.Dd $Mdocdate: June 16 2023 $
.Dt TELODENDRIA-CHANGELOG 7
.Os Telodendria Project
.Sh NAME
.Nm Telodendria
.Nd The change log for the Telodendria project.
.Sh PROJECT STATUS
.Pp
.Nm
is a very ambitious project. There's a lot that needs to happen yet
before it is usable. At the moment,
.Nm
is starting to resemble a Matrix homeserver, but you can't really
call it one yet. The foundation is mostly in place; now there's the
Matrix specification to implement.
.Pp
Just because there's not much here yet doesn't mean you should go
away! I could always use help, so you are more than welcome to get
involved in the project if you want to see things move quicker.
Feel free to donate using the links on the project website, or
see the
.Xr contributing 7
page for details on how to get involved. The CVS repository has
a file called
.Pa TODO.txt ,
which contains a checklist of the items that need to be completed.
Feel free to grab an item on that list and start writing patches!
It's a good idea to join the Matrix rooms noted in
.Xr telodendria 7
as well, so you can discuss your progress and ask questions.
.Sh v0.4.0
.Pp
Not released yet.
.Sh v0.3.0
.Pp
Saturday, June 10, 2023
.Pp
Introducing a new configuration API and Cytoplasm, a general-purpose
C library that supports source/sink-agnostic I/O, TLS, an HTTP client,
and more! The third major release of
.Nm
packs a lot of architectural improvements on top of supporting more of
the Matrix specification.
.Pp
Matrix Specification:
.Bl -bullet
.It
Added support for the
.Pa /_matrix/client/v3/account/whoami
endpoint.
.It
Added support for the
.Pa /_matrix/client/v3/account/password
endpoint.
.It
Added support for the
.Pa /_matrix/client/v3/profile/*
endpoints.
.It
Added support for the
.Pa /_matrix/client/v3/capabilities
endpoint.
.It
Added support for token-based user registration. Note that there is
as of yet no admin-facing way to create these registration tokens,
but the APIs are in place.
.It
Added web fallback pages for the supported user-interactive
authentication mechanisms at
.Pa /_matrix/client/v3/auth/*/fallback/web .
.It
Added support for the
.Pa /_matrix/client/v3/account/deactivate
endpoint.
.El
.Pp
New Features:
.Bl -bullet
.It
Added a new
.Xr HttpClient 3
API for making HTTP requests. This will eventually be used for
federating with other Matrix homeservers.
.It
Added support for pretty-printing JSON to
.Xr Json 3 .
.Nm
itself doesn't pretty-print JSON, but this is useful for debugging
and building useful tools.
.It
Added a handful of useful development tools built on the
.Nm
APIs. New tools include
.Xr http 1 ,
a command line tool for making HTTP requests, similar to
.Xr curl 1 ,
.Xr json 1 ,
a command line tool for working with JSON, similar to
.Xr jq 1 ,
and
.Xr http-debug-server 1 ,
a simple HTTP server that just prints requests out to standard
output and returns an empty JSON object. 
.Nm http
and
.Nm json
are replacements for
.Xr curl 1
and
.Xr jq 1
that build on the
.Xr HttpClient 3
and
.Xr Json
APIs. They exist mainly to test those APIs, but also to reduce
the number of dependencies that
.Nm
has.
.Nm http-debug-server
exists to test the
.Xr HttpServer 3
and
.Xr HttpClient
APIs.
.It
Replaced all usage of
.Xr jq 1
with the new
.Xr json 1
tool.
.Xr jq 1
is no longer a development dependency.
.It
Replaced all usage of
.Xr curl 1
with the new
.Xr http 1
tool.
.Xr curl 1
is no longer a development dependency.
.It
Added a new
.Xr tt 1
script for easily making Matrix requests against
.Nm
in development.
.It
Added TLS support to both the HTTP client and server. Currently,
.Nm
supports LibreSSL and OpenSSL, but other TLS libraries should be
extremely easy to add support for.
.It
Added support for spinning up multiple HTTP servers. This is useful
for having a TLS and non-TLS port, for example.
.It
Moved all program configuration to the data directory and added an
administrator API endpoint to manage it. It is now no longer
recommended to manually update the configuration file. Consult
.Xr telodendria-admin 7
and
.Xr telodendria-config 7 .
.It
Added an administrator API endpoint for process control.
.Nm
can now be restarted or shut down via API endpoint.
.It
Added an administrator API endpoint for getting statistics about
the running
.Nm
process.
.It
Added support for user privileges, a way to have fine-grained control
over what users are allowed to do with the administrator API.
Administrator APIs for setting and getting privileges is now
supported, and registration tokens have privileges associated with
them, so that users created with a token will have the specified
privileges.
.El
.Pp
Fixes and general improvements:
.Bl -bullet
.It
Fixed a few warnings that were generated on some obscure compilers.
.It
Moved the
.Fn main
function into its own file to make it easier to link other programs
with the
.Nm
APIs.
.It
Fixed the development tools environment setup script. Apparently
using a hyphen as a bullet point is not very portable, because some
shell implementations of
.Xr printf 1
interpret it as a flag. Switched to an asterisk instead.
.It
Fixed some intermittent I/O errors that would occur as a result of 
race conditions in
.Fn JsonConsumeWhitespace .
This function, and a few others, expect I/O to be blocking, but
the
.Xr HttpServer 3
sets up I/O to be non-blocking, leading to occasional failures in
JSON parsing.
.It
Abstracted all I/O into the new
.Xr Io 3
and
.Xr Stream 3
APIs, which provide an input/output-agnostic stream processing.
This allows for a simple implementation of proxies, TLS, and
other stream filters without having to change any of the existing
code.
.It
Removed all non-POSIX function calls, including the call to
.Fn chroot
and, on OpenBSD, the calls to
.Fn pledge
and
.Fn unveil .
This may seem like a downgrade in security, but these are
platform-specific system calls that should be patched in by
package maintainers if they are desired. They also caused
problems when implementing other features, because some library
calls need to be able to access files on the filesystem.
.It
Fixed the build script to supply
.Ev LDFLAGS
after the object files when linking. Apparently the order in
which libraries are passed matters to some compilers.
.It
Added the response status of a request to the log output. This means
that requests are logged after they have completed, not before they
are started.
.It
Memory allocations, reallocations, and frees are no longer logged
when the log level is set to debug in the configuration file. To
enable the logging of all memory operations, pass the
.Ic -v
flag.
.It
Implemented a proper HTTP request router with POSIX regular
expression support. Previously, a series of nested if-statements
were used to route requests, but this approach quickly became
very messy. While the HTTP request router incurs a small memory
and runtime penalty, the code is now much more maintainable and
easier to follow.
.It
Fixed some memory bugs in
.Xr Db 3
that were related to caching data. Caching should now work as
expected.
.It
Fixed a major design flaw in
.Xr Db 3
that could cause deadlock when multiple threads request access to
the same object. Database locking is now on a per-thread basis,
instead of a per-reference basis.
.It
.Nm
now shuts down cleanly in response to SIGTERM.
.It
Did some general refactoring to make the source code more
readable and easier to maintain.
.It
Fixed a number of memory-related issues, including switching out
some unsafe functions for safer versions, per the recommendations
of the OpenBSD linker.
.It
Moved all code documentation into the C header files to make it
more likely that it will get updated. A simple header file parser
and documentation generator have been added to the code base.
See
.Xr hdoc 1
for the utility documentation, and
.Xr hdoc 5
for the documentation format.
.It
Updated the build script to provide static and shared libraries
containing the code for
.Nm
to make it easier to statically and dynamically link to other programs.
The idea is that these libraries should be shipped with
.Nm ,
or as a separate package, and can be used to provide a high-level
programming environment.
.It
Updated the
.Xr Json 3
API to calculate the length of a JSON object. This is used to set the
Content-Length header in HTTP requests and responses.
.It
Added some string functions, including
.Fn StrEquals ,
which replaced almost all usages of
.Fn strcmp ,
since
.Fn strcmp
is used almost exclusively for equality checking.
.Fn StrEquals
provides a standard way to do so, because previously, multiple
different conventions could be found throughout the code base.
.El
.Pp
\&... And many more!
.Sh v0.2.1
.Pp
Monday, March 6, 2023
.Pp
This is a patch release that fixes a few typos and other minor
issues.
.Sh v0.2.0
.Pp
Monday, March 6, 2023
.Pp
This release is focused on providing a decent amount of the
client authentication API. You can now create accounts on a
Telodendria homeserver, and log in to get access tokens.
.Pp
New:
.Bl -bullet
.It
Added the basic form of the user registration API. If
registration is enabled in the configuration file, clients
can now register for Matrix accounts.
.It
Added the basic form of the user login API. Clients can now
log in to their accounts and generate access tokens to be
used to authenticate requests.
.It
Added the basic form of the user interactive authentication API,
which can be used by any endpoints that the spec says require
it. Currently, it only implements the dummy and password stages,
but more stages, such as the registration token stage, will be
added in future releases.
.It
Added a simple landing page that allows those setting up
.Nm
to quickly verify that it is accessible where it needs to be.
.It
Added the static login page for clients that don't support
regular login.
.El
.Pp
Changes:
.Bl -bullet
.It
Improved HTTP request logging by removing unnecessary
log entries and making errors more specific.
.It
Leaked memory is now hexdump-ed out to the log if the log
level is set to debug. This greatly simplifies debugging,
because developers can now easily see exactly what the
contents of the leaked memory are. Note that in some
circumstances, this memory may contain sensitive data,
such as access tokens, usernames, or passwords. However,
.Nm
should not be leaking memory at all, so if you encounter
any leaks, please report them.
.It
Refactored a lot of the code and accompanying documentation
to be more readable and maintainable.
.El
.Pp
Bug fixes:
.Pp
.Bl -bullet
.It
Fixed a memory leak that would occur when parsing an invalid
JSON object.
.It
Fixed an edge case where HTTP response headers were being
sent before they were properly set, causing the server to
report a status of 200 even when that wasn't the desired
status.
.It
Fixed a few memory leaks in the HTTP parameter decoder that
would occur in some edge cases.
.It
Fixed an "off-by-one" error in the HTTP server request
parser that prevented GET parameters from being parsed.
.It
Fixed the database file name generator to prevent directory
traversal attacks by replacing special characters with
safer ones.
.It
Fixed a memory leak that would occur when closing a
database that contains cached objects.
.It
Fixed a memory leak that would occur when deleting database
objects.
.It
Fixed a few non-fatal memory warnings that would show up
as a result of passing a constant string into certain functions.
.El
.Pp
Misc:
.Bl -bullet
.It
Fixed a bug in
.Xr td 1 
that caused
.Xr cvs 1
to be invoked in the wrong directory when tagging a new release.
.It
Added support for environment variable substitution in all site
files. This makes it easier to release
.Nm
versions.
.It
Fix whitespace issues in various shell scripts.
.It
Fixed the debug log output so that it only shows the file name,
not the entire file path in the repository.
.It
Updated the copyright year in the source code and compiled output.
.It
Switch the -std=c89 flag to -ansi instead, as -ansi might be more
supported.
.It
Fixed the -v flag. It now sets the log level to debug as soon
as possible to allowe debugging the configuration file parsing
if necessary.
.El
.Pp
\&... And many more bug fixes and feature additions! Too much
has changed to make a comprehensive change log. A lot of things
have been done under the hood to make
.Nm
easier to develop in the future. Please test the current
functionality, and report bugs to the Matrix rooms.
.Pp
The following platforms have been known to compile and run
.Nm :
.Bl -bullet
.It
OpenBSD
.It
Linux (GNU and non-GNU)
.It
Windows (via Cygwin)
.It
FreeBSD
.It
NetBSD
.It
DragonFlyBSD
.It
Haiku OS
.It
Android (via Termux)
.El
.Pp
.Nm
is about being portable; if you compile it on an obscure
operating system, do let me know about it!
.Sh v0.1.0
.Pp
Tuesday, December 13, 2022
.Pp
This is the first public release of
.Nm
so there are no changes to report. Future releases will
have a complete change log entry here.
.Pp
This is a symbolic release targeted at developers, so there's nothing
useful to ordinary users yet. Stay tuned for future releases though!