web2ldap Changelog

New in version 1.1.49

December 16th, 2013
  • New features/enhancements:
  • Group administration UI now generates tags with enclosed tags with parent DN of group DN as label. This is very helpful if same group names are used in different subtrees.
  • Security fixes:
  • Fixed possible XSS flaw when displaying group DN and entry data in group administration UI.
  • Bugs fixed:
  • More robust attribute value auto-generation in plugin class w2lapp.schema.plugins.posixautogen.HomeDirectory.homeDirectoryTemplate.
  • More robust parsing of attribute olcSyncrepl.

New in version 1.1.48 (November 26th, 2013)

  • New features/enhancements:
  • Added/registered plugin classes for the following MIT Kerberos attributes:
  • krbPwdPolicyReference
  • krbPwdLockoutDuration
  • krbMinPwdLife
  • krbMaxPwdLife
  • Bugs fixed:
  • Fixed LDAP filter in plugin class for krbTicketPolicyReference.
  • Cache for auditContext attribute not flushed.
  • Gracefully handle server explicitly not allowing simple bind requests.

New in version 1.1.47 (October 28th, 2013)

  • Fixed Python 2.6 compability issued in checkinst.py.
  • Registered more MS AD attributes with plugin class Binary.
  • Exception ldap.STRONG_AUTH_REQUIRED is ignored when reading rootDSE.

New in version 1.1.43 (September 2nd, 2013)

  • New features/enhancements:
  • Improved HTML layout when displaying certificate/CRL.
  • Certificate/CRL viewer now displays OID names also for deeply nested X.500 Name (DNs).
  • CRL viewer now displays CRLReason extension.
  • New plugin module w2lapp.schema.plugins.x509 now contains all the cert/CRL plugin classes and new stub classes for all the LDAP syntaxes defined in RFC 4523.
  • Bugs fixed:
  • Fixed using module pisces.asn1 really optionally (regression introduced in 1.1.42).
  • Fixed Unicode issue in plugin class for Lotus Domino/LDAP attribute dominoCertificate.
  • Added work-around for UnicodeDecodeError if buggy LDAP server (Lotus Domino/LDAP 7.x) returns diagnosticMessage with non-ASCII characters as ISO-8859-1 (Latin1).
  • Code cleaning:
  • New syntax class w2lapp.schema.syntaxes.CSN registered for OpenLDAP attribute types contextCSN, entryCSN and namingCSN.

New in version 1.1.37 (June 25th, 2013)

  • New features/enhancements:
  • New class attrs LDAPSyntax.searchSep/readSep/fieldSep used consequently everywhere through class w2lapp.read.DisplayEntry. This enables plugin classes to control how multiple attribute values are separated.
  • Search form parameter filterstr can now be multi-valued and its values are always evaluated along with the other form parameters from basic/advanced search form. This allows to define search form templates with arbitrary additional filters to be combined with user's input in the search form.
  • OpenLDAP's no-op search control is now sent with tight timeout (5 sec) to not overwhelm the server in case many entries have to be checked.
  • Bugs fixed:
  • Corrected determining server name in standalone mode.
  • Fixed Unicode handling of attribute type names when displaying password attributes after changing them.
  • Fixed issue with multiple delsid form parameter sent after re-login.

New in version 1.1.33 (May 21st, 2013)

  • New features/enhancements:
  • All group modifications are displayed.
  • New plugin classes for MS AD attributes:
  • GUIDs (objectGUID, parentGUID, rightsGuid, siteGUID)
  • msDS-SupportedEncryptionTypes
  • New plugin classes for pwdExpireWarning and pwdMaxAge display search links.
  • It's now possible to search for arbitrary OctetString values.
  • If host-specific parameter search_attrs is not set or an empty list all attribute types are displayed in attribute select list in advanced search form.
  • Bugs fixed:
  • If a only a single char * or + is given as attribute list this is no longer treated as a real single attribute when reading an entry.

New in version 1.1.32 (May 11th, 2013)

  • New features/enhancements:
  • New plugin class w2lapp.schema.syntaxes.Timespan displays time spans as hours, minutes, seconds used for:
  • pwdMinAge
  • pwdMaxAge
  • pwdExpireWarning
  • entryTTL
  • Time before password expiration displayed as hours, minutes, seconds.
  • When submitting several group modifications all failed attempts are collected and displayed with LDAP error information after processing all group modifications.
  • Bugs fixed:
  • Better handling of LDAPError exceptions in case the LDAP server does not support "Who am I?". Especially occured as problem with SASL/GSSAPI bind.
  • Plugin class DNSDomain lower-cases input values before applying the IDNA encoding.

New in version 1.1.31 (February 18th, 2013)

  • New features/enhancements:
  • The number of revoked certs is displayed when displaying a CRL.
  • New plugin class for NIS attribute macAddress which sanitizes user input and does reg-ex checking.
  • New plugin module for sudo-ldap.
  • Plugin class for memberURL now strips white-spaces from input values.
  • Bugs fixed:
  • Small fix for displaying LDAP error messages.
  • Fixed handling of class attributes valuePrefix and valueSuffix in plugin class DynamicValueSelectList.
  • Work-around for LDAP URLs with bad search filter passed in as QUERY_STRING in the URL.

New in version 1.1.30 (January 21st, 2013)

  • New features/enhancements:
  • The "Who am I?" extended operation is now always used to detect bind-DN rewriting also in case of simple bind.
  • Some more plugin classes in module w2lapp.schema.plugins.pgpkeysrv.
  • Bugs fixed:
  • More liberal regex pattern for sambaAcctFlags.
  • Fixed an exception caused by empty strings in an attribute list when reading an entry.