forked from cannatag/ldap3
/
CHANGES.txt
701 lines (609 loc) · 38 KB
/
CHANGES.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
# changes file for ldap3
# generated on 2016-11-18 08:08:03.852916
# version 2.1.1
- 2.1.1 2016.11.18
- Mock strategy uses case insensitive matching when appropriate
- fixed error when adding a virtual attribute in the abstract Entry object
- fixed error messages in Entry moving and renaming
- Reverted default connection strategy to SYNC (thanks Mauro)
- Fixed tutorials (thanks Mauro)
- Fixed checking of schema in ObjectDef (thanks Pierre)
- Fixed checking of stdin in config (thanks Oleg)
- fixed commit of entry with async strategies
- fixed reading of entries in async strategies
- added cipher argument to Tls (thanks Nicolas)
- fixed bug when using the abstraction layer with lazy connections
- fixed case matching while adding new entry in Writer cursor (thanks t0neg)
- disabled auto_escape for byte values
- fixed auto_escape for python 2
- 2.1.0 2016.11.03
- changed default Connection strategy from SYNC to RESTARTABLE
- enable automatic escaping of assertion values
- fixed decoding error with check_name=False
- added auto_escape parameter in connection, for trying automatic filter and attribute values escape
- fixed checking of schema in MockBase
- SASLBindInProgress doesn't raise an exception anymore with raise_exceptions=True
- standard formatters are applied in mocking strategies when serching for exact match
- 2.0.9 2016.10.28
- removed sanitization of DN in bind operation because some servers accept non standard DN for Simple Bind
- 2.0.8 2016.10.28
- included referral caching (thanks TWAC)
- 2.0.7 2016.10.27
- FIRST RELEASE OF LDAP3 V2
- changed signature of ldap3.abstract.Reader object
- removed search_size_limit(), search_time_limit() and search_types_only in the Reader cursor
- fixed SASL in progress error (thanks Styleex)
- fixed ALL_ATTRIBUTES in MOCK_SYNC strategy (thanks Belgarion)
- ncorrect attribute type error message now includes the name of the attribute (Thanks Andrej)
- relaxed dn checking for Active Directory UserPrincipalName
- relaxed dn checking for Active Directory SamAccountName
- added checking of attribute name in add, compare and search operations
- added checking of class name in add operation
- renamed exception LDAPTypeError to LDAPAttributeError
- in sync strategies LDAP operations populate the last_error attribute of the connection in case of not RESULT_SUCCESS
- connection.return_empty_attributes defaults to True
- escaped filter by default
- fixed escaping of filter
- add move and rename to abstraction layer entry
- ldap3 namespace decluttered
- RESULT_CODES moved to ldap3.core.results
- compatability constants removed
- exceptions removed from ldap3 namespace, defined in ldap3.core.exceptions only
- ADDRESS_INFO_REFRESH_TIME is now configurable via set_config_parameter
- Operational attribute prefix set to 'OA_'
- Allows cert and key file in the same file (thanks Jan-Philip)
- Removed logging info when logging is disabled (thanks Dan)
- Updated copyright notice
- Refactored abstraction layer with full support for CRUD (Create, Read, Update, Delete) abstract operations
- Added WritableEntry and WritableAttribute to abstraction layer
- Added standard validators for attribute types and syntaxes defined in the standard LDAP schema
- Added custom validators for attribute values
- Added update capability to abstraction layer
- Fixed typo in docs (thanks Gerardwx)
- Fixed Object and Attribute representation in schema (superior class not shown)
- ObjectDef automatically populates attributes from schema, following object_class hierarchy
- Added attributes parameter to search* methods of Cursor, so that only needed attributes are read even if attr_defs defines more
- Fixed connect_timeout not honored while wrapping socket in tls (thanks Kyle)
- Added 'set' to SEQUENCE_TYPES (thanks Christian)
- Entries returned by search are now writable via the abstraction layer
- LDAPReaderError exception renamed to LDAPCursorError
- auto_range parameter in Connection defaults to True (thanks Ashley)
- get_info defaults to SCHEMA while defining Server object
- Included ordereddict 1.1 (# Copyright (c) 2009 Raymond Hettinger) in ldap3.utils.ordDict for backporting OrderedDict in Python 2.6
- Added config parameter RESET_AVAILABILITY_TIMEOUT to reinsert invalid address in candidate_addresses while checking connection, defaults to 5 seconds
- Fixed inability to connect to a server if the connection starts when the server is unavailable and then it becomes available again
- All DNs are sanitized if connection.check_names is True
- LDAPControlsError exception renamed to LDAPControlError
- LDAPChangesError exception renamed to LDAPChangeError
- The following older constants in ldap3 have been removed, please use the suggested ones:
- AUTH_ANONYMOUS = ANONYMOUS
- AUTH_SIMPLE = SIMPLE
- AUTH_SASL = SASL
- SEARCH_SCOPE_BASE_OBJECT = BASE
- SEARCH_SCOPE_SINGLE_LEVEL = LEVEL
- SEARCH_SCOPE_WHOLE_SUBTREE = SUBTREE
- SEARCH_NEVER_DEREFERENCE_ALIASES = DEREF_NEVER
- SEARCH_DEREFERENCE_IN_SEARCHING = DEREF_SEARCH
- SEARCH_DEREFERENCE_FINDING_BASE_OBJECT = DEREF_BASE
- SEARCH_DEREFERENCE_ALWAYS = DEREF_ALWAYS
- STRATEGY_SYNC = SYNC
- STRATEGY_ASYNC_THREADED = ASYNC
- STRATEGY_LDIF_PRODUCER = LDIF
- STRATEGY_SYNC_RESTARTABLE = RESTARTABLE
- STRATEGY_REUSABLE_THREADED = REUSABLE
- STRATEGY_MOCK_SYNC = MOCK_SYNC
- STRATEGY_MOCK_ASYNC = MOCK_SYNC
- POOLING_STRATEGY_FIRST = FIRST
- POOLING_STRATEGY_ROUND_ROBIN = ROUND_ROBIN
- POOLING_STRATEGY_RANDOM = RANDOM
- GET_NO_INFO = NONE
- GET_DSA_INFO = DSA
- GET_SCHEMA_INFO = SCHEMA
- GET_ALL_INFO = ALL
- 1.4.0 2016.07.18
- Multiple Mock strategies now share entries when using the same Server object
- Added AsyncStreamStrategy
- Added Connection.extend.standard.persistent_search() (Thanks martinrm77)
- Added escaping of character > 0x7F in filter validation (thanks cfelder)
- Added better descriptions of Exception in abstraction layer (thanks cfelder)
- Added queue in Persistent Search
- Added callback in Persistent Search
- MockStrategy now honors raise_exception parameter (thanks Simon)
- 1.3.3 2016.07.03
- Change paameter name from 'check' to 'fix' in connection.extend.novell.add_members_to_groups() and connection.extend.novell.remove_members_from_groups
- Added connection.extend.novell.check_groups_memberships() that check if members are in groups and fixes the user-group relation if incorrect
- Updated docs link to ldap3.readthedocs.io
- Fixed error in utils.conv.check_escape (thanks Anjuta)
- Fixed typo in server.py when IP_V4_PREFERRED is used (thanks eva8668)
- Host name certificate matching exception and logging is much more informative (thanks eddie-dunn)
- Fixed typo in docs for use_ssl (thanks Brooks Kindle)
- Tested against Python 2.6., Python 2.7.12, Python 3.5.2 and PyPy 5.3.1
- 1.3.2 2016.07.01
- unreleased on pypi
- 1.3.1 2016.05.11
- Added support for mocking the ldap3 library
- Added support for MockSync strategy (thanks Roxana)
- Added checked_attributes=True parameter to connection.response_to_json()
- Added checked_attributes=True parameter to entry.entry_to_json()
- MockSyncBase strategy supports bind(), unbind(), delete(), compare(), modify(), modify_dn(), abandon(), add()
- MockSyncBase strategy accepts directory entries in json file
- Fixed schema representation (thanks Conrado)
- Allow connection.abandon(0), useful to "ping" the server
- Added connection.abandon() test suite
- Reusable strategy checks bind credential at bind() time, only on one worker connection
- Reusable strategy ignores abandon() operation because of multiple connection workers
- Reusable strategy honours return_empty_attributes connection parameter
- Added lazy information to connection representation
- Added support for hash (LM:NTLM) Windows NTLM authentication (thanks Dirk)
- Fixed representation of empty attributes in connection.entries
- Comparison of entry attributes value is easier
- Added new extended operation connection.extend.novell.start_transaction()
- Added new extended operation connection.extend.novell.end_transaction()
- Added new extended operation connection.extend.novell.add_members_to_groups(members, groups, check, transaction)
- Added new extended operation connection.extend.novell.remove_members_from_groups(members, groups, check, transaction)
- Added new exception LDAPTransactionError
- Added logic to handle Novell Transaction Error Unsolicited Notice
- Ignore cheching of ssl context when cadata, cafile and capath are not provided (thanks DelboyJan)
- 1.2.2 2016.03.23
- repr encoding set to 'ascii' when sys.stdout.encoding is None (thanks Jeff)
- 1.2.1 2016.03.19
- try to use the requested ssl protocol in SSLContext for Python>=3.4 (thanks Patrick)
- added return_empty_attributes to Connection object to return an empty list when the attribute requested is missing in the retrieved object
- 1.1.2 2016.03.10
- Added rebind() method to Connection object to rebind with a different user (thanks Lorenzo)
- Added Tests for rebind operation
- Start_tls honored in referrals
- Default ldaps port honored in referrals
- Additional connection parameters honored in referrals and in the restartable strategy
- Server connection timeout is honored while connecting, connection receive timeout while receiving
- Extended operations followed on referrals (thanks Pavel)
- Added receive_timeout parameter in Connection object to set socket in non-blocking mode with a specified timeout (thanks Antho)
- Fixed abstract entry __getattr__() throwing KeyError instead of AttributeError (thanks Kilroy)
- Fixed start_tls() Reusable strategy
* 1.0.4 2016.01.25
- Controls can be added to extended operation in the extend package (thanks Hinel)
* 1.0.3 2015.12.1
- Fixed set_config_parameter (thanks Sigmunau)
- Disabled unauthenticated authentication, see RFC 4513 section 5.1.2 (thanks Petros)
- Fixed falsey value in abstract Entry object __contains__() (thanks Vampouille)
* 1.0.2 2015.12.07
- Allowed_referral_hosts in Server objects defaults to [('*', True)] to accept any referral server with authentication
- Referral uri is now properly percent-undecoded (thanks TWAC)
- Referral Server object now use the same configuration of the original Server object
- Fixed __contains__() in Entry object (thanks Vampouille)
* 1.0.1 2015.12.06
- Removed the compat package
- Refactored docs for extend operations
* 1.0.0 2015.12.06
- Private RC for production
- Status moved to 5 - Production/Stable
* 0.9.9.4 2015.12.02
- Added items() to CaseInsensitiveDict class (thanks Jan-Hendrik)
- Added set_config_parameter() in ldap3 namespace to modify the values of the configurable parameters of ldap3
- Added microsoft.extend.modify_password() extended operation to change AD password
- Fixed find_active_random_server() in pooling (thanks Sargul)
- Fixed referral decoding in fast ber decoder (thanks TWAC)
* 0.9.9.3 2015.11.15
- Added LDAPI (LDAP over IPC) support for unix socket communication
- Added mandatory_in and optional_in in server schema for attribute types. Now you can see in which classes attributes are used
- Added last_transmitted_time and last_received_time to Usage object to track time of the last sent and received operation
- Exception SessionTerminatedByServer renamed to SessionTerminatedByServerError and added to ldap3 namespace
- Added get_config_parameter() in ldap3 namespace to read the current value of ldap3 configurable parameters
- Added SASL mechanism name as constants in the ldap3 namespace
- Added escape_filter_chars in utils.conv (thanks Peter)
- Reverted ALL_ATTRIBUTES behaviour in search to 0.9.9.1 (thanks Petros)
* 0.9.9.2 2015.10.19
- Fixed hasattr() behaviour for Entry object in Python 3
- Allows empty sasl_credentials in SASL bind
- Added POOLING_LOOP_TIMEOUT constant to specify how many seconds the server pooling strategy has to wait before retrying if it did not find an active server (defaults to 10)
- Pooling strategy now allows to specify the number of cycles to try when finding a server (with active=N)
- Pooling strategy now allows to specify how many seconds a server must be considered offline before retrying to check for availabiliry (with exhaust=N)
- Connection.entries defaults to empty list
- ALL_ATTRIBUTES don't send any attribute in the attribute list (was sending '*') while searching
- Added DirSync extended function for Microsoft Active Directory
- Added LDAP_SERVER_DIRSYNC_OID control for Microsoft Active Directory
- Added LDAP_SERVER_EXTENDED_DN_OID control for Microsoft Active Directory
- Added LDAP_SERVER_SHOW_DELETED_OID control for Microsoft Active Directory
- Fixed AD tests for single valued attributes
- Added ACL attribute in the ATTRIBUTES_EXCLUDED_FROM_CHECK list
* 0.9.9.1 2015.09.21
- Allows empty member values in groups while adding - this should not be as per rfc4511 4.1.7, but some servers expects it (thanks John)
- Faster case insensitive dict while getting and setting key (thanks Pierre)
- Updated setuptools to 18.3.2
- Updated wheel to 0.26
- Tested against Python 2.6 - Python 2.7 - Python 3.3 - Python 3.4 - Python 3.5 - pypy - pypy3
* 0.9.9 2015.09.09
- Fixed boolean value for True value in ASN.1 encoding for certain ldap servers. (thanks Will)
- Fixed follow auto referrals. (thanks WIll)
- Now protocol defined integer values can be used for scope and derefAliases arguments when searching. (thanks Will)
- Added description field in the AttrDef object. (thanks Hogne)
- Added a custom ber decoder. Decoding of received packets is now 10x faster.
- Added new boolean argument fast_decoder in connection object. Defaults to True.
- Highest date correctly managed by the format_ad_timestamp() formatter. (thanks Will)
- Fix for latest gssapi kerberos authentication module (thanks Alex)
- Added freeIPA OID descriptors
- Removed unneeded OidInfo class
* 0.9.8.8 2015.08.14
- Coerce objectClass to a list in Add operation. (thanks Yutaka)
- ObjectClass attribute values mantain their order in the Add operation. (thanks Yutaka)
- Fixed search filter composition when the value part of the assertion contains = character. (thanks Eero)
- Fixed modify_password extended operation when no hash method is specified. (thanks midnightlynx)
- Added credentials to kerberos authentication. (thanks Alex)
- Target name can be specified in sasl_credentials for Kerberos authentication. (thanks Alex)
- Target name can be read from DNS in sasl_credential for Kerberos authentication. (thanks Alex)
- Fixed connection.entries error when referrals are in the search response. (thanks WIll)
* 0.9.8.7 2015.07.19
- Backported ssl.match_hostname from Python 3.4.3 standard library to be used in Python < 2.7.10
- Use backports.ssl_match_hostname if present instead of static backported functions for matching server names in ssl certificate (thanks Michal)
- Attributes values are properly printed when not strings in abstract.attribute (thanks hogneh)
- Checking unicode __repr__() in python2
- Added hashing capability to Modify Password extended operation (thanks Gawain)
* 0.9.8.6 2015.06.30
- Modify operation now accept multiple changes for same attribute (Thanks Lorenzo)
- Fixed entries property in connection when objects from multiple object classes are returned
- Hide sensitive data in logging. use the utils.log.set_library_hide_sensitive_data(False) to show sensitive data
and utils.log.get_library_hide_sensitive_data() to get the current value
- Limited number of characters in a single log line. use the utils.log.set_library_log_max_line_length(length) to set
and utils.log.get_library_log_max_line_length(length) to get the current value
- Added CHANGES.txt with full changelog, latest changes only in README.txt
* 0.9.8.5.post2 2015.06.24
- Updated pyasn1 to 0.1.8
- Fixed error in not filter with pyasn1 0.1.8
* 0.9.8.5 2015.06.23
- Updated docs with ldap operations pages
- Fixed a bug where an Exception was raised on OpenBSD for missing IPV4_MAPPED flag
- Fixed missing add operation usage metrics
- Abstract Attribute doesn't permit "falsy" values or None as default (thanks Lucas)
* 0.9.8.4 2015.05.19
- Added EXTENDED log detail level with prettyPrint description of ldap messages
- Fixed logging of IPv6 address description
- Fixed checking of open address when dns returns more than one ip for the same host
- Fixed selection of proper address when failing back from IPv6 to IPv4 and vice-versa
- When sending controls controlValue is now optional (as stated in RFC 4511), specify None to not send it
- Moved badges to shields.io
* 0.9.8.3 2015.05.11
- Added support for logging
- Added LDAPInvalidTlsSpecificationError exception
- Added support for kerberos sasl - needs the gssapi package (thanks sigmaris and pefoley2)
- Added support for using generator objects in ldap operations (thanks Matt)
- Fixed bug in collect_usage (thanks Philippe)
- Changed default server mode from IP_SYSTEM_DEFAULT to IP_V6_PREFERRED
* 0.9.8.2 2015.04.08
- SaslCred returned as raw bytes (thanks Peter)
- Search_paged now properly works in abstract.reader (thanks wazboy)
* 0.9.8.1 2015.04.04
- Added NTLMv2 authentication method
- extend.standard.who_am_i() now try to decode the authzid as unicode
- Tests for AD (Active Directory) now use tls_before_bind when opening a connection
- 0.9.8 not working for pypi problems
* 0.9.7.12 2015.03.18
- Fixed missing optional authzid in digestMD5 sasl mechanism (thanks Damiano)
- Changed unneeded classmethods to staticmethods
* 0.9.7.11 2015.03.12
- Fixed address_info resolution on systems without the IPV4MAPPED flag (thanks Andryi)
* 0.9.7.10 2015.02.28
- Fixed bug in PagedSearch when server has a hard limit on the number of entries returned (thanks Reimar)
- 0.9.7.9 not working for pypi problems
- 0.9.7.8 not working for pypi problems
- 0.9.7.7 not working for pypi problems
- 0.9.7.6 not working for pypi problems
* 0.9.7.5 2015.02.20
- Fixed exception raised when opening a connection to a server. If there is only one candidate address and there is an error it returns the specific Exception, not a generic LDAPException error
- Address_info filters out any impossible address to reach
- Address_info include an IPV4MAPPED address for IPV6 host that try to reach an IPV4 only server
- Added SyncMock strategy (needs the sldap3 package)
- Fixed bug when using the aproximation operation in ldap search operations (thanks Laurent)
- Removed response from exception raised with raise_exceptions=True to avoid very long exceptions message
* 0.9.7.4 2015.02.02
- Added connection.entries property for storing response from search operations as and abstract.Entry collection.
* 0.9.7.3 2015.01.25
- Modify operation type can also be passed as integer
* 0.9.7.2 2015.01.16
- Fixed a bug when resolving IP address with getaddrinfo(). On OSX returned an UDP connection (thanks Hiroshi).
* 0.9.7.1 2015.01.05
- Moved to Github
- Moved to Travis-CI for continuous integration
- Moved to ReadTheDocs for documentation
- Moved testing servers in the cloud, to allow testing from Travis-CI
- Project renamed from python3-ldap to ldap3 to avoid name clashing with the existing python-ldap library
- Constant values in ldap3 are now strings. This is helpful in testing and debugging
- Test suite fully refactored to be used in cloud lab and local development lab
- Test suite includes options for testing against eDirectory, Active Directory and OpenLDAP
* 0.9.7 2014.12.17
- Fixed bug for auto_range used in paged search
- Added dual IP stack mode parameter in Server object, values are: IP_SYSTEM_DEFAULT, IP_V4_ONLY, IP_V4_PREFERRED, IP_V6_ONLY, IP_V6_PREFERRED
- Added read_server_info parameter to bind() and start_tls() to avoid multiple schema and info read operations with auto_bind
- Redesigned Reusable (pooled) strategy
- Added LDAPResponseTimeoutError exception raised when get_response() doesn't receive any response in the allowed timeout period
- Added shortened authentication parameters in ldap3 namespace: ANONYMOUS, SIMPLE, SASL
- Added shortened scope parameters in ldap3 namespace: BASE, LEVEL, SUBTREE
- Added shortened get_info parameters in ldap3 namespace: NONE, DSA, SCHEMA, ALL
- Added shortened alias dereferencing parameters in ldap3 namespace: DEREF_NONE, DEREF_SEARCH, DEREF_BASE, DEREF_ALWAYS
- Added shortened connection strategy parameters in ldap3 namespace: SYNC, ASYNC, LDIF, RESTARTABLE, REUSABLE
- Added shortened pooling strategy parameters in ldap3 namespace: FIRST, ROUND_ROBIN, RANDOM
- Added reentrant lock to avoid race conditions in the Connection object
- When runs in Python 2.7.9 uses SSLContext
- Tested against Python 2.7.9, PyPy 2.4.0 and PyPy3 2.4.0
- setuptools updated to 8.2.1
* 0.9.6.2 2014.11.17
- Changed SESSION_TERMINATED_BY_SERVER from 0 to -2
- Removed unneeded FORMAT_xxx variables in ldap3 namespace
- Fixed bug in auto_range when search operation returns search continuations
- Added infrastructure for Mock DSA (not functional yet)
* 0.9.6.1 2014.11.11
- Added boolean parameter "auto_range" to catch the "range" ldap tag in searches. When true all needed search operation are made to fully obtain the whole range of result values
- Fixed bug in sdist
- Added offline schema for Fedora 389 Directory Server 1.3.3
- Fixed bug while reading DSA info
* 0.9.6 2014.11.01
- New feature 'offline schema' to let the client have knowledge of schema and DSA info even if not returned by the server
- Offline schema for Novell eDirectory 8.8.8
- Offline schema for Microsoft Active Directory 2012 R2
- Offline schema for slapd 2.4 (Openldap)
- Added server.info.to_json() and server.info.to_file to JSON serialize schema and info from Server object
- Added Server.from_json() and Server.from_file() to create a Server object from a JSON definition
- Added response_to_json() and response_to_file() to Connection object to serialize search response entries in JSON as a string or as a file
- New exception hierarchy LDAPConfigurationError includes library configuration exceptions
- New exception LDAPInvalidConfigurationDefinitionError
- Dsa info and schema are not read twice when binding (thanks phobie)
- LDAPStartTLSError exception is merged with exception raised from ssl packaged
- Digest-MD5 SASL authentication accepts directives with list attributes (thanks John)
- Fixed caseInsensitiveDictionary for keys() and values() methods
- Fixed matching of certificate name in ssl with Python2
- Attributes names and formatters are checked even if schema is not read by the server
- Fixed fractional time when parsing generalized time
- Specific decoder for Active Directory ObjectGuid and ObjectSid
- Added additional checking for unicode in Python 2
- Tested against Python 3.4.2, 2.7.8, 2.6.6
- Updated setuptools to 7.0
* 0.9.5.4 2014.09.22
- Fixed security issue in lazy connections (thanks Moritz)
- Added ldap3.utils.dn with parse_dn(dn) to verify dn compliance with RFC4514
- Added safe_dn(dn) to properly escape dn (if possible)
- Added ldap3.utils.uri with parse_uri(uri) to verify uri compliance with RFC4516
- Check for trailing slashes in hostname (thanks Dylan)
- Timeout for socket connect operation. Server.connect_timeout = seconds_to_wait_for_establishing_connection (thanks Florian)
- Closing socket error doesn't raise exception anymore
- ServerPool can be implicity defined with a list of server names (even when defining a connection)
* 0.9.5.3 2014.08.24
- elements returned in schema and dsa info are in a case insensitive dictionary (can be changed in ldap3.CASE_INSENSITIVE_SCHEMA_NAMES = True|False)
- attributes name returned in searches are now case insensitive (can be changed in ldap3.CASE_INSENSITIVE_ATTRIBUTE_NAMES = True|False)
- change parameter name from separe_rdn to separate_rdn in ldap3.utils.conv.to_dn()
- sync dev from Bitbucket to GitHub
- schema attributes are explicitly read (useful for Active directory and 389 Directory Server)
- new extended operation: list_replicas (Novell)
- new extended operation: get_replica_info (Novell)
- new extended operation: partition_entry_count (Novell)
- renamed convert_to_ldif() to _convert_to_ldif()
* 0.9.5.2 2014.08.05
- fixed LDAPOperationResult.__str__ (thanks David)
- added to_dn() in utils.conv to convert a dn string to a list of components (strings or tuples)
- added __version__ in ldap3
- don't raise exception if the schema cannot be read in unauthenticated state
- server.address_info is now a property
* 0.9.5.1 2014.08.02
- getaddrinfo called only once
- real_server machinery removed - messageId is now global and monotonic for the whole library
- attributes are returned formatted if schema is read and check_names = True, removed checked_attributes
- bind result is populated again when successful (was removed in 0.9.2.1)
- exception is now raised if you receive multiple extended response to a single extended request. This is not allowed by RFC 4511
* 0.9.5 2014.07.22
- added support for IPv6 (thanks Robert)
- auto_bind can be used even for establishing tls, possible values (defined in ldap3) are: AUTO_BIND_NONE, AUTO_BIND_NO_TLS, AUTO_BIND_TLS_AFTER_BIND, AUTO_BIND_TLS_BEFORE_BIND
- refactored extend package to use classes
- new extended operation: get_universal_password (Novell)
- new extended operation: set_universal_password (Novell)
- added parsing of hostname in scheme://hostname:hostport format. This has the precedence on the parameters (thanks Sorin)
- added extra checks when the schema is read (with the get_info parameter) but nothing is returned by the server
- updated setuptools to version 5.4.1
- when check_name is True and schema is read attributes are checked and formatted in "checked_attributes" as specified by RFCs following the server schema
- added formatter for generalizedTime syntax as specified in RFC4517 (ASN.1)
- custom formatter can be added in Server definition
* 0.9.4.2 2014.07.03
- Moved to Bitbucket + Mercurial
- Fixed import in core.tls package
- Removed unneeded imports
* 0.9.4.1 2014.07.02
- included missing extend package (thanks to debnet)
* 0.9.4 2014.07.02
- when running in python 3.4 or newer now Tls class uses SSLContext object with default secure setting
- added parameters ca_certs_path, ca_certs_data, local_private_key_password to Tls object creation, valid when using SSLContext
- in python 3.4 or newer the system CA certificates configuration can be used (just leave ca_cert_file, ca_certs_path and ca_certs_data set to None)
- removed TLSv1 as default for Tls connection
- upgraded backported ssl function from python 3.4.1 when using with python 2
- when creating a connection the server parameter can be a string: the name of the server to connect in cleartext on default port 389
- fixed bug in ldap3.util.conv.escape_bytes()
- attributes parameter in search can be a tuple
- check_names parameter in connection now defaults to True (so when schema info is available attribute and class name will be checked when performing LDAP operations)
- remove the connection.close() method - use connection.unbind()
- new exception LDAPExtensionError for signalling when the requestValue of extended operation is of an unknown ASN1 type
- exiting connection manager doesn't raise an exception if unbind is not successful (needed in long operations)
- new extended operation: modify_password (RFC3062)
- new extended operation: who_am_i (RFC4532)
- new extended operation: get_bind_dn (Novell)
- updated setuptools to version 5.3
* 0.9.3.5 2014.06.22
- Exception history in restartable strategy is printed when reached the maximum number of retries
- Fixed conditions on terminated_by_server unsolicited message
- Added python2.6 egg installation package
* 0.9.3.4 2014.06.16
- Exception can now be imported from ldap3 package
- Escape_bytes return '' for empty string instead of None (thanks Brian)
- Added exception history to restartable connection (not for infinite retries)
- Fixed start_tls retrying in restartable connection (thanks Brian)
- New exception LDAPMaximumRetriesError for signalling when the SyncRestartable Strategy has reached the maximum number of retries while performing an operation
- Inverted deleteoldrdn value in LDIF output (thanks Joseph)
* 0.9.3.3 2014.06.01
- Fixed a bug in LDIFProducer when using context manager for connection
- LDIF header in stream is added only whene there are actual data in the stream
- Now LDIF stream can be added to an existing file - version header will not be written if stream is not empty
* 0.9.3.2 2014.05.30
- Fixed a bug while reading schema
- Add an implicit open() when trying binding on a closed connection
* 0.9.3.1 2014.05.28
- Added stream capability to LDIFProducer strategy
- Customizable line separator for LDIF output
- Customizable sorting order for LDIF output
- object_class parameter is now optional in connection.add()
- Fixed objectClass attribute case sensitive dependency in add operation
- Added stream capability to response_to_ldif() while searching
* 0.9.3 2014.05.20
- Now the key in server.schema.attribute_type is the attribute name (was the oid)
- Now the key in server.schema.object_classes is the class name (was the oid)
- Added check_names to Connection definition to have name of attributes and of object class checked against the schema
- Updated setuptools to 3.6
- Added wheel installation format
- Added raise_exceptions mode for connection
- Exception hierarchy reworked
- Added locking to Server object (for multithreading)
* 0.9.2.2 2014.04.30
- fixed a bug from 0.9.1 that broke start_tls() (thanks Mark)
* 0.9.2.1 2014.04.28
- fixed a bug in 0.9.2 that allowed only string attributes in add, modify and compare operations (thank Mladen)
* 0.9.2 2014.04.26
- changed return value in get_response from response to (response, result) - helpful for multi-threaded connections
- added ReusableStrategy for pooling connections
- refined docstrings (thanks Will)
- result and response attributes don't overlap anymore. Operation result is only in result attribute.
- fixed search for binary values (thanks Marcin)
- added convenience function to convert bytes to LDAP binary value string format for search filter
* 0.9.1 2014.03.30
- added laziness flag to test suite
- changed ServerPool signature to accept active and exhaust parameters
- removed unneeded start_listen parameter
- added 'lazy' parameter to open, to bind and to unbind a connection only when an effective operation is performed
- fixed start_tls in SyncWaitRestartable strategy
- fixed certificate name checking while opening an ssl connection
- fixed syntax error during installation
- socket operations now raises proper exception, not generic LDAPException (thanks Joseph)
- tested against Python 3.4, 3.3, 2.7, 2.6
- updated setuptools to 3.3
* 0.9.0 2014.03.20
- PEP8 compliance
- added ldap3.compat package with older (non PEP8 compliant) signatures
- renamed ldap3.abstraction to ldap3.abstract
- moved connection.py, server.py and tls.py files to ldap3.core
- fixed SyncWaitRestartableStrategy (thanks Christoph)
* 0.8.3 2014.03.08
- added SyncWaitRestartable strategy
- removed useless forceBind parameter
- usage statistics updated with restartable success/failure counters and open/closed/wrapped socket counters
* 0.8.2 2014.03.04
- Added refresh() method to Entry object to read again the attributes from the Reader in the abstraction layer
- Fixed Python 2.6 issues
- Fixed test suite for Python 2.6
* 0.8,1 2014.02.12
- Changed exceptions returned by the library to LDAPException, a subclass of Exception.
- Fixed documentation typos
* 0.8.0 - 2014.02.08
- Added abstraction layer (for searching, read only)
- Added context manager to Connection class
- Added readOnly parameter to Connection class
- Fixed a bug in search with 'less than' parameter
- Remove validation of available SSL protocols because different Python interpreters can use different ssl packages
* 0.7.3 - 2014.01.05
- Added SASL DIGEST-MD5 support
- Moved to intrapackage (relative) imports
* 0.7.2 - 2013.12.30
- Fixed a bug when parentheses are used in search filter as ASCII escaped sequences
* 0.7.1 - 2013.12.21
- Completed support for LDIF as per RFC2849
- Added new LDIF_PRODUCER strategy to generate LDIF-CHANGE stream
- Fixed a bug in the autoReferral feature when controls where used in operation
* 0.7.0 - 2013.12.12
- Added support for LDIF as per RFC2849
- Added LDIF-CONTENT compliant search responses
- Added exception when using autoBind if connection is not successful
* 0.6.7 - 2013.12.03
- Fixed exception when DSA is not willing to return rootDSE and schema info
* 0.6.6 - 2013.11.13
- Added parameters to test suite
* 0.6.5 - 2013.11.05
- Modified rawAttributes decoding, now null (empty) values are returned
* 0.6.4 - 2013.10.16
- Added simple paged search as per RFC2696
- Controls return values are decoded and stored in result attribute of connection
* 0.6.3 - 2013.10.07
- Added Extesible Filter syntax to search filter
- Fixed exception while closing connection in AsyncThreaded strategy
* 0.6.2 - 2013.10.01
- Fix for referrals in searchRefResult
- Disabled schema reading on Active Directory
* 0.6.1 - 2013.09.22
- Experimental support for Python 2 - no unicode
- Added backport of ssl.match_name for Python 2
- Minor fixes for using the client in Python 2
- Fix for getting schema info with AsyncThreaded strategy
* 0.6.0 - 2013.09.16
- Moved to beta!
- Added support site hosted on www.assembla.com
- Added public svn repository on www.assembla.com
- Added getInfo to server object, parameter can be: GET_NO_INFO, GET_DSA_INFO, GET_SCHEMA_INFO, GET_ALL_INFO
- Added method to read the schema from the server. Schema is decoded and returned in different dictionaries of the server.schema object
- Updated connection usage info (elapsed time is now computed when connection is closed)
- Updated OID dictionary with extensions and controls from Active Directory specifications.
* 0.5.3 - 2013.09.03
- Added getOperationalAttributes boolean to Search operation to fetch the operational attributes during search
- Added increment operation to modify operation as per RFC4525
- Added dictionary of OID descriptions (for DSE and schema decoding)
- Added method to get Info from DSE (returned in server.info object)
- Modified exceptions for sending controls in LDAP request
- Added connection usage (in connection.usage if collectUsage=True in connection definition)
- Fixed StartTls in asynchronous client strategy
* 0.5.2 - 2013.08.27
- Added SASLprep profile for validating password
- Fixed RFC4511 asn1 definitions
* 0.5.1 - 2013.08.17
- Refactored package structure
- Project description reformatted with reStructuredText
- Added Windows graphical installation
* 0.5.0 - 2013.08.15
- Added reference to LGPL v3 license
- Added Tls object to hold ssl/tls configuration
- Added StartTLS feature
- Added SASL feature
- Added SASL EXTERNAL mechanism
- Fixed Unbind
- connection.close is now an alias for connection.unbind
* 0.4.4 - 2013.08.01
- Added 'Controls' to all LDAP Requests
- Added Extended Request feature
- Added Intermediate Response feature
- Added namespace 'ldap3'
* 0.4.3 - 2013.07.31
- Test suite refactored
- Fixed single object search response error
- Changed attributes returned in search from tuple to dict
- Added 'raw_attributes' key in search response to hold undecoded (binary) attribute values read from ldap
- Added __repr__ for Server and Connection objects to re-create the object instance
* 0.4.2 - 2013.07.29
- Added autoReferral feature as per RFC4511 (4.1.10)
- Added allowedReferralHosts to conform to Security considerations of RFC4516
* 0.4.1 - 2013.07.20
- Add validation to Abandon operation
- Added connection.request to hold a dictionary of infos about last request
- Added info about outstanding operation in connection.strategy._oustanding
- Implemented RFC4515 for search filter coding and decoding
- Added a parser to build filter string from LdapMessage
* 0.4.0 - 2013.07.15
- Refactoring of the connection and strategy classes
- Added the ldap3.strategy namespace to contain client connection strategies
- Added ssl authentication
- Moved authentication parameters from Server object to Connection object
- Added ssl parameters to Server Object
* 0.3.0 - 2013.07.14
- Fixed AsyncThreaded strategy with _outstanding and _responses attributes to hold the pending requests and the not-yet-read responses
- Added Extended Operation
- Added "Unsolicited Notification" discover logic
- Added managing of "Notice of Disconnection" from server to properly close connection
* 0.2.0 - 2013.07.13
- Update setup with setuptools 0.7
- Docstrings added to class
- Removed ez_setup dependency
- Removed distribute dependency
* 0.1.0 - 2013.07.12
- Initial upload on pypi
- PyASN1 RFC4511 module completed and tested
- Synchronous client working properly
- Asynchronous client working but not fully tested
- Basic authentication working