forked from python-ldap/python-ldap
-
Notifications
You must be signed in to change notification settings - Fork 0
/
CHANGES
1968 lines (1510 loc) · 61.9 KB
/
CHANGES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
Released 3.4.3 2022-09-15
This is a minor release to bring back the removed OPT_X_TLS option.
Please note, it's still a deprecated option and it will be removed in 3.5.0.
The following deprecated option has been brought back:
- ``OPT_X_TLS``
Fixes:
* Sphinx documentation is now successfully built
* pypy3 tests stability was improved
* setup.py deprecation warning is now resolved
----------------------------------------------------------------
Released 3.4.2 2022-07-06
This is a minor release to provide out-of-the-box compatibility with the merge
of libldap and libldap_r that happened with OpenLDAP's 2.5 release.
The following undocumented functions are deprecated and scheduled for removal:
- ``ldap.cidict.strlist_intersection``
- ``ldap.cidict.strlist_minus``
- ``ldap.cidict.strlist_union``
The following deprecated option has been removed:
- ``OPT_X_TLS``
Doc/
* SASL option usage has been clarified
Lib/
* ppolicy control definition has been updated to match Behera draft 11
Modules/
* By default, compile against libldap, checking whether it provides a
threadsafe implementation at runtime
* When decoding controls, the module can now distinguish between no value
(now exposed as ``None``) and an empty value (exposed as ``b''``)
* Several new OpenLDAP options are now supported:
* ``OPT_SOCKET_BIND_ADDRESSES``
* ``OPT_TCP_USER_TIMEOUT``
* ``OPT_X_SASL_MAXBUFSIZE``
* ``OPT_X_SASL_SECPROPS``
* ``OPT_X_TLS_ECNAME``
* ``OPT_X_TLS_PEERCERT``
* ``OPT_X_TLS_PROTOCOL``-related options and constants
Fixes:
* Encoding/decoding of boolean controls has been corrected
* ldap.schema.models.Entry is now usable
* ``method`` keyword to ReconnectLDAPObject.bind_s is now usable
----------------------------------------------------------------
Released 3.4.0 2021-11-26
This release requires Python 3.6 or above,
and is tested with Python 3.6 to 3.10.
Python 2 is no longer supported.
New code in the python-ldap project is available under the MIT licence
(available in ``LICENCE.MIT`` in the source). Several contributors have agreed
to apply this licence their previous contributions as well.
See the ``README`` for details.
The following undocumented functions are deprecated and scheduled for removal:
- ``ldap.cidict.strlist_intersection``
- ``ldap.cidict.strlist_minus``
- ``ldap.cidict.strlist_union``
Security fixes:
* Fix inefficient regular expression which allows denial-of-service attacks
when parsing specially-crafted LDAP schema.
(GHSL-2021-117)
Changes:
* On MacOS, remove option to make LDAP connections from a file descriptor
when built with the system libldap (which lacks the underlying function,
``ldap_init_fd``)
* Attribute values of the post read control are now ``bytes``
instead of ISO8859-1 decoded ``str``
* ``LDAPUrl`` now treats urlscheme as case-insensitive
* Several OpenLDAP options are now supported:
* ``OPT_X_TLS_REQUIRE_SAN``
* ``OPT_X_SASL_SSF_EXTERNAL``
* ``OPT_X_TLS_PEERCERT``
Fixes:
* The ``copy()`` method of ``cidict`` was added back. It was unintentionally
removed in 3.3.0
* Fixed getting/setting ``SASL`` options on big endian platforms
* Unknown LDAP result code are now converted to ``LDAPexception``,
rather than raising a ``SystemError``.
slapdtest:
* Show stderr of slapd -Ttest
* ``SlapdObject`` uses directory-based configuration of ``slapd``
* ``SlapdObject`` startup is now faster
Infrastructure:
* CI now runs on GitHub Actions rather than Travis CI.
----------------------------------------------------------------
Released 3.3.0 2020-06-18
Highlights:
* ``LDAPError`` now contains additional fields, such as ctrls, result, msgid
* ``passwd_s`` can now extract the newly generated password
* LDAP connections can now be made from a file descriptor
This release is tested on Python 3.8, and the beta of Python 3.9.
The following undocumented functions are deprecated and scheduled for removal:
- ``ldap.cidict.strlist_intersection``
- ``ldap.cidict.strlist_minus``
- ``ldap.cidict.strlist_union``
Modules/
* Ensure ReconnectLDAPObject is not left in an inconsistent state after
a reconnection timeout
* Syncrepl now correctly parses SyncInfoMessage when the message is a syncIdSet
* Release GIL around global get/set option call
* Do not leak serverctrls in result functions
* Don't overallocate memory in attrs_from_List()
* Fix thread support check for Python 3
* With OpenLDAP 2.4.48, use the new header openldap.h
Lib/
* Fix some edge cases regarding quoting in the schema tokenizer
* Fix escaping a single space in ldap.escape_dn_chars
* Fix string formatting in ldap.compare_ext_s
* Prefer iterating dict instead of calling dict.keys()
Doc/
* Clarify the relationship between initialize() and LDAPObject()
* Improve documentation of TLS options
* Update FAQ to include Samba AD-DC error message
"Operation unavailable without authentication"
* Fix several incorrect examples and demos
(but note that these are not yet tested)
* Update Debian installation instructions for Debian Buster
* Typo fixes in docs and docstrings
Test/
* Test and document error cases in ldap.compare_s
* Test if reconnection is done after connection loss
* Make test certificates valid for the far future
* Use slapd -Tt instead of slaptest
Infrastructure:
* Mark the LICENCE file as a license for setuptools
* Use "unittest discover" rather than "setup.py test" to run tests
----------------------------------------------------------------
Released 3.2.0 2019-03-13
Lib/
* Add support for X-ORIGIN in ldap.schema's ObjectClass
* Make initialize() pass extra keyword arguments to LDAPObject
* ldap.controls.sss: use str instead of basestring on Python 3
* Provide ldap._trace_* atributes in non-debug mode
Doc/
* Fix ReST syntax for links to set_option and get_option
Tests/
* Use intersphinx to link to Python documentation
* Correct type of some attribute values to bytes
* Use system-specific ENOTCONN value
Infrastructure:
* Add testing and document support for Python 3.7
* Add Python 3.8-dev to Tox and CI configuration
* Add Doc/requirements.txt for building on Read the Docs
----------------------------------------------------------------
Released 3.1.0 2018-05-25
This release brings two minor API changes:
- Long-deprecated functions `ldap.open()` and `ldap.init()` are removed
- `LDAPObject.compare_s()` and `compare_ext_s` return bool instead of 0 or 1
All changes since 3.0.0:
Lib/
* Remove long deprecated functions ldap.open() and ldap.init()
* LDAPObject.compare_s() and LDAPObject.compare_ext_s() now return a bool
instead of 1 or 0.
* Make iteration over cidict yield same values as keys()
* Fail if pyasn1 is not installed
* Fix parsing of PPolicyControl ASN.1 structure
* Use items() when appropriate in dict iteration
* Add support for tracing LDAP calls. Tracing can now be enabled with
the env var PYTHON_LDAP_TRACE_LEVEL and redirected to a file with
PYTHON_LDAP_TRACE_FILE.
(This is mainly intended for debugging and internal testing; the
configuration or output may change in future versions.)
Modules/
* Fix ref counting bug in LDAPmessage_to_python
Doc/
* Remove warning about unreleased version
* Doc: Replace Mac OS X -> macOS
Tests/
* Add tests and coverage for tracing
* Disable warnings-as-errors for Python 3.4
* Fix assertTrue to assertEqual
* Mark several test values as bytes
Lib/slapdtest/
* Fix error message for missing commands
* Make SlapdObject a context manager
* Disable SASL external when missing SASL support
* Make SlapdObject.root_dn a property
* In SlapdObject, build include directives dynamically
* Move import statements to top level
Code style:
* Add Makefile rules for automatic formatting of C and Python code
* Reformat and indent all C files
* Trim white space throughout the project
Infrastructure:
* Add py3-trace tox environment to Travis CI config
* Add new Pytest cache directory to gitignore
General:
* Update all pypi.python.org URLs to pypi.org
----------------------------------------------------------------
Released 3.0.0 2018-03-12
Notable changes since 2.4.45 (please see detailed logs below):
* Python 3 support and bytes_mode
see: https://python-ldap.readthedocs.io/en/latest/bytes_mode.html
* The module `ldap.async` is renamed to `ldap.asyncsearch`
* New dependencies: pyasn1, pyasn1_modules
* Dropped support for Python 2.6 and 3.3
Changes since 3.0.0b4:
Lib/
* Add bytes_strictness to allow configuring behavior on bytes/text mismatch
Modules/
* Add argument name to bytes mode TypeError
* Use correct integer types for BER encode/decode (fix for big endian machines)
Test/
* Set $LDAPNOINIT in all tests
* Add test for secure TLS default
* Ignore SASL methods in DSE test (fix for restricted environments)
* Remove filterstr workaround from syncrepl test
* Explicitly set TLS_REQUIRE_CERT option to TLS_HARD in test_tls_ext_noca
Doc/
* Link to bytes mode from text-string arguments in the ldap module
Infrastructure:
* Include lber in list of libraries in setup.cfg
----------------------------------------------------------------
Released 3.0.0b4 2018-01-10
Changes since 3.0.0b3:
Removed support for Python 3.3, which reached its end-of-life 2017-09-29.
Lib/
* Make default argument values work under bytes_mode
* Update use of map() to use list/set comprehensions instead
Test/
* Refactor syncrepl tests to run with bytes_mode
Doc/
* Document all_records attribute of LDIFRecordList
----------------------------------------------------------------
Released 3.0.0b3 2017-12-20
Changes since 3.0.0b2:
The functions `ldap.open()`, `ldap.init()`, `ldif.CreateLDIF()`
and `ldif.ParseLDIF()`, which were deprecated for over a decade,
are scheduled for removal in python-ldap 3.1.
Infrastructure:
* Require setuptools to build
* Start running automatic tests on PyPy
Lib/
* When raising LDAPBytesWarning, give helpful code locations
* Use modern Python idioms in several places
* Avoid reimplementing UserDict.get() in cidict and models.Entry
Doc/
* Use https links
Test/
* Add reproducer for openldap's NSS shutdown/restart issue
* Make testing on non-Linux platforms easier
----------------------------------------------------------------
Released 3.0.0b2 2017-12-11
Changes since 3.0.0b1:
The module `ldap.async` is renamed to `ldap.asyncsearch`, due to
`async` becoming a keyword in Python 3.7.
The old module name is deprecated, but will be available as long
as Python 3.6 is supported.
Lib/
* Use custom ldap.LDAPBytesWarning class
* Rename ldap.async to ldap.asyncsearch
Modules/
* Support None for set_option(OPT_TIMEOUT) and OPT_NETWORK_TIMEOUT
* Fix error reporting of LDAPObject.set_option()
* Change memory handling in attrs_from_List()
Test/
* Remove workaround for OpenLDAP NSS issue
Demo/
* Use uniform shebang in all demos
Doc/
* Provide build deps for Alpine and CentOS
* Move sample workflow out of the main Contributing guide
Infrastructure:
* Add valgrind target to check for memory leaks
* Minimal configuration for pytest
----------------------------------------------------------------
Released 3.0.0b1 2017-12-04
Changes since 2.4.45:
(this list includes changes from 2.5.x)
New dependencies (automatically installed when using pip):
* pyasn1 0.3.7+
* pyasn1_modules 0.1.5+
Python 3 support and bytes_mode:
* merged from the pyldap fork (https://github.com/pyldap)
* please see documentation on bytes_mode and text/bytes handling:
https://python-ldap.readthedocs.io/en/latest/bytes_mode.html
Removed support for Python 2.6.
Infrastructure:
* Move to Git
* Don't define search path for includes and libs in the default setup.cfg
* Include sasl/sasl.h from the standard path
* Re-format README to ReStructured Text
* Setup for automatic testing using Travis CI
* Add coverage reporting for Python and C
* Add install requires into setup.py
* Remove distclean.sh in favor of make clean
* Use `package`, `depends`, `install_requires` in setup.py
* Add make target for scan-build (static analysis using clang)
* Add make target and suppression file for Valgrind (memory checker)
Modules/
* Remove unused LDAPberval helper functions
* Fix type conversion in page control
* Fix multiple ref leaks in error-handling code
* Fix reference leak in result4
* Fix several compiler warnings
* Fix memory leak in whoami
* Fix internal error handling of LDAPControl_to_List()
* Fix two memory leaks and release GIL in encode_assertion_control
* Allow set_option() to set timeouts to infinity
and, thanks to Michael Ströder:
* removed unused code schema.c
* moved code from version.c to ldapmodule.c
* removed obsolete back-ward compability constants from common.h
* build checks whether LDAP_API_VERSION is OpenLDAP 2.4.x
* _ldap.__author__ and _ldap.__license__ also set from ldap.pkginfo
* assume C extension API for Python 2.7+
Lib/
* Avoid eval() for getting module-level variables to fix running under pytest
* Compability changes for pyasn1 0.3 or newer
and, thanks to Michael Ströder:
* ldap.__version__, ldap.__author__ and ldap.__license__ now
imported from new sub-module ldap.pkginfo also to setup.py
* Added safety assertion when importing _ldap:
ldap.pkginfo.__version__ must match _ldap.__version__
* removed stand-alone module dsml
* slapdtest.SlapdObject.restart() just restarts slapd
without cleaning any data
* The methods SSSResponseControl.decodeControlValue() and
VLVResponseControl.decodeControlValue() now follow the coding
convention to use camel-cased ASN.1 name as class attribute name.
The old class names are still set for back-ward compability
but should not be used in new code because they might be removed
in a later release.
* removed SSSRequestControl from ldap.controls.KNOWN_RESPONSE_CONTROLS
* removed all dependencies on modules string and types
* removed use of .has_key()
* removed class ldap.ldapobject.NonblockingLDAPObject
* new global constant ldap.LIBLDAP_API_INFO
* right after importing _ldap there is a call into libldap to initialize it
* method .decodeControlValue() of SSSResponseControl and VLVResponseControl
does not set class attribute result_code anymore
* always use bytes() for UUID() constructor in ldap.syncrepl
* module ldif now uses functions b64encode() and b64decode()
* fixed pickling and restoring of ReconnectLDAPObject
Lib/slapdtest
* Automatically try some common locations for SCHEMADIR
* Ensure server is stopped when the process exits
* Check for LDAP schema and slapd binaries
* slapdtest is now a package and includes testing certificates
Tests/
* Expand cidict membership test
* Add test suite for binds
* Add test suite for edits
* Add a smoke-check for listall() and attribute_types()
* Add test case for SASL EXTERNAL auth
* Add tests for start_tls
* In CI, treat compiler warnings as fatal errors
* Added tests for ldap.syncrepl
and, thanks to Michael Ströder:
* added explicit reconnect tests for ReconnectLDAPObject
* scripts do not directly call SlapdTestCase.setUpClass() anymore
* added LDIF test with folded, base64-encoded attribute
* added more tests for sub-module ldap.dn
Doc/
* Build documentation without the compiled C extension
* Merge contents from python-ldap.org
* Move reference documentation in its own section
* Document return value of {modify,add,delete}_ext_s() as a tuple
* Add tests for documentation (build & spelling)
* Link to documentation of old versions
* Add a contributing guide
----------------------------------------------------------------
Released 2.4.45 2017-10-09
Changes since 2.4.44:
Lib/
* Fixed reraising of wrong exception in SimpleLDAPObject._ldap_call()
(thanks to Aigars Grins)
Tests/
* removed work-around in t_cext.py
----------------------------------------------------------------
Released 2.4.44 2017-09-08
Changes since 2.4.43:
Modules/
* more fine-grained GIL releasing in function l_ldap_result4()
----------------------------------------------------------------
Released 2.4.43 2017-09-06
Changes since 2.4.42:
Lib/
* fixed passing all arguments from LDAPObject.sasl_non_interactive_bind_s()
to LDAPObject.sasl_interactive_bind_s()
Tests/
* added test for LDAPObject.sasl_external_bind_s()
Doc/
* added docs for SASL bind methods
* more references
* better sorting of LDAPObject methods
----------------------------------------------------------------
Released 2.4.42 2017-09-04
Changes since 2.4.41:
Lib/
* added new SlapdObject methods _ln_schema_files() and
_create_sub_dirs()
* SlapdObject methods setup_rundir() and gen_config()
are now "public" methods
* removed pseudo test script from module ldap.cidict
Tests/
* added sub-module for testing class ldap.cidict.cidict
* avoid deprecated method alias unittest.TestCase.assertEquals
----------------------------------------------------------------
Released 2.4.41 2017-07-12
Changes since 2.4.40:
Lib/
* Added support for increment: lines in LDIF changes records
----------------------------------------------------------------
Released 2.4.40 2017-06-27
Changes since 2.4.39:
Modules/
* fixed memory leaks when using extended controls
(thanks to Erik Cumps)
----------------------------------------------------------------
Released 2.4.39 2017-05-31
Changes since 2.4.38:
Lib/
* fixed errno-related ldap.TIMEOUT regression
Lib/slapdtest.py
* Removed obsolete assert statements
----------------------------------------------------------------
Released 2.4.38 2017-04-28
Changes since 2.4.37:
Lib/slapdtest.py
* SlapdObject now evaluates env var SLAPD for optionally pointing
to OpenLDAP's slapd executable (e.g. with OpenLDAP LTB builds)
* added LDAPI support in slaptest.SlapdObject which is internally used
in methods ldapadd() and ldapwhoami()
* added method slaptest.SlapdObject.ldapmodify()
* fixed enabling logger in slaptest
* directory name now contains port to be able to run several SlapdObject
instances side-by-side (e.g. with replication)
* added authz-regexp mapping to rootdn for user running the test
* internally use SASL/EXTERNAL via LDAPI to bind
* SlapdObject.server_id used as serverID in slapd.conf for MMR
* Removed method SlapdObject.started() because SlapdTestCase.setUpClass()
will be used to add initial entries
Tests/
* ReconnectLDAPObject is also tested by sub-classing test class
----------------------------------------------------------------
Released 2.4.37 2017-04-27
Changes since 2.4.36:
Lib/
* fixed errno-related regression introduced in 2.4.35
Tests/
* added more checks to t_cext.py
* renamed t_search.py to t_ldapobject.py and code-cleaning
* added test for errno-related regression to t_ldapobject.py
----------------------------------------------------------------
Released 2.4.36 2017-04-26
Changes since 2.4.35:
Lib/
* gracefully handle KeyError in LDAPObject._ldap_call() when
using errno
* added new stand-alone module slapdtest (formerly Tests/slapd.py)
for general use (still experimental)
Tests/
* re-factored t_cext.py and t_search.py
* set env var LDAPNOINIT=1 in t_cext.py and t_search.py to avoid
interference with locally installed .ldaprc or ldap.conf
* by default back-mdb is now used for slapd-based tests
which requires fairly recent OpenLDAP builds but implements
full feature set
* env vars can be set for slapd.py to tweak path names
of executables, temporary and schema data to be used
* new class SlapdTestCase
----------------------------------------------------------------
Released 2.4.35 2017-04-25
Changes since 2.4.33:
(2.4.34 is missing because of foolish pypi version madness)
Modules/
* use errno in a safer way
* set errno as LDAPError class item
* do not use strerror() which is not thread-safe and platform-specific
Lib/
* LDAPObject._ldap_call() sets LDAPError info to value returned
by platform-neutral os.stderror()
----------------------------------------------------------------
Released 2.4.33 2017-04-25
Changes since 2.4.32:
Lib/
* faster implementation of ldap.schema.tokenizer.split_tokens()
(thanks to Christian Heimes)
* removed unused 2nd argument of ldap.schema.tokenizer.split_tokens()
* fixed method calls in ReconnectLDAPObject (thanks to Philipp Hahn)
Modules/
* an empty info message is replaced with strerror(errno) if errno is non-zero
which gives more information e.g. in case of ldap.SERVER_DOWN
(thanks to Markus Klein)
* removed superfluous ldap_memfree(error) from LDAPerror()
(thanks to Markus Klein)
Tests/
* re-factored t_ldap_schema_tokenizer.py
----------------------------------------------------------------
Released 2.4.32 2017-02-14
Changes since 2.4.31:
Running tests made easier:
- python setup.py test
- added tox.ini
----------------------------------------------------------------
Released 2.4.31 2017-02-14
Changes since 2.4.30:
Tests/
* new test scripts t_ldap_schema_tokenizer.py and t_ldap_modlist.py
on former raw scripts (thanks to Petr Viktorin)
* new test-cases in t_ldapurl.py based on former raw scripts
(thanks to Petr Viktorin)
* new test-cases in t_ldap_dn.py
* moved a script to Demo/
----------------------------------------------------------------
Released 2.4.30 2017-02-08
Changes since 2.4.29:
Lib/
* compability fix in ldap.controls.deref to be compatible to
recent pyasn1 0.2.x (thanks to Ilya Etingof)
----------------------------------------------------------------
Released 2.4.29 2017-01-25
Changes since 2.4.28:
Modules/
* Fixed checking for empty server error message
(thanks to Bradley Baetz)
* Fixed releasing GIL when calling ldap_start_tls_s()
(thanks to Lars Munch)
----------------------------------------------------------------
Released 2.4.28 2016-11-17
Changes since 2.4.27:
Lib/
* LDAPObject.unbind_ext_s() invokes LDAPObject._trace_file.flush()
only if LDAPObject._trace_level is non-zero and Python is running
in debug mode
* LDAPObject.unbind_ext_s() now ignores AttributeError
in case LDAPObject._trace_file has no flush() method
* added dummy method ldap.logger.logging_file_class.flush() because
LDAPObject.unbind_ext_s() invokes it
----------------------------------------------------------------
Released 2.4.27 2016-08-01
Changes since 2.4.26:
Lib/
* added 'strf_secs' and 'strp_secs' to ldap.functions.__all__
* fixed regression introduced with 2.4.26:
ldif.LDIFParser did not fully parse LDIF records without trailing empty
separator line
----------------------------------------------------------------
Released 2.4.26 2016-07-24
Changes since 2.4.25:
Installation:
* added ldap.controls.sss to py_modules in setup.py
Lib/
* LDAPObject.unbind_ext() now removes class attribute
LDAPObject._l to completely invalidate C wrapper object
* LDAPObject.unbind_ext() now flushes trace file
* ldap.ldapobject.SimpleLDAPObject:
added convenience methods read_rootdse_s() and get_naming_contexts()
* added functions ldap.strf_secs() and ldap.strp_secs()
* added function ldap.filter.time_span_filter()
* Refactored ldif.LDIFParser
* ldif.LDIFParser.version ís now Integer
* ignore multiple empty lines between records
* Fixed ldap.dn.is_dn()
Modules/
* Fixed #69 Segmentation fault on whoami_s after unbind
(thanks to Christian Heimes and Petr Viktorin)
Tests/
* Fixed result3() being used instead of correct result4()
(see #66, thanks to David D. Riddle)
* Tests/slapd.py honors env var $TMP instead of just using
hard-coded /var/tmp
* Tests/slapd.py now expects schema to be in /etc/openldap/
* Tests/t_ldapurl.py now independent of module ldap
* Tests/t_ldif.py now has more test-cases including change records
* added some more test scripts for sub-modules ldap.dn, ldap.filter and
ldap.functions (not complete yet)
----------------------------------------------------------------
Released 2.4.25 2016-01-18
Changes since 2.4.23:
(2.4.24 is missing because of foolish pypi version madness)
Lib/
* Fix for attrlist=None regression introduced in 2.4.23
by ref count patch
----------------------------------------------------------------
Released 2.4.23 2016-01-17
Changes since 2.4.22:
Modules/
* Ref count issue in attrs_from_List() was fixed
(thanks to Elmir Jagudin)
----------------------------------------------------------------
Released 2.4.22 2015-10-25
Changes since 2.4.21:
Lib/
* LDIFParser now also accepts value-spec without a space
after the colon.
* Added key-word argument authz_id to LDAPObject methods
sasl_non_interactive_bind_s(), sasl_external_bind_s() and
sasl_gssapi_bind_s()
* Hmmpf! Added missing self to LDAPObject.fileno().
* ReconnectLDAPObject.sasl_bind_s() now correctly uses
generic wrapper arguments *args,**kwargs
* Correct method name LDIFParser.handle_modify()
* Corrected __all__ in modules ldap.controls.pwdpolicy and
ldap.controls.openldap
Doc/
* Started missing docs for sub-module ldap.sasl.
----------------------------------------------------------------
Released 2.4.21 2015-09-25
Changes since 2.4.20:
Lib/
* LDAPObject.read_s() now returns None instead of raising
ldap.NO_SUCH_OBJECT in case the search operation returned emtpy result.
* ldap.resiter.ResultProcessor.allresults() now takes new key-word
argument add_ctrls which is internally passed to LDAPObject.result4()
and lets the method also return response control along with the search
results.
* Added ldap.controls.deref implementing support for dereference control
Tests/
* Unit tests for module ldif (thanks to Petr Viktorin)
----------------------------------------------------------------
Released 2.4.20 2015-07-07
Changes since 2.4.19:
* New wrapping of OpenLDAP's function ldap_sasl_bind_s() allows
to intercept the SASL handshake (thanks to René Kijewski)
Modules/
* Added exceptions ldap.VLV_ERROR, ldap.X_PROXY_AUTHZ_FAILURE and
ldap.AUTH_METHOD_NOT_SUPPORTED
Lib/
* Abandoned old syntax when raising ValueError in modules ldif and
ldapurl, more information in some exceptions.
* ldap.ldapobject.LDAPObject:
New convenience methods for SASL GSSAPI or EXTERNAL binds
* Refactored parts in ldif.LDIFParser:
- New class attributes line_counter and byte_counter contain
amount of LDIF data read so far
- Renamed some internally used methods
- Added support for parsing change records currently limited to
changetype: modify
- New separate methods parse_entry_records() (also called by parse())
and parse_change_records()
- Stricter order checking of dn:, changetype:, etc.
- Removed non-existent 'AttrTypeandValueLDIF' from ldif.__all__
* New mix-in class ldap.controls.openldap.SearchNoOpMixIn
adds convience method noop_search_st() to LDAPObject class
* Added new modules which implement the control classes
for Virtual List View (see draft-ietf-ldapext-ldapv3-vlv) and
Server-side Sorting (see RFC 2891) (thanks to Benjamin Dauvergne)
Note: This is still experimental! Even the API can change later.
----------------------------------------------------------------
Released 2.4.19 2015-01-10
Changes since 2.4.18:
Lib/
* Fixed missing ReconnectLDAPObject._reconnect_lock when pickling
(see SF#64, thanks to Dan O'Reilly)
* Added ldap.controls.pagedresults which is pure Python implementation of
Simple Paged Results Control (see RFC 2696) and delivers the correct
result size
----------------------------------------------------------------
Released 2.4.18 2014-10-09
Changes since 2.4.17:
Lib/
* Fixed raising exception in LDAPObject.read_s() when reading
an entry returns empty search result
----------------------------------------------------------------
Released 2.4.17 2014-09-27
Changes since 2.4.16:
Lib/
* New hook syncrepl_refreshdone() in ldap.syncrepl.SyncReplConsumer
(thanks to Petr Spacek and Chris Mikkelson)
Modules/
* Added support for getting file descriptor of connection
with ldap.OPT_DESC
----------------------------------------------------------------
Released 2.4.16 2014-09-10
Changes since 2.4.15:
Lib/
* New convenience function ldap.dn.is_dn()
* New convenience function ldap.escape_str()
* New convenience methods LDAPObject.read_s() and
LDAPObject.find_unique_entry()
* Fixed invoking start_tls_s() in ReconnectLDAPObject.reconnect()
(thanks to Philipp Hahn)
----------------------------------------------------------------
Released 2.4.15 2014-03-24
Changes since 2.4.14:
Lib/
* Added missing modules ldap.controls.openldap and
ldap.controls.pwdpolicy to setup.py
* Added missing imports to ldap.controls.pwdpolicy
* Fixed ldap.controls.pwdpolicy.decodeControlValue() to decode
string of digits
* Support for X-SUBST in schema element class LDAPSyntax
* Support for X-ORDERED and X-ORIGIN in schema element class AttributeType
* ldapurl: New scope 'subordinates' defined in
draft-sermersheim-ldap-subordinate-scope
Modules/
* New constant ldap.SCOPE_SUBORDINATE derived from ldap.h for
draft-sermersheim-ldap-subordinate-scope
* Fixed constant ldap.sasl.CB_GETREALM (thanks to Martin Pfeifer)
----------------------------------------------------------------
Released 2.4.14 2014-01-31
Changes since 2.4.13:
Lib/
* Added ldap.controls.openldap.SearchNoOpControl
* New method ldap.async.AsyncSearchHandler.afterFirstResult()
for doing something right after successfully receiving but before
processing first result
* Better log data written when invoking ldap.LDAPLock.acquire() and
ldap.LDAPLock.release()
* LDAPObject and friends now pass `desc' to ldap.LDAPLock() which
results in better logging
* ldapobject.ReconnectLDAPObject now uses internal class-wide
lock for serializing reconnects
* Method signature of ReconnectLDAPObject.reconnect() changed to be able
to call it with separate retry_max and retry_delay values
Modules/
* Added support for retrieving negotiated TLS version/cipher
with LDAPObject.get_option() with the help of upcoming OpenLDAP libs
----------------------------------------------------------------
Released 2.4.13 2013-06-27
Changes since 2.4.12:
Lib/
* ldapobject.ReconnectLDAPObject._apply_last_bind() now sends
anonymous simple bind request even if the calling application
did not to provoke ldap.SERVER_DOWN in method reconnect()
* ldapobject.ReconnectLDAPObject.reconnect() now also catches
ldap.TIMEOUT exception after reconnection attempt
* Several other fixes for ldapobject.ReconnectLDAPObject
(thanks to Jonathan Giannuzzi)
----------------------------------------------------------------
Released 2.4.12 2013-06-01
Changes since 2.4.11:
Lib/
* Truly optional import of PyAsn1Error exception which should
not fail anymore if pyasn1 is not installed
----------------------------------------------------------------
Released 2.4.11 2013-05-27
Changes since 2.4.10:
Lib/
* ldap.controls.DecodeControlTuples() now simply ignores
PyAsn1Error exception raised during decoding malformed
response control values in case of non-critical controls.
* ldif.LDIFWriter.unparse() does not simply skip empty
records anymore.
----------------------------------------------------------------
Released 2.4.10 2012-06-07
Changes since 2.4.9:
Lib/
* ldapobject.ReconnectLDAPObject.reconnect() now preserves
order of options set with LDAPObject.set_option before.
This is needed e.g. for setting connection-specific TLS options.
Demo/
* Better version of Demo/pyasn1/syncrepl.py
(thanks to Ben Cooksley)
----------------------------------------------------------------
Released 2.4.9 2012-03-14
Changes since 2.4.8:
Lib/
* ldapobject.ReconnectLDAPObject.reconnect() now does kind of
an internal locking to pause other threads while reconnecting
is pending.
* Changes to bind- and startTLS-related operation methods of
class ReconnectLDAPObject for more robustness
* New constant ldap.OPT_NAMES_DICT contains mapping from
integer to variable name for all option-related constants.
----------------------------------------------------------------
Released 2.4.8 2012-02-21
Changes since 2.4.7:
Lib/
* Fixed overzealous check for non-unique NAMEs in
ldap.schema.subentry.SubSchema.__init__()
* Fixed typos in control decoding method
ldap.controls.simple.OctetStringInteger.decodeControlValue()
* Added experimental support for draft-vchu-ldap-pwd-policy
----------------------------------------------------------------
Released 2.4.7 2012-12-19
Changes since 2.4.6:
Lib/
* Separate classes for request/response controls for RFC 3829
* Fixed ldap.schema.subentry.SubSchema.attribute_types() to
also eliminate double attribute types in MAY clause of
DIT content rule