diff --git a/packaging/rpm/ja4sentinel.spec b/packaging/rpm/ja4sentinel.spec index 6c45d30..4b71e1e 100644 --- a/packaging/rpm/ja4sentinel.spec +++ b/packaging/rpm/ja4sentinel.spec @@ -146,6 +146,57 @@ fi - Fixes "protocol wrong type for socket" error - DGRAM sockets are connectionless, better suited for log shipping +* Mon Mar 02 2026 Jacquin Antoine - 1.1.4-1 +- Add error callback for file output writer +- File write errors (permission, disk space, rotation) now logged +- Same error reporting mechanism as UNIX socket writer + +* Mon Mar 02 2026 Jacquin Antoine - 1.1.2-1 +- Add error callback mechanism for UNIX socket connection failures +- Add ErrorCallback type and WithErrorCallback option for UnixSocketWriter +- Add BuilderImpl.WithErrorCallback() for propagating error callbacks +- Add processQueue error reporting with consecutive failure tracking +- Add 50+ new unit tests across all modules (capture, config, fingerprint, tlsparse, output, cmd) +- Add integration tests for full pipeline (TLS ClientHello -> fingerprint -> output) +- Add tests for FileWriter.rotate() and FileWriter.Reopen() log rotation +- Add tests for cleanupExpiredFlows() and cleanupLoop() in TLS parser +- Add tests for extractSNIFromPayload() and extractJA4Hash() helpers +- Add tests for config load error paths (invalid YAML, permission denied) +- Update architecture.yml with new fields (LogLevel, TLSClientHello extensions) +- Update architecture.yml with Close() methods for Capture and Parser interfaces +- Remove empty internal/api/ directory + +* Mon Mar 02 2026 Jacquin Antoine - 1.1.0-1 +- Add logrotate configuration for automatic log file rotation +- Add SIGHUP signal handling for log file reopening (systemctl reload) +- Add ExecReload to systemd service for graceful log rotation +- Add Reopenable interface for output writers supporting log rotation +- Add FileWriter.Reopen() method for log file rotation support +- Add MultiWriter.Reopen() method to propagate rotation to all writers +- Update main.go to handle SIGHUP signal for log rotation +- Add packaging/logrotate/ja4sentinel configuration file +- Update architecture.yml with logrotate and reload documentation +- Update Dockerfile.package to include logrotate file in RPM build + +* Mon Mar 02 2026 Jacquin Antoine - 1.0.9-1 +- Add SNI (Server Name Indication) extraction from TLS ClientHello +- Add ALPN (Application-Layer Protocol Negotiation) extraction +- Add TLS version detection from ClientHello +- Add ConnID field for flow correlation +- Add SensorID field for multi-sensor deployments +- Add SynToCHMs timing field for behavioral detection +- Add AsyncBuffer configuration for output queue sizing +- Remove JA4Hash from LogRecord (JA4 format includes its own hash) +- Use tlsfingerprint library for ALPN and TLS version parsing +- Update architecture.yml compliance for all new fields +- Add unit tests for TLS extension extraction + +* Sun Mar 01 2026 Jacquin Antoine - 1.0.8-1 +- Add configurable log level (debug, info, warn, error) via config.yml +- Add JA4SENTINEL_LOG_LEVEL environment variable support +- Set TimeoutStopSec=2 for immediate service stop on restart/stop +- Consolidate config files into single example (config.yml.example) + * Sat Feb 28 2026 Jacquin Antoine - 1.0.4-1 - Add systemd sdnotify support (READY, WATCHDOG, STOPPING signals) - Enable systemd watchdog with 30s timeout