git.lirion.de

Of git, get, and gud

summaryrefslogtreecommitdiffstats
path: root/nagios-plugins-contrib-24.20190301~bpo9+1/check_ssl_cert/check_ssl_cert-1.83.0/ChangeLog
diff options
context:
space:
mode:
authormail_redacted_for_web 2019-04-17 19:07:19 +0200
committermail_redacted_for_web 2019-04-17 19:07:19 +0200
commit1e2387474a449452b78520b9ad96a8b4b5e99722 (patch)
tree836889471eec7d2aac177405068e2a8f1e2b1978 /nagios-plugins-contrib-24.20190301~bpo9+1/check_ssl_cert/check_ssl_cert-1.83.0/ChangeLog
downloadnagios-plugins-contrib-1e2387474a449452b78520b9ad96a8b4b5e99722.tar.bz2
initial commit of source fetch
Diffstat (limited to 'nagios-plugins-contrib-24.20190301~bpo9+1/check_ssl_cert/check_ssl_cert-1.83.0/ChangeLog')
-rw-r--r--nagios-plugins-contrib-24.20190301~bpo9+1/check_ssl_cert/check_ssl_cert-1.83.0/ChangeLog593
1 files changed, 593 insertions, 0 deletions
diff --git a/nagios-plugins-contrib-24.20190301~bpo9+1/check_ssl_cert/check_ssl_cert-1.83.0/ChangeLog b/nagios-plugins-contrib-24.20190301~bpo9+1/check_ssl_cert/check_ssl_cert-1.83.0/ChangeLog
new file mode 100644
index 0000000..11cab7b
--- /dev/null
+++ b/nagios-plugins-contrib-24.20190301~bpo9+1/check_ssl_cert/check_ssl_cert-1.83.0/ChangeLog
@@ -0,0 +1,593 @@
+2019-02-27 Matteo Corti <matteo@corti.li>
+
+ * test/unit_tests.sh (testMultipleAltNamesFailTwo): removed outdated tests
+
+2019-02-27 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: better error message in case of wrong intermediate certificate
+
+2019-02-19 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Better error message in case of OCSP failure
+
+2019-02-08 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Check the readability of the certificate file
+
+2019-02-01 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: applied patch for the SSLlabs warning
+
+2019-01-16 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: replaced echo -e with printf
+
+2018-12-24 Matteo Corti <corti@macmini.home>
+
+ * check_ssl_cert: Better output in case of errors while using SNI
+
+2018-12-19 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Better help about IMAP IMAPS POP3 and POP3S
+ * check_ssl_cert: Support for SNI and SSL Labs
+
+2018-12-11 Matteo Corti <corti@macmini.home>
+
+ * check_ssl_cert: Differentiate IMAP with STARTTLS on port 143 and IMAPS on 993
+ * check_ssl_cert: Fixed a vulnerability in the parsing of the certificate issuer
+
+2018-11-07 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Fixed a problem with IMAP on port 993
+ * check_ssl_cert: fixed a problem with newlines in the HTTP request
+
+2018-11-05 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: CA file and directory support
+
+2018-10-19 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Fixed the HTTP request string
+
+2018-10-18 eimamagi <https://github.com/eimamagi>
+
+ * check_ssl_cert: Allow to specify a client certificate key
+
+2018-10-15 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert (exec_with_timeout): fixed the check on the the return value
+
+2018-08-10 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: disabling OCSP checks if no OCSP host is found
+
+2018-07-20 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Applied a patch from Markus Frosch to fix the cleanup of temporary files
+
+2018-07-01 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: do not trap on EXIT
+ * check_ssl_cert: remove temporary file when no signals are trapped
+
+2018-06-28 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: fixed a bug in the deletion of temporary files when a signal is caught
+
+2018-06-25 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: added a check to require OCSP stapling
+
+2018-04-29 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Remooved the SNI name check patch (see #78)
+
+2018-04-19 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Merged the SNI name check patch
+
+2018-04-17 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Merged the --terse patch, added performance data to the terse output and reordered the help
+
+2018-04-12 Matteo Corti <matteo@corti.li>
+
+ * Makefile: Checks if the copyright year is correct. make test is now dependent on make dist
+
+2018-04-06 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Added UTF8 output
+
+2018-04-05 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Added debugging output for cURL
+
+2018-03-29 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Fixed a bug introduced in the last verstion
+
+2018-03-28 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Removed cURL dependency when not checking SSL Labs
+
+2018-03-17 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Added support for TLS 1.3
+
+2018-03-06 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Fixed OCSP check with LibreSSL
+ * check_ssl_cert: Lists the number or default root certificates in debug mode
+
+2018-01-19 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Fixed a bug processing more than one OCSP host
+
+2017-12-15 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Fixed a bug in the specification of the xmpphost parameter
+
+2017-12-14 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Added an option to specify the 'to' attribute of the XMPP stream element
+
+2017-11-29 Wim van Ravesteijn https://github.com/wimvr
+
+ * check_ssl_cert: Support for DER encoded CRL files
+
+2017-11-28 Georg https://github.com/gbotti
+
+ * check_ssl_cert: added --fingerprint to check the SHA1 fingerprint of the certificate
+
+2017-11-17 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert (fetch_certificate): adding support for -xmpphost if available
+
+2017-11-16 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert (fetch_certificate): fixing XMPP support
+
+2017-11-16 <corti@corti.li>
+
+ * check_ssl_cert (fetch_certificate): adding support for IPv6 addresses
+
+2017-09-18 Bernd Stroessenreuther <booboo@gluga.de>
+
+ * check_ssl_cert: with -f option you now can also pass a certificate revocation list (CRL) to check its validity period
+
+2017-09-10 Matteo Corti <corti@mac-mini-1.home>
+
+ * check_ssl_cert: OCSP check is now terminated by a timeout
+
+2017-09-09 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: The SAN requirement is now optional
+
+2017-07-28 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Use openssl s_client's -help option to test for SNI support (thanks to d7415)
+
+2017-07-24 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Fix in the Common Name parsing
+
+2017-06-23 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Checks for missing subjectAlternativeName extension
+
+2017-06-15 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Do not try to check OCSP if the protocol is not HTTP or HTTPS
+
+2017-05-15 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Fixed a problem with the detection of OCSP URLs
+
+2017-05-02 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Added --location to curl to follow redirects
+ * check_ssl_cert: Fixed the indentation of EOF in the embedded Perl script
+ * check_ssl_cert: Added --force-date-perl to force the usage of Perl for date computations and a test to be sure no errors in Perl are left undetected
+
+2017-04-28 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Fixed a bug occurring when more than one issuNer URI is present
+
+2017-03-07 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Added LDAP support
+
+2017-03-01 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: By errors it makes more sense to show the supplied host instead of the CN
+
+2017-02-16 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Support for newer OpenSSL versions (1.1)
+
+2017-02-10 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Added the --sni option
+
+2017-02-08 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Patch from Pavel Rochnyak: Changed the CN output when --altnames is used
+
+2017-02-02 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Fixed the command line argument parsing
+ * check_ssl_cert: Fixed -servername
+
+2017-01-29 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Added patches from Pavel Rochnyak for the issuer certificate cache patch
+ and the wildcard support in alternative names
+
+2016-12-23 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Added patch to specify multiple CNs (see https://github.com/matteocorti/check_ssl_cert/pull/35)
+
+2016-12-13 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: fixed a minor problem with --debug
+
+2016-12-06 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: fixed a problem when specifying a CN beginnging with *
+
+2016-12-04 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: fixed problem when file is returing PEM certificate on newer Linux distributions
+
+2016-09-19 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: enabling proxy support in the OCSP check (thanks to Leynos)
+
+2016-08-04 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: disabling OCSP checks when no issuer URI is found
+
+2016-07-29 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: fixed case insensitive comparison of CNs
+
+2016-07-29 https://github.com/bb-Ricardo
+
+ * check_ssl_cert: calculate expiration primary with date
+
+2016-07-12 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: fixed the parsing of the CN field
+
+2016-06-25 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: fixed OSCP header on old OpenSSL versions
+
+2016-06-24 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: OCSP is now default
+
+ * check_ssl_certe: Fixed OCSP host
+
+2016-06-15 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Better curl error handling
+
+2016-06-10 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Added an option to clear the cached result at SSLLabs
+
+2016-06-01 juckerf (https://github.com/juckerf)
+
+ * check_ssl_cert: Increase control over which SSL/TLS versions to use
+
+2016-05-17 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: added more debugging info (-v is automatic if -d is spefied, system info and cert written to a file)
+
+2016-04-27 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Fixes a bug in the OpenSSL error parsing
+
+2016-04-05 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: In case of an s_client error does not output the full (ugly) error. The error is shown in verbose mode
+
+2016-03-29 Sergei Shmanko
+
+ * check_ssl_cert: Fix wildcard match regex, add additional unit tests
+
+2016-03-21 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert (exec_with_timeout): issues a critical status
+ when using the 'timout' utility
+
+2016-03-19 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: fixed CN parsing on non-GNU systems
+
+2016-03-19 Sergei https://github.com/sshmanko
+
+ * check_ssl_cert: handle wildcard certificates
+
+2016-03-10 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert (check_attr): Better handling of verification errors
+
+2016-03-09 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert (convert_ssl_lab_grade): accepts lowercase letters for SSL Labs grades
+ * check_ssl_cert (check_attr): waits for SSL Labs results
+
+2016-03-08 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Tries to extract an error message from SSL Labs
+ if no status is returned
+
+2016-03-07 Sam Richards
+ * check_ssl_cert: Support SNI even when we don't want to check cn
+
+2016-03-07 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: DNS errors by SSL Labs are ignored (as they are just
+ a sign that the result is not cached)
+
+2016-03-03 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Initial support for SSL Labs checks
+
+2016-03-01 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: Fixed a bug which prevented the check on the expiration
+
+2015-10-31 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: added a patch to check the certificate's serial number
+ (thanks to Milan Koudelka)
+
+2015-10-20 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: fixex a problem with OCSP paths w/o URLs
+
+2015-04-07 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: corrected some typos (thanks to Jérémy Lecour)
+ * check_ssl_cert: removed check on the openssl binary name
+
+2014-10-21 Matteo Corti <matteo@corti.li>
+
+ * check_ssl_cert: added a patch to check revocation via OCSP (thanks
+ to Ryan Nowakowski)
+
+2014-02-28 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * Makefile: added a target to build an rpm
+
+2013-12-23 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: added the --tls1 option to force TLS 1
+
+2013-10-09 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: whole script reviewed with shellcheck
+
+2013-10-01 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: fixes with shellcheck (quoting)
+
+2013-07-29 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: Added an option to force a given SSL version
+
+2013-03-02 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: Fixed a bug occuring with TLS and multiple names in
+ the certificate
+
+2012-12-07 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: removed "test -a/-o" (test has an undefined
+ behavior with more than 4 elements)
+
+ * check_ssl_cert: fixed #122 (-N was always comparing the CN with 'localhost')
+
+2012-11-16 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * simplified the sourcing of the script file for testing
+
+2012-10-11 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * added some unit tests with shUnit2
+
+2012-09-19 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: improved the "No certificate returned" error message
+
+2012-07-13 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: added the number of days from or to expiration in the
+ plugin output
+
+2012-07-11 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: fixed a bug with Perl date computation on some systems
+
+2012-07-06 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: performance data in days
+ * check_ssl_cert: long output (certificate attributes)
+
+2012-04-05 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: handle broken OpenSSL clients (-servername not working)
+
+2012-04-04 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: removed an hard coded reference to the error number by the
+ SSL chain verification
+
+2011-10-22 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: added a --altnames option to match the CN to alternative
+ names
+
+2011-09-01 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: applied a patch from Sven Nierlein
+ (certificate authentication)
+
+2011-03-10 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: allows http to specified as protocol
+ (thanks to Raphael Thoma)
+ * check_ssl_cert: fixes the -N check for certs with wildcards
+ (thanks to Raphael Thoma)
+
+2011-01-24 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: added an option to specify the openssl executable
+
+2010-12-16 Dan Wallis
+
+ * check_ssl_cert: Sets $VERBOSE to avoid using value supplied by Nagios
+ * check_ssl_cert: Quotes regular expression for grep to avoid shell globbing
+
+2010-12-09 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert.spec: standardized the RPM package name
+
+ * check_ssl_cert: added support for the TLS servername extension
+ (thanks to Matthias Fuhrmeister)
+
+2010-11-02 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * INSTALL: specifies that expect is needed for timeouts
+
+2010-10-29 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * README: specifies that expect is needed for timeouts
+
+2010-10-28 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: trap on more signals (thanks to Lawren Quigley-Jones)
+
+2010-10-14 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: added a patch from Yannick Gravel putting the
+ chain verification at the end of the tests
+
+2010-10-01 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: added a patch from Lawren Quigley-Jones which
+ implements a new command line argument (-A) to disable the
+ certificate chain check
+
+2010-09-15 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: fixed option processing (bug #78)
+
+2010-08-26 Dan Wallis
+
+ * check_ssl_cert: overloads --rootcert for use with directories as
+ well as files (-CApath versus -CAfile)
+
+2010-07-21 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: added a patch from Marc Fournier to check the creation of the temporary files
+ * check_ssl_cert: added the --temp option to specify where to store the temporary files
+
+2010-07-10 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: improved the error messages
+ * check_ssl_cert: checks for certificates without email addresses (if -e is specified)
+
+2010-07-09 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: added a "long" version for all the command line options
+ * check_ssl_cert: added a critical and warning option for the certificate validity (in days)
+ * check_ssl_cert: the plugin always issues a critical warning if the certificate is expired
+ * check_ssl_cert: added a man page
+
+2010-07-07 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: [Wolfgang Schricker patch] Add -f to check local files
+
+2010-07-01 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: [Yannick Gravel patch] Restore displaying the CN in every messages:
+ a previous patch changed something and only
+ critical were adjusted.
+ * check_ssl_cert: [Yannick Gravel patch] Adjust what is displayed after the from in
+ the OK message to display the matched ISSUER
+ (CN or O).
+
+2010-06-08 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: added the -s option to allow self signed certificates
+
+2010-03-11 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: fixed the == bashism
+
+2010-03-08 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: applied patch from Marcus Rejås with the -n and -N options
+
+2009-12-02 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: check if the issuer matches the O= or the CN= field of the Root Cert
+
+2009-11-30 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: cleaned up error messages if the CN is not yet known
+ * check_ssl_cert: added certificate chain verification
+ * check_ssl_cert: allow backslashes escaped in the error messages (e.g., for \n used by Nagios 3)
+ * check_ssl_cert: -r can be used to specify a root certificate to be used for the verification
+
+2009-03-31 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: standard timeout of 15 seconds (can be set with the -t option)
+
+2009-03-30 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: -P option to specify the protocol
+
+2008-05-13 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: applied a patch from Dan Wallis to output the CN
+ in all the messages
+
+2008-02-28 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: shortened the error message in case of no connection
+ (only the first line is reported)
+
+2008-02-25 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: [Dan Wallis patch] removed nmap dependency
+ * check_ssl_cert: [Dan Wallis patch] mktemp for the temporaries
+ * check_ssl_cert: [Dan Wallis patch] using trap to cleanup temporaries
+ * check_ssl_cert: [Dan Wallis patch] POSIX compliance and cleanup
+ * check_ssl_cert: [Dan Wallis patch] POSIX compliance and cleanup
+ * check_ssl_cert: [Dan Wallis patch] better handling of missing
+ certificate and non resolvable host
+ * check_ssl_cert: [Dan Wallis patch] stricter check for "notAfter" in the
+ certificate analysis
+
+2007-09-04 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: better error messages (both the actual and the
+ expected values are displayed)
+
+2007-08-31 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: new options to enforce email and
+ organization. Temporary files are now removed before termination
+
+2007-08-15 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: openssl s_client closes the connection cleanly
+
+2007-08-10 Matteo Corti <matteo.corti@id.ethz.ch>
+
+ * check_ssl_cert: initial release