pki.git - Unnamed repository; edit this file 'description' to name the repository.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Changes to TPSConnectorService based on review	Ade Lee	2013-09-30	1	-1/+3
\|
*	Add service to generate and retrieve a shared secret	Ade Lee	2013-09-30	3	-0/+133
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	A new REST service has been added to the TKS to manage shared secrets. The shared secret is tied to the TKS-TPS connector, and is created at the end of the TPS configuration. At this point, the TPS contacts the TKS and requests that the shared secret be generated. The secret is returned to the TPS, wrapped using the subsystem certificate of the TPS. The TPS should then decrypt the shared secret and store it in its certificate database. This operations requires JSS changes, though, and so will be deferred to a later patch. For now, though, if the TPS and TKS share the same certdb, then it is sufficient to generate the shared secret. Clients and CLI are also provided. The CLI in particular is used to remove the TPSConnector entries and the shared secret when the TPS is pkidestroyed.
*	Added interactive install for tomcat TPS	Ade Lee	2013-09-20	1	-0/+42
\| \| \| \| \| \|	Up to now, only pkispawn with a config file worked for tomcat-tps installation. This patch adds the functionality for the interactive installation.
*	Added new link for resteasy dependency	Ade Lee	2013-09-17	1	-0/+2
\| \| \| \| \|	Resteasy 3.0.1 uses apache-commons-io. Also fixed PKIErrorInterceptor with correct method call and reformatted the interceptors.
*	fixing for new tomcat systemd files	Ade Lee	2013-09-17	1	-1/+1
\| \| \| \| \| \| \| \|	tomcat now uses systemd unit files. We will reuse and customize those files accordingly. As a result, startup is simplified considerably - and pkidaemon has been gutted accordingly. We'll need to add migration scripts for older instances in a subsequent patch.
*	TRAC Ticket #707 - Do not "require" the following pkispawn parameters for ↵	Matthew Harmsen	2013-09-16	1	-19/+23
\| \| \| \|	GUI-based configuration
*	Catch all exceptions when checking for status.	Ade Lee	2013-09-06	2	-10/+16
\| \| \| \| \| \| \| \| \| \| \| \|	python-requests now throws a ProxyError if the server is not yet up. Previously only connect exceptions were seen. To ensure that we are not broken again when python-requests and the underlying libraries are changed, we will catch and log all exceptions. If the connection ultimately fails, we will time out in any case. Also fixed some new warnings from Pylint 1.0 Ticket 717
*	Fixed pkispawn blocking during TPS deployment.	Endi S. Dewata	2013-08-26	1	-2/+2
\| \| \| \| \| \| \|	Due to a recent change pkispawn would ask for the certificate database password interactively during TPS deployment. To fix the problem, the certutil invocation in pkihelper.py has been restored to the proper indentation.
*	converted strings to lists and applied subprocess.check_call():	Matthew Harmsen	2013-08-22	1	-168/+181
\| \| \| \|	* TRAC Ticket #561 - Replace subprocess.call() with subprocess.check_call()
*	By default, disable SSL3_RSA_WITH_DES_CBC_SHA.	Matthew Harmsen	2013-08-20	1	-1/+1
\| \| \| \|	* TRAC Ticket #706 - Disable SSL3_RSA_WITH_DES_CBC_SHA
*	Fixed pylint false positive.	Endi S. Dewata	2013-08-16	1	-4/+8
\| \| \| \| \| \| \|	Under some circumstances build would fail due to pylint E1103 error saying "Instance of 'list' has no 'strip' member". This is a false positive since the object is actually a string. To avoid the error the code has been changed to explicitly convert the value to string.
*	Initial code to configure a TPS in tomcat	Ade Lee	2013-08-13	2	-1/+33
\| \| \| \| \|	This code allows pkispawn to configure a tps in tomcat. It does not include any config using the web UI panels.
*	Fixed NullPointerException with external CA.	Endi S. Dewata	2013-07-23	1	-2/+1
\| \| \| \| \| \| \|	The deployment tool has been modified to overwrite the pki_issuing_ca when configuring with external CA regardless of the default value. Bugzilla #986901
*	Minor issue - redundant import in pkispawn	Abhishek Koneru	2013-07-22	1	-2/+2
\| \| \| \| \| \| \|	A redundant import has been added in one ofthe previous patches. Fixed another small issue while using the escape character. Pylint fixes.
*	Reorganized deployment tools.	Endi S. Dewata	2013-07-22	19	-0/+6710
\| \| \| \| \| \| \|	The pkispawn and pkidestroy scripts have been moved into sbin folder. The Python deployment library and the scriptlets were moved into pki.server.deployment and pki.server.deployment.scriptlets packages, respectively.
*	Fix a defect in upgrade scripts.	Abhishek Koneru	2013-07-16	1	-4/+4
\| \| \| \| \|	A bug introduced in upgrade scripts while fixing pylint errors and warnings are fixed.
*	Fixes for issues reported by pylint.	Abhishek Koneru	2013-07-10	1	-17/+17
\| \| \| \| \|	Fixes for issues in other files. Ticket #316
*	Fixes for issues reported by pylint.	Abhishek Koneru	2013-07-03	1	-4/+4
\| \| \| \| \|	Fixes for issues in other files. Ticket #316
*	Fixes for issues reported by pylint.	Abhishek Koneru	2013-07-02	1	-10/+10
\| \| \| \| \|	Fixes for issues in other files. Ticket #316
*	Applied PEP8 formatting to python files.	Abhishek Koneru	2013-06-27	2	-8/+8
\| \| \| \| \| \| \|	General formatting done for all the python files except for the line length issue, which could not be formatted using Pydev in Eclipse. Ticket #316
*	Added support for backup/restore on upgrade.	Endi Sukma Dewata	2013-05-15	1	-0/+6
\| \| \| \| \| \| \| \| \| \|	The upgrade framework has been modified to support backup and restore functionality. A new method backup(filename) has been added to save a file into a backup folder. The CLI's have been modified to accept a --revert parameter which will restore the backup files one version at a time. Ticket #583
*	Fixed undefined PKIException.	Endi Sukma Dewata	2013-04-29	1	-2/+2
\| \| \| \| \|	The pki.server module has been fixed to include the module name of the PKIException.
*	Fixed undefined BASE_DIR.	Endi Sukma Dewata	2013-04-29	1	-4/+4
\| \| \| \| \|	The pki.server module has been fixed to include the module name of the BASE_DIR.
*	Added upgrade scriptlet to add JNI_JAR_DIR.	Endi Sukma Dewata	2013-04-29	2	-3/+1
\| \| \| \| \| \| \| \| \| \|	A new upgrade scriptlet has been added to add JNI_JAR_DIR into pki.conf. The code to manipulate property files has been refactored from PKIUpgradeTracker into a separate PropertyFile class to allow reuse. The pki-base package has been modified to deliver a default pki.conf in /usr/share/pki/etc and copy it into /etc/pki if it doesn't exist.
*	Fixed server upgrade problem on new installation.	Endi Sukma Dewata	2013-04-29	1	-0/+4
\| \| \| \| \| \| \| \|	The PKIServerUpgrader.get_current_version() incorrectly returns None if there is no instance on the system. It has been modified to return the target version so that no upgrade operation will occur. Bugzilla #957690
*	Refactored upgrade framework into base and server upgrade.	Endi Sukma Dewata	2013-04-25	2	-0/+400
	The upgrade framework has been split into base and server upgrade frameworks since they will be run automatically by different RPM packages during upgrade. The base upgrade framework will upgrade the system configuration. The server upgrade framework will upgrade the instances and subsystems. Ticket #544