Lib/
* Added ldap.controls.openldap.SearchNoOpControl
* New method ldap.async.AsyncSearchHandler.afterFirstResult()
for doing something right after successfully receiving but before
processing first result
* Better log data written when invoking ldap.LDAPLock.acquire() and
ldap.LDAPLock.release()
* LDAPObject and friends now pass `desc' to ldap.LDAPLock() which
results in better logging
* ldapobject.ReconnectLDAPObject now uses internal class-wide
lock for serializing reconnects
* Method signature of ReconnectLDAPObject.reconnect() changed to be able
to call it with separate retry_max and retry_delay values
Modules/
* Added support for retrieving negotiated TLS version/cipher
with LDAPObject.get_option() with the help of upcoming OpenLDAP libs
either because they themselves are not ready or because a
dependency isn't. This is annotated by
PYTHON_VERSIONS_INCOMPATIBLE= 33 # not yet ported as of x.y.z
or
PYTHON_VERSIONS_INCOMPATIBLE= 33 # py-foo, py-bar
respectively, please use the same style for other packages,
and check during updates.
Use versioned_dependencies.mk where applicable.
Use REPLACE_PYTHON instead of handcoded alternatives, where applicable.
Reorder Makefile sections into standard order, where applicable.
Remove PYTHON_VERSIONS_INCLUDE_3X lines since that will be default
with the next commit.
Whitespace cleanups and other nits corrected, where necessary.
Lib/
* ldapobject.ReconnectLDAPObject._apply_last_bind() now sends
anonymous simple bind request even if the calling application
did not to provoke ldap.SERVER_DOWN in method reconnect()
* ldapobject.ReconnectLDAPObject.reconnect() now also catches
ldap.TIMEOUT exception after reconnection attempt
* Several other fixes for ldapobject.ReconnectLDAPObject
Lib/
* ldapobject.ReconnectLDAPObject.reconnect() now preserves
order of options set with LDAPObject.set_option before.
This is needed e.g. for setting connection-specific TLS options.
Demo/
* Better version of Demo/pyasn1/syncrepl.py
* ldapobject.ReconnectLDAPObject.reconnect() now does kind of
an internal locking to pause other threads while reconnecting
is pending.
* Changes to bind- and startTLS-related operation methods of
class ReconnectLDAPObject for more robustness
* New constant ldap.OPT_NAMES_DICT contains mapping from
integer to variable name for all option-related constants.
Lib/
* Fixed overzealous check for non-unique NAMEs in
ldap.schema.subentry.SubSchema.__init__()
* Fixed typos in control decoding method
ldap.controls.simple.OctetStringInteger.decodeControlValue()
* Added experimental support for draft-vchu-ldap-pwd-policy
Lib/
* ldap.controls.ppolicy:
Another fix for decoding the password policy response control
Changes 2.4.5:
Installation:
* defines for SASL and SSL in setup.cfg to be more friendly to
Python setup tools (easy_install)
Lib/
* Fixed typo in ldap.functions._ldap_function_call() which
always released ldap._ldap_module_lock instead of local lock
* ldap.controls.ppolicy:
Fixed decoding the password policy response control
Demo/
* Demo script for ldap.controls.ppolicy
Lib/
* Mostly corrected/updated __doc__ strings
Doc/
* Corrected rst files
* Added missing modules, functions, classes, methods, parameters etc.
at least as auto-generated doc
Changes 2.4.2:
Logging:
* pprint.pformat() is now used when writing method/function
arguments to the trace log
ldap.schema.subentry:
* SubSchema.__init__() now has new key-word argument check_uniqueness
which enables checking whether OIDs are unique in the subschema subentry
* Code-cleaning: consequent use of method SubSchema.getoid() instead of
accessing SubSchema.name2oid directly.
* SubSchema.getoid() and SubSchema.getoid() now have key-word argument
raise_keyerror=0 and raise KeyError with appropriate description.
Modules:
* New LDAP option OPT_X_TLS_PACKAGE available in OpenLDAP 2.4.26+
to determine the name of the SSL/TLS package OpenLDAP was
built with
Lib/
* ldap.modlist.modifyModlist(): New key-word argument
case_ignore_attr_types used to define attribute types for which
comparison of old and new values should be case-insensitive
* Minor changes to which data is sent to debug output for various
trace levels
* Now tag [1] is used in ldap.extop.dds.RefreshResponse in
compliance with RFC 2589 (fix available for OpenLDAP ITS-6886)
* New sub-module ldap.controls.sessiontrack implements request control
as described in draft-wahl-ldap-session (needs pyasn1_modules)
Changes since 2.4.0:
* OpenLDAP 2.4.11+ required to build
* Support for extracting LDAPv3 extended controls in
LDAP_RES_SEARCH_ENTRY responses
(see SF-2829057, thanks to Rich)
* Generic support for LDAPv3 extended operations (thanks to Rich)
Lib/
* new class API in ldap.controls, not backwards-compatible!
* new sub-modules for ldap.controls, some require pyasn1 and pyasn1_modules
* New methods LDAPObject.result4() and LDAPObject.extop_result()
* New (optional) class ldap.controls.AssertionControl
* New helper module ldap.logger contains file-like object which
sends trace messages to logging.log()
* Removed non-functional method LDAPObject.set_cache_options()
* Removed unused dictionary ldap.controls.knownLDAPControls
Modules/
* ldapcontrol.c: Fixed encode_assertion_control() and function is no longer
hidden behind ifdef-statement
Lib
* Removed tabs from various modules to make things work with python -tt.
* Quick fix to ldif.is_dn() to let multi-valued RDNs pass as valid.
Is too liberal in some corner-cases though...
* Fix to ldif.is_dn() to allow dashes in attribute type
* ldap.open() now outputs a deprecation warning
* module-wide locking is now limited to calling _ldap.initialize().
Still ldap.functions._ldap_function_call() is used to wrap all
calls for writing debug log.
Modules
* New LDAP options available in OpenLDAP 2.4.18+ supported in
LDAPObject.get/set_option():
ldap.OPT_X_KEEPALIVE_IDLE, ldap.OPT_X_KEEPALIVE_PROBES,
ldap.OPT_X_KEEPALIVE_INTERVAL,
ldap.OPT_X_TLS_CRLCHECK, ldap.OPT_X_TLS_CRLFILE
Doc
* Various small updates/improvements
----------------------------------------------------------------
Released 2.3.8 2009-04-30
Changes since 2.3.7:
Lib/
* ldap.schema.models: More fault-tolerant parsing of SYNTAX in
AttributeTypeDescription
* ldap.schema.tokenizer.split_tokens():
More tolerant parsing of items separated only with a DOLLAR without
surrounding white-spaces (because WSP is declared as zero or more spaces
in RFC 4512)
----------------------------------------------------------------
Released 2.3.7 2009-04-09
Changes since 2.3.6:
Lib/
* urllib.quote() is now used in LDAPUrlExtension.unparse() to quote
all special URL characters in extension values
Modules/
* Fixed ldapcontrol.c not to raise ldap.ENCODING_ERROR in
function encode_rfc2696() on 64-bit systems
* Fixed seg fault if error code in a LDAP response was outside
the known error codes and could not be mapped to a specific
exception class (thanks to Sean)
* errors.c: LDAP_ERROR_MAX set to LDAP_PROXIED_AUTHORIZATION_DENIED
if available in OpenLDAP header
* new exception class ldap.PROXIED_AUTHORIZATION_DENIED
if available in OpenLDAP header
* Fixed functions.c not to raise ldap.ENCODING_ERROR in
function l_ldap_str2dn() on 64-bit systems (see SF#2725356)
----------------------------------------------------------------
Released 2.3.6 2009-02-22
Changes since 2.3.5:
Lib/
* Importing ldap.str2dn() which directly imported _ldap.str2dn()
is prohibited now (see SF#2181141)
Modules/
* get_option(): Added support for reading more SASL options.
(OPT_X_SASL_MECH, OPT_X_SASL_REALM, OPT_X_SASL_AUTHCID and
OPT_X_SASL_AUTHZID)
* Added some explicit type casts to fix issues while building
with SunStudio
* Fixed compiling issue with GCC 4.4
(see SF#2555793, thanks to Matej and Martin)
Doc/
* Clarified not to use ldap_get_dn() directly
* Fixed description of ldap.SASL_AVAIL and ldap.TLS_AVAIL
(see SF#2555804, thanks to Matej and Martin)
----------------------------------------------------------------
Released 2.3.5 2008-07-06
Changes since 2.3.4:
Lib/
* Fixed methods ldap.cidict.__contains__() and
ldap.schema.models.Entry.__contains__()
* FWIW method LDAPObject.cancel_s() returns a result now
* Fixed ldap.schema.models.NameForm: Class attribute oc is now
of type string, not tuple to be compliant with RFC 4512
----------------------------------------------------------------
Released 2.3.4 2008-03-29
Changes since 2.3.3:
Modules/
* Fixed seg fault when calling LDAPObject.get_option()
(see SF#1926507, thanks to Matej)
----------------------------------------------------------------
Released 2.3.3 2008-03-26
Changes since 2.3.2:
Fixed backward-compability when building with OpenLDAP 2.3.x libs.
----------------------------------------------------------------
Released 2.3.2 2008-03-26
Changes since 2.3.1:
Lib/
* ldap.dn.escape_dn_chars() now really adheres to
RFC 4514 section 2.4 by escaping null characters and a
space occurring at the beginning of the string
* New method ldap.cidict.cidict.__contains__()
* ldap.dn.explode_dn() and ldap.dn.explode_rdn()
have a new optional key-word argument flags which is
passed to ldap.dn.str2dn().
Modules/
* Removed unused OPT_PRIVATE_EXTENSION_BASE from constants.c
Doc/
* Various additions, updates, polishing (thanks to James).
This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
patches to add it). Drop pax from the default USE_TOOLS list.
Make bsdtar the default for those places that wanted gtar to extract
long links etc, as bsdtar can be built of the tree.
- assume that Python 2.4 and 2.5 are compatible and allow checking for
fallout.
- remove PYTHON_VERSIONS_COMPATIBLE that are obsoleted by the 2.3+
default. Modify the others to deal with the removals.
* Support for setuptools (building .egg, thanks to Torsten)
* Support for matched values control
* Fixed ldif
* ldap.schema.models: SUP now separated by $
* Added constant MOD_INCREMENT to support
modify+increment extension
Changes 2.2.1:
* OpenLDAP 2.3+ required now to build.
* Added support for Cancel operation ext. op. if supported
in OpenLDAP API of the libs used for the build.
* Removed deprecated code for setting options by name
* Added l_ldap_cancel()
and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.
For example, "make show-buildlink3" in fonts/Xft2 displays:
zlib
fontconfig
iconv
zlib
freetype2
expat
freetype2
Xrender
renderproto
----------------------------------------------------------------
Released 2.2.0 2006-04-10
Changes since 2.0.11:
* OpenLDAP 2.2+ required now to build.
Modules/
* Dropped all occurences of '#ifdef #LDAP_VENDOR_VERSION'.
* Fixed wrong tuple size in l_ldap_result3() (see SF#1368108)
* Fixed get_option(ldap.OPT_API_INFO) (see SF#1440165)
* Fixed memory leak in l_ldap_result3() when all=0
(see SF#1457325)
* Fixed memory leak in l_ldap_result3() in error cases
(see SF#1464085)
Lib/
* Fixed ldap.schema.models.DITStructureRule.__str__() to
separate SUP rule-ids with a single space instead of ' $ '
* Fixed ldap.async.Dict
* Added ldap.async.IndexedDict
* ldap.schema.subentry.SubSchema.attribute_types() has new
key-word argument ignore_dit_content_rule
----------------------------------------------------------------
Released 2.0.11 2005-11-07
Changes since 2.0.10:
Lib/
* Class ldap.ldapobject.LDAPObject:
Each method returns a result now
* Class ldap.ldapobject.ReconnectLDAPObject:
Some methods called the wrong methods of LDAPObject. Fixed.
* Added new class ldap.async.Dict
* Slightly cleaned up ldap.schema.subentry.attribute_types()
* New sub-module ldap.resiter which simply provides a mix-in
class for ldap.ldapobject.LDAPObject with a generator method
allresults().
Obviously this only works with Python 2.3+. And
it's still experimental.
RECOMMENDED is removed. It becomes ABI_DEPENDS.
BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.
BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.
BUILDLINK_DEPENDS does not change.
IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".
Added to obsolete.mk checking for IGNORE_RECOMMENDED.
I did not manually go through and fix any aesthetic tab/spacing issues.
I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.
I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.
As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.
As discussed on tech-pkg.
I will commit to revbump, pkglint, pkg_install, createbuildlink separately.
Note that if you use wip, it will fail! I will commit to pkgsrc-wip
later (within day).
developer is officially maintaining the package.
The rationale for changing this from "tech-pkg" to "pkgsrc-users" is
that it implies that any user can try to maintain the package (by
submitting patches to the mailing list). Since the folks most likely
to care about the package are the folks that want to use it or are
already using it, this would leverage the energy of users who aren't
developers.
changes:
* Switched back to old implementation of
ldap.schema.tokenizer.split_tokens() since the new one
had a bug which deletes the spaces from DESC
* ldap.INSUFFICIENT_ACCESS is now ignored in
ldap.ldapobject.LDAPObject.search_subschemasubentry_s()
python*-pth packages into meta-packages which will install the non-pth
packages. Bump PKGREVISIONs on the non-pth versions to propagate the
thread change, but leave the *-pth versions untouched to not affect
existing installations.
Sync all PYTHON_VERSIONS_AFFECTED lines in package Makefiles.
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
compilation against newer OpenLDAP, as shown in bulk builds results.
Changes since 2.0.1:
Modules:
* Fixed detecting appropriate OpenLDAP libs version for
determining whether ldap_whoami_s() is available or not.
This fixes build problems with OpenLDAP libs 2.1.0 up
to 2.1.12.
----------------------------------------------------------------
Changes since 2.0.0:
dsml:
* Fixed wrong exception message format string
ldap.schema.models:
* Fixed Entry.__delitem__() to delete really everything
when deleting an attribute dictionary item.
----------------------------------------------------------------
Changes since 2.0.0pre21:
ldif:
* Empty records are simply ignored in ldif.LDIFWriter.unparse()
Modules/:
* New method result2() returns 3-tuple containing the msgid
of the outstanding operation.
ldap.ldapobject:
* New _ldap wrapper method LDAPObject.result2() (see above)
which is now used by LDAPObject.result().
----------------------------------------------------------------
Changes since 2.0.0pre20:
setup.py:
* runtime_library_dirs is set
Modules/:
* (Hopefully) fixed building with OpenLDAP 2.2 libs in errors.c
* Removed meaningless repr() function from LDAPObject.c
* Removed setting LDAP_OPT_PROTOCOL_VERSION in l_ldap_sasl_bind_s()
* Modified string handling via berval instead of *char
in l_ldap_compare_ext() makes it possible to compare attribute
values with null chars.
* Wrapped ldap_sasl_bind() for simple binds instead of ldap_bind()
since 1. the latter is marked deprecated and 2. ldap_sasl_bind()
allows password credentials with null chars.
* Removed unused sources linkedlist.c and linkedlist.h
* Function l_ldap_whoami_s() only added if built against
OpenLDAP 2.1.x+ libs (should preserve compability with 2.0 libs)
ldap.ldapobject:
* LDAPObject.bind() only allows simple binds since Kerberos V4
binds of LDAPv2 are not supported anymore. An assert statement
was added to make the coder aware of that.
* Renamed former LDAPObject.sasl_bind_s() to
LDAPObject.sasl_interactive_bind_s() since it wraps OpenLDAP's
ldap_sasl_interactive_bind_s()
----------------------------------------------------------------
Changes since 2.0.0pre19:
Modules/:
* Removed doc strings from functions.c
* Removed probably unused wrapper function l_ldap_dn2ufn() since
ldap_dn2ufn() is deprecated in OpenLDAP 2.1+
* Removed wrapper function l_ldap_is_ldap_url().
* Removed macro add_int_r() from constants.c since it caused
incompability issues with OpenLDAP 2.2 libs
(Warning: all result types are Integers now! Use the constants!)
* New wrapper function l_ldap_whoami_s()
ldap.ldapobject:
* New wrapper method LDAPObject.whoami_s()
ldap.functions:
* Removed is_ldap_url(). The more general function
ldapurl.isLDAPUrl() should be used instead.
ldap.sasl:
* Added class cram_md5 (for SASL mech CRAM-MD5)
ldap.async:
* Use constants for search result types (see note about
add_int_r() above).
----------------------------------------------------------------
Changes since 2.0.0pre18:
Modules/:
* LDAPObject.c:
Most deprecated functions of OpenLDAP C API are not used anymore.
* functions.c:
Removed unused default_ldap_port().
* constants.c:
Removed unused or silly constants
AUTH_KRBV4, AUTH_KRBV41, AUTH_KRBV42, URL_ERR_BADSCOPE, URL_ERR_MEM
* errors.c:
Fixed building with OpenLDAP 2.2.x
(errors caused by negative error constants in ldap.h)
ldap.ldapobject.LDAPObject:
* Removed unused wrapper methods uncache_entry(), uncache_request(),
url_search(), url_search_st() and url_search_s()
* New wrapper methods for all the _ext() methods in _ldap.LDAPObject.
ldap.modlist:
* Some performance optimizations and simplifications
in function modifyModlist()
----------------------------------------------------------------
Changes since 2.0.0pre17:
ldap.ldapobject:
* Fixed missing ldap._ldap_function_call() in
ReconnectLDAPObject.reconnect()
----------------------------------------------------------------
Changes since 2.0.0pre16:
ldap.functions:
* Fixed ImportError when running python -O
----------------------------------------------------------------
Changes since 2.0.0pre15:
Modules/:
* Removed definition of unused constant RES_EXTENDED_PARTIAL since
the corresponding symbol LDAP_RES_EXTENDED_PARTIAL seems to not
be available in OpenLDAP-HEAD (pre 2.2) anymore.
All in Lib/:
* Fixed some subtle bugs/oddities mentioned by pychecker.
dsml:
* Renamed DSMLWriter._f to DSMLWriter._output_file
* Added wrapper method DSMLWriter.unparse() which simply
calls DSMLWriter.writeRecord()
ldap.ldapobject:
* Simplified LDAPObject.search_subschemasubentry_s()
ldap.functions:
* Moved ldap._ldap_function_call() into ldap.functions.
* apply() is not used anymore since it seems deprecated
ldap.async:
* Added class DSMLWriter
ldap.schema:
* Removed unused key-word argument strict from
ldap.schema.subentry.SubSchema.attribute_types()
* Fixed backward compability issue (for Python prior to 2.2) in
ldap.schema.subentry.SubSchema.listall()