diff options
| author | Arthur de Jong <arthur@arthurdejong.org> | 2016-08-14 21:56:11 +0200 |
|---|---|---|
| committer | Arthur de Jong <arthur@arthurdejong.org> | 2016-08-14 21:56:11 +0200 |
| commit | c286bb51ea052cc8b27ee034cd1e67999a746e91 (patch) | |
| tree | d41b4870285e224c52841030b32f12289cb7e42b | |
| parent | db9494e56641cf2d88bd0a5bbc27712b50d0eda1 (diff) | |
Get files ready for 0.9.7 release0.9.7
| -rw-r--r-- | AUTHORS | 3 | ||||
| -rw-r--r-- | ChangeLog | 263 | ||||
| -rw-r--r-- | NEWS | 19 | ||||
| -rw-r--r-- | README | 2 | ||||
| -rw-r--r-- | configure.ac | 8 | ||||
| -rw-r--r-- | man/chsh.ldap.1.xml | 6 | ||||
| -rw-r--r-- | man/getent.ldap.1.xml | 6 | ||||
| -rw-r--r-- | man/nslcd.8.xml | 6 | ||||
| -rw-r--r-- | man/nslcd.conf.5.xml | 6 | ||||
| -rw-r--r-- | man/pam_ldap.8.xml | 6 | ||||
| -rw-r--r-- | man/pynslcd.8.xml | 6 | ||||
| -rw-r--r-- | nslcd/nslcd.c | 4 | ||||
| -rwxr-xr-x | pynslcd/pynslcd.py | 4 | ||||
| -rw-r--r-- | utils/cmdline.py | 4 |
14 files changed, 314 insertions, 29 deletions
@@ -139,3 +139,6 @@ Tim Rice <tim@multitalents.net> Andrew Elble <aweits@rit.edu> Jed Liu <jed-nss-pam-ldapd-users@uma.litech.org> Geoffrey McRae <gnif@xbmc.org> +Mathieu Baeumler <mathieu.baeumler@gmail.com> +Vasilis Tsiligiannis <vasilis.tsiligiannis@nokia.com> +Giovanni Mascellani <mascellani@poisson.phc.unipi.it> @@ -1,3 +1,266 @@ +2016-08-14 Arthur de Jong <arthur@arthurdejong.org> + + * [db9494e] tests/Makefile.am: Only run doctests when building + pynslcd + +2016-08-14 Arthur de Jong <arthur@arthurdejong.org> + + * [cb16e4c] nss/bsdnss.c: Avoid some warnings on FreeBSD + + This adds casts to and from void * for the function pointers + that are passed around. + +2016-07-27 Arthur de Jong <arthur@arthurdejong.org> + + * [b7a0b23] ChangeLog, ChangeLog-2013, Makefile.am: Archive 2013 + ChangeLog entries + +2016-07-27 Arthur de Jong <arthur@arthurdejong.org> + + * [e4df12c] config.guess, config.sub, install-sh: Update files + from latest automake + +2016-07-27 Arthur de Jong <arthur@arthurdejong.org> + + * [db8034a] man/Makefile.am, utils/Makefile.am, utils/getent.py: + Also use module-name in utilities and man pages + + This ensures that getent.ldap, chsh.ldap and manual pages with + ldap in the name will be installed with the name as specified + with --with-module-name. + + Note that the manual page content still describes the working + within nss-pam-ldapd and still mention the ldap name. + +2016-06-04 Arthur de Jong <arthur@arthurdejong.org> + + * [281b0ec] tests/test_doctest.sh: Ensure doctest also run in + distcheck + + This fixes test_doctest.sh to also work when the build directory + is different from the source directory. This is needed because + constants.py is only available in the build directory. + +2016-06-03 Arthur de Jong <arthur@arthurdejong.org> + + * [a89eda7] nslcd/pam.c: Also honor ignorecase in PAM + + This avoids changing the cannonical username to the value as + specified in LDAP when ignorecase is used. + + See https://github.com/arthurdejong/nss-pam-ldapd/issues/12 + +2016-06-03 Arthur de Jong <arthur@arthurdejong.org> + + * [7eb1d69] pynslcd/expr.py: Support ${var:offset:length} in pynslcd + +2016-06-02 Arthur de Jong <arthur@arthurdejong.org> + + * [c90a537] pynslcd/attmap.py: Fix pynslcd expression representation + + The problem was that the ExpressionMapping string value did not + include the quotes which will cause problems when printing the + expression (e.g. when logging or dumping config, etc.). + +2016-06-02 Arthur de Jong <arthur@arthurdejong.org> + + * [fd61bb6] tests/Makefile.am, tests/test_doctest.sh: Add test + for running doctests + +2016-05-30 Giovanni Mascellani <mascellani@poisson.phc.unipi.it> + + * [2ba9560] common/expr.c, man/nslcd.conf.5.xml, tests/test_expr.c: + Support substituting expresions of type ${var:offset:length} + +2016-05-30 Giovanni Mascellani <mascellani@poisson.phc.unipi.it> + + * [3a4860c] man/nslcd.conf.5.xml: Fix small typo + +2016-05-24 Arthur de Jong <arthur@arthurdejong.org> + + * [917ded7] common/expr.c: Refactor out expression parsing to + functions + + This moves the parsing of the various ${var...} expressions to + separate functions so they can be extended more easily. + +2016-02-22 Arthur de Jong <arthur@arthurdejong.org> + + * [4be9c59] pam/pam.c: Fix logic error + + This could result in a free(NULL) call. This code path can + only be triggered if pam_ldap changes the logged-in username + (introduced in 6a74d8d). + + Thanks 依云, see + https://github.com/arthurdejong/nss-pam-ldapd/issues/11 + +2016-01-30 Mathieu Baeumler <mathieu.baeumler@gmail.com> + + * [985aec3] nslcd/myldap.c: Display human readable expiry message + + Display a human readable message (days+hours, or hours+minutes, + or seconds) when the password expiring warning is issued. + +2016-02-13 Arthur de Jong <arthur@arthurdejong.org> + + * [b795f6c] nslcd/cfg.c: Fix nss_disable_enumeration configuration + + This fixes a copy-paste bug where nss_disable_enumeration was + incorrectly handled. Fixes c0366d8. + + Thanks Andrew W Elble for pointing this out. + +2016-01-18 Arthur de Jong <arthur@arthurdejong.org> + + * [525c996] tests/test.ldif, tests/test_nsscmds.sh: Add a few + IPv6 tests + + This adds a few test hosts that have IPv6 addresses. This + ensures that we have an IPv6-only host and hosts which have + address values in different order in the ipHostNumber attribute + (although attribute order is probably not guaranteed). + +2015-10-18 Mathieu Baeumler <mathieu.baeumler@gmail.com> + + * [31cd2cf] man/nslcd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, + nslcd/myldap.c: Add pam_authc_ppolicy option + + This option allows completely disabling ppolicy handling. + +2016-01-06 Arthur de Jong <arthur@arthurdejong.org> + + * [117c9cb] nslcd/pam.c: Fix error handling on credential change + + This fixes setting the correct LDAP error code and also fixes + formatting in 027df03. + +2015-12-23 Vasilis Tsiligiannis <vasilis.tsiligiannis@nokia.com> + + * [027df03] nslcd/pam.c: Fix updating of 'shadowLastChange' + attribute when chasing referrals + + This fixes a bug where 'shadowLastChange' attribute cannot be + updated when chasing a referral. After a password is succesfully + changed, the credentials for binding should also be updated with + the new password for the session. + + Signed-off-by: Vasilis Tsiligiannis + <vasilis.tsiligiannis@nokia.com> + +2015-11-13 Arthur de Jong <arthur@arthurdejong.org> + + * [fcea92d] nslcd/cfg.c: Correct file readability check + + This uses access() instead of stat() to see if the file is + readable by the current process. This fixes f089e01. + +2015-09-20 Arthur de Jong <arthur@arthurdejong.org> + + * [c879485] nslcd/myldap.c: Fail-over and retry on more errors + + Also try to fail over to another LDAP server on a larger number + of errors. Specifically errors that point to problems connecting + to the LDAP server. + +2015-08-29 Arthur de Jong <arthur@arthurdejong.org> + + * [3d09e28] nslcd/myldap.c: Open connection before do_try_search() + + This is in preparation for splitting the BIND from the search + phase for authentication. + +2015-08-27 Arthur de Jong <arthur@arthurdejong.org> + + * [f089e01] nslcd/cfg.c: Loosen up file existence check + + This changes the check (for configuration options that specify + file names) to just check that the specified path is readable + instead of ensisting that it points to a file. + + This allows tls_randfile to point to /dev/urandom (a character + device) or a pipe. This fixes 6779a51. + + This also applies the same check to the krb5_ccname option. + + Thanks to Patrick McLean for pointing this out. + +2015-08-14 Arthur de Jong <arthur@arthurdejong.org> + + * [309f127] pam/pam.c: Have PAM module log messages to syslog + + This logs informational messages that are presented to the user + tot syslog. This normally includes password expiry and grace + login information which may be useful to log. + +2015-08-14 Arthur de Jong <arthur@arthurdejong.org> + + * [263a443] nslcd/myldap.c: Simplify password policy message handling + + This simplifies the check for overwriging pending password + expiry and grace logins warnigns and updates handling of the + LDAP_CONTROL_PWEXPIRING control to be consistent with that of + the expire value of LDAP_CONTROL_PASSWORDPOLICYRESPONSE. + + This also corrects the function name, also logs empty password + policy responses in debug mode and documents the meaning of the + various password policy values. + +2015-07-09 Mathieu Baeumler <mathieu.baeumler@gmail.com> + + * [4302901] nslcd/myldap.c: Fix password policy expiration warnings + + If a password expiration warning (pwdExpireWarning) is set in + slapd, and the password is about to expire, slapd sends the + timeBeforeExpiration value as part of the passwordPolicyResponse. + + nslcd would incorrectly instruct the PAM module to require + immediate password change. This has been fixed for both + timeBeforeExpiration and graceLoginsRemaining. + +2015-07-19 Arthur de Jong <arthur@arthurdejong.org> + + * [89b471b] ar-lib, autogen.sh, compile, configure.ac, depcomp, + install-sh, missing, py-compile, test-driver: Update files from + automake 1.15 + + This also includes the m4 directory when invoking aclocal because + not all versions seem to handle AC_CONFIG_MACRO_DIR. + +2015-07-19 Arthur de Jong <arthur@arthurdejong.org> + + * [86a4618] m4/ax_tls.m4: Disable quoting in AX_TLS notfound case + + This ensures that AS_IF does not generate an empty else clause + which will result in an invalid configure script. + +2015-07-19 Arthur de Jong <arthur@arthurdejong.org> + + * [6779a51] nslcd/cfg.c: Check file existence for configuration + options + + This adds addition checks to the tls_cacertdir, tls_cacertfile, + tls_randfile, tls_cert and tls_key options to ensure that they + point to an existing file when parsing nslcd.conf. + +2015-07-19 Arthur de Jong <arthur@arthurdejong.org> + + * [a6c7c63] pynslcd/pynslcd.py: Work around bug in python-daemon + + See https://bugs.debian.org/792871 + +2015-07-08 Arthur de Jong <arthur@arthurdejong.org> + + * [c32e8c0] m4/ax_pthread.m4, m4/ax_tls.m4: Update macros from + autoconf-archive + +2015-06-14 Arthur de Jong <arthur@arthurdejong.org> + + * [d949bd4] AUTHORS, ChangeLog, NEWS, configure.ac, + man/chsh.ldap.1.xml, man/getent.ldap.1.xml, man/nslcd.8.xml, + man/nslcd.conf.5.xml, man/pam_ldap.8.xml, man/pynslcd.8.xml: + Get files ready for 0.9.6 release + 2015-06-14 Arthur de Jong <arthur@arthurdejong.org> * [4236dd6] Makefile.am: Correctly insert emtpy lines in ChangeLog @@ -1,3 +1,22 @@ +changes from 0.9.6 to 0.9.7 +--------------------------- + +* check existence of TLS certificate and key files on start-up +* fix password policy expiration handling when password was about to expire + (thanks Mathieu Baeumler for tracking this down) +* fix updating of shadowLastChange attribute when chasing referrals + (thanks Vasilis Tsiligiannis) +* add an pam_authc_ppolicy option to allows completely disabling ppolicy + handling (thanks Mathieu Baeumler) +* fix handling of nss_disable_enumeration (thanks Andrew W Elble for pointing + this out) +* display human readable password expiry messages (thanks Mathieu Baeumler) +* fix error when changing PAM user name (thanks 依云) +* support substring expressions ${var:offset:length} in attribute mapping + (thanks Giovanni Mascellani) +* also honor the ignorecase option in PAM + + changes from 0.9.5 to 0.9.6 --------------------------- @@ -15,7 +15,7 @@ Copyright (C) 1997-2006 Luke Howard Copyright (C) 2006-2007 West Consulting - Copyright (C) 2006-2015 Arthur de Jong + Copyright (C) 2006-2016 Arthur de Jong Copyright (C) 2009 Howard Chu Copyright (C) 2010 Symas Corporation diff --git a/configure.ac b/configure.ac index 27f5132..e7a37e4 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ # # Copyright (C) 2006 Luke Howard # Copyright (C) 2006 West Consulting -# Copyright (C) 2006-2015 Arthur de Jong +# Copyright (C) 2006-2016 Arthur de Jong # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public @@ -23,7 +23,7 @@ AC_PREREQ(2.61) AC_COPYRIGHT( [Copyright (C) 2006 Luke Howard Copyright (C) 2006 West Consulting -Copyright (C) 2006-2015 Arthur de Jong +Copyright (C) 2006-2016 Arthur de Jong This configure script is derived from configure.ac which is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser @@ -33,10 +33,10 @@ configure.ac file for more details.]) # initialize and set version and bugreport address AC_INIT([nss-pam-ldapd], - [0.9.6], + [0.9.7], [nss-pam-ldapd-users@lists.arthurdejong.org],, [http://arthurdejong.org/nss-pam-ldapd/]) -RELEASE_MONTH="Jun 2015" +RELEASE_MONTH="Aug 2016" AC_SUBST(RELEASE_MONTH) AC_CONFIG_SRCDIR([nslcd.h]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/man/chsh.ldap.1.xml b/man/chsh.ldap.1.xml index 117a7f5..345775d 100644 --- a/man/chsh.ldap.1.xml +++ b/man/chsh.ldap.1.xml @@ -5,7 +5,7 @@ <!-- chsh.ldap.1.xml - docbook manual page for chsh.ldap - Copyright (C) 2013-2015 Arthur de Jong + Copyright (C) 2013-2016 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -35,9 +35,9 @@ <refmeta> <refentrytitle>chsh.ldap</refentrytitle> <manvolnum>1</manvolnum> - <refmiscinfo class="version">Version 0.9.6</refmiscinfo> + <refmiscinfo class="version">Version 0.9.7</refmiscinfo> <refmiscinfo class="manual">User Commands</refmiscinfo> - <refmiscinfo class="date">Jun 2015</refmiscinfo> + <refmiscinfo class="date">Aug 2016</refmiscinfo> </refmeta> <refnamediv id="name"> diff --git a/man/getent.ldap.1.xml b/man/getent.ldap.1.xml index a8afd1b..3d1c93f 100644 --- a/man/getent.ldap.1.xml +++ b/man/getent.ldap.1.xml @@ -5,7 +5,7 @@ <!-- getent.ldap.1.xml - docbook manual page for chsh.ldap - Copyright (C) 2013-2015 Arthur de Jong + Copyright (C) 2013-2016 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -35,9 +35,9 @@ <refmeta> <refentrytitle>getent.ldap</refentrytitle> <manvolnum>1</manvolnum> - <refmiscinfo class="version">Version 0.9.6</refmiscinfo> + <refmiscinfo class="version">Version 0.9.7</refmiscinfo> <refmiscinfo class="manual">User Commands</refmiscinfo> - <refmiscinfo class="date">Jun 2015</refmiscinfo> + <refmiscinfo class="date">Aug 2016</refmiscinfo> </refmeta> <refnamediv id="name"> diff --git a/man/nslcd.8.xml b/man/nslcd.8.xml index f10ed20..563474f 100644 --- a/man/nslcd.8.xml +++ b/man/nslcd.8.xml @@ -6,7 +6,7 @@ nslcd.8.xml - docbook manual page for nslcd Copyright (C) 2006 West Consulting - Copyright (C) 2006-2015 Arthur de Jong + Copyright (C) 2006-2016 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -36,9 +36,9 @@ <refmeta> <refentrytitle>nslcd</refentrytitle> <manvolnum>8</manvolnum> - <refmiscinfo class="version">Version 0.9.6</refmiscinfo> + <refmiscinfo class="version">Version 0.9.7</refmiscinfo> <refmiscinfo class="manual">System Manager's Manual</refmiscinfo> - <refmiscinfo class="date">Jun 2015</refmiscinfo> + <refmiscinfo class="date">Aug 2016</refmiscinfo> </refmeta> <refnamediv id="name"> diff --git a/man/nslcd.conf.5.xml b/man/nslcd.conf.5.xml index d221675..0acb1f9 100644 --- a/man/nslcd.conf.5.xml +++ b/man/nslcd.conf.5.xml @@ -6,7 +6,7 @@ nslcd.conf.5.xml - docbook manual page for nslcd.conf Copyright (C) 1997-2005 Luke Howard - Copyright (C) 2007-2015 Arthur de Jong + Copyright (C) 2007-2016 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -36,9 +36,9 @@ <refmeta> <refentrytitle>nslcd.conf</refentrytitle> <manvolnum>5</manvolnum> - <refmiscinfo class="version">Version 0.9.6</refmiscinfo> + <refmiscinfo class="version">Version 0.9.7</refmiscinfo> <refmiscinfo class="manual">System Manager's Manual</refmiscinfo> - <refmiscinfo class="date">Jun 2015</refmiscinfo> + <refmiscinfo class="date">Aug 2016</refmiscinfo> </refmeta> <refnamediv id="name"> diff --git a/man/pam_ldap.8.xml b/man/pam_ldap.8.xml index 4d8ed75..0483e64 100644 --- a/man/pam_ldap.8.xml +++ b/man/pam_ldap.8.xml @@ -5,7 +5,7 @@ <!-- pam_ldap.8.xml - docbook manual page for pam_ldap PAM module - Copyright (C) 2009-2015 Arthur de Jong + Copyright (C) 2009-2016 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -35,9 +35,9 @@ <refmeta> <refentrytitle>pam_ldap</refentrytitle> <manvolnum>8</manvolnum> - <refmiscinfo class="version">Version 0.9.6</refmiscinfo> + <refmiscinfo class="version">Version 0.9.7</refmiscinfo> <refmiscinfo class="manual">System Manager's Manual</refmiscinfo> - <refmiscinfo class="date">Jun 2015</refmiscinfo> + <refmiscinfo class="date">Aug 2016</refmiscinfo> </refmeta> <refnamediv id="name"> diff --git a/man/pynslcd.8.xml b/man/pynslcd.8.xml index a366f1a..334a476 100644 --- a/man/pynslcd.8.xml +++ b/man/pynslcd.8.xml @@ -5,7 +5,7 @@ <!-- pynslcd.8.xml - docbook manual page for pynslcd - Copyright (C) 2012-2015 Arthur de Jong + Copyright (C) 2012-2016 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -35,9 +35,9 @@ <refmeta> <refentrytitle>pynslcd</refentrytitle> <manvolnum>8</manvolnum> - <refmiscinfo class="version">Version 0.9.6</refmiscinfo> + <refmiscinfo class="version">Version 0.9.7</refmiscinfo> <refmiscinfo class="manual">System Manager's Manual</refmiscinfo> - <refmiscinfo class="date">Jun 2015</refmiscinfo> + <refmiscinfo class="date">Aug 2016</refmiscinfo> </refmeta> <refnamediv id="name"> diff --git a/nslcd/nslcd.c b/nslcd/nslcd.c index 37a9167..a0035d2 100644 --- a/nslcd/nslcd.c +++ b/nslcd/nslcd.c @@ -2,7 +2,7 @@ nslcd.c - ldap local connection daemon Copyright (C) 2006 West Consulting - Copyright (C) 2006-2015 Arthur de Jong + Copyright (C) 2006-2016 Arthur de Jong This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -121,7 +121,7 @@ static void display_version(FILE *fp) { fprintf(fp, "%s\n", PACKAGE_STRING); fprintf(fp, "Written by Luke Howard and Arthur de Jong.\n\n"); - fprintf(fp, "Copyright (C) 1997-2015 Luke Howard, Arthur de Jong and West Consulting\n" + fprintf(fp, "Copyright (C) 1997-2016 Luke Howard, Arthur de Jong and West Consulting\n" "This is free software; see the source for copying conditions. There is NO\n" "warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n"); } diff --git a/pynslcd/pynslcd.py b/pynslcd/pynslcd.py index 2e0995b..565b0aa 100755 --- a/pynslcd/pynslcd.py +++ b/pynslcd/pynslcd.py @@ -2,7 +2,7 @@ # pynslcd.py - main daemon module # -# Copyright (C) 2010-2015 Arthur de Jong +# Copyright (C) 2010-2016 Arthur de Jong # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public @@ -91,7 +91,7 @@ def display_version(fp): fp.write('%(PACKAGE_STRING)s\n' 'Written by Arthur de Jong.\n' '\n' - 'Copyright (C) 2010-2015 Arthur de Jong\n' + 'Copyright (C) 2010-2016 Arthur de Jong\n' 'This is free software; see the source for copying conditions. There is NO\n' 'warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n' % {'PACKAGE_STRING': constants.PACKAGE_STRING, }) diff --git a/utils/cmdline.py b/utils/cmdline.py index 3d7d58f..2fd428f 100644 --- a/utils/cmdline.py +++ b/utils/cmdline.py @@ -2,7 +2,7 @@ # cmdline.py - functions for handling command-line options # -# Copyright (C) 2013 Arthur de Jong +# Copyright (C) 2013-2016 Arthur de Jong # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public @@ -28,7 +28,7 @@ version_string = ''' %s Written by Arthur de Jong. -Copyright (C) 2013 Arthur de Jong +Copyright (C) 2013-2016 Arthur de Jong This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. '''.strip() % constants.PACKAGE_STRING |