Changes 1.5.x
History of released versions
1.8 / 1.7 / 1.6 / 1.5 / 1.4 / 1.3 / 1.2 / 1.1 / 1.0 / 0.16 / 0.15 / 0.14 / 0.13 / 0.12 / 0.11 / 0.10 / 0.9 / 0.8 / 0.7 / Ancient / Overview
1.5.117
Release Date: 2021-04-26
- Added HTTP security header Permissions-Policy.
- Fixed regression in Æ-DIR plugin class AEGroupMember caused by cache re-factoring in ldap0 1.2+.
1.5.116
Release Date: 2021-03-10
- Fixed exit exceptions handler in stand-alone mode.
- Added example systemd unit for running under control of gunicorn.
- Small improvements in example systemd units and uwsgi config files.
1.5.115
Release Date: 2021-03-04
- Fixed str/bytes regression for account lockout value in plugin class for pwdAccountLockedTime.
1.5.114
Release Date: 2021-02-12
- Stopping the session expiry thread is now correctly done via the thread's stop event instance.
- Session expiry check interval is now set to 61 secs (formerly 5 secs) because since release 1.5.98 session expiry is explicitly invoked each time before creating a new session anyway.
1.5.113
Release Date: 2021-02-01
- Better error handling for command-line arguments used in stand-alone mode.
- Fixed displaying certificate DN values with syntax PostalAddress.
-
Added/improved/fixed type hints
- for various plugin class attributes
- for result of LDAPSyntax.formField()
-
Fixed str/bytes regressions in
- Date._validate()
- plugin class NullTerminatedDirectoryString
- Æ-DIR plugin class for attribute host
- (unused) plugin method OathInitPwAlphabet.sanitize()
1.5.112
Release Date: 2020-11-26
- HTML templates for object class msPwdResetObject were moved to global templates directory for general use.
- Fixed str/bytes regression when handling input form exceptions.
- Added type hints for form exceptions.
- Added attribute msPwdChangeNotification to HTML templates for object class msPwdResetPolicy.
- Fixed input field in plugin class Timespan.
1.5.108
Release Date: 2020-11-20
- Added quick search field for Æ-DIR.
1.5.107
Release Date: 2020-11-19
- Plugin class for OpenLDAP accesslog attribute reqMod now uses validate method for LDAP syntax OctetString.
- Installation check now also logs result of sys.getfilesystemencoding() at DEBUG log level.
1.5.106
Release Date: 2020-11-04
- New global configuration variable httpenv_override allows to override all env vars of a request. For example this can be used to set HTTPS=on to enforce setting the "secure" cookie flag. E.g. this is highly recommended when running under control of gunicorn.
1.5.105
Release Date: 2020-11-02
- Plugin class for dhcpStatements now ignores ValueError when trying to display search link for DNS PTR RRs fails.
1.5.104
Release Date: 2020-10-29
- Installing module dnspython is now optional again.
- Fixed str/bytes regression when processing DNS SRV RRs.
1.5.103
Release Date: 2020-10-27
-
Added link when displaying attributes
reqDN
andreqAuthzID
to search other OpenLDAP accesslog entries with same values.
1.5.101
Release Date: 2020-10-16
- Split env var value referenced by httpenv_remote_addr by comma and use last value, e.g. in case IP addresses of cascaded proxies are stored in HTTP_X_FORWARDED_FOR.
1.5.100
Release Date: 2020-09-24
- Lazy initialization of session store and expiry thread. When running under control of gunicorn this ensures that the initialization is done after forking the master process which also fixes stopping the expiry thread during shutdown.
1.5.98
Release Date: 2020-09-22
- Re-factored removal of expired sessions as an incomplete work-around when running under control of gunicorn.
1.5.97
Release Date: 2020-09-19
- Improved HTML templates for TLS attributes in cn=config.
- New global configuration variable httpenv_remote_addr especially used for running under control of gunicorn behind a front-end web server.
1.5.96
Release Date: 2020-09-05
- Fixed interop issue when running under control of gunicorn by not closing input stream file object anymore (legacy code clean-up).
1.5.95
Release Date: 2020-08-26
- Fixed deprecation warning for dnspython 2.0.0+.
1.5.94
Release Date: 2020-07-04
-
Regression fixes for password change:
- Fixed str/bytes regression when generating password self-service reset URL.
- Fixed setting shadowLastChange.
- Fixed setting pwdReset and pwdLastSet.
- Fixed str/bytes regression when handling PasswordPolicyException.
- Code cleaning.
1.5.93
Release Date: 2020-07-01
- Added link to Æ-DIR plugin class for entryDN of aeUser and aeService entries to search for entries created or modified by this entity.
- SessionException is now ignored in case of disconnect because probably user has disconnected in other tab before.
1.5.91
Release Date: 2020-06-30
- More compact string literal syntax for host-specific parameter search_tdtemplate in config presets for Æ-DIR.
- More compact string literal syntax when displaying search results. This seems to reduce approx. 15…20 % of traffic.
- Code cleaning.
1.5.90
Release Date: 2020-06-30
- Added log warning in case IOError was catched when reading the search form template.
- Fixed determining zone DN in Æ-DIR plugin classes (e.g. used for aeProxyFor).
- Refactored Æ-DIR plugin class hierarchy for attributes containing references to aeSrvGroup entries with the DNs being displayed like user group DNs.
1.5.88
Release Date: 2020-06-28
- Some small web style changes (CSS).
- Removed unmaintained style terminal.css.
1.5.86
Release Date: 2020-06-28
- <h1> and error message now part of login HTML template.
- Fixed displaying the Who Am I? result in [conninfo] if None.
1.5.85
Release Date: 2020-06-27
- Fixed str/bytes regression in plugin class for attribute sambaAcctFlags.
- Updated some LDIF templates for Æ-DIR from ansible role.
- Some small web style changes (CSS).
- Added line-break after value description when displaying Æ-DIR attribute values based on select lists.
1.5.84
Release Date: 2020-06-21
- When skipping HTML templates because of misconfiguration error/warning messages are now written to log instead of broken error handling in UI.
- Code cleaning.
1.5.82
Release Date: 2020-06-19
- Added more / better man-page links to HTML templates for OpenLDAP's back-config.
- Fixed str/bytes regression when displaying OpenLDAP syncrepl statements (attribute olcSyncrepl).
1.5.81
Release Date: 2020-05-30
- For better performance method str.translate() is used to escape HTML characters.
1.5.79
Release Date: 2020-05-26
- Updated LDIF file with local fall-back schema.
- Support for new Æ-DIR object class aeSSHAccount.
1.5.77
Release Date: 2020-05-19
- Fixed plugin base class for auto-generating unique POSIX Ids, e.g. uidNumber and gidNumber.
- Fixed str/bytes regression when redisplaying input form after catching LDAPError exception.
1.5.76
Release Date: 2020-05-10
-
Set HTML
http-equiv="refresh"
to exactly the value of web2ldapcnf.session_remove. - Registered appropriate plugin classes for root DSE attributes because those are not properly defined in subschema subentry of MS AD.
- Fixed plugin registration of MS AD attribute domainControllerFunctionality.
1.5.75
Release Date: 2020-05-06
- Added syntax stub classes for schema description syntaxes used by attributes in subschema subentry (defined in RFC 4512).
1.5.74
Release Date: 2020-05-05
- Fixed using host-/backend-specific parameter timeout.
- Fixed error handling during login search.
- More code-cleaning.
1.5.73
Release Date: 2020-05-05
- In default config parameter ldap0.OPT_X_TLS_CIPHER_SUITE is no longer set to HIGH because this is not a valid cipher setting for GNUTLS used on Debian.
- Updated/fixed docker/ stuff, added Dockerfile based on Debian stable.
- Added safety check when logging LDAPSession instance attributes.
1.5.71
Release Date: 2020-05-04
- Fixed DNS SRV RR lookup for stricter str/bytes handling in Python 3.9.
- __slots__ are used for better performance and reduced memory footprint in web2ldap.schema.syntaxes.
- Replaced crude hack in LDAPSyntax.display() with simply returning repr() of attribute value. Anyway this will not happen often nowadays.
- Fixed re-login after own password change.
- Fixed str/bytes regression in plugin class for attributes storing seconds since epoch (e.g. Samba).
- Fixed str/bytes regression when displaying SASL authc infos in [ConnInfo].
- Fixed str/bytes regression when binding with SASL password mechanism.
1.5.68
Release Date: 2020-04-30
- Fixed missing attribute name in web2ldap.web.forms.Field.__slots__.
- Æ-DIR plugin class for group member attribute now logs a warning if searching possible member entries failed.
1.5.67
Release Date: 2020-04-29
- Added HTML attribute autofocus to input fields of username in login form templates.
- Æ-DIR plugin class for group member attribute now uses higher cache TTL when checking referenced group member entries. This should reduce load when editing groups with many members.
- Fixed str/bytes regression in Æ-DIR plugin class for group member attribute.
-
Using __slots__
for better performance and reduced memory footprint:
- Compability for upcoming ldap0 release 1.0.3.
- Added __slots__ to classes in web2ldap.web.forms.
1.5.66
Release Date: 2020-04-27
- Plugin class for LDAP syntax Integer now sets HTML5 attribute type=number for input fields.
- Fixed plugin class for attribute dhcpRange.
1.5.65
Release Date: 2020-04-26
- Code cleaning.
- Fixed str/bytes regression when displaying DIT structure rule in schema viewer.
- Removed file dumpasn1.cfg.
1.5.63
Release Date: 2020-04-17
- Module secrets used for generating random strings.
- Requires update of module package ldap0 to 1.0.1 or later.
1.5.62
Release Date: 2020-04-14
- Fixed displaying libc version during startup if available.
- Display result of platform.uname() during startup.
1.5.61
Release Date: 2020-04-11
- Minor fixes in Æ-DIR plugin classes.
1.5.60
Release Date: 2020-04-08
- Fixed vCard export.
1.5.58
Release Date: 2020-03-21
-
Fixed ResourceWarning on Python 3.8 by
using the with-statement for
- temporarily opened files
- built-in HTTP server when running stand-alone
1.5.57
Release Date: 2020-03-14
- Fixed str/bytes regression fix for plugin class for attribute dhcpRange.
1.5.55
Release Date: 2020-03-12
- Added web2ldap.wsgi wrapper script, improved mod_wsgi sample config.
1.5.54
Release Date: 2020-03-11
- Fixed compability issue with Python 3.8.
1.5.53
Release Date: 2020-02-17
- Fixed regression in some plugin modules introduced in 1.5.52.
1.5.52
Release Date: 2020-02-16
- Fixed some inconsistent str/bytes handling found when running Python interpreter with command-line option -bb.
- Added file MANIFEST.in for proper packaging of all files.
1.5.51
Release Date: 2020-02-11
- Added Subresource Integrity to CSS <link> tags (see W3C recommendation and browser support).
1.5.50
Release Date: 2020-02-01
- New env vars LOG_CONFIG and LOG_QUALNAME for defining the logging configuration.
1.5.49
Release Date: 2020-01-25
- Plugin method for OctetString.sanitize() does not raise LDAPSyntaxValueError anymore because it does not work well with later transmute of attribute values and error handling in the UI.
- [Up] link in main menu no longer displayed if current DN equals the current naming context.
1.5.48
Release Date: 2020-01-22
- Fixed HTML templates for Æ-DIR object class aeDept which fixes a KeyError exception raised.
1.5.47
Release Date: 2020-01-18
- Abort handling request in case of invalid session to avoid AttributeError exceptions logged.
1.5.46
Release Date: 2020-01-14
-
Improved support for aePerson and aeUser entries
with status "registered"
(aeStatus=-1)
.
1.5.45
Release Date: 2020-01-03
- Corrections/updates in documentation.
- Implemented custom collector to generate metrics, metric names changed.
1.5.40
Release Date: 2019-12-30
- Support system-wide installation in /usr/local.
1.5.39
Release Date: 2019-12-28
- Fixed generating uniqueIdentifier values in aePerson entries.
- Fixed str/bytes regression in Æ-DIR plugin classes for attributes. gidNumber, host and sudoHost.
1.5.38
Release Date: 2019-12-27
- Fixed generating printable output of search results.
1.5.37
Release Date: 2019-12-23
- Fixed list/iterator regression in plugin class for attribute mail in aePerson entries.
- Restructured example configuration module web2ldapcnf.hosts.
1.5.36
Release Date: 2019-12-22
- The current DN is written to exception log message.
- Fixed str/bytes regression in plugin class for macAddress.
- Improved template strings for attribute description in aeNwDevice entries.
1.5.35
Release Date: 2019-12-21
- Fixed regression when checking for non-interactive SASL mechs during anonymous bind.
- Fixed str/bytes regressions in Æ-DIR plugin class for rfc822MailMember.
1.5.33
Release Date: 2019-12-20
- Remove attribute allowedAttributesEffective from editable entry only if present. Fixes editing entries in MS AD schema container.
- SASL option OPT_X_SASL_USERNAME is displayed in connection info if available.
- Fixed str/bytes regression when checking for non-interactive SASL mechs which also fixes determining the DN of the bound entity when using SASL/GSSAPI with MS AD.
1.5.32
Release Date: 2019-12-20
- Gracefully handle non-existent namingContexts values when determining best-matching naming context for current DN.
- Requires module ldap0 >= 0.6.6.
- Gracefully handle error in Æ-DIR plugin module when reading a non-readable aeZone entry.
- Fixed regression in CSV export for empty values.
1.5.29
Release Date: 2019-12-17
- Avoid use of deprecated function removed in Python 3.8 when generating base64-encoded password hashes.
- Fixed str/bytes regression when automatically adding object class simpleSecurityObject to entry.
1.5.28
Release Date: 2019-12-16
- Fixed str/bytes regression when setting new password in MS AD in attribute unicodePwd.
- Fixed bytes/int regression in plugin class for logonHours.
- Fixed plugin class for homeDirectory when auto-generating the attribute value.
- Fixed str/bytes regression when deleting a single (binary) attribute.
1.5.26
Release Date: 2019-12-15
- Fixed a regression when running with web2ldapcnf.session_paranoid to non-zero value for regenerating session IDs.
- Corrections/updates in documentation.
1.5.25
Release Date: 2019-12-14
- Adding debug logging when deleting entries.
- Removed context menu when displaying input form for modifying an entry because users were confused by [Modify] link in the context menu.
- Removed context menu when displaying input forms for deleting and renaming an entry.
1.5.24
Release Date: 2019-12-10
- Fixed regression in Æ-DIR plugin class for aeNotAfter.
1.5.23
Release Date: 2019-12-08
- Fixed regression in plugin class for associatedDomain.
- Fixed str/bytes regression when switching to object class select form during editing a new entry to be added.
- Removed displaying the kind of an object class for attribute structuralObjectClass.
- Small change to how the kind of an object class is displayed along with the object class attribute value.
- Grouped attributes related to SSH and passwords in HTML templates for Æ-DIR.
1.5.22
Release Date: 2019-12-07
- Fixed str/bytes regressions in Æ-DIR plugin module.
- Removed obsolete class AEPerson2 from Æ-DIR plugin module.
1.5.21
Release Date: 2019-12-05
- Avoid adding form parameter dn two times when generating links for displaying complete attribute value sets.
- Fixed str/bytes regression in MS AD plugin class for LDAP syntax DNWithOctetString.
1.5.20
Release Date: 2019-12-04
- Fixed str/bytes regression in MS AD plugin classes.
- Fixed str/bytes regression when writing hidden input fields to output.
1.5.19
Release Date: 2019-12-02
- Fixed handling of env var LOG_LEVEL to also properly handle mix-/lower-cased values.
- Fix for Python 3.8: Avoid using deprecated Thread method.
- Fixed binding with a bind-DN of an entry which cannot be read after bind.
- Added new options to select plugin class for OpenDJ-specific attributes ds-privilege-name and friends.
- Fixed str/bytes regression in plugin class for memberUrl.
- Fixed str/bytes regression when displaying LDAP URL anchor.
1.5.18
Release Date: 2019-11-29
- Fixed regressions in Æ-DIR plugin module.
- Fixed regression with empty query string.
- Fixed str/bytes regressions when locating servers via DNS.
1.5.17
Release Date: 2019-11-26
- Fixes for Python 3.8+.
1.5.16
Release Date: 2019-11-26
- Added new global configuration option web2ldapcnf.log_error_details.
1.5.15
Release Date: 2019-11-25
- Fixed many misspellings found by fossies.org codespell.
1.5.12
Release Date: 2019-11-25
- Exception counters now have full-qualified module/class name as key.
- Added Exception counters to metrics.
1.5.11
Release Date: 2019-11-24
- Fixed str/bytes regression in plugin class for dhcpHWAddress.
-
Added monitoring features:
- Added counters for exception types of all unhandled exceptions.
- Added counters for command URLs.
- Added metrics endpoint automatically available if module package prometheus_client is installed.
1.5.8
Release Date: 2019-11-20
- Fixed str/bytes regressions in Æ-DIR plugin module.
1.5.7
Release Date: 2019-11-18
- More Content-Security-Policy header options set to none in default config.
- Fixed str/bytes regressions in Æ-DIR plugin module.
1.5.5
Release Date: 2019-11-09
- Cookies now have SameSite=Strict set.
- Fixed regression with setting value-less cookie flags httpOnly and secure.
1.5.4
Release Date: 2019-11-07
- More code cleaning.
- Added support for upcoming Æ-DIR attribute aeChildClasses.
- Fixed regressions when changing password attributes with a modify operation.
1.5.3
Release Date: 2019-10-08
- During CSV export special attribute values are prepended with a single quote to hamper CSV injection attacks.
- More code cleaning.
1.5.2
Release Date: 2019-10-01
- Fixed using console entry point in virtual environment.
-
Fixed
--python-tag
for wheel files.
1.5.0
Release Date: 2019-10-01
Installation and configuration changes
- Requires Python 3.6 or newer.
- Requires update of module ldap0.
New features/enhancements
None.
Fixes
- Replaced some dangerous mutable values used as class attributes.
- Many small fixes along code-cleaning, especially bytes/str stuff.
Dropped features
-
Removed some features which require complete new implementation:
- certificate/CRL displayer
- pretty-printing of arbitrary BER data