source-changes: CVS commit: pkgsrc

Subject: CVS commit: pkgsrc
To: None <source-changes@netbsd.org>
From: Klaus Klein <kleink@netbsd.org>
List: source-changes
Date: 12/14/2000 14:27:52
Module Name:	pkgsrc
Committed By:	kleink
Date:		Thu Dec 14 12:27:52 UTC 2000

Modified Files:
	pkgsrc/www/ap-auth-ldap: Makefile
	pkgsrc/www/ap-auth-ldap/files: md5
	pkgsrc/www/ap-auth-ldap/pkg: PLIST

Log Message:
Update ap-auth-ldap to 1.5.2; changelog excerpt below.

Changes Between Major Revisions

  Changes from 1.4 to 1.6

     * All changes and bugfixes in the 1.4 releases.
     * Completely rewrote the LDAP caching algorithms (see [1]the
       documentation on caching for more information). Here are the
       highlights of the changes:
          + All cache sizes are measured in terms of cache entries.
            Warning!! This affects the AuthLDAPCacheSize directive!! In
            version 1.4 and before, this directive specified the size in
            megabytes. Now, it specifies the size in cache entri es. If
            you currently have this directive in a config file, it is
            probably set way too high, and will use a significant amount
            of server memory.
          + Deprecated the AuthLDAPCacheCompareOps directive. Apache will
            still accept the directive, but it has no effect, other than
            to generate a warning in the Apache logs.
          + The cache no longer grows without bounds. For servers with a
            very active cache, this should make a big difference with
            memory usage.
          + No longer use the cache management routines from the LDAP
            SDK. All LDAP operations are now cached, using a cache that's
            specially designed for auth_ldap's authentication methods.
          + If Apache has been compiled with MM support and auth_ldap has
            been compiled with -DWITH_SHARED_LDAP_CACHE then the cache is
            shared across all server instances.
          + Added a content handler that can be used to display the cache
            statistics. To use it, add the following directives:
<Location /server/auth-ldap-info>
  SetHandler auth-ldap-info
</Location>
     * Added support for a require dn directive, and a
       AuthLDAPCompareDNOnServer directive. See the documentation for
       more information.
     * auth_ldap now allows the user to specify any attribute when
       checking for group membership, by using the AuthLDAPGroupAttribute
       directive. If this directive is not specified, the default
       continues to be member and uniqueMember. Patch courtesy of
       Graham Leggett.
     * Added another directive, AuthLDAPGroupAttributeIsDN, which says
       whether to use the DN that was retrieved from the LDAP search, or
       to use the username passed by the client when doing group
       authorization. This directive, in conjuction with the previous
       one, allows us to use things like posixGroups for checks:
AuthLDAPGroupAttribute memberuid
AuthLDAPGroupAttributeIsDN off
             * Ensure that auth_ldap will follow referrals under
       OpenLDAP. This behavior was turned off in previous versions.
     * Allow auth_ldap to dereference aliases, using the new
       AuthLDAPDereferenceAliases directive. By default, this directive
       is set to always.
     * Now use ldap_init() when using OpenLDAP. Unless your OpenLDAP is
       really old, this probably won't affect you.


To generate a diff of this commit:
cvs rdiff -r1.4 -r1.5 pkgsrc/www/ap-auth-ldap/Makefile
cvs rdiff -r1.1.1.1 -r1.2 pkgsrc/www/ap-auth-ldap/files/md5
cvs rdiff -r1.1.1.1 -r1.2 pkgsrc/www/ap-auth-ldap/pkg/PLIST

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.