summaryrefslogtreecommitdiffstats
path: root/base/server
Commit message (Collapse)AuthorAgeFilesLines
...
* Cleaned up CertEnrollmentRequest.Endi S. Dewata2013-10-255-6/+6
| | | | | The CertEnrollmentRequest, ProfileInput, ProfileAttribute, and Descriptor have been cleaned up to fix some bugs and minor formatting issues.
* Reorganized server packages.Endi S. Dewata2013-10-25652-0/+221809
| | | | | The tomcat, cms, and cmscore packages have been moved from base/common into separate folders in base/server so that they can be built separately.
* Stand-alone DRMMatthew Harmsen2013-10-256-266/+329
| | | | * TRAC Ticket #762 - Stand-alone DRM (cleanup tasks)
* Stand-alone DRMMatthew Harmsen2013-10-1510-348/+711
| | | | * TRAC Ticket #667 - provide option for ca-less drm install
* enable tomcat access logAndrew Wnuk2013-10-151-2/+2
| | | | | | This patch enables Tomcat access log for Java subsystems. Ticket #558.
* Moved EnableSessionInAuthenticator script to 10.0.5.Endi S. Dewata2013-10-112-0/+4
|
* Add upgrade file for auth.propertiesAde Lee2013-10-092-0/+45
| | | | Also moved 10.1 version upgrade scripts to 10.0.99.
* Ticket 757 - Allow unescaped '%' characters in deployment file password valuesNathan Kinder2013-10-093-3/+36
| | | | | | | | | | | | | This patch allows password values in pkispawn deployment files to contain unescaped '%' characters. Non password settings support interpolation, so they still require escaping. This patch has been tested with deployment file based installs as well as interactive installs. The way it works is that we escape the password settings internally immediately after reading the deployment config file. The interactive installation code already escapes password values as it receives them from the user. This approach allows the rest of the installation code to remain as-is.
* Fixed pylint issue in pkiparser.py.Endi S. Dewata2013-10-071-1/+1
| | | | | | The exception handler in pkiparser.py has been modified to re-raise the exception such that it will be handled by the caller instead of exitting to the system immediately.
* Ticket 755 - Detect unescaped percent characters in deployment filesNathan Kinder2013-10-074-0/+18
| | | | | | | | | | | | The deployment config files used by pkispawn support interpolation as supplied by ConfigParser. Interpolation uses the '%' character, which means values that need to contain a '%' character need to be properly escaped. This patch detects errors with unescaped '%' characters and reports a useful message bac kto the user who is running pkispawn. This patch also adds notes to the pkispawn and pki_default.cfg man pages to explain that escaping of '%' characters is required.
* Changes to TPSConnectorService based on reviewAde Lee2013-09-301-1/+3
|
* Add service to generate and retrieve a shared secretAde Lee2013-09-304-0/+134
| | | | | | | | | | | | | | | | A new REST service has been added to the TKS to manage shared secrets. The shared secret is tied to the TKS-TPS connector, and is created at the end of the TPS configuration. At this point, the TPS contacts the TKS and requests that the shared secret be generated. The secret is returned to the TPS, wrapped using the subsystem certificate of the TPS. The TPS should then decrypt the shared secret and store it in its certificate database. This operations requires JSS changes, though, and so will be deferred to a later patch. For now, though, if the TPS and TKS share the same certdb, then it is sufficient to generate the shared secret. Clients and CLI are also provided. The CLI in particular is used to remove the TPSConnector entries and the shared secret when the TPS is pkidestroyed.
* Added interactive install for tomcat TPSAde Lee2013-09-202-0/+107
| | | | | | Up to now, only pkispawn with a config file worked for tomcat-tps installation. This patch adds the functionality for the interactive installation.
* Upgrade script to fix JAVA_OPTSAde Lee2013-09-182-10/+49
|
* Added new link for resteasy dependencyAde Lee2013-09-174-0/+9
| | | | | Resteasy 3.0.1 uses apache-commons-io. Also fixed PKIErrorInterceptor with correct method call and reformatted the interceptors.
* fixing for new tomcat systemd filesAde Lee2013-09-176-330/+76
| | | | | | | | tomcat now uses systemd unit files. We will reuse and customize those files accordingly. As a result, startup is simplified considerably - and pkidaemon has been gutted accordingly. We'll need to add migration scripts for older instances in a subsequent patch.
* TRAC Ticket #707 - Do not "require" the following pkispawn parameters for ↵Matthew Harmsen2013-09-162-19/+43
| | | | GUI-based configuration
* Catch all exceptions when checking for status.Ade Lee2013-09-062-10/+16
| | | | | | | | | | | | python-requests now throws a ProxyError if the server is not yet up. Previously only connect exceptions were seen. To ensure that we are not broken again when python-requests and the underlying libraries are changed, we will catch and log all exceptions. If the connection ultimately fails, we will time out in any case. Also fixed some new warnings from Pylint 1.0 Ticket 717
* TRAC Ticket #641 - Incorrect interface labels in pkidaemon outputMatthew Harmsen2013-09-042-32/+44
|
* Changed systemd service file so that target starts up correctlyAde Lee2013-09-022-3/+2
| | | | | | | Also added SuccessExitStatus directive to unit file to ignore exit value 143. As a result of this setting, exit status 0 is returned. Ticket 716
* Fixed pkispawn blocking during TPS deployment.Endi S. Dewata2013-08-261-2/+2
| | | | | | | Due to a recent change pkispawn would ask for the certificate database password interactively during TPS deployment. To fix the problem, the certutil invocation in pkihelper.py has been restored to the proper indentation.
* Added TPS installation to the web based install panels for JavaAde Lee2013-08-234-0/+220
|
* converted strings to lists and applied subprocess.check_call():Matthew Harmsen2013-08-221-168/+181
| | | | * TRAC Ticket #561 - Replace subprocess.call() with subprocess.check_call()
* By default, disable SSL3_RSA_WITH_DES_CBC_SHA.Matthew Harmsen2013-08-201-1/+1
| | | | * TRAC Ticket #706 - Disable SSL3_RSA_WITH_DES_CBC_SHA
* Fixed pylint false positive.Endi S. Dewata2013-08-163-8/+14
| | | | | | | Under some circumstances build would fail due to pylint E1103 error saying "Instance of 'list' has no 'strip' member". This is a false positive since the object is actually a string. To avoid the error the code has been changed to explicitly convert the value to string.
* Initial code to configure a TPS in tomcatAde Lee2013-08-134-2/+45
| | | | | This code allows pkispawn to configure a tps in tomcat. It does not include any config using the web UI panels.
* Fix link parsing code to remove broken symbolic links before replacing themAde Lee2013-08-021-0/+6
| | | | Trac Ticket 699
* Storing authentication info in session.Endi S. Dewata2013-07-291-0/+69
| | | | | | | | | The authenticator configuration has been modified to store the authentication info in the session so it can be used by the servlets. An upgrade script has been added to update the configuration in existing instances. The SSLAuthenticatorWithFalback was modified to propagate the configuration to the actual authenticator handling the request.
* Fixed NullPointerException with external CA.Endi S. Dewata2013-07-231-2/+1
| | | | | | | The deployment tool has been modified to overwrite the pki_issuing_ca when configuring with external CA regardless of the default value. Bugzilla #986901
* Added man pages for upgrade tools.Endi S. Dewata2013-07-222-16/+202
| | | | | | | New man pages have been added for pki-upgrade and pki-server-upgrade. The spec file and build scripts have been updated accordingly. Ticket #582
* Minor issue - redundant import in pkispawnAbhishek Koneru2013-07-222-3/+2
| | | | | | | A redundant import has been added in one ofthe previous patches. Fixed another small issue while using the escape character. Pylint fixes.
* Cleaned up code to install man pages.Endi S. Dewata2013-07-221-19/+7
| | | | | | | The code to install man pages in the spec file and CMake scripts has been cleaned up for clarity. Ticket #582
* Reorganized deployment tools.Endi S. Dewata2013-07-2222-93/+47
| | | | | | | The pkispawn and pkidestroy scripts have been moved into sbin folder. The Python deployment library and the scriptlets were moved into pki.server.deployment and pki.server.deployment.scriptlets packages, respectively.
* Minor changes in Installation Summary.Abhishek Koneru2013-07-222-8/+14
| | | | | | | Added pki client directory to the installation summary. Also formatted the access url statement. Ticket #645
* Fixes for issues reported by pylint.Abhishek Koneru2013-07-183-5/+14
| | | | | | Fixed the warning W0202 - attributes defined outside init and error E0202 - An instance attribute hiding a method (which is actually an error in json.encoder.JSONEncoder line 157.)
* Fix a defect in upgrade scripts.Abhishek Koneru2013-07-161-4/+4
| | | | | A bug introduced in upgrade scripts while fixing pylint errors and warnings are fixed.
* Reorganized server files.Endi S. Dewata2013-07-1357-0/+9899
| | | | | Some server files in base/common have been moved to base/server for consistency. The build scripts have been updated accordingly.
* Fixed pylint warning W0212.Abhishek Koneru2013-07-101-2/+2
| | | | | Replaced accessing _sections, a protected member in ConfigParser with function call ConfigParser.items('SECTION_NAME')
* Fixes for issues reported by pylint.Abhishek Koneru2013-07-105-22/+25
| | | | | Fixes for issues in other files. Ticket #316
* Fix issues reported by pylint.Abhishek Koneru2013-07-1014-48/+49
| | | | | | | Fixed all warnings caused due to absolute import of modules in same package and not marking the regexes with an r when trying to match. Ticket #316
* Moved script to remove JNI_JAR_DIR to 10.0.3 folder.Endi S. Dewata2013-07-101-0/+4
| | | | | | | | The redundant JNI_JAR_DIR will be removed from /etc/pki/pki.conf starting from version 10.0.4. Empty folders need be created for each released version number to allow proper upgrade and revert operations.
* Added support to backup folders during upgrade.Endi Sukma Dewata2013-07-081-37/+37
| | | | | | | The upgrade framework has been updated to support backup and restore operations for folders and their contents. Ticket #583
* Fixes for issues reported by pylint.Abhishek Koneru2013-07-037-42/+38
| | | | | Fixes for issues in other files. Ticket #316
* Fixes for issues reported by pylint.Abhishek Koneru2013-07-025-70/+66
| | | | | Fixes for issues in other files. Ticket #316
* Fixes for issues reported by pylint.Abhishek Koneru2013-07-025-20/+20
| | | | | Fixes for issues in other files. Ticket #316
* Fixes for issues reported by pylint.Abhishek Koneru2013-07-022-63/+57
| | | | | Fixes for issues in pkihelper.py. Ticket #316
* Minor reference fix in selinux-setup.pyAbhishek Koneru2013-07-011-1/+1
|
* Applied PEP8 formatting to python files.Abhishek Koneru2013-06-2711-632/+632
| | | | | | | General formatting done for all the python files except for the line length issue, which could not be formatted using Pydev in Eclipse. Ticket #316
* Code refactored for global variables and utility classes.Abhishek Koneru2013-06-2715-1408/+1471
| | | | | | | | | | Added a new class PKIDeployer, whose object holds references to global dictionaries for master and slots and also objects of utility classes in pkihelper.py. This object once created in pkispawn/pkidestroy will be passed on to the PKIScriptlets and used. This also fixes few pylint related errors (E1120) Ticket #316
* Modify pkispawn to handle case where no subsystemCerts are generatedAde Lee2013-06-261-1/+8
| | | | | | When installing clone of a KRA into an existing instance, no new system certs are generated, and so the systemCerts parameter is not populated. This patch addresses this issue.
generated by cgit (git 2.34.1) at 2025-09-30 23:32:03 +0000