Changes 1.3.x
History of released versions
1.8 / 1.7 / 1.6 / 1.5 / 1.4 / 1.3 / 1.2 / 1.1 / 1.0 / 0.16 / 0.15 / 0.14 / 0.13 / 0.12 / 0.11 / 0.10 / 0.9 / 0.8 / 0.7 / Ancient / Overview
1.3.38
Release Date: 2019-01-02
- Fixed non-unique IDs in DIT structure rules and name forms of supplemental schema file for Æ-DIR.
- Mandates update to ldap0 0.2.1+.
1.3.37
Release Date: 2018-12-27
- Fixed regression when adding entries introduced in 1.3.36.
1.3.36
Release Date: 2018-12-25
- Mandates update to ldap0 0.1.0+.
1.3.34
Release Date: 2018-11-29
-
Plugin class GeneralizedTime:
- Now accepts float value as input, interprets the value as seconds and converts them to a date-time representation relative to current time.
- Fixed interpreting input "T" as adding one day.
- Javascript URLs, while by default not allowed in plugin class Uri, are now enclosed in <code> tags when displayed and thus are never displayed as active links.
1.3.33
Release Date: 2018-11-20
- Adjusted maximum input length of search parameters.
1.3.32
Release Date: 2018-11-13
- Fixed counting entries to be deleted based on MS AD attribute msDS-Approx-Immed-Subordinates.
1.3.31
Release Date: 2018-10-25
- Aligned plugin module for Æ-DIR with upstream.
- Fixed examples in docker/ to match simpler plugin file layout introduced in 1.3.26.
- New global configuration parameter web2ldapcnf.ldap_cache_ttl.
- Removed OpenSearch example file.
1.3.29
Release Date: 2018-09-25
- Mandates update to ldap0 0.0.62+.
- Completely ignore TLS option exception raised on brain-dead macOS including ldap0.OPT_X_TLS_NEWCTX.
- Minor docs updates.
1.3.28
Release Date: 2018-09-24
- Tuple values of groupadm_defs can now have an optional 3rd Boolean parameter indicating whether the member attribute shall be used for determining group membership.
1.3.26
Release Date: 2018-08-07
- In certificate viewer T.61 strings in X.509 certs are decoded as ISO-8859-1 because this seems, although wrong, the most common practice.
- Config module web2ldapcnf was moved back to etc/web2ldap/ and now gets installed as data-files. This allows to mark those files as config files when building OS packages (RPM etc.).
- The configuration sub-module web2ldapcnf.plugins is now a single file and not a separate sub-directory.
- URL targets listed in web2ldapcnf.good_redirect_targets are now always trusted even without URL scheme or net location.
1.3.25
Release Date: 2018-08-02
- Gracefully handle malformed input for attribute sshPublicKey.
- New host-/backend-specific parameters for setting limits in tree browser: dit_max_levels, dit_search_sizelimit, and dit_search_timelimit.
1.3.24
Release Date: 2018-08-01
- In modify input form the value list of form parameter in_oldattrtypes containing existing attribute types is preserved when using [-] <button> and this removes the last attribute value.
- Updated file dumpasn1.cfg from upstream.
- Added section [install] to setup.cfg to also install optimized bytecode files (*.pyo).
1.3.23
Release Date: 2018-07-28
- Fixed examples in docker/.
-
ldapsearch
command displayed below search results now explicitly defines anon simple bind of no login information is available. Furthermore option-LL
is used to reduce LDIF output. - Some cosmetic changes to config module web2ldapcnf.
1.3.22
Release Date: 2018-07-06
- Added separate AppArmor example profiles for running in an Apache/UWSGI deployment. YMMV.
- Added more hardening options to example systemd units (see systemd.exec(5)).
- Aligned plugin module for Æ-DIR with upstream.
- Some minor glitches fixed to make creating OS packages easier.
1.3.20
Release Date: 2018-06-21
- Added input field for cAARecord in input form template for object class dNSDomain2.
- Relaxed DNS label regex patterns to allow wild-card domain specs, e.g. *.example.com.
- Module Pillow is now listed as optional dependency.
- Use CSS class About instead of an identifier in HTML template for top section with right-adjusted text-alignment.
1.3.19
Release Date: 2018-06-07
-
More OpenLDAP customization:
- New plugin class for OpenLDAP attribute olcMemberOfDangling.
- New plugin class for attribute seeAlso in back-monitor entries for displaying the name of referenced database, overlay or backend.
- Deep links to online man-pages in HTML templates for back-config.
-
Web service robustness:
- Gracefully handle empty string passed to form parameter read_nocache.
- Also return HTTP response code 404 in case an OSError was raised when reading CSS files.
- Fixed sending correct HTTP headers when serving CSS files.
1.3.18
Release Date: 2018-05-22
- Dropped mal-functioning T.61 decoding support from X.509 certificate parser so fall-back displaying is triggered.
- Limited list of LDAP servers used for public demo.
- More AppArmor rules.
- Added more CSP headers.
- Minor tweaks regarding HTML templates for pwdPolicy.
1.3.17
Release Date: 2018-05-08
- Fixed missing plugins import.
1.3.16
Release Date: 2018-04-29
-
Refactored configuration module package:
- Dropped separate config sub-module web2ldapcnf.monitor.
- Merged separate config sub-module web2ldapcnf.misc into web2ldapcnf (__init__.py).
- Config variable web2ldapcnf.etc_dir now points directly to the web2ldap-specific sub-directory.
- Module dnspython is used instead of obsolete pydns for looking up SRV RRs.
- Dropped obsolete SSL security level stuff.
- New global configuration parameter web2ldapcnf.access_allowed for a simple IP-based access control.
1.3.14
Release Date: 2018-04-21
- Aligned plugin module for Æ-DIR with upstream.
- Added example Dockerfile to source distribution for automated installation into container running openSUSE Tumbleweed.
- Added example AppArmor profile.
1.3.13
Release Date: 2018-04-13
- Ignore TLS option exception on brain-dead macOS.
- Replaced using M2Crypto for displaying X.509 certificate information by asn1crypto.
- Attributes of LDAP syntax CertificateList (CRLs) are now also displayed with short information when displaying an entry.
- Always set flag descriptions as Unicode strings in plugin class BitArrayInteger and a bunch of derived classes.
- Fixed Unicode assertions in plugin module for Æ-DIR.
1.3.13
Release Date: 2018-04-13
- Ignore TLS option exception on brain-dead macOS.
- Replaced using M2Crypto for displaying X.509 certificate information by asn1crypto.
- Attributes of LDAP syntax CertificateList (CRLs) are now also displayed with short information when displaying an entry.
- Always set flag descriptions as Unicode strings in plugin class BitArrayInteger and a bunch of derived classes.
- Fixed Unicode assertions in plugin module for Æ-DIR.
1.3.12
Release Date: 2018-04-10
- Added config example to web2ldapcnf.plugins for globally allowing a trailing dot in FQDN values.
-
Cleaned up module imports:
- Application module web2ldap.app.cnf does not re-export sub-modules of web2ldapcnf anymore.
- Better grouping of module imports.
1.3.11
Release Date: 2018-04-01
- Replaced configuration sub-module web2ldapcnf.countries by .properties files.
- Fixed plugin class for attribute mail in aePerson entries.
- Fixed Unicode regression in plugin class for attribute aAAARecord.
1.3.10
Release Date: 2018-03-07
- Some fixes in plugin module for Æ-DIR.
- Module xlwt is used for Excel data export instead of unmaintained pyExcelerator.
1.3.9
Release Date: 2018-02-28
- Removed debug print statement.
1.3.8
Release Date: 2018-02-27
- License change
- The license was changed to Apache License Version 2.0 using machine-readable SPDX license identifier Apache-2.0.
- Installation and configuration changes
-
The following changes to system installation and local configuration were made:
- Requires Python 2.7.9+
- It is now possible to install with PIP.
- If you do not use the PIP-based installation note that some module dependencies have changed:
- LDAP OID registry is no longer considered local configuration and was thus moved to an internal module.
- Config module web2ldapcnf was moved to top-level directory.
- New features/enhancements
-
- Runs a WSGI application.
- Dropped features
-
- Dropped configuration variable pylibdirs which caused too much hen-and-egg problems and thus was not useful.
- Dropped configuration variable bind_address for stand-alone mode.
- No separate error and debug log configuration variables anymore. Errors now always go to stderr which was the default anyway.
- The half-baken SIGHUP config reload handler was removed. Actually it was never really useful.
- Abandoned internal gzip compressing because it is much better to leave this to the invoking web server.