-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathChangeLog
169 lines (153 loc) · 7.14 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
Release 0.4.1:
* additional debugging in payload.c
* spurious proxy authentication failure message in proxy.c remvoved
Release 0.4.0:
* added test targets in the scep/Makefile so that testing the
various version 2 cases becomes simpler
* added configure code to also detect the correct paths for the
openssl, ldapsearch and ldapmodify binaries
* added file pending which contains all the functions needed to
create pending requests read for the scepgrant script to sign
* added file transcheck, which simplifies the checks for the state of
a transaction
* modified the scepgrant script to be able to also grant certificates
for Netscape SPKAC requests
* added an Object identifier for the ProxyAuthenticator attribute
* made sure scepldap functions can work without a crash if no ldap
is available (must still ensure certificate can be found from the
file system in those cases)
* added file proxy.c with function proxy_check for community
string verification in proxy requests
* added the proxycommunity configuration variable to the scepd section
* added two new request types 17: variable payload pkcsreq and
18 proxyrequest
* rewrote {d2i,i2d}_PKCS7_ISSUER_AND_SERIAL_bio as macros as all
the other such functions in OpenSSL are
* made configre detect the location of mv, and made sure the scripts
that grant or reject a request use the path thus found and don't
rely an mv being on the PATH (which happens not to be the case
for certain CGI environments)
* fix some format errors in scepd.c
* fix some warnings
Release 0.3.10:
* fixed a documentation bug: download directory link was wrong, and
a disclaimer about binary packages needed to be added.
Release 0.3.9:
* fixed some installation problems with file owner and group owner
(forgot to do it right in 0.3.8).
Release 0.3.8:
* added info about mailinglist to the documentation
* modified the logic to change the installation directory so that
it actually works :-(
* make finger print checking optional (suggested by Udo Woehler), there
is a new configuration variable in openscep.cnf to handle this
* make finger print comparision case insensitive (problem pointed
out by Ives Steglich)
* Fix PATH in scepgrant, did not include /bin, which is essential
on Linux
* Added a check for the altzone variable that must be set on solaris
to get correct timestamps.
* Added patches by Peter Onion to make OpenSCEP interwork with the
UniCERT CA.
Release 0.3.7:
* add the possibility in scep.c to write the request data to a
file for easier debugging
* fix nested extern in sceplist.c:103, and some minor warnings
in cafingerprint.c
* fix a missing include in init.c (pointed out by Peter Onion and
Ueli Rutishauser)
* fix a byte order problem in http.c (pointed out by Ueli Rutishauser)
* updated documentation to new version of the SCEP draft
* beefed up derdump so that it is also capable of decoding PEM data
Release 0.3.6:
* added document about revocation authorization
* add a check in the revocation CGI program that checks for a user
name, and only accepts unauthenticated revocations from a list
of users
* update the README for release 0.3.6
* fix copyright on some dynamic pages
Release 0.3.5:
* add cafinerprint to all scripts to include CA fingerprint as
reminder on dynamic pages
* add a cafingerprint program to enable display of CA key identifier
on dynamic pages, includes manual pages in nroff and HTML form
* fix a HTML bug in title.html
* added an option to sceplist to display the date in human
readable form instead of standard ASN1 format
* incorrect link in welcome.html.in
* Keep button did not belong to the same radio group, due to a
missing $transid in the pending.pl script
Release 0.3.4:
* the request script was essentially nonfunctional
* pkiclient.exe script did not define scepconf -> core dump
* add.pl had syntax error
* request script for package installation had incorrect logic
causing an infinite loop
* postinstall script should edit user and group in openscepsetup
script
Release 0.3.3:
* modify the documentation to point out that the path to the
openssl binary must no be configured in the openscep binary
* make the path to the openssl binary a configurable option
in the openscep configuration file
* fix two typos in the request script for the package installation
* fix the file scepxid.1.html missing from the Solaris package
Release 0.3.2:
* allow the package installation to request the user/group of
the CA directories from the administrator installing the package
* improved logging, fixed the log.pl CGI program to get the
location of the log file from the configuration file
* scepd had insecure umask, bad for a CGI program
* add information about the /var/tmp/openscep directory for
debugging, also added the directory to the Solaris package
* make sure the openscep conf directory has the sticky bit set
in the package installation
* fix a typo in the sunfreeware link in welcome.html.in
* point out that the package is not usable on non UltraSPARC
systems, due to instruction set incompatiblities; problem
located in openssl libraries, not OpenSCEP. Will be better
as soon as OpenSSL can be built with shared libraries.
Release 0.3.1:
* package install was not quite perfect: many files were missing
that are needed for a successful install
* modified install of package to include openscep.cnf.dist
and openscepsetup to build a default configuration file from
the distribution
* added manual pages for scepxid, createcrl, updatecrl
* added package build for OpenSCEP. The package installs in
/usr/local, and assumes quite a few things about the location
of perl, openssl and the ldap libraries. If these packages
were installed with defaults, there will be no problem.
* renamed the casetup.sh script to openscepsetup, which makes
a name clash less likely, dito for transid -> sceptransid,
dn2transid -> dn2xid
* added target attributes to external links on welcome page, fixed
some typos
* add a link to the license on the welcome page
Release 0.3.0:
* added the sceplist program, which can be used by CGI programs
create lists of granted or rejected certificates
* added three new menu items to list granted, rejected and
revoked certificates
* reverted certificate revokation to store the revoked certificates
in a revoked directory, because otherwise sceplist does not
know whether the item to read is a request or a certificate
* make sure HTML directories are created before documentation
is installed there
* include an LDIF to build the base nodes in the directory
in the distribution
* make sure the pkiclient programm is installed in the configured
path, update documentation accordingly
* let configure figure out the path to perl and include it in
the CGI programs
Release 0.2.2:
* dn2transid was missing the string.h header
Release 0.2.1:
* file scepclient.in was missing in the distribution
* badreply.c contained a lot of obsolete code, now handled by
encode
Release 0.2:
* first public release, do you really want to know what I did
to get to this point?
--
$Id: ChangeLog,v 1.29 2002/02/24 21:40:01 afm Exp $