| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
| |
The DoRevoke and DoUnrevoke servlets have been refactored to use
the RevocationProcessor.
Ticket #161
|
| |
|
|
|
|
| |
The cert revocation CLI provides a tool to revoke and unrevoke certificates.
Ticket #161
|
| |
|
|
|
|
|
| |
The cert revocation REST service is based on DoRevoke and DoUnrevoke servlets.
It provides an interface to manage certificate revocation.
Ticket #161
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
The RequestStatus has been modified to use a map to convert string
into RequestStatus instance. The string constants in RequestStatus
are no longer needed because instances can be compared using
equal sign directly or equals().
Ticket #161
|
| | |
|
| |
|
|
|
|
| |
This patch provides verification of revocation reasons and proper handling for removeFromCRLrevocation reason.
Bug: 441354.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Refactored ProfileSubmitServlet to make the flow clearer. Both the legacy servlets
and the new RESTful servlets use common ProfileProcessor objects that contain the main
business logic, so that the amount of duplicated code is minimized.
Refactored ProfileProcessServlet to use the new common classes.
Addressed review comments. Removed an unneeded class and reverted some unneeded jaxb
annotations. Added factory methods.
|
| | |
|
| | |
|
| |
|
|
| |
Coverity fix for Forward NULL cases in DogTag 10.
|
| |
|
|
| |
Addressed review coments.
|
| |
|
|
|
|
|
| |
A new getEntity() method has been added to obtain the entity from
a Response object and also map HTTP errors into exceptions.
Ticket #161
|
| |
|
|
|
|
|
|
|
|
| |
Generally the user LDAP entry does not contain a seeAlso attribute
unless it's a special database user. The UGSubsystem.removeUserCert()
would fail because it tried to remove the seeAlso attribute. Now the
code has been fixed to remove the seeAlso using a separate modify
operation and ignore the error if it fails due to missing attribute.
Ticket #182
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
The X500Name and RDN have been modified to fix the incorrect method
signature for equals() and the missing hashCode().
Ticket #206
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Previously HTTPClient.sslConnect() would return a null if there is
a connection issue. Some code in pkisilent did not check the return
value properly so it would throw an exception. The sslConnect() has
been modified to throw an exception instead.
Ticket #180
|
| |
|
|
| |
REVERSE_INULL,Wrong_Map_Iterators
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
This patch provides a tool to manage groups and group members via
command line.
Ticket #160
|
| |
|
|
|
|
|
| |
The group REST service is based on UsrGrpAdminServlet. It provides an interface
to manage groups and group members.
Ticket #160
|
| |
|
|
|
|
| |
The user CLI provides a tool to manage users and user certificates.
Ticket #160
|
| |
|
|
|
|
|
| |
The user REST service is based on UsrGrpAdminServlet. It provides an interface
to manage users and user certificates.
Ticket #160
|
| |
|
|
|
|
|
| |
Ticket #373
This fix just appends a dummy value to the array, which consumes the error 53.
Patch provided by mreynolds.
|
| |
|
|
|
|
| |
The AdminServlet has been modified to use the new Auditor service.
Ticket #160
|
| |
|
|
|
|
|
|
|
| |
A new Auditor service has been added to replace the audit service that was
previously only available to subclasses of AdminServlet. The new service
can be used by other components including REST services. The AdminServlet
will be modified to use the Auditor service separately.
Ticket #160
|
| |
|
|
|
|
| |
support ECC
This patch allows TPS administrators to enroll for EC cert during installation wizard. It follows the same implementation as the Java subsystems and defaults to nistp256
|
| |
|
|
|
|
|
| |
* Integration of Tomcat 7
* Addition of centralized 'pki-tomcatd' systemd functionality to the
PKI Deployment strategy
* Removal of 'pki_flavor' attribute
|
| | |
|
| |
|
|
| |
FB.SBSC_USE_STRINGBUFFER_CONCATENATION --Remaining
|
| | |
|
| |
|
|
| |
FB.DM_STRING_CTOR, FB.DM_STRING_VOID_CTOR
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
The JSS library uses different paths on 32-bit and 64-bit platforms.
A script has been added to create a symbolic link such that Eclipse
can use the library without changing the classpath file. The script
could be extended further to simplify setting up the development
environment such as installing the dependencies.
Ticket #171
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Introduced concept of "admin-domain" originally as a
separate folder, and later incorporated this concept
into an optional instance prefix
* Revised definition of <pki_instance_id> to be identified
as "[<pki_admin_domain_name>-]<pki_instance_name>
* Changed NSS security database model from one shared
database by BOTH a single Tomcat AND single Apache instance
into one per Tomcat instance (shared by CA/KRA/OCSP/TKS) and
one per Apache instance (shared by RA/TPS)
* Altered Configuration 'scriptlet' to invoke Jython for
access to new Java configuration servlet
* Renamed various "scriptlets" to comply with this new layout
* Re-aligned code to account for revised layout documented at
http://pki.fedoraproject.org/wiki/PKI_Instance_Deployment
|
| |
|
|
|
| |
The base/common/src/CMakeLists.txt has been fixed to include
httpcore.jar in the class path.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Tickets #144 and #145
Providing the following:
1. Simple EE restful interface for certificates, printing, listing and searching.
2. Simple EE restful interface for certificate enrollment requests.
3. Simple EE restful interface for profiles and profile properties.
4. Simple Test client to exercise the functionality.
5. Created restful client base class inherited by CARestClient and DRMRestClient.
6. Provide simple restful implementations of new interfaces added.
ToDO: Need some more refactoring to base classes for some of the new classes which are similar to classes
in the DRM restful area.
ToDO: Actual certificate enrollment code that will be refactored from existing ProfileSubmitServlet.
Provide CA EE Restful interface and test client review fixes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Re-aligned code to account for revised layout documented at
http://pki.fedoraproject.org/wiki/PKI_Instance_Deployment
* Massaged logic to comply with PKI subsystem running within
a shared instance
* Developed code to take advantage of a single shared NSS security
database model
* Completed the following two 'scriptlets':
* Dogtag 10: Python 'slot_assignment.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/146)
* Dogtag 10: Python 'security_databases.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/136)
* Created several additional PKI deployment helper utilities.
|
| |
|
|
| |
Added code to create container on master if it does not exist.
|
| |
|
|
|
|
| |
Currently the realm only returns the last acl result in a multiple entry ACL. Since most of them only have one entry, this is mistly ok. This simple fix allows the code to handle multiple entries correctly.
Ticket #123.
|
