Revision history
---------------

v4.1.0  - Released by Matthew Palmer <mpalmer@debian.org>.
	- Autoconf support (somewhat limited, I think - need more testing on
	  a wider variety of platforms).
	- Some code cleanups done to improve maintainability in the future.
	- A lot of relevant comments added to help people understand what's
	  going on with regard to interfacing to apache.
	- Normalised the return values from some functions.
	- Removed all references to compat function names.
	- General tidinesses.

v4.0.0	- Released by Matthew Palmer <mpalmer@debian.org>.
	- Merge of the features of v3.2 and v2.30a.
	- Lots of duplicate config options, due to merge.  Need to determine
	  a consistent naming scheme and a unique set of options.
	- Some options starting with AuthMySQL (those merged from the 2.30a
	  release) may not work quite as advertised.  Please report all
	  inconsistencies.
	- Change in the semantics of ...Encryption_Types.  If it specified
	  anywhere, the type flags won't be used at all.
	- Cleaned up multiple miscellaneous code FUBARs I noticed during the
	  merge.
	- Fixed up variable naming to be more consistent and descriptive.
	- Replaced constants with their symbolic equivalents.
	- Using ap_set_... as much as possible now.  If I learnt more apache
	  coding I could probably replace most of the rest of the set_...
	  functions as well.

v3.2	- (Fork from v2.20 by J. R. Westmoreland <jr@jrw.org>)
	- Added ability to use MD5 crypted passwords.
	- Replaced Makefile with a Makefile that makes a DSO module for
	  apache.
	- Removed the update_htaccess_files.sh script.
	- Removed the autoconfig info since it didn't work.  Will add it
	  back later.

v2.30a - (Bugfix release)
        - Allow null passwords again.  Using a single '.' as your password
          in either configuration option will pass an empty password to
          mySQL.  While this maintains backward compatibility to the
          original Auth_MySQL, I cannot stress just how very insecure this
          is.  Please only use it when necessary.
        - AuthMySQL_User now works as documented.

v2.30 - (Maintained by Bill Jones)
	  Changed directive structure to allow expansion of limits and
	  privileges in future versions.
	- Changed connection type default to non-persistent.
	- Added checking in the connection functions to support connections to
	  multiple mysql servers and/or multiple users.
	- Disable DES encryption types and remove directives if crypt()
	  not available.
	- Changed API calls to comply with Apache 1.3 standard.  Support for
	  Apache 1.2.x removed entirely.

v2.20 - A user that was a member of more than one group couldn't be
        authenticated using group authentication.  Fixed. 
        (thanks to Jonathan Roy for reporting that bug).
      - Turning scrambled passwords on and then encrypted passwords off, or
        turning encrypted passwords on and then scrambled passwords off,
        would result in both scrambled and encrypted passwords being off.
        Fixed.
      - Changed all directive names to be nicer and more consistent.  See the
        USAGE file for specific information.
      - Added Auth_MySQL_Encryption_Types directive to allow for nicer setting
        of which encryption types to use, and multiple encryption types.
      - Added Auth_MySQL_Non_Persistent directive to allow non-persistent
        links to the MySQL server.
      - ONLY_ONCE is no longer supported.  This was a compile-time macro that
        wasn't even documented, and made no much sense anyway.  The
        user:password SQL table should really have one row per user, and the
        username should most probably be a primary or otherwise unique key.
      - The module should now be possible to compile on platform that does
        not have the crypt() function.  The Crypt_DES encryption type
        will not be available.
v2.11 - Fixed a bug in the scrambled password implementation.  It probably had
        no symptoms whatsoever with just about any C compiler in existence,
        but still, from a pure C-language-definition point of view, it was
        incorrect.  Thanks for Marschall Peter for pointing that out.
      - Fixed a small typo in the string escaping routine, which caused it
        never to work right.  I guess nobody uses strings that need to be
        escaped anywhere :)  Thanks to Brent Metz for noticing that.
v2.10 - Added the necessary include file to make Apache 1.3b6 happy
      - Added some information to the USAGE file, loosely describing how to
        go about implementing multiple groups for a single user.
v2.09 - Made the full error message of the MySQL server appear in case of a
        failed connect
      - Added Auth_MYSQL on/off directive, so that it'll be easily possible
        to turn the MySQL authentication on/off serverwide or for a specific
        directory.
      - Fixed the groups authentication code so that it'll work with one
        query and multiple groups.  For good this time :)
      - Some code cleanups
v2.08 - Fixed a checking for NULL password fields (won't work, but won't
        crash either)
      - Fixed logic and possible crashes with the new scrambled password
        initialization routines
      - Optimized a couple of routines
      - Changed the query that is used to check user groups - users that belong
        to multiple groups should have multiple rows in the groups table
v2.07 - Fixed a bug in the escaping routine - strings that required escaping
        were not properly detected (thanks to Marschall Peter for noticing
        the bug!)
      - Added Auth_MYSQL_ScrambledPassword - boolean flag to instruct the
        module to assume that passwords are scrambled using MySQL's password()
        function (by Marschall Peter <Peter.Marschall@gedos.de>).
v2.06 - Rearranged some code to allow for a successful apache 1.3beta
        compilation.
        Please note that this is *untested*, I only got it to compile, I haven't
        actually tried to run apache 1.3.
v2.05 - Change the check for 'mysql server has gone away' to be case insenitive
v2.04 - Added USAGE file that explains how to use this module thoroughly
v2.03 - Added compilation information :)
v2.02 - Changed version number from 1.x to 2.x, so that people know that this is
        really newer than mod_auth_mysql v1.4 :)
        Added a tiny note at the top of the source file.
v1.02 - Fixed a bug in the groups code
v1.01 - Fixed a segmentation fault bug in case of aborted hits
v1.00 - Initial, unversioned release.

