1 # $Id: ChangeLog,v 1.61 2004/11/13 17:07:54 cinergi Exp $
3 1.2 - 1.3 (NOT YET RELEASED)
5 * NEW: Configuration file line continuation is now supported. See
8 * NEW: Static allocation of query line (2048 chars) allows multiple
9 references to the key being looked up - e.g. "SELECT ... FROM
10 ... WHERE foo='%1$s' AND bar='%1$s'"
12 * BUGFIX: Removed extraneous UNLOCK that caused thread instability
13 due to changes in version 1.2
15 * BUGFIX: Added atexit() handler to close MySQL connection upon process
16 exit. Should clear up any "Aborted connection [...]
17 Got an error reading communication packets" messages in the
18 MySQL server logs if you have warnings turned on
20 * BUGFIX: Added missing Makefile path to <OS>.sym
22 * CHANGE: Safely purge MySQL password at program exit
24 * CHANGE: Big changes in config parsing; [section]'s are meaningless
25 and safely ignored, but should be removed
27 * CHANGE: Static allocation of configuration variables
29 * CHANGE: Prefer static MySQL libraries over dynamic; Removed
30 forced-static-link from RPM spec file since this change makes
33 * CHANGE: Moved sources to src/ and aux files to aux/
35 * CHANGE: Send a syslog if number of columns returned != expected #
37 * CHANGE: (Internal) code and support file cleanup; comments
41 * BUGFIX: euid-change detection was broken, causing things like
42 privsep-enabled SSH daemons to be unable to log in a MySQL user.
43 Thanks to Mike Noordermeer for the patch.
45 * BUGFIX: Fixed broken 'initcmd' option
47 * CHANGE: Minimum supported MySQL version is 3.23.09
49 * CHANGE: Removed 'ssl' config option - it's not supposed to be used by
54 * CHANGE: 'configure' now takes just --with-mysql to specify MySQL
55 location instead of two separate (--with-mysql-inc and
56 --with-mysql-lib) options. The following base locations
57 are automatically searched in this order: /usr, /usr/local,
58 /usr/local/mysql, /opt/local, /opt/local/mysql.
60 * BUGFIX: Try query a few more times if it fails; corrects issues with
61 reset idle connections which should result in a valid reconnect
62 and query, but caused 1 'user unknown' error.
64 * BUGFIX: Groups without members weren't showing up in getgrent's
66 * BUGFIX: Don't leak any symbols except what's necessary - prevents
67 problems with differing MySQL library versions. Classic
68 example is Apache/PHP using different version than the one
69 statically linked in the libnss-mysql RPM. On Linux, this
70 requires libtool >= 1.5.2
72 * DOCS: The FreeBSD sample now contains proper shadow implementation.
73 ! PREVIOUS SAMPLES ALLOWED NON-ROOT USERS TO SEE ENCRYPTED
76 * DOCS: Updated README to better suit FreeBSD installations
78 * DOCS: Added Q&A about -R necessity under older Solaris installations.
82 * NEW: FreeBSD (5.1+) is now supported
84 * CHANGE: Solaris makes use of two new columns in the getpw* routines
85 See the file UPGRADING for details
87 * CHANGE: Installation of libraries is handled better; as a result, a
88 'make uninstall' will remove libnss-mysql (except config files)
90 * CHANGE: -Bgroup and --allow-shlib-undefined linker options are no longer
91 used. Hopefully these really aren't necessary anymore
93 * CHANGE: Updated RPM SPEC file and removed the linker options above.
98 * NEW: Several new sample database and configuration files
100 * BUGFIX: Don't compile against threaded MySQL libraries. It was
103 * BUGFIX: Preallocate exactly as much memory as needed to create the
104 MySQL query string; fixes loops/errors with usernames that
107 * BUGFIX: Fixed cosmetic error reporting queries missing from config
109 * CHANGE: Only one server is supported. The multi-server code was
110 always buggy so I've decided to remove it, at least for 1.0.
111 It was also part of the looping mentioned above
113 * CHANGE: Renamed module from libnss_mysql to libnss-mysql for consistency.
114 This includes renaming configuration files. See UPGRADING for
117 * CHANGE: Removed all dependencies from RPM spec file
119 * CHANGE: Various documentation updates
123 * NEW: Added RPM SPEC file to distribution
125 * NEW: Lots of additional debugging in the mysql-specific code
127 * BUGFIX: Disable MySQL automatic reconnect. It's not safe in this
130 * BUGFIX: Try server #0 if all servers are marked down. Was causing
131 bogus NSS_UNAVAIL returns if connection had been lost
133 * BUGFIX: Failover/retry wasn't quit right - could cause infinite
134 loops and other erroneous conditions.
136 * BUGFIX: Don't mess up syslog identification names with our own name.
137 As such, there's no more 'configure' option to specify the
138 syslog facility to use
140 * BUGFIX: Fixed Solaris coredump when debug was on and a non-local
141 MySQL server was specified
143 * CHANGE: Create debug file with a umask of '000' so any process
146 * CHANGE: Removed [libnss_mysql] section for 'my.cnf' - use new options
147 directly in /etc/nss_mysql.cfg: ssl, timeout, compress,
148 initcmd. These new options are specified within each server
149 section (primary, secondary, etc). See sample configuration
152 * CHANGE: Added default connect timeout (override with 'timeout'
153 option in config - see above) to prevent deadlock
154 situations (could lock yourself out of a server if a
155 server became unreachable).
157 * CHANGE: Updated sample database: uid=primary autoincremeting key,
158 gid=primary autoincrementing key, default values for password
159 and shell, and cosmetic changes. Nothing major
161 * CHANGE: port & socket are now optional parameters in the config file
163 * CHANGE: Added another directory set to search for MySQL libs/includes
165 * CHANGE: Many updates to various documentation
169 * CHANGE: Don't send syslog messages to *.EMERG (causing console
170 spam) - send them to *.ALERT
172 * BUGFIX: Detect various linker options. Important to get around
173 inability to compile on slightly older Linux systems
174 (IE RedHat 7.1 - 7.2). Also fixes broken compile on
175 even older systems (RedHat 7.0, Corel 1.2/Debian 2.1)
177 * BUGFIX: Fixed compiler warnings when using older versions of MySQL
179 * BUGFIX: Properly detect MySQL 4 libraries
183 * NEW: Re-added debugging. You can send debug output to syslog,
184 stderr, or a file. See DEBUGGING for more information.
186 * CHANGE: CVS no longer includes files that can be generated using
187 autoconf/automake/libtool/etc ... Install these utilities
188 and use 'setup.sh' if you're building from CVS
190 * CHANGE: GNU 'make' is no longer required
192 * BUGFIX: Re-implemented uid check to make sure getsp* routines
193 couldn't be called by non-root users (which would create
194 syslog message regarding failed query attempts).
196 * BUGFIX: Fix nscd coredump under Solaris. Any programs that
197 tried to access pw->pw_comment and/or pw->pw_age would have
198 suffered the same fate.
200 * BUGFIX: Fixed crash/hang under certain circumstances (usually when
203 * BUGFIX: Don't re-create SQL query string every time we iterate
204 through a get*ent routine - will result in speedier lookups
206 * BUGFIX: Check for comment lines before checking for bracketed sections -
207 minor speed improvement
209 * BUGFIX: Reload config upon euid change - root privs are properly dropped
211 * BUGFIX: Don't *close* the sql connection upon fork - just invalidate
212 the child's version so it'll create a new connection.
214 * BUGFIX: Fixed deadlock issue for forking, multithreaded apps
218 * NEW: Support for Sun Workshop compiler
220 * NEW: Additional documentation on producing 64-bit version
222 * BUGFIX: Handle program forks properly - used to cause hangs,
223 improper data, crashes, etc ...
225 * BUGFIX: getgrmem() would hang in multi-threaded environment
227 * BUGFIX: Abort if Solaris backend couldn't be malloc'ed - was causing
228 inability to log in at single-user root password prompt
230 * BUGFIX: Correct handling of insufficient 'buffer' size.
231 Would have caused long hangs (or infinite loops) in Solaris.
233 * BUGFIX: Read my.cnf for EVERY server. Would cause ignored settings
234 like connect-timeout, leading to infinite hangs in outtages.
236 * BUGFIX: Don't attempt to run null/empty queries
238 * BUGFIX: General compile cleanups, including upgrade to Automake 1.6
242 * NEW: initgroup/getgrmem support. Some programs need these
243 routines to find out who's a member of what groups and
244 what groups have what members. Especially important
245 under Solaris where filesystem group access is done
247 THIS REQUIRES A CHANGE TO YOUR DATABASE. READ THE FILE
248 "UPGRADING" FOR MORE INFORMATION.
250 * NEW: Search for and use thread-safe MySQL library if available.
252 * CHANGE: Removed all debug code - for now. See the file UPGRADING.
254 * CHANGE: Syslog configuration done at compile-time. See the file
257 * CHANGE: Search a few more locations for MySQL library files.
259 * CHANGE: Major internal rewrite - to enable me to support other
262 * BUGFIX: specify '-L' before '-lmysqlclient' on link line; previously
263 caused 'missing library' errors.
265 * BUGFIX: Special linker options properly passed no matter what linker
268 * BUGFIX: Prevent any symbols from leaking outside this library.
269 Previously caused unexplained errors or core dumps.
271 * BUGFIX: Search for and use static MySQL libraries, too.
273 * BUGFIX: Don't disconnect/deallocate upon 'destruct' call (Solaris).
274 The code was not thread-safe, and is no longer necessary.
275 This was preventing persistent connections in some cases, too.
277 * BUGFIX: Store different MySQL results in different variables;
278 Enables interleaved 'ent' access of different databases.
280 * BUGFIX: Under certain circumstances, euid could be 0 but the
281 process couldn't read a root-owned mode 600 file. Now we
282 simply always try to open the file - meaning your
283 nss_mysql_root.cfg file better be root-owned, mode 600!
287 * No special configure/make arguments are necessary for Solaris.
288 You may, however, need to manually link the library. If you
289 encounter an error with an undefined symbol, read the FAQ.
291 * Fixed a couple of bus error conditions under Solaris/sparc.
293 * Fixed memory leak under Solaris.
295 * Fixed core dump with Solaris csh and ~username expansion.
296 This fix probably fixed other core dumps as well.
298 * Fixed compile error under Solaris 2.6 (no socklen_t)
300 * Upgraded to autoconf 2.53
302 * Rewrote connection handlers. CONFIG FILE CHANGES ARE REQUIRED. See
305 * Read [libnss_mysql] group in my.cnf
307 * Do some config validation before doing anything. Helps prevent
308 mysterious core dumping.
310 2002-08-28 Ben Goodwin <cinergi@users.sourceforge.net>
312 * *: CVS tag 0.3; Public release
314 * nss_main.c, lookup.c, mysql.c, nss_config.c, nss_mysql.h, nss_support.c:
315 turned 'conf' into a global variable instead of passing it around
318 * configure.in: Removed "-z nodelete" hack - didn't work
320 2002-08-27 Ben Goodwin <cinergi@users.sourceforge.net>
322 * configure.in: Added "-z nodelete" LD_OPTIONS hack to get around
323 strange dlopen-related solaris memory leak bug
325 * Automake.am: added -module arg to libtool
327 2002-08-23 Ben Goodwin <cinergi@users.sourceforge.net>
329 * lookup.c, lookup.h, memory.c, nss_config.c, nss_main.c,
330 nss_mysql.h, nss_support.h: Renamed memory functions to avoid
333 * lookup.c: Fixed memory leak
335 * lookup.h: Added CLOSE_RESULT in GET on the HAVE_NSS_COMMON_H side
336 of the house (to match the HAVE_NSS_H side)
338 * nss_main.c: (HAVE_NSS_COMMON_H) default destructor now closes MySQL
339 link - required due to the fact that the module is unloaded and
340 thus static vars are lost
342 * nss_config.c: Close config file handle when done with it
344 2002-08-22 Ben Goodwin <cinergi@users.sourceforge.net>
346 * mysql-grp.c, mysql-pwd.c, mysql-spwd.c: Added euid restrict -
347 don't allow non-root access to certain functions
349 * mysql.c: Added CLOSE_NOGRACE for when MySQL socket is stomped on
352 * nss_main.c, lookup.c, nss_config.c, nss_support.c: Header cleanup
354 * nss_mysql.h: Added CLOSE_NOGRACE flag. See mysql.h
357 * README: Solaris changes. Info about sample MySQL database. Prefix
360 * Makefile.am, Makefile.in, configure.in, configure: Solaris support.
361 *** NOTICE *** Default prefix has changed to / - configuration files
362 go in /etc by default; Linux libraries go in /lib and the Solaris
363 library goes in /usr/lib.
365 * lookup.h: (HAVE_NSS_H) setDBent/endDBent and NOT setDBent_r/endDBent_r
367 2002-08-21 Ben Goodwin <cinergi@users.sourceforge.net>
369 * nss_mysql.h: Added missing #ifdef HAVE_NSS_COMMON_H around a prototype
371 2002-08-20 Ben Goodwin <cinergi@users.sourceforge.net>
373 * sample/nss_mysql.cfg: Back to %d (well, %u) for numerical formats.
375 * nss_main.c: Removed all NSS API code and spread out to files below.
377 * lookup.c, lookup.h, mysql-grp.c, mysql-pwd.c, mysql-spwd.c:
378 NEW FILES. Moved most of the NSS API code out of nss_main.c to these
379 files. Also introduced working Solaris pieces.
381 * nss_mysql.h: moved pthread stuff here. Added include for nss_dbdefs.h
382 for Solaris (nss_common.h). Added NSS_ARGS macro (ripped from padl's
383 nss-ldap project). New source file (lookup.c) -> function proto's.
385 * Makefile.am, Makefile.in: Several files added to project
387 * mysql.c: _nss_mysql_run_query(): Don't check for valid query anymore
389 * nss_mysql.h, nss_main.c: (const char *) for debug routine's FUNCTION arg
391 2002-08-19 Ben Goodwin <cinergi@users.sourceforge.net>
393 * mysql.c: _nss_mysql_run_query(): Check for valid query ONCE before
396 2002-08-17 Ben Goodwin <cinergi@users.sourceforge.net>
398 * acconfig.h: Added HAVE_LOG_FTP - configure.in sets this value now
400 * nss_config.c: Only use LOG_FTP on systems that have it.
402 * nss_mysql.h: HAVE_NSSWITCH_H should have been HAVE_NSS_COMMON_H.
403 Needed to define NSS_STATUS when HAVE_NSS_COMMON_H is defined.
405 2002-08-16 Ben Goodwin <cinergi@users.sourceforge.net>
407 * mysql.c: Call mysql_escape_string if MYSQL_VERSION_ID < 32300.
409 * configure, configure.in: New method for checking MySQL install location.
411 * config.h.in, nss_mysql.h: No longer need mysql/mysql.h header check.
413 * acinclude.m4: New file. Added mysql-finder function.
415 * aclocal.m4: Re-generated due to new acinclude.m4.
417 * TODO: The usual ...
419 2002-08-15 Ben Goodwin <cinergi@users.sourceforge.net>
421 * nss_mysql.h: Added proto for _nss_mysql_escape_string().
423 * nss_support.c: Fixed segfault WRT loading an empty PTCHAR
424 in _nss_mysql_liswb() and _nss_mysql_count_tokens().
426 * samples/sample_database.sql: New file
428 * nss_main.c: Protect getspent from being used by euid != 0.
429 Split #define's up for readability/flexibility.
430 Run arg passed (username/uid/etc.) through MySQL's string cleanser;
431 AS A RESULT ALL STRING FORMATS IN YOUR CONFIG MUST BE %s !!!
433 * mysql.c: Check for euid change.
434 Added _nss_mysql_escape_string().
436 * configure, configure.in: Version -> 0.3dev.
438 * TODO: Couple new items, prioritization; Got most-needed items done!
440 * README: Typo fix (s/DEBUG_NSS/debug_flags/). Better information
443 2002-08-14 Ben Goodwin <cinergi@users.sourceforge.net>
445 * *: CVS tag 0.2; Public release
447 2002-05-31 Ben Goodwin <ben@localhost>
449 * sample/nss_mysql.cfg: Added new debug_flags to [global] section
451 * nss_support.c: Moved MySQL state information here. This means that
452 ALL functions share the same state information (unlike before). So
453 it's possible for poor code to step on it's own *ent routines; I
454 found the glibc library uses the same state information for all
455 functions, so I felt comfortable with this move. I may be proven
457 Added a few functions so above state information can be accessed/set
458 outside this source file.
459 set ERANGE outside of find_eol
460 Assume that buffer and structure are not NULL (nss_mysql.c now ensures
462 CLOSE_ALL -> CLOSE_LINK; CLOSE_LINK now also CLOSE_RESULT's
463 Removed unnecessary \n's on debug lines
464 Check/set return types using enumerated constants instead of 0's and 1's
465 _nss_mysql_log_error changed to _nss_mysql_log with prio arg
466 removed debug - it's now in nss_mysql.c
468 * nss_mysql.h: Moved syslog.h here
469 Removed unused FSIZ macro
470 Removed unused D_ERROR; renumbered D_* defines
471 Removed unnecessary CLOSE_ALL. CLOSE_LINK must CLOSE_RESULT anyway
472 Removed unnecessary \n's on debug lines
473 Added #defines for some configuration defaults
475 Added boolean and return types so we check/set returns via enumurated
476 constants instead of 0's and 1's ...
477 Added debug_flags to conf.global
478 Rearranged some stuff for better readability
480 * nss_mysql.c: The ONLY static variable is conf now. All MySQL static
481 information moved to nss_support.c
482 Removed unnecessary \n's on debug lines
483 Added _nss_mysql_log (replaces _nss_mysql_log_error)
484 Set config defaults based on #defines in nss_mysql.h
485 Debug logs to syslog instead of a file now
487 * nss_config.c: Added "debug_flags" to config
488 Removed unnecessary \n's on debug lines
489 _nss_mysql_log_error changed to _nss_mysql_log with priority argument
490 Use enumerated constants for checking/setting return types
491 Set config defaults based on #defines in nss_mysql.h
493 * config.h.in: Added missing HAVE_LOG_AUTHPRIV
495 * acconfig.h, configure, configure.in: Debugging goes to syslog now.
496 No need for DEBUG_FILE
498 * TODO: I actually did a couple things on my list
500 * README: Debugging method changed. Updated dox to reflect that.
502 2002-05-30 Ben Goodwin <ben@localhost>
504 * nss_support.c: Syslogging moved to configurable component. Moved
505 _nss_mysql_log_error to nss_mysql.c
507 * nss_mysql.h: Syslogging moved to configurable component
509 * nss_mysql.c: Added function enter/exit debugging. Moved
510 _nss_mysql_log_error from nss_support.c to here
512 * nss_config.c: Added support for syslog facility/priority from config file
514 * acconfig.h, configure, configure.in: Added HAVE_LOG_AUTHPRIV
516 2002-05-29 Ben Goodwin <ben@localhost>
518 * sample/nss_mysql.cfg: Added new facility & priority options
520 * nss_config.c: Formatting
522 * configure, configure.in: Added license and revision info. Version
523 updated to 0.2d (in-development)
525 * config.h.in, acconfig.h: Better name for what is now HAVE___FUNC__
527 * Makefile.am, Makefile.in: License and revision info
529 * TODO: Let everyone know how I plan to take over the world
531 * AUTHORS, ChangeLog, NEWS, README: First-pass
533 * sample/nss_mysql_root.cfg: Added missing [server] entry
535 * Makefile.am, Makefile.in: Additional file to dist
539 * sample/nss_mysql_root.cfg: changed default password
541 2002-05-28 Ben Goodwin <ben@localhost>
545 * Makefile.am, Makefile.in: Specify files in the sample directory to
546 keep 'make dist' from adding CVS files to the distfile
548 * configure.in, configure: Added CVS revision tag
550 * Makefile.in: This should have been 1.1.1.1; Makefile.am was edited
551 but automake was never run. Oops ..
553 * nss_mysql.h, nss_support.c, nss_structures.c: Added license and rcsid
556 * nss_mysql.c: Added license and rcsid string. Fixed some formatting
559 * nss_config.c: Added license and rcsid string
561 * *: Initial import of nss-mysql