Releases: greenhost/stapled
Releases · greenhost/stapled
Coil Nailer
- Tested against buster
- Tested against Python 3.7
- Still tested against Python 3.5.
- Still tested against stretch
- Dependencies updated to latest versions
- Improved exception handling of haproxy adder module
- Change haproxy socket connection keep-alive (formerly "timeout") to new
default: 3600 seconds. - Updated dependencies with vulnerabilities, not affecting stapled.
- Added the --one-off argument that allows running stapled in one-off mode
which is a mode that runs staple fetching for all certificates as usual,
including threading, but stops threads once they are finished with their
queues and then quits. - Reduced minimum time to live setting for keeping HAProxy sockets open to 10
seconds. - Reduced default time to live setting for keeping HAProxy sockets open to 10
seconds. This should still be more then enough for all expected conditions
stapled could run under. - Add --haproxy-socket-keepalive command line argument.
- Also Note: Python 2 and Jessie support were removed in a previous version.
Air Stapler
- This version removes support for debian Jessie due to the shutdown of
jessie-backports. - Removes Python 2 support, Python 3 should be sufficiently propagated.
Functionally not different from the previous version, which you can still use without issues but is now deprecated and will not receive any updates. If you are in dire need of a bugfix in the previous version, please drop us a word.
Electric Tacker
- FIX: Don't delete staple files for invalid certificates, instead zero the
file so HAProxy will still serve staples once the certificates are
valid again. - Improved documentation and applied stricter coding style standards.
Stapling Plier
- FIX: Multiple cert paths leads to cert path socket mismatch.
- FIX: Handle exceptions for non-existent haproxy config files properly.
Stapling Plier
- Improvement: Remove some spaces from log lines.
- FIX: Broken exception handling in python 2 version.
- FIX: Parsing file extensions incorrectly from config file.
- FIX: Opening, re-opening and sending of commands to sockets broken.
Stapling Plier
- Improved consistency in source code.
- Improved exception handling.
- Add an argument that tells stapled to parse a HAProxy config file for
sockets and certificate directories. - It is now possible to specify single certificate aside from entire
directories. - DEPRECATED: --directories was superseded by --cert-paths.
- Improve the stability of the socket communication.
- Add a time stamp to the log output.
- Reduce the noise for log level INFO.
- Fix an edge case where HAProxy is not aware of staples that are still valid
and where stapled decides fetching new ones is not necessary. - Fix recursive mode when used with HAProxy sockets, there is no practial
use case for this and it is still not supported but it won't cause an
exception anymore and manual testing can be done in recursive mode now. - Fix various typo's in documentation.
- Improve documentation of the config file.
- Add note about HAProxy's stapling perculiarities in README and
documentation.
Spring Loaded
- Fixed issues related to communication with HAProxy processes.
- Fixed issue with bad default configuration for certificate extensions to load.
Spring Loaded
Fixes a bunch of dependency issues.
Spring Loaded
First release under the Stapled name. The same as you are use to from the deprecated ocspd, but better.