Anjay Versions Save

Features

• New configuration option, WITHOUT_MODULE_fw_update_PUSH_MODE (CMake) / ANJAY_WITHOUT_MODULE_FW_UPDATE_PUSH_MODE (header), that allows disabling support for the PUSH mode in the Firmware Update module

Improvements

• Refactored tests to use avs_stream_inbuf instead of avs_unit_memstream
• Refactored anjay_input_ctx_constructor_t to use only a single pointer for input stream
• Revised support for DTLS Connection ID extension, so that a new handshake is not performed if Connection ID is used, unless an error occurs
• Revised example Anjay configurations for embedded builds without CMake to optimize compile time and code size

Bugfixes

• Fixed a critical regression in 3.2.0 that could cause an assertion failure and use-after-free during Bootstrap Finish if the Bootstrap Server is reconfigured in the new bootstrap information and legacy Server-Initiated Bootstrap is disabled
• Fixed a bug that could cause undefined behavior when reading the Update Delivery Method resource in the Firmware Update object with thread safety enabled but Downloader disabled
• Fixed a bug that prevented notifications from being sent in a timely manner after receiving Reset message cancelling an Observation in response to another confirmable notification
• Fixed a bug that could cause an assertion failure when using anjay_delete_with_core_persistence() if a primary server connection failed, but a trigger (SMS) connection is operational
• Fixed the response code of unsuccessful Resource /1/x/9 Bootstrap-Request Trigger execution (e.g. when there is no Bootstrap-Server Account)

Improvements

• Added some missing log messages for potential scheduler errors
• Updated the version of pybind11 used by integration tests to 2.10.1

Bugfixes

• Fixed a regression in 3.2.0 that caused some invalid Writes to be silently ignored without responding with proper error codes
• Fixed compatibility of integration tests with Python 3.11 and the current Github macOS environment

BREAKING CHANGES

• Observations are now implicitly canceled when the client's endpoint identity changes (i.e., when the socket is reconnected without a successful DTLS session resumption). This is in line with RFC 7641 and LwM2M TS requirements (see Core 6.4.1 and Transport 6.4.3), but may break compatibility with some non-well-behaved servers.

Features

• New APIs to access information about the last registration time, next registration update time and last communication with a server time
• Expanded anjay_resource_observation_status_t structure so that now anjay_resource_observation_status() returns also the number of servers that observe the given Resource (capped at newly introduced ANJAY_MAX_OBSERVATION_SERVERS_REPORTED_NUMBER) and their SSIDs

Improvements

• Migrated GitHub Actions tests from Fedora-36 to RockyLinux-9
• Added compilation flag to enforce Content-Format in Send messages.
• Refactored Firmware Update notification handling and simplified internal module support
• Removed the usage of symbolic links between Python packages to make them usable on Windows
• Key generation in the factory provisioning script has been rewritten to use the cryptography Python module instead of pyOpenSSL
• Factory provisioning script now uses elliptic curve cryptography by default in certificate mode
• anjay_next_planned_lifecycle_operation() and anjay_transport_next_planned_lifecycle_operation() now properly respect jobs that have been scheduled manually (e.g. anjay_schedule_registration_update())

Bugfixes

• Fixed a bug that could cause some resources in a Write message to be ignored when they follow a Multiple-Instance Resource entry
• Fixed semantics of Resources 19 and 20 in the Server object, which were mistakenly swapped
  • NOTE: The persistence format for the Server object has been reinterpreted so that Resources 19 and 20 remain where they were, without taking semantics into account. This will fix configurations provisioned by Servers but may break configuration persisted just after initially configuring it from code.
• Made sure that anjay_schedule_registration_update() forces a single Update request even when followed by anjay_transport_schedule_reconnect() or a change of offline mode
• Made sure that notifications are not sent before the Update operation if one has been scheduled
• Made sure that anjay_transport_schedule_reconnect() properly reconnects the Bootstrap server connection in all cases
• Made sure that the socket is properly closed when queue mode is enabled, including previously missing cases related to the Send operation and when no CoAP message needs to be sent at all
• Refactored asynchronous server connection management to avoid race conditions that could lead to required actions (e.g. EST requests) not being performed when the calculated delays were not big enough

Improvements

• Reduced code size of the Security object implementation
• Updated documentation, readme and examples to mention the new EU IoT Cloud platform
• Migrated GitHub Actions tests to ubuntu-18.04, ubuntu-20.04, ubuntu-22.04, fedora-36 and macos-11

Bugfixes

• Fixed various compilation warnings
• Fixed dangerous usage of avs_realloc() in the event loop implementation

Improvements

• Added CHANGELOG.md

Bugfixes

• Added the missing return in anjay_dm_handlers.c that could cause undefined behavior when ANJAY_WITH_THREAD_SAFETY was disabled
• Removed the unused option in the factory provisioning script
• Removed usage of Python 3.6 syntax in tests that caused Github Actions tests to fail
• Added missing notes about the change to (D)TLS version in all migration guides in the documentation
• (commercial feature only) Fixed proper handling of changing the disable_legacy_server_initiated_bootstrap across core persistence cycles

BREAKING CHANGES

Note: the following changes, while technically breaking, are minor, and should not cause problems in most pratical usages. See also: https://avsystem.github.io/Anjay-doc/Migrating/MigratingFromAnjay30.html

• Changed error handling semantics of anjay_attr_storage_restore() to match other persistence restore functions
• TLS 1.2 is no longer implicitly set as the default (D)TLS version; the underlying crypto library's default is now used

Features

• Factory provisioning feature that allows to perform "Factory bootstrap" based on SenML CBOR data stream
• New API: anjay_access_control_set_owner(), allowing to set Owner resource in the Access Control object during the "Factory bootstrap" phase
• New APIs for changing the CoAP transmission parameters, CoAP exchange timeout and DTLS handshake timeouts while the library is running

Improvements

• Migrated the Observe/Notify subsystem to use the new AVS_SORTED_SET API from avs_commons; this means that avs_rbtree can be disabled, in which case a more lightweight list-based implementation will be used
• Minor code size optimizations in the Server object implementation
• Added documentation for the OSCORE commercial feature
• (D)TLS version can now be set from command line in the demo application

Bugfixes

• Fixed a bug in anjay_ongoing_registration_exists() that could cause it to always return true if disable_legacy_server_initiated_bootstrap is set to true
• Fixed improper formatting of the payload describing the data model in the Register message during initial negotiation of the LwM2M version
• Fixed handling of persistence format versioning for the Security object, that could cause crashes if Anjay was compiled without LwM2M 1.1 support
• Changed the "Bootstrap on Registration Failure" resource in the Server object to be readable, as specified in LwM2M TS 1.2
• (commercial feature only) Added persistence of runtime LwM2M version in the core persistence feature; previously the client could erroneously use a different LwM2M version than it registered with after core persistence restore