Changelog
webauth (3.7.4-1) unstable; urgency=low
* New upstream release. - New Apache directive WebAuthOptional, which does not force the user to authenticate if they're not already authenticated but adds the authentication information to the environment if they are. Intended for use with dynamic content that can manage optional authentication through an explicit login link. - Work around an MIT Kerberos library bug in error reporting from password change and remove the previous cruder workaround that mapped Kerberos errors to password strength warnings. - Suppress certificate validation for the WebKDC in WebLogin if the WebKDC URL is localhost, required by libwww-perl 5.837 or later. - More robust generation of the pkg-config configuration file. - Clearer warning from WebLogin when paired with an old WebKDC. - Document the pt and sa key/value pairs in WebKDC logging. * Drop the transitional libwebauth1-dev package, required to smooth upgrades from lenny. squeeze released with libwebauth-dev. * Update to debhelper compatibility level V8. - Use debhelper rule minimization with overrides. - Do more work in *.install files and less work in debian/rules. * Switch to 3.0 (quilt) source format. Force a single Debian patch and include a custom patch header explaining that it is a rollup of any fixes cherry-picked from upstream and breaking those patches out separately would be work for no gain. * Update standards version to 3.9.2 (no changes required). -- Russ Allbery <email address hidden> Wed, 11 May 2011 15:26:32 -0700