1 2007-01-08  Aaron Arthurs  <ajarthu@uark.edu>

     2   *mod_auth_form 2.05:

     3   - BUGFIXES:

     4     -- BUG #7: MySQL SSL directives mismatch the internal data structure

     5        FIX: Matched the MySQL SSL directives

     6     -- BUG #8: Query string/cookie values are not decoded

     7        FIX: URL-decode the query string/cookie values 

     8     -- BUG #9: The apostrophe from the query string/cookie values is

     9        not escaped

    10        FIX: Backslash apostrophes

    11     -- BUG #10: Memory under-allocation for MySQL record results

    12        FIX: Factor in the byte-size of pointers

    13        (thanks Peter Schlaf <peter.schlaf@web.de>)

    14     -- BUG #11: Reverse proxys are not detected during redirections

    15        FIX: Detect and read X-Forwarded-Server as the hostname

    16        (thanks Peter Schlaf <peter.schlaf@web.de>)

    17     -- BUG #12: Unneeded global variables are causing thread-safety issues

    18        FIX: Removed unneeded global variables in favor of function parameters

    19   - configure:

    20   -- Look for apr_hooks.h for RPM-layout compatibility

    21   -- Check for libmysqlclient_r (thread-safe MySQL library)

    22   -- Check for SSL support in the MySQL library

    23 

    24 

    25 2006-06-24  Aaron Arthurs  <ajarthu@uark.edu>

    26   *mod_auth_form 2.04:

    27   - Apache 2.2.x compatibility fixes:

    28   -- Use APR_OFFSETOF instead of APR_XtOffsetOf

    29   -- Use ap_http_scheme instead of ap_http_method

    30   - Added AuthFormMySQLSocket

    31   - Added MySQL SSL support

    32   -- AuthFormMySQLSSL

    33   -- AuthFormMySQLSSLKey

    34   -- AuthFormMySQLSSLCert

    35   -- AuthFormMySQLSSLCA

    36   -- AuthFormMySQLSSLCAPath

    37   -- AuthFormMySQLSSLCipherList

    38   - Upgraded to aclocal-1.9

    39   - Added libtool versioning

    40   - 'make install' no longer:

    41   -- Restarts the Apache2 server

    42   -- Edits the main Apache2 configuration file

    43 

    44 

    45 2005-10-13  Aaron Arthurs  <ajarthu@uark.edu>

    46   *mod_auth_form 2.03:

    47   - BUGFIXES:

    48     -- BUG #5: Similiarly named variables in condition statements

    49        are interpreted as the same variable

    50        FIX: Made the variable parser for the query string/cookie

    51        more restrictive

    52        (thanks Andrei Nazarenko <a.nazarenko@gmail.com>)

    53     -- BUG #6: When the module cannot connect to a MySQL server,

    54        it allows everyone access to restricted pages

    55        FIX: The module sends a FORBIDDEN message when it

    56        cannot connect to a MySQL server

    57   - Set some CGI environment variables

    58     -- AP_MAF_VERSION

    59     -- AP_MAF_DESCRIPTION

    60     -- AP_MAF_ENABLED

    61     -- AP_MAF_UID

    62   - Added AuthFormMySQLPort

    63   - Added AuthFormSessionDelete

    64   - if AuthFormPageLogin is not specified, the module passes

    65     authorization to other modules

    66   - Made the 'configure' script friendlier

    67 

    68 

    69 2005-06-21  Aaron Arthurs  <ajarthu@uark.edu>

    70   *mod_auth_form 2.02:

    71   - BUGFIXES:

    72     -- BUG #3: AuthFormMySQLFieldGID does not default to 'gid'

    73        FIX: Defaulted AuthFormMySQLFieldGID to 'gid'

    74     -- BUG #4: When using 'Require user user1 user2 ...',

    75        AuthFormMySQLFieldGID must be specified

    76        FIX: Removed check for AuthFormMySQLFieldGID

    77        (thanks Andrei Nazarenko <a.nazarenko@gmail.com>)

    78   - Added auto-refresh feature

    79     -- AuthFormSessionAutoRefresh

    80     -- AuthFormPageAutoRefresh

    81   - Added 'last visited, unauthorized page' feature

    82     -- AuthFormLastPageKey

    83   - For group management, extract GIDs from all records

    84     (not just one) with matching UIDs

    85 

    86 

    87 2005-02-14  Aaron Arthurs  <ajarthu@uark.edu>

    88   *mod_auth_form 2.01:

    89   - BUGFIXES:

    90     -- BUG #1: Users are sometimes redirected to the login page

    91        during a valid session.

    92        FIX: Added missing braces in 'parse_condition_vars'

    93        (thanks Martin Daur <m.daur@beam.ag>)

    94     -- BUG #2: Some spaces are lost during the variable parsing

    95        FIX: Changed some of the logic in 'parse_condition_vars'

    96        during variable mode

    97   - Passed the Tracking and GID table conditions to

    98     'parse_condition_vars'

    99 

   100 

   101 2004-12-26  Aaron Arthurs  <ajarthu@uark.edu>

   102   * mod_auth_form 2.0:

   103   - Removed the following directives.

   104     -- AuthFormMySQLFieldSID

   105     -- AuthFormSessionKeyUID

   106     -- AuthFormSessionKeySID

   107   - Changed the module's priority in Apache to 'REALLY FIRST' as

   108     opposed to 'MIDDLE'.

   109   - Added MySQL grouping (parenthesis) to the conditions 'AuthFormMySQLTableCondition' and 'AuthFormMySQLTableSIDCondition'.

   110   - Re-defined 'AuthFormMySQLTableSIDCondition' as being the session validation condition.

   111     -- Set its default value to "sid=$sid AND uid=$uid".

   112   - Added value placeholder capabilities for the condition directives.

   113   - Took out some extraneous functions and definitions.

   114   - Took out '!STANDARD20_MODULE_STUFF' conditional code.

   115 

   116   * Unix distribution: created automake/autoconf files.

   117 

   118 

   119 2004-07-25  Aaron Arthurs  <ajarthu@uark.edu>

   120   * mod_auth_form 1.0: programmed for MySQL 4.1+ and Apache 2.x.