Releases: OneIdentity/mod_auth_vas
Releases · OneIdentity/mod_auth_vas
mod_auth_vas4-4.0.2.4
- Updates to work with QAS 4.2 api
- Added ability on ubuntu to optionally let user enable vas module loading
- Updated the mav setup script to support rerunning on failure.
- Cleaned up compiler warnings
- Use apache2ctl if it exists instead of apache2 when gathering information about the installed apache.
mod_auth_vas-3.6.8.5
Updated to work with QAS 4.2.1 api
mod_auth_vas-3.6.8.4
- Added a negative group cache for invalid group name lookups. Bug# 851
- Updated group lookups to use new API call provided in QAS 4.0.1.X to fix an issue with group LDAP lookups failing when QAS isn't joined to an Active Directory domain.
mod_auth_vas4-4.0.2.3
- No longer add /etc//conf.d dir to rpm packages, only include the actual file from conf.d. This is to resolve conflicts on RHEL7 with the httpd package. Bug# 861
- Set the environment variable KRB5RCACHETYPE to none by default.
mod_auth_vas4-4.0.2.2
- Added a negative group cache for invalid group name lookups. Bug# 851
- Updated group lookups to use new API call provided in QAS 4.0.1.21408 to fix an issue with group LDAP lookups failing when QAS isn't joined to an Active Directory domain. QAS Bug# 412110
- Clear VAS ctx error messages after each group lookup in authz_vas_unixgroup_check_authorization. Bug# 852
mod-auth-vas-4-4.0.2.1
- No longer write out trace debug by default. Must be recompiled in order to turn it on.
- Updated configure.ac to fix issue when compiling with newer gcc
mod_auth_vas-3.6.8.3
- Fixed configure.ac to compile with newer version of gcc.
- Removed #define TRACE_DEBUG so trace debug will not be written out to /tmp by default.
- Fixed an issue with the check symbol code.
mod_auth_vas4-4.0.2
- Added ability to enable QAS API debug Bug# 848
- AuthVasCacheSize & AuthVasCacheExpire now are merged correctly when set in both the parent and virtual host configs. Bug # 847
- AuthVasServerPrincipal is now working correctly when set in parent config as well as virtual configs. (Bugs 845 & 846)
- Added a new per server directive AuthVasApiDebugLevel in relation to bug# 848 to set the debug level of the QAS API logging. Logging by default will be sent to syslog with the name mod_auth_vas.
- If AuthVasApiDebugLevel is > 2 QAS API nested log messages will be included.
- MAV will use vas_ctx_alloc_with_flags (also returns an error) if the version of QAS supports it, otherwise vas_ctx_alloc will be used. Bug #518
- Fixed the following issue when compiling:
- mod_auth_vas.c:48:25: fatal error:
- gssapi_krb5.h: No such file or directory
- Fixed an issue where in certain scenarios like UPM mode vas may not be able to find a users samAccountName. When samAccountName cannot be found fall back to userPrincipalName Bug #849
mod_auth_vas-3.6.8.2
- Added ability to enable QAS API debug Bug# 848
- AuthVasCacheSize & AuthVasCacheExpire now are merged correctly when set in both the parent and virtual host configs. Bug # 847
- AuthVasServerPrincipal is now working correctly when set in parent config as well as virtual configs.
- Added a new per server directive AuthVasApiDebugLevel in relation to bug# 848 to set the debug level of the QAS API logging. Logging by default will be sent to syslog with the name mod_auth_vas.
- If AuthVasApiDebugLevel is > 2 QAS API nested log messages will be included.
- MAV will use vas_ctx_alloc_with_flags (also returns an error) if the version of QAS supports it, otherwise vas_ctx_alloc will be used. Bug #518
- Fixed the following issue when compiling:
- mod_auth_vas.c:48:25: fatal error:
- gssapi_krb5.h: No such file or directory
- Set the environment variable KRB5RCACHETYPE to none by default.
mod_auth_vas4-4.0.1
- The -u option now works with -n in the http-get/get binary.
- Because bug fix #831 depended on a QAS 4.0.3.177 api change this broke backwards compatibility. Added a new way to check for existing symbols in the loaded library to validate that a function exists, if not it will fall back to the old method. In regards to #831 if QAS 4.0.3.177+ is being used the new method vas_gss_auth_with_server_id will be used, all versions prior to this will use vas_gss_auth.
- MAV package name can now be partially set from an environment variable MAVPACKAGENAME. The PolyPackage build system will look at this variable (as defined in mav.pp.in) to help determine the final name of the built MAV package.
- Fixed misquoted CFLAGS & LDFLAGS tests.
- Utilized a new method that was added in QAS 4.0.3.177 api called vas_gss_auth_with_server_id. New method allows us to pass in an already established vas_id_t that represents our server_id with the correct path already set for a custom keytab path that is set by AuthVasKeytabFile. Bug fix #831. Related to QAS bug 27613
- Fixed name for loading the MAV4 module
- Updated test-cache to work with http 2.4 - Bug fix 830
- Changed module name from mod_auth_vas to mod_auth_vas4 and AuthType is now VAS4