-
-
Notifications
You must be signed in to change notification settings - Fork 20
/
Copy patheasytls-change.log
147 lines (135 loc) · 6.21 KB
/
easytls-change.log
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
https://github.com/TinCanTech/easy-tls
Change log:
Version 2.8.0
* TBD
Remove 'remove-metadata'
Commit c2a17fe2035b2136fafe121599d9a7c0a13336fb
Completely untested and unnecessary function
Fully integrate upgrade and rehash facilities
Commit 5b024b10099d7ab6cfe0c336be722b2e1fa4e49a
Upgrade older versions and rehash on request
Allow deleting an inline file which fails the HASH
Commit a1a5212b1780e4161894bae6cdc82a59b2cab576
Manually edited inline files are likely, this is easy to use
Default metadata delimiter is now newline
Commit f2b8f841b92fa0b57d576373457675440c55d199
Space is still supported but all new keys will use newline
Allow spaces in PATH
Commit 4cbdd621ee99e328fa2cd139b77742d853c03137
Allow spaces in PATH
Version 2.7.0
* 2022-01-14 - Commit e6153d9f6d13a2c08afb4cdcc406e50265ad35fe
Switch to fast hash routine
Commit b5baffdf19f23b217a29e4a11dbf8a380b03cb21
This is approximately 28% faster than wiscii_hash
Abandon TLS-Crypt-V2 Server GROUP keys
Commit 4dd0d55ce4f0badba4d387a962fa3ba402508d4b
Add Client-Group keys to standard TLS-Crypt-V2 Server-keys
Version 2.6.0
* 2021-12-13 - Commit 28936a49805e241ec10c848648aa52675ee7472c
Introduce easytls-tctip.lib (Optional library)
Commit f85e95e4bdd4a6d74bb180a8859206e1452f5aa1
Shared IPv4/6 address functions
Introduce TLS-2 Key metadata "source IP" filter
Commit 343652d89f9bc6a7cf3d4bdd927102a2b6db778c
IPv4/6 Client source IP matching
Introduce new Level Security setting for client-connect
Commit 41e4699a2ef14ffc1998ded92f6d445da5fcb027
Help to transition clients to TLS-Crypt-V2 keys
Introduce TLS-Crypt-V2 Group Keys
Commit 9d165c9da585a6535c18dfddec7db12ee8cab50e
Commit e43542d95be12c5752d26158e34620bccb3eb25b
This allows Groups of users to use the same key
Remove STALE_FILE TIMEOUT for TLS-Crypt-V2 metadata storage
Commit f0a9ae75f9500699fb57d9439988260d419381de
Use stacking or blocking instead, by configuration var
Add support for Openvpn dynamic client-connect file
Commit c89cdff35362feb4d7e01e64d74c94983bbc92be
This alows Openvpn server to push dynamic options
Allow multiple Custom_Groups per server
Commit 3c857413200cac30ea1f7b4fa951374e7bfc5424
This allows clients to be sub-divided by Custom_Group
Abandon easytls-verify.sh
Commit 682ba0ff48535f0575cc220be3717f89281f986d
Script is no longer required due to UV_TLSKEY_SERIAL
Add UV_TLSKEY_SERIAL to be pushed to server
Commit 5ccdb9f37a94ec92d7447afbcf08db7264a55213
All clients using TLS-Crypt-V2 keys must push the
TLS-Key serial number to identify the key
Removed option --openvpn
Commit cf413bd199c2b611314e895e8c9d1be30a02fd12
Development only requirement
Introduce vars files for server side scripts
Commit 12dcd3f3078be8266d194e1d0b90db716aec0f82
The command line was too long when run under Windows
due to the extra requirement of loading sh.exe
Version 2.5
* 2021-08-13 - Commit c0ace6c6740315407776bef1b3b6a4827be36f84
Introduce `easytls-conn-trac.lib`
Commit a05e4f1ab003be3fbc63f5f00ec2d546c80cc4ab
Add TLS-Crypt-V2 connection tracking
Commit cca482808521807b5b72203dfcc4ea170615c817
conn-trac is disabled by default
Introduce `easytls-client-disconnect.sh` and `vars` file
Commit 4172a08c79182b2b091b3c1fa31eca59551afe11
Required by conn-trac (Disabled by default)
Add Server authentication script vars files
Commit 611758b18a092fc3d2dfc1d31d6d1ebb2393392b
Allows parameters to be change with restarting server
Introduce `remove-metadata`
Commit b243aae45e70448d22c244cfe643f6a73956d37b
Allows selective removal of `# metadata` records from client inline files.
Introduce intermediate TLS-key security levels in client connect
Commit 8a4a9987c51d797adef35f76a4b60b8e07d14e38
Allow clients to seamlessly transition to TLS-Crypt-V2 keys.
Add new hwaddr format
Commit d27ffc93d39c48e9dc58e362e273ff5f678f266f
Makes for cleaner regexpr
Disable inline-index for No-CA mode
Commit d44c0f09d84f5480aa45df9784ef25f78c4b7bbf
Allows inline files to be manually edited (Fingerprint)
Make No-CA mode completely independent of Easy-RSA
Commit fd8fa84b9733c5816db3ec889db4b20b2856d718
Introduce fingerprint sharing function
Commit 1fb4b3d46a5907d3c18fa67f3abf4fb5f7558acc
Allows fingerprints to be automatically inlined
Version 2.4
* 2021-07-21 - Commit 8160cbc42e377e6fa34b819359e718e75e2a5560
Add self-signed certificates to inter-active `build` menu
Commit 8160cbc42e377e6fa34b819359e718e75e2a5560
Version 2.3
* 2021-07-20 - Commit 939ba157ac113fcbb8d11e2dcfc76f8aaadb689b
Add kill-client option
Commit 51af501989b1185a9af5b12e705488a599daad93
Change HWADDR field format (Maintain old format compat)
Commit 9dd07b90260c64a39b32eba75a98c37e25427dfd
Version 2.2
* 2021-06-15 - Commit 32ccb2d52ad6c9cbd66a869c744f0c159ff88dc1
Move to libera.chat IRC
Commit 32ccb2d52ad6c9cbd66a869c744f0c159ff88dc1
Complete overhaul of easytls-verify.sh
Commit 3df16cf70d6ed7ae785b5fc7cfdb9f128aee5a50
Easy-TLS now fully supports 'no-ca' mode.
This is a complete replacement of Easy-RSA.
Complete script support for --tls-auth and --tls-crypt keys
Commit 1dab7536cce344c931861bdb75c76f7c06333ed6
Add build self signed server/client certificates
Commit 8f78129c73af47ed0aa87dfa4272c28771baf5c7
Allow addition/deletion of arbitrary config labels
Commit 237dab2ad5e3a68fe010cc8b2c0dfb7d9acab1ee
Renamed cmd opt 'nokey' to 'no-key'
Commit 5dc17aee11c44b31a433d09dc7f4b99e99e9ae38
Version 2.1
* 2021-05-23 - Commit 234ced916c9e7e6f3e5bf9205c87a84528d62ad2
Introduce 'no-ca' mode to support OpenVPN Peer-Fingerprint mode
Commit 234ced916c9e7e6f3e5bf9205c87a84528d62ad2
Version 1.28
* No tag
Add an X509 style check for certificate revocation to --tls-verify
Commit 38af6f4d23ed4f5eb7afc2356dc42f826af9a35b
Introduce support for --tls-auth and --tls-crypt(v1) clients
Commit 4815f858d5af82696ff908cb09f8cbc86a5d022a
Version 1.27 (First official release)
* 2021-03-31 - Commit cd52aede5447df145528ca961b832fcb81d2d5ea
Creation date
* 2020-03-13 - Commit c25717ca613fae34f1b9bce68127846628ef4ec5