zas 3.0.5
    Mon, 21 Aug 2006 12:47:12 +0200

	Changes since 3.0.4

	CORE:
	  * Fixed SSL handshake to avoid blocking, possibly causing a denial
            of service.
	  * Fixed parsing log related parameters from the configuration
            file.
	  * Clarified various log messages.

	ZASDB backend:
	  * Fixed the processing of the fake_user option, user faking was
            attempted even if it was disabled in the configuration.

	ZASDB backend GSSAPI authentication method:
	  * Fixed a possible segmentation fault when kerberos authentication
	    has been used

	ZASDB backend X.509 authentication method:
          * Fixed possible segmentation fault when the authentication
            request did not include certain information.

	ZASDB backend LDAP storage:
	  * Added support for NDS style groups.

	HTPASS backend:
	  * Forbid simple password authentication when the connection
            between Zorp and ZAS is not encrypted.
	  * Fixed a possible memory leak.

	PAM backend:
	  * Fixed a possible segmentation fault when kerberos authentication
	    has been used

	RADIUS backend:
	  * Forbid simple password authentication when the connection
            between Zorp and ZAS is not encrypted.


zas 3.0.4
	Wed, 13 Apr 2005 11:12:22 +0200

	Changes since 3.0.3

	CORE:
	  * Fixed the permission of /etc/zas.
	  * No password authentication allowed if the connection is not encrypted.
	  * Added priority configuration option into every method.
	  * Sleep timeout configuration option added. This option controls
	    the sleeping time which occurs when ZAS rejects the
	    authentication.

	ZASDB backend
	  * Removed the "ldapbind_description" and "usercert_description"
	    configuration options from "zas_db_storage_ldap" and moved them
	    into the "zas_db_method_x509" and "zas_db_method_ldapbind"
	    configuration blocks respectively.

	ZASDB backend, LDAP storage:
	  * Fixed a segmentation fault when the username was interpreted as a DN.


3.0.3
	Wed, 22 Dec 2004 10:13:37 +0100

	Changes since 3.0.2

	CORE:
	  * Fixed verbosity level handling when its value is read from the
            configuration file.
          * Fixed possible segmentation fault when the client sends an empty
            username.
          * Clarified and unified a couple of log messages.
          * Changed default port from 7777 to 1317 to be more consistent
            with the rest of Zorp/ZMS and to match the value used in ZMS by
            default.
          * Updated man pages.

        ZASDB backend, X.509 authentication method:
          * Added possible DN verification to the certificate verification
            process. Previously only the complete certificate could be
            compared to the stored one, now it is also possible to
            verify against the subject's DN.


3.0.2
        Thu, 28 Oct 2004 09:56:26 +0100

	Changes since 3.0.1

	PAM backend, GSSAPI authentication method:
	  * Fixed kerberos ticket username and ZAS username comparison,
            perform a case-insensitive comparison instead of a
            case-sensitive one.

	ZASDB backend, GSSAPI authentication method:
	  * Fixed kerberos ticket username and ZAS username comparison,
            perform a case-insensitive comparison instead of a
            case-sensitive one.

        ZASDB backend, LDAP storage:
          * Added a new attribute called follow_referral which makes it
            possible to disable automatic referral resolution.


3.0.1
	Thu, 16 Sep 2004 15:31:58 +0200

	Changes since 3.0.0

	CORE
	  * Added 5 seconds waiting when the authentication fails to inhibit
            password guessing.
	  * Fixed a possible segmentation fault when the connection with
	    Zorp is closed.

	RADIUS backend
	  * Added automatic retrying.
	  * Fixed some memory leaks.

	PAM backend, GSSAPI authentication method:
	  * Fixed a possible segmentation fault.

	ZASDB backend, password authentication method:
	  * Plain text password is only allowed when the connection between
	    zas and zorp is encrypted.

	ZASDB backend, X509 authentication method:
	  * Added a couple of log messages.
	  * Changed the CA storage method to be more similar to other
	    programs.

        ZASDB backend, GSSAPI authentication method:
          * New authentication method to make it possible to do GSSAPI based
            authentication without using PAM or local accounts.


3.0.0
	Fri, 16 Jul 2004 15:31:58 +0200

        Changes since 3.0beta3:

        ZASDB backend, LDAP storage:
          * Fixed problems in automatic reconnection to the LDAP server.
          * Added possibility to deal with ActiveDirectory directly, both
            authentication and group information retrieval is supported.

        ZASDB backend, LDAPBIND authentication method:

          * New authentication method integrating nicely into ZASDB which
            delegates the authentication to the LDAP server. Only password
            based authentication is supported.