The NetBSD Project

CVS log for pkgsrc/security/py-acme/PLIST

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / security / py-acme

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.10.4.1 / (download) - annotate - [select for diffs], Tue Jan 29 13:53:37 2019 UTC (4 months, 2 weeks ago) by bsiegert
Branch: pkgsrc-2018Q4
Changes since 1.10: +3 -0 lines
Diff to previous 1.10 (colored) next main 1.11 (colored)

Pullup ticket #5901 - requested by taca
security/py-acme: update (stop using TLS-SNI-01)
security/py-certbot: update (stop using TLS-SNI-01)

Revisions pulled up:
- security/py-acme/PLIST                                        1.11
- security/py-certbot/Makefile.common                           1.29
- security/py-certbot/PLIST                                     1.14
- security/py-certbot/distinfo                                  1.28

---
   Module Name:    pkgsrc
   Committed By:   triaxx
   Date:           Tue Jan 15 09:32:11 UTC 2019

   Modified Files:
           pkgsrc/security/py-certbot: Makefile.common PLIST distinfo

   Log Message:
   py-certbot: update to 0.30.0

   Upstream changes:
   ================================================================================
   ## 0.30.0 - 2019-01-02

   ### Added

   * Added the `update_account` subcommand for account management commands.

   ### Changed

   * Copied account management functionality from the `register` subcommand
     to the `update_account` subcommand.
   * Marked usage `register --update-registration` for deprecation and
     removal in a future release.

   ### Fixed

   * Older modules in the josepy library can now be accessed through acme.jose
     like it could in previous versions of acme. This is only done to preserve
     backwards compatibility and support for doing this with new modules in josepy
     will not be added. Users of the acme library should switch to using josepy
     directly if they haven't done so already.

   Despite us having broken lockstep, we are continuing to release new versions of
   all Certbot components during releases for the time being, however, the only
   package with changes other than its version number was:

   * acme

   More details about these changes can be found on our GitHub repo.

   ## 0.29.1 - 2018-12-05

   ### Added

   *

   ### Changed

   *

   ### Fixed

   * The default work and log directories have been changed back to
     /var/lib/letsencrypt and /var/log/letsencrypt respectively.

   Despite us having broken lockstep, we are continuing to release new versions of
   all Certbot components during releases for the time being, however, the only
   package with changes other than its version number was:

   * certbot

   More details about these changes can be found on our GitHub repo.

   ## 0.29.0 - 2018-12-05

   ### Added

   * Noninteractive renewals with `certbot renew` (those not started from a
     terminal) now randomly sleep 1-480 seconds before beginning work in
     order to spread out load spikes on the server side.
   * Added External Account Binding support in cli and acme library.
     Command line arguments --eab-kid and --eab-hmac-key added.

   ### Changed

   * Private key permissioning changes: Renewal preserves existing group mode
     & gid of previous private key material. Private keys for new
     lineages (i.e. new certs, not renewed) default to 0o600.

   ### Fixedxed

   * Update code and dependencies to clean up Resource and Deprecation Warnings.
   * Only depend on imgconverter extension for Sphinx >= 1.6

   Despite us having broken lockstep, we are continuing to release new versions of
   all Certbot components during releases for the time being, however, the only
   package with changes other than its version number was:

   * acme
   * certbot
   * certbot-apache
   * certbot-dns-cloudflare
   * certbot-dns-digitalocean
   * certbot-dns-google
   * certbot-nginx

   More details about these changes can be found on our GitHub repo:
   https://github.com/certbot/certbot/milestone/62?closed=1

   ## 0.28.0 - 2018-11-7

   ### Added

   * `revoke` accepts `--cert-name`, and doesn't accept both `--cert-name` and `--cert-path`.
   * Use the ACMEv2 newNonce endpoint when a new nonce is needed, and newNonce is available in the directory.

   ### Changed

   * Removed documentation mentions of `#letsencrypt` IRC on Freenode.
   * Write README to the base of (config-dir)/live directory
   * `--manual` will explicitly warn users that earlier challenges should remain in place when setting up subsequent challenges.
   * Warn when using deprecated acme.challenges.TLSSNI01
   * Log warning about TLS-SNI deprecation in Certbot
   * Stop preferring TLS-SNI in the Apache, Nginx, and standalone plugins
   * OVH DNS plugin now relies on Lexicon>=2.7.14 to support HTTP proxies
   * Default time the Linode plugin waits for DNS changes to propogate is now 1200 seconds.

   ### Fixed

   * Match Nginx parser update in allowing variable names to start with `${`.
   * Fix ranking of vhosts in Nginx so that all port-matching vhosts come first
   * Correct OVH integration tests on machines without internet access.
   * Stop caching the results of ipv6_info in http01.py
   * Test fix for Route53 plugin to prevent boto3 making outgoing connections.
   * The grammar used by Augeas parser in Apache plugin was updated to fix various parsing errors.
   * The CloudXNS, DNSimple, DNS Made Easy, Gehirn, Linode, LuaDNS, NS1, OVH, and
     Sakura Cloud DNS plugins are now compatible with Lexicon 3.0+.

   Despite us having broken lockstep, we are continuing to release new versions of
   all Certbot components during releases for the time being, however, the only
   package with changes other than its version number was:

   * acme
   * certbot
   * certbot-apache
   * certbot-dns-cloudxns
   * certbot-dns-dnsimple
   * certbot-dns-dnsmadeeasy
   * certbot-dns-gehirn
   * certbot-dns-linode
   * certbot-dns-luadns
   * certbot-dns-nsone
   * certbot-dns-ovh
   * certbot-dns-route53
   * certbot-dns-sakuracloud
   * certbot-nginx

   More details about these changes can be found on our GitHub repo:
   https://github.com/certbot/certbot/milestone/59?closed=1

   ## 0.27.1 - 2018-09-06

   ### Fixed

   * Fixed parameter name in OpenSUSE overrides for default parameters in the
     Apache plugin. Certbot on OpenSUSE works again.

   Despite us having broken lockstep, we are continuing to release new versions of
   all Certbot components during releases for the time being, however, the only
   package with changes other than its version number was:

   * certbot-apache

   More details about these changes can be found on our GitHub repo:
   https://github.com/certbot/certbot/milestone/60?closed=1

---
   Module Name:    pkgsrc
   Committed By:   triaxx
   Date:           Tue Jan 15 09:34:10 UTC 2019

   Modified Files:
           pkgsrc/security/py-acme: PLIST

   Log Message:
   py-acme: update to 0.30.0

Revision 1.11 / (download) - annotate - [select for diffs], Tue Jan 15 09:34:09 2019 UTC (5 months ago) by triaxx
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base, pkgsrc-2019Q1, HEAD
Changes since 1.10: +3 -0 lines
Diff to previous 1.10 (colored)

py-acme: update to 0.30.0

Revision 1.10 / (download) - annotate - [select for diffs], Tue Jul 17 16:32:16 2018 UTC (11 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2018Q4-base, pkgsrc-2018Q3-base, pkgsrc-2018Q3
Branch point for: pkgsrc-2018Q4
Changes since 1.9: +0 -1 lines
Diff to previous 1.9 (colored)

net/py-{acme,certbot}: Update to 0.26.0.

### Added

- A new security enhancement which we're calling AutoHSTS has been
  added to Certbot's Apache plugin. This enhancement configures your
  webserver to send a HTTP Strict Transport Security header with a low
  max-age value that is slowly increased over time. The max-age value is
  not increased to a large value until you've successfully managed to
  renew your certificate. This enhancement can be requested with the
  --auto-hsts flag.
- New official DNS plugins have been created for Gehirn Infrastracture
  Service, Linode, OVH, and Sakura Cloud. These plugins can be found
  on our Docker Hub page at https://hub.docker.com/u/certbot and on
  PyPI.
- The ability to reuse ACME accounts from Let's Encrypt's ACMEv1
  endpoint on Let's Encrypt's ACMEv2 endpoint has been added.
- Certbot and its components now support Python 3.7.
- Certbot's install subcommand now allows you to interactively choose
  which certificate to install from the list of certificates managed
  by Certbot.
- Certbot now accepts the flag `--no-autorenew` which causes any
  obtained certificates to not be automatically renewed when it
  approaches expiration.
- Support for parsing the TLS-ALPN-01 challenge has been added back to
  the acme library.

### Changed

- Certbot's default ACME server has been changed to Let's Encrypt's
  ACMEv2 endpoint. By default, this server will now be used for both
  new certificate lineages and renewals.
- The Nginx plugin is no longer marked labeled as an "Alpha" version.
- The `prepare` method of Certbot's plugins is no longer called before
  running "Updater" enhancements that are run on every invocation of
  `certbot renew`.

Revision 1.9 / (download) - annotate - [select for diffs], Tue Jun 12 09:22:35 2018 UTC (12 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base, pkgsrc-2018Q2
Changes since 1.8: +7 -0 lines
Diff to previous 1.8 (colored)

security/py-{acme,certbot}: Update to 0.25.0.

### Added

- Support for the ready status type was added to acme. Without this change,
  Certbot and acme users will begin encountering errors when using Let's
  Encrypt's ACMEv2 API starting on June 19th for the staging environment and
  July 5th for production. See
  https://community.letsencrypt.org/t/acmev2-order-ready-status/62866 for more
  information.
- Certbot now accepts the flag --reuse-key which will cause the same key to be
  used in the certificate when the lineage is renewed rather than generating a
  new key.
- You can now add multiple email addresses to your ACME account with Certbot by
  providing a comma separated list of emails to the --email flag.
- Support for Let's Encrypt's upcoming TLS-ALPN-01 challenge was added to acme.
  For more information, see
  https://community.letsencrypt.org/t/tls-alpn-validation-method/63814/1.
- acme now supports specifying the source address to bind to when sending
  outgoing connections. You still cannot specify this address using Certbot.
- If you run Certbot against Let's Encrypt's ACMEv2 staging server but don't
  already have an account registered at that server URL, Certbot will
  automatically reuse your staging account from Let's Encrypt's ACMEv1 endpoint
  if it exists.
- Interfaces were added to Certbot allowing plugins to be called at additional
  points. The `GenericUpdater` interface allows plugins to perform actions
  every time `certbot renew` is run, regardless of whether any certificates are
  due for renewal, and the `RenewDeployer` interface allows plugins to perform
  actions when a certificate is renewed. See `certbot.interfaces` for more
  information.

### Changed

- When running Certbot with --dry-run and you don't already have a staging
  account, the created account does not contain an email address even if one
  was provided to avoid expiration emails from Let's Encrypt's staging server.
- certbot-nginx does a better job of automatically detecting the location of
  Nginx's configuration files when run on BSD based systems.
- acme now requires and uses pytest when running tests with setuptools with
  `python setup.py test`.
- `certbot config_changes` no longer waits for user input before exiting.

### Fixed

- Misleading log output that caused users to think that Certbot's standalone
  plugin failed to bind to a port when performing a challenge has been
  corrected.
- An issue where certbot-nginx would fail to enable HSTS if the server block
  already had an `add_header` directive has been resolved.
- certbot-nginx now does a better job detecting the server block to base the
  configuration for TLS-SNI challenges on.

Revision 1.8 / (download) - annotate - [select for diffs], Tue Mar 13 10:08:51 2018 UTC (15 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2018Q1-base, pkgsrc-2018Q1
Changes since 1.7: +1 -0 lines
Diff to previous 1.7 (colored)

security/py-certbot: Update to 0.22.0

### Added

- Support for obtaining wildcard certificates and a newer version of the ACME
  protocol such as the one implemented by Let's Encrypt's upcoming ACMEv2
  endpoint was added to Certbot and its ACME library. Certbot still works with
  older ACME versions and will automatically change the version of the protocol
  used based on the version the ACME CA implements.
- The Apache and Nginx plugins are now able to automatically install a wildcard
  certificate to multiple virtual hosts that you select from your server
  configuration.
- The `certbot install` command now accepts the `--cert-name` flag for
  selecting a certificate.
- `acme.client.BackwardsCompatibleClientV2` was added to Certbot's ACME library
  which automatically handles most of the differences between new and old ACME
  versions. `acme.client.ClientV2` is also available for people who only want
  to support one version of the protocol or want to handle the differences
  between versions themselves.
- certbot-auto now supports the flag --install-only which has the script
  install Certbot and its dependencies and exit without invoking Certbot.
- Support for issuing a single certificate for a wildcard and base domain was
  added to our Google Cloud DNS plugin. To do this, we now require your API
  credentials have additional permissions, however, your credentials will
  already have these permissions unless you defined a custom role with fewer
  permissions than the standard DNS administrator role provided by Google.
  These permissions are also only needed for the case described above so it
  will continue to work for existing users. For more information about the
  permissions changes, see the documentation in the plugin.

### Changed

- We have broken lockstep between our ACME library, Certbot, and its plugins.
  This means that the different components do not need to be the same version
  to work together like they did previously. This makes packaging easier
  because not every piece of Certbot needs to be repackaged to ship a change to
  a subset of its components.
- Support for Python 2.6 and Python 3.3 has been removed from ACME, Certbot,
  Certbot's plugins, and certbot-auto. If you are using certbot-auto on a RHEL
  6 based system, it will walk you through the process of installing Certbot
  with Python 3 and refuse to upgrade to a newer version of Certbot until you
  have done so.
- Certbot's components now work with older versions of setuptools to simplify
  packaging for EPEL 7.

### Fixed

- Issues caused by Certbot's Nginx plugin adding multiple ipv6only directives
  has been resolved.
- A problem where Certbot's Apache plugin would add redundant include
  directives for the TLS configuration managed by Certbot has been fixed.
- Certbot's webroot plugin now properly deletes any directories it creates.

Revision 1.7 / (download) - annotate - [select for diffs], Mon Jan 22 13:37:25 2018 UTC (16 months, 3 weeks ago) by fhajny
Branch: MAIN
Changes since 1.6: +0 -53 lines
Diff to previous 1.6 (colored)

Update security/py-{acme,certbot} to 0.21.0.

### Added

- Support for the HTTP-01 challenge type was added to our Apache and Nginx
  plugins.
- IPv6 support was added to the Nginx plugin.
- Support for automatically creating server blocks based on the default server
  block was added to the Nginx plugin.
- The flags --delete-after-revoke and --no-delete-after-revoke were added
  allowing users to control whether the revoke subcommand also deletes the
  certificates it is revoking.

### Changed

- We deprecated support for Python 2.6 and Python 3.3 in Certbot and its ACME
  library.
- We split our implementation of JOSE (Javascript Object Signing and
  Encryption) out of our ACME library and into a separate package named josepy.
- We updated the ciphersuites used in Apache to the new values recommended by
  Mozilla

### Fixed

- An issue with our Apache plugin on Gentoo due to differences in their
  apache2ctl command have been resolved.

Revision 1.6 / (download) - annotate - [select for diffs], Thu Aug 3 22:12:17 2017 UTC (22 months, 1 week ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-
Changes since 1.5: +74 -73 lines
Diff to previous 1.5 (colored)

Update security/py-certbot and security/py-acme to 0.17.0.

### Added

- Support in our nginx plugin for modifying SSL server blocks that do
  not contain certificate or key directives.
- A `--max-log-backups` flag to allow users to configure or even completely
  disable Certbot's built in log rotation.
- A `--user-agent-comment` flag to allow people who build tools around Certbot
  to differentiate their user agent string by adding a comment to its default
  value.

### Changed

- Due to some awesome work by cryptography project, compilation can now be
  avoided on most systems when using certbot-auto.
- The `--renew-hook` flag has been hidden in favor of `--deploy-hook`.
- We have started printing deprecation warnings in certbot-auto for
  experimentally supported systems with OS packages available.
- A certificate lineage's name is included in error messages during renewal.

### Fixed

- Encoding errors that could occur when parsing error messages from the ACME
  server containing Unicode have been resolved.
- certbot-auto no longer prints misleading messages about there being a newer
  pip version available when installation fails.
- Certbot's ACME library now properly extracts domains from critical SAN
  extensions.

Revision 1.5 / (download) - annotate - [select for diffs], Thu May 11 08:23:35 2017 UTC (2 years, 1 month ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base, pkgsrc-2017Q2
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)

Update py-certbot and py-acme to 0.14.0.
Use ALTERNATIVES to handle different Python versions better.

0.14.0 - 2017-05-04

Added

- Python 3.3+ support for all Certbot packages. certbot-auto still
  currently only supports Python 2, but the acme, certbot,
  certbot-apache, and certbot-nginx packages on PyPI now fully support
  Python 2.6, 2.7, and 3.3+.
- Certbot's Apache plugin now handles multiple virtual hosts per file.
- Lockfiles to prevent multiple versions of Certbot running
  simultaneously.

Changed

- When converting an HTTP virtual host to HTTPS in Apache, Certbot
  only copies the virtual host rather than the entire contents of the
  file it's contained in.
- The Nginx plugin now includes SSL/TLS directives in a separate file
  located in Certbot's configuration directory rather than copying the
  contents of the file into every modified server block.

Fixed

- Ensure logging is configured before parts of Certbot attempt to log
  any messages.
- Support for the --quiet flag in certbot-auto.
- Reverted a change made in a previous release to make the acme and
  certbot packages always depend on argparse. This dependency is
  conditional again on the user's Python version.
- Small bugs in the Nginx plugin such as properly handling empty
  server blocks and setting server_names_hash_bucket_size during
  challenges.

Revision 1.4 / (download) - annotate - [select for diffs], Tue Feb 7 14:03:14 2017 UTC (2 years, 4 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base, pkgsrc-2017Q1
Changes since 1.3: +0 -6 lines
Diff to previous 1.3 (colored)

Updated py-acme to 0.11.1.

No concise changelog found. ~30 bugs/issues fixed.

Revision 1.3 / (download) - annotate - [select for diffs], Thu Jan 12 16:02:43 2017 UTC (2 years, 5 months ago) by fhajny
Branch: MAIN
Changes since 1.2: +1 -0 lines
Diff to previous 1.2 (colored)

Update security/py-{acme,certbot} to 0.10.0.

No changelog released, commits closed for 0.10.0:
- Stop IDisplay AssertionErrors
- Add update_symlinks to "--help manage"
- Hide rename command for 0.10.0
- Disable rename command for 0.10.0
- Break on failure to deploy cert
- Incorrect success condition in nginx
- certbot delete and rename evoke IDisplay
- Put update_symlinks in certbot --help manage
- Fix Error Message for invalid FQDNs
- pyopenssl inject workaround
- pyparsing.restOfLine is not a function, don't call it
- Add information on updating [certbot|letsencrypt]-auto
- Remove quotes so tilde is expanded
- Correctly report when we skip hooks during renewal
- Add line number to Augeas syntax error message
- Mention line in (Apache) conf file in case of Augeas parse/syntax
  error
- Fixes #3954 and adds a test to prevent regressions
- Further OCSP improvements
- `-n` doesn't like `force_interactive`?
- Save allow_subset_of_names in renewal conf files
- I promise checklists are OK (fixes #3934)
- Return domains for _find_domains_or_certname
- --cert-name causes explosions when trying to use "run" as an installer
- Interactivity glitch in git master
- Document some particularities of the revoke subcommand
- test using os.path.sep not hardcoded /
- Save --pre and --post hooks in renewal conf files, and run them in a
  sophisticated way
- Don't add ServerAlias directives when the domain is already covered by
  a wildcard
- Mitigate problems for people who run without -n
- Use relative paths for livedir symlinks
- Implement delete command
- Use isatty checks before asking new questions
- Ensure apt-cache is always running in English if we're going to grep
- Sort the names by domain (then subdomain) before showing them
- Merge the manual and script plugins
- --allow-subset-of-names should probably be a renewalparam
- Fix certbox-nginx address equality check
- Implement our fancy new --help output
- Make renew command respect the --cert-name flag
- Error when using non-english locale on Debian
- Document defaults
- Improve simple --help output
- Add pyasn1 back to le-auto
- Mark Nginx vhosts as ssl when any vhost is on ssl at that address
- Fully check for Nginx address equality
- Preserve --must-staple in configuration for renewal (#3844)
- Git master certbot is making executable renewal conf files?
- Improve the "certbot certificates" output
- Renewal: Preserve 'OCSP Must Staple' (option --must-staple)
- Security enhancement cleanup
- Parallalelise nosetests from tox
- "certbot certificates" is API-like, so make it future-proof
- Fix LE_AUTO_SUDO usage
- Remove the sphinxcontrib.programout [docs]dependency
- No more relative path connection from live-crt to archive-crt files
- Ensure tests pass with openssl 1.1
- Output success message for revoke command
- acme module fails tests with openssl 1.1
- Pin pyopenssl 16.2.0 in certbot-auto
- Fixed output of `certbot-auto --version`(#3637).
- Take advantage of urllib3 pyopenssl rewrite
- Busybox support
- Fix --http-01-port typo at source
- Implement the --cert-name flag to select a lineage by its name.
- Fix reinstall message
- Changed plugin interface return types (#3748).
- Remove letshelp-letsencrypt
- Bump pyopenssl version
- Bump python-cryptography to 1.5.3
- Remove get_all_certs_keys() from Apache and Nginx
- Further merge --script-* with --*-hook
- Certbot opens curses sessions for informational notices, breaking
  automation
- Fix writing pem files with Python3
- Strange reinstallation errors
- Don't re-add redirects if one exists
- Use subprocess.Popen.terminate instead of os.killpg
- Generalize return types for plugin interfaces
- Don't re-append Nginx redirect directive
- Cli help is sometimes wrong about what the default for something is
- [certbot-auto] Bump cryptography version to 1.5.2
- python-cryptography build failure on sid
- Remove sphinxcontrib-programoutput dependency?
- Allow notification interface to not wrap text
- Fix non-ASCII domain check.
- Add renew_hook to options stored in the renewal config, #3394
- Where oh where has sphinxcontrib-programoutput gone?
- Remove some domain name checks.
- Allowing modification check to run using "tox"
- How to modify *-auto
- Don't crash when U-label IDN provided on command line
- Add README file to each live directory explaining its contents.
- Allow user to select all domains by typing empty string at checklist
- Fix issue with suggest_unsafe undeclared
- Update docs/contributing.rst to match display behavior during release.
- Referencing unbound variable in certbot.display.ops.get_email
- Add list-certs command
- Remove the curses dialog, thereby deprecating the --help and --dialog
  command line options
- Remove the curses dialog, thereby deprecating the --help and --dialog
  command line options
- Specify archive directory in renewal configuration file
- 0.9.1 fails in non-interactive use (pythondialog, error opening
  terminal)
- Allow certbot to get a cert for default_servers
- [nginx] Cert for two domains in one virtaulhost fails
- [nginx] --hsts and --uir flags not working?
- `certbot-auto --version` still says `letsencrypt 0.9.3` (should say
  `certbot 0.9.3`?)
- Add a cli option for "all domains my installer sees"
- Stop rejecting punycode domain names
- Standalone vs. Apache for available ports
- nginx-compatibility-weirdness
- Support requesting IDNA2008 Punycode domains
- Cert Management Improvement Project (C-MIP)
- Add --lineage command line option for nicer SAN management.
- Fix requirements.txt surgery in response to shipping certbot-nginx
- Use correct Content-Types in headers.
- Missing Content-Type 'application/json' in POST requests
- Script plugin
- Inconsistent error placement
- Server alias [revision requested]
- When getopts is called multiple time we need to reset OPTIND.
- certbot-auto: Print link to doc on debugging pip install error
  [revision requested]
- Update ACME error namespace to match the new draft.
- Update errors to match latest ACME version.
- Testing the output of build.py against lea-source/lea
- Make return type of certbot.interfaces.IInstaller.get_all_keys_certs()
  an iterator
- Fix requirements file surgery for 0.10.0 release
- Update Where Are My Certs section.
- Hooks do not get stored in renewal config file
- Multiple vhosts
- Bind to IPv6, fix the problem of ipv6 site cannot generate / renew
  certificate [revision requested]
- Warning message for low memory servers
- Run simple certbot-auto tests with `tox`
- letsencrypt-auto-source/letsencrypt-auto should be the output of
  build.py
- DialogError should come with --text instructions
- Support correct error namespace
- Verification URL after successful certificate configuration can't be
  opened from terminal
- Use appropriate caution when handling configurations that have complex
  rewrite logic
- `revoke` doesn't output any status
- adding -delete option to remove the cert files
- Stop using simple_verify in manual plugin
- Ways of specifying what to renew
- Allow removing SAN from multidomain certificate when renewing
- Dialog is sometimes ugly
- Allow user to override sudo as root authorization method [minor
  revision requested]
- Add a README file to each live directory explaining its contents
- ExecutableNotFound

Revision 1.2 / (download) - annotate - [select for diffs], Tue Oct 11 09:23:35 2016 UTC (2 years, 8 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2016Q4-base, pkgsrc-2016Q4
Changes since 1.1: +6 -0 lines
Diff to previous 1.1 (colored)

Update py-certbot and py-acme to 0.9.1.

No changelog available, issues closed since 0.8.1:

certbot 0.9.1
- Make --quiet reduce the logging level

certbot 0.9.0
- Allow tests to pass without dnspython
- Remove psutil dep
- Renew symlink safety
- Update Nginx redirect enhancement process to modify appropriate
  blocks
- If lineages are in an inconsistent (non-deployed) state, deploy
  them
- Restructure how Nginx parser re-finds vhosts, and disable
  creating new server blocks.
- Remove pointless question
- Tie Nginx OCSP stapling to enhancements system
- Nginx server block selection: Handle non-80/443 ports
- Include log retention count to 1000.
- Make parser.py: add_server_directives documentation consistent
  with functionality
- Fix Nginx prompt
- Make Nginx error out if no matching server block is found
- Only suggest names LE will accept
- Implement Nginx server block selection
- should_autorenew ignores symlinks
- Fixes cffi errors in Travis during oldest tests
- DNS challenge support in the manual plugin and general purpose
  --preferred-challenges flag
- Fixed hash_bucket_size detection for nginx
- Support both invalidEmail and invalidContact errors
- Removes duplication between README.rst and resources.rst
- Psutil tests
- Allow tests to run when psutil isn't available
- Tests fail on Certbot package due to missing psutil dependency
- Hide the Nginx plugin
- Add the Nginx plugin to certbot-auto
- OCSP stapling in Nginx
- Nginx plugin selection
- Add certbot-nginx to certbot-auto
- Missing links in README
- clarify invalid email error in non-interactive
- Replace '-' with '_' before filtering plugin settings
- Fix extra or lack of spacing between words in help for renew
  flags
- Fix Travis tests
- Avoid importing conflicting security policy directives
- Change log rotation scheme
- Plugins with hyphens do not receive their args during renewal
- Handle dns01 challenge into the manual plugin [see #3466]
- Enable unit tests of certbot core on Python 3
- Add os-release ID_LIKE parsing if original distribution mapping
  not found in constants
- Fix README typo
- Nginx plugin domain selection
- Fix spacing of nginx redirect blocks
- Rationalise challenge and port selection flags
- Remove psutil from requirements.txt
- prevent Github commits from modifying certbot-auto and
  letsencrypt-auto
- Gradually remove psutil dependency, bugfix [URGENT]
- psutil fails to install because hash is missing when running
  certbot-auto
- Failure to start Nginx after configuring redirect
- Prepare docs to turn off the wiki
- Certbot apache plugin fails with TypeError: 'NoneType' object
  has no attribute '__getitem__'
- Change fatal warning to a fatal message
- Fatal warnings
- Apache default default
- Deprecation fixes
- New docs structure and introduction
- Nginx charset_map and ${VARIABLE_SUBSTITUTION} parsing
- Unclear error about invalid email in non-interactive mode
- Use simple socket test for port availability if psutil not found
- Python 3 support for certonly
- Set dialog widgets to use autowidgetsize
- Errors when run without root
- Apache plugin PATH fallback
- Automatically enable EPEL after prompting users
- Multi-topic help listings
- Installer error
- Explain why Apache [appears] not to be installed
- ErrorHandler causing errors
- Update FreeBSD package name
- Comment out corresponding RewriteConds for filtered RewriteRule
- Permissive parsing of nginx map blocks
- add nginx round-trip tests to tox/travis
- Fix Unix signal handling in certbot.error_handler.ErrorHandler
- Resuming error handling functions after a signal
- Only write nginx config files if they've been modified
- If the user picks "cancel" from the Apache vhost selection menu,
  Certbot doesn't exit
- certbot removes http->https rules corrupts ruleset
- Fix typo
- Better document plugins and reversion
- Nginx parser apparently can't parse "map"
- Nginx plugin shouldn't write files it hasn't changed
- Fix Nginx reversion
- Merge Augeas fix for comment line continuations
- Remove warning about nginx options file
- Explain the most likely cause of a missing replay nonce error
- Bump pyca package versions
- Don't add wildcard listen if user has more specific
  configuration
- Remove unused nosexcover dependency
- Cleanup dev setup
- Nginx space preservation
- Set dialog widgets to use autowidgetsize
- Printing pip output to terminal when -v is used
- Log new cert and cert renewal
- Log whether renewing or obtaining a new certificate
- Added the argument --quiet and -q so then when used with a
  regular user there is no output to the screen.
- certbot-auto not quiet when used with regular user
- Adding sensible UI logging for typical user
- Replace psutils dependency
- Display DialogError details correctly
- -v implies --text
- Fix FQDN checks, closes #3057 and #3056
- Bug in FQDN detection: installer wrongly interprets _
- Installer thinks bare TLD is not a valid FQDN
- Limiting tox envlist to really needed tests
- trouble with Listen directives in CentOS 7 / ssl.conf
- Remove dangling footnote
- certbot-apache fails to parse files with comma in the filename
- pip and verbosity
- Dialog error messages
- NcursesDisplay.menu: treat ESC as cancel
- More useful error when running as non-root?
- -v should imply --text
- Update tox/instructions
- Error that results when run without root is unclear
- Enable EPEL in RPM bootstrapper
- Add dns-01 challenge support to the ACME client
- Apache plugin fails to parse OWASP's ModSecurity ruleset
- Audit nginx plugin for guaranteed config reversion in case of
  error
- NoInstallationError() from Apache plugin within renewal cron
  jobs due to /usr/sbin not being in the PATH
- nginx http redirect
- "No installers" error message not clear
- HelpfulArgumentParser should know about flags that are relevant
  to several topics
- Nginx configurator should preserve whitespace on output
- server blocks added to nginx.conf
- Nginx fails if ssl_session_cache already defined
- nginx leaves dirty/modified config files
- Sensible UI logging for typical user
- nginx plugin issue with server block containing multiple
  servernames

Revision 1.1 / (download) - annotate - [select for diffs], Wed May 25 18:18:16 2016 UTC (3 years ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2

Import certbot 0.6.0 as security/py-certbot.

Certbot, previously the Let's Encrypt Client, is EFF's tool to
obtain certs from Let's Encrypt, and (optionally) autoenable HTTPS
on your server. It can also act as a client for any other CA that
uses the ACME protocol.

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>