From 1e2387474a449452b78520b9ad96a8b4b5e99722 Mon Sep 17 00:00:00 2001 From: Harald Pfeiffer Date: Wed, 17 Apr 2019 19:07:19 +0200 Subject: initial commit of source fetch --- .../check_ssl_cert/check_ssl_cert-1.83.0/NEWS | 161 +++++++++++++++++++++ 1 file changed, 161 insertions(+) create mode 100644 nagios-plugins-contrib-24.20190301~bpo9+1/check_ssl_cert/check_ssl_cert-1.83.0/NEWS (limited to 'nagios-plugins-contrib-24.20190301~bpo9+1/check_ssl_cert/check_ssl_cert-1.83.0/NEWS') diff --git a/nagios-plugins-contrib-24.20190301~bpo9+1/check_ssl_cert/check_ssl_cert-1.83.0/NEWS b/nagios-plugins-contrib-24.20190301~bpo9+1/check_ssl_cert/check_ssl_cert-1.83.0/NEWS new file mode 100644 index 0000000..5102772 --- /dev/null +++ b/nagios-plugins-contrib-24.20190301~bpo9+1/check_ssl_cert/check_ssl_cert-1.83.0/NEWS @@ -0,0 +1,161 @@ +2019-02-08 Version 1.82.0: Added a check on the readability of the certificate file +2019-02-01 Version 1.81.0: Added an option to specify a warning level with SSL Labs +2019-01-16 Version 1.80.1: Fixed a problem on systems not supporting echo -e +2018-12-24 Version 1.80.0: Better output in case of errors while using SNI +2018-12-10 Version 1.79.0: Differentiate between IMAP on port 143 and IMAPS on port 993 + Fixed a vulnerability in the parsing of the certificate issuer +2018-11-07 Version 1.78.0: Bug fixes in IMAP and HTTP requests +2018-11-05 Version 1.77.0: CA file and directory support +2018-10-19 Version 1.76.0: Sends a correct HTTP request +2018-10-18 Version 1.75.0: Allow to specify a client certificate key +2018-10-15 Version 1.74.0: Fixed a bug generating a confusing error message on timeout +2018-09-10 Version 1.73.0: Fixed a bug in the cleanup of temporary files, fixed a bug with certificates without OCSP + Fixed tests with more reliable hosts + Allows to check against all the issuers in the CA chain + Fixed a bug with --long-output on Linux + Fixed the validation of --critical and --warning +2018-07-01 Version 1.72.0: Corrected a bug introduced in 1.71.0: remove temporary files +2018-07-01 Version 1.71.0: Corrected a bug introduced in 1.70.0: wrong exit codes +2018-06-28 Version 1.70.0: Improved the management of temporary files +2018-06-25 Version 1.69.0: Added an option to require OCSP stapling +2018-04-29 Version 1.68.0: Removed the SNI name check +2018-04-17 Version 1.67.0: Terse output, warning if the specified server name is not found in the certificate and --format option +2018-04-06 Version 1.66.0: UTF-8 output +2018-03-29 Version 1.65.0: Bug fix release +2018-03-28 Version 1.64.0: Remove cURL dependency +2018-03-17 Version 1.63.0: Support for TLS 1.3 +2018-03-06 Version 1.62.0: Support for LibreSSL +2018-01-19 Version 1.61.0: Fixed a bug handling more than one OCSP host +2017-12-15 Version 1.60.0: Fixed a bug related to XMPP introduced in the last version +2017-12-14 Version 1.59.0: Added an option to specify the 'to' attribute of the XMPP stream element +2017-11-29 Version 1.58.0: Support for DER encoded CRL files +2017-11-28 Version 1.57.0: Added --fingerprint to check the SHA1 fingerprint of the certificate +2017-11-17 Version 1.56.0: Added support for -xmpphost if available +2017-11-16 Version 1.55.0: Fixed XMPP support and IPv6 addresses as host +2017-09-19 Version 1.54.0: With the -f command line option, you can also specify a certificate revocation list (CRL) +2017-09-10 Version 1.53.0: The timeout is applied to OCSP checks +2017-09-09 Version 1.52.0: The SAN requirement check is now optional +2017-07-28 Version 1.51.0: Use openssl s_client's -help option to test for SNI support +2017-07-24 Version 1.50.0: Fix in the Common Name parsing +2017-07-17 Version 1.49.0: Support for OpenSSL 1.1 +2017-06-22 Version 1.48.0: Checks for missing subjectAlternativeName extension (https://support.google.com/chrome/a/answer/7391219?hl=en) +2017-06-15 Version 1.47.0: Fixed an issue with OCSP URI with protocols other than HTTP or HTTPS +2017-05-15 Version 1.46.0: Fixed a problem with the detection of OCSP URLs +2017-05-02 Version 1.45.0: Fixed bugs in the date computation and OCSP checks +2017-04-28 Version 1.44.0: Fixed a bug occurring when more than one issuer URI is present +2017-03-07 Version 1.43.0: Support for LDAP +2017-02-16 Version 1.42.0: Support for OpenSSL > 1.1.0 +2017-02-10 Version 1.41.0: Added --sni to specify the server name +2017-02-08 Version 1.40.0: Changed the CN output when --altnames is used +2017-02-02 Version 1.39.0: Fixed a bug related to SNI +2017-02-02 Version 1.38.2: Fixed a bug in the command line argument parsing +2017-01-29 Version 1.38.1: Small corrections in the documentation +2017-01-28 Version 1.38.0: Added support for wildcards in alternative names and caching of the issuer certificate +2016-12-23 Version 1.37.0: Added a patch to specify multiple CNs +2016-12-13 Version 1.36.2: fixed a minor problem with --debug +2016-12-06 Version 1.36.1: fixed a problem when specifying a CN beginning with * +2016-12-04 Version 1.36.0: fixed problem when file is returing PEM certificate on newer + Linux distributions + added an option to specify the location of the file utility +2016-10-18 Version 1.35.0: added support for the selection of the cipher authentication +2016-09-19 Version 1.34.0: added proxy support for the OCSP checks (thanks to Leynos) +2016-08-04 Version 1.33.0: disabling OCSP checks when no issuer URI is found +2016-07-29 Version 1.32.0: added support for date with timestamp calculation and + fixed case sensitive comparison of CN +2016-07-12 Version 1.31.0 Fixed the parsing of the CN field +2016-06-30 Version 1.30.0 OCSP check is fixed and enabled by default +2016-06-15 Version 1.29.0 New option to clear the cached value at SSL Labs + IRC support +2016-06-01 Version 1.28.0 Increased control over which SSL/TLS versions to use +2016-03-29 Version 1.27.0 Fixes a bug in the OpenSSL error parsing +2016-03-29 Version 1.26.0 Fixes a bug in wildcard match +2016-03-21 Version 1.25.0 Fixes a bug on CN parsing on non-GNU systems + Handle wildcard certificates +2016-03-09 Version 1.24.0 Waits for SSL Labs Results +2016-03-07 Version 1.23.0 Supports SNI even when not checking CN and does not + issue a critical when SSL Labs is still checking a host +2016-03-03 Version 1.22.0 Initial support for SSL Labs checks + Support for UTF output (thanks to Konstantin Shalygin) +2016-03-01 Version 1.21.0 Fixed a bug which prevented the check on the expiration date +2016-02-26 Version 1.20.0 Added debugging output (-d or --debug) + Improved the handling of OpenSSL error messages + Does not stop the validation if the server requires a + client certificate +2016-02-25 Version 1.19.0 Added a check for certificates signed with SHA-1 or MD5 + Added an option to disable the expiration date check +2015-10-31 Version 1.18.0 Added an option to check the certificate's serial number + (thanks to Milan Koudelka) +2015-10-20 Version 1.17.2 Fixed a bug with OCSP +2015-04-07 Version 1.17.1 Fixed the check on the openssl binary +2014-10-21 Version 1.17.0 Added an option to check revocation via OCSP +2014-06-06 Version 1.16.2 Fixed a problem with -servername when -n was not specified +2014-02-28 Version 1.16.1 Added a Make target for the RPM package +2013-12-23 Version 1.16.0 Added an option to force TLS version 1 +2013-07-29 Version 1.15.0 Added an option to force a certain SSL version (thanks + to Max Winterstein) +2013-05-12 Version 1.14.6 Added XMPP and timeout support (thanks to Christian + Ruppert and Robin H. Johnson) +2013-03-02 Version 1.14.5 Fixed a bug occuring with TLS and multiple names in + the certificate +2012-12-07 Version 1.14.4 Fixed a bug causing -N to always compare the CN + with 'localhost' +2012-09-19 Version 1.14.3 Improved the error message in case of a failure in + the certificate download +2012-07-13 Version 1.14.2 Added the name since or to expiration in the plugin + output. +2012-07-11 Version 1.14.1 FIxed a bug with Perl date computation on some systems +2012-07-06 Version 1.14.0 The status now includes performance data in days until + expiration (requires perl with Date::Parse). + It is now possible to print additional information in + the plugins long output (multiline, Nagios 3 only) +2012-04-05 Version 1.13.0 The plugin will now try to fetch the certificate without + without TLS extensions in case of error +2012-04-04 Version 1.12.0 Fixed a bug in the chain verification (hard coded + error number) +2011-10-22 Version 1.11.0 --altname option +2011-09-01 Version 1.10.0 Applied a patch from Sven Nierlein to authenicate + using a client certificate +2011-03-10 Version 1.9.1 Allows HTTP as protocol and fixes -N with wildcards +2011-01-24 Version 1.9.0 Added an option to specify the openssl executable +2010-12-16 Version 1.8.1 Fixed bugs with environment bleeding & shell globbing +2010-12-08 Version 1.8.0 Added support for TLS servername extension in + ClientHello +2010-10-28 Version 1.7.7 Fixed a bug in the signal specification introduced + in 1.7.6 +2010-10-28 Version 1.7.6 Better temporary file clean up (thanks to Lawren + Quigley-Jones) +2010-10-14 Version 1.7.5 Applied a patch from Yannick Gravel fixing the test + order +2010-10-01 Version 1.7.4 Applied a patch from Lawren Quigley-Jones adding the + -A option +2010-09-15 Version 1.7.3 Fixed a bug in the option processing +2010-08-26 Version 1.7.2 Removes useless use of cat, better test for expect + utility +2010-08-26 Version 1.7.1 Replaces "-verify 6" which was erroneously removed in + the previous version +2010-08-26 Version 1.7.0 Overloaded --rootcert option to allow -CApath as well + as -CAfile +2010-07-21 Version 1.6.1 Added an option to specify where to temporarily + store the certificate +2010-07-09 Version 1.6.0 Added long command line options and substituted + -days with --critical and --warning +2010-07-07 Version 1.5.2 Added the -f option to check a local file +2010-07-01 Version 1.5.1 Fixed the plugin output +2010-03-11 Version 1.4.4 Fixed bug #64 (== bashism) +2010-03-09 Version 1.4.3 -N and -n options to compare the CN to an hostname +2009-12-02 Version 1.4.2 the -i ISSUER option now checks if the O= or the + CN= fields of the root certificate match +2009-11-30 Version 1.4.1 -r to specify the root cert to be used for + verification +2009-11-30 Version 1.4.0 certificate chain verification +2009-03-30 Version 1.3.0 -P option to check TLS certificates + (SMTP, FTP, POP3, ...) +2008-05-13 Version 1.2.2 include the CN in the messages (D. Wallis) +2008-02-25 Version 1.2.1 better error handling +2008-02-25 Version 1.2.0 general cleanup (POSIX compliance, removed + nmap dependency, ...) from Dan Wallis +2007-08-31 Version 1.1.0 - option to enforce a given email address + - option to enforce a given organization + - temporary files cleanup upon exit +2007-08-15 Bug fix: openssl did not close the connection cleanly +2007-08-10 First release (1.0) -- cgit v1.2.3