Skip to content

Releases: rvben/yamldap

v0.1.3

Choose a tag to compare

@github-actions github-actions released this 12 May 16:45
v0.1.3
9babefd

Added

  • ldap: synthesize RootDSE entry for empty-base baseObject searches (ff056e9)
  • Add Docker Hub publishing to yamldap release workflow (b163291)

v0.1.2

Choose a tag to compare

@github-actions github-actions released this 16 Jun 09:38

Added

  • Active Directory Compatibility Mode: New --ad-compat flag enables seamless compatibility with Active Directory clients
    • Automatically transforms objectClass=user queries to match inetOrgPerson entries
    • Maps userPrincipalName searches to uid and mail attributes
    • Allows yamldap to serve as a drop-in replacement for AD in testing environments
    • Enables applications expecting AD-specific schema to work with OpenLDAP-style data

Changed

  • Search operations now support filter transformations based on compatibility mode
  • Enhanced attribute mapping to handle AD-specific attributes gracefully

v0.1.1

Choose a tag to compare

@github-actions github-actions released this 16 Jun 08:29

Fixed

  • OpenLDAP Compatibility: Search filters with undefined attributes now return UndefinedAttributeType error (code 17) instead of silently returning 0 results
    • Matches OpenLDAP's behavior for better compatibility with existing LDAP client code
    • Enables exception-based fallback patterns used for Active Directory/OpenLDAP compatibility
    • Added comprehensive tests for undefined attribute handling

Changed

  • Search operations now validate all attributes referenced in filters before executing the search
  • Added methods to collect and validate attributes from both schema and existing entries

v0.1.0

Choose a tag to compare

@github-actions github-actions released this 14 Jun 19:22

Added

  • Comprehensive Test Coverage: Achieved near 100% test coverage with 250+ tests
    • Added 50+ new test functions covering all error paths and edge cases
    • Integration tests for full server lifecycle
    • Concurrent operation and thread safety tests
    • Fuzz testing infrastructure for robustness
  • Enhanced Error Handling: All error paths now have proper test coverage
  • Improved Filter Support: Fixed and tested all LDAP filter edge cases
  • Password Security Tests: Comprehensive testing for all password hash formats
  • YAML Parser Validation: Complete test coverage for YAML parsing and validation errors
  • File Watcher Tests: Full coverage for hot-reload functionality
  • Server Tests: Integration tests for server startup, shutdown, and concurrent connections

Changed

  • Improved LDAP filter parser to be more lenient with syntax (matching real-world LDAP servers)
  • Enhanced test organization with separate test modules for each component
  • Better error messages throughout the codebase

Fixed

  • UTF-8 boundary handling in LDAP filter parser (found via fuzzing)
  • Buffer overrun protection in LDAP protocol decoder (found via fuzzing)
  • Various edge cases in filter parsing and evaluation

Security

  • Added comprehensive fuzz testing to catch potential security issues
  • Fixed buffer boundary checks in protocol decoder
  • Enhanced input validation throughout the codebase

v0.0.8

Choose a tag to compare

@github-actions github-actions released this 13 Jun 16:49

Fixed

  • Added support for LDAP Compare operation (tag 0x6e) which was causing Django LDAP authentication to fail

Added

  • Implemented LDAP Compare Request/Response handling in SimpleLdapCodec
  • Added comprehensive tests for Compare operation functionality

v0.0.6

Choose a tag to compare

@github-actions github-actions released this 13 Jun 11:48

Fixed

  • Fixed GitHub Container Registry push errors by adding proper image labels
  • Added package initialization step to ensure registry package exists
  • Resolved 403 errors by linking Docker images to the repository with org.opencontainers.image.source label

Changed

  • Simplified Docker push approach back to using docker/build-push-action
  • Disabled SBOM generation in addition to provenance
  • Added comprehensive image labels for proper registry integration

Added

  • Instructions for using Personal Access Tokens for local Docker registry testing

v0.0.5

Choose a tag to compare

@github-actions github-actions released this 13 Jun 11:27

Fixed

  • Reworked Docker image building to push platform-specific images before creating multi-arch manifest
  • Added registry access verification step to debug authentication issues
  • Fixed step ordering to ensure version extraction happens before registry operations

Changed

  • Split multi-platform Docker build into separate platform builds followed by manifest creation
  • Added explicit buildx commands for better control over the build process

v0.0.4

Choose a tag to compare

@github-actions github-actions released this 13 Jun 11:13

Fixed

  • Fixed Docker image push authentication errors by disabling provenance attestations
  • Resolved 403 Forbidden errors when pushing multi-arch images to GitHub Container Registry

Changed

  • Updated GitHub workflow to set provenance: false for Docker builds with pre-built binaries

v0.0.3

Choose a tag to compare

@github-actions github-actions released this 13 Jun 10:10

Changed

  • Optimized Docker release process to use pre-built binaries instead of compiling during image creation
  • Simplified Docker image publishing to create multi-arch images directly without intermediate architecture-specific tags
  • Docker images are now built from binary artifacts, significantly reducing CI/CD pipeline time

Added

  • Dynamic Dockerfile generation during release process for efficient multi-arch builds
  • .dockerignore file to optimize Docker build context

v0.0.2

Choose a tag to compare

@github-actions github-actions released this 13 Jun 09:39

Fixed

  • Fixed critical DN attribute type case sensitivity issue that incorrectly rejected uppercase DNs
  • Fixed LDAP search filtering that was returning all entries regardless of filter criteria
  • Fixed incorrect LDAP error code (34 - InvalidDNSyntax) being returned instead of (49 - InvalidCredentials) for authentication failures
  • Fixed search request parsing to properly handle filters instead of hardcoding (objectClass=*)
  • Fixed clippy warnings about manual string stripping

Added

  • Comprehensive tests for DN case insensitivity
  • Support for composite LDAP filters (AND, OR, NOT)
  • Support for substring filters in LDAP searches
  • Tests verifying correct LDAP error codes are returned

Changed

  • Enhanced LDAP filter parser to support nested and complex filter expressions
  • Improved SimpleLdapCodec to properly parse search request filters from ASN.1