diff options
author | mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-03-29 03:53:19 +0000 |
---|---|---|
committer | mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-03-29 03:53:19 +0000 |
commit | 6c20ba0ca3f1eba1ebe9483f21143f37b54e3197 (patch) | |
tree | 7d667ce6c2c9630872773455312b7e49b13f1635 | |
parent | ea9e8b305e9a50f45d79738389aca4df6bf52aaf (diff) | |
download | pki-6c20ba0ca3f1eba1ebe9483f21143f37b54e3197.tar.gz pki-6c20ba0ca3f1eba1ebe9483f21143f37b54e3197.tar.xz pki-6c20ba0ca3f1eba1ebe9483f21143f37b54e3197.zip |
Bugzilla Bug #492503 - Integrate "mod_revocator" as a runtime dependency for
RA and TPS
Bugzilla Bug #492180 - Security officer: token recovery for a security officer
throws error 28 'connection to server lost'.
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@348 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
-rw-r--r-- | pki/base/ra/apache/conf/httpd.conf | 2 | ||||
-rw-r--r-- | pki/base/ra/apache/conf/revocator.conf | 19 | ||||
-rwxr-xr-x | pki/base/ra/lib/perl/PKI/RA/DonePanel.pm | 6 | ||||
-rwxr-xr-x | pki/base/setup/pkicreate | 47 | ||||
-rw-r--r-- | pki/base/tps/Makefile.am | 11 | ||||
-rw-r--r-- | pki/base/tps/Makefile.in | 11 | ||||
-rw-r--r-- | pki/base/tps/apache/conf/httpd.conf | 2 | ||||
-rw-r--r-- | pki/base/tps/apache/conf/revocator.conf | 19 | ||||
-rwxr-xr-x | pki/base/tps/lib/perl/PKI/TPS/DRMInfoPanel.pm | 6 | ||||
-rwxr-xr-x | pki/base/tps/lib/perl/PKI/TPS/DonePanel.pm | 6 | ||||
-rw-r--r-- | pki/dogtag/ra/pki-ra.spec | 9 | ||||
-rw-r--r-- | pki/dogtag/setup/pki-setup.spec | 7 | ||||
-rw-r--r-- | pki/dogtag/tps/pki-tps.spec | 9 |
13 files changed, 139 insertions, 15 deletions
diff --git a/pki/base/ra/apache/conf/httpd.conf b/pki/base/ra/apache/conf/httpd.conf index b3e36d27..e3b244b5 100644 --- a/pki/base/ra/apache/conf/httpd.conf +++ b/pki/base/ra/apache/conf/httpd.conf @@ -254,6 +254,8 @@ LoadModule negotiation_module [FORTITUDE_LIB_DIR]/modules/mod_negotiation.so LoadModule cgi_module [FORTITUDE_LIB_DIR]/modules/mod_cgi.so # Required module for commands in nss.conf: [FORTITUDE_NSS_MODULES] +# Required module for commands in revocator.conf: +[FORTITUDE_REVOCATOR_MODULES] <Location /nk_service> SetHandler nk_service diff --git a/pki/base/ra/apache/conf/revocator.conf b/pki/base/ra/apache/conf/revocator.conf new file mode 100644 index 00000000..dda30132 --- /dev/null +++ b/pki/base/ra/apache/conf/revocator.conf @@ -0,0 +1,19 @@ +# CRL Engine Switch: +# Enable/Disable CRL retrieval + +CRLEngine on + +# CRL Age Check Switch: +# Shut the server down if a CRL expires +CRLAgeCheck off + +# CRL Update Critical Switch: +# Shut the server down if a CRL cannot be retrieved +CRLUpdateCritical off + +# CRL URLs: +# A space delimited list of URLs to retrieve and install. +# protocol://urldata;update_interval;max_age +#CRLFile "ldap://ldap.example.com:5000/o=example.net?usercertificate%3binary?sub?(sn=Jensen)??;30;30" +#CRLFile "exec:///usr/sbin/ldapget|ldap://ldap.example.com:3389/o=example.com?userCertificate%3bbinary?sub?(uid=crl)??;30;30" +#CRLFile "https://ca.example.com:1025/getCRL?op=getCRL&issuepoint=MasterCRL;30;30" diff --git a/pki/base/ra/lib/perl/PKI/RA/DonePanel.pm b/pki/base/ra/lib/perl/PKI/RA/DonePanel.pm index 727181df..eda7745c 100755 --- a/pki/base/ra/lib/perl/PKI/RA/DonePanel.pm +++ b/pki/base/ra/lib/perl/PKI/RA/DonePanel.pm @@ -327,6 +327,12 @@ sub display system( "rm $instDir/conf/nss.conf.tmp" ); } + # Append security domain getCRL URL to end of "revocator.conf" + open(REVOCATOR_CONF, ">>$instDir/conf/revocator.conf"); + print REVOCATOR_CONF "CRLFile \"" . $sdom + . "/ca/ee/ca/getCRL?op=getCRL&crlIssuingPoint=MasterCRL;60;60\"\n"; + close(REVOCATOR_CONF); + &PKI::RA::Wizard::debug_log("DonePanel: Connecting to Security Domain"); my $machineName = $::config->get("service.machineName"); diff --git a/pki/base/setup/pkicreate b/pki/base/setup/pkicreate index 3564bbca..cb5c7c18 100755 --- a/pki/base/setup/pkicreate +++ b/pki/base/setup/pkicreate @@ -262,6 +262,7 @@ my $noise_base_name = "noise"; # CA, KRA, OCSP, TKS, # RA, TPS my $nss_conf_base_name = "nss.conf"; # RA, TPS my $perl_conf_base_name = "perl.conf"; # RA, TPS +my $revocator_conf_base_name = "revocator.conf"; # RA, TPS my $osutil_jar_base_name = "osutil.jar"; # CA, KRA, OCSP, TKS my $password_conf_base_name = "password.conf"; # CA, KRA, OCSP, TKS, # RA, TPS @@ -313,6 +314,7 @@ my $NSS_CONF = "NSS_CONF"; my $OBJ_EXT = "OBJ_EXT"; my $PORT = "PORT"; my $PROCESS_ID = "PROCESS_ID"; +my $REVOCATOR_CONF = "REVOCATOR_CONF"; my $SECURE_PORT = "SECURE_PORT"; my $NON_CLIENTAUTH_SECURE_PORT = "NON_CLIENTAUTH_SECURE_PORT"; my $SECURITY_LIBRARIES = "SECURITY_LIBRARIES"; @@ -330,6 +332,7 @@ my $FORTITUDE_MODULE = "FORTITUDE_MODULE"; my $FORTITUDE_LIB_DIR = "FORTITUDE_LIB_DIR"; my $FORTITUDE_AUTH_MODULES = "FORTITUDE_AUTH_MODULES"; my $FORTITUDE_NSS_MODULES = "FORTITUDE_NSS_MODULES"; +my $FORTITUDE_REVOCATOR_MODULES = "FORTITUDE_REVOCATOR_MODULES"; # Template slot constants (CA, KRA, OCSP, TKS) my $INSTALL_TIME = "INSTALL_TIME"; @@ -523,6 +526,8 @@ my $nss_conf_instance_file_path = ""; # RA, TPS my $nss_conf_subsystem_file_path = ""; # RA, TPS my $perl_conf_instance_file_path = ""; # RA, TPS my $perl_conf_subsystem_file_path = ""; # RA, TPS +my $revocator_conf_instance_file_path = ""; # RA, TPS +my $revocator_conf_subsystem_file_path = ""; # RA, TPS my $osutil_jar_file_path = ""; # CA, KRA, OCSP, TKS my $osutil_jar_symlink_path = ""; # CA, KRA, OCSP, TKS my $password_conf_instance_file_path = ""; # CA, KRA, OCSP, TKS, @@ -1566,6 +1571,9 @@ sub initialize_subdirectory_paths() . "/" . $nss_conf_base_name; $perl_conf_subsystem_file_path = $conf_subsystem_path . "/" . $perl_conf_base_name; + $revocator_conf_subsystem_file_path = $conf_subsystem_path + . "/" + . $revocator_conf_base_name; $perl_instance_symlink_path = $lib_instance_path . "/" . $perl_base_instance_symlink; @@ -1723,6 +1731,9 @@ sub process_pki_directories() . "/" . $perl_conf_base_name; $pwcache_conf_instance_file_path = $conf_instance_path . "/" . $pwcache_conf_base_name; + $revocator_conf_instance_file_path = "$conf_instance_path" + . "/" + . $revocator_conf_base_name; # create instance directory $result = create_directory( $conf_instance_path ); @@ -1793,6 +1804,9 @@ sub process_pki_directories() . "/" . $perl_conf_base_name; $pwcache_conf_instance_file_path = $redirected_conf_path . "/" . $pwcache_conf_base_name; + $revocator_conf_instance_file_path = "$redirected_conf_path" + . "/" + . $revocator_conf_base_name; # create redirected instance directory $result = create_directory( $redirected_conf_path ); @@ -2201,6 +2215,7 @@ sub process_pki_templates() $slot_hash{$PROCESS_ID} = $$; $slot_hash{$SECURE_PORT} = $secure_port; $slot_hash{$NON_CLIENTAUTH_SECURE_PORT} = $non_clientauth_secure_port; + $slot_hash{$REVOCATOR_CONF} = $revocator_conf_instance_file_path; $slot_hash{$SECURITY_LIBRARIES} = $default_security_libraries; $slot_hash{$SERVER_NAME} = $host; $slot_hash{$SERVER_ROOT} = $pki_instance_path; @@ -2229,6 +2244,10 @@ LoadModule authz_host_module /etc/httpd/modules/mod_authz_host.so " LoadModule nss_module /etc/httpd/modules/libmodnss.so "; + $slot_hash{$FORTITUDE_REVOCATOR_MODULES} = +" +LoadModule rev_module /etc/httpd/modules/mod_rev.so +"; } else { $slot_hash{$FORTITUDE_APACHE} = "Apache"; @@ -2244,6 +2263,10 @@ LoadModule access_module /opt/fortitude/modules/mod_access.so " LoadModule nss_module /opt/fortitude/modules.local/libmodnss.so "; + $slot_hash{$FORTITUDE_REVOCATOR_MODULES} = +" +LoadModule nss_module /opt/fortitude/modules.local/mod_rev.so +"; } } else { # Setup templates (CA, KRA, OCSP, TKS) @@ -2553,6 +2576,30 @@ my $PKI_SECURE_PORT_NAME = "Secure"; chmod( $default_file_permissions, $perl_conf_instance_file_path ); + + # process "revocator.conf" template + $result = process_file_template( $revocator_conf_subsystem_file_path, + $revocator_conf_instance_file_path, + \%slot_hash ); + if( !$result ) { + return 0; + } + + # fix ownership for revocator.conf + $result = give_file_to( $revocator_conf_instance_file_path, + $pki_user, + $pki_group ); + if( !$result ) { + emit( "Can't change ownership of " + . "$revocator_conf_instance_file_path.\n", + "error" ); + return 0; + } + + chmod( $default_file_permissions, + $revocator_conf_instance_file_path ); + + # process "nss_pcache" template $result = process_file_template( $nss_pcache_subsystem_file_path, $nss_pcache_instance_file_path, diff --git a/pki/base/tps/Makefile.am b/pki/base/tps/Makefile.am index 629058da..523e2caa 100644 --- a/pki/base/tps/Makefile.am +++ b/pki/base/tps/Makefile.am @@ -153,11 +153,12 @@ cgibin_sow_SCRIPTS = $(srcdir)/forms/esc/cgi-bin/sow/ajax-list.cgi \ $(srcdir)/forms/esc/cgi-bin/sow/seturl.cgi \ $(srcdir)/forms/esc/cgi-bin/sow/welcome.cgi -conf_DATA = $(srcdir)/apache/conf/httpd.conf \ - $(srcdir)/apache/conf/magic \ - $(srcdir)/apache/conf/mime.types \ - $(srcdir)/apache/conf/nss.conf \ - $(srcdir)/apache/conf/perl.conf \ +conf_DATA = $(srcdir)/apache/conf/httpd.conf \ + $(srcdir)/apache/conf/magic \ + $(srcdir)/apache/conf/mime.types \ + $(srcdir)/apache/conf/nss.conf \ + $(srcdir)/apache/conf/perl.conf \ + $(srcdir)/apache/conf/revocator.conf \ $(srcdir)/doc/CS.cfg docroot_DATA = $(srcdir)/forms/index.html diff --git a/pki/base/tps/Makefile.in b/pki/base/tps/Makefile.in index 0c7b22a1..c020a377 100644 --- a/pki/base/tps/Makefile.in +++ b/pki/base/tps/Makefile.in @@ -643,11 +643,12 @@ cgibin_sow_SCRIPTS = $(srcdir)/forms/esc/cgi-bin/sow/ajax-list.cgi \ $(srcdir)/forms/esc/cgi-bin/sow/seturl.cgi \ $(srcdir)/forms/esc/cgi-bin/sow/welcome.cgi -conf_DATA = $(srcdir)/apache/conf/httpd.conf \ - $(srcdir)/apache/conf/magic \ - $(srcdir)/apache/conf/mime.types \ - $(srcdir)/apache/conf/nss.conf \ - $(srcdir)/apache/conf/perl.conf \ +conf_DATA = $(srcdir)/apache/conf/httpd.conf \ + $(srcdir)/apache/conf/magic \ + $(srcdir)/apache/conf/mime.types \ + $(srcdir)/apache/conf/nss.conf \ + $(srcdir)/apache/conf/perl.conf \ + $(srcdir)/apache/conf/revocator.conf \ $(srcdir)/doc/CS.cfg docroot_DATA = $(srcdir)/forms/index.html diff --git a/pki/base/tps/apache/conf/httpd.conf b/pki/base/tps/apache/conf/httpd.conf index d3ec8e05..d1a4d486 100644 --- a/pki/base/tps/apache/conf/httpd.conf +++ b/pki/base/tps/apache/conf/httpd.conf @@ -254,6 +254,8 @@ LoadModule negotiation_module [FORTITUDE_LIB_DIR]/modules/mod_negotiation.so LoadModule cgi_module [FORTITUDE_LIB_DIR]/modules/mod_cgi.so # Required module for commands in nss.conf: [FORTITUDE_NSS_MODULES] +# Required module for commands in revocator.conf: +[FORTITUDE_REVOCATOR_MODULES] # Required module for command 'TPSConfigPathFile': LoadModule tps_module [FORTITUDE_MODULE]/mod_tps.so # Required module for command 'TokendbConfigPathFile': diff --git a/pki/base/tps/apache/conf/revocator.conf b/pki/base/tps/apache/conf/revocator.conf new file mode 100644 index 00000000..dda30132 --- /dev/null +++ b/pki/base/tps/apache/conf/revocator.conf @@ -0,0 +1,19 @@ +# CRL Engine Switch: +# Enable/Disable CRL retrieval + +CRLEngine on + +# CRL Age Check Switch: +# Shut the server down if a CRL expires +CRLAgeCheck off + +# CRL Update Critical Switch: +# Shut the server down if a CRL cannot be retrieved +CRLUpdateCritical off + +# CRL URLs: +# A space delimited list of URLs to retrieve and install. +# protocol://urldata;update_interval;max_age +#CRLFile "ldap://ldap.example.com:5000/o=example.net?usercertificate%3binary?sub?(sn=Jensen)??;30;30" +#CRLFile "exec:///usr/sbin/ldapget|ldap://ldap.example.com:3389/o=example.com?userCertificate%3bbinary?sub?(uid=crl)??;30;30" +#CRLFile "https://ca.example.com:1025/getCRL?op=getCRL&issuepoint=MasterCRL;30;30" diff --git a/pki/base/tps/lib/perl/PKI/TPS/DRMInfoPanel.pm b/pki/base/tps/lib/perl/PKI/TPS/DRMInfoPanel.pm index d9876073..2533a12d 100755 --- a/pki/base/tps/lib/perl/PKI/TPS/DRMInfoPanel.pm +++ b/pki/base/tps/lib/perl/PKI/TPS/DRMInfoPanel.pm @@ -101,6 +101,8 @@ sub update $::config->put("conn.tks1.serverKeygen", "true"); $::config->put("op.enroll.userKey.keyGen.encryption.serverKeygen.enable", "true"); $::config->put("op.enroll.userKeyTemporary.keyGen.encryption.serverKeygen.enable", "true"); + $::config->put("op.enroll.soKey.keyGen.encryption.serverKeygen.enable", "true"); + $::config->put("op.enroll.soKeyTemporary.keyGen.encryption.serverKeygen.enable", "true"); } else { # no keygen $::config->put("conn.tks1.serverKeygen", "false"); @@ -110,6 +112,10 @@ sub update $::config->put("op.enroll.userKeyTemporary.keyGen.encryption.recovery.onHold.scheme", "GenerateNewKey"); $::config->put("conn.drm1.clientNickname", ""); $::config->put("conn.drm1.hostport", ""); + $::config->put("op.enroll.soKey.keyGen.encryption.serverKeygen.enable", "false"); + $::config->put("op.enroll.soKeyTemporary.keyGen.encryption.serverKeygen.enable", "false"); + $::config->put("op.enroll.soKey.keyGen.encryption.recovery.destroyed.scheme", "GenerateNewKey"); + $::config->put("op.enroll.soKeyTemporary.keyGen.encryption.recovery.onHold.scheme", "GenerateNewKey"); } $::config->commit(); diff --git a/pki/base/tps/lib/perl/PKI/TPS/DonePanel.pm b/pki/base/tps/lib/perl/PKI/TPS/DonePanel.pm index d76ba775..a172a51e 100755 --- a/pki/base/tps/lib/perl/PKI/TPS/DonePanel.pm +++ b/pki/base/tps/lib/perl/PKI/TPS/DonePanel.pm @@ -340,6 +340,12 @@ sub display system( "rm $instDir/conf/nss.conf.tmp" ); } + # Append security domain getCRL URL to end of "revocator.conf" + open(REVOCATOR_CONF, ">>$instDir/conf/revocator.conf"); + print REVOCATOR_CONF "CRLFile \"" . $sdom + . "/ca/ee/ca/getCRL?op=getCRL&crlIssuingPoint=MasterCRL;60;60\"\n"; + close(REVOCATOR_CONF); + &PKI::TPS::Wizard::debug_log("DonePanel: Connecting to Security Domain"); my $machineName = $::config->get("service.machineName"); diff --git a/pki/dogtag/ra/pki-ra.spec b/pki/dogtag/ra/pki-ra.spec index f7932dd3..a9944cd3 100644 --- a/pki/dogtag/ra/pki-ra.spec +++ b/pki/dogtag/ra/pki-ra.spec @@ -34,7 +34,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.0.0 -%define base_release 25 +%define base_release 26 %define base_group System Environment/Daemons %define base_vendor Red Hat, Inc. %define base_license GPLv2 with exceptions @@ -128,7 +128,7 @@ BuildRoot: %{_builddir}/%{base_name}-root BuildRequires: ant >= 1.6.2, %{base_flavor}-%{base_name}-ui >= 1.0.0 ## Without Requires something, rpmbuild will abort! -Requires: %{base_name}-ui, %{base_prefix}-setup >= 1.0.0, mod_nss >= 1.0.7, mod_perl >= 1.99_16, mozldap >= 6.0.2, perl-DBD-SQLite >= 1.11, perl-DBI >= 1.52, perl-HTML-Parser >= 3.35, perl-HTML-Tagset >= 3.03, perl-Parse-RecDescent >= 1.94, perl-URI >= 1.30, perl-XML-NamespaceSupport >= 1.08, perl-XML-Parser >= 2.34, perl-XML-SAX >= 0.12, sendmail >= 8.13.1, sqlite >= 3.3.3, %{base_prefix}-selinux >= 1.0.0, perl-XML-Simple +Requires: %{base_name}-ui, %{base_prefix}-setup >= 1.0.0, mod_nss >= 1.0.7, mod_perl >= 1.99_16, mod_revocator >= 1.0.2, mozldap >= 6.0.2, perl-DBD-SQLite >= 1.11, perl-DBI >= 1.52, perl-HTML-Parser >= 3.35, perl-HTML-Tagset >= 3.03, perl-Parse-RecDescent >= 1.94, perl-URI >= 1.30, perl-XML-NamespaceSupport >= 1.08, perl-XML-Parser >= 2.34, perl-XML-SAX >= 0.12, sendmail >= 8.13.1, sqlite >= 3.3.3, %{base_prefix}-selinux >= 1.0.0, perl-XML-Simple ## This package is non-relocatable! @@ -266,6 +266,11 @@ fi ############################################################################### %changelog +* Sat Mar 28 2009 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-26 +- Bugzilla Bug #492180 - Security officer: token recovery for a security + officer throws error 28 'connection to server lost'. +- Bugzilla Bug #492503 - Integrate "mod_revocator" as a runtime dependency + for RA and TPS * Wed Mar 11 2009 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-25 - Bugzilla Bug #488338 - start/stop scripts should list all the available port numbers with their functionality diff --git a/pki/dogtag/setup/pki-setup.spec b/pki/dogtag/setup/pki-setup.spec index 83eefb72..b605eb47 100644 --- a/pki/dogtag/setup/pki-setup.spec +++ b/pki/dogtag/setup/pki-setup.spec @@ -33,7 +33,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.0.0 -%define base_release 20 +%define base_release 21 %define base_group System Environment/Shells %define base_vendor Red Hat, Inc. %define base_license GPLv2 with exceptions @@ -217,6 +217,11 @@ rm -rf ${RPM_BUILD_ROOT} ############################################################################### %changelog +* Sat Mar 28 2009 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-21 +- Bugzilla Bug #492180 - Security officer: token recovery for a security + officer throws error 28 'connection to server lost'. +- Bugzilla Bug #492503 - Integrate "mod_revocator" as a runtime dependency + for RA and TPS * Fri Mar 20 2009 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-20 - Bugzilla Bug #490489 - Configuration modifications are not replicated between admins, agents, and end entities diff --git a/pki/dogtag/tps/pki-tps.spec b/pki/dogtag/tps/pki-tps.spec index 10b08dd9..b6ed8e79 100644 --- a/pki/dogtag/tps/pki-tps.spec +++ b/pki/dogtag/tps/pki-tps.spec @@ -34,7 +34,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.0.0 -%define base_release 43 +%define base_release 44 %define base_group System Environment/Daemons %define base_vendor Red Hat, Inc. %define base_license LGPLv2 with exceptions @@ -150,7 +150,7 @@ BuildRoot: %{_builddir}/%{name}-root BuildRequires: apr-devel >= 0.9.4, apr-util-devel >= 0.9.4, %{base_flavor}-%{base_name}-ui >= 1.0.0, bash >= 3.0, cyrus-sasl-devel >= 2.1.19, httpd-devel >= 2.0.52, mozldap-devel >= 6.0.2, nspr-devel >= 4.6.99, nss-devel >= 3.12.0, pcre-devel >= 6.6, svrcore-devel >= 4.0.3.01, zlib >= 1.2.3, zlib-devel >= 1.2.3 ## Without Requires something, rpmbuild will abort! -Requires: %{base_prefix}-setup >= 1.0.0, %{base_name}-ui, mod_nss >= 1.0.7, mod_perl >= 1.99_16, mozldap >= 6.0.2, perl-HTML-Parser >= 3.35, perl-HTML-Tagset >= 3.03, perl-Parse-RecDescent >= 1.94, perl-URI >= 1.30, perl-XML-NamespaceSupport >= 1.08, perl-XML-Parser >= 2.34, perl-XML-SAX >= 0.12, %{base_prefix}-selinux >= 1.0.0, perl-XML-Simple +Requires: %{base_prefix}-setup >= 1.0.0, %{base_name}-ui, mod_nss >= 1.0.7, mod_perl >= 1.99_16, mod_revocator >= 1.0.2, mozldap >= 6.0.2, perl-HTML-Parser >= 3.35, perl-HTML-Tagset >= 3.03, perl-Parse-RecDescent >= 1.94, perl-URI >= 1.30, perl-XML-NamespaceSupport >= 1.08, perl-XML-Parser >= 2.34, perl-XML-SAX >= 0.12, %{base_prefix}-selinux >= 1.0.0, perl-XML-Simple ## This package is non-relocatable! @@ -313,6 +313,11 @@ fi ############################################################################### %changelog +* Sat Mar 28 2009 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-44 +- Bugzilla Bug #492180 - Security officer: token recovery for a security + officer throws error 28 'connection to server lost'. +- Bugzilla Bug #492503 - Integrate "mod_revocator" as a runtime dependency + for RA and TPS * Sat Mar 28 2009 Jack Magne <jmagne@redhat.com> 1.0.0-43 - Bugzilla #492361 - Better error message for formatting token not onwed by user. * Wed Mar 25 2009 Jack Magne <jmagne@redhat.com> 1.0.0-42 |