From 7433273f05714fb9dfcf5eecc12ba577d8e0d193 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Mon, 21 Aug 2017 18:26:05 -0400 Subject: [PATCH] Reformat certificates returned by Dogtag. Dogtag was including a spurious newline before -----END CERTIFICATE----- --- ...rmat-certificates-returned-by-Dogtag.patch | 273 ++++++++++++++++++ 0002-Add-missing-test-input-to-dist.patch | 24 ++ certmonger.spec | 13 +- 3 files changed, 309 insertions(+), 1 deletion(-) create mode 100644 0001-Reformat-certificates-returned-by-Dogtag.patch create mode 100644 0002-Add-missing-test-input-to-dist.patch diff --git a/0001-Reformat-certificates-returned-by-Dogtag.patch b/0001-Reformat-certificates-returned-by-Dogtag.patch new file mode 100644 index 0000000..2b14302 --- /dev/null +++ b/0001-Reformat-certificates-returned-by-Dogtag.patch @@ -0,0 +1,273 @@ +From 5d12514863a9676c2a67bf78d487d4e867caba73 Mon Sep 17 00:00:00 2001 +From: Nalin Dahyabhai +Date: Tue, 15 Aug 2017 18:12:44 -0400 +Subject: [PATCH] Reformat certificates returned by Dogtag + +The formatting of PEM certificates returned by Dogtag may not match our +ideal, so strip off the PEM header and footer and reformat them +ourselves before outputting them. Should fix #76. + +Signed-off-by: Nalin Dahyabhai +--- + src/submit-d.c | 16 +++ + tests/019-dparse/expected.out | 46 ++++++- + .../good.displayCertFromRequest-extra-line | 145 +++++++++++++++++++++ + 3 files changed, 206 insertions(+), 1 deletion(-) + create mode 100644 tests/019-dparse/good.displayCertFromRequest-extra-line + +diff --git a/src/submit-d.c b/src/submit-d.c +index f7683c6..5a4edb3 100644 +--- a/src/submit-d.c ++++ b/src/submit-d.c +@@ -568,6 +568,8 @@ cm_submit_d_fetch_result(void *parent, const char *xml, + char **error, char **status, + char **requestId, char **cert) + { ++ char *stripped, *reformatted; ++ + *error = cm_submit_d_xml_value(parent, xml, + "/xml/fixed/unexpectedError"); + *status = cm_submit_d_xml_value(parent, xml, +@@ -576,6 +578,20 @@ cm_submit_d_fetch_result(void *parent, const char *xml, + "/xml/header/requestId"); + *cert = cm_submit_d_xml_value(parent, xml, + "/xml/records/record/base64Cert"); ++ if (*cert != NULL) { ++ /* The formatting of the certificate includes an extra blank line after the ++ * last line of base64 data, before the END line, which can trip up some ++ * parsers. Clean it up here. */ ++ stripped = cm_submit_u_base64_from_text(*cert); ++ if (stripped != NULL) { ++ reformatted = cm_submit_u_pem_from_base64("CERTIFICATE", 0, stripped); ++ if (reformatted != NULL) { ++ *cert = talloc_strdup(parent, reformatted); ++ free(reformatted); ++ } ++ free(stripped); ++ } ++ } + return 0; + } + +diff --git a/tests/019-dparse/expected.out b/tests/019-dparse/expected.out +index 0088ef0..5b03c05 100644 +--- a/tests/019-dparse/expected.out ++++ b/tests/019-dparse/expected.out +@@ -66,6 +66,28 @@ LCT7m5N535pDf4tELcXRQAUv/xTp7F5O84pp8Bez14iVTtKazqseq5K7EKCsRXfW + FxfR4qHzwpD9Q7rvTzFP2/J/Cr8= + -----END CERTIFICATE----- + ++[fetch-as-agent(good.displayCertFromRequest-extra-line) = ISSUED] ++requestId="11",cert="-----BEGIN CERTIFICATE-----" ++-----BEGIN CERTIFICATE----- ++MIIDEDCCAfigAwIBAgIBCzANBgkqhkiG9w0BAQsFADA5MRcwFQYDVQQKEw5CT1Mu ++UkVESEFULkNPTTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTEy ++MDYyNTIxMDcxMloXDTE2MDYyNTIxMDcxMlowNzEXMBUGA1UEChMOQk9TLlJFREhB ++VC5DT00xHDAaBgNVBAMTE09iamVjdCBTaWduaW5nIENlcnQwggEiMA0GCSqGSIb3 ++DQEBAQUAA4IBDwAwggEKAoIBAQCmZoqUb8hHS6E/MmrlimQlhLHlPdxlJZn3de0K ++8vHWCuyBqM9tmISsoSYHOdCm/c6vrVwwSMkn5HMjjWsJGKNdZouBmlA1WuiMDjWF ++r7WexGUd34lUlliG6VQdIdkQMn9rjG+W8wTEOPCxlUBUwUBzIyZ3XDe0eCIN7NBL ++wh7efZZjRgln8mH7aEGaUug2tOqj2niudXZZLLMthU/f74pdBTD+EXiAkEjN8j12 ++ba2Zv5mDyDqan5WDMf9a9EbDwMnFKU7/SEDCvra2jrQNPKu/dRsBvGdzqgEJDuNa ++Wrn/kSz2worbW2c7V9jLgsYSjTLeYIAulCifIzBG9bisAT8DAgMBAAGjJTAjMA4G ++A1UdDwEB/wQEAwIChDARBglghkgBhvhCAQEEBAMCBBAwDQYJKoZIhvcNAQELBQAD ++ggEBAJzERxUVdka5UF98Ks9Lj4Y69yoiIFRYswLsCYZoP8rwZlW4aprtE/caz3nb ++mFKSG1oS84DZ/d3wnvSBhdbfBLh59YH9eJnRZPS8Q+jIRkg9VSnleQTJg+kIngUZ ++eWBSUUSfAI6BrgdaFB4us7i0yWJTorRh/Te69M3UKNVfx8LJsPt/nG2nQW/X0ydJ ++LCT7m5N535pDf4tELcXRQAUv/xTp7F5O84pp8Bez14iVTtKazqseq5K7EKCsRXfW ++4zj1FewSYaEaTHyBrcwwArEyBbdkC5cdwfJUVvNFWXrfYiCy6yBmTCQbrucmqC0M ++FxfR4qHzwpD9Q7rvTzFP2/J/Cr8= ++-----END CERTIFICATE----- ++ + [profiles-as-agent(good.profileList) = ISSUED] + error_code="0",error_reason="" + caUserCert +@@ -204,6 +226,28 @@ LCT7m5N535pDf4tELcXRQAUv/xTp7F5O84pp8Bez14iVTtKazqseq5K7EKCsRXfW + FxfR4qHzwpD9Q7rvTzFP2/J/Cr8= + -----END CERTIFICATE----- + ++[fetch-as-end-entity(good.displayCertFromRequest-extra-line) = ISSUED] ++requestId="11",cert="-----BEGIN CERTIFICATE-----" ++-----BEGIN CERTIFICATE----- ++MIIDEDCCAfigAwIBAgIBCzANBgkqhkiG9w0BAQsFADA5MRcwFQYDVQQKEw5CT1Mu ++UkVESEFULkNPTTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTEy ++MDYyNTIxMDcxMloXDTE2MDYyNTIxMDcxMlowNzEXMBUGA1UEChMOQk9TLlJFREhB ++VC5DT00xHDAaBgNVBAMTE09iamVjdCBTaWduaW5nIENlcnQwggEiMA0GCSqGSIb3 ++DQEBAQUAA4IBDwAwggEKAoIBAQCmZoqUb8hHS6E/MmrlimQlhLHlPdxlJZn3de0K ++8vHWCuyBqM9tmISsoSYHOdCm/c6vrVwwSMkn5HMjjWsJGKNdZouBmlA1WuiMDjWF ++r7WexGUd34lUlliG6VQdIdkQMn9rjG+W8wTEOPCxlUBUwUBzIyZ3XDe0eCIN7NBL ++wh7efZZjRgln8mH7aEGaUug2tOqj2niudXZZLLMthU/f74pdBTD+EXiAkEjN8j12 ++ba2Zv5mDyDqan5WDMf9a9EbDwMnFKU7/SEDCvra2jrQNPKu/dRsBvGdzqgEJDuNa ++Wrn/kSz2worbW2c7V9jLgsYSjTLeYIAulCifIzBG9bisAT8DAgMBAAGjJTAjMA4G ++A1UdDwEB/wQEAwIChDARBglghkgBhvhCAQEEBAMCBBAwDQYJKoZIhvcNAQELBQAD ++ggEBAJzERxUVdka5UF98Ks9Lj4Y69yoiIFRYswLsCYZoP8rwZlW4aprtE/caz3nb ++mFKSG1oS84DZ/d3wnvSBhdbfBLh59YH9eJnRZPS8Q+jIRkg9VSnleQTJg+kIngUZ ++eWBSUUSfAI6BrgdaFB4us7i0yWJTorRh/Te69M3UKNVfx8LJsPt/nG2nQW/X0ydJ ++LCT7m5N535pDf4tELcXRQAUv/xTp7F5O84pp8Bez14iVTtKazqseq5K7EKCsRXfW ++4zj1FewSYaEaTHyBrcwwArEyBbdkC5cdwfJUVvNFWXrfYiCy6yBmTCQbrucmqC0M ++FxfR4qHzwpD9Q7rvTzFP2/J/Cr8= ++-----END CERTIFICATE----- ++ + [profiles-as-end-entity(good.profileList) = ISSUED] + error_code="0",error_reason="" + caUserCert +@@ -276,4 +320,4 @@ Server at "FETCH" replied: Request ID 19 was not found in the request queue. + [fetch-as-end-entity(bad.displayCertFromRequest.rejected) = REJECTED] + error="Request ID 17 was not completed.",status="7" + Server at "FETCH" replied: Request ID 17 was not completed. +-48 samples. ++50 samples. +diff --git a/tests/019-dparse/good.displayCertFromRequest-extra-line b/tests/019-dparse/good.displayCertFromRequest-extra-line +new file mode 100644 +index 0000000..ef5a8e6 +--- /dev/null ++++ b/tests/019-dparse/good.displayCertFromRequest-extra-line +@@ -0,0 +1,145 @@ ++
true11
http9180rapier.bos.redhat.comrapier.bos.redhat.com11Certificate Manager9180MD2: ++ 2B:E7:39:53:38:28:68:11:65:8A:E3:7B:36:4E:A9:44 ++MD5: ++ 68:3F:AF:2C:38:37:E8:3E:5A:B5:4E:AE:40:54:2F:12 ++SHA1: ++ D2:E1:1C:C4:CD:53:03:2C:62:CC:4F:68:60:52:A3:DC: ++ 2F:2B:64:89 ++SHA256: ++ B8:DA:7A:D4:79:75:63:2B:59:D4:C5:B9:61:3C:59:60: ++ E6:A3:7C:38:EE:55:48:45:CB:B8:91:D0:CB:C7:E6:5F ++SHA512: ++ 8F:E1:12:D0:A5:D7:C0:B0:77:D6:56:22:B7:4C:96:D3: ++ 8F:F0:8E:0B:25:8D:48:E5:8F:15:44:44:B0:51:B4:96: ++ AE:DC:01:B1:EF:34:E5:48:20:CB:31:6B:00:20:3B:F4: ++ 30:1D:86:74:B1:CA:4F:4F:DD:6C:20:2B:75:DB:89:51MIIG3gYJKoZIhvcNAQcCoIIGzzCCBssCAQExADAPBgkqhkiG9w0BBwGgAgQAoIIG ++rzCCAxAwggH4oAMCAQICAQswDQYJKoZIhvcNAQELBQAwOTEXMBUGA1UEChMOQk9T ++LlJFREhBVC5DT00xHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0x ++MjA2MjUyMTA3MTJaFw0xNjA2MjUyMTA3MTJaMDcxFzAVBgNVBAoTDkJPUy5SRURI ++QVQuQ09NMRwwGgYDVQQDExNPYmplY3QgU2lnbmluZyBDZXJ0MIIBIjANBgkqhkiG ++9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmaKlG/IR0uhPzJq5YpkJYSx5T3cZSWZ93Xt ++CvLx1grsgajPbZiErKEmBznQpv3Or61cMEjJJ+RzI41rCRijXWaLgZpQNVrojA41 ++ha+1nsRlHd+JVJZYhulUHSHZEDJ/a4xvlvMExDjwsZVAVMFAcyMmd1w3tHgiDezQ ++S8Ie3n2WY0YJZ/Jh+2hBmlLoNrTqo9p4rnV2WSyzLYVP3++KXQUw/hF4gJBIzfI9 ++dm2tmb+Zg8g6mp+VgzH/WvRGw8DJxSlO/0hAwr62to60DTyrv3UbAbxnc6oBCQ7j ++Wlq5/5Es9sKK21tnO1fYy4LGEo0y3mCALpQonyMwRvW4rAE/AwIDAQABoyUwIzAO ++BgNVHQ8BAf8EBAMCAoQwEQYJYIZIAYb4QgEBBAQDAgQQMA0GCSqGSIb3DQEBCwUA ++A4IBAQCcxEcVFXZGuVBffCrPS4+GOvcqIiBUWLMC7AmGaD/K8GZVuGqa7RP3Gs95 ++25hSkhtaEvOA2f3d8J70gYXW3wS4efWB/XiZ0WT0vEPoyEZIPVUp5XkEyYPpCJ4F ++GXlgUlFEnwCOga4HWhQeLrO4tMliU6K0Yf03uvTN1CjVX8fCybD7f5xtp0Fv19Mn ++SSwk+5uTed+aQ3+LRC3F0UAFL/8U6exeTvOKafAXs9eIlU7Sms6rHquSuxCgrEV3 ++1uM49RXsEmGhGkx8ga3MMAKxMgW3ZAuXHcHyVFbzRVl632IgsusgZkwkG67nJqgt ++DBcX0eKh88KQ/UO6708xT9vyfwq/MIIDlzCCAn+gAwIBAgIBATANBgkqhkiG9w0B ++AQsFADA5MRcwFQYDVQQKEw5CT1MuUkVESEFULkNPTTEeMBwGA1UEAxMVQ2VydGlm ++aWNhdGUgQXV0aG9yaXR5MB4XDTEyMDYyNTIxMDQxNFoXDTIwMDYyNTIxMDQxNFow ++OTEXMBUGA1UEChMOQk9TLlJFREhBVC5DT00xHjAcBgNVBAMTFUNlcnRpZmljYXRl ++IEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKQDgery ++1wgDVSs2yLo1vM0QCPOFi12T5ree2J/ian0dfHbSS9T2GC2TQwjgJLFUnQGkKZ9P ++TnASJSbPrILl19W/k+QwW3fPqvt+ryvXtK2Ezd3nFVUt6oKxj2bqxC0vS04k0Bab ++qBfAiRILI4VKUgPWu3YI3k8Nret4+dUmA8EkfBe/FiCdAXdlxWRfkXiiKX6JRfVx ++0xweVfw0IDJopNFqAeznvre6fHpzROqw3JKXgagBGYLRgLlontbHnY8teJjlrbBe ++HQDKn3iOpjkWwHihYkODVSNr3lK8NnfeRjX2+qMOKzX6nkEpz1wigS+/BTtkrRDa ++AB+oRKKR5D9Zy2sCAwEAAaOBqTCBpjAfBgNVHSMEGDAWgBT5QugkOI4hLnyQxmRS ++gyB6JXCJmDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBxjAdBgNVHQ4E ++FgQU+ULoJDiOIS58kMZkUoMgeiVwiZgwQwYIKwYBBQUHAQEENzA1MDMGCCsGAQUF ++BzABhidodHRwOi8vcmFwaWVyLmJvcy5yZWRoYXQuY29tOjgwL2NhL29jc3AwDQYJ ++KoZIhvcNAQELBQADggEBAC/7xtbqCLTNX/ctz3NW+TDRQcSBftVWMDK8G+4TAjKa ++vsZdVnEKJAxo9UAcQL7A8/NFhxDwFGc3gF4agkGuZAMyZzUwynpY26yLyM4mBviv ++KhJBvbNOykB5BdAags04/Zlb1Bgg9PZqc5ErjcICKTmBAmVxQ0Nzlv49Ts9kNTa+ ++RZfNvne05dxNdJdPOWX7SHlh0GA/E6d/9+mlNn8x0uHMhbGlLC4EifeiijOyOLwH ++6gwPXRPij+95RLxpRA6lXKVEUc5Iu2iZOn25b3xrYL7hFilzLA05vM/Z67UkJbBn ++a01OM5RZIURKD5IGIuD6BTD/u0qzNq4EEF2HedELdVUxAA==bCertificate: ++ Data: ++ Version: v3 ++ Serial Number: 0xB ++ Signature Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 ++ Issuer: CN=Certificate Authority,O=BOS.REDHAT.COM ++ Validity: ++ Not Before: Monday, June 25, 2012 5:07:12 PM EDT America/New_York ++ Not After: Saturday, June 25, 2016 5:07:12 PM EDT America/New_York ++ Subject: CN=Object Signing Cert,O=BOS.REDHAT.COM ++ Subject Public Key Info: ++ Algorithm: RSA - 1.2.840.113549.1.1.1 ++ Public Key: ++ Exponent: 65537 ++ Public Key Modulus: (2048 bits) : ++ A6:66:8A:94:6F:C8:47:4B:A1:3F:32:6A:E5:8A:64:25: ++ 84:B1:E5:3D:DC:65:25:99:F7:75:ED:0A:F2:F1:D6:0A: ++ EC:81:A8:CF:6D:98:84:AC:A1:26:07:39:D0:A6:FD:CE: ++ AF:AD:5C:30:48:C9:27:E4:73:23:8D:6B:09:18:A3:5D: ++ 66:8B:81:9A:50:35:5A:E8:8C:0E:35:85:AF:B5:9E:C4: ++ 65:1D:DF:89:54:96:58:86:E9:54:1D:21:D9:10:32:7F: ++ 6B:8C:6F:96:F3:04:C4:38:F0:B1:95:40:54:C1:40:73: ++ 23:26:77:5C:37:B4:78:22:0D:EC:D0:4B:C2:1E:DE:7D: ++ 96:63:46:09:67:F2:61:FB:68:41:9A:52:E8:36:B4:EA: ++ A3:DA:78:AE:75:76:59:2C:B3:2D:85:4F:DF:EF:8A:5D: ++ 05:30:FE:11:78:80:90:48:CD:F2:3D:76:6D:AD:99:BF: ++ 99:83:C8:3A:9A:9F:95:83:31:FF:5A:F4:46:C3:C0:C9: ++ C5:29:4E:FF:48:40:C2:BE:B6:B6:8E:B4:0D:3C:AB:BF: ++ 75:1B:01:BC:67:73:AA:01:09:0E:E3:5A:5A:B9:FF:91: ++ 2C:F6:C2:8A:DB:5B:67:3B:57:D8:CB:82:C6:12:8D:32: ++ DE:60:80:2E:94:28:9F:23:30:46:F5:B8:AC:01:3F:03 ++ Extensions: ++ Identifier: Key Usage: - 2.5.29.15 ++ Critical: yes ++ Key Usage: ++ Digital Signature ++ Key CertSign ++ Identifier: Netscape Certificate Type - 2.16.840.1.113730.1.1 ++ Critical: no ++ Certificate Usage: ++ Object Signing ++ Signature: ++ Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 ++ Signature: ++ 9C:C4:47:15:15:76:46:B9:50:5F:7C:2A:CF:4B:8F:86: ++ 3A:F7:2A:22:20:54:58:B3:02:EC:09:86:68:3F:CA:F0: ++ 66:55:B8:6A:9A:ED:13:F7:1A:CF:79:DB:98:52:92:1B: ++ 5A:12:F3:80:D9:FD:DD:F0:9E:F4:81:85:D6:DF:04:B8: ++ 79:F5:81:FD:78:99:D1:64:F4:BC:43:E8:C8:46:48:3D: ++ 55:29:E5:79:04:C9:83:E9:08:9E:05:19:79:60:52:51: ++ 44:9F:00:8E:81:AE:07:5A:14:1E:2E:B3:B8:B4:C9:62: ++ 53:A2:B4:61:FD:37:BA:F4:CD:D4:28:D5:5F:C7:C2:C9: ++ B0:FB:7F:9C:6D:A7:41:6F:D7:D3:27:49:2C:24:FB:9B: ++ 93:79:DF:9A:43:7F:8B:44:2D:C5:D1:40:05:2F:FF:14: ++ E9:EC:5E:4E:F3:8A:69:F0:17:B3:D7:88:95:4E:D2:9A: ++ CE:AB:1E:AB:92:BB:10:A0:AC:45:77:D6:E3:38:F5:15: ++ EC:12:61:A1:1A:4C:7C:81:AD:CC:30:02:B1:32:05:B7: ++ 64:0B:97:1D:C1:F2:54:56:F3:45:59:7A:DF:62:20:B2: ++ EB:20:66:4C:24:1B:AE:E7:26:A8:2D:0C:17:17:D1:E2: ++ A1:F3:C2:90:FD:43:BA:EF:4F:31:4F:DB:F2:7F:0A:BF ++ FingerPrint ++ MD2: ++ 2B:E7:39:53:38:28:68:11:65:8A:E3:7B:36:4E:A9:44 ++ MD5: ++ 68:3F:AF:2C:38:37:E8:3E:5A:B5:4E:AE:40:54:2F:12 ++ SHA1: ++ D2:E1:1C:C4:CD:53:03:2C:62:CC:4F:68:60:52:A3:DC: ++ 2F:2B:64:89 ++ SHA256: ++ B8:DA:7A:D4:79:75:63:2B:59:D4:C5:B9:61:3C:59:60: ++ E6:A3:7C:38:EE:55:48:45:CB:B8:91:D0:CB:C7:E6:5F ++ SHA512: ++ 8F:E1:12:D0:A5:D7:C0:B0:77:D6:56:22:B7:4C:96:D3: ++ 8F:F0:8E:0B:25:8D:48:E5:8F:15:44:44:B0:51:B4:96: ++ AE:DC:01:B1:EF:34:E5:48:20:CB:31:6B:00:20:3B:F4: ++ 30:1D:86:74:B1:CA:4F:4F:DD:6C:20:2B:75:DB:89:51-----BEGIN CERTIFICATE----- ++MIIDEDCCAfigAwIBAgIBCzANBgkqhkiG9w0BAQsFADA5MRcwFQYDVQQKEw5CT1Mu ++UkVESEFULkNPTTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTEy ++MDYyNTIxMDcxMloXDTE2MDYyNTIxMDcxMlowNzEXMBUGA1UEChMOQk9TLlJFREhB ++VC5DT00xHDAaBgNVBAMTE09iamVjdCBTaWduaW5nIENlcnQwggEiMA0GCSqGSIb3 ++DQEBAQUAA4IBDwAwggEKAoIBAQCmZoqUb8hHS6E/MmrlimQlhLHlPdxlJZn3de0K ++8vHWCuyBqM9tmISsoSYHOdCm/c6vrVwwSMkn5HMjjWsJGKNdZouBmlA1WuiMDjWF ++r7WexGUd34lUlliG6VQdIdkQMn9rjG+W8wTEOPCxlUBUwUBzIyZ3XDe0eCIN7NBL ++wh7efZZjRgln8mH7aEGaUug2tOqj2niudXZZLLMthU/f74pdBTD+EXiAkEjN8j12 ++ba2Zv5mDyDqan5WDMf9a9EbDwMnFKU7/SEDCvra2jrQNPKu/dRsBvGdzqgEJDuNa ++Wrn/kSz2worbW2c7V9jLgsYSjTLeYIAulCifIzBG9bisAT8DAgMBAAGjJTAjMA4G ++A1UdDwEB/wQEAwIChDARBglghkgBhvhCAQEEBAMCBBAwDQYJKoZIhvcNAQELBQAD ++ggEBAJzERxUVdka5UF98Ks9Lj4Y69yoiIFRYswLsCYZoP8rwZlW4aprtE/caz3nb ++mFKSG1oS84DZ/d3wnvSBhdbfBLh59YH9eJnRZPS8Q+jIRkg9VSnleQTJg+kIngUZ ++eWBSUUSfAI6BrgdaFB4us7i0yWJTorRh/Te69M3UKNVfx8LJsPt/nG2nQW/X0ydJ ++LCT7m5N535pDf4tELcXRQAUv/xTp7F5O84pp8Bez14iVTtKazqseq5K7EKCsRXfW ++4zj1FewSYaEaTHyBrcwwArEyBbdkC5cdwfJUVvNFWXrfYiCy6yBmTCQbrucmqC0M ++FxfR4qHzwpD9Q7rvTzFP2/J/Cr8= ++ ++-----END CERTIFICATE----- +-- +2.9.5 + diff --git a/0002-Add-missing-test-input-to-dist.patch b/0002-Add-missing-test-input-to-dist.patch new file mode 100644 index 0000000..fce85a7 --- /dev/null +++ b/0002-Add-missing-test-input-to-dist.patch @@ -0,0 +1,24 @@ +From 052e17dc3035d543d9f2157cd14754ce57395151 Mon Sep 17 00:00:00 2001 +From: Fraser Tweedale +Date: Thu, 17 Aug 2017 19:24:43 +1000 +Subject: [PATCH] Add missing test input to dist + +--- + tests/Makefile.am | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/tests/Makefile.am b/tests/Makefile.am +index 5888dc02fcb3494d1c7da77d60ebc2471a702008..3f857857789431bc0d8aa56e4d9d8c71e524f2c0 100644 +--- a/tests/Makefile.am ++++ b/tests/Makefile.am +@@ -250,6 +250,7 @@ EXTRA_DIST = \ + 019-dparse/good.checkRequest.complete \ + 019-dparse/good.checkRequest.pending \ + 019-dparse/good.displayCertFromRequest \ ++ 019-dparse/good.displayCertFromRequest-extra-line \ + 019-dparse/good.profileList \ + 019-dparse/good.profileReview \ + 019-dparse/good.profileSubmit.issued \ +-- +2.13.5 + diff --git a/certmonger.spec b/certmonger.spec index ba48576..e306374 100644 --- a/certmonger.spec +++ b/certmonger.spec @@ -26,7 +26,7 @@ Name: certmonger Version: 0.79.4 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Certificate status monitor and PKI enrollment client Group: System Environment/Daemons @@ -34,6 +34,9 @@ License: GPLv3+ URL: http://pagure.io/certmonger/ Source0: http://releases.pagure.org/certmonger/certmonger-%{version}.tar.gz #Source1: http://releases.pagure.org/certmonger/certmonger-%{version}.tar.gz.sig +Patch1: 0001-Reformat-certificates-returned-by-Dogtag.patch +Patch2: 0002-Add-missing-test-input-to-dist.patch + BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) BuildRequires: openldap-devel @@ -114,6 +117,10 @@ system enrolled with a certificate authority (CA) and keeping it enrolled. %prep %setup -q +# Note: Don't save backups for Patch1 otherwise the backup will be treated +# as something to test and it will fail. +%patch1 -p1 +%patch2 -p1 -b .add_test_dist %if 0%{?rhel} > 0 # Enabled by default for RHEL for bug #765600, still disabled by default for # Fedora pending a similar bug report there. @@ -243,6 +250,10 @@ exit 0 %endif %changelog +* Wed Aug 16 2017 Rob Crittenden 0.79.4-2 +- Reformat certificates returned by Dogtag. Dogtag was including + a spurious newline before -----END CERTIFICATE----- + * Mon Aug 7 2017 Rob Crittenden 0.79.4-1 - update to 0.79.4 - fix CA option name for ipa cert-request