source: doc/ChangeLog @ e97d2e2

= 0.2.3.1 =

   2013-0X-0X  (branch mei_rt2_fix_1)
        * Moved insertion of ID credentials to ID constructors. This
          code is going to change in multi-context version because 
          some sanity checks got voided by this change (Jeff)  
        * Updated ax_check_jni.m4, configure.ac and creddy.c for Mac
          (supplied by Victor)
        * Took out /usr/local/lib from example/example_scripts/java,
          swig/java (Anddrew)

= 0.2.3 =

    2013-01-15
        * Patched Yap to run on FreeBSD9.1
        * Added a configuration check for thread linked perl 
        * Added option to disable the generation of swig/java directory
          when configured with --disable-java-feature or when jni.h is 
          not found (Ezra)
        * Added Java libabac regression tests in example_scripts/java
        * Added Java interface to libabac using JNI generated via SWIG
          (Remember to take down the context with free_context_now() 
          instead of counting on the destructor, this is to avoid the
          threading problem in libstrongswan when it got GC'ed 
          prematurely by Java, see swig/java/ProverTest.java)
        * Added default partial proof generation upon fact query failure
        * Added new python attribute and id example tests for the new 
          api calls
        * Added a new Attribute api call, ABAC::Attribute::Attribute_chunk,
          creating Attribute from a certificate chunk (Ezra)
        * Added a new ID api call, ABAC::ID::ID_chunk, creating ID from a 
          certificate chunk (Ezra) 

= 0.2.2 =

     2012-09-26

        * Remove the self-signing verification check in abac_verifier to allow
          none self-signing principal credential
        * Replaced cn extraction code used in libabac with a more generalized 
          method that retrieves the last "CN=" term from the subject line 
          of a principal credential before chopping it out
        * Added a new API call, next_proof (abac_context_query_again) that can
          force YAP to backtrack and produce a new solution proof if exists
        * New performance testing setup under examples directory. Added
          plotting and graphing scripts
        * Updated examples directory to use Makefile, added performance
          testing setup, plotting scripts, and graphing scripts
        * Added support for accepting encrypted private key with passphrase
          for principal credential creation and for attribute rule creation 
        * API is expanded to allow specifying private key file and passphrase
          file 
        * creddy attribute and generate options are expanded to accept 
          a specific private key and allowing passphrase option
        * a new keycheck option is added to creddy to do access check on
          a key file (encrypted and none encrypted)
        * added encryption/passphrase examples
        * migrate the sample scripts that used to be under swig directory to
          examples directory and setup as part of regression test suite
        * add examples for timing/performance runs
        * change the proof buffer allocation to YAP_AllocSpaceFromYap and sizing
          the buffer repeatedly and progressively if the initial size is too small 
        * tested with Yap 6.2.3 but not required

= 0.2.1 =

     2012-07-06
 
        * The API visible to programmers is much richer and should make
          development simpler.  As part of this, the libcreddy/libabac
          distinction has disappeared.  All libcreddy functions are now
          available through libabac.
        * updated to use strongswan 4.6.4.  Strongswan 4.4.0 had become very
          outdated.
        * Added more examples and documentation.
        * add a new '--subject-link' option to creddy --attribute to hold the
          linking role
        * add --dbdump option to abac_prover_yap to retrieve all prolog clauses
          stored in the db
       
       WARNING
       - There are occasional spurious error messages originated
         from Strongswan during access of the attribute credentials.  Those
         messages are due to libstrongswan mishandling certain values of
         authorizedKeyIdentifier in a non-destructive way.  While we are
         working with the strongswan developers to remove these messages, they
         should not affect ABAC in any way.
       
         Here are sample messages:
       
         L6 - keyIdentifier:  length of ASN.1 object invalid or too large
         L6 - authorityCertSerialNumber:  length of ASN.1 object invalid or too large
       
         Do report to us if your ABAC is not behaving as
         expected and messages like above seem to be a factor..
       
= 0.2.0 =

     2012-02-27

        * '''API-breaking change''': libcreddy ID and attribute cert creation validity
          periods are now measured in seconds
        * significant performance improvements on Linux, see [source:doc/INSTALL] for 
          configure flags
        * [CredPrinterDocs credential printer]
        * several bugs and segfaults fixed

= 0.1.3 =

     2011-03-30

        * native Java support
        * many, many bugfixes

= 0.1.2 =

     2010-10-01

        * libcreddy extracted
        * credddy rewritten to use libcreddy
        * sample code for libcreddy in python

= 0.1.1 =

     2010-09-17, updated 2010-09-20

        * Support for intersection rules
        * Support for encrypted private keys
        * Build issues on FreeBSD addressed