2.3.2 (2024-02-19)

Bug Fixes

• remove spinlock in monitoring code (#405) (a2c151b)

2.3.1 (2024-02-12)

Features

• allow tracing configuration via main config (f692394)
• introduce context for otlp spans into handler pkg (d05630f)
• introduce context for otlp spans into plugins pkg (46e49b6)
• introduce otelsql (2ca5312)
• introduce otlp tracer (0cf0403)
• wire up basic tracer (1c2b23c)

Bug Fixes

• drop vendored toml (24455e3)
• formatting (c90cbfe)
• go test not checking otp within allowed basedn (#403) (ed52a91)
• move all toml parsing into a new internal package, drop the mappings in favour of toml.Primitive decoding (3ba8e11)
• removed config setup from main, reshoring log configuration (5fe8aca)
• update tracing code to work with breaking otlp 1.20 changes (1a37396)
• upgrade to use BurntSushi/toml (f9addbc)

Miscellaneous Chores

• release 2.3.1 (0bf3d4a)

2.3.0 (2023-10-02)

⚠ BREAKING CHANGES

• plugins: Rename the groups table to ldapgroups (#326)

Features

• Update migration code to support table names (#339) (349431c)

Bug Fixes

• plugins: Rename the groups table to ldapgroups (#326) (675b236)

Miscellaneous Chores

• release 2.3.0 (0c11325)

The highlights of this maintenance release are:

• fix to plugin incompatibility (sorry!)
• allow custom S3 endpoint to be used

Pull requests:

• users is an organizational unit
• chore: remove refs to deprecated io/ioutil
• Update the TRIM_FLAGS to use -trimpath
• Allow custom S3 endpoint to be used
• Sum types, preparation

Future releases should come with cleaner release notes!

Cross-platform changes:

• No SysLog on Windows (#289)

Code quality:

• CodeSee integration
• Add CodeQL workflow for GitHub code scanning (#295)

Correctness:

• Construct DNs under ou=users for uniqueMember group attribute
• Use NameFormat/GroupFormat when constructing RDN attributes
• Brian Candler (@candlerb) completed the above by making sure they were supported where it matters
• The directory structure can be navigated up and down using any LDAP browser
• searchMaybePosixAccounts: add filter to respect searchBaseDN (#304)
• Feature: introduce legacy behavior, based on past versions (#318)

Security/Updates:

• Bump golang.org/x/crypto in /v2
• Update Go Versions to 1.19, 1.20 (#314)
• Added anonymousdse backend option to config sample (#316)

Qualify of life:

• Add devcontainer (#306)
• Add help command to Makefile (#307)
• Update go.work to 1.19 (#315)

What's Changed

• add link to documentation, only discovered it while perusing issues list by @dlitster in https://github.com/glauth/glauth/pull/276
• Plugin: Unix PAM Authentication (https://github.com/glauth/glauth/pull/263) by @Fusion in https://github.com/glauth/glauth/pull/277
• Move plugins to their own repos by @Fusion in https://github.com/glauth/glauth/pull/283
• Prometheus exported by @Fusion in https://github.com/glauth/glauth/pull/284
• Feature/zerolog by @Fusion in https://github.com/glauth/glauth/pull/285
• Feature/check config by @Fusion in https://github.com/glauth/glauth/pull/286
• Dev to Master for 2.2.0-RC1 by @Fusion in https://github.com/glauth/glauth/pull/287
• Dev -> Master get rid of old Docker files by @Fusion in https://github.com/glauth/glauth/pull/288

Full Changelog: https://github.com/glauth/glauth/compare/v2.1.0...v2.2.0-RC1

Warning

While this release does not introduce breaking changes, if you are using database plugins you should ensure that the database schema is correct.

Enhancements

• Custom Attributes #240
• Multi Cfg #233
• V2 hierarchy #228
• 'Airgapping' web assets for security and preventing breakage #227
• Assets: use stdlib "embed" package (thanks @hdonnay!) #200
• Internal Stats -- performance view #221
• Docker with plugins, distroless #217
• Capabilities #214
• Create and push docker image using podman #209
• Getting rid of Travis CI now that it doesn't support FOSS anymore.
• Any way to change objectClass? #239
• Restrict service login #231
• employeeType attribute #232
• jpegPhoto attribute #225
• Support multiple configuration files via a conf.d like directory (Beta!) #223

Bugfixes

• Cant enumerate groups or members of groups #86
• With the database plugins, the database config line is printed to syslog if syslog is enabled #213
• User serviceuser primary group is not svcaccts. #208
• Fix 'ou' regression #246 #252

Warning

While this release does not introduce breaking changes, if you are using database plugins you should ensure that the database schema is correct.

Enhancements

• Custom Attributes #240
• Multi Cfg #233
• V2 hierarchy #228
• 'Airgapping' web assets for security and preventing breakage #227
• Assets: use stdlib "embed" package (thanks @hdonnay!) #200
• Internal Stats -- performance view #221
• Docker with plugins, distroless #217
• Capabilities #214
• Create and push docker image using podman #209
• Getting rid of Travis CI now that it doesn't support FOSS anymore.
• Any way to change objectClass? #239
• Restrict service login #231
• employeeType attribute #232
• jpegPhoto attribute #225
• Support multiple configuration files via a conf.d like directory (Beta!) #223

Bugfixes

• Cant enumerate groups or members of groups #86
• With the database plugins, the database config line is printed to syslog if syslog is enabled #213
• User serviceuser primary group is not svcaccts. #208

The long-awaited v2.0.0 release, ready to rock after two weeks in RC status.

Enhancements

• Backends: Support for Database Backends Plugins (starting with MySQL, SQLite, Postgres) Database plugins #133

• Backends: Backends acting as middleware: added the [[Backends]] configuration directive while retaining backward compatibility with [Backend] Database plugins #133

• Backends: When chaining backends, any backend can be used to inject OTP value in password, before reaching a non-OTP-aware backend Database plugins #133

• Backends: Add provisional support for writeable backends (those that will support write operations only) -- no commitment to support write operations at this time add support for writehandlers #135

• Compatibility: Enable root DSE query #158

• Compatibility: Allow bind operations with no group provided #205

• Compatibility: Support for userPrincipalName binding and browsing. #206

• Compatibility: Handling of special "1.1" attributes filter meaning "I do not want attributes" (RFC 4511, 4.5.1.8)

• Compatibility: Support for "want types only" queries, even when proxying

• Compatibility: Augmented root DSS and schema discovery based on content of schema directory

• Compatibility: SubSchema query can return a minimal set, freeipa or openldap's schemas

• Configuration: Variable "unixid" is now respectively "UIDNumber" and "GIDNumber" for… #201

• Configuration: (@fanlix) Config file hot reload doesn't work #132

• Configuration: Add LDAP listen flags #169

• Platforms: Mac M1 Support and LDAP Req Attributes #192

• Platforms: Bulid and push multiarch docker images #142

• Testing: Introducing goconvey testing and refactoring of config and ... #204

• Security: Stronger, salted paswords using bcrypt. #195

Bugfixes

• ldap filter memberOf does not work #186

• Empty BaseDN when searhing with Python ldap3 Empty BaseDN when searhing with Python ldap3 #168

• uidnumber or unixid? #144

• ARM (multiarch) docker image #141

• config: match shadowaccount objectclass #136

• UserPrincipalName support as User attribute #129

• Config backend should allow users to bind without specifying group name #98

• Space in search BaseDN causes request to fail #68

• postgres backend #118

• mysql backend #117

• Additional Backends #11

• fix owncloud backend issues #128

• check owncloud status code is ok #153

• Implement Password Salting and Hash Incrementing #3

• Suggestion: add bcrypt / Argon2 password hashing #179

• Not able to connect glAuth server #147

• Config file hot reload doesn't work #132

• allow clean shutdown #126

• glauth does not work with gitea #183

• Invalid AWS region: ap-south-1 #182

• Add Configuration Option to Allow Annon Binding #5

• Need fix Travis CI API wiring #193

• Allow using configmaps when deploying in kubernetes #161

• Makefile compatiblility #134

• unable to build on ubuntu 18.04.4 LTS #130

• Write Unit Tests #10

• Link to a public chat, eg gitter or matrix #166

• Suggestion: enable wiki for documentation #127

• Set up simple site #34

Under the hood

• Updated LDAP library to support UTF8 and case insensitive chars Feature/upgrade ldap library version #194 FYI updated LDAP library #188
• LDAP backend: req. attribute injected in response if missing
• Use functional options for handlers and the server use functional options pattern to inject logr #124
  • logr interface is passed around for logging
  • a wrapper for the go-logging lib is provided
• Refactored non-proxied backends Introducing goconvey testing and refactoring of config and ... #204

This release fixes a few bugs, refactors the codebase to make it reusable in other projects and adds an (experimental) ownCloud backend. Scraping the v1.1.2 dev PR we can see these interesting commits:

Enhancements

• Add support for including groups in groups #23
• Add App Password Support #60 - implements #54
• Allow for configuring DN format #57
• Add shadow account support #84 - implements #81
• owncloud10 backend graphapi #104

Changes

• Refactor packages #105 - allows better reuse of the packages

Bugfixes

• Expose LDAPS ports in Docker container #49
• Fix wrong env for arm32 #52 - fixes #51
• 9f349d1 - fixes String formatting not working #64
• Update host #70 - for correct port forwarding in docker
• Fix unkeyed fields #80 - fixes Fix Issues found using Go Vet #43
• Fix mutex #88 - fixes Fix Issues found using Go Vet #43

I also tried to use travis to deploy a draft release using a new machine user @glauth-ci which led to several unneeded merges to master after manually merging the dev branch, but it should work now.

I'll set up a new dev branch now and cleanup the milestones.

Cheers!

@butonic - new co-maintainer, trying to help @benyanke get things rolling again.