Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

hiawatha-letsencrypt-10.11-2.6 RPM for armv7hl

From OpenSuSE Ports Tumbleweed for armv7hl

Name: hiawatha-letsencrypt Distribution: openSUSE Tumbleweed
Version: 10.11 Vendor: openSUSE
Release: 2.6 Build date: Thu Aug 5 21:54:44 2021
Group: Productivity/Networking/Web/Servers Build host: obs-arm-10
Size: 52984 Source RPM: hiawatha-10.11-2.6.src.rpm
Packager: http://bugs.opensuse.org
Url: http://www.hiawatha-webserver.org
Summary: Let's Encrypt script for the Hiawatha webserver
This is the Let's Encrypt script for the Hiawatha webserver. It can be used to
request, renew and revoke certificated as provided by Let's Encrypt in a very
easy way. It requires the PHP command line interface and uses version 2 of the
ACME protocol to communicate with the Let's Encrypt server.

Provides

Requires

License

GPL-2.0-only

Changelog

* Wed Aug 19 2020 Callum Farmer <callumjfarmer13@gmail.com>
  - Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)
* Thu Jul 16 2020 Mariusz Fik <fisiu@opensuse.org>
  - Update to version 10.11:
    * Default value of MinTLSversion set to 1.2.
    * Small bugfixes.
  - Changes from 10.10:
    * Removed several build options. Functionalities are now always enabled.
    * Updated Let's Encrypt script due to changes in the API.
    * Bugfix: AlterMode not working correctly.
* Wed Jul 24 2019 matthias.gerstner@suse.com
  - removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by
    firewalld, see [1].
    [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html
* Mon Mar 04 2019 Mariusz Fik <fisiu@opensuse.org>
  - Update to version 10.9:
    * Let's Encrypt script installed via CMake.
    * Bugfix: Directory traversal when AllowDotFiles is enabled.
    * Small improvements.
* Wed Sep 26 2018 fisiu@opensuse.org
  - Update to version 10.8.3:
    * Several fixes in build system
    * Added build system for nghttp2
    * New style for directory index
    * uri_depth added to XML for directory index
* Tue May 08 2018 fisiu@opensuse.org
  - Update to version 10.8.1.:
    * Removed support for secp192r1 and secp192k1 curves, to make it PCI DSS
      compliant out of the box.
    * Small improvements to Let's Encrypt ACMEv2 script.
* Mon Mar 26 2018 fisiu@opensuse.org
  - Ship Let's Encrypt script within subpackage.
* Mon Mar 26 2018 fisiu@opensuse.org
  - Add firewalld config files for Leap/SLE >= 15 and TW.
* Mon Mar 26 2018 fisiu@opensuse.org
  - Update to version 10.8:
    * New Let's Encrypt script that supports ACME v2.
    * Added Syslog option.
    * Added GZipExtensions option.
    * AllowDotFiles now used to show hidden files in directory listings.
    * Removed support for static RSA ciphers.
    * Hiawatha log format changed.
    * Small improvements.
    * Bugfix: certain characters in filenames disrupted directory index output.
    * Bugfix: requesting non-regular files now results in a 403 instead of
      blocking that thread.
* Sat Feb 17 2018 fisiu@opensuse.org
  - Fix build with mbedtls 2.7.0.
* Tue Oct 24 2017 fisiu@opensuse.org
  - Update to version 10.7:
    * Connect to a Unix socket via a reverse proxy.
    * Added BlockExtensions setting.
    * Small improvements.
    * Bugfix: error in handling renewal scripts in Let's Encrypt script.
* Sat Jun 17 2017 fisiu@opensuse.org
  - Update to version 10.6:
    * Added PublicKeyPins option.
    * Added renewal-scripts to Let's Encrypt script.
    * Small changes to CMake build system.
    * Added CustomHeaderBackend option.
    * Renamed CustomHeader option to CustomHeaderClient. Old name still works.
    * Hiawatha ignores FileHashes and ReverseProxy for Let's Encrypt
      authentication requests.
    * Small improvements and bugfixes.
* Tue Nov 15 2016 mpluskal@suse.com
  - Update to version 10.4:
    * SkipCacheCookie option added.
    * Added Systemd init script to Debian package.
    * Small improvements and bugfixes.
  - Small packaging changes and requirements update
* Sun Oct 02 2016 fisiu@opensuse.org
  - Build fails with mbedtls < 2.
* Sat Aug 27 2016 mpluskal@suse.com
  - Update to version 10.3:
    * PreventCSRF, PreventSQLi and PreventXSS improved.
    * Prevention of MySQL data mining via SQL injection.
    * Added revoke option to Let's Encrypt script.
    * Hiawatha ignores RequireTLS for Let's Encrypt authentication
      requests.
    * Small bugfixes and improvements.
    * Bugfix: possible HTTP request pipelining error after CSRF
      prevented.
  - Changes for version 10.2:
    * Added Let's Encrypt script (see extra/letsencrypt).
    * Added support for requesting Let's Encrypt certificates (see
      AccessList and PasswordFile settings in manual page).
    * Small improvements.
    * Bugfix: HideProxy not working for Forwarded header.
  - Changes for 10.1:
    * Added Extensions setting.
    * Added support for X-Sendfile header.
    * mbed TLS updated to 2.2.1.
    * Improved SQL injection detection.
    * Small bugfixes and improvements.
  - Changes for 10.0:
    * Usage of Directory sections changed.
    * Added support for RFC 5785.
    * Added support for GZip compression. Removed the UseGZfile
      option.
    * Added ECDSA support for TLS 1.0 and TLS 1.1.
    * Replaced UrlToolkit Expire option with ExpirePeriod in
      Directory section.
    * Replaced IgnoreDotHiawatha option with UseLocalConfig.
    * Removed the VolatileObject option.
    * Improved SQL injection detection.
    * mbed TLS updated to 2.2.0.
    * Small improvements.
  - Changes for 9.15:
    * Support for WebSockets via reverse proxy.
    * UNIX socket support for connections to WebSockets.
    * Responsive design for directory index and error message.
    * mbed TLS updated to 2.1.2.
    * Fixed mbed TLS linking in CMake configuration.
    * ListenBacklog option added.
    * Small bugfixes.
  - Changes for 9.14:
    * mbed TLS updated to 2.0.0.
    * Small bugfixes.
    * Bugfix: crash when sending very large request to FastCGI
      server.
* Sat Jun 20 2015 mpluskal@suse.com
  - Fix rpmlint warnings
    * add rcsymlink
    * fix log directory permissions
* Mon Jun 15 2015 fisiu@opensuse.org
  - Update to 9.13:
    * Renamed SSLcertFile to TLScertFile.
    * Renamed RequireSSL to RequireTLS.
    * Renamed SSL_* CGI environment variables to TLS_*.
    * Renamed UrlToolkit option UseSSL to UseTLS.
    * Replaced MinSSLversion by MinTLSversion.
    * LogTimeouts option added.
    * Added 'skip directories' parameter to reverse proxy.
    * Failed logins sent to Hiawatha Monitor.
    * Small bugfix and improvements.
* Thu Feb 26 2015 fisiu@opensuse.org
  - Update to 9.12:
    * Bugfix: memory leak in SSL library.
    * Small bugfix.
* Tue Feb 03 2015 fisiu@opensuse.org
  - Update to 9.11:
    * ChallengeClient option added.
    * UrlToolkit options TotalConnections and OmitRequestLog added.
    * Improvements to UrlToolkit and reverse proxy swap.
    * UrlToolkit rules are also applied to PUT and DELETE.
    * Small improvements.
* Sun Jan 11 2015 fisiu@opensuse.org
  - Update to 9.10:
    * Support for banning bad clients who connect via a proxy.
    * UrlToolkit option Do added. Changed how Call and Skip should be called.
    * General UrlToolkit improvements. See config/toolkit.conf for syntax.
    * Hiawatha now prefers reverse proxies with a scheme matching the one of the
      client connection. See config/toolkit.conf for syntax.
    * Hiawatha will now first process UrlToolkit rules before using ReverseProxy.
    * Small bugfixes and improvements.
* Sat Dec 13 2014 fisiu@opensuse.org
  - Update to 9.9:
    * HTTPAuthToCGI option added.
    * BanByCGI option added.
    * Improved SSL ciphersuite selections.
    * CAcertificates options added.
    * Dropped support for SSL3.0.
    * Small bugfixes and improvements.
* Sun Nov 02 2014 fisiu@opensuse.org
  - Update to 9.8:
    * Added support for websockets. WebSocket option added.
    * SSL key and certificate checks added to wigwam.
    * Small bugfixes and improvements.
* Wed Sep 10 2014 jengelh@inai.de
  - Avoid generating libpolarssl.so.7, which led to "have choice
    for libpolarssl.so.7: libpolarssl7 hiawatha" and make other
    polarssl-using applications not run in practice because the
    library is in a non-standard directory, yet discovered by rpm
    as a provider.
* Sun Sep 07 2014 fisiu@opensuse.org
  - Update to 9.7:
    * UseToolkit now possible in .hiawatha file at root of website.
    * Method option added to URL Toolkit.
    * SetResourceLimit option added.
    * ThreadKillRate option added.
    * Improved SQL injection detection.
    * Default value for DHsize set to 2048.
    * PolarSSL updated to version 1.3.8.
    * Memory allocation debugger module added.
    * Small bugfixes and improvements.
    * Bugfix: incorrect file hash printing by wigwam with directory as symlink.
* Sun Jun 08 2014 fisiu@opensuse.org
  - Update to 9.6:
    * Logfile rotation for access logfiles.
    * HTTP Strict Transport Security header made optional for RequireSSL.
    * Support for chunked transfer encoded requests (not for PUT).
    * Support for improved server statistics in Hiawatha Monitor.
    * The Hiawatha Monitor is now supported without the need for XSLT.
    * PolarSSL updated to version 1.3.7.
    * A few bugfixes as reported by Coverity.
    * Bugfix: SQL injection detection was broken since 8.6.
    * Bugfix: XSS detection didn't work for reverse proxy.
    * Small bugfixes.
* Sun May 18 2014 fisiu@opensuse.org
  - Update to 9.5:
    * Added support for CGI statistics in Hiawatha Monitor.
    * MonitorRequests and MonitorStatsInterval option removed.
    * Added support for Origin HTTP header to prevent CSRF.
    * EnforceFirstHostname option added.
    * ScriptAlias option added.
    * PolarSSL updated to version 1.3.6.
    * Dropped support for PolarSSL 1.2.
* Mon Mar 24 2014 fisiu@opensuse.org
  - Update to 9.4:
    * Keep-Alive connections for reverse proxy made optional.
    * ErrorXSLTfile option added.
    * IgnoreDotHiawatha option added.
    * RandomHeader option added.
    * Dropped support for RC4.
    * PolarSSL updated to version 1.3.4.
    * Added support for Hyper Text Coffee Pot Control Protocol (RFC2324).
    * Added SSL_CIPHER to CGI environment.
    * Added Public/Private to UrlToolkit expire option.
    * Small improvements.
* Mon Feb 17 2014 fisiu@opensuse.org
  - Add firewall rules for http and https.
* Thu Dec 12 2013 fisiu@opensuse.org
  - Update to 9.3.1:
    * Several bugfixes in reverse proxy.
* Thu Nov 21 2013 fisiu@opensuse.org
  - Update to 9.3:
    * PolarSSL updated to version 1.3.2.
    * Added support for Elliptic Curve Cryptography.
    * TunnelSSH option added.
    * AnonymizeIP option added.
    * Keep-alive connections for reverse proxy.
    * Small improvements.
* Tue Aug 13 2013 fisiu@opensuse.org
  - Don't use cutom pid file in systemd service.
  - Fix logrotate config.
  - Spec cleanup.
* Thu Aug 01 2013 fisiu@opensuse.org
  - Update source URL.
* Mon Jun 24 2013 fisiu@opensuse.org
  - Drop hiawatha.permissions file and related option. Use 0755 and
    %verify(not mode) for %{_sbindir}cgi-wrapper.
* Sun Jun 23 2013 fisiu@opensuse.org
  - Update to 9.2:
    * Added support for compiling Hiawatha against the system's
      default version (>=1.2.0) of the PolarSSL library.
    * PolarSSL updated to version 1.2.8.
    * Small bugfixes (memory leaks in error situations).
    * Bugfix: virtual hostname selection for IPv6 with non-standard
      port.
* Sun Jun 02 2013 fisiu@opensuse.org
  - Update to 9.1:
    * FileHashes option added.
    * PolarSSL updated to version 1.2.7. Enabled ciphersuite
      selection based on protocol version.
    * Enabled accf_http support for FreeBSD. Thanks to Martin
      Tournoij.
    * ImageReferer option removed.
    * Bugfix: incorrect BanOnFlooding behavior.
    * Small improvements.
* Thu Apr 04 2013 fisiu@opensuse.org
  - Update to 9.0:
    * Clients handled via thread pool instead of creating threads on
      the fly.
    * ThreadPoolSize option added.
    * Header option added to URL Toolkit.
    * Improved client SSL certificate handling. Environment variables
      renamed.
    * PolarSSL updated to version 1.2.6.
    * Improved Reverse Proxy caching support for requests with URL
      parameters.
    * CacheMinFilesize option removed.
    * DenyBot option removed. Use UrlToolkit's Header option instead.
    * OldBrowser option removed from URL Toolkit. Use Header option
      instead.
    * Improved UrlToolkit rule testing in wigwam.
    * Small bugfixes and improvements.
* Wed Mar 20 2013 fisiu@opensuse.org
  - Run server as wwwrun user.
* Fri Mar 08 2013 fisiu@opensuse.org
  - update to 8.8.1 (changes since 7.7):
    * Bugfix: Incorrect size of buffer for poll() can lead to a crash when using
      Tomahawk.
    * Caching for Reverse Proxy. CacheRProxyExtensions option added.
    * Basic HTTP authentication now supports the glibc2 version of crypt().
    * Hostname in ImageReferer can now contain a wildcard.
    * DenyBody matching is now case insensitive.
    * PolarSSL updated to version 1.2.5.
    * Support for HTTP Strict Transport Security (RFC 6797). Integrated in
      RequireSSL option.
    * DHsize option added.
    * PolarSSL updated to version 1.2.3.
    * CloudFlare headers placed in environment variables.
    * Removed php-fcgi.
    * Bugfix: slow page loading via Reverse Proxy.
    * PolarSSL updated to version 1.2. Added support for TLS 1.2 and secure
      renegotiation.
    * Added support for Server Name Indication.
    * MinSSLversion option added.
    * ServerRoot option removed.
    * Improved MacOS X package building script.
    * Marked php-fcgi as deprecated. Use php-fpm instead.
    * Improved Reverse Proxy.
    * Changed error message style.
    * Renamed Command Channel to Tomahawk.
    * Return 403 instead of 401 upon correct password for HTTP authentication but
      user not in right group.
    * Bugfix: replaced select() with poll() to prevent crashes in case of large
      amount of simultaneous connections. Thanks to Peter Bex.
    * MaxServerLoad option added.
    * PolarSSL updated to version 1.1.4.
    * Bugfix: invalid reverse proxy request when URL parameters are present.
    * Bugfix: memory leak in SSL library.
    * Improved security for reverse proxy (works with PreventSQLi, etc).
    * ReverseProxy option added.
    * PolarSSL updated to version 1.1.3.
    * WebDAVapp option added. Enables support for WebDAV applications like
      ownCloud (http://owncloud.org/).
    * Removed support for the OPTIONS method.
    * AllowDotFiles option added.
    * Global forks setting in php-fcgi.conf moved to Server setting.
    * BanOnInvalidURL option added.
    * PolarSSL updated to version 1.1.1.
    * Bugfix: paths missing in default values and examples in manual pages.
    * Replaced Autoconf with CMake. Many thanks to Sander Niemeijer.
    * Replaced OpenSSL with PolarSSL. Many thanks to Paul Bakker.
    * AllowedCiphers and DHparameters options removed.
    * Added IE7 to UrlToolkit's OldBrowser list, removed IE5.
    * MaxUrlLength option added, can return 414 Request-URI Too Long.
    * Changed default value of TriggerOnCGIstatus to 'no'.
    * Equalized format of logfiles.
    * Extra checks added to php-fcgi.
    * Improved SQL injection detection.
    * Bugfix: memory leak in PreventSQLi routine.
    * Bugfix: potential server freeze with 100% CPU in CGI output caching.
    * Bugfix: null byte in HTTP header of cached CGI content.
    * Control CGI output cache via X-Hiawatha-Cache and X-Hiawatha-Cache-Remove
      CGI headers. See the CGI OUTPUT CACHE section in the manual page.
    * BanOnWrongPassword now also triggers on wrong username.
    * Bugfix: timeout issue with large POST requests on SSL connections.
* Sun Oct 09 2011 detlef@links2linux.de
  - new upstream version <7.7>
    * First parameter of Alias can now contain subdirectories.
    * Improved stability for connections with SSL client authentication.
    * Bugfix: BanOnFlooding was broken.
* Mon Sep 05 2011 detlef@links2linux.de
  - new upstream version <7.6>
    * PreventSQLi option rewritten.
* Wed Jun 01 2011 detlef@links2linux.de
  - new upstream version <7.5>
    * OldBrowser option added to URL toolkit.
    * Improved mimetype configuration.
    * Do-not-track HTTP header support.
    * Password file entries can now be created with Wigwam.
    * Small bugfixes and improvements.
    * Bugfix: sent one byte too few for Range -XX.
    * Bugfix: possible crash when using PreventSQLi.
* Tue Apr 12 2011 detlef@links2linux.de
  - new upstream version <7.4.1>
    * Bugfix: integer overflow in fetch_request() which could
      lead to a server crash.
* Mon Nov 15 2010 detlef@links2linux.de
  - new upstream version <7.4>
    * Connections per IP added to RequestLimitMask.
    * NoExtensionAs made a per-host setting.
    * Small bugfixes and improvements.
    * Bugfix: usage of HideProxy caused Hiawatha to refuse new connections
      after ConnectionsTotal connections.
    * Bugfix: memory leak in XSLT module.
* Fri Jun 11 2010 detlef@links2linux.de
  - new upstream version <7.3>
    * RequestLimitMask option added.
    * URL parameters for ErrorHandler.
    * Support for Haiku OS.
    * Small security bugfixes.
* Thu Apr 22 2010 detlef@links2linux.de
  - new upstream version <7.2>
    * URL toolkit code restructured.
    * UseSSL option added to URL toolkit.
    * Digest HTTP authentication works with htdigest(1) created password files.
    * Small improvements.
* Mon Mar 29 2010 detlef@links2linux.de
  - new upstream version <7.1>
    * Small bugfixes.
    * Bugfix: deny access and redirect result via toolkit subroutine.
    * Bugfix: broken flooding protection.
* Mon Feb 15 2010 detlef@links2linux.de
  - new upstream version <7.0>
  - added logrotate/init file.
* Mon Mar 09 2009 mrueckert@suse.de
  - update to 6.11
* Thu May 29 2008 mrueckert@suse.de
  - update to 6.7
  - added permissions file.
* Tue Nov 13 2007 mrueckert@suse.de
  - update to version 6.1
    * Format of ConnectTo changed. Old format will be valid for a few
      more releases.
    * Changed some CGI environment variables after URL rewriting.
    * Some URL rewrite checks included in Wigwam.
    * TriggerOnCGIstatus option added.
    * RequireResolveIP option removed.
    * Bugfix: POST data larger then 64kB via FastCGI.
* Sat Oct 27 2007 mrueckert@suse.de
  - update to version 6.0
* Fri Sep 28 2007 mrueckert@suse.de
  - update to version 5.13
* Mon Sep 03 2007 mrueckert@suse.de
  - update to version 5.12
* Wed Aug 08 2007 mrueckert@suse.de
  - update to version 5.11
* Fri Jul 27 2007 mrueckert@suse.de
  - update to version 5.10
* Sat May 12 2007 mrueckert@suse.de
  - update to version 5.8

Files

/usr/lib/hiawatha
/usr/lib/hiawatha/letsencrypt
/usr/lib/hiawatha/letsencrypt/acmev2.php
/usr/lib/hiawatha/letsencrypt/config.php
/usr/lib/hiawatha/letsencrypt/hiawatha_config.php
/usr/lib/hiawatha/letsencrypt/http.php
/usr/lib/hiawatha/letsencrypt/https.php
/usr/lib/hiawatha/letsencrypt/letsencrypt.conf
/usr/lib/hiawatha/letsencrypt/letsencrypt.php
/usr/lib/hiawatha/letsencrypt/logfile.php
/usr/lib/hiawatha/letsencrypt/openssl.conf
/usr/lib/hiawatha/letsencrypt/rsa.php
/usr/sbin/lefh
/usr/share/man/man1/lefh.1.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Nov 30 00:04:46 2021