2.9.1
- new feature: added support for using Kerberos authentication on windows clients using the native winkerberos library
- new feature: added support for using Channel Bind tokens with Kerberos authentication on windows clients
- fixed a bug related to using start_tls with a RESTARTABLE strategy that caused errors to be raised erroneously.
- fixed a bug around the type checking of Reverse DNS Settings with Kerberos authentication
- fixed an issue related to decoding unicode strings in LDAP referrals and attributes in python 2
- minor documentation updates and corrections
2.9:
- new feature: SafeRestartable strategy (SAFE_RESTARTABLE) for using a restartable Connection object in a multi-threading program
- tested against Python 3.9
- added requirements-dev.txt
- fixed logging unicode exceptions in python2.7
- added more granular control over use of reverse dns with Kerberos (thanks Azaria)
- support MS Active Directory persistent search (thanks eLeX)
- added support for LDAP signing when using DIGEST-MD5 authentication (thanks Augustin-FL)
- check only for searchResEntries in LDIF conversion (thanks Jay)
- modify-increment now works properly in mock strategies (thanks Saint-Marcel)
- objectGUID are now converted properly (thanks Janne)
- default timeout in asynchronous strategies raised to 20 seconds
2.8.1:
- fixed regression in 2.8 for members returned in AD auto-range search
- fixed regression in 2.8 for attribute error in restartable class
- try to use Crypto library if present for hashing NTLM password on python interpreter missing the MD4 OpenSSL algorithm
2.8:
- new feature: SafeSync strategy (SAFE_SYNC) for using a synchronous Connection object in a multi-threading program
- new feature: LDIF_LINE_LENGTH for specifying line length wrapping in ldif-content output (default to 78 as per RFC 2849)
- fixed requirements for pyasn1
- fixed regression for ldapi connections
- fixed issue with lazy connection requesting server info on every operation
- fixed searching by objectGUID in hex format (thanks Matt)
- added iso_format parameter to utils.format_json to return dates in ISO format (thanks Hugh)
- fixed issue with Referral attributes not returned by the referral server (thanks Nazarii)
- fixed lost error message in auto_bind (thanks cfelder)
- fixed delete_old_dn in mock connections (thanks kpinc)
- fixed a ResourceWarning with lazy connections
- fixed entry_to_json() that in python2 modified the original entry value (thanks Dirk-Jan)
- tests desnt' raise Exception if real server is not present
2.7:
- tested against Python 3.8.1 and pyasn1 0.4.8
- re-enabled ssl exception raising on bad certificate when only 1 server is present in the server pool
- removed Python 2.6 from Travis configuration
- added support for source specifications in LDAP connections
- added support for allowing special AD security identifier (SID) in DN
- fixed pickling of entry and attribute
- close connection when auto_bind fails
- operational attributes can be used in Abstraction Layer
- additional SSL options can be used in Tls object
- threading.Event replaces loop checking in async strategy. ASYNC strategy should be much faster now
- adding a key that is already an alias that contains other aliases in CaseInsensitiveWithAliasDict() now works properly
- when searching for GUID, UUID and SID the backslash character (0x5C) is properly managed
- LDIF output properly formatted when controls are missing
- operational attributes are not returned in MOCK strategies when not requested
- undecodable values are returned as raw bytes when using the pyasn1 decoder
2.6.1:
- tested against pyasn1 0.4.7
- added eDirectory 9.1.4 (EDIR_9_1_4) to offline schemas
- added json converter for timedelta
- strip parameter defaults to False in utils.dn.parse_dn()
- escaped space is allowed as trailing character in attribute_value in utils.dn.parse_dn()
- connection.extend.standard.paged_search doesn't raise exceptions when raise_exceptions is False
- the Search operation returns the entries fetched by the server when size or time limits are reached even if raise_exceptions is set to True
- Handle the minimum value that can be stored in an Int64 in format_ad_timedelta
- EntryState: `entry_raw_attributes` is populated instead of `raw_attributes`
- Removed restriction to perform rename and move simultaneously in modify_dn
- fixed checking for hexdigits in parse_dn
- fixed escaping when multiple backslashes are present in parse_dn
- fixed multiple NoneType exceptions in entry_to_json()
- allowing Microsoft specific syntax (<WKGUID=xxx>) for WellKnownObjects in DN
- connection.extend.standard.paged_search() now follows referrals when auto_referrals=True
- fixed a bug in decoding replica list in connection.extend.novell.list_replicas()
- fixed a bug when adding duplicate alias in CaseInsensitiveWithAliasDict()
- added ignore_duplicates=False in set_aliases in CaseInsensitiveWithAliasDict() to ignore a duplicate alias (either in aliases or in keys)
- Schema info now uses CaseInsensitiveWithAlias dict as default so object and attributes can also be referentiated with OID
- added block mode and timeout parameters to next() method of persistent_search
- when using the pyasn1 decoder raw_dn is not returned as a pyasn1 object anymore but as bytes
- Return offset timezone aware datetime for max AD timestamp
2.6:
- fixed empty digestMd5.py file in 2.5.2 package
- explicitly declare digest module md5 in util.ntlm
- change object passed to modify() was unexpectedly mutated
- added LDAPInfoError exception
- added Server.has_control(control) method to check if a server has a specific control
- added Server.has_extension(extension) method to check if a server has a specific extension
- added Server.has_feature(feature) method to check if a server has a specific feature
- fixed checking of \\ in safe_dn
- fixed uuid checking with 5c byte value
- added single=True parameter to the ServerPool object definition. Servers state is shared between connections using the same pool
- updated copyright notice
In the released distfile on PyPI for ldap3-2.5.2
ldap3/protocol/sasl/digestMd5.py was accidentally empty.
Populate it based on the v2.5.2.tar.gz distfile on GitHub.
PKGREVISION++
2.5.2:
- when starting tls before binding the connection is automatically open
- fixed changelog date
- support for AD timedeltas
- fixed WhoAmI in mock strategies
- prevent unnecessary exception in extend/standard/ModifyPassword
- added support for external gssapi credentials to be passed to the sasl connection
- added support for gssapi store in sasl connection
- fixed LdifProducer
- fixed NTLM bind
- server state in ServerPool is now a namedtuple "ServerState"
- fixed error when adding member to AD group with unsafe DN
- properly restore lazy status in reusable strategy
- ServerState namedtuple converted to class in core/pooling
- empty schema doesn't raise exception in Abstraction Layer
2.5.1:
connection.result is populated when exception raised with raise_exceptions=True
fixed objectSid in mocking strategies
fixed circular reference in exception history
added objectSid validator
byte values are properly searched in MOCK strategies
exception history refactored
connections in context manager don’t bind anymore when auto_bind is set to AUTO_BIND_NONE
Cython compatible build
more detailed exception message in Mock strategy
exceptions flow refactored in reusable strategy
pwdlastset accept any positive integer
fixed an exception while logging packet with pyasn1 decoder
fixed importing abc from collections for Python 3.8
2.5:
- abstract layer now handles auxiliary classes
- pwdLAstSet in AD is valid for 0 and -1
- fixed extend.novell.get_universal_password
- entryUUID is properly validated in search filters
- custom attribute formatters are properly applied when parsing the search filter
- REUSABLE strategy now honours credentials when changed in the original connection
- add operation doesn't change passed attribute dict anymore
- missing entry's attribute return False when searching instead of raising an exception
- fixed ad_timestamp evaluation for integers
- wrong exception raised when user name is empty in simple binding
- exception is raised if size limit is exceed when searchin in mocking strategies with raise_exceptions=True
- fixed validator for novell guid
- fixed validator for openldap EntryUUID
- fixed validator for AD objectGUID, now follows MS-DTYP
- fixed formatter for AD objectGUID
- fixed exception when adding binary values
- added escape_rdn_chars() to ldap3.utils.dn for safe checking untrusted input while building DNs
- fixed search for binary values in mock strategies
- fixed exception with unicode chars in subfilters for python 2
- connection.extend.paged_search() doens't miss the last entries anymore when size limit is exceeded for the search on the server
- validators are not applied when loading data from json dump in Mock strategies
- additional validator to check for erroneous bytes to string conversion in Python 3
- additional formatter and validator to check for generalizedtime with 0 year
- added ADDITIONAL_CLIENT_ENCODINGS parameter
- fixed AD dir_sync extended operation
- ad_unlock_account works properly
- added Microsoft security descriptor control
- fixed search in mock strategies when raise_exceptions=True
- formatters never raise exceptions but returns the raw_value when unable to format
- fixed comtrols duplication in paged search
2.4.1:
- tested against pyasn1 from version 0.1.8 up to version 0.4.2, Python 2.6.6, Python 2.7.14, Python 3.6.4
- auto_encode parameter is honored when binding
- fixed organizationalName definition in oid
- automatic byte to int conversion working again
- mock connection searchs correctly escape filters
- fixed bind with not unicode characters in Python 2
- extended filter attributes should work again with pyasn1 0.4.1
- fixed error when reading incomplete server info
- NOT keyword properly handled in dit_content_rules
- operational attributes are prorerly returned in Cursor whit get_operational_attributes = True
- start_tls() is properly executed with AD when raise_exceptions=True
- reopening a Connection honours auto_bind setting
- an attribute returned with no value from a flaky server doesn't raise exception anymore
- pwdLastSet in AD is valid only for -1
- fixed docs for ldifProducer
- fixed monkeypatching of pyasn1 for Boolean Value in BER encoding
- check_names was not honoured while validating attribute values
- locks refactored in Connection and in Async strategy
- socket properly closed when checking availability of an invalid server
2.4:
security fix in the rebind() method of the Connection object (thanks Daniel)
fix for Sasl credentials in Python 3 (thanks Busuwe)
fixed bug when checking for equality in MockBase
added validator parameter to Server object for custom validators
attribute values are now validated in add/compare/modify operations in the Connection object
Python types can now be used in add/compare/modify operations
compatible with the pyasn1 library from version 0.1.8 up to latest (0.3.3 for now) version
fixed compatibility with Twisted on Windows on Python 2.7 (thanks Pmisik)
fixed paged_search behaviour in Reader object
fixed regression in MockBase (thanks Markus)
fixed invalid filter sequence in MockBase (thanks SignedBit)
added compatibility with Cython (thanks Pedro)
fixed auto_encode check in validate_attribute_value for unknown attrs (thanks CFelder)
don’t encode response_value as extended_response_to_dict expects a decoded value (thanks Matthias)
compatible with the pyasn1 library from version 0.1.8 up to latest (0.3.7 for now) version
added LDAPObjectDereferenceError exception
LDAPObjectDereferenceError is raised when an object tries to dereference itself in the Abstraction Layer (thanks Daniele)
async module renamed to asynchronous for compatibility with Python 3.7 (thank Barry)
long integer are properly checked in mocking strategies (thanks gregn610)
NUMERIC_TYPES includes long for Python 2
compatible with the pyasn1 library from version 0.1.8 up to latest (0.3.1 for now) version
MockAsync strategy is available
added __ne__ method to Attribute in abstraction layer (thank Rodrigo)
added LDAPUserNameIsMandatoryError exception in simple bind when user name is empty
search referrals are properly decoded with fast decoder
paged search works in mock strategies
paged_search in extend.standard namespace raises an exception of class LDAPOperationResult if the search returns an error
search_paged() method of Cursor object now return the whole list of entries if generator=False
updated docs for defaults parameters (thanks Guarnacciaa)
fixed mockBase for integer matching (thanks Jijo)
boolean values are now uppercase in LDIF (thanks Linus)
fixed timeout in ssl connection on Linux and Mac (thanks Allan)
changed some internal functions to private in ldap3.utils.dn
operational attribute entryDN is properly managed in Mock strategies (thanks Mark)
new rdn in renamed entry is properly set in Mock strategies (thanks Mark)
metrics are now updated for Mock strategies, except that for received bytes (thanks joehy)
better managing of missing schema from the server (thanks Deborah)
fixed error while schema is not in string format (thanks Alexandre)
SNI support added when the underlying python library allows it (thanks Edmund)
added pool_keepalive parameter to Connection object for REUSABLE strategy
connection.extend.microsoft.modify_password returns False when change is not successful (thanks Ashley)
added validators for uuid and uuid_le
fixed error while searching for bytes
fixed pickling and unpickling of datetime values (thanks David)
fixed error that resulted in valid generalizedTime strings not being parsed (thanks Busuwe)
fixed error with modify operation on referrals (thanks Busuwe)
fixed error in mockBase add_entry() with raw rdn (thanks Chad)
fixed error when stdin has not encoding in config.py (thanks cronicryo)
fixed error when optional field are not present in pyasn1 requests (thanks Ilya)
added DEFAULT_SERVER_ENCODING config parameter, should always be utf-8
DEFAULT_ENCODING config parameter renamed to DEFAULT_CLIENT_ENCODING
ADDITIONAL_ENCODINGS config parameter renamed to ADDITIONAL_SERVER_ENCONDINGS
additional encodings are applied to all data received from the server
additional encodings are not applied to client data
added from_server=False parameter to to_unicode() to not try client encoding while decoding data from server
leading and trailing spaces in server name don’t raise exception anymore - DitContentRule is properly read from the schema - added validator for Active Directory timestamp - Mock strategies raise an exception if a non-bytes value is added to the schema when no offline schema is provided (str and int are automatically converted) - added custom_validators property to Mock strategies - modifying objectClass with bytes values doesn’t raise an exception anymore (but it may fail anyway because of server constraints) - ensure that config sequence parameters are properly set - allow case insensitive attribute and class names in config parameters - added server.schema.is_valid() to check if the schema is available - empty schema properties are set to empty dict() instead of None - schema definitions with traling and leading spaces are now properly parsed and don’t raise an LDAPSchemaError exception anymore - fixed error when flaky servers (OpenLDAP) don’t return the correct response with StartTls
abstraction layer query converts int values to string (thanks dgadmin)
CaseInsensitiveDictWithAlias doesn’t raise an exception anymore if alias is set multiple times to the same key
friendly names in AttrDef are properly managed when performing commits in Writer cursors
no more errors when server returns an empty schema (thanks Glen)
range attributes in entries are properly recognized when auto_range is False
fixed random errors in auto_range searches (thanks James)
fixed checking of malformed schema
added configuration parameter IGNORE_MALFORMED_SCHEMA to not raise exception for servers that don’t follow the LDAP RFCs (defaults to False)
test config moved to test/config.py
testcase_id generated randomly for each test
added ATTRIBUTES_EXCLUDED_FROM_OBJECT_DEF parmeter to exclude some attribute from automatic populate of ObjectDef in Abstract Layer (helpful for AD)
added IGNORED_MANDATORY_ATTRIBUTES_IN_OBJECT_DEF parmeter to exclude some attribute from mandatory attribute list in ObjectDef in Abstract Layer (helpful for AD)
fixed error when using implicit assigning in WritableEntry
added LDAPInvalidValueError Exception
in Python 3 byte filter are converted to unicode before parsing
RESPONSE_DN_ENCODING parameter renamed to ADDITIONAL_ENCODINGS
to_unicode(value, encoding=None, additional_encodings=False) now checks for additional encoodings in ADDITIONAL_ENCODINGS list if additional_encoding is set to True
Reusable strategy uses not lazy Restartable connections
new packages. Most of which are the remaining modules of the Tryton
platform which weren't packaged. The others are dependencies of the new
modules. This was tested on FreeBSD and is based in large part on Richard
Palo's (richard@) work. This is the most recent release of the Tryton
platform, version 4.2. There's a very large list of changes from the 3.8
series we have in pkgsrc. If you're interested, those functional changes
can be found here:
http://www.tryton.org/posts/new-tryton-release-42.htmlhttp://www.tryton.org/posts/new-tryton-release-40.html