summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Fix Bugzilla Bug 661889 - The Servlet TPSRevokeCert of the CA returns an ↵jmagne2010-12-161-1/+26
| | | | | | error to TPS even if certificate in question is already revoked. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1641 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Fix Bugzilla Bug 661196 - ECC(with nethsm) subca configuration fails with ↵jmagne2010-12-1512-12/+13
| | | | | | Key Type RSA Not Matched despite using ECC key pairs for rootCA & subCA. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1639 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* native-tools: Remove GPL inconform sentence in usage output.asn2010-12-151-2/+1
| | | | | | Fixed brc #644056. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1637 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* p7tool: Added missing initializers.asn2010-12-151-6/+9
| | | | | | Fixed brc #644056. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1636 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* p7tool: Fixed build warnings of secutil.asn2010-12-151-10/+12
| | | | | | Fixed brc #644056. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1635 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* p7tool: Don't shadow the global vars in secutil.asn2010-12-151-9/+9
| | | | | | Fixed brc #644056. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1634 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* p7tool: Fixed secutil function build warnings.asn2010-12-154-110/+110
| | | | | | Fixed brc #644056. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1633 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* p7tool: Added missing header file.asn2010-12-153-0/+46
| | | | | | Fixed brc #644056. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1632 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* bulkissuance: Fixed serveral build warnings.asn2010-12-151-9/+11
| | | | | | Fixed brc #644056. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1631 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* bulkissuance: Fixed a shadowed global variable.asn2010-12-151-2/+2
| | | | | | Fixed brc #644056. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1630 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* bulkissuance: Fixed const build warnings.asn2010-12-151-2/+2
| | | | | | Fixed brc #644056. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1629 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* bulkissuance: Fixed prototype build warnings.asn2010-12-151-10/+11
| | | | | | Fixed brc #644056. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1628 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* symkey: Fixed some build warnings.asn2010-12-151-2/+2
| | | | | | Fixed brc #644056. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1627 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* osutil: Fixed a lot of build warnings.asn2010-12-152-2/+2
| | | | | | Fixed brc #644056. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1626 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bugzilla Bug #623862 - RFE: pki-ra should not require sendmail, but MTAmharmsen2010-12-141-1/+1
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1625 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bugzilla Bug #586073 - Add new 'mod_revocator' runtime dependency to RA and TPSmharmsen2010-12-1461-2108/+3285
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1624 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Fixed bugzilla bug #512496.awnuk2010-12-131-7/+8
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1622 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Fixed bugzilla bug #512496.awnuk2010-12-131-14/+5
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1621 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Fixed bugzilla bug #512496.awnuk2010-12-111-66/+252
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1618 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Fixed bugzilla bug #512496.awnuk2010-12-111-26/+40
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1617 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Fix Bugzilla Bug 512248 - Status mismatch for the encryption cert in tps ↵jmagne2010-12-102-2/+95
| | | | | | agent and CA when a temporary smart card is issued. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1616 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bugzilla Bug 651001 - TPS does not create a password for entries in ldap. ↵vakwetu2010-12-082-1/+51
| | | | | | This violates STIG requirements git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1614 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bugzilla Bug #643206 - New CMake based build system for Dogtagmharmsen2010-12-089-67/+163
| | | | | | | (prevent class replication across jars) git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1612 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bugzilla Bug 223314 - AOL: Better activities logsvakwetu2010-12-086-86/+178
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1610 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bugzilla Bug 661128 - incorrect CA ports used for revoke, unrevoke certs in TPSvakwetu2010-12-082-8/+7
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1608 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bugzilla Bug #643206 - New CMake based build system for Dogtagmharmsen2010-12-0752-210/+2901
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1607 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bug 499494 - change CA defaults to SHA2 cfu2010-12-031-1/+1
| | | | | | | - fix for when new CRL Issuing point is added, default CRL signing alg is SHA2 instead of SHA1 git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1606 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bug 499494 - change CA defaults to SHA2 cfu2010-12-033-5/+5
| | | | | | | - fix that makes the default alg not SHA1 when new profiles are created from the Console git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1604 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bug #658926jdennis2010-12-031-10/+11
| | | | | | | | | | | | | | jakarta-commons-lang.jar is needed by velocity, add that link in WEB-INF/lib. This dependency first appeared in F13. We had been providing a link to jakarta-commons-collections.jar in $pki_instance/common/lib but that link is not necessary since tomcat6 already provide jakarta-commons-collections.jar. So remove the superfluous link creation, it isn't needed. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1602 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bug 499494 - change CA defaults to SHA2cfu2010-12-036-27/+27
| | | | | | | - changed defaults in CS.cfg's from SHA1 to SHA2 git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1601 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bug 659004 - CC: AuditVerify hardcoded with SHA-1cfu2010-12-022-4/+4
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1599 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bugzilla Bug #643206 - New CMake based build system for Dogtagmharmsen2010-12-0226-4830/+74
| | | | | | | (Legacy build system changes for compliance) git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1597 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bug 642357 - CC Feature- Self-Test plugins only check for validity (missing ↵cfu2010-12-015-7/+49
| | | | | | CS.cfg changes) git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1596 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bug 642357 - CC Feature- Self-Test plugins only check for validity - (TPS part)cfu2010-12-017-7/+293
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1594 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bugzilla BZ640042: TPS Installlation Wizard: need to move Module Panel up to ↵vakwetu2010-11-303-29/+29
| | | | | | before Security Domain Panel git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1590 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* typo in web.xmlvakwetu2010-11-301-1/+2
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1589 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bug 642357 - CC Feature- Self-Test plugins only check for validitycfu2010-11-244-0/+246
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1588 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bugzilla BZ 653576 - tomcat5 does not always run filters on servlets as expectedvakwetu2010-11-248-180/+37
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1587 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bugzilla BZ 653576 - tomcat5 does not always run filters on servlets as expectedvakwetu2010-11-2428-49/+49
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1586 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bug 651977 - turn off ssl2 for java servers (server.xml) - patch 2cfu2010-11-225-7/+30
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1583 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bugzilla Bug #638377 - Generate PKI UI components which exclude a GUI interfacemharmsen2010-11-2054-266/+240
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1581 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bugzilla BZ 606946 - Convert Native Tools to use ldapAPI from OpenLDAP ↵vakwetu2010-11-191-2/+1
| | | | | | instead of the Mozldap git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1580 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Bugzilla BZ 606946 - Convert Native Tools to use ldapAPI from OpenLDAP ↵vakwetu2010-11-191-1/+5
| | | | | | instead of the Mozldap git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1579 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Rename pkicommon to pkicommon.pmjdennis2010-11-194-31/+9
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1578 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Fix issues discovered during testingjdennis2010-11-1913-84/+273
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | During testing with Ade several issues were discovered which needed fixing, these included: Remove connectionTimeout on JSS connectors in the server.xml files due to JSS bug. We will reenable the timeouts when JSS is fixed. pki_apache_initscript had chmod & chown wrapped in an echo command which prevented them from executing, an artifact inadverantly left in the file during a debug session. The role parameter to runcon which had been added to facilitate test/debug was removed. The logfile variables shared between pkicommon, pkicreate and pkiremove were awkward and resulted in warnings about the use of uninitialized variables in some circumstances. Some functions were tweaked and some variables removed to enforce better data hiding and eliminate the warnings with respect to the logfile. If the pkicreate script aborted before it completed it would fail to write the installation manifest which made it impossible to remove the partial installation via pkiremove. A hander was added so it would run if Perl executed a "die" (e.g. aborted). The handler writes the manifest before final exit. The subroutine used to write the manifest was bullet proofed to avoid referencing uninitialized variables in the case of non-normal exit. The copy_directory() subroutine failed to preserve symbolic links in the source, instead it traversed the source link and copied the target of the link. copy_directory() and it's support routines were enhanced to preserve symbolic links. A new subrotine copy_symlink() was added. pkicreate failed to create a symbolic link to the symkey.jar file, it now creates the link to symkey.jar. The passwords written into the two password files were not terminated with a newline character, now they are. pkiremove would enter an infinate loop if the -force option was specified, this is now fixed. The tomcat6.conf file had been inadvertantly omitted from the tks subsystem. References to the deprecated apachectl file were expunged. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1577 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Undo the pre_merge_adjustmentjdennis2010-11-196-17/+141
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1576 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Merge CA changes into KRA,OCSP & TKSjdennis2010-11-1966-11817/+2500
| | | | git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1575 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Fix RPM's incorrect "requires perl(pkicommon)"jdennis2010-11-191-0/+7
| | | | | | | | | | The pki-setup package provides and uses a PRIVATE Perl module (pkicommon.pm). RPM erroneously believes there should be a requires perl(pkicommon) from the public perl library path. Use the documented macros to correct RPM's incorrect automatic dependency generation. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1574 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Correct merge mistake in context.xml.jdennis2010-11-191-1/+1
| | | | | | | | Restore crossContext attribute which had been erroneously removed during merging. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1573 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
* Make the instance initscript local to the instancejdennis2010-11-195-99/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Earlier in the patch series a change was introduced with respect to the initscripts. A per instance initscript was created in /etc/init.d for each instance. This was simply a symlink to the tomcat6 initscript (using the instance name). The uber initscript, pki-cad, would iterate over the installed instances and invoke the per instance initscript. However during the review process it was pointed out that when removing (erasing) an rpm the per instance initscripts would not be removed because they are not in the rpm file manifest. This would leave dangling initscripts. Also it was felt the per instance initscript in /etc/init.d was confusing when combined with the uber initscript. This patch moves the per instance initscript from /etc/init.d to the instance directory. It retains the same name (i.e. the instance name). Now instead of the the uber initscript invoking the per instance initscript in /etc/init.d via the service command it instead directly invokes initscript in the instance directory. This patch also fixes a bug discovered from reading the shell code invoked by the uber initscript (in the pki "functions" library). The test to determine if a supplied instance name was vaid was incorrect. The code did this: if [ "${PKI_REGISTRY}/${pki_instance}" != "${PKI_REGISTRY_ENTRIES}" ] however $PKI_REGISTRY_ENTRIES is a space separated list of all registry instance files, thus the test only succeeds if there is a single instance. The test was modified to iterate over the all the entries in $PKI_REGISTRY_ENTRIES. This patch also fixed the list_intances() function to list only the instance name, not the full path the to instance configuration file. We also replaced the use of /bin/ls with a shell glob. This patch also moves some variables which had been identically defined in both pkicreate and pkiremove into the pkicommon library for consistency and maintenance sake. git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1572 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
generated by cgit (git 2.34.1) at 2025-09-30 06:07:00 +0000