easy-rsa 3.2.0 #172053

BrewTestBot · 2024-05-18T12:33:33Z

Created by brew bump

Created with brew bump-formula-pr.

release notes

* Revert ca76697: Restore escape_hazard() (b1e9d7a) (#1137) * New X509 Type: 'selfsign' Internal only (999533e) (#1135) * New commands: self-sign-server and self-sign-client (9f8a1d1) (#1127) * build-ca: Command 'req', remove SSL option '-keyout' (4e02c8a) (#1123) * Remove escape_hazard(), obsolete (ca76697) * Remove command and function display_cn(), unused (be8f400) (#1114) * Introduce Options to edit Request Subject during command 'sign-req' Global Option: --new-subject -- Command 'sign-req' option: 'newsubj' First proposed in: (#439) -- Completed: (83b81c7) (#1111) * docs: Update EasyRSA-Renew-and-Revoke.md (f6c2bf5) (#1109) * Remove all 'renew' code; replaced by 'expire' code (9d94207) (#1109) * Introduce commands: 'expire' and 'revoke-expired' (a1890fa) (#1109) * Keep request files [CSR] when revoking certificates (6d6e8d8) (#1109) * Restrict use of --req-cn to build-ca (0a46164) (#1098) * Remove command 'display-san' (Code removed in 5a06f94) (50e6002) (#1096) * help: Add 'copyext'; How to use --copy-ext and --san (5a06f94) (#1096) * Allow --san to be used multiple times (5a06f94) (#1096) * Remove default server subject alternative name (0b85a5d) (#576) * Move Status Reports to 'easyrsa-tools.lib' (214b909) (#1080) * export-p12, OpenSSL v1.x: Upgrade PBE and MAC options (60a508a) (#1084 - Based on #1081) * Windows: Introduce 'Non-Admin' mode (c2823c4) (#1073) * LibreSSL: Add fix for missing 'x509' option '-ext' (96dd959) (#1068) * Variable heredoc expansion for SSL/Safe Config file (9c5d423) (#1064)

Branch-merge: v3.2.0-beta2 (#1055) 2024/01/13 Commit: d51d79b

Always use here-doc version of openssl-easyrsa.cnf (2a8c0de)
Only use here-doc if the current version is recognised by sha256 hash.
The current file is NEVER deleted (60216d5). Partially revert: 2a8c0de
export-p12: New command option 'legacy'. OpenSSL V3 Only (f8514de)
Fallback to encryption algorithm RC2_CBC or 3DES_CBC
export-p12: Always set 'friendlyName' to file-name-base (da9e594)
Update OpenSSL to 3.2.0 (03e4829)

Branch-merge: v3.2.0-beta1 (#1046) 2023/12/15 Commit: 7120876

Important note: As of Easy-RSA version 3.2.0-beta1, the configuration files
vars.example, openssl-eayrsa.cnf and all files in x509-types directory
are no longer required. Package maintainers can omit these files in the future.
All files are created as required and deleted upon command completion.
vars.example is created during init-pki and placed in the fresh PKI.
These files will be retained for downstream packaging compatibility.
Rename X509-type file code-signing to codeSigning (1c6b31a)
The original file will be retained as code-signing, however, the automatic
X509-types creation will name the file codeSigning. This effectively means
that both are valid X509-types, until code-signing is dropped.
init-pki: Always write vars.example file to fresh PKI (66a8f3e)
New command 'write': Write 'legacy' files to stdout or files (c814e0a)
Remove command 'make-safe-ssl': Replaced by command 'write safe-cnf' (c814e0a)
New Command 'rand': Expose easyrsa_random() to the command line (6131cbf)
Remove function 'set_pass_legacy()' (7470c2a)
Remove command 'rewind-renew' (72b4079)
Remove command 'rebuild' (d6953cc)
Remove command 'upgrade' (6a88edd)

Branch-merge: v3.2.0-alpha2 (#1043) 2023/12/7 Commit: ed0dc46

Remove EASYRSA_NO_VARS; Allow graceful use without a vars file (3c0ca17)

Branch-merge: v3.2.0-alpha1 (#1041) 2023/12/2 Commit: 42c2e95

New diagnostic command 'display-cn' (#1040)
Expand renewable certificate types to include code-signing (#1039)

What's Changed

Command: x509-eku v2 by @TinCanTech in Command: x509-eku v2 OpenVPN/easy-rsa#1039
v3.2.0-alpha1 by @TinCanTech in v3.2.0-alpha1 OpenVPN/easy-rsa#1041
Remove unwanted code - Minor improvements by @TinCanTech in Remove unwanted code - Minor improvements OpenVPN/easy-rsa#1036
escape_hazarrd(): Reuse source_vars() by @TinCanTech in escape_hazarrd(): Reuse source_vars() OpenVPN/easy-rsa#1037
v3.2.0-alpha2 by @TinCanTech in v3.2.0-alpha2 OpenVPN/easy-rsa#1043
v3.2.0-Remove-commands by @TinCanTech in v3.2.0-Remove-commands OpenVPN/easy-rsa#1045
v3.2.0-beta1 by @TinCanTech in v3.2.0-beta1 OpenVPN/easy-rsa#1046
export-p12: New command option 'legacy' by @spacefreak86 in export-p12: New command option 'legacy' OpenVPN/easy-rsa#1057
v3.2.0-beta2 by @TinCanTech in v3.2.0-beta2 OpenVPN/easy-rsa#1055
Replace use of sed with heredoc expansion by @TinCanTech in Replace use of sed with heredoc expansion OpenVPN/easy-rsa#1064
Restore 128bit-random certificate serial-number by @TinCanTech in Restore 128bit-random certificate serial-number OpenVPN/easy-rsa#1070
LibreSSL: Add band-aid fix for missing 'x509' command option '-ext' by @TinCanTech in LibreSSL: Add band-aid fix for missing 'x509' command option '-ext' OpenVPN/easy-rsa#1071
Windows: Introduce 'Non-Admin' mode by @TinCanTech in Windows: Introduce 'Non-Admin' mode OpenVPN/easy-rsa#1073
export-p12, OpenSSL v1.x: Upgrade PBE and MAC options by @TinCanTech in export-p12, OpenSSL v1.x: Upgrade PBE and MAC options OpenVPN/easy-rsa#1084
Completely remove status reports and date functions by @TinCanTech in Completely remove status reports and date functions OpenVPN/easy-rsa#1080
sign-req: Remove default server 'subject alternative name' SAN by @TinCanTech in sign-req: Remove default server 'subject alternative name' SAN OpenVPN/easy-rsa#1091
Separate SAN from DN - Refactor display_dn() by @TinCanTech in Separate SAN from DN - Refactor display_dn() OpenVPN/easy-rsa#1096
Restrict use of --req-cn to build-ca by @TinCanTech in Restrict use of --req-cn to build-ca OpenVPN/easy-rsa#1098
New function easyrsa_mkdir_p(): Replace use of 'mkdir -p' by @TinCanTech in New function easyrsa_mkdir_p(): Replace use of 'mkdir -p' OpenVPN/easy-rsa#1101
Shellcheck directives and minor tweak by @TinCanTech in Shellcheck directives and minor tweak OpenVPN/easy-rsa#1105
easyrsa_mkdir_p(): Ignore 'mkdir.exe' error code in favor of 'test' by @TinCanTech in easyrsa_mkdir_p(): Ignore 'mkdir.exe' error code in favor of 'test' OpenVPN/easy-rsa#1106
Revoke keep request by @TinCanTech in Revoke keep request OpenVPN/easy-rsa#1109
Add an option to change the subject when signing a request. V2 by @TinCanTech in Add an option to change the subject when signing a request. V2 OpenVPN/easy-rsa#1111
Remove command and function display_cn(), unused by @TinCanTech in Remove command and function display_cn(), unused OpenVPN/easy-rsa#1114
Remove escape_hazard() by @TinCanTech in Remove escape_hazard() OpenVPN/easy-rsa#1115
build-ca: Command 'req', remove SSL option '-keyout' by @TinCanTech in build-ca: Command 'req', remove SSL option '-keyout' OpenVPN/easy-rsa#1123
Improve ssl_cert_x509v3_eku() by @TinCanTech in Improve ssl_cert_x509v3_eku() OpenVPN/easy-rsa#1125
Remove variable 'makesafeconf' as obsolete by @TinCanTech in Remove variable 'makesafeconf' as obsolete OpenVPN/easy-rsa#1126
Introduce commands: self-sign-server and self-sign-client by @TinCanTech in Introduce commands: self-sign-server and self-sign-client OpenVPN/easy-rsa#1127
Command inline: Support self-signed certificate called from cmd-line by @TinCanTech in Command inline: Support self-signed certificate called from cmd-line OpenVPN/easy-rsa#1128
self-sign: Improve default algorithm and curve selection by @TinCanTech in self-sign: Improve default algorithm and curve selection OpenVPN/easy-rsa#1134
self-sign: Adjust 'X509v3 Key Usage' by @TinCanTech in self-sign: Adjust 'X509v3 Key Usage' OpenVPN/easy-rsa#1135
Revert ca76697: Remove escape_hazard() by @TinCanTech in Revert ca76697: Remove escape_hazard() OpenVPN/easy-rsa#1137
LibreSSL: Ignore and discard missing config file warning by @TinCanTech in LibreSSL: Ignore and discard missing config file warning OpenVPN/easy-rsa#1138
Minor corrections and improvements by @TinCanTech in Minor corrections and improvements OpenVPN/easy-rsa#1140
sign-req: Improve confirmation details by @TinCanTech in sign-req: Improve confirmation details OpenVPN/easy-rsa#1141

New Contributors

@spacefreak86 made their first contribution in export-p12: New command option 'legacy' OpenVPN/easy-rsa#1057

Full Changelog: OpenVPN/easy-rsa@v3.1.7...v3.2.0

github-actions · 2024-05-18T13:38:45Z

🤖 An automated task has requested bottles to be published to this PR.

easy-rsa 3.2.0

aeaf335

github-actions bot added the bump-formula-pr PR was created using `brew bump-formula-pr` label May 18, 2024

chenrui333 approved these changes May 18, 2024

View reviewed changes

easy-rsa: update 3.2.0 bottle.

9bb5090

github-actions bot added the CI-published-bottle-commits The commits for the built bottles have been pushed to the PR branch. label May 18, 2024

github-actions bot approved these changes May 18, 2024

View reviewed changes

BrewTestBot enabled auto-merge May 18, 2024 13:39

BrewTestBot added this pull request to the merge queue May 18, 2024

Merged via the queue into master with commit 0894b38 May 18, 2024
14 checks passed

BrewTestBot deleted the bump-easy-rsa-3.2.0 branch May 18, 2024 13:45

github-actions bot added the outdated PR was locked due to age label Jun 18, 2024

github-actions bot locked as resolved and limited conversation to collaborators Jun 18, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

easy-rsa 3.2.0 #172053

easy-rsa 3.2.0 #172053

BrewTestBot commented May 18, 2024

github-actions bot commented May 18, 2024

easy-rsa 3.2.0 #172053

easy-rsa 3.2.0 #172053

Conversation

BrewTestBot commented May 18, 2024

What's Changed

New Contributors

github-actions bot commented May 18, 2024