/[pdpsoft]/nl.nikhef.pdp.fetchcrl/trunk/CHANGES
ViewVC logotype

Diff of /nl.nikhef.pdp.fetchcrl/trunk/CHANGES

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

trunk/fetchcrl/CHANGES revision 1878 by davidg, Tue Aug 10 07:03:43 2010 UTC nl.nikhef.pdp.fetchcrl/trunk/CHANGES revision 3172 by davidg, Tue Mar 21 07:35:41 2017 UTC
# Line 5  The fetch-crl utility will retrieve cert Line 5  The fetch-crl utility will retrieve cert
5  a set of installed trust anchors, based on crl_url files or IGTF-style info  a set of installed trust anchors, based on crl_url files or IGTF-style info
6  files. It will install these for use with OpenSSL, NSS or third-party tools.  files. It will install these for use with OpenSSL, NSS or third-party tools.
7    
8    Changes in 3.0.19-1
9    ----------------------
10    * Do not add spurious newline to DER-format files (fixes report 201670320-01)
11    * run a script after the completion of every fetch-crl run (uses postexec
12      directive in config file)
13    
14    Changes in 3.0.17-1
15    ----------------------
16    * Add optional cache-control max-age headers in all requests to hint a
17      maximum caching time to intermediate servers (bugzilla #26)
18    
19    Changes in 3.0.16-1
20    ----------------------
21    * Added cache state freshness constraints (default maxcachetime set to 96hrs)
22    * Re-set cache expiry of state data if CRL nextUpdate is within or beyond
23      7 hrs (config "expirestolerance") claimed URL Expiry or Cache-control max-age
24    
25    Changes in 3.0.15-1
26    ----------------------
27    * Fixed issues resulting in undefined attribute values to be returned for CRL
28    
29    Changes in 3.0.14-1
30    ----------------------
31    * Requesting CRL retrieval for an empty trust anchor store is now a warning
32      and no longer an error
33    
34    Changes in 3.0.13-1
35    ----------------------
36    * Supplied system init script for boot phase will not re-run inadvertently
37    * Add rcmode config option (added differentiated reporting and success-on-
38      solely-retrieval-errors)
39    * Add --define key=val command line argument to augment configuration data
40    * Setting FETCHCRL_OPTIONS in /etc/sysconfig/fetch-crl will add these
41      options to the commandline of fetch-crl on start from cron or at boot time
42      Setting FETCHCRL_BOOT_OPTIONS adds them to the boot init script only
43      (e.g. FETCHCRLBOOTOPTIONS="--define rcmode=differentiated")
44      and FETCHCRL_CRON_OPTIONS does the same only for the cron job script
45    
46    Changes in 3.0.12-1
47    ----------------------
48    * PEM formatted CRLs now always include a final newline character (fix
49      provided by Harald Barth <haba@kth.se>)
50    
51    Changes in 3.0.11-1
52    ----------------------
53    * Added reference to /etc/fetch-crl.d/ to the man page, used shortened URL
54      to full documentation in man page
55    * Added version information to help output and added -V option
56    * Added a dangerous clean-crl script to remove stale .r* files (beware!)
57    
58    Changes in 3.0.10-1
59    ----------------------
60    * Added a "noquiet" option in the configuration file that will override
61      the default single "-q" option in the cro-job that is shipped with
62      the fetch-crl3 init scripts (feature request by Ryan Taylor)
63    * Added option "--inet6glue" and "inet6glue" config setting to load
64      the Net::INET6Glue perl module (if it is available) to use IPv6
65      connections in LWP to download CRLs
66    
67    Changes in 3.0.8-1
68    ----------------------
69    * Trust anchor name inferrence based on retrieved-CRL added as option (at cost
70      of retrieving CRL even if there is no accompanying trust anchor found later)
71      Option is disabled by default, but can be enabled by using @HASH@ in the
72      ca-template name list. (feature request by Rob van der Wal, SARA, NL)
73    
74    Changes in 3.0.7-1
75    ----------------------
76    * CRL modofication time heuristic inadvertently modified file name templates
77      (solves issue kindly reported by Elan Ruusamae)
78    * Expanded representation of tokenisation characters in strings to work
79      around bug in file(1) (rhbz#699546, works around RedHat Bugzilla 699548)
80    
81    Changes in 3.0.6-1
82    ----------------------
83    * Response parsing disabled to suppress superfluous warning on unexpected
84      UTF-8 respons when retrieving a CRL (solves RedHat Bugzilla 688902)
85    
86    Changes in 3.0.5-1
87    ----------------------
88    * CRLs for multiple similarly-named trust anchors might not all be downloaded.
89      This is fixed in this release.
90    * Spurious "restoreLogMode" internal errors are no longer raised
91    
92    Changes in 3.0.4-1
93    ----------------------
94    * Add support for directory based drop-in configuration in /etc/fetch-crl.d/
95    * Only use cached CRL contents if the nextUpdate time of the cached CRL is
96      still in the future. This will ensure that a new download is attempted
97      each and everytime for CRLs that have already expired.
98    
99    Changes in 3.0.3-1
100    ----------------------
101    * Clean up of man page format macro PU (reported by Mattias Ellert)
102    
103    Changes in 3.0.2-1
104    ----------------------
105    * Clean up of man page format macro PU (reported by Mattias Ellert)
106    
107    Changes in 3.0.1-1
108    ----------------------
109    * hunts through more places to find the latest successful CRL download to
110      set the latest local modification time for a CRL
111      (resolves a comparison error in case output and infodir are unset)
112    
113  Changes in 3.0.0-0.RC4  Changes in 3.0.0-0.RC4
114  ----------------------  ----------------------
115  * the config file name has changed to fetch-crl.conf, although a  * the config file name has changed to fetch-crl.conf, although a

Legend:
Removed from v.1878  
changed lines
  Added in v.3172

grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28