summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Refactored GetCookie servlet.ticket-309Endi Sukma Dewata2012-10-171-89/+43
| | | | | | | The GetCookie servlet has been refactored to use the new SecurityDomainProcessor. Ticket #309
* Enabled authentication for security domain REST interface.Endi Sukma Dewata2012-10-1718-157/+460
| | | | | | | | The REST interface for security domain has been refactored and configured such that it requires authentication. A CLI has been added to get an installation token. Ticket #309
* Reverted to old interface and httpclient to get installation token.Ade Lee2012-10-122-0/+31
| | | | | This is a workaround until we can get the new interface working on IPA clones.
* Added net-tools dependencyAde Lee2012-10-121-0/+2
|
* changes to remind folks not to use pkicreate/pkiremoveAde Lee2012-10-122-178/+8
|
* Update tomcatjss dependencyAde Lee2012-10-122-7/+13
|
* Return to d9 behavior for RetrieveModificationsTaskAde Lee2012-10-111-3/+3
|
* Added pki_tomcat_script_t type and rules to support upgraded instancesAde Lee2012-10-111-1/+18
| | | | | This is so runcon in pkicontrol will continue to work for d9 style instances.
* New selinux interface needed for certmonger directory accessAde Lee2012-10-102-1/+21
|
* Added pki_tomcat_cert_t type and interface to access itAde Lee2012-10-105-1/+51
| | | | | Added permissions to certmonger to access the certdb. Also added some missing selinux permissions for pki_tomcat_t
* Update selinux-policy version to fix error from latest policy changesAde Lee2012-10-081-3/+6
|
* fix spec typoAde Lee2012-10-081-3/+6
|
* Added build requires for version of selinux-policy-develAde Lee2012-10-081-2/+9
|
* Update release to b1Ade Lee2012-10-0815-15/+39
|
* Fix name of CS.cfg backup fileAde Lee2012-10-081-1/+1
|
* Backup CS.cfg before d10 updateAde Lee2012-10-081-0/+3
|
* Merged pki-silent into pki-server.Endi Sukma Dewata2012-10-077-66/+34
| | | | | | The pki-silent package has been merged into pki-server package. Ticket #354
* Renamed "shared" folder to "server".Endi Sukma Dewata2012-10-074-20/+19
| | | | | | | The "shared" folder in /usr/share/pki has been renamed to "server" since it contains only server files. Ticket #353
* Changes to start pki_ra and pki_tps in correct contextAde Lee2012-10-0512-25/+62
| | | | | Added required selinux versions to spec file. Also added additional rule needed for F17
* add selinux context for pkidaemon, remove unneeded pid and lock codeAde Lee2012-10-055-67/+30
| | | | | remove runcon from operations, add rules for spawn/destroy, add mgrepl changes to policy
* move common policy into tps, ra templatesAde Lee2012-10-052-336/+98
|
* Use the tomcat selinux domain for the Java processesAde Lee2012-10-052-321/+97
|
* Added needed link for updated d9 -> d10 instancesAde Lee2012-10-051-1/+3
| | | | Ticket 356
* Added Provides to packages replacing obsolete packages.Endi Sukma Dewata2012-10-021-1/+17
| | | | | | | Packages that replaced old packages have been modified to specify "Provides" to satisfy dependency on the old packages. Ticket #336
* Updated release to a2Ade Lee2012-10-0115-15/+39
|
* Using RPM version number in CMake.Endi Sukma Dewata2012-10-0144-77/+107
| | | | | | | | | | | | The RPM spec files have been modified to pass the full RPM version number to CMake. The version number contains the product version number, release number, milestone, and platform. The CMake scritps will parse and use this version number to generate Java manifest files. The product version number will be used as the specification version and full version number will be used as the implementation version. Ticket #339
* Added package checking for pkispawn.Endi Sukma Dewata2012-10-012-0/+7
| | | | | | | The pkispawn has been modified such that it will check whether the package for the subsystem being created has been installed. Ticket #332
* https://fedorahosted.org/pki/ticket/252 - TMS - ECC Key RecoveryChristina Fu2012-09-303-29/+74
|
* TMS key recovery part of - Bug 737122 - DRM: during archiving and ↵Christina Fu2012-09-281-36/+115
| | | | recovering, wrapping unwrapping keys should be done in the token
* Added version number into server status.Endi Sukma Dewata2012-09-281-0/+2
| | | | | | | The GetStatus servlet has been modified to include the server version number. Ticket #339
* Added VERSION file.Endi Sukma Dewata2012-09-2828-10/+190
| | | | | | | | | | | The CMake scripts have been modified to store the version number in /usr/share/pki/VERSION and in JAR manifest files. These files can be read by PKI applications to obtain the version number without having to query the RPM database. Fixed warnings in Java.cmake file. Ticket #339
* fall back to old interface for installtoken if neededAde Lee2012-09-272-4/+87
|
* Renamed escapeDN() into escapeRDNValue().Endi Sukma Dewata2012-09-278-63/+63
| | | | | | | The escapeDN() has been renamed into escapeRDNValue() for better clarity. Ticket #193
* (fixed warning for) task #304 TMS ECC infrastructure (enrollment with ↵Christina Fu2012-09-261-2/+2
| | | | client-side and server-side key generation, and key archival)
* Correctly resolve symlinks in subdirectoriesMatthew Harmsen2012-09-251-3/+4
| | | | | | | | | | | | * TRAC Ticket #338 - Dogtag 10: pkihelper.py directory.set_mode() does not resolve symlinks correctly This patch fixes the problem that although top-level symlinks are correctly identified as symbolic links, symlinks which exist under a subdirectory are incorrectly identified as files, and thus the 'chown' and 'chmod' commands are applied to the symlink which in turn actually get applied to the target file instead.
* Merged pki-setup into pki-server.Endi Sukma Dewata2012-09-255-57/+43
| | | | | | | The scripts to create and remove PKI instances have been moved from pki-setup into pki-server package. Ticket #336
* Use getStatus servlet to provide startup statusAde Lee2012-09-212-0/+8
| | | | Ticket 314
* Audit Cert RenewalMatthew Harmsen2012-09-201-2/+2
| | | | | * TRAC Ticket #333 - Increase audit cert renewal range to 2 years * Bugzilla Bug #843979 - Increase audit cert renewal range to 2 years
* time based searchesAndrew Wnuk2012-09-207-412/+254
| | | | | | | This patch removes "fixed" year from time based searches for agent and EE interfaces. It also unifies time selection between search and revocation templates. Bug 854420.
* Changes to use standard dbuserAde Lee2012-09-197-26/+111
| | | | | | | | | | | | | | | | | We create a user that can be used to connect to the database using the subsystem cert for client auth. We identified this user, using the seeAlso attribute and provided certmap rules to this effect. For this user, we used to reuse the uid = user CA-hostname-port, which is already created for inter-system communication. But this is problematic if more than one dbuser exists, as the directory server may bind as the incorrect user. In any replication topology, there must be only one dbuser using the subsystem cert. To simplify things, we create a new user specifically for this purpose (pkidbuser), and we remove the seeAlso attribute from the older dbusers. A script is needed to convert existing dogtag 9 istances to use the new user, and set the relevant acls. This will be done in a separate commit.
* Provide default for operations transition list, related # 858816.Jack Magne2012-09-191-0/+1
|
* Added DN and filter escaping in ConfigurationUtils.Endi Sukma Dewata2012-09-191-19/+19
| | | | | | | The ConfigurationUtils has been modified to escape values used in DN or filter according to LDAP standard. Ticket #193
* Removed duplicate DN escaping methods.Endi Sukma Dewata2012-09-198-130/+14
| | | | | | | | The duplicate methods to escape DN value have been removed. The codes that used the duplicate methods have been modified to use LDAPUtil.escapeDN(). Ticket #193
* Added DN and filter escaping in UGSubsystem.Endi Sukma Dewata2012-09-192-26/+34
| | | | | | | The UGSubsystem has been modified to escape values used in DN or filter according to LDAP standard. Ticket #193
* Fixed conflicting log4j.properties.Endi Sukma Dewata2012-09-193-21/+22
| | | | | | | | | The <instance>/lib link has been replaced with a real folder which contains links to the files in /usr/share/tomcat/lib. This way the log4j.properties can be placed in this folder without causing conflicts with other instances. Ticket: #284
* https://fedorahosted.org/pki/ticket/304Christina Fu2012-09-183-39/+311
| | | | TMS ECC infrastructure (enrollment with client-side and server-side key generation, and key archival)
* https://fedorahosted.org/pki/ticket/304Christina Fu2012-09-1811-244/+579
| | | | TMS ECC infrastructure (enrollment with client-side and server-side key generation, and key archival)
* Fixed problems with optional pki-symkey.Endi Sukma Dewata2012-09-184-8/+18
| | | | | | | | The deployment and init scripts have been fixed to create and check the link to symkey.jar if a TKS instance is added, and remove the link if the instance is removed. Ticket #331
* Deregister subsystem in merged instanceMatthew Harmsen2012-09-132-1/+9
| | | | * TRAC Ticket #311 - Unable to deregister subsystem in merged instance
* Added Conflicts for IPA 2.x and Build Requires for zip for mock problemAde Lee2012-09-131-1/+7
|
generated by cgit (git 2.34.1) at 2024-04-23 08:32:17 +0000