Navigation:
Browse pkgsrc
(this page) 2022-11-26 19:01:37 by Adam Ciarcinski | Files touched by this commit (21) |  |
Log message: py-acme py-certbot*: updated to 2.0.0 Certbot 2.0.0 Added Support for Python 3.11 was added to Certbot and all of its components. acme.challenges.HTTP01Response.simple_verify now accepts a timeout argument \ which defaults to 30 that causes the verification request to timeout after that \ many seconds. Changed The default key type for new certificates is now ECDSA secp256r1 (P-256). It was \ previously RSA 2048-bit. Existing certificates are not affected. The Apache plugin no longer supports Apache 2.2. acme and Certbot no longer support versions of ACME from before the RFC 8555 \ standard. acme and Certbot no longer support the old urn:acme:error: ACME error prefix. Removed the deprecated certbot-dns-cloudxns plugin. Certbot will now error if a certificate has --reuse-key set and a conflicting \ --key-type, --key-size or --elliptic-curve is requested on the CLI. Use \ --new-key to change the key while preserving --reuse-key. 3rd party plugins no longer support the dist_name:plugin_name format on the CLI \ and in configuration files. Use the shorter plugin_name format. acme.client.Client, acme.client.ClientBase, \ acme.client.BackwardsCompatibleClientV2, acme.mixins, \ acme.client.DER_CONTENT_TYPE, acme.fields.Resource, acme.fields.resource, \ acme.magic_typing, acme.messages.OLD_ERROR_PREFIX, \ acme.messages.Directory.register, \ acme.messages.Authorization.resolved_combinations, \ acme.messages.Authorization.combinations have been removed. acme.messages.Directory now only supports lookups by the exact resource name \ string in the ACME directory (e.g. directory['newOrder']). Removed the deprecated source_address argument for acme.client.ClientNetwork. The zope based interfaces in certbot.interfaces have been removed in favor of \ the abc based interfaces found in the same module. Certbot no longer depends on zope. Removed deprecated function certbot.util.get_strict_version. Removed deprecated functions certbot.crypto_util.init_save_csr, \ certbot.crypto_util.init_save_key, and certbot.compat.misc.execute_command The attributes FileDisplay, NoninteractiveDisplay, SIDE_FRAME, \ input_with_timeout, separate_list_input, summarize_domain_list, HELP, and ESC \ from certbot.display.util have been removed. Removed deprecated functions certbot.tests.util.patch_get_utility*. Plugins \ should now patch certbot.display.util themselves in their tests or use certbot.tests.util.patch_display_util as a temporary workaround. Certbot's test API under certbot.tests now uses unittest.mock instead of the 3rd \ party mock library. Fixed Fixes a bug where the certbot working directory has unusably restrictive \ permissions on systems with stricter default umasks. Requests to subscribe to the EFF mailing list now time out after 60 seconds. |
| 2022-11-09 09:37:26 by Adam Ciarcinski | Files touched by this commit (17) | |
Log message: py-acme py-certbot*: updated to 1.32.0 1.32.0 - 2022-11-08 Changed * DNS RFC2136 module now uses the TSIG key to check for an authoritative SOA \ record. Helps the use of split-horizon and multiple views in BIND9 using the key \ in an ACL to determine which view to use. Fixed * CentOS 9 and other RHEL-derived OSes now correctly use httpd instead of \ apachectl for various Apache-related commands |
| 2022-10-19 15:56:34 by Nia Alarie | Files touched by this commit (26) |
Log message: fighting a losing battle against py-cryptography rustification, part 2 Switch users to versioned_dependencies.mk. |
| 2022-10-07 09:27:16 by Adam Ciarcinski | Files touched by this commit (17) | |
Log message: py-acme py-certbot*: updated to 1.31.0 Certbot 1.31.0 Changed If Certbot exits before setting up its usual log files, the temporary directory \ created to save logging information will begin with the name certbot-log- rather \ than a generic name. This should not be considered a stable aspect of Certbot \ and may change again in the future. Fixed Fixed an incompatibility in the certbot-dns-cloudflare plugin and the Cloudflare \ library which was introduced in the Cloudflare library version 2.10.1. The library would \ raise an error if a token was specified in the Certbot --dns-cloudflare-credentials file as well as the cloudflare.cfg configuration file of the Cloudflare library. |
| 2022-09-08 17:12:57 by Adam Ciarcinski | Files touched by this commit (17) | |
Log message: py-acme py-certbot*: updated to 1.30.0 Changes 1.30.0 acme.client.ClientBase, acme.messages.Authorization.resolved_combinations, acme.messages.Authorization.combinations, acme.mixins, acme.fields.resource, and acme.fields.Resource are deprecated and will be removed in a future release. acme.messages.OLD_ERROR_PREFIX (urn:acme:error:) is deprecated and support for the old ACME error prefix in Certbot will be removed in the next major release of Certbot. acme.messages.Directory.register is deprecated and will be removed in the next major release of Certbot. Furthermore, .Directory will only support lookups by the exact resource name string in the ACME directory (e.g. directory['newOrder']). The certbot-dns-cloudxns plugin is now deprecated and will be removed in the next major release of Certbot. The source_address argument for acme.client.ClientNetwork is deprecated and support for it will be removed in the next major release. Add UI text suggesting users create certs for multiple domains, when possible |
| 2022-07-12 07:44:00 by Adam Ciarcinski | Files touched by this commit (18) | |
Log message: py-acme py-certbot*: updated to 1.29.0 Certbot 1.29.0 Added Updated Windows installer to be signed and trusted in Windows Changed --allow-subset-of-names will now additionally retry in cases where domains are \ rejected while creating or finalizing orders. This requires subproblem support \ from the ACME server. Fixed The show_account subcommand now uses the "newAccount" ACME endpoint to \ fetch the account data, so it doesn't rely on the locally stored account URL. This fixes \ situations where Certbot would use old ACMEv1 registration info with non-functional account URLs. The generated Certificate Signing Requests are now generated as version 1 \ instead of version 3. This resolves situations in where strict enforcement of \ PKCS#10 meant that CSRs that were generated as version 3 were rejected. |
| 2022-06-08 14:00:02 by Adam Ciarcinski | Files touched by this commit (17) | |
Log message: py-acme py-certbot*: updated to 1.28.0 1.28.0 Added Updated Apache/NGINX TLS configs to document contents are based on \ ssl-config.mozilla.org Changed A change to order finalization has been made to the acme module and Certbot: An order's certificate field will only be processed if the order's status is valid. An order's error field will only be processed if the order's status is invalid. |
| 2022-05-04 13:27:11 by Adam Ciarcinski | Files touched by this commit (17) | |
Log message: py-acme py-certbot: updated to 1.27.0 Certbot 1.27.0 Added Added support for RFC8555 subproblems to our acme library. Changed The PGP key F2871B4152AE13C49519111F447BF683AA3B26C3 was added as an additional trusted key to sign our PyPI packages When certonly is run with an installer specified (e.g. --nginx), certonly will now also run restart for that installer |
| 2022-04-08 20:00:28 by Adam Ciarcinski | Files touched by this commit (17) | |
Log message:
py-acme py-certbot*: updated to 1.26.0
Certbot 1.26.0
Added
Added --new-key. When renewing or replacing a certificate that has --reuse-key
set, it will force a new private key to be generated, one time.
As before, --reuse-key and --no-reuse-key can be used to enable and disable key
reuse.
Changed
The default propagation timeout for the OVH DNS plugin \
(--dns-ovh-propagation-seconds)
has been increased from 30 seconds to 120 seconds, based on user feedback.
Fixed
Certbot for Windows has been upgraded to use Python 3.9.11, in response to
https://www.openssl.org/news/secadv/20220315.txt.
Previously, when Certbot was in the process of registering a new ACME account
and the ACME server did not present any Terms of Service, the user was asked to
agree with a non-existent Terms of Service ("None"). This bug is now \
fixed, so
that if an ACME server does not provide any Terms of Service to agree with, the
user is not asked to agree to a non-existent Terms of Service any longer.
If account registration fails, Certbot did not relay the error from the ACME server
back to the user. This is now fixed: the error message from the ACME server is now
presented to the user when account registration fails.
|
| 2022-03-17 13:23:33 by Adam Ciarcinski | Files touched by this commit (34) | |
Log message: py-acme py-certbot: updated to 1.25.0 Certbot 1.25.0 Changed Dropped 32 bit support for the Windows beta installer Windows beta installer is now distributed as \ "certbot-beta-installer-win_amd64.exe". Users of the Windows beta should uninstall the old version before running this. Added a check whether OCSP stapling is supported by the installer when requesting a certificate with the run subcommand in combination with the --must-staple option. If the installer does not support OCSP and the --must-staple option is used, Certbot will raise an error and quit. Certbot and its acme module now depend on josepy>=1.13.0 due to better type \ annotation support. Fixed Updated dependencies to use new version of cryptography that uses OpenSSL 1.1.1n, in response to https://www.openssl.org/news/secadv/20220315.txt. Certbot 1.24.0 Added When the --debug-challenges option is used in combination with -v, Certbot now displays the challenge URLs (for http-01 challenges) or FQDNs (for dns-01 challenges) and their expected return values. Changed Support for Python 3.6 was removed. All Certbot components now require setuptools>=41.6.0. The acme library now requires requests>=2.20.0. Certbot and its acme library now require pytz>=2019.3. certbot-nginx now requires pyparsing>=2.2.1. certbot-dns-route53 now requires boto3>=1.15.15. Fixed Nginx plugin now checks included files for the singleton \ server_names_hash_bucket_size directive. |
New packages: