You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by Emmanuel Lécharny <el...@gmail.com> on 2014/03/10 15:39:46 UTC
[VOTE] Release of Apache Directory Server 2.0.0-M16, take 2
Hi,
This is a replacement for the release done last saturday, as the two following
critical bugs were found and fixed :
Bugs
----
[DIRSERVER-1962] - Replication Consumer "Enabled" checkbox not working
[DIRSERVER-1963] - Add contextCSN attribute to the list of ignored attributes in ReplicationConsumerImpl
I restart the vote, the original contain remains the same :
it's time for a long expected release of ApacheDS, version 2.0.0-M16.
We postponed this release expecting to get a release candidate out,
but at this point, we are depending on Mavibot, and it's not ready.
This release fixes many critical bugs.
We also have done some cleanup in the Kerberos server.
The list of fixed bugs and improvments is the following :
Bugs
----
[DIRSERVER-1092] - org.apache.directory.server.dns.store.RecordStore
not support ordered multiple resource record answers
[DIRSERVER-1252] - Server tools dump command broken due to use of
old paths
[DIRSERVER-1412] - Modifying the schema with more than one mod may fail
[DIRSERVER-1471] - Providing a right fix for DIRSERVER-1459
[DIRSERVER-1761] - Unable to use external keystore for SSL
[DIRSERVER-1810] - Test case
org.apache.directory.server.replication.ClientServerReplicationIT.testModDn()
fails permanently
[DIRSERVER-1845] - Sporadic failure on CollectivAttributeServiceIT
[DIRSERVER-1855] - java.lang.IllegalStateException: Can't overwrite
cause at
org.apache.directory.server.core.authz.GroupCache.initialize(GroupCache.java:190)
[DIRSERVER-1860] - Invalid DN in returned entry
[DIRSERVER-1870] - Persistent control is not decoded properly
[DIRSERVER-1873] - Searching on member attribute (multivalued) for
groups is not working as expected
[DIRSERVER-1884] - Incorrect length specified in
PaswordUtil.splitCredentials
[DIRSERVER-1885] - The JDBM index cache configuration is not used at all
[DIRSERVER-1888] - Some pwdPolicy schema AT are incorrect
[DIRSERVER-1894] - Multi-Master replicated startup does not complete
[DIRSERVER-1900] - Password hashing interceptor is not encrypting
the passwords
[DIRSERVER-1902] - Concurrent reads cause LDAP:Error 80, LDAP: Error
1 and LDAP: error code 49 errors
[DIRSERVER-1905] - KeytabDecoder should use '/' instead of '\' to
separate principal name components
[DIRSERVER-1906] - We still store entryUUID associated with 'top' in
the OC index
[DIRSERVER-1909] - Integer cannot be cast to java.lang.Long in
JdbmTable prevents service start
[DIRSERVER-1911] - Incorrect installation presumption toward user
naming convention
[DIRSERVER-1917] - Class Cast Exception when doing paged search
[DIRSERVER-1921] - Indexes dont work on distinguishedNameMatch
attributeType
[DIRSERVER-1922] - Not Operator in Ldap Filter on Indexed Attributes
[DIRSERVER-1928] - PasswordPolicy should be ignored from Admin session
[DIRSERVER-1932] - Password policy pwdMinAge check should check for
required reset
[DIRSERVER-1948] - NPE in AuthenticationInterceptor when password
policy is in place and user does not have a pwdChangedTime
[DIRSERVER-1953] - "entryDn" attribute is not returned when
requested along with wildcard attribute symbol *
[DIRSERVER-1954] - Second startup of an embedded server fails (after
an ungraceful shutdown of the first startup)
[DIRSERVER-1955] - Directory Apacheds sends wrong empty response for
password policy request
[DIRSERVER-1957] - chpass/passwd failure (Linux)
[DIRSERVER-1959] - Certificates corruption during replication
[DIRSERVER-1961] - Searches wth Object level scope and non-existing
attribute assertion in filter are not working
Improvements
------------
[DIRSERVER-1081] - Injecting more information in the opContext structure
[DIRSERVER-1294] - Add size() and hasNext() methods to cursors
[DIRSERVER-1338] - Allow non-Jdbm schema partition
[DIRSERVER-1460] - Add locale to configuration
[DIRSERVER-1534] - Improving implementation of loading LDIF files
during startup
[DIRSERVER-1601] - New index to add : PrescriptiveACI, member,
uniqueMember
[DIRSERVER-1634] - Add a DN cache for Stores
[DIRSERVER-1676] - Provide a set of error codes along with an
AuthenticationException to indicate its root cause.
[DIRSERVER-1716] - Add a ParentIdAndRdn cache
[DIRSERVER-1920] - Refactor
DefaultDirectoryServiceFactory/DefaultDirectoryService for extensability
[DIRSERVER-1926] - Supply Entry to PasswordValidator instead of username
[DIRSERVER-1935] - Include password policy control in the password
modify extended operation response if requested
New Features
------------
[DIRSERVER-264] - Add Support for Sort Control
[DIRSERVER-265] - In-memory backend storage support
[DIRSERVER-442] - Synchronize suffix entries in configuration with
entry on disk
[DIRSERVER-1030] - Add CascadeControl and add functionality to
cascade modify and delete effects
[DIRSERVER-1246] - Add shell scripts and batch files for clients
[DIRSERVER-1263] - Add authz schema
[DIRSERVER-1852] - Sort the entry based on the DN before returning them
[DIRSERVER-1886] - Add configuration schema elements for Mavibot
partition
[DIRSERVER-1889] - Credentials cache for Kerberos
[DIRSERVER-1898] - Authentication mechanism: PKCS5S2
Task
----
[DIRSERVER-575] - Convert all non-forwarding (out of band)
nextInterceptor calls to use the proxy with bypass instructions
We have also fixed many Kerberos related issues :
Bugs
----
[DIRKRB-28] - Allow setting searchBaseDN
[DIRKRB-30] - Decoding incoming request over TCP fails
[DIRKRB-96] - Unable to obtain ticket after changing the password
Tasks
-----
[DIRKRB-31] - Create the Authenticator grammar
[DIRKRB-32] - Create the EncTicketPart grammar
[DIRKRB-33] - Create the AS-REQ grammar
[DIRKRB-34] - Create the AS-REP grammar
[DIRKRB-35] - Create the TGS-REQ grammar
[DIRKRB-36] - Create the TGS-REP grammar
[DIRKRB-37] - Create the AP-REQ grammar
[DIRKRB-38] - Create the AP-REP grammar
[DIRKRB-39] - Create the KRB-SAFE grammar
[DIRKRB-40] - Create the KRB-PRIV grammar
[DIRKRB-41] - Create the KRB-CRED grammar
[DIRKRB-42] - Create the EncASRepPart grammar
[DIRKRB-43] - Create the EncTGSRepPart grammar
[DIRKRB-44] - Create the EncAPRepPart grammar
[DIRKRB-45] - Create the EncKrbPrivPart grammar
[DIRKRB-46] - Create the EncKrbCredPart grammar
[DIRKRB-47] - Create the KRB-ERROR grammar
[DIRKRB-48] - Create the PA-DATA grammar
[DIRKRB-49] - Create the Checksum grammar
[DIRKRB-50] - Create the TransitedEncoding grammar
[DIRKRB-51] - Create the KDC-REQ-BODY grammar
[DIRKRB-52] - Create the KDC-REP grammar
[DIRKRB-53] - Create the EncKDCRepPart grammar
[DIRKRB-54] - Create the LastReq grammar
[DIRKRB-55] - Create the KRB-SAFE-BODY grammar
[DIRKRB-56] - Create the KrbCredInfo grammar
[DIRKRB-57] - Create the METHOD-DATA grammar
[DIRKRB-58] - Create the TYPED-DATA grammar
[DIRKRB-59] - Create the PA-ENC-TIMESTAMP grammar
[DIRKRB-60] - Create the PA-ENC-TS-ENC grammar
[DIRKRB-61] - Create the ETYPE-INFO-ENTRY grammar
[DIRKRB-62] - Create the ETYPE-INFO grammar
[DIRKRB-63] - Create the ETYPE-INFO2-ENTRY grammar
[DIRKRB-64] - Create the ETYPE-INFO2 grammar
[DIRKRB-65] - Create the AD-IF-RELEVANT grammar
[DIRKRB-66] - Create the AD-KDCIssued grammar
[DIRKRB-67] - Create the AD-AND-OR grammar
[DIRKRB-68] - Create the AD-MANDATORY-FOR-KDC grammar
[DIRKRB-69] - Create the Ticket grammar
[DIRKRB-70] - Create the EncryptedData grammar
[DIRKRB-71] - Create the PrincipalName grammar
[DIRKRB-72] - Create the HostAddresses grammar
[DIRKRB-73] - Create the HostAddress grammar
[DIRKRB-74] - Create the AuthorizationData grammar
[DIRKRB-75] - Create the EncryptionKey grammar
[DIRKRB-76] - Create the KDC-REQ grammar
[DIRKRB-77] - Adapt the error messages we use in grammars
[DIRKRB-78] - Add tests for all the grammars
Here are the associated links :
ApacheDS 2.0.0-M16
------------------
- SVN tag :
http://svn.apache.org/r1575355
https://svn.apache.org/repos/asf/directory/apacheds/tags/2.0.0-M16/
- Nexus repository:
https://repository.apache.org/content/repositories/orgapachedirectory-1002/
- Distribution packages:
http://people.apache.org/~elecharny
[ ] +1 : release ApacheDS 2.0.0-M16
[ ] ± 0 : I don't care
[ ] -1 : No, don't release ApacheDS 2.0.0-M16
-- Regards, Cordialement, Emmanuel Lécharny www.iktek.com
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com
Re: [VOTE] Release of Apache Directory Server 2.0.0-M16, take 2
Posted by Pierre-Arnaud Marcelot <pa...@marcelot.net>.
[X] +1 : release ApacheDS 2.0.0-M16
Regards,
Pierre-Arnaud
On 10 Mar 2014, at 15:39, Emmanuel Lécharny <el...@gmail.com> wrote:
> Hi,
>
> This is a replacement for the release done last saturday, as the two following
> critical bugs were found and fixed :
>
> Bugs
> ----
>
> [DIRSERVER-1962] - Replication Consumer "Enabled" checkbox not working
> [DIRSERVER-1963] - Add contextCSN attribute to the list of ignored attributes in ReplicationConsumerImpl
>
>
> I restart the vote, the original contain remains the same :
>
>
> it's time for a long expected release of ApacheDS, version 2.0.0-M16.
> We postponed this release expecting to get a release candidate out,
> but at this point, we are depending on Mavibot, and it's not ready.
>
> This release fixes many critical bugs.
>
> We also have done some cleanup in the Kerberos server.
>
> The list of fixed bugs and improvments is the following :
>
> Bugs
> ----
>
> [DIRSERVER-1092] - org.apache.directory.server.dns.store.RecordStore
> not support ordered multiple resource record answers
> [DIRSERVER-1252] - Server tools dump command broken due to use of
> old paths
> [DIRSERVER-1412] - Modifying the schema with more than one mod may fail
> [DIRSERVER-1471] - Providing a right fix for DIRSERVER-1459
> [DIRSERVER-1761] - Unable to use external keystore for SSL
> [DIRSERVER-1810] - Test case
> org.apache.directory.server.replication.ClientServerReplicationIT.testModDn()
> fails permanently
> [DIRSERVER-1845] - Sporadic failure on CollectivAttributeServiceIT
> [DIRSERVER-1855] - java.lang.IllegalStateException: Can't overwrite
> cause at
> org.apache.directory.server.core.authz.GroupCache.initialize(GroupCache.java:190)
> [DIRSERVER-1860] - Invalid DN in returned entry
> [DIRSERVER-1870] - Persistent control is not decoded properly
> [DIRSERVER-1873] - Searching on member attribute (multivalued) for
> groups is not working as expected
> [DIRSERVER-1884] - Incorrect length specified in
> PaswordUtil.splitCredentials
> [DIRSERVER-1885] - The JDBM index cache configuration is not used at all
> [DIRSERVER-1888] - Some pwdPolicy schema AT are incorrect
> [DIRSERVER-1894] - Multi-Master replicated startup does not complete
> [DIRSERVER-1900] - Password hashing interceptor is not encrypting
> the passwords
> [DIRSERVER-1902] - Concurrent reads cause LDAP:Error 80, LDAP: Error
> 1 and LDAP: error code 49 errors
> [DIRSERVER-1905] - KeytabDecoder should use '/' instead of '\' to
> separate principal name components
> [DIRSERVER-1906] - We still store entryUUID associated with 'top' in
> the OC index
> [DIRSERVER-1909] - Integer cannot be cast to java.lang.Long in
> JdbmTable prevents service start
> [DIRSERVER-1911] - Incorrect installation presumption toward user
> naming convention
> [DIRSERVER-1917] - Class Cast Exception when doing paged search
> [DIRSERVER-1921] - Indexes dont work on distinguishedNameMatch
> attributeType
> [DIRSERVER-1922] - Not Operator in Ldap Filter on Indexed Attributes
> [DIRSERVER-1928] - PasswordPolicy should be ignored from Admin session
> [DIRSERVER-1932] - Password policy pwdMinAge check should check for
> required reset
> [DIRSERVER-1948] - NPE in AuthenticationInterceptor when password
> policy is in place and user does not have a pwdChangedTime
> [DIRSERVER-1953] - "entryDn" attribute is not returned when
> requested along with wildcard attribute symbol *
> [DIRSERVER-1954] - Second startup of an embedded server fails (after
> an ungraceful shutdown of the first startup)
> [DIRSERVER-1955] - Directory Apacheds sends wrong empty response for
> password policy request
> [DIRSERVER-1957] - chpass/passwd failure (Linux)
> [DIRSERVER-1959] - Certificates corruption during replication
> [DIRSERVER-1961] - Searches wth Object level scope and non-existing
> attribute assertion in filter are not working
>
> Improvements
> ------------
>
> [DIRSERVER-1081] - Injecting more information in the opContext structure
> [DIRSERVER-1294] - Add size() and hasNext() methods to cursors
> [DIRSERVER-1338] - Allow non-Jdbm schema partition
> [DIRSERVER-1460] - Add locale to configuration
> [DIRSERVER-1534] - Improving implementation of loading LDIF files
> during startup
> [DIRSERVER-1601] - New index to add : PrescriptiveACI, member,
> uniqueMember
> [DIRSERVER-1634] - Add a DN cache for Stores
> [DIRSERVER-1676] - Provide a set of error codes along with an
> AuthenticationException to indicate its root cause.
> [DIRSERVER-1716] - Add a ParentIdAndRdn cache
> [DIRSERVER-1920] - Refactor
> DefaultDirectoryServiceFactory/DefaultDirectoryService for extensability
> [DIRSERVER-1926] - Supply Entry to PasswordValidator instead of username
> [DIRSERVER-1935] - Include password policy control in the password
> modify extended operation response if requested
>
> New Features
> ------------
>
> [DIRSERVER-264] - Add Support for Sort Control
> [DIRSERVER-265] - In-memory backend storage support
> [DIRSERVER-442] - Synchronize suffix entries in configuration with
> entry on disk
> [DIRSERVER-1030] - Add CascadeControl and add functionality to
> cascade modify and delete effects
> [DIRSERVER-1246] - Add shell scripts and batch files for clients
> [DIRSERVER-1263] - Add authz schema
> [DIRSERVER-1852] - Sort the entry based on the DN before returning them
> [DIRSERVER-1886] - Add configuration schema elements for Mavibot
> partition
> [DIRSERVER-1889] - Credentials cache for Kerberos
> [DIRSERVER-1898] - Authentication mechanism: PKCS5S2
>
> Task
> ----
>
> [DIRSERVER-575] - Convert all non-forwarding (out of band)
> nextInterceptor calls to use the proxy with bypass instructions
>
>
> We have also fixed many Kerberos related issues :
>
> Bugs
> ----
>
> [DIRKRB-28] - Allow setting searchBaseDN
> [DIRKRB-30] - Decoding incoming request over TCP fails
> [DIRKRB-96] - Unable to obtain ticket after changing the password
>
> Tasks
> -----
>
> [DIRKRB-31] - Create the Authenticator grammar
> [DIRKRB-32] - Create the EncTicketPart grammar
> [DIRKRB-33] - Create the AS-REQ grammar
> [DIRKRB-34] - Create the AS-REP grammar
> [DIRKRB-35] - Create the TGS-REQ grammar
> [DIRKRB-36] - Create the TGS-REP grammar
> [DIRKRB-37] - Create the AP-REQ grammar
> [DIRKRB-38] - Create the AP-REP grammar
> [DIRKRB-39] - Create the KRB-SAFE grammar
> [DIRKRB-40] - Create the KRB-PRIV grammar
> [DIRKRB-41] - Create the KRB-CRED grammar
> [DIRKRB-42] - Create the EncASRepPart grammar
> [DIRKRB-43] - Create the EncTGSRepPart grammar
> [DIRKRB-44] - Create the EncAPRepPart grammar
> [DIRKRB-45] - Create the EncKrbPrivPart grammar
> [DIRKRB-46] - Create the EncKrbCredPart grammar
> [DIRKRB-47] - Create the KRB-ERROR grammar
> [DIRKRB-48] - Create the PA-DATA grammar
> [DIRKRB-49] - Create the Checksum grammar
> [DIRKRB-50] - Create the TransitedEncoding grammar
> [DIRKRB-51] - Create the KDC-REQ-BODY grammar
> [DIRKRB-52] - Create the KDC-REP grammar
> [DIRKRB-53] - Create the EncKDCRepPart grammar
> [DIRKRB-54] - Create the LastReq grammar
> [DIRKRB-55] - Create the KRB-SAFE-BODY grammar
> [DIRKRB-56] - Create the KrbCredInfo grammar
> [DIRKRB-57] - Create the METHOD-DATA grammar
> [DIRKRB-58] - Create the TYPED-DATA grammar
> [DIRKRB-59] - Create the PA-ENC-TIMESTAMP grammar
> [DIRKRB-60] - Create the PA-ENC-TS-ENC grammar
> [DIRKRB-61] - Create the ETYPE-INFO-ENTRY grammar
> [DIRKRB-62] - Create the ETYPE-INFO grammar
> [DIRKRB-63] - Create the ETYPE-INFO2-ENTRY grammar
> [DIRKRB-64] - Create the ETYPE-INFO2 grammar
> [DIRKRB-65] - Create the AD-IF-RELEVANT grammar
> [DIRKRB-66] - Create the AD-KDCIssued grammar
> [DIRKRB-67] - Create the AD-AND-OR grammar
> [DIRKRB-68] - Create the AD-MANDATORY-FOR-KDC grammar
> [DIRKRB-69] - Create the Ticket grammar
> [DIRKRB-70] - Create the EncryptedData grammar
> [DIRKRB-71] - Create the PrincipalName grammar
> [DIRKRB-72] - Create the HostAddresses grammar
> [DIRKRB-73] - Create the HostAddress grammar
> [DIRKRB-74] - Create the AuthorizationData grammar
> [DIRKRB-75] - Create the EncryptionKey grammar
> [DIRKRB-76] - Create the KDC-REQ grammar
> [DIRKRB-77] - Adapt the error messages we use in grammars
> [DIRKRB-78] - Add tests for all the grammars
>
>
> Here are the associated links :
>
> ApacheDS 2.0.0-M16
> ------------------
> - SVN tag :
>
> http://svn.apache.org/r1575355
>
> https://svn.apache.org/repos/asf/directory/apacheds/tags/2.0.0-M16/
>
> - Nexus repository:
> https://repository.apache.org/content/repositories/orgapachedirectory-1002/
>
> - Distribution packages:
> http://people.apache.org/~elecharny
>
>
> [ ] +1 : release ApacheDS 2.0.0-M16
> [ ] ± 0 : I don't care
> [ ] -1 : No, don't release ApacheDS 2.0.0-M16
>
> -- Regards, Cordialement, Emmanuel Lécharny www.iktek.com
>
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny
> www.iktek.com
>
Re: [VOTE] Release of Apache Directory Server 2.0.0-M16, take 2
Posted by Stefan Seelmann <ma...@stefan-seelmann.de>.
> [X] +1 : release ApacheDS 2.0.0-M16
Verified checksums and signatures.
Checked and built source.
Tested installer on Windows 7.
Kind Regards,
Stefan
Re: [VOTE] Release of Apache Directory Server 2.0.0-M16, take 2
Posted by Felix Knecht <fe...@apache.org>.
> [X] +1 : release ApacheDS 2.0.0-M16
Looks good to me.
Thanks
Felix
Result [VOTE] Release of Apache Directory Server 2.0.0-M16, take
2
Posted by Emmanuel Lécharny <el...@gmail.com>.
I close the vote with 5 +1 :
* Felix
* Kiran
* Pierre-Arnaud
* Stefan
and me.
I'll do the upload and update the web site today.
Thanks !
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com