Release Notes PN 93000501_F7 Digi Connect ME 82000856_F7 EOS April 25, 2017 INTRODUCTION This is a production release of firmware for the Digi Connect ME. The Digi Connect ME embedded device server web and network enables products easily without the complexities of extensive hardware and software integration. The Digi Connect ME provides powerful "plug-and-play", customizable and future-safe features, and performance in one of the smallest solutions available. SUPPORTED PRODUCTS Digi Connect ME ENHANCEMENTS None BUG FIXES NDS-575, Fix critical vulnerability - CVE-2014-9222 NDS-574, Fix related critical vulnerability - CVE-2014-9223 KNOWN ISSUES It is not currently possible to configure the escape characters used by client applications (connect, telnet, and rlogin). If the standard web service (HTTP) is disabled, the encrypted web service (HTTPS) stops operating. They will be made independently selectable in a future release. If it becomes necessary to DOWNGRADE the firmware from version B (or greater) back to version A, it is necessary to clear the persistent storage BEFORE downgrading because the version A firmware has a defect in the way it handles unexpected data in the persistent storage. Failure to clear the persistent storage during a DOWNGRADE to A can result in an unusable unit. The recommended procedure, therefore, to preserve as many settings as possible during a downgrade is to backup the configuration, then clear the persistent storage, downgrade the firmware, then restore the configuration. In order to clear the persistent storage from the CLI one can execute the "boot action=factory" command. The only web accessible method for clearing the storage is available via the reset functionality in the administrative pages at "admin/factory_defaults.htm". When attempting to replace files in the file system, simply overwrite the existing version of the file rather than deleting the file first. Attempting to delete the file first defeats the internal file versioning maintained by the firmware, and can confuse your browser's cache. For the most consistent experience with the user interface, it is suggested that you clear your Internet cache. Microsoft Internet Explorer 6 Service Pack 1 (SP1) has a known problem where it displays the error message "Internet Explorer Cannot Open" when you use an HTTPS URL to access this Digi product. The following Microsoft article explains the problem: http://support.microsoft.com/default.aspx?kbid=812935 Due to certain browsers and their settings, the web interface may not appear proper after after a firmware upgrade. If this occurs, please clear your browser's cache or delete your browser's temporary files. IP ASSIGNMENT NOTES The Digi Connect ME now supports three IP assignment methods: * Static IP address * DHCP * Auto-IP If a static address is enabled, it will be used. If a static address is not enabled, and DHCP is enabled, the unit will use an address supplied by a DHCP server regardless of the state of Auto-IP configuration. If a static address is not enabled, and Auto-IP is enabled, it will be used to generate an address ONLY if DHCP is disabled, or if DHCP is enabled and a DHCP server has not responded to the DHCP query. If both are enabled, Auto-IP has assigned an address, and then a DHCP server responds, the Auto-IP address will be discarded and the DHCP address will be used. RESETTING THE UNIT One feature introduced in the "C" revision of the Digi Connect ME firmware is an enhanced ability for an embedded host system to both soft reset the unit as well as reset the unit to its factory defaults. Both functions may be invoked via manipulation of pin 20 on the ME module's header: * If the module is running (i.e. more than a few seconds after power on), holding pin 20 low for a second and then raising it will soft reset the unit * If pin 20 is held low for more than 10 seconds from the power on or release from hard reset of the unit, and then raised, it will reset the unit to its factory default state In either case, the action takes effect when the pin is raised (reset released). ADDITIONAL INFORMATION The configuration save and restore tools will save every configurable parameter (including IP configuration) except for some related to password authentication. ENABLING THE WEB USER INTERFACE The embedded web user interface is ALWAYS available at the following URL: http://ip-address-of-device/home.htm It is also available as the default configuration interface at the following URL: http://ip-address-of-device If your device contains the Java configuration applet it can be executed by connecting to the embedded web user interface and clicking the "Launch" button on the "Home" page under the "User Interfaces". It can be made to be the default configuration interface by clicking the "Set as Default" button on the same page. The Java Configuration Applet may remain in the unit's file system without affecting the embedded web user interface. If you would like to use the Java Configuration Applet as an alternative, simply upload the index.htm file as a file with an alternate name (e.g. applet.htm). You would then be able to use the Java Configuration Applet by accessing the following URL: http://ip-address-of-device/applet.htm UPGRADING THE CONFIGURATION APPLET Prior to upgrading the configuration applet, you may need to remove the existing files. The main reason for this is that the earliest version of the applet used different filenames than newer versions. If you are simply uploading newer versions of files with the same name, it is not necessary to first delete the files. Removing the existing files: 1. Access the administration web interface by entering the following URL in in a browser's URL window: http://ip-address-of-device/admin/administration.htm 2. Select File Management under the Administration menu. 3. Check the check box adjacent to the files you wish to remove. 4. Click the delete button. You must load the jar and HTML files onto the device (this only has to be done once). When executed, the configuration applet will connect back to the device it was loaded from. Loading the updated configuration applet files: 1. Access the administration web interface by entering the following URL in in a browser's URL window: http://ip-address-of-device/admin/administration.htm 2. Select File Management under the Administration menu. 3. Click Browse. Locate and select the common.jar file then click Open. 4. Click Upload. 5. Click Browse. Locate and select the configapp.jar file then click Open. 6. Click Upload. 7. Click Browse. Locate and select the index.htm file then click Open. 8. Click Upload. 9. Click Browse. Locate and select the config.ini file then click Open. 10. Click Upload. 11. Click index.htm to run the configuration applet from the device (to access the applet directly use the URL http://ip-address-of-device/index.htm). HISTORY 82000856_F6 ENHANCEMENTS Added suppress login option When TCP_NODELAY is set, also change TCP_ACKDELAYTIME to zero. This addresses latency issues Added additional TCFLOW ioctls BUG FIXES Fixed a memory loss problem in telnet for messages with no data Fixed a panic problem where the file system code was not properly initializing 82000856_F5 Control flashing of 1-1-1 to allow faster boot up. Added a new feature to set the initial level of GPIO output states to a user configurable setting Added new feature to allow upload of customization files using Connect Programmer. Add support for a user-configurable DHCP host name (DHCP Option 12) to the Digi Connect family of products With the latest combination of POST firmware and embedded operating system, the Digi Connect device servers now offer the ability to select whether some of their power-on self tests will be executed or skipped. The new default behavior of the POST will be to skip some of its tests, including the test of the diagnostic LED which blinks 1 - 1 - 1 before running the EOS. Skipping the tests enables the device to boot more quickly. With a CLI command in the EOS, customers will be able to choose to execute the tests, restoring the previous POST behavior. The new CLI commands are: boot postaction=display boot postaction=skip boot postaction=execute Corrected regression where file upload using the Connect Programmer was not showing up in the web UI Added logic to re-establish a TCP socket connection after a remote host becomes drops off line 82000856_F1 Added support for multiple users and permissions Added support for TCP Keepalive Added support for remote management using the Connectware server Added support for DHCP Option 12 Added support for ADDP V2 Added support for OEM Customization Restructured the Web UI into HTML 4.01 compliance Enabled the CLI PING command on this device Added the option of enabling the CLI on a serial port Fixed several issues with alarms including one problem where snmptraps were continuely being sent out Fixed several problems with backup/restore Fixed bug with reporting incorrect ICMP stats Fixed a problem where data was not draining properly when closing a TCP socket serial connection Removed auto sensing of Ethernet wiring (straight or crossover) because it was causing problems with some Ethernet switches Fixed several RCI memory leaks Added support for RTS toggle predelay and postdelay On receiving an RCI reboot command, the unit would give an incorrect response Fixed a problem where using raw sockets resulted in lost serial data when sending a NULL character Fixed a problem where RCI over serial would stop accepting data Fixed a problem where the agent IP field in an SNMP trap was incorrect if the unit received its IP address via DHCP Fixed a problem where changing the destination IP address for SNMP traps required a reboot to become effective 82000856_E New SNMP MIBs were added including: RS-232, character, and device info MIBs. SNMP traps were added that allow the generation of SNMP traps when logins, authentication failures, network linkage, and cold startup events occur. In addition SNMP traps are supported with the alarm feature. The alarm feature allows emails and/or SNMP traps to be generated when there is a GPIO signal change or a particuliar data pattern is seen from incoming serial data. The Portbuffering feature was added that allows buffering of incoming ASCII data from the serial port. A memory leak was fixed that occured in rare situations during network data transfer. A problem with data loss on the serial port at 230400 bps was fixed. 82000956_D Connection and session management has been added to the CLI. The commands related to the manipulation of connections and/or sessions includes: who -- list connections kill -- attempt to kill a connection status -- list all sessions associated with a specified connection close -- attempt to close a session associated with a specific connection reconnect -- if we have "escaped" from a client session back to the CLI, this allows us to return control to the session connect -- from the CLI, send data to/from a serial port, escape character is ^[ telnet -- from the CLI, initiate a telnet session with a remote device, escape character is ^] rlogin -- from the CLI, initiate an rlogin session with a remote device, escape character is ~ The ability to list connections and to attempt to kill connections has been added to web interface. The ability to connect the CLI via rlogin has been added. The ability to initiate an automatic connection between a serial port and a remote network device via rlogin has been added. The ability to enable full duplex ethernet as well as auto duplex negotiation has been added. The ability to influence the way that the unit forwards data from the serial port to the network has been added. This serial over TCP forwarding allows one to insert buffering between the serial port and the network socket for a connection. This buffering allows one to "hold off" on pushing received serial data into the queue for network transmission until certain criteria are met, including the amount of data received, gaps of idle time of a certain length, and/or specific data patterns. This new buffering capability is off by default. The ADDP discovery / IP assignment service may now be completely disabled. A low-level serial configuration interface has been added. When enabled, it allows one to use the DSR modem signal to shift serial port 1 into a special mode where received data is interpreted as a set of RCI commands. Since enabling the feature causes the standard interpretation of the DSR signal to be lost, it is disabled by default. Under certain conditions, received serial data would unexpectedly get duplication of 0xFF characters in the data stream. This now only happens when character marking is explicitly requested. The units were not properly detecting RealPort server disconnects, so were not gracefully recovering from network outages for RealPort connections. 82000856_C The ability to force the ethernet speed to a specific value (rather than depending on auto-negotiation) has been added. Auto-IP has been added as an IP address selection method. See the section "IP ASSIGNMENT NOTES" below for more details. Pseudo-modem capability has been added as a configurable option for the serial port. There are now two choices to use for web-enabled configuration; the Java Configuration Applet (previously shipped with the unit) and a new embedded web user interface. The embedded web user interface allows the user to configure the unit without the need to download a Java Run-time Environment. The Java Configuration Applet is better suited for easy customization. If you simply intend to access and configure the unit from a web browser, you will want to use the embedded web user interface. If you want to create a custom UI, tailored to a specific look and feel, use the Java Configuration Applet. See the section "ENABLING THE EMBEDDED WEB USER INTERFACE" for instructions on how to enable the embedded web user interface as the default. If you choose to use the Java Configuration Applet you must upgrade the applet on your Digi Connect ME to ensure compatibility between revisions. See the section "UPGRADING THE CONFIGURATION APPLET" for instructions. Added a capability for embedded hosts to soft reset the Digi module as well as reset the Digi module configuration back to its factory default state via hardware signals. See the section "RESETTING THE UNIT" for details. Added the "RTS Toggle" feature to the serial port configuration (ability to control the "RTS" signal based on data transmission). The web server is now configurable via the command line interface, in that it can be enabled or disabled, as well as moved to a different TCP port number. Changing the port number or disabling the web server will, as a side effect, cause certain applications and applets to stop operating as they expect the HTTP service to be at port 80. The Digi RealPort service in the firmware has been extended to fully support all Digi supported operating systems, not just the Windows family of operating systems. Two conditions were identified in which the unit would reboot itself during early initialization as a result of internal software conflicts. These conditions have been eliminated. The "Revert to Factory Defaults" feature exposed by the various user interfaces have been consolidated so that their effect is consistent. There were cases in which the serial core would incorrectly interpret signals as modem control signals even though the user has identified them as GPIO inputs or outputs. These conditions have been eliminated. 82000856_B "Reverse Telnet", i.e. making a telnet connection to a serial port, has been added, including RFC 2217 support. A command line interface has been added, accessible via telnet to the standard telnet port (23). The ability to autoconnect to a remote device via telnet has been added. The autoconnect feature has been extended to allow one to autoconnect based on an arbitrary pattern string. TCP socket connections now can be given a configurable idle timeout for connection closure. The "alarm" functionality has been extended to allow one to generate email when pattern strings are present in the data stream. LPD server support has been added. "Socket ID" support (the insertion of a static identifier string into the first transmitted data packet for a TCP socket session or into every datagram carrying data for a serial port over UDP) has been added. The serial over UDP functionality has been extended to allow 64 destinations per serial port. We have updated the Configuration Applet to support these features. You must upgrade the applet on your Digi Connect ME in order to configure these new features from the UI. See the section, UPGRADING THE CONFIGURATION APPLET, for instructions. CPU utilization reported by the web/applet interface is now more representative of the average utilization of the system. The serial over UDP functionality now correctly handles IP broadcast addresses as valid UDP destinations. The interface now automatically reboots after reverting to factory defaults, as it previously implied it would. 82000856_A Initial Release.