diff options
author | mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-10-04 01:17:41 +0000 |
---|---|---|
committer | mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-10-04 01:17:41 +0000 |
commit | a4682ceae6774956461edd03b2485bbacea445f4 (patch) | |
tree | 94c475a125441da63101738220ce3972cf37db61 /pki/dogtag/ocsp | |
parent | 0c775428675d2cb1be9551f84e6b741ca813f77e (diff) | |
download | pki-a4682ceae6774956461edd03b2485bbacea445f4.tar.gz pki-a4682ceae6774956461edd03b2485bbacea445f4.tar.xz pki-a4682ceae6774956461edd03b2485bbacea445f4.zip |
Bugzilla Bug #688225 - (dogtagIPAv2.1) TRACKER: of the Dogtag fixes for freeIPA 2.1IPA_v2_RHEL_6_2_20111003
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/tags/IPA_v2_RHEL_6_2_20111003@2252 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/dogtag/ocsp')
-rwxr-xr-x | pki/dogtag/ocsp/build_dogtag | 82 | ||||
-rw-r--r-- | pki/dogtag/ocsp/pki-ocsp.spec | 122 |
2 files changed, 204 insertions, 0 deletions
diff --git a/pki/dogtag/ocsp/build_dogtag b/pki/dogtag/ocsp/build_dogtag new file mode 100755 index 000000000..f736c15ae --- /dev/null +++ b/pki/dogtag/ocsp/build_dogtag @@ -0,0 +1,82 @@ +#!/bin/bash +# BEGIN COPYRIGHT BLOCK +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# (C) 2007 Red Hat, Inc. +# All rights reserved. +# END COPYRIGHT BLOCK + +# Always switch into the base directory of this +# shell script prior to executing it so that all +# of its output is written to this directory +cd `dirname $0` + +# Retrieve the directory name housing this component +PWD=`pwd` + +# Set Dogtag component-specific environment variables +DOGTAG_BUILD_SCRIPT=`basename $0` +export DOGTAG_BUILD_SCRIPT +DOGTAG_COMPONENT=`basename ${PWD}` +export DOGTAG_COMPONENT +DOGTAG_SPECFILE="pki-ocsp.spec" +export DOGTAG_SPECFILE + +# Set PKI 'ant' environment variables (originally obtained from specfile) +PKI_PRODUCT_UI_FLAVOR_PREFIX="" +export PKI_PRODUCT_UI_FLAVOR_PREFIX +PKI_PRODUCT_PREFIX="pki" +export PKI_PRODUCT_PREFIX +PKI_PRODUCT="ocsp" +export PKI_PRODUCT +PKI_VERSION="9.0.0" +export PKI_VERSION + +# Set Dogtag helper variables +DOGTAG_COMPONENT_NAME=${PKI_PRODUCT} +export DOGTAG_COMPONENT_NAME +DOGTAG_WGET_URL=http://cvs.fedora.redhat.com/viewvc +export DOGTAG_WGET_URL + +# Obtain '${DOGTAG_SPECFILE}' as necessary +if [ "$1" = "refresh" ]; then + if [ -f "${DOGTAG_SPECFILE}" ]; then + printf "Removing '${DOGTAG_SPECFILE}' . . . " + rm -rf ${DOGTAG_SPECFILE} + printf "done.\n" + fi + shift +fi +if [ ! -f "${DOGTAG_SPECFILE}" ]; then + # Check for Fedora Operating System + if [ ! -f /etc/fedora-release ]; then + printf "'${DOGTAG_COMPONENT_NAME}' ONLY builds on Fedora!\n" + exit 255 + fi + # Obtain Fedora Operating System Version + FEDORA_VERSION="F-`cat /etc/fedora-release | awk '{print $3}'`" + export FEDORA_VERSION + # Retrieve '${DOGTAG_SPECFILE}' from Koji + printf "Fetching '${DOGTAG_SPECFILE}' for '${FEDORA_VERSION}' . . .\n" + wget -O ${DOGTAG_SPECFILE} ${DOGTAG_WGET_URL}/${FEDORA_VERSION}/${DOGTAG_COMPONENT_NAME}/${DOGTAG_SPECFILE}?view=co + if [ ! -s "${DOGTAG_SPECFILE}" ]; then + printf "Failed to fetch '${DOGTAG_SPECFILE}' for '${FEDORA_VERSION}'!\n" + rm -rf ${DOGTAG_SPECFILE} + exit 255 + fi +fi + +# Invoke the shared Dogtag PKI build script +config-ext/build_dogtag_pki $@ + diff --git a/pki/dogtag/ocsp/pki-ocsp.spec b/pki/dogtag/ocsp/pki-ocsp.spec new file mode 100644 index 000000000..eacd28196 --- /dev/null +++ b/pki/dogtag/ocsp/pki-ocsp.spec @@ -0,0 +1,122 @@ +Name: pki-ocsp +Version: 9.0.0 +Release: 1%{?dist} +Summary: Dogtag Certificate System - Online Certificate Status Protocol Manager +URL: http://pki.fedoraproject.org/ +License: GPLv2 +Group: System Environment/Daemons + +BuildArch: noarch + +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) + +BuildRequires: ant +BuildRequires: java-devel >= 1:1.6.0 +BuildRequires: jpackage-utils +BuildRequires: jss >= 4.2.6 +BuildRequires: pki-common +BuildRequires: pki-util +BuildRequires: tomcatjss + +Requires: java >= 1:1.6.0 +Requires: pki-common +Requires: pki-ocsp-ui +Requires: pki-selinux +Requires(post): chkconfig +Requires(preun): chkconfig +Requires(preun): initscripts +Requires(postun): initscripts + +Source0: http://pki.fedoraproject.org/pki/sources/%{name}/%{name}-%{version}.tar.gz + +%description +Dogtag Certificate System is an enterprise software system designed +to manage enterprise Public Key Infrastructure (PKI) deployments. + +The Dogtag Online Certificate Status Protocol Manager is an optional +PKI subsystem that can act as a stand-alone Online Certificate +Status Protocol (OCSP) service. +The Dogtag Online Certificate Status Protocol Manager performs the task of an +online certificate validation authority by enabling OCSP-compliant clients to +do real-time verification of certificates. Note that an online +certificate-validation authority is often referred to as an OCSP Responder. + +Although the Dogtag Certificate Authority is already configured with an +internal OCSP service. An external OCSP Responder is offered as a separate +subsystem in case the user wants the OCSP service provided outside of a +firewall while the Dogtag Certificate Authority resides inside of a firewall, +or to take the load of requests off of the Dogtag Certificate Authority. + +The Dogtag Online Certificate Status Protocol Manager can receive Certificate +Revocation Lists (CRLs) from multiple Dogtag Certificate Authority servers, +and clients can query the Dogtag Online Certificate Status Protocol Manager +for the revocation status of certificates issued by all of these +Dogtag Certificate Authority servers. + +When an instance of Dogtag Online Certificate Status Protocol Manager is +set up with an instance of Dogtag Certificate Authority, and publishing +is set up to this Dogtag Online Certificate Status Protocol Manager, +CRLs are published to it whenever they are issued or updated. + +%prep + +%setup -q + +%build +ant \ + -Dinit.d="rc.d/init.d" \ + -Dproduct.ui.flavor.prefix="" \ + -Dproduct.prefix="pki" \ + -Dproduct="ocsp" \ + -Dversion="%{version}" + +%install +%define major_version %(echo `echo %{version} | awk -F. '{ print $1 }'`) +%define minor_version %(echo `echo %{version} | awk -F. '{ print $2 }'`) +%define patch_version %(echo `echo %{version} | awk -F. '{ print $3 }'`) + +rm -rf %{buildroot} +cd dist/binary +unzip %{name}-%{version}.zip -d %{buildroot} +cd %{buildroot}%{_datadir}/pki/ocsp/conf +mv CS.cfg.in CS.cfg +sed -i 's/^preop.product.version=.*$/preop.product.version=%{version}/' %{buildroot}%{_datadir}/pki/ocsp/conf/CS.cfg +sed -i 's/^cms.version=.*$/cms.version=%{major_version}.%{minor_version}/' %{buildroot}%{_datadir}/pki/ocsp/conf/CS.cfg +mkdir -p %{buildroot}%{_localstatedir}/lock/pki/ocsp +mkdir -p %{buildroot}%{_localstatedir}/run/pki/ocsp +cd %{buildroot}%{_datadir}/pki/ocsp/setup +mv config.desktop.in config.desktop +cd %{buildroot}%{_javadir}/pki +mv pki-ocsp.jar pki-ocsp-%{version}.jar +ln -s pki-ocsp-%{version}.jar pki-ocsp.jar + +%clean +rm -rf %{buildroot} + +%post +# This adds the proper /etc/rc*.d links for the script +/sbin/chkconfig --add pki-ocspd || : + +%preun +if [ $1 = 0 ] ; then + /sbin/service pki-ocspd stop >/dev/null 2>&1 + /sbin/chkconfig --del pki-ocspd || : +fi + +%postun +if [ "$1" -ge "1" ] ; then + /sbin/service pki-ocspd condrestart >/dev/null 2>&1 || : +fi + +%files +%defattr(-,root,root,-) +%doc LICENSE +%{_initrddir}/* +%{_javadir}/pki/ +%{_datadir}/pki/ +%{_localstatedir}/lock/* +%{_localstatedir}/run/* + +%changelog +* Fri Nov 19 2010 Matthew Harmsen <mharmsen@redhat.com> 9.0.0-1 +- Updated Dogtag 1.3.x --> Dogtag 2.0.0 --> Dogtag 9.0.0. |