Update to 0.75

- add a -w (wait) flag to the getcert's request/resubmit/start-tracking commands, and add a non-waiting "status" command - add the "local" signer, a local toy CA that signs anything you'll ask it to sign - fix self-test errors that we trigger with new OpenSSL - fix a build error that would sometimes happen when we're told to build PIE binaries - quiet a compile warning - retrieve CA information from CAs, if the helpers can do so, and add a command to explicitly refresh that data: "getcert refresh-ca" - offer to save CA certificates to files and databases, when specified with new -a and -F flags to getcert request/resubmit/start-tracking (#1098208, trac #31) - add IP address subject alternate names when getcert request/resubmit is passed the -A option (trac #35) - read and cache the freshestCRL extension in certificates - properly interpret KDC-unreachable errors encountered in the IPA submission error as a server-unreachable error that we will retry, rather than a misconfiguration error which we won't - don't let tests get tripped up by new formatting used in dos2unix status messages (#1099080) - updated translations - be explicit that we are going to use bashisms in test scripts by calling the shell interpreter as 'bash' rather than 'sh' (trac #27)
2014-06-13 17:27:25 -04:00 · 2014-06-13 17:27:25 -04:00 · 468fcf0c32
commit 468fcf0c32
parent 2c35256181
3 changed files with 59 additions and 5 deletions
--- a/.gitignore
+++ b/.gitignore
@ -64,3 +64,5 @@ certmonger-0.28.tar.gz
 /certmonger-0.73.tar.gz.sig
 /certmonger-0.74.tar.gz
 /certmonger-0.74.tar.gz.sig
 /certmonger-0.75.tar.gz
 /certmonger-0.75.tar.gz.sig
--- a/certmonger.spec
+++ b/certmonger.spec
@ -19,8 +19,8 @@
 %endif
 Name:		certmonger
-Version:	0.74
+Version:	0.75
-Release:	2%{?dist}
+Release:	1%{?dist}
 Summary:	Certificate status monitor and PKI enrollment client
 Group:		System Environment/Daemons
@ -30,7 +30,8 @@ Source0:	http://fedorahosted.org/released/certmonger/certmonger-%{version}.tar.g
 Source1:	http://fedorahosted.org/released/certmonger/certmonger-%{version}.tar.gz.sig
 BuildRoot:	%(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
-BuildRequires:	dbus-devel, nspr-devel, nss-devel, openssl-devel
+BuildRequires:	openldap-devel
 BuildRequires:	dbus-devel, nspr-devel, nss-devel, openssl-devel, libidn-devel
 %if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
 BuildRequires:  libuuid-devel
 %else
@ -204,9 +205,60 @@ exit 0
 %endif
 %changelog
 * Fri Jun 13 2014 Nalin Dahyabhai <nalin@redhat.com> 0.75-1
 - add a -w (wait) flag to the getcert's request/resubmit/start-tracking
  commands, and add a non-waiting status command
 * Wed Jun 11 2014 Nalin Dahyabhai <nalin@redhat.com> 0.74.96-1
 - make the trust settings we apply to CA-supplied certificates while
  saving them to NSS databases run-time configurable
 - fix compiling against EL5-era OpenSSL
 - when saving CA certificates we pull from an IPA server, nickname
  it using the realm name with " IPA CA" appended rather than just
  naming it "IPA CA"
 - fix the local signer so that when it issues itself a new certificate,
  it uses the same subject name
 - add a -w flag to getcert's request, resubmit, and start-tracking
  commands, telling it to wait until either the certificate is issued,
  we get to a state where we know that we won't be able to get one, or
  we are waiting for a CA
 * Mon Jun  9 2014 Nalin Dahyabhai <nalin@redhat.com> 0.74.95-1
 - add the "local" signer, a local toy CA that signs anything you'll
  ask it to sign
 * Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.74-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
 * Fri Jun  6 2014 Nalin Dahyabhai <nalin@redhat.com> 0.74.94-1
 - fix self-test errors that we trigger with new OpenSSL
 - fix a build error that would sometimes happen when we're told to
  build PIE binaries
 - quiet a compile warning
 * Thu Jun  5 2014 Nalin Dahyabhai <nalin@redhat.com> 0.74.93-1
 - add some self-tests
 - simplify the internal submit-to-CA logic
 - fixes for more problems found through static analysis
 * Tue Jun  3 2014 Nalin Dahyabhai <nalin@redhat.com> 0.74.92-1
 - retrieve CA information from CAs, if the helpers can do so, and
  add a command to explicitly refresh that data: "getcert refresh-ca"
 - offer to save CA certificates to files and databases, when specified with
  new -a and -F flags to getcert request/resubmit/start-tracking (#1098208,
  trac #31)
 - add IP address subject alternate names when getcert request/resubmit
  is passed the -A option (trac #35)
 - read and cache the freshestCRL extension in certificates
 - properly interpret KDC-unreachable errors encountered in the IPA
  submission error as a server-unreachable error that we will retry,
  rather than a misconfiguration error which we won't
 - don't let tests get tripped up by new formatting used in dos2unix status
  messages (#1099080)
 - updated translations
 - be explicit that we are going to use bashisms in test scripts by calling
  the shell interpreter as 'bash' rather than 'sh' (trac #27)
 * Thu Apr  3 2014 Nalin Dahyabhai <nalin@redhat.com> 0.74-1
 - also save state when we exit due to SIGHUP
 - don't get tripped up when enrollment helpers hand us certificates which
--- a/4
+++ b/4
@ -1,2 +1,2 @@
-cd73eed2f6ef837a790286d0998c6c47  certmonger-0.74.tar.gz
+e84ed86a9392b1a49a01149cea669ddc  certmonger-0.75.tar.gz
-1764071325f7e7d6d143862a88e07071  certmonger-0.74.tar.gz.sig
+79c053b21ee1a58824205eb08f9c06df  certmonger-0.75.tar.gz.sig
`@ -1,2 +1,2 @@`
	`cd73eed2f6ef837a790286d0998c6c47 certmonger-0.74.tar.gz`	`e84ed86a9392b1a49a01149cea669ddc certmonger-0.75.tar.gz`
	`1764071325f7e7d6d143862a88e07071 certmonger-0.74.tar.gz.sig`	`79c053b21ee1a58824205eb08f9c06df certmonger-0.75.tar.gz.sig`