RSS feed

release 0.8.4 of nss-pam-ldapd

[Date Prev][Date Next] [Thread Prev][Thread Next]

release 0.8.4 of nss-pam-ldapd

This is an update for the 0.8 series that includes a number of fixes,
new features and a few backwards incompatible changes. The 0.8 series
remains in development mode and several more bigger changes,
enhancements and new features are planned. Users that require a stable
release are encouraged to stay with 0.7 until 0.8 stabilises

A summary of the changes since 0.8.3:
* switch to using the member attribute by default instead of
  uniqueMember (backwards incompatible change)
* only return "x" as a password hash when the object has the
  shadowAccount objectClass and nsswitch.conf is configured to do shadow
  lookups using LDAP (this avoids some problems with pam_unix)
* fix problem with partial attribute name matches in DN (thanks Timothy
* fix a problem with objectSid mappings with recent versions of OpenLDAP
  (patch by Wesley Mason)
* set the socket timeout in a connection callback to avoid timeout
  issues during the SSL handshake (patch by Stefan Völkel)
* check for unknown variables in pam_authz_search
* only check password expiration when authenticating, only check account
  expiration when doing authorisation
* make buffer sizes consistent and grow all buffers holding string
  representations of numbers to be able to hold 64-bit numbers
* update AX_PTHREAD from autoconf-archive
* support querying DNS SRV records from a different domain than the
  current one (based on a patch by James M. Leddy)
* fix a problem with uninitialised memory while parsing the tls_ciphers
* implement bounds checking of numeric values read from LDAP (patch by
  Jakub Hrozek)
* correctly support large uid and gid values from LDAP (patch by Jakub
* improvements to the configure script (patch by Jakub Hrozek)
* Debian packaging improvements

More information on this release can be found at:

-- arthur - - --
To unsubscribe send an email to or see