-
|
Version 0.2.5
Configuration bug-fixes and making it easier to deploy on
OpenBSD.
-
|
Version 0.2.4
Instead of compile-time debug levels and output, start using a
run-time configuration file. (Existing methods of setting debug
level and file are retained, although they are overridden by the
configuration file contents).
This is documented in
kcaldav.conf(5).
The location of the file is a compile-time constant set in
CFGFILE, defaulting to
/conf/kcaldav.conf.
This makes it much easier to submit bug reports.
Fully comply to the RFC for RRULE UNTIL
parsing. Newer versions of Thunderbird (or possibly just the
newer time-zone specifications used by Thunderbird) caused
kcaldav to fail in parsing uploaded
calendar entries for this reason.
-
|
Version 0.2.0
Significant upgrades to the source code, although none of it
front-facing.
Most effort went toward restructuring the code to be more readable
and friendly to contribution, especially as regards layering.
The layout is briefly described in the README file.
Messaging has been overhauled.
All web application access now uses
kcgi's logging routines,
while the local
kcaldav.passwd.1 uses standard
console logging.
The only front-facing change here is that command-line output is as
one would expect—output was all tailored to web application
logging.
The only maintainer update is that the
DEBUG macro at
compile time, which used to be settable to
1 for
verbose output and
2 for
all output,
is now
1 (informational messages),
2
(database operations as well), or
3 (network as well).
A value of
0 (or less than zero), or not specifying the
variable, results in only errors being reported.
-
|
Version 0.1.15
One-liner fix to respect the logfile name.
-
|
Version 0.1.14
Even better parsing of iCalendar (RFC 5545) dates and times.
This is from more work contributed by Olivier Taïbi, thanks!
Significantly increase the iCalendar regression suite with a set of
valid calendar files from
ical4j.
Essentially re-write the
kcaldav.passwd(1) manpage for
clarity.
Significantly improve its code-base as well, most notably using
pledge(2).
Make
-C always unset
-n.
Be much clearer about verbosity.
This now allows
kcaldav.passwd(1) to not spam the
operator with underlying errors, warnings, and information.
Document the
-b flag.
-
|
Version 0.1.13
Fix for RFC 5545 section 3.8.2.4, which stipulates a more
complicated date setup than initially parsed.
Found by and patched with Olivier Taïbi, thanks!
Bump to newest
oconfigure.
-
|
Version 0.1.12
Update to newest and safest
kcgi(3) functions.
Bump to newest
oconfigure.
No code change otherwise.
-
|
Version 0.1.11
First, handle non-numeric ETag values.
This has several steps.
First, not parsing the values as numbers and aborting otherwise.
Second, using randomly-generated ETag values internally instead of
monotonically increasing numbers.
Third, outputting as opaque strings instead of numbers.
This was originally reported by stsp@, thanks!
Next, HTTP conditionals.
For If-Match, make sure to properly handle quoted
values as well as the passthrough
value.
Do the same for If-None-Match.
Lastly, clean up the manpages and the www material.
-
|
Version 0.1.9
Handle out-of-order iCal files, which is technically allowed by the
RFC.
This was raised by stsp@ and others on GitHub, with a patch as well!
While there, fix handling of dates prior to 1900, which happens with
some time zones.
Also handle some negatively-valued recurrence values.
-
|
Version 0.1.7
Merge fixes from
mk-f@ to
handle
application/xml, which requires the newest
version of
kcgi.
He was also awesome in fixing another subtle bug (in
kcgi) in parsing the
nc value when performing certain types of validation.
An awesome set of fixes, thank you!
-
|
Version 0.1.6
First release in a long time!
This brings us up to date with
kcgi(3) along with some simplifications.
First, kick out the
GNUmakefile in favour of a simple
Makefile.
Then, bring in
oconfigure for compatibility.
Lastly, relegate per-system changes to a
Makefile.local, making it easier for maintainers.
-
|
Version 0.1.5
Don't break multi-byte (UTF-8) streams.
For the time being, this assumes that we're going to be encoded with UTF-8
Also migrate to a GNUmakefile instead of a Makefile, which
allows easier portability between systems. Use a LOGFILE directive instead of logging to stderr.
-
|
Version 0.1.4
This small version allows integration with new
kcgi(3) 0.7.5 facilities for
debugging.
This makes it easier to debug new CalDAV clients: see the
Makefile pre-processor options to
enable debugging.
If you have issues with a client, please enable full debugging and send me the exchange between the client and server.
I've removed the options parsed by
kcaldav(8), instead relying on compile-time options as
defined (and documented) in the
Makefile.
Fix some small nits found with
scan-build.
Add to
GitHub and check with
Coverity.
-
|
Version 0.1.2
Properly URL-encode and decode calendar entities.
This arises when some calendar systems (e.g., Google) use non-alphanumerics in their Calendar names.
Also relax an overly-strict rule when parsing the recursive rules as found by Reyk Floeter.
(Right now, the system doesn't use the recursive rule, so it's safe to have insane dates.)
-
|
Version 0.1.3
Warning: you'll need to dump your
database and regenerate it with the included schema
file kcaldav.sql.
New columns and constraints have been added to support delegation as described below.
Added proxy functionality (see
caldav-proxy.txt).
This has been tested with Apple's iCal, but not with other systems.
Delegation can be set from the client or from the web interface.
Make web-interface access to the null
directory (e.g., /cgi-bin/kcaldav) automatically redirect to the root directory
instead of crashing the system.
Moreover, allow probe
requests (PROPFIND on the script root) properly redirect to the authenticated principal.
While there, move the entire web interface to use JSON and JavaScript instead of dynamic HTML.
This makes it easier to extend or replace.
Updated the underlying database routines to better handle failure conditions and added more documentation to the code
and explanations of error conditions.
Sandbox the entire running process with
sandbox_init(3)
(only applicable on Mac OS X).
-
|
Version 0.1.1
Split out the CalDAV and iCalendar parsing routines into their own library, which is installed but not yet properly documented.
The documentation will be fleshed out as
libkcaldav(3).
Also re-renamed the Makefile rule
updatecgi
back into
installcgi
.
This doesn't feature any updates to system functionality.
-
|
Version 0.1.0
Migrate to using
SQLite to store everything: nonces, collections, resources, configuration,
and so on.
This completely replaces the existing file-system based infrastructure, which was too brittle, with a single database file.
All existing functionality is preserved, but there are some changes to be aware of if you're already using
kcaldav.
Foremost, you can now have multiple calendars.
To effect this change, all user calendars are now within subdirectories of the calendar root, e.g.,
/cgi-bin/kcaldav/kristaps/calendar/ instead of directly in
.../kristaps/.
iOS and iCal clients deal with this properly, but Thunderbird will need to point directly to the calendar collection.
Use the on-line interface or
kcaldav.passwd(1) to add calendars and calendar files.
To migrate an existing installation, you'll need to create a new database file with
kcaldav.passwd(1).
Make sure that it's read-writable by the web server process.
You'll then need to add your iCalendar files using the same tool.
To migrate this server, I simply re-created my principal, then added the calendar files.
In brief,
% cd /var/www/caldav
% kcaldav.passwd -f . -C
% kcaldav.passwd -f . -n `find kristaps -name \*.ics`
The unabridged form consists of using sudo and -u kristaps.
For testing, note that the kcaldav.db file can live alongside an existing installation.
So if you want to make sure it works, both can run alongside each other.
-
|
Version 0.0.16
Support the
calendar-description element.
Consolidate all properties into a single structure, allowing for flexible addition and removal of properties and property
behaviour.
This also removes a lot of conditional logic when responding to
PROPFIND and
REPORT methods.
The
DELETE method has been cleaned up.
All HTTP methods are now described in
kcaldav(8), including available properties.
Lots of internal support has been added for iCalendar
recurrence
rule computation, which is the major stepping stone for processing iCalendar dates, but this is not hooked into
active use (yet).
-
|
Version 0.0.15
Allow web-based viewing of collection data.
This works because GET isn't defined in calendar collections (according to
RFC
4918, section 9.4), so we can send all GET requests for collections to an HTML dynamic handler.
Add initial
PROPPATCH bits so that clients can (conditionally) set certain properties, e.g., iCal setting the
calendar display name and colour.
Add a framework for field-specific validation in the CalDAV parser to do so.
-
|
Version 0.0.14
Add a flag to
kcaldav.passwd(1) to create new principal's home directories and populate them
with a simple
kcaldav.conf(5) file.
Completely re-write the internal iCalendar parser to get ready for handling iCalendar dates.
Add a handler for the default time-zone, encouraging GMT use, and minimum accepted date (epoch).
Lastly, document each property we support (in the source) with a pointer to the RFC section.
-
|
Version 0.0.13
When accessing the server from a web browser (i.e., for HTML content), respond by printing the logged-in user's information and
allow for changing of passwords or e-mail if the principal database has the correct permissions.
This allows new users to perform simple administrative tasks without needing to log into the underlying UNIX server.
See
kcaldav(8) for details.
-
|
Version 0.0.12
Implement a nonce database to prevent replay attacks for digest authentication.
This follows
RFC 2617 in maintaining a (bounded) database of nonce values and
their counts.
On first authentication, a new nonce field is created for the principal (possibly evicting the oldest nonce).
Subsequent authentication must use this nonce as well as an increasing nonce-count.
The methods are described in
kcaldav(8).
Also, have the gecos field in
kcaldav.passwd(5) contain the user's email address, then remove the
email address field from
kcaldav.conf(5).
-
|
Version 0.0.11
Migrate the
RFC 2617 handling directly into
kcgi, making the parse sequence just a little safer.
-
|
Version 0.0.10
A small fix for some clients who aren't smart enough to resend HTTP OPTIONS after receiving a code 403 for the same.
Fitted the XML (CalDAV, DAV, etc.) parser with proper namespace support via the
libexpat namespace handlers.
Parsed documents are now properly checked for namespace and name of matching elements (e.g.,
DAV::href), not just
the name itself.
Run the XML parsing routines through
AFL for quite some time to shake out
stray bugs.
Add the ability to detect
iCalendar components (
VCALENDAR,
VEVENT,
VTODO, etc.) and properties (
UID,
DTSTART, etc.) during parse and
stash references to them in linked component lists.
This paves the way for filtering capabilities in later versions.
-
|
Version 0.0.9
Fully implement
RFC 2617 for authorisation.
This includes the
MD5-sess
,
auth
, and
auth-int
directives.
-
|
Version 0.0.8
Verify that all
open() invocations use advisory locks.
Simplify re-opening locked files with
fdopen() into its own utility function.
Disallow symbolic links everywhere.
(This may be relaxed in the future...)
Drop privileges in
kcaldav.passwd(1), making it sensitive to the
setuid or
setgid bits.
-
|
Version 0.0.7
Linux support thanks to a lot of compatibility glue.
I'm especially displeased with Linux while doing this project: it doesn't even have
O_EXLOCK and
O_SHLOCK!
I'm just using
libbsd to prevent code duplication.
While refactoring, consolidate logging functions and add
kcaldav.passwd(1).
Run the principal parsing routines through the
American fuzzy lop (nothing found).
-
|
Version 0.0.6
Use the
American fuzzy lop to ferret out crashes and hangs in the
iCalendar parser.
Also move this parser to internally use a non-nil terminated buffer; thus, there's no additional copy necessary to a
nil-terminated buffer.
Support the
<calendar-query> object for when the iPhone4 retrieves resources.
-
|
Version 0.0.5
Simple CalDAV access using Lightning and Mac OS X 10.7 (
Lion
) iCal.
The usual PUT, GET, and DELETE methods are supported, and a minimal (but functional) subset of PROPFIND and REPORT properties.
See the
kcaldav(8) manual for details.
-
|
Version 0.0.4
Initial public release.
This features only direct iCalendar access, tested on
Mozilla
Lightning.