This fixes#4252 by ensuring that `tls_available`, `tls_required`, `host` and `port`
are populated based on the WebSocket listener rather than standard listeners.
Signed-off-by: Neil Twigg <neil@nats.io>
This fixes#4252 by ensuring that `tls_available`, `tls_required`,
`host` and `port` are populated based on the WebSocket listener rather
than standard listeners.
Signed-off-by: Neil Twigg <neil@nats.io>
This fixes#4252 by ensuring that `tls_available`, `tls_required`, `host` and `port`
are populated based on the WebSocket listener rather than standard listeners.
Signed-off-by: Neil Twigg <neil@nats.io>
This unit test is modelled around issue #4247 and proves that the
`MaxMsgs` and `MaxMsgsPer` limits are correctly enforced together with
`DiscardNew` and `DiscardNewPer`.
Signed-off-by: Neil Twigg <neil@nats.io>
This test has multiple leafnode connections to different accounts and to
a shared account to make sure behavior is correct.
Signed-off-by: Derek Collison <derek@nats.io>
This test has multiple leafnode connections to different accounts and to a shared account to make sure behavior is correct.
Signed-off-by: Derek Collison <derek@nats.io>
When creating replicated mirrors where the source stream had a very
large starting sequence number, the server would use excessive CPU and
Memory.
This is due to the mirroring functionality trying to skip messages when
it detects a gap. In a replicated stream this puts excessive stress on
the raft system.
This step is not needed at all if the mirror stream has no messages, we
can simply jump ahead.
Signed-off-by: Derek Collison <derek@nats.io>
This is due to the mirroring functionality trying to skip messages when it detects a gap. In a replicated stream this puts excessive stress on the raft system.
This step is not needed at all if the mirror stream has no messages, we can simply jump ahead.
Signed-off-by: Derek Collison <derek@nats.io>
Cert Store (aka wincert) feature wasn't properly handling TLS 1.2
handshake with TLS 1.2 clients that do not support RSA signature with
PSS padding.
With this update, Cert Store will perform either PKCS#1 v1.5 or PSS
padding for RSA signature depending on what type is negotiated by the
TLS 1.2 client.
Issue surfaces with the NATS .NET v1 client which supports TLS 1.2 only
(.NET 4.6.2 dependency) only when the client application was hosted on
Windows 10 Enterprise LTSC 2019 (equivalent also to Windows 10 1809 and
Windows Server 2019). If the same client was executed on a more modern
Windows 10 release, RSA signature with PSS padding was negotiated and
succeeded normally.
The Go NATS client as well as any client operating at TLS 1.3 level
would not exhibit the issue as TLS 1.3 requires PSS.
Fix tested good on Windows 10 Enterprise LTSC 2019 host and in confirmed
fixed in user's Windows environment where the issue was originally
detected.
The `.` character will be transformed to `//` in NATS subject. For
instance an MQTT message published on `spBv1.0/plant1` would be received
by a NATS subscriber as `spBv1//0.plant1`.
Conversely, a NATS message published on `spBv1//0.plant1` would be
received by an MQTT subscriber as `spBv1.0/plant1`.
Resolves#1879Resolves#3482
Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
The `.` character will be transformed to `//` in NATS subject. For
instance an MQTT message published on `spBv1.0/plant1` would
be received by a NATS subscriber as `spBv1//0.plant1`.
Conversely, a NATS message published on `spBv1//0.plant1` would
be received by an MQTT subscriber as `spBv1.0/plant1`.
Resolves#1879Resolves#3482
Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
This PR separates out the small amount of necessary metadata for
retained messages (stream sequence, floor) from the message itself,
instead accessing the messages themselves with KV-like access patterns.
This should save quite a bit of memory where there are lots of retained
messages since we only now need to hold a small amount of metadata
instead of the entire messages.
Signed-off-by: Neil Twigg <neil@nats.io>
If we know we are in stand alone mode only send out statsz updates if we
know we have external interest.
Signed-off-by: Derek Collison <derek@nats.io>
Resolves: #4234
If we know we are in stand alone mode we do not need to run the updates
for JetStream account resources updates.
Signed-off-by: Derek Collison <derek@nats.io>
Resolves#4227 (Partial)
When messages were very small and the key space was very large the
performance of last message gets in the store layer (both file and
memory) would degrade.
If the subject is literal we can optimize and avoid sequence scans that
are needed when multiple subject states need to be considered.
Signed-off-by: Derek Collison <derek@nats.io>
Resolves#4221
