pkgsrc changes:
* Fix the script that initialize PostgreSQL database. Patch for AWL
directory was broken. Add '-U @PGUSER@' to psql command because it
is the default database administrator out of the box.
* Bump revision.
From the changelog:
This release implements management of calendar delegations via CalDAV
(for example with iCal). It also makes some necessary changes to keep the
Debian packages buildable.
Bug Fixes
=========
* Apache config: add PT to follow alias
* UI: create external bindings with type set (fix: #132)
* Fix group-member-set and group-membership queries on proxy resources
* Correctly handle durations without units like "PT"
* Fix common etag match code, use it everywhere
Other Changes
=============
* Document $c->hide_bound and $c->disable_caldav_proxy_propfind_collections
config options, as well as the most important debug options
* Advertise support for CalDAV principal-match REPORT
* Implement managing calendar delegations from iCal (caldav-proxy)
* LDAP sync: reactivate users present in LDAP, use php ldap explode in
order to be compatible with any DN (!42, !43)
* Improved handling of modifications to attendees' instances of events
* Various updates to API documentation and code cleanup
* Switch to doxygen for api docs
From upstream's changelog:
>From the Release Notes
(https://wiki.davical.org/index.php/Release_Notes/1.1.6):
Bug Fixes
=========
* Only one set of angle brackets around cannot-modify-protected-property error tag (#112)
* Fix sync of deleted events when hide_todo is set (#100)
* Modify hide_older_than logic to allow through recurring events (#103)
* Fix modified mapping in the LDAP driver (#108)
* Do not output unescaped XML special characters in if-match error message (#113)
* Don't crash on principal-property-search REPORT without a proper match clause (#114)
* Various CardDAV and CalDAV fixes highlighted by caldav-tester
* Fix $SERVER variable names used when operating behind a proxy (!38)
* Use modern class constructors that even work with PHP7 (fixes: #119)
* Card search invalid when negate-condition="no" (#126)
* Propagate database error to client (#127)
* Add a log entry for login failures (#105)
Other Changes
=============
* Updates to the test suites, which are mostly passing now
* Improved logging in certain error conditions
* Set $c->external_ua_string to fetch external calendars posing as a certain user-agent (#115)
* Improve parsing of RFC5545 durations
* Improve support for /principals/users/..., /principals/resources/...
and /__uids__/... URLs
* Improve use of create-database.sh and update-davical-database with non-default values (see #124)
* Experimental $c->enable_attendee_group_resolution will resolve
attendee group names to a list of individual users (from !21)
* Add support for calendar-user-type (!39)
* Update caldav_functions.sql for Postgresql 10 (#129)
Database Upgrade
================
* Run dba/upgrade-davical-database to get Postgresql-10-compatible functions
Upgrades of Other Software
==========================
* AWL 0.58 is required for best PHP7 compatibility
Updating MASTER_SITES
From the ChangeLog:
2013-03-25 Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>
* In places where the CGI variable REMOTE_USER is read, support
alternatively REDIRECT_REMOTE_USER, which is used by the Apache
HTTPD Server instead, when a redirect was used.
* Removed debian/README.Debian which did not contain any useful
information.
2013-03-23 Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>
* Handle the content of the CGI AUTH_TYPE variable case-insensitively as
defined by RFC 3875 Section 4.1.1.
2013-03-21 Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>
* Changed the pathnames of the debug files to be a bit more FHS
compliant.
2013-03-20 Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>
* Changed the end-of-line encodings of all non-Windows-related and
non-autogenerated text files to use UNIX LF (lots of them had mixed
LF/CRLF).
* HTML escape the remotely retrieved version string printed to the HTML
in order to prevent and attacks (if this would have been possible at
all in 12 characters).
* Updated all addresses of the canonical git upstream repository and the
issue tracker to the new ones.
2013-03-06 Andrew McMillan <andrew@morphoss.com>
* Fix capitalisation of 'plpgsql' & 'sql' for Postgres 9.2. (debbug #702403)
2013-02-16 Andrew McMillan <andrew@morphoss.com>
* Content-Type header should be 'charset' not 'encoding'.
2012-09-20 Andrew McMillan <andrew@morphoss.com>
* When we get here it is a Bad Request, not a Server Error.
* Quick workaround for iOS6 supported-calendar-component-set issue.
Adds a $c->default_calendar_components array of (VEVENT,VTODO,...)
* Workaround client software with imperfect add-member implementations.
2012-09-10 Andrew McMillan <andrew@morphoss.com>
* Fix unassigned variable.
* Avoid unassigned variable warning.
* Fix UID handling.
* Fix debugging to error log.
2012-08-09 Andrew McMillan <andrew@morphoss.com>
* Ensure test responses are displayed in their unprocessed form.
* Some debugging messages.
2012-07-31 Andrew McMillan <andrew@morphoss.com>
* Replace deprecated split() with explode()
2012-05-28 Andrew McMillan <andrew@morphoss.com>
* First cut at iMIP implementation. Still working on this.
2012-07-30 Andrew McMillan <andrew@morphoss.com>
* Fix SQL fieldname.
2012-07-29 Andrew McMillan <andrew@morphoss.com>
* Sometimes we want to retrieve the sync-token as a result of a change we just made.
This allows a (default true) flag to indicate whether it's OK to use
a previously cached value.
* On Apple devices these can sometimes appear in the Apple namespace. Odd.
* Let the VCalendar class handle how to get the UID from the calendar.
2012-07-25 Andrew McMillan <andrew@morphoss.com>
* Remove old redundant constructor.
2012-07-13 Andrew McMillan <andrew@morphoss.com>
* Add workaround for Apple's POST add-member trainwreck.
* We might not have a $request calling this so use the object's path instead.
* Testing for dead property XML which is a set of prop.
* supported-calendar-component-set uses dead properties too...
* Don't just return the first element in a dead property - there might be multiple!
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package
Like last time, where this caused no complaints.
1.1.1:
There are no database changes in this release
Bug Fixes
Unassigned variable warning in Principal.php calling BuildDeadPropertyXML
Notification of deletes when hide_older_than is set
Fixes to URL encoding of some CalDAV/CardDAV properties
Fix to Basic Auth handling in admin UI
Fix CalDAV client library to handle multiple 'Allow' headers in OPTIONS response
Fix ldap driver to handle numeric usernames correctly.
Add handling for allprop and ommission of prop tag in calendar-query, calendar-multiget and addressbook-query
Fix parsing of relative alarm times where the event has a timezone
Correct detection of suhosin.server_strip status (from Christoph Anton Mitterer via debian bug #656392).
Other minor bugfixes.
Other Changes
Add support for ldap mapping of multiple fields to one DAViCal field (from Sylvain BURGER)
Generally improved support for a wider range of DAV/CalDAV/CardDAV properties in calendar-query, calendar-multiget and addressbook-query
1.1.0:
Database Upgrade
There are several changes to in-database functions.
Bug Fixes
Obscure password in LDAP debug log messages
Fix bugs parsing some RFC5545 duration values
Fix handling of ?mode=append when uploading calendar data.
Various fixes to external BIND support.
Fix some errors in content-type detection & handling.
Correct round-trip handling of arbitrary XML in dead properties.
Fix bugs in editing of existing grants.
Other Changes
Support for WebDAV Synchronisation is updated to match the final RFC.
Support If-Modified-Since header.
Merge iSchedule support from Rob Ostenson.
Add support for initialising an addressbook from a file of VCARDs
Add support for 'Prefer' and 'Brief' headers.
Reduce logging noise from 401 and 404 responses.
Some query performance improvements.
When someone is delegated 'write' by a principal they can now maintain that principal's details in the Admin UI.
New default_collections setting which replaces home_calendar_name and home_addressbook_name (these are deprecated)
1.0.2:
Bug Fixes
Fix bug in scheduling on POST request.
Fix permissions on user create via external auth.
Add a default min_age for external binds.
Other Changes
Prevent external binds from being created/updated if curl is missing.
Add check to setup page to test whether curl is installed.
Allow for silly programs that send content-type XML with a GET request.
Support use of HTTP_AUTHORIZATION in addition to AUTHORIZATION cgi.
Handle VCARD adr/tel/email which have multiple types.
Set the default URL to the default calendar name rather than /home/
Enable the file upload for addressbook collections.
Handle addressbook import along with calendar import.
Write UID and REV property n VCARD if they are missing.
Update translations to current transifex translations.
1.0.1:
Bug Fixes
Fix missing braces the /tools.php script.
Other Changes
Update translations to current transifex translations.
1.0.0:
Functionality Enhancements
Handle DELETE scheduling actions.
Bug Fixes
Handle bound resources correctly in sync-collection report.
When creating an external bind don't consider local host as external
Fix logic error in hide_TODO setting.
Make hide_alarm work on bound resources.
Correct bug in sync-collection report response.
Fix BIT24 casting for the LDAP driver.
Fix for MOVE into a bound location.
Correctly calculate the next alarm time.
Make sync-collection handle new format for sync token.
Don't allow a / in the UID to infect the path on import.
Fix propfind depth:1 on bind to external url
Correct handling of empty CardDAV:address-data element in request.
Fix handling of active flag for general external authentication mechanisms.
Fix LDAP user creation where memcached support is off.
Fix handling of numeric usernames.
Other Changes
Catch missing-xml in request separately from invalid-xml.
Add the "CardDAV" word into DAViCal's description.
Improve expand performance by only doing expansion if we know we need it.
Use supplied content_type even on zero-length requests.
Strip URL-unfriendly characters from UID before using it as URL segment.
Slightly more helpful 403 response.
Remove password from LDAP log messages.
Tooltips for schedule-deliver and schedule-send.
Current localisations from Transifex.
Update e-mail address to current one, mention wiki.
Force output buffers to be flushed, if they're turned on.
Update refresh-alarms script to newer style initialisation.
Update website to reflect new default calendar name.
Rationalise confidential event rewriting.
Add the $c->hide_alarms functionality into DAVResource class.
Allow LDAP sync to work if the date is reasonable and no 'format_updated' is set.
We don't need to test for the PostgreSQL non-PDO drivers now.
Switch out deprecated LDAP mappings before we use them anywhere.
Add test for PHP filter module and wiki links for each test.
External bind changes, added a clean up button, urls now show for external collections and added a few strings for translation
Functionality Enhancements
Add support for incoming requests to be content-encoded with gzip, deflate or compress.
Add page for listing external calendar binds.
Implement basic support for supported-calendar-component-set in MKCALENDAR/MKCOL.
Bug Fixes
Additional work on CalDAV scheduling extensions should now make this usable.
Further fixes to the handling of time-range queries in the calendar-query report.
Fixes to the timezone service introduced in 0.9.9.6
Fix multi-calendar import in tools.php
Fix casting to handle integers as usernames.
Fix default_permissions errors with LDAP updates.
Fix LOCK handling when no timeout is supplied.
Ensure default addressbook collections are, in fact, created as addressbook collections.
Fix handling of BYMONTHDAY=-N in RRULEs
Fix handling of RRULE with COUNT=X and FREQ=WEEKLY where X is not divisible by the number of values in a BYDAY part.
Other Changes
Minor changes to handle Kerberos authentication provided by the webserver.
Most use of the deprecated iCalendar class has been switched to use the new vCalendar class.
Make sync-token a URI to comply with most recent definition of webdav sync.
Depend on libawl-0.49.
Remove legacy pgsql dependencies, I think they're not needed since 0.9.9.4.
0.9.9.6:
Functionality Enhancements
Implementation of the Timezone Service Protocol (draft)
Bug Fixes
Fixes to the handling of time-range queries in the calendar-query report.
Fixes to LDAP authentication regressions introduced in 0.9.9.5.
Fix ability to save blank default privileges.
Other Changes
Add a script which can be run from cron to sync users from LDAP.
Most use of the deprecated iCalendar class has been switched to use the new vCalendar class.
0.9.9.5:
Functionality Enhancements
Experimental 'memcached' support is added to help large sites improve scalability.
The /setup.php URL is improved to provide better information
When a new user is created an 'addressbook' collection will be created in addition to their 'home' calendar.
Scheduling Extensions for CalDAV: When a meeting is scheduled with another person on the same server it should automatically appear in their calendar and scheduling inbox.
Implemented the principal-match REPORT.
Only include calendar-data (or addressbook-data) in the response to a sync-collection if there are fewer than 50 changes outstanding.
Add support for Digest authentication.
Add support for using IMAP as an auth source.
Add support for binding remote calendars External Bind(Rob Ostensen).
Bug Fixes
Repeat rule expansion now handles floating date-time and date correctly.
Access to calendar resources by users with only read-free-busy access should always be obfuscated.
The first user to log in after setting up a system using pam_auth or LDAP will no longer fail.
Correct handling for PUT of a VCALENDAR with unreferenced VTIMEZONE components.
Only include override components in an expanded report if they override in the expand period (or otherwise affect within the period).
Correct output of XML <error> responses containing error tags in the DAV namespace.
Correct handling of calendar-query REPORT where <prop> follows <filter>
Setup tests now handle where PHP config values are set to '0' or 'off' as equivalent.
Various bugfixes to caldav-client-v2.php script.
Don't restrict password character set for LDAP auth users.
Don't allow BIND to succeed with an empty password.
Correct sort ordering of members of a group.
Block access by expired tickets.
Other Changes
Group membership now always confers the group's 'Default privileges' to members of the group.
The handling of reading users from the database is refactored from old PHP4 code into some better object oriented classes.
Refactoring of the handling of PUT requests.
Add a workaround to let Apple Addressbook log in and use CardDAV even when account names contain '@'
Updated translations.
New translations for Norwegian, Brazilian Portuguese and Mexican Spanish.
Allow expansion to return expanded floating time events in floating time (extension to spec).
When an event is added but has no UID (invalid) we now add one.
Add support in the archive for building RPMs of DAViCal
2010-12-28 Andrew McMillan <andrew@morphoss.com>
* Release 0.9.9.4
2010-12-27 Andrew McMillan <andrew@morphoss.com>
* Refactor PUT functions to set modified/created dates more correctly.
2010-12-27 Leho Kraav <leho@kraav.com>
* add et_EE to support locales
2010-12-26 Andrew McMillan <andrew@morphoss.com>
* Fix errors in po files pointed out by Transifex uploading.
* A new AtomFeed class for building an Atom feed.
* Switch to creating an atom feed, which is a better feed standard.
2010-12-26 Leho Kraav <leho@kraav.com>
* A new URL to provide an RSS feed of a calendar's changes.
2010-12-26 Andrew McMillan <andrew@morphoss.com>
* Refactored RRule to add support for initialisation from a vProperty.
2010-12-25 Andrew McMillan <andrew@morphoss.com>
* Remove all reference to PgQuery
* Extensive refactoring of principal-edit, plus support for creating tickets.
* Add support for writing scheduling resources on PUT.
* Improve support for handling floating time.
* Add cil for internal issue tracking.
2010-12-08 Andrew McMillan <andrew@morphoss.com>
* Cut access with invalid/expired tickets out immediately.
2010-12-07 Andrew McMillan <andrew@morphoss.com>
* Handle empty PROPFIND, don't blow up on invalid XML.
2010-11-30 Andrew McMillan <andrew@morphoss.com>
* /.well-known/* now returns a 301 redirect, per spec.
* Use text/vcard for content type in advance of ratification of spec.
* Properly handle addressbooks in multiget.
* Hide authorization headers in logging.
* Update sync-collection REPORT to match -04 of draft.
* Replace index.php with caldav.php when we find it in our path.
2010-11-27 Andrew McMillan <andrew@morphoss.com>
* Be pedantic about checking user is active before we let them in.
* Specify the SRV record examples with leading _ as they should be.
2010-11-21 Andrew McMillan <andrew@morphoss.com>
* Fix SQL for group handling from Michael Braun.
* Add principal-collection-set to standard responses for DAVResource.
* Correct typo in POST handling.
2010-11-20 Andrew McMillan <andrew@morphoss.com>
* Also update displayname if fullname is changed.
2010-10-02 Daniel Aleksandersen <daniel@>
* remove old screenshots
* updated iPhone client configuration with new screenshots
2010-11-19 Andrew McMillan <andrew@morphoss.com>
* Handle stuff like DTSTART;TZID=America/New_York:20101119T231307
2010-11-14 Andrew McMillan <andrew@morphoss.com>
* Script to refresh calendar_alarms with next instance time.
2010-11-09 Andrew McMillan <andrew@morphoss.com>
* Don't let auth functions create duplicate home calendars.
2010-11-06 Andrew McMillan <andrew@morphoss.com>
* Patch for caldav sync from Pierre-Arnaud Poudret.
* Add ACL to the supported methods.
* Change regression runner to look for sample data with tests.
* Correct version number typo.
* Always grant 'DAV::read' privilege from principal to group members.
2010-11-05 Andrew McMillan <andrew@morphoss.com>
* Use expanded time specifiers in format since %Y doesn't work on Windows.
* Support recursive REPORT query if configured to allow it.
2010-11-04 Andrew McMillan <andrew@morphoss.com>
* Add a new WritableCollection object which we will use for PUT.
* Use text/vcard rather than older text/x-vcard.
* Support event properties in changed part of sync-response.
* Rename variable to work around Pg 9.0 reserved name.
2010-11-01 Andrew McMillan <andrew@morphoss.com>
* Switch from regular expression which may not work in old/odd PHP.
2010-10-31 Andrew McMillan <andrew@morphoss.com>
* Support getlastmodified property in REPORT requests.
2010-10-16 Andrew McMillan <andrew@morphoss.com>
* Fix typo in iTIP CANCEL handling.
2010-10-15 Andrew McMillan <andrew@morphoss.com>
* Turn on calendar-auto-schedule header if $c->enable_auto_schedule
* Add various additional checks into /setup.php
* Add knowledge of desired parallel AWL version to setup.
2010-10-10 Andrew McMillan <andrew@morphoss.com>
* Fix various minor CardDAV bugs.
* Omit the <response> for event outside the time range - when expanded.
* Fix privilege_to_bits function to set 'all' correctly & work with recent postgres
2010-10-08 Andrew McMillan <andrew@morphoss.com>
* Don't supply freebusy for 0-duration events.
* Another regression test for free/busy catching many events.
* Add an event with a thoroughly bogus tzid to ensure we cope.
* Check for some supported stuff very early so we can show it is missing.
* Better display of bindings.
* Add postgreSQL 9.0 as a possibility.
* Fix warning when using basic authentication fallback.
* Fix handling of iCalendar durations containing negative elements.
* Handle events which don't have either DTEND *or* DURATION.
* Rewrite __construct() method of RepeatRuleDateTimeZone to be more robust.
Update to 0.9.9.3. Nothing much changed between .2 and .3, update is
straightforward.
While here, make MESSAGE more helpful in case of package upgrade.
Changelog:
0.9.9.2 => 0.9.9.3
Functionality Enhancements
* Bindings available to a principal are now listed in the Admin UI.
* Attempt to login using supplied basic authentication credentials, if all else fails.
Bug Fixes
* WebDAV Sync is now supported for Addressbook collections.
* VCARD resources will no longer report a blank ETag in an XML responses.
* The ETag property will be properly quoted when appearing an XML response.
Other Changes
* 412 error responses to PUT for addressbook resources now include useful information.
* A new temporary configuration option is added to allow use of the old sync-response tag in WebDAV sync for compatibility with the Inverse CardDAV plugin for Lightning.
* Basic recognition of VLIST resources.
Changelog:
0.9.9.1 => 0.9.9.2
Functionality Enhancements
* Tickets and Bindings related to a collection or principal are now listed in the Admin UI.
Bug Fixes
* The CardDAV 'addressbook-query' report is enabled.
* A bug is fixed in the database libraries which caused some valid hexadecimal strings to be treated as numbers.
* The PAM auth method now parses the username field better (Jim Hague).
* An ETag will now be sent in response to a PUT for non-Calendar resources as well as for calendaring ones.
* Collection / Principal maintenance screens will no longer cause query errors during the create action.
0.9.9 => 0.9.9.1
Functionality Enhancements
* Initial support for vCard Extensions to WebDAV (CardDAV) - Draft
* WebDAV Sync RFC (draft) support is updated to draft version -03
* Support for /.well-known/caldav and /.well-known/carddav URLs (per RFC5785: Defining Well-Known URIs)
Bug Fixes
* Free/busy handling has been completely rewritten.
* LDAP group handling should be better
* UTF8 calendars should now be more reliably imported.
* There should be no need to override the DAV header.
* Many others.
Other Changes
* Some updated translations
* Clients which set the Content-Type incorrectly on PUT should be accommodated with a warning logged.
* Errors in the DAViCal configuration file should not generate output to the screen. This has been a common problem causing breakage in the DAV functionality. Errors will still be logged to the PHP error log (usually the Apache error log).
different from the one where the database server is running.
Change the configuration files permissions. administration.yml is really
for davical_dba, config.php is for davical_app (web application). While
here, fix the Apache example.
No revision bump; package content is the same.
DAViCal is a server for calendar sharing. It is an implementation of the
CalDAV protocol which is designed for storing calendaring resources (in
iCalendar format) on a remote shared server.
DAViCal supports basic delegation of read/write access among calendar users,
multiple users (or clients) reading and writing the same calendar entries over
time, and scheduling of meetings with free/busy time displayed.
An increasing number of calendar clients support the maintenance of shared
remote calendars through CalDAV, including Evolution, Mulberry, Chandler,
Mozilla Calendar (Sunbird/Lightning), and various other closed-source
products such as Apple's iCal and iPhone.