Arthur de Jong

Open Source / Free Software developer

current | 2014 | 2013 | 2012 | 2011 | 2010 | 2009 | 2008 | 2007 | 2006

News in 2008

  • 2008-11-14 release 0.6.7 of nss-ldapd
    This release fixes one bugs in the 0.6.6 and earlier releases in the Debian package configuration.
    This should be a reasonably stable and well tested release.
    changes since 0.6.6:
    • a fix for a problem in the Debian packaging that would cause user-configured options be ignored
    Get this release from the downloads section.
  • 2008-11-04 release 0.6.6 of nss-ldapd
    This release just fixes a number of bugs in the 0.6.5 release.
    This should be a reasonably stable and well tested release.
    changes since 0.6.5:
    • Debian packaging improvements
    • allow spaces in user and group names because it was causing problems in some environments
    • if ldap_set_option() fails log the option name instead of number
    • retry connecting to LDAP server in more cases
    Get this release from the downloads section.
  • 2008-08-22 release 0.6.5 of nss-ldapd
    This release only updates some Debian configuration translations. Other than that there are no changes in this release. Get this release from the downloads section.
  • 2008-07-20 release 0.6.4 of nss-ldapd
    This release mainly fixes a number of bugs in the 0.6.3 release. Only one new feature has been added.
    This should be a reasonably stable and well tested release.
    changes since 0.6.3:
    • fix for the tls_checkpeer option
    • fix incorrect test for ssl option in combination with ldaps:// URIs
    • improvements to Active Directory sample configuration
    • implement looking up search base in rootDSE of LDAP server
    Get this release from the downloads section.
  • 2008-06-15 release 0.6.3 of nss-ldapd
    This release mainly fixes a number of bugs in the 0.6.2 release and adds some new functionality. Most effort is put into getting the code as stable as possible.
    Thanks everybody for the feedback provided and patches sent. All feedback is very much apreciated, even if a reply is not sent very quickly.
    changes since 0.6.2:
    • retry connection and search if getting results failed with connection problems (some errors only occur when getting the results, not when starting the search)
    • add support for groups with up to around 150000 members (assuming user names on average are a little under 10 characters)
    • problem with possible SIGPIPE race condition was fixed by using send() instead of write()
    • add uid and gid configuration keywords that set the user and group of the nslcd daemon
    • add some documentation on supported group to member mappings
    • add sanity checking to code for when clock moves backward
    • log messages now include a session id that makes it easier to track errors to requests (especially useful in debugging mode)
    • miscellaneous portability improvements
    • increase buffers and timeouts to handle large lookups more gracefully
    • implement SASL authentication based on a patch by Dan White
    • allow more characters in user and group names
    • Debian packaging improvements
    Get this release from the downloads section.
    Also, the people of OpenLDAP are working on a module in slapd to do the part that nslcd is doing now. See the openldap-devel mailing list and cvs tree for details.
  • 2008-05-04 release 0.6.2 of nss-ldapd
    This release mainly fixes a number of bugs in the 0.6.1 release and adds some new functionality, mainly to add support for Active Directory.
    Thanks everybody for the feedback provided and patches sent. All feedback is very much apreciated, even if a reply is not sent very quickly.
    changes since 0.6.1:
    • all user and group names are now checked for validity are specified in the POSIX Portable Filename Character Set
    • support retrieval of ranged attribute values as sometimes returned by Active Directory
    • added the threads keyword to configure the number of threads that should be started in nslcd
    • handle empty netgroups properly
    • change the time out and retry mechanism for connecting to the LDAP server to return an error quickly if the LDAP server is known to be unavailable for a long time (this removed the reconnect_tries option and changes the meaning of the reconnect_sleeptime and reconnect_maxsleeptime options)
    • increased the time out values between the NSS module and nslcd because of new retry mechanism
    • implement new dict and set modules that use a hashtable to map keys efficiently
    • use the new set to store group membership to simplify memory management and eliminate duplicate members
    • the uniqueMember attribute now only supports DN values
    • implement a cache for DN to user name lookups (15 minute timeout) used for the uniqueMember attribute to save on doing LDAP searches for groups with a lot of members, based on a patch by Petter Reinholdtsen
    • improvements to the tests
    • if any of the ldap calls return LDAP_UNAVAILABLE or LDAP_SERVER_DOWN the connection is closed
    • improve dependencies in LSB init script header to improve dependency based booting
    Get this release from the downloads section.
  • 2008-04-06 release 0.6.1 of nss-ldapd
    This release mainly fixes a number of bugs in the 0.6 release without big structural changes. There are a number of known problems in combination with Active Directory which require some more testing.
    Thanks everybody for the feedback provided and patches sent. All feedback is very much apreciated, even if a reply is not sent very quickly.
    changes since 0.6:
    • numerous small fixes and compatibility improvements
    • the I/O buffers between nslcd and NSS module are now dynamically sized and tuned for common requests
    • correctly follow referrals
    • add StartTLS support by Ralf Haferkamp of SuSE
    • miscellaneous documentation improvements
    • remove code for handling rootbinddn/pw because it is unlikely to be supported any time soon
    • fix a problem with realloc()ed memory that was not referenced
    • fix for a crash in group membership buffer growing code thanks to Petter Reinholdtsen
    • some improvements to the Active Directory sample configuration
    • fix init script exit code with stop while not running
    • fixes to the _nss_ldap_initgroups_dyn() function to properly handle the buffer and limits passed by Glibc
    • fixes to the member to groups search functions to correctly handle uniqueMember attributes
    • only return shadow entries to root users
    • miscellaneous Debian packaging improvements
    Get this release from the downloads section.
  • 2008-02-03 release 0.6 of nss-ldapd
    This release mainly focusses on (re-)adding support for certain features and improved portability. It also fixes a number of problems in the 0.5 release.
    nss-ldapd is now nearing stability and feature-completeness and the main focus is on portability and implementing the remaining features. Any patches and feedback is welcome and thanks for the feedback already provided.
    Note that improved portability does not (yet) mean that it will fully work on other platforms than Linux.
    changes since 0.5:
    • fix parsing of map option in nss-ldapd.conf
    • fix bug in handling of userPassword values
    • remove warning about missing loginShell attribute
    • support the uniqueMember LDAP attribute that holds DN values
    • support ldap as a compat service in /etc/nsswitch.conf
    • implement _nss_ldap_initgroups_dyn() to allow username->groups searches
    • fix retry mechanism with get*ent() functions where a too small buffer was passed by libc (to support groups with a lot of members)
    • fix a bug in reporting of communications problems between nslcd and the NSS library
    • test and log failures of all LDAP library calls
    • improved tests
    • miscellaneous compatibility improvements to try to support more LDAP libraries and platforms
    • support compilation with OpenLDAP 2.4 and newer
    • some configure script improvements
    • Debian packaging improvements
    Get this release from the downloads section.