March 2013 - Pki-devel - Dogtag Pki List Archives

[PATCH] refactor installation code to use python client instead of jython

by Ade Lee

This is a pretty big change, but we want to get it into 10.0.2 so that we can eliminate our dependency on jython. So far, its been tested against a straight CA install. I plan to continue testing against other configurations, but as the code change is quite large, I want to start the review early. Please review, Ade

10 years, 6 months

2
7
0 / 0

[PATCH] 37 Updating the pkispawn/pkidestroy man pages with information regarding interactive mode installation (#471)

by Abhishek Koneru

Please review the attached patch w.r.t the trac ticket 471 to add information regarding interactive mode installation to pkispawn/pkidestroy man pages. --Abhishek

10 years, 6 months

2
2
0 / 0

[PATCH] 218 Replaced Tomcat's random number generator.

by Endi Sukma Dewata

By default Tomcat relies on /dev/random as a random number generator to generate the session ID's. Under certain conditions /dev/random may block, which will block Tomcat as well. To solve the problem all webapps in Tomcat have been configured to use the random number generator provided by JSS. Ticket #524 Tested with IPA. Migration script will be added in a separate patch. -- Endi S. Dewata

10 years, 6 months

1
1
0 / 0

[PATCH] 216 Fixed python-requests compatibility issue.

by Endi Sukma Dewata

The Python REST client has been modified to parse JSON data using a method that is compatible with python-requests 1.1. The RPM spec file has been modified to require python-requests 1.1 package. Ticket #535 -- Endi S. Dewata

10 years, 6 months

2
2
0 / 0

Migration proposal

by Endi Sukma Dewata

Hi, Please take a look at the following proposal: http://pki.fedoraproject.org/wiki/Migration The idea is based on deployment scriptlets, but it has been adapted for migration. -- Endi S. Dewata

10 years, 6 months

3
3
0 / 0

[PATCH] 219 Added python build-time dependency for TPS and RA.

by Endi Sukma Dewata

Due to recent CMake script changes, TPS and RA now require python to build properly. Ticket #540 -- Endi S. Dewata

10 years, 6 months

2
2
0 / 0

[PATCH] 217 Fixed CLI return code.

by Endi Sukma Dewata

The Perl wrapper for CLI has been fixed to pass the error code returned by Java clients. Ticket #520 -- Endi S. Dewata

10 years, 6 months

2
2
0 / 0

REST interface docs

by Endi Sukma Dewata

Just FYI, the current REST interface are documented here: http://pki.fedoraproject.org/wiki/REST#Current_Implementation Currently they are just links to the interface definitions. In the future we might want to auto-generate the docs using a tool that can read REST-related annotations. -- Endi S. Dewata

10 years, 6 months

1
0
0 / 0

[PATCH] Bugzilla Bug #919476 - pkispawn crashes due to dangling symlink to jss4.jar - REVISED

by Matthew Harmsen

In Fedora 16, 17, and 18, JNI jar files were required to be located under architecture specific locations (e. g. - /usr/lib/java and /usr/lib64/java). These rules were re-defined in 'https://fedoraproject.org/wiki/Packaging:Java#Packaging_JAR_files_that_us...', as the JNI packaging rules were changed in Fedora 19 (and RHEL 7) back to the JNI rules that existed for Fedora 15 (e. g. - all JNI jar files will be located under /usr/lib/java). Please review the attached patches which fix pki-core to comply with these rules (on Fedora 19 and later): * *Bugzilla Bug #919476* <https://bugzilla.redhat.com/show_bug.cgi?id=919476>-pkispawn crashes due to dangling symlink to jss4.jar This first patch is in addition to the previously checked-in code to allow it to work on platforms >= Fedora 19. The second patch is specifically for Koji builds of Fedora 19. The third patch is the spec file used for the Koji build of Fedora 19.

10 years, 6 months

2
1
0 / 0

Re: [Pki-devel] Your Fedora 'svnpki' membership has been removed

by Matthew Harmsen

Alexander, This sounds great! We would greatly appreciate it If you could do one of the following (whichever is easier): * Login with your Fedora account and file individual TRAC tickets at https://fedorahosted.org/pki/newticket for each of these issues (attaching a patch if you have them), or * File individual Bugzilla Bugs for each of these issues (attaching a patch to the bug if you have them). Thanks, -- Matt On 03/08/13 00:19, Alexander Jung wrote: > Hi, > > I did not realize I had been accepted to that group. > > We (mostly me, but some collegues too) have developed some fixes for > problems we encountered with the dogtag CA. > > The Problems we fixed are: > - problems when having more than 2 million certs in the ldap > - flatfileauth does not honor the ValueNames configured > - scep does not work against Cisco with CA key in hsm > We developed quite a few extensions, some of them are not specific to > our company: > - Validity: make certificates expire on tue, wed, thr at 15:00 only > and not during change of year and month. > - SubjectAlternativeNames: fill the dns reverse lookup into the SAN > field, to make a server cert work wwith all the dns names the machine > is configured for. > > I could open bugs and attach patches or commit directly, when you allow me to. > > yours, > > Alexander Jung > > > 2013/3/7 <accounts(a)fedoraproject.org>: >> mharmsen <mharmsen(a)redhat.com> has removed you from the 'svnpki' >> group of the Fedora Accounts System This change is effective >> immediately for new operations, and should propagate into the e-mail >> aliases within an hour.

10 years, 7 months

2
1
0 / 0

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

Pki-devel March 2013