ACRA 0.80.0 IS HERE

ACRA 0.80.0 RELEASE

This release is dedicated to usability and unification. Many components of Acra have been renamed. We believe that the updated names will decrease confusion about the components' functions and will make Acra's setup and usage process easier. The new names also align better with the common package naming practices.

We couldn’t find a day inauspicious enough to release Acra 0.80.0, but decided that that last day of spring is still quite special :) Here are the changes in the new release:

Core:

• Renaming — global renaming of Acra’s components and their configuration parameters.

Main services:

Utilities:

Please check the configurations of components inside the /configs folder and read Migration Guide for more details (#175, #174, #173, #170, #169, #168).

• SSL/TLS

We’ve Improved SSL/TLS connections between AcraServer <-> AcraConnector and AcraServer <-> database. Added TLS authentication mode (tls_auth) argument to the AcraServer/AcraConnector configuration files:

- for AcraConnector it indicates how to authenticate AcraServer during a TLS connection;

- for AcraServer it indicates how to authenticate database during a TLS connection.

We’ve updated TLS configuration to provide other less strict authentication methods (do not authenticate client from server, ask for any certificate, ask and check) (#171).

• SQL requests filtering

- Added support of filtering SQL requests for PostgreSQL databases. Now you can setup AcraCensor rules for both MySQL and PostgreSQL databases (#177).

- Improved QueryCapture: AcraCensor writes allowed/blocked queries into a separate log file without blocking the main process (#176, #172). Please see a detailed description of AcraCensor on the corresponding AcraCensor documentation page.

• AcraWriter in Ruby

Updated AcraWriter Ruby wrapper for ActiveRecord tutorial and pushed a new gem (#166).

• Key Handling

Added make keys target in the Makefile: one command now generates keys and places them into correct folders for all Acra components (#182, #181). Also we’ve improved handling of master key length longer than 32 bytes (#183).

• Other

- Updated notification when AcraConnector is launched in an environment without netstat (#167).

- Updated error handling for AcraServer working with Zones and fix some corner-cases in using PostgreSQL protocol (#186, #179).

Infrastructure:

• Even better Docker support!

  • Added more ready-to-use Docker Containers: acra-keymaker, acra-authmanager. As a result, each Acra component is wrapped into a Docker container, allowing you to try Acra into your infrastructures easily.

  • Added easy-to-use docker-compose files for setting up the whole Acra-based environment connected to MySQL database. Possible configurations include setup with/without SSL, with/without AcraConnector, with/without Zones (#180). Check out the instructions and examples in the /docker folder: we have examples for both MySQL and PostgreSQL databases.

  • Updated descriptions for official Cossack Labs packages on Docker Hub.

  • Updated Getting started with Docker guide to make starting out with Acra even easier.

• OS

Added support of Ubuntu Xenial, Ubuntu Bionic (added precompiled binaries and tests to make sure that Acra is compiling/building/working well on 16.04/18.04).

Documentation:

• Updated tutorials about protecting a Ruby on Rails app and a Django app.

• Every single document, code line, and image are updated using the new naming.

• Significant parts of the README have been rewritten.

Lose no time, go get the new version of Acra now!