internet/community.crypto
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.crypto.git synced 2026-04-26 08:26:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
866 Commits 4 Branches 110 Tags
stable-2
Commit Graph

371 Commits

Author SHA1 Message Date
Felix Fontein
facc2d5f73 Prepare 2.26.8. 2026-04-25 16:37:58 +02:00
Felix Fontein
8304ed4c88 OpenSSL 4 CLI compatibility (#1005) (#1010) 
* OpenSSL 4 text output leaves leading 00: away.

* Split up key parsing function.

* Add tests.

(cherry picked from commit 1a96fe0bbc)
(cherry picked from commit fa36f75812)
 2026-04-25 16:37:08 +02:00
Felix Fontein
cea0f7639c Release 2.26.7. 2026-02-12 06:51:29 +01:00
Felix Fontein
edfb82772c Fix EC detection. (#981) (#982) 
(cherry picked from commit 911ed33c2e)
 2026-02-11 22:11:21 +01:00
Felix Fontein
3091b2f997 Prepare 2.26.7. 2026-02-11 21:51:51 +01:00
Felix Fontein
45d5db3d98 Release 2.26.6. 2025-10-29 21:27:53 +01:00
Felix Fontein
da5f524ee6 Prepare 2.26.6. 2025-10-29 20:59:34 +01:00
Felix Fontein
0148434e36 Release 2.26.5. 2025-08-04 19:17:29 +02:00
patchback[bot]
f9f3c3d4ee Increase number of retries from 10 to 20. (#949) (#950) 
(cherry picked from commit ba5c551a29)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-08-03 11:55:04 +02:00
Felix Fontein
5b1382c799 Prepare 2.26.5. 2025-08-02 21:02:06 +02:00
patchback[bot]
2d70e14250 Also retry on HTTP statuses 502 and 504. (#947) (#948) 
(cherry picked from commit 75413d0b08)

Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-08-02 19:04:22 +02:00
Felix Fontein
02e7c2ed77 Normalize changelog configs. 
(cherry picked from commit bc16487882)
 2025-07-27 16:35:49 +02:00
Felix Fontein
ded8568802 Release 2.26.4. 2025-07-26 14:37:51 +02:00
Felix Fontein
b6887ab1f4 Improve error message when lodaing corrupt private key or private key with wrong passphrase. (#939) (#940) 
(cherry picked from commit f219cac94c)
 2025-07-25 15:08:45 +00:00
Felix Fontein
71e9d2273a Prepare 2.26.4. 2025-07-25 14:41:18 +02:00
Felix Fontein
5ca4ecb54b Release 2.26.3. 2025-06-14 16:44:49 +02:00
Felix Fontein
3e3318f059 acme_account: check for 'externalAccountRequired' error (#919) (#920) 
* Check for 'externalAccountRequired' error.

* Add changelog fragment.

(cherry picked from commit 056ae1cf69)
 2025-06-13 06:10:41 +02:00
Felix Fontein
ae6fb88896 Prepare 2.26.3. 2025-06-12 22:45:19 +02:00
Felix Fontein
4f92a02bc4 Release 2.26.2. 2025-05-22 21:19:40 +02:00
Felix Fontein
f7b01bae60 Prepare 2.26.2. 2025-05-22 19:58:28 +02:00
Felix Fontein
43d7868646 [stable-2] Remove entrust announcement (#901) 
* Announce removal of Entrust content from community.crypto 3.0.0.

* Add more information on Entrust removal.
 2025-05-22 19:57:08 +02:00
Felix Fontein
278dcc5dda Release 2.26.1. 2025-04-28 11:51:52 +02:00
Felix Fontein
04a0d38e3b Do not supply passphrase when killing keyslot. (#868) 2025-04-27 22:19:12 +02:00
Felix Fontein
ac134ee5f5 Prepare 2.26.1. 2025-04-27 12:37:24 +02:00
Felix Fontein
154f3c6cd7 Add no_log=False to passphrase_encoding. 2025-04-26 14:12:19 +02:00
Felix Fontein
e58fe63dde Release 2.26.0. 2025-03-11 20:09:02 +01:00
Felix Fontein
0d1f260328 Prepare 2.26.0. 2025-03-10 21:53:06 +01:00
Florian Apolloner
ba55ba7381 openssl_pkcs12: Add support for certificate_content and other_certificates_content (#848) 
* openssl_pkcs12: Add support for `certificate_content` and `other_certificates_content`

Co-authored-by: Felix Fontein <felix@fontein.de>

* Added minimal tests.

The tests are minimal because internally it always ends up with the
_content variants, so even when supplying a file most of the internal
code paths then use the content.

---------

Co-authored-by: Felix Fontein <felix@fontein.de>
 2025-03-10 21:44:31 +01:00
Felix Fontein
2a99218162 Release 2.25.0. 2025-02-09 19:29:41 +01:00
Felix Fontein
e1763e22ae Prepare 2.25.0 release. 2025-02-09 14:25:42 +01:00
ilia-kats
2433fdab98 luks_device: allow passphrases to contain newlines (#844) 
* luks_device: allow passphrases to contain newlines

This is useful when passing binary keyfiles from an ansible vault, as
it removes the restriction that the binary data cannot contain newlines.
The only exception is adding a new key to an existing container, as in
that case the two passphrases are separated by a new line.

* add integration tests and a changelog fragment

* attempt to also make luks_add_key work with passphrases containing
newlines

* use a deterministic method to generate keyfile 3, improve changelog
formatting

* add licence and copyright to keyfile3.txt to satisfy CI
 2025-02-09 14:24:16 +01:00
Felix Fontein
3d4c5346c6 Release 2.24.0. 2025-01-19 13:03:31 +01:00
Felix Fontein
bf70f8d717 Prepare 2.24.0. 2025-01-18 11:25:37 +01:00
Felix Fontein
214794d056 acme_certificate and acme_certificate_create_order: add order_creation_error_strategy and order_creation_max_retries options (#842) 
* Provide error information.

* Add helper function for order creation retrying.

* Improve existing documentation.

* Document 'replaces' return value.

* Add order_creation_error_strategy and order_creation_max_retries options.

* Add changelog fragment.

* Fix authz deactivation for finalizing step.

* Fix profile handling on order creation.

* Improve existing tests.

* Add ARI and profile tests.

* Warn when 'replaces' is removed when retrying to create an order.
 2025-01-18 10:51:10 +01:00
Felix Fontein
b9fa5b5193 Deprecate ansible-core < 2.17 and cryptography < 3.4. (#839) 2025-01-17 21:27:01 +00:00
Felix Fontein
01e7bf1f33 acme_certificate_renewal_info: add treat_parsing_error_as_non_existing option and existing and parsable return values (#838) 
* Fix error reporting for OpenSSL backend: raise BackendExceptions instead of directly failing the module.

* Add treat_parsing_error_as_non_existing option and existing and parsable return values.
 2025-01-12 21:42:24 +01:00
Felix Fontein
2419e6c6ad Implement profile option. (#835) 2025-01-12 10:24:24 +01:00
Felix Fontein
029e009db1 CI: Add Fedora 41, Alpine 3.21, RHEL 9.5, FreeBSD 14.2 to CI for devel (#834) 
* Add Fedora 41, Alpine 3.21, RHEL 9.5, FreeBSD 14.2 to CI for devel.

* Fedora 41 also doesn't allow SHA-1 apparently.

Ref: https://fedoraproject.org/wiki/Changes/OpenSSLDistrustSHA1SigVer

* Work around broken cryptography in Fedora 41.
 2025-01-08 22:08:18 +01:00
Felix Fontein
95886d1cf9 Release 2.23.0. 2024-12-30 22:04:25 +01:00
Felix Fontein
9b53f4b382 Prepare 2.23.0 release. 2024-12-30 21:17:40 +01:00
Felix Fontein
0d4b16aadb acme_certificate: be nicer to non-compliant CAs (#832) 
* Be nicer to non-compliant CAs.

* Mark as a feature, not a bugfix.
 2024-12-30 10:30:33 +00:00
Felix Fontein
db04914ab6 Deprecate PyOpenSSL. (#831) 2024-12-30 10:10:10 +01:00
Felix Fontein
abb0d67774 Add validation option. (#830) 2024-12-30 10:09:51 +01:00
Felix Fontein
05c442ab5e luks_device: allow to provide passphrases base64-encoded (#829) 
* Allow to provide passphrases base64-encoded.

* Add note on binary passphrases.
 2024-12-30 10:09:32 +01:00
Felix Fontein
7adca3efff Release 2.22.3. 2024-10-27 08:49:30 +01:00
Felix Fontein
6731b38baa Explicitly use UTC timezone in ACME OpenSSL backend (#811) 
* Allow abstract backend class to handle both with and without timezone.

* Explicitly use UTC timezone in OpenSSL backend code.
 2024-10-27 08:13:05 +01:00
Felix Fontein
feee571bc8 Fix time code to work in timezones other than UTC, and add tests in multiple timezones (#810) 
* Add tests in multiple timezones.

* Fix get_epoch_seconds() for timestamps without timezones.

* Add changelog fragment.

* Pin version for Python 2.6.
 2024-10-24 20:24:55 +02:00
Felix Fontein
21e344e283 Prepare 2.22.3 release. 2024-10-23 21:24:21 +02:00
Felix Fontein
e1c0ab5bd2 Release 2.22.2. 2024-10-15 20:34:01 +02:00
Felix Fontein
a57be5ceb3 Prepare 2.22.2 release. 2024-10-15 20:11:26 +02:00