You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@guacamole.apache.org by GitBox <gi...@apache.org> on 2020/06/25 07:49:17 UTC
[GitHub] [guacamole-website] mike-jumper opened a new pull request #80: Add draft release notes for first RC of 1.2.0.
mike-jumper opened a new pull request #80:
URL: https://github.com/apache/guacamole-website/pull/80
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [guacamole-website] mike-jumper commented on pull request #80: Add draft release notes for first RC of 1.2.0.
Posted by GitBox <gi...@apache.org>.
mike-jumper commented on pull request #80:
URL: https://github.com/apache/guacamole-website/pull/80#issuecomment-649937813
Aaaallll set.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [guacamole-website] necouchman commented on a change in pull request #80: Add draft release notes for first RC of 1.2.0.
Posted by GitBox <gi...@apache.org>.
necouchman commented on a change in pull request #80:
URL: https://github.com/apache/guacamole-website/pull/80#discussion_r445792194
##########
File path: _releases/1.2.0.md
##########
@@ -0,0 +1,405 @@
+---
+
+released: false
+title: 1.2.0
+date: 2020-06-24 02:31:09 -0700
+summary: >
+ Support for SAML 2.0, Wake-on-LAN, and easy switching between active
+ connections, numerous fixes for RDP, improvements to TOTP, database
+ support, and behavior on iOS devices.
+
+artifact-root: "https://dist.apache.org/repos/dist/dev/"
+checksum-root: "https://dist.apache.org/repos/dist/dev/"
+download-path: "guacamole/1.2.0-RC1/"
+checksum-suffixes:
+ "PGP" : ".asc"
+ "SHA-256" : ".sha256"
+
+source-dist:
+ - "source/guacamole-client-1.2.0.tar.gz"
+ - "source/guacamole-server-1.2.0.tar.gz"
+
+binary-dist:
+ - "binary/guacamole-1.2.0.war"
+ - "binary/guacamole-auth-cas-1.2.0.tar.gz"
+ - "binary/guacamole-auth-duo-1.2.0.tar.gz"
+ - "binary/guacamole-auth-header-1.2.0.tar.gz"
+ - "binary/guacamole-auth-jdbc-1.2.0.tar.gz"
+ - "binary/guacamole-auth-ldap-1.2.0.tar.gz"
+ - "binary/guacamole-auth-openid-1.2.0.tar.gz"
+ - "binary/guacamole-auth-quickconnect-1.2.0.tar.gz"
+ - "binary/guacamole-auth-saml-1.2.0.tar.gz"
+ - "binary/guacamole-auth-totp-1.2.0.tar.gz"
+
+documentation:
+ "Manual" : "/doc/1.2.0/gug"
+ "guacamole-common" : "/doc/1.2.0/guacamole-common"
+ "guacamole-common-js" : "/doc/1.2.0/guacamole-common-js"
+ "guacamole-ext" : "/doc/1.2.0/guacamole-ext"
+ "libguac" : "/doc/1.2.0/libguac"
+
+---
+
+The 1.2.0 release features support for SAML 2.0, Wake-on-LAN, and a new
+interface for easily switching between multiple active connections. The general
+behavior of the login interface has also been improved, as has the flexibility
+of the TOTP support, which may now be used even with user accounts that do not
+yet exist in the database.
+
+**The 1.2.0 release is compatible with older 1.x components.** You should
+upgrade older components to 1.2.0 when possible, however things should continue
+to work correctly in the interim:
+
+* Extensions written for older 1.x releases can be used by 1.2.0.
+* Components written for the version of the Guacamole protocol used by older
+ 1.x releases can be used with components of the 1.2.0 release.
+
+
+New features and improvements
+-----------------------------
+
+### Single sign-on with SAML 2.0
+
+Similar to existing support for CAS and OpenID Connect, Guacamole now provides
+support for SAML 2.0, allowing any identity provider implementing this standard
+to function as a source of identity.
+
+Note that this new extension only deals with determining the identity of users
+that have authenticated via SAML (and redirecting unauthenticated users to the
+configured identity provider so that they may authenticate). The details of the
+connections available to each user must be provided via another extension, such
+as the [database authentication](/doc/1.2.0/gug/jdbc-auth.html).
+
+ * [GUACAMOLE-103](https://issues.apache.org/jira/browse/GUACAMOLE-103) - SAML 2.0 support for user authentication
+
+### Wake-on-LAN
+
+Automatically activating machines using Wake-on-LAN is now supported for VNC,
+RDP, SSH, and telnet connections. Additional connection parameters are
+available which define how the Wake-on-LAN "Magic Packet" should be broadcast.
+If enabled on a connection, the "Magic Packet" will be sent before attempting
+to connect, signaling the desired machine to power up.
+
+ * [GUACAMOLE-513](https://issues.apache.org/jira/browse/GUACAMOLE-513) - Wake on LAN integration
+
+### Easy switching between multiple connections
+
+Users with access to multiple connections may now select from those connections
+within the Guacamole menu while already using another connection. The
+connection name that is displayed at the top of the Guacamole menu functions as
+a drop-down menu from which any accessible connection may be selected.
+
+Once multiple connections are running, connections that are running in the
+background appear as thumbnails in a collapsible panel on the lower-right
+corner of the screen. These thumbnails update in real-time, and clicking on a
+thumbnail will switch to that connection without disconnecting.
+
+ * [GUACAMOLE-723](https://issues.apache.org/jira/browse/GUACAMOLE-723) - Support display of multiple connections within same tab
+
+### Improved login behavior
+
+When the Guacamole login dialog is displayed, the first blank login field will
+now automatically be focused, allowing failed logins to be more easily retried.
+
+In deployments where the login process may be lengthy, such as when dependent
+on a response from a relatively slow database or LDAP server, the login form
+will now disable itself and fade out to indicate that the form has been
+submitted and the login attempt is being processed.
+
+ * [GUACAMOLE-302](https://issues.apache.org/jira/browse/GUACAMOLE-302) - Refocus relevant in-progress login fields after auth failure
+ * [GUACAMOLE-742](https://issues.apache.org/jira/browse/GUACAMOLE-742) - Display feedback while waiting for login
+
+### Using TOTP with non-database user accounts
+
+Guacamole's TOTP support can now be used alongside extensions like LDAP, so
+long as a database is also configured. The former caveat that TOTP users must
+have "Change own password" permission within the database no longer applies,
+and Guacamole's various supported databases can now be configured to
+automatically create user accounts for users that have successfully
+authenticated.
+
+ * [GUACAMOLE-708](https://issues.apache.org/jira/browse/GUACAMOLE-708) - Allow database storage of arbitrary attributes for non-database users
+
+### VNC support for usernames
+
+Guacamole now supports username/password authentication for VNC in addition to
+the standard password-only authentication. VNC servers that require a username
+in addition to a password should now be accessible using Guacamole.
+
+ * [GUACAMOLE-514](https://issues.apache.org/jira/browse/GUACAMOLE-514) - Implement additional authentication methods for VNC
+
+### Granular control of clipboard and file transfer
+
+Copy and paste can now be individually disabled by the administrator on a
+per-connection basis, allowing data transfer through the clipboard to be
+tightly restricted.
+
+File transfer has always been disabled unless explicitly enabled, however this
+support can now be enabled while also disabling download or upload, allowing
+file transfer to be restricted to a single direction.
+
+ * [GUACAMOLE-381](https://issues.apache.org/jira/browse/GUACAMOLE-381) - Allow clipboard access to be disabled
+ * [GUACAMOLE-474](https://issues.apache.org/jira/browse/GUACAMOLE-474) - Allow file upload and download to be enabled separately
+
+### Improved control of LDAP group object structure
+
+Guacamole's LDAP support now allows configuration of the type of groups used to
+dictate access. While Guacamole previously assumed use of the `groupOfNames`
+object class and its `member` attribute, other object classes like `posixGroup`
+may now be used, and their corresponding member attributes may be defined.
+
+ * [GUACAMOLE-300](https://issues.apache.org/jira/browse/GUACAMOLE-300) - Support posixGroup in LDAP Authentication and Group-based Session Admission
+
+### `guacenc` support for MPEG-4 containers
+
+The optional `guacenc` utility that is part of guacamole-server will now
+produce video within MPEG-4 container files, not just raw, containerless MPEG-4
+video streams.
+
+ * [GUACAMOLE-465](https://issues.apache.org/jira/browse/GUACAMOLE-465) - Guacenc should support libavformat
+
+### Support for SSL/TLS database connections
+
+For MySQL and PostgreSQL servers that require SSL/TLS connections, Guacamole
+now provides options to configure this. Additional properties within
+`guacamole.properties` may be specified to allow/require use of SSL, as well as
+to configure the level of certificate validation.
+
+ * [GUACAMOLE-728](https://issues.apache.org/jira/browse/GUACAMOLE-728) - Docker image unable to connect to MySQL8 docker: Public Key Retrieval Not Allowed
+
+### Support for the MariaDB JDBC driver
+
+While MySQL and MariaDB share a common origin and are generally compatible,
+their corresponding JDBC drivers have diverged, and Guacamole's MySQL/MariaDB
+support previously assumed that the MySQL driver would be used.
+
+Guacamole now supports the MariaDB version of "Connector/J" in addition to the
+MySQL version.
+
+ * [GUACAMOLE-852](https://issues.apache.org/jira/browse/GUACAMOLE-852) - Support MariaDB JDBC Driver
+
+### Support for SQL Server instance names
+
+SQL Server supports deploying multiple instances on the same server, with each
+additional instance identified its own unique name. If using SQL Server, and
+your deployment uses named instances, the name of the instance containing the
+Guacamole database can now be specified using the `sqlserver-instance` property.
+
+ * [GUACAMOLE-583](https://issues.apache.org/jira/browse/GUACAMOLE-583) - SQL Instance Strings
+
+Internationalization
+--------------------
+
+### Czech and Japanese translations of the web interface
+
+The web interface of Guacamole has been translated into Czech and Japanese.
+These languages will now be automatically selected if accessing Guacamole
+from a browser where either is set as the preferred language, and can be
+[manually selected](/doc/gug/using-guacamole.html#display-language) within
+Guacamole's preferences.
+
+ * [GUACAMOLE-821](https://issues.apache.org/jira/browse/GUACAMOLE-821) - Add Japanese translation
+ * [GUACAMOLE-781](https://issues.apache.org/jira/browse/GUACAMOLE-781) - Add Czech translation
+
+### Belgian French, Hungarian, and Latin American keymaps for RDP
+
+Keymaps have been added to better support RDP servers which use the
+Belgian French, Hungarian, or Latin American keyboard layouts. As always, bear
+in mind that [the client side of Guacamole is independent of keyboard
+layout](/faq/#does-guacamole-support-my-keyboard-layout). Additional keyboard
+layouts for RDP are mainly of benefit if:
+
+1. Your RDP server does not support Unicode events.
+2. Your RDP server is set to a keyboard layout which is not the default (US English).
+
+If your RDP server is set to US English and supports Unicode events, it should
+not be necessary to select a specific layout. The user's local keyboard should
+simply work, regardless of whether it matches the layout of the RDP server.
+
+ * [GUACAMOLE-625](https://issues.apache.org/jira/browse/GUACAMOLE-625) - Add Spanish Latam keyboard support
+ * [GUACAMOLE-837](https://issues.apache.org/jira/browse/GUACAMOLE-837) - Add RDP keymap for Hungarian keyboard layout
+ * [GUACAMOLE-901](https://issues.apache.org/jira/browse/GUACAMOLE-901) - Keyboard layout for Belgian French
+
+### Updates to the French translation of the web interface
+
+The existing French translation has been updated to take into account recent
+changes to the web interface, adding French translations for portions of text
+which previously would have been displayed in English as a fallback.
+
+ * [GUACAMOLE-759](https://issues.apache.org/jira/browse/GUACAMOLE-759) - update translation fr.json for guacamole-client
+
+Bug fixes
+---------
+
+### Regressions due to FreeRDP 2.0.0 migration
+
+Several regressions were identified following the Apache Guacamole 1.1.0
+release which were due to [the massive migration from FreeRDP 1.x to FreeRDP
+2.0.0](../1.1.0/#migration-to-freerdp-200) and primarily affected use of
+RemoteApp, Hyper-V, and VirtualBox. These regressions have now been fixed, and
+RDP connections involving these technologies should work as expected.
+
+ * [GUACAMOLE-947](https://issues.apache.org/jira/browse/GUACAMOLE-947) - Clipboard error message when connected to the RDP server
+ * [GUACAMOLE-952](https://issues.apache.org/jira/browse/GUACAMOLE-952) - Preconnection PDU support no longer works following migration to FreeRDP 2.0.0
+ * [GUACAMOLE-962](https://issues.apache.org/jira/browse/GUACAMOLE-962) - Cannot connect to VirtualBox RDP following migration to FreeRDP 2.0.0
+ * [GUACAMOLE-978](https://issues.apache.org/jira/browse/GUACAMOLE-978) - RemoteApp session to Windows Server 2016 closes after roughly 2-3 minutes
+ * [GUACAMOLE-979](https://issues.apache.org/jira/browse/GUACAMOLE-979) - RDP settings strings may be double-freed
+ * [GUACAMOLE-1053](https://issues.apache.org/jira/browse/GUACAMOLE-1053) - guacd segfaults when user actively presses keys at RDP disconnect time
+ * [GUACAMOLE-1076](https://issues.apache.org/jira/browse/GUACAMOLE-1076) - Another copy of RemoteApp is launched in case of session reconnect
+
+### Audio input behavior
+
+Following changes to the JavaScript API exposed by browsers for accessing audio
+input streams, support for audio input within Guacamole ceased to function
+correctly. This was due to:
+
+ * A change in the return type of the `navigator.mediaDevices.getUserMedia()` function
+ * Changes in Chrome's autoplay policy
+
+Both causes have been addressed, and audio input should now function correctly.
+
+ * [GUACAMOLE-732](https://issues.apache.org/jira/browse/GUACAMOLE-732) - navigator.mediaDevices.getUserMedia() returns a promises
+ * [GUACAMOLE-905](https://issues.apache.org/jira/browse/GUACAMOLE-905) - Audio input broken on Chrome
+
+### iPad and iOS 13 support
+
+Users of iOS and iPadOS mobile devices reported erratic behavior of the
+Guacamole interface following a system update, ultimately resulting in
+inability to interact with remote desktops using touch mouse emulation. These
+issues were determined to be due to changes in iOS Safari's handling of the
+browser viewport, and have been corrected by updating Guacamole's interface to
+be independent of the aspects that changed.
+
+ * [GUACAMOLE-810](https://issues.apache.org/jira/browse/GUACAMOLE-810) - Ipad screen jumps upwards while user focuses on Text Input.
+ * [GUACAMOLE-883](https://issues.apache.org/jira/browse/GUACAMOLE-883) - Touch mouse emulation no longer works as of iOS 13
+
+### Login screen behavior on Firefox
+
+When logging into Guacamole using Firefox, the "Enter" key could become
+effectively stuck if used to submit the login form. This was due to the lack of
+a corresponding `keyup` event for the key used to submit the form. This issue
+has been corrected such that any tracked keyboard state will not be maintained
+when Guacamole navigates between any of its pages.
+
+ * [GUACAMOLE-817](https://issues.apache.org/jira/browse/GUACAMOLE-817) - "Enter" key may repeat following login with Firefox
+
+### RDP keyboard behavior
+
+Guacamole's RDP support relies on dynamic keymap translation to ensure that
+keyboard behavior is always dictated by the user's own keyboard layout, not the
+keyboard layout of the RDP server. This translation did not function correctly
+when Shift and Caps Lock were combined, as the remote state of Caps Lock was
+not properly tracked.
+
+This has been corrected, and Guacamole will now automatically take Caps Lock
+into account when determining whether additional modifiers need to be pressed
+(and whether any pressed modifiers need to be released).
+
+The German keymap has also been corrected to include a definition for the
+non-dead tilde key.
+
+ * [GUACAMOLE-518](https://issues.apache.org/jira/browse/GUACAMOLE-518) - Shift incorrectly sent for uppercase letters while Caps Lock is active
+ * [GUACAMOLE-859](https://issues.apache.org/jira/browse/GUACAMOLE-859) - Incorrect Caps Lock keysym sent to Windows via RDP
+ * [GUACAMOLE-917](https://issues.apache.org/jira/browse/GUACAMOLE-917) - Key mapping for German keyboards: ~ does not work
+
+### VNC support for TLS
+
+While Guacamole will automatically use TLS for VNC servers that require it, the
+proper locking callbacks required for multithreaded use of TLS were not set,
+resulting in unstable behavior. These callbacks are now correctly specified,
+and connections to VNC servers requiring TLS should function correctly.
Review comment:
No worries, I wasn't 100% sure it actually belongs in these release notes, but it seems like it possibly may stave off a few errant JIRA issues entered when people claim that it isn't working correctly but haven't examined their libvnc version. Maybe. Or, it'll at least give us a place to point when they do...
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [guacamole-website] necouchman commented on a change in pull request #80: Add draft release notes for first RC of 1.2.0.
Posted by GitBox <gi...@apache.org>.
necouchman commented on a change in pull request #80:
URL: https://github.com/apache/guacamole-website/pull/80#discussion_r445954465
##########
File path: _releases/1.2.0.md
##########
@@ -0,0 +1,410 @@
+---
+
+released: false
+title: 1.2.0
+date: 2020-06-24 02:31:09 -0700
+summary: >
+ Support for SAML 2.0, Wake-on-LAN, and easy switching between active
+ connections, numerous fixes for RDP, improvements to TOTP, database
+ support, and behavior on iOS devices.
+
+artifact-root: "https://dist.apache.org/repos/dist/dev/"
+checksum-root: "https://dist.apache.org/repos/dist/dev/"
+download-path: "guacamole/1.2.0-RC1/"
+checksum-suffixes:
+ "PGP" : ".asc"
+ "SHA-256" : ".sha256"
+
+source-dist:
+ - "source/guacamole-client-1.2.0.tar.gz"
+ - "source/guacamole-server-1.2.0.tar.gz"
+
+binary-dist:
+ - "binary/guacamole-1.2.0.war"
+ - "binary/guacamole-auth-cas-1.2.0.tar.gz"
+ - "binary/guacamole-auth-duo-1.2.0.tar.gz"
+ - "binary/guacamole-auth-header-1.2.0.tar.gz"
+ - "binary/guacamole-auth-jdbc-1.2.0.tar.gz"
+ - "binary/guacamole-auth-ldap-1.2.0.tar.gz"
+ - "binary/guacamole-auth-openid-1.2.0.tar.gz"
+ - "binary/guacamole-auth-quickconnect-1.2.0.tar.gz"
+ - "binary/guacamole-auth-saml-1.2.0.tar.gz"
+ - "binary/guacamole-auth-totp-1.2.0.tar.gz"
+
+documentation:
+ "Manual" : "/doc/1.2.0/gug"
+ "guacamole-common" : "/doc/1.2.0/guacamole-common"
+ "guacamole-common-js" : "/doc/1.2.0/guacamole-common-js"
+ "guacamole-ext" : "/doc/1.2.0/guacamole-ext"
+ "libguac" : "/doc/1.2.0/libguac"
+
+---
+
+The 1.2.0 release features support for SAML 2.0, Wake-on-LAN, and a new
+interface for easily switching between multiple active connections. The general
+behavior of the login interface has also been improved, as has the flexibility
+of the TOTP support, which may now be used even with user accounts that do not
+yet exist in the database.
+
+**The 1.2.0 release is compatible with older 1.x components.** You should
+upgrade older components to 1.2.0 when possible, however things should continue
+to work correctly in the interim:
+
+* Extensions written for older 1.x releases can be used by 1.2.0.
+* Components written for the version of the Guacamole protocol used by older
+ 1.x releases can be used with components of the 1.2.0 release.
+
+
+New features and improvements
+-----------------------------
+
+### Single sign-on with SAML 2.0
+
+Similar to existing support for CAS and OpenID Connect, Guacamole now provides
+support for SAML 2.0, allowing any identity provider implementing this standard
+to function as a source of identity.
+
+Note that this new extension only deals with determining the identity of users
+that have authenticated via SAML (and redirecting unauthenticated users to the
+configured identity provider so that they may authenticate). The details of the
+connections available to each user must be provided via another extension, such
+as the [database authentication](/doc/1.2.0/gug/jdbc-auth.html).
+
+ * [GUACAMOLE-103](https://issues.apache.org/jira/browse/GUACAMOLE-103) - SAML 2.0 support for user authentication
+
+### Wake-on-LAN
+
+Automatically activating machines using Wake-on-LAN is now supported for VNC,
+RDP, SSH, and telnet connections. Additional connection parameters are
+available which define how the Wake-on-LAN "Magic Packet" should be broadcast.
+If enabled on a connection, the "Magic Packet" will be sent before attempting
+to connect, signaling the desired machine to power up.
+
+ * [GUACAMOLE-513](https://issues.apache.org/jira/browse/GUACAMOLE-513) - Wake on LAN integration
+
+### Easy switching between multiple connections
+
+Users with access to multiple connections may now select from those connections
+within the Guacamole menu while already using another connection. The
+connection name that is displayed at the top of the Guacamole menu functions as
+a drop-down menu from which any accessible connection may be selected.
+
+Once multiple connections are running, connections that are running in the
+background appear as thumbnails in a collapsible panel on the lower-right
+corner of the screen. These thumbnails update in real-time, and clicking on a
+thumbnail will switch to that connection without disconnecting.
+
+ * [GUACAMOLE-723](https://issues.apache.org/jira/browse/GUACAMOLE-723) - Support display of multiple connections within same tab
+
+### Improved login behavior
+
+When the Guacamole login dialog is displayed, the first blank login field will
+now automatically be focused, allowing failed logins to be more easily retried.
+
+In deployments where the login process may be lengthy, such as when dependent
+on a response from a relatively slow database or LDAP server, the login form
+will now disable itself and fade out to indicate that the form has been
+submitted and the login attempt is being processed.
+
+ * [GUACAMOLE-302](https://issues.apache.org/jira/browse/GUACAMOLE-302) - Refocus relevant in-progress login fields after auth failure
+ * [GUACAMOLE-742](https://issues.apache.org/jira/browse/GUACAMOLE-742) - Display feedback while waiting for login
+
+### Using TOTP with non-database user accounts
+
+Guacamole's TOTP support can now be used alongside extensions like LDAP, so
+long as a database is also configured. The former caveat that TOTP users must
+have "Change own password" permission within the database no longer applies,
+and Guacamole's various supported databases can now be configured to
+automatically create user accounts for users that have successfully
+authenticated.
+
+ * [GUACAMOLE-708](https://issues.apache.org/jira/browse/GUACAMOLE-708) - Allow database storage of arbitrary attributes for non-database users
+
+### VNC support for usernames
+
+Guacamole now supports username/password authentication for VNC in addition to
+the standard password-only authentication. VNC servers that require a username
+in addition to a password should now be accessible using Guacamole.
+
+ * [GUACAMOLE-514](https://issues.apache.org/jira/browse/GUACAMOLE-514) - Implement additional authentication methods for VNC
+
+### Granular control of clipboard and file transfer
+
+Copy and paste can now be individually disabled by the administrator on a
+per-connection basis, allowing data transfer through the clipboard to be
+tightly restricted.
+
+File transfer has always been disabled unless explicitly enabled, however this
+support can now be enabled while also disabling download or upload, allowing
+file transfer to be restricted to a single direction.
+
+ * [GUACAMOLE-381](https://issues.apache.org/jira/browse/GUACAMOLE-381) - Allow clipboard access to be disabled
+ * [GUACAMOLE-474](https://issues.apache.org/jira/browse/GUACAMOLE-474) - Allow file upload and download to be enabled separately
+
+### Improved control of LDAP group object structure
+
+Guacamole's LDAP support now allows configuration of the type of groups used to
+dictate access. While Guacamole previously assumed use of the `groupOfNames`
+object class and its `member` attribute, other object classes like `posixGroup`
+may now be used, and their corresponding member attributes may be defined.
+
+ * [GUACAMOLE-300](https://issues.apache.org/jira/browse/GUACAMOLE-300) - Support posixGroup in LDAP Authentication and Group-based Session Admission
+
+### `guacenc` support for MPEG-4 containers
+
+The optional `guacenc` utility that is part of guacamole-server will now
+produce video within MPEG-4 container files, not just raw, containerless MPEG-4
+video streams.
+
+ * [GUACAMOLE-465](https://issues.apache.org/jira/browse/GUACAMOLE-465) - Guacenc should support libavformat
+
+### Support for SSL/TLS database connections
+
+For MySQL and PostgreSQL servers that require SSL/TLS connections, Guacamole
+now provides options to configure this. Additional properties within
+`guacamole.properties` may be specified to allow/require use of SSL, as well as
+to configure the level of certificate validation.
+
+ * [GUACAMOLE-728](https://issues.apache.org/jira/browse/GUACAMOLE-728) - Docker image unable to connect to MySQL8 docker: Public Key Retrieval Not Allowed
+
+### Support for the MariaDB JDBC driver
+
+While MySQL and MariaDB share a common origin and are generally compatible,
+their corresponding JDBC drivers have diverged, and Guacamole's MySQL/MariaDB
+support previously assumed that the MySQL driver would be used.
+
+Guacamole now supports the MariaDB version of "Connector/J" in addition to the
+MySQL version.
+
+ * [GUACAMOLE-852](https://issues.apache.org/jira/browse/GUACAMOLE-852) - Support MariaDB JDBC Driver
+
+### Support for SQL Server instance names
+
+SQL Server supports deploying multiple instances on the same server, with each
+additional instance identified its own unique name. If using SQL Server, and
Review comment:
*by its own
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [guacamole-website] mike-jumper commented on a change in pull request #80: Add draft release notes for first RC of 1.2.0.
Posted by GitBox <gi...@apache.org>.
mike-jumper commented on a change in pull request #80:
URL: https://github.com/apache/guacamole-website/pull/80#discussion_r445956369
##########
File path: _releases/1.2.0.md
##########
@@ -0,0 +1,410 @@
+---
+
+released: false
+title: 1.2.0
+date: 2020-06-24 02:31:09 -0700
+summary: >
+ Support for SAML 2.0, Wake-on-LAN, and easy switching between active
+ connections, numerous fixes for RDP, improvements to TOTP, database
+ support, and behavior on iOS devices.
+
+artifact-root: "https://dist.apache.org/repos/dist/dev/"
+checksum-root: "https://dist.apache.org/repos/dist/dev/"
+download-path: "guacamole/1.2.0-RC1/"
+checksum-suffixes:
+ "PGP" : ".asc"
+ "SHA-256" : ".sha256"
+
+source-dist:
+ - "source/guacamole-client-1.2.0.tar.gz"
+ - "source/guacamole-server-1.2.0.tar.gz"
+
+binary-dist:
+ - "binary/guacamole-1.2.0.war"
+ - "binary/guacamole-auth-cas-1.2.0.tar.gz"
+ - "binary/guacamole-auth-duo-1.2.0.tar.gz"
+ - "binary/guacamole-auth-header-1.2.0.tar.gz"
+ - "binary/guacamole-auth-jdbc-1.2.0.tar.gz"
+ - "binary/guacamole-auth-ldap-1.2.0.tar.gz"
+ - "binary/guacamole-auth-openid-1.2.0.tar.gz"
+ - "binary/guacamole-auth-quickconnect-1.2.0.tar.gz"
+ - "binary/guacamole-auth-saml-1.2.0.tar.gz"
+ - "binary/guacamole-auth-totp-1.2.0.tar.gz"
+
+documentation:
+ "Manual" : "/doc/1.2.0/gug"
+ "guacamole-common" : "/doc/1.2.0/guacamole-common"
+ "guacamole-common-js" : "/doc/1.2.0/guacamole-common-js"
+ "guacamole-ext" : "/doc/1.2.0/guacamole-ext"
+ "libguac" : "/doc/1.2.0/libguac"
+
+---
+
+The 1.2.0 release features support for SAML 2.0, Wake-on-LAN, and a new
+interface for easily switching between multiple active connections. The general
+behavior of the login interface has also been improved, as has the flexibility
+of the TOTP support, which may now be used even with user accounts that do not
+yet exist in the database.
+
+**The 1.2.0 release is compatible with older 1.x components.** You should
+upgrade older components to 1.2.0 when possible, however things should continue
+to work correctly in the interim:
+
+* Extensions written for older 1.x releases can be used by 1.2.0.
+* Components written for the version of the Guacamole protocol used by older
+ 1.x releases can be used with components of the 1.2.0 release.
+
+
+New features and improvements
+-----------------------------
+
+### Single sign-on with SAML 2.0
+
+Similar to existing support for CAS and OpenID Connect, Guacamole now provides
+support for SAML 2.0, allowing any identity provider implementing this standard
+to function as a source of identity.
+
+Note that this new extension only deals with determining the identity of users
+that have authenticated via SAML (and redirecting unauthenticated users to the
+configured identity provider so that they may authenticate). The details of the
+connections available to each user must be provided via another extension, such
+as the [database authentication](/doc/1.2.0/gug/jdbc-auth.html).
+
+ * [GUACAMOLE-103](https://issues.apache.org/jira/browse/GUACAMOLE-103) - SAML 2.0 support for user authentication
+
+### Wake-on-LAN
+
+Automatically activating machines using Wake-on-LAN is now supported for VNC,
+RDP, SSH, and telnet connections. Additional connection parameters are
+available which define how the Wake-on-LAN "Magic Packet" should be broadcast.
+If enabled on a connection, the "Magic Packet" will be sent before attempting
+to connect, signaling the desired machine to power up.
+
+ * [GUACAMOLE-513](https://issues.apache.org/jira/browse/GUACAMOLE-513) - Wake on LAN integration
+
+### Easy switching between multiple connections
+
+Users with access to multiple connections may now select from those connections
+within the Guacamole menu while already using another connection. The
+connection name that is displayed at the top of the Guacamole menu functions as
+a drop-down menu from which any accessible connection may be selected.
+
+Once multiple connections are running, connections that are running in the
+background appear as thumbnails in a collapsible panel on the lower-right
+corner of the screen. These thumbnails update in real-time, and clicking on a
+thumbnail will switch to that connection without disconnecting.
+
+ * [GUACAMOLE-723](https://issues.apache.org/jira/browse/GUACAMOLE-723) - Support display of multiple connections within same tab
+
+### Improved login behavior
+
+When the Guacamole login dialog is displayed, the first blank login field will
+now automatically be focused, allowing failed logins to be more easily retried.
+
+In deployments where the login process may be lengthy, such as when dependent
+on a response from a relatively slow database or LDAP server, the login form
+will now disable itself and fade out to indicate that the form has been
+submitted and the login attempt is being processed.
+
+ * [GUACAMOLE-302](https://issues.apache.org/jira/browse/GUACAMOLE-302) - Refocus relevant in-progress login fields after auth failure
+ * [GUACAMOLE-742](https://issues.apache.org/jira/browse/GUACAMOLE-742) - Display feedback while waiting for login
+
+### Using TOTP with non-database user accounts
+
+Guacamole's TOTP support can now be used alongside extensions like LDAP, so
+long as a database is also configured. The former caveat that TOTP users must
+have "Change own password" permission within the database no longer applies,
+and Guacamole's various supported databases can now be configured to
+automatically create user accounts for users that have successfully
+authenticated.
+
+ * [GUACAMOLE-708](https://issues.apache.org/jira/browse/GUACAMOLE-708) - Allow database storage of arbitrary attributes for non-database users
+
+### VNC support for usernames
+
+Guacamole now supports username/password authentication for VNC in addition to
+the standard password-only authentication. VNC servers that require a username
+in addition to a password should now be accessible using Guacamole.
+
+ * [GUACAMOLE-514](https://issues.apache.org/jira/browse/GUACAMOLE-514) - Implement additional authentication methods for VNC
+
+### Granular control of clipboard and file transfer
+
+Copy and paste can now be individually disabled by the administrator on a
+per-connection basis, allowing data transfer through the clipboard to be
+tightly restricted.
+
+File transfer has always been disabled unless explicitly enabled, however this
+support can now be enabled while also disabling download or upload, allowing
+file transfer to be restricted to a single direction.
+
+ * [GUACAMOLE-381](https://issues.apache.org/jira/browse/GUACAMOLE-381) - Allow clipboard access to be disabled
+ * [GUACAMOLE-474](https://issues.apache.org/jira/browse/GUACAMOLE-474) - Allow file upload and download to be enabled separately
+
+### Improved control of LDAP group object structure
+
+Guacamole's LDAP support now allows configuration of the type of groups used to
+dictate access. While Guacamole previously assumed use of the `groupOfNames`
+object class and its `member` attribute, other object classes like `posixGroup`
+may now be used, and their corresponding member attributes may be defined.
+
+ * [GUACAMOLE-300](https://issues.apache.org/jira/browse/GUACAMOLE-300) - Support posixGroup in LDAP Authentication and Group-based Session Admission
+
+### `guacenc` support for MPEG-4 containers
+
+The optional `guacenc` utility that is part of guacamole-server will now
+produce video within MPEG-4 container files, not just raw, containerless MPEG-4
+video streams.
+
+ * [GUACAMOLE-465](https://issues.apache.org/jira/browse/GUACAMOLE-465) - Guacenc should support libavformat
+
+### Support for SSL/TLS database connections
+
+For MySQL and PostgreSQL servers that require SSL/TLS connections, Guacamole
+now provides options to configure this. Additional properties within
+`guacamole.properties` may be specified to allow/require use of SSL, as well as
+to configure the level of certificate validation.
+
+ * [GUACAMOLE-728](https://issues.apache.org/jira/browse/GUACAMOLE-728) - Docker image unable to connect to MySQL8 docker: Public Key Retrieval Not Allowed
+
+### Support for the MariaDB JDBC driver
+
+While MySQL and MariaDB share a common origin and are generally compatible,
+their corresponding JDBC drivers have diverged, and Guacamole's MySQL/MariaDB
+support previously assumed that the MySQL driver would be used.
+
+Guacamole now supports the MariaDB version of "Connector/J" in addition to the
+MySQL version.
+
+ * [GUACAMOLE-852](https://issues.apache.org/jira/browse/GUACAMOLE-852) - Support MariaDB JDBC Driver
+
+### Support for SQL Server instance names
+
+SQL Server supports deploying multiple instances on the same server, with each
+additional instance identified its own unique name. If using SQL Server, and
Review comment:
OK - fixed and rebased.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [guacamole-website] necouchman merged pull request #80: Add draft release notes for first RC of 1.2.0.
Posted by GitBox <gi...@apache.org>.
necouchman merged pull request #80:
URL: https://github.com/apache/guacamole-website/pull/80
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [guacamole-website] necouchman commented on a change in pull request #80: Add draft release notes for first RC of 1.2.0.
Posted by GitBox <gi...@apache.org>.
necouchman commented on a change in pull request #80:
URL: https://github.com/apache/guacamole-website/pull/80#discussion_r445774006
##########
File path: _releases/1.2.0.md
##########
@@ -0,0 +1,405 @@
+---
+
+released: false
+title: 1.2.0
+date: 2020-06-24 02:31:09 -0700
+summary: >
+ Support for SAML 2.0, Wake-on-LAN, and easy switching between active
+ connections, numerous fixes for RDP, improvements to TOTP, database
+ support, and behavior on iOS devices.
+
+artifact-root: "https://dist.apache.org/repos/dist/dev/"
+checksum-root: "https://dist.apache.org/repos/dist/dev/"
+download-path: "guacamole/1.2.0-RC1/"
+checksum-suffixes:
+ "PGP" : ".asc"
+ "SHA-256" : ".sha256"
+
+source-dist:
+ - "source/guacamole-client-1.2.0.tar.gz"
+ - "source/guacamole-server-1.2.0.tar.gz"
+
+binary-dist:
+ - "binary/guacamole-1.2.0.war"
+ - "binary/guacamole-auth-cas-1.2.0.tar.gz"
+ - "binary/guacamole-auth-duo-1.2.0.tar.gz"
+ - "binary/guacamole-auth-header-1.2.0.tar.gz"
+ - "binary/guacamole-auth-jdbc-1.2.0.tar.gz"
+ - "binary/guacamole-auth-ldap-1.2.0.tar.gz"
+ - "binary/guacamole-auth-openid-1.2.0.tar.gz"
+ - "binary/guacamole-auth-quickconnect-1.2.0.tar.gz"
+ - "binary/guacamole-auth-saml-1.2.0.tar.gz"
+ - "binary/guacamole-auth-totp-1.2.0.tar.gz"
+
+documentation:
+ "Manual" : "/doc/1.2.0/gug"
+ "guacamole-common" : "/doc/1.2.0/guacamole-common"
+ "guacamole-common-js" : "/doc/1.2.0/guacamole-common-js"
+ "guacamole-ext" : "/doc/1.2.0/guacamole-ext"
+ "libguac" : "/doc/1.2.0/libguac"
+
+---
+
+The 1.2.0 release features support for SAML 2.0, Wake-on-LAN, and a new
+interface for easily switching between multiple active connections. The general
+behavior of the login interface has also been improved, as has the flexibility
+of the TOTP support, which may now be used even with user accounts that do not
+yet exist in the database.
+
+**The 1.2.0 release is compatible with older 1.x components.** You should
+upgrade older components to 1.2.0 when possible, however things should continue
+to work correctly in the interim:
+
+* Extensions written for older 1.x releases can be used by 1.2.0.
+* Components written for the version of the Guacamole protocol used by older
+ 1.x releases can be used with components of the 1.2.0 release.
+
+
+New features and improvements
+-----------------------------
+
+### Single sign-on with SAML 2.0
+
+Similar to existing support for CAS and OpenID Connect, Guacamole now provides
+support for SAML 2.0, allowing any identity provider implementing this standard
+to function as a source of identity.
+
+Note that this new extension only deals with determining the identity of users
+that have authenticated via SAML (and redirecting unauthenticated users to the
+configured identity provider so that they may authenticate). The details of the
+connections available to each user must be provided via another extension, such
+as the [database authentication](/doc/1.2.0/gug/jdbc-auth.html).
+
+ * [GUACAMOLE-103](https://issues.apache.org/jira/browse/GUACAMOLE-103) - SAML 2.0 support for user authentication
+
+### Wake-on-LAN
+
+Automatically activating machines using Wake-on-LAN is now supported for VNC,
+RDP, SSH, and telnet connections. Additional connection parameters are
+available which define how the Wake-on-LAN "Magic Packet" should be broadcast.
+If enabled on a connection, the "Magic Packet" will be sent before attempting
+to connect, signaling the desired machine to power up.
+
+ * [GUACAMOLE-513](https://issues.apache.org/jira/browse/GUACAMOLE-513) - Wake on LAN integration
+
+### Easy switching between multiple connections
+
+Users with access to multiple connections may now select from those connections
+within the Guacamole menu while already using another connection. The
+connection name that is displayed at the top of the Guacamole menu functions as
+a drop-down menu from which any accessible connection may be selected.
+
+Once multiple connections are running, connections that are running in the
+background appear as thumbnails in a collapsible panel on the lower-right
+corner of the screen. These thumbnails update in real-time, and clicking on a
+thumbnail will switch to that connection without disconnecting.
+
+ * [GUACAMOLE-723](https://issues.apache.org/jira/browse/GUACAMOLE-723) - Support display of multiple connections within same tab
+
+### Improved login behavior
+
+When the Guacamole login dialog is displayed, the first blank login field will
+now automatically be focused, allowing failed logins to be more easily retried.
+
+In deployments where the login process may be lengthy, such as when dependent
+on a response from a relatively slow database or LDAP server, the login form
+will now disable itself and fade out to indicate that the form has been
+submitted and the login attempt is being processed.
+
+ * [GUACAMOLE-302](https://issues.apache.org/jira/browse/GUACAMOLE-302) - Refocus relevant in-progress login fields after auth failure
+ * [GUACAMOLE-742](https://issues.apache.org/jira/browse/GUACAMOLE-742) - Display feedback while waiting for login
+
+### Using TOTP with non-database user accounts
+
+Guacamole's TOTP support can now be used alongside extensions like LDAP, so
+long as a database is also configured. The former caveat that TOTP users must
+have "Change own password" permission within the database no longer applies,
+and Guacamole's various supported databases can now be configured to
+automatically create user accounts for users that have successfully
+authenticated.
+
+ * [GUACAMOLE-708](https://issues.apache.org/jira/browse/GUACAMOLE-708) - Allow database storage of arbitrary attributes for non-database users
+
+### VNC support for usernames
+
+Guacamole now supports username/password authentication for VNC in addition to
+the standard password-only authentication. VNC servers that require a username
+in addition to a password should now be accessible using Guacamole.
+
+ * [GUACAMOLE-514](https://issues.apache.org/jira/browse/GUACAMOLE-514) - Implement additional authentication methods for VNC
+
+### Granular control of clipboard and file transfer
+
+Copy and paste can now be individually disabled by the administrator on a
+per-connection basis, allowing data transfer through the clipboard to be
+tightly restricted.
+
+File transfer has always been disabled unless explicitly enabled, however this
+support can now be enabled while also disabling download or upload, allowing
+file transfer to be restricted to a single direction.
+
+ * [GUACAMOLE-381](https://issues.apache.org/jira/browse/GUACAMOLE-381) - Allow clipboard access to be disabled
+ * [GUACAMOLE-474](https://issues.apache.org/jira/browse/GUACAMOLE-474) - Allow file upload and download to be enabled separately
+
+### Improved control of LDAP group object structure
+
+Guacamole's LDAP support now allows configuration of the type of groups used to
+dictate access. While Guacamole previously assumed use of the `groupOfNames`
+object class and its `member` attribute, other object classes like `posixGroup`
+may now be used, and their corresponding member attributes may be defined.
+
+ * [GUACAMOLE-300](https://issues.apache.org/jira/browse/GUACAMOLE-300) - Support posixGroup in LDAP Authentication and Group-based Session Admission
+
+### `guacenc` support for MPEG-4 containers
+
+The optional `guacenc` utility that is part of guacamole-server will now
+produce video within MPEG-4 container files, not just raw, containerless MPEG-4
+video streams.
+
+ * [GUACAMOLE-465](https://issues.apache.org/jira/browse/GUACAMOLE-465) - Guacenc should support libavformat
+
+### Support for SSL/TLS database connections
+
+For MySQL and PostgreSQL servers that require SSL/TLS connections, Guacamole
+now provides options to configure this. Additional properties within
+`guacamole.properties` may be specified to allow/require use of SSL, as well as
+to configure the level of certificate validation.
+
+ * [GUACAMOLE-728](https://issues.apache.org/jira/browse/GUACAMOLE-728) - Docker image unable to connect to MySQL8 docker: Public Key Retrieval Not Allowed
+
+### Support for the MariaDB JDBC driver
+
+While MySQL and MariaDB share a common origin and are generally compatible,
+their corresponding JDBC drivers have diverged, and Guacamole's MySQL/MariaDB
+support previously assumed that the MySQL driver would be used.
+
+Guacamole now supports the MariaDB version of "Connector/J" in addition to the
+MySQL version.
+
+ * [GUACAMOLE-852](https://issues.apache.org/jira/browse/GUACAMOLE-852) - Support MariaDB JDBC Driver
+
+### Support for SQL Server instance names
+
+SQL Server supports deploying multiple instances on the same server, with each
+additional instance identified its own unique name. If using SQL Server, and
+your deployment uses named instances, the name of the instance containing the
+Guacamole database can now be specified using the `sqlserver-instance` property.
+
+ * [GUACAMOLE-583](https://issues.apache.org/jira/browse/GUACAMOLE-583) - SQL Instance Strings
+
+Internationalization
+--------------------
+
+### Czech and Japanese translations of the web interface
+
+The web interface of Guacamole has been translated into Czech and Japanese.
+These languages will now be automatically selected if accessing Guacamole
+from a browser where either is set as the preferred language, and can be
+[manually selected](/doc/gug/using-guacamole.html#display-language) within
+Guacamole's preferences.
+
+ * [GUACAMOLE-821](https://issues.apache.org/jira/browse/GUACAMOLE-821) - Add Japanese translation
+ * [GUACAMOLE-781](https://issues.apache.org/jira/browse/GUACAMOLE-781) - Add Czech translation
+
+### Belgian French, Hungarian, and Latin American keymaps for RDP
+
+Keymaps have been added to better support RDP servers which use the
+Belgian French, Hungarian, or Latin American keyboard layouts. As always, bear
+in mind that [the client side of Guacamole is independent of keyboard
+layout](/faq/#does-guacamole-support-my-keyboard-layout). Additional keyboard
+layouts for RDP are mainly of benefit if:
+
+1. Your RDP server does not support Unicode events.
+2. Your RDP server is set to a keyboard layout which is not the default (US English).
+
+If your RDP server is set to US English and supports Unicode events, it should
+not be necessary to select a specific layout. The user's local keyboard should
+simply work, regardless of whether it matches the layout of the RDP server.
+
+ * [GUACAMOLE-625](https://issues.apache.org/jira/browse/GUACAMOLE-625) - Add Spanish Latam keyboard support
+ * [GUACAMOLE-837](https://issues.apache.org/jira/browse/GUACAMOLE-837) - Add RDP keymap for Hungarian keyboard layout
+ * [GUACAMOLE-901](https://issues.apache.org/jira/browse/GUACAMOLE-901) - Keyboard layout for Belgian French
+
+### Updates to the French translation of the web interface
+
+The existing French translation has been updated to take into account recent
+changes to the web interface, adding French translations for portions of text
+which previously would have been displayed in English as a fallback.
+
+ * [GUACAMOLE-759](https://issues.apache.org/jira/browse/GUACAMOLE-759) - update translation fr.json for guacamole-client
+
+Bug fixes
+---------
+
+### Regressions due to FreeRDP 2.0.0 migration
+
+Several regressions were identified following the Apache Guacamole 1.1.0
+release which were due to [the massive migration from FreeRDP 1.x to FreeRDP
+2.0.0](../1.1.0/#migration-to-freerdp-200) and primarily affected use of
+RemoteApp, Hyper-V, and VirtualBox. These regressions have now been fixed, and
+RDP connections involving these technologies should work as expected.
+
+ * [GUACAMOLE-947](https://issues.apache.org/jira/browse/GUACAMOLE-947) - Clipboard error message when connected to the RDP server
+ * [GUACAMOLE-952](https://issues.apache.org/jira/browse/GUACAMOLE-952) - Preconnection PDU support no longer works following migration to FreeRDP 2.0.0
+ * [GUACAMOLE-962](https://issues.apache.org/jira/browse/GUACAMOLE-962) - Cannot connect to VirtualBox RDP following migration to FreeRDP 2.0.0
+ * [GUACAMOLE-978](https://issues.apache.org/jira/browse/GUACAMOLE-978) - RemoteApp session to Windows Server 2016 closes after roughly 2-3 minutes
+ * [GUACAMOLE-979](https://issues.apache.org/jira/browse/GUACAMOLE-979) - RDP settings strings may be double-freed
+ * [GUACAMOLE-1053](https://issues.apache.org/jira/browse/GUACAMOLE-1053) - guacd segfaults when user actively presses keys at RDP disconnect time
+ * [GUACAMOLE-1076](https://issues.apache.org/jira/browse/GUACAMOLE-1076) - Another copy of RemoteApp is launched in case of session reconnect
+
+### Audio input behavior
+
+Following changes to the JavaScript API exposed by browsers for accessing audio
+input streams, support for audio input within Guacamole ceased to function
+correctly. This was due to:
+
+ * A change in the return type of the `navigator.mediaDevices.getUserMedia()` function
+ * Changes in Chrome's autoplay policy
+
+Both causes have been addressed, and audio input should now function correctly.
+
+ * [GUACAMOLE-732](https://issues.apache.org/jira/browse/GUACAMOLE-732) - navigator.mediaDevices.getUserMedia() returns a promises
+ * [GUACAMOLE-905](https://issues.apache.org/jira/browse/GUACAMOLE-905) - Audio input broken on Chrome
+
+### iPad and iOS 13 support
+
+Users of iOS and iPadOS mobile devices reported erratic behavior of the
+Guacamole interface following a system update, ultimately resulting in
+inability to interact with remote desktops using touch mouse emulation. These
+issues were determined to be due to changes in iOS Safari's handling of the
+browser viewport, and have been corrected by updating Guacamole's interface to
+be independent of the aspects that changed.
+
+ * [GUACAMOLE-810](https://issues.apache.org/jira/browse/GUACAMOLE-810) - Ipad screen jumps upwards while user focuses on Text Input.
+ * [GUACAMOLE-883](https://issues.apache.org/jira/browse/GUACAMOLE-883) - Touch mouse emulation no longer works as of iOS 13
+
+### Login screen behavior on Firefox
+
+When logging into Guacamole using Firefox, the "Enter" key could become
+effectively stuck if used to submit the login form. This was due to the lack of
+a corresponding `keyup` event for the key used to submit the form. This issue
+has been corrected such that any tracked keyboard state will not be maintained
+when Guacamole navigates between any of its pages.
+
+ * [GUACAMOLE-817](https://issues.apache.org/jira/browse/GUACAMOLE-817) - "Enter" key may repeat following login with Firefox
+
+### RDP keyboard behavior
+
+Guacamole's RDP support relies on dynamic keymap translation to ensure that
+keyboard behavior is always dictated by the user's own keyboard layout, not the
+keyboard layout of the RDP server. This translation did not function correctly
+when Shift and Caps Lock were combined, as the remote state of Caps Lock was
+not properly tracked.
+
+This has been corrected, and Guacamole will now automatically take Caps Lock
+into account when determining whether additional modifiers need to be pressed
+(and whether any pressed modifiers need to be released).
+
+The German keymap has also been corrected to include a definition for the
+non-dead tilde key.
+
+ * [GUACAMOLE-518](https://issues.apache.org/jira/browse/GUACAMOLE-518) - Shift incorrectly sent for uppercase letters while Caps Lock is active
+ * [GUACAMOLE-859](https://issues.apache.org/jira/browse/GUACAMOLE-859) - Incorrect Caps Lock keysym sent to Windows via RDP
+ * [GUACAMOLE-917](https://issues.apache.org/jira/browse/GUACAMOLE-917) - Key mapping for German keyboards: ~ does not work
+
+### VNC support for TLS
+
+While Guacamole will automatically use TLS for VNC servers that require it, the
+proper locking callbacks required for multithreaded use of TLS were not set,
+resulting in unstable behavior. These callbacks are now correctly specified,
+and connections to VNC servers requiring TLS should function correctly.
Review comment:
Not sure if it needs to be noted in these release notes or not, but this is also dependent upon the correct version of `libvncserver`/`libvncclient` on the system running guacd, as that library also has to support the locking.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [guacamole-website] mike-jumper commented on a change in pull request #80: Add draft release notes for first RC of 1.2.0.
Posted by GitBox <gi...@apache.org>.
mike-jumper commented on a change in pull request #80:
URL: https://github.com/apache/guacamole-website/pull/80#discussion_r445789819
##########
File path: _releases/1.2.0.md
##########
@@ -0,0 +1,405 @@
+---
+
+released: false
+title: 1.2.0
+date: 2020-06-24 02:31:09 -0700
+summary: >
+ Support for SAML 2.0, Wake-on-LAN, and easy switching between active
+ connections, numerous fixes for RDP, improvements to TOTP, database
+ support, and behavior on iOS devices.
+
+artifact-root: "https://dist.apache.org/repos/dist/dev/"
+checksum-root: "https://dist.apache.org/repos/dist/dev/"
+download-path: "guacamole/1.2.0-RC1/"
+checksum-suffixes:
+ "PGP" : ".asc"
+ "SHA-256" : ".sha256"
+
+source-dist:
+ - "source/guacamole-client-1.2.0.tar.gz"
+ - "source/guacamole-server-1.2.0.tar.gz"
+
+binary-dist:
+ - "binary/guacamole-1.2.0.war"
+ - "binary/guacamole-auth-cas-1.2.0.tar.gz"
+ - "binary/guacamole-auth-duo-1.2.0.tar.gz"
+ - "binary/guacamole-auth-header-1.2.0.tar.gz"
+ - "binary/guacamole-auth-jdbc-1.2.0.tar.gz"
+ - "binary/guacamole-auth-ldap-1.2.0.tar.gz"
+ - "binary/guacamole-auth-openid-1.2.0.tar.gz"
+ - "binary/guacamole-auth-quickconnect-1.2.0.tar.gz"
+ - "binary/guacamole-auth-saml-1.2.0.tar.gz"
+ - "binary/guacamole-auth-totp-1.2.0.tar.gz"
+
+documentation:
+ "Manual" : "/doc/1.2.0/gug"
+ "guacamole-common" : "/doc/1.2.0/guacamole-common"
+ "guacamole-common-js" : "/doc/1.2.0/guacamole-common-js"
+ "guacamole-ext" : "/doc/1.2.0/guacamole-ext"
+ "libguac" : "/doc/1.2.0/libguac"
+
+---
+
+The 1.2.0 release features support for SAML 2.0, Wake-on-LAN, and a new
+interface for easily switching between multiple active connections. The general
+behavior of the login interface has also been improved, as has the flexibility
+of the TOTP support, which may now be used even with user accounts that do not
+yet exist in the database.
+
+**The 1.2.0 release is compatible with older 1.x components.** You should
+upgrade older components to 1.2.0 when possible, however things should continue
+to work correctly in the interim:
+
+* Extensions written for older 1.x releases can be used by 1.2.0.
+* Components written for the version of the Guacamole protocol used by older
+ 1.x releases can be used with components of the 1.2.0 release.
+
+
+New features and improvements
+-----------------------------
+
+### Single sign-on with SAML 2.0
+
+Similar to existing support for CAS and OpenID Connect, Guacamole now provides
+support for SAML 2.0, allowing any identity provider implementing this standard
+to function as a source of identity.
+
+Note that this new extension only deals with determining the identity of users
+that have authenticated via SAML (and redirecting unauthenticated users to the
+configured identity provider so that they may authenticate). The details of the
+connections available to each user must be provided via another extension, such
+as the [database authentication](/doc/1.2.0/gug/jdbc-auth.html).
+
+ * [GUACAMOLE-103](https://issues.apache.org/jira/browse/GUACAMOLE-103) - SAML 2.0 support for user authentication
+
+### Wake-on-LAN
+
+Automatically activating machines using Wake-on-LAN is now supported for VNC,
+RDP, SSH, and telnet connections. Additional connection parameters are
+available which define how the Wake-on-LAN "Magic Packet" should be broadcast.
+If enabled on a connection, the "Magic Packet" will be sent before attempting
+to connect, signaling the desired machine to power up.
+
+ * [GUACAMOLE-513](https://issues.apache.org/jira/browse/GUACAMOLE-513) - Wake on LAN integration
+
+### Easy switching between multiple connections
+
+Users with access to multiple connections may now select from those connections
+within the Guacamole menu while already using another connection. The
+connection name that is displayed at the top of the Guacamole menu functions as
+a drop-down menu from which any accessible connection may be selected.
+
+Once multiple connections are running, connections that are running in the
+background appear as thumbnails in a collapsible panel on the lower-right
+corner of the screen. These thumbnails update in real-time, and clicking on a
+thumbnail will switch to that connection without disconnecting.
+
+ * [GUACAMOLE-723](https://issues.apache.org/jira/browse/GUACAMOLE-723) - Support display of multiple connections within same tab
+
+### Improved login behavior
+
+When the Guacamole login dialog is displayed, the first blank login field will
+now automatically be focused, allowing failed logins to be more easily retried.
+
+In deployments where the login process may be lengthy, such as when dependent
+on a response from a relatively slow database or LDAP server, the login form
+will now disable itself and fade out to indicate that the form has been
+submitted and the login attempt is being processed.
+
+ * [GUACAMOLE-302](https://issues.apache.org/jira/browse/GUACAMOLE-302) - Refocus relevant in-progress login fields after auth failure
+ * [GUACAMOLE-742](https://issues.apache.org/jira/browse/GUACAMOLE-742) - Display feedback while waiting for login
+
+### Using TOTP with non-database user accounts
+
+Guacamole's TOTP support can now be used alongside extensions like LDAP, so
+long as a database is also configured. The former caveat that TOTP users must
+have "Change own password" permission within the database no longer applies,
+and Guacamole's various supported databases can now be configured to
+automatically create user accounts for users that have successfully
+authenticated.
+
+ * [GUACAMOLE-708](https://issues.apache.org/jira/browse/GUACAMOLE-708) - Allow database storage of arbitrary attributes for non-database users
+
+### VNC support for usernames
+
+Guacamole now supports username/password authentication for VNC in addition to
+the standard password-only authentication. VNC servers that require a username
+in addition to a password should now be accessible using Guacamole.
+
+ * [GUACAMOLE-514](https://issues.apache.org/jira/browse/GUACAMOLE-514) - Implement additional authentication methods for VNC
+
+### Granular control of clipboard and file transfer
+
+Copy and paste can now be individually disabled by the administrator on a
+per-connection basis, allowing data transfer through the clipboard to be
+tightly restricted.
+
+File transfer has always been disabled unless explicitly enabled, however this
+support can now be enabled while also disabling download or upload, allowing
+file transfer to be restricted to a single direction.
+
+ * [GUACAMOLE-381](https://issues.apache.org/jira/browse/GUACAMOLE-381) - Allow clipboard access to be disabled
+ * [GUACAMOLE-474](https://issues.apache.org/jira/browse/GUACAMOLE-474) - Allow file upload and download to be enabled separately
+
+### Improved control of LDAP group object structure
+
+Guacamole's LDAP support now allows configuration of the type of groups used to
+dictate access. While Guacamole previously assumed use of the `groupOfNames`
+object class and its `member` attribute, other object classes like `posixGroup`
+may now be used, and their corresponding member attributes may be defined.
+
+ * [GUACAMOLE-300](https://issues.apache.org/jira/browse/GUACAMOLE-300) - Support posixGroup in LDAP Authentication and Group-based Session Admission
+
+### `guacenc` support for MPEG-4 containers
+
+The optional `guacenc` utility that is part of guacamole-server will now
+produce video within MPEG-4 container files, not just raw, containerless MPEG-4
+video streams.
+
+ * [GUACAMOLE-465](https://issues.apache.org/jira/browse/GUACAMOLE-465) - Guacenc should support libavformat
+
+### Support for SSL/TLS database connections
+
+For MySQL and PostgreSQL servers that require SSL/TLS connections, Guacamole
+now provides options to configure this. Additional properties within
+`guacamole.properties` may be specified to allow/require use of SSL, as well as
+to configure the level of certificate validation.
+
+ * [GUACAMOLE-728](https://issues.apache.org/jira/browse/GUACAMOLE-728) - Docker image unable to connect to MySQL8 docker: Public Key Retrieval Not Allowed
+
+### Support for the MariaDB JDBC driver
+
+While MySQL and MariaDB share a common origin and are generally compatible,
+their corresponding JDBC drivers have diverged, and Guacamole's MySQL/MariaDB
+support previously assumed that the MySQL driver would be used.
+
+Guacamole now supports the MariaDB version of "Connector/J" in addition to the
+MySQL version.
+
+ * [GUACAMOLE-852](https://issues.apache.org/jira/browse/GUACAMOLE-852) - Support MariaDB JDBC Driver
+
+### Support for SQL Server instance names
+
+SQL Server supports deploying multiple instances on the same server, with each
+additional instance identified its own unique name. If using SQL Server, and
+your deployment uses named instances, the name of the instance containing the
+Guacamole database can now be specified using the `sqlserver-instance` property.
+
+ * [GUACAMOLE-583](https://issues.apache.org/jira/browse/GUACAMOLE-583) - SQL Instance Strings
+
+Internationalization
+--------------------
+
+### Czech and Japanese translations of the web interface
+
+The web interface of Guacamole has been translated into Czech and Japanese.
+These languages will now be automatically selected if accessing Guacamole
+from a browser where either is set as the preferred language, and can be
+[manually selected](/doc/gug/using-guacamole.html#display-language) within
+Guacamole's preferences.
+
+ * [GUACAMOLE-821](https://issues.apache.org/jira/browse/GUACAMOLE-821) - Add Japanese translation
+ * [GUACAMOLE-781](https://issues.apache.org/jira/browse/GUACAMOLE-781) - Add Czech translation
+
+### Belgian French, Hungarian, and Latin American keymaps for RDP
+
+Keymaps have been added to better support RDP servers which use the
+Belgian French, Hungarian, or Latin American keyboard layouts. As always, bear
+in mind that [the client side of Guacamole is independent of keyboard
+layout](/faq/#does-guacamole-support-my-keyboard-layout). Additional keyboard
+layouts for RDP are mainly of benefit if:
+
+1. Your RDP server does not support Unicode events.
+2. Your RDP server is set to a keyboard layout which is not the default (US English).
+
+If your RDP server is set to US English and supports Unicode events, it should
+not be necessary to select a specific layout. The user's local keyboard should
+simply work, regardless of whether it matches the layout of the RDP server.
+
+ * [GUACAMOLE-625](https://issues.apache.org/jira/browse/GUACAMOLE-625) - Add Spanish Latam keyboard support
+ * [GUACAMOLE-837](https://issues.apache.org/jira/browse/GUACAMOLE-837) - Add RDP keymap for Hungarian keyboard layout
+ * [GUACAMOLE-901](https://issues.apache.org/jira/browse/GUACAMOLE-901) - Keyboard layout for Belgian French
+
+### Updates to the French translation of the web interface
+
+The existing French translation has been updated to take into account recent
+changes to the web interface, adding French translations for portions of text
+which previously would have been displayed in English as a fallback.
+
+ * [GUACAMOLE-759](https://issues.apache.org/jira/browse/GUACAMOLE-759) - update translation fr.json for guacamole-client
+
+Bug fixes
+---------
+
+### Regressions due to FreeRDP 2.0.0 migration
+
+Several regressions were identified following the Apache Guacamole 1.1.0
+release which were due to [the massive migration from FreeRDP 1.x to FreeRDP
+2.0.0](../1.1.0/#migration-to-freerdp-200) and primarily affected use of
+RemoteApp, Hyper-V, and VirtualBox. These regressions have now been fixed, and
+RDP connections involving these technologies should work as expected.
+
+ * [GUACAMOLE-947](https://issues.apache.org/jira/browse/GUACAMOLE-947) - Clipboard error message when connected to the RDP server
+ * [GUACAMOLE-952](https://issues.apache.org/jira/browse/GUACAMOLE-952) - Preconnection PDU support no longer works following migration to FreeRDP 2.0.0
+ * [GUACAMOLE-962](https://issues.apache.org/jira/browse/GUACAMOLE-962) - Cannot connect to VirtualBox RDP following migration to FreeRDP 2.0.0
+ * [GUACAMOLE-978](https://issues.apache.org/jira/browse/GUACAMOLE-978) - RemoteApp session to Windows Server 2016 closes after roughly 2-3 minutes
+ * [GUACAMOLE-979](https://issues.apache.org/jira/browse/GUACAMOLE-979) - RDP settings strings may be double-freed
+ * [GUACAMOLE-1053](https://issues.apache.org/jira/browse/GUACAMOLE-1053) - guacd segfaults when user actively presses keys at RDP disconnect time
+ * [GUACAMOLE-1076](https://issues.apache.org/jira/browse/GUACAMOLE-1076) - Another copy of RemoteApp is launched in case of session reconnect
+
+### Audio input behavior
+
+Following changes to the JavaScript API exposed by browsers for accessing audio
+input streams, support for audio input within Guacamole ceased to function
+correctly. This was due to:
+
+ * A change in the return type of the `navigator.mediaDevices.getUserMedia()` function
+ * Changes in Chrome's autoplay policy
+
+Both causes have been addressed, and audio input should now function correctly.
+
+ * [GUACAMOLE-732](https://issues.apache.org/jira/browse/GUACAMOLE-732) - navigator.mediaDevices.getUserMedia() returns a promises
+ * [GUACAMOLE-905](https://issues.apache.org/jira/browse/GUACAMOLE-905) - Audio input broken on Chrome
+
+### iPad and iOS 13 support
+
+Users of iOS and iPadOS mobile devices reported erratic behavior of the
+Guacamole interface following a system update, ultimately resulting in
+inability to interact with remote desktops using touch mouse emulation. These
+issues were determined to be due to changes in iOS Safari's handling of the
+browser viewport, and have been corrected by updating Guacamole's interface to
+be independent of the aspects that changed.
+
+ * [GUACAMOLE-810](https://issues.apache.org/jira/browse/GUACAMOLE-810) - Ipad screen jumps upwards while user focuses on Text Input.
+ * [GUACAMOLE-883](https://issues.apache.org/jira/browse/GUACAMOLE-883) - Touch mouse emulation no longer works as of iOS 13
+
+### Login screen behavior on Firefox
+
+When logging into Guacamole using Firefox, the "Enter" key could become
+effectively stuck if used to submit the login form. This was due to the lack of
+a corresponding `keyup` event for the key used to submit the form. This issue
+has been corrected such that any tracked keyboard state will not be maintained
+when Guacamole navigates between any of its pages.
+
+ * [GUACAMOLE-817](https://issues.apache.org/jira/browse/GUACAMOLE-817) - "Enter" key may repeat following login with Firefox
+
+### RDP keyboard behavior
+
+Guacamole's RDP support relies on dynamic keymap translation to ensure that
+keyboard behavior is always dictated by the user's own keyboard layout, not the
+keyboard layout of the RDP server. This translation did not function correctly
+when Shift and Caps Lock were combined, as the remote state of Caps Lock was
+not properly tracked.
+
+This has been corrected, and Guacamole will now automatically take Caps Lock
+into account when determining whether additional modifiers need to be pressed
+(and whether any pressed modifiers need to be released).
+
+The German keymap has also been corrected to include a definition for the
+non-dead tilde key.
+
+ * [GUACAMOLE-518](https://issues.apache.org/jira/browse/GUACAMOLE-518) - Shift incorrectly sent for uppercase letters while Caps Lock is active
+ * [GUACAMOLE-859](https://issues.apache.org/jira/browse/GUACAMOLE-859) - Incorrect Caps Lock keysym sent to Windows via RDP
+ * [GUACAMOLE-917](https://issues.apache.org/jira/browse/GUACAMOLE-917) - Key mapping for German keyboards: ~ does not work
+
+### VNC support for TLS
+
+While Guacamole will automatically use TLS for VNC servers that require it, the
+proper locking callbacks required for multithreaded use of TLS were not set,
+resulting in unstable behavior. These callbacks are now correctly specified,
+and connections to VNC servers requiring TLS should function correctly.
Review comment:
Sure, I'll clarify that.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org