The cosign development team is pleased to announce the availability of cosign
3.2.0. This release adds support for httponly cookies in the filters and cgi,
provides a generic PAM-based external factor for two-factor authentication,
adds CosignAllowValidationRedirect to the filters, permits
CosignAllowPublicAccess in .htaccess files, adds build testing and includes
several smaller features and fixes. A full list of changes is below.
Download
Source archive:
<http://sourceforge.net/projects/cosign/files/cosign/cosign-3.2.0/cosign-3.2.0.tar.gz/download>
SHA256(cosign-3.2.0.tar.gz)=
6eb6ad1691c27f8f2a99611afe0ec951da626246f75b01435e615c25cde6a242
SHA1(cosign-3.2.0.tar.gz)=
a817b755d6227d9528058d28494835248189061c
RIPEMD160(cosign-3.2.0.tar.gz)=
b5b81e78c522886c48c95b411a2ba50679a3dede
Git:
<git://cosign.git.sourceforge.net/gitroot/cosign/cosign>
Tag: cosign-3.2.0 (GPG-signed by fitterhappier at users dot
sourceforge dot net)
Please continue report problems, file feature requests and post patches on the
cosign SF.net tracker:
http://p.sf.net/cosign/tracker
Thanks for your support of cosign!
andrew
--
Changes since 3.1.4:
* build: Add "make test" to test build integrity.
* Currently tests cosignd, cosign.cgi and logout cgi.
* build: Add "make server" to build only weblogin server components.
* build: Add "make install-server"
* build: Add DESTDIR support to Makefile. Patch from Sean Sweda
\<ssweda at barracuda dot com>.
* cgi: expand allowed characters in usernames. Permits use of kerberos
principals with instances and OpenID URIs.
* cgi: Check environment for alternate cosign.conf. Added for make test.
* cgi: add support for Set-Cookie header's httponly flag.
* cgi: handle expired password exit statuses from external factors.
* factors: add generic PAM-based external factor. Works with pam
modules for SecurID, Google Authenticator, etc.
* libcgi: fix NULL dereference on cgi_init failure.
* daemon: fix NULL dereference on regexec failure.
* filters: permit use of CosignAllowPublicAccess in .htaccess files.
Patch from Phil Pishioneri <pgp at psu dot edu>.
* filters: prevent site configuration from caching cosign redirects.
* filters: vhost ServerName is default value for CosignService
directive. [Feature Request #2748312]
* filters: add support for Set-Cookie header's httponly flag.
* filters: add CosignAllowValidationRedirect. Catch mismatches of
current hostname and destination URL hostname. If CosignAllowValidationRedirect
is On, and the destination URL matches CosignValidReference, mod_cosign will
construct a new validation URL and forward the request to the destination URL's
hostname.
* filters: make CosignAllowValidationRedirect compatible with
CosignNoAppendRedirectPort.
* filters: reorder perror calls to avoid errno reset on failed file
creation. Patch from Martin Sucha <sucha14 at st dot fmph dot uniba.sk>
------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
_______________________________________________
Cosign-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
