Skip to content

Releases: OneIdentity/mod_auth_vas

mod_auth_vas4-4.0.2.4

Choose a tag to compare

@JaysonHurst JaysonHurst released this 17 Aug 17:52
  • Updates to work with QAS 4.2 api
  • Added ability on ubuntu to optionally let user enable vas module loading
  • Updated the mav setup script to support rerunning on failure.
  • Cleaned up compiler warnings
  • Use apache2ctl if it exists instead of apache2 when gathering information about the installed apache.

mod_auth_vas-3.6.8.5

Choose a tag to compare

@JaysonHurst JaysonHurst released this 05 Feb 17:02

Updated to work with QAS 4.2.1 api

mod_auth_vas-3.6.8.4

Choose a tag to compare

@TylerReese TylerReese released this 18 May 02:28
  • Added a negative group cache for invalid group name lookups. Bug# 851
  • Updated group lookups to use new API call provided in QAS 4.0.1.X to fix an issue with group LDAP lookups failing when QAS isn't joined to an Active Directory domain.

mod_auth_vas4-4.0.2.3

Choose a tag to compare

@TylerReese TylerReese released this 18 May 02:09
  • No longer add /etc//conf.d dir to rpm packages, only include the actual file from conf.d. This is to resolve conflicts on RHEL7 with the httpd package. Bug# 861
  • Set the environment variable KRB5RCACHETYPE to none by default.

mod_auth_vas4-4.0.2.2

Choose a tag to compare

@TylerReese TylerReese released this 18 May 02:08
  • Added a negative group cache for invalid group name lookups. Bug# 851
  • Updated group lookups to use new API call provided in QAS 4.0.1.21408 to fix an issue with group LDAP lookups failing when QAS isn't joined to an Active Directory domain. QAS Bug# 412110
  • Clear VAS ctx error messages after each group lookup in authz_vas_unixgroup_check_authorization. Bug# 852

mod-auth-vas-4-4.0.2.1

Choose a tag to compare

@TylerReese TylerReese released this 18 May 02:07
  • No longer write out trace debug by default. Must be recompiled in order to turn it on.
  • Updated configure.ac to fix issue when compiling with newer gcc

mod_auth_vas-3.6.8.3

Choose a tag to compare

@TylerReese TylerReese released this 18 May 02:30
  • Fixed configure.ac to compile with newer version of gcc.
  • Removed #define TRACE_DEBUG so trace debug will not be written out to /tmp by default.
  • Fixed an issue with the check symbol code.

mod_auth_vas4-4.0.2

Choose a tag to compare

@TylerReese TylerReese released this 18 May 02:05
  • Added ability to enable QAS API debug Bug# 848
  • AuthVasCacheSize & AuthVasCacheExpire now are merged correctly when set in both the parent and virtual host configs. Bug # 847
  • AuthVasServerPrincipal is now working correctly when set in parent config as well as virtual configs. (Bugs 845 & 846)
  • Added a new per server directive AuthVasApiDebugLevel in relation to bug# 848 to set the debug level of the QAS API logging. Logging by default will be sent to syslog with the name mod_auth_vas.
  • If AuthVasApiDebugLevel is > 2 QAS API nested log messages will be included.
  • MAV will use vas_ctx_alloc_with_flags (also returns an error) if the version of QAS supports it, otherwise vas_ctx_alloc will be used. Bug #518
  • Fixed the following issue when compiling:
    • mod_auth_vas.c:48:25: fatal error:
    • gssapi_krb5.h: No such file or directory
  • Fixed an issue where in certain scenarios like UPM mode vas may not be able to find a users samAccountName. When samAccountName cannot be found fall back to userPrincipalName Bug #849

mod_auth_vas-3.6.8.2

Choose a tag to compare

@TylerReese TylerReese released this 18 May 02:35
  • Added ability to enable QAS API debug Bug# 848
  • AuthVasCacheSize & AuthVasCacheExpire now are merged correctly when set in both the parent and virtual host configs. Bug # 847
  • AuthVasServerPrincipal is now working correctly when set in parent config as well as virtual configs.
  • Added a new per server directive AuthVasApiDebugLevel in relation to bug# 848 to set the debug level of the QAS API logging. Logging by default will be sent to syslog with the name mod_auth_vas.
  • If AuthVasApiDebugLevel is > 2 QAS API nested log messages will be included.
  • MAV will use vas_ctx_alloc_with_flags (also returns an error) if the version of QAS supports it, otherwise vas_ctx_alloc will be used. Bug #518
  • Fixed the following issue when compiling:
    • mod_auth_vas.c:48:25: fatal error:
    • gssapi_krb5.h: No such file or directory
  • Set the environment variable KRB5RCACHETYPE to none by default.

mod_auth_vas4-4.0.1

mod_auth_vas4-4.0.1 Pre-release
Pre-release

Choose a tag to compare

@TylerReese TylerReese released this 18 May 01:59
  • The -u option now works with -n in the http-get/get binary.
  • Because bug fix #831 depended on a QAS 4.0.3.177 api change this broke backwards compatibility. Added a new way to check for existing symbols in the loaded library to validate that a function exists, if not it will fall back to the old method. In regards to #831 if QAS 4.0.3.177+ is being used the new method vas_gss_auth_with_server_id will be used, all versions prior to this will use vas_gss_auth.
  • MAV package name can now be partially set from an environment variable MAVPACKAGENAME. The PolyPackage build system will look at this variable (as defined in mav.pp.in) to help determine the final name of the built MAV package.
  • Fixed misquoted CFLAGS & LDFLAGS tests.
  • Utilized a new method that was added in QAS 4.0.3.177 api called vas_gss_auth_with_server_id. New method allows us to pass in an already established vas_id_t that represents our server_id with the correct path already set for a custom keytab path that is set by AuthVasKeytabFile. Bug fix #831. Related to QAS bug 27613
  • Fixed name for loading the MAV4 module
  • Updated test-cache to work with http 2.4 - Bug fix 830
  • Changed module name from mod_auth_vas to mod_auth_vas4 and AuthType is now VAS4