PATCH - 0058-Use-getStatus-servlet-to-report-startup-status
by Ade Lee
Use getStatus servlet to report startup status. This provides an
interface for clients to call and determine if the server is up and
ready to serve.
Also added code to report the rpm version of the server in the same
servlet.
This is for dogtag 10. A dogtag 9 version of this patch is forthcoming.
Ade
11 years, 7 months
[PATCH] Correctly resolve symlinks in subdirectories
by Matthew Harmsen
The attached patch addresses the following PKI issue:
* TRAC Ticket #338 - Dogtag 10: pkihelper.py directory.set_mode() does
not resolve symlinks correctly
Please review this patch for Dogtag 10.
11 years, 7 months
[PATCH] Audit Cert Renewal
by Matthew Harmsen
The attached patch addresses the following PKI issue:
* TRAC Ticket #333 - Increase audit cert renewal range to 2 years
* Bugzilla Bug #843979 - Increase audit cert renewal range to 2 years
This patch is intended for both Dogtag 9 and Dogtag 10.
11 years, 7 months
[PATCH] 0057-Changes-to-use-standard-dbuser
by Ade Lee
Changes to use standard dbuser
We create a user that can be used to connect to the database using the
subsystem cert for client auth. We identified this user, using the seeAlso
attribute and provided certmap rules to this effect.
For this user, we used to reuse the uid = user CA-hostname-port, which is already
created for inter-system communication. But this is problematic if more than one
dbuser exists, as the directory server may bind as the incorrect user. In any
replication topology, there must be only one dbuser using the subsystem cert.
To simplify things, we create a new user specifically for this purpose
(pkidbuser), and we remove the seeAlso attribute from the older dbusers.
A script is needed to convert existing dogtag 9 istances to use the new user,
and set the relevant acls. This will be done in a separate commit.
Please review.
Ade
11 years, 7 months
[PATCH] 118 Removed duplicate DN escaping methods.
by Endi Sukma Dewata
The duplicate methods to escape DN value have been removed. The
codes that used the duplicate methods have been modified to use
LDAPUtil.escapeDN().
Ticket #193
--
Endi S. Dewata
11 years, 7 months
[PATCH] time based searches
by Andrew Wnuk
This patch removes "fixed" year from time based searches for agent and
EE interfaces.
It also unifies time selection between search and revocation templates.
Bug 854420.
11 years, 7 months
[PATCH] 116 Fixed conflicting log4j.properties.
by Endi Sukma Dewata
The <instance>/lib link has been replaced with a real folder
which contains links to the files in /usr/share/tomcat/lib. This
way the log4j.properties can be placed in this folder without
causing conflicts with other instances.
Ticket: #284
Note: This patch only addresses the conflict. Further modification might
be needed to get log4j working properly.
--
Endi S. Dewata
11 years, 7 months
