-
Notifications
You must be signed in to change notification settings - Fork 5
/
CHANGELOG
172 lines (130 loc) · 6.76 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
CHANGELOG
=========
0.8.4 (20230718)
- doc - Add WHAT IS DANE? section
- Add _ to set of DNS name chars that don't require idn2
- rollover - Divert certbot stdout to stderr to aid output adapters
- Prevent premature rollover (refuse if tlsa-check would fail)
- Terminate danectl when `idna` in subprocess requires idn2 but fails to find it
- Makefile - Add make help (default)
0.8.3 (20230419)
- smimea/smimea-check: Improve email address identification (spotted by John Scott)
0.8.2 (20230414)
- Fix support for Unicode email addresses in S/MIME certificates
0.8.1 (20230412)
- README.md - Add danectl-zonefile and danectl-nsupdate to the list of things installed
- Fix handling of domains with - (with github/thomas-mm)
- Add support for Unicode domain names (IDNA2008/TR46)
0.8 (20230313)
- Add references to the codeberg repository
- Add LICENSES/* and .reuse/dep5 (REUSE 3.0 compliant)
- Add danectl-nsupdate (output adapter for BIND9 dynamic DNS updates)
- Add support for drill on systems like Arch that prefer it to host (for Gaspard d'Hautefeuille)
- Fix openpgpkey-check superfluous record detection: localpart was hard-coded for testing
- Add danectl-zonefile (output adapter for modifying BIND9 zonefiles)
- Add --group option for different certbot configurations for different domains (for github/hunter-nl)
- Add support for reload to use an explicit path to an executable file (for github/hunter-nl)
- Add exporting $CERTNAME environment variable when reloading services (for github/hunter-nl)
0.7.4 (20220725)
- Add support for non-rsa keys (e.g., ecdsa) (github/csarn Christoph Sarnowski)
- Fix tabs in TLSA record output on some systems (with github/csarn Christoph Sarnowski)
0.7.3 (20211221)
- tlsa-check: Fixed output of new reuse_key check to match greppability convention
- tlsa-check doc: Add note in manpage to pipe grep output through grep -v '; ' as well
0.7.2 (20211202)
- Fixed certbot invocation bug introduced in 0.7.1 (spotted by github/ran-deh)
- status/tlsa-check: Add check for reuse_key (and fix if necessary)
- status: Remove redundant use of $@
0.7.1 (20211014)
- doc: Fixed usage typo
- adopt: Accept only a single cert-name (not multiple)
- Improve error message when too many arguments supplied (Say 'Too many' rather than 'Missing')
- Add helpful statements of expectations to usage error messages
- Reorder --quiet and --verbose in usage and manual page
- Rename certbot_options() function to certbot()
- Minor documentation improvements
0.7 (20211011)
- Replace original June 1991 GPLv2 with February 1999 (post-LGPLv2.1) GPLv2
- Replace contributor covenant v2.0 with v2.1
- adopt: Don't refuse existing cert created with --reuse-key (spotted by github/ran-deh)
- new/dup: Handle incorrectly quoted domains (spotted by github/ran-deh)
- Add support for overriding certbot command (spotted by github/ran-deh)
- Smarter certbot plugin/command defaults
- Detect incorrectly quoted certbot options
- Replace "$@" with "$*" where it matters (for Ubuntu/NetBSD) (spotted by github/ran-deh)
- Use /usr/xpg4/bin/sh if present (/bin/sh on Solaris11 is ksh93)
- Remove non-standard 'local' keyword for variables in functions
- make uninstall: Don't complain if files not installed
- make install: Silence Solaris tweak and improve its error reporting
- Rearrange copyright notice header
- doc: Add "/etc/letsencrypt" to "replacing live with current" for clarity
- doc: Replace "keypair" with "key" to avoid confusion with pairs of lineages
- Minor documentation improvements
- Remove superfluous echoes
- Fix variable name clash
- Support multiple base domains in a certificate lineage
- smimea: Add a better check that the certificate can do S/MIME encryption
- Add -1, --oneline option to output OPENPGPKEY/SMIMEA records on a single line
- openpgpkey-check: Fix output (add terminating dot) when no key but record exists
- Add command aliases: alias cb add tlsa del delete show
- Add -s, --spaces option to include spaces in --oneline output
0.6 (20210906)
- Make all reporting of extraneous records greppable zonefile comments
- Support non-GNU sed that doesn't handle 's/ /\t/'
- Make rollover reporting of old records to remove greppable zonefile comments
- Change "extraneous" term to the more accurate "superfluous"
- Add author/url/git variables to remove duplication
- Improve handling of invalid command line usage
- Make tlsa-check superfluous record output slightly nicer (remove space)
- Change "subcommand" term to "command"
- Make tlsa-check superfluous record output prettier
- Remove cut prerequisite
- Add RR name terminating dot where missing
- Add certname and terminating dot to TLSA RR name for rollover and tlsa-check
- Documentation improvements
0.5 (20210903)
- Add OPENPGPKEY (openpgpkey and openpgpkey-check subcommands)
- Add SMIMEA (smimea and smimea-check subcommands)
- Minor documentation improvements
0.4.1 (20210901)
- Fix sshfp/sshfp-check syntax documentation in usage, help, manpage
- Add make uninstall
0.4 (20210830)
- Add SSHFP (sshfp and sshfp-check subcommands)
- Add ls to list of requirements in manpage
0.3.2 (20210830)
- Makefile - Use danectl in cwd to make the manpage
- Changed one line description and rewrote introduction
- Added COPYING
- Remove redundant extra /etc/init.d check
- Add check for rcctl for reloading services on OpenBSD
- Add error message when unable to reload services
- Check ~/.danectlrc ownership and permissions before executing it
- Add CODE_OF_CONDUCT.md
- Add .gitignore
0.3.1 (20210826)
- Minor documentation improvements
0.3 (20210826)
- Updated certbot renew failure message
- Change tlsa-check with no certname to check all certnames
- More/better command aliases
- Add tlsa-check for extra records that should be deleted
- Remove perl prerequisite
0.2 (20210825)
- Check for root privileges early
- More command aliases
- Add missing aliases command to manpage synopsis
- After rollover, use certbot renew (not certonly) in case there are any pre/post hooks
- Add examples to README.md (and minor changes to DESCRIPTION)
- Improve prerequisite checks
- Remove systemctl prerequisite
- Remove pod2man installation prerequisite
- Minor documentation improvements
0.1 (20210824)
- Initial version
--------------------------------------------------------------------------------
URL: https://raf.org/danectl
GIT: https://github.com/raforg/danectl
GIT: https://codeberg.org/raforg/danectl
Date: 20230718
Author: raf <[email protected]>