source: doc/ChangeLog @ f2d67a5

mei_rt2mei_rt2_fix_1
Last change on this file since f2d67a5 was 09531ca, checked in by Mei <mei@…>, 12 years ago

1) add config check for perl thread, and optional jni.h
2) tweak for freebsd8

  • Property mode set to 100644
File size: 4.9 KB
RevLine 
[09496b3]1= 0.2.3 =
2
[09531ca]3    2012-12-XX
4        * Added a configuration check on required thread linked perl
5        * Added option to disable the generation of swig/java directory
6          when configured with --disable-java-feature or when jni.h is
7          not found (Ezra)
[695abc7]8        * Added Java libabac regression tests in example_scripts/java
9        * Added Java interface to libabac using JNI generated via SWIG
[e3c7769]10          (Remember to take down the context with free_context_now()
11          instead of counting on the destructor, this is to avoid the
12          threading problem in libstrongswan when it got GC'ed
13          prematurely by Java, see swig/java/ProverTest.java)
[646e57e]14        * Added default partial proof generation upon fact query failure
[b8a6fd2a]15        * Added new python attribute and id example tests for the new
16          api calls
17        * Added a new Attribute api call, ABAC::Attribute::Attribute_chunk,
18          creating Attribute from a certificate chunk (Ezra)
19        * Added a new ID api call, ABAC::ID::ID_chunk, creating ID from a
[e3c7769]20          certificate chunk (Ezra)
[09496b3]21
[ba6027a]22= 0.2.2 =
[7c5d673]23
[c67bfa3]24     2012-09-26
[7c5d673]25
[c67bfa3]26        * Remove the self-signing verification check in abac_verifier to allow
27          none self-signing principal credential
28        * Replaced cn extraction code used in libabac with a more generalized
[6244e28]29          method that retrieves the last "CN=" term from the subject line
30          of a principal credential before chopping it out
[abf8d5d]31        * Added a new API call, next_proof (abac_context_query_again) that can
32          force YAP to backtrack and produce a new solution proof if exists
33        * New performance testing setup under examples directory. Added
34          plotting and graphing scripts
35        * Updated examples directory to use Makefile, added performance
36          testing setup, plotting scripts, and graphing scripts
[7c5d673]37        * Added support for accepting encrypted private key with passphrase
38          for principal credential creation and for attribute rule creation
39        * API is expanded to allow specifying private key file and passphrase
40          file
41        * creddy attribute and generate options are expanded to accept
42          a specific private key and allowing passphrase option
43        * a new keycheck option is added to creddy to do access check on
44          a key file (encrypted and none encrypted)
[abf8d5d]45        * added encryption/passphrase examples
[7c5d673]46        * migrate the sample scripts that used to be under swig directory to
47          examples directory and setup as part of regression test suite
48        * add examples for timing/performance runs
49        * change the proof buffer allocation to YAP_AllocSpaceFromYap and sizing
50          the buffer repeatedly and progressively if the initial size is too small
51        * tested with Yap 6.2.3 but not required
[ba6027a]52
[888df49]53= 0.2.1 =
[2efdff5]54
[7c5d673]55     2012-07-06
56 
57        * The API visible to programmers is much richer and should make
58          development simpler.  As part of this, the libcreddy/libabac
59          distinction has disappeared.  All libcreddy functions are now
60          available through libabac.
61        * updated to use strongswan 4.6.4.  Strongswan 4.4.0 had become very
62          outdated.
63        * Added more examples and documentation.
64        * add a new '--subject-link' option to creddy --attribute to hold the
65          linking role
66        * add --dbdump option to abac_prover_yap to retrieve all prolog clauses
67          stored in the db
68       
69       WARNING
70       - There are occasional spurious error messages originated
71         from Strongswan during access of the attribute credentials.  Those
72         messages are due to libstrongswan mishandling certain values of
73         authorizedKeyIdentifier in a non-destructive way.  While we are
74         working with the strongswan developers to remove these messages, they
75         should not affect ABAC in any way.
76       
77         Here are sample messages:
78       
79         L6 - keyIdentifier:  length of ASN.1 object invalid or too large
80         L6 - authorityCertSerialNumber:  length of ASN.1 object invalid or too large
81       
82         Do report to us if your ABAC is not behaving as
83         expected and messages like above seem to be a factor..
84       
[888df49]85= 0.2.0 =
[7c5d673]86
87     2012-02-27
88
89        * '''API-breaking change''': libcreddy ID and attribute cert creation validity
90          periods are now measured in seconds
91        * significant performance improvements on Linux, see [source:doc/INSTALL] for
92          configure flags
93        * [CredPrinterDocs credential printer]
94        * several bugs and segfaults fixed
[888df49]95
96= 0.1.3 =
[7c5d673]97
98     2011-03-30
99
100        * native Java support
101        * many, many bugfixes
[888df49]102
103= 0.1.2 =
[7c5d673]104
105     2010-10-01
106
107        * libcreddy extracted
108        * credddy rewritten to use libcreddy
109        * sample code for libcreddy in python
[888df49]110
111= 0.1.1 =
[7c5d673]112
113     2010-09-17, updated 2010-09-20
114
115        * Support for intersection rules
116        * Support for encrypted private keys
117        * Build issues on FreeBSD addressed
[888df49]118
[549656e]119
Note: See TracBrowser for help on using the repository browser.