| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Coverity fix for Forward NULL cases in DogTag 10.
|
|
|
|
| |
Addressed review coments.
|
|
|
|
|
|
|
| |
A new getEntity() method has been added to obtain the entity from
a Response object and also map HTTP errors into exceptions.
Ticket #161
|
|
|
|
|
|
|
|
|
|
| |
Generally the user LDAP entry does not contain a seeAlso attribute
unless it's a special database user. The UGSubsystem.removeUserCert()
would fail because it tried to remove the seeAlso attribute. Now the
code has been fixed to remove the seeAlso using a separate modify
operation and ignore the error if it fails due to missing attribute.
Ticket #182
|
| |
|
| |
|
|
|
|
|
|
|
| |
The X500Name and RDN have been modified to fix the incorrect method
signature for equals() and the missing hashCode().
Ticket #206
|
| |
|
|
|
|
|
|
|
|
|
| |
Previously HTTPClient.sslConnect() would return a null if there is
a connection issue. Some code in pkisilent did not check the return
value properly so it would throw an exception. The sslConnect() has
been modified to throw an exception instead.
Ticket #180
|
|
|
|
| |
REVERSE_INULL,Wrong_Map_Iterators
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
This patch provides a tool to manage groups and group members via
command line.
Ticket #160
|
|
|
|
|
|
|
| |
The group REST service is based on UsrGrpAdminServlet. It provides an interface
to manage groups and group members.
Ticket #160
|
|
|
|
|
|
| |
The user CLI provides a tool to manage users and user certificates.
Ticket #160
|
|
|
|
|
|
|
| |
The user REST service is based on UsrGrpAdminServlet. It provides an interface
to manage users and user certificates.
Ticket #160
|
|
|
|
|
|
|
| |
Ticket #373
This fix just appends a dummy value to the array, which consumes the error 53.
Patch provided by mreynolds.
|
|
|
|
|
|
| |
The AdminServlet has been modified to use the new Auditor service.
Ticket #160
|
|
|
|
|
|
|
|
|
| |
A new Auditor service has been added to replace the audit service that was
previously only available to subclasses of AdminServlet. The new service
can be used by other components including REST services. The AdminServlet
will be modified to use the Auditor service separately.
Ticket #160
|
|
|
|
|
|
| |
support ECC
This patch allows TPS administrators to enroll for EC cert during installation wizard. It follows the same implementation as the Java subsystems and defaults to nistp256
|
|
|
|
|
|
|
| |
* Integration of Tomcat 7
* Addition of centralized 'pki-tomcatd' systemd functionality to the
PKI Deployment strategy
* Removal of 'pki_flavor' attribute
|
| |
|
|
|
|
| |
FB.SBSC_USE_STRINGBUFFER_CONCATENATION --Remaining
|
| |
|
|
|
|
| |
FB.DM_STRING_CTOR, FB.DM_STRING_VOID_CTOR
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The JSS library uses different paths on 32-bit and 64-bit platforms.
A script has been added to create a symbolic link such that Eclipse
can use the library without changing the classpath file. The script
could be extended further to simplify setting up the development
environment such as installing the dependencies.
Ticket #171
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Introduced concept of "admin-domain" originally as a
separate folder, and later incorporated this concept
into an optional instance prefix
* Revised definition of <pki_instance_id> to be identified
as "[<pki_admin_domain_name>-]<pki_instance_name>
* Changed NSS security database model from one shared
database by BOTH a single Tomcat AND single Apache instance
into one per Tomcat instance (shared by CA/KRA/OCSP/TKS) and
one per Apache instance (shared by RA/TPS)
* Altered Configuration 'scriptlet' to invoke Jython for
access to new Java configuration servlet
* Renamed various "scriptlets" to comply with this new layout
* Re-aligned code to account for revised layout documented at
http://pki.fedoraproject.org/wiki/PKI_Instance_Deployment
|
|
|
|
|
| |
The base/common/src/CMakeLists.txt has been fixed to include
httpcore.jar in the class path.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Tickets #144 and #145
Providing the following:
1. Simple EE restful interface for certificates, printing, listing and searching.
2. Simple EE restful interface for certificate enrollment requests.
3. Simple EE restful interface for profiles and profile properties.
4. Simple Test client to exercise the functionality.
5. Created restful client base class inherited by CARestClient and DRMRestClient.
6. Provide simple restful implementations of new interfaces added.
ToDO: Need some more refactoring to base classes for some of the new classes which are similar to classes
in the DRM restful area.
ToDO: Actual certificate enrollment code that will be refactored from existing ProfileSubmitServlet.
Provide CA EE Restful interface and test client review fixes.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Re-aligned code to account for revised layout documented at
http://pki.fedoraproject.org/wiki/PKI_Instance_Deployment
* Massaged logic to comply with PKI subsystem running within
a shared instance
* Developed code to take advantage of a single shared NSS security
database model
* Completed the following two 'scriptlets':
* Dogtag 10: Python 'slot_assignment.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/146)
* Dogtag 10: Python 'security_databases.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/136)
* Created several additional PKI deployment helper utilities.
|
|
|
|
| |
Added code to create container on master if it does not exist.
|
|
|
|
|
|
| |
Currently the realm only returns the last acl result in a multiple entry ACL. Since most of them only have one entry, this is mistly ok. This simple fix allows the code to handle multiple entries correctly.
Ticket #123.
|
| |
|
|
|
|
| |
- The real fix is in JSS alone; This patch only adds better error handling and non-static salt.
|
| |
|
|
|
|
| |
Ticket #156
|
|
|
|
|
|
|
| |
password in password.conf
The issue was missing code to log into unsupported token that was not loged in.
The patch added the code to allow login to unsupported token.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Installation code common to the panels and the installation servlet are extracted to a
ConfigurationUtils file. The panel code will be cleaned up to use the code in this
class in a later commit.
Contains restful client and test driver code. The test driver code should be modified
and placed in a junit/system test framework. Installation has been tested to work with
the following installations: master CA, clone CA, KRA, OCSP, TKS, subordinate CA, CA
signed by external CA (parts 1 and 2).
Ticket #155
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Completed the following six 'scriptlets':
* Dogtag 10: Python 'initialization.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/147)
* Dogtag 10: Python 'instance_layout.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/75)
* Dogtag 10: Python 'webserver_layout.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/140)
* Dogtag 10: Python 'subsystem_layout.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/141)
* Dogtag 10: Python 'war_explosion.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/76)
* Dogtag 10: Python 'finalization.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/148)
* Created numerous PKI deployment helper utilities.
* Augmented logging to provide indentation.
* Generated logic for installation 'manifest'.
* Tested logic using '--dry_run' option and '-p' prefix options.
* Per initial review, removed numerous "constants" and consolidated
logic into "master" dictionary.
* Corrected the following ticket:
* Dogtag 10: Fix 'build_dogtag_pki' script to account for 'pki-deploy' RPM
(https://fedorahosted.org/pki/ticket/138)
Resolves Bugzilla Bug #810047 - build_dogtag_pki fails with requirements
for pki-deploy
(https://bugzilla.redhat.com/show_bug.cgi?id=810047)
* Created the following three 'scriptlets' as 'NOT YET IMPLEMENTED'
place-holders:
* Dogtag 10: Python 'security_databases.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/136)
* Dogtag 10: Python 'slot_assignment.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/146)
* Dogtag 10: Python 'configuration.py' Configuration Scriptlet
(https://fedorahosted.org/pki/ticket/137)
|
|
|
|
|
| |
Simple fix to get the DRMRestClient working under SSL again.
Ticket #163.
|
|
|
|
|
|
|
| |
The Thread.stop() is deprecated, so the key status update thread is now
implemented with executor service to allow stopping the task gracefully.
Ticket #3
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Eclipse has been configured to do the followings on save:
- organize imports
- remove unused imports
- remove unnecessary casts
- remove trailing white spaces on all lines
These settings can be configured in PKI Project -> Properties ->
Java Editor -> Save Actions.
Ticket #134
|
|
|
|
|
|
|
|
| |
Some exceptions used deprecated resource class names as the bundle name,
they have been replaced with string constants. The deprecated resource
classes are no longer used, so they have been removed.
Ticket #3
|