source: doc/ChangeLog @ e97d2e2

mei_rt2_fix_1
Last change on this file since e97d2e2 was e97d2e2, checked in by Mei <mei@…>, 12 years ago

1) bring in victor's patches for MAC OS X
2) update docs

  • Property mode set to 100644
File size: 5.4 KB
Line 
1
2= 0.2.3.1 =
3
4   2013-0X-0X  (branch mei_rt2_fix_1)
5        * Moved insertion of ID credentials to ID constructors. This
6          code is going to change in multi-context version because
7          some sanity checks got voided by this change (Jeff) 
8        * Updated ax_check_jni.m4, configure.ac and creddy.c for Mac
9          (supplied by Victor)
10        * Took out /usr/local/lib from example/example_scripts/java,
11          swig/java (Anddrew)
12
13= 0.2.3 =
14
15    2013-01-15
16        * Patched Yap to run on FreeBSD9.1
17        * Added a configuration check for thread linked perl
18        * Added option to disable the generation of swig/java directory
19          when configured with --disable-java-feature or when jni.h is
20          not found (Ezra)
21        * Added Java libabac regression tests in example_scripts/java
22        * Added Java interface to libabac using JNI generated via SWIG
23          (Remember to take down the context with free_context_now()
24          instead of counting on the destructor, this is to avoid the
25          threading problem in libstrongswan when it got GC'ed
26          prematurely by Java, see swig/java/ProverTest.java)
27        * Added default partial proof generation upon fact query failure
28        * Added new python attribute and id example tests for the new
29          api calls
30        * Added a new Attribute api call, ABAC::Attribute::Attribute_chunk,
31          creating Attribute from a certificate chunk (Ezra)
32        * Added a new ID api call, ABAC::ID::ID_chunk, creating ID from a
33          certificate chunk (Ezra)
34
35= 0.2.2 =
36
37     2012-09-26
38
39        * Remove the self-signing verification check in abac_verifier to allow
40          none self-signing principal credential
41        * Replaced cn extraction code used in libabac with a more generalized
42          method that retrieves the last "CN=" term from the subject line
43          of a principal credential before chopping it out
44        * Added a new API call, next_proof (abac_context_query_again) that can
45          force YAP to backtrack and produce a new solution proof if exists
46        * New performance testing setup under examples directory. Added
47          plotting and graphing scripts
48        * Updated examples directory to use Makefile, added performance
49          testing setup, plotting scripts, and graphing scripts
50        * Added support for accepting encrypted private key with passphrase
51          for principal credential creation and for attribute rule creation
52        * API is expanded to allow specifying private key file and passphrase
53          file
54        * creddy attribute and generate options are expanded to accept
55          a specific private key and allowing passphrase option
56        * a new keycheck option is added to creddy to do access check on
57          a key file (encrypted and none encrypted)
58        * added encryption/passphrase examples
59        * migrate the sample scripts that used to be under swig directory to
60          examples directory and setup as part of regression test suite
61        * add examples for timing/performance runs
62        * change the proof buffer allocation to YAP_AllocSpaceFromYap and sizing
63          the buffer repeatedly and progressively if the initial size is too small
64        * tested with Yap 6.2.3 but not required
65
66= 0.2.1 =
67
68     2012-07-06
69 
70        * The API visible to programmers is much richer and should make
71          development simpler.  As part of this, the libcreddy/libabac
72          distinction has disappeared.  All libcreddy functions are now
73          available through libabac.
74        * updated to use strongswan 4.6.4.  Strongswan 4.4.0 had become very
75          outdated.
76        * Added more examples and documentation.
77        * add a new '--subject-link' option to creddy --attribute to hold the
78          linking role
79        * add --dbdump option to abac_prover_yap to retrieve all prolog clauses
80          stored in the db
81       
82       WARNING
83       - There are occasional spurious error messages originated
84         from Strongswan during access of the attribute credentials.  Those
85         messages are due to libstrongswan mishandling certain values of
86         authorizedKeyIdentifier in a non-destructive way.  While we are
87         working with the strongswan developers to remove these messages, they
88         should not affect ABAC in any way.
89       
90         Here are sample messages:
91       
92         L6 - keyIdentifier:  length of ASN.1 object invalid or too large
93         L6 - authorityCertSerialNumber:  length of ASN.1 object invalid or too large
94       
95         Do report to us if your ABAC is not behaving as
96         expected and messages like above seem to be a factor..
97       
98= 0.2.0 =
99
100     2012-02-27
101
102        * '''API-breaking change''': libcreddy ID and attribute cert creation validity
103          periods are now measured in seconds
104        * significant performance improvements on Linux, see [source:doc/INSTALL] for
105          configure flags
106        * [CredPrinterDocs credential printer]
107        * several bugs and segfaults fixed
108
109= 0.1.3 =
110
111     2011-03-30
112
113        * native Java support
114        * many, many bugfixes
115
116= 0.1.2 =
117
118     2010-10-01
119
120        * libcreddy extracted
121        * credddy rewritten to use libcreddy
122        * sample code for libcreddy in python
123
124= 0.1.1 =
125
126     2010-09-17, updated 2010-09-20
127
128        * Support for intersection rules
129        * Support for encrypted private keys
130        * Build issues on FreeBSD addressed
131
132
Note: See TracBrowser for help on using the repository browser.