1 # $Id: ChangeLog,v 1.64 2005/09/04 03:34:00 cinergi Exp $
4 * BUGFIX: Bug ID 1244484 - Connect timeout broke ability to connect to
5 MySQL server on some platforms.
9 * CHANGE: Read [libnss-mysql] and [client] sections in /etc/my.cnf;
10 Removed these options from libnss-mysql.cfg: timeout, compress,
15 * NEW: Configuration file line continuation is now supported. See
18 * NEW: Static allocation of query line (2048 chars) allows multiple
19 references to the key being looked up - e.g. "SELECT ... FROM
20 ... WHERE foo='%1$s' AND bar='%1$s'"
22 * BUGFIX: Removed extraneous UNLOCK that caused thread instability
23 due to changes in version 1.2
25 * BUGFIX: Added atexit() handler to close MySQL connection upon process
26 exit. Should clear up any "Aborted connection [...]
27 Got an error reading communication packets" messages in the
28 MySQL server logs if you have warnings turned on
30 * BUGFIX: Added missing Makefile path to <OS>.sym
32 * CHANGE: Safely purge MySQL password at program exit
34 * CHANGE: Big changes in config parsing; [section]'s are meaningless
35 and safely ignored, but should be removed
37 * CHANGE: Static allocation of configuration variables
39 * CHANGE: Prefer static MySQL libraries over dynamic; Removed
40 forced-static-link from RPM spec file since this change makes
43 * CHANGE: Moved sources to src/ and aux files to aux/
45 * CHANGE: Send a syslog if number of columns returned != expected #
47 * CHANGE: (Internal) code and support file cleanup; comments
51 * BUGFIX: euid-change detection was broken, causing things like
52 privsep-enabled SSH daemons to be unable to log in a MySQL user.
53 Thanks to Mike Noordermeer for the patch.
55 * BUGFIX: Fixed broken 'initcmd' option
57 * CHANGE: Minimum supported MySQL version is 3.23.09
59 * CHANGE: Removed 'ssl' config option - it's not supposed to be used by
64 * CHANGE: 'configure' now takes just --with-mysql to specify MySQL
65 location instead of two separate (--with-mysql-inc and
66 --with-mysql-lib) options. The following base locations
67 are automatically searched in this order: /usr, /usr/local,
68 /usr/local/mysql, /opt/local, /opt/local/mysql.
70 * BUGFIX: Try query a few more times if it fails; corrects issues with
71 reset idle connections which should result in a valid reconnect
72 and query, but caused 1 'user unknown' error.
74 * BUGFIX: Groups without members weren't showing up in getgrent's
76 * BUGFIX: Don't leak any symbols except what's necessary - prevents
77 problems with differing MySQL library versions. Classic
78 example is Apache/PHP using different version than the one
79 statically linked in the libnss-mysql RPM. On Linux, this
80 requires libtool >= 1.5.2
82 * DOCS: The FreeBSD sample now contains proper shadow implementation.
83 ! PREVIOUS SAMPLES ALLOWED NON-ROOT USERS TO SEE ENCRYPTED
86 * DOCS: Updated README to better suit FreeBSD installations
88 * DOCS: Added Q&A about -R necessity under older Solaris installations.
92 * NEW: FreeBSD (5.1+) is now supported
94 * CHANGE: Solaris makes use of two new columns in the getpw* routines
95 See the file UPGRADING for details
97 * CHANGE: Installation of libraries is handled better; as a result, a
98 'make uninstall' will remove libnss-mysql (except config files)
100 * CHANGE: -Bgroup and --allow-shlib-undefined linker options are no longer
101 used. Hopefully these really aren't necessary anymore
103 * CHANGE: Updated RPM SPEC file and removed the linker options above.
104 Minor shortcuts added
108 * NEW: Several new sample database and configuration files
110 * BUGFIX: Don't compile against threaded MySQL libraries. It was
113 * BUGFIX: Preallocate exactly as much memory as needed to create the
114 MySQL query string; fixes loops/errors with usernames that
117 * BUGFIX: Fixed cosmetic error reporting queries missing from config
119 * CHANGE: Only one server is supported. The multi-server code was
120 always buggy so I've decided to remove it, at least for 1.0.
121 It was also part of the looping mentioned above
123 * CHANGE: Renamed module from libnss_mysql to libnss-mysql for consistency.
124 This includes renaming configuration files. See UPGRADING for
127 * CHANGE: Removed all dependencies from RPM spec file
129 * CHANGE: Various documentation updates
133 * NEW: Added RPM SPEC file to distribution
135 * NEW: Lots of additional debugging in the mysql-specific code
137 * BUGFIX: Disable MySQL automatic reconnect. It's not safe in this
140 * BUGFIX: Try server #0 if all servers are marked down. Was causing
141 bogus NSS_UNAVAIL returns if connection had been lost
143 * BUGFIX: Failover/retry wasn't quit right - could cause infinite
144 loops and other erroneous conditions.
146 * BUGFIX: Don't mess up syslog identification names with our own name.
147 As such, there's no more 'configure' option to specify the
148 syslog facility to use
150 * BUGFIX: Fixed Solaris coredump when debug was on and a non-local
151 MySQL server was specified
153 * CHANGE: Create debug file with a umask of '000' so any process
156 * CHANGE: Removed [libnss_mysql] section for 'my.cnf' - use new options
157 directly in /etc/nss_mysql.cfg: ssl, timeout, compress,
158 initcmd. These new options are specified within each server
159 section (primary, secondary, etc). See sample configuration
162 * CHANGE: Added default connect timeout (override with 'timeout'
163 option in config - see above) to prevent deadlock
164 situations (could lock yourself out of a server if a
165 server became unreachable).
167 * CHANGE: Updated sample database: uid=primary autoincremeting key,
168 gid=primary autoincrementing key, default values for password
169 and shell, and cosmetic changes. Nothing major
171 * CHANGE: port & socket are now optional parameters in the config file
173 * CHANGE: Added another directory set to search for MySQL libs/includes
175 * CHANGE: Many updates to various documentation
179 * CHANGE: Don't send syslog messages to *.EMERG (causing console
180 spam) - send them to *.ALERT
182 * BUGFIX: Detect various linker options. Important to get around
183 inability to compile on slightly older Linux systems
184 (IE RedHat 7.1 - 7.2). Also fixes broken compile on
185 even older systems (RedHat 7.0, Corel 1.2/Debian 2.1)
187 * BUGFIX: Fixed compiler warnings when using older versions of MySQL
189 * BUGFIX: Properly detect MySQL 4 libraries
193 * NEW: Re-added debugging. You can send debug output to syslog,
194 stderr, or a file. See DEBUGGING for more information.
196 * CHANGE: CVS no longer includes files that can be generated using
197 autoconf/automake/libtool/etc ... Install these utilities
198 and use 'setup.sh' if you're building from CVS
200 * CHANGE: GNU 'make' is no longer required
202 * BUGFIX: Re-implemented uid check to make sure getsp* routines
203 couldn't be called by non-root users (which would create
204 syslog message regarding failed query attempts).
206 * BUGFIX: Fix nscd coredump under Solaris. Any programs that
207 tried to access pw->pw_comment and/or pw->pw_age would have
208 suffered the same fate.
210 * BUGFIX: Fixed crash/hang under certain circumstances (usually when
213 * BUGFIX: Don't re-create SQL query string every time we iterate
214 through a get*ent routine - will result in speedier lookups
216 * BUGFIX: Check for comment lines before checking for bracketed sections -
217 minor speed improvement
219 * BUGFIX: Reload config upon euid change - root privs are properly dropped
221 * BUGFIX: Don't *close* the sql connection upon fork - just invalidate
222 the child's version so it'll create a new connection.
224 * BUGFIX: Fixed deadlock issue for forking, multithreaded apps
228 * NEW: Support for Sun Workshop compiler
230 * NEW: Additional documentation on producing 64-bit version
232 * BUGFIX: Handle program forks properly - used to cause hangs,
233 improper data, crashes, etc ...
235 * BUGFIX: getgrmem() would hang in multi-threaded environment
237 * BUGFIX: Abort if Solaris backend couldn't be malloc'ed - was causing
238 inability to log in at single-user root password prompt
240 * BUGFIX: Correct handling of insufficient 'buffer' size.
241 Would have caused long hangs (or infinite loops) in Solaris.
243 * BUGFIX: Read my.cnf for EVERY server. Would cause ignored settings
244 like connect-timeout, leading to infinite hangs in outtages.
246 * BUGFIX: Don't attempt to run null/empty queries
248 * BUGFIX: General compile cleanups, including upgrade to Automake 1.6
252 * NEW: initgroup/getgrmem support. Some programs need these
253 routines to find out who's a member of what groups and
254 what groups have what members. Especially important
255 under Solaris where filesystem group access is done
257 THIS REQUIRES A CHANGE TO YOUR DATABASE. READ THE FILE
258 "UPGRADING" FOR MORE INFORMATION.
260 * NEW: Search for and use thread-safe MySQL library if available.
262 * CHANGE: Removed all debug code - for now. See the file UPGRADING.
264 * CHANGE: Syslog configuration done at compile-time. See the file
267 * CHANGE: Search a few more locations for MySQL library files.
269 * CHANGE: Major internal rewrite - to enable me to support other
272 * BUGFIX: specify '-L' before '-lmysqlclient' on link line; previously
273 caused 'missing library' errors.
275 * BUGFIX: Special linker options properly passed no matter what linker
278 * BUGFIX: Prevent any symbols from leaking outside this library.
279 Previously caused unexplained errors or core dumps.
281 * BUGFIX: Search for and use static MySQL libraries, too.
283 * BUGFIX: Don't disconnect/deallocate upon 'destruct' call (Solaris).
284 The code was not thread-safe, and is no longer necessary.
285 This was preventing persistent connections in some cases, too.
287 * BUGFIX: Store different MySQL results in different variables;
288 Enables interleaved 'ent' access of different databases.
290 * BUGFIX: Under certain circumstances, euid could be 0 but the
291 process couldn't read a root-owned mode 600 file. Now we
292 simply always try to open the file - meaning your
293 nss_mysql_root.cfg file better be root-owned, mode 600!
297 * No special configure/make arguments are necessary for Solaris.
298 You may, however, need to manually link the library. If you
299 encounter an error with an undefined symbol, read the FAQ.
301 * Fixed a couple of bus error conditions under Solaris/sparc.
303 * Fixed memory leak under Solaris.
305 * Fixed core dump with Solaris csh and ~username expansion.
306 This fix probably fixed other core dumps as well.
308 * Fixed compile error under Solaris 2.6 (no socklen_t)
310 * Upgraded to autoconf 2.53
312 * Rewrote connection handlers. CONFIG FILE CHANGES ARE REQUIRED. See
315 * Read [libnss_mysql] group in my.cnf
317 * Do some config validation before doing anything. Helps prevent
318 mysterious core dumping.
320 2002-08-28 Ben Goodwin <cinergi@users.sourceforge.net>
322 * *: CVS tag 0.3; Public release
324 * nss_main.c, lookup.c, mysql.c, nss_config.c, nss_mysql.h, nss_support.c:
325 turned 'conf' into a global variable instead of passing it around
328 * configure.in: Removed "-z nodelete" hack - didn't work
330 2002-08-27 Ben Goodwin <cinergi@users.sourceforge.net>
332 * configure.in: Added "-z nodelete" LD_OPTIONS hack to get around
333 strange dlopen-related solaris memory leak bug
335 * Automake.am: added -module arg to libtool
337 2002-08-23 Ben Goodwin <cinergi@users.sourceforge.net>
339 * lookup.c, lookup.h, memory.c, nss_config.c, nss_main.c,
340 nss_mysql.h, nss_support.h: Renamed memory functions to avoid
343 * lookup.c: Fixed memory leak
345 * lookup.h: Added CLOSE_RESULT in GET on the HAVE_NSS_COMMON_H side
346 of the house (to match the HAVE_NSS_H side)
348 * nss_main.c: (HAVE_NSS_COMMON_H) default destructor now closes MySQL
349 link - required due to the fact that the module is unloaded and
350 thus static vars are lost
352 * nss_config.c: Close config file handle when done with it
354 2002-08-22 Ben Goodwin <cinergi@users.sourceforge.net>
356 * mysql-grp.c, mysql-pwd.c, mysql-spwd.c: Added euid restrict -
357 don't allow non-root access to certain functions
359 * mysql.c: Added CLOSE_NOGRACE for when MySQL socket is stomped on
362 * nss_main.c, lookup.c, nss_config.c, nss_support.c: Header cleanup
364 * nss_mysql.h: Added CLOSE_NOGRACE flag. See mysql.h
367 * README: Solaris changes. Info about sample MySQL database. Prefix
370 * Makefile.am, Makefile.in, configure.in, configure: Solaris support.
371 *** NOTICE *** Default prefix has changed to / - configuration files
372 go in /etc by default; Linux libraries go in /lib and the Solaris
373 library goes in /usr/lib.
375 * lookup.h: (HAVE_NSS_H) setDBent/endDBent and NOT setDBent_r/endDBent_r
377 2002-08-21 Ben Goodwin <cinergi@users.sourceforge.net>
379 * nss_mysql.h: Added missing #ifdef HAVE_NSS_COMMON_H around a prototype
381 2002-08-20 Ben Goodwin <cinergi@users.sourceforge.net>
383 * sample/nss_mysql.cfg: Back to %d (well, %u) for numerical formats.
385 * nss_main.c: Removed all NSS API code and spread out to files below.
387 * lookup.c, lookup.h, mysql-grp.c, mysql-pwd.c, mysql-spwd.c:
388 NEW FILES. Moved most of the NSS API code out of nss_main.c to these
389 files. Also introduced working Solaris pieces.
391 * nss_mysql.h: moved pthread stuff here. Added include for nss_dbdefs.h
392 for Solaris (nss_common.h). Added NSS_ARGS macro (ripped from padl's
393 nss-ldap project). New source file (lookup.c) -> function proto's.
395 * Makefile.am, Makefile.in: Several files added to project
397 * mysql.c: _nss_mysql_run_query(): Don't check for valid query anymore
399 * nss_mysql.h, nss_main.c: (const char *) for debug routine's FUNCTION arg
401 2002-08-19 Ben Goodwin <cinergi@users.sourceforge.net>
403 * mysql.c: _nss_mysql_run_query(): Check for valid query ONCE before
406 2002-08-17 Ben Goodwin <cinergi@users.sourceforge.net>
408 * acconfig.h: Added HAVE_LOG_FTP - configure.in sets this value now
410 * nss_config.c: Only use LOG_FTP on systems that have it.
412 * nss_mysql.h: HAVE_NSSWITCH_H should have been HAVE_NSS_COMMON_H.
413 Needed to define NSS_STATUS when HAVE_NSS_COMMON_H is defined.
415 2002-08-16 Ben Goodwin <cinergi@users.sourceforge.net>
417 * mysql.c: Call mysql_escape_string if MYSQL_VERSION_ID < 32300.
419 * configure, configure.in: New method for checking MySQL install location.
421 * config.h.in, nss_mysql.h: No longer need mysql/mysql.h header check.
423 * acinclude.m4: New file. Added mysql-finder function.
425 * aclocal.m4: Re-generated due to new acinclude.m4.
427 * TODO: The usual ...
429 2002-08-15 Ben Goodwin <cinergi@users.sourceforge.net>
431 * nss_mysql.h: Added proto for _nss_mysql_escape_string().
433 * nss_support.c: Fixed segfault WRT loading an empty PTCHAR
434 in _nss_mysql_liswb() and _nss_mysql_count_tokens().
436 * samples/sample_database.sql: New file
438 * nss_main.c: Protect getspent from being used by euid != 0.
439 Split #define's up for readability/flexibility.
440 Run arg passed (username/uid/etc.) through MySQL's string cleanser;
441 AS A RESULT ALL STRING FORMATS IN YOUR CONFIG MUST BE %s !!!
443 * mysql.c: Check for euid change.
444 Added _nss_mysql_escape_string().
446 * configure, configure.in: Version -> 0.3dev.
448 * TODO: Couple new items, prioritization; Got most-needed items done!
450 * README: Typo fix (s/DEBUG_NSS/debug_flags/). Better information
453 2002-08-14 Ben Goodwin <cinergi@users.sourceforge.net>
455 * *: CVS tag 0.2; Public release
457 2002-05-31 Ben Goodwin <ben@localhost>
459 * sample/nss_mysql.cfg: Added new debug_flags to [global] section
461 * nss_support.c: Moved MySQL state information here. This means that
462 ALL functions share the same state information (unlike before). So
463 it's possible for poor code to step on it's own *ent routines; I
464 found the glibc library uses the same state information for all
465 functions, so I felt comfortable with this move. I may be proven
467 Added a few functions so above state information can be accessed/set
468 outside this source file.
469 set ERANGE outside of find_eol
470 Assume that buffer and structure are not NULL (nss_mysql.c now ensures
472 CLOSE_ALL -> CLOSE_LINK; CLOSE_LINK now also CLOSE_RESULT's
473 Removed unnecessary \n's on debug lines
474 Check/set return types using enumerated constants instead of 0's and 1's
475 _nss_mysql_log_error changed to _nss_mysql_log with prio arg
476 removed debug - it's now in nss_mysql.c
478 * nss_mysql.h: Moved syslog.h here
479 Removed unused FSIZ macro
480 Removed unused D_ERROR; renumbered D_* defines
481 Removed unnecessary CLOSE_ALL. CLOSE_LINK must CLOSE_RESULT anyway
482 Removed unnecessary \n's on debug lines
483 Added #defines for some configuration defaults
485 Added boolean and return types so we check/set returns via enumurated
486 constants instead of 0's and 1's ...
487 Added debug_flags to conf.global
488 Rearranged some stuff for better readability
490 * nss_mysql.c: The ONLY static variable is conf now. All MySQL static
491 information moved to nss_support.c
492 Removed unnecessary \n's on debug lines
493 Added _nss_mysql_log (replaces _nss_mysql_log_error)
494 Set config defaults based on #defines in nss_mysql.h
495 Debug logs to syslog instead of a file now
497 * nss_config.c: Added "debug_flags" to config
498 Removed unnecessary \n's on debug lines
499 _nss_mysql_log_error changed to _nss_mysql_log with priority argument
500 Use enumerated constants for checking/setting return types
501 Set config defaults based on #defines in nss_mysql.h
503 * config.h.in: Added missing HAVE_LOG_AUTHPRIV
505 * acconfig.h, configure, configure.in: Debugging goes to syslog now.
506 No need for DEBUG_FILE
508 * TODO: I actually did a couple things on my list
510 * README: Debugging method changed. Updated dox to reflect that.
512 2002-05-30 Ben Goodwin <ben@localhost>
514 * nss_support.c: Syslogging moved to configurable component. Moved
515 _nss_mysql_log_error to nss_mysql.c
517 * nss_mysql.h: Syslogging moved to configurable component
519 * nss_mysql.c: Added function enter/exit debugging. Moved
520 _nss_mysql_log_error from nss_support.c to here
522 * nss_config.c: Added support for syslog facility/priority from config file
524 * acconfig.h, configure, configure.in: Added HAVE_LOG_AUTHPRIV
526 2002-05-29 Ben Goodwin <ben@localhost>
528 * sample/nss_mysql.cfg: Added new facility & priority options
530 * nss_config.c: Formatting
532 * configure, configure.in: Added license and revision info. Version
533 updated to 0.2d (in-development)
535 * config.h.in, acconfig.h: Better name for what is now HAVE___FUNC__
537 * Makefile.am, Makefile.in: License and revision info
539 * TODO: Let everyone know how I plan to take over the world
541 * AUTHORS, ChangeLog, NEWS, README: First-pass
543 * sample/nss_mysql_root.cfg: Added missing [server] entry
545 * Makefile.am, Makefile.in: Additional file to dist
549 * sample/nss_mysql_root.cfg: changed default password
551 2002-05-28 Ben Goodwin <ben@localhost>
555 * Makefile.am, Makefile.in: Specify files in the sample directory to
556 keep 'make dist' from adding CVS files to the distfile
558 * configure.in, configure: Added CVS revision tag
560 * Makefile.in: This should have been 1.1.1.1; Makefile.am was edited
561 but automake was never run. Oops ..
563 * nss_mysql.h, nss_support.c, nss_structures.c: Added license and rcsid
566 * nss_mysql.c: Added license and rcsid string. Fixed some formatting
569 * nss_config.c: Added license and rcsid string
571 * *: Initial import of nss-mysql