Bugfixes
- switch to using
apr_generate_random_bytes
instead ofapr_uuid_get
to generate session identifiers so there's no longer a (rather implicit) dependency on alibapr
that is compiled againstlibuuid
on Linux platforms; see #431, #603 and #694; thanks @amitnarang28 - fix cache file backend: delete the correct file upon logout; closes #955; thanks @damisanet
- fix cleanup of semaphores on graceful restarts; see #522, closes #458
- fix
OIDCProviderMetadataRefreshInterval
since it was interpreted in microseconds instead of the documented and intended seconds; setting in to seconds would effectively turn of caching and pull the configuration document on each request - define
APLOG_TRACE1
if it does not exist - correct
ap_hook_insert_filter
function signature instub.c
, part 3; see #784 - fixed printout of cache mutex errors in
cache/common.c
- prefer
APR_LOCK_POSIXSEM
overAPR_LOCK_DEFAULT
inapr_global_mutex_create
which is apparently required for (some) ARM based builds - fix potential memory leak in
proto.c
whenoidc_util_create_symmetric_key
fails - fix potential memory leak in
proto.c
whenoidc_proto_validate_access_token
fails (at_hash
validation)
Features
- add option to use
ISO-8859-1
encoding for propagated claim values by addinglatin1
option toOIDCPassClaimsAs <> latin1
; see #957; thanks @nvchaudhari1991
Note that the encoding - including the existing "base64url" - apply to both header and environment variables as well now
Packaging
- packages for CentOS 9, Debian Bookworm and Ubuntu Jammy have been added
- the (commercially provided) Windows 64bit/32bit builds now include support for Memcache and Redis
Commercial
- binary packages for various other platforms such as Microsoft Windows 64bit/32bit, Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7/8 on Power PC (ppc64, ppc64le), Oracle Linux 6/7, older Ubuntu and Debian distro's, Oracle HTTP Server 11.1/12.1/12.2, IBM HTTP Server 8/9, Solaris 11.4, IBM AIX 7.2 and Mac OS X are available under a commercial agreement via sales@zmartzone.eu
- support for Redis over TLS, Redis (TLS) Sentinel, and Redis (TLS) Cluster is available under a commercial license via sales@zmartzone.eu