get files ready for 0.6.9 release0.6.9

git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@881 ef36b2f9-881f-0410-afb5-c4e39611909c
author: Arthur de Jong <arthur@arthurdejong.org> 2009-05-09 22:54:58 +0200
committer: Arthur de Jong <arthur@arthurdejong.org> 2009-05-09 22:54:58 +0200
commit: 1389c21c04330d50afec29c3ca2f17a00d4b6d1e (patch)
tree: 569bf762ef76d224a63ed38371ae93c99cdf12a4
parent: 313bb209dc64413ec5a707d5d0c4fb39e2f837d0 (diff)
7 files changed, 243 insertions, 18 deletions
diff --git a/ChangeLog b/ChangeLog
index 0d366db..a1026c2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,188 @@
+2009-05-09 20:53  arthur
+
+	* [r880] debian/libnss-ldapd.postinst: if base is blank disable the
+	  base option to let nslcd attempt search base autodiscovery
+
+2009-05-09 20:01  arthur
+
+	* [r879] nss/common.h: also close any open stream on buffer error
+
+2009-05-09 19:53  arthur
+
+	* [r878] nss/common.h, nss/group.c: check the buffer passed by
+	  Glibc for validity
+
+2009-05-09 19:52  arthur
+
+	* [r877] nslcd-common.h: make sure that when writing a list of
+	  strings the number of strings is always checked when excluding an
+	  entry
+
+2009-05-09 09:27  arthur
+
+	* [r876] ., AUTHORS, Makefile.am, configure.ac, debian,
+	  debian/copyright, nslcd.h, pam: import the PAM module from the
+	  nss-ldapd branch (r875) based on the OpenLDAP nssov tree and
+	  allow configuring which modules should be built (PAM module
+	  disabled by default)
+
+2009-05-09 07:50  arthur
+
+	* [r872] configure.ac, nslcd/nslcd.c: according to autoupdate
+	  RETSIGTYPE can be considered void always
+
+2009-05-08 10:29  arthur
+
+	* [r868] debian/copyright: aggregate years
+
+2009-05-07 22:40  arthur
+
+	* [r867] INSTALL, config.guess, config.sub: include updated files
+
+2009-05-07 22:14  arthur
+
+	* [r864] nslcd.h, nslcd/netgroup.c, nss/netgroup.c: prefix
+	  NETGROUP_TYPE macros with NSLCD_
+
+2009-05-07 20:36  arthur
+
+	* [r861] debian/po/gl.po: added Galician (gl) translation of
+	  debconf templates by Marce Villarino <mvillarino@gmail.com>
+
+2009-05-06 18:48  arthur
+
+	* [r860] debian/po/es.po: updated Spanish (es) translation of
+	  debconf templates by Francisco Javier Cuadrado
+	  <fcocuadrado@gmail.com>
+
+2009-05-05 20:55  arthur
+
+	* [r859] debian/po/ru.po: updated Russian (ru) translation of
+	  debconf templates by Yuri Kozlov <yuray@komyakino.ru>
+
+2009-05-05 20:48  arthur
+
+	* [r858] debian/po/ru.po: convert translation to UTF-8
+
+2009-05-03 19:47  arthur
+
+	* [r857] debian/po/sv.po: updated Swedish (sv) translation of
+	  debconf templates by Martin Ågren <martin.agren@gmail.com>
+
+2009-05-02 14:19  arthur
+
+	* [r856] debian/po/fr.po: updated French (fr) translation of
+	  debconf templates by Guillaume Delacour <gui@iroqwa.org>
+
+2009-05-01 15:45  arthur
+
+	* [r855] debian/po/it.po: fix incorrect references to nss-ldap
+	  (without the d at the end)
+
+2009-05-01 15:39  arthur
+
+	* [r854] man/nslcd.8.xml: document that you can specify -d multiple
+	  times
+
+2009-05-01 13:03  arthur
+
+	* [r853] nslcd/cfg.c, nslcd/cfg.h, nslcd/myldap.c: set most SSL/TLS
+	  related options globally instead of per connection
+
+2009-04-30 08:45  arthur
+
+	* [r852] nslcd/cfg.c, nslcd/cfg.h, nslcd/myldap.c, nslcd/myldap.h,
+	  nslcd/nslcd.c: move debugging initialisation to
+	  myldap_set_debuglevel() function
+
+2009-04-27 18:24  arthur
+
+	* [r851] debian/po/it.po: added Italian (it) translation of debconf
+	  templates by Vincenzo Campanella <vinz65@gmail.com>
+
+2009-04-25 21:29  arthur
+
+	* [r850] nslcd/myldap.c: produce more logging and get OpenLDAP
+	  logging working by logging to stderr (and implement temporary
+	  workaround for reqcert problems)
+
+2009-04-25 19:15  arthur
+
+	* [r849] nslcd/cfg.h: include ldap.h to ensure that struct
+	  ldap_config will be the same in every file
+
+2009-04-25 14:06  arthur
+
+	* [r848] nslcd/myldap.c: clear errno before ldap calls to get
+	  usable returned errno
+
+2009-04-25 12:32  arthur
+
+	* [r847] debian/po/pt.po: updated Portuguese (pt) translation of
+	  debconf templates by Américo Monteiro <a_monteiro@netcabo.pt>
+
+2009-04-22 19:18  arthur
+
+	* [r846] debian/libnss-ldapd.templates, debian/po/ca.po,
+	  debian/po/cs.po, debian/po/da.po, debian/po/de.po,
+	  debian/po/es.po, debian/po/fr.po, debian/po/ja.po,
+	  debian/po/nl.po, debian/po/pt.po, debian/po/pt_BR.po,
+	  debian/po/ru.po, debian/po/sv.po, debian/po/templates.pot,
+	  debian/po/vi.po: fix spelling in English debconf template (thanks
+	  Vincenzo Campanella)
+
+2009-04-22 19:12  arthur
+
+	* [r845] debian/po/ja.po: updated Japanese (ja) translation of
+	  debconf templates by Kenshi Muto <kmuto@debian.org>
+
+2009-04-22 19:06  arthur
+
+	* [r844] debian/po/da.po: updated Danish (da) translation of
+	  debconf templates by Jonas Smedegaard <dr@jones.dk>
+
+2009-04-21 19:25  arthur
+
+	* [r843] debian/libnss-ldapd.postrm, debian/libnss-ldapd.templates,
+	  debian/po/ca.po, debian/po/cs.po, debian/po/da.po,
+	  debian/po/de.po, debian/po/es.po, debian/po/fr.po,
+	  debian/po/ja.po, debian/po/nl.po, debian/po/pt.po,
+	  debian/po/pt_BR.po, debian/po/ru.po, debian/po/sv.po,
+	  debian/po/templates.pot, debian/po/vi.po: ask on removal and on
+	  purge whether to edit /etc/nsswitch.conf and remove ldap entries
+
+2009-04-19 13:51  arthur
+
+	* [r834] nslcd.h, nslcd/alias.c, nslcd/ether.c, nslcd/group.c,
+	  nslcd/host.c, nslcd/netgroup.c, nslcd/network.c, nslcd/passwd.c,
+	  nslcd/protocol.c, nslcd/rpc.c, nslcd/service.c, nslcd/shadow.c,
+	  nss/common.h, nss/group.c: clear up protocol description in
+	  nslcd.h, renaming NSLCD_RESULT_SUCCESS to NSLCD_RESULT_BEGIN
+
+2009-04-17 18:57  arthur
+
+	* [r830] nslcd.h: include definitions of PAM-related actions from
+	  current OpenLDAP work in nssov
+
+2009-04-17 18:56  arthur
+
+	* [r829] debian/libnss-ldapd.postrm: fix spelling in comment
+
+2009-04-04 10:02  arthur
+
+	* [r828] debian/libnss-ldapd.postrm: remove /var/run/nslcd on
+	  package removal
+
+2009-03-31 07:05  arthur
+
+	* [r827] debian/changelog: add CVE identifier
+
+2009-03-22 21:52  arthur
+
+	* [r825] ChangeLog, NEWS, TODO, configure.ac, debian/changelog,
+	  man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for
+	  0.6.8 release
+
 2009-03-22 21:20  arthur
 
 	* [r824] README, debian/copyright: update copyright year
diff --git a/NEWS b/NEWS
index 9e8949b..4084be6 100644
--- a/NEWS
+++ b/NEWS
@@ -1,9 +1,27 @@
+changes from 0.6.8 to 0.6.9
+---------------------------
+
+* produce more detailed logging in debug mode and allow multiple -d options to
+  be specified to also include logging from the LDAP library
+* some LDAP configuration options are now initialized globally instead of per
+  connection which should fix problems with the tls_reqcert option
+* documentation improvements for the NSLCD protocol used between the NSS
+  module and the nslcd server
+* imported the new PAM module from the OpenLDAP nssov tree by Howard Chu (note
+  that the PAM-related NSLCD protocol is not yet finalised and this module is
+  not built by default)
+* in configure script allow disabling of building certain components
+* fix a bug with writing alternate service names and add checks for
+  validity of passed buffer in NSS module
+* Debian packaging improvements
+
+
 changes from 0.6.7 to 0.6.8
 ---------------------------
 
 * SECURITY FIX: the nss-ldapd.conf file that is installed by the Debian
                 package was created world-readable which could cause problems
-                if the bindpw option is used
+                if the bindpw option is used (CVE-2009-1073)
                 this has been fixed in the Debian package but other users
                 should check the permissions of the nss-ldapd.conf file when
                 the bindpw option is used (warnings have been added to the
diff --git a/TODO b/TODO
index 3f0ede8..9d201c6 100644
--- a/TODO
+++ b/TODO
@@ -1,12 +1,9 @@
 probably before we can call this stable
 ---------------------------------------
 * find problem with reachability of LDAP server
-* Debian package: protect /etc/nss-ldapd.conf if bindpw is used
 
 other items
 -----------
-* probably document that you should use libpam-ldap for authentication without
-  exposing the passwords through NSS
 * document test suite (instructions for setting up environment (server), LDIF
   file, nsswitch.conf and nss-ldapd.conf)
 * write more unit tests
@@ -39,20 +36,13 @@ other items
 * see if we can use LD_LIBRARY_PATH to run our tests in so we don't need to
   install NSS library in system path
 * only parse configuration options if they are available on the platform
-* have some more general mechanism to disable NSS module in nslcd
+* have some more general mechanism to disable NSS lookups from nslcd
 * support searchbase autodetection
-* start the LDAP search and connection in myldap_get_entry() instead of
-  in myldap_search()
-* maybe use datagram sockets for NSS/nslcd communication
 * support multiple search bases
 * support memberOf attribute in passwd entries that map to groups
 * setnetgrent() may need to return an error if the netgroup is undefined
 * handle repeated calls to getent() better (see http://bugzilla.padl.com/show_bug.cgi?id=376)
-* make it possible to define nisNetgroup as a ou-like thing with
-  handling all sub-nisNetgroup objects as memberNisNetgroup, host objects as
-  nisNetgroupTriple (HOST,,), users as (,USER?,)
 * make it possible to start nslcd really early in the boot process and have
   it become available when it determines it can (other timeout/retry mechanism
   on startup)
-* if Debconf base is empty do something more useful
 * make lookups case-sensitive
diff --git a/configure.ac b/configure.ac
index 63a097a..bc345a7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -32,8 +32,8 @@ version 2.1 of the License, or (at your option) any later version. See the
 configure.ac file for more details.])
 
 # initialize and set version and bugreport address
-AC_INIT([nss-ldapd],[0.6.8],[arthur@ch.tudelft.nl])
-RELEASE_MONTH="Mar 2009"
+AC_INIT([nss-ldapd],[0.6.9],[arthur@ch.tudelft.nl])
+RELEASE_MONTH="May 2009"
 AC_SUBST(RELEASE_MONTH)
 AC_CONFIG_SRCDIR([nslcd.h])
 
diff --git a/debian/changelog b/debian/changelog
index f087941..3dac6ac 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,35 @@
+nss-ldapd (0.6.9) unstable; urgency=low
+
+  * produce more detailed logging in debug mode and allow multiple -d options
+    to be specified to also include logging from the LDAP library
+  * some LDAP configuration options are now initialized globally instead of
+    per connection which should fix problems with the tls_reqcert option
+    (closes: #521617)
+  * documentation improvements for the NSLCD protocol used between the NSS
+    module and the nslcd server
+  * imported the new PAM module from the OpenLDAP nssov tree by Howard Chu
+    (note that the PAM-related NSLCD protocol is not yet finalised and this
+    module is not built by default)
+  * in configure script allow disabling of building certain components
+  * fix a problem with writing alternate service names and add checks for
+    validity of passed buffer in NSS module (closes: #527246)
+  * ask the user whether LDAP should be removed from /etc/nsswitch.conf at
+    package removal time (closes: #523483)
+  * remove /var/run/nslcd on package removal
+  * updated Danish debconf translation by Jonas Smedegaard (closes: #525075)
+  * updated Japanese debconf translation by Kenshi Muto (closes: #525085)
+  * updated Portugese debconf translation by Américo Monteiro
+    (closes: #525530)
+  * added Italian debconf translation by Vincenzo Campanella (closes: #525784)
+  * updated French debconf translation by Guillaume Delacour (closes: #526638)
+  * updated Swedish debconf translation by Martin Ågren (closes: #526757)
+  * updated Russian debconf translation by Yuri Kozlov (closes: #527102)
+  * updated Spanish debconf translation by Francisco Javier Cuadrado
+    (closes: #527242)
+  * added Galician debconf translation by Marce Villarino (closes: #527327)
+
+ -- Arthur de Jong <adejong@debian.org>  Sat, 09 May 2009 22:00:00 +0200
+
 nss-ldapd (0.6.8) unstable; urgency=high
 
   * SECURITY FIX: the nss-ldapd.conf file that is installed was created
diff --git a/man/nslcd.8.xml b/man/nslcd.8.xml
index 4cda483..d4972e8 100644
--- a/man/nslcd.8.xml
+++ b/man/nslcd.8.xml
@@ -36,9 +36,9 @@
  <refmeta>
   <refentrytitle>nslcd</refentrytitle>
   <manvolnum>8</manvolnum>
-  <refmiscinfo class="version">Version 0.6.8</refmiscinfo>
+  <refmiscinfo class="version">Version 0.6.9</refmiscinfo>
   <refmiscinfo class="manual">System Manager's Manual</refmiscinfo>
-  <refmiscinfo class="date">Mar 2009</refmiscinfo>
+  <refmiscinfo class="date">May 2009</refmiscinfo>
  </refmeta>
 
  <refnamediv id="name">
diff --git a/man/nss-ldapd.conf.5.xml b/man/nss-ldapd.conf.5.xml
index 2df32c1..630a52b 100644
--- a/man/nss-ldapd.conf.5.xml
+++ b/man/nss-ldapd.conf.5.xml
@@ -36,9 +36,9 @@
  <refmeta>
   <refentrytitle>nss-ldapd.conf</refentrytitle>
   <manvolnum>5</manvolnum>
-  <refmiscinfo class="version">Version 0.6.8</refmiscinfo>
+  <refmiscinfo class="version">Version 0.6.9</refmiscinfo>
   <refmiscinfo class="manual">System Manager's Manual</refmiscinfo>
-  <refmiscinfo class="date">Mar 2009</refmiscinfo>
+  <refmiscinfo class="date">May 2009</refmiscinfo>
  </refmeta>
 
  <refnamediv id="name">
author	Arthur de Jong <arthur@arthurdejong.org>	2009-05-09 22:54:58 +0200
committer	Arthur de Jong <arthur@arthurdejong.org>	2009-05-09 22:54:58 +0200
commit	1389c21c04330d50afec29c3ca2f17a00d4b6d1e (patch)
tree	569bf762ef76d224a63ed38371ae93c99cdf12a4
parent	313bb209dc64413ec5a707d5d0c4fb39e2f837d0 (diff)