Compare commits
10 Commits
3b379cad55
...
2f92285054
Author | SHA1 | Date |
---|---|---|
Stephen Gallagher | 2f92285054 | |
Stephen Gallagher | 34be907513 | |
Stephen Gallagher | 7f6afd68f8 | |
Stephen Gallagher | 29dbec123b | |
Mohan Boddu | b40aa7ee5c | |
Stephen Gallagher | a3ce8bd969 | |
Stephen Gallagher | 0d91054d47 | |
Mohan Boddu | 2bd8fafbbc | |
Stephen Gallagher | 2db8955928 | |
Branislav Náter | 516bc844e5 |
|
@ -22,3 +22,4 @@
|
||||||
/sscg-2.6.0.tar.xz
|
/sscg-2.6.0.tar.xz
|
||||||
/sscg-2.6.1.tar.xz
|
/sscg-2.6.1.tar.xz
|
||||||
/sscg-2.6.2.tar.xz
|
/sscg-2.6.2.tar.xz
|
||||||
|
/sscg-3.0.0.tar.xz
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
81e3b33e118edff96583314ceb4bfde9a1e6b45c sscg-3.0.0.tar.xz
|
|
@ -0,0 +1,34 @@
|
||||||
|
From d2277e711bb16e3b98f43565e71b7865b5fed423 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Stephen Gallagher <sgallagh@redhat.com>
|
||||||
|
Date: Sat, 7 Aug 2021 11:48:04 -0400
|
||||||
|
Subject: [PATCH 1/2] Drop usage of ERR_GET_FUNC()
|
||||||
|
|
||||||
|
This macro was dropped in OpenSSL 3.0 and has actually not been
|
||||||
|
providing a valid return code for some time.
|
||||||
|
|
||||||
|
Related: rhbz#1964837
|
||||||
|
|
||||||
|
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
|
||||||
|
---
|
||||||
|
include/sscg.h | 1 -
|
||||||
|
1 file changed, 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/include/sscg.h b/include/sscg.h
|
||||||
|
index faf86ba4f68e186bd35c7bc3ec77b98b8e37d253..851dc93175607e5223a70ef40a5feb24b7b69215 100644
|
||||||
|
--- a/include/sscg.h
|
||||||
|
+++ b/include/sscg.h
|
||||||
|
@@ -94,11 +94,10 @@
|
||||||
|
if (_sslret != 1) \
|
||||||
|
{ \
|
||||||
|
/* Get information about error from OpenSSL */ \
|
||||||
|
unsigned long _ssl_error = ERR_get_error (); \
|
||||||
|
if ((ERR_GET_LIB (_ssl_error) == ERR_LIB_UI) && \
|
||||||
|
- (ERR_GET_FUNC (_ssl_error) == UI_F_UI_SET_RESULT_EX) && \
|
||||||
|
((ERR_GET_REASON (_ssl_error) == UI_R_RESULT_TOO_LARGE) || \
|
||||||
|
(ERR_GET_REASON (_ssl_error) == UI_R_RESULT_TOO_SMALL))) \
|
||||||
|
{ \
|
||||||
|
fprintf ( \
|
||||||
|
stderr, \
|
||||||
|
--
|
||||||
|
2.33.0
|
||||||
|
|
|
@ -0,0 +1,46 @@
|
||||||
|
From 87604820a935f87a8f533e3f294419d27c0514eb Mon Sep 17 00:00:00 2001
|
||||||
|
From: Allison Karlitskaya <allison.karlitskaya@redhat.com>
|
||||||
|
Date: Tue, 26 Oct 2021 12:32:13 +0200
|
||||||
|
Subject: [PATCH 2/2] Correct certificate lifetime calculation
|
||||||
|
|
||||||
|
sscg allows passing the certificate lifetime, as a number of days, as a
|
||||||
|
commandline argument. It converts this value to seconds using the
|
||||||
|
formula
|
||||||
|
|
||||||
|
days * 24 * 3650
|
||||||
|
|
||||||
|
which is incorrect. The correct value is 3600.
|
||||||
|
|
||||||
|
This effectively adds an extra 20 minutes to the lifetime of the
|
||||||
|
certificate for each day as given on the commandline, and was enough to
|
||||||
|
cause some new integration tests in cockpit to fail.
|
||||||
|
|
||||||
|
Interestingly, 3650 is the old default value for the number of days of
|
||||||
|
certificate validity (~10 years) so this probably slipped in as a sort
|
||||||
|
of muscle-memory-assisted typo.
|
||||||
|
|
||||||
|
Let's just write `24 * 60 * 60` to make things clear.
|
||||||
|
---
|
||||||
|
src/x509.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/x509.c b/src/x509.c
|
||||||
|
index dc1594a4bdcb9d81607f0fe5ad2d4562e5edb533..7c7e4dfe56d5756862f3e0f851941e846ce96f31 100644
|
||||||
|
--- a/src/x509.c
|
||||||
|
+++ b/src/x509.c
|
||||||
|
@@ -416,11 +416,11 @@ sscg_sign_x509_csr (TALLOC_CTX *mem_ctx,
|
||||||
|
X509_set_issuer_name (cert, X509_REQ_get_subject_name (csr));
|
||||||
|
}
|
||||||
|
|
||||||
|
/* set time */
|
||||||
|
X509_gmtime_adj (X509_get_notBefore (cert), 0);
|
||||||
|
- X509_gmtime_adj (X509_get_notAfter (cert), days * 24 * 3650);
|
||||||
|
+ X509_gmtime_adj (X509_get_notAfter (cert), days * 24 * 60 * 60);
|
||||||
|
|
||||||
|
/* set subject */
|
||||||
|
subject = X509_NAME_dup (X509_REQ_get_subject_name (csr));
|
||||||
|
sslret = X509_set_subject_name (cert, subject);
|
||||||
|
CHECK_SSL (sslret, X509_set_subject_name);
|
||||||
|
--
|
||||||
|
2.33.0
|
||||||
|
|
|
@ -0,0 +1,68 @@
|
||||||
|
From 0875cd6169e876c4296a307631d49b801fc686dc Mon Sep 17 00:00:00 2001
|
||||||
|
From: Stephen Gallagher <sgallagh@redhat.com>
|
||||||
|
Date: Tue, 8 Mar 2022 16:33:35 -0500
|
||||||
|
Subject: [PATCH] Truncate IP address in SAN
|
||||||
|
|
||||||
|
In OpenSSL 1.1, this was done automatically when addind a SAN extension,
|
||||||
|
but in OpenSSL 3.0 it is rejected as an invalid input.
|
||||||
|
|
||||||
|
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
|
||||||
|
---
|
||||||
|
src/x509.c | 15 ++++++++++++++-
|
||||||
|
1 file changed, 14 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/x509.c b/src/x509.c
|
||||||
|
index 7c7e4dfe56d5756862f3e0f851941e846ce96f31..e828ec725b23d7ea79393151e7bb436e2f61bdb8 100644
|
||||||
|
--- a/src/x509.c
|
||||||
|
+++ b/src/x509.c
|
||||||
|
@@ -131,10 +131,11 @@ sscg_x509v3_csr_new (TALLOC_CTX *mem_ctx,
|
||||||
|
size_t i;
|
||||||
|
X509_NAME *subject;
|
||||||
|
char *alt_name = NULL;
|
||||||
|
char *tmp = NULL;
|
||||||
|
char *san = NULL;
|
||||||
|
+ char *slash = NULL;
|
||||||
|
TALLOC_CTX *tmp_ctx;
|
||||||
|
X509_EXTENSION *ex = NULL;
|
||||||
|
struct sscg_x509_req *csr;
|
||||||
|
|
||||||
|
/* Make sure we have a key available */
|
||||||
|
@@ -265,10 +266,16 @@ sscg_x509v3_csr_new (TALLOC_CTX *mem_ctx,
|
||||||
|
tmp_ctx, "DNS:%s", certinfo->subject_alt_names[i]);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
san = talloc_strdup (tmp_ctx, certinfo->subject_alt_names[i]);
|
||||||
|
+ /* SAN IP addresses cannot include the subnet mask */
|
||||||
|
+ if ((slash = strchr (san, '/')))
|
||||||
|
+ {
|
||||||
|
+ /* Truncate at the slash */
|
||||||
|
+ *slash = '\0';
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
CHECK_MEM (san);
|
||||||
|
|
||||||
|
if (strnlen (san, MAXHOSTNAMELEN + 5) > MAXHOSTNAMELEN + 4)
|
||||||
|
{
|
||||||
|
@@ -287,11 +294,17 @@ sscg_x509v3_csr_new (TALLOC_CTX *mem_ctx,
|
||||||
|
alt_name = tmp;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
ex = X509V3_EXT_conf_nid (NULL, NULL, NID_subject_alt_name, alt_name);
|
||||||
|
- CHECK_MEM (ex);
|
||||||
|
+ if (!ex)
|
||||||
|
+ {
|
||||||
|
+ ret = EINVAL;
|
||||||
|
+ fprintf (stderr, "Invalid subjectAlternativeName: %s\n", alt_name);
|
||||||
|
+ goto done;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
sk_X509_EXTENSION_push (certinfo->extensions, ex);
|
||||||
|
|
||||||
|
/* Set the public key for the certificate */
|
||||||
|
sslret = X509_REQ_set_pubkey (csr->x509_req, spkey->evp_pkey);
|
||||||
|
CHECK_SSL (sslret, X509_REQ_set_pubkey (OU));
|
||||||
|
--
|
||||||
|
2.35.1
|
||||||
|
|
|
@ -0,0 +1,139 @@
|
||||||
|
From 282f819bc39c9557ee34f73c6f6623182f680792 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Stephen Gallagher <sgallagh@redhat.com>
|
||||||
|
Date: Wed, 16 Nov 2022 15:27:58 -0500
|
||||||
|
Subject: [PATCH] dhparams: don't fail if default file can't be created
|
||||||
|
|
||||||
|
Resolves: rhbz#2143206
|
||||||
|
|
||||||
|
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
|
||||||
|
---
|
||||||
|
src/arguments.c | 1 -
|
||||||
|
src/io_utils.c | 12 +++++++++++
|
||||||
|
src/sscg.c | 55 +++++++++++++++++++++++++++++++++----------------
|
||||||
|
3 files changed, 49 insertions(+), 19 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/arguments.c b/src/arguments.c
|
||||||
|
index 7b9da14a732875b0f33a12e22a97d51a78216839..770d834aacc05d6d92cc0c855852eadb88f8c9bc 100644
|
||||||
|
--- a/src/arguments.c
|
||||||
|
+++ b/src/arguments.c
|
||||||
|
@@ -69,7 +69,6 @@ set_default_options (struct sscg_options *opts)
|
||||||
|
|
||||||
|
opts->lifetime = 398;
|
||||||
|
|
||||||
|
- opts->dhparams_file = talloc_strdup (opts, "dhparams.pem");
|
||||||
|
opts->dhparams_group = talloc_strdup (opts, "ffdhe4096");
|
||||||
|
opts->dhparams_generator = 2;
|
||||||
|
|
||||||
|
diff --git a/src/io_utils.c b/src/io_utils.c
|
||||||
|
index 1b8bc41c3849acbe4657ae14dfe55e3010957129..5d34327bdbe450add5326ac20c337c9399b471dc 100644
|
||||||
|
--- a/src/io_utils.c
|
||||||
|
+++ b/src/io_utils.c
|
||||||
|
@@ -544,6 +544,18 @@ sscg_io_utils_open_output_files (struct sscg_stream **streams, bool overwrite)
|
||||||
|
{
|
||||||
|
SSCG_LOG (SSCG_DEBUG, "Opening %s\n", stream->path);
|
||||||
|
stream->bio = BIO_new_file (stream->path, create_mode);
|
||||||
|
+ if (!stream->bio)
|
||||||
|
+ {
|
||||||
|
+ fprintf (stderr,
|
||||||
|
+ "Could not write to %s. Check directory permissions.\n",
|
||||||
|
+ stream->path);
|
||||||
|
+
|
||||||
|
+ /* The dhparams file is special, it will be handled later */
|
||||||
|
+ if (i != SSCG_FILE_TYPE_DHPARAMS)
|
||||||
|
+ {
|
||||||
|
+ continue;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
CHECK_BIO (stream->bio, stream->path);
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --git a/src/sscg.c b/src/sscg.c
|
||||||
|
index 1bf8019c2dda136abe56acd101dfe8ad0b3d725d..dcff4cd2b8dfd2e11c8612d36ecc94b175e9dc26 100644
|
||||||
|
--- a/src/sscg.c
|
||||||
|
+++ b/src/sscg.c
|
||||||
|
@@ -93,6 +93,7 @@ main (int argc, const char **argv)
|
||||||
|
int ret, sret;
|
||||||
|
struct sscg_options *options;
|
||||||
|
bool build_client_cert = false;
|
||||||
|
+ char *dhparams_file = NULL;
|
||||||
|
|
||||||
|
struct sscg_x509_cert *cacert;
|
||||||
|
struct sscg_evp_pkey *cakey;
|
||||||
|
@@ -182,9 +183,19 @@ main (int argc, const char **argv)
|
||||||
|
options->crl_mode);
|
||||||
|
CHECK_OK (ret);
|
||||||
|
|
||||||
|
+ if (options->dhparams_file)
|
||||||
|
+ {
|
||||||
|
+ dhparams_file = talloc_strdup (main_ctx, options->dhparams_file);
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ {
|
||||||
|
+ dhparams_file = talloc_strdup (main_ctx, "./dhparams.pem");
|
||||||
|
+ }
|
||||||
|
+ CHECK_MEM (dhparams_file);
|
||||||
|
+
|
||||||
|
ret = sscg_io_utils_add_output_file (options->streams,
|
||||||
|
SSCG_FILE_TYPE_DHPARAMS,
|
||||||
|
- options->dhparams_file,
|
||||||
|
+ dhparams_file,
|
||||||
|
options->dhparams_mode);
|
||||||
|
CHECK_OK (ret);
|
||||||
|
|
||||||
|
@@ -281,28 +292,36 @@ main (int argc, const char **argv)
|
||||||
|
|
||||||
|
|
||||||
|
/* Create DH parameters file */
|
||||||
|
- bp = GET_BIO (SSCG_FILE_TYPE_DHPARAMS);
|
||||||
|
- if (options->dhparams_prime_len > 0)
|
||||||
|
+ if ((bp = GET_BIO (SSCG_FILE_TYPE_DHPARAMS)))
|
||||||
|
{
|
||||||
|
- ret = create_dhparams (options->verbosity,
|
||||||
|
- options->dhparams_prime_len,
|
||||||
|
- options->dhparams_generator,
|
||||||
|
- &dhparams);
|
||||||
|
- CHECK_OK (ret);
|
||||||
|
+ if (options->dhparams_prime_len > 0)
|
||||||
|
+ {
|
||||||
|
+ ret = create_dhparams (options->verbosity,
|
||||||
|
+ options->dhparams_prime_len,
|
||||||
|
+ options->dhparams_generator,
|
||||||
|
+ &dhparams);
|
||||||
|
+ CHECK_OK (ret);
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ {
|
||||||
|
+ ret = get_params_by_named_group (options->dhparams_group, &dhparams);
|
||||||
|
+ CHECK_OK (ret);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ /* Export the DH parameters to the file */
|
||||||
|
+ sret = PEM_write_bio_Parameters (bp, dhparams);
|
||||||
|
+ CHECK_SSL (sret, PEM_write_bio_Parameters ());
|
||||||
|
+ ANNOUNCE_WRITE (SSCG_FILE_TYPE_DHPARAMS);
|
||||||
|
+ EVP_PKEY_free (dhparams);
|
||||||
|
}
|
||||||
|
- else
|
||||||
|
+ else if (options->dhparams_file)
|
||||||
|
{
|
||||||
|
- ret = get_params_by_named_group (options->dhparams_group, &dhparams);
|
||||||
|
- CHECK_OK (ret);
|
||||||
|
+ /* A filename was explicitly passed, but it couldn't be created */
|
||||||
|
+ ret = EPERM;
|
||||||
|
+ fprintf (stderr, "Could not write to %s: ", options->dhparams_file);
|
||||||
|
+ goto done;
|
||||||
|
}
|
||||||
|
|
||||||
|
- /* Export the DH parameters to the file */
|
||||||
|
- sret = PEM_write_bio_Parameters (bp, dhparams);
|
||||||
|
- CHECK_SSL (sret, PEM_write_bio_Parameters ());
|
||||||
|
- ANNOUNCE_WRITE (SSCG_FILE_TYPE_DHPARAMS);
|
||||||
|
- EVP_PKEY_free (dhparams);
|
||||||
|
-
|
||||||
|
-
|
||||||
|
/* Set the final file permissions */
|
||||||
|
sscg_io_utils_finalize_output_files (options->streams);
|
||||||
|
|
||||||
|
--
|
||||||
|
2.38.1
|
||||||
|
|
|
@ -0,0 +1,32 @@
|
||||||
|
From e65a507c487a37dd5a8c90b7dbd1ff3274146239 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Simon Chopin <simon.chopin@canonical.com>
|
||||||
|
Date: Mon, 13 Dec 2021 15:20:55 +0100
|
||||||
|
Subject: [PATCH 5/5] dhparams: Fix the FIPS_mode() call for OpenSSL 3.0
|
||||||
|
|
||||||
|
This function has been removed from OpenSSL 3.0, replaced by
|
||||||
|
EVP_default_properties_is_fips_enabled().
|
||||||
|
|
||||||
|
Closes #50
|
||||||
|
---
|
||||||
|
src/dhparams.c | 4 ++++
|
||||||
|
1 file changed, 4 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/dhparams.c b/src/dhparams.c
|
||||||
|
index 5c50128970d48790df910b9f9531e61e1d4c5758..61fd57aeedca47fba49f75d356cd5f42b9586696 100644
|
||||||
|
--- a/src/dhparams.c
|
||||||
|
+++ b/src/dhparams.c
|
||||||
|
@@ -231,7 +231,11 @@ is_valid_named_group (const char *group_name)
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Check non-FIPS groups */
|
||||||
|
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
|
||||||
|
if (!FIPS_mode ())
|
||||||
|
+#else
|
||||||
|
+ if (!EVP_default_properties_is_fips_enabled(NULL))
|
||||||
|
+#endif
|
||||||
|
{
|
||||||
|
i = 0;
|
||||||
|
while (dh_nonfips_groups[i])
|
||||||
|
--
|
||||||
|
2.31.1
|
||||||
|
|
|
@ -0,0 +1,9 @@
|
||||||
|
--- !Policy
|
||||||
|
product_versions:
|
||||||
|
- rhel-9
|
||||||
|
decision_context: osci_compose_gate
|
||||||
|
rules:
|
||||||
|
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}
|
||||||
|
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier2.functional}
|
||||||
|
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier3.functional}
|
||||||
|
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.acceptance-tier.functional}
|
2
sources
2
sources
|
@ -1 +1 @@
|
||||||
SHA512 (sscg-2.6.2.tar.xz) = 5e900b4bc52d867325db2bd3ad83c072b0dac14ffcb2bf5539ea7b3d1701384ab0428a342d99928ea29d1a6ddec81664eac4a1255cd2aee2ba37e3a8105f1467
|
SHA512 (sscg-3.0.0.tar.xz) = d5bbd14c102bb11b387b6018dced09b23b053498c60befd916aa142ece8240f443e364d9a578b6b5aa15c68cb943725ed96ef44cce77eb01013e464a6d4dc0f1
|
||||||
|
|
50
sscg.spec
50
sscg.spec
|
@ -8,8 +8,8 @@
|
||||||
|
|
||||||
|
|
||||||
Name: sscg
|
Name: sscg
|
||||||
Version: 2.6.2
|
Version: 3.0.0
|
||||||
Release: 6%{?dist}
|
Release: 7%{?dist}
|
||||||
Summary: Simple SSL certificate generator
|
Summary: Simple SSL certificate generator
|
||||||
|
|
||||||
License: GPLv3+ with exceptions
|
License: GPLv3+ with exceptions
|
||||||
|
@ -26,6 +26,12 @@ BuildRequires: ninja-build
|
||||||
BuildRequires: help2man
|
BuildRequires: help2man
|
||||||
|
|
||||||
|
|
||||||
|
Patch: 0001-Drop-usage-of-ERR_GET_FUNC.patch
|
||||||
|
Patch: 0002-Correct-certificate-lifetime-calculation.patch
|
||||||
|
Patch: 0003-Truncate-IP-address-in-SAN.patch
|
||||||
|
Patch: 0004-dhparams-don-t-fail-if-default-file-can-t-be-created.patch
|
||||||
|
Patch: 0005-dhparams-Fix-the-FIPS_mode-call-for-OpenSSL-3.0.patch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
A utility to aid in the creation of more secure "self-signed"
|
A utility to aid in the creation of more secure "self-signed"
|
||||||
certificates. The certificates created by this tool are generated in a
|
certificates. The certificates created by this tool are generated in a
|
||||||
|
@ -55,6 +61,45 @@ false signatures from the service certificate.
|
||||||
%{_mandir}/man8/%{name}.8*
|
%{_mandir}/man8/%{name}.8*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Dec 02 2022 Stephen Gallagher <sgallagh@redhat.com> - 3.0.0-6
|
||||||
|
- Use EVP_default_properties_is_fips_enabled() on OpenSSL 3.0
|
||||||
|
- Related: rhbz#2083879
|
||||||
|
|
||||||
|
* Mon Nov 28 2022 Stephen Gallagher <sgallagh@redhat.com> - 3.0.0-6
|
||||||
|
- Don't fail if default dhparams file can't be created
|
||||||
|
- Resolves: rhbz#2149064
|
||||||
|
|
||||||
|
* Wed Mar 09 2022 Stephen Gallagher <sgallagh@redhat.com> - 3.0.0-5
|
||||||
|
- Handle IP addresses in subjectAlternativeName correctly
|
||||||
|
- Resolves: rhbz#2061923
|
||||||
|
|
||||||
|
* Fri Oct 29 2021 Stephen Gallagher <sgallagh@redhat.com> - 3.0.0-4
|
||||||
|
- Correct certificate lifetime calculation
|
||||||
|
- Resolves: rhbz#2017667
|
||||||
|
|
||||||
|
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 3.0.0-3
|
||||||
|
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||||
|
Related: rhbz#1991688
|
||||||
|
|
||||||
|
* Sat Aug 07 2021 Stephen Gallagher <sgallagh@redhat.com> - 3.0.0-2
|
||||||
|
- Drop usage of removed macro ERR_GET_FUNC()
|
||||||
|
- Related: rhbz#1964837
|
||||||
|
|
||||||
|
* Wed Jul 21 2021 Stephen Gallagher <sgallagh@redhat.com> - 3.0.0-1
|
||||||
|
- Release 3.0.0
|
||||||
|
- Support for OpenSSL 3.0
|
||||||
|
- Support for outputting named Diffie-Hellman parameter groups
|
||||||
|
- Support for CentOS Stream 9
|
||||||
|
- Resolves: rhbz#1984468
|
||||||
|
|
||||||
|
* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.6.2-8
|
||||||
|
- Rebuilt for RHEL 9 BETA for openssl 3.0
|
||||||
|
Related: rhbz#1971065
|
||||||
|
|
||||||
|
* Wed May 26 2021 Stephen Gallagher <sgallagh@redhat.com> - 2.6.2-7
|
||||||
|
- OpenSSL 3.0 compatibility: fix RSA key-generation test
|
||||||
|
- Resolves: rhbz#1964837
|
||||||
|
|
||||||
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.6.2-6
|
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.6.2-6
|
||||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||||
|
|
||||||
|
@ -267,3 +312,4 @@ false signatures from the service certificate.
|
||||||
|
|
||||||
* Mon Mar 16 2015 Stephen Gallagher <sgallagh@redhat.com> 0.1-1
|
* Mon Mar 16 2015 Stephen Gallagher <sgallagh@redhat.com> 0.1-1
|
||||||
- First packaging
|
- First packaging
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue