Releases: rvben/yamldap
Releases · rvben/yamldap
Release list
v0.1.3
v0.1.2
Added
- Active Directory Compatibility Mode: New
--ad-compatflag enables seamless compatibility with Active Directory clients- Automatically transforms
objectClass=userqueries to matchinetOrgPersonentries - Maps
userPrincipalNamesearches touidandmailattributes - Allows yamldap to serve as a drop-in replacement for AD in testing environments
- Enables applications expecting AD-specific schema to work with OpenLDAP-style data
- Automatically transforms
Changed
- Search operations now support filter transformations based on compatibility mode
- Enhanced attribute mapping to handle AD-specific attributes gracefully
v0.1.1
Fixed
- OpenLDAP Compatibility: Search filters with undefined attributes now return
UndefinedAttributeTypeerror (code 17) instead of silently returning 0 results- Matches OpenLDAP's behavior for better compatibility with existing LDAP client code
- Enables exception-based fallback patterns used for Active Directory/OpenLDAP compatibility
- Added comprehensive tests for undefined attribute handling
Changed
- Search operations now validate all attributes referenced in filters before executing the search
- Added methods to collect and validate attributes from both schema and existing entries
v0.1.0
Added
- Comprehensive Test Coverage: Achieved near 100% test coverage with 250+ tests
- Added 50+ new test functions covering all error paths and edge cases
- Integration tests for full server lifecycle
- Concurrent operation and thread safety tests
- Fuzz testing infrastructure for robustness
- Enhanced Error Handling: All error paths now have proper test coverage
- Improved Filter Support: Fixed and tested all LDAP filter edge cases
- Password Security Tests: Comprehensive testing for all password hash formats
- YAML Parser Validation: Complete test coverage for YAML parsing and validation errors
- File Watcher Tests: Full coverage for hot-reload functionality
- Server Tests: Integration tests for server startup, shutdown, and concurrent connections
Changed
- Improved LDAP filter parser to be more lenient with syntax (matching real-world LDAP servers)
- Enhanced test organization with separate test modules for each component
- Better error messages throughout the codebase
Fixed
- UTF-8 boundary handling in LDAP filter parser (found via fuzzing)
- Buffer overrun protection in LDAP protocol decoder (found via fuzzing)
- Various edge cases in filter parsing and evaluation
Security
- Added comprehensive fuzz testing to catch potential security issues
- Fixed buffer boundary checks in protocol decoder
- Enhanced input validation throughout the codebase
v0.0.8
Fixed
- Added support for LDAP Compare operation (tag 0x6e) which was causing Django LDAP authentication to fail
Added
- Implemented LDAP Compare Request/Response handling in SimpleLdapCodec
- Added comprehensive tests for Compare operation functionality
v0.0.6
Fixed
- Fixed GitHub Container Registry push errors by adding proper image labels
- Added package initialization step to ensure registry package exists
- Resolved 403 errors by linking Docker images to the repository with org.opencontainers.image.source label
Changed
- Simplified Docker push approach back to using docker/build-push-action
- Disabled SBOM generation in addition to provenance
- Added comprehensive image labels for proper registry integration
Added
- Instructions for using Personal Access Tokens for local Docker registry testing
v0.0.5
Fixed
- Reworked Docker image building to push platform-specific images before creating multi-arch manifest
- Added registry access verification step to debug authentication issues
- Fixed step ordering to ensure version extraction happens before registry operations
Changed
- Split multi-platform Docker build into separate platform builds followed by manifest creation
- Added explicit buildx commands for better control over the build process
v0.0.4
Fixed
- Fixed Docker image push authentication errors by disabling provenance attestations
- Resolved 403 Forbidden errors when pushing multi-arch images to GitHub Container Registry
Changed
- Updated GitHub workflow to set
provenance: falsefor Docker builds with pre-built binaries
v0.0.3
Changed
- Optimized Docker release process to use pre-built binaries instead of compiling during image creation
- Simplified Docker image publishing to create multi-arch images directly without intermediate architecture-specific tags
- Docker images are now built from binary artifacts, significantly reducing CI/CD pipeline time
Added
- Dynamic Dockerfile generation during release process for efficient multi-arch builds
- .dockerignore file to optimize Docker build context
v0.0.2
Fixed
- Fixed critical DN attribute type case sensitivity issue that incorrectly rejected uppercase DNs
- Fixed LDAP search filtering that was returning all entries regardless of filter criteria
- Fixed incorrect LDAP error code (34 - InvalidDNSyntax) being returned instead of (49 - InvalidCredentials) for authentication failures
- Fixed search request parsing to properly handle filters instead of hardcoding (objectClass=*)
- Fixed clippy warnings about manual string stripping
Added
- Comprehensive tests for DN case insensitivity
- Support for composite LDAP filters (AND, OR, NOT)
- Support for substring filters in LDAP searches
- Tests verifying correct LDAP error codes are returned
Changed
- Enhanced LDAP filter parser to support nested and complex filter expressions
- Improved SimpleLdapCodec to properly parse search request filters from ASN.1