Changes in Release 1.6.0
========================

This is the EMI-3 release.

New features:
- Debian 6 platform support added.
- Uses the new common authentication library (caNl).
- Uses the new VOMS library (voms-api-java3).

Changes:
- RPM and Debian packaging moved to separate projects.

RfCs implemented:
- PEP Server PDP response caching mechanism don't apply OH if response is already in cache.
  https://savannah.cern.ch/bugs/?97931
- PEP Server audit.log contains null entries
  https://savannah.cern.ch/bugs/index.php?98134


Changes in Release 1.5.1
========================

This is the first EMI-2 release.

New features:
- SL6 support added
  https://savannah.cern.ch/task/?23417
- Standard service operation and control
  https://savannah.cern.ch/task/?23062  
- Service memory limit default set to 256MB.

RfCs implemented:
- Mapping OH with better message when pool account is depleted
  https://savannah.cern.ch/bugs/?88935
- Missing runtime dep to lsb-base|redhat-lsb
  https://savannah.cern.ch/bugs/?92889
- /etc/rc.d/ does not exists in Debian 6
  https://savannah.cern.ch/bugs/?87788


Changes in Release 1.4.0
========================

This release is a update for EMI-1.

New features:
- Production log files (rotation, file size, ...)
- Service memory limit (128MB)
- Dependencies on vomsjapi, bouncycastle, trustmanager, argus-pep-common and
  argus-pdp-pep-common taken from the corresponding packages (in /usr/share/java)

RfCs implemented:
- https://savannah.cern.ch/bugs/?84844 - Production logging
- https://savannah.cern.ch/bugs/?83544 - Memory limit
- https://savannah.cern.ch/bugs/?84848 - VOMS API dependency
- https://savannah.cern.ch/bugs/?84846 - Gridmapdir lease file timestamp (correction)

Changes in Release 1.3.1
========================

This release is an update for EMI-1.

RfCs implemented:
- Argus PEP Server mapping obligation handler does not update the timestamp of the lease file in
  the gridmapdir: https://savannah.cern.ch/bugs/index.php?83281
- Argus PEP Server mapping obligation handler implements the legacy LCAS/LCMAP lease filename 
  encoding in the gridmapdir: https://savannah.cern.ch/bugs/?83419
- Argus PEP Server mapping obligation handler have a new configuration option 
  'useSecondaryGroupNamesForMapping' (default: true) to simulation gLExec default config:
  https://savannah.cern.ch/bugs/?83317


Changes in Release 1.3.0
========================

The Argus PEP Server have been repackaged to be compliant with EMI packaging policies.

New features:

- New PIP to support DPM/LFC openssl oneline DN format, and automatically convert
  them to RFC2253 format: https://savannah.cern.ch/bugs/?77527
- New PIP to validate incoming authz request (subject, resource, action without 
  empty values): https://savannah.cern.ch/bugs/?78414

Bug fixed:

- Processing error returns DENY decision, should be INDETERMINATE
  https://savannah.cern.ch/bugs/?78831
- POSIX mapping OH fails to match pool accounts which contain non alphabetic characters
  https://savannah.cern.ch/bugs/?80526
- First authz request after service start timeout very often
  https://savannah.cern.ch/bugs/?78751
- All ECDH based ciphers suites are disabled because of the OpenSSL 1.0 problem
  with SSL handshake (in pdp-pep-common).


Changes in Release 1.2.0
========================

New features:

- The group mapfile now allows DN based group names mapping.
- The gridmap POSIX account mapping obligation handler now handles DN and FQAN based 
  account mapping. DN based mapping is preferred upon FQAN based mapping (configurable).
- The gridmap files now support FQAN pattern matching as described in EGEE document
  https://edms.cern.ch/file/975443/1/EGEE-III-JRA1_FQAN_wildcard_v1.1.pdf
- A new generic grid authorization profile PIP handles both the Grid CE v1.0 and Grid WN v1.0
  authorization profiles.

Bug fixed:

- POSIX mapping obligation attribute/group-id doesn't contain primary group 
  https://savannah.cern.ch/bugs/?64340
- Pool account mapping problem with name prefixing other name: .dteam -> dteamprod001
  https://savannah.cern.ch/bugs/?66574
- Timestamps in Argus log files do not show the date
  https://savannah.cern.ch/bugs/?64197 
- pepd.ini without SECURITY section cause a NullPointerException at start
  https://savannah.cern.ch/bugs/?68858 
- pepd.ini without pips defined cause a NullPointerException
  https://savannah.cern.ch/bugs/?69263


Changes in Release 1.1.1
========================
- The X509 PIP extract all the subject-issuer values from the subject certificate
  by completing the cert chain up to a trust anchor.
- The X509 PIP now correctly performed the PKIX validation of the cert chain.

Changes in Release 1.1.0
========================
- Response caching now occurs after response a valid response is returned from
  the PDP but before obligation processing occurs.
- Add service version to status page
- Move enableSSL config option to SECURITY section, it had mistakenly been 
  in the SERVICE section
- Support X.509 certificate client authentication
- Move Status page to admin service
- Add response cache clearing admin service
- Add ability for admin service to be on a separate host
- Add ability for admin service to be password protected
