February 2016 - Pki-devel - Dogtag Pki List Archives

[PATCH] 0072 Weaken PKIPrincipal to superclass in several places

by Fraser Tweedale

Hi all, The attached patch (part of the GSS-API effort) weakens several soon-to-be-unsafe casts of the user principal object. It also adds some commentary (in the form of TODOs) to replace hardcoded role names with appropriate checks against authzManagers. Thanks, Fraser

9 years, 2 months

2
2
0 / 0

[PATCH] 0070 Use correct textual encoding for PKCS #7 objects

by Fraser Tweedale

Hi all, Pursuant to RFC 7468 the attached patch replaces instances of 'CERTIFICATE CHAIN' in PEM headers with 'PKCS7'. Fixes ticket https://fedorahosted.org/pki/ticket/1699. I could not reproduce any problems with `keytool' as mentioned in the ticket, nor find cases online of programs supporting 'CERTIFICATE CHAIN' but not 'PKCS7', so I think this is a good change to make. We can address counterexamples if/when we have hard evidence of them :) Cheers, Fraser

9 years, 2 months

2
2
0 / 0

[PATCH] 0069 Import certs as DER-encoded X.509 in Chrome

by Fraser Tweedale

The attached patch fixes certificate import in Chrome. https://fedorahosted.org/pki/ticket/1245#comment:5 Thanks, Fraser

9 years, 2 months

2
2
0 / 0

[PATCH] 0068 Remove execute permissions from systemd unit files

by Fraser Tweedale

Hi all, The attached patch fixes https://fedorahosted.org/pki/ticket/1723. Cheers, Fraser

9 years, 2 months

2
2
0 / 0

[PATCH] 0066 Remove unused TOKEN_AUTHMGR_IMPL_NAME AuthToken attribute

by Fraser Tweedale

Drive-by cleanup; patch attached. Cheers, Fraser

9 years, 2 months

2
2
0 / 0

[PATCH] 0065 Profile service: respond 409 on conflicting operations

by Fraser Tweedale

Please review attached patch which fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1257518 Cheers, Fraser

9 years, 2 months

2
2
0 / 0

[PATCH] 681 Added CLIs to inspect PKCS #12 file.

by Endi Sukma Dewata

The pki pkcs12-cert-find and pki pkcs12-key-find commands have been added to list the certificates and keys in a PKCS #12 file. https://fedorahosted.org/pki/ticket/1742 -- Endi S. Dewata

9 years, 2 months

2
2
0 / 0

Re: [Pki-devel] [PATCH] 680 Refactored PKCS12Export.

by Endi Sukma Dewata

On 2/11/2016 6:17 PM, Matthew Harmsen wrote: > ACK > > As discussed on IRC, since the default is to use the "-debug" switch to > display things to console, I think that we should document this > behaviour very clearly in the man pages that no informational messages > are necessarily sent to log files. Thanks! Pushed to master. I've opened a ticket to create a man page for the logging configuration which should explain how the logging works on the client & server side: https://fedorahosted.org/pki/ticket/1897 -- Endi S. Dewata

9 years, 2 months

1
0
0 / 0

Fwd: Re: [PATCH] 680 Refactored PKCS12Export.

by Matthew Harmsen

-------- Forwarded Message -------- Subject: Re: [Pki-devel] [PATCH] 680 Refactored PKCS12Export. Date: Thu, 11 Feb 2016 17:17:26 -0700 From: Matthew Harmsen <mharmsen(a)redhat.com> To: Endi Sukma Dewata <edewata(a)redhat.com> On 02/11/2016 02:14 PM, Endi Sukma Dewata wrote: > The code to export NSS database into PKCS #12 file in PKCS12Export > tool has been refactored into PKCS12Util class to simplify further > enhancements. > > The PKCS12Export tool has also been modified to use Java Logging > API. A default logging configuration file has been added. The > command-line wrapper has been modified to get the path to the > logging configuration file from pki.conf. > > https://fedorahosted.org/pki/ticket/1742 > > > > _______________________________________________ > Pki-devel mailing list > Pki-devel(a)redhat.com > https://www.redhat.com/mailman/listinfo/pki-devel ACK As discussed on IRC, since the default is to use the "-debug" switch to display things to console, I think that we should document this behaviour very clearly in the man pages that no informational messages are necessarily sent to log files.

9 years, 2 months

1
0
0 / 0

[PATCH] Renamed DRMTool --> KRATool . . .

by Matthew Harmsen

Please review the attached patches which address the following ticket: * PKI TRAC Ticket #1850 - Rename DRMTool --> KRATool <https://fedorahosted.org/pki/ticket/1850> This was tested against the newly revised instructions in section 3.6 of the Administration Guide (which has not yet been released). Thanks, -- Matt

9 years, 2 months

2
1
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

Pki-devel February 2016