import pki-core-11.0.0-1.el9

2021-12-07 13:13:40 -05:00 · 2021-12-07 13:13:40 -05:00 · 07726438f8
parent 6eb1a207af
commit 07726438f8
5 changed files with 15 additions and 111 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/pki-11.0.0-beta1.tar.gz
+SOURCES/pki-11.0.0.tar.gz
--- a/.pki-core.metadata
+++ b/.pki-core.metadata
@ -1 +1 @@
-16b25f34cfa3690f5f2601a0be841586ca410b75 SOURCES/pki-11.0.0-beta1.tar.gz
+03cef69c6bd54977770ecdd0f95e693a2e635601 SOURCES/pki-11.0.0.tar.gz
--- a/SOURCES/0001-Fix-Bug-2001576-pki-instance-creation-fails-for-IPA-.patch
+++ b/SOURCES/0001-Fix-Bug-2001576-pki-instance-creation-fails-for-IPA-.patch
@ -1,70 +0,0 @@
-From 1a7e9b493fc3cfbbd74ab9009fa840c5dcb55c8c Mon Sep 17 00:00:00 2001
-From: jmagne <jmagne@redhat.com>
-Date: Thu, 16 Sep 2021 15:48:37 -0700
-Subject: [PATCH] Fix Bug 2001576 - pki instance creation fails for IPA server
- in FIPS mode (RHEL-8.5) (#3742)
-
-It looks like this is an issue in FIPS mode because when we restart the subsystem, there is a pki command
-that runs before the server runs. In order for this command to succeed, we must alter the python script that
-runs pki commands to add the following switch to turn off fips mode in java: "-Dcom.redhat.fips=false".
-
-This allows the JSS proivder to be selected instead of a differnt one which doesn't work for us, when we are in
-fips mode.
---
- base/common/python/pki/cli/main.py | 11 ++++++++++-
- base/common/share/etc/pki.conf     | 10 ++++++++++
- 2 files changed, 20 insertions(+), 1 deletion(-)
-
-diff --git a/base/common/python/pki/cli/main.py b/base/common/python/pki/cli/main.py
-index b0ae6c6fc..bc215aaa4 100644
--- a/base/common/python/pki/cli/main.py
-+++ b/base/common/python/pki/cli/main.py
-@@ -98,6 +98,7 @@ class PKICLI(pki.cli.CLI):
- 
-         java_path = os.getenv('PKI_JAVA_PATH')
-         java_home = os.getenv('JAVA_HOME')
-+        java_fips_cmd = os.getenv('JAVA_FIPS_ENABLED')
-         pki_lib = os.getenv('PKI_LIB')
-         logging_config = os.getenv('PKI_LOGGING_CONFIG')
- 
-@@ -113,7 +114,15 @@ class PKICLI(pki.cli.CLI):
-             cmd.extend(['/usr/bin/env', 'java'])
- 
-         cmd.extend([
-            '-cp', pki_lib + '/*',
-+            '-cp', pki_lib + '/*'
-+        ])
-+
-+        if java_fips_cmd is not None:
-+            cmd.extend([
-+                java_fips_cmd
-+            ])
-+
-+        cmd.extend([
-             '-Djava.util.logging.config.file=' + logging_config,
-             'com.netscape.cmstools.cli.MainCLI'
-         ])
-diff --git a/base/common/share/etc/pki.conf b/base/common/share/etc/pki.conf
-index 17615b042..fd40ece3b 100644
--- a/base/common/share/etc/pki.conf
-+++ b/base/common/share/etc/pki.conf
-@@ -14,6 +14,16 @@ export JAVA_HOME
- PKI_JAVA_PATH=${PKI_JAVA_PATH}
- export PKI_JAVA_PATH
- 
-+# JVM options
-+#
-+# Command switch we want to tell java to observer fips mode
-+# For the moment we want this to be false even if we really are
-+# in fips mode, because we want the jss prover instead of the sun
-+# fips provider to be selected.
-+JAVA_FIPS_ENABLED="-Dcom.redhat.fips=false" # Disable FIPS mode
-+
-+export JAVA_FIPS_ENABLED
-+
- # JNI jar file location
- JNI_JAR_DIR=/usr/lib/java
- export JNI_JAR_DIR
-- 
-2.31.1
-
--- a/SOURCES/0002-Fix-Bug-2001576-pki-instance-creation-fails-for-IPA-.patch
+++ b/SOURCES/0002-Fix-Bug-2001576-pki-instance-creation-fails-for-IPA-.patch
@ -1,26 +0,0 @@
-From 115778bf20812b271c81f19806332f14151dcb7d Mon Sep 17 00:00:00 2001
-From: Jack Magne <jmagne@redhat.com>
-Date: Thu, 23 Sep 2021 13:50:41 -0400
-Subject: [PATCH] Fix Bug 2001576 - pki instance creation fails for IPA server
- in FIPS mode (RHEL-8.5). Additional fix to this issue to account for our
- standalone java tools.
-
---
- base/tools/templates/pki_java_command_wrapper.in | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/base/tools/templates/pki_java_command_wrapper.in b/base/tools/templates/pki_java_command_wrapper.in
-index 05650630d4..d68ed93a30 100644
--- a/base/tools/templates/pki_java_command_wrapper.in
-+++ b/base/tools/templates/pki_java_command_wrapper.in
-@@ -90,6 +90,7 @@ JAVA_OPTIONS=""
- 
- ${JAVA} ${JAVA_OPTIONS} \
-   -cp "${PKI_LIB}/*" \
-+  -Dcom.redhat.fips=false \
-   -Djava.util.logging.config.file=${PKI_LOGGING_CONFIG} \
-   com.netscape.cmstools.${COMMAND} "$@"
- 
-- 
-2.31.1
-
--- a/SPECS/pki-core.spec
+++ b/SPECS/pki-core.spec
@ -16,8 +16,8 @@ License:          GPLv2 and LGPLv2
 # For development (i.e. unsupported) releases, use x.y.z-0.n.<phase>.
 # For official (i.e. supported) releases, use x.y.z-r where r >=1.
 Version:          11.0.0
-Release:          0.6.beta1%{?_timestamp}%{?_commit_id}%{?dist}
-%global           _phase -beta1
+Release:          1%{?_timestamp}%{?_commit_id}%{?dist}
+#global           _phase -alpha1

 # To create a tarball from a version tag:
 # $ git archive \
@ -34,9 +34,6 @@ Source: https://github.com/dogtagpki/pki/archive/v%{version}%{?_phase}/pki-%{ver
 #     > pki-VERSION-RELEASE.patch
 # Patch: pki-VERSION-RELEASE.patch

-Patch1: 0001-Fix-Bug-2001576-pki-instance-creation-fails-for-IPA-.patch
-Patch2: 0002-Fix-Bug-2001576-pki-instance-creation-fails-for-IPA-.patch
-
 # md2man isn't available on i686. Additionally, we aren't generally multi-lib
 # compatible (https://fedoraproject.org/wiki/Packaging:Java)
 # so dropping i686 everywhere but RHEL-8 (which we've already shipped) seems
@ -176,7 +173,6 @@ BuildRequires:    apache-commons-io
 BuildRequires:    apache-commons-lang3 >= 3.2
 BuildRequires:    apache-commons-logging
 BuildRequires:    apache-commons-net
-BuildRequires:    glassfish-jaxb-api
 BuildRequires:    slf4j
 BuildRequires:    slf4j-jdk14
 BuildRequires:    nspr-devel
@ -391,9 +387,6 @@ Requires:         python3-ldap
 Requires:         python3-lxml
 Requires:         python3-requests >= 2.6.0
 Requires:         python3-six
-%if 0%{?rhel} < 9 || 0%{?fedora} < 34
-Recommends:       python3-nss
-%endif

 %description -n   python3-%{product_id}
 This package provides common and client library for Python 3.
@ -415,7 +408,6 @@ Requires:         apache-commons-io
 Requires:         apache-commons-lang3 >= 3.2
 Requires:         apache-commons-logging
 Requires:         apache-commons-net
-Requires:         glassfish-jaxb-api
 Requires:         slf4j
 Requires:         slf4j-jdk14
 Requires:         jpackage-utils >= 0:1.7.5-10
@ -1377,16 +1369,24 @@ fi

 ################################################################################
 %changelog
-* Fri Sep 24 2021 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.0.0-0.6.beta1
+* Tue Oct 05 2021 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.0.0-1
+- Rebase to PKI 11.0.0
+
+* Thu Sep 30 2021 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.0.0-0.6.beta1
+- Rebase to PKI 11.0.0-beta1
 - Bug #1999052 - pki instance creation fails for IPA server

-* Tue Sep 21 2021 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.0.0-0.5.beta1
- Rebase to PKI 11.0.0-beta1
+* Thu Sep 09 2021 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.0.0-0.5.alpha1
+- Drop BuildRequires and Requires on glassfish-jaxb-api and jaxb-impl
+  Resolves #2002594

 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 11.0.0-0.4.alpha1
 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
  Related: rhbz#1991688

+* Tue May 18 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 10.11.0-0.1
+- Rebase to PKI 10.11.0-alpha1
+
 * Thu Jul  1 2021 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.0.0-0.3
 - Drop sudo dependency