File: ChangeLog

package info (click to toggle)
courier-authlib 0.63.0-6
links: PTS
area: main
in suites: wheezy
size: 17,720 kB
sloc: ansic: 60,549; sh: 10,525; perl: 3,503; makefile: 1,042; cpp: 284
file content (629 lines) | stat: -rw-r--r-- 16,981 bytes
parent folder | download | duplicates (2)
0.63.0

2009-12-17  Sam Varshavchik  <mrsam@courier-mta.com>

	* authldapescape.c: Factor out LDAP string escape function.

	* authldap.schema: Various fixes

	* authldap.ldif (olcObjectClasses): Create LDIF format schema from
	authldap.schema

2009-11-21  Sam Varshavchik  <mrsam@courier-mta.com>

	* authoption.c (auth_getoptionenvint): For account options that
	are parsed to an int, an option value that begins with t, T, y, or Y
	is evaluated as 1, other alphabetic values as 0; so that 'true'
	or 'yes' get evaluated as 1.

0.62.4

2009-06-13  Sam Varshavchik  <mrsam@courier-mta.com>

	* Various compilation fixes for gcc 4.4 and libtool 2.2

0.62.3

2009-04-26  Sam Varshavchik  <mrsam@courier-mta.com>

	* courier-authlib.spec.in (MAKEFLAGS): Explicit path to ./configtmp

2009-03-15  Sam Varshavchik  <mrsam@courier-mta.com>

	* README_authlib.sgml: Fixed documentation of authpipe AUTH command.

2009-02-22  Sam Varshavchik  <mrsam@courier-mta.com>

	* authmigrate.in (rc): Add /etc/courier-imap

0.62.2

2009-02-03  Sam Varshavchik  <mrsam@courier-mta.com>

	* Makefile.am: Compatibility fix for bash 4

0.62.1

2008-12-25  Mr. Sam  <mrsam@courier-mta.com>

	* cryptpassword.c: Fix compiler warnings

	* checkpasswordsha1.c: Fix compiler warnings.

	* authldaplib.c (auth_ldap_enumerate): Fix typo.

0.62.0

2008-12-17  Sam Varshavchik  <mrsam@courier-mta.com>

	* authpgsqllib.c: Use PQescapeStringConn() instead of removing all
	apostrophes from query parameters. This fixes a potential SQL injection
	vulnerability if the Postgres database uses a non-Latin locale.

2008-12-06  Sam Varshavchik  <mrsam@courier-mta.com>

	* Added support for {SSHA}-encrypted passwords. Based on a patch
	by Zou bin <zb@bisp.com>.

	* Added support for {SHA512} hash function.

0.61.1

2008-11-30  Sam Varshavchik  <mrsam@courier-mta.com>

	* authsasllogin.c (authsasl_login): Fix memory leak.

	* authldaplib.c (read_env): Fix resource leak. authldap did not close
	the authldaprc configuration file after reading it on startup.

	* authldaplib.c (auth_ldap_do2): Fix used ptr after free(). When an
	email map feature is enabled, and the map failed, the resulting
	error message was formed from a buffer that was recently free()ed.

	* authpipe.c (auth_pipe): Fix memory leak. If the fork() system call
	failed (unlikely), a buffer wasn't getting released.

2008-11-30  Sam Varshavchik  <mrsam@courier-mta.com>

	* Fix spec file to invoke authmksock with a short pathname.

2008-08-07  Mr. Sam  <mrsam@courier-mta.com>

	* courier-authlib.spec.in: Add -C option to configure invocation.
	Remove the authmigrate script, only needed when upgrading from
	pre-2004 Courier, and the current packaging causes an error.

2008-07-20  "Hanno Böck" <hanno@hboeck.de>

	* authmigrate.in (rc): Use ${DESTDIR}, if set.

0.61.0

2008-07-13  Mr. Sam  <mrsam@courier-mta.com>

	* courier-authlib.spec: Dummy provides: for symlinks, to allow upgrade
	with older packages that require <libname>.so.0.

2008-07-09  Mr. Sam  <mrsam@courier-mta.com>

	* Makefile.am: Switch to versionless shared libraries.
	Install all shared libraries just as <libname>.so. make install manually
	removes *.so.0.0 files that were left over from previous versions,
	and installs a temporary *.so.0 symlink to *.so, for temporary
	binary ABI compatibility with 0.60. The symlinks will be removed in
	0.62.

2008-07-08  Mr. Sam  <mrsam@courier-mta.com>

	* Cleanup: always compile md5, sha* and hmac stuff, and remove all
	conditionally-compiled cruft. Move SASL list to an internal header.
	Add client-side support for AUTH EXTERNAL.

2008-06-29  Mr. Sam  <mrsam@courier-mta.com>

	* authsasl.c (auth_sasl_ex): auth_sasl_ex() supercedes auth_sasl(),
	invokes auth_sasl() for non-EXTERNAL SASL methods, implements EXTERNAL
	by going through the motions, then setting up a dummy authentication
	request.

	* authdaemon.c (auth_generic): Check for the dummy EXTERNAL
	authentication request, and handle it by invoking auth_getuserinfo(),
	rather than sending it down the pipe. This avoid having to implement
	a stub in every authentication module.

0.60.6

2008-06-08  Alessandro Vesely <vesely@tana.it>

	* authmysqllib.c: Use mysql_set_character_set() instead of SET NAMES

0.60.5

2008-05-16  Mr. Sam  <mrsam@courier-mta.com>

	* authmysqllib.c: Fix domain-less queries.

0.60.4

2008-05-08  Mr. Sam  <sam@email-scan.com>

	* Makefile: Drop the unmaintained authvchkpw module. 

2008-05-04  Mr. Sam  <mrsam@courier-mta.com>

	* authmysqllib.c: Cleanup. Use mysql_real_escape_string instead of
	crude filtering.

0.60.3

2007-11-11  Mr. Sam  <sam@email-scan.com>

	* Makefile.am: Use _LIBADD properly.

2007-10-15  "Johnny C. Lam" <jlam-courier@buildlink.org>

	* configure.in: More portability fixes.

0.60.2

2007-10-10  "Johnny C. Lam" <jlam-courier@buildlink.org>

	* liblock/lockdaemon.c: Portability fix for checking the highest
	available file descriptor.

0.60.1

2007-10-06  Anton Dobkin <adobkin@viansib.ru>

	* MYSQL_CHARACTER_SET option.

2007-10-06  Oliver Lehmann <lehmann@ans-netz.de>

	* authvchkpw.c: Fix typo.

2007-10-06  Wayne Pascoe <courier@penguinpowered.org>

	* courier-authlib.spec.in (BuildRequires): on redhat-rpm-config.

2007-10-06  Mr. Sam  <mrsam@courier-mta.com>

	* userdb/userdb.pl.in (usage): Allow colons and pluses, in account
	names.

2007-10-06  Martin <psiplus@gmail.com>

	* checkpasswordmd5.c (authcheckpasswordmd5): Add {MD5RAW} hash method.

0.60

2007-09-25  "Johnny C. Lam" <jlam-courier@buildlink.org>

	* liblock/lockdaemon.c (OPEN_MAX): Use OPEN_MAX, instead of hardcoded
	99

2007-09-25  Mr. Sam  <mrsam@courier-mta.com>

	* liblock/lockdaemon.c (OPEN_MAX): Even better, use
	sysconf(_SC_OPEN_MAX), where available.

2007-09-20  Mr. Sam  <sam@email-scan.com>

	* userdb/userdb.pl.in: Allow underscores in account names.

2007-08-29  "Noel (Sourceforge)" <noelb@users.sourceforge.net>

	* authvchkpw.c: Compilation error.

2007-07-26  Mr. Sam  <sam@email-scan.com>

	* COPYING: GPL 3

2007-04-25  Mr. Sam  <mrsam@courier-mta.com>

	* authvchkpw.c: Quell a compiler warning about a fwd declaration.

0.59.3

2007-04-22  Bill Shupp <hostmaster@shupp.org>
	
	* Implement CRAM authentication in the vchpw module.

2007-04-22  Mr. Sam  <mrsam@courier-mta.com>

	* courier-authlib.spec.in: spec files requires redhat-rpm-config 

2007-04-15  Mr. Sam  <mrsam@courier-mta.com>

	* man pages: work around for some bugs in Docbook XML stylesheets.

2007-04-13  Mr. Sam  <mrsam@courier-mta.com>

	* authpipe.c (auth_pipe_pre): Fix leak when authpipe module is
	enabled, but the actual authpipe script/external prog is not
	installed.
	
	* authpipe.c (auth_pipe_chgpwd): Pedantic resource cleanup,
	after fork() fails.

	* userdb/userdb.c (userdb): Pedantic resource cleanup, after
	a malloc failure.

	* userdb/userdb2.c (userdbshadow): Ditto.

0.59.2

2007-04-05  Mr. Sam  <mrsam@courier-mta.com>

	* Update man pages and documentation to Docbook XML V4.4

2007-02-25  Mr. Sam  <mrsam@courier-mta.com>

	* More configure script cleanup

2007-02-25  Kurt Roeckx <kurt@roeckx.be>

	* Clean up configure scripts

2007-02-09  Juraj Lutter <otis@wilbury.sk>

	* authmysqlrc: Implement SSL-encrypted MySQL connections

2007-01-20  Mr. Sam  <mrsam@courier-mta.com>

	* authldaplib.c: Fix pedantic C code.

0.59.1

2007-01-16  Mr. Sam  <mrsam@courier-mta.com>

	* authldaplib.c (l_simple_bind_s): Fix anon binds.

0.59

2006-12-30  Lars Timmann <Lars.Timmann@mcs.de>

	* Makefile.am: Fixes for Solaris's linker.

2006-10-28  Mr. Sam  <mrsam@courier-mta.com>

	* Ported code to gcc 4.1.1

	* Ported authldap to openldap 2.3.27

2006-09-17  Chris Petersen <rpm@forevermore.net>

	- Make the spec a little prettier
	- Replace BuildPreReq with BuildRequires
	- Remove period from summaries (rpmlint)
	- Fix release tag to use %{?dist} macro if it's present
	- Change distro-detection to use "rh" and "fc" for version detection, and add support for mandriva

2006-06-01  kabe@sra-tohoku.co.jp

	* authldaplib.c (auth_ldap_enumerate): Fix LDAP account enumeration

2006-05-28  Mr. Sam  <mrsam@courier-mta.com>

	* all: Fix many compiler warnings.

2006-03-25  Rui Lopes <rui@ruilopes.com>

	* userdb/makeuserdb.in: Added the -f option to makeuserdb

2006-02-23  Mr. Sam  <mrsam@courier-mta.com>

	* authldaplib.c (authldap_read_config): Fix up an error message.

2006-01-30  Mr. Sam  <mrsam@courier-mta.com>

	* authldaplib.c: Try to recover when the LDAP server closes the
	persistent socket, for inactivity.

2006-01-21  Mr. Sam  <mrsam@courier-mta.com>

	* configure.in: Fix libtool 1.9 breakage.

	* Makefile.am: Ditto

	* courier-authlib spec file (BuildRequires): Demand /usr/include/ltdl.h

	* authdaemonlib.c (s_connect): Fix compiler warning.

	* authdaemond.c (start): Ditto.

	* authsaslclientcram.c (authsaslclient_cram): Ditto.

	* libhmac/hmac.c (dohashkey): Ditto.

0.58

2005-12-08  Mr. Sam  <mrsam@courier-mta.com>

	* authpam.c (dopam): Re-enable pam_acct_mgmt hook.

2005-11-16  Mr. Sam  <mrsam@courier-mta.com>

	* preauthshadow.c: Add support for shadow password expiration --
	based on Krzysztof Oledzki <ole@ans.pl>'s patch.

2005-10-04 Brian Candler <B.Candler@pobox.com>

	* authdaemonrc.in (LOGGEROPTS): Add a section for LDAP environment
	variable options.

2005-09-30  Mr. Sam  <mrsam@courier-mta.com>

	* authdaemonlib.c (opensock): Configurable daemon socket timeout,
	based on a patch by Rodrigo Salinas <rodrigo@facea.uchile.cl>.

2005-09-30: Michael Richard <michael.richard@cesart.com>

	* authldaplib: Replace LDAP_SERVER and LDAP_PORT settings with
	LDAP_URI, which obsoletes LDAP_TLS.

2005-09-18  Mr. Sam  <mrsam@courier-mta.com>

	* authldaplib.c (auth_ldap_do2): Fix LDAP error checking.

2005-09-03  Mr. Sam  <mrsam@courier-mta.com>

	* authinfo.c (getmgid): Fix misleading error message.

2005-08-10  "Johnny C. Lam" <jlam@NetBSD.org>

	* authpipelib.c: Include sys/time.h

0.57

2005-07-16  Mr. Sam  <mrsam@courier-mta.com>

	* configure.in: Update to automake 1.9, autoconf 2.59, libtool 1.5.6.

2005-07-12  Mr. Sam  <mrsam@courier-mta.com>

	* authlib: create the authtest and authpasswd manual pages.

2005-07-09  Mr. Sam  <mrsam@courier-mta.com>

	* authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd().

	* authpgsqllib.c (auth_pgsql_setpass): Ditto.

	* authmysqllib.c (auth_mysql_setpass): Ditto.

	* cryptpassword.c (authcryptpasswd): Fix handling of encryption hints.

	* checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on
	crypted passwords.

	* checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords.

	* authmysqllib.c (auth_mysql_setpass): Fix a memory leak.

2005-07-06  Willi Mann <willi@wm1.at>

	* authdaemond.c: Strip full name/gecos field after the first comma.

2005-07-04  Brian Candler <B.Candler@pobox.com>

	* liblog/logger.c: Fix wrong args to setuidgid().

	* README_authlib.sgml: Document updated authpipe protocol.

	* authdaemond: Pass LOGGEROPTS option to authdaemond.

2005-07-02  Mr. Sam  <mrsam@courier-mta.com>

	* liblog/logger.c: Added -droproot option to courierlogger. 

	* liblock/lockdaemon.c: Try to recover if upgraded daemon process runs
	under a different uid.

2005-07-01  Brian Candler <B.Candler@pobox.com>
 
	* Changed -uid and -gid options to -user and -group for consistency
	  with couriertcpd. Change them to affect courierlogger itself,
	  after it has spawned any child.
 
	* Optional default domain for authentication requests.

2005-07-02  Mr. Sam  <mrsam@courier-mta.com>

	* Makefile.am: Refactor the linking process to make it more portable.

2005-06-30  Brian Candler <B.Candler@pobox.com>

	* authdaemon.c (auth_generic): Silly bug in auth_generic().

	* authpipe: more fixes to the authpipe module.

2005-05-14  Christian Loitsch <christian@fgecko.com>

	* authpipe: various fixes to the authpipe module.

0.56

2005-05-08  Mr. Sam  <mrsam@courier-mta.com>

	* courier-authlib.sysvinit: Remove lockfile after stop.

2005-04-07  Mr. Sam  <mrsam@courier-mta.com>

	* authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe
	module.

2005-03-20  Christian Loitsch <courier-imap@abc.fgecko.com>

	* New authpipe authentication module.

2005-03-20  Brian Candler <B.Candler@pobox.com>

	* Fix the error code when an empty password is provided.

	* authldap.schema: Add mailhost to the recommended LDAP schema.

0.55

2005-03-02  Mr. Sam  <mrsam@courier-mta.com>

	* authsystem.passwd.in: Explicitly set LC_ALL to en_US

2005-02-20  Mr. Sam  <mrsam@courier-mta.com>

	* SASL: Added CRAM-SHA256 authentication method (experimental).

2005-02-19  Mr. Sam  <mrsam@courier-mta.com>

	* courierauthdebug.h: Macro dprintf conflicts with new glibc.

0.54

2005-01-31  Mr. Sam  <mrsam@courier-mta.com>

	* authmigrate.in (rc): Fix - userdb file does not have to have a
	leading ##VERSION

2005-01-19  Brian Candler <B.Candler@pobox.com>

	* userdb/makeuserdb.in: Report dangling symlinks.

0.53

2005-01-11  Mr. Sam  <mrsam@courier-mta.com>

	* configure.in: Typo fix.

2005-01-05  Mr. Sam  <mrsam@courier-mta.com>

	* Makefile.am (uninstall-hook): pw2userdb was not being installed.

0.52

2005-01-01  Mr. Sam  <mrsam@courier-mta.com>

	* configure.in: Fix gdbm/bdb check.  Try to autoprobe for Solaris
	linker.

2004-12-05  Mr. Sam  <mrsam@courier-mta.com>

	* configure.in: Fix courierauthconfig --cppflags, new option to the
	configure script: --without-stdheaderdir

2004-12-03  Mr. Sam  <mrsam@courier-mta.com>

	* courierauthconfig: --version prints package version.
	--version=V print "yes" if package version is at least V.

2004-12-01  Mr. Sam  <mrsam@courier-mta.com>

	* liblog/logger.c: Added -uid and -gid options to courierlogger.

2004-11-29  Brian Candler <B.Candler@pobox.com>

	* authldaplib.c: Use persistent connections for authenticated binds
	when using LDAPv3.  Use the LDAP_OPT_NETWORK_TIMEOUT setting,
	initialized from the configuration file, if provided (OpenLDAP).
	If using authenticated binds, a password change is done under the
	user's credentials, instead of the admin's.

2004-11-24  Brian Candler <B.Candler@pobox.com>

	* README.authdebug.html: document temporary failure messages.

2004-11-24  Mr. Sam  <mrsam@courier-mta.com>

	* courier-authlib.spec.in: Move the userdb scripts in sbindir from
	main package to the userdb subpackage.

2004-11-24  Brian Candler <B.Candler@pobox.com>

	* authuserdb.c: Fix error handling in userdb CRAM.

	* userdb-test-cram-md5: Helper script for verifying C/R authentication.

2004-11-20  Brian Candler <B.Candler@pobox.com>

	* Additional debug messages.

2004-11-13  Brian Candler <B.Candler@pobox.com>

	* mysql/pgsql fixes; other misc fixes

2004-11-16  Mr. Sam  <mrsam@courier-mta.com>

	* configure.in: Fix mysql/pgslq autodetection

2004-11-13  Brian Candler <B.Candler@pobox.com>

	* authdaemond: Fix bug in account enumeration function.

	* authdaemond: Return individual account options when enumerating
	accounts.  Affects mysql, ldap, pgsql modules.  mysql and pgsql
	enumeration filter must now return one more column.  Added an ldap
	enumeration filter.  New option to authenumerate, -o, includes
	account options in the output.  New option, -s, suppressed accounts
	that have the disableshared option set.

	* authmysql, authpgsql: Additional debugging.

	* authmysql, authpgsql, authldap: Replaced enumeration function,
	more efficient memory usage with large accounts.

	* authldap: Suggested account schema has uid and gid optional, because
	global uid and gids may be set in authldaprc instead.

	* authvchkpw: Fix vpopmail compilation.

2004-11-10  Mr. Sam  <mrsam@courier-mta.com>

	* configure.in: Do not disable mysql + pgsql if vchkpw lib was found.

2004-11-09  Brian Candler <B.Candler@pobox.com>

	* authdaemond.c: New DEFAULTOPTIONS setting.

2004-11-04  Mr. Sam  <mrsam@courier-mta.com>

	* authdaemonlib.c (s_connect): Wait for connection to authdaemond
	only if async connect() failed with EINPROGRESS.

2004-11-03  Mr. Sam  <mrsam@courier-mta.com>

	* Makefile.am (SUBDIRS): Ok, only build in bdbobj/gdbmobj according 
	to what autoconf finds.

	* authldaplib.c (auth_ldap_do3): Fix LDAP driver.

2004-11-03  Brian Candler <B.Candler@pobox.com>

	* Makefile.am: Fixes.

2004-10-30  Mr. Sam  <mrsam@courier-mta.com>

	* authinfo.c: Added mailuid= and mailgid=

2004-10-21  Mr. Sam  <mrsam@courier-mta.com>

	* Makefile.am (libcourierauthsaslclient_la_SOURCES): Factored out
	SASL client support into libcourierauthsaslclient.la

2004-10-21  Brian Candler <B.Candler@pobox.com>

	* Makefile.am: Fixes.

2004-10-16  Mr. Sam  <mrsam@courier-mta.com>

	* authldap.schema: Added disableimap, disablepop3, disablewebmail,
	and sharedgroup.

2004-10-07  Mr. Sam  <mrsam@courier-mta.com>

	* authsyschangepwd.c (dochangepwd): Do not reset the environment
	before exec-ing expect.

2004-10-04  Mr. Sam  <mrsam@courier-mta.com>

	* Merged authuserdb with authcram.  Fixed CRAM password changes.
	Do not reset the environment before exec-ing userdb and makeuserdb.