On 4/29/2016 5:15 PM, Endi Sukma Dewata wrote:
The in-line documentation in CS.cfg for TPS has been updated to remove unsupported token states in the corresponding properties: * tokendb.allowedTransitions * tps.operations.allowedTransitions
New patch attached. Added default transition for tps.operations.allowedTransitions.
-- Endi S. Dewata
>From 331a73f2fc925e0d2b05c813ba2720106f78a8dd Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" <edew...@redhat.com> Date: Fri, 29 Apr 2016 23:56:50 +0200 Subject: [PATCH] Updated default TPS token state transitions. The tps.operations.allowedTransitions property has been updated to include 4:4 transition by default. The inline documentation for tokendb.allowedTransitions and tps.operations.allowedTransitions has been updated to remove unsupported states and to add a note about adding/removing transitions. https://fedorahosted.org/pki/ticket/1290 --- base/tps-client/doc/CS.cfg.in | 23 ++++++++++------------- base/tps/shared/conf/CS.cfg.in | 23 ++++++++++------------- 2 files changed, 20 insertions(+), 26 deletions(-) diff --git a/base/tps-client/doc/CS.cfg.in b/base/tps-client/doc/CS.cfg.in index e15fc533258048f3802768acec65c3f38ece1b9f..f4bed51cb548f4d2db980c1325160a8ffaca7ede 100644 --- a/base/tps-client/doc/CS.cfg.in +++ b/base/tps-client/doc/CS.cfg.in @@ -1487,9 +1487,10 @@ tokendb._069=# DAMAGED = 1, tokendb._070=# PERM_LOST = 2, tokendb._071=# SUSPENDED = 3, tokendb._072=# ACTIVE = 4, -tokendb._073=# TEMP_LOST_PERM_LOST = 5, -tokendb._074=# TERMINATED = 6 -tokendb._075=######################################### +tokendb._073=# TERMINATED = 6 +tokendb._074=# Note: Default transitions can be removed from the list if necessary. +tokendb._075=# Do not add other transitions since they may not be supported. +tokendb._076=######################################### tokendb.auditLog=[PKI_INSTANCE_PATH]/logs/tokendb-audit.log tokendb.hostport=[TOKENDB_HOST]:[TOKENDB_PORT] tokendb.ssl=false @@ -1590,18 +1591,14 @@ tps._002=# tps.cert.list=sslserver,subsystem,audit_signing tps._003=# tps.cert.sslserver.nickname=xxx tps._005=# tps.cert.subsystem.nickname=xxx tps._007=# tps.cert.audit_signing.nickname=xxx -tps._008=# operations.allowedTransitions: +tps._008=# tps.operations.allowedTransitions: tps._009=# - token operations, like formatting and enrollment have transitions between the following states tps._010=# READY = 0, -tps._011=# DAMAGED = 1, -tps._012=# PERM_LOST = 2, -tps._013=# SUSPENDED = 3, -tps._014=# ACTIVE = 4, -tps._015=# TEMP_LOST_PERM_LOST = 5, -tps._016=# TERMINATED = 6 -tps._017=# Sample: tps.operations.allowedTransitions=0:0,0:4,4:4,4:6,6:0 -tps._018=######################################## -tps.operations.allowedTransitions=0:0,0:4,4:0 +tps._011=# ACTIVE = 4 +tps._012=# Note: Default transitions can be removed from the list if necessary. +tps._013=# Do not add other transitions since they may not be supported. +tps._014=######################################## +tps.operations.allowedTransitions=0:0,0:4,4:4,4:0 tps.cert.list=sslserver,subsystem,audit_signing tps.cert.sslserver.nickname=[HSM_LABEL][NICKNAME] tps.cert.subsystem.nickname=[HSM_LABEL][NICKNAME] diff --git a/base/tps/shared/conf/CS.cfg.in b/base/tps/shared/conf/CS.cfg.in index 2b451defc4f0e43bc01729f4177ff757e60008a8..c2b5265047ce225e23f9090706b1725dd2902f2b 100644 --- a/base/tps/shared/conf/CS.cfg.in +++ b/base/tps/shared/conf/CS.cfg.in @@ -1959,9 +1959,10 @@ tokendb._069=# DAMAGED = 1, tokendb._070=# PERM_LOST = 2, tokendb._071=# SUSPENDED = 3, tokendb._072=# ACTIVE = 4, -tokendb._073=# TEMP_LOST_PERM_LOST = 5, -tokendb._074=# TERMINATED = 6 -tokendb._075=######################################### +tokendb._073=# TERMINATED = 6 +tokendb._074=# Note: Default transitions can be removed from the list if necessary. +tokendb._075=# Do not add other transitions since they may not be supported. +tokendb._076=######################################### tokendb.activityBaseDN=ou=Activities,[TOKENDB_ROOT] tokendb.addConfigTemplate=addConfig.template tokendb.addResultTemplate=addResults.template @@ -2021,23 +2022,19 @@ tps._002=# tps.cert.list=sslserver,subsystem,audit_signing tps._003=# tps.cert.sslserver.nickname=xxx tps._005=# tps.cert.subsystem.nickname=xxx tps._007=# tps.cert.audit_signing.nickname=xxx -tps._008=# operations.allowedTransitions: +tps._008=# tps.operations.allowedTransitions: tps._009=# - token operations, like formatting and enrollment have transitions between the following states tps._010=# READY = 0, -tps._011=# DAMAGED = 1, -tps._012=# PERM_LOST = 2, -tps._013=# SUSPENDED = 3, -tps._014=# ACTIVE = 4, -tps._015=# TEMP_LOST_PERM_LOST = 5, -tps._016=# TERMINATED = 6 -tps._017=# Sample: tps.operations.allowedTransitions=0:0,0:4,4:4,4:6,6:0 -tps._018=######################################## +tps._011=# ACTIVE = 4 +tps._012=# Note: Default transitions can be removed from the list if necessary. +tps._013=# Do not add other transitions since they may not be supported. +tps._014=######################################## tps.cert.audit_signing.certusage=ObjectSigner tps.cert.audit_signing.nickname=[HSM_LABEL][NICKNAME] tps.cert.list=sslserver,subsystem,audit_signing tps.cert.sslserver.certusage=SSLServer tps.cert.subsystem.certusage=SSLClient -tps.operations.allowedTransitions=0:0,0:4,4:0 +tps.operations.allowedTransitions=0:0,0:4,4:4,4:0 usrgrp._000=## usrgrp._001=## User/Group usrgrp._002=## -- 2.5.5
_______________________________________________ Pki-devel mailing list Pki-devel@redhat.com https://www.redhat.com/mailman/listinfo/pki-devel