1 2013-10-08 Sam Varshavchik <mrsam@courier-mta.com>
3 * Makefile.am: run sysconftool on authsqliterc, in install-configure.
4 Remove .la files for authentication modules, keep then for actual
5 API libraries. Install them in the -devel RPM package.
7 * userdb/Makefile.am: Stub for the pw2userdb(8) man page.
9 * courier-authlib.service.in: Added Install target.
13 2013-03-02 Eray Aslan <eray.aslan@caf.com.tr>
17 2013-02-24 Lutz Behnke <cypherfox@users.sourceforge.net>
19 * authldaplib.c (ldapopen): Added LDAP_INITBIND option.
21 2013-01-06 Sam Varshavchik <mrsam@courier-mta.com>
23 * Makefile.am: chmod $(pkglibexecdir) explicitly to 755
25 2012-10-25 Sam Varshavchik <mrsam@courier-mta.com>
27 * courier-authlib.spec.in: Typo.
31 2012-10-06 Sam Varshavchik <mrsam@courier-mta.com>
33 * New authsqlite authentication module.
35 * Fixed: when using authpgsql, if the Postgres server goes down
36 authpgsql will then start leaking memory.
38 * Fixed error codes returned by several authentication modules that
39 prevent certain combinations of authentication modules from being
44 2012-04-23 Sam Varshavchik <mrsam@courier-mta.com>
46 * authpam.c (callback_pam): Call pam_end() after an authentication
49 2011-08-02 Sam Varshavchik <mrsam@courier-mta.com>
51 * Makefile.am: Renamed authstaticlist.h to courierauthstaticlist.h, and
52 added it to the list of header files that 'make install' puts into
55 2011-06-19 Sam Varshavchik <mrsam@courier-mta.com>
57 * Fix gcc 4.6 warnings
59 * courier.spec.in: switch to systemd.
61 2011-05-25 Sam Varshavchik <mrsam@courier-mta.com>
63 * Fix autoconf warnings.
65 2010-03-08 Sam Varshavchik <mrsam@courier-mta.com>
67 * courier-authlib.spec: Make rmplint happy.
71 2010-03-06 Sam Varshavchik <mrsam@courier-mta.com>
73 * Remove the bundled libtdl library. Require the system-installed
76 2010-01-31 Brian Costello <dolemite@gmail.com>
78 * authmysqllib.c (auth_mysql_setpass): Fix crash if DEFAULT_DOMAIN
79 is not set in the config file.
83 2009-12-17 Sam Varshavchik <mrsam@courier-mta.com>
85 * authldapescape.c: Factor out LDAP string escape function.
87 * authldap.schema: Various fixes
89 * authldap.ldif (olcObjectClasses): Create LDIF format schema from
92 2009-11-21 Sam Varshavchik <mrsam@courier-mta.com>
94 * authoption.c (auth_getoptionenvint): For account options that
95 are parsed to an int, an option value that begins with t, T, y, or Y
96 is evaluated as 1, other alphabetic values as 0; so that 'true'
97 or 'yes' get evaluated as 1.
101 2009-06-13 Sam Varshavchik <mrsam@courier-mta.com>
103 * Various compilation fixes for gcc 4.4 and libtool 2.2
107 2009-04-26 Sam Varshavchik <mrsam@courier-mta.com>
109 * courier-authlib.spec.in (MAKEFLAGS): Explicit path to ./configtmp
111 2009-03-15 Sam Varshavchik <mrsam@courier-mta.com>
113 * README_authlib.sgml: Fixed documentation of authpipe AUTH command.
115 2009-02-22 Sam Varshavchik <mrsam@courier-mta.com>
117 * authmigrate.in (rc): Add /etc/courier-imap
121 2009-02-03 Sam Varshavchik <mrsam@courier-mta.com>
123 * Makefile.am: Compatibility fix for bash 4
127 2008-12-25 Mr. Sam <mrsam@courier-mta.com>
129 * cryptpassword.c: Fix compiler warnings
131 * checkpasswordsha1.c: Fix compiler warnings.
133 * authldaplib.c (auth_ldap_enumerate): Fix typo.
137 2008-12-17 Sam Varshavchik <mrsam@courier-mta.com>
139 * authpgsqllib.c: Use PQescapeStringConn() instead of removing all
140 apostrophes from query parameters. This fixes a potential SQL injection
141 vulnerability if the Postgres database uses a non-Latin locale.
143 2008-12-06 Sam Varshavchik <mrsam@courier-mta.com>
145 * Added support for {SSHA}-encrypted passwords. Based on a patch
146 by Zou bin <zb@bisp.com>.
148 * Added support for {SHA512} hash function.
152 2008-11-30 Sam Varshavchik <mrsam@courier-mta.com>
154 * authsasllogin.c (authsasl_login): Fix memory leak.
156 * authldaplib.c (read_env): Fix resource leak. authldap did not close
157 the authldaprc configuration file after reading it on startup.
159 * authldaplib.c (auth_ldap_do2): Fix used ptr after free(). When an
160 email map feature is enabled, and the map failed, the resulting
161 error message was formed from a buffer that was recently free()ed.
163 * authpipe.c (auth_pipe): Fix memory leak. If the fork() system call
164 failed (unlikely), a buffer wasn't getting released.
166 2008-11-30 Sam Varshavchik <mrsam@courier-mta.com>
168 * Fix spec file to invoke authmksock with a short pathname.
170 2008-08-07 Mr. Sam <mrsam@courier-mta.com>
172 * courier-authlib.spec.in: Add -C option to configure invocation.
173 Remove the authmigrate script, only needed when upgrading from
174 pre-2004 Courier, and the current packaging causes an error.
176 2008-07-20 "Hanno Böck" <hanno@hboeck.de>
178 * authmigrate.in (rc): Use ${DESTDIR}, if set.
182 2008-07-13 Mr. Sam <mrsam@courier-mta.com>
184 * courier-authlib.spec: Dummy provides: for symlinks, to allow upgrade
185 with older packages that require <libname>.so.0.
187 2008-07-09 Mr. Sam <mrsam@courier-mta.com>
189 * Makefile.am: Switch to versionless shared libraries.
190 Install all shared libraries just as <libname>.so. make install manually
191 removes *.so.0.0 files that were left over from previous versions,
192 and installs a temporary *.so.0 symlink to *.so, for temporary
193 binary ABI compatibility with 0.60. The symlinks will be removed in
196 2008-07-08 Mr. Sam <mrsam@courier-mta.com>
198 * Cleanup: always compile md5, sha* and hmac stuff, and remove all
199 conditionally-compiled cruft. Move SASL list to an internal header.
200 Add client-side support for AUTH EXTERNAL.
202 2008-06-29 Mr. Sam <mrsam@courier-mta.com>
204 * authsasl.c (auth_sasl_ex): auth_sasl_ex() supercedes auth_sasl(),
205 invokes auth_sasl() for non-EXTERNAL SASL methods, implements EXTERNAL
206 by going through the motions, then setting up a dummy authentication
209 * authdaemon.c (auth_generic): Check for the dummy EXTERNAL
210 authentication request, and handle it by invoking auth_getuserinfo(),
211 rather than sending it down the pipe. This avoid having to implement
212 a stub in every authentication module.
216 2008-06-08 Alessandro Vesely <vesely@tana.it>
218 * authmysqllib.c: Use mysql_set_character_set() instead of SET NAMES
222 2008-05-16 Mr. Sam <mrsam@courier-mta.com>
224 * authmysqllib.c: Fix domain-less queries.
228 2008-05-08 Mr. Sam <sam@email-scan.com>
230 * Makefile: Drop the unmaintained authvchkpw module.
232 2008-05-04 Mr. Sam <mrsam@courier-mta.com>
234 * authmysqllib.c: Cleanup. Use mysql_real_escape_string instead of
239 2007-11-11 Mr. Sam <sam@email-scan.com>
241 * Makefile.am: Use _LIBADD properly.
243 2007-10-15 "Johnny C. Lam" <jlam-courier@buildlink.org>
245 * configure.in: More portability fixes.
249 2007-10-10 "Johnny C. Lam" <jlam-courier@buildlink.org>
251 * liblock/lockdaemon.c: Portability fix for checking the highest
252 available file descriptor.
256 2007-10-06 Anton Dobkin <adobkin@viansib.ru>
258 * MYSQL_CHARACTER_SET option.
260 2007-10-06 Oliver Lehmann <lehmann@ans-netz.de>
262 * authvchkpw.c: Fix typo.
264 2007-10-06 Wayne Pascoe <courier@penguinpowered.org>
266 * courier-authlib.spec.in (BuildRequires): on redhat-rpm-config.
268 2007-10-06 Mr. Sam <mrsam@courier-mta.com>
270 * userdb/userdb.pl.in (usage): Allow colons and pluses, in account
273 2007-10-06 Martin <psiplus@gmail.com>
275 * checkpasswordmd5.c (authcheckpasswordmd5): Add {MD5RAW} hash method.
279 2007-09-25 "Johnny C. Lam" <jlam-courier@buildlink.org>
281 * liblock/lockdaemon.c (OPEN_MAX): Use OPEN_MAX, instead of hardcoded
284 2007-09-25 Mr. Sam <mrsam@courier-mta.com>
286 * liblock/lockdaemon.c (OPEN_MAX): Even better, use
287 sysconf(_SC_OPEN_MAX), where available.
289 2007-09-20 Mr. Sam <sam@email-scan.com>
291 * userdb/userdb.pl.in: Allow underscores in account names.
293 2007-08-29 "Noel (Sourceforge)" <noelb@users.sourceforge.net>
295 * authvchkpw.c: Compilation error.
297 2007-07-26 Mr. Sam <sam@email-scan.com>
301 2007-04-25 Mr. Sam <mrsam@courier-mta.com>
303 * authvchkpw.c: Quell a compiler warning about a fwd declaration.
307 2007-04-22 Bill Shupp <hostmaster@shupp.org>
309 * Implement CRAM authentication in the vchpw module.
311 2007-04-22 Mr. Sam <mrsam@courier-mta.com>
313 * courier-authlib.spec.in: spec files requires redhat-rpm-config
315 2007-04-15 Mr. Sam <mrsam@courier-mta.com>
317 * man pages: work around for some bugs in Docbook XML stylesheets.
319 2007-04-13 Mr. Sam <mrsam@courier-mta.com>
321 * authpipe.c (auth_pipe_pre): Fix leak when authpipe module is
322 enabled, but the actual authpipe script/external prog is not
325 * authpipe.c (auth_pipe_chgpwd): Pedantic resource cleanup,
328 * userdb/userdb.c (userdb): Pedantic resource cleanup, after
331 * userdb/userdb2.c (userdbshadow): Ditto.
335 2007-04-05 Mr. Sam <mrsam@courier-mta.com>
337 * Update man pages and documentation to Docbook XML V4.4
339 2007-02-25 Mr. Sam <mrsam@courier-mta.com>
341 * More configure script cleanup
343 2007-02-25 Kurt Roeckx <kurt@roeckx.be>
345 * Clean up configure scripts
347 2007-02-09 Juraj Lutter <otis@wilbury.sk>
349 * authmysqlrc: Implement SSL-encrypted MySQL connections
351 2007-01-20 Mr. Sam <mrsam@courier-mta.com>
353 * authldaplib.c: Fix pedantic C code.
357 2007-01-16 Mr. Sam <mrsam@courier-mta.com>
359 * authldaplib.c (l_simple_bind_s): Fix anon binds.
363 2006-12-30 Lars Timmann <Lars.Timmann@mcs.de>
365 * Makefile.am: Fixes for Solaris's linker.
367 2006-10-28 Mr. Sam <mrsam@courier-mta.com>
369 * Ported code to gcc 4.1.1
371 * Ported authldap to openldap 2.3.27
373 2006-09-17 Chris Petersen <rpm@forevermore.net>
375 - Make the spec a little prettier
376 - Replace BuildPreReq with BuildRequires
377 - Remove period from summaries (rpmlint)
378 - Fix release tag to use %{?dist} macro if it's present
379 - Change distro-detection to use "rh" and "fc" for version detection, and add support for mandriva
381 2006-06-01 kabe@sra-tohoku.co.jp
383 * authldaplib.c (auth_ldap_enumerate): Fix LDAP account enumeration
385 2006-05-28 Mr. Sam <mrsam@courier-mta.com>
387 * all: Fix many compiler warnings.
389 2006-03-25 Rui Lopes <rui@ruilopes.com>
391 * userdb/makeuserdb.in: Added the -f option to makeuserdb
393 2006-02-23 Mr. Sam <mrsam@courier-mta.com>
395 * authldaplib.c (authldap_read_config): Fix up an error message.
397 2006-01-30 Mr. Sam <mrsam@courier-mta.com>
399 * authldaplib.c: Try to recover when the LDAP server closes the
400 persistent socket, for inactivity.
402 2006-01-21 Mr. Sam <mrsam@courier-mta.com>
404 * configure.in: Fix libtool 1.9 breakage.
408 * courier-authlib spec file (BuildRequires): Demand /usr/include/ltdl.h
410 * authdaemonlib.c (s_connect): Fix compiler warning.
412 * authdaemond.c (start): Ditto.
414 * authsaslclientcram.c (authsaslclient_cram): Ditto.
416 * libhmac/hmac.c (dohashkey): Ditto.
420 2005-12-08 Mr. Sam <mrsam@courier-mta.com>
422 * authpam.c (dopam): Re-enable pam_acct_mgmt hook.
424 2005-11-16 Mr. Sam <mrsam@courier-mta.com>
426 * preauthshadow.c: Add support for shadow password expiration --
427 based on Krzysztof Oledzki <ole@ans.pl>'s patch.
429 2005-10-04 Brian Candler <B.Candler@pobox.com>
431 * authdaemonrc.in (LOGGEROPTS): Add a section for LDAP environment
434 2005-09-30 Mr. Sam <mrsam@courier-mta.com>
436 * authdaemonlib.c (opensock): Configurable daemon socket timeout,
437 based on a patch by Rodrigo Salinas <rodrigo@facea.uchile.cl>.
439 2005-09-30: Michael Richard <michael.richard@cesart.com>
441 * authldaplib: Replace LDAP_SERVER and LDAP_PORT settings with
442 LDAP_URI, which obsoletes LDAP_TLS.
444 2005-09-18 Mr. Sam <mrsam@courier-mta.com>
446 * authldaplib.c (auth_ldap_do2): Fix LDAP error checking.
448 2005-09-03 Mr. Sam <mrsam@courier-mta.com>
450 * authinfo.c (getmgid): Fix misleading error message.
452 2005-08-10 "Johnny C. Lam" <jlam@NetBSD.org>
454 * authpipelib.c: Include sys/time.h
458 2005-07-16 Mr. Sam <mrsam@courier-mta.com>
460 * configure.in: Update to automake 1.9, autoconf 2.59, libtool 1.5.6.
462 2005-07-12 Mr. Sam <mrsam@courier-mta.com>
464 * authlib: create the authtest and authpasswd manual pages.
466 2005-07-09 Mr. Sam <mrsam@courier-mta.com>
468 * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd().
470 * authpgsqllib.c (auth_pgsql_setpass): Ditto.
472 * authmysqllib.c (auth_mysql_setpass): Ditto.
474 * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints.
476 * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on
479 * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords.
481 * authmysqllib.c (auth_mysql_setpass): Fix a memory leak.
483 2005-07-06 Willi Mann <willi@wm1.at>
485 * authdaemond.c: Strip full name/gecos field after the first comma.
487 2005-07-04 Brian Candler <B.Candler@pobox.com>
489 * liblog/logger.c: Fix wrong args to setuidgid().
491 * README_authlib.sgml: Document updated authpipe protocol.
493 * authdaemond: Pass LOGGEROPTS option to authdaemond.
495 2005-07-02 Mr. Sam <mrsam@courier-mta.com>
497 * liblog/logger.c: Added -droproot option to courierlogger.
499 * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs
500 under a different uid.
502 2005-07-01 Brian Candler <B.Candler@pobox.com>
504 * Changed -uid and -gid options to -user and -group for consistency
505 with couriertcpd. Change them to affect courierlogger itself,
506 after it has spawned any child.
508 * Optional default domain for authentication requests.
510 2005-07-02 Mr. Sam <mrsam@courier-mta.com>
512 * Makefile.am: Refactor the linking process to make it more portable.
514 2005-06-30 Brian Candler <B.Candler@pobox.com>
516 * authdaemon.c (auth_generic): Silly bug in auth_generic().
518 * authpipe: more fixes to the authpipe module.
520 2005-05-14 Christian Loitsch <christian@fgecko.com>
522 * authpipe: various fixes to the authpipe module.
526 2005-05-08 Mr. Sam <mrsam@courier-mta.com>
528 * courier-authlib.sysvinit: Remove lockfile after stop.
530 2005-04-07 Mr. Sam <mrsam@courier-mta.com>
532 * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe
535 2005-03-20 Christian Loitsch <courier-imap@abc.fgecko.com>
537 * New authpipe authentication module.
539 2005-03-20 Brian Candler <B.Candler@pobox.com>
541 * Fix the error code when an empty password is provided.
543 * authldap.schema: Add mailhost to the recommended LDAP schema.
547 2005-03-02 Mr. Sam <mrsam@courier-mta.com>
549 * authsystem.passwd.in: Explicitly set LC_ALL to en_US
551 2005-02-20 Mr. Sam <mrsam@courier-mta.com>
553 * SASL: Added CRAM-SHA256 authentication method (experimental).
555 2005-02-19 Mr. Sam <mrsam@courier-mta.com>
557 * courierauthdebug.h: Macro dprintf conflicts with new glibc.
561 2005-01-31 Mr. Sam <mrsam@courier-mta.com>
563 * authmigrate.in (rc): Fix - userdb file does not have to have a
566 2005-01-19 Brian Candler <B.Candler@pobox.com>
568 * userdb/makeuserdb.in: Report dangling symlinks.
572 2005-01-11 Mr. Sam <mrsam@courier-mta.com>
574 * configure.in: Typo fix.
576 2005-01-05 Mr. Sam <mrsam@courier-mta.com>
578 * Makefile.am (uninstall-hook): pw2userdb was not being installed.
582 2005-01-01 Mr. Sam <mrsam@courier-mta.com>
584 * configure.in: Fix gdbm/bdb check. Try to autoprobe for Solaris
587 2004-12-05 Mr. Sam <mrsam@courier-mta.com>
589 * configure.in: Fix courierauthconfig --cppflags, new option to the
590 configure script: --without-stdheaderdir
592 2004-12-03 Mr. Sam <mrsam@courier-mta.com>
594 * courierauthconfig: --version prints package version.
595 --version=V print "yes" if package version is at least V.
597 2004-12-01 Mr. Sam <mrsam@courier-mta.com>
599 * liblog/logger.c: Added -uid and -gid options to courierlogger.
601 2004-11-29 Brian Candler <B.Candler@pobox.com>
603 * authldaplib.c: Use persistent connections for authenticated binds
604 when using LDAPv3. Use the LDAP_OPT_NETWORK_TIMEOUT setting,
605 initialized from the configuration file, if provided (OpenLDAP).
606 If using authenticated binds, a password change is done under the
607 user's credentials, instead of the admin's.
609 2004-11-24 Brian Candler <B.Candler@pobox.com>
611 * README.authdebug.html: document temporary failure messages.
613 2004-11-24 Mr. Sam <mrsam@courier-mta.com>
615 * courier-authlib.spec.in: Move the userdb scripts in sbindir from
616 main package to the userdb subpackage.
618 2004-11-24 Brian Candler <B.Candler@pobox.com>
620 * authuserdb.c: Fix error handling in userdb CRAM.
622 * userdb-test-cram-md5: Helper script for verifying C/R authentication.
624 2004-11-20 Brian Candler <B.Candler@pobox.com>
626 * Additional debug messages.
628 2004-11-13 Brian Candler <B.Candler@pobox.com>
630 * mysql/pgsql fixes; other misc fixes
632 2004-11-16 Mr. Sam <mrsam@courier-mta.com>
634 * configure.in: Fix mysql/pgslq autodetection
636 2004-11-13 Brian Candler <B.Candler@pobox.com>
638 * authdaemond: Fix bug in account enumeration function.
640 * authdaemond: Return individual account options when enumerating
641 accounts. Affects mysql, ldap, pgsql modules. mysql and pgsql
642 enumeration filter must now return one more column. Added an ldap
643 enumeration filter. New option to authenumerate, -o, includes
644 account options in the output. New option, -s, suppressed accounts
645 that have the disableshared option set.
647 * authmysql, authpgsql: Additional debugging.
649 * authmysql, authpgsql, authldap: Replaced enumeration function,
650 more efficient memory usage with large accounts.
652 * authldap: Suggested account schema has uid and gid optional, because
653 global uid and gids may be set in authldaprc instead.
655 * authvchkpw: Fix vpopmail compilation.
657 2004-11-10 Mr. Sam <mrsam@courier-mta.com>
659 * configure.in: Do not disable mysql + pgsql if vchkpw lib was found.
661 2004-11-09 Brian Candler <B.Candler@pobox.com>
663 * authdaemond.c: New DEFAULTOPTIONS setting.
665 2004-11-04 Mr. Sam <mrsam@courier-mta.com>
667 * authdaemonlib.c (s_connect): Wait for connection to authdaemond
668 only if async connect() failed with EINPROGRESS.
670 2004-11-03 Mr. Sam <mrsam@courier-mta.com>
672 * Makefile.am (SUBDIRS): Ok, only build in bdbobj/gdbmobj according
673 to what autoconf finds.
675 * authldaplib.c (auth_ldap_do3): Fix LDAP driver.
677 2004-11-03 Brian Candler <B.Candler@pobox.com>
679 * Makefile.am: Fixes.
681 2004-10-30 Mr. Sam <mrsam@courier-mta.com>
683 * authinfo.c: Added mailuid= and mailgid=
685 2004-10-21 Mr. Sam <mrsam@courier-mta.com>
687 * Makefile.am (libcourierauthsaslclient_la_SOURCES): Factored out
688 SASL client support into libcourierauthsaslclient.la
690 2004-10-21 Brian Candler <B.Candler@pobox.com>
692 * Makefile.am: Fixes.
694 2004-10-16 Mr. Sam <mrsam@courier-mta.com>
696 * authldap.schema: Added disableimap, disablepop3, disablewebmail,
699 2004-10-07 Mr. Sam <mrsam@courier-mta.com>
701 * authsyschangepwd.c (dochangepwd): Do not reset the environment
702 before exec-ing expect.
704 2004-10-04 Mr. Sam <mrsam@courier-mta.com>
706 * Merged authuserdb with authcram. Fixed CRAM password changes.
707 Do not reset the environment before exec-ing userdb and makeuserdb.