rpms/certmonger
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to 0.75.8

Browse Source 
- add a 'refresh' option to the getcert command
- add a '-a' flag to the getcert command's 'refresh-ca' option
- adjust package Requires: on systemd-sysv on F19 and EL6 and older,
  conditionalized it so that it's ignored on newer releases, and make
  whether or not we call systemd-sysv-convert in triggers depend on that,
  too (#1104138)
- fix an inconsistency in how we parse cookie values returned by CA helpers,
  in that single-line values would lose the end-of-line after a daemon
  restart, but not before
- handle timeout values and exit status values when calling CA helpers
  in non-SUBMIT, non-POLL modes (#1118468)
- rework how we save CA certificates so that we save CA certificates associated
  with end-entity certificates when we save that end-entity certificate, which
  requires running all of the involved pre- and post-save commands
This commit is contained in:
Nalin Dahyabhai 2014-07-21 16:25:17 -04:00
parent acbe23a0ad
commit 1bab3989b3
3 changed files with 43 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -76,3 +76,5 @@ certmonger-0.28.tar.gz
/certmonger-0.75.5.tar.gz.sig
/certmonger-0.75.6.tar.gz
/certmonger-0.75.6.tar.gz.sig
/certmonger-0.75.8.tar.gz
/certmonger-0.75.8.tar.gz.sig

44
certmonger.spec
View File

@ -6,6 +6,12 @@
%global sysvinit 1
%endif
%if 0%{?fedora} > 15 && 0%{?fedora} < 20
%global systemdsysv 1
%else
%global systemdsysv 0
%endif
%if 0%{?fedora} > 14 || 0%{?rhel} > 6
%global tmpfiles 1
%else
@ -19,7 +25,7 @@
%endif
Name: certmonger
Version: 0.75.6
Version: 0.75.8
Release: 1%{?dist}
Summary: Certificate status monitor and PKI enrollment client
@ -71,7 +77,17 @@ BuildRequires: systemd-units
Requires(post): systemd-units
Requires(preun): systemd-units, dbus, sed
Requires(postun): systemd-units
%endif
%if %{systemdsysv}
Requires(post): systemd-sysv
%global systemdsysvsave \
# Save the current service runlevel info, in case the user wants \
# to apply the enabled status manually later, by running \
# "systemd-sysv-convert --apply certmonger". \
%{_bindir}/systemd-sysv-convert --save certmonger >/dev/null 2>&1 ||:
%else
%global systemdsysvsave %{nil}
%endif
%if %{sysvinit}
@ -186,10 +202,7 @@ exit 0
%if %{systemd}
%triggerun -- certmonger < 0.43
# Save the current service runlevel info, in case the user wants to apply
# the enabled status manually later, by running
# "systemd-sysv-convert --apply certmonger".
%{_bindir}/systemd-sysv-convert --save certmonger >/dev/null 2>&1 ||:
%{systemdsysvsave}
# Do this because the old package's %%postun doesn't know we need to do it.
/sbin/chkconfig --del certmonger >/dev/null 2>&1 || :
# Do this because the old package's %%postun wouldn't have tried.
@ -221,6 +234,27 @@ exit 0
%endif
%changelog
* Mon Jul 21 2014 Nalin Dahyabhai <nalin@redhat.com> 0.75.8-1
- add a 'refresh' option to the getcert command
- add a '-a' flag to the getcert command's 'refresh-ca' option
* Thu Jul 17 2014 Nalin Dahyabhai <nalin@redhat.com> 0.75.7-2
- reintroduce package Requires: on systemd-sysv on F19 and EL6 and older,
conditionalized it so that it's ignored on newer releases, and make
whether or not we call systemd-sysv-convert in triggers depend on that,
too (#1104138)
* Thu Jul 17 2014 Nalin Dahyabhai <nalin@redhat.com> 0.75.7-1
- fix an inconsistency in how we parse cookie values returned by CA helpers,
in that single-line values would lose the end-of-line after a daemon
restart, but not before
- handle timeout values and exit status values when calling CA helpers
in non-SUBMIT, non-POLL modes (#1118468)
- rework how we save CA certificates so that we save CA certificates associated
with end-entity certificates when we save that end-entity certificate, which
requires running all of the involved pre- and post-save commands
- drop package Requires: on systemd-sysv (#1104138)
* Thu Jun 26 2014 Nalin Dahyabhai <nalin@redhat.com> 0.75.6-1
- avoid potential use-after-free and read overrun after a CA is added
dynamically (thanks to Jan Cholasta)

4
sources
View File

@ -1,2 +1,2 @@
8b4b3a7b5a4e2e565c74da9653aa8e9c certmonger-0.75.6.tar.gz
334163ba57ecd613d95b5f26089cb945 certmonger-0.75.6.tar.gz.sig
426ab6a9e99acfd6cf46df7292977db3 certmonger-0.75.8.tar.gz
087df8442b85e8823a8ca938d1ee84b8 certmonger-0.75.8.tar.gz.sig