source: openpam/trunk/HISTORY @ 486

Last change on this file since 486 was 486, checked in by Dag-Erling Smørgrav, 8 years ago

Document quoted option values.

  • Property svn:keywords set to Id
File size: 12.4 KB
Line 
1OpenPAM Lycopsida                                               2011-??-??
2
3 - ENHANCE: removed static build autodetection, which didn't work
4   anyway.  Use an explicit, user-specified preprocessor variable
5   instead.
6
7 - ENHANCE: cleaned up the documentation a bit.
8
9 - ENHANCE: added openpam_subst(3), allowing certain PAM items to be
10   embedded in strings such as prompts.  Apply it to the prompts used
11   by pam_get_user(3) and pam_get_authtok(3).
12
13 - ENHANCE: added support for the user_prompt, authtok_prompt and
14   oldauthtok_prompt module options, which override the prompts passed
15   by the module to pam_set_user(3) and pam_get_authtok(3).
16
17 - ENHANCE: rewrote the policy parser to support quoted option values.
18
19 - ENHANCE: added pamtest(1), a tool for testing modules and policies.
20============================================================================
21OpenPAM Hydrangea                                               2007-12-21
22
23 - ENHANCE: when compiling with GCC, mark up API functions with GCC
24   attributes where appropriate.
25
26 - BUGFIX: fixed numerous warnings uncovered by GCC 4.
27
28 - ENHANCE: building the documentation is now optional.
29
30 - ENHANCE: corrected a number of mistakes and style issues in the
31   build system.
32
33 - ENHANCE: API function arguments are now const where appropriate, to
34   match corresponding changes in the Solaris PAM and Linux-PAM APIs.
35
36 - ENHANCE: corrected a number of C namespace violations.
37
38 - ENHANCE: the module cache has been removed, allowing long-lived
39   applications to pick up module changes.  This also allows multiple
40   threads to use PAM simultaneously (as long as they use separate PAM
41   contexts), since the module cache was the only part of OpenPAM that
42   was not thread-safe.
43============================================================================
44OpenPAM Figwort                                                 2005-06-16
45
46 - BUGFIX: Correct several small signedness and initialization bugs
47   discovered during review by the NetBSD team.
48
49 - BUGFIX: Modify gendoc.pl to sort cross-references in dictionary
50   order within each section.
51
52 - ENHANCE: if a policy specifies a relative module path, prepend the
53   module directory so we never call dlopen(3) with a relative path.
54
55 - ENHANCE: add a pam.conf(5) manual page.
56============================================================================
57OpenPAM Feterita                                                2005-02-01
58
59 - BUGFIX: Correct numerous markup errors, invalid cross-references,
60   and other issues in the manual pages, with kind assistance from
61   Ruslan Ermilov <ru@freebsd.org>.
62
63 - BUGFIX: Avoid multiple evaluation of macro arguments in ENTERX()
64   and RETURNX() macros.
65
66 - BUGFIX: Remove an unnecessary and non-portable pointer cast in
67   pam_get_data(3).
68
69 - BUGFIX: Fix identical typos in PAM_ACCT_EXPIRED case in
70   pam_strerror(3) and gendoc.pl.
71
72 - ENHANCE: Minor overhaul of the autoconf / build system.
73
74 - ENHANCE: Add openpam_free_envlist(3).
75============================================================================
76OpenPAM Eelgrass                                                2004-02-10
77
78 - BUGFIX: Correct array handling bugs in conversation code.
79
80 - BUGFIX: In openpam_ttyconv(3), don't strip trailing linear
81   whitespace from the user's response.
82
83 - BUGFIX: Many constness issues addressed.
84============================================================================
85OpenPAM Dogwood                                                 2003-07-15
86
87 - ENHANCE: Use the GNU autotools.
88
89 - ENHANCE: Constify the msg field in struct pam_message.
90
91 - BUGFIX: Remove left-over debugging output
92
93 - BUGFIX: Avoid side effects in arguments to the FREE() macro
94
95 - ENHANCE: Make openpam_ttyconv(3) use read(2) rather than fgets(3).
96
97 - BUGFIX: Staticize some variables which shouldn't be global.
98
99 - BUGFIX: Correcly anticipate a NULL user in pam_get_user(3).
100
101 - ENHANCE: Various minor documentation improvements.
102
103Thanks to Dmitry V. Levin <ldv@altlinux.org> for considerable
104assistance with this release.
105============================================================================
106OpenPAM Digitalis                                               2003-06-01
107
108 - ENHANCE: Completely rewrite the configuration parser and add
109   support for the "include" control flag.
110
111 - ENHANCE: Improve portability to NetBSD, OpenBSD and Linux.
112
113 - ENHANCE: Lots of additional paranoia.
114
115 - BUGFIX: The sample su(1) application dropped privileges before
116   forking instead of after.
117
118 - ENHANCE: Document openpam_log(3).
119
120 - ENHANCE: Other minor documentation fixes.
121
122Thanks to Dmitry V. Levin <ldv@altlinux.org> for considerable
123assistance with this release.
124============================================================================
125OpenPAM Dianthus                                                2003-05-02
126
127 - BUGFIX: Initialize some potentially uninitialized variables.
128
129 - BUGFIX: Silence some warnings emitted by gcc -std=iso9899:1999.
130
131 - BUGFIX: In pam_getenv(), return a pointer to the stored variable
132   instead of a freshly allocated copy.
133
134 - ENHANCE: Detect recursion in openpam_borrow_cred()
135
136 - ENHANCE: Make borrowing one's own credentials a no-op.
137
138 - ENHANCE: Further improve debugging support.
139
140 - ENHANCE: Clean up some variable names.
141============================================================================
142OpenPAM Daffodil                                                2003-01-06
143
144 - ENHANCE: Document dependency on <sys/types.h> (for size_t)
145
146 - ENHANCE: Slightly improve error detection in openpam_ttyconv().
147
148 - BUGFIX: Fix several typos in debugging macros.
149============================================================================
150OpenPAM Cyclamen                                                2002-12-12
151
152 - ENHANCE: Improve recursion detection in openpam_dispatch().
153
154 - ENHANCE: Add debugging messages at entry and exit points of most
155   functions.
156
157 - ENHANCE: Fix some minor style issues.
158
159 - BUGFIX: Add default cases to the switches in openpam_log.c.
160
161 - ENHANCE: Add /usr/local/etc/pam.conf to policy search path.
162
163 - BUGFIX: In openpam_ttyconv(3), print the prompt to stdout rather
164   than stderr.
165============================================================================
166OpenPAM Citronella                                              2002-06-30
167
168 - ENHANCE: Add the "binding" control flag (from Solaris 9).
169
170 - ENHANCE: Define struct pam_repository and PAM_REPOSITORY (from
171   Solaris 9).
172
173 - ENHANCE: Flesh out the pam(3) man page.
174
175 - ENHANCE: Add an openpam(3) page with cross-references to all the
176   documented OpenPAM API extensions.
177
178 - ENHANCE: Add a pam_conv(3) man page describing the conversation
179   system.
180
181 - ENHANCE: Improved sample application.
182
183 - ENHANCE: Added sample pam_unix module.
184
185 - BUGFIX: Various documentation nits.
186============================================================================
187OpenPAM Cinquefoil                                              2002-05-24
188
189 - BUGFIX: Various warnings uncovered by gcc 3.1.
190
191 - ENHANCE: Add a null conversation function, openpam_nullconv(3).
192
193 - BUGFIX: Initialize the "other" chain to all zeroes.
194
195 - ENHANCE: Document openpam_ttyconv(3).
196============================================================================
197OpenPAM Cinnamon                                                2002-05-02
198
199 - ENHANCE: Add a null conversation function, openpam_nullconv().
200
201 - BUGFIX: Various markup bugs in the documentation.
202
203 - BUGFIX: Document <security/openpam.h>.
204
205 - BUGFIX: Duplicate expansion of openpam_log() macro arguments.
206
207 - ENHANCE: Restructure the policy-loading code and align our use of
208   the "other" policy with Solaris and Linux-PAM.
209
210 - ENHANCE: Log dlopen() and dlsym() failures.
211
212 - ENHANCE: In openpam_ttyconv(), emit a newline after error and info
213   messages unless the message contains one already.
214
215 - BUGFIX: In pam_vprompt(), initialize the response pointer to NULL
216   so we can detect whether the conversation function touched it.
217============================================================================
218OpenPAM Cineraria                                               2002-04-14
219
220 - BUGFIX: Fix confusion between token and prompt in
221   pam_get_authtok(3).
222
223 - ENHANCE: Improved documentation.
224
225 - ENHANCE: Adopt the same preprocessor tricks that were used in
226   FreeBSD's version of Linux-PAM to simplify static linking without
227   requiring dummy primitives.
228
229 - ENHANCE: Move the policy-loading code out of pam_start.c.
230
231 - BUGFIX: Fix typo in one of the versions of the openpam_log macro.
232
233 - ENHANCE: Add versioning macros.
234============================================================================
235OpenPAM Cinchona                                                2002-04-08
236
237 - ENHANCE: Improved documentation for several API functions.
238
239 - BUGFIX: Fix bug in pam_set_data() that would result in corruption
240   of the module data list.
241
242 - BUGFIX: Allocate the correct amount of memory for the environment
243   list in pam_putenv().
244
245 - ENHANCE: Change pam_get_authtok()'s prototype so the caller can
246   specify what token it wants.  Also introduce PAM_OLDAUTHTOK_PROMPT.
247
248 - BUGFIX: Plug memory leak in pam_get_user() / pam_get_authtok(), and
249   reduce differences between these very similar functions.
250
251 - ENHANCE: Check flags carefully in pam_authenticate() and
252   pam_chauthtok().
253
254 - BUGFIX: Fix bugs in portability code; libpam now builds on NetBSD.
255
256 - ENHANCE: In pam_get_authtok(), if PAM_OLDAUTHTOK is set, we're
257   asked for PAM_AUTHTOK, and we have to prompt the user, prompt her
258   twice and compare the responses.
259
260 - ENHANCE: Add openpam_{borrow,restore}_cred(), for temporarily
261   switching to user credentials.
262
263 - ENHANCE: Add openpam_free_data(), a generic cleanup function for
264   pam_set_data() consumers.
265============================================================================
266OpenPAM Centaury                                                2002-03-14
267
268 - BUGFIX: Add missing #include <string.h> to openpam_log.c.
269
270 - BUGFIX: s/PAM_REINITIALISE_CRED/PAM_REINITIALIZE_CRED/.  XSSO uses
271   the former, but Solaris and Linux-PAM use the latter.
272
273 - BUGFIX: The dynamic loader and the module cache contained a number
274   of bugs which would cause a segmentation fault if pam_start(3) was
275   called again after pam_end(3), as happens in login(1), xdm(1) etc.
276   after a failed login.
277
278 - BUGFIX: Refer to a module by the name used in the policy file, even
279   if the module that was actually loaded was versioned.
280
281 - ENHANCE: Suppress debugging logs, unless compiled with -DDEBUG.
282============================================================================
283OpenPAM Celandine                                               2002-03-05
284
285 - BUGFIX: PAM_TRY_AGAIN is a valid return value for pam_chauthtok().
286
287 - BUGFIX: Run passwd chain twice, first with the PAM_PRELIM_CHECK
288   flag set, then with the PAM_UPDATE_AUTHTOK flag set.
289
290 - BUGFIX: Failure of a "sufficient" module should not terminate the
291   passwd chain if the PAM_PRELIM_CHECK flag is set.
292
293 - BUGFIX: Clear PAM_AUTHTOK after running the service modules.
294
295 - ENHANCE: Prevent applications from specifying the PAM_PRELIM_CHECK
296   or PAM_UPDATE_AUTHTOK flags themselves.
297
298 - BUGFIX: openpam_set_option() did not support changing the value of
299   an existing option.
300
301 - ENHANCE: Add support for module versioning.  OpenPAM will prefer a
302   module with the same version number as the library itself to one
303   with no version number at all.
304============================================================================
305OpenPAM Cantaloupe                                              2002-02-22
306
307 - BUGFIX: The proper use of PAM_SYMBOL_ERR is to indicate an invalid
308   argument to pam_[gs]et_item(3), not to indicate dlsym(3) failures.
309
310 - ENHANCE: Add in-line documentation in most source files, and a Perl
311   script that generates mdoc code from that.
312
313 - BUGFIX: The environment list was not properly NULL-terminated.
314
315 - ENHANCE: Allow the PAM_AUTHTOK_PROMPT item to override the prompt
316   specified by the module.
317
318 - BUGFIX: PAM_NUM_ITEMS was set too low.  It has been moved to
319   pam_constants.h to avoid it going stale again.
320
321 - ENHANCE: Move all code related to static modules into a separate
322   file.
323
324 - ENHANCE: openpam_ttyconv() now masks most signals while prompting the
325   user, and supports setting a timeout (which defaults to off).
326
327 - BUGFIX: Some manual pages referenced XSSO even though they
328   documented OpenPAM-specific functions.
329
330 - ENHANCE: Added openpam_get_option() and openpam_set_option().
331
332 - ENHANCE: openpam_get_authtok() now respects the echo_pass,
333   try_first_pass, and use_first_pass options.
334============================================================================
335OpenPAM Caliopsis                                               2002-02-13
336
337Fixed a number of bugs in the previous release, including:
338  - a number of bugs in and related to pam_[gs]et_item(3)
339  - off-by-one bug in pam_start.c would trim last character off certain
340    configuration lines
341  - incorrect ordering of an array in openpam_load.c would cause service
342    module functions to get mixed up
343  - missing 'continue' in openpam_dispatch.c caused successes to be
344    counted as failures
345============================================================================
346OpenPAM Calamite                                                2002-02-09
347
348First (beta) release.
349============================================================================
350$Id: HISTORY 486 2011-11-03 16:58:05Z des $
Note: See TracBrowser for help on using the repository browser.