forked from horde/passwd
-
Notifications
You must be signed in to change notification settings - Fork 0
/
CHANGES
404 lines (305 loc) · 12 KB
/
CHANGES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
----------
v6.0.0-git
----------
[jan] Add ISPConfig driver (Thomas Basler <[email protected]>).
------
v5.0.8
------
------
v5.0.7
------
[jan] SECURITY: Fix open redirects.
[jan] Officially support PHP 7.
------
v5.0.6
------
[jan] Update German translation.
------
v5.0.5
------
[jan] Update German translation.
[jan] Update Portuguese translation.
[jan] Fix changing passwords with the SOAP driver.
[jan] Use access rules compatible with both Apache 2.2 and 2.4.
------
v5.0.4
------
[mjr] Fix changing password using Kolab driver (Mike Gabriel
------
v5.0.3
------
[jan] Update Italian translation.
[jan] Update Galician translation.
[jan] Update Catalan translation.
[jan] Update German translation.
[jan] Update Czech translation.
[jan] Update Brazilian Portuguese translation (Luis Felipe Marzagao
------
v5.0.2
------
[jan] Fix syntax error in HTTP driver (Bug #13464).
[mms] Re-add 'userdn' hook.
[jan] Update Danish translation (Erling Preben Hansen <[email protected]>).
[mms] Fix usage of 'query_lookup' and 'query_modify' backend parameters
(Michael Cramer <[email protected]>).
------
v5.0.1
------
[jan] Don't overwrite parameters for composite sub-drivers (Bug #12284).
[jan] Don't install expect scripts as executables.
[jan] Fix fatal error in Samba/LDAP driver (Bug #12319).
[jan] Fix user name parameter in LDAP driver (Bug #12331).
------
v5.0.0
------
Final release.
---------
v5.0.0RC1
---------
[jan] Add policy for minimum number of non-alphanumeric characters (Friedrich
Haubensak <[email protected]>, Request #12243).
[jan] Add parameter for sudo program name to expect script (Friedrich Haubensak
<[email protected]>, Request #12243).
-----------
v5.0.0beta1
-----------
[mms] Add option to destroy Horde session after changing password (Bug #11766).
[mms] Http driver now uses Horde_Http_Client.
[jan] Update French translation (Paul De Vlieger
[jan] Update Polish translation (Krzysztof Kozera <[email protected]>).
[jan] Update Italian translation (Massimo Malabotta <[email protected]>).
[jan] Fix preparing multiple backends (Bug #11023).
------
v4.0.1
------
[rla] Don't pass too many parameters from backends.php to Horde_Db (Bug
#10963).
[jan] Make expect driver locale independent (Bug #9166).
[jan] Update Japanese translation (Hiromi Kimura <[email protected]>).
------
v4.0.0
------
First stable release for Horde 4.
---------
v4.0.0RC1
---------
[bak] Fix lookup of user entry in LDAP driver.
------------
v4.0.0alpha1
------------
First alpha release for Horde 4.
[jan] Add Latvian translation (Jānis Eisaks <[email protected]>).
[rla] Added new driver 'horde' which uses the update() function of horde's
authentication driver.
[jan] Provide default configuration files instead of .dist versions.
[jan] Fix creating temporary files with open_basedir restrictions.
------
v3.1.3
------
[jan] Fix examples using 'minSymbols' instead of 'minSymbol' (Bug #8854).
[jan] Fix PHP error when changing passwords with LDAP driver (Bug #8686).
------
v3.1.2
------
[jan] Enable output compression ([email protected], Bug #8649).
[jan] Add Croatian translation (Valentin Vidic <[email protected]>).
[jan] Add option to configure referrals for LDAP driver ([email protected],
Request #8582).
[jan] Simplify and fix smbldap driver (Bug #8192).
------
v3.1.1
------
[cjh] SECURITY: Fix XSS when specifying an invalid backend key
([email protected], #8398).
[jan] Add hook that's called after successfully changing the password.
[jan] Add SOAP driver.
[jan] Add example configuration for Postfix Admin (Michael Brennen
[jan] Fix binding to LDAP server if using the userdn hook.
----
v3.1
----
[cjh] Fix bad mode for STDERR in the procopen driver ([email protected],
Bug #8022).
--------
v3.1-RC2
--------
[cjh] Don't include the old password in LDAP driver error messages (Joffrey van
Wageningen <[email protected]>).
--------
v3.1-RC1
--------
[cjh] Add missing enforcement of minSymbol password policy
([email protected], Bug #7260).
[cjh] Only update smbldap attributes for Samba users, and update all attributes
at once instead of one at a time ([email protected], Request #5977).
[cjh] Don't set smbldap attributes that are commented out in the config
([email protected], Request #5937).
[jan] Move all Passwd-specific hook examples from Horde's config/ directory.
[cjh] Add support for switching between encryption schemes
([email protected], Request #2865).
[jan] Add support for sudo to the example expect script (Dennis Voetelink
<[email protected]>, Request #5300).
[mas] Conform to WCAG 1.0 Priority 2/Section 508 accessibility guidelines.
(Request #4080)
[jan] Add new expect driver that uses the expect PECL PHP extension (Duck
[mjr] Add new http driver for changing passwords via an existing web form.
[mjr] Pass reference to driver to the _passwd_hook_username call.
[jan] Add Turkish translation (METU <[email protected]>).
------
v3.0.1
------
[jan] Add placeholders for domain and username parts to SQL driver queries
(Vilius Sumskas <[email protected]>, Request #4985).
[jan] Improve error checking in poppassd driver (Bug #4505,
[jan] Add Slovenian translation (Duck <[email protected]>).
[jan] Compare hashing algorithms in passwords case insensitively
([email protected], Bug #2708).
[jan] Allow password changing for special Kolab users ([email protected],
Request #4128).
[jan] Add Japanese translation (Hiromi Kimura <[email protected]>).
[ben] Better support for MS-SQL
[cjh] Add support in the expect driver for rssh, scponly, and other programs
that can execute certain commands over ssh without providing a prompt
(Request #2887).
----
v3.0
----
[jan] Add configuration option to switch between using user names with and
without realms.
[jan] Add Slovak translation (Ivan Noris <[email protected]>).
--------
v3.0-RC1
--------
[jan] Extend the expect script to allow setups with passwd as the login shell
(Request #2550, Lionel Elie Mamane <[email protected]>).
[jan] Don't bind to LDAP anonymously if binding with userdn fails (Bug #2502).
[cjh] Fix updating shadowlastchange attribute in ldap driver (Roel Gloudemans
[jan] Extend the smbldap driver from the ldap driver to support all parameters
of the ldap driver (Request #2499).
---------
v3.0-BETA
---------
[cjh] Use Crypt_CHAP to generate smbldap passwords (Bug #1223).
[stb] Add Kolab driver.
[cjh] Allow using admin credentials in the LDAP driver (Bug #1409).
[cjh] Use bind variables in SQL drivers ([email protected], Bug #1718).
[cjh] Allow the list of refused usernames to be empty (Bug #1544).
[cjh] If $conf['user']['change'] is false, don't trust form input for the
userid.
[jan] Add Catalan translation (Joan Jorba Calsina <[email protected]>).
[cjh] Add ADSI and PSPASSWD windows password drivers (LRM
[jan] Add Persian (Western) translation (Vahid Ghafarpour
[jan] Add shadowLastChange and shadowMin configuration items to LDAP driver
(Roel Gloudemans <[email protected]>).
[cjh] Add proc_open() driver (Samuel Nicolary <[email protected]>).
[cjh] Add an SMB LDAP driver (Shane Boulter <[email protected]>).
[cjh] Add SSL support to the LDAP driver (LRM <[email protected]>).
[max] Add minSymbols and minClasses password policies. See comments in
config/backends.php.dist for more information.
[max] Add optional 'required' parameters to composite driver's subdriver
configurations.
[max] Add optional parameter 'no_reset' to the backend configs which prevents
reseting the authenticated user's credentials on password changes.
[max] Properly reset authenticated user's credentials.
[cjh] Use password encryption that's now implemented in the Auth:: package.
[max] Add pine driver which changes a pine-encoded file using FTP.
[max] Fix password checking when encryption requires a random salt.
[max] Add composite driver which will replace all the groups stuff.
[max] Add support for backend groups to allow syncing of multiple backends.
[max] Add query_lookup and query_modify parameters to the sql driver.
[ejr] Add tls support for ldap driver.
[ejr] Fix error reporting in poppassd driver.
[ejr] Add binddn hook submitted by Amith Varghese <[email protected]>.
[ejr] make sure oldpassword == horde_login_password before changing horde
cached password.
[ejr] Fix md5 (md5-hex and md5-base64) encryption for ldap/sql (Amith Varghese
[mc] Move templates to horde style directory layout, getName() -> getParam().
[ejr] Implemented new CVS HEAD themes.
[ejr] Updated to new CVS HEAD notification system.
------
v2.2.2
------
[jan] Close XSS when setting the parent frame's page title by javascript (cjh).
[ejr] Configuration item for showing/changing username in the form.
[jan] Allow to set the protocol version in the LDAP driver ([email protected]).
[cjh] Add crypt-blowfish and crypt-md5 encryption types. Also add crypt-des for
completion which is just an alias for crypt (max).
[jan] Add Estonian translation (Toomas Aas <[email protected]>).
------
v2.2.1
------
[jan] Bug #40: Fix smbpasswd driver with non-bash shells (Christopher Huyler
[jan] Add Simplified Chinese translation (Zhang Bo <[email protected]>).
----------
v2.2.1-RC1
----------
[jan] Add Indonesian language (Slamin <[email protected]>).
[jan] Add Galician translation (Rafael Varela Pet <[email protected]>, Guillermo
Mendez <[email protected]>).
[jan] Add Danish translation (Anders Bruun Olsen <[email protected]>).
[jan] Add Arabic (Syria) translation (Platinum Development Team
[jan] Add Hungarian translation (Szabo Gyula <[email protected]>).
[jan] Add Romanian translation (Eugen Hoanca <[email protected]>, Marius
Dragulescu <[email protected]>).
[jan] Add Lithuanian translation (Vilius Sumskas <[email protected]>).
[ejr] Fix BC breaks in vpopmail and sql drivers.
----
v2.2
----
[ejr] Allow bc for php versions that don't have the ctype extension.
--------
v2.2-RC2
--------
[ejr] Fix missing path for expect binary.
[ejr] Add missing scripts/ directory and missing expect script.
[ejr] Fix error reporting in expect driver ([email protected]).
[ejr] Remove old realm code that was previously missed.
[ejr] Port servuftp driver to new backends.conf format.
[ejr] Return actual error message text in poppassd driver (submitted by Leena
Heino <[email protected]>).
[ejr] Change is_a(*, 'PEAR_Error') calls to PEAR::isError() calls for php bc.
--------
v2.2-RC1
--------
[ejr] Add vpopmail driver (Anton Nekhoroshikh <[email protected]>).
[mac] Add vmailmgr driver (Marco Kaiser <[email protected]>).
[ejr] Add expect script (Gaudenz Steinlin).
[ejr] Change ldap code to do self-password changes, add phpdoc.
[ejr] Update ldap driver (Tjeerd van der Zee).
[ejr] Reset Horde/IMP cached credentials when changing password.
[ejr] Add username hooks (mac).
[ejr] Rewrite driver system, add backends.conf system (mc).
[jan] Add Italian translation (Fichera Gianrico <[email protected]>).
[cjh] Close several small XSS vulnerabilities (Mitja Kolsek
----
v2.1
----
[ejr] Add servuftp interface.
[ejr] Add exim sql backend.
[ejr] Add smbpasswd support.
[ejr] Move to driver driven system.
[mc] Add javascript checks for form input.
[jan] Add Bulgarian translation (Miroslav Pendev <[email protected]>).
----
v2.0
----
[ejr] Added optional checks for password lengths and strength testing.
[ejr] Remove check for prefs.php in notconfigured.inc.
[ejr] Change from short-tag <?= to long format <?php echo.
[ejr] Fix spacing and look of Submit button.
[ejr] Update contact info in doc/INSTALL for mailing list.
[ejr] Added Norwegian (nn_NO) translation.
[ejr] Added Swedish (sv_SE) translation.