On 9/2/2016 10:12 AM, Ade Lee wrote:
This looks OK to me. I will merge it
Ade
Thanks!
--
Endi S. Dewata
___
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
On 8/24/2016 11:18 PM, Fraser Tweedale wrote:
Hi team,
The attached patch implements cert revocation on LWCA deletion. The
TODO for parametrising over revocation reason and invalid date is
intentional - I just want to get the minimal viable solution into
10.3.x ASAP and we can look at what
Previously when installing with HSM the token name has to be
specified for each system certificate in the pki__token
parameters. The deployment tool has been modified such that by
default it will use the token name specified in pki_token_name.
Previously issues with system certificates that
> I'm less familiar with the area, so I'm just going to ask a question. Where
> in the new code does it handle taking in passwords and logging into the
> extra token(s)?
>
>
> thanks,
>
> Christina
>
> On 08/31/2016 12:35 PM, Endi Sukma Dewata wrote:
>
>
The patch that added the support for creating system certificates
in different tokens causes issues in certain cases, so for now it
has been reverted.
https://fedorahosted.org/pki/ticket/2449
--
Endi S. Dewata
>From 962ca82b97a1d2440569d1d70984a5765191ba59 Mon Sep 17 00:00:00 2001
From: "Endi
On 9/8/2016 2:13 PM, Endi Sukma Dewata wrote:
The patch that added the support for creating system certificates
in different tokens causes issues in certain cases, so for now it
has been reverted.
https://fedorahosted.org/pki/ticket/2449
Pushed to master (10.4) under one-liner/trivial rule
To help troubleshooting the SigningUnit for CA have been modified
to show additional log messages.
https://fedorahosted.org/pki/ticket/2463
Pushed to master (10.4) under one-liner/trivial rule.
--
Endi S. Dewata
>From d45c675948bb1ec13610626c57b6905dfc03fd43 Mon Sep 17 00:00:00 2001
From:
To help troubleshooting the SigningUnit for CA and OCSP have been
modified to chain the original exceptions.
https://fedorahosted.org/pki/ticket/2463
Pushed master (10.4) under one-line/trivial rule.
--
Endi S. Dewata
>From 701022f97aef862c1cdfa6b030fecf0a1d250930 Mon Sep 17 00:00:00 2001
To help troubleshooting some debug messages have been added into
ConfigurationUtils.handleCerts().
https://fedorahosted.org/pki/ticket/2436
Pushed to master (10.4) under one-liner/trivial rule.
--
Endi S. Dewata
>From 9aa6640e7e94a591343478ee806a6e6d4c9f81e8 Mon Sep 17 00:00:00 2001
From:
On 8/19/2016 4:26 PM, Endi Sukma Dewata wrote:
The CA signing CSR is already stored in request record which will
be imported as part of migration process, so it's not necessary to
export and reimport the CSR file again for migration.
To allow optional CSR, the pki-server subsystem-cert-validate
The PKI server logging service has been modified to utilize SLF4J.
This allows the admin to use the logging framework of choice.
https://fedorahosted.org/pki/ticket/195
This patch depends on patch #834.
--
Endi S. Dewata
>From 3180e43d9e314c7135bb8368a464d1fb6d3c5bc4 Mon Sep 17 00:00:00 2001
On 11/7/2016 7:23 PM, Christina Fu wrote:
looks good. The only thing I had question with was whether the referred to in the man pages was in DER binary encoding or base64
encoded PEM. It would help if you clarify that.
Conditional ACK.
Christina
Thanks! I fixed the pkcs12-cert-export
The list of source and class files in some CMake files have been
generalized to allow renaming Java packages without changing the
CMake files again.
https://fedorahosted.org/pki/ticket/6
I've verified that the new CMake files do not change the content of the
JAR files.
--
Endi S. Dewata
To discourage the use of policy framework, the framework classes
have been moved into org.dogtagpki.legacy.
https://fedorahosted.org/pki/ticket/6
--
Endi S. Dewata
>From 8ee7d79b765f420680c153f47039e30ec1862bea Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Fri, 4
On 10/18/2016 11:34 AM, Christina Fu wrote:
Code looks good. ACK if tested to work in both FIPS and non-FIPS, with
or without HSM.
Might be a future exercise to find out where the string "Internal Key
Storage Token" comes from.
Christina
Thanks! It works in the above cases. The patch has
On 10/20/2016 8:07 PM, John Magne wrote:
Have seen demo, and it looks good.
ACK
Thanks! Pushed to master.
--
Endi S. Dewata
___
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
On 10/20/2016 8:07 PM, John Magne wrote:
Have seen demo and looks good.
ACK
Thanks! Pushed to master.
--
Endi S. Dewata
___
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
https://fedorahosted.org/pki/ticket/2460
Pushed to master & 10.3 branch under trivial/one-liner rule.
--
Endi S. Dewata
>From 456434acfc230efbb0414a7daa72afe60909a04b Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Mon, 24 Oct 2016 18:30:55 +0200
Subject: [PATCH]
The TPS UI has been modified to adjust the system menu based
on the list of accessible components obtained during login.
The TPSApplication has been modified to use TPSAccountService
which returns the list of accessible components based on the
following properties in the CS.cfg:
* admin:
The TPS UI has been updated to support TPS agent approval process
for changes in authenticators, connectors, and profile mappings in
addition to profiles.
The ConfigEntryPage has been updated to display the action links
consistently in the above components for all possible role and
status
On 11/18/2016 3:00 PM, Endi Sukma Dewata wrote:
A new logging.properties has been added to each subsystem to
define the PKI packages to be logged in the debug log. The
server logging.properties has been updated to define the debug
log handlers for each subsystem.
The pki.policy has been
The server logging.properties has been modified to log low
level messages into catalina log for troubleshooting non-PKI
issues (e.g. RESTEasy). High level messages (i.e. errors and
warnings) will continue to be logged on the console.
The pki-server-logging man page has been updated accordingly.
The PKIConnection has been modified to provide two get() methods:
one returning a generic Response object wnd the other returning an
object with the specified type. The ConfigurationUtils has been
modified accordingly.
https://fedorahosted.org/pki/ticket/1517
Pushed to master and 10.3 branch
Previously the pki user-cert-add fails to check whether the server
has a CA subsystem when it's invoked over SSL. That is because the
CLI tries to establish a new but improperly set up SSL connection.
Now the CLI has been modified to use the existing server
connection.
The pki-cert man page has been updated to clarify that certain
profiles may require authentication and the CLI supports certain
authentication types.
https://fedorahosted.org/pki/ticket/2289
Pushed to master under trivial/one-liner rule.
--
Endi S. Dewata
>From
On 11/15/2016 8:55 PM, Christina Fu wrote:
looks good. if tested to work, ack.
Christina
Thanks! Pushed to master.
--
Endi S. Dewata
___
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
On 11/15/2016 11:02 PM, Endi Sukma Dewata wrote:
When installing subordinate CA with HSM, the installer calls the
pki CLI (which is implemented using JSS) to validate the imported
CA certificate in HSM. Normally, the HSM password is specified as
CLI parameter, but in FIPS mode JSS requires both
The PKCS12Util class has been modified to use SLF4J logging
framework. The CMake scripts has been modified to include SLF4J
libraries in the classpath. The spec file has been modified to
add SLF4J dependencies.
https://fedorahosted.org/pki/ticket/195
--
Endi S. Dewata
>From
A new logging.properties has been added to each subsystem to
define the PKI packages to be logged in the debug log. The
server logging.properties has been updated to define the debug
log handlers for each subsystem.
The pki.policy has been modified to allow Tomcat to read the
default
The PKI server logging service has been modified to utilize SLF4J
internally while maintaining the same API. This will allow
incremental transition to SLF4J.
https://fedorahosted.org/pki/ticket/195
--
Endi S. Dewata
>From ac10c328028d332e047358721de2cda3c56bc6c8 Mon Sep 17 00:00:00 2001
From:
On 11/17/2016 7:18 PM, Matthew Harmsen wrote:
ACK (presuming customization and troubleshooting have been tested) with
the following caveats:
* pki-edewata-0868-Removed-unused-subsystem-logging.properties.patch
o This patch needs to be split into two separate and distinct patches:
On 11/9/2016 1:56 PM, Ade Lee wrote:
ACK
Thanks! Pushed to master.
--
Endi S. Dewata
___
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
The ExtendedKeyUsageExtension has been modified to always close
the DerOutputStream instance.
The ExtendedKeyUsageExt has been modified to wrap the original
exception.
https://fedorahosted.org/pki/ticket/2530
Pushed to master under trivial/one-liner rule.
--
Endi S. Dewata
>From
The InhibitAnyPolicyExtension has been modified to always close
the DerOutputStream instance.
The InhibitAnyPolicyExtDefault has been modified to wrap the
original exception.
https://fedorahosted.org/pki/ticket/2530
Pushed to master under trivial/one-liner rule.
--
Endi S. Dewata
>From
The deprecated DefaultHttpClient in SubsystemClient, CRMFPopClient,
and OCSPProcessor has been replaced with HttpClientBuilder.
https://fedorahosted.org/pki/ticket/2531
Pushed to master under trivial/one-liner rule.
--
Endi S. Dewata
>From db58e6071f6bb57de006e6499c0a0c6a8c8e67bf Mon Sep 17
New man pages have been added: pki-pkcs12, pki-pkcs12-cert, and
pki-pkcs12-key.
The pki-core.spec has been updated to include the new man pages
for PKCS #12 utilities.
https://fedorahosted.org/pki/ticket/1920
--
Endi S. Dewata
>From 189f7aa36f02256de5472117ea927ca762604a62 Mon Sep 17 00:00:00
The GenericASN1Extension has been modified to always close the
DerOutputStream instance.
https://fedorahosted.org/pki/ticket/2530
Pushed to master under trivial/one-liner rule.
--
Endi S. Dewata
>From 487d08c2832368848f1235d781e114d343190476 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
The OCSPNoCheckExtension has been modified to always close the
DerOutputStream instance.
The OCSPNoCheckExt has been modified to wrap the original
exception.
https://fedorahosted.org/pki/ticket/2530
Pushed to master under trivial/one-liner rule.
--
Endi S. Dewata
>From
To reduce Eclipse warnings, classes and methods related to policy
framework have been undeprecated. In the future the policy
framework may be removed since it has already been replaced with
the profile framework.
https://fedorahosted.org/pki/ticket/6
--
Endi S. Dewata
>From
The CryptoUtil.getTokenName() has been modified to check both the
short name and full name of the internal token.
The ConfigurationUtils.deleteCert() has also been modified to call
CryptoUtil.getTokenName().
https://fedorahosted.org/pki/ticket/2500
Pushed to master under one-liner/trivial
The verify_subsystem_does_not_exist() has been modified to display
the proper error message when the subsystem to be installed already
exists.
https://fedorahosted.org/pki/ticket/2476
Pushed to master under one-liner/trivial rule.
--
Endi S. Dewata
>From
To help troubleshooting build issues the pki-nsutil-classes
build target has been modified to depend on symkey-jar although
there is no actual code dependency. This way the targets will
be built sequentially and error messages will be easier to find.
https://fedorahosted.org/pki/ticket/2476
The ConfigurationUtils.handleCerts() has been modified to log the
actual exception instead of showing the "deleteCert" operation
which may not be executed yet.
https://fedorahosted.org/pki/ticket/2457
Pushed to master under trivial rule.
--
Endi S. Dewata
>From
Previously the default AJP hostname was an IPv4 loopback address.
To avoid problems in IPv6 environments the default has been
changed to a generic "localhost" address. The man page has been
updated accordingly.
https://fedorahosted.org/pki/ticket/2570
Tested with IPA. Pushed to master under
A new tcp.keepAlive parameter has been added for CS.cfg to
configure the TCP Keep-Alive option for all LDAP connections
created by PKI server. By default the option is enabled.
The LdapJssSSLSocketFactory has been modified to support both
plain and secure sockets. For clarity, the socket factory
The pki_copytree() has been moved from pkihelper.py into
pki/util.py such that it can be reused in non-deployment
scenarios.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 9822676b7f00cc7e78d42c50c2506a289ed9c1c6 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
To improve reusability the deployment tools have been modified
such that the master and slots dictionary objects are created in
PKIDeployer at the beginning of the program. The PKIConfigParser
has been modified to use the same dictionary objects.
Pushed to master under trivial rule.
--
Endi S.
To improve reusability the user_config object has been converted
from a global variable in pkiconfig.py into an attribute in
PKIDeployer.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 84e98cd37d0299e3070b88309e331f721dd8d058 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
The CMake scripts have been modified to remove redundant
invocations of find_file() to find Tomcat libraries.
https://fedorahosted.org/pki/ticket/2560
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 843cbeed6ddab8f1883abce47a8c45e0fa14fc5a Mon Sep 17 00:00:00 2001
From: "Endi S.
To help troubleshooting build issues the pki-tools build targets
have been modified such that they run sequentially. This way error
messages will be easier to find in the build log.
https://fedorahosted.org/pki/ticket/2463
Pushed to master under trivial rule.
--
Endi S. Dewata
New pki-server commands have been added to provide a consistent
way to start, stop, and restart PKI instances using different
types of Tomcat installations.
https://fedorahosted.org/pki/ticket/2560
--
Endi S. Dewata
>From 69805bcc5b6fcedb3f4114e2f02b50d8a5931e09 Mon Sep 17 00:00:00 2001
From:
The start(), stop() and restart() methods in PKIInstance have been
modified to provide a unified way to manage instances using different
types of Tomcat installations:
* generic Tomcat
* standard Tomcat on Debian
* nuxwdog-enabled Tomcat on Fedora/RHEL
* standard Tomcat on Fedora/RHEL
The
To improve reusability the PKIDeployer class has been moved from
the pkihelper.py into the top level pki.server.deployment module.
--
Endi S. Dewata
>From 202365ea7ff3cd85e16243b751f9f56bb8018ed6 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Wed, 21 Dec 2016 16:12:19
To improve reusability the deployment timestamp variables have been
converted from global variables in pkiconfig.py into attributes in
PKIDeployer.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From d77d308f2284ea057c5235d4e828ff4cd0029d57 Mon Sep 17 00:00:00 2001
From: "Endi S.
To improve reusability the deployment system variables have been
converted from global variables in pkiconfig.py into attributes in
PKIDeployer.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 93d3b5f399078eeafafc47e27f02a8cd643dbba6 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Additional changes to remove unnecessary CLI connection using lazy
initialization.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 043aa471f9e243faad58917e9e055affdb694c79 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Fri, 24 Mar 2017 02:02:51 +0100
Some constants in RollingLogFile have been replaced with their
equivalents in Constants class.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 8d60caa44803915c153e1919ccaf08b166d38190 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Wed, 29 Mar 2017
Additional changes to remove unnecessary CLI connection using lazy
initialization.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From a6b64e4f45348011885f268db92beab0d563ff22 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Fri, 24 Mar 2017 03:42:55 +0100
All subclasses of PKIService have been modified to remove the
Context attribute since they have been declared in the base class.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 7fc7d3e8844d4992db60a637370b8599bff5a282 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
The PKI CLI has been modified such that it initializes the
PKIClient (and retrieves the access banner) only if the CLI
needs to access the PKI server.
https://pagure.io/dogtagpki/issue/2612
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 6bcb89b55db870766ddcf09002a5997b323bd196
A new parameter has been added to pki.conf to enable/disable the
default SSL ciphers for PKI CLI.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From de4b48b9e4523a865e74f8122e130e976b124410 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Sun, 19 Mar 2017
The hard-coded SSL version ranges in PKI CLI have been converted
into configurable parameters in the pki.conf.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 31683301b69fda23893c80af7c34c42a75e1b906 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Fri, 17
The code that converts cipher name into cipher ID and enables
the cipher in CryptoUtil.setClientCiphers() has been moved into
a separate method.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From af7be30e164b1aebbb0e6eaf1fbfc6b9fb46360e Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
The CryptoUtil.setClientCiphers() has been modified to throw
an exception on unsupported cipher.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 035f37b6416e9b001ff49e06142751b974835a9b Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Sun, 19 Mar 2017
The setClientCiphers() in CryptoUtil has been renamed to
setDefaultSSLCiphers() for clarity.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From a168db3f36584a6a576daa91c993d18c134835fe Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Sun, 19 Mar 2017 18:44:06
The CryptoUtil.unsetSSLCiphers() has been modified not to ignore
exceptions.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From cdffde5b5449db804e98ccac624cdc5eeab29dce Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Sun, 19 Mar 2017 19:52:51 +0100
Subject:
The Eclipse .classpath file has been modified to include
tomcat-coyote.jar to avoid build problem.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 686303c3b71f9c929face7c0f947cf7563e9da68 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Fri, 17 Mar 2017
The PKI CLI has been modified to create a default NSS database
without a password if there is no existing database at the
expected location.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 8b85ace2a2761c8451a11b4df8f142bd291cd6d4 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
The duplicate code for configuring default SSL version ranges has
been merged into reusable methods in CryptoUtil.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 4d6e6d05d5270a0e81ae12e2583cae9c49667c88 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date:
The CryptoUtil.setClientCiphers(String) has been reformatted to
simplify future refactoring.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 2b9f9b7ef9e936dc5dc7ecc7bcc4c2fd8236dd1f Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Sat, 18 Mar 2017 03:33:10
The PKI CLI has been modified to support client cert authentication
without NSS database password.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 516e9360f96721bdbd0301b12120c9d47225e5e4 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Tue, 21 Mar 2017
The pki.nssdb module has been modified to support operations
without NSS database password.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 2c4beb83a1dd772e02f5809e610319fcf1812034 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Mon, 20 Mar 2017 01:28:05
The pki client-init has been modified to support creating NSS
database without password.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 4c6a98d79a02fd0bf6e5da56835e8dd0ce2e7485 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Mon, 20 Mar 2017 01:21:34
The CryptoUtil.setSSLCiphers() has been modified to support a "-"
sign in front of the cipher name or ID to disable the cipher.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 8ba95a89a7de733c5319f575e80621faa2b45e90 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
The CryptoUtil.setSSLCipher() has been modified to support ciphers
specified using hex ID.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From bc6ad11480c4d5185cf70334b4cbc03e3a1cff61 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Sun, 19 Mar 2017 20:23:23
The default pki.conf has been modified to export the environment
variables such that they can be used by PKI client.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From f2c3331176be82317cd5401b8b69d8adef18b188 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date:
The PKI CLI has been modified to support cascading configuration
files: default, system-wide, and user-specific configuration.
The existing Python-based PKI CLI was moved into pki.cli.main
module. A new shell script was added as a replacement which will
read the configuration files and invoke
The PKIServerSocketListener.alertReceived() has been fixed to
generate audit log when the SSL socket is closed by the client.
The log message has been modified to include the reason for the
termination.
https://pagure.io/dogtagpki/issue/2602
Pushed to master under trivial rule.
--
Endi S.
New pki-server CLI commands have been added to simplify
inspecting the audit log files on the server.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From d8081073d10065987341a6583a6a7e7351b22438 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Tue, 11 Apr 2017
The UserCLI and GroupCLI have been fixed to use the subsystem name
in the client configuration object if available.
https://pagure.io/dogtagpki/issue/2626
--
Endi S. Dewata
>From 0409bfa35601a0b59f75c05cf8a34aed6514fc24 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date:
New audit(AuditEvent) methods have been added alongside the
existing audit(String) methods.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 92b68d7ab3f58ad80a545f550f0598de2c43da2c Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Thu, 13 Apr 2017 01:45:37
The CMS.getLogMessage() has been generalized to take an array of
Objects instead of Strings.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 9fa3323e017079e490a3749dfdbf5d59a08c65e9 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Wed, 12 Apr 2017 21:44:31
The IAuditor has been modified to define a log() method for
AuditEvent object.
Pushed to master under trivial rule.
https://github.com/dogtagpki/pki/commit/ba32351d7c362e6b0e313cde0929c56f3f55ec5f
--
Endi S. Dewata
___
Pki-devel mailing list
Pushed to master under trivial rule.
https://github.com/dogtagpki/pki/commit/e12a9367108ca9dbdd2cc02f35f68be8d6865457
--
Endi S. Dewata
___
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
A new audit() methods have been added to log AuditEvents in
AdminServlet.
Pushed to master under trivial rule.
https://github.com/dogtagpki/pki/commit/17e71d3ec1f52cc2e13590499dd70c5932885b20
--
Endi S. Dewata
___
Pki-devel mailing list
The code that concatenates lines has been simplified using
String.replace().
Pushed to master under trivial rule.
https://github.com/dogtagpki/pki/commit/6bb1757a035d3439a65aa604a19dcdf48b7b2dbc
--
Endi S. Dewata
___
Pki-devel mailing list
The PKIServerSocketListener has been fixed to obtain the correct
client IP address from SSL socket.
https://pagure.io/dogtagpki/issue/2602
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 0aebe0b9192d5c549cc3350926ecf42276dbccb0 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
The code that concatenates lines has been simplified using
String.replace().
Pushed to master under trivial rule.
https://github.com/dogtagpki/pki/commit/46cc674dcb6ff09167c69391054b36bdcfb36cbb
--
Endi S. Dewata
___
Pki-devel mailing list
The code that loads the password.conf in PKIInstance.load() has
been converted into a general purpose load_properties() method.
A corresponding store_properties() method has been added as well.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 7810a55d0b967ff5355312e952fc4c7314a45f35
The pki_console_wrapper script has been fixed to load cascading
pki.conf properly and to set the logging configuration property.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 10d8f53c25d8ed7907b55c247fc77e5c3900029b Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Pushed to master under trivial rule.
https://github.com/dogtagpki/pki/commit/f902b0365f2cf92f14f0a814394cd025669b3ea8
--
Endi S. Dewata
___
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
On 5/31/2017 6:30 PM, Matthew Harmsen wrote:
The attached patch was altered to change "args" ==> "argv" rather than
"argv" ==> "args" since it was discovered that a number of the routines
utilized "args" as a local variable that would have to be changed since
if the "argv" input parameter were
Hi,
PKI 10.6.1 is now available upstream:
https://github.com/dogtagpki/pki/releases/tag/v10.6.1
Fedora 28 builds are available via the following update:
https://bodhi.fedoraproject.org/updates/FEDORA-2018-4f684aab1a
Fedora Rawhide builds are available in Koji.
Fedora 27 builds are available in
Hi,
Just FYI, the JSS repository has been branched. The JSS_4_4_BRANCH
will be used for JSS 4.4.x maintenance. The master branch will be
used for JSS 4.5 development.
If you are fixing something in the 4.4 branch, please also fix it
in the master branch.
Thanks.
--
Endi S. Dewata
Hi,
PKI 10.6.0 and TomcatJSS 7.3.0 has officially been released
upstream and in Fedora 28:
https://github.com/dogtagpki/pki/releases/tag/v10.6.0
https://github.com/dogtagpki/tomcatjss/releases/tag/v7.3.0
Please note that there are no changes since the last Release
Candidate.
Thanks for your
Hi,
PKI 10.6.6 is now available upstream:
https://github.com/dogtagpki/pki/releases/tag/v10.6.6
Fedora 28 builds are available via the following update:
https://bodhi.fedoraproject.org/updates/FEDORA-2018-9132d6f913
Fedora 29 builds are available in Koji.
Fedora 27 builds are available in this
Hi,
We have just implemented the switch to HTTP NIO connector
in the master branch:
https://github.com/dogtagpki/pki/commit/3be16204bed2bf075fbe894135ca7d59cd7b408d
See this page for explanation:
http://www.dogtagpki.org/wiki/PKI_10.6_HTTP_NIO_Connector_Support
If you have an existing PKI 10.6
Hi Fraser,
Yeah, there's a bug in the message formatter. Could you take a
look at this patch?
https://review.gerrithub.io/#/c/403387/
Here's some documentation (still work in progress):
http://pki.fedoraproject.org/wiki/PKI_10.6_Logging_Improvements
Thanks!
--
Endi S. Dewata
- Original
Hi,
TomcatJSS 7.3.0 Release Candidate is now available upstream:
https://github.com/dogtagpki/tomcatjss/releases/tag/v7.3.0-rc
Fedora 28 build is available via the following update:
https://bodhi.fedoraproject.org/updates/FEDORA-2018-a52fb8dd30
Fedora Rawhide build is available in Koji.
Fedora
Hi,
PKI 10.6.0 Beta is now available on Fedora 28 Beta via the
following update:
https://bodhi.fedoraproject.org/updates/FEDORA-2018-2fd7295cb9
Fedora Rawhide builds are available in Koji.
Fedora 27 builds are available in PKI 10.6 COPR repository
(for development only):
201 - 300 of 305 matches
Mail list logo