summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Added new link for resteasy dependencyAde Lee2013-09-178-16/+28
| | | | | Resteasy 3.0.1 uses apache-commons-io. Also fixed PKIErrorInterceptor with correct method call and reformatted the interceptors.
* fixing for new tomcat systemd filesAde Lee2013-09-176-330/+76
| | | | | | | | tomcat now uses systemd unit files. We will reuse and customize those files accordingly. As a result, startup is simplified considerably - and pkidaemon has been gutted accordingly. We'll need to add migration scripts for older instances in a subsequent patch.
* Change interceptors to use jaxrs 2.0Ade Lee2013-09-173-36/+21
| | | | | | | | RESTEasy 3.0.1 provides JAX-RS 2.0 interceptors. We need to either use these or the proprietary ones in order to compile. These ones appear to be working just fine. It does turn out that the change to getStringHeaders() is not yet implemented in 3.0.1 so we'll have to fix that.
* Connected TPS certificate database to LDAP.Endi S. Dewata2013-09-174-45/+56
| | | | | | | | The TPSCertDatabase has been reimplemented using LDAPDatabase. The TPSCertRecord has been modified to specify the object class and attribute mappings. Ticket #652
* Connected TPS activity database to LDAP.Endi S. Dewata2013-09-174-39/+44
| | | | | | | | The ActivityDatabase has been reimplemented using LDAPDatabase. The ActivityRecord has been modified to specify the object class and attribute mappings. Ticket #652
* Connected token database to LDAP.Endi S. Dewata2013-09-174-38/+54
| | | | | | | | The TokenDatabase has been reimplemented using LDAPDatabase. The TokenRecord has been modified to specify the object class and attribute mappings. Ticket #652
* Added LDAPDatabase.Endi S. Dewata2013-09-176-4/+337
| | | | | | | A new LDAPDatabase class was added as a base class for LDAP-based databases. A new DBRecord class was added to provide the default implementation for record classes. New annotation classes were added to specify the object class and attribute mappings.
* Fixed dependency issue on RenewableCertificateCollection.Endi S. Dewata2013-09-173-33/+55
| | | | | | The RenewableCertificateCollection class is in the server package but it's used by ICertificateRepository in the base package, so the class has been moved into the base package.
* Fixed dependency issue on ProfilePolicy.Endi S. Dewata2013-09-174-28/+25
| | | | | | The ProfilePolicy is in the server package but it's used by IProfile interface in the base package. The interface have been modified to use IProfilePolicy instead.
* Fixed duplicate TPSSubsystem instance.Endi S. Dewata2013-09-176-27/+24
| | | | | | Previously there were two TPSSubsystem instances: one created by CMSEngine and the other created by the static code in TPSSubsystem. The second instance has been removed since it's a duplicate and not initialized properly.
* TRAC Ticket #707 - Do not "require" the following pkispawn parameters for ↵Matthew Harmsen2013-09-162-19/+43
| | | | GUI-based configuration
* Patch to get rid of introduced warnings.Jack Magne2013-09-104-8/+8
|
* Bug 1005025 - Unable to view Curve details of ECC Cert request from Agent ↵Christina Fu2013-09-103-326/+346
| | | | interface
* Catch all exceptions when checking for status.Ade Lee2013-09-062-10/+16
| | | | | | | | | | | | python-requests now throws a ProxyError if the server is not yet up. Previously only connect exceptions were seen. To ensure that we are not broken again when python-requests and the underlying libraries are changed, we will catch and log all exceptions. If the connection ultimately fails, we will time out in any case. Also fixed some new warnings from Pylint 1.0 Ticket 717
* manager.ldif referenced incorrectly in CS.cfgAde Lee2013-09-043-3/+3
| | | | Ticket 719
* TRAC Ticket #641 - Incorrect interface labels in pkidaemon outputMatthew Harmsen2013-09-047-58/+70
|
* Provide enrollment template per profileAde Lee2013-09-038-12/+301
| | | | | | | | | | | This adds an API call to get a template which can be used to generate an enrollment request which can be passed into the REST API. The template is simply a CertRequest with the relevant inputs for that profile added in. Per code review comments, have added the templates interface to CertRequestResource instead. This patch now includes /certrequests/profiles and /certrequests/profiles/{id}. In a subsequent patch, all calls in ProfileResource will be restricted to admins and agents.
* Add audit logging to profile interfaceAde Lee2013-09-029-113/+785
| | | | | | This patch adds initial audit logging to the Profile interface. A more complete review of audit logging will probably be done for Common Criteria testing.
* Fixed filter code for revocationReasonAde Lee2013-09-022-3/+4
| | | | | | | Filter was incorrectly setting ldap query to revocationReason* resulting in a reach for revocationReason 1 returning 1 and 10 Ticket 712
* Changed systemd service file so that target starts up correctlyAde Lee2013-09-022-3/+2
| | | | | | | Also added SuccessExitStatus directive to unit file to ignore exit value 143. As a result of this setting, exit status 0 is returned. Ticket 716
* Move status marker from CS.cfg to a variable.Ade Lee2013-09-025-24/+20
|
* Bug 986831 - Some tools are broken for ECC with NSS token aloneChristina Fu2013-09-012-2/+4
|
* Added TPS authenticator resource.Endi S. Dewata2013-09-0119-0/+1669
| | | | | | | A skeleton for TPS authenticator services and the clients have been added. The service implementation will be added later. Ticket #652
* Added TPS connection resource.Endi S. Dewata2013-09-0122-10/+1698
| | | | | | | A skeleton for TPS connection services and the clients have been added. The service implementation will be added later. Ticket #652
* Reorganized TPS classes.Endi S. Dewata2013-09-0132-60/+60
| | | | | | | | | | | The TPS classes have been reorganized as follows: * common: com.netscape.certsrv.tps * CLI: com.netscape.cmstools.tps * server: org.dogtagpki.server.tps TPSConnection and TPSMessage were moved from server package into common package. The build script and configuration files have been modified accordingly.
* Pre-registration of CA cross signing profileAndrew Wnuk2013-08-291-1/+3
| | | | | | This patch provides pre-registration of CA cross signing profile. Ticket #681.
* CA cross signing profileAndrew Wnuk2013-08-291-0/+92
| | | | | | This patch provides new profile to support CA cross signing enrollment. Ticket #681
* Pre-registration of UserSubjectNameConstraint plug-inAndrew Wnuk2013-08-291-1/+4
| | | | | | This patch provides pre-registration of UserSubjectNameConstraint plug-in. Ticket #682.
* UserSubjectNameConstraint plug-inAndrew Wnuk2013-08-292-0/+94
| | | | | | This patch provides new UserSubjectNameConstraint plug-in allowing to include user subject name with its original encoding into certificate. Ticket #682
* CRMFPopClient updateAndrew Wnuk2013-08-281-10/+84
| | | | | | This patch provides enhancement to CRMFPopClient allowing to control encoding for components of the subject name. Ticket #676
* PKCS10Client updateAndrew Wnuk2013-08-261-9/+85
| | | | | | This patch provides enhancement to PKCS10Client allowing to control encoding for components of the subject name. Ticket #677
* Fixed pkispawn blocking during TPS deployment.Endi S. Dewata2013-08-261-2/+2
| | | | | | | Due to a recent change pkispawn would ask for the certificate database password interactively during TPS deployment. To fix the problem, the certutil invocation in pkihelper.py has been restored to the proper indentation.
* Added TPS certificate resource.Endi S. Dewata2013-08-2414-0/+1174
| | | | | | | | New TPS services and clients have been added for TPS certificates. The certificate database is currently implemented as in-memory database with some sample data. Later it will be converted into LDAP database. Ticket #652
* Added subsystem group commands.Endi S. Dewata2013-08-2412-4/+28
| | | | | | | The group client and CLI has been added into each subsystem (e.g. ca-group-*) while keeping the original command for backward compatibility. Ticket #652
* Added TPS user CLI.Endi S. Dewata2013-08-246-14/+34
| | | | | | | | The TPS client has been modified to include user client. The TPS CLI has also been modified to provide user commands. New ACL entries have been added to grant access rights to TPS administrators. Ticket #652
* Added TPS activities resource.Endi S. Dewata2013-08-2415-21/+999
| | | | | | | | New REST services and clients have been added for TPS activities. The activity database is currently implemented as in-memory database with some sample data. Later it will be converted into LDAP database. Ticket #652
* Reorganized CLI user commands.Endi S. Dewata2013-08-2310-1/+306
| | | | | | | | New CLI modules have been added for each subsystem. The user commands have been added to these subsystems while keeping the original command for backward compatibility. Ticket #701
* Refactored CLI framework.Endi S. Dewata2013-08-2359-636/+584
| | | | | | | | | | Some common CLI methods and attributes have been refactored into the CLI base class. A new SubsystemCLI class was added as the base for subsystem CLI modules. The MainCLI was modified such that it will only perform authentication if the subsystem is specified in the server URI. If no subsystem is specified in the URI, the authentication will be done by the subsystem CLI module. Ticket #701
* Refactored client framework.Endi S. Dewata2013-08-2322-131/+276
| | | | | | | | | A new Client class was added as a base for all client classes. The SubsystemClient was added as a base for all subsystem clients. It also provides methods to authenticate against the subsystem. The DRMClient has been renamed to KRAClient to match the actual subsystem name. Ticket #701
* Added TPS installation to the web based install panels for JavaAde Lee2013-08-2315-47/+954
|
* converted strings to lists and applied subprocess.check_call():Matthew Harmsen2013-08-221-168/+181
| | | | * TRAC Ticket #561 - Replace subprocess.call() with subprocess.check_call()
* Add TPS profile ID auxilliary object to tps usersAde Lee2013-08-2110-6/+263
|
* Added generic database.Endi S. Dewata2013-08-206-78/+165
| | | | | | | | A new generic database class has been added to simplify in-memory database creation. The token database has been refactored to inherit this class. Ticket #652
* Reorganized interceptors.Endi S. Dewata2013-08-207-12/+16
| | | | | | The ACLInterceptor and AuthMethodInterceptor interceptors only run on the server, so they have been moved from the base package into the server package.
* By default, disable SSL3_RSA_WITH_DES_CBC_SHA.Matthew Harmsen2013-08-202-2/+2
| | | | * TRAC Ticket #706 - Disable SSL3_RSA_WITH_DES_CBC_SHA
* Add TPS self testsAde Lee2013-08-207-9/+425
| | | | | Added self tests analogous to the tests previously performed inthe C subsystem.
* Wrong date in %changelog in pki-core.specAbhishek Koneru2013-08-191-1/+1
|
* Fixed TPS installation problem.Endi S. Dewata2013-08-162-2/+0
| | | | | The Conflicts tags in pki-tps and pki-tps-tomcat have been removed since it blocks the installation.
* Fixed pylint false positive.Endi S. Dewata2013-08-163-8/+14
| | | | | | | Under some circumstances build would fail due to pylint E1103 error saying "Instance of 'list' has no 'strip' member". This is a false positive since the object is actually a string. To avoid the error the code has been changed to explicitly convert the value to string.
* Moved Tomcat-based TPS to separate folder.Endi S. Dewata2013-08-1575-39/+2324
| | | | | | | | | | | The source files for the new Tomcat-based TPS has been moved from base/tps to base/tps-tomcat. The new TPS will now be build in pki-core and packaged in pki-tps-tomcat RPM. The old TPS and RA have been restored to the previous state before adding the new TPS. Once the new TPS is complete, the old TPS can be removed, the new TPS can be moved back to base/tps and the package can be renamed back to pki-tps. Ticket #702
generated by cgit (git 2.34.1) at 2024-10-06 03:31:27 +0000