[PATCH] 843 Fixed pki-nsutil build order.
by Endi Sukma Dewata
To help troubleshooting build issues the pki-nsutil-classes
build target has been modified to depend on symkey-jar although
there is no actual code dependency. This way the targets will
be built sequentially and error messages will be easier to find.
https://fedorahosted.org/pki/ticket/2476
Pushed to master under one-liner/trivial rule.
--
Endi S. Dewata
7 years, 5 months
[pli-devel][PATCH] 0081-Fix-for-Add-ability-to-disallow-TPS-to-enroll-a-sing.patch
by John Magne
Fix for: Add ability to disallow TPS to enroll a single user on multiple tokens. #1664
This bug was previously not completely fixed where we left a loophole to allow a user to
end up with 2 active tokens. This fix closes that loophole.
Also:
Fix for: Unable to read an encrypted email using renewed tokens. #2483
This fix provides for a new optional renewal based token policy, that
allows the user to retain or recover old encryption certs for that profile,
that get overwritten by the renewal process.
An example is:
RENEW=YES;RENEW_KEEP_OLD_ENC_CERTS=YES
The second part of the policy is new.
When this is set to "YES", the system will make sure the old enc cert
will remain on the token. If it's missing or "NO", no such attempt will be made.
7 years, 5 months
[PATCH]pki-cfu-0155-Ticket-2498-Token-format-with-external-reg-fails-whe.patch
by Christina Fu
This patch addresses:
https://fedorahosted.org/pki/ticket/2498 Token format with external reg
fails when op.format.externalRegAddToToken.revokeCert=true
It actually could be easily worked around by manually adding the missing
params
op.format.externalRegAddToToken.auth.id=ldap1
op.format.externalRegAddToToken.ca.conn=ca1
op.format.externalRegAddToToken.tks.conn=tks1
While fixing the CS.cfg, it was observed that there were some references
of non-defined ldap2 and ldap3, so they are also changed to ldap1.
A couple useful debug messages are added as well.
Christina
7 years, 5 months