rpm/kanidm
SHA256
1
0
Fork 0
forked from pool/kanidm
Code Pull Requests Activity
f981118c77
kanidm/kanidm.changes

509 lines
22 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

-------------------------------------------------------------------
Tue Feb 14 01:43:11 UTC 2023 - William Brown <william.brown@suse.com>
- Automatic update of vendored dependencies
-------------------------------------------------------------------
Wed Feb 01 03:34:08 UTC 2023 - william.brown@suse.com
- Update to version 1.1.0~alpha11~git0.d3a2a6b:
* Release 1.1.0-alpha.11 (#1354)
* 20230128 protected to access (#1349)
* 20230125 pre rel cleanup (#1348)
* 20230125 pre rel cleanup (#1347)
* Allow multiple backends to run in parallel for repl tests (#1346)
* 20230121 access improvement (#1345)
* Fix debian build path (#1331)
* Windows-related build fixes (#1344)
* chore(deps): bump gloo-net from 0.2.5 to 0.2.6 (#1338)
* chore(deps-dev): bump mkdocstrings from 0.19.1 to 0.20.0 in /pykanidm (#1334)
* making the robots easier and happier (#1343)
* chore(deps): bump tokio from 1.24.1 to 1.24.2 (#1340)
* chore(deps): bump toml from 0.5.10 to 0.5.11 (#1337)
* chore(deps): bump proc-macro2 from 1.0.49 to 1.0.50 (#1332)
* chore(deps): bump reqwest from 0.11.13 to 0.11.14 (#1333)
* chore(deps): bump async-trait from 0.1.61 to 0.1.62 (#1335)
* 2023 orca improve (#1342)
* Adding healthcheck functionality to kanidmd (#1330)
* less lint more bark, ruff ruff (#1341)
* 1121 SCIM import totp freeipa (#1328)
* 1121 multiple totp (#1325)
* chore(deps-dev): bump pylint from 2.15.9 to 2.15.10 in /pykanidm (#1324)
* chore(deps-dev): bump mkdocs-material from 9.0.3 to 9.0.5 in /pykanidm (#1322)
* chore(deps-dev): bump coverage from 7.0.4 to 7.0.5 in /pykanidm (#1323)
* chore(deps-dev): bump pytest from 7.2.0 to 7.2.1 in /pykanidm (#1318)
* chore(deps): bump regex from 1.7.0 to 1.7.1 (#1316)
* chore(deps): bump ldap3_client from `2c9dc31` to `b3c7653` (#1320)
* chore(deps-dev): bump pook from 1.0.2 to 1.1.1 in /pykanidm (#1319)
* chore(deps): bump dialoguer from 0.10.2 to 0.10.3 (#1317)
* Fix ldap vattr search (#1315)
* Spell checking and stuff (#1314)
* Bump coverage from 7.0.1 to 7.0.4 in /pykanidm (#1311)
* Bump mkdocstrings-python from 0.8.2 to 0.8.3 in /pykanidm (#1313)
* Bump async-trait from 0.1.60 to 0.1.61 (#1310)
* Bump mkdocs-material from 8.5.11 to 9.0.3 in /pykanidm (#1312)
* Update yew to 0.20 (#1308)
* Bump tokio from 1.23.0 to 1.24.1 (#1309)
* Cleanup references to sqlite, add a FAQ section (#1307)
* Bump serde from 1.0.151 to 1.0.152 (#1303)
* Bump whoami from 1.2.3 to 1.3.0 (#1304)
* Bump pydantic from 1.10.2 to 1.10.4 in /pykanidm (#1305)
* Fix the book again (#1302)
* 20221224 cleanup (#1300)
* Bump scim_proto from `cb147c8` to `b5a392f` (#1294)
* Bump openssl from 0.10.44 to 0.10.45 (#1295)
* Bump openssl-sys from 0.9.79 to 0.9.80 (#1296)
* docs: reformat book and introduce workflow to ensure it stays formatted (#1286)
* Bump libc from 0.2.138 to 0.2.139 (#1292)
* Bump ldap3_proto from `5149451` to `2c9dc31` (#1297)
* Bump coverage from 6.5.0 to 7.0.1 in /pykanidm (#1298)
* feat(kanidmd): add ldap support for mail primary and alternative address (#1287)
* chore(make): co-locate .PHONY declaration and target (#1291)
* Cant build designs private documentation (#1289)
* 20221221 sync deploy (#1285)
* Bump serde from 1.0.150 to 1.0.151 (#1276)
* 20221219 sync polish (#1284)
* Bump async-trait from 0.1.59 to 0.1.60 (#1278)
* Bump toml from 0.5.9 to 0.5.10 (#1280)
* Bump dyn-clone from 1.0.9 to 1.0.10 (#1282)
* Bump serde_json from 1.0.89 to 1.0.91 (#1275)
* Bump mkdocstrings from 0.19.0 to 0.19.1 in /pykanidm (#1277)
* feat(oauth2): add support for a 'groups' claim (#1272)
* Bump paste from 1.0.9 to 1.0.11 (#1279)
* Bump syn from 1.0.105 to 1.0.107 (#1283)
* Bump quote from 1.0.21 to 1.0.23 (#1281)
* Bump pylint from 2.15.8 to 2.15.9 in /pykanidm (#1274)
* Bump proc-macro2 from 1.0.47 to 1.0.49 (#1273)
* 20221216 a little cleanup as a treat (#1266)
* fix(make): improve help output and solve warnings (#1269)
* fix: set executable flag for shell scripts (#1268)
* chore: add jceb to list of contributors (#1267)
* docs: correct LDAP DN for token authentication (#1263)
* docs: correct command for generating a password (#1261)
* docs: replace kanidm account with kanidm person (#1262)
* docs: unify representation of dn=token (#1264)
* docs: fix link to oauth2 documentation (#1260)
* 20221123 iam migration work (#1258)
* fix(oauth2): use the short name in the userinfo (#1259)
* Bump serde from 1.0.148 to 1.0.150 (#1257)
* Bump authlib from 1.1.0 to 1.2.0 in /pykanidm (#1255)
* Bump pytest-asyncio from 0.20.2 to 0.20.3 in /pykanidm (#1254)
* Bump openssl from 0.10.43 to 0.10.44 (#1251)
* Bump certifi from 2022.9.24 to 2022.12.7 in /pykanidm (#1247)
* Bump tokio from 1.22.0 to 1.23.0 (#1249)
* Bump pylint from 2.15.7 to 2.15.8 in /pykanidm (#1253)
* Bump black from 22.10.0 to 22.12.0 in /pykanidm (#1256)
* Bump filetime from 0.2.18 to 0.2.19 (#1248)
* Bump libc from 0.2.137 to 0.2.138 (#1243)
* Bump serde from 1.0.147 to 1.0.148 (#1242)
* Bump gloo-net from 0.2.4 to 0.2.5 (#1244)
* Bump syn from 1.0.103 to 1.0.105 (#1240)
* Bump async-trait from 0.1.58 to 0.1.59 (#1239)
* Bump pylint from 2.15.6 to 2.15.7 in /pykanidm (#1246)
* Bump mkdocs-material from 8.5.10 to 8.5.11 in /pykanidm (#1245)
* Improve ldap sections (#1218)
* Bump openssl from 0.10.42 to 0.10.43 (#1235)
* Bump serde_json from 1.0.88 to 1.0.89 (#1238)
* Bump bytes from 1.2.1 to 1.3.0 (#1236)
* Bump jetli/wasm-pack-action from 0.3.0 to 0.4.0 (#1231)
* Bump rpassword from 7.1.0 to 7.2.0 (#1233)
* Add new mail read group (#1224)
* fixing up automation (#1230)
* Add signal trapping for a variety of signals (#1223)
* docs tweaks, renaming integrations (#1228)
* Add ability to bind with token with a dn=token marker (#1225)
* 20221121 debug webui (#1217)
* Cargo updates (#1219)
* Bump reqwest from 0.11.12 to 0.11.13 (#1210)
* Abstract webauthn authenticator access, and use Windows API on Windows (#1203)
* 20221116 oauth2 app portal 2 (#1201)
* Bump pylint from 2.15.5 to 2.15.6 in /pykanidm (#1216)
* Bump serde_json from 1.0.87 to 1.0.88 (#1212)
* Bump tokio from 1.21.2 to 1.22.0 (#1213)
* Bump mkdocstrings-python from 0.8.0 to 0.8.2 in /pykanidm (#1215)
* Bump mypy from 0.990 to 0.991 in /pykanidm (#1214)
* 20221116 oauth2 app portal (#1200)
* Bump pytest-asyncio from 0.20.1 to 0.20.2 in /pykanidm (#1194)
* 1116 UI hints (#1199)
* Reword security keys (#1196)
* Bump mkdocs-material from 8.5.8 to 8.5.10 in /pykanidm (#1193)
* remove pam tester (#1197)
* Bump mkdocstrings-python from 0.7.1 to 0.8.0 in /pykanidm (#1195)
* Bump types-toml from 0.10.8 to 0.10.8.1 in /pykanidm (#1192)
* Bump mypy from 0.982 to 0.990 in /pykanidm (#1191)
* Bump chrono from 0.4.22 to 0.4.23 (#1188)
* Bump actions/dependency-review-action from 2 to 3 (#1187)
* Bump base64urlsafedata from 0.1.1 to 0.1.2 (#1190)
* Workflow tweaks (#1186)
* 1116 UI hint (#1185)
* 613 oauth2 logout (#1184)
* started working on fixing a log issue and chased some clippy lints (#1182)
* 20221103 ipa import driver (#1180)
* Review oauth2 best practices document (#1181)
* Add tools container support (#1178)
* improve webauthn errors (#1179)
* Add version header and warnings (#1175)
* Bump mkdocs-material from 8.5.7 to 8.5.8 in /pykanidm (#1173)
* Bump mkdocs from 1.4.1 to 1.4.2 in /pykanidm (#1174)
* Bump regex from 1.6.0 to 1.7.0 (#1172)
* Improve handling of openssl3 in md4 tests (#1171)
* Add /etc/skel templating and notes adjacent to kanidm-unixd and packaging (#1113)
* Further test improvements (#1166)
* Setup for next dev cycle (#1165)
-------------------------------------------------------------------
Wed Nov 09 21:48:25 UTC 2022 - william.brown@suse.com
- Update to version 1.1.0~alpha10~git2.4a03ca5:
* Add tools container support (#1178)
* Improve handling of openssl3 in md4 tests (#1171)
-------------------------------------------------------------------
Tue Nov 1 04:31:58 UTC 2022 - William Brown <william.brown@suse.com>
- Update to kanidm 1.1.0-alpha.10
* Management and tracking of authenticated sessions
* Make upgrade migrations more robust when upgrading over multiple versions
* Add support for service account tokens via ldap for extended read permissions
* Unix password management in web ui for posix accounts
* Support internal dynamic group entries
* Allow selection of name/spn in oidc claims
* Admin UI wireframes and basic elements
* TLS enforced as a requirement for all servers
* Support API service account tokens
* Make name rules stricter due to issues found in production
* Improve Oauth2 PKCE testing
* Add support for new password import hashes
* Allow configuration of trusting x forward for headers
* Components for account permission elevation modes
* Make pam\_unix more robust in high latency environments
* Add proc macros for test cases
* Improve authentication requests with cookie/token seperation
* Cleanup of expired authentication sessions
* Improved administration of password badlists
-------------------------------------------------------------------
Fri Sep 09 02:33:47 UTC 2022 - william.brown@suse.com
- Update to version 1.1.0~alpha9~git6.b20d5312:
* Resolve upgrade in place error with cbor to json (#1028)
-------------------------------------------------------------------
Fri Aug 26 06:03:26 UTC 2022 - william.brown@suse.com
- Update to version 1.1.0~alpha9~git5.98546259:
* Remove dependency on git webauthn authentication versions
-------------------------------------------------------------------
Fri Aug 26 04:28:35 UTC 2022 - william.brown@suse.com
- Update to version 1.1.0~alpha9~git4.33b4e11b:
* Resolve issue with migration application order (#986)
-------------------------------------------------------------------
Tue Aug 02 04:58:28 UTC 2022 - william.brown@suse.com
- Update to version 1.1.0~alpha9~git2.ebab6c5f:
* Fix cargo.lock + Docker
* Fixing the Github Actions Kanidmd build (#963)
* (cargo-release) version 1.1.0-alpha.9 (#962)
* Improve radius to support eap-tls with ca-dir (#957)
* A pile of Wasm UI tweaks (#958)
* Bump types-requests from 2.28.3 to 2.28.6 in /kanidm_rlm_python (#960)
* Update validator requirement from ^0.15.0 to ^0.16.0 (#959)
* Bump types-requests from 2.28.3 to 2.28.6 in /pykanidm (#961)
* 383 164 authentication updates 9 (#956)
* Update libsqlite3-sys requirement from 0.24.2 to 0.25.0 in /kanidm_unix_int (#929)
-------------------------------------------------------------------
Sun May 01 05:33:09 UTC 2022 - william.brown@suse.com
- Update to version 1.1.0~alpha8~git1.980f358d:
* Push some missed bits to documents
* (cargo-release) version 1.1.0-alpha.8
* 20220501 fix logging (#730)
* ref #725 - updated comment to note it's still failing (#727)
* Remove async references (#724)
* 383 170 164 authentication updates 3 (#723)
* Making the login path nicer, dev scripting (#721)
* Tweak docs generation... (#722)
* Docs updates to push all tagged versions + dev (#720)
* 20220427 dependency updates (#718)
-------------------------------------------------------------------
Tue Apr 5 05:35:55 UTC 2022 - William Brown <william.brown@suse.com>
- Automatic update of vendored dependencies
-------------------------------------------------------------------
Mon Mar 14 06:58:28 UTC 2022 - william.brown@suse.com
- Update to resolve bsc#1196972 CVE-2022-24713 - Regex DOS
-------------------------------------------------------------------
Fri Jan 07 00:59:36 UTC 2022 - wbrown@suse.de
- resolve bsc#1194119 (CVE-2021-45710)
-------------------------------------------------------------------
Fri Dec 31 00:11:55 UTC 2021 - wbrown@suse.de
- Update to version 1.1.0~alpha7~git0.c8468199:
* (cargo-release) version 1.1.0-alpha.7
* Pre-release update and cleanup (#631)
* Improve autofocus to oauth2 (#630)
* Finalise email changes for oidc (#629)
* Temp use env filter (#628)
* 20211216 tracing cleanup (#627)
* Art attribution
* Refactor of value and addition of base types for business attributes (#626)
* Add xmas logo
* Add rinstall file (#625)
-------------------------------------------------------------------
Fri Oct 01 02:10:02 UTC 2021 - wbrown@suse.de
- bsc#1191031 - use _pam_moduledir in spec macros
- Update to version 1.1.0~alpha6~git0.c9f4b1d:
* (cargo-release) version 1.1.0-alpha.6
* Added an interactive cli dialog to kanidm login (#584)
* Add support for storing security token key in domain config (#581)
* Remove auditscope for tracing (#580)
* Entry Arc Tracking to reduce memory footprint (#579)
* Rewrite how we store the internals of valuesets in entries (#578)
* Improving logging and docs around unixd/PAM/NSS (#577)
* Swap to tide-openssl (#575)
* Start to remove audit scope :) (#574)
* Fix io capture in tests (#573)
-------------------------------------------------------------------
Wed Jul 07 02:36:51 UTC 2021 - wbrown@suse.de
- Update to version 1.1.0~alpha5~git0.4be329e:
* (cargo-release) version 1.1.0-alpha.5
* Release prep
* Fix totp registration workflow with broken authenticators (#516)
* Add statistical analysis to indexes (#505)
* 511 upgrade failure - add debuging tools and improve debugging of the issue. (#512)
* fixes #503 - TOTP prompt no longer drops a newline (#515)
* Fixing kanidm windows client build (#507)
* Add the ability to configure and provide Oauth2 authentication for Kanidm. (#485)
* Change default totp to sha256 (#504)
* Fixes #494 - password change user-facing responses (#499)
* Fix readonly check (#496)
* Update webauthn-authenticator-rs to fix test failures (#493)
* Update repo locations and versions in prep for release (#492)
* Add workaround for podman subid issue (#491)
* 163 account recovery code (#469)
* check user shell (#392) (#490)
* Removed `OperationResponse` (#489)
* Set default shell to `bin/sh` (#488)
* 20210607 orca ldap (#470)
* `kanidm_client` bool/return values (#479)
* Arc cachesize warning fixes (#483)
* Closure Refactoring (#482)
* Renamed fields in `dbvalue` (#477)
* 471 add service files (#474)
* fixes #478 - adds note about web ui already being packaged (#480)
* unixd will now bail if startup tests fail (#476)
* Add email syntax (#465)
* Add some openid stubs (#464)
* Add auth docs (#463)
* 64 120 session claims (#462)
* Add ldap vattr mapping (#459)
* Fix for unixd issue (#460)
* 414 clear stale credentials (#447)
* Fix multivalue setting of description attribute (#457)
* 445 update pam nsswitch md (#451)
* simpler ip logging (#454)
* I might have become clippy this time (#449)
* Calming clippy's nerves, Friday edition (#448)
* 444 - client's config URI missing and more file open handling (#446)
* Fix proxy usage in tests (#443)
* This allows TOTP to accept an OTP that is one step behind AKA the previous TOTP (#442)
* oauth design (#441)
* Adding an example config file (#440)
* adding env vars, making clippy happier, cleaning up some error messages (#438)
* 20210509 cleanup clippy and audit name (#437)
* 277 radius pw not accept for main pw (#435)
* Orca - a load testing framework for Kanidm (#431)
* Add verification of name indexes (#433)
* Add ability to pick a server role (#432)
* Adding a new verb group remove_members (#434)
* 397 Caching password badlist (#425)
* User feedback improvements, also handling a permissions issue (#424)
* Fix concat issue
* Update contributors
* Making clippy happy (#420)
* Fix 421 - clearer debug messages when doing things (#422)
* 62 idm qs cleanup (#419)
* Rough working login page (#417)
* Make clippy happy (#415)
* More debug messages (#413)
* merging upstream (#411)
* Improve error message when socket not found (#412)
* Idlset2, query cache, acp resolve cache (#409)
* Add lto thin (#410)
* fixing broken action (#405)
* Basic documentation for monitoring (#404)
* Create design for mfa_backup_code.rst (#402)
* phrasing (#401)
* Docs update (#400)
- Remove un-needed source files:
* kanidm-unixd-tasks.service
* kanidm-unixd.service
* kanidmd.service
* server.toml
-------------------------------------------------------------------
Thu Jun 24 02:54:31 UTC 2021 - wbrown@suse.de
- Update to version 1.1.0~alpha4~git54.675146e:
* check user shell (#392) (#490)
* Removed `OperationResponse` (#489)
* Set default shell to `bin/sh` (#488)
* 20210607 orca ldap (#470)
* `kanidm_client` bool/return values (#479)
* Arc cachesize warning fixes (#483)
* Closure Refactoring (#482)
-------------------------------------------------------------------
Wed Jun 16 02:38:11 UTC 2021 - wbrown@suse.de
- Update to version 1.1.0~alpha4~git47.5e83b68:
* Renamed fields in `dbvalue` (#477)
* 471 add service files (#474)
* fixes #478 - adds note about web ui already being packaged (#480)
* unixd will now bail if startup tests fail (#476)
* Add email syntax (#465)
* Add some openid stubs (#464)
* Add auth docs (#463)
* 64 120 session claims (#462)
* Add ldap vattr mapping (#459)
-------------------------------------------------------------------
Thu May 27 11:18:43 UTC 2021 - wbrown@suse.de
- Update to version 1.1.0~alpha4~git38.d978c9d:
* Fix for unixd issue (#460)
-------------------------------------------------------------------
Wed May 26 06:12:04 UTC 2021 - wbrown@suse.de
- Update to version 1.1.0~alpha4~git37.e8b1089:
* 414 clear stale credentials (#447)
* Fix multivalue setting of description attribute (#457)
* 445 update pam nsswitch md (#451)
* simpler ip logging (#454)
* I might have become clippy this time (#449)
* Calming clippy's nerves, Friday edition (#448)
* 444 - client's config URI missing and more file open handling (#446)
* Fix proxy usage in tests (#443)
* This allows TOTP to accept an OTP that is one step behind AKA the previous TOTP (#442)
* oauth design (#441)
* Adding an example config file (#440)
* adding env vars, making clippy happier, cleaning up some error messages (#438)
* 20210509 cleanup clippy and audit name (#437)
* 277 radius pw not accept for main pw (#435)
* Orca - a load testing framework for Kanidm (#431)
* Add verification of name indexes (#433)
* Add ability to pick a server role (#432)
* Adding a new verb group remove_members (#434)
* 397 Caching password badlist (#425)
* User feedback improvements, also handling a permissions issue (#424)
* Fix concat issue
* Update contributors
* Making clippy happy (#420)
* Fix 421 - clearer debug messages when doing things (#422)
* 62 idm qs cleanup (#419)
* Rough working login page (#417)
* Make clippy happy (#415)
* More debug messages (#413)
* merging upstream (#411)
* Improve error message when socket not found (#412)
* Idlset2, query cache, acp resolve cache (#409)
* Add lto thin (#410)
* fixing broken action (#405)
* Basic documentation for monitoring (#404)
* Create design for mfa_backup_code.rst (#402)
* phrasing (#401)
* Docs update (#400)
-------------------------------------------------------------------
Thu Apr 01 01:11:04 UTC 2021 - wbrown@suse.de
- Update to version 1.1.0~alpha4~git0.0ac5da8:
* Performance Improvements
* TOTP CLI enrollment
* Jemalloc in main server instead of system allocator
* Command line completion
* TLS file handling improvements
* Webauthn authentication and enrollment on CLI
* Add db vacuum task
* Unix tasks daemon that automatically creates home directories
* Support for sk-ecdsa public ssh keys
* Badlist checked at login to determine account compromise
* Minor Fixes for attribute display
-------------------------------------------------------------------
Mon Dec 28 00:15:25 UTC 2020 - wbrown@suse.de
- Update to version v1.1.0alpha.3~git0.b34c893:
* (cargo-release) version 1.1.0-alpha.3
* release notes
* Update Dependencies
* Unixd - NXCache of unknown items (#338)
* WIP - Improve Auth Proto to Support Webauthn (#333)
* Follow up on ci fixes
* Add port verification to start server in kanidm_client tests
* Update CI base image to ubuntu 20.04
* Add libudev to ci
* 13 135 webauthn support (#332)
* Change root user check to warning due to container run times (#328)
* Fixes #324 account softlocking and rate limiting (#326)
* Add passpoint link
* Update tumbleweed docs
* Account valid-from and expiry (#322)
-------------------------------------------------------------------
Thu Oct 01 00:19:19 UTC 2020 - wbrown@suse.de
- Update to version v1.1.0alpha.2~git0.764e727:
* Update
* (cargo-release) version 1.1.0-alpha.2
* (cargo-release) version 1.1.0-alpha.2
* (cargo-release) version 1.1.0-alpha.2
* (cargo-release) version 1.1.0-alpha.2
* (cargo-release) version 1.1.0-alpha.2
* (cargo-release) version 1.1.0-alpha.2
* (cargo-release) version 1.1.0-alpha.2
* gitignore
* Update Release Notes
* 250 cookie to auth bearer (#321)
* 259 reduce clones (#319)
* Xxx clippy outdated (#318)
* 314 improve async (#316)
* Update README.md
* On login pw upgrade (#315)
* Add python3 support to radius
* Dynamic crypto rounds (#311)
* tweak book chapter
* 67 resource limits impl (#307)
* Update based on review
* Apply suggestions from code review
* doc
* Build improvements
* Support zfs page size
* V large cleanup
* Cleanup and improve client error handling
* Improve server hardening
* Update deps + add simd support in container
* Add FAQ + eap selection
* Minor updates
* tweak release steps
-------------------------------------------------------------------
Mon Aug 3 00:38:29 UTC 2020 - William Brown <william.brown@suse.com>
- Initial Commit
View Git Blame Copy Permalink