<revisionlist>
<revision rev="1" vrev="1">
<srcmd5>ec768b2ed4eb077e8bf508beec9adc19</srcmd5>
<version>1.2.6</version>
<time>1492011302</time>
<user>maxlin_factory</user>
<comment>bringing source from SUSE:SLE-12-SP2:Update/cryptctl into Factory</comment>
<requestid>486298</requestid>
</revision>
<revision rev="2" vrev="1">
<srcmd5>5f42a8467cc57755487bfcd3b047f2db</srcmd5>
<version>2.0</version>
<time>1496327580</time>
<user>dimstar_suse</user>
<comment></comment>
<requestid>498708</requestid>
</revision>
<revision rev="3" vrev="1">
<srcmd5>4dc2d5b066c7e9660c2c8ee6979fac7c</srcmd5>
<version>2.1</version>
<time>1496534416</time>
<user>dimstar_suse</user>
<comment>1</comment>
<requestid>500581</requestid>
</revision>
<revision rev="4" vrev="1">
<srcmd5>e6262ca35fe5409a3afbb8466aa736f2</srcmd5>
<version>2.2</version>
<time>1496927007</time>
<user>dimstar_suse</user>
<comment>catch up with sle's development</comment>
<requestid>501709</requestid>
</revision>
<revision rev="5" vrev="2">
<srcmd5>c1381297dc0e444000f6a55e198b7f24</srcmd5>
<version>2.2</version>
<time>1497944357</time>
<user>dimstar_suse</user>
<comment>Fix a typo in changelog.
old: openSUSE:Factory/cryptctl
new: security/cryptctl rev None
Index: cryptctl.changes
===================================================================
--- cryptctl.changes (revision 4)
+++ cryptctl.changes (revision 11)
@@ -2,7 +2,7 @@
Wed Jun 7 12:11:50 UTC 2017 - hguo@suse.com
- Upgrade to upstream release 2.2 that brings important enhancements
- in effor tof implementing fate#322979:
+ in effort of implementing fate#322979:
* System administrator may now optionally turn off TLS certificate
verification on KMIP server. Note that, certificate verification
is enforced by default.</comment>
<requestid>502643</requestid>
</revision>
<revision rev="6" vrev="1">
<srcmd5>7963161444cc7582d86dae724aceb460</srcmd5>
<version>2.3</version>
<time>1503999947</time>
<user>dimstar_suse</user>
<comment>- Upgrade to upstream release 2.3 that brings a new feature to allow
system administrators to issue mount/umount commands to client
computers via key server. (fate#322292)</comment>
<requestid>519142</requestid>
</revision>
<revision rev="7" vrev="2">
<srcmd5>e6e993f62dddb95c4b6a41733b01936e</srcmd5>
<version>2.3</version>
<time>1508946445</time>
<user>dimstar_suse</user>
<comment>- Add previously missing systemd service cryptctl-client.service
into RPM content, continue with bsc#1056082.
computers via key server. (bsc#1056082)</comment>
<requestid>536376</requestid>
</revision>
<revision rev="8" vrev="3">
<srcmd5>99c1e808f89488a43197d7fc8d0eb3cb</srcmd5>
<version>2.3</version>
<time>1511595772</time>
<user>dimstar_suse</user>
<comment></comment>
<requestid>545076</requestid>
</revision>
<revision rev="9" vrev="4">
<srcmd5>d37450107b70f58ba0bfec699dd4d3ec</srcmd5>
<version>2.3</version>
<time>1580842643</time>
<user>dimstar_suse</user>
<comment></comment>
<requestid>769963</requestid>
</revision>
<revision rev="10" vrev="5">
<srcmd5>41ee43c9b096b6f92fbbd385bca4c003</srcmd5>
<version>2.3</version>
<time>1597955733</time>
<user>dimstar_suse</user>
<comment></comment>
<requestid>828243</requestid>
</revision>
<revision rev="11" vrev="6">
<srcmd5>b537a9e9f7e278a204b611d37ddcee51</srcmd5>
<version>2.3</version>
<time>1626986612</time>
<user>dimstar_suse</user>
<comment>- Fixed build errors adding a "go mod init"
- Binaries are now compiled with PIE support
- Also client service is symlinked so to avoid warnings
- Use %{_udevrulesdir} instead of abusing %{_libexecdir}.
- BuildRequire pkgconfig(systemd|udev) instead of systemd and udev:
Allow OBS to shortcut through -mini flavors.
- Name the rpmlintrc file according the policy: cryptctl-rpmlintrc.
- Replace references to /var/adm/fillup-templates with new
%_fillupdir macro (boo#1069468)
- Add previously missing systemd service cryptctl-client.service
into RPM content, continue with bsc#1056082.
- Upgrade to upstream release 2.3 that brings a new feature to allow
system administrators to issue mount/umount commands to client
computers via key server. (bsc#1056082)
- Upgrade to upstream release 2.2 that brings important enhancements
in effort of implementing fate#322979:
* System administrator may now optionally turn off TLS certificate
verification on KMIP server. Note that, certificate verification
is enforced by default.
* Improve handling of boolean answers from interactive command line.
* Improve error handling in KMIP client.
- Upgrade to upstream release 2.1 that brings important enhancements
in effort of implementing fate#322979:
* Improve KMIP compatibility with key prefix names and proper
serialisation of authentication header.
* Fail over KMIP connection using a server list.
* Destroy key on KMIP after its tracking record is erased from DB.
- Upgrade to upstream release 2.0 that brings a protocol evolution
together with several new features:
* Optionally utilise an external KMIP-v1.3 compatible service to
store actual encryption key.
* Optionally verify client identity before serving its key requests.
* Password is hashed before transmitting over TLS-secured channel.
* Fix an issue that previously allowed a malicious administrator
to craft RPC request to overwrite files outside of key database.
Implemented accordint to fate#322979 and fate#322293.
- Upgrade to 1.99pre that introduces a library for decoding, encoding,
and serialisation operations of KMIP v1.3 for fate#322979.
- Upgrade to 1.2.6 for accumulated bug fixes (bsc#1006219):
* Prevent user from attempting to encrypt a disk with mounted
partitions, or an existing encrypted+opened disk.
* Ensure CA path input is an absolute path.
* Fix two mistakes in handling of timeout input.
* Fix minor formatting issue in manual page.
* Suppress consecutive failure messages in the journal of
ReportAlive and AutoOnlineUnlockFS routines.
- Implement mandatory enhancements:
* Do not allow encrypting a remote file system.
* Implement command for erasing an encrypted file system.
- Bump version to 1.2.5 for fate#320367.
- Implement mandatory enhancements:
* Make workflow across all sub-commands consistent in invocation
style.
* Implement auto-unlocking of encrypted disks.
* Show key record usage and details on demand.
- Bump version to 1.2.4 for fate#320367.
- Implement mandatory enhancements:
* Remove necessity for a backup directory to be involved for
encryption routine.
* Optimise certificate generation prompts.
* Remove unused error messages and fix several of their typos.
* Remove unnecessary safety checks.
* Make the encryption routine work with btrfs and LVM.
- Bump version to 1.2.3 fate#320367.
- Upon request, generate a self-signed TLS certificate for
experimental purposes.
- Bump version to 1.2.2 fate#320367.
- Implement mandatory features:
* Encrypt empty directory skips backup steps.
* Explain key revocation and TLS mechanisms in manual page.
- Bump version to 1.2.1 fate#320367.
- Implement mandatory features:
* List and edit key records
* Unlock file system via key record file
* Use custom options to mount unlocked file system
Enhance usability:
* Make encryption procedure's pre-check more thorough
* Improve overall command prompts
- Bump version to 1.2 fate#320367.
- A preview version with most of the desired functions implemented:
* Key database
* Key RPC server
* Client encryption and decryption routines
Bump version to 1.1
fate#320367.
- First version, only to help with building ISOs.
Implement fate#320367. (forwarded request 907570 from pperego)</comment>
<requestid>907695</requestid>
</revision>
<revision rev="12" vrev="1">
<srcmd5>9da6571981774e33c20cff5c5b1f40be</srcmd5>
<version>2.4</version>
<time>1652717324</time>
<user>dimstar_suse</user>
<comment></comment>
<requestid>977474</requestid>
</revision>
</revisionlist>