Import rpm: 4403c5590caf33848b96f43bb37d9572f9b693c2

.gitignore

@@ -0,0 +1 @@
+SOURCES/tomcatjss-7.7.1.tar.gz

copr-build.sh

@@ -0,0 +1,9 @@
+#!/bin/sh
+
+REPO=$1
+
+if [ "$REPO" == "" ]; then
+    REPO="pki-10.6"
+fi
+
+fedpkg copr-build --nowait $REPO

gating.yaml

@@ -0,0 +1,7 @@
+# recipients: rhcs-team
+--- !Policy
+product_versions:
+  - rhel-9
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}

sources

@@ -0,0 +1 @@
+SHA1 (tomcatjss-7.7.1.tar.gz) = a57bb5294890c2ddb5e62eb1e9c316d5deb95794

sources-update.sh

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+SOURCE=$1
+TARGET=`basename $1`
+
+cp $SOURCE $TARGET
+sha512sum --tag $TARGET > sources

tests/roles/Test_Setup/files/ca.cfg

@@ -0,0 +1,25 @@
+[DEFAULT]
+pki_server_database_password=Secret.123
+
+[CA]
+pki_admin_email=caadmin@example.com
+pki_admin_name=caadmin
+pki_admin_nickname=caadmin
+pki_admin_password=Secret.123
+pki_admin_uid=caadmin
+
+pki_client_database_password=Secret.123
+pki_client_database_purge=False
+pki_client_pkcs12_password=Secret.123
+
+pki_ds_base_dn=dc=ca,dc=pki,dc=example,dc=com
+pki_ds_database=ca
+pki_ds_password=Secret.123
+
+pki_security_domain_name=EXAMPLE
+
+pki_ca_signing_nickname=ca_signing
+pki_ocsp_signing_nickname=ca_ocsp_signing
+pki_audit_signing_nickname=ca_audit_signing
+pki_sslserver_nickname=sslserver
+pki_subsystem_nickname=subsystem

tests/roles/Test_Setup/files/ds-create.sh

@@ -0,0 +1,24 @@
+#!/bin/bash -ex
+
+# This command needs to be executed as it pulls the machine name
+# dynamically.
+dscreate create-template /tmp/test_dir/ds.inf
+
+sed -i \
+    -e "s/;instance_name = .*/instance_name = localhost/g" \
+    -e "s/;root_password = .*/root_password = Secret.123/g" \
+    -e "s/;suffix = .*/suffix = dc=example,dc=com/g" \
+    -e "s/;self_sign_cert = .*/self_sign_cert = False/g" \
+    /tmp/test_dir/ds.inf
+
+dscreate from-file /tmp/test_dir/ds.inf
+
+ldapadd -h $HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 << EOF
+dn: dc=example,dc=com
+objectClass: domain
+dc: example
+
+dn: dc=pki,dc=example,dc=com
+objectClass: domain
+dc: pki
+EOF

tests/roles/Test_Setup/files/kra.cfg

@@ -0,0 +1,27 @@
+[DEFAULT]
+pki_server_database_password=Secret.123
+
+[KRA]
+pki_admin_email=kraadmin@example.com
+pki_admin_name=kraadmin
+pki_admin_nickname=kraadmin
+pki_admin_password=Secret.123
+pki_admin_uid=kraadmin
+
+pki_client_database_password=Secret.123
+pki_client_database_purge=False
+pki_client_pkcs12_password=Secret.123
+
+pki_ds_base_dn=dc=kra,dc=pki,dc=example,dc=com
+pki_ds_database=kra
+pki_ds_password=Secret.123
+
+pki_security_domain_name=EXAMPLE
+pki_security_domain_user=caadmin
+pki_security_domain_password=Secret.123
+
+pki_storage_nickname=kra_storage
+pki_transport_nickname=kra_transport
+pki_audit_signing_nickname=kra_audit_signing
+pki_sslserver_nickname=sslserver
+pki_subsystem_nickname=subsystem

tests/roles/Test_Setup/tasks/main.yml

@@ -0,0 +1,26 @@
+---
+
+- name: Install tomcatjss
+  dnf:
+    name: >
+      tomcatjss
+
+- name: Install required packages
+  dnf:
+    name: >
+      389-ds-base, pki-ca, pki-kra
+
+- name: Creates directory
+  file: path=/tmp/test_files state=directory
+
+- name: Copying templates to /tmp folder
+  copy : src=.  dest=/tmp/test_dir
+
+- name: Setup DS Service
+  shell: sh /tmp/test_dir/ds-create.sh
+
+- name: Install CA subsystem
+  shell: pkispawn -f /tmp/test_dir/ca.cfg -s CA -v
+
+- name: Install KRA subsystem
+  shell: pkispawn -f /tmp/test_dir/kra.cfg -s KRA -v

tests/tests.yml

@@ -0,0 +1,30 @@
+- hosts: localhost
+  remote_user: root
+  tags:
+    - classic
+  roles:
+  - role: Test_Setup
+  - role: standard-test-basic
+    tests:
+    - verify_spawn_ca:
+        dir: .
+        run: "curl http://localhost:8080/ca/admin/ca/getStatus | grep '<Status>running</Status>'"
+    - verify_spawn_kra:
+        dir: .
+        run: "curl http://localhost:8080/kra/admin/kra/getStatus | grep '<Status>running</Status>'"
+    - destroy_kra:
+        dir: .
+        run: "pkidestroy -i pki-tomcat -s KRA && sleep 5"
+    - verify_destroy_kra:
+        dir: .
+        run: "curl http://localhost:8080/kra/admin/kra/getStatus | grep 'HTTP Status 404'"
+    - destroy_ca:
+        dir: .
+        run: "pkidestroy -i pki-tomcat -s CA"
+    - verify_destroy_ca:
+        dir: .
+        run: "curl http://localhost:8080/ca/admin/ca/getStatus  &> testfile.log || true && grep 'Connection refused' testfile.log"
+    required_packages:
+    - tomcatjss
+    - pki-ca
+    - pki-kra

tomcatjss.spec

@@ -0,0 +1,212 @@
+################################################################################
+Name:             tomcatjss
+################################################################################
+
+Summary:          JSS Connector for Apache Tomcat
+URL:              http://www.dogtagpki.org/wiki/TomcatJSS
+License:          LGPLv2+
+BuildArch:        noarch
+
+# For development (i.e. unsupported) releases, use x.y.z-0.n.<phase>.
+# For official (i.e. supported) releases, use x.y.z-r where r >=1.
+Version:          7.7.1
+Release:          1%{?_timestamp}%{?_commit_id}%{?dist}
+#global           _phase -alpha1
+
+# To generate the source tarball:
+# $ git clone https://github.com/dogtagpki/tomcatjss.git
+# $ cd tomcatjss
+# $ git archive \
+#     --format=tar.gz \
+#     --prefix tomcatjss-VERSION/ \
+#     -o tomcatjss-VERSION.tar.gz \
+#     <version tag>
+Source:           https://github.com/dogtagpki/tomcatjss/archive/v%{version}%{?_phase}/tomcatjss-%{version}%{?_phase}.tar.gz
+
+# To create a patch for all changes since a version tag:
+# $ git format-patch \
+#     --stdout \
+#     <version tag> \
+#     > tomcatjss-VERSION-RELEASE.patch
+# Patch: tomcatjss-VERSION-RELEASE.patch
+
+################################################################################
+# Java
+################################################################################
+
+%if 0%{?fedora} && 0%{?fedora} <= 32 || 0%{?rhel} && 0%{?rhel} <= 8
+%define java_devel java-1.8.0-openjdk-devel
+%define java_headless java-1.8.0-openjdk-headless
+%define java_home /usr/lib/jvm/jre-1.8.0-openjdk
+%else
+%define java_devel java-11-openjdk-devel
+%define java_headless java-11-openjdk-headless
+%define java_home /usr/lib/jvm/jre-11-openjdk
+%endif
+
+################################################################################
+# Build Dependencies
+################################################################################
+
+# jpackage-utils requires versioning to meet both build and runtime requirements
+# jss requires versioning to meet both build and runtime requirements
+# tomcat requires versioning to meet both build and runtime requirements
+
+# Java
+BuildRequires:    ant
+BuildRequires:    apache-commons-lang3
+BuildRequires:    %{java_devel}
+BuildRequires:    jpackage-utils >= 0:1.7.5-15
+
+# SLF4J
+BuildRequires:    slf4j
+BuildRequires:    slf4j-jdk14
+
+# JSS
+BuildRequires:    jss >= 4.9.0, jss < 5.0.0
+
+# Tomcat
+%if 0%{?rhel} && ! 0%{?eln}
+BuildRequires:    pki-servlet-engine >= 1:9.0.7
+%else
+BuildRequires:    tomcat >= 1:9.0.7
+%endif
+
+################################################################################
+# Runtime Dependencies
+################################################################################
+
+# Java
+Requires:         apache-commons-lang3
+Requires:         %{java_headless}
+Requires:         jpackage-utils >= 0:1.7.5-15
+
+# SLF4J
+Requires:         slf4j
+Requires:         slf4j-jdk14
+
+# JSS
+Requires:         jss >= 4.9.0, jss < 5.0.0
+
+# Tomcat
+%if 0%{?rhel} && ! 0%{?eln}
+Requires:         pki-servlet-engine >= 1:9.0.7
+%else
+Requires:         tomcat >= 1:9.0.7
+%endif
+
+# PKI
+Conflicts:        pki-base < 10.10.0
+
+
+%if 0%{?rhel}
+# For EPEL, override the '_sharedstatedir' macro on RHEL
+%define           _sharedstatedir    /var/lib
+%endif
+
+%description
+JSS Connector for Apache Tomcat, installed via the tomcatjss package,
+is a Java Secure Socket Extension (JSSE) module for Apache Tomcat that
+uses Java Security Services (JSS), a Java interface to Network Security
+Services (NSS).
+
+################################################################################
+%prep
+################################################################################
+
+%autosetup -n tomcatjss-%{version}%{?_phase} -p 1
+
+################################################################################
+%install
+################################################################################
+
+# get Tomcat <major>.<minor> version number
+tomcat_version=`/usr/sbin/tomcat version | sed -n 's/Server number: *\([0-9]\+\.[0-9]\+\).*/\1/p'`
+app_server=tomcat-$tomcat_version
+
+ant -f build.xml \
+    -Dversion=%{version} \
+    -Dsrc.dir=$app_server \
+    -Djnidir=%{_jnidir} \
+    -Dinstall.doc.dir=%{buildroot}%{_docdir}/%{name} \
+    -Dinstall.jar.dir=%{buildroot}%{_javadir} \
+    install
+
+################################################################################
+%files
+################################################################################
+
+%license LICENSE
+
+%defattr(-,root,root)
+%doc README
+%doc LICENSE
+%{_javadir}/*
+
+################################################################################
+%changelog
+* Mon Nov 15 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 7.7.1-1
+- Rebase to TomcatJSS 7.7.1
+
+* Mon Jul 26 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 7.7.0-1
+- Rebase to TomcatJSS 7.7.0
+
+* Fri Jun 11 2021 Red Hat PKI Team <rhcs-maint@redhat.com> 7.7.0-0.1
+- Rebase to TomcatJSS 7.7.0-alpha1
+
+* Tue Nov 17 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 7.6.1-1
+- Rebase to TomcatJSS 7.6.1
+
+* Wed Oct 28 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 7.6.0-2
+- Bump dependency to JSS 4.8.0
+- Remove unsupported platforms
+
+* Tue Oct 20 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 7.6.0-1
+- Rebase to TomcatJSS 7.6.0
+
+* Thu Jul 09 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 7.5.0-1
+- Rebase to TomcatJSS 7.5.0
+
+* Thu Jun 25 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 7.5.0-0.2
+- Rebase to TomcatJSS 7.5.0-a2
+
+* Tue May 26 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 7.5.0-0.1
+- Rebase to TomcatJSS 7.5.0-a1
+
+* Thu Oct 31 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 7.4.1-2
+- Bump dependency to JSS 4.6.0
+
+* Wed Jun 12 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 7.4.1-1
+- Rebase to TomcatJSS 7.4.1
+
+* Wed Apr 24 2019 Red Hat PKI Team <rhcs-maint@redhat.com> 7.4.0-1
+- Rebase to TomcatJSS 7.4.0
+
+* Fri Oct 05 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 7.3.6-1
+- Rebase to TomcatJSS 7.3.6
+
+* Mon Aug 13 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 7.3.5-1
+- Rebase to TomcatJSS 7.3.5
+
+* Tue Aug 07 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 7.3.4-1
+- Rebase to TomcatJSS 7.3.4
+
+* Tue Aug 07 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 7.3.3-2
+- Red Hat Bugzilla #1612063 - Do not override system crypto policy (support TLS 1.3)
+
+* Fri Jul 20 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 7.3.3-1
+- Rebase to TomcatJSS 7.3.3
+
+* Thu Jul 05 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 7.3.2-1
+- Rebase to TomcatJSS 7.3.2
+
+* Fri Jun 15 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 7.3.1-1
+- Fix Tomcat dependencies
+- Rebase to TomcatJSS 7.3.1
+
+* Thu Apr 12 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 7.3.0-1
+- Clean up spec file
+- Rebase to TomcatJSS 7.3.0 final
+
+* Thu Mar 15 2018 Red Hat PKI Team <rhcs-maint@redhat.com> 7.3.0-0.2
+- Rebase to TomcatJSS 7.3.0 beta