Skip navigation

Netty 4.1.26.Final released

I'm happy to announce the latest release of the 4.1 series after almost 2 month of hard work.

These release contains bug-fixes, performance enhancements and feature so we encourage everyone to upgrade.

The most important changes are:

  • Add OpenSslX509KeyManagerFactory which makes it even easier for people get the maximum performance when using OpenSSL / LibreSSL / BoringSSL with netty (#8084)
  • Do not log explicit no unsafe, fixes helper method (#8111)
  • Fix support for shading native libraries which was broken (#8091)
  • Remove usage of ObjectCleaner (#8064)
  • Reorder channel state changes in Http2MultiplexCodec child channel (#8070)
  • Remove id from DnsQueryContextManager whenever the promise is fulfilled (#8058)
  • HpackDecoder treats invalid pseudo-headers as stream level errors (#8046)
  • Allow to cache keymaterial when using OpenSSL (#8036)
  • Epoll and Kqueue shouldn't read by default (#8024)
  • Defer channelInactive and channelUnregistered events in Http2MultiplexCodec (#8021)
  • Provide an API for controlling and h2c upgrade response stream in Http2MultiplexCodec (#7968)
  • Fix CharSequenceValueConverter.convertToByte implementation for AsciiString (#7994)
  • Set (and override) websocket handshake headers after custom headers (#7975)
  • Allow to schedule tasks up to Long.MAX_VALUE (#7972)
  • Correctly let Http2UnknownFrame extend HttpStreamFrame (#7976)
  • Read until all data is consumed when EOF is detected (#7961)
  • Propagate pong frames in WebSocketProtocolHandler (#7955)
  • Remove HpackDecoder.maxHeaderListSizeGoAway (#7911)
  • Guard against calling malloc(0) when create ByteBuffer (#7948)
  • Correctly clear the error stack in all cases when using ReferenceCountedOpenSslEngine (#7941)
  • Correctly copy existing elements when CodecOutputList.add(index, element) is used (#7931)

For the details and all changes, please browse our issue tracker for 4.1.26.Final.

Special notes

While this release contains many different changes, some deserve some more details.

Optimize performance when using SslProvider.OPENSSL and SslProvider.OPENSSL_REFCNT

While you already could observe a huge performance win using our native SSL implementation we improved handshake times a lot in this release by caching the keymaterial during handshakes.

While we can do this automatically when you configure the SslContext to use files we can not do this without risk when you use a KeyManagerFactory for doing so. If you do so please consider either using OpenSslX509KeyManagerFactory or OpenSslCachingX509KeyManagerFactory.

The performance win we could observe were reducing the handshake latency by ~30-40% and the CPU usage during handshaking by up to 50%.

How much improvement you see highly depends on your service and the length of the used keychain etc so take the numbers of some caution.

netty-tcnative compatibility

Please ensure you also update your netty-tcnative release to 2.0.12.Final as this release is not compatible with earlier releases of netty-tcnative.

Thank You

Every idea and bug-report counts and so we thought it is worth mentioning those who helped in this area. Please report an unintended omission.