diff --git a/.gitignore b/.gitignore index da43391..c35246b 100644 --- a/.gitignore +++ b/.gitignore @@ -102,3 +102,5 @@ certmonger-0.28.tar.gz /certmonger-0.77.4.tar.gz.sig /certmonger-0.77.5.tar.gz /certmonger-0.77.5.tar.gz.sig +/certmonger-0.78.tar.gz +/certmonger-0.78.tar.gz.sig diff --git a/certmonger.spec b/certmonger.spec index 204b299..0319db8 100644 --- a/certmonger.spec +++ b/certmonger.spec @@ -25,8 +25,8 @@ %endif Name: certmonger -Version: 0.77.5 -Release: 2%{?dist} +Version: 0.78 +Release: 1%{?dist} Summary: Certificate status monitor and PKI enrollment client Group: System Environment/Daemons @@ -73,6 +73,8 @@ BuildRequires: /usr/bin/unix2dos BuildRequires: /usr/bin/which # for dbus tests BuildRequires: dbus-python +# for popt or popt-devel, depending on the build environment +BuildRequires: /usr/include/popt.h # we need a running system bus Requires: dbus @@ -239,6 +241,33 @@ exit 0 %endif %changelog +* Sat Jun 20 2015 Nalin Dahyabhai 0.78-1 +- switch to using popt for parsing command line arguments, continuing to + use old help text for now so that we can catch up with translations (print + old text for --help, new text (with longopts!) for -H) +- add some plumbing for eventually receiving per-certificate roots in + addition to issued certificates and chain certificates +- add a "rekey" command to getcert, for triggering enrollment using a new + key pair +- scep-submit: check for the Renewal capability, and default to taking + advantage of it during rekeying, unless the new -n flag is specified to it +- dogtag-submit: add flags for passing user names, UDNs, passwords, and PINs + to the helper +- dogtag-submit: add a flag for using the agent creds to do TLS client auth + while submitting enrollment requests +- dogtag-submit: handle cases where we submit a request and the server + returns a success code rather than just queuing the request +- ipa-submit: pass requested profile names to the server as an argument + named "profile_id"; if the server gives us an "unrecognized argument" + error, retry without it for compatibility's sake +- keygen: fix a possible crash if keygen fails to return a key from NSS +- correct the certmonger(8) man page's description of the -c flag, whic it + used to call the -C flag +- add logic for setting ownership and permissions on certificates and keys + when saving them to disk +- add configuration options "max_key_lifetime" and "max_key_use_count" for + making automatic renewal prefer rekeying + * Wed Jun 17 2015 Fedora Release Engineering - 0.77.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild diff --git a/sources b/sources index 1bd1f53..49ff889 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -eec04ad0632f928568532265a2e5350a certmonger-0.77.5.tar.gz -9bdf54da04119893c1c37a413b335573 certmonger-0.77.5.tar.gz.sig +4b8fac20d5d250fd1c0d25de1274248c certmonger-0.78.tar.gz +66a941ba07c2aeb34674c36aa1fef84b certmonger-0.78.tar.gz.sig