# 2.9.1 - 2021.07.17
    - new feature: added support for using Kerberos authentication on windows clients using the native winkerberos library
    - new feature: added support for using Channel Bind tokens with Kerberos authentication on windows clients
    - fixed a bug related to using start_tls with a RESTARTABLE strategy that caused errors to be raised erroneously.
    - fixed a bug around the type checking of Reverse DNS Settings with Kerberos authentication
    - fixed an issue related to decoding unicode strings in LDAP referrals and attributes in python 2
    - minor documentation updates and corrections

# 2.9 - 2021.01.24
    - new feature: SafeRestartable strategy (SAFE_RESTARTABLE) for using a restartable Connection object in a multi-threading program
    - tested against Python 3.9
    - added requirements-dev.txt
    - fixed logging unicode exceptions in python2.7
    - added more granular control over use of reverse dns with Kerberos (thanks Azaria)
    - support MS Active Directory persistent search (thanks eLeX)
    - added support for LDAP signing when using DIGEST-MD5 authentication (thanks Augustin-FL)
    - check only for searchResEntries in LDIF conversion (thanks Jay)
    - modify-increment now works properly in mock strategies (thanks Saint-Marcel)
    - objectGUID are now converted properly (thanks Janne)
    - default timeout in asynchronous strategies raised to 20 seconds

# 2.8.1 - 2020.09.07
    - fixed regression in 2.8 for members returned in AD auto-range search (thanks Felix)
    - fixed regression in 2.8 for attribute error in restartable class (thanks Christian)
    - try to use Crypto library if present for hashing NTLM password on python interpreter missing the MD4 OpenSSL algorithm (thanks Doron)

# 2.8 - 2020.08.08
    - new feature: SafeSync strategy (SAFE_SYNC) for using a synchronous Connection object in a multi-threading program
    - new feature: LDIF_LINE_LENGTH for specifying line length wrapping in ldif-content output (default to 78 as per RFC 2849)
    - fixed requirements for pyasn1
    - fixed regression for ldapi connections
    - fixed issue with lazy connection requesting server info on every operation
    - fixed searching by objectGUID in hex format (thanks Matt)
    - added iso_format parameter to utils.format_json to return dates in ISO format (thanks Hugh)
    - fixed issue with Referral attributes not returned by the referral server (thanks Nazarii)
    - fixed lost error message in auto_bind (thanks cfelder)
    - fixed delete_old_dn in mock connections (thanks kpinc)
    - fixed a ResourceWarning with lazy connections
    - fixed entry_to_json() that in python2 modified the original entry value (thanks Dirk-Jan)
    - tests doesnt' raise Exception if real server is not present (thanks Matej)

# 2.7 - 2020.03.01
    - tested against Python 3.8.1 and pyasn1 0.4.8
    - re-enabled ssl exception raising on bad certificate when only 1 server is present in the server pool
    - removed Python 2.6 from Travis configuration (thanks gliptak)
    - added support for source specifications in LDAP connections (thanks Azaria)
    - added support for allowing special AD security identifier (SID) in DN (thanks John)
    - fixed pickling of entry and attribute (thanks cfelder)
    - close connection when auto_bind fails (thank Hrishikesh)
    - operational attributes can be used in Abstraction Layer (thanks Sohalt)
    - additional SSL options can be used in Tls object (thanks Nazarii)
    - threading.Event replaces loop checking in async strategy. ASYNC strategy should be much faster now (thanks Yang)
    - adding a key that is already an alias that contains other aliases in CaseInsensitiveWithAliasDict() now works properly (thanks Mark)
    - when searching for GUID, UUID and SID the backslash character (0x5C) is properly managed (thanks Nocturem)
    - LDIF output properly formatted when controls are missing (thanks Tom)
    - operational attributes are not returned in MOCK strategies when not requested (thanks kpinc)
    - undecodable values are returned as raw bytes when using the pyasn1 decoder

# 2.6.1 - 2019.09.06
    - tested against pyasn1 0.4.7
    - added eDirectory 9.1.4 (EDIR_9_1_4) to offline schemas
    - added json converter for timedelta (thanks dirkjanm)
    - strip parameter defaults to False in utils.dn.parse_dn()
    - escaped space is allowed as trailing character in attribute_value in utils.dn.parse_dn() (thanks phi1010)
    - connection.extend.standard.paged_search doesn't raise exceptions when raise_exceptions is False
    - the Search operation returns the entries fetched by the server when size or time limits are reached even if raise_exceptions is set to True
    - Handle the minimum value that can be stored in an Int64 in format_ad_timedelta (thanks mprahl)
    - EntryState: `entry_raw_attributes` is populated instead of `raw_attributes` (thanks Christian)
    - Removed restriction to perform rename and move simultaneously in modify_dn (thanks Fabian)
    - fixed checking for hexdigits in parse_dn (thanks Michael)
    - fixed escaping when multiple backslashes are present in parse_dn (thanks Phillip)
    - fixed multiple NoneType exceptions in entry_to_json() (thanks David and cfelder)
    - allowing Microsoft specific syntax (<WKGUID=xxx>) for WellKnownObjects in DN (thanks David)
    - connection.extend.standard.paged_search() now follows referrals when auto_referrals=True (thanks kprativa)
    - fixed a bug in decoding replica list in connection.extend.novell.list_replicas()
    - fixed a bug when adding duplicate alias in CaseInsensitiveWithAliasDict()
    - added ignore_duplicates=False in set_aliases in CaseInsensitiveWithAliasDict() to ignore a duplicate alias (either in aliases or in keys)
    - Schema info now uses CaseInsensitiveWithAlias dict as default so object and attributes can also be referentiated with OID (thanks ahoffm11)
    - added block mode and timeout parameters to next() method of persistent_search
    - when using the pyasn1 decoder raw_dn is not returned as a pyasn1 object anymore but as bytes
    - Return offset timezone aware datetime for max AD timestamp (thanks Jussi)

# 2.6 - 2019.03.24
    - fixed empty digestMd5.py file in 2.5.2 package
    - explicitly declare digest module md5 in util.ntlm (thanks adawalli)
    - change object passed to modify() was unexpectedly mutated (thanks John)
    - added LDAPInfoError exception
    - added Server.has_control(control) method to check if a server has a specific control
    - added Server.has_extension(extension) method to check if a server has a specific extension
    - added Server.has_feature(feature) method to check if a server has a specific feature
    - fixed checking of \\ in safe_dn (thanks Maxim)
    - fixed uuid checking with 5c byte value
    - added single=True parameter to the ServerPool object definition. Servers state is shared between connections using the same pool
    - updated copyright notice


# 2.5.2 - 2018.12.28
    - when starting tls before binding the connection is automatically open
    - fixed changelog date (thanks Adam)
    - support for AD timedeltas (thanks mprahl)
    - fixed WhoAmI in mock strategies (thanks mprahl)
    - prevent unnecessary exception in extend/standard/ModifyPassword (thanks Johnny)
    - added support for external gssapi credentials to be passed to the sasl connection (thanks Firstyear)
    - added support for gssapi store in sasl connection (thanks clhendrick)
    - fixed LdifProducer (thanks antoinell)
    - fixed NTLM bind (thanks ribx)
    - server state in ServerPool is now a namedtuple "ServerState" (thanks Krisztian)
    - fixed error when adding member to AD group with unsafe DN (thanks Maxim)
    - properly restore lazy status in reusable strategy (thanks Krisztian)
    - ServerState namedtuple converted to class in core/pooling (thanks Krisztian)
    - empty schema doesn't raise exception in Abstraction Layer (thanks ghost)


# 2.5.1 - 2018.08.01
    - connection.result is populated when exception raised with raise_exceptions=True
    - fixed objectSid in mocking strategies
    - fixed circular reference in exception history
    - added objectSid validator
    - byte values are properly searched in MOCK strategies (thanks dyj216)
    - exception history refactored (thanks Tamas)
    - connections in context manager don't bind anymore when auto_bind is set to AUTO_BIND_NONE (Thanks Tim)
    - Cython compatible build (thanks Pedro)
    - more detailed exception message in Mock strategy (thanks Janne)
    - exceptions flow refactored in reusable strategy (thanks kxt)
    - pwdlastset accept any positive integer (thanks abenbecker)
    - fixed an exception while logging packet with pyasn1 decoder
    - fixed importing abc from collections for Python 3.8


# 2.5 - 2018.04.15
    - abstract layer now handles auxiliary classes
    - pwdLastSet in AD is valid for 0 and -1 (thanks Taylor)
    - fixed extend.novell.get_universal_password (thanks Fernando)
    - entryUUID is properly validated in search filters (thanks FriedrichI)
    - custom attribute formatters are properly applied when parsing the search filter
    - REUSABLE strategy now honours credentials when changed in the original connection (thanks Prof Hase)
    - add operation doesn't change passed attribute dict anymore (thanks Daniele)
    - missing entry's attribute return False when searching instead of raising an exception (thanks Maxsond)
    - fixed ad_timestamp evaluation for integers (thanks Flynn)
    - wrong exception raised when user name is empty in simple binding (thanks Ivan)
    - exception is raised if size limit is exceed when searching in mocking strategies with raise_exceptions=True (thanks David)
    - fixed validator for novell guid
    - fixed validator for openldap EntryUUID
    - fixed validator for AD objectGUID, now follows MS-DTYP
    - fixed formatter for AD objectGUID
    - fixed exception when adding binary values (thanks guidow)
    - added escape_rdn_chars() to ldap3.utils.dn for safe checking untrusted input while building DNs (thanks Alex)
    - fixed search for binary values in mock strategies
    - fixed exception with unicode chars in subfilters for python 2 (thanks Friedrich)
    - connection.extend.paged_search() doesn't miss the last entries anymore when size limit is exceeded on the server (thanks Friedrich)
    - validators are not applied when loading data from json dump in Mock strategies (thanks Derek)
    - additional validator to check for erroneous bytes to string conversion in Python 3 (thanks Brian)
    - additional formatter and validator to check for generalizedTime with 0 year (thanks Brian)
    - added ADDITIONAL_CLIENT_ENCODINGS parameter
    - fixed AD dir_sync extended operation (thanks Lucas)
    - ad_unlock_account works properly (thanks Francowxu)
    - added Microsoft security descriptor control (thanks Dirk-jan)
    - fixed search in mock strategies when raise_exceptions=True (thanks Derek)
    - formatters never raise exceptions but return the raw_value when unable to format
    - fixed controls duplication in paged search (thanks Dirk-jan)

# 2.4.1 - 2018.01.21
    - tested against pyasn1 from version 0.1.8 up to version 0.4.2, Python 2.6.6, Python 2.7.14, Python 3.6.4
    - auto_encode parameter is honored when binding (thanks jkolo)
    - fixed organizationalName definition in oid (thanks mingulov)
    - automatic byte to int conversion working again (thanks Brian)
    - mock connection searchs correctly escape filters (thanks kiddick)
    - fixed bind with not unicode characters in Python 2 (thanks jkolo)
    - extended filter attributes should work again with pyasn1 0.4.1 (thanks Dirk-jan)
    - fixed error when reading incomplete server info
    - NOT keyword properly handled in dit_content_rules (thanks Michael)
    - operational attributes are prorerly returned in Cursor whit get_operational_attributes = True (thanks a23s4a)
    - start_tls() is properly executed with AD when raise_exceptions=True (thanks Andrew)
    - reopening a Connection honours auto_bind setting (thanks calken)
    - an attribute returned with no value from a flaky server doesn't raise exception anymore (thanks Terrence)
    - pwdLastSet in AD is valid only for -1 (thanks Thane)
    - fixed docs for ldifProducer (thanks lhoekenga)
    - fixed monkeypatching of pyasn1 for Boolean Value in BER encoding (thanks tmarlok88)
    - check_names was not honoured while validating attribute values (thanks ymcymc)
    - locks refactored in Connection and in Async strategy
    - socket properly closed when checking availability of an invalid server

# 2.4 - 2017.11.14
    - security fix in the rebind() method of the Connection object (thanks Daniel)
    - fix for Sasl credentials in Python 3 (thanks Busuwe)
    - fixed bug when checking for equality in MockBase
    - added validator parameter to Server object for custom validators
    - attribute values are now validated in add/compare/modify operations in the Connection object
    - Python types can now be used in add/compare/modify operations
    - compatible with the pyasn1 library from version 0.1.8 up to latest (0.3.3 for now) version
    - fixed compatibility with Twisted on Windows on Python 2.7 (thanks Pmisik)
    - fixed paged_search behaviour in Reader object
    - fixed regression in MockBase (thanks Markus)
    - fixed invalid filter sequence in MockBase (thanks SignedBit)
    - added compatibility with Cython (thanks Pedro)
    - fixed auto_encode check in validate_attribute_value for unknown attrs (thanks CFelder)
    - don't encode response_value as extended_response_to_dict expects a decoded value (thanks Matthias)
    - compatible with the pyasn1 library from version 0.1.8 up to latest (0.3.7 for now) version
    - added LDAPObjectDereferenceError exception
    - LDAPObjectDereferenceError is raised when an object tries to dereference itself in the Abstraction Layer (thanks Daniele)
    - async module renamed to asynchronous for compatibility with Python 3.7 (thank Barry)
    - long integer are properly checked in mocking strategies (thanks gregn610)
    - NUMERIC_TYPES includes long for Python 2

# 2.3 - 2017.08.02
    - compatible with the pyasn1 library from version 0.1.8 up to latest (0.3.1 for now) version
    - MockAsync strategy is available
    - added __ne__ method to Attribute in abstraction layer (thank Rodrigo)
    - added LDAPUserNameIsMandatoryError exception in simple bind when user name is empty
    - search referrals are properly decoded with fast decoder
    - paged search works in mock strategies
    - paged_search in extend.standard namespace raises an exception of class LDAPOperationResult if the search returns an error
    - search_paged() method of Cursor object now return the whole list of entries if generator=False
    - updated docs for defaults parameters (thanks Guarnacciaa)
    - fixed mockBase for integer matching (thanks Jijo)
    - boolean values are now uppercase in LDIF (thanks Linus)
    - fixed timeout in ssl connection on Linux and Mac (thanks Allan)
    - changed some internal functions to private in ldap3.utils.dn
    - operational attribute entryDN is properly managed in Mock strategies (thanks Mark)
    - new rdn in renamed entry is properly set in Mock strategies (thanks Mark)
    - metrics are now updated for Mock strategies, except that for received bytes (thanks joehy)
    - better managing of missing schema from the server (thanks Deborah)
    - fixed error while schema is not in string format (thanks Alexandre)
    - SNI support added when the underlying python library allows it (thanks Edmund)
    - added pool_keepalive parameter to Connection object for REUSABLE strategy
    - connection.extend.microsoft.modify_password returns False when change is not successful (thanks Ashley)
    - added validators for uuid and uuid_le
    - fixed error while searching for bytes
    - fixed pickling and unpickling of datetime values (thanks David)
    - fixed error that resulted in valid generalizedTime strings not being parsed (thanks Busuwe)
    - fixed error with modify operation on referrals (thanks Busuwe)
    - fixed error in mockBase add_entry() with raw rdn (thanks Chad)
    - fixed error when stdin has not encoding in config.py (thanks cronicryo)
    - fixed error when optional field are not present in pyasn1 requests (thanks Ilya)
    - added DEFAULT_SERVER_ENCODING config parameter, should always be utf-8
    - DEFAULT_ENCODING config parameter renamed to DEFAULT_CLIENT_ENCODING
    - ADDITIONAL_ENCODINGS config parameter renamed to ADDITIONAL_SERVER_ENCONDINGS
    - additional encodings are applied to all data received from the server
    - additional encodings are not applied to client data
    - added from_server=False parameter to to_unicode() to not try client encoding while decoding data from server

# 2.2.4 - 2017.05.07
    - leading and trailing spaces in server name don't raise exception anymore
    - DitContentRule is properly read from the schema
    - added validator for Active Directory timestamp
    - Mock strategies raise an exception if a non-bytes value is added to the schema when no offline schema is provided (str and int are automatically converted)
    - added custom_validators property to Mock strategies
    - modifying objectClass with bytes values doesn't raise an exception anymore (but it may fail anyway because of server constraints)
    - ensure that config sequence parameters are properly set
    - allow case insensitive attribute and class names in config parameters
    - added server.schema.is_valid() to check if the schema is available
    - empty schema properties are set to empty dict() instead of None
    - schema definitions with trailing and leading spaces are now properly parsed and don't raise an LDAPSchemaError exception anymore
    - fixed error when flaky servers (OpenLDAP) don't return the correct response with StartTls

# 2.2.3 - 2017.04.30
    - abstraction layer query converts int values to string (thanks dgadmin)
    - CaseInsensitiveDictWithAlias doesn't raise an exception anymore if alias is set multiple times to the same key
    - friendly names in AttrDef are properly managed when performing commits in Writer cursors
    - no more errors when server returns an empty schema (thanks Glen)
    - range attributes in entries are properly recognized when auto_range is False
    - fixed random errors in auto_range searches (thanks James)
    - fixed checking of malformed schema
    - added configuration parameter IGNORE_MALFORMED_SCHEMA to not raise exception for servers that don't follow the LDAP RFCs (defaults to False)
    - test config moved to test/config.py
    - testcase_id generated randomly for each test
    - added ATTRIBUTES_EXCLUDED_FROM_OBJECT_DEF parmeter to exclude some attribute from automatic populate of ObjectDef in Abstract Layer (helpful for AD)
    - added IGNORED_MANDATORY_ATTRIBUTES_IN_OBJECT_DEF parmeter to exclude some attribute from mandatory attribute list in ObjectDef in Abstract Layer (helpful for AD)
    - fixed error when using implicit assigning in WritableEntry
    - added LDAPInvalidValueError Exception
    - in Python 3 byte filter are converted to unicode before parsing
    - RESPONSE_DN_ENCODING parameter renamed to ADDITIONAL_ENCODINGS
    - to_unicode(value, encoding=None, additional_encodings=False) now checks for additional encoodings in ADDITIONAL_ENCODINGS list if additional_encoding is set to True
    - Reusable strategy uses not lazy Restartable connections
    - Reusable strategy doesn't keep requesting the schema
    - connection pool size in Reusable strategy defaults to 5
    - optimized usage of configuration parameters

# 2.2.2 - 2017.03.17
    - PLAIN mechanism added to SASL authentication (thanks Janusz)
    - added RESULT_RESERVED return code (thanks Rak)
    - added RESPONSE_DN_ENCODING in config for flaky servers that return non utf-8 encoded DN. Set it to a list of encoding to sequentially try for decodign DNs.
    - removed StopIteration in generators (deprecated by PEP 479)
    - fixed a bug when converting AD datetimes on Windows systems
    - added compatibility with pyasn1 0.2.3
    - fixed NTLM authentication with pyasn1 0.2.3
    - fixed an error when installing via executable on Windows (thanks TrumSteven)
    - added 'raw_dn' key in search response dictionary. It contains the DN byte value returned for DN by the server
    - attributes with ";binary" tag can now be retrieved in abstraction layer with the usual entry.atttribute syntax
    - updated tests for OpenLDAP
    - fixed error when in add/remove extend operation for case mismatch in user or group dn
    - integer validator now automatically convert valid string numbers to int
    - invalid timezone are checked when validating Generalized Time Format
    - added test cases for validators
    - updated tests for OpenLDAP

# 2.2.1 - 2017.02.12
    - tested against pyasn1 0.2.2 (thanks Ilya)
    - get_response() has an optional new parameter "get_request" to return the request too, helpful in asynchronous strategies
    - connection.request, connection.response and connection result are now properly blanked in async strategies
    - ldap3.utils.dn.safe_dn() now checks for AD names only if no equal sign is present in the dn
    - abstraction layer properly works with asynchronous strategies
    - added a named tuple "Operation" used to store the request, result and response of an LDAP operation in Cursor history
    - cursors in the Abstraction Layer keep history of executed LDAP operations for the last Cursor operation in the cursor.operation property
    - Cursors in the Abstraction Layer keep history of errors for the last Cursor operation in the cursor.errors property
    - if any error has occurred in the last operation of a Cursor the cursor.failed property is set to True
    - added a named tuple "Operation" for storing request, result and response of an LDAP operation in Cursor history
    - Cursor honours raise_exception parameter of the Connection.
    - Cursor commit() return True if operations are successful and False if not. All pending commits are executed even if some fail
    - new entries that have no additional mandatory attributes other those defined in dn are properly managed in Writers (thanks Matt)
    - CaseInsensitiveDict now properly strips blanks from keys
    - updated hashing alghoritm SHA to SHA1 (thanks Satoh)
    - added match_dn(dn) to Cursor for matching entries with specified text in DN
    - added match(attributes, value) for matching entries with specified value in one or more attribute values. It checks values and raw_values
    - Cursors have simple match capability. When key is a string Cursor tries to match it against the DN of entries found.

# 2.2.0 - 2017.01.16
    - tested againsts Python 3.6.0, Python 2.7.13 and Python 2.6.6
    - updated docs regarding search response attributes (thanks James)
    - fixed LDIF representation for operation_to_ldif (thanks m7four)
    - fixed rebind for pooled connections
    - fixed custom sort order in LDIF representation of entry
    - added Active Directory GUID syntax for safe_dn() (thanks dinhngtu)
    - added pre-post read control (thanks Elizabeth)
    - added add_members_to_groups in microsoft.extend namespace for Active Directory
    - added remove_members_to_groups in microsoft.extend namespace for Active Directory
    - refactored internal extend.microsoft and extend.novell structures
    - fixed auto_escape for extended characters (thanks asand3r)
    - validators now transform the Python value to a valid LDAP value when appropriate (thanks Sjd-Risca)
    - added validator for boolean types
    - added validator for date types
    - fixed representation of binary data in Abstraction Layer for Python 2
    - added auto_encode parameter to Connection object (defaults to True)
    - limited auto_escape feature only to filter values
    - escape_filter_chars doens't try anymore to guess if the value is already escaped.
    - added ldap3.conv.is_filter_safe() (thanks Robert)
    - added auto_escape parameter to connection.search() to override connection auto_escape behaviour (defaults to None)
    - auto_escape is not applied to filter value if already escaped
    - automatically encode output to stdout encoding for repr() and str() (for printing and logging attributes values).
    - binary data are converted to a hex values string in repr() and str() (for printing and logging attributes values).
    - auto_encoding is performed only for well known attribute types that use Unicode format in LDAP
    - CLASSES_EXCLUDED_FROM_CHECK and ATTRIBUTES_EXCLUDED_FROM_CHECK moved to ldap3.utils.config and made available via get_config_parameter()
    - added UTF8_ENCODED_SYNTAXES in ldap3.config.utils and made available via get_config_parameter()
    - added UTF8_ENCODED_TYPES in ldap3.config.utils and made available via get_config_parameter()
    - config parameters made available only via get_config_parameters()
    - removed to_bytes() and check_escape() from ldap3.utils.conv (ambiguous functions)
    - added connection.request to MockSync (thanks Fabian)
    - tags are properly managed in add, compare and modify requests (thanks guidow)
    - in Mock strategies single-valued attributes are properly managed
    - in Mock strategies attributes type names are properly managed
    - implemented extended operation machinery in MockBase
    - implemented WhoAmI [RFC4532] in Mock strategies
    - implemented GetBindDn [NOVELL] in Mock strategies
    - implemented operational attributes machinery in MockBase
    - implemented entryDN [RFC5020] operational attribute in MockBase
    - Sphinx updated to 1.5.1


# 2.1.1 - 2016.11.18
    - Mock strategy uses case insensitive matching when appropriate
    - fixed error when adding a virtual attribute in the abstract Entry object
    - fixed error messages in Entry moving and renaming
    - Reverted default connection strategy to SYNC (thanks Mauro)
    - Fixed tutorials (thanks Mauro)
    - Fixed checking of schema in ObjectDef (thanks Pierre)
    - Fixed checking of stdin in config (thanks Oleg)
    - fixed commit of entry with async strategies
    - fixed reading of entries in async strategies
    - added cipher argument to Tls (thanks Nicolas)
    - fixed bug when using the abstraction layer with lazy connections
    - fixed case matching while adding new entry in Writer cursor (thanks t0neg)
    - disabled auto_escape for byte values
    - fixed auto_escape for python 2
    - fixed tutorials (thanks Ivano)

# 2.1.0 - 2016.11.03
    - changed default Connection strategy from SYNC to RESTARTABLE
    - enable automatic escaping of assertion values
    - fixed decoding error with check_name=False
    - added auto_escape parameter in connection, for trying automatic filter and attribute values escape
    - fixed checking of schema in MockBase
    - SASLBindInProgress doesn't raise an exception anymore with raise_exceptions=True
    - standard formatters are applied in mocking strategies when serching for exact match

# 2.0.9 - 2016.10.28
    - removed sanitization of DN in bind operation because some servers accept non standard DN for Simple Bind

# 2.0.8 - 2016.10.28
    - included referral caching (thanks TWAC)

# 2.0.7 - 2016.10.27
    - FIRST RELEASE OF LDAP3 V2
    - changed signature of ldap3.abstract.Reader object
    - removed search_size_limit(), search_time_limit() and search_types_only in the Reader cursor
    - fixed SASL in progress error (thanks Styleex)
    - fixed ALL_ATTRIBUTES in MOCK_SYNC strategy (thanks Belgarion)
    - ncorrect attribute type error message now includes the name of the attribute (Thanks Andrej)
    - relaxed dn checking for Active Directory UserPrincipalName
    - relaxed dn checking for Active Directory SamAccountName
    - added checking of attribute name in add, compare and search operations
    - added checking of class name in add operation
    - renamed exception LDAPTypeError to LDAPAttributeError
    - in sync strategies LDAP operations populate the last_error attribute of the connection in case of not RESULT_SUCCESS
    - connection.return_empty_attributes defaults to True
    - escaped filter by default
    - fixed escaping of filter
    - add move and rename to abstraction layer entry
    - ldap3 namespace decluttered
    - RESULT_CODES moved to ldap3.core.results
    - compatibility constants removed
    - exceptions removed from ldap3 namespace, defined in ldap3.core.exceptions only
    - ADDRESS_INFO_REFRESH_TIME is now configurable via set_config_parameter
    - Operational attribute prefix set to 'OA_'
    - Allows cert and key file in the same file (thanks Jan-Philip)
    - Removed logging info when logging is disabled (thanks Dan)
    - Updated copyright notice
    - Refactored abstraction layer with full support for CRUD (Create, Read, Update, Delete) abstract operations
    - Added WritableEntry and WritableAttribute to abstraction layer
    - Added standard validators for attribute types and syntaxes defined in the standard LDAP schema
    - Added custom validators for attribute values
    - Added update capability to abstraction layer
    - Fixed typo in docs (thanks Gerardwx)
    - Fixed Object and Attribute representation in schema (superior class not shown)
    - ObjectDef automatically populates attributes from schema, following object_class hierarchy
    - Added attributes parameter to search* methods of Cursor, so that only needed attributes are read even if attr_defs defines more
    - Fixed connect_timeout not honored while wrapping socket in tls (thanks Kyle)
    - Added 'set' to SEQUENCE_TYPES (thanks Christian)
    - Entries returned by search are now writable via the abstraction layer
    - LDAPReaderError exception renamed to LDAPCursorError
    - auto_range parameter in Connection defaults to True (thanks Ashley)
    - get_info defaults to SCHEMA while defining Server object
    - Included ordereddict 1.1 (# Copyright (c) 2009 Raymond Hettinger) in ldap3.utils.ordDict for backporting OrderedDict in Python 2.6
    - Added config parameter RESET_AVAILABILITY_TIMEOUT to reinsert invalid address in candidate_addresses while checking connection, defaults to 5 seconds
    - Fixed inability to connect to a server if the connection starts when the server is unavailable and then it becomes available again
    - All DNs are sanitized if connection.check_names is True
    - LDAPControlsError exception renamed to LDAPControlError
    - LDAPChangesError exception renamed to LDAPChangeError
    - The following older constants in ldap3 have been removed, please use the suggested ones:
    - AUTH_ANONYMOUS = ANONYMOUS
    - AUTH_SIMPLE = SIMPLE
    - AUTH_SASL = SASL
    - SEARCH_SCOPE_BASE_OBJECT = BASE
    - SEARCH_SCOPE_SINGLE_LEVEL = LEVEL
    - SEARCH_SCOPE_WHOLE_SUBTREE = SUBTREE
    - SEARCH_NEVER_DEREFERENCE_ALIASES = DEREF_NEVER
    - SEARCH_DEREFERENCE_IN_SEARCHING = DEREF_SEARCH
    - SEARCH_DEREFERENCE_FINDING_BASE_OBJECT = DEREF_BASE
    - SEARCH_DEREFERENCE_ALWAYS = DEREF_ALWAYS
    - STRATEGY_SYNC = SYNC
    - STRATEGY_ASYNC_THREADED = ASYNC
    - STRATEGY_LDIF_PRODUCER = LDIF
    - STRATEGY_SYNC_RESTARTABLE = RESTARTABLE
    - STRATEGY_REUSABLE_THREADED = REUSABLE
    - STRATEGY_MOCK_SYNC = MOCK_SYNC
    - STRATEGY_MOCK_ASYNC = MOCK_ASYNC
    - POOLING_STRATEGY_FIRST = FIRST
    - POOLING_STRATEGY_ROUND_ROBIN = ROUND_ROBIN
    - POOLING_STRATEGY_RANDOM = RANDOM
    - GET_NO_INFO = NONE
    - GET_DSA_INFO = DSA
    - GET_SCHEMA_INFO = SCHEMA
    - GET_ALL_INFO = ALL

# 1.4.0 - 2016.07.18
    - Multiple Mock strategies now share entries when using the same Server object
    - Added AsyncStreamStrategy
    - Added Connection.extend.standard.persistent_search() (Thanks martinrm77)
    - Added escaping of character > 0x7F in filter validation (thanks cfelder)
    - Added better descriptions of Exception in abstraction layer (thanks cfelder)
    - Added queue in Persistent Search
    - Added callback in Persistent Search
    - MockStrategy now honors raise_exception parameter (thanks Simon)

# 1.3.3 - 2016.07.03
    - Change paameter name from 'check' to 'fix' in connection.extend.novell.add_members_to_groups() and connection.extend.novell.remove_members_from_groups
    - Added connection.extend.novell.check_groups_memberships() that check if members are in groups and fixes the user-group relation if incorrect
    - Updated docs link to ldap3.readthedocs.io
    - Fixed error in utils.conv.check_escape (thanks Anjuta)
    - Fixed typo in server.py when IP_V4_PREFERRED is used (thanks eva8668)
    - Host name certificate matching exception and logging is much more informative (thanks eddie-dunn)
    - Fixed typo in docs for use_ssl (thanks Brooks Kindle)
    - Tested against Python 2.6., Python 2.7.12, Python 3.5.2 and PyPy 5.3.1

# 1.3.2 - 2016.07.01
    - unreleased on pypi

# 1.3.1 - 2016.05.11
    - Added support for mocking the ldap3 library
    - Added support for MockSync strategy (thanks Roxana)
    - Added checked_attributes=True parameter to connection.response_to_json()
    - Added checked_attributes=True parameter to entry.entry_to_json()
    - MockSyncBase strategy supports bind(), unbind(), delete(), compare(), modify(), modify_dn(), abandon(), add()
    - MockSyncBase strategy accepts directory entries in json file
    - Fixed schema representation (thanks Conrado)
    - Allow connection.abandon(0), useful to "ping" the server
    - Added connection.abandon() test suite
    - Reusable strategy checks bind credential at bind() time, only on one worker connection
    - Reusable strategy ignores abandon() operation because of multiple connection workers
    - Reusable strategy honours return_empty_attributes connection parameter
    - Added lazy information to connection representation
    - Added support for hash (LM:NTLM) Windows NTLM authentication (thanks Dirk)
    - Fixed representation of empty attributes in connection.entries
    - Comparison of entry attributes value is easier
    - Added new extended operation connection.extend.novell.start_transaction()
    - Added new extended operation connection.extend.novell.end_transaction()
    - Added new extended operation connection.extend.novell.add_members_to_groups(members, groups, check, transaction)
    - Added new extended operation connection.extend.novell.remove_members_from_groups(members, groups, check, transaction)
    - Added new exception LDAPTransactionError
    - Added logic to handle Novell Transaction Error Unsolicited Notice
    - Ignore cheching of ssl context when cadata, cafile and capath are not provided (thanks DelboyJan)


# 1.2.2 - 2016.03.23
    - repr encoding set to 'ascii' when sys.stdout.encoding is None (thanks Jeff)

# 1.2.1 - 2016.03.19
    - try to use the requested ssl protocol in SSLContext for Python>=3.4 (thanks Patrick)
    - added return_empty_attributes to Connection object to return an empty list when the attribute requested is missing in the retrieved object

# 1.1.2 - 2016.03.10
    - Added rebind() method to Connection object to rebind with a different user (thanks Lorenzo)
    - Added Tests for rebind operation
    - Start_tls honored in referrals
    - Default ldaps port honored in referrals
    - Additional connection parameters honored in referrals and in the restartable strategy
    - Server connection timeout is honored while connecting, connection receive timeout while receiving
    - Extended operations followed on referrals (thanks Pavel)
    - Added receive_timeout parameter in Connection object to set socket in non-blocking mode with a specified timeout (thanks Antho)
    - Fixed abstract entry __getattr__() throwing KeyError instead of AttributeError (thanks Kilroy)
    - Fixed start_tls() Reusable strategy

# 1.0.4 - 2016.01.25
    - Controls can be added to extended operation in the extend package (thanks Hinel)

# 1.0.3 - 2015.12.1
    - Fixed set_config_parameter (thanks Sigmunau)
    - Disabled unauthenticated authentication, see RFC 4513 section 5.1.2 (thanks Petros)
    - Fixed falsey value in abstract Entry object __contains__() (thanks Vampouille)

# 1.0.2 - 2015.12.07
    - Allowed_referral_hosts in Server objects defaults to [('*', True)] to accept any referral server with authentication
    - Referral uri is now properly percent-undecoded (thanks TWAC)
    - Referral Server object now use the same configuration of the original Server object
    - Fixed __contains__() in Entry object (thanks Vampouille)

# 1.0.1 - 2015.12.06
    - Removed the compat package
    - Refactored docs for extend operations

# 1.0.0 - 2015.12.06
    - Private RC for production
    - Status moved to 5 - Production/Stable

# 0.9.9.4 - 2015.12.02
    - Added items() to CaseInsensitiveDict class (thanks Jan-Hendrik)
    - Added set_config_parameter() in ldap3 namespace to modify the values of the configurable parameters of ldap3
    - Added microsoft.extend.modify_password() extended operation to change AD password
    - Fixed find_active_random_server() in pooling (thanks Sargul)
    - Fixed referral decoding in fast ber decoder (thanks TWAC)

# 0.9.9.3 - 2015.11.15
    - Added LDAPI (LDAP over IPC) support for unix socket communication
    - Added mandatory_in and optional_in in server schema for attribute types. Now you can see in which classes attributes are used
    - Added last_transmitted_time and last_received_time to Usage object to track time of the last sent and received operation
    - Exception SessionTerminatedByServer renamed to SessionTerminatedByServerError and added to ldap3 namespace
    - Added get_config_parameter() in ldap3 namespace to read the current value of ldap3 configurable parameters
    - Added SASL mechanism name as constants in the ldap3 namespace
    - Added escape_filter_chars in utils.conv (thanks Peter)
    - Reverted ALL_ATTRIBUTES behaviour in search to 0.9.9.1 (thanks Petros)

# 0.9.9.2 - 2015.10.19
    - Fixed hasattr() behaviour for Entry object in Python 3
    - Allows empty sasl_credentials in SASL bind
    - Added POOLING_LOOP_TIMEOUT constant to specify how many seconds the server pooling strategy has to wait before retrying if it did not find an active server (defaults to 10)
    - Pooling strategy now allows to specify the number of cycles to try when finding a server (with active=N)
    - Pooling strategy now allows to specify how many seconds a server must be considered offline before retrying to check for availabiliry (with exhaust=N)
    - Connection.entries defaults to empty list
    - ALL_ATTRIBUTES don't send any attribute in the attribute list (was sending '*') while searching
    - Added DirSync extended function for Microsoft Active Directory
    - Added LDAP_SERVER_DIRSYNC_OID control for Microsoft Active Directory
    - Added LDAP_SERVER_EXTENDED_DN_OID control for Microsoft Active Directory
    - Added LDAP_SERVER_SHOW_DELETED_OID control for Microsoft Active Directory
    - Fixed AD tests for single valued attributes
    - Added ACL attribute in the ATTRIBUTES_EXCLUDED_FROM_CHECK list

# 0.9.9.1 - 2015.09.21
    - Allows empty member values in groups while adding - this should not be as per rfc4511 4.1.7, but some servers expects it (thanks John)
    - Faster case insensitive dict while getting and setting key (thanks Pierre)
    - Updated setuptools to 18.3.2
    - Updated wheel to 0.26
    - Tested against Python 2.6 - Python 2.7 - Python 3.3 - Python 3.4 - Python 3.5 - pypy - pypy3

# 0.9.9 - 2015.09.09
    - Fixed boolean value for True value in ASN.1 encoding for certain ldap servers. (thanks Will)
    - Fixed follow auto referrals. (thanks WIll)
    - Now protocol defined integer values can be used for scope and derefAliases arguments when searching. (thanks Will)
    - Added description field in the AttrDef object. (thanks Hogne)
    - Added a custom ber decoder. Decoding of received packets is now 10x faster.
    - Added new boolean argument fast_decoder in connection object. Defaults to True.
    - Highest date correctly managed by the format_ad_timestamp() formatter. (thanks Will)
    - Fix for latest gssapi kerberos authentication module (thanks Alex)
    - Added freeIPA OID descriptors
    - Removed unneeded OidInfo class

# 0.9.8.8 - 2015.08.14
    - Coerce objectClass to a list in Add operation. (thanks Yutaka)
    - ObjectClass attribute values mantain their order in the Add operation. (thanks Yutaka)
    - Fixed search filter composition when the value part of the assertion contains = character. (thanks Eero)
    - Fixed modify_password extended operation when no hash method is specified. (thanks midnightlynx)
    - Added credentials to kerberos authentication. (thanks Alex)
    - Target name can be specified in sasl_credentials for Kerberos authentication. (thanks Alex)
    - Target name can be read from DNS in sasl_credential for Kerberos authentication. (thanks Alex)
    - Fixed connection.entries error when referrals are in the search response. (thanks WIll)

# 0.9.8.7 - 2015.07.19
    - Backported ssl.match_hostname from Python 3.4.3 standard library to be used in Python < 2.7.10
    - Use backports.ssl_match_hostname if present instead of static backported functions for matching server names in ssl certificate (thanks Michal)
    - Attributes values are properly printed when not strings in abstract.attribute (thanks hogneh)
    - Checking unicode __repr__() in python2
    - Added hashing capability to Modify Password extended operation (thanks Gawain)

# 0.9.8.6 - 2015.06.30
    - Modify operation now accept multiple changes for same attribute (Thanks Lorenzo)
    - Fixed entries property in connection when objects from multiple object classes are returned
    - Hide sensitive data in logging. use the utils.log.set_library_hide_sensitive_data(False) to show sensitive data
      and utils.log.get_library_hide_sensitive_data() to get the current value
    - Limited number of characters in a single log line. use the utils.log.set_library_log_max_line_length(length) to set
      and utils.log.get_library_log_max_line_length(length) to get the current value
    - Added CHANGES.txt with full changelog, latest changes only in README.txt

# 0.9.8.5.post2 - 2015.06.24
    - Updated pyasn1 to 0.1.8
    - Fixed error in not filter with pyasn1 0.1.8

# 0.9.8.5 - 2015.06.23
    - Updated docs with ldap operations pages
    - Fixed a bug where an Exception was raised on OpenBSD for missing IPV4_MAPPED flag
    - Fixed missing add operation usage metrics
    - Abstract Attribute doesn't permit "falsy" values or None as default (thanks Lucas)

# 0.9.8.4 - 2015.05.19
    - Added EXTENDED log detail level with prettyPrint description of ldap messages
    - Fixed logging of IPv6 address description
    - Fixed checking of open address when dns returns more than one ip for the same host
    - Fixed selection of proper address when failing back from IPv6 to IPv4 and vice-versa
    - When sending controls controlValue is now optional (as stated in RFC 4511), specify None to not send it
    - Moved badges to shields.io

# 0.9.8.3 - 2015.05.11
    - Added support for logging
    - Added LDAPInvalidTlsSpecificationError exception
    - Added support for kerberos sasl - needs the gssapi package (thanks sigmaris and pefoley2)
    - Added support for using generator objects in ldap operations (thanks Matt)
    - Fixed bug in collect_usage (thanks Philippe)
    - Changed default server mode from IP_SYSTEM_DEFAULT to IP_V6_PREFERRED

# 0.9.8.2 - 2015.04.08
    - SaslCred returned as raw bytes (thanks Peter)
    - Search_paged now properly works in abstract.reader (thanks wazboy)

# 0.9.8.1 - 2015.04.04
    - Added NTLMv2 authentication method
    - extend.standard.who_am_i() now try to decode the authzid as unicode
    - Tests for AD (Active Directory) now use tls_before_bind when opening a connection
    - 0.9.8 not working for pypi problems

# 0.9.7.12 - 2015.03.18
    - Fixed missing optional authzid in digestMD5 sasl mechanism (thanks Damiano)
    - Changed unneeded classmethods to staticmethods

# 0.9.7.11 - 2015.03.12
    - Fixed address_info resolution on systems without the IPV4MAPPED flag (thanks Andryi)

# 0.9.7.10 - 2015.02.28
    - Fixed bug in PagedSearch when server has a hard limit on the number of entries returned (thanks Reimar)
    - 0.9.7.9 not working for pypi problems
    - 0.9.7.8 not working for pypi problems
    - 0.9.7.7 not working for pypi problems
    - 0.9.7.6 not working for pypi problems

# 0.9.7.5 - 2015.02.20
    - Fixed exception raised when opening a connection to a server. If there is only one candidate address and there is an error it returns the specific Exception, not a generic LDAPException error
    - Address_info filters out any impossible address to reach
    - Address_info include an IPV4MAPPED address for IPV6 host that try to reach an IPV4 only server
    - Added SyncMock strategy (needs the sldap3 package)
    - Fixed bug when using the aproximation operation in ldap search operations (thanks Laurent)
    - Removed response from exception raised with raise_exceptions=True to avoid very long exceptions message

# 0.9.7.4 - 2015.02.02
    - Added connection.entries property for storing response from search operations as and abstract.Entry collection.

# 0.9.7.3 - 2015.01.25
    - Modify operation type can also be passed as integer

# 0.9.7.2 - 2015.01.16
    - Fixed a bug when resolving IP address with getaddrinfo(). On OSX returned an UDP connection (thanks Hiroshi).

# 0.9.7.1 - 2015.01.05
    - Moved to Github
    - Moved to Travis-CI for continuous integration
    - Moved to ReadTheDocs for documentation
    - Moved testing servers in the cloud, to allow testing from Travis-CI
    - Project renamed from python3-ldap to ldap3 to avoid name clashing with the existing python-ldap library
    - Constant values in ldap3 are now strings. This is helpful in testing and debugging
    - Test suite fully refactored to be used in cloud lab and local development lab
    - Test suite includes options for testing against eDirectory, Active Directory and OpenLDAP

# 0.9.7 - 2014.12.17
    - Fixed bug for auto_range used in paged search
    - Added dual IP stack mode parameter in Server object, values are: IP_SYSTEM_DEFAULT, IP_V4_ONLY, IP_V4_PREFERRED, IP_V6_ONLY, IP_V6_PREFERRED
    - Added read_server_info parameter to bind() and start_tls() to avoid multiple schema and info read operations with auto_bind
    - Redesigned Reusable (pooled) strategy
    - Added LDAPResponseTimeoutError exception raised when get_response() doesn't receive any response in the allowed timeout period
    - Added shortened authentication parameters in ldap3 namespace: ANONYMOUS, SIMPLE, SASL
    - Added shortened scope parameters in ldap3 namespace: BASE, LEVEL, SUBTREE
    - Added shortened get_info parameters in ldap3 namespace: NONE, DSA, SCHEMA, ALL
    - Added shortened alias dereferencing parameters in ldap3 namespace: DEREF_NONE, DEREF_SEARCH, DEREF_BASE, DEREF_ALWAYS
    - Added shortened connection strategy parameters in ldap3 namespace: SYNC, ASYNC, LDIF, RESTARTABLE, REUSABLE
    - Added shortened pooling strategy parameters in ldap3 namespace: FIRST, ROUND_ROBIN, RANDOM
    - Added reentrant lock to avoid race conditions in the Connection object
    - When runs in Python 2.7.9 uses SSLContext
    - Tested against Python 2.7.9, PyPy 2.4.0 and PyPy3 2.4.0
    - setuptools updated to 8.2.1

# 0.9.6.2 - 2014.11.17
    - Changed SESSION_TERMINATED_BY_SERVER from 0 to -2
    - Removed unneeded FORMAT_xxx variables in ldap3 namespace
    - Fixed bug in auto_range when search operation returns search continuations
    - Added infrastructure for Mock DSA (not functional yet)

# 0.9.6.1 - 2014.11.11
    - Added boolean parameter "auto_range" to catch the "range" ldap tag in searches. When true all needed search operation are made to fully obtain the whole range of result values
    - Fixed bug in sdist
    - Added offline schema for Fedora 389 Directory Server 1.3.3
    - Fixed bug while reading DSA info

# 0.9.6 - 2014.11.01
    - New feature 'offline schema' to let the client have knowledge of schema and DSA info even if not returned by the server
    - Offline schema for Novell eDirectory 8.8.8
    - Offline schema for Microsoft Active Directory 2012 R2
    - Offline schema for slapd 2.4 (Openldap)
    - Added server.info.to_json() and server.info.to_file to JSON serialize schema and info from Server object
    - Added Server.from_json() and Server.from_file() to create a Server object from a JSON definition
    - Added response_to_json() and response_to_file() to Connection object to serialize search response entries in JSON as a string or as a file
    - New exception hierarchy LDAPConfigurationError includes library configuration exceptions
    - New exception LDAPInvalidConfigurationDefinitionError
    - Dsa info and schema are not read twice when binding (thanks phobie)
    - LDAPStartTLSError exception is merged with exception raised from ssl packaged
    - Digest-MD5 SASL authentication accepts directives with list attributes (thanks John)
    - Fixed caseInsensitiveDictionary for keys() and values() methods
    - Fixed matching of certificate name in ssl with Python2
    - Attributes names and formatters are checked even if schema is not read by the server
    - Fixed fractional time when parsing generalized time
    - Specific decoder for Active Directory ObjectGuid and ObjectSid
    - Added additional checking for unicode in Python 2
    - Tested against Python 3.4.2, 2.7.8, 2.6.6
    - Updated setuptools to 7.0

# 0.9.5.4 - 2014.09.22
    - Fixed security issue in lazy connections (thanks Moritz)
    - Added ldap3.utils.dn with parse_dn(dn) to verify dn compliance with RFC4514
    - Added safe_dn(dn) to properly escape dn (if possible)
    - Added ldap3.utils.uri with parse_uri(uri) to verify uri compliance with RFC4516
    - Check for trailing slashes in hostname (thanks Dylan)
    - Timeout for socket connect operation. Server.connect_timeout = seconds_to_wait_for_establishing_connection (thanks Florian)
    - Closing socket error doesn't raise exception anymore
    - ServerPool can be implicity defined with a list of server names (even when defining a connection)

# 0.9.5.3 - 2014.08.24
    - elements returned in schema and dsa info are in a case insensitive dictionary (can be changed in ldap3.CASE_INSENSITIVE_SCHEMA_NAMES = True|False)
    - attributes name returned in searches are now case insensitive (can be changed in ldap3.CASE_INSENSITIVE_ATTRIBUTE_NAMES = True|False)
    - change parameter name from separe_rdn to separate_rdn in ldap3.utils.conv.to_dn()
    - sync dev from Bitbucket to GitHub
    - schema attributes are explicitly read (useful for Active directory and 389 Directory Server)
    - new extended operation: list_replicas (Novell)
    - new extended operation: get_replica_info (Novell)
    - new extended operation: partition_entry_count (Novell)
    - renamed convert_to_ldif() to _convert_to_ldif()

# 0.9.5.2 - 2014.08.05
    - fixed LDAPOperationResult.__str__ (thanks David)
    - added to_dn() in utils.conv to convert a dn string to a list of components (strings or tuples)
    - added __version__ in ldap3
    - don't raise exception if the schema cannot be read in unauthenticated state
    - server.address_info is now a property

# 0.9.5.1 - 2014.08.02
    - getaddrinfo called only once
    - real_server machinery removed - messageId is now global and monotonic for the whole library
    - attributes are returned formatted if schema is read and check_names = True, removed checked_attributes
    - bind result is populated again when successful (was removed in 0.9.2.1)
    - exception is now raised if you receive multiple extended response to a single extended request. This is not allowed by RFC 4511

# 0.9.5 - 2014.07.22
    - added support for IPv6 (thanks Robert)
    - auto_bind can be used even for establishing tls, possible values (defined in ldap3) are: AUTO_BIND_NONE, AUTO_BIND_NO_TLS, AUTO_BIND_TLS_AFTER_BIND, AUTO_BIND_TLS_BEFORE_BIND
    - refactored extend package to use classes
    - new extended operation: get_universal_password (Novell)
    - new extended operation: set_universal_password (Novell)
    - added parsing of hostname in scheme://hostname:hostport format. This has the precedence on the parameters (thanks Sorin)
    - added extra checks when the schema is read (with the get_info parameter) but nothing is returned by the server
    - updated setuptools to version 5.4.1
    - when check_name is True and schema is read attributes are checked and formatted in "checked_attributes" as specified by RFCs following the server schema
    - added formatter for generalizedTime syntax as specified in RFC4517 (ASN.1)
    - custom formatter can be added in Server definition

# 0.9.4.2 - 2014.07.03
    - Moved to Bitbucket + Mercurial
    - Fixed import in core.tls package
    - Removed unneeded imports

# 0.9.4.1 - 2014.07.02
    - included missing extend package (thanks to debnet)

# 0.9.4 - 2014.07.02
    - when running in python 3.4 or newer now Tls class uses SSLContext object with default secure setting
    - added parameters ca_certs_path, ca_certs_data, local_private_key_password to Tls object creation, valid when using SSLContext
    - in python 3.4 or newer the system CA certificates configuration can be used (just leave ca_cert_file, ca_certs_path and ca_certs_data set to None)
    - removed TLSv1 as default for Tls connection
    - upgraded backported ssl function from python 3.4.1 when using with python 2
    - when creating a connection the server parameter can be a string: the name of the server to connect in cleartext on default port 389
    - fixed bug in ldap3.util.conv.escape_bytes()
    - attributes parameter in search can be a tuple
    - check_names parameter in connection now defaults to True (so when schema info is available attribute and class name will be checked when performing LDAP operations)
    - remove the connection.close() method - use connection.unbind()
    - new exception LDAPExtensionError for signalling when the requestValue of extended operation is of an unknown ASN1 type
    - exiting connection manager doesn't raise an exception if unbind is not successful (needed in long operations)
    - new extended operation: modify_password (RFC3062)
    - new extended operation: who_am_i (RFC4532)
    - new extended operation: get_bind_dn (Novell)
    - updated setuptools to version 5.3

# 0.9.3.5 - 2014.06.22
    - Exception history in restartable strategy is printed when reached the maximum number of retries
    - Fixed conditions on terminated_by_server unsolicited message
    - Added python2.6 egg installation package

# 0.9.3.4 - 2014.06.16
    - Exception can now be imported from ldap3 package
    - Escape_bytes return '' for empty string instead of None (thanks Brian)
    - Added exception history to restartable connection (not for infinite retries)
    - Fixed start_tls retrying in restartable connection (thanks Brian)
    - New exception LDAPMaximumRetriesError for signalling when the SyncRestartable Strategy has reached the maximum number of retries while performing an operation
    - Inverted deleteoldrdn value in LDIF output (thanks Joseph)

# 0.9.3.3 - 2014.06.01
    - Fixed a bug in LDIFProducer when using context manager for connection
    - LDIF header in stream is added only whene there are actual data in the stream
    - Now LDIF stream can be added to an existing file - version header will not be written if stream is not empty

# 0.9.3.2 - 2014.05.30
    - Fixed a bug while reading schema
    - Add an implicit open() when trying binding on a closed connection

# 0.9.3.1 - 2014.05.28
    - Added stream capability to LDIFProducer strategy
    - Customizable line separator for LDIF output
    - Customizable sorting order for LDIF output
    - object_class parameter is now optional in connection.add()
    - Fixed objectClass attribute case sensitive dependency in add operation
    - Added stream capability to response_to_ldif() while searching


# 0.9.3 - 2014.05.20
    - Now the key in server.schema.attribute_type is the attribute name (was the oid)
    - Now the key in server.schema.object_classes is the class name (was the oid)
    - Added check_names to Connection definition to have name of attributes and of object class checked against the schema
    - Updated setuptools to 3.6
    - Added wheel installation format
    - Added raise_exceptions mode for connection
    - Exception hierarchy reworked
    - Added locking to Server object (for multithreading)

# 0.9.2.2 - 2014.04.30
    - fixed a bug from 0.9.1 that broke start_tls() (thanks Mark)

# 0.9.2.1 - 2014.04.28
    - fixed a bug in 0.9.2 that allowed only string attributes in add, modify and compare operations (thank Mladen)

# 0.9.2 - 2014.04.26
    - changed return value in get_response from response to (response, result) - helpful for multi-threaded connections
    - added ReusableStrategy for pooling connections
    - refined docstrings (thanks Will)
    - result and response attributes don't overlap anymore. Operation result is only in result attribute.
    - fixed search for binary values (thanks Marcin)
    - added convenience function to convert bytes to LDAP binary value string format for search filter

# 0.9.1 - 2014.03.30
    - added laziness flag to test suite
    - changed ServerPool signature to accept active and exhaust parameters
    - removed unneeded start_listen parameter
    - added 'lazy' parameter to open, to bind and to unbind a connection only when an effective operation is performed
    - fixed start_tls in SyncWaitRestartable strategy
    - fixed certificate name checking while opening an ssl connection
    - fixed syntax error during installation
    - socket operations now raises proper exception, not generic LDAPException (thanks Joseph)
    - tested against Python 3.4, 3.3, 2.7, 2.6
    - updated setuptools to 3.3

# 0.9.0 - 2014.03.20
    - PEP8 compliance
    - added ldap3.compat package with older (non PEP8 compliant) signatures
    - renamed ldap3.abstraction to ldap3.abstract
    - moved connection.py, server.py and tls.py files to ldap3.core
    - fixed SyncWaitRestartableStrategy (thanks Christoph)

# 0.8.3 - 2014.03.08
    - added SyncWaitRestartable strategy
    - removed useless forceBind parameter
    - usage statistics updated with restartable success/failure counters and open/closed/wrapped socket counters

# 0.8.2 - 2014.03.04
    - Added refresh() method to Entry object to read again the attributes from the Reader in the abstraction layer
    - Fixed Python 2.6 issues
    - Fixed test suite for Python 2.6

# 0.8.1 - 2014.02.12
    - Changed exceptions returned by the library to LDAPException, a subclass of Exception.
    - Fixed documentation typos

# 0.8.0 - 2014.02.08
    - Added abstraction layer (for searching, read only)
    - Added context manager to Connection class
    - Added readOnly parameter to Connection class
    - Fixed a bug in search with 'less than' parameter
    - Remove validation of available SSL protocols because different Python interpreters can use different ssl packages

# 0.7.3 - 2014.01.05
    - Added SASL DIGEST-MD5 support
    - Moved to intrapackage (relative) imports

# 0.7.2 - 2013.12.30
    - Fixed a bug when parentheses are used in search filter as ASCII escaped sequences

# 0.7.1 - 2013.12.21
    - Completed support for LDIF as per RFC2849
    - Added new LDIF_PRODUCER strategy to generate LDIF-CHANGE stream
    - Fixed a bug in the autoReferral feature when controls where used in operation

# 0.7.0 - 2013.12.12
    - Added support for LDIF as per RFC2849
    - Added LDIF-CONTENT compliant search responses
    - Added exception when using autoBind if connection is not successful

# 0.6.7 - 2013.12.03
    - Fixed exception when DSA is not willing to return rootDSE and schema info

# 0.6.6 - 2013.11.13
    - Added parameters to test suite

# 0.6.5 - 2013.11.05
    - Modified rawAttributes decoding, now null (empty) values are returned

# 0.6.4 - 2013.10.16
    - Added simple paged search as per RFC2696
    - Controls return values are decoded and stored in result attribute of connection

# 0.6.3 - 2013.10.07
    - Added Extesible Filter syntax to search filter
    - Fixed exception while closing connection in AsyncThreaded strategy

# 0.6.2 - 2013.10.01
    - Fix for referrals in searchRefResult
    - Disabled schema reading on Active Directory

# 0.6.1 - 2013.09.22
    - Experimental support for Python 2 - no unicode
    - Added backport of ssl.match_name for Python 2
    - Minor fixes for using the client in Python 2
    - Fix for getting schema info with AsyncThreaded strategy

# 0.6.0 - 2013.09.16
    - Moved to beta!
    - Added support site hosted on www.assembla.com
    - Added public svn repository on www.assembla.com
    - Added getInfo to server object, parameter can be: GET_NO_INFO, GET_DSA_INFO, GET_SCHEMA_INFO, GET_ALL_INFO
    - Added method to read the schema from the server. Schema is decoded and returned in different dictionaries of the server.schema object
    - Updated connection usage info (elapsed time is now computed when connection is closed)
    - Updated OID dictionary with extensions and controls from Active Directory specifications.

# 0.5.3 - 2013.09.03
    - Added getOperationalAttributes boolean to Search operation to fetch the operational attributes during search
    - Added increment operation to modify operation as per RFC4525
    - Added dictionary of OID descriptions (for DSE and schema decoding)
    - Added method to get Info from DSE (returned in server.info object)
    - Modified exceptions for sending controls in LDAP request
    - Added connection usage (in connection.usage if collectUsage=True in connection definition)
    - Fixed StartTls in asynchronous client strategy

# 0.5.2 - 2013.08.27
    - Added SASLprep profile for validating password
    - Fixed RFC4511 asn1 definitions

# 0.5.1 - 2013.08.17
    - Refactored package structure
    - Project description reformatted with reStructuredText
    - Added Windows graphical installation

# 0.5.0 - 2013.08.15
    - Added reference to LGPL v3 license
    - Added Tls object to hold ssl/tls configuration
    - Added StartTLS feature
    - Added SASL feature
    - Added SASL EXTERNAL mechanism
    - Fixed Unbind
    - connection.close is now an alias for connection.unbind

# 0.4.4 - 2013.08.01
    - Added 'Controls' to all LDAP Requests
    - Added Extended Request feature
    - Added Intermediate Response feature
    - Added namespace 'ldap3'

# 0.4.3 - 2013.07.31
    - Test suite refactored
    - Fixed single object search response error
    - Changed attributes returned in search from tuple to dict
    - Added 'raw_attributes' key in search response to hold undecoded (binary) attribute values read from ldap
    - Added __repr__ for Server and Connection objects to re-create the object instance

# 0.4.2 - 2013.07.29
    - Added autoReferral feature as per RFC4511 (4.1.10)
    - Added allowedReferralHosts to conform to Security considerations of RFC4516

# 0.4.1 - 2013.07.20
    - Add validation to Abandon operation
    - Added connection.request to hold a dictionary of infos about last request
    - Added info about outstanding operation in connection.strategy._oustanding
    - Implemented RFC4515 for search filter coding and decoding
    - Added a parser to build filter string from LdapMessage

# 0.4.0 - 2013.07.15
    - Refactoring of the connection and strategy classes
    - Added the ldap3.strategy namespace to contain client connection strategies
    - Added ssl authentication
    - Moved authentication parameters from Server object to Connection object
    - Added ssl parameters to Server Object

# 0.3.0 - 2013.07.14
    - Fixed AsyncThreaded strategy with _outstanding and _responses attributes to hold the pending requests and the not-yet-read responses
    - Added Extended Operation
    - Added "Unsolicited Notification" discover logic
    - Added managing of "Notice of Disconnection" from server to properly close connection

# 0.2.0 - 2013.07.13
    - Update setup with setuptools 0.7
    - Docstrings added to class
    - Removed ez_setup dependency
    - Removed distribute dependency

# 0.1.0 - 2013.07.12
    - Initial upload on pypi
    - PyASN1 RFC4511 module completed and tested
    - Synchronous client working properly
    - Asynchronous client working but not fully tested
    - Basic authentication working
