e6a0d2884a
Release 2.12.0.
2023-04-16 19:48:15 +02:00
0be88ab458
Prepare 2.12.0 release.
2023-04-16 13:36:59 +02:00
30756b12ea
Add asn1_base64 option. ( #592 )
2023-04-16 13:34:45 +02:00
50a26191ea
Release 2.11.1.
2023-03-24 07:19:51 +01:00
a28b02b0ac
Prepare 2.11.1 release.
2023-03-23 21:27:44 +01:00
d4509bce5f
Release 2.11.0.
2023-02-23 09:28:13 +01:00
ced0e30506
EL9 - Retrieve python3-pyOpenSSL from epel ( #575 )
...
* EL9 - pull python3-pyOpenSSL from epel
* Incorporate bindep changes from felixfontein
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add changelog fragment for PR #575
* Update changelog fragment.
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
2023-02-22 23:16:26 +01:00
65d1881f12
Prepare 2.11.0 release.
2023-02-10 21:02:11 +01:00
b000491514
Support Custom Cipher Selection ( #571 )
...
* Enable custom cipher selection for get_certificate
* get_certificate ciphers desc grammar fix
Co-authored-by: Felix Fontein <felix@fontein.de>
* get_certificate ciphers desc grammar fix
Co-authored-by: Felix Fontein <felix@fontein.de>
* get_certificate ciphers include version_added
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add changelog fragment
* Fail if ciphers is set and Python < 2.7.9
* Standardize ciphers conditionals in get_certificate
Co-authored-by: Felix Fontein <felix@fontein.de>
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
2023-02-10 21:01:13 +01:00
70c4585b88
Fix deprecation handling. ( #572 )
2023-02-09 15:36:23 +01:00
aea3713484
Remove unneccessary imports ( #569 )
...
* Remove unneccessary imports.
* Add noqas.
* Add comment which name is actually ignored.
2023-02-09 11:57:54 +01:00
b19c83578d
Release 2.10.0.
2023-01-02 19:54:30 +01:00
ddfb18b609
openssl_csr: fix bad tests, avoid accepting invalid crl_distribution_points records ( #560 )
...
* Improve error handling.
* Remove invalid tests.
* Add changelog fragment.
* Fix tests.
* Improve exception catching.
Co-authored-by: Kristian Heljas <11139388+kristianheljas@users.noreply.github.com>
* Prevent empty full_name.
* Fix condition. Make sure errors are caught.
* Add more checks.
Co-authored-by: Kristian Heljas <11139388+kristianheljas@users.noreply.github.com>
2023-01-02 14:52:59 +00:00
095434a4c1
Prepare 2.10.0 release.
2022-12-31 18:05:12 +01:00
5d24d04adf
Fix crash when public key cannot be parsed. ( #551 )
2022-12-28 18:28:50 +01:00
e1e5dfccc1
Release 2.9.0.
2022-11-27 18:15:33 +01:00
f853108d69
Prepare 2.9.0 release.
2022-11-17 12:43:40 +01:00
2a746115ca
fix #529 issuer_uri in x509_certificate_info ( #530 )
...
The issuer_uri is retrieved from the Authority Information Access field the same way as the OCSP responder URI is.
Handling is exactly the same since they reside in the same OID space and have the same data type.
Tests have also been added based on the integration test certificates.
Signed-off-by: benaryorg <binary@benary.org>
Signed-off-by: benaryorg <binary@benary.org>
2022-11-17 12:40:44 +01:00
42e27a360d
Release 2.8.1
2022-11-06 22:02:07 +01:00
95b9df187f
Prepare 2.8.1 release.
2022-11-06 21:13:02 +01:00
68b7c0d38c
Release 2.8.0.
2022-11-02 12:56:08 +01:00
9ba0e25bfe
Handle new nonce call more gracefully when it does not return nonce. ( #525 )
2022-11-02 08:32:01 +00:00
9a64347ea6
Prepare 2.8.0 release.
2022-11-01 19:52:23 +01:00
e4e2b804bc
Allow to configure encryption level. ( #523 )
2022-11-01 19:51:28 +01:00
4533b3e934
Include symbolic HTTP status codes in error and log messages when available. ( #524 )
2022-10-31 21:33:27 +01:00
a5c43c26f3
Release 2.7.1.
2022-10-17 22:24:20 +02:00
82aa1480af
Prepare 2.7.1 release.
2022-10-17 21:41:04 +02:00
516be406e0
Improve import error handling for ACME modules ( #519 )
...
* Improve import error handling for ACME modules
* Update plugins/module_utils/acme/acme.py
Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
2022-10-17 21:38:54 +02:00
18502d5250
Release 2.7.0.
2022-09-23 07:40:12 +02:00
b3f589df62
Action plugin support code: ensure compatibility with newer versions of ansible-core ( #515 )
...
* Only access C.STRING_CONVERSION_ACTION for old ansible-base / Ansible versions.
* Always use self.__xxx instead of xxx directly.
2022-09-23 07:02:46 +02:00
8ebf1279f9
Prepare 2.7.0 release.
2022-09-23 06:48:26 +02:00
c24e5c63e8
acme modules: also support 503 for retries ( #513 )
...
* Also support 503 for retries.
* Forgot to adjust status code comparison.
* Also support 408.
2022-09-21 13:50:26 +02:00
ed52123206
Release 2.6.0.
2022-09-19 20:46:26 +02:00
d10bcd3d6c
Fix fragment.
2022-09-19 20:46:13 +02:00
45e81a1b0c
Prepare 2.6.0 release.
2022-09-19 20:11:29 +02:00
a0d862e1f1
Support 429 Too Many Requests for acme module_utils. ( #508 )
2022-09-19 20:10:03 +02:00
1dcc135da5
feat: add private_key_format choices for openssh_keypair ( #511 )
...
* feat: add private_key_format choices for openssh_keypair
* chore: add changelog fragment
2022-09-18 20:10:29 -04:00
95626abdd3
Make mostly reuse conformant ( #502 )
...
* Add .license files.
* Update README.
* Normalize licenses test.
* Add reuse GHA.
* Add blanket rule for changelog fragments.
* Add .license file for vendored third-party certificates.
* Fix workflow's permissions.
* Revert "Add .license file for vendored third-party certificates."
This reverts commit 35e106867c
2022-09-13 19:13:04 +00:00
4428daa411
Release 2.5.0.
2022-08-04 23:06:49 +02:00
f821fa0f2d
Prepare 2.5.0 release.
2022-08-04 22:47:16 +02:00
6bf3ef47e1
Move licenses to LICENSES/, use SPDX-License-Identifier, mention all licenses in galaxy.yml ( #491 )
...
* Add SPDX license identifiers, mention all licenses in galaxy.yml.
* Add default copyright headers.
* Add headers for documents.
* Fix/add more copyright statements.
* Add copyright / license info for vendored code.
* Add extra sanity test.
* Add changelog fragment.
* Comment PSF-2.0 license out in galaxy.yml for now.
* Remove colon after 'Copyright'.
* Avoid colon after 'Copyright' in lint script.
* Mention correct filename.
* Add BSD-3-Clause.
* Improve lint script.
* Update README.
* Symlinks...
2022-07-21 07:27:26 +02:00
4dcbbfba5b
Release 2.4.0.
2022-07-09 13:20:28 +02:00
036c4c8e6f
Prepare 2.4.0.
2022-07-09 13:19:48 +02:00
9ed4526fee
openssl_pkcs12: fix crash when trying to get non-existing other certificates ( #487 )
...
* Fix crash when trying to get non-existing other certificates.
* Add test.
2022-07-07 22:30:22 +02:00
d60d3fe1cb
Revert "Revert "Revert "Revert "Revert "Revert "Deprecate Ansible 2.9 and ansible-base 2.10 support. ( #460 )""""""
...
This reverts commit 4a1842c004
2022-06-21 12:21:46 +02:00
a554a588c9
Release 2.3.4.
2022-06-21 12:11:22 +02:00
4a1842c004
Revert "Revert "Revert "Revert "Revert "Deprecate Ansible 2.9 and ansible-base 2.10 support. ( #460 )"""""
...
This reverts commit 39ec208171
2022-06-21 12:09:00 +02:00
39ec208171
Revert "Revert "Revert "Revert "Deprecate Ansible 2.9 and ansible-base 2.10 support. ( #460 )""""
...
This reverts commit f5ccc1516b
2022-06-17 09:26:38 +02:00
5af4a16e57
Release 2.3.3.
2022-06-17 08:25:13 +02:00
fc07de73e3
Prepare 2.3.3 release.
2022-06-17 08:24:47 +02:00
f5ccc1516b
Revert "Revert "Revert "Deprecate Ansible 2.9 and ansible-base 2.10 support. ( #460 )"""
...
(So we can do yet another bugfix release.)
This reverts commit cb77d81f8d
2022-06-17 08:24:03 +02:00
de0ec1f739
Add Apache 2.0 license; simplify and standardize license headers ( #478 )
...
* Add Apache 2.0 license for Apache 2.0 licensed parts.
* Unify license headers.
* Move additional licenses to licenses/.
* Revert "Move additional licenses to licenses/."
This reverts commit c12b22de1c
2022-06-17 08:20:40 +02:00
b29f238083
Fix ValueError: excluded_subtrees must be a non-empty list or None ( #481 )
2022-06-17 07:53:07 +02:00
2941bb9bb8
Prepare 2.4.0 release.
2022-06-15 22:16:49 +02:00
297b44f24b
x509_crl: do not crash when signing with Ed25519 or Ed448 ( #475 )
...
* Do not crash when signing with Ed25519 or Ed448.
* Forgot replace.
2022-06-15 22:06:40 +02:00
cb77d81f8d
Revert "Revert "Deprecate Ansible 2.9 and ansible-base 2.10 support. ( #460 )""
...
This reverts commit 798d12b499
2022-06-02 12:52:58 +02:00
9289ce8534
Release 2.3.2.
2022-06-02 12:28:12 +02:00
798d12b499
Revert "Deprecate Ansible 2.9 and ansible-base 2.10 support. ( #460 )"
...
(This is so we can do a bugfix release now. Deprecations are not alloewd in bugfix releases.)
This reverts commit 74960eaeac
2022-06-02 07:49:28 +02:00
5146760def
Adjust release summary, since there are other fragments.
2022-06-02 07:49:16 +02:00
48649d50b5
Prepare 2.3.2 release.
2022-06-02 07:46:42 +02:00
ccd66419f4
Add simplified_bsd.txt license file ( #467 )
...
* Add simplified_bsd.txt and adjust references.
* Add changelog.
2022-06-02 07:45:50 +02:00
74960eaeac
Deprecate Ansible 2.9 and ansible-base 2.10 support. ( #460 )
2022-05-20 14:45:56 +02:00
c49102d688
certificate_complete_chain: do not stop execution on unsupported algorithm ( #457 )
...
* Do not stop execution on unsupported algorithm.
* Fix typo.
2022-05-20 07:22:35 +02:00
ffc0ab2d40
Release 2.3.1.
2022-05-16 12:27:29 +02:00
5664bfe4b6
Add PSF-license.txt file. ( #453 )
2022-05-16 07:40:04 +02:00
4074ff4132
Prepare 2.3.1 release.
2022-05-16 07:13:15 +02:00
5641e2ac9b
Release 2.3.0.
2022-05-09 20:53:39 +02:00
4cf951596f
Improve handling of IDNA/Unicode domains ( #436 )
...
* Prepare IDNA/Unicode conversion code. Use to normalize input.
* Use IDNA library first (IDNA2008) and Python's IDNA2003 implementation as a fallback.
* Make sure idna is installed.
* Add changelog fragment.
* 'punycode' → 'idna'.
* Add name_encoding options and tests.
* Avoid invalid character for IDNA2008.
* Linting.
* Forgot to upate value.
* Work around cryptography bug. Fix port handling for URIs.
* Forgot other place sensitive to cryptography bug.
* Forgot one. (Will likely still fail.)
* Decode IDNA in _compress_entry() to avoid comparison screw-ups.
* Work around Python 3.5 problem in Ansible 2.9's default test container.
* Update changelog fragment.
* Fix error, add tests.
* Python 2 compatibility.
* Update requirements.
2022-05-09 19:57:14 +02:00
90efcc1ca7
Add privatekey_content option. ( #452 )
2022-05-09 19:56:08 +02:00
43665a3892
Prepare 2.3.0 release.
2022-05-03 19:24:20 +02:00
640bdbc066
Add EE support ( #440 )
...
* Add EE files.
* Install cryptography and PyOpenSSL from PyPi.
* Revert "Install cryptography and PyOpenSSL from PyPi."
This reverts commit 6b90a1efae
2022-05-03 19:22:55 +02:00
c16d9f78b8
Make request timeout configurable for all acme modules ( #448 )
...
* Make request timeout configurable for all acme modules
Fixes #447 .
* Log change made in #448
2022-05-03 17:29:38 +02:00
91f192ce5b
Fix main for new cryptography 37.0.0 release ( #445 )
...
* Fix empty check for openssl_pkcs12 tests.
* Remove unnecessary imports.
* Prevent crash if PyOpenSSL cannot be imported because of an AttributeError.
* Add changelog fragment.
* Fix constraints file.
* Use Python 2.7 instead of 3.5 for 2.9 cloud tests (pip module is broken).
* Prevent upgrading cryptography on ansible-core 2.12's default container with Python 3.9.
2022-04-26 22:18:37 +02:00
9d03178b00
Fix crash in x509_crl when certificate issuer is specified ( #441 )
...
* Fix x509_crl certificate issuer issue.
* Add tests.
* Add changelog fragment.
2022-04-18 08:17:27 +02:00
041fff5057
Add persistent and perf options to the luks_device ( #434 )
...
Read and write work queue significantly degrades performance on
SSD/NVME devices[1].
In Debian 11 crypttab does not support no-read-workqueue and
no-write-workqueue flags, so the persistent flag is workaround: once
opened with perf parameters persists forever.
[1] https://blog.cloudflare.com/speeding-up-linux-disk-encryption/
Signed-off-by: Yauhen Artsiukhou <jsirex@gmail.com>
2022-04-10 14:30:10 +02:00
025091c3fb
Release 2.2.4
2022-03-22 13:17:36 +01:00
b0cede8231
Prepare 2.2.4 release.
2022-03-22 07:31:54 +01:00
033bab7db1
openssh_* - catch and report top-level exceptions via `fail_json` ( #417 )
...
* ensure exceptions are properly reported
* adding changelog fragment
* applying review suggestions
* typo
* adding back exception msg
2022-03-08 13:23:09 +01:00
f82dcbea21
Release 2.2.3.
2022-03-04 07:38:44 +01:00
67f511b5ad
Prepare 2.2.3 release.
2022-03-03 21:18:07 +01:00
0d4b3ed991
Fix parsing of lsblk output. ( #410 )
2022-03-02 13:48:38 +01:00
b952b103e2
Releasing 2.2.2.
2022-02-21 22:11:55 +01:00
c85659ebfc
Prepare 2.2.2 release.
2022-02-19 18:55:41 +01:00
28729657ac
x509_certificate: check existing certificate's signature for selfsigned and ownca provider ( #407 )
...
* Verify whether signature matches.
* Add changelog fragment.
* Forgot imports.
* Fix wrong name.
* Check whether the CA private key fits to the CA certificate. Use correct key in tests.
* Refactor code.
2022-02-16 07:38:11 +01:00
3ebc132c03
Regenerate certificate on CA's subject change. ( #402 )
2022-02-14 18:04:29 +01:00
11a14543c8
certificate_complete_chain: handle duplicate intermediate subjects ( #403 )
...
* Allow multiple intermediate CAs to have same subject.
* Add tests.
* Fix test name.
* Don't use CN for SAN.
* Make a bit more compatible.
* Include jinja2 compat for CentOS 6.
2022-02-14 13:29:19 +01:00
8a74b3e259
Release 2.2.1.
2022-02-05 21:28:47 +01:00
a9fcd584e9
Prepare 2.2.1 release.
2022-02-05 20:18:32 +01:00
a307618872
openssh_cert - fix full_idempotence for host certificates ( #396 )
...
* fixing host cert idempotence
* adding changelog fragment
2022-02-04 20:53:50 +01:00
90da233341
Release 2.2.0.
2022-02-01 05:49:27 +01:00
9faed1dad0
Prepare 2.2.0 release.
2022-01-31 06:02:48 +01:00
ea2e45d63f
Set LANG and similar env variables to prevent translated cryptsetup output. ( #388 )
2022-01-30 21:30:56 +01:00
b339e71973
Added 'ignore_timestamps' parameter ( #381 )
...
* Added 'ignore_timestamps' parameter
* Update plugins/modules/openssh_cert.py
Co-authored-by: Andrew Pantuso <ajpantuso@gmail.com>
* Update plugins/modules/openssh_cert.py
Co-authored-by: Andrew Pantuso <ajpantuso@gmail.com>
* Update plugins/modules/openssh_cert.py
Co-authored-by: Andrew Pantuso <ajpantuso@gmail.com>
* Added fragment
* Update plugins/modules/openssh_cert.py
Co-authored-by: Andrew Pantuso <ajpantuso@gmail.com>
* added ignore_timestamps to example
* corrected styling
* fixed styling (again)
* Update changelogs/fragments/381_openssh_cert_add_ignore_timestamps.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* splitted description as suggested by felixfontein
* fixed linebreak
* Mentioned ignore_timestamps in regenerate
Co-authored-by: Andrew Pantuso <ajpantuso@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
2022-01-20 16:15:50 +01:00
950d1d072f
Release 2.1.0.
2022-01-10 22:48:03 +01:00
cb14e73c61
Prepare 2.1.0 release.
2022-01-10 21:03:19 +01:00
62272296da
Small docs improvements ( #374 )
...
* Small improvements.
* Document behavior changes.
2022-01-10 12:05:09 +00:00
46f39efc43
Use vendored copy of distutils.version. ( #369 )
2022-01-05 21:30:11 +01:00
6ee238d961
certificate_complete_chain: avoid infinite loops, and double roots when root certificate was already part of chain ( #360 )
...
* Avoid infinite loops, and double roots when root certificate was already part of chain.
* Refactor tests for readability.
2022-01-04 07:00:09 +01:00
a539cd6939
Prepare for distutils.version being removed in Python 3.12 ( #353 )
...
* Prepare for distutils.version being removed in Python 2.12.
* Fix copy'n'paste error.
* Re-add Loose prefix.
* Fix Python version typo.
* Improve formulation.
* Move message into own line.
* Fix casing, now that the object is no longer called Version.
2021-12-24 11:28:14 +01:00
605cf2631e
Release 2.0.2.
2021-12-20 20:20:32 +01:00
Felix Fontein
Austin Lane
dlehrman
Katze
Andrew Pantuso
Songmin Li
Jonas Verhofsté
Yauhen
JochenKorge