bcollet/apc-p15-tool
1
0
Fork 0
mirror of https://github.com/gregtwallace/apc-p15-tool.git synced 2025-01-22 08:14:08 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
apc-p15-tool/CHANGELOG.md
Greg T. Wallace f102a1838b v1.1.0-b1
2024-07-09 19:05:29 -04:00

3.1 KiB
Raw Permalink Blame History

APC P15 Tool Changelog

[v1.1.0-b1] - 2024-07-09

BETA: First effort to add support for EC key support for NMC3.

This version also enables RSA 4,092 bit length. Code was updated so the NMC2 key+cert file is not generated when NMC2 is not supported. Log messages were also updated to signal user when a compatibility issue is present.

[v1.0.0] - 2024-07-01

First official stable release.

Fixes Go version in Github action.

[v0.5.3] - 2024-06-24

Add 3,072 bit RSA key support.

[v0.5.2] - 2024-06-19

Minor tweak to the previous version. Add timeout for shell commands that don't execute as expected.

[v0.5.1] - 2024-06-18

Both NMC2 and NMC3 should now be fully supported.

Added

  • Add proper NMC3 support.
  • The create function now also generates a .p15 formatted key file. The format of this file matches that of what is generated by the NMC Security Wizard.
  • Add additional b64 formatted output files when using the --debug flag with create. These files can easily be pasted into an ASN1 decoder for inspection (except for the header file, as the header is not ASN1 encoded).

Fixed

  • Fix install function for NMC3 on newer firmware version by leveraging the native ssl command to install the key and cert, if it is available. If not available, fallback to the 'old' way of installing the SSL cert.
  • Fix PowerShell build script in repo. Posted builds were not impacted by this as the script is not used by the GitHub Action.

Changed

  • Move APC SSH functions to a separate package and change how commands are sent. In particular, leverage the interactive shell to send commands and read back the result of those commands.
  • Set output file permissions to 0600 instead of 0777.
  • Minor logging updates.
  • Leverage strings.EqualFold as a more robust alternative to using strings.ToLower for string comparisons.
  • Update Go version to 1.22.4.
  • Update readme to clarify tool's purpose, current state, and compatibility.

Removed

N/A

[v0.4.2] - 2024-03-29

Fix usage message. Thanks @k725.

[v0.4.1] - 2024-03-06

Update to Go 1.22.1, which includes some security fixes.

[v0.4.0] - 2024-02-05

Add --restartwebui flag to issue a reboot command to the webui after a new certificate is installed. This was not needed with my NMC2, but I suspect some might need it to get the new certificate to actually load.

[v0.3.3] - 2024-02-04

Add --insecurecipher flag to enable aes128-cbc and 3des-cbc for older devices/firmwares. These ciphers are considered insecure and should be avoided. A better alternative is to update the device firmware if possible.

[v0.3.2] - 2024-02-04

Add support for 1,024 bit RSA keys. These are not recommended! RSA 1024 is generally considered to not be completely secure anymore.

Add diffie-hellman-group-exchange-sha256 key exchange algorithm which may be needed by some UPSes to connect via SSH to use the install command.

[v0.3.1] - 2024-02-03

Fixes debug logging always being on. App now accurately reflects the state of the --debug flag.

[v0.3.0] - 2024-02-03

Initial release.