19a20046ca
Using another build of OpenSSL that appears to work fine in testing. Long term, we should be building OpenSSL ourselves and shipping it on a regular basis. That's another project on the list. Resolves #405. Signed-off-by: Eric F Crist <ecrist@secure-computing.net>
147 lines
5.0 KiB
Plaintext
147 lines
5.0 KiB
Plaintext
Easy-RSA 3 ChangeLog
|
|
|
|
3.0.9 (TBD)
|
|
* Upgrade OpenSSL from 1.1.0j to 1.1.1g for Windows (#405)
|
|
|
|
3.0.8 (2020-09-09)
|
|
* Provide --version option (#372)
|
|
* Version information now within generated certificates like on *nix
|
|
* Fixed issue where gen-dh overwrote existing files without warning (#373)
|
|
* Fixed issue with ED/EC certificates were still signed by RSA (#374)
|
|
* Added support for export-p8 (#339)
|
|
* Clarified error message (#384)
|
|
* 2->3 upgrade now errors and prints message when vars isn't found (#377)
|
|
|
|
3.0.7 (2020-03-30)
|
|
* Include OpenSSL libs and binary for Windows 1.1.0j
|
|
* Remove RANDFILE environment variable (#261)
|
|
* Workaround for bug in win32 mktemp (#247, #305, PR #312)
|
|
* Handle IP address in SAN and renewals (#317)
|
|
* Workaround for ash and no set -o echo (#319)
|
|
* Shore up windows testing framework (#314)
|
|
* Provide upgrade mechanism for older versions of EasyRSA (#349)
|
|
* Add support for KDC certificates (#322)
|
|
* Add support for Edward Curves (#354, #350)
|
|
* Add support for EASYRSA_PASSIN and EASYRSA_PASSOUT env vars (#368)
|
|
* Add support for RID to SAN (#362)
|
|
|
|
3.0.6 (2019-02-01)
|
|
* Certificates that are revoked now move to a revoked subdirectory (#63)
|
|
* EasyRSA no longer clobbers non-EASYRSA environment variables (#277)
|
|
* More sane string checking, allowing for commas in CN (#267)
|
|
* Support for reasonCode in CRL (#280)
|
|
* Better handling for capturing passphrases (#230, others)
|
|
* Improved LibreSSL/MacOS support
|
|
* Adds support to renew certificates up to 30 days before expiration (#286)
|
|
- This changes previous behavior allowing for certificate creation using
|
|
duplicate CNs.
|
|
|
|
3.0.5 (2018-09-15)
|
|
* Fix #17 & #58: use AES256 for CA key
|
|
* Also, don't use read -s, use stty -echo
|
|
* Fix broken "nopass" option
|
|
* Add -r to read to stop errors reported by shellcheck (and to behave)
|
|
* Remove overzealous quotes around $pkcs_opts (more SC errors)
|
|
* Support for LibreSSL
|
|
* EasyRSA version will be reported in certificate comments
|
|
* Client certificates now expire in 3 year (1080 days) by default
|
|
|
|
3.0.4 (2018-01-21)
|
|
* Remove use of egrep (#154)
|
|
* Integrate with Travis-CI (#165)
|
|
* Remove "local" from variable assignment (#165)
|
|
* Other changes related to Travis-CI fixes
|
|
* Assign values to variables defined previously w/local
|
|
* Finally(?) fix the subjectAltName issues I presented earlier (really
|
|
fixes #168)
|
|
|
|
3.0.3 (2017-08-22)
|
|
* Include mktemp windows binary
|
|
* copy CSR extensions into signed certificate
|
|
|
|
|
|
3.0.2 (2017-08-21)
|
|
* Add missing windows binaries
|
|
|
|
|
|
3.0.1 (2015-10-25)
|
|
* Correct some packaging errors
|
|
|
|
|
|
3.0.0 (2015-09-07)
|
|
|
|
* cab4a07 Fix typo: Hellman
|
|
(ljani: Github)
|
|
|
|
* 171834d Fix typo: Default
|
|
(allo-: Github)
|
|
|
|
* 8b42eea Make aes256 default, replacing 3des
|
|
(keros: Github)
|
|
|
|
* f2f4ac8 Make -utf8 default
|
|
(roubert: Github)
|
|
|
|
|
|
3.0.0-rc2 (2014/07/27)
|
|
|
|
* 1551e5f docs: fix typo
|
|
(Josh Cepek <josh.cepek@usa.net>)
|
|
|
|
* 7ae44b3 Add KNOWN_ISSUES to stage next -rc release
|
|
(Josh Cepek <josh.cepek@usa.net>)
|
|
|
|
* a0d58b2 Update documentation
|
|
(Josh Cepek <josh.cepek@usa.net>)
|
|
|
|
* 5758825 Fix vars.example with proper path to extensions.temp
|
|
(Josh Cepek <josh.cepek@usa.net>)
|
|
|
|
* 89f369c Add support to change private key passphrases
|
|
(Josh Cepek <josh.cepek@usa.net>)
|
|
|
|
* 49d7c10 Improve docs: add Upgrade-Notes; add online support refs
|
|
(Josh Cepek <josh.cepek@usa.net>)
|
|
|
|
* fcc4547 Add build-dist packaging script; update Building docs
|
|
(Josh Cepek <josh.cepek@usa.net>)
|
|
|
|
* f74d08e docs: update Hacking.md with layout & git conventions
|
|
(Josh Cepek <josh.cepek@usa.net>)
|
|
|
|
* 0754f23 Offload temp file removal to a clean_temp() function
|
|
(Josh Cepek <josh.cepek@usa.net>)
|
|
|
|
* 1c90df9 Fix incorrect handling of invalid --use-algo option
|
|
(Josh Cepek <josh.cepek@usa.net>)
|
|
|
|
* c86289b Fix batch-mode handling with changes in e75ad75
|
|
(Josh Cepek <josh.cepek@usa.net>)
|
|
|
|
* e75ad75 refine how booleans are evaluated
|
|
(Eric F Crist <ecrist@secure-computing.net>)
|
|
|
|
* cc19823 Merge PKCS#7 feature from pull req #14
|
|
(Author: Luiz Angelo Daros de Luca <luizluca@tre-sc.gov.br>)
|
|
(Modified-By: Josh Cepek <josh.cepek@usa.net>)
|
|
|
|
* 8b1fe01 Support OpenSSL-0.9.8 with the EXTRA_EXTS feature
|
|
(Josh Cepek <josh.cepek@usa.net>)
|
|
|
|
* d5516d5 Windows: make builds easier by using a matching dir structure
|
|
(Josh Cepek <josh.cepek@usa.net>)
|
|
|
|
* dc2e6dc Windows: improve external checks and env-var help
|
|
(Josh Cepek <josh.cepek@usa.net>)
|
|
|
|
3.0.0-rc1 (2013/12/01)
|
|
|
|
* The 3.x release is a nearly complete re-write of the 2.x codebase
|
|
|
|
* Initial 3.x series code by Josh Cepek <josh.cepek@usa.net> -- continuing
|
|
maintenance by the OpenVPN community development team and associated
|
|
contributors
|
|
|
|
* Add ECDSA (elliptic curve) support, thanks to Steffan Karger
|
|
<steffan@karger.me>
|