diff --git a/.gitignore b/.gitignore index fd70b8f..f1db380 100644 --- a/.gitignore +++ b/.gitignore @@ -72,3 +72,5 @@ certmonger-0.28.tar.gz /certmonger-0.75.2.tar.gz.sig /certmonger-0.75.3.tar.gz /certmonger-0.75.3.tar.gz.sig +/certmonger-0.75.5.tar.gz +/certmonger-0.75.5.tar.gz.sig diff --git a/certmonger.spec b/certmonger.spec index ab64ae4..52c9385 100644 --- a/certmonger.spec +++ b/certmonger.spec @@ -19,7 +19,7 @@ %endif Name: certmonger -Version: 0.75.3 +Version: 0.75.5 Release: 1%{?dist} Summary: Certificate status monitor and PKI enrollment client @@ -69,14 +69,14 @@ Requires: dbus %if %{systemd} BuildRequires: systemd-units Requires(post): systemd-units -Requires(preun): systemd-units +Requires(preun): systemd-units, dbus, sed Requires(postun): systemd-units Requires(post): systemd-sysv %endif %if %{sysvinit} Requires(post): /sbin/chkconfig, /sbin/service -Requires(preun): /sbin/chkconfig, /sbin/service +Requires(preun): /sbin/chkconfig, /sbin/service, dbus, sed %endif %if 0%{?fedora} >= 15 @@ -139,6 +139,22 @@ fi /sbin/chkconfig --add certmonger %endif +%triggerin -- certmonger < 0.58 +if test $1 -gt 1 ; then + # If the daemon is running, remove knowledge of the dogtag renewer. + objpath=`dbus-send --system --reply-timeout=10000 --dest=org.fedorahosted.certmonger --print-reply=o /org/fedorahosted/certmonger org.fedorahosted.certmonger.find_ca_by_nickname string:dogtag-ipa-renew-agent 2> /dev/null | sed -r 's,^ +,,g' || true` + if test -n "$objpath" ; then + dbus-send --system --dest=org.fedorahosted.certmonger --print-reply /org/fedorahosted/certmonger org.fedorahosted.certmonger.remove_known_ca objpath:"$objpath" >/dev/null 2> /dev/null + fi + # Remove the data file, in case it isn't running. + for cafile in %{_localstatedir}/lib/certmonger/cas/* ; do + if grep -q '^id=dogtag-ipa-renew-agent$' "$cafile" ; then + rm -f "$cafile" + fi + done +fi +exit 0 + %postun %if %{systemd} /bin/systemctl daemon-reload >/dev/null 2>&1 || : @@ -205,6 +221,18 @@ exit 0 %endif %changelog +* Fri Jun 20 2014 Nalin Dahyabhai 0.75.5-1 +- documentation updates + +* Fri Jun 20 2014 Nalin Dahyabhai 0.75.4-2 +- add a %%trigger to remove knowledge of the "dogtag-ipa-renew-agent" CA + when we detect certmonger versions prior to 0.58 being installed, to + avoid cases where some older versions choke on CAs with nicknames that + contain characters that can't legally be part of a D-Bus name (#948993) + +* Thu Jun 19 2014 Nalin Dahyabhai 0.75.4-1 +- fix creation and packaging of the "local" CA's data directory + * Wed Jun 18 2014 Nalin Dahyabhai 0.75.3-1 - read and cache whether or not we saw a noOCSPcheck extension in certificates - documentation updates diff --git a/sources b/sources index 4a07f6a..ee0dd9a 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -2088f19f7960921b6a57dd1f40825117 certmonger-0.75.3.tar.gz -671baa190200a0ecd5cb956343bbf471 certmonger-0.75.3.tar.gz.sig +369319933330f52cbd5766fa5b2302da certmonger-0.75.5.tar.gz +eac9d128077176f1fd49661400a99ffd certmonger-0.75.5.tar.gz.sig