- Update the update-crypto-policies(8) man pages and README.SUSE
to mention the supported back-end policies. [bsc#1209998]
* Add crypto-policies-supported.patch
- Update to version 20230420.3d08ae7:
* openssl, alg_lists: add brainpool support
* openssl: set Groups explicitly
* codespell: ignore aNULL
* rpm-sequoia: allow 1024 bit DSA and SHA-1 per FeSCO decision 2960
* sequoia: add separate rpm-sequoia backend
* crypto-policies.7: state upfront that FUTURE is not so interoperable
* Makefile: update for asciidoc 10
* Skip the LibreswanGenerator and SequoiaGenerator:
- Add crypto-policies-policygenerators.patch
* Remove crypto-policies-test_supported_modules_only.patch
* Rebase crypto-policies-no-build-manpages.patch
- Update to version 20221214.a4c31a3:
* bind: expand the list of disableable algorithms
* libssh: Add support for openssh fido keys
* .gitlab-ci.yml: install krb5-devel for krb5-config
* sequoia: check using sequoia-policy-config-check
* sequoia: introduce new back-end
* Makefile: support overriding asciidoc executable name
* openssh: make none and auto explicit and different
* openssh: autodetect and allow forcing RequiredRSASize presence/name
* openssh: remove _pre_8_5_ssh
* pylintrc: update
* Revert "disable SHA-1 further for a Fedora 38 Rawhide "jump scare"..."
* disable SHA-1 further for a Fedora 38 Rawhide "jump scare"...
OBS-URL: https://build.opensuse.org/request/show/1086482
OBS-URL: https://build.opensuse.org/package/show/security:tls/crypto-policies?expand=0&rev=15
- Update to version 20210213.5c710c0: [bsc#1180938]
* setup_directories(): perform safer creation of directories
* save_config(): avoid re-opening output file for each iteration
* save_config(): break after first match to avoid unnecessary stat() calls
* CryptoPolicy.parse(): actually stop parsing line on syntax error
* ProfileConfig.parse_string(): correctly extended subpolicies
* Exclude RC4 from LEGACY
* Introduce rc4_md5_in_krb5 to narrow AD_SUPPORT
* code style: fix 'not in' membership testing
* pylintrc: tighten up a bit
* formatting: avoid long lines
* formatting: use f-strings instead of format()
* formatting: reformat all python code with autopep8
* nss: postponing the version check again, to 3.61
* Revert "Unfortunately we have to keep ignoring the openssh check for sk-"
OBS-URL: https://build.opensuse.org/request/show/873431
OBS-URL: https://build.opensuse.org/package/show/security:tls/crypto-policies?expand=0&rev=11
Let's use a real _service file.
NOTE: the version is a small downgrade, but that's because I use %cd (aka commit date) as version identifier.
in the _service file I used the same commit date, so in fact this is the same source.
- Convert to use a proper git source _service:
+ To update, one just needs to update the commit/revision in the
_service file and run `osc service dr`.
+ The version of the package is defined by the commit date of the
revision, followed by the abbreviated git hash (The same
revision used before results thus in a downgrade to 20210118,
but as this is a alltime new package, this is acceptable.
OBS-URL: https://build.opensuse.org/request/show/868718
OBS-URL: https://build.opensuse.org/package/show/security:tls/crypto-policies?expand=0&rev=7
- Update to git version 20210118
* Output sigalgs required by nss >=3.59
* Bump Python requirement to 3.6
* Kerberos 5: Fix policy generator to account for macs
* Add AES-192 support (non-TLS scenarios)
* Add documentation of the --check option
- Fix the man pages generation
- Add crypto-policies-asciidoc.patch
- Test only supported modules
- Add crypto-policies-test_supported_modules_only.patch
- Add crypto-policies-typos.patch to fix some typos
OBS-URL: https://build.opensuse.org/request/show/865444
OBS-URL: https://build.opensuse.org/package/show/security:tls/crypto-policies?expand=0&rev=2