source: doc/ChangeLog @ 4e09ac5

mei_rt2mei_rt2_fix_1
Last change on this file since 4e09ac5 was 46df1bc, checked in by Mei <mei@…>, 12 years ago

1) get ready for release 0.2.3
2) add forward function declaration in abac_pl_yap.c for

abac_credential_dup

3) tested against freebsd82 and freebsd91

  • Property mode set to 100644
File size: 4.9 KB
RevLine 
[09496b3]1= 0.2.3 =
2
[46df1bc]3    2013-01-XX
4        * Patched Yap 6.2.3 to run on FreeBSD9.1
5        * Added a configuration check for thread linked perl
[09531ca]6        * Added option to disable the generation of swig/java directory
7          when configured with --disable-java-feature or when jni.h is
8          not found (Ezra)
[695abc7]9        * Added Java libabac regression tests in example_scripts/java
10        * Added Java interface to libabac using JNI generated via SWIG
[e3c7769]11          (Remember to take down the context with free_context_now()
12          instead of counting on the destructor, this is to avoid the
13          threading problem in libstrongswan when it got GC'ed
14          prematurely by Java, see swig/java/ProverTest.java)
[646e57e]15        * Added default partial proof generation upon fact query failure
[b8a6fd2a]16        * Added new python attribute and id example tests for the new
17          api calls
18        * Added a new Attribute api call, ABAC::Attribute::Attribute_chunk,
19          creating Attribute from a certificate chunk (Ezra)
20        * Added a new ID api call, ABAC::ID::ID_chunk, creating ID from a
[e3c7769]21          certificate chunk (Ezra)
[09496b3]22
[ba6027a]23= 0.2.2 =
[7c5d673]24
[c67bfa3]25     2012-09-26
[7c5d673]26
[c67bfa3]27        * Remove the self-signing verification check in abac_verifier to allow
28          none self-signing principal credential
29        * Replaced cn extraction code used in libabac with a more generalized
[6244e28]30          method that retrieves the last "CN=" term from the subject line
31          of a principal credential before chopping it out
[abf8d5d]32        * Added a new API call, next_proof (abac_context_query_again) that can
33          force YAP to backtrack and produce a new solution proof if exists
34        * New performance testing setup under examples directory. Added
35          plotting and graphing scripts
36        * Updated examples directory to use Makefile, added performance
37          testing setup, plotting scripts, and graphing scripts
[7c5d673]38        * Added support for accepting encrypted private key with passphrase
39          for principal credential creation and for attribute rule creation
40        * API is expanded to allow specifying private key file and passphrase
41          file
42        * creddy attribute and generate options are expanded to accept
43          a specific private key and allowing passphrase option
44        * a new keycheck option is added to creddy to do access check on
45          a key file (encrypted and none encrypted)
[abf8d5d]46        * added encryption/passphrase examples
[7c5d673]47        * migrate the sample scripts that used to be under swig directory to
48          examples directory and setup as part of regression test suite
49        * add examples for timing/performance runs
50        * change the proof buffer allocation to YAP_AllocSpaceFromYap and sizing
51          the buffer repeatedly and progressively if the initial size is too small
52        * tested with Yap 6.2.3 but not required
[ba6027a]53
[888df49]54= 0.2.1 =
[2efdff5]55
[7c5d673]56     2012-07-06
57 
58        * The API visible to programmers is much richer and should make
59          development simpler.  As part of this, the libcreddy/libabac
60          distinction has disappeared.  All libcreddy functions are now
61          available through libabac.
62        * updated to use strongswan 4.6.4.  Strongswan 4.4.0 had become very
63          outdated.
64        * Added more examples and documentation.
65        * add a new '--subject-link' option to creddy --attribute to hold the
66          linking role
67        * add --dbdump option to abac_prover_yap to retrieve all prolog clauses
68          stored in the db
69       
70       WARNING
71       - There are occasional spurious error messages originated
72         from Strongswan during access of the attribute credentials.  Those
73         messages are due to libstrongswan mishandling certain values of
74         authorizedKeyIdentifier in a non-destructive way.  While we are
75         working with the strongswan developers to remove these messages, they
76         should not affect ABAC in any way.
77       
78         Here are sample messages:
79       
80         L6 - keyIdentifier:  length of ASN.1 object invalid or too large
81         L6 - authorityCertSerialNumber:  length of ASN.1 object invalid or too large
82       
83         Do report to us if your ABAC is not behaving as
84         expected and messages like above seem to be a factor..
85       
[888df49]86= 0.2.0 =
[7c5d673]87
88     2012-02-27
89
90        * '''API-breaking change''': libcreddy ID and attribute cert creation validity
91          periods are now measured in seconds
92        * significant performance improvements on Linux, see [source:doc/INSTALL] for
93          configure flags
94        * [CredPrinterDocs credential printer]
95        * several bugs and segfaults fixed
[888df49]96
97= 0.1.3 =
[7c5d673]98
99     2011-03-30
100
101        * native Java support
102        * many, many bugfixes
[888df49]103
104= 0.1.2 =
[7c5d673]105
106     2010-10-01
107
108        * libcreddy extracted
109        * credddy rewritten to use libcreddy
110        * sample code for libcreddy in python
[888df49]111
112= 0.1.1 =
[7c5d673]113
114     2010-09-17, updated 2010-09-20
115
116        * Support for intersection rules
117        * Support for encrypted private keys
118        * Build issues on FreeBSD addressed
[888df49]119
[549656e]120
Note: See TracBrowser for help on using the repository browser.