disabled. # Changes in catlfish 0.10.0 - 2017-02-11 ## Incompatible changes - Local configuration files need two new options: 'configurl' and 'logadminkey'. The former is where the log administrator publishes the (generated) global config file and the latter can be found in that file. - The previous configuration option 'publicaddresses', used by frontend nodes, is now 'ctapiaddresses' (closes CATLFISH-74). This actually happened in catlfish 0.9.0. - The previous configuration option 'addresses' is now 'frontendaddresses', 'storageaddresses', 'signingaddresses', and 'mergeaddresses' (closes CATLFISH-74). This actually happened in catlfish 0.9.0. - The previous configuration option 'known_roots', used by primary merge nodes, is now 'knownroots', to match what's being used by the other nodes types. It should be noted that regeneration of Erlang config files is necessary when upgrading to 0.10.0 from a previous version. This is indeed recommended for every release, and even recommended to be done before restarting of nodes, in order to take advantage of the new config management system. ## Features - A new database backend, permdb, has been added. This is the recommended backend. - Support for managing log configuration and log keys has been added. Most notably, the log API keys have moved into the global configuration file and a new logadmin key is used by the log owner to sign that file. Node operators should regularly download the global config, verify it and use it together with local config to generate the Erlang config files used by the system (closes CATLFISH-77). - Many configuration options can now be reloaded without restarting a node (closes CATLFISH-32). ## Improvements - Most of the merge process has been parallelised. It's now possible to add both new frontend nodes and new secondary merge nodes to a running log without risking long delays in publishing of new STH's (closes CATLFISH-88). - Tooling both for initiating a log instance and for promoting a secondary merge node to primary in an existing log instance has been added. - The tests now do a better job at testing the merge failover case. # Changes in catlfish 0.9.0 - 2016-12-04 ## Features - Configuration for selecting database backend added. - Tool for parsing benchmarking output and generating HTML added. ## Improvements - A new algorithm for merge backup and merge dist has been implemented. - Merge-backup is now sending in chunks, improving performance. - Backup quorum is now configurable. - Configuration format now supports combined frontend and storage nodes. - Support for Erlang R17 and R18 added. - Large tests added. # Changes in version 0.8.0 - 2015-09-21 ## Incompatible changes - The file format for persistent storage of log entries has changed. catlfish-0.8.0 is unable to read a database created by all previous versions. Previous versions are unable to read a database created by 0.8.0. ## Features - Library call for verification of entries added, used by plop. - New config parameter 'mmd' (maximum merge delay in seconds) added. Used to determine if an STH is fresh. Default, if not configured, is 86400, equals 24 hours (closes CATLFISH-51). - New config group 'ratelimits' added (closes CATLFISH-52). - Verification of leaf data when read from disk (closes CATLFISH-50). - A new program, tools/storagegc.py, updates the lastverifiednewentry file for storage nodes to use in fetchnewentries (closes CATLFISH-54). - Test suite is now verifying correct precert handling too. ## Bug fixes - A bug with merging root certs, i.e. lacking ExtraData has been fixed (closes CATLFISH-45). - Merge now fsyncs the logorder file (closes CATLFISH-46). - A chain returned from the log (get-entries) now always contains a known root cert (closes CATLFISH-55). - Extra data for precerts returned from the log is now conformant with RFC6962 (closes CATLFISH-56). ## Code cleanup - Dialyzer clean. # Changes in version 0.7.0 - 2015-04-25 ## Features - Support for secondary merge nodes added. - HSM support verified to work with SoftHSMv2 and one real HSM. # Changes in version 0.6.0 - 2015-04-13 ## Features - Pre-cert handling and get-entry-and-proof implemented. Now fully RFC6962 protocol compliant. - Submitted X.509 certificates and their chains are now validated. - Application split into frontend, storage, signing and merge nodes. Docker packaging added for running them. - Tools for merging, submitting certs and verifying SCT's added. This is a separate code base from catlfish and plop. - A config compiler was added making it possible to generate Erlang syntax configuration for a complex system from simpler yaml files. - SCT caching added, not enabled by default. ## Internal bigger changes - Add Erlang release management and a more controlled start process. - Use mochiweb for serving httpd (replacing inets) and json encoding and decoding (replacing jiffy). - Add system and unit tests. - catlfish/plop interface clean up. - Use lager for logging and hackney for http client. # Changes in version 0.1.1 - 2014-09-20 catlfish version 0.1.1 fixes a major bug in add-chain decoding and implements get-entry-and-proof. # catlfish version 0.1.0 "PoC" - 2014-09-15 catlfish version 0.1.0 is the proof of concept release. ## Known bugs and shortcomings - Knows nothing about x509. Accepts any data. v1/get-roots always returns the empty list. - v1/add-pre-chain is not implemented. - v1/get-entry-and-proof is not implemented. - HTTP status codes are 200 for errors. They should be 400.