This repository has been archived by the owner on Jan 23, 2024. It is now read-only.
Releases: zmartzone/mod_token_binding
Releases · zmartzone/mod_token_binding
release 1.1.0
Features
- add support for OAuth 2.0 Client Certificate Bound Access Tokens, see: https://www.ietf.org/id/draft-ietf-oauth-mtls-12.txt setting an environment variable
TB_SSL_CLIENT_CERT_FINGERPRINTwith the base64url encoded value of the SHA256 hash of the DER representation of the certificate
Notes
- Depends on OpenSSL >= 1.1.1 and Apache >= 2.4.26, see: https://github.com/zmartzone/mod_token_binding#requirements
release 1.0.0
Features
- update to Token Binding Protocol version 1.0
- add CentOS 7 RPM
Notes
- Depends on OpenSSL >= 1.1.1 and Apache >= 2.4.26, see: https://github.com/zmartzone/mod_token_binding#requirements
release 0.5.0
Features
- use (unpatched) OpenSSL 1.1.1 with modifications to
token_bind
Bugfixes
- also set
Sec-Token-Binding-Context(if configured) when a verified Token Binding ID is found in the cache
Notes
- Depends on OpenSSL >= 1.1.1 and Apache >= 2.4.26, see: https://github.com/zmartzone/mod_token_binding#requirements
release 0.4.2
Packaging
- add Ubuntu Xenial package
- add Ubuntu Bionic package
Notes
- Depends on OpenSSL 1.1.x and Apache >= 2.4.26 with a resume patch, see: https://github.com/zmartzone/mod_token_binding#requirements
release 0.4.1
Features
- allow specifying custom OpenSSL 1.1.x path to configure with
--with-openssl=<dir>
Packaging
- add CentOS 7 RPM
Notes
- Depends on OpenSSL 1.1.x and Apache >= 2.4.26
release 0.4.0
version 0.4.0: use standard mod_ssl primitives for registering hooks so that mod_token_binding works with any stock Apache 2.x version now >= 2.4.26 Signed-off-by: Hans Zandbelt <[email protected]>
release 0.3.5
support for TokenBindingPassVar; closes #1 - make the information/variables that are passed configurable through: TokenBindingPassVar [provided|referred|context]+ - bump to version 0.3.5 Signed-off-by: Hans Zandbelt <[email protected]>
release 0.3.4
version 0.3.4: support draft-ietf-tokbind-ttrp-01 prefix header/envvar names with "Sec-" conform https://tools.ietf.org/html/draft-ietf-tokbind-ttrp-01 Signed-off-by: Hans Zandbelt <[email protected]>
release 0.3.3
version 0.3.3: always remove Sec-Token-Binding header conform draft-campbell-tokbind-ttrp-01#section-2.2 Signed-off-by: Hans Zandbelt <[email protected]>