Re: [Pki-devel] [PATCH] 734 Removed unsupported token states from TPS CS.cfg.

Endi Sukma Dewata Thu, 05 May 2016 16:16:19 -0700

On 4/29/2016 5:15 PM, Endi Sukma Dewata wrote:

The in-line documentation in CS.cfg for TPS has been updated to
remove unsupported token states in the corresponding properties:
* tokendb.allowedTransitions
* tps.operations.allowedTransitions

New patch attached. Added default transition fortps.operations.allowedTransitions.


--
Endi S. Dewata

>From 331a73f2fc925e0d2b05c813ba2720106f78a8dd Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edew...@redhat.com>
Date: Fri, 29 Apr 2016 23:56:50 +0200
Subject: [PATCH] Updated default TPS token state transitions.

The tps.operations.allowedTransitions property has been updated
to include 4:4 transition by default.

The inline documentation for tokendb.allowedTransitions and
tps.operations.allowedTransitions has been updated to remove
unsupported states and to add a note about adding/removing
transitions.

https://fedorahosted.org/pki/ticket/1290
---
 base/tps-client/doc/CS.cfg.in  | 23 ++++++++++-------------
 base/tps/shared/conf/CS.cfg.in | 23 ++++++++++-------------
 2 files changed, 20 insertions(+), 26 deletions(-)

diff --git a/base/tps-client/doc/CS.cfg.in b/base/tps-client/doc/CS.cfg.in
index e15fc533258048f3802768acec65c3f38ece1b9f..f4bed51cb548f4d2db980c1325160a8ffaca7ede 100644
--- a/base/tps-client/doc/CS.cfg.in
+++ b/base/tps-client/doc/CS.cfg.in
@@ -1487,9 +1487,10 @@ tokendb._069=#     DAMAGED = 1,
 tokendb._070=#     PERM_LOST = 2,
 tokendb._071=#     SUSPENDED = 3,
 tokendb._072=#     ACTIVE = 4,
-tokendb._073=#     TEMP_LOST_PERM_LOST = 5,
-tokendb._074=#     TERMINATED = 6
-tokendb._075=#########################################
+tokendb._073=#     TERMINATED = 6
+tokendb._074=# Note: Default transitions can be removed from the list if necessary.
+tokendb._075=# Do not add other transitions since they may not be supported.
+tokendb._076=#########################################
 tokendb.auditLog=[PKI_INSTANCE_PATH]/logs/tokendb-audit.log
 tokendb.hostport=[TOKENDB_HOST]:[TOKENDB_PORT]
 tokendb.ssl=false
@@ -1590,18 +1591,14 @@ tps._002=# tps.cert.list=sslserver,subsystem,audit_signing
 tps._003=# tps.cert.sslserver.nickname=xxx
 tps._005=# tps.cert.subsystem.nickname=xxx
 tps._007=# tps.cert.audit_signing.nickname=xxx
-tps._008=# operations.allowedTransitions:
+tps._008=# tps.operations.allowedTransitions:
 tps._009=#   - token operations, like formatting and enrollment have transitions between the following states
 tps._010=#     READY = 0,
-tps._011=#     DAMAGED = 1,
-tps._012=#     PERM_LOST = 2,
-tps._013=#     SUSPENDED = 3,
-tps._014=#     ACTIVE = 4,
-tps._015=#     TEMP_LOST_PERM_LOST = 5,
-tps._016=#     TERMINATED = 6
-tps._017=# Sample: tps.operations.allowedTransitions=0:0,0:4,4:4,4:6,6:0
-tps._018=########################################
-tps.operations.allowedTransitions=0:0,0:4,4:0
+tps._011=#     ACTIVE = 4
+tps._012=# Note: Default transitions can be removed from the list if necessary.
+tps._013=# Do not add other transitions since they may not be supported.
+tps._014=########################################
+tps.operations.allowedTransitions=0:0,0:4,4:4,4:0
 tps.cert.list=sslserver,subsystem,audit_signing
 tps.cert.sslserver.nickname=[HSM_LABEL][NICKNAME]
 tps.cert.subsystem.nickname=[HSM_LABEL][NICKNAME]
diff --git a/base/tps/shared/conf/CS.cfg.in b/base/tps/shared/conf/CS.cfg.in
index 2b451defc4f0e43bc01729f4177ff757e60008a8..c2b5265047ce225e23f9090706b1725dd2902f2b 100644
--- a/base/tps/shared/conf/CS.cfg.in
+++ b/base/tps/shared/conf/CS.cfg.in
@@ -1959,9 +1959,10 @@ tokendb._069=#     DAMAGED = 1,
 tokendb._070=#     PERM_LOST = 2,
 tokendb._071=#     SUSPENDED = 3,
 tokendb._072=#     ACTIVE = 4,
-tokendb._073=#     TEMP_LOST_PERM_LOST = 5,
-tokendb._074=#     TERMINATED = 6
-tokendb._075=#########################################
+tokendb._073=#     TERMINATED = 6
+tokendb._074=# Note: Default transitions can be removed from the list if necessary.
+tokendb._075=# Do not add other transitions since they may not be supported.
+tokendb._076=#########################################
 tokendb.activityBaseDN=ou=Activities,[TOKENDB_ROOT]
 tokendb.addConfigTemplate=addConfig.template
 tokendb.addResultTemplate=addResults.template
@@ -2021,23 +2022,19 @@ tps._002=# tps.cert.list=sslserver,subsystem,audit_signing
 tps._003=# tps.cert.sslserver.nickname=xxx
 tps._005=# tps.cert.subsystem.nickname=xxx
 tps._007=# tps.cert.audit_signing.nickname=xxx
-tps._008=# operations.allowedTransitions:
+tps._008=# tps.operations.allowedTransitions:
 tps._009=#   - token operations, like formatting and enrollment have transitions between the following states
 tps._010=#     READY = 0,
-tps._011=#     DAMAGED = 1,
-tps._012=#     PERM_LOST = 2,
-tps._013=#     SUSPENDED = 3,
-tps._014=#     ACTIVE = 4,
-tps._015=#     TEMP_LOST_PERM_LOST = 5,
-tps._016=#     TERMINATED = 6
-tps._017=# Sample: tps.operations.allowedTransitions=0:0,0:4,4:4,4:6,6:0
-tps._018=########################################
+tps._011=#     ACTIVE = 4
+tps._012=# Note: Default transitions can be removed from the list if necessary.
+tps._013=# Do not add other transitions since they may not be supported.
+tps._014=########################################
 tps.cert.audit_signing.certusage=ObjectSigner
 tps.cert.audit_signing.nickname=[HSM_LABEL][NICKNAME]
 tps.cert.list=sslserver,subsystem,audit_signing
 tps.cert.sslserver.certusage=SSLServer
 tps.cert.subsystem.certusage=SSLClient
-tps.operations.allowedTransitions=0:0,0:4,4:0
+tps.operations.allowedTransitions=0:0,0:4,4:4,4:0
 usrgrp._000=##
 usrgrp._001=## User/Group
 usrgrp._002=##
-- 
2.5.5

_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel

Re: [Pki-devel] [PATCH] 734 Removed unsupported token states from TPS CS.cfg.

Reply via email to