Compare commits
No commits in common. "c8" and "c9s" have entirely different histories.
|
@ -1 +1 @@
|
||||||
ab77485e556d96c5c2b885ee3d0f27794276dfee SOURCES/certmonger-0.79.17.tar.gz
|
ab77485e556d96c5c2b885ee3d0f27794276dfee certmonger-0.79.17.tar.gz
|
||||||
|
|
|
@ -1 +1,134 @@
|
||||||
SOURCES/certmonger-0.79.17.tar.gz
|
certmonger-0.17.tar.gz
|
||||||
|
certmonger-0.18.tar.gz
|
||||||
|
certmonger-0.19.tar.gz
|
||||||
|
certmonger-0.20.tar.gz
|
||||||
|
certmonger-0.21.tar.gz
|
||||||
|
certmonger-0.22.tar.gz
|
||||||
|
certmonger-0.23.tar.gz
|
||||||
|
certmonger-0.24.tar.gz
|
||||||
|
certmonger-0.26.tar.gz
|
||||||
|
certmonger-0.28.tar.gz
|
||||||
|
/certmonger-0.30.tar.gz
|
||||||
|
/certmonger-0.32.tar.gz
|
||||||
|
/certmonger-0.34.tar.gz
|
||||||
|
/certmonger-0.35.tar.gz
|
||||||
|
/certmonger-0.35.1.tar.gz
|
||||||
|
/certmonger-0.36.tar.gz
|
||||||
|
/certmonger-0.37.tar.gz
|
||||||
|
/certmonger-0.38.tar.gz
|
||||||
|
/certmonger-0.39.tar.gz
|
||||||
|
/certmonger-0.40.tar.gz
|
||||||
|
/certmonger-0.41.tar.gz
|
||||||
|
/certmonger-0.42.tar.gz
|
||||||
|
/certmonger-0.43.tar.gz
|
||||||
|
/certmonger-0.44.tar.gz
|
||||||
|
/certmonger-0.45.tar.gz
|
||||||
|
/certmonger-0.46.tar.gz
|
||||||
|
/certmonger-0.49.tar.gz
|
||||||
|
/certmonger-0.49.tar.gz.sig
|
||||||
|
/certmonger-0.50.tar.gz
|
||||||
|
/certmonger-0.50.tar.gz.sig
|
||||||
|
/certmonger-0.51.tar.gz
|
||||||
|
/certmonger-0.51.tar.gz.sig
|
||||||
|
/certmonger-0.52.tar.gz
|
||||||
|
/certmonger-0.52.tar.gz.sig
|
||||||
|
/certmonger-0.54.tar.gz
|
||||||
|
/certmonger-0.54.tar.gz.sig
|
||||||
|
/certmonger-0.55.tar.gz
|
||||||
|
/certmonger-0.55.tar.gz.sig
|
||||||
|
/certmonger-0.56.tar.gz
|
||||||
|
/certmonger-0.56.tar.gz.sig
|
||||||
|
/certmonger-0.59.tar.gz
|
||||||
|
/certmonger-0.59.tar.gz.sig
|
||||||
|
/certmonger-0.60.tar.gz
|
||||||
|
/certmonger-0.60.tar.gz.sig
|
||||||
|
/certmonger-0.61.tar.gz
|
||||||
|
/certmonger-0.61.tar.gz.sig
|
||||||
|
/certmonger-0.62.tar.gz
|
||||||
|
/certmonger-0.62.tar.gz.sig
|
||||||
|
/certmonger-0.63.tar.gz
|
||||||
|
/certmonger-0.63.tar.gz.sig
|
||||||
|
/certmonger-0.65.tar.gz
|
||||||
|
/certmonger-0.65.tar.gz.sig
|
||||||
|
/certmonger-0.67.tar.gz
|
||||||
|
/certmonger-0.67.tar.gz.sig
|
||||||
|
/certmonger-0.68.tar.gz
|
||||||
|
/certmonger-0.68.tar.gz.sig
|
||||||
|
/certmonger-0.69.tar.gz
|
||||||
|
/certmonger-0.69.tar.gz.sig
|
||||||
|
/certmonger-0.70.tar.gz
|
||||||
|
/certmonger-0.70.tar.gz.sig
|
||||||
|
/certmonger-0.71.2.tar.gz
|
||||||
|
/certmonger-0.71.2.tar.gz.sig
|
||||||
|
/certmonger-0.73.tar.gz
|
||||||
|
/certmonger-0.73.tar.gz.sig
|
||||||
|
/certmonger-0.74.tar.gz
|
||||||
|
/certmonger-0.74.tar.gz.sig
|
||||||
|
/certmonger-0.75.tar.gz
|
||||||
|
/certmonger-0.75.tar.gz.sig
|
||||||
|
/certmonger-0.75.1.tar.gz
|
||||||
|
/certmonger-0.75.1.tar.gz.sig
|
||||||
|
/certmonger-0.75.2.tar.gz
|
||||||
|
/certmonger-0.75.2.tar.gz.sig
|
||||||
|
/certmonger-0.75.3.tar.gz
|
||||||
|
/certmonger-0.75.3.tar.gz.sig
|
||||||
|
/certmonger-0.75.5.tar.gz
|
||||||
|
/certmonger-0.75.5.tar.gz.sig
|
||||||
|
/certmonger-0.75.6.tar.gz
|
||||||
|
/certmonger-0.75.6.tar.gz.sig
|
||||||
|
/certmonger-0.75.8.tar.gz
|
||||||
|
/certmonger-0.75.8.tar.gz.sig
|
||||||
|
/certmonger-0.75.9.tar.gz
|
||||||
|
/certmonger-0.75.9.tar.gz.sig
|
||||||
|
/certmonger-0.75.10.tar.gz
|
||||||
|
/certmonger-0.75.10.tar.gz.sig
|
||||||
|
/certmonger-0.75.13.tar.gz
|
||||||
|
/certmonger-0.75.13.tar.gz.sig
|
||||||
|
/certmonger-0.75.14.tar.gz
|
||||||
|
/certmonger-0.75.14.tar.gz.sig
|
||||||
|
/certmonger-0.76.6.tar.gz
|
||||||
|
/certmonger-0.76.6.tar.gz.sig
|
||||||
|
/certmonger-0.76.7.tar.gz
|
||||||
|
/certmonger-0.76.7.tar.gz.sig
|
||||||
|
/certmonger-0.76.8.tar.gz
|
||||||
|
/certmonger-0.76.8.tar.gz.sig
|
||||||
|
/certmonger-0.77.1.tar.gz
|
||||||
|
/certmonger-0.77.1.tar.gz.sig
|
||||||
|
/certmonger-0.77.2.tar.gz
|
||||||
|
/certmonger-0.77.2.tar.gz.sig
|
||||||
|
/certmonger-0.77.3.tar.gz
|
||||||
|
/certmonger-0.77.3.tar.gz.sig
|
||||||
|
/certmonger-0.77.4.tar.gz
|
||||||
|
/certmonger-0.77.4.tar.gz.sig
|
||||||
|
/certmonger-0.77.5.tar.gz
|
||||||
|
/certmonger-0.77.5.tar.gz.sig
|
||||||
|
/certmonger-0.78.tar.gz
|
||||||
|
/certmonger-0.78.tar.gz.sig
|
||||||
|
/certmonger-0.78.1.tar.gz
|
||||||
|
/certmonger-0.78.1.tar.gz.sig
|
||||||
|
/certmonger-0.78.2.tar.gz
|
||||||
|
/certmonger-0.78.2.tar.gz.sig
|
||||||
|
/certmonger-0.78.3.tar.gz
|
||||||
|
/certmonger-0.78.3.tar.gz.sig
|
||||||
|
/certmonger-0.78.4.tar.gz
|
||||||
|
/certmonger-0.78.4.tar.gz.sig
|
||||||
|
/certmonger-0.78.5.tar.gz
|
||||||
|
/certmonger-0.78.5.tar.gz.sig
|
||||||
|
/certmonger-0.78.6.tar.gz
|
||||||
|
/certmonger-0.78.6.tar.gz.sig
|
||||||
|
/certmonger-0.79.2.tar.gz
|
||||||
|
/certmonger-0.79.2.tar.gz.sig
|
||||||
|
/certmonger-0.79.3.tar.gz
|
||||||
|
/certmonger-0.79.3.tar.gz.sig
|
||||||
|
/certmonger-0.79.4.tar.gz
|
||||||
|
/certmonger-0.79.5.tar.gz
|
||||||
|
/certmonger-0.79.6.tar.gz
|
||||||
|
/certmonger-0.79.7.tar.gz
|
||||||
|
/certmonger-0.79.8.tar.gz
|
||||||
|
/certmonger-0.79.9.tar.gz
|
||||||
|
/certmonger-0.79.10.tar.gz
|
||||||
|
/certmonger-0.79.11.tar.gz
|
||||||
|
/certmonger-0.79.12.tar.gz
|
||||||
|
/certmonger-0.79.13.tar.gz
|
||||||
|
/certmonger-0.79.14.tar.gz
|
||||||
|
/certmonger-0.79.17.tar.gz
|
||||||
|
|
|
@ -0,0 +1,54 @@
|
||||||
|
From 4ef80a8365e746d514110520c76d23433d1a378b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Rob Crittenden <rcritten@redhat.com>
|
||||||
|
Date: Mon, 22 Jan 2024 09:44:30 -0500
|
||||||
|
Subject: [PATCH 1/2] getcert: return 2 when trying to create a duplicate entry
|
||||||
|
|
||||||
|
This affects the add-ca, request and start-tracking commands.
|
||||||
|
|
||||||
|
Returning a unique return code will make scripting easier.
|
||||||
|
|
||||||
|
Fixes: https://www.pagure.io/certmonger/issue/269
|
||||||
|
|
||||||
|
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
|
||||||
|
---
|
||||||
|
src/getcert.1.in | 9 +++++++++
|
||||||
|
src/getcert.c | 3 +++
|
||||||
|
2 files changed, 12 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/getcert.1.in b/src/getcert.1.in
|
||||||
|
index 4adfc925..754a8836 100644
|
||||||
|
--- a/src/getcert.1.in
|
||||||
|
+++ b/src/getcert.1.in
|
||||||
|
@@ -43,6 +43,15 @@ All commands can take either the \fB\-s\fR or \fB\-S\fR arguments, which instruc
|
||||||
|
bus, if no value is set. By default, \fIgetcert\fR consults the @CM_DBUS_NAME@
|
||||||
|
service attached to the system bus.
|
||||||
|
|
||||||
|
+.SH "EXIT STATUS"
|
||||||
|
+The exit status is 0 on success, nonzero on error.
|
||||||
|
+
|
||||||
|
+0 Success
|
||||||
|
+
|
||||||
|
+1 Error
|
||||||
|
+
|
||||||
|
+2 Duplicate entry
|
||||||
|
+
|
||||||
|
.SH BUGS
|
||||||
|
Please file tickets for any that you find at https://fedorahosted.org/certmonger/
|
||||||
|
|
||||||
|
diff --git a/src/getcert.c b/src/getcert.c
|
||||||
|
index 77fa5367..81b4bc8d 100644
|
||||||
|
--- a/src/getcert.c
|
||||||
|
+++ b/src/getcert.c
|
||||||
|
@@ -497,6 +497,9 @@ send_req(DBusMessage *req, int verbose)
|
||||||
|
printf(_("No response received from %s service.\n"),
|
||||||
|
CM_DBUS_NAME);
|
||||||
|
}
|
||||||
|
+ if (strcmp(err.name, "org.fedorahosted.certmonger.duplicate") == 0) {
|
||||||
|
+ exit(2);
|
||||||
|
+ }
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
dbus_message_unref(req);
|
||||||
|
--
|
||||||
|
2.42.0
|
||||||
|
|
|
@ -0,0 +1,28 @@
|
||||||
|
From d9a773f709b42b6fe7d8816da656e5bee2afd641 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Rob Crittenden <rcritten@redhat.com>
|
||||||
|
Date: Tue, 30 Jan 2024 09:06:53 -0500
|
||||||
|
Subject: [PATCH 2/2] getcert: add NULL check to duplicate string compare
|
||||||
|
|
||||||
|
Fixes: https://www.pagure.io/certmonger/issue/269
|
||||||
|
|
||||||
|
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
|
||||||
|
---
|
||||||
|
src/getcert.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/getcert.c b/src/getcert.c
|
||||||
|
index 81b4bc8d..f5575bce 100644
|
||||||
|
--- a/src/getcert.c
|
||||||
|
+++ b/src/getcert.c
|
||||||
|
@@ -497,7 +497,7 @@ send_req(DBusMessage *req, int verbose)
|
||||||
|
printf(_("No response received from %s service.\n"),
|
||||||
|
CM_DBUS_NAME);
|
||||||
|
}
|
||||||
|
- if (strcmp(err.name, "org.fedorahosted.certmonger.duplicate") == 0) {
|
||||||
|
+ if ((err.name != NULL) && strcmp(err.name, "org.fedorahosted.certmonger.duplicate") == 0) {
|
||||||
|
exit(2);
|
||||||
|
}
|
||||||
|
exit(1);
|
||||||
|
--
|
||||||
|
2.42.0
|
||||||
|
|
|
@ -1,195 +0,0 @@
|
||||||
From 14d1b5f9a482a4740706dc1cb86c454662f48d4c Mon Sep 17 00:00:00 2001
|
|
||||||
From: Rob Crittenden <rcritten@redhat.com>
|
|
||||||
Date: Wed, 7 Dec 2022 10:09:55 -0500
|
|
||||||
Subject: [PATCH] Revert "Remove the certmaster CA from the 028-dbus test"
|
|
||||||
|
|
||||||
This reverts commit dd8dcb899e0a159d1141b713993805565ffb6d28.
|
|
||||||
---
|
|
||||||
tests/028-dbus/expected.out | 130 ++++++++++++++++++++++++++++++++++--
|
|
||||||
1 file changed, 124 insertions(+), 6 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/tests/028-dbus/expected.out b/tests/028-dbus/expected.out
|
|
||||||
index 86cba02..544ebd7 100644
|
|
||||||
--- a/tests/028-dbus/expected.out
|
|
||||||
+++ b/tests/028-dbus/expected.out
|
|
||||||
@@ -35,6 +35,10 @@ CA 'IPA':
|
|
||||||
is-default: no
|
|
||||||
ca-type: EXTERNAL
|
|
||||||
helper-location: $libexecdir/ipa-submit
|
|
||||||
+CA 'certmaster':
|
|
||||||
+ is-default: no
|
|
||||||
+ ca-type: EXTERNAL
|
|
||||||
+ helper-location: $libexecdir/certmaster-submit
|
|
||||||
CA 'dogtag-ipa-renew-agent':
|
|
||||||
is-default: no
|
|
||||||
ca-type: EXTERNAL
|
|
||||||
@@ -42,8 +46,8 @@ CA 'dogtag-ipa-renew-agent':
|
|
||||||
|
|
||||||
[[ API ]]
|
|
||||||
[ simpleprop.py ]
|
|
||||||
-/org/fedorahosted/certmonger/cas/CA5
|
|
||||||
-/org/fedorahosted/certmonger/cas/CA5
|
|
||||||
+/org/fedorahosted/certmonger/cas/CA6
|
|
||||||
+/org/fedorahosted/certmonger/cas/CA6
|
|
||||||
: -> : -k admin@localhost -> :
|
|
||||||
0 -> 1 -> 0
|
|
||||||
[ walk.py ]
|
|
||||||
@@ -179,7 +183,7 @@ OK
|
|
||||||
OK
|
|
||||||
|
|
||||||
[ /org/fedorahosted/certmonger: org.fedorahosted.certmonger.get_known_cas ]
|
|
||||||
-dbus.Array([dbus.ObjectPath('/org/fedorahosted/certmonger/cas/CA1'), dbus.ObjectPath('/org/fedorahosted/certmonger/cas/CA2'), dbus.ObjectPath('/org/fedorahosted/certmonger/cas/CA3'), dbus.ObjectPath('/org/fedorahosted/certmonger/cas/CA4')], signature=dbus.Signature('o'))
|
|
||||||
+dbus.Array([dbus.ObjectPath('/org/fedorahosted/certmonger/cas/CA1'), dbus.ObjectPath('/org/fedorahosted/certmonger/cas/CA2'), dbus.ObjectPath('/org/fedorahosted/certmonger/cas/CA3'), dbus.ObjectPath('/org/fedorahosted/certmonger/cas/CA4'), dbus.ObjectPath('/org/fedorahosted/certmonger/cas/CA5')], signature=dbus.Signature('o'))
|
|
||||||
|
|
||||||
[ /org/fedorahosted/certmonger: org.fedorahosted.certmonger.get_requests ]
|
|
||||||
dbus.Array([dbus.ObjectPath('/org/fedorahosted/certmonger/requests/Request2')], signature=dbus.Signature('o'))
|
|
||||||
@@ -507,6 +511,7 @@ After setting template-eku to 1.2.3.4.5.6.7.8.9.10, we got dbus.Array([dbus.Stri
|
|
||||||
<node name="CA2"/>
|
|
||||||
<node name="CA3"/>
|
|
||||||
<node name="CA4"/>
|
|
||||||
+ <node name="CA5"/>
|
|
||||||
</node>
|
|
||||||
|
|
||||||
[ /org/fedorahosted/certmonger/cas/CA1: org.freedesktop.DBus.Introspectable.Introspect ]
|
|
||||||
@@ -940,10 +945,10 @@ dbus.Array([], signature=dbus.Signature('s'))
|
|
||||||
</node>
|
|
||||||
|
|
||||||
[ /org/fedorahosted/certmonger/cas/CA4: org.fedorahosted.certmonger.ca.get_config_file_path ]
|
|
||||||
-$tmpdir/cas/20180327134236-3
|
|
||||||
+$tmpdir/cas/20180327134236-2
|
|
||||||
|
|
||||||
[ /org/fedorahosted/certmonger/cas/CA4: org.fedorahosted.certmonger.ca.get_nickname ]
|
|
||||||
-dogtag-ipa-renew-agent
|
|
||||||
+certmaster
|
|
||||||
|
|
||||||
[ /org/fedorahosted/certmonger/cas/CA4: org.fedorahosted.certmonger.ca.get_is_default ]
|
|
||||||
0
|
|
||||||
@@ -955,7 +960,7 @@ EXTERNAL
|
|
||||||
None
|
|
||||||
|
|
||||||
[ /org/fedorahosted/certmonger/cas/CA4: org.fedorahosted.certmonger.ca.get_location ]
|
|
||||||
-$libexecdir/dogtag-ipa-renew-agent-submit
|
|
||||||
+$libexecdir/certmaster-submit
|
|
||||||
|
|
||||||
[ /org/fedorahosted/certmonger/cas/CA4: org.fedorahosted.certmonger.ca.get_issuer_names ]
|
|
||||||
dbus.Array([], signature=dbus.Signature('s'))
|
|
||||||
@@ -963,3 +968,116 @@ dbus.Array([], signature=dbus.Signature('s'))
|
|
||||||
[ /org/fedorahosted/certmonger/cas/CA4: org.fedorahosted.certmonger.ca.refresh ]
|
|
||||||
1
|
|
||||||
|
|
||||||
+[ /org/fedorahosted/certmonger/cas/CA5: org.freedesktop.DBus.Introspectable.Introspect ]
|
|
||||||
+<!DOCTYPE node PUBLIC "-//freedesktop//DTD D-BUS Object Introspection 1.0//EN"
|
|
||||||
+"http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
|
|
||||||
+
|
|
||||||
+<node name="/org/fedorahosted/certmonger/cas/CA5">
|
|
||||||
+ <interface name="org.freedesktop.DBus.Introspectable">
|
|
||||||
+ <method name="Introspect">
|
|
||||||
+ <arg name="xml_data" type="s" direction="out"/>
|
|
||||||
+ </method>
|
|
||||||
+ </interface>
|
|
||||||
+ <interface name="org.freedesktop.DBus.Properties">
|
|
||||||
+ <method name="Get">
|
|
||||||
+ <arg name="interface_name" type="s" direction="in"/>
|
|
||||||
+ <arg name="property_name" type="s" direction="in"/>
|
|
||||||
+ <arg name="value" type="v" direction="out"/>
|
|
||||||
+ </method>
|
|
||||||
+ <method name="Set">
|
|
||||||
+ <arg name="interface_name" type="s" direction="in"/>
|
|
||||||
+ <arg name="property_name" type="s" direction="in"/>
|
|
||||||
+ <arg name="value" type="v" direction="in"/>
|
|
||||||
+ </method>
|
|
||||||
+ <method name="GetAll">
|
|
||||||
+ <arg name="interface_name" type="s" direction="in"/>
|
|
||||||
+ <arg name="props" type="a{sv}" direction="out"/>
|
|
||||||
+ </method>
|
|
||||||
+ <signal name="PropertiesChanged">
|
|
||||||
+ <arg name="interface_name" type="s"/>
|
|
||||||
+ <arg name="changed_properties" type="a{sv}"/>
|
|
||||||
+ <arg name="invalidated_properties" type="as"/>
|
|
||||||
+ </signal>
|
|
||||||
+ </interface>
|
|
||||||
+ <interface name="org.fedorahosted.certmonger.ca">
|
|
||||||
+ <method name="get_config_file_path">
|
|
||||||
+ <arg name="path" type="s" direction="out"/>
|
|
||||||
+ </method>
|
|
||||||
+ <method name="get_nickname">
|
|
||||||
+ <arg name="nickname" type="s" direction="out"/>
|
|
||||||
+ </method>
|
|
||||||
+ <property name="nickname" type="s" access="read"/>
|
|
||||||
+ <property name="aka" type="s" access="read"/>
|
|
||||||
+ <method name="get_is_default">
|
|
||||||
+ <arg name="default" type="b" direction="out"/>
|
|
||||||
+ </method>
|
|
||||||
+ <property name="is-default" type="b" access="readwrite"/>
|
|
||||||
+ <method name="get_type">
|
|
||||||
+ <arg name="type" type="s" direction="out"/>
|
|
||||||
+ </method>
|
|
||||||
+ <method name="get_serial">
|
|
||||||
+ <arg name="serial_hex" type="s" direction="out"/>
|
|
||||||
+ </method>
|
|
||||||
+ <method name="get_location">
|
|
||||||
+ <arg name="path" type="s" direction="out"/>
|
|
||||||
+ </method>
|
|
||||||
+ <property name="external-helper" type="s" access="readwrite"/>
|
|
||||||
+ <method name="get_issuer_names">
|
|
||||||
+ <arg name="names" type="as" direction="out"/>
|
|
||||||
+ </method>
|
|
||||||
+ <method name="refresh">
|
|
||||||
+ <arg name="working" type="b" direction="out"/>
|
|
||||||
+ </method>
|
|
||||||
+ <property name="ca-error" type="s" access="read"/>
|
|
||||||
+ <property name="issuer-names" type="as" access="read"/>
|
|
||||||
+ <property name="root-certs" type="a(ss)" access="read"/>
|
|
||||||
+ <property name="root-other-certs" type="a(ss)" access="read"/>
|
|
||||||
+ <property name="other-certs" type="a(ss)" access="read"/>
|
|
||||||
+ <property name="required-enroll-attributes" type="as" access="read"/>
|
|
||||||
+ <property name="required-renew-attributes" type="as" access="read"/>
|
|
||||||
+ <property name="supported-profiles" type="as" access="read"/>
|
|
||||||
+ <property name="default-profile" type="s" access="read"/>
|
|
||||||
+ <property name="root-cert-files" type="as" access="readwrite"/>
|
|
||||||
+ <property name="root-other-cert-files" type="as" access="readwrite"/>
|
|
||||||
+ <property name="other-cert-files" type="as" access="readwrite"/>
|
|
||||||
+ <property name="root-cert-nssdbs" type="as" access="readwrite"/>
|
|
||||||
+ <property name="root-other-cert-nssdbs" type="as" access="readwrite"/>
|
|
||||||
+ <property name="other-cert-nssdbs" type="as" access="readwrite"/>
|
|
||||||
+ <property name="ca-presave-command" type="s" access="read"/>
|
|
||||||
+ <property name="ca-presave-uid" type="s" access="read"/>
|
|
||||||
+ <property name="ca-postsave-command" type="s" access="read"/>
|
|
||||||
+ <property name="ca-postsave-uid" type="s" access="read"/>
|
|
||||||
+ <property name="scep-cipher" type="s" access="readwrite"/>
|
|
||||||
+ <property name="scep-digest" type="s" access="readwrite"/>
|
|
||||||
+ <property name="scep-ca-identifier" type="s" access="readwrite"/>
|
|
||||||
+ <property name="scep-ca-capabilities" type="as" access="read"/>
|
|
||||||
+ <property name="scep-ra-cert" type="s" access="read"/>
|
|
||||||
+ <property name="scep-ca-cert" type="s" access="read"/>
|
|
||||||
+ <property name="scep-other-certs" type="s" access="read"/>
|
|
||||||
+ </interface>
|
|
||||||
+</node>
|
|
||||||
+
|
|
||||||
+[ /org/fedorahosted/certmonger/cas/CA5: org.fedorahosted.certmonger.ca.get_config_file_path ]
|
|
||||||
+$tmpdir/cas/20180327134236-3
|
|
||||||
+
|
|
||||||
+[ /org/fedorahosted/certmonger/cas/CA5: org.fedorahosted.certmonger.ca.get_nickname ]
|
|
||||||
+dogtag-ipa-renew-agent
|
|
||||||
+
|
|
||||||
+[ /org/fedorahosted/certmonger/cas/CA5: org.fedorahosted.certmonger.ca.get_is_default ]
|
|
||||||
+0
|
|
||||||
+
|
|
||||||
+[ /org/fedorahosted/certmonger/cas/CA5: org.fedorahosted.certmonger.ca.get_type ]
|
|
||||||
+EXTERNAL
|
|
||||||
+
|
|
||||||
+[ /org/fedorahosted/certmonger/cas/CA5: org.fedorahosted.certmonger.ca.get_serial ]
|
|
||||||
+None
|
|
||||||
+
|
|
||||||
+[ /org/fedorahosted/certmonger/cas/CA5: org.fedorahosted.certmonger.ca.get_location ]
|
|
||||||
+$libexecdir/dogtag-ipa-renew-agent-submit
|
|
||||||
+
|
|
||||||
+[ /org/fedorahosted/certmonger/cas/CA5: org.fedorahosted.certmonger.ca.get_issuer_names ]
|
|
||||||
+dbus.Array([], signature=dbus.Signature('s'))
|
|
||||||
+
|
|
||||||
+[ /org/fedorahosted/certmonger/cas/CA5: org.fedorahosted.certmonger.ca.refresh ]
|
|
||||||
+1
|
|
||||||
+
|
|
||||||
--
|
|
||||||
2.38.1
|
|
||||||
|
|
|
@ -1,24 +0,0 @@
|
||||||
From 6224c3aa01665edddbda1ec7d1e35b03823eefcb Mon Sep 17 00:00:00 2001
|
|
||||||
From: root <root@ci-vm-10-0-137-168.hosted.upshift.rdu2.redhat.com>
|
|
||||||
Date: Wed, 7 Dec 2022 14:50:01 -0500
|
|
||||||
Subject: [PATCH] Don't run the 002-keygen-* tests when root
|
|
||||||
|
|
||||||
The permissions tests will fail.
|
|
||||||
---
|
|
||||||
tests/002-keygen-dbm/prequal.sh | 5 +++++
|
|
||||||
1 file changed, 5 insertions(+)
|
|
||||||
create mode 100755 tests/002-keygen-dbm/prequal.sh
|
|
||||||
|
|
||||||
diff --git a/tests/002-keygen-dbm/prequal.sh b/tests/002-keygen-dbm/prequal.sh
|
|
||||||
new file mode 100755
|
|
||||||
index 0000000..b6c16e0
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/tests/002-keygen-dbm/prequal.sh
|
|
||||||
@@ -0,0 +1,5 @@
|
|
||||||
+#!/bin/sh
|
|
||||||
+if test `id -u` -eq 0 ; then
|
|
||||||
+ echo "This test won't work right if run as root."
|
|
||||||
+ exit 1
|
|
||||||
+fi
|
|
||||||
--
|
|
||||||
2.31.1
|
|
|
@ -1,47 +1,71 @@
|
||||||
|
%if 0%{?fedora} > 15 || 0%{?rhel} > 6
|
||||||
%global systemd 1
|
%global systemd 1
|
||||||
%global sysvinit 0
|
%global sysvinit 0
|
||||||
|
%else
|
||||||
|
%global systemd 0
|
||||||
|
%global sysvinit 1
|
||||||
|
%endif
|
||||||
|
|
||||||
|
%if 0%{?fedora} > 15 && 0%{?fedora} < 20
|
||||||
|
%global systemdsysv 1
|
||||||
|
%else
|
||||||
%global systemdsysv 0
|
%global systemdsysv 0
|
||||||
|
%endif
|
||||||
|
|
||||||
|
%if 0%{?fedora} > 14 || 0%{?rhel} > 6
|
||||||
%global tmpfiles 1
|
%global tmpfiles 1
|
||||||
|
%else
|
||||||
|
%global tmpfiles 0
|
||||||
|
%endif
|
||||||
|
|
||||||
|
%if 0%{?fedora} > 9 || 0%{?rhel} > 5
|
||||||
%global sysvinitdir %{_initddir}
|
%global sysvinitdir %{_initddir}
|
||||||
|
%else
|
||||||
|
%global sysvinitdir %{_initrddir}
|
||||||
|
%endif
|
||||||
|
|
||||||
%bcond_without xmlrpc
|
%bcond_with xmlrpc
|
||||||
|
|
||||||
Name: certmonger
|
Name: certmonger
|
||||||
Version: 0.79.17
|
Version: 0.79.17
|
||||||
Release: 2%{?dist}
|
Release: 2%{?dist}
|
||||||
Summary: Certificate status monitor and PKI enrollment client
|
Summary: Certificate status monitor and PKI enrollment client
|
||||||
|
|
||||||
Group: System Environment/Daemons
|
|
||||||
License: GPLv3+
|
License: GPLv3+
|
||||||
URL: http://pagure.io/certmonger/
|
URL: http://pagure.io/certmonger/
|
||||||
Source0: http://releases.pagure.org/certmonger/certmonger-%{version}.tar.gz
|
Source0: http://releases.pagure.org/certmonger/certmonger-%{version}.tar.gz
|
||||||
#Source1: http://releases.pagure.org/certmonger/certmonger-%%{version}.tar.gz.sig
|
#Source1: http://releases.pagure.org/certmonger/certmonger-%%{version}.tar.gz.sig
|
||||||
|
Patch0001: 0001-getcert-return-2-when-trying-to-create-a-duplicate-e.patch
|
||||||
Patch0001: 0001-Revert-Remove-the-certmaster-CA-from-the-028-dbus-te.patch
|
Patch0002: 0002-getcert-add-NULL-check-to-duplicate-string-compare.patch
|
||||||
Patch0002: 0002-Don-t-run-the-002-keygen-tests-when-root.patch
|
|
||||||
|
|
||||||
BuildRequires: autoconf
|
BuildRequires: autoconf
|
||||||
BuildRequires: automake
|
BuildRequires: automake
|
||||||
BuildRequires: gettext-devel
|
BuildRequires: gettext-devel
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
BuildRequires: openldap-devel
|
BuildRequires: openldap-devel
|
||||||
|
BuildRequires: krb5-devel
|
||||||
BuildRequires: libidn2-devel
|
BuildRequires: libidn2-devel
|
||||||
BuildRequires: python3-dbus
|
BuildRequires: dbus-devel, nspr-devel, nss-devel, openssl-devel
|
||||||
BuildRequires: dbus-devel
|
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
|
||||||
BuildRequires: nspr-devel
|
|
||||||
BuildRequires: nss-devel
|
|
||||||
BuildRequires: openssl-devel
|
|
||||||
BuildRequires: libuuid-devel
|
BuildRequires: libuuid-devel
|
||||||
|
%else
|
||||||
|
BuildRequires: e2fsprogs-devel
|
||||||
|
%endif
|
||||||
BuildRequires: libtalloc-devel, libtevent-devel
|
BuildRequires: libtalloc-devel, libtevent-devel
|
||||||
|
%if 0%{?rhel} >= 6 || 0%{?fedora} >= 9
|
||||||
BuildRequires: libcurl-devel
|
BuildRequires: libcurl-devel
|
||||||
|
%else
|
||||||
|
BuildRequires: curl-devel
|
||||||
|
%endif
|
||||||
BuildRequires: libxml2-devel
|
BuildRequires: libxml2-devel
|
||||||
%if %{with xmlrpc}
|
%if %{with xmlrpc}
|
||||||
BuildRequires: xmlrpc-c-devel
|
BuildRequires: xmlrpc-c-devel
|
||||||
|
%endif
|
||||||
|
BuildRequires: jansson-devel
|
||||||
|
%if 0%{?rhel} && 0%{?rhel} < 6
|
||||||
|
BuildRequires: bind-libbind-devel
|
||||||
|
BuildRequires: mktemp
|
||||||
%endif
|
%endif
|
||||||
BuildRequires: jansson-devel
|
|
||||||
# Required for 'make check':
|
# Required for 'make check':
|
||||||
# for diff and cmp
|
# for diff and cmp
|
||||||
BuildRequires: diffutils
|
BuildRequires: diffutils
|
||||||
|
@ -58,10 +82,10 @@ BuildRequires: /usr/bin/dos2unix
|
||||||
BuildRequires: /usr/bin/unix2dos
|
BuildRequires: /usr/bin/unix2dos
|
||||||
# for which
|
# for which
|
||||||
BuildRequires: /usr/bin/which
|
BuildRequires: /usr/bin/which
|
||||||
|
# for dbus tests
|
||||||
|
BuildRequires: python3-dbus
|
||||||
BuildRequires: popt-devel
|
BuildRequires: popt-devel
|
||||||
# for make check
|
BuildRequires: sed
|
||||||
BuildRequires: python3-devel
|
|
||||||
BuildRequires: krb5-devel
|
|
||||||
|
|
||||||
# we need a running system bus
|
# we need a running system bus
|
||||||
Requires: dbus
|
Requires: dbus
|
||||||
|
@ -69,6 +93,7 @@ Requires(post): %{_bindir}/dbus-send
|
||||||
|
|
||||||
%if %{systemd}
|
%if %{systemd}
|
||||||
BuildRequires: systemd-units
|
BuildRequires: systemd-units
|
||||||
|
BuildRequires: make
|
||||||
Requires(post): systemd-units
|
Requires(post): systemd-units
|
||||||
Requires(preun): systemd-units, dbus, sed
|
Requires(preun): systemd-units, dbus, sed
|
||||||
Requires(postun): systemd-units
|
Requires(postun): systemd-units
|
||||||
|
@ -90,6 +115,10 @@ Requires(post): /sbin/chkconfig, /sbin/service
|
||||||
Requires(preun): /sbin/chkconfig, /sbin/service, dbus, sed
|
Requires(preun): /sbin/chkconfig, /sbin/service, dbus, sed
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
%if 0%{?fedora} >= 15
|
||||||
|
# Certain versions of libtevent have incorrect internal ABI versions.
|
||||||
|
Conflicts: libtevent < 0.9.13
|
||||||
|
%endif
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Certmonger is a service which is primarily concerned with getting your
|
Certmonger is a service which is primarily concerned with getting your
|
||||||
|
@ -98,6 +127,12 @@ system enrolled with a certificate authority (CA) and keeping it enrolled.
|
||||||
%prep
|
%prep
|
||||||
%autosetup -p1
|
%autosetup -p1
|
||||||
|
|
||||||
|
%if 0%{?rhel} > 0
|
||||||
|
# Enabled by default for RHEL for bug #765600, still disabled by default for
|
||||||
|
# Fedora pending a similar bug report there.
|
||||||
|
sed -i 's,^# chkconfig: - ,# chkconfig: 345 ,g' sysvinit/certmonger.in
|
||||||
|
%endif
|
||||||
|
|
||||||
%build
|
%build
|
||||||
autoreconf -i -f
|
autoreconf -i -f
|
||||||
%configure \
|
%configure \
|
||||||
|
@ -112,8 +147,9 @@ autoreconf -i -f
|
||||||
%endif
|
%endif
|
||||||
--with-homedir=/run/certmonger \
|
--with-homedir=/run/certmonger \
|
||||||
%if %{with xmlrpc}
|
%if %{with xmlrpc}
|
||||||
--with-xmlrpc \
|
--with-xmlrpc \
|
||||||
%endif
|
%endif
|
||||||
|
--disable-dsa \
|
||||||
--with-tmpdir=/run/certmonger --enable-pie --enable-now
|
--with-tmpdir=/run/certmonger --enable-pie --enable-now
|
||||||
%if %{with xmlrpc}
|
%if %{with xmlrpc}
|
||||||
# For some reason, some versions of xmlrpc-c-config in Fedora and RHEL just
|
# For some reason, some versions of xmlrpc-c-config in Fedora and RHEL just
|
||||||
|
@ -131,10 +167,6 @@ install -m755 -d $RPM_BUILD_ROOT/run/certmonger
|
||||||
%{find_lang} %{name}
|
%{find_lang} %{name}
|
||||||
|
|
||||||
%check
|
%check
|
||||||
# Seed then openssl RNG if not set
|
|
||||||
if [ ! -e $HOME/.rnd ] ; then
|
|
||||||
openssl rand -writerand $HOME/.rnd
|
|
||||||
fi
|
|
||||||
make check
|
make check
|
||||||
|
|
||||||
%post
|
%post
|
||||||
|
@ -144,7 +176,7 @@ fi
|
||||||
%if %{without xmlrpc}
|
%if %{without xmlrpc}
|
||||||
# remove any existing certmaster CA configuration
|
# remove any existing certmaster CA configuration
|
||||||
if test $1 -gt 1 ; then
|
if test $1 -gt 1 ; then
|
||||||
%{_bindir}/getcert remove-ca -c certmaster 2>&1 || :
|
%{_bindir}/getcert remove-ca -c certmaster 2>&1 || :
|
||||||
fi
|
fi
|
||||||
%endif
|
%endif
|
||||||
%if %{systemd}
|
%if %{systemd}
|
||||||
|
@ -212,7 +244,6 @@ exit 0
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%files -f %{name}.lang
|
%files -f %{name}.lang
|
||||||
%defattr(-,root,root,-)
|
|
||||||
%doc README.md LICENSE STATUS doc/*.txt
|
%doc README.md LICENSE STATUS doc/*.txt
|
||||||
%config(noreplace) %{_sysconfdir}/dbus-1/system.d/*
|
%config(noreplace) %{_sysconfdir}/dbus-1/system.d/*
|
||||||
%{_datadir}/dbus-1/services/*
|
%{_datadir}/dbus-1/services/*
|
||||||
|
@ -236,106 +267,124 @@ exit 0
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Wed Dec 7 2022 Rob Crittenden <rcritten@redhat.com> - 0.79.17-2
|
* Thu Feb 01 2024 Rob Crittenden <rcritten@redhat.com> - 0.79.17-2
|
||||||
- Skip the keygen tests when executed as root.
|
- getcert should return unique error on duplicates (RHEL-22302)
|
||||||
|
|
||||||
* Tue Dec 6 2022 Rob Crittenden <rcritten@redhat.com> - 0.79.17-1
|
* Tue Dec 6 2022 Rob Crittenden <rcritten@redhat.com> - 0.79.17-1
|
||||||
- Update to upstream 0.79.17 (#2139523)
|
- Update to upstream 0.79.17
|
||||||
- Certificate format validation when adding the SCEP server's CA (#2150025)
|
|
||||||
- Certmonger SCEP renewal should not use old challenges (#2150030)
|
|
||||||
- certmonger SEGV during rekey in FIPS mode (#2150070)
|
|
||||||
|
|
||||||
* Mon Oct 18 2021 Rob Crittenden <rcritten@redhat.com> - 0.79.13-5
|
* Thu Apr 07 2022 Rob Crittenden <rcritten@redhat.com> - 0.79.14-7
|
||||||
|
- Disable DSA (#2066439)
|
||||||
|
|
||||||
|
* Thu Mar 17 2022 Rob Crittenden <rcritten@redhat.com> - 0.79.14-6
|
||||||
|
- Certificate format validation when adding the SCEP server's CA
|
||||||
|
(#1492112)
|
||||||
|
- Replace some SHA1 usages with SHA256 in the unit tests
|
||||||
|
|
||||||
|
* Thu Oct 07 2021 Rob Crittenden <rcritten@redhat.com> - 0.79.14-5
|
||||||
|
- Certmonger SCEP renewal should not use old challenges (#1990926)
|
||||||
|
- Certmonger certificates stuck in NEED_GUIDANCE (#2001082)
|
||||||
- certmonger creates CSRs with invalid DER syntax for X509v3 extensions
|
- certmonger creates CSRs with invalid DER syntax for X509v3 extensions
|
||||||
with critical=FALSE (#2012258)
|
with critical=FALSE (#2012261)
|
||||||
|
|
||||||
* Wed Oct 06 2021 Rob Crittenden <rcritten@redhat.com> - 0.79.13-4
|
* Tue Sep 28 2021 Rob Crittenden <rcritten@redhat.com> - 0.79.14-4
|
||||||
- Certmonger SCEP renewal should not use old challenges (#1577570)
|
- Fix FTBFS due to change in OpenSSL 3.0.0-beta2 API (#2008451)
|
||||||
- Certmonger segfault after cert renewal request (#1881500)
|
|
||||||
- Include certificate NotBefore date in output of the 'getcert list' command
|
|
||||||
(#1940261)
|
|
||||||
- Certmonger certificates stuck in NEED_GUIDANCE (#2001079)
|
|
||||||
|
|
||||||
* Wed Apr 28 2021 Rob Crittenden <rcritten@redhat.com> - 0.79.13-3
|
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.79.14-3
|
||||||
- Fix local CA to work under FIPS (#1950132)
|
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||||
|
Related: rhbz#1991688
|
||||||
|
|
||||||
* Tue Nov 10 2020 Rob Crittenden <rcritten@redhat.com> - 0.79.13-2
|
* Wed Jul 28 2021 Rob Crittenden <rcritten@redhat.com> - 0.79.14-2
|
||||||
- Rebuild with xmlrpc-c support enabled (#1687698)
|
- Re-enable LTO (#1986099)
|
||||||
|
|
||||||
* Wed Oct 28 2020 Rob Crittenden <rcritten@redhat.com> - 0.79.13-1
|
* Thu Jun 17 2021 Rob Crittenden <rcritten@redhat.com> - 0.79.14-1
|
||||||
- Rebase to 0.79.13 (#1891743)
|
- Update to upstream 0.79.14 (#1969537)
|
||||||
|
|
||||||
* Thu Jul 30 2020 Rob Crittenden <rcritten@redhat.com> - 0.79.7-15
|
|
||||||
- Replace the previous fix for dbus restarting with PartOf in the
|
|
||||||
certmonger systemd service file to link the two (#1687698)
|
|
||||||
|
|
||||||
* Tue Jun 2 2020 Rob Crittenden <rcritten@redhat.com> - 0.79.7-14
|
* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.79.13-6
|
||||||
- Include &message=CA-IDENT with GetCACaps/GetCACert requests (#1843009)
|
- Rebuilt for RHEL 9 BETA for openssl 3.0
|
||||||
|
Related: rhbz#1971065
|
||||||
|
|
||||||
* Mon May 18 2020 Rob Crittenden <rcritten@redhat.com> - 0.79.7-13
|
* Wed May 19 2021 Rob Crittenden <rcritten@redhat.com> - 0.79.13-5
|
||||||
- Exit gracefully if dbus is restarted (#1687698)
|
- Port to OpenSSL 3.0 (#1952930)
|
||||||
|
|
||||||
* Thu May 14 2020 Rob Crittenden <rcritten@redhat.com> - 0.79.7-12
|
* Wed Apr 28 2021 Rob Crittenden <rcritten@redhat.com> - 0.79.13-4
|
||||||
- Add long command-line options to man pages and help output (#1782838)
|
- Fix local CA to work under FIPS (#1954618)
|
||||||
|
|
||||||
* Mon May 4 2020 Rob Crittenden <rcritten@redhat.com> - 0.79.7-11
|
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 0.79.13-3
|
||||||
- Fix test failure in 039-fromfile
|
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||||
|
|
||||||
* Mon May 4 2020 Rob Crittenden <rcritten@redhat.com> - 0.79.7-10
|
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.79.13-2
|
||||||
- Ensure that files read in have a trailing new-line (#1829490)
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||||
|
|
||||||
* Thu Apr 30 2020 Rob Crittenden <rcritten@redhat.com> - 0.79.7-9
|
* Tue Oct 20 2020 Rob Crittenden <rcritten@redhat.com> - 0.79.13-1
|
||||||
- Call the secport equivalent of PR_ErrorToString
|
- Update to upstream 0.79.13
|
||||||
- Remove a couple of unused varaibles found by coverity
|
|
||||||
|
|
||||||
* Mon Apr 13 2020 Rob Crittenden <rcritten@redhat.com> - 0.79.7-8
|
* Mon Oct 5 2020 Rob Crittenden <rcritten@redhat.com> - 0.79.12-1
|
||||||
- Move systemd tmpfiles from /var/run to /run (#1804928)
|
- Update to upstream 0.79.12
|
||||||
- Improve logging in the SCEP helper (#1807691)
|
|
||||||
- Fix sort order of certificates passed into PKCS7_verify (#1808052)
|
|
||||||
- Add -N option to SCEP helper to separate web server chain from
|
|
||||||
SCEP issuer chain (#1808613)
|
|
||||||
- Add template profile, MS v2 template and issuer to getcert list
|
|
||||||
output (#1734451)
|
|
||||||
|
|
||||||
* Tue Dec 17 2019 Rob Crittenden <rcritten@redhat.com> - 0.79.7-7
|
* Fri Sep 18 2020 Rob Crittenden <rcritten@redhat.com> - 0.79.11-4
|
||||||
- Update gating requirements
|
- Don't send SIGKILL to child processes to terminate them
|
||||||
|
- Switch to JSON for communication with IPA
|
||||||
|
|
||||||
* Mon Dec 16 2019 Rob Crittenden <rcritten@redhat.com> - 0.79.7-6
|
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.79.11-3
|
||||||
- Rebuild
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||||
|
|
||||||
* Mon Dec 2 2019 Rob Crittenden <rcritten@redhat.com> - 0.79.7-5
|
* Tue Jun 30 2020 Rob Crittenden <rcritten@redhat.com> - 0.79.11-2
|
||||||
- Fix use-after-free issue when retrieving CA chain (#1710632)
|
- Fix for an unnecessary free() which can cause core dump.
|
||||||
|
|
||||||
* Mon Dec 2 2019 Rob Crittenden <rcritten@redhat.com> - 0.79.7-4
|
* Tue Jun 30 2020 Rob Crittenden <rcritten@redhat.com> - 0.79.11-1
|
||||||
- Optimize closing of file descriptors on fork (#1763745)
|
- Update to upstream 0.79.11
|
||||||
- Remove NOMODDB flag flag from context init, look for full tokens (#1746543)
|
|
||||||
- Retrieve full IPA CA chain (#1710632)
|
|
||||||
|
|
||||||
* Tue May 14 2019 Rob Crittenden <rcritten@redhat.com> - 0.79.7-3
|
* Thu Jun 25 2020 Rob Crittenden <rcritten@redhat.com> - 0.79.10-1
|
||||||
- Rebuild for new annobin (#1708095)
|
- Update to upstream 0.79.10
|
||||||
|
|
||||||
* Fri May 10 2019 Rob Crittenden <rcritten@redhat.com> - 0.79.7-2
|
* Thu Jan 30 2020 Rob Crittenden <rcritten@redhat.com> - 0.79.9-1
|
||||||
- Rebuild for new annobin (#1708095)
|
- Update to upstream 0.79.9
|
||||||
|
|
||||||
* Thu May 9 2019 Alexander Bokovoy <abokovoy@redhat.com> - 0.79.7-1
|
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.79.8-4
|
||||||
- Rebase to 0.79.7 (#1708095)
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||||
|
|
||||||
* Mon Oct 8 2018 Rob Crittenden <rcritten@redhat.com> - 0.79.6-5
|
* Wed Oct 30 2019 Rob Crittenden <rcritten@redhat.com> - 0.79.8-3
|
||||||
- Address more issues uncovered by static analysis (#1632449)
|
- Change python2-dbus build dependency to python3
|
||||||
|
- Convert tests to pass under python 3
|
||||||
|
- Skip DSA tests because it is disabled by default crypto policy
|
||||||
|
|
||||||
* Tue Oct 2 2018 Rob Crittenden <rcritten@redhat.com> - 0.79.6-4
|
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.79.8-2
|
||||||
- Improve handling of NSS tokens (#1624930)
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||||
- Pull in upstream fixes discovered in coverity and clang (#1632449)
|
|
||||||
|
|
||||||
* Mon Aug 13 2018 Rob Crittenden <rcritten@redhat.com> - 0.79.6-3
|
* Wed Jul 17 2019 Rob Crittenden <rcritten@redhat.com> - 0.79.8-1
|
||||||
- Add BuildRequires on python3-devel (#1615507)
|
- Update to upstream 0.79.8
|
||||||
|
|
||||||
* Thu Aug 2 2018 Rob Crittenden <rcritten@redhat.com> - 0.79.6-2
|
* Wed May 22 2019 Rob Crittenden <rcritten@redhat.com> - 0.79.7-3
|
||||||
- Fix test failure on some platforms
|
- Add BuildRequires for krb5-devel, the buildroot changed.
|
||||||
|
|
||||||
* Wed Aug 1 2018 Rob Crittenden <rcritten@redhat.com> - 0.79.6-1
|
* Mon May 20 2019 Rob Crittenden <rcritten@redhat.com> - 0.79.7-2
|
||||||
|
- Move systemd tmpfiles from /var/run to /run (upstream #111)
|
||||||
|
- Change /var/run -> /run in systemd service file
|
||||||
|
|
||||||
|
* Mon Feb 18 2019 Rob Crittenden <rcritten@redhat.com> - 0.79.7-1
|
||||||
|
- Update to upstream 0.79.7
|
||||||
|
|
||||||
|
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.79.6-5
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Oct 4 2018 Rob Crittenden <rcritten@redhat.com> - 0.79.6-4
|
||||||
|
- Pull in upstream fixes discovered in coverity and clang.
|
||||||
|
|
||||||
|
* Mon Oct 1 2018 Rob Crittenden <rcritten@redhat.com> - 0.79.6-3
|
||||||
|
- Improve NSS token handling. The updated NSS crypto-policy enables all
|
||||||
|
tokens which broke requesting certificates due to the way that tokens
|
||||||
|
were managed.
|
||||||
|
|
||||||
|
* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.79.6-2
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||||
|
|
||||||
|
* Tue May 8 2018 Rob Crittenden <rcritten@redhat.com> - 0.79.6-1
|
||||||
- Update to upstream 0.79.6
|
- Update to upstream 0.79.6
|
||||||
- Fix unit tests to work with python 3
|
|
||||||
|
* Wed Mar 14 2018 Iryna Shcherbina <ishcherb@redhat.com> - 0.79.5-7
|
||||||
|
- Update Python 2 dependency declarations to new packaging standards
|
||||||
|
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
|
||||||
|
|
||||||
* Fri Feb 23 2018 Rob Crittenden <rcritten@redhat.com> 0.79.5-6
|
* Fri Feb 23 2018 Rob Crittenden <rcritten@redhat.com> 0.79.5-6
|
||||||
- Fix unit tests. NSS crypto policy disallows keys < 1024
|
- Fix unit tests. NSS crypto policy disallows keys < 1024
|
|
@ -0,0 +1,8 @@
|
||||||
|
# recipients: abokovoy, frenaud, kaleem, ftrivino
|
||||||
|
--- !Policy
|
||||||
|
product_versions:
|
||||||
|
- rhel-9
|
||||||
|
decision_context: osci_compose_gate
|
||||||
|
rules:
|
||||||
|
- !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}
|
||||||
|
- !PassingTestCaseRule {test_case_name: idm-ci.brew-build.tier1.functional}
|
|
@ -0,0 +1 @@
|
||||||
|
SHA512 (certmonger-0.79.17.tar.gz) = ed631cbfc0a757143af912549cecf65346994107f27651022ada8c70f0ed1bac7ee053a99b9a13290b844999710a3207aa0e7718428f3a3b6e5dd0d5db3a88a9
|
|
@ -0,0 +1 @@
|
||||||
|
1
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
standard-inventory-qcow2:
|
||||||
|
qemu:
|
||||||
|
m: 2G
|
|
@ -0,0 +1,18 @@
|
||||||
|
---
|
||||||
|
- hosts: localhost
|
||||||
|
tags: [ always ]
|
||||||
|
tasks:
|
||||||
|
- set_fact:
|
||||||
|
our_required_packages:
|
||||||
|
- wget # upstream-testsuite-execution-and-rebuild-test needs wget command
|
||||||
|
- yum-utils # upstream-testsuite-execution-and-rebuild-test needs yum-builddep command
|
||||||
|
- rpm-build # upstream-testsuite-execution-and-rebuild-test needs rpmbuild command
|
||||||
|
|
||||||
|
- hosts: localhost
|
||||||
|
tags:
|
||||||
|
- classic
|
||||||
|
roles:
|
||||||
|
- role: standard-test-beakerlib
|
||||||
|
tests:
|
||||||
|
- upstream-testsuite-execution-and-rebuild-test
|
||||||
|
required_packages: "{{ our_required_packages }}"
|
|
@ -0,0 +1,72 @@
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
#
|
||||||
|
# Makefile of /CoreOS/sudo/Sanity/upstream-testsuite-execution-and-rebuild-test
|
||||||
|
# Description: This test rebuild sudo source rpm and checks that rebuild is OK. The second - main - part is about upstream testsuite execution.
|
||||||
|
# Author: Ales Marecek <amarecek@redhat.com>
|
||||||
|
#
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
#
|
||||||
|
# Copyright (c) 2013 Red Hat, Inc. All rights reserved.
|
||||||
|
#
|
||||||
|
# This copyrighted material is made available to anyone wishing
|
||||||
|
# to use, modify, copy, or redistribute it subject to the terms
|
||||||
|
# and conditions of the GNU General Public License version 2.
|
||||||
|
#
|
||||||
|
# This program is distributed in the hope that it will be
|
||||||
|
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||||
|
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||||
|
# PURPOSE. See the GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public
|
||||||
|
# License along with this program; if not, write to the Free
|
||||||
|
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
|
||||||
|
# Boston, MA 02110-1301, USA.
|
||||||
|
#
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
#
|
||||||
|
# Based on sudo rebuild test
|
||||||
|
|
||||||
|
export TEST=/CoreOS/certmonger/Sanity/upstream-testsuite-execution-and-rebuild-test
|
||||||
|
export TESTVERSION=1.0
|
||||||
|
|
||||||
|
BUILT_FILES=
|
||||||
|
|
||||||
|
FILES=$(METADATA) runtest.sh Makefile PURPOSE
|
||||||
|
|
||||||
|
.PHONY: all install download clean
|
||||||
|
|
||||||
|
run: $(FILES) build
|
||||||
|
./runtest.sh
|
||||||
|
|
||||||
|
build: $(BUILT_FILES)
|
||||||
|
test -x runtest.sh || chmod a+x runtest.sh
|
||||||
|
|
||||||
|
clean:
|
||||||
|
rm -f *~ $(BUILT_FILES)
|
||||||
|
|
||||||
|
|
||||||
|
include /usr/share/rhts/lib/rhts-make.include
|
||||||
|
|
||||||
|
$(METADATA): Makefile
|
||||||
|
@echo "Owner: Rob Crittenden <rcritten@redhat.com>" > $(METADATA)
|
||||||
|
@echo "Name: $(TEST)" >> $(METADATA)
|
||||||
|
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||||
|
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||||
|
@echo "Description: This test rebuild sudo source rpm and checks that rebuild is OK. The second - main - part is about upstream testsuite execution." >> $(METADATA)
|
||||||
|
@echo "Type: Sanity" >> $(METADATA)
|
||||||
|
@echo "TestTime: 30m" >> $(METADATA)
|
||||||
|
@echo "RunFor: sudo" >> $(METADATA)
|
||||||
|
@echo "Requires: sudo" >> $(METADATA)
|
||||||
|
@echo "Requires: sed" >> $(METADATA)
|
||||||
|
@echo "Requires: grep" >> $(METADATA)
|
||||||
|
@echo "Requires: rpm-build" >> $(METADATA)
|
||||||
|
@echo "Requires: yum-utils" >> $(METADATA)
|
||||||
|
@echo "Requires: make" >> $(METADATA)
|
||||||
|
@echo "Requires: libcap-devel" >> $(METADATA)
|
||||||
|
@echo "Requires: audit-libs-devel" >> $(METADATA)
|
||||||
|
@echo "Priority: Normal" >> $(METADATA)
|
||||||
|
@echo "License: GPLv2" >> $(METADATA)
|
||||||
|
@echo "Confidential: no" >> $(METADATA)
|
||||||
|
@echo "Destructive: no" >> $(METADATA)
|
||||||
|
|
||||||
|
rhts-lint $(METADATA)
|
|
@ -0,0 +1,3 @@
|
||||||
|
PURPOSE of /CoreOS/certmonger/Sanity/upstream-testsuite-execution-and-rebuild-test
|
||||||
|
Description: This test rebuild certmonger source rpm and checks that rebuild is OK. The second - main - part is about upstream testsuite execution.
|
||||||
|
Author: Rob Crittenden <rcritten@redhat.com>
|
|
@ -0,0 +1,82 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
#
|
||||||
|
# runtest.sh of /CoreOS/sudo/Sanity/upstream-testsuite-execution-and-rebuild-test
|
||||||
|
# Description: This test rebuild sudo source rpm and checks that rebuild is OK. The second - main - part is about upstream testsuite execution.
|
||||||
|
# Author: Ales Marecek <amarecek@redhat.com>
|
||||||
|
#
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
#
|
||||||
|
# Copyright (c) 2013 Red Hat, Inc. All rights reserved.
|
||||||
|
#
|
||||||
|
# This copyrighted material is made available to anyone wishing
|
||||||
|
# to use, modify, copy, or redistribute it subject to the terms
|
||||||
|
# and conditions of the GNU General Public License version 2.
|
||||||
|
#
|
||||||
|
# This program is distributed in the hope that it will be
|
||||||
|
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||||
|
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||||
|
# PURPOSE. See the GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public
|
||||||
|
# License along with this program; if not, write to the Free
|
||||||
|
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
|
||||||
|
# Boston, MA 02110-1301, USA.
|
||||||
|
#
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
# Based on sudo rebuild test
|
||||||
|
|
||||||
|
# Include Beaker environment
|
||||||
|
. /usr/bin/rhts-environment.sh || exit 1
|
||||||
|
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||||
|
|
||||||
|
PACKAGE="certmonger"
|
||||||
|
_SPEC_DIR="$(rpm --eval=%_specdir)"
|
||||||
|
_BUILD_DIR="$(rpm --eval=%_builddir)"
|
||||||
|
_LOG_REBUILD_F="${PACKAGE}-rebuild.log"
|
||||||
|
_LOG_TESTSUITE_F="${PACKAGE}-testsuite.log"
|
||||||
|
|
||||||
|
|
||||||
|
rlJournalStart
|
||||||
|
rlPhaseStartSetup
|
||||||
|
rlAssertRpm $PACKAGE
|
||||||
|
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
|
||||||
|
rlRun "pushd $TmpDir"
|
||||||
|
# Source package is needed for code inspection
|
||||||
|
rlFetchSrcForInstalled "${PACKAGE}" || yumdownloader --source "${PACKAGE}"
|
||||||
|
rlRun "find . -size 0 -delete" 0 "Remove empty src.rpm-s"
|
||||||
|
rlRun "yum-builddep -y --nogpgcheck ${PACKAGE}-*.src.rpm" 0 "Installing build dependencies"
|
||||||
|
[ -d ${_BUILD_DIR} ] && rlRun "rm -rf ${_BUILD_DIR}/*" 0 "Cleaning build directory"
|
||||||
|
rlRun "rpm -ivh ${PACKAGE}-*.src.rpm" 0 "Installing source rpm"
|
||||||
|
rlPhaseEnd
|
||||||
|
|
||||||
|
rlPhaseStartTest
|
||||||
|
rlRun "QA_RPATHS=0x0002 rpmbuild -ba ${_SPEC_DIR}/${PACKAGE}.spec" 0 "Test: Rebuild of source '${PACKAGE}' package"
|
||||||
|
rlGetPhaseState
|
||||||
|
if [ $? -eq 0 ]; then
|
||||||
|
cd ${_BUILD_DIR}/${PACKAGE}-*
|
||||||
|
rlRun -s "make check" 0 "Test: Upstream testsuite"
|
||||||
|
cd ${TmpDir}
|
||||||
|
while read -r I; do
|
||||||
|
if [[ "$I" =~ $(echo '([^:]+): .+ tests run, .+ errors, (.*)% success rate') ]]; then
|
||||||
|
[[ "${BASH_REMATCH[2]}" == "100" ]]
|
||||||
|
rlAssert0 "Test: Checking tests of '${BASH_REMATCH[1]}'" $?
|
||||||
|
elif [[ "$I" =~ $(echo "([^:]+): .+ tests passed; (.+)/.+ tests failed") ]]; then
|
||||||
|
[[ "${BASH_REMATCH[2]}" == "0" ]]
|
||||||
|
rlAssert0 "Test: Checking tests of '${BASH_REMATCH[1]}'" $?
|
||||||
|
fi
|
||||||
|
done < $rlRun_LOG
|
||||||
|
rm -f $rlRun_LOG
|
||||||
|
else
|
||||||
|
rlFail "Skipping testsuite part because rebuild part failed."
|
||||||
|
fi
|
||||||
|
rlPhaseEnd
|
||||||
|
|
||||||
|
rlPhaseStartCleanup
|
||||||
|
rlRun "popd"
|
||||||
|
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
|
||||||
|
rlPhaseEnd
|
||||||
|
rlJournalPrintText
|
||||||
|
rlJournalEnd
|
Loading…
Reference in New Issue