OpenLDAP, 2.5.19 LTS Release Changes

2.5.19 LTS Release Changes

OpenLDAP 2.5 Change Log

OpenLDAP 2.5.19 Release (2024/11/26)
	Fixed libldap GnuTLS incompatible pointer type (ITS#10253)
	Fixed libldap OpenSSL set_ciphersuite error handling (ITS#10223)
	Fixed libldap to check for OpenSSL EVP_Digest* failure (ITS#10224)
	Fixed slapd syncrepl assert during refresh at shutdown (ITS#10232)
	Fixed slapd-ldap use of multi-precision add for op counters (ITS#10237)
	Fixed slapd-mdb idl intersection (ITS#10233)
	Fixed slapd-wt idl intersection (ITS#10233)
	Fixed slapo-translucent regression with subordinate databases (ITS#10248)
	Fixed slapo-translucent regression when requesting attributes (ITS#10272)
	Fixed slappw-argon2 defaults to be more secure (ITS#9827)
	Minor Cleanup
		ITS#10155
		ITS#10219
		ITS#10221
		ITS#10227
		ITS#10231
		ITS#10264

OpenLDAP 2.5.18 Release (2024/05/21)
	Fixed libldap exit handling with OpenSSL3 again (ITS#9952)
	Fixed libldap OpenSSL channel binding digest (ITS#10216)
	Fixed slapd handling of large uid/gids peercred auth (ITS#10211)
	Fixed slapd-meta with dynlist (ITS#10164)
	Fixed slapd-meta binds when proxying internal op (ITS#10165)
	Fixed slapo-accesslog startup initialization (ITS#10170)
	Fixed slapo-dynlist with abandoned operations (ITS#10044)
	Build
		Fixed build with gcc14.x (ITS#10166)
		Fixed back-perl with clang15 (ITS#10177)
		Fixed tests to use SCRAM-SHA-256 instead of DIGEST-MD5 (ITS#10208)
		Fixed to reduce systemd dependencies (ITS#10214)
	Contrib
		Fixed smbk5pwd implicit function declaration (ITS#10206)
	Minor Cleanup
		ITS#9921
		ITS#10171
		ITS#10173
		ITS#10179
		ITS#10186
		ITS#10209

OpenLDAP 2.5.17 Release (2024/01/29)
	Added slapo-dynlist option to disable filter support (ITS#10025)
	Fixed liblber missing newline on long msg (ITS#10105)
	Fixed libldap exit handling with OpenSSL3 (ITS#9952)
	Fixed libldap with TLS and multiple ldap URIs (ITS#10101)
	Fixed libldap OpenSSL cipher suite handling (ITS#10094)
	Fixed libldap OpenSSL 3.0 and Diffie-Hellman param files (ITS#10124)
	Fixed libldap timestamps on Windows (ITS#10100)
	Fixed lloadd to work when resolv.conf is missing (ITS#10070)
	Fixed lloadd handling of closing connection (ITS#10083)
	Fixed slapd to honour disclose in matchedDN handling (ITS#10139)
	Fixed slapd handling of regex testing in ACLs (ITS#10089)
	Fixed slapd-asyncmeta when remote suffix is empty (ITS#10076)
	Fixed slapo-dynlist so it can't be global (ITS#10091)
	Build
		Fixed lloadd type mismatches (ITS#10074)
		Fixed builds for Windows (ITS#10117)
		Fixed build with clang16 (ITS#10123
	Documentation
		Fixed slapo-homedir(5) attribute name for olcHomedirArchivePath (ITS#10057)
	Minor Cleanup
		ITS#10059
		ITS#10068
		ITS#10109
		ITS#10110
		ITS#10129
		ITS#10130
		ITS#10135
		ITS#10144
		ITS#10145
		ITS#10153

OpenLDAP 2.5.16 Release (2023/07/31)
	Fixed slapd cn=config incorrect handling of paused (ITS#10045)
	Fixed slapd-meta to account for MOD ops being optional (ITS#10067)
	Fixed slapd-asyncmeta to account for MOD ops being optional (ITS#10067)

OpenLDAP 2.5.15 Release (2023/07/10)
	Added libldap openssl3 support (ITS#9436, ITS#10030)
	Fixed libldap handling of TCP KEEPALIVE options (ITS#10015)
	Fixed libldap with async connections (ITS#10023)
	Fixed libldap openssl TLSv1.3 cipher suite handling (ITS#10035)
	Fixed slapd callback handling with overlays that do extended operations (ITS#9990)
	Fixed slapd conversion of pcache configurations (ITS#10031)
	Fixed slapd cn=config modification handling with abandon (ITS#10045)
	Fixed slapo-constraint handling of push replication (ITS#9953)
	Fixed slapo-dynlist filter evaluation efficiency (ITS#10041)
	Fixed slapo-pcache handling of invalid schema (ITS#10032)
	Fixed slapo-ppolicy handling of push replication (ITS#9953)
	Fixed slapo-ppolicy handling of pwdMinDelay (ITS#10028)
	Fixed slapo-syncprov abandon handling (ITS#10016)
	Fixed slapo-translucent handling of invalid schema (ITS#10032)
	Fixed slapo-unique handling of push replication (ITS#9953)
	Fixed slapo-variant to improve regex handling (ITS#10048)
	Build Environment
		Fixed compatibility with stricter C99 compilers (ITS#10011)
		Keep .pc files during make clean (ITS#9989)
	Contrib
		Fixed slapo-variant handling of push replication (ITS#9953)
	Minor Cleanup
		ITS#9855
		ITS#9995
		ITS#9996
		ITS#9997
		ITS#9998
		ITS#9999
		ITS#10000
		ITS#10003
		ITS#10004
		ITS#10033
		ITS#10037
		ITS#10039
		ITS#10046
		ITS#10063

OpenLDAP 2.5.14 Release (2023/02/08)
	Fixed client tools to remove 'h' and 'p' options (ITS#9917,ITS#8618)
	Fixed ldapsearch memory leak with paged results (ITS#9860)
	Fixed libldap ldif_open_urlto check for failure (ITS#9904)
	Fixed libldap ldap_url_parsehosts check for failure (ITS#9904)
	Fixed liblunicode UTF8bvnormalize buffer size (ITS#9955)
	Fixed lloadd race in epoch.c (ITS#9947)
	Fixed lloadd to keep listener base around when not active (ITS#9984)
	Fixed lloadd object reclamation sequencing (ITS#9983)
	Fixed slapd memory leak with olcAuthIDRewrite (ITS#6035)
	Fixed slapd transactions extended operations cleanup after write (ITS#9892)
	Fixed slapd deadlock with replicated cn=config (ITS#9930,ITS#8102)
	Fixed slapd connection close logic (ITS#9991)
	Fixed slapd bconfig locking of cn=config entries (ITS#9045)
	Fixed slapd-mdb max number of index databases to 256 (ITS#9895)
	Fixed slapd-mdb to always release entries from ADD operations (ITS#9942)
	Fixed slapd-mdb to fully init empty DN in tool_entry_get (ITS#9940)
	Fixed slapd-monitor to free remembered cookies (ITS#9339)
	Fixed slapo-accesslog reqStart ordering matching rule (ITS#9880)
	Fixed slapo-deref memory leak (ITS#9924)
	Fixed slapo-dynlist to ignore irrelevant objectClasses (ITS#9897)
	Fixed slapo-dynlist to avoid unnecessary searches (ITS#9929)
	Fixed slapo-dynlist to mark internal searches as such (ITS#9960)
	Fixed slapo-pcache crash in consistency_check (ITS#9966)
	Fixed slapo-remoteauth memory leaks (ITS#9438)
	Build Environment
		Fixed ancient DOS related ifdef checks (ITS#9925)
		Fixed build process to not use gmake specific features (ITS#9894)
		Fixed source tree to remove symlinks (ITS#9926)
		Fixed slapo-otp testdir creation (ITS#9437)
		Fixed slapd-tester memory leak (ITS#9908)
		Fixed usage of non-standard C syntax (ITS#9898, ITS#9899, ITS#9901)
		Fixed usage of bashism (ITS#9900)
		Fixed test suite portability (ITS#9931)
	Documentation
		Fixed ldap_bind(3) to document ber_bvfree in ldap_sasl_bind (ITS#9976)
		Fixed slapo-asyncmeta(5) to clarify scheduling for target connections (ITS#9941)
		Fixed slapo-dynlist(5) to clarify configuration settings (ITS#9957)
		Fixed slapo-unique(5) to clarify when quoting should be used (ITS#9915)
	Minor cleanup
		ITS#9935
		ITS#9336
		ITS#9337
		ITS#9985

OpenLDAP 2.5.13 Release (2022/07/14)
	Fixed librewrite declaration of calloc (ITS#9841)
	Fixed libldap memory leaks (ITS#9876)
	Fixed slapd kqueue support (ITS#9847)
	Fixed slapd delta-sync DN leak on ADD ops (ITS#9866)
	Fixed slapd replication with back-glue (ITS#9868)
	Fixed slapd-mdb to check for stale readers on MDB_READERS_FULL (ITS#7165)
	Fixed slapo-accesslog onetime memory leak (ITS#9864)
	Fixed slapo-ppolicy interaction with slapo-rwm (ITS#9871)
	Fixed slapo-syncprov memory leaks (ITS#9867)
	Fixed slapo-syncprov fallback in delta-sync mode (ITS#9823)
	Fixed slapo-unique to not release NULL entry (ITS#8245)
	Build Environment
		Added slapd-watcher -c contextDN option (ITS#9865)
		Fixed parallel builds (ITS#9840)
		Fixed test020 to skip back-wt (ITS#9859)
		Fixed slapd-watcher SID handling with single URI (ITS#9850)
		Fixed test043 with workaround for ITS#9878
	Contrib
		Added slapo-emptyds contrib module (ITS#8882)
		Fixed slapo-autogroup backwards compat (ITS#9020)
	Documentation
		Fixed ldap_get_option(3) to clarify ldap_get/set_option restrictions (ITS#9824)
		Fixed slapd-ldap(5),slapd-meta(5) missing bold tag on authz parameter (ITS#9872)

OpenLDAP 2.5.12 Release (2022/05/04)
	Fixed libldap to drop connection when non-LDAP data is received (ITS#9803)
	Fixed libldap to allow newlines at end of included file (ITS#9811)
	Fixed slapd slaptest conversion of olcLastBind (ITS#9808)
	Fixed slapd usage of thread local counters (ITS#9789)
	Fixed slapd to clear runqueue task correctly (ITS#9785)
	Fixed slapd idletimeout handling (ITS#9820)
	Fixed slapd bconfig locking for cn=config replication (ITS#9584)
	Fixed slapd syncrepl handling of new sessions (ITS#9584)
	Fixed slapd to clear connections on bind (ITS#9799)
	Fixed slapd to correctly advance connections index (ITS#9831)
	Fixed slapd syncrepl ODSEE replication of unknown attr (ITS#9801)
	Fixed slapd-asyncmeta memory leak in keepalive setting (ITS#9802)
	Fixed slapd-ldap memory leak in keepalive setting (ITS#9802)
	Fixed slapd-meta SEGV on config rewrite (ITS#9802)
	Fixed slapd-meta ordering on config rewrite (ITS#9802)
	Fixed slapd-meta memory leak in keepalive setting (ITS#9802)
	Fixed slapd-monitor SEGV on shutdown (ITS#9809)
	Fixed slapd-sql to properly escape filter value (ITS#9815)
	Fixed slapo-dynlist dynamic group regression (ITS#9825)
	Fixed slapo-pcache SEGV on shutdown (ITS#9809)
	Fixed slapo-ppolicy operation handling to be consistent (ITS#9794)
	Fixed slapo-translucent to correctly duplicate substring filters (ITS#9818)
	Build Environment
		Fix compilation with openssl exclusions (ITS#9791)
		Fix warnings from make jobserver (ITS#9788)
		Fix compiliation with certain versions of gcc (ITS#9790)
	Documentation
		Fixed slapd.conf(5)/slapd-config(5) syncrepl sizelimit/timelimit documentation (ITS#9804)

OpenLDAP 2.5.11 Release (2022/01/20)
	Fix broken build release variable

OpenLDAP 2.5.10 Release (2022/01/20)
	Fixed libldap to init client socket port (ITS#9743)
	Fixed libldap with referrals (ITS#9781)
	Fixed slapd to allow objectClass edits with no net change (ITS#9772)
	Fixed slapd syncrepl recreation of deleted entries (ITS#9282)
	Fixed slapd syncrepl replication with ODSEE (ITS#9707)
	Fixed slapd syncrepl to reject REFRESH for precise resync (ITS#9742)
	Fixed slapd syncrepl when X-ORDERED is specified (ITS#9761)
	Fixed slapd syncrepl to better handle out of order delete ops (ITS#9751)
	Fixed slapd syncrepl to correctly close connections when config is deleted (ITS#9776)
	Fixed slapd-mdb to update indices correctly on replace ops (ITS#9753)
	Fixed slapd-wt to set correct flags (ITS#9760)
	Fixed slapo-accesslog to fix inconsistently normalized minCSN (ITS#9752)
	Fixed slapo-autogroup to maintain values in insertion order (ITS#9766)
	Fixed slapo-constraint to maintain values in insertion order (ITS#9770)
	Fixed slapo-dyngroup to maintain values in insertion order (ITS#9762)
	Fixed slapo-dynlist compare operation for static groups (ITS#9747)
	Fixed slapo-dynlist static group filter with multiple members (ITS#9779)
	slapo-refint to maintain values in insertion order (ITS#9763)
	Fixed slapo-retcode to honor requested insert position (ITS#9759)
	Fixed slapo-syncprov memory leak (ITS#8039)
	Fixed slapo-syncprov to generate a more accurate accesslog query (ITS#9756)
	Fixed slapo-translucent to warn on invalid config (ITS#9768)
	Fixed slapo-unique to warn on invalid config (ITS#9767)
	Fixed slapo-valsort to maintain values in insertion order (ITS#9764)
	Documentation
		Fixed slapo-accesslog(5) to clarify logoldattr usage (ITS#9749)

OpenLDAP 2.5.9 Release (2021/10/25)
	Fixed slapo-accesslog to initialize minCSN on import of 2.4 databases (ITS#9720)

OpenLDAP 2.5.8 Release (2021/10/11)
	Fixed libldap ldap_int_tls_connect: isdigit() requires unsigned char (ITS#9668)
	Fixed libldap memory leak in ldap_get_option LDAP_OPT_X_TLS_PEERCERT (ITS#9696)
	Fixed slapd to allow normalized values for namingContexts in cn=monitor (ITS#8341)
	Fixed slapd to normalize the suffix in rootDSE (ITS#9664)
	Fixed slapd slapadd to avoid destroying configDB prematurely (ITS#9678)
	Fixed slapd to not spam logs with lastbind information (ITS#9156)
	Fixed slapd slaptest migration to correctly set olcTSLVerifyClient (ITS#9711)
	Fixed slapd-mdb multival delete handling (ITS#9712)
	Fixed slapd-sql ldap_entry_objectclass table for mariadb/mysql (ITS#9679)
	Fixed slapd-wt multiple issues (ITS#9463)
	Fixed slapd-wt to close cache db correctly (ITS#9631)
	Fixed slapo-ppolicy to restore OpenLDAP 2.4 compatibility (ITS#9671)
	Fixed slapo-syncprov to free uuid list when finished replaying sessionlog (ITS#6467)
	Build
		Fixed libldap result.c compilation on musl systems (ITS#9648)
		Fixed slapd duplicate definition of peerbv (ITS#9659)
		Fixed test suite with memberof modular builds (ITS#9464)
	Contrib
		Added man page for ppm contrib module (ITS#9644)
		Fix crash when pwdCheckModuleArg is not defined for ppm (ITS#9656)
	Documentation
		Fixed guide download link for heimdal (ITS#9669)
		Fixed guide documentation for TLSECName (ITS#9687)
		Fixed guide documentation missing tags (ITS#9693)
		Fixed guide loadbalancer typo (ITS#9699)
		Fixed guide synprov-nopresent redundant text (ITS#9689)
		Fixed guide various typos and fix config alignment (ITS#9706)
		Removed ppolicy.schema from servers/slapd/schema/README (ITS#9156)
		Fixed slapd.conf(5)/slapd-config(5) to document default for database monitoring (ITS#9674)
		Fixed slapd-meta(5)/slapd-asyncmeta(5) verbiage for try-propagate (ITS#9646)
		Fixed slapo-syncprov(5) to note entryCSN indexing is highly recommended (ITS#9688)

OpenLDAP 2.5.7 Release (2021/08/18)
	Fixed lloadd client state tracking (ITS#9624)
	Fixed slapd bconfig to canonicalize structuralObjectclass (ITS#9611)
	Fixed slapd-ldif duplicate controls response (ITS#9497)
	Fixed slapd-mdb multival crash when attribute is missing an equality matchingrule (ITS#9621)
	Fixed slapd-mdb compatibility with OpenLDAP 2.4 MDB databases (ITS#8958)
	Fixed slapd-mdb idlexp maximum size handling (ITS#9637)
	Fixed slapd-monitor number of ops executing with asynchronous backends (ITS#9628)
	Fixed slapd-sql to add support for ppolicy attributes (ITS#9629)
	Fixed slapd-sql to close transactions after bind and search (ITS#9630)
	Fixed slapo-accesslog to make reqMod optional (ITS#9569)
	Fixed slapo-ppolicy logging when pwdChangedTime attribute is not present (ITS#9625)
	Documentation
		slapd-mdb(5) note max idlexp size is 30, not 31 (ITS#9637)
		slapo-accesslog(5) note that reqMod is optional (ITS#9569)
		Add ldapvc(1) man page (ITS#9549)
		Add guide section on load balancer (ITS#9443)
		Updated guide to document multiprovider as replacement for mirrormode (ITS#9200)
		Updated guide to clarify slapd-mdb upgrade requirements (ITS#9200)
		Updated guide to document removal of deprecated options from client tools (ITS#9200)

OpenLDAP 2.5.6 Release (2021/07/27)
	Fixed libldap buffer overflow (ITS#9578)
	Fixed libldap missing mutex unlock on connection alloc failure (ITS#9590)
	Fixed lloadd cn=config olcBkLloadClientMaxPending setting (ITS#8747)
	Fixed slapd multiple config defaults (ITS#9363)
	Fixed slapd ipv6 addresses to work with tcp wrappers (ITS#9603)
	Fixed slapo-syncprov delete of nonexistent sessionlog (ITS#9608)
	Build
		Fixed library symbol versioning on Solaris (ITS#9591)
		Fixed compile warning in libldap/tpool.c (ITS#9601)
		Fixed compile warning in libldap/tls_o.c (ITS#9602)
	Contrib
		Fixed ppm module for sysconfdir (ITS#7832)
	Documentation
		Updated guide to document multival, idlexp, and maxentrysize (ITS#9613, ITS#9614)

OpenLDAP 2.5.5 Release (2021/06/03)
	Added libldap LDAP_OPT_TCP_USER_TIMEOUT support (ITS#9502)
	Added lloadd tcp-user-timeout support (ITS#9502)
	Added slapd-asyncmeta tcp-user-timeout support (ITS#9502)
	Added slapd-ldap tcp-user-timeout support (ITS#9502)
	Added slapd-meta tcp-user-timeout support (ITS#9502)
	Fixed incorrect control OIDs for AuthZ Identity (ITS#9542)
	Fixed libldap typo in util-int.c (ITS#9541)
	Fixed libldap double free of LDAP_OPT_DEFBASE (ITS#9530)
	Fixed libldap better TLS1.3 cipher suite handling (ITS#9521, ITS#9546)
	Fixed lloadd multiple issues (ITS#8747)
	Fixed slapd slap_op_time to avoid duplicates across restarts (ITS#9537)
	Fixed slapd typo in daemon.c (ITS#9541)
	Fixed slapd slapi compilation (ITS#9544)
	Fixed slapd to handle empty DN in extended filters (ITS#9551)
	Fixed slapd syncrepl searches with empty base (ITS#6467)
	Fixed slapd syncrepl refresh on startup (ITS#9324, ITS#9534)
	Fixed slapd abort due to typo (ITS#9561)
	Fixed slapd-asyncmeta quarantine handling (ITS#8721)
	Fixed slapd-asyncmeta to have a default operations timeout (ITS#9555)
	Fixed slapd-ldap quarantine handling (ITS#8721)
	Fixed slapd-mdb deletion of context entry (ITS#9531)
	Fixed slapd-mdb off-by-one affecting search scope (ITS#9557)
	Fixed slapd-meta quarantine handling (ITS#8721)
	Fixed slapo-accesslog to record reqNewDN for modRDN ops (ITS#9552)
	Fixed slapo-pcache locking during expiration (ITS#9529)
	Build
		Fixed slappw-argon2 module installation (ITS#9548)
	Contrib
		Update ldapc++/ldaptcl to use configure.ac (ITS#9554)
	Documentation
		ldap_first_attribute(3) - Document ldap_get_attribute_ber (ITS#8820)
		ldap_modify(3) - Delete non-existent mod_next parameter (ITS#9559)

OpenLDAP 2.5.4 Release (2021/04/29)
	Initial release for "general use".

________________
© Copyright 2014-2024, OpenLDAP Foundation. Privacy Statement
$Id: 8b1c32f70c132ce850677953319414e62504d122 $