diff options
author | Matthew Harmsen <mharmsen@redhat.com> | 2014-09-02 16:40:56 -0700 |
---|---|---|
committer | Matthew Harmsen <mharmsen@redhat.com> | 2014-09-02 16:40:56 -0700 |
commit | 5f863998006bc5521b1ad91e106b10cd3e748ad2 (patch) | |
tree | 2ac7e64c577bafcfcc556aaa542013e1343a9457 | |
parent | c99069dac15a8c82e45e21747e94703c72c2a383 (diff) | |
download | pki-5f863998006bc5521b1ad91e106b10cd3e748ad2.tar.gz pki-5f863998006bc5521b1ad91e106b10cd3e748ad2.tar.xz pki-5f863998006bc5521b1ad91e106b10cd3e748ad2.zip |
Integrate 'tpsclient' back into primary TPS package
- PKI TRAC Ticket #1017 - Rename pki-tps-tomcat to pki-tps
-rw-r--r-- | CMakeLists.txt | 19 | ||||
-rw-r--r-- | base/CMakeLists.txt | 6 | ||||
-rw-r--r-- | base/tps-client/CMakeLists.txt | 1 | ||||
-rwxr-xr-x | scripts/compose_pki_core_packages | 2 | ||||
-rwxr-xr-x | scripts/compose_pki_tps_client_packages | 199 | ||||
-rw-r--r-- | specs/pki-core.spec | 54 | ||||
-rw-r--r-- | specs/pki-tps-client.spec | 133 |
7 files changed, 59 insertions, 355 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index 3eca8edfe..a0862c470 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -25,8 +25,6 @@ elseif (BUILD_REDHAT_PKI_THEME) set(APPLICATION_FLAVOR_REDHAT_PKI_THEME TRUE) elseif (BUILD_PKI_CORE) set(APPLICATION_FLAVOR_PKI_CORE TRUE) -elseif (BUILD_PKI_TPS) - set(APPLICATION_FLAVOR_PKI_TPS TRUE) elseif (BUILD_PKI_CONSOLE) set(APPLICATION_FLAVOR_PKI_CONSOLE TRUE) elseif (BUILD_PKI_MIGRATE) @@ -58,9 +56,8 @@ include(Java) file(MAKE_DIRECTORY ${CMAKE_BINARY_DIR}/classes) file(MAKE_DIRECTORY ${CMAKE_BINARY_DIR}/dist) -# required for all PKI components EXCEPT IPA_PKI_THEME and PKI_TPS -if (NOT APPLICATION_FLAVOR_IPA_PKI_THEME AND - NOT APPLICATION_FLAVOR_PKI_TPS) +# required for all PKI components EXCEPT IPA_PKI_THEME +if (NOT APPLICATION_FLAVOR_IPA_PKI_THEME) include(JUnit) add_custom_target(test) @@ -79,7 +76,6 @@ endif () # ONLY required for Java-based PKI components if (APPLICATION_FLAVOR_PKI_CORE OR - APPLICATION_FLAVOR_PKI_TPS OR APPLICATION_FLAVOR_PKI_CONSOLE OR APPLICATION_FLAVOR_DOGTAG_PKI_THEME OR APPLICATION_FLAVOR_PKI_MIGRATE) @@ -87,14 +83,10 @@ if (APPLICATION_FLAVOR_PKI_CORE OR find_package(JNI REQUIRED) endif () -# ONLY required for PKI_CORE or PKI_TPS -if (APPLICATION_FLAVOR_PKI_CORE OR - APPLICATION_FLAVOR_PKI_TPS) +# ONLY required for PKI_CORE +if (APPLICATION_FLAVOR_PKI_CORE) find_package(Ldap REQUIRED) -endif () - -# ONLY required for PKI_TPS -if (APPLICATION_FLAVOR_PKI_TPS) + # required for native 'tpsclient' utility find_package(APR REQUIRED) find_package(Svrcore REQUIRED) endif () @@ -154,7 +146,6 @@ add_custom_target(clean-cmake # check subdirectories if (APPLICATION_FLAVOR_PKI_CORE OR - APPLICATION_FLAVOR_PKI_TPS OR APPLICATION_FLAVOR_PKI_CONSOLE OR APPLICATION_FLAVOR_PKI_MIGRATE) add_subdirectory(base) diff --git a/base/CMakeLists.txt b/base/CMakeLists.txt index 5cd14a9dd..4edc0680c 100644 --- a/base/CMakeLists.txt +++ b/base/CMakeLists.txt @@ -17,6 +17,8 @@ if (APPLICATION_FLAVOR_PKI_CORE) add_subdirectory(tks) add_subdirectory(tps) add_subdirectory(setup) + # required for native 'tpsclient' utility + add_subdirectory(tps-client) if(WITH_JAVADOC) add_subdirectory(javadoc) @@ -38,10 +40,6 @@ if (APPLICATION_FLAVOR_PKI_CORE) endif (APPLICATION_FLAVOR_PKI_CORE) -if (APPLICATION_FLAVOR_PKI_TPS) - add_subdirectory(tps-client) -endif (APPLICATION_FLAVOR_PKI_TPS) - if (APPLICATION_FLAVOR_PKI_CONSOLE) add_subdirectory(test) add_subdirectory(console) diff --git a/base/tps-client/CMakeLists.txt b/base/tps-client/CMakeLists.txt index 954146cb4..1778ff7ab 100644 --- a/base/tps-client/CMakeLists.txt +++ b/base/tps-client/CMakeLists.txt @@ -40,7 +40,6 @@ add_subdirectory(src) add_subdirectory(tools) # install files -add_subdirectory(doc) add_subdirectory(setup) # install systemd scripts diff --git a/scripts/compose_pki_core_packages b/scripts/compose_pki_core_packages index 18cddb00b..9fbde025c 100755 --- a/scripts/compose_pki_core_packages +++ b/scripts/compose_pki_core_packages @@ -46,6 +46,8 @@ fi if [ "$WITHOUT_SERVER" = "" ]; then PKI_COMPONENT_LIST="$PKI_COMPONENT_LIST server ca kra ocsp tks tps-tomcat setup" + # required for native 'tpsclient' utility + PKI_COMPONENT_LIST="$PKI_COMPONENT_LIST tps-client" fi ## diff --git a/scripts/compose_pki_tps_client_packages b/scripts/compose_pki_tps_client_packages deleted file mode 100755 index 4efd7f874..000000000 --- a/scripts/compose_pki_tps_client_packages +++ /dev/null @@ -1,199 +0,0 @@ -#!/bin/bash -# BEGIN COPYRIGHT BLOCK -# (C) 2014 Red Hat, Inc. -# All rights reserved. -# END COPYRIGHT BLOCK - -## -## Include common 'compose' functions -## - -COMPOSE_PWD=`dirname $0` -source ${COMPOSE_PWD}/compose_functions - - -## Always switch into the base directory three levels -## above this shell script prior to executing it so -## that all of its output is written to this directory - -cd `dirname $0`/../.. - - -## -## Retrieve the name of this base directory -## - -PKI_PWD=`pwd` - - -## -## Establish the 'pki-tps-client' name and version information -## - -PKI_TPS_CLIENT="pki-tps-client" -PKI_TPS_CLIENT_VERSION="10.2.0" - - -## -## Establish the SOURCE files/directories of the 'pki-tps-client' source directory -## - -PKI_SPECS_FILE="${PKI_DIR}/specs/${PKI_TPS_CLIENT}.spec" -PKI_COMPONENT_LIST="tps-client" - - -## -## Establish the TARGET files/directories of the 'pki-tps-client' source/spec files -## - -if [ $WORK_DIR ]; then - PKI_PACKAGES="`cd $WORK_DIR ; pwd`" -else - PKI_PACKAGES="${PKI_PWD}/packages" -fi - -PKI_TPS_CLIENT_BUILD_DIR="${PKI_PACKAGES}/BUILD" -PKI_TPS_CLIENT_RPMS_DIR="${PKI_PACKAGES}/RPMS" -PKI_TPS_CLIENT_SOURCES_DIR="${PKI_PACKAGES}/SOURCES" -PKI_TPS_CLIENT_SPECS_DIR="${PKI_PACKAGES}/SPECS" -PKI_TPS_CLIENT_SRPMS_DIR="${PKI_PACKAGES}/SRPMS" - -PKI_TPS_CLIENT_TARBALL="${PKI_TPS_CLIENT}-${PKI_TPS_CLIENT_VERSION}.tar.gz" -PKI_TPS_CLIENT_SPEC_FILE="${PKI_TPS_CLIENT_SPECS_DIR}/${PKI_TPS_CLIENT}.spec" -PKI_TPS_CLIENT_PACKAGE_SCRIPT="${PKI_PACKAGES}/package_${PKI_TPS_CLIENT}" -PKI_TPS_CLIENT_PACKAGE_COMMAND="${RPMBUILD_CMD} SPECS/${PKI_TPS_CLIENT}.spec" - -PKI_TPS_CLIENT_STAGING_DIR="${PKI_PACKAGES}/staging" -PKI_TPS_CLIENT_DIR="${PKI_TPS_CLIENT_STAGING_DIR}/${PKI_TPS_CLIENT}-${PKI_TPS_CLIENT_VERSION}" -PKI_TPS_CLIENT_BASE_DIR="${PKI_TPS_CLIENT_DIR}/base" - - -## -## Always create a top-level 'packages' directory -## - -mkdir -p ${PKI_PACKAGES} - - -## -## Always create 'pki-tps-client' package directories -## - -mkdir -p ${PKI_TPS_CLIENT_BUILD_DIR} -mkdir -p ${PKI_TPS_CLIENT_RPMS_DIR} -mkdir -p ${PKI_TPS_CLIENT_SOURCES_DIR} -mkdir -p ${PKI_TPS_CLIENT_SPECS_DIR} -mkdir -p ${PKI_TPS_CLIENT_SRPMS_DIR} - - -## -## Always start with new 'pki-tps-client' package files -## - -rm -rf ${PKI_TPS_CLIENT_BUILD_DIR}/${PKI_TPS_CLIENT}-${PKI_TPS_CLIENT_VERSION} -rm -f ${PKI_TPS_CLIENT_RPMS_DIR}/${PKI_TPS_CLIENT}-${PKI_TPS_CLIENT_VERSION}*.rpm -rm -f ${PKI_TPS_CLIENT_SOURCES_DIR}/${PKI_TPS_CLIENT_TARBALL} -rm -f ${PKI_TPS_CLIENT_SPEC_FILE} -rm -f ${PKI_TPS_CLIENT_SRPMS_DIR}/${PKI_TPS_CLIENT}-${PKI_TPS_CLIENT_VERSION}*.rpm - - -## -## Copy a new 'pki-tps-client' spec file from the -## current contents of the PKI working repository -## - -cp -p ${PKI_SPECS_FILE} ${PKI_TPS_CLIENT_SPECS_DIR} - - -## -## If specified, copy all Patches from the spec file URL to SOURCES -## - -if [ ${FETCH_PATCH_FILES} -eq 1 ] ; then - Fetch_Patch_Files ${PKI_SPECS_FILE} ${PKI_TPS_CLIENT_SOURCES_DIR} -fi - - -## -## Copy the specified Source Tarball from the spec file URL to SOURCES, or -## Generate a fresh Source Tarball from the local source -## - -if [ ${FETCH_SOURCE_TARBALL} -eq 1 ] ; then - Fetch_Source_Tarball ${PKI_SPECS_FILE} ${PKI_TPS_CLIENT_SOURCES_DIR} -else - ## - ## Always start with a new 'pki-tps-client' staging directory - ## - - rm -rf ${PKI_TPS_CLIENT_STAGING_DIR} - - - ## - ## To generate the 'pki-tps-client' tarball, construct a staging area - ## consisting of the 'pki-tps-client' source components from the - ## current contents of the PKI working repository - ## - - mkdir -p ${PKI_TPS_CLIENT_DIR} - cd ${PKI_DIR} - for file in "${PKI_FILE_LIST}" ; - do - cp -p ${file} ${PKI_TPS_CLIENT_DIR} - done - find ${PKI_CMAKE_DIR} \ - -name .svn -prune -o \ - -name *.swp -prune -o \ - -print | cpio -pdum ${PKI_TPS_CLIENT_DIR} > /dev/null 2>&1 - cd - > /dev/null 2>&1 - - mkdir -p ${PKI_TPS_CLIENT_BASE_DIR} - cd ${PKI_BASE_DIR} - cp -p ${PKI_BASE_MANIFEST} ${PKI_TPS_CLIENT_BASE_DIR} - for component in "${PKI_COMPONENT_LIST}" ; - do - find ${component} \ - -name .svn -prune -o \ - -name *.swp -prune -o \ - -print | cpio -pdum ${PKI_TPS_CLIENT_BASE_DIR} > /dev/null 2>&1 - done - cd - > /dev/null 2>&1 - - - ## - ## Create the 'pki-tps-client' tarball - ## - - mkdir -p ${PKI_TPS_CLIENT_SOURCES_DIR} - cd ${PKI_TPS_CLIENT_STAGING_DIR} - gtar -zcvf ${PKI_TPS_CLIENT_TARBALL} \ - "${PKI_TPS_CLIENT}-${PKI_TPS_CLIENT_VERSION}" > /dev/null 2>&1 - mv ${PKI_TPS_CLIENT_TARBALL} ${PKI_TPS_CLIENT_SOURCES_DIR} - cd - > /dev/null 2>&1 - - - ## - ## Always remove the PKI staging area - ## - - rm -rf ${PKI_TPS_CLIENT_STAGING_DIR} -fi - - -## -## Always generate a fresh 'pki-tps-client' package script -## - -rm -rf ${PKI_TPS_CLIENT_PACKAGE_SCRIPT} -printf "#!/bin/bash\n\n" > ${PKI_TPS_CLIENT_PACKAGE_SCRIPT} -printf "${PKI_TPS_CLIENT_PACKAGE_COMMAND}\n\n" >> ${PKI_TPS_CLIENT_PACKAGE_SCRIPT} -chmod 775 ${PKI_TPS_CLIENT_PACKAGE_SCRIPT} - - -## -## Automatically invoke RPM/SRPM creation -## - -cd ${PKI_PACKAGES} ; -bash ./package_${PKI_TPS_CLIENT} | tee package_${PKI_TPS_CLIENT}.log 2>&1 - diff --git a/specs/pki-core.spec b/specs/pki-core.spec index 40b80dc9b..4a963814e 100644 --- a/specs/pki-core.spec +++ b/specs/pki-core.spec @@ -5,7 +5,7 @@ distutils.sysconfig import get_python_lib; print(get_python_lib(1))")} Name: pki-core Version: 10.2.0 -Release: 0.8%{?dist} +Release: 0.9%{?dist} Summary: Certificate System - PKI Core Components URL: http://pki.fedoraproject.org/ License: GPLv2 @@ -13,6 +13,9 @@ Group: System Environment/Daemons %bcond_without server %bcond_without javadoc +# ignore unpackaged files from native 'tpsclient' +# REMINDER: Remove this '%define' once 'tpsclient' is rewritten as a Java app +%define _unpackaged_files_terminate_build 0 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -25,7 +28,7 @@ BuildRequires: apache-commons-cli BuildRequires: apache-commons-codec BuildRequires: apache-commons-io BuildRequires: nspr-devel -BuildRequires: nss-devel +BuildRequires: nss-devel >= 3.14.3 BuildRequires: openldap-devel BuildRequires: pkgconfig BuildRequires: policycoreutils @@ -55,6 +58,19 @@ BuildRequires: jss >= 4.2.6-28 BuildRequires: systemd-units BuildRequires: tomcatjss >= 7.1.0 +# additional build requirements needed to build native 'tpsclient' +# REMINDER: Revisit these once 'tpsclient' is rewritten as a Java app +BuildRequires: apr-devel +BuildRequires: apr-util-devel +BuildRequires: cyrus-sasl-devel +BuildRequires: httpd-devel >= 2.4.2 +BuildRequires: pcre-devel +BuildRequires: python +BuildRequires: systemd +BuildRequires: svrcore-devel +BuildRequires: zlib +BuildRequires: zlib-devel + Source0: http://pki.fedoraproject.org/pki/sources/%{name}/%{name}-%{version}%{?prerel}.tar.gz %if 0%{?rhel} @@ -435,15 +451,28 @@ provided by the PKI Core used by the Certificate System. Summary: Certificate System - Token Processing Service Group: System Environment/Daemons -BuildArch: noarch - Provides: pki-tps +Provides: pki-tps-client = %{version}-%{release} + +Obsoletes: pki-tps-client < %{version}-%{release} + Requires: java-headless >= 1:1.7.0 Requires: pki-server = %{version}-%{release} Requires(post): systemd-units Requires(preun): systemd-units Requires(postun): systemd-units +# additional runtime requirements needed to run native 'tpsclient' +# REMINDER: Revisit these once 'tpsclient' is rewritten as a Java app +Requires: mod_nss +Requires: mod_perl +Requires: mod_revocator +Requires: nss >= 3.14.3 +Requires: nss-tools >= 3.14.3 +Requires: openldap-clients +Requires: perl-Mozilla-LDAP +Requires: pki-symkey = %{version}-%{release} + %description -n pki-tps-tomcat The Token Processing System (TPS) is an optional PKI subsystem that acts as a Registration Authority (RA) for authenticating and processing @@ -460,6 +489,10 @@ Token Key Service (TKS)) to fulfill the user's requests. TPS also interacts with the token database, an LDAP server that stores information about individual tokens. +The utility "tpsclient" is a test tool that interacts with TPS. This +tool is useful to test TPS server configs without risking an actual +smart card. + %{overview} @@ -490,6 +523,7 @@ This package is a part of the PKI Core used by the Certificate System. %prep %setup -q -n %{name}-%{version}%{?prerel} + %clean %{__rm} -rf %{buildroot} @@ -781,6 +815,11 @@ echo >> /var/log/pki/pki-server-upgrade-%{version}.log 2>&1 %{_datadir}/pki/tps/webapps/ %{_mandir}/man5/pki-tps-connector.5.gz %{_mandir}/man5/pki-tps-profile.5.gz +# files for native 'tpsclient' +# REMINDER: Remove this comment once 'tpsclient' is rewritten as a Java app +%{_bindir}/tpsclient +%{_libdir}/tps/libtps.so +%{_libdir}/tps/libtokendb.so %if %{with javadoc} %files -n pki-javadoc @@ -791,6 +830,13 @@ echo >> /var/log/pki/pki-server-upgrade-%{version}.log 2>&1 %endif # %{with server} %changelog +* Fri Aug 29 2014 Matthew Harmsen <mharmsen@redhat.com> - 10.2.0-0.9 +- Merged jmagne@redhat.com's spec file changes from the stand-alone + 'pki-tps-client' package needed to build/run the native 'tpsclient' + command line utility into this 'pki-core' spec file under the 'tps' package. +- Original tps libararies must be built to support this native utility. +- Modifies tps package from 'noarch' into 'architecture-specific' package + * Wed Aug 27 2014 Matthew Harmsen <mharmsen@redhat.com> - 10.2.0-0.8 - PKI TRAC Ticket #1127 - Remove 'pki-ra', 'pki-setup', and 'pki-silent' packages . . . diff --git a/specs/pki-tps-client.spec b/specs/pki-tps-client.spec deleted file mode 100644 index 686df1f12..000000000 --- a/specs/pki-tps-client.spec +++ /dev/null @@ -1,133 +0,0 @@ -Name: pki-tps-client -Version: 10.2.0 -Release: 0.3%{?dist} -Summary: Certificate System - Token Processing System -URL: http://pki.fedoraproject.org/ -License: LGPLv2 -Group: System Environment/Daemons - -%bcond_without javadoc -%define _unpackaged_files_terminate_build 0 -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) - -BuildRequires: cmake >= 2.8.9-1 -BuildRequires: apr-devel -BuildRequires: apr-util-devel -BuildRequires: cyrus-sasl-devel -BuildRequires: httpd-devel >= 2.4.2 -BuildRequires: java-devel >= 1:1.7.0 -BuildRequires: openldap-devel -BuildRequires: nspr-devel -BuildRequires: nss-devel >= 3.14.3 -BuildRequires: pcre-devel -BuildRequires: pki-server >= 10.2.0 -BuildRequires: python -BuildRequires: systemd -BuildRequires: svrcore-devel -BuildRequires: zlib -BuildRequires: zlib-devel - -Requires: java >= 1:1.7.0 -Requires: mod_nss -Requires: mod_perl -Requires: mod_revocator -Requires: nss >= 3.14.3 -Requires: nss-tools >= 3.14.3 -Requires: openldap-clients -Requires: perl-Mozilla-LDAP -Requires: pki-server >= 10.2.0 -Requires: pki-symkey >= 10.2.0 - -Requires(post): systemd-units -Requires(preun): systemd-units -Requires(postun): systemd-units - -Source0: http://pki.fedoraproject.org/pki/sources/%{name}/%{name}-%{version}%{?prerel}.tar.gz - -%global overview \ -Certificate System (CS) is an enterprise software system designed \ -to manage enterprise Public Key Infrastructure (PKI) deployments. \ - \ -The Token Processing System (TPS) is an optional PKI subsystem that acts \ -as a Registration Authority (RA) for authenticating and processing \ -enrollment requests, PIN reset requests, and formatting requests from \ -the Enterprise Security Client (ESC). \ - \ -The utitility "tpsclient" is a test tool that interacts with TPS \ -This tool is useful to test TPS server configs without risking a real \ -smart card. \ -%{nil} - -%description %{overview} - - -================================== -|| ABOUT "CERTIFICATE SYSTEM" || -================================== -${overview} - - -%prep - -%setup -q -n %{name}-%{version}%{?prerel} - -cat << \EOF > %{name}-prov - -cat << \EOF > %{name}-req - -%clean -%{__rm} -rf %{buildroot} - -%build -%{__mkdir_p} build -cd build -%cmake -DVERSION=%{version}-%{release} \ - -DVAR_INSTALL_DIR:PATH=/var \ - -DBUILD_PKI_TPS:BOOL=ON \ - -DSYSTEMD_LIB_INSTALL_DIR=%{_unitdir} \ -%if 0%{?rhel} - -DRESTEASY_LIB=/usr/share/java/resteasy-base \ -%else - -DRESTEASY_LIB=/usr/share/java/resteasy \ -%endif -%if ! %{with javadoc} - -DWITH_JAVADOC:BOOL=OFF \ -%endif - .. -%{__make} VERBOSE=1 %{?_smp_mflags} - -%install -%{__rm} -rf %{buildroot} -cd build -%{__make} install DESTDIR=%{buildroot} INSTALL="install -p" - -cd %{buildroot}/%{_datadir}/pki/tps/docroot -%{__ln_s} tokendb tus - -# Internal libraries for 'tps' are present in: -# -# * '/usr/lib/tps' (i386) -# * '/usr/lib64/tps' (x86_64) -# -mkdir %{buildroot}%{_sysconfdir}/ld.so.conf.d -echo %{_libdir}/tps > %{buildroot}%{_sysconfdir}/ld.so.conf.d/tps-%{_arch}.conf - -# Details: -# -# * https://fedoraproject.org/wiki/Features/var-run-tmpfs -# * https://fedoraproject.org/wiki/Tmpfiles.d_packaging_draft -# -%{__mkdir_p} %{buildroot}%{_sysconfdir}/tmpfiles.d - -%files -%defattr(-,root,root,-) -%doc base/tps-client/LICENSE -%{_bindir}/tpsclient -%{_libdir}/tps/libtps.so -%{_libdir}/tps/libtokendb.so - -%changelog -* Mon Aug 18 2014 jmagne <jmagne@redhat.com> 10.2.0-0.3 -- Initial appearance of pki-tps-client package. -- Package includes merely the "tpclient" command line utility. -- Original tps libararies must be built to support such a utility. |