February 2016 - Pki-devel - Dogtag Pki List Archives

by Endi Sukma Dewata

The code to export NSS database into PKCS #12 file in PKCS12Export tool has been refactored into PKCS12Util class to simplify further enhancements. The PKCS12Export tool has also been modified to use Java Logging API. A default logging configuration file has been added. The command-line wrapper has been modified to get the path to the logging configuration file from pki.conf. https://fedorahosted.org/pki/ticket/1742 -- Endi S. Dewata

8 years, 2 months

1
0
0 / 0

[PATCH] 275 - remove dnsdomainname check

by Ade Lee

This check is unnecessary and is breaking continuous integration in OpenStack. Removing from pkispawn/pkidestroy. Ade

8 years, 2 months

2
3
0 / 0

[PATCH] 679 Fixed token change status operation.

by Endi Sukma Dewata

The TokenService has been modified to ignore token change status operation if the status is unchanged. https://fedorahosted.org/pki/ticket/1684 -- Endi S. Dewata

8 years, 2 months

2
2
0 / 0

[PATCH] 678 Fixed token modify operation.

by Endi Sukma Dewata

The TPS UI and CLI have been modified to accept only user ID and policy attributes when modifying a token. https://fedorahosted.org/pki/ticket/1687 -- Endi S. Dewata

8 years, 2 months

2
2
0 / 0

[pki-devel][PATCH] 0062-Allow-cert-and-key-indexes-9.patch

by John Magne

Subject: [PATCH] Allow cert and key indexes > 9. Ticket: Ticket #1734 : TPS issue with overflowing PKCS#11 cert index numbers This patch contains the following: 1. Fixes in TPS to allow the server to set and read muscle object ID's that are greater than 9. The id is stored as a single ASCII byte in the object id. Previous libcoolkey patches exist to now support numbers larger than 9, by the following: 0-9 is represented by the ascii chars for 0 through 9,. 10 - 35 represented by the ascii chars for 'A' through 'Z'. 36 - 61 represented by the ascii chars for 'a' through 'z'. Once coolkey is updated it will be able to read these id's. TPS with this patch will be able to both read number 0 - 62 and to set them when creating pkcs#11 objects to be stored on the token. When the proper libcoolkey is installed, the coolkey driver will be able to read certs and keys with id's > 9. Thus, for instance a cert with an id of C6, with keys of k12, and k13, will be supported and viewable in the Firefox cert viewer. Also the certs will be usable for operations. 2. A fix to the routine that finds a free id number to assign to a soon to be recovered cert will now have the ability to find unused slots instead of just inrementing one over the highest currently used index. 3. Made a couple of minor cleanup fixes to externalReg functionality discovered during testing of this feature. Tested up to 7 certs on the token. Also did some re-tests of cfu's cert retention feature and those checked.

8 years, 2 months

2
2
0 / 0

[PATCH] 675 Added property file for token state and transition labels.

by Endi Sukma Dewata

The labels for token states and transitions are now stored in token-states.properties. The labels will be loaded when the UI is initialized. The dialog box for changing token status will now show the transition labels. The property file later can be moved into the theme package to allow customization. https://fedorahosted.org/pki/ticket/1289 https://fedorahosted.org/pki/ticket/1291 -- Endi S. Dewata

8 years, 2 months

1
3
0 / 0

[PATCH] 677 Fixed token add operation.

by Endi Sukma Dewata

The TokenService has been fixed to allow adding a new token with empty attributes via the UI or CLI. The TPS UI has been modified to hide the status, create timestamp, and modify timestamp fields when adding a new token. The CLI has been modified to provide the parameters to specify the attribute values. https://fedorahosted.org/pki/ticket/1646 -- Endi S. Dewata

8 years, 2 months

1
2
0 / 0

[PATCH] 676 Fixed LDAP error handling in TokenService.

by Endi Sukma Dewata

The DBSSession has been modified to attach the LDAPException to the EDBException. The TokenService will catch the EDBException and obtain the orignal LDAPException. This way the TokenService can obtain the LDAP error code and throw the proper exception the client. https://fedorahosted.org/pki/ticket/1646 -- Endi S. Dewata

8 years, 2 months

2
2
0 / 0

[PATCH] 674 Fixed error handling in TokenService.

by Endi Sukma Dewata

The TokenService has been modified to re-throw the original PKIException. This way on invalid token state transition the client will receive the original BadRequestException. Other types of exception will be wrapped with PKIException. https://fedorahosted.org/pki/ticket/1684 -- Endi S. Dewata

8 years, 2 months

2
2
0 / 0

[PATCH] 672 Fixed TPS token state transitions.

by Endi Sukma Dewata

The TPS service has been modified to provide a list of allowed state transitions based on the current token state. The TPS UI was modified to display only the allowed state transitions when changing the token status. The allowed state transition list has been modified to remove invalid token transitions including: * UNINITIALIZED -> FOUND * UNINITIALIZED -> TEMP_LOST_PERM_LOST The token FOUND state has been renamed to ACTIVE for clarity. The token TEMP_LOST_PERM_LOST state has been merged into PERM_LOST since they are identical in the database. https://fedorahosted.org/pki/ticket/1289 https://fedorahosted.org/pki/ticket/1291 https://fedorahosted.org/pki/ticket/1684 -- Endi S. Dewata

8 years, 2 months

1
1
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

Pki-devel February 2016