[Freeipa-interest] Announcing SSSD 1.8.2

Stephen Gallagher sgallagh at redhat.com
Mon Apr 9 18:29:15 UTC 2012 

The SSSD team is proud to announce the bugfix release of the System
Security Services Daemon version 1.8.2.

As usual, the source can be downloaded at https://fedorahosted.org/sssd

== Highlights ==
      * Several fixes to case-insensitive domain functions
      * Fix for GSSAPI binds when the keytab contains unrelated
        principals
      * Fixed several segfaults
      * Workarounds added for LDAP servers with unreadable RootDSE
      * SSH knownhostproxy will no longer enter an infinite loop
        preventing login
      * The provided SYSV init script now starts SSSD earlier at startup
        and stops it later during shutdown
      * Assorted minor fixes for issues discovered by static analysis
        tools

== Tickets fixed ==
https://fedorahosted.org/sssd/ticket/1237
        only free if sure data has been allocated

https://fedorahosted.org/sssd/ticket/1245
        "Error looking up public keys" while ssh to replica using IP
        address.

https://fedorahosted.org/sssd/ticket/1251
        SSSD memory usage continuously growing

https://fedorahosted.org/sssd/ticket/1253
        Service lookup shows case sensitive names twice with
        case_sensitive=false

https://fedorahosted.org/sssd/ticket/1257
        Unable to bind to IPA server when minssf set

https://fedorahosted.org/sssd/ticket/1259
        Initial service lookups having name with uppercase alphabets
        doesn't work.

https://fedorahosted.org/sssd/ticket/1260
        RFE: support case-insensitive service lookups by port including
        protocols

https://fedorahosted.org/sssd/ticket/1268
        sss_ssh_knownhostproxy infinite loop hangs SSH login

https://fedorahosted.org/sssd/ticket/1269
        sssd: Uses the wrong key for GSSAPI when there a multiple realms
        in a single keytab.

https://fedorahosted.org/sssd/ticket/1270
        sssd_nss crashes on request when no back end is running

https://fedorahosted.org/sssd/ticket/1272
        Unable to lookup user, group, netgroup aliases with
        case_sensitive=false.

https://fedorahosted.org/sssd/ticket/1273
        SSSD should start before NFS processes

https://fedorahosted.org/sssd/ticket/1274
        Wrong resolv_status might cause crash when name resolution times
        out

https://fedorahosted.org/sssd/ticket/1282
        Wrong attribute counter causing crash during IPA service lookups

https://fedorahosted.org/sssd/ticket/1283
        accessing an undefined variable in list_missing_attrs might
        crash SSSD

https://fedorahosted.org/sssd/ticket/1288
        Invalid keytab path logged when using the default keytab

https://fedorahosted.org/sssd/ticket/1293
        Building manpages in a parallel build dir is broken

== Detailed Changelog ==

Jakub Hrozek (17):
      * Fix uninitialized variable
      * Free entry found in negative cache
      * Make the string_equal() function public
      * Save alias of the primary name, too
      * NSS: Look for services with correct case when cache is updated
      * AUTOFS: fix copy-and-paste bug in the autofs client
      * LDAP services: Keep the protocol around
      * Silence Coverity warning in the autofs test tool
      * Return correct resolv_status on resolver timeout
      * Add sss_get_cased_name_list utility function
      * LDAP services: Save lowercased protocol names in
        case-insensitive domains
      * Proxy services: Save lowercased protocol names and aliases in
        case-insensitive domains
      * Fix off-by-one error in principal selection
      * Catch cases where D-Bus connection is NULL
      * Fix regression in SSSDConfig.py
      * Use the correct options counter
      * netlink integration: ensure that interface name is
        NULL-terminated

Jan Cholasta (3):
      * SSH: Allow clients to explicitly specify host alias
      * SSH: Canonicalize host name and do reverse DNS lookup in
        sss_ssh_knownhostsproxy
      * SSH: Fix infinite loop in sss_ssh_knownhostsproxy

Stephen Gallagher (10):
      * Bumping version to 1.8.2
      * IPA: Allow service lookups
      * SYSDB: Save only lowercased aliases in case-insensitive domains
      * LDAP: Errors retrieving the RootDSE should not be fatal
      * Start SSSD earlier and stop it later
      * LDAP: Add better error logging when ldap_result() fails
      * LDAP: Fix memory leaks in synchronous_tls_setup
      * Fix building manpages in parallel build dirs
      * Clean up log messages about keytab_name
      * Updating translation files for 1.8.2 release

Sumit Bose (1):
      * Always initialize the returned data in sss_krb5_princ_realm()

	Valid signature (Stephen Gallagher <sgallagh at redhat.com>)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/freeipa-interest/attachments/20120409/d05ac086/attachment.sig>

More information about the Freeipa-interest mailing list