[PATCH] 109 Merged Javadoc packages.
by Endi Sukma Dewata
The Javadocs for pki-util, pki-java-tools and pki-common have been
merged and packaged into pki-javadoc RPM.
Ticket #295
--
Endi S. Dewata
12 years, 1 month
[PATCH] 107 Added proxy realm.
by Endi Sukma Dewata
CMS engine is a singleton and it's used by PKI realm to authenticate
users accessing the subsystem. Since a Tomcat instance may contain
multiple subsystems, each having separate realm, the PKI JAR files
need to be moved into WEB-INF/lib so that they will run inside
separate class loaders. Note that Tomcat requires that the JAR files
be copied into this folder, they cannot be linked.
Tomcat also requires that the authenticator and realm classes be
available in common/lib. To address this a new package pki-tomcat.jar
has been added. The package contains the authenticator and a proxy
realm. When the subsystems start running, they will register their
own realms into the proxy realms such that the authentications will
be forwarded to the appropriate subsystems.
Ticket #89
--
Endi S. Dewata
12 years, 1 month
[PATCH] 110 Removed duplicate common classes in pki-console.jar.
by Endi Sukma Dewata
The pki-console has been modified to depend on pki-base. This way
it's no longer necessary to include duplicate common classes in
pki-console.
Ticket #113
I verified installing pki-base, dogtag-pki-console-theme, and
pki-console and running pkiconsole to connect to a remote CA.
--
Endi S. Dewata
12 years, 1 month
[PATCH] 108 Fixed conflicting LDIF files.
by Endi Sukma Dewata
During subsystem configuration the ConfigurationUtils.importLDIFS()
would generate LDIF files in <instance>/conf folder which may conflict
with files belonging to other subsystems. The code has been modified
to generate the files in <instance>/<subsystem>/conf folder.
Ticket #89
--
Endi S. Dewata
12 years, 1 month
[PATCH] 30 Continued - Fix for ticket 219 for DogTag branches : 8.1_Errata and 8.2
by Abhishek Koneru
Please review the patches attached with fix ticket 219 for DogTag
branches - 8.1_Errata and 8.2.
The description about the ticket is attached below.
--Abhishek Koneru
Defect description:
The serial number generated for certificates is wrong when the number
is large. Problem is due to the conversion of BigInteger to integer
while generating a new serial number, which truncates the most
significant bits in the serial number and therefore a large number (eg.
10fff0001) becomes a smaller number (eg. fff0001). This conversion in
turn leads to a collision if a certificate with the smaller number
exists in the database.
Steps to reproduce the defect:
- Create a CA. - (1)
- Edit the fields minSerialNumber and maxSerialNumber in the
<CA-Installation Path>/conf.CS.cfg to large values like 100000000 and
110000000.
- Restart the CA.
- Configure the CA.
- Create a new CA.
- Configure this as a clone to (1)CA
- After the Certificates are generated, view the serial number by
clicking on "View Certificate in PrettyPrint".
Results:
Before the patch is applied: The serial number is truncated.(Wrong)
After the patch is applied: The serial number is found as expected.
12 years, 1 month
[PATCH] 105 Updated CMake jar() function.
by Endi Sukma Dewata
The jar() function has been modified to support multiple input dirs
in a single command. This way it's not necessary to define multiple
jar targets for the same jar file. The pki-console build script has
been updated to utilize this functionality.
Ticket #89
--
Endi S. Dewata
12 years, 1 month
[PATCH] 104 Moved REST CLI into pki-tools.
by Endi Sukma Dewata
The pki-client.jar has been split and merged into pki-certsrv.jar
and pki-tools.jar. The REST client classes are now packaged in
com.netscape.certsrv.<component> packages. The REST CLI classes
are now packaged in com.netscape.cmstools.<component> packages.
The "pki" script has been moved into pki-tools RPM package.
Ticket #215
--
Endi S. Dewata
12 years, 1 month