baserev update by copy to link target

• Files Changed
• Browse Source

- Update to 3.1.7:
  * Completely Remove Upgrade Functionality
  * Expand help to include undocumented commands
  * Forbid "default vars in the default PKI" for all commands
  * show-expire: Calculate certificate expire seconds from Database date
  * Expand help to include undocumented commands
  * New command: make-vars - Print vars.example (here-doc) to stdout
  * gen-crl: preserve existing crl.pem ownership+mode by @Tabiskabis in #1020
  * Improve vars auto load
  * Replace santize_path() and ignore Windows "security" warning
  * Improve select_vars() and source_vars()
  * sign-req: Allow the CSR DN-field order to be preserved
  * vars-file: Warn about EASYRSA_NO_VARS disabling vars-file use
  * Expand default status to include vars-file and CA status
  * verify_ssl_lib(): Minor style improvements
  * cleanup: Rename $easyrsa_error_exit to $easyrsa_exit_with_error

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Update to 3.1.5:
  * Build Update: script now supports signing and verifying
  * Automate support-file creation (Free packaging) (#964)
  * build-ca: New command option 'raw-ca', abbrevation: 'raw' (#963)
	This 'raw' method, is the most reliable way to build a CA,
    with a password, without writing the CA password to a temp-file.
    This option completely replaces both methods below:
    build-ca: New option --ca-via-stdin, use SSL -pass* argument 'stdin' (#959)
    Option '--ca-via-stdin' offers no more security than standard method.
    Easy-RSA version 3.1.4 ONLY.
    build-ca: Replace password temp-files with file-descriptors (#955)
    Using file-descriptors does not work in Windows.
    Easy-RSA version 3.1.3 ONLY.
- update and rebase suse-packaging.patch

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Update to 3.1.2:
  * Command 'renew': Remove option 'nopass' 
  * find_x509_types_dir(): Remove excess checks
  * Remove function find_x509_types_dir() 
  * For 'init-pki hard' only, always try to create a new pki/vars file 
  * Introduce global option '--notext|--no-text' 
  * Minor style change
  * Introduce command 'set-pass' 
  * Fix shellcheck warning for command set-pass case statement 
  * cleanup(): Exit correctly for SIGINT 
  * Update help: Standardise output; Improve code; Reprioritise options
  * vars.example: Add EASYRSA_NO_PASS and wrap long lines
  * Use 'unset -v', consistently
  * build-ca: Improve passphrase input mechanism 
  * Remove global options '--verbose' and '--quiet' as not required
  * Remove all prerequisite code to build a safe SSL config file
  * Rename temp files to reflect the purpose 
  * easyrsa_openssl(): Always set OPENSSL_CONF to EasyRSA safe SSL config 
  * Replace SSL calls for serial number with function ssl_cert_serial() 
  * Introduce OpenSSL only mode: No Safe SSL Config File 
  * ff_date_to_cert_date(): Correct the input format for busybox date 
  * Re-order easyrsa_openssl() temp-file assignment 
  * Stop EASYRSA_DEBUG interfering with SSL output from subshells 
  * Status reports: Recognise Expired certificates 
  * New function safe_set_var(): Safe wrapper for set_var() 
  * Windows, build-ca: Add input password to re-open private key 
  * Renewal: General code improvements 
  * cleanup(): General improvements - Create KNOWN error exit 
  * build-ca: Change FATAL error to warning for old openssl-easyrsa.cnf 
  * Allow --fix-offset to create post-dated certificates

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

remove debug statement in spec file

• Files Changed
• Browse Source

fix changelog

• Files Changed
• Browse Source

- fix for 3.1.1:
   * add patch fix-474.patch from upstream

• Files Changed
• Browse Source

- update to 3.1.1:
   * Remove command 'renewable' (#715)
   * Expand 'show-renew', include 'renewed/certs_by_serial' (#700)
   * Resolve long-standing issue with --subca-len=N (#691)
   *  ++ NOTICE: Add EasyRSA-Renew-and-Revoke.md (#690)
   * Require 'openssl-easyrsa.cnf' is up to date (#695}
   * Introduce 'renew' (version 3). Only renew cert (#688)
   * Always ensure X509-types files exist (#581 #696)
   * Expand alias '--days' to all suitable options with a period (#674)
   * Introduce --keep-tmp, keep temp files for debugging (#667)
   * Introduce Option -q|--quiet, disable information output (#703)
   * Add serialNumber (OID 2.5.4.5) to DN 'org' mode (#606)
   * Support ampersand and dollar-sign in vars file (#590)
   * Introduce 'rewind-renew' (#579)
   * Expand status reports to include checking a single cert (#577)
   * Introduce 'revoke-renewed' (#547)
   * update OpenSSL for Windows to 3.0.5

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

Update to 3.1.0

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Update to 3.0.9 (2022-05-04)
  * Upgrade OpenSSL from 1.1.0j to 1.1.1o (#405, #407)
      - We are buliding this ourselves now.
  * Fix --version so it uses EASYRSA_OPENSSL (#416)
  * Use openssl rand instead of non-POSIX mktemp (#478)
  * Fix paths with spaces (#443)
  * Correct OpenSSL version from Homebrew on macOs (#416)
  * Fix revoking a renewed certificate (Original PR #394)
  * Follow-up commit: ef22701
  * Introduce 'show-crl' (d199389)
  * Support Windows-Git 'version of bash' (#533)
  * Disallow use of single quote (') in vars file, Warning (#530)
  * Creating a CA uses x509-types/ca and COMMON (#526)
  * Prefer 'PKI/vars' over all other locations (#528)
  * Introduce 'init-pki soft' option (#197)
  * Warnings are no longer silenced by --batch (#523)
  * Improve packaging options (#510)

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- update to 3.0.8 (2020-09-09)
  * Provide --version option (#372)
  * Version information now within generated certificates like on *nix
  * Fixed issue where gen-dh overwrote existing files without warning (#373)
  * Fixed issue with ED/EC certificates were still signed by RSA (#374)
  * Added support for export-p8 (#339)
  * Clarified error message (#384)
  * 2->3 upgrade now errors and prints message when vars isn't found (#377)
  * Update OpenSSL Windows binaries to 1.1.1g
  * Reverted OpenSSL back to 1.1.0j

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- update to 3.0.6 (2019-02-01)
  * Certifcates that are revoked now move to a revoked subdirectory (#63)
  * EasyRSA no longer clobbers non-EASYRSA environment variables (#277)
  * More sane string checking, allowingn for commas in CN (#267)
  * Support for reasonCode in CRL (#280)
  * Better handling for capturing passphrases (#230, others)
  * Improved LibreSSL/MacOS support
  * Adds support to renew certificates up to 30 days before expiration (#286)
    - This changes previous behavior allowing for certificate creation using
      duplicate CNs.
- update and rebase suse-packaging.patch

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source