source: trunk/third/cyrus-sasl/NEWS @ 18842

Revision 18842, 9.0 KB checked in by ghudson, 22 years ago (diff)
This commit was generated by cvs2svn to compensate for changes in r18841, which included commits to RCS files with non-trunk default branches.
Line 
1New in 2.1.12
2-------------
3* Distribute in Solaris tar (not GNU tar format)
4* Fix a number of build/configure related issues.
5
6New in 2.1.11
7-------------
8* Add the fastbind auth method to the saslauthd LDAP module.
9* Fix a potential memory leak in the doors version of saslauthd.
10* NTLM now only requires one of LM or NT, not both.
11* Fix a variety of Berkeley DB, LDAP, OpenSSL, and other build issues.
12* Win32 support compiles, but no documentation as of yet.
13
14New in 2.1.10
15-------------
16* Further DIGEST-MD5 DES interoperability fixes.  Now works against Active
17  Directory.
18* Fix some potential buffer overflows.
19* Misc. cleanups in the saslauthd LDAP module
20* Fix security properties of NTLM and EXTERNAL
21
22New in 2.1.9
23------------
24* Include missing lib/staticopen.h file.
25
26New in 2.1.8
27------------
28* Support for the NTLM mechanism (Ken Murchison <ken@oceana.com>)
29* Support libtool --enable-shared and --enable-static
30  (Howard Chu <hyc@highlandsun.com>)
31* OS/390 Support (Howard Chu <hyc@highlandsun.com>)
32* Berkeley DB 4.1 Support (Mika Iisakkila <mika.iisakkila@pingrid.fi>)
33* Documentation fixes
34* The usual round of assorted other minor bugfixes.
35
36New in 2.1.7
37------------
38* Add SASL_AUTHUSER as a parameter to sasl_getprop
39* Allow applications to require proxy-capable mechanisms (SASL_NEED_PROXY)
40* Performance improvements in our treatment of /dev/random
41* Removal of buggy DIGEST-MD5 reauth support.
42* Documentation fixes
43* Assorted other minor bugfixes.
44
45New in 2.1.6
46------------
47* Security fix for the CRAM-MD5 plugin to check the full length of the
48  digest string.
49* Return of the Experimental LDAP saslauthd module.
50* Addition of Experimental MySQL auxprop plugin.
51* Can now select multiple auxprop plugins (and a priority ordering)
52* Mechanism selection now includes number of security flags
53* Mac OS X 10.1 Fixes
54* Misc other minor bugfixes.
55
56New in 2.1.5
57------------
58* Remove LDAP support due to copyright concerns.
59* Minor bugfixes.
60
61New in 2.1.4
62------------
63* Enhancements and cleanup to the experimental LDAP saslauthd module
64  (Igor Brezac <igor@ipass.net>)
65* Addition of a new sasl_version() API
66* Misc. Bugfixes
67
68New in 2.1.3-BETA
69-----------------
70* Significant amount of plugin cleanup / standardization.  A good deal of code
71  is now shared between them. (mostly due to Ken Murchison <ken@oceana.com>)
72* DIGEST-MD5 now supports reauthentication.  Also has a fix for DES
73  interoperability.
74* saslauthd now supports the Solaris "doors" IPC method
75  (--with-ipctype=doors)
76* Significant GSSAPI fixes (mostly due to Howard Chu <hyc@highlandsun.com>)
77* Auxprop interface now correctly deals with the * prefix indicating
78  authid vs. authzid.  (May break some incompatible auxprop plugins).
79* We now allow multiple pwcheck_method(s).  Also you can restrict auxprop
80  plugins to the use of a single plugin.
81* Added an experimental saslauthd LDAP module (Igor Brezac <igor@ipass.net>)
82* Removed check for db3/db.h
83* Misc. documentation updates.  (Marshall Rose, and others)
84* Other misc. bugfixes.
85
86New in 2.1.2
87------------
88* Mostly a minor-bugfix release
89* Improved documentation / cleanup of old references to obsolete
90  pwcheck_methods
91* Better error reporting for auxprop password verifiers
92
93New in 2.1.1
94------------
95* Many minor bugfixes throughout.
96* Improvements to OTP and SRP mechanisms (now compliant with
97  draft-burdis-cat-srp-sasl-06.txt)
98* API additions including sasl_global_listmech, and a cleaner handling of
99  client-first and server-last semantics (no application level changes)
100* Minor documentation improvements
101
102New in 2.1.0
103------------
104* The Cyrus SASL library is now considered stable.  It is still not backwards
105  compatible with applications that require SASLv1.
106* Minor API changes occured, namely the canon_user callback interface.
107* saslauthd now preforks a number of processes to handle connections
108* Many bugfixes through the entire library.
109
110New in 2.0.5-BETA
111-----------------
112* THIS IS A BETA-QUALITY RELEASE THAT IS NOT INTENDED FOR PRODUCTION USE.
113  IT *WILL BREAK* ANY APPLICATION EXPECTING THE SASLv1 API.
114* Improved performance of security layers in KERBEROS_V4, GSSAPI, and DIGEST.
115* This release includes an OTP plugin that requires libopie.
116* SRP plugin now in alpha stage.
117* Includes many significant bugfixes throughout the library.
118
119New in 2.0.4-BETA
120-----------------
121* THIS IS A BETA-QUALITY RELEASE THAT IS ONLY INTENDED FOR USE BY
122  DEVELOPERS WHOSE APPLICATIONS MAKE USE OF THE CYRUS SASL LIBRARY.
123  IT *WILL BREAK* ANY APPLICATION EXPECTING THE SASLv1 API.
124* This release now includes Mac OS 9 and Mac OS X support.
125* Significant new features include
126  * DES and 3DES Encryption should now be working for DIGEST-MD5
127  * Improved configuration system
128  * Improved documentation (now includes plugin writers guide)
129  * Many other bugfixes (see ChangeLog)
130
131New in 2.0.3-BETA
132-----------------
133* THIS IS A BETA-QUALITY RELEASE THAT IS ONLY INTENDED FOR USE BY
134  DEVELOPERS WHOSE APPLICATIONS MAKE USE OF THE CYRUS SASL LIBRARY.
135  IT *WILL BREAK* ANY APPLICATION EXPECTING THE SASLv1 API.
136* This library should be fairly close to the core features that will be
137  released in a final version of Cyrus SASLv2.  It very likely has bugs.
138* Major new features included in this release:
139  - The glue code now correctly handles client-send-first and server-send-last
140    situations based on what the protocol and mechanism each support.
141  - The sasldb code has been extracted from the main library and now resides
142    in a separate libsasldb.la that is available at build time.
143  - SASLdb now supports multiple auxiliary properties, though as distributed
144    only userPassword is implemented and used.
145  - Much improved configure checking for various items, including
146    Berkeley DB, Kerberos, and GSSAPI.
147  - Better (more standard) handling of realms in DIGEST-MD5.
148  - A new Plugin Programmer's guide.
149  - IPv6 support.
150  - Error reporting now works in the GSSAPI plugin.
151* See the ChangeLog for a more detailed list of changes.
152
153New in 2.0.2-ALPHA
154------------------
155* THIS IS AN ALPHA-QUALITY RELEASE THAT IS ONLY INTENDED FOR DEVELOPERS
156  WHOSE APPLICATIONS MAKE USE OF THE CYRUS SASL LIBRARY. 
157* This release is intended to show developers that use Cyrus SASL what
158  direction we are planning on taking the library so that they can make
159  plans to migrate their applications accordingly
160* Major new features included in this release:
161  - Ability to compile a static library including all mechanisms.  This
162    means lower memory usage and faster mechanism loading time, but
163    is not for everyone (or even many people). See doc/advanced.html,
164    as well as the '--with-staticsasl' configure flag.
165  - Man pages should now all be present and are close to being correct.
166  - Can now build libsfsasl and the smtptest program (using the --with-sfio
167    configure flag)
168  - Reverted to the v1 entry points for mechanisms, to allow v1 mechanisms
169    to fail loading cleanly.
170  - Auxprop and canon_user plugins can now load from DSOs
171  - Java code now compiles (but is not well tested, or up to date with the
172    current Java API draft)
173  - Error handling and use of sasl_errdetail has been fleshed out and
174    should now work in most cases.
175* Still Coming:
176  - Cleanup of the client-send-first and server-send-last situation
177  - Error reporting in GSSAPI plugin
178  - Move the sasldb code out of the main library and into plugins and
179    utilities only.
180
181New in 2.0.0-ALPHA
182------------------
183* THIS IS AN ALPHA-QUALITY RELEASE THAT IS ONLY INTENDED FOR DEVELOPERS
184  WHOSE APPLICATIONS MAKE USE OF THE CYRUS SASL LIBRARY. 
185* This release is intended to show developers that use Cyrus SASL what
186  direction we are planning on taking the library so that they can make
187  plans to migrate their applications accordingly
188* This release implements the SASLv2 API.
189  Some of the major improvements in the API include:
190  - Memory management is now sane (whoever allocates the memory is responsible
191    for freeing it)
192  - Auxiliary Property plugin support (ability to interface with directory
193    services as part of authentication)
194  - Username canonification plugin support
195  - Improved error reporting (not fully implemented in this release)
196  - Database support has been simplified.  We now maintain only a single
197    store of plaintext passwords that is shared by all supplied plugins
198    (using the auxiliary property interface).
199  The new API is more fully documented in the header files sasl.h, saslplug.h
200  saslutil.h, and prop.h.  The man pages, programmers guide, and system
201  administrators guide have also been rewritten to deal with the new API.
202* There is still a good amount of work to be done, and as this code is alpha
203  quality, it has bugs, known and unknown.  Please either use our bugzilla at
204  http://bugzilla.andrew.cmu.edu, or email cyrus-bugs@andrew.cmu.edu with
205  questions, comments, or bug reports.
206  - Most notably, the Java bindings have not been converted to work with
207    the new API, and thus will not compile successfully.
208  - The current development branch with this source is in our
209    cvs repository as the "sasl-v2-rjs3" branch of the "sasl" collection.
210    (see http://asg.web.cmu.edu/cyrus/download/anoncvs.html for more info)
Note: See TracBrowser for help on using the repository browser.