rpms/certmonger
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to 0.78

Browse Source 
- switch to using popt for parsing command line arguments, continuing to
  use old help text for now so that we can catch up with translations (print
  old text for --help, new text (with longopts!) for -H)
- add some plumbing for eventually receiving per-certificate roots in
  addition to issued certificates and chain certificates
- add a "rekey" command to getcert, for triggering enrollment using a new
  key pair
- scep-submit: check for the Renewal capability, and default to taking
  advantage of it during rekeying, unless the new -n flag is specified to it
- dogtag-submit: add flags for passing user names, UDNs, passwords, and PINs
  to the helper
- dogtag-submit: add a flag for using the agent creds to do TLS client auth
  while submitting enrollment requests
- dogtag-submit: handle cases where we submit a request and the server
  returns a success code rather than just queuing the request
- ipa-submit: pass requested profile names to the server as an argument
  named "profile_id"; if the server gives us an "unrecognized argument"
  error, retry without it for compatibility's sake
- keygen: fix a possible crash if keygen fails to return a key from NSS
- correct the certmonger(8) man page's description of the -c flag, whic it
  used to call the -C flag
- add logic for setting ownership and permissions on certificates and keys
  when saving them to disk
- add configuration options "max_key_lifetime" and "max_key_use_count" for
  making automatic renewal prefer rekeying
This commit is contained in:
Nalin Dahyabhai 2015-06-20 11:25:43 -04:00
parent b13cf66225
commit 0760509e84
3 changed files with 35 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -102,3 +102,5 @@ certmonger-0.28.tar.gz
/certmonger-0.77.4.tar.gz.sig /certmonger-0.77.4.tar.gz.sig
/certmonger-0.77.5.tar.gz /certmonger-0.77.5.tar.gz
/certmonger-0.77.5.tar.gz.sig /certmonger-0.77.5.tar.gz.sig
/certmonger-0.78.tar.gz
/certmonger-0.78.tar.gz.sig

33
certmonger.spec
View File

@ -25,8 +25,8 @@
%endif %endif
Name: certmonger Name: certmonger
Version: 0.77.5 Version: 0.78
Release: 2%{?dist} Release: 1%{?dist}
Summary: Certificate status monitor and PKI enrollment client Summary: Certificate status monitor and PKI enrollment client
Group: System Environment/Daemons Group: System Environment/Daemons
@ -73,6 +73,8 @@ BuildRequires: /usr/bin/unix2dos
BuildRequires: /usr/bin/which BuildRequires: /usr/bin/which
# for dbus tests # for dbus tests
BuildRequires: dbus-python BuildRequires: dbus-python
# for popt or popt-devel, depending on the build environment
BuildRequires: /usr/include/popt.h
# we need a running system bus # we need a running system bus
Requires: dbus Requires: dbus
@ -239,6 +241,33 @@ exit 0
%endif %endif
%changelog %changelog
* Sat Jun 20 2015 Nalin Dahyabhai <nalin@redhat.com> 0.78-1
- switch to using popt for parsing command line arguments, continuing to
use old help text for now so that we can catch up with translations (print
old text for --help, new text (with longopts!) for -H)
- add some plumbing for eventually receiving per-certificate roots in
addition to issued certificates and chain certificates
- add a "rekey" command to getcert, for triggering enrollment using a new
key pair
- scep-submit: check for the Renewal capability, and default to taking
advantage of it during rekeying, unless the new -n flag is specified to it
- dogtag-submit: add flags for passing user names, UDNs, passwords, and PINs
to the helper
- dogtag-submit: add a flag for using the agent creds to do TLS client auth
while submitting enrollment requests
- dogtag-submit: handle cases where we submit a request and the server
returns a success code rather than just queuing the request
- ipa-submit: pass requested profile names to the server as an argument
named "profile_id"; if the server gives us an "unrecognized argument"
error, retry without it for compatibility's sake
- keygen: fix a possible crash if keygen fails to return a key from NSS
- correct the certmonger(8) man page's description of the -c flag, whic it
used to call the -C flag
- add logic for setting ownership and permissions on certificates and keys
when saving them to disk
- add configuration options "max_key_lifetime" and "max_key_use_count" for
making automatic renewal prefer rekeying
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.77.5-2 * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.77.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild

4
sources
View File

@ -1,2 +1,2 @@
eec04ad0632f928568532265a2e5350a certmonger-0.77.5.tar.gz 4b8fac20d5d250fd1c0d25de1274248c certmonger-0.78.tar.gz
9bdf54da04119893c1c37a413b335573 certmonger-0.77.5.tar.gz.sig 66a941ba07c2aeb34674c36aa1fef84b certmonger-0.78.tar.gz.sig