diff --git a/CHANGELOG.rst b/CHANGELOG.rst index dc1a4ffc..fc2ed65f 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -5,6 +5,41 @@ Community Crypto Release Notes .. contents:: Topics +v1.1.0 +====== + +Release Summary +--------------- + +Release for Ansible 2.10.0. + + +Minor Changes +------------- + +- acme_account - add ``external_account_binding`` option to allow creation of ACME accounts with External Account Binding (https://github.com/ansible-collections/community.crypto/issues/89). +- acme_certificate - allow new selector ``test_certificates: first`` for ``select_chain`` parameter (https://github.com/ansible-collections/community.crypto/pull/102). +- cryptography backends - support arbitrary dotted OIDs (https://github.com/ansible-collections/community.crypto/issues/39). +- get_certificate - add support for SNI (https://github.com/ansible-collections/community.crypto/issues/69). +- luks_device - add support for encryption options on container creation (https://github.com/ansible-collections/community.crypto/pull/97). +- openssh_cert - add support for PKCS#11 tokens (https://github.com/ansible-collections/community.crypto/pull/95). +- openssl_certificate - the PyOpenSSL backend now uses 160 bits of randomness for serial numbers, instead of a random number between 1000 and 99999. Please note that this is not a high quality random number (https://github.com/ansible-collections/community.crypto/issues/76). +- openssl_csr - add support for name constraints extension (https://github.com/ansible-collections/community.crypto/issues/46). +- openssl_csr_info - add support for name constraints extension (https://github.com/ansible-collections/community.crypto/issues/46). + +Bugfixes +-------- + +- acme_inspect - fix problem with Python 3.5 that JSON was not decoded (https://github.com/ansible-collections/community.crypto/issues/86). +- get_certificate - fix ``ca_cert`` option handling when ``proxy_host`` is used (https://github.com/ansible-collections/community.crypto/pull/84). +- openssl_*, x509_* modules - fix handling of general names which refer to IP networks and not IP addresses (https://github.com/ansible-collections/community.crypto/pull/92). + +New Modules +----------- + +- openssl_signature - Sign data with openssl +- openssl_signature_info - Verify signatures with openssl + v1.0.0 ====== diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index d860c873..d3116a95 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -140,3 +140,48 @@ releases: name: x509_crl_info namespace: '' release_date: '2020-07-03' + 1.1.0: + changes: + bugfixes: + - acme_inspect - fix problem with Python 3.5 that JSON was not decoded (https://github.com/ansible-collections/community.crypto/issues/86). + - get_certificate - fix ``ca_cert`` option handling when ``proxy_host`` is used + (https://github.com/ansible-collections/community.crypto/pull/84). + - openssl_*, x509_* modules - fix handling of general names which refer to IP + networks and not IP addresses (https://github.com/ansible-collections/community.crypto/pull/92). + minor_changes: + - acme_account - add ``external_account_binding`` option to allow creation of + ACME accounts with External Account Binding (https://github.com/ansible-collections/community.crypto/issues/89). + - 'acme_certificate - allow new selector ``test_certificates: first`` for ``select_chain`` + parameter (https://github.com/ansible-collections/community.crypto/pull/102).' + - cryptography backends - support arbitrary dotted OIDs (https://github.com/ansible-collections/community.crypto/issues/39). + - get_certificate - add support for SNI (https://github.com/ansible-collections/community.crypto/issues/69). + - luks_device - add support for encryption options on container creation (https://github.com/ansible-collections/community.crypto/pull/97). + - openssh_cert - add support for PKCS#11 tokens (https://github.com/ansible-collections/community.crypto/pull/95). + - openssl_certificate - the PyOpenSSL backend now uses 160 bits of randomness + for serial numbers, instead of a random number between 1000 and 99999. Please + note that this is not a high quality random number (https://github.com/ansible-collections/community.crypto/issues/76). + - openssl_csr - add support for name constraints extension (https://github.com/ansible-collections/community.crypto/issues/46). + - openssl_csr_info - add support for name constraints extension (https://github.com/ansible-collections/community.crypto/issues/46). + release_summary: 'Release for Ansible 2.10.0. + + ' + fragments: + - 1.1.0.yml + - 100-acme-account-external-account-binding.yml + - 102-acme-certificate-select-chain-first.yml + - 87-acme_inspect-python-3.5.yml + - 90-cryptography-oids.yml + - 90-openssl_certificate-pyopenssl-serial.yml + - 92-ip-networks.yml + - 92-openssl_csr-name-constraints.yml + - get_certificate-add_support_for_SNI.yml + - luks_device-add_encryption_option_on_create.yml + - openssh_cert-pkcs11.yml + modules: + - description: Sign data with openssl + name: openssl_signature + namespace: '' + - description: Verify signatures with openssl + name: openssl_signature_info + namespace: '' + release_date: '2020-08-18' diff --git a/changelogs/fragments/1.1.0.yml b/changelogs/fragments/1.1.0.yml deleted file mode 100644 index 983b8de6..00000000 --- a/changelogs/fragments/1.1.0.yml +++ /dev/null @@ -1,2 +0,0 @@ -release_summary: | - Release for Ansible 2.10.0. diff --git a/changelogs/fragments/100-acme-account-external-account-binding.yml b/changelogs/fragments/100-acme-account-external-account-binding.yml deleted file mode 100644 index 3310fcb9..00000000 --- a/changelogs/fragments/100-acme-account-external-account-binding.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- "acme_account - add ``external_account_binding`` option to allow creation of ACME accounts with External Account Binding (https://github.com/ansible-collections/community.crypto/issues/89)." diff --git a/changelogs/fragments/102-acme-certificate-select-chain-first.yml b/changelogs/fragments/102-acme-certificate-select-chain-first.yml deleted file mode 100644 index 208142f8..00000000 --- a/changelogs/fragments/102-acme-certificate-select-chain-first.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- "acme_certificate - allow new selector ``test_certificates: first`` for ``select_chain`` parameter (https://github.com/ansible-collections/community.crypto/pull/102)." diff --git a/changelogs/fragments/87-acme_inspect-python-3.5.yml b/changelogs/fragments/87-acme_inspect-python-3.5.yml deleted file mode 100644 index 73ee702e..00000000 --- a/changelogs/fragments/87-acme_inspect-python-3.5.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- "acme_inspect - fix problem with Python 3.5 that JSON was not decoded (https://github.com/ansible-collections/community.crypto/issues/86)." diff --git a/changelogs/fragments/90-cryptography-oids.yml b/changelogs/fragments/90-cryptography-oids.yml deleted file mode 100644 index c6301a9c..00000000 --- a/changelogs/fragments/90-cryptography-oids.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- "cryptography backends - support arbitrary dotted OIDs (https://github.com/ansible-collections/community.crypto/issues/39)." diff --git a/changelogs/fragments/90-openssl_certificate-pyopenssl-serial.yml b/changelogs/fragments/90-openssl_certificate-pyopenssl-serial.yml deleted file mode 100644 index d684a122..00000000 --- a/changelogs/fragments/90-openssl_certificate-pyopenssl-serial.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: -- "openssl_certificate - the PyOpenSSL backend now uses 160 bits of randomness for serial numbers, instead of a random number between 1000 and 99999. Please note that this is not a high quality random number (https://github.com/ansible-collections/community.crypto/issues/76)." diff --git a/changelogs/fragments/92-ip-networks.yml b/changelogs/fragments/92-ip-networks.yml deleted file mode 100644 index 64594ab8..00000000 --- a/changelogs/fragments/92-ip-networks.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- "openssl_*, x509_* modules - fix handling of general names which refer to IP networks and not IP addresses (https://github.com/ansible-collections/community.crypto/pull/92)." diff --git a/changelogs/fragments/92-openssl_csr-name-constraints.yml b/changelogs/fragments/92-openssl_csr-name-constraints.yml deleted file mode 100644 index f0d64f9a..00000000 --- a/changelogs/fragments/92-openssl_csr-name-constraints.yml +++ /dev/null @@ -1,3 +0,0 @@ -minor_changes: -- "openssl_csr - add support for name constraints extension (https://github.com/ansible-collections/community.crypto/issues/46)." -- "openssl_csr_info - add support for name constraints extension (https://github.com/ansible-collections/community.crypto/issues/46)." diff --git a/changelogs/fragments/get_certificate-add_support_for_SNI.yml b/changelogs/fragments/get_certificate-add_support_for_SNI.yml deleted file mode 100644 index 8d80ba04..00000000 --- a/changelogs/fragments/get_certificate-add_support_for_SNI.yml +++ /dev/null @@ -1,4 +0,0 @@ -minor_changes: - - get_certificate - add support for SNI (https://github.com/ansible-collections/community.crypto/issues/69). -bugfixes: - - get_certificate - fix ``ca_cert`` option handling when ``proxy_host`` is used (https://github.com/ansible-collections/community.crypto/pull/84). diff --git a/changelogs/fragments/luks_device-add_encryption_option_on_create.yml b/changelogs/fragments/luks_device-add_encryption_option_on_create.yml deleted file mode 100644 index 0e844753..00000000 --- a/changelogs/fragments/luks_device-add_encryption_option_on_create.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - "luks_device - add support for encryption options on container creation (https://github.com/ansible-collections/community.crypto/pull/97)." diff --git a/changelogs/fragments/openssh_cert-pkcs11.yml b/changelogs/fragments/openssh_cert-pkcs11.yml deleted file mode 100644 index d4f5d7a6..00000000 --- a/changelogs/fragments/openssh_cert-pkcs11.yml +++ /dev/null @@ -1,2 +0,0 @@ -minor_changes: - - "openssh_cert - add support for PKCS#11 tokens (https://github.com/ansible-collections/community.crypto/pull/95)."