3 2015-11-14 "Hanno Böck" <hanno@hboeck.de>
5 * authgetconfig.c (authgetconfig): avoid invalid memory read.
9 2015-06-09 Sam Varshavchik <mrsam@courier-mta.com>
11 * authdaemon.c: auth_callback_default_autocreate, default callback
12 used by clients that autocreates a home directory, if one does not
17 2015-02-28 Sam Varshavchik <mrsam@courier-mta.com>
19 * Update to courier-unicode 1.2.
21 2014-07-13 Sam Varshavchik <mrsam@courier-mta.com>
23 * liblock, couriertls: fix compilation for OpenBSD -- based on a
24 patch from Giovanni Bechis <giovanni@paclan.it>.
26 2014-07-04 Sam Varshavchik <mrsam@courier-mta.com>
28 * checkpassword.c (safe_strcmp): Fix bug introduced in 2014-04-27.
30 2014-04-27 Sam Varshavchik <mrsam@courier-mta.com>
32 * courier.spec.in: Update to use systemd macros.
34 * Check for NULL return value from crypt().
36 2014-01-12 Sam Varshavchik <mrsam@courier-mta.com>
38 * Factored out the unicode library into a separate package.
40 2013-10-08 Sam Varshavchik <mrsam@courier-mta.com>
42 * Makefile.am: run sysconftool on authsqliterc, in install-configure.
43 Remove .la files for authentication modules, keep then for actual
44 API libraries. Install them in the -devel RPM package.
46 * userdb/Makefile.am: Stub for the pw2userdb(8) man page.
48 * courier-authlib.service.in: Added Install target.
52 2013-03-02 Eray Aslan <eray.aslan@caf.com.tr>
56 2013-02-24 Lutz Behnke <cypherfox@users.sourceforge.net>
58 * authldaplib.c (ldapopen): Added LDAP_INITBIND option.
60 2013-01-06 Sam Varshavchik <mrsam@courier-mta.com>
62 * Makefile.am: chmod $(pkglibexecdir) explicitly to 755
64 2012-10-25 Sam Varshavchik <mrsam@courier-mta.com>
66 * courier-authlib.spec.in: Typo.
70 2012-10-06 Sam Varshavchik <mrsam@courier-mta.com>
72 * New authsqlite authentication module.
74 * Fixed: when using authpgsql, if the Postgres server goes down
75 authpgsql will then start leaking memory.
77 * Fixed error codes returned by several authentication modules that
78 prevent certain combinations of authentication modules from being
83 2012-04-23 Sam Varshavchik <mrsam@courier-mta.com>
85 * authpam.c (callback_pam): Call pam_end() after an authentication
88 2011-08-02 Sam Varshavchik <mrsam@courier-mta.com>
90 * Makefile.am: Renamed authstaticlist.h to courierauthstaticlist.h, and
91 added it to the list of header files that 'make install' puts into
94 2011-06-19 Sam Varshavchik <mrsam@courier-mta.com>
96 * Fix gcc 4.6 warnings
98 * courier.spec.in: switch to systemd.
100 2011-05-25 Sam Varshavchik <mrsam@courier-mta.com>
102 * Fix autoconf warnings.
104 2010-03-08 Sam Varshavchik <mrsam@courier-mta.com>
106 * courier-authlib.spec: Make rmplint happy.
110 2010-03-06 Sam Varshavchik <mrsam@courier-mta.com>
112 * Remove the bundled libtdl library. Require the system-installed
115 2010-01-31 Brian Costello <dolemite@gmail.com>
117 * authmysqllib.c (auth_mysql_setpass): Fix crash if DEFAULT_DOMAIN
118 is not set in the config file.
122 2009-12-17 Sam Varshavchik <mrsam@courier-mta.com>
124 * authldapescape.c: Factor out LDAP string escape function.
126 * authldap.schema: Various fixes
128 * authldap.ldif (olcObjectClasses): Create LDIF format schema from
131 2009-11-21 Sam Varshavchik <mrsam@courier-mta.com>
133 * authoption.c (auth_getoptionenvint): For account options that
134 are parsed to an int, an option value that begins with t, T, y, or Y
135 is evaluated as 1, other alphabetic values as 0; so that 'true'
136 or 'yes' get evaluated as 1.
140 2009-06-13 Sam Varshavchik <mrsam@courier-mta.com>
142 * Various compilation fixes for gcc 4.4 and libtool 2.2
146 2009-04-26 Sam Varshavchik <mrsam@courier-mta.com>
148 * courier-authlib.spec.in (MAKEFLAGS): Explicit path to ./configtmp
150 2009-03-15 Sam Varshavchik <mrsam@courier-mta.com>
152 * README_authlib.sgml: Fixed documentation of authpipe AUTH command.
154 2009-02-22 Sam Varshavchik <mrsam@courier-mta.com>
156 * authmigrate.in (rc): Add /etc/courier-imap
160 2009-02-03 Sam Varshavchik <mrsam@courier-mta.com>
162 * Makefile.am: Compatibility fix for bash 4
166 2008-12-25 Mr. Sam <mrsam@courier-mta.com>
168 * cryptpassword.c: Fix compiler warnings
170 * checkpasswordsha1.c: Fix compiler warnings.
172 * authldaplib.c (auth_ldap_enumerate): Fix typo.
176 2008-12-17 Sam Varshavchik <mrsam@courier-mta.com>
178 * authpgsqllib.c: Use PQescapeStringConn() instead of removing all
179 apostrophes from query parameters. This fixes a potential SQL injection
180 vulnerability if the Postgres database uses a non-Latin locale.
182 2008-12-06 Sam Varshavchik <mrsam@courier-mta.com>
184 * Added support for {SSHA}-encrypted passwords. Based on a patch
185 by Zou bin <zb@bisp.com>.
187 * Added support for {SHA512} hash function.
191 2008-11-30 Sam Varshavchik <mrsam@courier-mta.com>
193 * authsasllogin.c (authsasl_login): Fix memory leak.
195 * authldaplib.c (read_env): Fix resource leak. authldap did not close
196 the authldaprc configuration file after reading it on startup.
198 * authldaplib.c (auth_ldap_do2): Fix used ptr after free(). When an
199 email map feature is enabled, and the map failed, the resulting
200 error message was formed from a buffer that was recently free()ed.
202 * authpipe.c (auth_pipe): Fix memory leak. If the fork() system call
203 failed (unlikely), a buffer wasn't getting released.
205 2008-11-30 Sam Varshavchik <mrsam@courier-mta.com>
207 * Fix spec file to invoke authmksock with a short pathname.
209 2008-08-07 Mr. Sam <mrsam@courier-mta.com>
211 * courier-authlib.spec.in: Add -C option to configure invocation.
212 Remove the authmigrate script, only needed when upgrading from
213 pre-2004 Courier, and the current packaging causes an error.
215 2008-07-20 "Hanno Böck" <hanno@hboeck.de>
217 * authmigrate.in (rc): Use ${DESTDIR}, if set.
221 2008-07-13 Mr. Sam <mrsam@courier-mta.com>
223 * courier-authlib.spec: Dummy provides: for symlinks, to allow upgrade
224 with older packages that require <libname>.so.0.
226 2008-07-09 Mr. Sam <mrsam@courier-mta.com>
228 * Makefile.am: Switch to versionless shared libraries.
229 Install all shared libraries just as <libname>.so. make install manually
230 removes *.so.0.0 files that were left over from previous versions,
231 and installs a temporary *.so.0 symlink to *.so, for temporary
232 binary ABI compatibility with 0.60. The symlinks will be removed in
235 2008-07-08 Mr. Sam <mrsam@courier-mta.com>
237 * Cleanup: always compile md5, sha* and hmac stuff, and remove all
238 conditionally-compiled cruft. Move SASL list to an internal header.
239 Add client-side support for AUTH EXTERNAL.
241 2008-06-29 Mr. Sam <mrsam@courier-mta.com>
243 * authsasl.c (auth_sasl_ex): auth_sasl_ex() supercedes auth_sasl(),
244 invokes auth_sasl() for non-EXTERNAL SASL methods, implements EXTERNAL
245 by going through the motions, then setting up a dummy authentication
248 * authdaemon.c (auth_generic): Check for the dummy EXTERNAL
249 authentication request, and handle it by invoking auth_getuserinfo(),
250 rather than sending it down the pipe. This avoid having to implement
251 a stub in every authentication module.
255 2008-06-08 Alessandro Vesely <vesely@tana.it>
257 * authmysqllib.c: Use mysql_set_character_set() instead of SET NAMES
261 2008-05-16 Mr. Sam <mrsam@courier-mta.com>
263 * authmysqllib.c: Fix domain-less queries.
267 2008-05-08 Mr. Sam <sam@email-scan.com>
269 * Makefile: Drop the unmaintained authvchkpw module.
271 2008-05-04 Mr. Sam <mrsam@courier-mta.com>
273 * authmysqllib.c: Cleanup. Use mysql_real_escape_string instead of
278 2007-11-11 Mr. Sam <sam@email-scan.com>
280 * Makefile.am: Use _LIBADD properly.
282 2007-10-15 "Johnny C. Lam" <jlam-courier@buildlink.org>
284 * configure.in: More portability fixes.
288 2007-10-10 "Johnny C. Lam" <jlam-courier@buildlink.org>
290 * liblock/lockdaemon.c: Portability fix for checking the highest
291 available file descriptor.
295 2007-10-06 Anton Dobkin <adobkin@viansib.ru>
297 * MYSQL_CHARACTER_SET option.
299 2007-10-06 Oliver Lehmann <lehmann@ans-netz.de>
301 * authvchkpw.c: Fix typo.
303 2007-10-06 Wayne Pascoe <courier@penguinpowered.org>
305 * courier-authlib.spec.in (BuildRequires): on redhat-rpm-config.
307 2007-10-06 Mr. Sam <mrsam@courier-mta.com>
309 * userdb/userdb.pl.in (usage): Allow colons and pluses, in account
312 2007-10-06 Martin <psiplus@gmail.com>
314 * checkpasswordmd5.c (authcheckpasswordmd5): Add {MD5RAW} hash method.
318 2007-09-25 "Johnny C. Lam" <jlam-courier@buildlink.org>
320 * liblock/lockdaemon.c (OPEN_MAX): Use OPEN_MAX, instead of hardcoded
323 2007-09-25 Mr. Sam <mrsam@courier-mta.com>
325 * liblock/lockdaemon.c (OPEN_MAX): Even better, use
326 sysconf(_SC_OPEN_MAX), where available.
328 2007-09-20 Mr. Sam <sam@email-scan.com>
330 * userdb/userdb.pl.in: Allow underscores in account names.
332 2007-08-29 "Noel (Sourceforge)" <noelb@users.sourceforge.net>
334 * authvchkpw.c: Compilation error.
336 2007-07-26 Mr. Sam <sam@email-scan.com>
340 2007-04-25 Mr. Sam <mrsam@courier-mta.com>
342 * authvchkpw.c: Quell a compiler warning about a fwd declaration.
346 2007-04-22 Bill Shupp <hostmaster@shupp.org>
348 * Implement CRAM authentication in the vchpw module.
350 2007-04-22 Mr. Sam <mrsam@courier-mta.com>
352 * courier-authlib.spec.in: spec files requires redhat-rpm-config
354 2007-04-15 Mr. Sam <mrsam@courier-mta.com>
356 * man pages: work around for some bugs in Docbook XML stylesheets.
358 2007-04-13 Mr. Sam <mrsam@courier-mta.com>
360 * authpipe.c (auth_pipe_pre): Fix leak when authpipe module is
361 enabled, but the actual authpipe script/external prog is not
364 * authpipe.c (auth_pipe_chgpwd): Pedantic resource cleanup,
367 * userdb/userdb.c (userdb): Pedantic resource cleanup, after
370 * userdb/userdb2.c (userdbshadow): Ditto.
374 2007-04-05 Mr. Sam <mrsam@courier-mta.com>
376 * Update man pages and documentation to Docbook XML V4.4
378 2007-02-25 Mr. Sam <mrsam@courier-mta.com>
380 * More configure script cleanup
382 2007-02-25 Kurt Roeckx <kurt@roeckx.be>
384 * Clean up configure scripts
386 2007-02-09 Juraj Lutter <otis@wilbury.sk>
388 * authmysqlrc: Implement SSL-encrypted MySQL connections
390 2007-01-20 Mr. Sam <mrsam@courier-mta.com>
392 * authldaplib.c: Fix pedantic C code.
396 2007-01-16 Mr. Sam <mrsam@courier-mta.com>
398 * authldaplib.c (l_simple_bind_s): Fix anon binds.
402 2006-12-30 Lars Timmann <Lars.Timmann@mcs.de>
404 * Makefile.am: Fixes for Solaris's linker.
406 2006-10-28 Mr. Sam <mrsam@courier-mta.com>
408 * Ported code to gcc 4.1.1
410 * Ported authldap to openldap 2.3.27
412 2006-09-17 Chris Petersen <rpm@forevermore.net>
414 - Make the spec a little prettier
415 - Replace BuildPreReq with BuildRequires
416 - Remove period from summaries (rpmlint)
417 - Fix release tag to use %{?dist} macro if it's present
418 - Change distro-detection to use "rh" and "fc" for version detection, and add support for mandriva
420 2006-06-01 kabe@sra-tohoku.co.jp
422 * authldaplib.c (auth_ldap_enumerate): Fix LDAP account enumeration
424 2006-05-28 Mr. Sam <mrsam@courier-mta.com>
426 * all: Fix many compiler warnings.
428 2006-03-25 Rui Lopes <rui@ruilopes.com>
430 * userdb/makeuserdb.in: Added the -f option to makeuserdb
432 2006-02-23 Mr. Sam <mrsam@courier-mta.com>
434 * authldaplib.c (authldap_read_config): Fix up an error message.
436 2006-01-30 Mr. Sam <mrsam@courier-mta.com>
438 * authldaplib.c: Try to recover when the LDAP server closes the
439 persistent socket, for inactivity.
441 2006-01-21 Mr. Sam <mrsam@courier-mta.com>
443 * configure.in: Fix libtool 1.9 breakage.
447 * courier-authlib spec file (BuildRequires): Demand /usr/include/ltdl.h
449 * authdaemonlib.c (s_connect): Fix compiler warning.
451 * authdaemond.c (start): Ditto.
453 * authsaslclientcram.c (authsaslclient_cram): Ditto.
455 * libhmac/hmac.c (dohashkey): Ditto.
459 2005-12-08 Mr. Sam <mrsam@courier-mta.com>
461 * authpam.c (dopam): Re-enable pam_acct_mgmt hook.
463 2005-11-16 Mr. Sam <mrsam@courier-mta.com>
465 * preauthshadow.c: Add support for shadow password expiration --
466 based on Krzysztof Oledzki <ole@ans.pl>'s patch.
468 2005-10-04 Brian Candler <B.Candler@pobox.com>
470 * authdaemonrc.in (LOGGEROPTS): Add a section for LDAP environment
473 2005-09-30 Mr. Sam <mrsam@courier-mta.com>
475 * authdaemonlib.c (opensock): Configurable daemon socket timeout,
476 based on a patch by Rodrigo Salinas <rodrigo@facea.uchile.cl>.
478 2005-09-30: Michael Richard <michael.richard@cesart.com>
480 * authldaplib: Replace LDAP_SERVER and LDAP_PORT settings with
481 LDAP_URI, which obsoletes LDAP_TLS.
483 2005-09-18 Mr. Sam <mrsam@courier-mta.com>
485 * authldaplib.c (auth_ldap_do2): Fix LDAP error checking.
487 2005-09-03 Mr. Sam <mrsam@courier-mta.com>
489 * authinfo.c (getmgid): Fix misleading error message.
491 2005-08-10 "Johnny C. Lam" <jlam@NetBSD.org>
493 * authpipelib.c: Include sys/time.h
497 2005-07-16 Mr. Sam <mrsam@courier-mta.com>
499 * configure.in: Update to automake 1.9, autoconf 2.59, libtool 1.5.6.
501 2005-07-12 Mr. Sam <mrsam@courier-mta.com>
503 * authlib: create the authtest and authpasswd manual pages.
505 2005-07-09 Mr. Sam <mrsam@courier-mta.com>
507 * authldaplib.c (auth_ldap_do3): Fix call of authcryptpasswd().
509 * authpgsqllib.c (auth_pgsql_setpass): Ditto.
511 * authmysqllib.c (auth_mysql_setpass): Ditto.
513 * cryptpassword.c (authcryptpasswd): Fix handling of encryption hints.
515 * checkpassword.c (do_authcheckpassword): Ignore {CRYPT} prefix on
518 * checkpasswordsha1.c (authcheckpasswordsha1): Fix {SHA256} passwords.
520 * authmysqllib.c (auth_mysql_setpass): Fix a memory leak.
522 2005-07-06 Willi Mann <willi@wm1.at>
524 * authdaemond.c: Strip full name/gecos field after the first comma.
526 2005-07-04 Brian Candler <B.Candler@pobox.com>
528 * liblog/logger.c: Fix wrong args to setuidgid().
530 * README_authlib.sgml: Document updated authpipe protocol.
532 * authdaemond: Pass LOGGEROPTS option to authdaemond.
534 2005-07-02 Mr. Sam <mrsam@courier-mta.com>
536 * liblog/logger.c: Added -droproot option to courierlogger.
538 * liblock/lockdaemon.c: Try to recover if upgraded daemon process runs
539 under a different uid.
541 2005-07-01 Brian Candler <B.Candler@pobox.com>
543 * Changed -uid and -gid options to -user and -group for consistency
544 with couriertcpd. Change them to affect courierlogger itself,
545 after it has spawned any child.
547 * Optional default domain for authentication requests.
549 2005-07-02 Mr. Sam <mrsam@courier-mta.com>
551 * Makefile.am: Refactor the linking process to make it more portable.
553 2005-06-30 Brian Candler <B.Candler@pobox.com>
555 * authdaemon.c (auth_generic): Silly bug in auth_generic().
557 * authpipe: more fixes to the authpipe module.
559 2005-05-14 Christian Loitsch <christian@fgecko.com>
561 * authpipe: various fixes to the authpipe module.
565 2005-05-08 Mr. Sam <mrsam@courier-mta.com>
567 * courier-authlib.sysvinit: Remove lockfile after stop.
569 2005-04-07 Mr. Sam <mrsam@courier-mta.com>
571 * authpipe.c (auth_pipe_pre): Fix zombies created by the authpipe
574 2005-03-20 Christian Loitsch <courier-imap@abc.fgecko.com>
576 * New authpipe authentication module.
578 2005-03-20 Brian Candler <B.Candler@pobox.com>
580 * Fix the error code when an empty password is provided.
582 * authldap.schema: Add mailhost to the recommended LDAP schema.
586 2005-03-02 Mr. Sam <mrsam@courier-mta.com>
588 * authsystem.passwd.in: Explicitly set LC_ALL to en_US
590 2005-02-20 Mr. Sam <mrsam@courier-mta.com>
592 * SASL: Added CRAM-SHA256 authentication method (experimental).
594 2005-02-19 Mr. Sam <mrsam@courier-mta.com>
596 * courierauthdebug.h: Macro dprintf conflicts with new glibc.
600 2005-01-31 Mr. Sam <mrsam@courier-mta.com>
602 * authmigrate.in (rc): Fix - userdb file does not have to have a
605 2005-01-19 Brian Candler <B.Candler@pobox.com>
607 * userdb/makeuserdb.in: Report dangling symlinks.
611 2005-01-11 Mr. Sam <mrsam@courier-mta.com>
613 * configure.in: Typo fix.
615 2005-01-05 Mr. Sam <mrsam@courier-mta.com>
617 * Makefile.am (uninstall-hook): pw2userdb was not being installed.
621 2005-01-01 Mr. Sam <mrsam@courier-mta.com>
623 * configure.in: Fix gdbm/bdb check. Try to autoprobe for Solaris
626 2004-12-05 Mr. Sam <mrsam@courier-mta.com>
628 * configure.in: Fix courierauthconfig --cppflags, new option to the
629 configure script: --without-stdheaderdir
631 2004-12-03 Mr. Sam <mrsam@courier-mta.com>
633 * courierauthconfig: --version prints package version.
634 --version=V print "yes" if package version is at least V.
636 2004-12-01 Mr. Sam <mrsam@courier-mta.com>
638 * liblog/logger.c: Added -uid and -gid options to courierlogger.
640 2004-11-29 Brian Candler <B.Candler@pobox.com>
642 * authldaplib.c: Use persistent connections for authenticated binds
643 when using LDAPv3. Use the LDAP_OPT_NETWORK_TIMEOUT setting,
644 initialized from the configuration file, if provided (OpenLDAP).
645 If using authenticated binds, a password change is done under the
646 user's credentials, instead of the admin's.
648 2004-11-24 Brian Candler <B.Candler@pobox.com>
650 * README.authdebug.html: document temporary failure messages.
652 2004-11-24 Mr. Sam <mrsam@courier-mta.com>
654 * courier-authlib.spec.in: Move the userdb scripts in sbindir from
655 main package to the userdb subpackage.
657 2004-11-24 Brian Candler <B.Candler@pobox.com>
659 * authuserdb.c: Fix error handling in userdb CRAM.
661 * userdb-test-cram-md5: Helper script for verifying C/R authentication.
663 2004-11-20 Brian Candler <B.Candler@pobox.com>
665 * Additional debug messages.
667 2004-11-13 Brian Candler <B.Candler@pobox.com>
669 * mysql/pgsql fixes; other misc fixes
671 2004-11-16 Mr. Sam <mrsam@courier-mta.com>
673 * configure.in: Fix mysql/pgslq autodetection
675 2004-11-13 Brian Candler <B.Candler@pobox.com>
677 * authdaemond: Fix bug in account enumeration function.
679 * authdaemond: Return individual account options when enumerating
680 accounts. Affects mysql, ldap, pgsql modules. mysql and pgsql
681 enumeration filter must now return one more column. Added an ldap
682 enumeration filter. New option to authenumerate, -o, includes
683 account options in the output. New option, -s, suppressed accounts
684 that have the disableshared option set.
686 * authmysql, authpgsql: Additional debugging.
688 * authmysql, authpgsql, authldap: Replaced enumeration function,
689 more efficient memory usage with large accounts.
691 * authldap: Suggested account schema has uid and gid optional, because
692 global uid and gids may be set in authldaprc instead.
694 * authvchkpw: Fix vpopmail compilation.
696 2004-11-10 Mr. Sam <mrsam@courier-mta.com>
698 * configure.in: Do not disable mysql + pgsql if vchkpw lib was found.
700 2004-11-09 Brian Candler <B.Candler@pobox.com>
702 * authdaemond.c: New DEFAULTOPTIONS setting.
704 2004-11-04 Mr. Sam <mrsam@courier-mta.com>
706 * authdaemonlib.c (s_connect): Wait for connection to authdaemond
707 only if async connect() failed with EINPROGRESS.
709 2004-11-03 Mr. Sam <mrsam@courier-mta.com>
711 * Makefile.am (SUBDIRS): Ok, only build in bdbobj/gdbmobj according
712 to what autoconf finds.
714 * authldaplib.c (auth_ldap_do3): Fix LDAP driver.
716 2004-11-03 Brian Candler <B.Candler@pobox.com>
718 * Makefile.am: Fixes.
720 2004-10-30 Mr. Sam <mrsam@courier-mta.com>
722 * authinfo.c: Added mailuid= and mailgid=
724 2004-10-21 Mr. Sam <mrsam@courier-mta.com>
726 * Makefile.am (libcourierauthsaslclient_la_SOURCES): Factored out
727 SASL client support into libcourierauthsaslclient.la
729 2004-10-21 Brian Candler <B.Candler@pobox.com>
731 * Makefile.am: Fixes.
733 2004-10-16 Mr. Sam <mrsam@courier-mta.com>
735 * authldap.schema: Added disableimap, disablepop3, disablewebmail,
738 2004-10-07 Mr. Sam <mrsam@courier-mta.com>
740 * authsyschangepwd.c (dochangepwd): Do not reset the environment
741 before exec-ing expect.
743 2004-10-04 Mr. Sam <mrsam@courier-mta.com>
745 * Merged authuserdb with authcram. Fixed CRAM password changes.
746 Do not reset the environment before exec-ing userdb and makeuserdb.