[Freeipa-interest] Announcing SSSD 1.4.0
Stephen Gallagher
sgallagh at redhat.com
Mon Oct 18 18:53:07 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The SSSD team proudly announces the release of the System Security
Services Daemon version 1.4.0.
As always, SSSD 1.4.0 can be downloaded at https://fedorahosted.org/sssd
== Highlights ==
* Added support for netgroups to the LDAP provider
* Performance improvements made to group processing of RFC2307 LDAP servers
* Fixed nested group issues with RFC2307bis LDAP servers without a
memberOf plugin
* Build-system improvements to support Gentoo
* Split out several libraries into the ding-libs tarball
* Manpage reviewed and updated
== Detailed Changelog ==
Jakub Hrozek (30):
* Fix wrong return value in HBAC time rules evaluation
* Package systemd unit file
* Move crypto functions into its own subdir
* Add safe copy/move macros for uint16_t
* Password obfuscation utility functions
* Fix pysss linking
* Python bindings for obfuscation
* sss_obfuscate tool
* Deobfuscate password in back ends
* Fix assorted minor bugs in sss_ tools
* Fix parameter order when initializing decryption
* Revert "Make ldap bind asynchronous"
* Define objectclass with a constant
* Use a different min_id for local domain
* Add parameter to skip cleanup in sysdb test
* Fix sysdb_group_dn_name
* Fix sysdb_attrs_to_list
* Request the correct attribute name
* Add KDC to the list of LDAP options
* Report Kerberos error code from ldap_child_get_tgt_sync
* Make ldap_child report kerberos return code to parent
* Initialize kerberos service for GSSAPI
* Check for GSSAPI before attempting to kinit
* Add sysdb_attrs_get_ulong utility function
* sysdb interface for adding incomplete groups
* Save dummy groups to cache during initgroups
* sysdb interface for adding fake users
* Save dummy member users during RFC2307 getgr{nam,gid}
* Use unsigned long for conversion to id_t
* set in_transaction explicitly to false
Jan Zeleny (14):
* Initialized return value in dp_copy_options()
* Fixed potential comparison of undefined variable
* Fixed printing of undefined value in sdap_async_accounts.c
* Fixed uninialized value in proxy_id provider
* Cleaned some dead assignments
* Reviewed sssd-ldap man page
* Fixed small issue in memory context hierarchy
* Dead assignments cleanup in providers code
* Dead assignments cleanup in NSS responder
* Dead assignments cleanup in memberof module
* Dead assignments cleanup in various places in SSSD
* Disable events on ldap fd when offline.
* Man pages should mention supported providers
* Move all references to ldap_<entity>_search_base to "advanced" section
Martin Nagy (1):
* Make ldap bind asynchronous
Maxim (6):
* Fix building sssd
* Fix configure check for ldb
* Add gentoo distrubutions
* Add custom pam module dir
* Add gentoo-specific init dir
* Remove useless /etc/dbus-1/system.d directory from installation
Ralf Haferkamp (2):
* Shortcut for save_group() to accept sysdb DNs as member attributes
* Return all group members from getgr(nam|gid)
Simo Sorce (2):
* Check if control is supported before using it.
* Add option to limit nested groups
Stephen Gallagher (36):
* Fix chpass operations with LDAP provider
* Remove common directory
* Rewrite toplevel Makefile
* Build SSSD RPMs with external libraries
* Remove src/Makefile.am and src/configure.ac
* Don't build SSSDConfig API when configured with --without-python-bindings
* Treat a zero-length password as a failure
* Properly handle errors from a password change operation
* Handle multiple simultaneous enumeration requests
* Remove generated manpages when performing "make clean"
* Request all group attributes during initgroups processing
* Fix missing variable substitution in DEBUG message
* Initgroups on a non-cached user should go to the data provider
* Fix assorted specfile issues
* Initialize debug_level to zero in crypto tests
* Return offline instead of error
* Add common hash table setup
* Add utility function sss_strnlen()
* Store entry_cache_timeout in sss_domain_info object
* Require explicit setting of callback context for check_cache
* Netgroups sysdb API
* netgroup tests
* Rename group.c and passwd.c for clarity
* Add support for netgroups to NSS sss_client
* Add negative cache features for netgroups
* Split out some helper functions for the NSS responder
* Add netgroup support to the NSS responder
* Rename upgrade_config.py and build it properly
* Assorted specfile changes
* Make sdap_save_users_send handle zero users gracefully
* Handle nested groups in RFC2307bis
* Modify sysdb_[add|remove]_group_member to accept users and groups
* Add proper nested initgroup support for RFC2307bis servers
* Updating translation files for release
* Fix 'make distcheck' for XML documentation
* Updating version for SSSD 1.4.0 release
Sumit Bose (21):
* Store rootdse supported features in sdap_handler
* Handle host objects like other objects
* Save all data to sysdb in one transaction
* Use new MIT krb5 API for better password expiration warnings
* Suppress some 'may be used uninitialized' warnings
* Suppress some 'unchecked return value' warnings
* Use POPT_TABLEEND to close option table
* Add a missing include file
* Rename index to idx
* Distribute XML sources instead of man-pages
* Remove unused defines
* Raise the required version of libdhash
* Add missing tevent_req_done()
* Return NSS_STATUS_RETURN instead of NSS_STATUS_NOTFOUND
* Add handling of nested netgroups to nss client
* Do not fail if netgroup exists just update the attributes
* Add sysdb_netgroup_base_dn()
* Also return member groups to the client
* Add infrastructure to LDAP provider for netgroup support
* Implement netgroup support for LDAP provider
* Avoid a global variable in netgroup client.
- --
Stephen Gallagher
RHCE 804006346421761
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAky8l5MACgkQeiVVYja6o6OpJACcDhrk8Bm/+e+p4kayk6XDWBJP
ckwAnjCNzn/m97d4+foPDPi4j1H3X7pT
=LQ2X
-----END PGP SIGNATURE-----
More information about the Freeipa-interest
mailing list