9
by Arthur de Jong
* minor portability improvements and clean-ups (thanks Alexander V. |
1 |
2008-12-15 arthur |
2 |
||
3 |
* [r806] man/nss-ldapd.conf.5.xml: add a note about permissions of |
|
4 |
configfile when bindpw is used |
|
5 |
||
6 |
2008-12-06 arthur |
|
7 |
||
8 |
* [r805] man/nss-ldapd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, |
|
9 |
nslcd/myldap.c, nss-ldapd.conf: rename the tls_checkpeer option |
|
10 |
to tls_reqcert, deprecating the old name and supporting all |
|
11 |
options that OpenLDAP supports for that value |
|
12 |
||
13 |
2008-12-03 arthur |
|
14 |
||
15 |
* [r804] nslcd/common.c, tests/test_common.c: allow backslashes in |
|
16 |
names execpt as first or last character |
|
17 |
* [r803] configure.ac, nslcd/nslcd.c: clean the environment and set |
|
18 |
LDAPNOINIT to disable parsing of LDAP configfiles (.ldaprc, |
|
19 |
/etc/ldap/ldap.conf, etc) |
|
20 |
||
21 |
2008-11-29 arthur |
|
22 |
||
23 |
* [r802] nslcd/myldap.c: use tls_* options also for StartTLS |
|
24 |
connections |
|
25 |
* [r801] man/nss-ldapd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h: remove |
|
26 |
sslpath option because it wasn't used for anything |
|
27 |
* [r800] debian/changelog: add missing pound sign
|
|
28 |
||
29 |
2008-11-14 arthur
|
|
30 |
||
31 |
* [r798] ChangeLog, NEWS, configure.ac, debian/changelog,
|
|
32 |
man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for
|
|
33 |
0.6.7 release
|
|
34 |
||
35 |
2008-11-13 arthur
|
|
36 |
||
37 |
* [r797] debian/libnss-ldapd.templates: also leave out empty
|
|
38 |
Default line for libnss-ldapd/ldap-binddn
|
|
39 |
* [r796] debian/libnss-ldapd.config, debian/libnss-ldapd.templates:
|
|
40 |
set debconf values from the environment only when they are empty
|
|
41 |
or if configfile is present to fix installation problem
|
|
42 |
||
43 |
2008-11-11 arthur
|
|
44 |
||
45 |
* [r795] debian/libnss-ldapd.postinst: any output should go to
|
|
46 |
stderr to not confuse debconf
|
|
47 |
||
48 |
2008-11-04 arthur
|
|
49 |
||
50 |
* [r793] ChangeLog, NEWS, TODO, configure.ac, debian/changelog,
|
|
51 |
man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for
|
|
52 |
0.6.6 release
|
|
53 |
* [r792] NEWS: some spelling fixes
|
|
54 |
* [r791] man/nss-ldapd.conf.5.xml: update manual page with current
|
|
55 |
timeout numbers
|
|
56 |
||
57 |
2008-11-01 arthur
|
|
58 |
||
59 |
* [r790] debian/libnss-ldapd.postrm: fail on errors
|
|
60 |
||
61 |
2008-10-31 arthur
|
|
62 |
||
63 |
* [r789] debian/libnss-ldapd.postinst: check for existance of init
|
|
64 |
script instead of daemon
|
|
65 |
||
66 |
2008-10-01 arthur
|
|
67 |
||
68 |
* [r788] nslcd/common.c: also allow spaces in user and group names
|
|
69 |
because it was causing problems in some environments
|
|
70 |
||
71 |
2008-09-24 arthur
|
|
72 |
||
73 |
* [r787] nslcd/myldap.c: also retry if ldap_result() failed and
|
|
74 |
getting error number returned LDAP_SUCCESS
|
|
75 |
* [r786] nslcd/myldap.c: log option name instead of option value
|
|
76 |
for ldap_set_option() value
|
|
77 |
* [r785] debian/control: clarify relationship to nss_ldap in
|
|
78 |
package description
|
|
79 |
||
80 |
2008-08-22 arthur
|
|
81 |
||
82 |
* [r783] ChangeLog, NEWS, configure.ac, debian/changelog,
|
|
83 |
man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for
|
|
84 |
0.6.5 release
|
|
85 |
||
86 |
2008-08-07 arthur
|
|
87 |
||
88 |
* [r782] debian/copyright, debian/po/da.po: updated Danish (da)
|
|
89 |
translation of debconf templates by Jonas Smedegaard
|
|
90 |
<dr@jones.dk>
|
|
91 |
* [r781] debian/po/sv.po: updated Swedish (sv) translation of
|
|
92 |
debconf templates by Martin Ă…gren <martin.agren@gmail.com>
|
|
93 |
||
94 |
2008-07-20 arthur
|
|
95 |
||
96 |
* [r778] ChangeLog, NEWS, TODO, configure.ac, debian/changelog,
|
|
97 |
man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for
|
|
98 |
0.6.4 release
|
|
99 |
* [r777] nslcd/cfg.c: rename get_base_from_dse() to
|
|
100 |
get_base_from_rootdse()
|
|
101 |
* [r776] nslcd/cfg.c: make the get_base_from_dse() function cleaner
|
|
102 |
and add a comment describing the function
|
|
103 |
* [r775] man/nss-ldapd.conf.5.xml, nslcd/cfg.c: implement looking
|
|
104 |
up search base in DSE of LDAP server
|
|
105 |
* [r774] tests/test_nsscmds.sh: reflect change in test LDAP setup
|
|
106 |
||
107 |
2008-07-10 arthur
|
|
108 |
||
109 |
* [r773] nslcd/myldap.c: LDAP_OPT_X_TLS_REQUIRE_CERT is not a
|
|
110 |
boolean
|
|
111 |
||
112 |
2008-06-21 arthur
|
|
113 |
||
114 |
* [r772] README: small change to documentation
|
|
115 |
* [r771] nss-ldapd.conf: further improvements to Active Directory
|
|
116 |
filters and attribute mappings by Petter Reinholdtsen
|
|
117 |
<pere@hungry.com>
|
|
118 |
||
119 |
2008-06-17 arthur
|
|
120 |
||
121 |
* [r770] nslcd/cfg.c, nslcd/myldap.c: replace https:// by ldaps://
|
|
122 |
(stupid typo)
|
|
123 |
* [r769] nss-ldapd.conf: Active Directory sample configuration
|
|
124 |
improvement by Jelmer Jaarsma <jelmer.jaarsma@sara.nl>
|
|
125 |
||
126 |
2008-06-15 arthur
|
|
127 |
||
128 |
* [r767] ChangeLog, NEWS, TODO, configure.ac, debian/changelog,
|
|
129 |
man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for
|
|
130 |
0.6.3 release
|
|
131 |
* [r766] Makefile.am, debian/libnss-ldapd.lintian-overrides,
|
|
132 |
debian/rules: lintian override seems to be no longer necessary
|
|
133 |
* [r765] debian/control: upgrade to standards-version 3.8.0 (no
|
|
134 |
changes needed)
|
|
135 |
* [r764] debian/libnss-ldapd.nslcd.init: create /var/run/nslcd
|
|
136 |
directory with owner nslcd:nslcd by default so nslcd can remove
|
|
137 |
socket and pidfile at exit
|
|
138 |
* [r763] nslcd/nslcd.c: give pidfile and socket creation functions
|
|
139 |
more logical names
|
|
140 |
||
141 |
2008-06-14 arthur
|
|
142 |
||
143 |
* [r762] AUTHORS, configure.ac, man/nss-ldapd.conf.5.xml,
|
|
144 |
nslcd/cfg.c, nslcd/cfg.h, nslcd/myldap.c: implement SASL
|
|
145 |
authentication based on a patch by Dan White <dwhite@olp.net>
|
|
146 |
* [r761] man/nss-ldapd.conf.5.xml: make formatting of manual page
|
|
147 |
options consistent
|
|
148 |
||
149 |
2008-06-13 arthur
|
|
150 |
||
151 |
* [r760] tests, tests/Makefile.am, tests/test_common.c: add some
|
|
152 |
very basic tests for the isvalidname() function
|
|
153 |
* [r759] nslcd/common.c, nslcd/common.h, nslcd/group.c,
|
|
154 |
nslcd/passwd.c: combine isvalidusername() and isvalidgroupname()
|
|
155 |
into isvalidname() because they are similar enough and we just
|
|
156 |
want to check to see if it is a reasonable name (e.g. not a DN)
|
|
157 |
||
158 |
2008-06-12 arthur
|
|
159 |
||
160 |
* [r758] common/tio.c: restore the old writing code which masks
|
|
161 |
SIGPIPE on platforms that can't use send() |
|
162 |
* [r757] nslcd/cfg.c: don't perform SSL/TLS sanity checks if it |
|
163 |
isn't available on the platform |
|
164 |
* [r756] tests: ignore test_getpeercred |
|
165 |
||
166 |
2008-06-11 arthur |
|
167 |
||
168 |
* [r755] tests: ignore core files |
|
169 |
* [r754] tests/test_getpeercred.c: remove test socket at end of |
|
170 |
test |
|
171 |
||
172 |
2008-06-06 arthur |
|
173 |
||
174 |
* [r753] compat/getpeercred.c: use the cr_ prefix when getting a |
|
175 |
xucred struct (needed for kfreebsd) |
|
176 |
* [r752] tests/Makefile.am, tests/test_getpeercred.c: implement a |
|
177 |
very basic test for getpeercred() |
|
178 |
* [r751] nslcd/cfg.c: remove warning on using ssl option |
|
179 |
* [r750] nslcd/cfg.c: check that all URLs start with https:// if |
|
180 |
"ssl on" is specified |
|
181 |
* [r749] nslcd/myldap.c: also set TLS options if an ldaps:// URL is |
|
182 |
specified |
|
183 |
* [r748] debian/control: add dependency on adduser as required by |
|
184 |
the previous commit |
|
185 |
* [r747] debian/libnss-ldapd.postinst: create a nslcd user in |
|
186 |
postinst and ensure that it is used by default |
|
187 |
* [r746] man/nss-ldapd.conf.5.xml: add uid and gid options to |
|
188 |
manual page |
|
189 |
* [r745] nslcd/cfg.c, nslcd/cfg.h, nslcd/nslcd.c: add uid and gid |
|
190 |
configuration keywords that set the user id and group id of the |
|
191 |
running nslcd process |
|
192 |
* [r744] nslcd/nslcd.c: environ is defined in unistd.h |
|
193 |
* [r743] nslcd/nslcd.c, nss/common.c: increase write buffer size in |
|
194 |
nslcd to free up threads earlier and increase timeout for nslcd |
|
195 |
to nss communication to one minute (at both places) |
|
196 |
* [r742] common/dict.c, compat/ether.c, nslcd/group.c, |
|
197 |
nslcd/myldap.c, nslcd/passwd.c, tests/test_tio.c: miscellaneous |
|
198 |
portability improvements |
|
199 |
||
200 |
2008-05-18 arthur |
|
201 |
||
202 |
* [r741] TODO: from a review of glibc 2.3.6 code it shows that |
|
203 |
strerror() is only non-threadsafe in some very unlikely |
|
204 |
circumstances |
|
205 |
||
206 |
2008-05-17 arthur |
|
207 |
||
208 |
* [r740] common/tio.c: use send() with a flag to ignore SIGPIPE |
|
209 |
instead of write() so we don't have to muck with signal handlers |
|
210 |
||
211 |
2008-05-16 arthur
|
|
212 |
||
213 |
* [r739] nslcd/log.c, nslcd/log.h, nslcd/nslcd.c: include a random
|
|
214 |
string in every log message to be able to group log messages for
|
|
215 |
a single request
|
|
216 |
* [r738] common/tio.c, nslcd/myldap.c: add sanity checks to sleep
|
|
217 |
calls to never sleep too long (problems could occur when the
|
|
218 |
clock moves backwards)
|
|
219 |
* [r737] nss/group.c: remove comment about limitation that has now
|
|
220 |
been removed
|
|
221 |
* [r736] nss/common.c: grow the read buffer maximum size to 2Mbyte
|
|
222 |
to allow for groups with about 150000 members maximum
|
|
223 |
||
224 |
2008-05-15 arthur
|
|
225 |
||
226 |
* [r735] README: add some documentation on supported group to
|
|
227 |
member mappings
|
|
228 |
* [r734] nslcd/myldap.h: improve documentation for
|
|
229 |
myldap_get_rdn_value() function
|
|
230 |
||
231 |
2008-05-11 arthur
|
|
232 |
||
233 |
* [r733] nslcd/myldap.c: close the connection and retry the search
|
|
234 |
(once) if the search fails with the first call to
|
|
235 |
myldap_get_entry() (starting a search doesn't always give an |
|
236 |
error when the connection has been broken) |
|
237 |
* [r732] nslcd/myldap.c: split retry mechanism of myldap_search() |
|
238 |
into a new do_retry_search() function |
|
239 |
* [r731] nslcd/myldap.c: allocate the search memory region in |
|
240 |
myldap_search() instead of in do_try_search() and have the latter |
|
241 |
return an LDAP status code |
|
242 |
* [r730] nslcd/myldap.c: also allow closing of searches that no |
|
243 |
longer have a valid connection and integrate myldap_search_free() |
|
244 |
into myldap_search_close() |
|
245 |
||
246 |
2008-05-04 arthur |
|
247 |
||
248 |
* [r728] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, |
|
249 |
man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for |
|
250 |
0.6.2 release |
|
251 |
* [r727] HACKING, README: some documentation cleanups and updates |
|
252 |
* [r726] tests/test_nslcd_group.c: add some tests for |
|
253 |
isvalidgroupname() |
|
254 |
* [r725] man/nss-ldapd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, |
|
255 |
nslcd/nslcd.c: make number of threads configurable with the |
|
256 |
threads keyword |
|
257 |
* [r724] nslcd/myldap.h: add reference to note about |
|
258 |
thread-safeness of OpenLDAP |
|
259 |
* [r723] nslcd/nslcd.c: fix copyright year |
|
260 |
||
261 |
2008-05-03 arthur |
|
262 |
||
263 |
* [r722] nslcd/passwd.c: implement a cache for dn2uid() lookups |
|
264 |
that saves some time doing LDAP searches for groups with a lot of |
|
265 |
members, based on a patch by Petter Reinholdtsen |
|
266 |
<pere@hungry.com> |
|
267 |
* [r721] debian/libnss-ldapd.nslcd.init: add soft dependency on |
|
268 |
slapd, simplify network and file system dependencies and add |
|
269 |
reverse dependencies on some common daemons that may want to do |
|
270 |
NSS lookups |
|
271 |
||
272 |
2008-05-02 arthur |
|
273 |
||
274 |
* [r720] nss/netgroup.c, nss/prototypes.h: remove checking for |
|
275 |
first entry and always return NSS_STATUS_RETURN when no more data |
|
276 |
is available in the netgroup (this has the side effect of not |
|
277 |
returning NSS_STATUS_NOTFOUND for non-existing netgroups but |
|
278 |
seems to be what other NSS modules do) to properly handle empty |
|
279 |
netgroups |
|
280 |
* [r719] tests, tests/Makefile.am, tests/test_nslcd_group.c: add |
|
281 |
file for testing nslcd/group.c |
|
282 |
* [r718] tests/Makefile.am: don't even compile the test programs on |
|
283 |
make check
|
|
284 |
* [r717] tests/Makefile.am: don't compile test code on every build |
|
285 |
and fix LDADD lists to include correct objects |
|
286 |
* [r716] nslcd/cfg.c, nslcd/cfg.h, nslcd/myldap.c: only support |
|
287 |
tls-related options if LDAP library supports TLS, only add rebind |
|
288 |
code if ldap_set_rebind_proc() is found and only set |
|
289 |
LDAP_X_OPT_CONNECT_TIMEOUT if that option is supported |
|
290 |
||
291 |
2008-05-01 arthur |
|
292 |
||
293 |
* [r715] nslcd/myldap.c: support ranged attribute values |
|
294 |
* [r714] nss/common.h: fix comment of return value of |
|
295 |
NSS_STATUS_TRYAGAIN |
|
296 |
* [r713] tests/test_myldap.c: fix a warning |
|
297 |
* [r712] tests/test_myldap.c: ensure that filter_get_var() and |
|
298 |
filter_get_var() return non-NULL to enable parsing of config file |
|
299 |
with attribute mapping and filter settings and use base from |
|
300 |
config file |
|
301 |
||
302 |
2008-04-29 arthur |
|
303 |
||
304 |
* [r711] man/nss-ldapd.conf.5.xml: make language about pagesize |
|
305 |
option a little clearer |
|
306 |
||
307 |
2008-04-27 arthur |
|
308 |
||
309 |
* [r710] nslcd/cfg.c: support the case where an attribute mapping |
|
310 |
variable is NULL |
|
311 |
||
312 |
2008-04-26 arthur |
|
313 |
||
314 |
* [r709] nslcd/myldap.c: also close the LDAP connection on |
|
315 |
LDAP_SERVER_DOWN (besides LDAP_UNAVAILABLE) |
|
316 |
* [r708] man/nss-ldapd.conf.5.xml, nss/common.c: increase time out |
|
317 |
values because now nslcd will error out more quickly if the LDAP |
|
318 |
server is known to be unavailable |
|
319 |
* [r707] nslcd/nslcd.c: spelling fix in comment |
|
320 |
* [r706] man/nss-ldapd.conf.5.xml: some spelling fixes and a |
|
321 |
clarification of the retry mechanism |
|
322 |
* [r705] nslcd/cfg.c: fix log message of incorrect map statement |
|
323 |
* [r704] nslcd/passwd.c: make log message a little more descriptive |
|
324 |
* [r703] configure.ac: fix quote in comment |
|
325 |
* [r702] nslcd/myldap.c: ensure that the connection to the LDAP |
|
326 |
server is closed whenever any of the ldap_*() functions return |
|
327 |
LDAP_UNAVAILABLE |
|
328 |
||
329 |
2008-04-25 arthur |
|
330 |
||
331 |
* [r701] man/nss-ldapd.conf.5.xml, nslcd/cfg.c, nslcd/cfg.h, |
|
332 |
nslcd/myldap.c, tests/nss-ldapd-test.conf, tests/test_cfg.c, |
|
333 |
tests/test_myldap.c: implement new timing mechanism for retries |
|
334 |
to quickly fail lookups to LDAP server that have been failing for |
|
335 |
some time, removing the reconnect_tries option and giving |
|
336 |
reconnect_sleeptime and reconnect_maxsleeptime options a new |
|
337 |
meaning |
|
338 |
* [r700] tests/test_myldap.c: include missing include |
|
339 |
* [r699] tests/test_myldap.c: ignore SIGPIPE in myldap tests |
|
340 |
* [r698] tests/test_myldap.c: fix assert to be test instead of |
|
341 |
assignment |
|
342 |
* [r697] tests/test_myldap.c, tests/test_myldap.sh: have the binary |
|
343 |
look up the file name and only use the shell script wrapper to |
|
344 |
determine if LDAP server is available |
|
345 |
* [r696] compat/ether.h: fix typos in references to |
|
346 |
HAVE_ETHER_NTOA_R and HAVE_ETHER_ATON_R macros |
|
347 |
||
348 |
2008-04-23 arthur |
|
349 |
||
350 |
* [r695] tests/test_nsscmds.sh: fix order of members in group in |
|
351 |
tests because of new hashing dict (maybe we should fix the script |
|
352 |
instead to always sort members properly) |
|
353 |
* [r694] common/dict.c: fix problem where first item in the |
|
354 |
hashtable could be returned twice while looping |
|
355 |
* [r693] tests/test_dict.c: add test for problem with duplicate |
|
356 |
entries being returned while looping over results |
|
357 |
* [r692] nslcd/passwd.c: don't issue warning when |
|
358 |
myldap_get_entry() returns NULL and LDAP_SUCCESS
|
|
359 |
||
360 |
2008-04-21 arthur
|
|
361 |
||
362 |
* [r691] common/dict.c: allocate room for key string just after
|
|
363 |
entry to save on calls to malloc() and make it simpler
|
|
364 |
||
365 |
2008-04-20 arthur
|
|
366 |
||
367 |
* [r690] nslcd/group.c, nslcd/passwd.c: fix tests for valid user
|
|
368 |
and group names
|
|
369 |
* [r689] nslcd/common.h, nslcd/group.c, nslcd/passwd.c: add checks
|
|
370 |
for valid user and group names in incoming requests and for data
|
|
371 |
returned from LDAP
|
|
372 |
* [r688] nslcd/group.c: only support uniqueMember containing DN
|
|
373 |
values
|
|
374 |
* [r687] nslcd/group.c: fix warning message to not refer to alias
|
|
375 |
* [r686] nslcd/myldap.c: make warning message more verbose, fix
|
|
376 |
comment and don't try to store empty results |
|
377 |
||
378 |
2008-04-19 arthur |
|
379 |
||
380 |
* [r685] debian/libnss-ldapd.config: only guess the searchbase if |
|
381 |
the value doesn't seem to be preseeded (based on a patch by |
|
382 |
Petter Reinholdtsen <pere@hungry.com>)
|
|
383 |
* [r684] common/dict.c: fix wrapping and indenting of comments
|
|
384 |
* [r683] nslcd/group.c: correctly call set_free() instead of free()
|
|
385 |
* [r682] nslcd/group.c: use the new set data structure to gather
|
|
386 |
the group members
|
|
387 |
* [r681] common/Makefile.am, common/set.c, common/set.h, tests,
|
|
388 |
tests/Makefile.am, tests/test_set.c: implement a set that uses
|
|
389 |
the dict module as back-end
|
|
390 |
* [r680] common/dict.c: implement new dict module that uses a
|
|
391 |
hashtable which is around 40 times faster for large (around 2000)
|
|
392 |
entries but with around 40% more memory used
|
|
393 |
* [r679] tests/Makefile.am, tests/test_dict.c, tests/usernames.txt:
|
|
394 |
some new tests for the dictionary module
|
|
395 |
* [r678] nslcd/passwd.c: add test for emtpy DN
|
|
396 |
||
397 |
2008-04-18 arthur
|
|
398 |
||
399 |
* [r677] nslcd/myldap.c: instead of using the dict module to build
|
|
400 |
a cache just store the values in an fixed-sized array because no
|
|
401 |
more than 9 attributes are currently retrieved from an entry and
|
|
402 |
we never retrieve the same value more than once (so the cache is
|
|
403 |
useless)
|
|
404 |
||
405 |
2008-04-17 arthur
|
|
406 |
||
407 |
* [r676] common/dict.h: add note about freed values
|
|
408 |
* [r675] common/dict.c, common/dict.h, nslcd/myldap.c,
|
|
409 |
tests/test_dict.c: change dict_values_first() and
|
|
410 |
dict_values_next() into dict_loop_first() and dict_loop_next() to
|
|
411 |
have a looping mechanism over keys and values
|
|
412 |
||
413 |
2008-04-13 arthur
|
|
414 |
||
415 |
* [r674] tests/nss-ldapd-test.conf: remote hopefully last reference
|
|
416 |
to rootbind{dn,pw}
|
|
417 |
||
418 |
2008-04-06 arthur
|
|
419 |
||
420 |
* [r673] nslcd/common.h: return values of dn2uid() and uid2dn()
|
|
421 |
should always be used
|
|
422 |
* [r672] nslcd/group.c: properly handle the case where dn2uid()
|
|
423 |
couldn't do a DN->uid lookup |
|
424 |
* [r670] ChangeLog, NEWS, TODO, configure.ac, debian/changelog, |
|
425 |
man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for |
|
426 |
0.6.1 release |
|
427 |
* [r669] config.guess, config.sub: include updated files |
|
428 |
||
429 |
2008-04-05 arthur |
|
430 |
||
431 |
* [r668] AUTHORS: include Petter Reinholdtsen for reporting many |
|
432 |
bugs and even some fixes |
|
433 |
* [r667] debian/libnss-ldapd.postinst: handle case where value |
|
434 |
contains spaces properly |
|
435 |
* [r666] debian/libnss-ldapd.postinst: support having a binddn set |
|
436 |
without a bindpw |
|
437 |
* [r665] debian/libnss-ldapd.config: fix typo in comment |
|
438 |
* [r664] debian/libnss-ldapd.config, debian/libnss-ldapd.postinst, |
|
439 |
debian/libnss-ldapd.templates, debian/po/ca.po, debian/po/cs.po, |
|
440 |
debian/po/da.po, debian/po/de.po, debian/po/es.po, |
|
441 |
debian/po/fr.po, debian/po/ja.po, debian/po/nl.po, |
|
442 |
debian/po/pt.po, debian/po/pt_BR.po, debian/po/ru.po, |
|
443 |
debian/po/sv.po, debian/po/templates.pot, debian/po/vi.po: remove |
|
444 |
rootbind{dn,pw} options from packaging because the options are |
|
445 |
not likely to be implemented in the future |
|
446 |
* [r663] nslcd/common.h, nslcd/group.c, nslcd/passwd.c: fix |
|
447 |
member->group searches by also searching for DN in uniqueMember |
|
448 |
attribute |
|
449 |
* [r662] nslcd/log.c: make log line a little bigger to properly log |
|
450 |
more search filters |
|
451 |
* [r661] nslcd/nslcd.c: only return shadow entries to root users |
|
452 |
* [r660] nss/group.c: correctly implement buffer handling in |
|
453 |
_nss_ldap_initgroups_dyn() to grow buffer when needed, check |
|
454 |
limits and handle extra group parameter (had a closer look at |
|
455 |
nis-initgroups.c) |
|
456 |
* [r659] tests/test_nsscmds.sh: no problem to shout a little with |
|
457 |
failed tests |
|
458 |
* [r658] nss/group.c: properly check the limit (as seen in |
|
459 |
nis-initgroups.c) |
|
460 |
* [r657] nslcd/shadow.c: partial support for reading AD date format |
|
461 |
for pwdLastSet attribute |
|
462 |
* [r656] nslcd/myldap.c: split closing of LDAP session to separate |
|
463 |
funtion to invalidate running searches always and closes |
|
464 |
connection if setting up search failed |
|
465 |
* [r655] tests/test_group.c: use a larger buffer for group |
|
466 |
membership results |
|
467 |
* [r654] tests/test_myldap.c: check that the last |
|
468 |
myldap_get_entry() returned success |
|
469 |
||
470 |
2008-04-04 arthur |
|
471 |
||
472 |
* [r653] README, man/nss-ldapd.conf.5.xml, nslcd/cfg.c, |
|
473 |
nslcd/cfg.h, nslcd/myldap.c, nss-ldapd.conf: remove code that |
|
474 |
handles special cases when calling as root (removing rootbinddn, |
|
475 |
rootbindpw, rootuse_sasl and rootsasl_authid options) |
|
476 |
* [r652] nslcd/myldap.c: revert r628 (using ldap_str2dn() instead |
|
477 |
of ldap_explode_r?dn()) for now to make this compile on older |
|
478 |
versions of OpenLDAP |
|
479 |
* [r651] man/nss-ldapd.conf.5.xml: add some more documentation to |
|
480 |
the pagesize option |
|
481 |
||
482 |
2008-04-02 arthur |
|
483 |
||
484 |
* [r650] debian/libnss-ldapd.nslcd.init: make start not fail if |
|
485 |
nslcd is already running and stop not fail if it wasn't running |
|
486 |
before
|
|
487 |
||
488 |
2008-03-30 arthur
|
|
489 |
||
490 |
* [r649] nss-ldapd.conf: some fixes to the configuration when using
|
|
491 |
Active Directory (provided by Petter Reinholdtsen
|
|
492 |
<pere@hungry.com>)
|
|
493 |
* [r648] configure.ac, nslcd/myldap.c: only define and use
|
|
494 |
do_sasl_interact() if we have a sasl library
|
|
495 |
* [r647] compat/attrs.h: make test for compiler versions simpler
|
|
496 |
and per used attribute
|
|
497 |
||
498 |
2008-03-29 arthur
|
|
499 |
||
500 |
* [r646] HACKING, README: add contact information on reporting bugs
|
|
501 |
and contributing patches
|
|
502 |
* [r645] HACKING: add some more notes about the design and
|
|
503 |
direction I want to go in
|
|
504 |
||
505 |
2008-03-28 arthur
|
|
506 |
||
507 |
* [r644] nslcd/myldap.c: don't warn about problems retreiving the |
|
508 |
objectClass from en entry |
|
509 |
||
510 |
2008-03-27 arthur |
|
511 |
||
512 |
* [r643] nslcd/group.c: fix a problem where the newly allocated |
|
513 |
storage by realloc() wasn't used (thanks to Petter Reinholdtsen |
|
514 |
<pere@hungry.com> for the patch)
|
|
515 |
||
516 |
2008-03-16 arthur
|
|
517 |
||
518 |
* [r642] debian/libnss-ldapd.config, debian/libnss-ldapd.postinst:
|
|
519 |
comment out all rootbind{dn,pw} code as to not copy those
|
|
520 |
directives because they are unsupported
|
|
521 |
* [r641] debian/libnss-ldapd.config: use tail instead of head to
|
|
522 |
avoid conflicts becase nss_ldap seems to pick up the last option
|
|
523 |
in the file
|
|
524 |
* [r640] debian/libnss-ldapd.config: handle the case where an
|
|
525 |
option is defined multiple times
|
|
526 |
||
527 |
2008-03-06 arthur
|
|
528 |
||
529 |
* [r639] AUTHORS, debian/copyright, debian/po/es.po: updated
|
|
530 |
Spanish (es) translation of debconf templates by Rudy Godoy
|
|
531 |
Guillén <rudy@debian.org>
|
|
532 |
||
533 |
2008-03-04 arthur
|
|
534 |
||
535 |
* [r638] AUTHORS, debian/po/nl.po: updated Dutch (nl) translation
|
|
536 |
of debconf templates by Bart Cornelis <cobaco@skolelinux.no>
|
|
537 |
||
538 |
2008-02-19 arthur
|
|
539 |
||
540 |
* [r637] README: some updates to reflect recent changes
|
|
541 |
* [r636] man/Makefile.am: have a better way to specify the manual
|
|
542 |
page rule
|
|
543 |
||
544 |
2008-02-15 arthur
|
|
545 |
||
546 |
* [r635] common/tio.c: split out the flushing of the buffers to
|
|
547 |
separate functions and see if we can flush some data from the
|
|
548 |
buffer if it is overflowing before growing the buffer
|
|
549 |
* [r634] nslcd/myldap.c: add StartTLS support by Ralf Haferkamp
|
|
550 |
<rhafer@suse.de>
|
|
551 |
* [r633] nslcd/myldap.c: pass URI to do_bind() to make it work with
|
|
552 |
do_rebind() and use that URI (thanks Ralf Haferkamp
|
|
553 |
<rhafer@suse.de>)
|
|
554 |
* [r632] tests/test_myldap.c: add tests for myldap_get_rdn_value()
|
|
555 |
and myldap_cpy_rdn_value()
|
|
556 |
||
557 |
2008-02-12 arthur
|
|
558 |
||
559 |
* [r631] configure.ac: make using implicit function definitions an
|
|
560 |
error
|
|
561 |
* [r630] common/tio.c, common/tio.h, nslcd/nslcd.c, nss/common.c,
|
|
562 |
tests/test_tio.c: implement resizable I/O buffers and tune buffer
|
|
563 |
sizes to normal requests
|
|
564 |
* [r629] common/tio.c: always allocate the read and write buffers
|
|
565 |
and make the struct tio_buffer inline in struct tio_fileinfo
|
|
566 |
||
567 |
2008-02-10 arthur
|
|
568 |
||
569 |
* [r628] nslcd/myldap.c: replace the calls to ldap_explode_dn() and
|
|
570 |
ldap_explode_rdn() with a call to ldap_str2dn() resulting in much
|
|
571 |
simpler code
|
|
572 |
||
573 |
2008-02-08 arthur
|
|
574 |
||
575 |
* [r627] nslcd/cfg.c: only support "dns" and "domain" values on
|
|
576 |
platforms with the necessary functions available
|
|
577 |
* [r626] nslcd/ether.c: don't define struct ether_addr here, it was |
|
578 |
moved to compat/ether.h |
|
579 |
||
580 |
2008-02-04 arthur |
|
581 |
||
582 |
* [r625] nslcd/myldap.c: make some changes to allow it to compile |
|
583 |
on more platforms |
|
584 |
* [r624] compat/Makefile.am, compat/ether.c, compat/ether.h, |
|
585 |
configure.ac, nslcd/ether.c: provide replacements for |
|
586 |
ether_aton_r() and ether_ntoa_r() for platforms that don't have |
|
587 |
them
|
|
588 |
* [r623] configure.ac, nslcd/nslcd.c: only call
|
|
589 |
__nss_configure_lookup() if it is available, if it isn't the |
|
590 |
platform is out of luck |
|
591 |
* [r622] nslcd/myldap.h: defined LDAP_SCOPE_DEFAULT it's not |
|
592 |
defined elsewhere
|
|
593 |
* [r621] nslcd/nslcd.c: fix missing casts
|
|
594 |
* [r620] nslcd/nslcd.c: actually include the compat header files
|
|
595 |
when needed
|
|
596 |
||
597 |
2008-02-03 arthur
|
|
598 |
||
599 |
* [r618] ChangeLog, NEWS, TODO, configure.ac, debian/changelog,
|
|
600 |
man/nslcd.8.xml, man/nss-ldapd.conf.5.xml: get files ready for
|
|
601 |
0.6 release
|
|
602 |
* [r617] configure.ac: also check for sasl2 library
|
|
603 |
* [r616] tests/test_myldap.c, tests/test_nsscmds.sh: add tests for
|
|
604 |
new LDAP lookups
|
|
605 |
* [r615] nslcd/attmap.c, nslcd/attmap.h, nslcd/group.c: support the
|
|
606 |
uniqueMember LDAP attribute that holds DN values (they are
|
|
607 |
translated with dn2uid() from passwd.c)
|
|
608 |
* [r614] debian/libnss-ldapd.postinst, debian/libnss-ldapd.postrm,
|
|
609 |
debian/rules: don't use dh_makeshlibs any more because we don't |
|
610 |
need the shlibs file; call ldconfig from maintainer scripts
|
|
611 |
ourselves
|
|
612 |
* [r613] debian/rules: install the NSS library under /lib instead
|
|
613 |
of /usr/lib to make it easyer to unmount /usr if it's on a |
|
614 |
separate filesystem |
|
615 |
||
616 |
2008-02-02 arthur |
|
617 |
||
618 |
* [r612] debian/rules: don't pass options to configure which are |
|
619 |
not used
|
|
620 |
* [r611] configure.ac: remove --with-ngroups option because it
|
|
621 |
isn't used |
|
622 |
* [r610] nslcd/common.h, nslcd/passwd.c: implement a dn2uid() |
|
623 |
function to transform a DN into a username (looking inside the DN |
|
624 |
or doing an LDAP lookup if neede) |
|
625 |
* [r609] nslcd/myldap.c, nslcd/myldap.h: implement |
|
626 |
myldap_cpy_rdn_value() function to copy rdn value into a buffer |
|
627 |
(functionality like myldap_get_rdn_value()) |
|
628 |
* [r608] nslcd/myldap.c: log and otherwise ignore errors in |
|
629 |
ldap_parse_page_control() |
|
630 |
* [r607] nslcd/myldap.c: fix copy-pasto |
|
631 |
* [r606] nslcd/myldap.c: don't request paging when doing a search |
|
632 |
with scope base and ignore errors of ldap_create_page_control()
|
|
633 |
* [r605] nslcd/myldap.c: reset LDAP error flag if ldap_get_values()
|
|
634 |
returned an error because some LDAP functions don't do this |
|
635 |
correctly |
|
636 |
||
637 |
2008-02-01 arthur |
|
638 |
||
639 |
* [r604] nslcd/myldap.c: have proper checks and logs of all ldap |
|
640 |
operations |
|
641 |
* [r603] tests/test_group.c: enable _nss_ldap_initgroups_dyn() test |
|
642 |
because it's working now |
|
643 |
* [r602] nslcd-common.h: fix buffer size debug message
|
|
644 |
* [r601] nss/common.h, nss/hosts.c, nss/netgroup.c, nss/networks.c:
|
|
645 |
do not set errno (and h_errno) if we got the last entry from
|
|
646 |
get*ent() (this apparently is needed by coreutils' id and groups |
|
647 |
commands) |
|
648 |
* [r600] tests/Makefile.am: pagectrl module has moved |
|
649 |
* [r599] tests/test_nsscmds.sh: test for hugegroup |
|
650 |
* [r598] tests/test_nsscmds.sh: the groups command no longer lists |
|
651 |
the username |
|
652 |
* [r597] nss/common.c, nss/common.h, nss/group.c, nss/hosts.c, |
|
653 |
nss/netgroup.c, nss/networks.c: remove the nslcd2nss() function |
|
654 |
because it's not needed with the current protocol |
|
655 |
* [r596] nss/common.h: fail with a permanent error if resetting the
|
|
656 |
stream failed to prevent indefinite retries
|
|
657 |
||
658 |
2008-01-31 arthur
|
|
659 |
||
660 |
* [r595] nslcd/myldap.c: defined LDAP_DEPRECATED to also have
|
|
661 |
definitions for deprecated functions
|
|
662 |
* [r594] compat/attrs.h: only define MUST_USE attribute if gcc
|
|
663 |
version is more recent than 3.4
|
|
664 |
* [r593] debian/copyright: update copyright information
|
|
665 |
* [r592] compat/Makefile.am, compat/pagectrl.c, compat/pagectrl.h,
|
|
666 |
configure.ac, debian/copyright, nslcd/Makefile.am,
|
|
667 |
nslcd/myldap.c, nslcd/pagectrl.c, nslcd/pagectrl.h: move pagectrl
|
|
668 |
code into compat directory
|
|
669 |
* [r591] configure.ac: make comments lowercase for consistency
|
|
670 |
* [r590] tests/test_myldap.c: re-add test URIs that accidentally
|
|
671 |
got commented out in the last commit
|
|
672 |
* [r589] tests/Makefile.am, tests/test_cfg.c, tests/test_myldap.c,
|
|
673 |
tests/test_nsscmds.sh: pass the correct pthread flags for all
|
|
674 |
calls to compiler and linker and link in compat code, handle
|
|
675 |
other assert.h setups and avoid some ! in if statements in shell
|
|
676 |
scripts
|
|
677 |
* [r588] configure.ac: improve LDAP library autodetection and make
|
|
678 |
if statements consistent
|
|
679 |
* [r587] configure.ac: move finding of replacement functions to a
|
|
680 |
more logical place
|
|
681 |
* [r586] configure.ac: define extra macros to import system
|
|
682 |
extensions from system header files and remove duplicate check
|
|
683 |
for ldap_set_rebind_proc()
|
|
684 |
* [r585] configure.ac: test to see if the compiler supports certain
|
|
685 |
-W flags before using them
|
|
686 |
||
687 |
2008-01-30 arthur
|
|
688 |
||
689 |
* [r584] nslcd/ether.c: include stdint.h
|
|
690 |
* [r583] nslcd.h, nslcd/ether.c, nss/ethers.c: use uint8_t instead
|
|
691 |
of u_int8_t because the former seems to be available on more
|
|
692 |
platforms
|
|
693 |
* [r582] INSTALL, depcomp, install-sh: update some files from
|
|
694 |
recent automake
|
|
695 |
* [r581] compat/Makefile.am, compat/daemon.c, compat/daemon.h,
|
|
696 |
compat/getopt_long.c, compat/getopt_long.h, configure.ac: provide
|
|
697 |
replacement functions for daemon() and getopt_long() when they
|
|
698 |
are not available on the system
|
|
699 |
* [r580] configure.ac: remove duplicate warning flags
|
|
700 |
* [r579] compat/attrs.h: define __STRING() if it's not defined by |
|
701 |
the system |
|
702 |
* [r578] tests/test_tio.c: include errno in assertion statement |
|
703 |
* [r577] compat/getpeercred.c: some fixes for LOCAL_PEERCRED (still |
|
704 |
untested) |
|
705 |
||
706 |
2008-01-27 arthur |
|
707 |
||
708 |
* [r576] AUTHORS, debian/po/de.po: updated German (de) translation |
|
709 |
of debconf templates by Erik Schanze <eriks@debian.org> |
|
710 |
* [r575] compat/ldap.h, nslcd/Makefile.am, nslcd/myldap.c: |
|
711 |
integrate some compatibility code into myldap.c, the only place |
|
712 |
it's used |
|
713 |
* [r573] nslcd/myldap.c: work around some LDAP libraries not having
|
|
714 |
all options
|
|
715 |
* [r572] configure.ac, nslcd/myldap.h: on some systems lber.h needs
|
|
716 |
to be included before ldap.h
|
|
717 |
* [r571] common/tio.c, nslcd-common.h, nslcd/nslcd.c, nss/common.c,
|
|
718 |
tests/test_tio.c: when including stdint.h check if we actually
|
|
719 |
have it
|
|
720 |
* [r570] nslcd/pagectrl.c, nslcd/pagectrl.h: correct #endif comment
|
|
721 |
||
722 |
2008-01-26 arthur
|
|
723 |
||
724 |
* [r569] nslcd/cfg.c: have a fallback value for HOST_NAME_MAX if it
|
|
725 |
is not defined
|
|
726 |
* [r568] tests/test_nsscmds.sh: handle the case where
|
|
727 |
/etc/nss-ldapd.conf does not exist a little more graceful
|
|
728 |
* [r567] nslcd/nslcd.c: log error when getpeercred() returned
|
|
729 |
nothing
|
|
730 |
* [r566] compat/getpeercred.c, compat/getpeercred.h, configure.ac:
|
|
731 |
add (untested) support for the Solaris getpeerucred() function
|
|
732 |
* [r565] Makefile.am, compat, compat/Makefile.am,
|
|
733 |
compat/getpeercred.c, compat/getpeercred.h, configure.ac,
|
|
734 |
nslcd/Makefile.am, nslcd/nslcd.c: move code to get information
|
|
735 |
from socket peer to the compat directory because it is very
|
|
736 |
platform specific
|
|
737 |
* [r564] tests/test_myldap.c, tests/test_nsscmds.sh,
|
|
738 |
tests/test_tio.c: somewhat improve the output from the tests
|
|
739 |
* [r563] nslcd/cfg.c: fix marsing of map statement
|
|
740 |
* [r562] tests/test_cfg.c: also test map filter and scope
|
|
741 |
configuration options
|
|
742 |
||
743 |
2008-01-16 arthur
|
|
744 |
||
745 |
* [r561] nslcd/cfg.c: fix problem in map statement end-of-line
|
|
746 |
handling
|
|
747 |
* [r560] tests/test_cfg.c: add a test for the map statement
|
|
748 |
||
749 |
2008-01-03 arthur
|
|
750 |
||
751 |
* [r559] nslcd/nslcd.c: close connections in worker threads at
|
|
752 |
program termination
|
|
753 |
* [r558] nslcd/nslcd.c: make code a little more compact, don't |
|
754 |
include debug twice in the log message and remove the |
|
755 |
capabilities code because it will probably never be used |
|
756 |
* [r557] tests/test_nsscmds.sh: support the case where + is in |
|
757 |
/etc/group |
|
758 |
* [r556] nss/aliases.c, nss/common.h, nss/ethers.c, nss/group.c, |
|
759 |
nss/hosts.c, nss/netgroup.c, nss/networks.c, nss/passwd.c, |
|
760 |
nss/protocols.c, nss/rpc.c, nss/services.c, nss/shadow.c: only |
|
761 |
start the NSLCD_ACTION_*_ALL requests with the first call to |
|
762 |
getent() instead of with setent() to avoid unneeded requests if |
|
763 |
compat is used (except with netgroups) |
|
764 |
* [r555] nslcd/passwd.c, nss/prototypes.h: update copyright year |
|
765 |
* [r554] tests/test_nsscmds.sh: get the number of groups and |
|
766 |
services from files in /etc for comparison |
|
767 |
* [r553] nslcd/passwd.c: do not warn about missing loginShell |
|
768 |
attribute because it is not mandatory |
|
769 |
* [r552] nss/group.c: increment value that is pointed to, not the |
|
770 |
pointer (fixes segfault) |
|
771 |
||
772 |
2008-01-02 arthur |
|
773 |
||
774 |
* [r551] nslcd/common.h: immediatly bail out if write entity |
|
775 |
function failed (prevents numerous "error writing to client" |
|
776 |
messages from filling up the logs) |
|
777 |
||
778 |
2008-01-01 arthur |
|
779 |
||
780 |
* [r550] tests/test_nsscmds.sh: check to see if nslcd is running |
|
781 |
and add test for a large group (100 members) |
|
782 |
* [r549] nss/exports.linux, nss/group.c, nss/prototypes.h: enable |
|
783 |
the _nss_ldap_initgroups_dyn() function that is now implemented |
|
784 |
in nslcd |
|
785 |
* [r548] nss/common.h: use the new tio_mark()/tio_reset() functions |
|
786 |
to support retries of the getent() functions when |
|
787 |
NSS_STATUS_TRYAGAIN would be returned |
|
788 |
* [r547] common/tio.c, common/tio.h, tests/test_tio.c: add limited |
|
789 |
implementation of tio_mark() and tio_reset() functions to do |
|
790 |
limited seeks in the read stream, clean up header file comments |
|
791 |
and write tests for new code |
|
792 |