rpms
/
pki-core
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import pki-core-10.11.2-2.module+el8.5.0+12735+8eb38ccc

This commit is contained in:
CentOS Sources 2021-09-30 01:27:51 +00:00 committed by Stepan
parent 4cc4c7ad5e
commit 05edc6b5d1
5 changed files with 37 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/pki-10.11.0.tar.gz
SOURCES/pki-10.11.2.tar.gz

2
.pki-core.metadata
View File

@ -1 +1 @@
f125333c7e88d7aae11f51527681018319bba19c SOURCES/pki-10.11.0.tar.gz
864e86742b5462527a677c060d5b3b1d0f11b299 SOURCES/pki-10.11.2.tar.gz

30
SOURCES/0001-Bug-1992337-Double-issuance-of-non-CA-subsystem-cert.patch
View File

@ -1,30 +0,0 @@
From 63cf2895f5d5a37bb09f3e889b8584b0bb0dce06 Mon Sep 17 00:00:00 2001
From: Christina Fu <cfu@redhat.com>
Date: Wed, 11 Aug 2021 09:19:59 -0700
Subject: [PATCH] Bug 1992337 - Double issuance of non-CA subsystem certs at
installation
This patch removes an extra profile.submit() call that was accidentally left
off during manual cherry-picking of another bug (1905374):
commit 8e78a2b912e7c3bd015e4da1f1630d0f35145104 (HEAD -> DOGTAG_10_5_BRANCH, origin/DOGTAG_10_5_BRANCH)
fixes https://bugzilla.redhat.com/show_bug.cgi?id=1905374
---
.../main/java/com/netscape/cms/servlet/cert/CertProcessor.java | 1 -
1 file changed, 1 deletion(-)
diff --git a/base/ca/src/main/java/com/netscape/cms/servlet/cert/CertProcessor.java b/base/ca/src/main/java/com/netscape/cms/servlet/cert/CertProcessor.java
index a5626d032..849d6b368 100644
--- a/base/ca/src/main/java/com/netscape/cms/servlet/cert/CertProcessor.java
+++ b/base/ca/src/main/java/com/netscape/cms/servlet/cert/CertProcessor.java
@@ -250,7 +250,6 @@ public class CertProcessor extends CAProcessor {
logger.info("CertProcessor: Submitting certificate request to " + profile.getId() + " profile");
- profile.submit(authToken, req);
profile.submit(authToken, req, explicitApprovalRequired);
req.setRequestStatus(RequestStatus.COMPLETE);
--
2.31.1

26
SOURCES/0001-Fix-Bug-2001576-pki-instance-creation-fails-for-IPA-.patch Normal file
View File

@ -0,0 +1,26 @@
From 607300e57ea05a1475656f1493745f7c7a28b747 Mon Sep 17 00:00:00 2001
From: Jack Magne <jmagne@redhat.com>
Date: Thu, 23 Sep 2021 13:50:41 -0400
Subject: [PATCH] Fix Bug 2001576 - pki instance creation fails for IPA server
in FIPS mode (RHEL-8.5). Additional fix to this issue to account for our
standalone java tools.
---
base/tools/templates/pki_java_command_wrapper.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/base/tools/templates/pki_java_command_wrapper.in b/base/tools/templates/pki_java_command_wrapper.in
index 05650630d..d68ed93a3 100644
--- a/base/tools/templates/pki_java_command_wrapper.in
+++ b/base/tools/templates/pki_java_command_wrapper.in
@@ -90,6 +90,7 @@ JAVA_OPTIONS=""
${JAVA} ${JAVA_OPTIONS} \
-cp "${PKI_LIB}/*" \
+ -Dcom.redhat.fips=false \
-Djava.util.logging.config.file=${PKI_LOGGING_CONFIG} \
com.netscape.cmstools.${COMMAND} "$@"
--
2.31.1

11
SPECS/pki-core.spec
View File

@ -12,7 +12,7 @@ License: GPLv2 and LGPLv2
# For development (i.e. unsupported) releases, use x.y.z-0.n.<phase>.
# For official (i.e. supported) releases, use x.y.z-r where r >=1.
Version: 10.11.0
Version: 10.11.2
Release: 2%{?_timestamp}%{?_commit_id}%{?dist}
#global _phase -alpha1
@ -30,7 +30,7 @@ Source: https://github.com/dogtagpki/pki/archive/v%{version}%{?_phase}/pki-%{ver
# <version tag> \
# > pki-VERSION-RELEASE.patch
# Patch: pki-VERSION-RELEASE.patch
Patch1: 0001-Bug-1992337-Double-issuance-of-non-CA-subsystem-cert.patch
Patch1: 0001-Fix-Bug-2001576-pki-instance-creation-fails-for-IPA-.patch
# md2man isn't available on i686. Additionally, we aren't generally multi-lib
# compatible (https://fedoraproject.org/wiki/Packaging:Java)
@ -1091,6 +1091,7 @@ fi
%license base/tools/LICENSE
%doc base/tools/doc/README
%{_bindir}/p7tool
%{_bindir}/p12tool
%{_bindir}/pistool
%{_bindir}/pki
%{_bindir}/revoker
@ -1362,6 +1363,12 @@ fi
################################################################################
%changelog
* Fri Sep 24 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 10.11.2-2
- Bug 2001576 - pki instance creation fails for IPA in FIPS mode
* Fri Sep 17 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 10.11.2-1
- Rebase to PKI 10.11.2
* Thu Aug 12 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 10.11.0-2
- Bug 1992337 - Double issuance of non-CA subsystem certs at installation