Version 0.5 of mod_auth_bsd
Release Notes: Stricter/safer enforcement of login failure penalties, installation fixups, and a new AuthBSDRequireSSL directive (defaults to On).
Other releases
Release Notes: This release supports Require group and Require user access directives, even from chroot, using system user databases. An AuthBSDStrictRequire switch was added to force all Require directives to match instead of only one, which is the default behavior for Apache auth modules.
Release Notes: This release supports authentication from a chroot jail. Credential caching was provided along with failure throttling to thwart dictionary attacks.
No changes have been submitted for this release.
Release Notes: This version removes the failure database because of signal issues allowing database corruption (truncated writes). The only practical fix was subject to a race, so this "feature" was removed entirely, and replaced with a simple, required nanosleep to mitigate brute-force attack.
Release Notes: Stricter/safer enforcement of login failure penalties, installation fixups, and a new AuthBSDRequireSSL directive (defaults to On).
