Replace legacy Python base64 invocations
by Christian Heimes
Patch for https://fedorahosted.org/pki/ticket/1102
b64encode() and base64.encodestring() work slightly different.
encodestring() includes an extra newline at the end of the string. It
seems the server treats both representations equally.
I ran the KRA tests according to base/kra/functional/drmtest.readme.txt.
The tests are passing, too.
Christian
9 years, 2 months
[PATCH] 0026-5, 0044-3 Lightweight sub-CAs
by Fraser Tweedale
Hi team,
The latest sub-CAs patches are attached. It has been a while since
the last patchset (that was posted here, anyway) and there have been
some significant changes, outlined below. (The patchset version
skipped a couple numbers due to versions distributed privately that
I felt were not stable enough to warrant posting to pki-devel.)
Major changes:
- The Java client and CLI were extracted to a separate patch (0044).
- An LDAP entry for each sub-CA is written to database.
- Database searched and sub-CAs are initialised at startup
- Key nickname is store in / read from LDAP entry
- Sub-CA "list" API call, client method and CLI was added
- More resources are shared between top-level CA and sub-CAs
- Suprious task threads and LDAP connections hunted down :)
Dependencies:
- Patch 0026-5 probably depends on 0045[1] for a clean merge.
- Patch 0044-3 depends on my patch 0046[2].
[1] https://www.redhat.com/archives/pki-devel/2015-August/msg00072.html
[2] https://www.redhat.com/archives/pki-devel/2015-August/msg00073.html
Cheers,
Fraser
9 years, 3 months
[pki-devel][PATCH] 0051-SC650-format-enroll-fails.patch
by John Magne
[PATCH] SC650 format/enroll fails
Simple fix to correctly identify scp01/gp201 sc650 card.
Format and enrollment for both scp01 and scp02 sc650 tested.
Format and enrollment for scp01 gemalto card also tested.
9 years, 3 months
[pki-devel][PATCH] 0050-Internet-Explorer-11-not-working-browser-warning.patch
by John Magne
[PATCH] Internet Explorer 11 not working browser warning.
Related to ticket #1575 Internet Explorer 11: caUserCert request submission fails using the EE page.
This patch will only do the following:
Detect IE when IE11 is being used. Before this IE11 was mistaken for Firefox.
Detect IE11 specifically and warn the user that there is no support.
This ticket will live to se we can fix this properly by porting the current
VBS script to Javascript to support cert enrollment on IE 11.
9 years, 3 months