Commit Graph

29 Commits

Author SHA1 Message Date
Nalin Dahyabhai
ef57f434b8 - update to 0.46 2011-08-15 15:42:36 -04:00
Nalin Dahyabhai
653879e39b - treat the ability to access keys in an NSS database without using a PIN,
when we've been told we need one, as an error (#692766, really this time)
2011-08-15 15:37:00 -04:00
Nalin Dahyabhai
b81a31a3da - modify the systemd .service file to be a proper 'dbus' service (more of #718172) 2011-08-11 13:56:57 -04:00
Nalin Dahyabhai
c5c48c7ba2 - update to 0.44:
- check specifically for cases where a specified token that we need to
    use just isn't present for whatever reason (#697058)
2011-08-11 11:50:26 -04:00
Nalin Dahyabhai
8cea822712 - update to 0.43 2011-08-10 18:24:45 -04:00
Nalin Dahyabhai
a15951ae49 - getcert: fix a buffer overrun preparing a request for the daemon when
there are more parameters to encode than space in the array (#696185)
- updated translations: de, es, id, pl, ru, uk
2011-04-13 10:29:00 -04:00
Nalin Dahyabhai
cc3917e153 - update to 0.41 2011-04-11 17:35:07 -04:00
Nalin Dahyabhai
933d5c2933 - update to 0.40
- fix validation check on EKU OIDs in getcert (#691351)
  - get session bus mode sorted
  - add a list of recognized EKU values to the getcert-request man page
2011-03-28 17:14:09 -04:00
Nalin Dahyabhai
3749ef64b7 - update to 0.39
- fix use of an uninitialized variable in the xmlrpc-based submission helpers (#690886)
2011-03-25 14:12:02 -04:00
Nalin Dahyabhai
838b40e07a - update to 0.38
- catch cases where we can't read a PIN file, but we never have to log
    in to the token to access the private key (more of #688229)
2011-03-24 15:30:29 -04:00
Nalin Dahyabhai
2329f71493 - update to 0.37
- be more careful about checking if we can read a PIN file successfully
    before we even call an API that might need us to try (#688229)
  - fix strict aliasing warnings
2011-03-22 19:33:39 -04:00
Nalin Dahyabhai
2a98aebb9c - update to 0.36
- fix some use-after-free bugs in the daemon (#689776)
  - fix a copy/paste error in certmonger-ipa-submit(8)
  - getcert now suppresses error details when not given its new -v option
    (#683926, more of #681641/#652047)
  - updated translations
    - de, es, pl, ru, uk
    - indonesian translation is now for "id" rather than "in"
2011-03-22 11:44:09 -04:00
Nalin Dahyabhai
a1bb00ae72 - update to 0.35.1, because there's a leap day between now and a year from now 2011-03-02 15:51:28 -05:00
Nalin Dahyabhai
664b62c20a - self-test fixes to rebuild properly in mock (#670322) 2011-02-14 17:46:45 -05:00
Nalin Dahyabhai
469401701f - update to 0.34 2011-01-14 10:02:47 -05:00
Nalin Dahyabhai
a20057c7d4 update to 0.32 2010-11-30 13:58:31 -05:00
Nalin Dahyabhai
d5f4fb6175 - whoops, drop old source 2010-08-25 15:53:10 -04:00
Nalin Dahyabhai
c00dcb498c - update to 0.30
- fix bugs caught by self-tests
2010-08-25 15:51:50 -04:00
Nalin Dahyabhai
0250202b6c - fix self-signing certificate notBefore and notAfter values on 32-bit machines
- portability and test fixes
2010-08-23 12:04:13 -04:00
Nalin Dahyabhai
6f0969ce62 - update to 0.26
- when canceling a submission request that's being handled by a helper,
    reap the child process's status after killing it (#624120)
  - update to 0.25
    - new translations
      - in by Okta Purnama Rahadian!
    - fix detection of cases where we can't access a private key in an NSS
      database because we don't have the PIN
    - teach '*getcert start-tracking' about the -p and -P options which the
      '*getcert request' commands already understand (#621670), and also
      the -U, -K, -E, and -D flags
    - double-check that the nicknames of keys we get back from
      PK11_ListPrivKeysInSlot() match the desired nickname before accepting
      them as matches, so that our tests won't all blow up on EL5
    - fix dynamic addition and removal of CAs implemented through helpers
    - init script: ensure that the subsys lock is created whenever we're called to
      "start" when we're already running (even more of #596719)
    - more gracefully handle manual daemon startups and cleaning up of unexpected
      crashes (still more of #596719)
    - don't create the daemon pidfile until after we've connected to the D-Bus
      (still more of #596719)
2010-08-13 14:35:38 -04:00
Nalin Dahyabhai
f8d7e57c9a - update to 0.24
- keep the lock on the pid file, if we have one, when we fork, and cancel
    daemon startup if we can't gain ownership of the lock (the rest of
    #596719)
- make the man pages note which external configuration files we consult
    when submitting requests to certmaster and ipa CAs
2010-06-08 15:26:12 +00:00
Nalin Dahyabhai
599e094b4d - update to 0.23
- new translations
- pl by Piotr Drąg!
- cancel daemon startup if we can't gain ownership of our well-known
    service name on the DBus (#596719)
2010-05-27 22:32:54 +00:00
Nalin Dahyabhai
ab20852900 - update to 0.22
- new translations
- de by Fabian Affolter!
- certmaster-submit: don't fall over when we can't find a certmaster.conf
    or a minion.conf (i.e., certmaster isn't installed) (#588932)
- when reading extension values from certificates, prune out duplicate
    principal names, email addresses, and hostnames
2010-05-14 16:54:43 +00:00
Nalin Dahyabhai
a436504f7c - update to 0.21
- getcert/*-getcert: relay the desired CA to the local service, whether
    specified on the command line (in getcert) or as a built-in hard-wired
    default (in *-getcert) (#584983)
- flesh out the default certmonger.conf so that people can get a feel for
    the expected formatting (Jenny Galipeau)
2010-05-04 18:37:19 +00:00
Nalin Dahyabhai
4d4e3a63c4 - update to 0.20
- correctly parse certificate validity periods given in years (spotted by
    Stephen Gallagher)
- setup for translation
- es by Héctor Daniel Cabrera!
- ru by Yulia Poyarkova!
- uk by Yuri Chornoivan!
- fix unpreprocessed defaults in certmonger.conf's man page
- tweak the IPA-specific message that indicates a principal name also needs
    to be specified if we're not using the default subject name (#579542)
- make the validity period of self-signed certificates into a configuration
    setting and not a piece of the state information we track about the
    signer
- init script: exit with status 2 instead of 1 when invoked with an
    unrecognized argument (#584517)
2010-04-21 21:57:28 +00:00
Nalin Dahyabhai
36aa62b942 update to 0.19 2010-03-24 00:07:21 +00:00
Nalin Dahyabhai
473822dd8b - update to 0.18
- add support for using encrypted storage for keys, using PIN values
    supplied directly or read from files whose names are supplied
- don't choke on NSS database locations that use the "sql:" or "dbm:"
    prefix
2010-02-12 20:43:18 +00:00
Nalin Dahyabhai
54c0197e97 - initial import (#541072) 2010-01-27 16:04:22 +00:00
Jason ティビツ
eaf189aa23 Setup of module certmonger 2010-01-27 04:56:33 +00:00