------------------------------------------------------------------- Mon May 01 01:18:44 UTC 2023 - william.brown@suse.com - Update to version 1.1.0~alpha12~git0.bcdbb18: * Release 1.1.0-alpha.12 (#1588) * chore(deps): bump tokio-util from 0.7.7 to 0.7.8 (#1587) * chore(deps): bump reqwest from 0.11.16 to 0.11.17 (#1586) * chore(deps): bump tokio from 1.27.0 to 1.28.0 (#1585) * chore(deps): bump uuid from 1.3.1 to 1.3.2 (#1584) * chore(deps): bump clap from 3.2.23 to 3.2.25 (#1583) * chore(deps-dev): bump coverage from 7.2.3 to 7.2.5 in /pykanidm (#1582) * Correctly prevent start up when https sockets in use (#1579) * Filter rdns and dns for ldap filters (#1576) * use sccache, merge "test" actions into "build", remove homebrew caching (#1578) * Cleanup incorrect log errors of denied entries (#1577) * 20230424 clippppppppppppyyyyyyyy (#1574) * Add exclusive process lock to Kanidm to prevent accidental duplicate commands. (#1575) * more more more unixd build fixes (#1573) * chore(deps-dev): bump mkdocs-material from 9.1.7 to 9.1.8 in /pykanidm (#1572) * chore(deps): bump openssl from 0.10.51 to 0.10.52 (#1571) * chore(deps): bump openssl-sys from 0.9.86 to 0.9.87 (#1570) * chore(deps-dev): bump ruff from 0.0.262 to 0.0.263 in /pykanidm (#1569) * more-merge unixd commands (#1568) * Consolidate unix tools (#1566) * 1553 pam remote or local detection (#1565) * chore(deps): bump openssl from 0.10.50 to 0.10.51 (#1563) * Improve user experince of refreshing with intent tokens during cred update (#1556) * chore(deps): bump tracing-subscriber from 0.3.16 to 0.3.17 (#1562) * chore(deps): bump regex from 1.7.3 to 1.8.1 (#1561) * chore(deps): bump libc from 0.2.141 to 0.2.142 (#1560) * chore(deps-dev): bump ruff from 0.0.261 to 0.0.262 in /pykanidm (#1559) * chore(deps-dev): bump mkdocs-material from 9.1.6 to 9.1.7 in /pykanidm (#1558) * chore(deps): bump actions/upload-artifact from 1 to 3 (#1557) * Fix incompatible future warnings by removing older crates (#1554) * 20230330 oauth2 refresh tokens (#1502) * Sorting documentation builds (#1551) * Add troubleshooting step for pam home dirs (#1550) * AuthSession non empty vec part 2 (#1543) * chore(deps): bump openssl from 0.10.49 to 0.10.50 (#1548) * chore(deps): bump serde from 1.0.159 to 1.0.160 (#1547) * chore(deps): bump syn from 2.0.13 to 2.0.15 (#1546) * chore(deps): bump serde_json from 1.0.95 to 1.0.96 (#1545) * chore(deps-dev): bump pytest from 7.3.0 to 7.3.1 in /pykanidm (#1544) * chore(deps): bump h2 from 0.3.15 to 0.3.17 (#1540) * Improve unicode control character detection (#1539) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1533) * chore(deps-dev): bump mypy from 1.0.1 to 1.2.0 in /pykanidm (#1532) * chore(deps): bump filetime from 0.2.20 to 0.2.21 (#1529) * chore(deps-dev): bump mkdocstrings from 0.20.0 to 0.21.2 in /pykanidm (#1536) * chore(deps-dev): bump mkdocs-material from 9.1.5 to 9.1.6 in /pykanidm (#1535) * chore(deps-dev): bump ruff from 0.0.260 to 0.0.261 in /pykanidm (#1534) * chore(deps-dev): bump coverage from 7.2.2 to 7.2.3 in /pykanidm (#1530) * chore(deps): bump uuid from 1.3.0 to 1.3.1 (#1531) * chore(deps): bump syn from 2.0.12 to 2.0.13 (#1527) * chore(deps): bump dialoguer from 0.10.3 to 0.10.4 (#1526) * chore(deps-dev): bump pytest from 7.2.2 to 7.3.0 in /pykanidm (#1528) * chore(deps): bump libc from 0.2.140 to 0.2.141 (#1525) * chore(deps): bump fernet from 0.2.0 to 0.2.1 (#1524) * Authsession non empty vec (#1522) * chore(deps-dev): bump ruff from 0.0.259 to 0.0.260 in /pykanidm (#1506) * chore(deps-dev): bump mkdocs-material from 9.1.4 to 9.1.5 in /pykanidm (#1510) * chore(deps): bump serde from 1.0.158 to 1.0.159 (#1515) * chore(deps): bump openssl from 0.10.48 to 0.10.49 (#1513) * chore(deps): bump tokio from 1.26.0 to 1.27.0 (#1505) * chore(deps): bump openssl-sys from 0.9.83 to 0.9.84 (#1507) * chore(deps): bump futures from 0.3.27 to 0.3.28 (#1509) * chore(deps): bump reqwest from 0.11.15 to 0.11.16 (#1517) * chore(deps-dev): bump black from 23.1.0 to 23.3.0 in /pykanidm (#1514) * changing from merge to squash (#1521) * chore(deps): bump proc-macro2 from 1.0.54 to 1.0.56 * fixing up auto-merge (#1519) * chore(deps): bump syn from 2.0.10 to 2.0.12 (#1511) * chore(deps-dev): bump types-toml from 0.10.8.5 to 0.10.8.6 in /pykanidm (#1504) * chore(deps): bump serde_json from 1.0.94 to 1.0.95 (#1516) * chore(deps): bump ldap3_proto from 0.3.1 to 0.3.2 (#1518) * chore(deps): bump syn from 1.0.109 to 2.0.10 (#1499) * Be non empty vec (#1501) * 1496 ldap basedn config (#1500) * chore(deps): bump proc-macro2 from 1.0.52 to 1.0.54 (#1494) * chore(deps): bump regex from 1.7.1 to 1.7.3 (#1491) * chore(deps): bump pydantic from 1.10.6 to 1.10.7 in /pykanidm (#1492) * chore(deps-dev): bump mkdocs-material from 9.1.3 to 9.1.4 in /pykanidm (#1487) * chore(deps): bump async-trait from 0.1.67 to 0.1.68 (#1488) * Improve string validation (#1497) * chore(deps): bump reqwest from 0.11.14 to 0.11.15 (#1493) * chore(deps-dev): bump ruff from 0.0.257 to 0.0.259 in /pykanidm (#1489) * chore(deps): bump serde from 1.0.157 to 1.0.158 (#1490) * Adding an auto-merger for dependabot updates (#1486) * Make examples in ldap chapter consistent (#1495) * 1115 priv (reauth, sudo) mode (#1479) * chore(deps): bump openssl from 0.10.47 to 0.10.48 (#1484) * Server daemon logging and exit codes (#1475) * Fix path-relative links in documentation (#1478) * chore(deps): bump openssl from 0.10.45 to 0.10.47 (#1471) * chore(deps): bump serde from 1.0.155 to 1.0.157 (#1473) * chore(deps-dev): bump mkdocs-material from 9.1.2 to 9.1.3 in /pykanidm (#1468) * chore(deps-dev): bump pylint-pydantic from 0.1.7 to 0.1.8 in /pykanidm (#1469) * chore(deps-dev): bump coverage from 7.2.1 to 7.2.2 in /pykanidm (#1463) * chore(deps-dev): bump ruff from 0.0.254 to 0.0.257 in /pykanidm (#1466) * chore(deps): bump async-trait from 0.1.66 to 0.1.67 (#1461) * chore(deps): bump whoami from 1.3.0 to 1.4.0 (#1460) * chore(deps): bump zxcvbn from 2.2.1 to 2.2.2 (#1464) * chore(deps): bump openssl-sys from 0.9.80 to 0.9.82 (#1470) * chore(deps-dev): bump pytest-asyncio from 0.20.3 to 0.21.0 in /pykanidm (#1459) * Add unixd exit code (#1453) * Unixd daemon improvement (#1454) * chore(deps): bump walkdir from 2.3.2 to 2.3.3 (#1458) * checks for a minimum number of arguments (#1452) * chore(deps): bump chrono from 0.4.23 to 0.4.24 (#1444) * chore(deps): bump futures from 0.3.26 to 0.3.27 (#1447) * chore(deps): bump paste from 1.0.11 to 1.0.12 (#1449) * chore(deps-dev): bump mkdocs-material from 9.1.1 to 9.1.2 in /pykanidm (#1450) * chore(deps): bump csv from 1.2.0 to 1.2.1 (#1443) * chore(deps): bump libc from 0.2.139 to 0.2.140 (#1442) * chore(deps): bump serde from 1.0.152 to 1.0.155 (#1446) * chore(deps): bump pydantic from 1.10.5 to 1.10.6 in /pykanidm (#1448) * Image fixes in the build (#1441) * Fix RADIUS docker image file permissions (#1439) * User auth token session display implementation (#1415) * RADIUS container fixes (#1424) * Update book - OAuth2 integration step (#1437) * chore(deps): bump async-trait from 0.1.64 to 0.1.66 (#1433) * Hopefully fix exp issues by making it a stable part of the access token. (#1434) * chore(deps): bump base64 from 0.13.1 to 0.21.0 (#1350) * chore(deps): bump serde_json from 1.0.93 to 1.0.94 (#1427) * chore(deps-dev): bump pytest from 7.2.1 to 7.2.2 in /pykanidm (#1431) * chore(deps-dev): bump pylint-pydantic from 0.1.6 to 0.1.7 in /pykanidm (#1430) * chore(deps-dev): bump ruff from 0.0.253 to 0.0.254 in /pykanidm (#1429) * chore(deps-dev): bump mkdocs-material from 9.0.15 to 9.1.1 in /pykanidm (#1428) * Openssl build fix (#1422) * 1399 some async cleanup (#1421) * Web UI: Sort group memberships of profile (#1410) * Update the dev docs to flow nicer (#1420) * chore(deps): bump dyn-clone from 1.0.10 to 1.0.11 (#1417) * chore(deps): bump tokio from 1.25.0 to 1.26.0 (#1418) * chore(deps-dev): bump coverage from 7.1.0 to 7.2.1 in /pykanidm (#1405) * chore(deps-dev): bump ruff from 0.0.230 to 0.0.253 in /pykanidm (#1419) * 1399 cleanup cli docs (#1413) * 1399 cleanup reorg (#1412) * 1399 cleanup (#1409) * Version output for 4 unix_int tools (#1408) * Windows build fixes (#1388) * chore(deps): bump num_enum from 0.5.10 to 0.5.11 (#1404) * chore(deps-dev): bump types-toml from 0.10.8.4 to 0.10.8.5 in /pykanidm (#1407) * chore(deps): bump syn from 1.0.107 to 1.0.109 (#1406) * chore(deps-dev): bump mkdocs-material from 9.0.13 to 9.0.15 in /pykanidm (#1403) * Mention my Recursing of the Passport (#1402) * Start to add reauth capabilities (#1398) * Add Recursive Logos (#1401) * Prevent invalidation of api tokens (#1397) * chore(deps): bump tokio-util from 0.7.4 to 0.7.7 (#1378) * chore(deps): bump web-sys from 0.3.60 to 0.3.61 (#1362) * chore(deps): bump filetime from 0.2.19 to 0.2.20 (#1375) * chore(deps): bump pydantic from 1.10.4 to 1.10.5 in /pykanidm (#1392) * chore(deps-dev): bump mkdocs-material from 9.0.12 to 9.0.13 in /pykanidm (#1394) * chore(deps): bump num_enum from 0.5.9 to 0.5.10 (#1391) * chore(deps-dev): bump types-toml from 0.10.8.3 to 0.10.8.4 in /pykanidm (#1395) * chore(deps-dev): bump mypy from 1.0.0 to 1.0.1 in /pykanidm (#1390) * chore(deps): bump csv from 1.1.6 to 1.2.0 (#1393) * chore(deps): bump base64urlsafedata from 0.1.2 to 0.1.3 (#1389) * 20230220 passkey cleanup (#1396) * 1115 store credential ids per session (#1386) * Reduce the number of cow cells in idm (#1385) * 1355 docker builds (#1384) * chore(deps): bump proc-macro2 from 1.0.50 to 1.0.51 (#1369) * Improve some small behaviours of login and key management (#1383) * 967 oauth2 implicit search (#1382) * chore(deps): bump wasm-bindgen-test from 0.3.33 to 0.3.34 (#1364) * chore(deps): bump serde_json from 1.0.91 to 1.0.93 (#1376) * chore(deps-dev): bump black from 22.12.0 to 23.1.0 in /pykanidm (#1367) * chore(deps-dev): bump pylint-pydantic from 0.1.5 to 0.1.6 in /pykanidm (#1351) * chore(deps-dev): bump coverage from 7.0.5 to 7.1.0 in /pykanidm (#1352) * 20230130 hackweek replication (#1358) * Improve some diagnostic messages in console (#1381) * chore(deps): bump docker/build-push-action from 3 to 4 (#1360) * chore(deps): bump aiohttp from 3.8.3 to 3.8.4 in /pykanidm (#1377) * chore(deps-dev): bump mypy from 0.991 to 1.0.0 in /pykanidm (#1380) * chore(deps): bump uuid from 1.2.2 to 1.3.0 (#1368) * chore(deps-dev): bump mkdocs-material from 9.0.6 to 9.0.12 in /pykanidm (#1379) * chore(deps-dev): bump types-toml from 0.10.8.1 to 0.10.8.3 in /pykanidm (#1374) * chore(deps): bump cryptography from 39.0.0 to 39.0.1 in /pykanidm (#1371) * Update release docs to prevent forgetting a release step (#1370) * 1355 docker builds (#1357) * Update to 12 dev (#1356) ------------------------------------------------------------------- Fri Apr 14 00:02:31 UTC 2023 - William Brown - bsc#1210356 - CVE-2023-26964 - hyper,h2: stream stacking when H2 processing HTTP2 RST_STREAM frames ------------------------------------------------------------------- Tue Feb 14 01:43:11 UTC 2023 - William Brown - Automatic update of vendored dependencies ------------------------------------------------------------------- Wed Feb 01 03:34:08 UTC 2023 - william.brown@suse.com - Update to version 1.1.0~alpha11~git0.d3a2a6b: * Release 1.1.0-alpha.11 (#1354) * 20230128 protected to access (#1349) * 20230125 pre rel cleanup (#1348) * 20230125 pre rel cleanup (#1347) * Allow multiple backends to run in parallel for repl tests (#1346) * 20230121 access improvement (#1345) * Fix debian build path (#1331) * Windows-related build fixes (#1344) * chore(deps): bump gloo-net from 0.2.5 to 0.2.6 (#1338) * chore(deps-dev): bump mkdocstrings from 0.19.1 to 0.20.0 in /pykanidm (#1334) * making the robots easier and happier (#1343) * chore(deps): bump tokio from 1.24.1 to 1.24.2 (#1340) * chore(deps): bump toml from 0.5.10 to 0.5.11 (#1337) * chore(deps): bump proc-macro2 from 1.0.49 to 1.0.50 (#1332) * chore(deps): bump reqwest from 0.11.13 to 0.11.14 (#1333) * chore(deps): bump async-trait from 0.1.61 to 0.1.62 (#1335) * 2023 orca improve (#1342) * Adding healthcheck functionality to kanidmd (#1330) * less lint more bark, ruff ruff (#1341) * 1121 SCIM import totp freeipa (#1328) * 1121 multiple totp (#1325) * chore(deps-dev): bump pylint from 2.15.9 to 2.15.10 in /pykanidm (#1324) * chore(deps-dev): bump mkdocs-material from 9.0.3 to 9.0.5 in /pykanidm (#1322) * chore(deps-dev): bump coverage from 7.0.4 to 7.0.5 in /pykanidm (#1323) * chore(deps-dev): bump pytest from 7.2.0 to 7.2.1 in /pykanidm (#1318) * chore(deps): bump regex from 1.7.0 to 1.7.1 (#1316) * chore(deps): bump ldap3_client from `2c9dc31` to `b3c7653` (#1320) * chore(deps-dev): bump pook from 1.0.2 to 1.1.1 in /pykanidm (#1319) * chore(deps): bump dialoguer from 0.10.2 to 0.10.3 (#1317) * Fix ldap vattr search (#1315) * Spell checking and stuff (#1314) * Bump coverage from 7.0.1 to 7.0.4 in /pykanidm (#1311) * Bump mkdocstrings-python from 0.8.2 to 0.8.3 in /pykanidm (#1313) * Bump async-trait from 0.1.60 to 0.1.61 (#1310) * Bump mkdocs-material from 8.5.11 to 9.0.3 in /pykanidm (#1312) * Update yew to 0.20 (#1308) * Bump tokio from 1.23.0 to 1.24.1 (#1309) * Cleanup references to sqlite, add a FAQ section (#1307) * Bump serde from 1.0.151 to 1.0.152 (#1303) * Bump whoami from 1.2.3 to 1.3.0 (#1304) * Bump pydantic from 1.10.2 to 1.10.4 in /pykanidm (#1305) * Fix the book again (#1302) * 20221224 cleanup (#1300) * Bump scim_proto from `cb147c8` to `b5a392f` (#1294) * Bump openssl from 0.10.44 to 0.10.45 (#1295) * Bump openssl-sys from 0.9.79 to 0.9.80 (#1296) * docs: reformat book and introduce workflow to ensure it stays formatted (#1286) * Bump libc from 0.2.138 to 0.2.139 (#1292) * Bump ldap3_proto from `5149451` to `2c9dc31` (#1297) * Bump coverage from 6.5.0 to 7.0.1 in /pykanidm (#1298) * feat(kanidmd): add ldap support for mail primary and alternative address (#1287) * chore(make): co-locate .PHONY declaration and target (#1291) * Can’t build designs private documentation (#1289) * 20221221 sync deploy (#1285) * Bump serde from 1.0.150 to 1.0.151 (#1276) * 20221219 sync polish (#1284) * Bump async-trait from 0.1.59 to 0.1.60 (#1278) * Bump toml from 0.5.9 to 0.5.10 (#1280) * Bump dyn-clone from 1.0.9 to 1.0.10 (#1282) * Bump serde_json from 1.0.89 to 1.0.91 (#1275) * Bump mkdocstrings from 0.19.0 to 0.19.1 in /pykanidm (#1277) * feat(oauth2): add support for a 'groups' claim (#1272) * Bump paste from 1.0.9 to 1.0.11 (#1279) * Bump syn from 1.0.105 to 1.0.107 (#1283) * Bump quote from 1.0.21 to 1.0.23 (#1281) * Bump pylint from 2.15.8 to 2.15.9 in /pykanidm (#1274) * Bump proc-macro2 from 1.0.47 to 1.0.49 (#1273) * 20221216 a little cleanup as a treat (#1266) * fix(make): improve help output and solve warnings (#1269) * fix: set executable flag for shell scripts (#1268) * chore: add jceb to list of contributors (#1267) * docs: correct LDAP DN for token authentication (#1263) * docs: correct command for generating a password (#1261) * docs: replace kanidm account with kanidm person (#1262) * docs: unify representation of dn=token (#1264) * docs: fix link to oauth2 documentation (#1260) * 20221123 iam migration work (#1258) * fix(oauth2): use the short name in the userinfo (#1259) * Bump serde from 1.0.148 to 1.0.150 (#1257) * Bump authlib from 1.1.0 to 1.2.0 in /pykanidm (#1255) * Bump pytest-asyncio from 0.20.2 to 0.20.3 in /pykanidm (#1254) * Bump openssl from 0.10.43 to 0.10.44 (#1251) * Bump certifi from 2022.9.24 to 2022.12.7 in /pykanidm (#1247) * Bump tokio from 1.22.0 to 1.23.0 (#1249) * Bump pylint from 2.15.7 to 2.15.8 in /pykanidm (#1253) * Bump black from 22.10.0 to 22.12.0 in /pykanidm (#1256) * Bump filetime from 0.2.18 to 0.2.19 (#1248) * Bump libc from 0.2.137 to 0.2.138 (#1243) * Bump serde from 1.0.147 to 1.0.148 (#1242) * Bump gloo-net from 0.2.4 to 0.2.5 (#1244) * Bump syn from 1.0.103 to 1.0.105 (#1240) * Bump async-trait from 0.1.58 to 0.1.59 (#1239) * Bump pylint from 2.15.6 to 2.15.7 in /pykanidm (#1246) * Bump mkdocs-material from 8.5.10 to 8.5.11 in /pykanidm (#1245) * Improve ldap sections (#1218) * Bump openssl from 0.10.42 to 0.10.43 (#1235) * Bump serde_json from 1.0.88 to 1.0.89 (#1238) * Bump bytes from 1.2.1 to 1.3.0 (#1236) * Bump jetli/wasm-pack-action from 0.3.0 to 0.4.0 (#1231) * Bump rpassword from 7.1.0 to 7.2.0 (#1233) * Add new mail read group (#1224) * fixing up automation (#1230) * Add signal trapping for a variety of signals (#1223) * docs tweaks, renaming integrations (#1228) * Add ability to bind with token with a dn=token marker (#1225) * 20221121 debug webui (#1217) * Cargo updates (#1219) * Bump reqwest from 0.11.12 to 0.11.13 (#1210) * Abstract webauthn authenticator access, and use Windows API on Windows (#1203) * 20221116 oauth2 app portal 2 (#1201) * Bump pylint from 2.15.5 to 2.15.6 in /pykanidm (#1216) * Bump serde_json from 1.0.87 to 1.0.88 (#1212) * Bump tokio from 1.21.2 to 1.22.0 (#1213) * Bump mkdocstrings-python from 0.8.0 to 0.8.2 in /pykanidm (#1215) * Bump mypy from 0.990 to 0.991 in /pykanidm (#1214) * 20221116 oauth2 app portal (#1200) * Bump pytest-asyncio from 0.20.1 to 0.20.2 in /pykanidm (#1194) * 1116 UI hints (#1199) * Reword security keys (#1196) * Bump mkdocs-material from 8.5.8 to 8.5.10 in /pykanidm (#1193) * remove pam tester (#1197) * Bump mkdocstrings-python from 0.7.1 to 0.8.0 in /pykanidm (#1195) * Bump types-toml from 0.10.8 to 0.10.8.1 in /pykanidm (#1192) * Bump mypy from 0.982 to 0.990 in /pykanidm (#1191) * Bump chrono from 0.4.22 to 0.4.23 (#1188) * Bump actions/dependency-review-action from 2 to 3 (#1187) * Bump base64urlsafedata from 0.1.1 to 0.1.2 (#1190) * Workflow tweaks (#1186) * 1116 UI hint (#1185) * 613 oauth2 logout (#1184) * started working on fixing a log issue and chased some clippy lints (#1182) * 20221103 ipa import driver (#1180) * Review oauth2 best practices document (#1181) * Add tools container support (#1178) * improve webauthn errors (#1179) * Add version header and warnings (#1175) * Bump mkdocs-material from 8.5.7 to 8.5.8 in /pykanidm (#1173) * Bump mkdocs from 1.4.1 to 1.4.2 in /pykanidm (#1174) * Bump regex from 1.6.0 to 1.7.0 (#1172) * Improve handling of openssl3 in md4 tests (#1171) * Add /etc/skel templating and notes adjacent to kanidm-unixd and packaging (#1113) * Further test improvements (#1166) * Setup for next dev cycle (#1165) ------------------------------------------------------------------- Wed Nov 09 21:48:25 UTC 2022 - william.brown@suse.com - Update to version 1.1.0~alpha10~git2.4a03ca5: * Add tools container support (#1178) * Improve handling of openssl3 in md4 tests (#1171) ------------------------------------------------------------------- Tue Nov 1 04:31:58 UTC 2022 - William Brown - Update to kanidm 1.1.0-alpha.10 * Management and tracking of authenticated sessions * Make upgrade migrations more robust when upgrading over multiple versions * Add support for service account tokens via ldap for extended read permissions * Unix password management in web ui for posix accounts * Support internal dynamic group entries * Allow selection of name/spn in oidc claims * Admin UI wireframes and basic elements * TLS enforced as a requirement for all servers * Support API service account tokens * Make name rules stricter due to issues found in production * Improve Oauth2 PKCE testing * Add support for new password import hashes * Allow configuration of trusting x forward for headers * Components for account permission elevation modes * Make pam\_unix more robust in high latency environments * Add proc macros for test cases * Improve authentication requests with cookie/token seperation * Cleanup of expired authentication sessions * Improved administration of password badlists ------------------------------------------------------------------- Fri Sep 09 02:33:47 UTC 2022 - william.brown@suse.com - Update to version 1.1.0~alpha9~git6.b20d5312: * Resolve upgrade in place error with cbor to json (#1028) ------------------------------------------------------------------- Fri Aug 26 06:03:26 UTC 2022 - william.brown@suse.com - Update to version 1.1.0~alpha9~git5.98546259: * Remove dependency on git webauthn authentication versions ------------------------------------------------------------------- Fri Aug 26 04:28:35 UTC 2022 - william.brown@suse.com - Update to version 1.1.0~alpha9~git4.33b4e11b: * Resolve issue with migration application order (#986) ------------------------------------------------------------------- Tue Aug 02 04:58:28 UTC 2022 - william.brown@suse.com - Update to version 1.1.0~alpha9~git2.ebab6c5f: * Fix cargo.lock + Docker * Fixing the Github Actions Kanidmd build (#963) * (cargo-release) version 1.1.0-alpha.9 (#962) * Improve radius to support eap-tls with ca-dir (#957) * A pile of Wasm UI tweaks (#958) * Bump types-requests from 2.28.3 to 2.28.6 in /kanidm_rlm_python (#960) * Update validator requirement from ^0.15.0 to ^0.16.0 (#959) * Bump types-requests from 2.28.3 to 2.28.6 in /pykanidm (#961) * 383 164 authentication updates 9 (#956) * Update libsqlite3-sys requirement from 0.24.2 to 0.25.0 in /kanidm_unix_int (#929) ------------------------------------------------------------------- Sun May 01 05:33:09 UTC 2022 - william.brown@suse.com - Update to version 1.1.0~alpha8~git1.980f358d: * Push some missed bits to documents * (cargo-release) version 1.1.0-alpha.8 * 20220501 fix logging (#730) * ref #725 - updated comment to note it's still failing (#727) * Remove async references (#724) * 383 170 164 authentication updates 3 (#723) * Making the login path nicer, dev scripting (#721) * Tweak docs generation... (#722) * Docs updates to push all tagged versions + dev (#720) * 20220427 dependency updates (#718) ------------------------------------------------------------------- Tue Apr 5 05:35:55 UTC 2022 - William Brown - Automatic update of vendored dependencies ------------------------------------------------------------------- Mon Mar 14 06:58:28 UTC 2022 - william.brown@suse.com - Update to resolve bsc#1196972 CVE-2022-24713 - Regex DOS ------------------------------------------------------------------- Fri Jan 07 00:59:36 UTC 2022 - wbrown@suse.de - resolve bsc#1194119 (CVE-2021-45710) ------------------------------------------------------------------- Fri Dec 31 00:11:55 UTC 2021 - wbrown@suse.de - Update to version 1.1.0~alpha7~git0.c8468199: * (cargo-release) version 1.1.0-alpha.7 * Pre-release update and cleanup (#631) * Improve autofocus to oauth2 (#630) * Finalise email changes for oidc (#629) * Temp use env filter (#628) * 20211216 tracing cleanup (#627) * Art attribution * Refactor of value and addition of base types for business attributes (#626) * Add xmas logo * Add rinstall file (#625) ------------------------------------------------------------------- Fri Oct 01 02:10:02 UTC 2021 - wbrown@suse.de - bsc#1191031 - use _pam_moduledir in spec macros - Update to version 1.1.0~alpha6~git0.c9f4b1d: * (cargo-release) version 1.1.0-alpha.6 * Added an interactive cli dialog to kanidm login (#584) * Add support for storing security token key in domain config (#581) * Remove auditscope for tracing (#580) * Entry Arc Tracking to reduce memory footprint (#579) * Rewrite how we store the internals of valuesets in entries (#578) * Improving logging and docs around unixd/PAM/NSS (#577) * Swap to tide-openssl (#575) * Start to remove audit scope :) (#574) * Fix io capture in tests (#573) ------------------------------------------------------------------- Wed Jul 07 02:36:51 UTC 2021 - wbrown@suse.de - Update to version 1.1.0~alpha5~git0.4be329e: * (cargo-release) version 1.1.0-alpha.5 * Release prep * Fix totp registration workflow with broken authenticators (#516) * Add statistical analysis to indexes (#505) * 511 upgrade failure - add debuging tools and improve debugging of the issue. (#512) * fixes #503 - TOTP prompt no longer drops a newline (#515) * Fixing kanidm windows client build (#507) * Add the ability to configure and provide Oauth2 authentication for Kanidm. (#485) * Change default totp to sha256 (#504) * Fixes #494 - password change user-facing responses (#499) * Fix readonly check (#496) * Update webauthn-authenticator-rs to fix test failures (#493) * Update repo locations and versions in prep for release (#492) * Add workaround for podman subid issue (#491) * 163 account recovery code (#469) * check user shell (#392) (#490) * Removed `OperationResponse` (#489) * Set default shell to `bin/sh` (#488) * 20210607 orca ldap (#470) * `kanidm_client` bool/return values (#479) * Arc cachesize warning fixes (#483) * Closure Refactoring (#482) * Renamed fields in `dbvalue` (#477) * 471 add service files (#474) * fixes #478 - adds note about web ui already being packaged (#480) * unixd will now bail if startup tests fail (#476) * Add email syntax (#465) * Add some openid stubs (#464) * Add auth docs (#463) * 64 120 session claims (#462) * Add ldap vattr mapping (#459) * Fix for unixd issue (#460) * 414 clear stale credentials (#447) * Fix multivalue setting of description attribute (#457) * 445 update pam nsswitch md (#451) * simpler ip logging (#454) * I might have become clippy this time (#449) * Calming clippy's nerves, Friday edition (#448) * 444 - client's config URI missing and more file open handling (#446) * Fix proxy usage in tests (#443) * This allows TOTP to accept an OTP that is one step behind AKA the previous TOTP (#442) * oauth design (#441) * Adding an example config file (#440) * adding env vars, making clippy happier, cleaning up some error messages (#438) * 20210509 cleanup clippy and audit name (#437) * 277 radius pw not accept for main pw (#435) * Orca - a load testing framework for Kanidm (#431) * Add verification of name indexes (#433) * Add ability to pick a server role (#432) * Adding a new verb group remove_members (#434) * 397 Caching password badlist (#425) * User feedback improvements, also handling a permissions issue (#424) * Fix concat issue * Update contributors * Making clippy happy (#420) * Fix 421 - clearer debug messages when doing things (#422) * 62 idm qs cleanup (#419) * Rough working login page (#417) * Make clippy happy (#415) * More debug messages (#413) * merging upstream (#411) * Improve error message when socket not found (#412) * Idlset2, query cache, acp resolve cache (#409) * Add lto thin (#410) * fixing broken action (#405) * Basic documentation for monitoring (#404) * Create design for mfa_backup_code.rst (#402) * phrasing (#401) * Docs update (#400) - Remove un-needed source files: * kanidm-unixd-tasks.service * kanidm-unixd.service * kanidmd.service * server.toml ------------------------------------------------------------------- Thu Jun 24 02:54:31 UTC 2021 - wbrown@suse.de - Update to version 1.1.0~alpha4~git54.675146e: * check user shell (#392) (#490) * Removed `OperationResponse` (#489) * Set default shell to `bin/sh` (#488) * 20210607 orca ldap (#470) * `kanidm_client` bool/return values (#479) * Arc cachesize warning fixes (#483) * Closure Refactoring (#482) ------------------------------------------------------------------- Wed Jun 16 02:38:11 UTC 2021 - wbrown@suse.de - Update to version 1.1.0~alpha4~git47.5e83b68: * Renamed fields in `dbvalue` (#477) * 471 add service files (#474) * fixes #478 - adds note about web ui already being packaged (#480) * unixd will now bail if startup tests fail (#476) * Add email syntax (#465) * Add some openid stubs (#464) * Add auth docs (#463) * 64 120 session claims (#462) * Add ldap vattr mapping (#459) ------------------------------------------------------------------- Thu May 27 11:18:43 UTC 2021 - wbrown@suse.de - Update to version 1.1.0~alpha4~git38.d978c9d: * Fix for unixd issue (#460) ------------------------------------------------------------------- Wed May 26 06:12:04 UTC 2021 - wbrown@suse.de - Update to version 1.1.0~alpha4~git37.e8b1089: * 414 clear stale credentials (#447) * Fix multivalue setting of description attribute (#457) * 445 update pam nsswitch md (#451) * simpler ip logging (#454) * I might have become clippy this time (#449) * Calming clippy's nerves, Friday edition (#448) * 444 - client's config URI missing and more file open handling (#446) * Fix proxy usage in tests (#443) * This allows TOTP to accept an OTP that is one step behind AKA the previous TOTP (#442) * oauth design (#441) * Adding an example config file (#440) * adding env vars, making clippy happier, cleaning up some error messages (#438) * 20210509 cleanup clippy and audit name (#437) * 277 radius pw not accept for main pw (#435) * Orca - a load testing framework for Kanidm (#431) * Add verification of name indexes (#433) * Add ability to pick a server role (#432) * Adding a new verb group remove_members (#434) * 397 Caching password badlist (#425) * User feedback improvements, also handling a permissions issue (#424) * Fix concat issue * Update contributors * Making clippy happy (#420) * Fix 421 - clearer debug messages when doing things (#422) * 62 idm qs cleanup (#419) * Rough working login page (#417) * Make clippy happy (#415) * More debug messages (#413) * merging upstream (#411) * Improve error message when socket not found (#412) * Idlset2, query cache, acp resolve cache (#409) * Add lto thin (#410) * fixing broken action (#405) * Basic documentation for monitoring (#404) * Create design for mfa_backup_code.rst (#402) * phrasing (#401) * Docs update (#400) ------------------------------------------------------------------- Thu Apr 01 01:11:04 UTC 2021 - wbrown@suse.de - Update to version 1.1.0~alpha4~git0.0ac5da8: * Performance Improvements * TOTP CLI enrollment * Jemalloc in main server instead of system allocator * Command line completion * TLS file handling improvements * Webauthn authentication and enrollment on CLI * Add db vacuum task * Unix tasks daemon that automatically creates home directories * Support for sk-ecdsa public ssh keys * Badlist checked at login to determine account compromise * Minor Fixes for attribute display ------------------------------------------------------------------- Mon Dec 28 00:15:25 UTC 2020 - wbrown@suse.de - Update to version v1.1.0alpha.3~git0.b34c893: * (cargo-release) version 1.1.0-alpha.3 * release notes * Update Dependencies * Unixd - NXCache of unknown items (#338) * WIP - Improve Auth Proto to Support Webauthn (#333) * Follow up on ci fixes * Add port verification to start server in kanidm_client tests * Update CI base image to ubuntu 20.04 * Add libudev to ci * 13 135 webauthn support (#332) * Change root user check to warning due to container run times (#328) * Fixes #324 account softlocking and rate limiting (#326) * Add passpoint link * Update tumbleweed docs * Account valid-from and expiry (#322) ------------------------------------------------------------------- Thu Oct 01 00:19:19 UTC 2020 - wbrown@suse.de - Update to version v1.1.0alpha.2~git0.764e727: * Update * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * gitignore * Update Release Notes * 250 cookie to auth bearer (#321) * 259 reduce clones (#319) * Xxx clippy outdated (#318) * 314 improve async (#316) * Update README.md * On login pw upgrade (#315) * Add python3 support to radius * Dynamic crypto rounds (#311) * tweak book chapter * 67 resource limits impl (#307) * Update based on review * Apply suggestions from code review * doc * Build improvements * Support zfs page size * V large cleanup * Cleanup and improve client error handling * Improve server hardening * Update deps + add simd support in container * Add FAQ + eap selection * Minor updates * tweak release steps ------------------------------------------------------------------- Mon Aug 3 00:38:29 UTC 2020 - William Brown - Initial Commit