[Pkg-freeipa-devel] certmonger: Changes to 'refs/tags/debian/0.78.4-1'
Timo Aaltonen
tjaalton at moszumanska.debian.org
Sun Aug 16 08:08:09 UTC 2015
Tag 'debian/0.78.4-1' created by Timo Aaltonen <tjaalton at debian.org> at 2015-08-16 08:02 +0000
tagging package certmonger version debian/0.78.4-1
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJV0EOSAAoJEMtwMWWoiYTcq6EP/jNtq62vBQMfzyduFF1lew/e
NUmADs22LkgzS21TqvY+PQro50tLqJMkwOsBiEqGbjW51sBJHIXuTnaco6gGIfHu
mVbTdddLGDGEEQ9zKftEYhX4Zq1sdS7a+oucfK7GWJlnfH6v/tGosshN+KO3ah+S
/tnOjhDokx2j/yViCQ1e5cIHT08tUXFLhrFQk3LtJk2mAk61v+99RL+E6QTs69cg
znN2+VwZHEGPP5ya/nrxBdWyYCayF8OwVVPlGvUtb7kkmyrbpLMJbhcpTHpFtq6J
na3avtOJYAKnTfzBhNlHKTcTbD8WY4IJt/6ZvEzcLjXIOwW5zHn0j4tDFwnuq1af
8EQZplSY4lcETL1fgmlECl+i49znxprKeNyYZ2mwBthNF1eLMYDmxDS35BY03ps+
7gj4ENwcFgM+CKSAQKCn5c81qDnhxFlepHV7kK6HsYcptheyoV9qeLRfw0CxkBBr
D860/6y4SQHyzQZyHpMZPmDH/gdyX6JWcaf4MAKRuFrEragyWVSmr7pKwdElElS/
A4l+1Z4Tf/OjG7aYe6hg+JTYl1irBLpcIQ1HNWaKNtODbq4XHN5P5jCwhQhDUQuF
psTKKmNnMPgpFoBWMA+nKWMigWIgiNuaf+ZOYHB2EhN+FcQ4GBg1F96TkbyDNICD
SfdjiiSgoNx7eBQ7Xyr+
=vzqt
-----END PGP SIGNATURE-----
Changes since debian/0.75.14-4:
David Kupka (1):
Retrieve string value from DBus property interface reply correctly.
Jan Cholasta (1):
Allow overriding parameter values in Dogtag request approval
Nalin Dahyabhai (438):
getcert status: fix a crash with no request
Up the minimum poll time from 30m to 60m
Loosen name matching for property names
First pass at private server mode
Rename bus "other" to "private", fix connecting
Avoid closing stdio on gating commands
Reset watch handlers after handling them
Refactor bus/listener setup and reconnection logic
Ignore "private" requests from other users
Make it possible to specify the listener socket
Fixup copy/paste errors in help output
Default to a briefer default help message
Add a fallback mode to getcert -S
Pass verbose level in as certmonger -d level
Reset signal handlers for the gate command
Include the helper command in log messages
Document certmonger's -L/-l/-P options
Document that CERTMONGER_PVT_ADDRESS matters
Also use a lock in system mode
Make we'll launch a temporary daemon clearer
Finish a comment
tag 0.76
Updated translations
Minor tweaks to help debug listener mode better
Let people specify abstract locations, too
tag 0.76.1
Note the UID has to match when describing -l/-L clients
Change priorities of XXX_uri/host/server settings
Adjust whitespace
Use SRV lookups to locate IPA's LDAP server
IPA: prefer specified URIs over configured server
Factor out submit/poll and fetch-roots
Factor out locate-directory-server logic
Factor out find-default-naming-context
Add missing newlines for error messages
Fix some error handling code
Add some missing initializers
Add missing #includes
Use discovery for XMLRPC servers, too
Detect support for resolving SRV records
Clean up status messages for init system data
Update translations
Finish conditionalizing SRV support
tag 0.76.2
Update translations
Add a notify case for saved-but-CA-not-saved
Rename the SRV test program
Save CA certs *before* running post-save hooks
This is done: we have a "local" signer now
Add some missing cases
Split off a generic dogtag-submit helper
Remove unused dogtag_version port-guessing
Only error out on missing -A when it's an error
Describe the "local" signer in getting-started.txt
Don't forget to mention $CERTMONGER_CA_PROFILE
Fix a pile of argument-order errors
Fix a static analysis warning initializing keygen
Fix some static analysis leaks
Handle IDN when doing service location
Fix build errors created by the previous commit
tag 0.76.3
Update translations
Update for previous changes to dparse
tag 0.76.4
Call _exit() instead of exit() in canalyze
tag 0.76.5
Call _exit() instead of exit() on OOM in CA save
Avoid exit() hooks on normal subproc exit
Remove leftover code forcing SRV priority to 50
Fix compiling without OpenSSL
tag 0.76.6
Update translations
Fix another pair of memory leaks in the IPA helper
Fix reporting of CA not-valid-after times
tag 0.76.7
Update translations
Set a CM_DELAY_CA_POLL_MAXIMUM
Replace a hard-coded value with the macro
Correct a comment
Abort FETCH-ROOTS if there's no IPA domain
Handle the IPA-not-configured case correctly
Output help for underspecified "status" commands
Go back to retrying when cadata is unconfigured
Drop a duplicate call to time()
Fix a typo in a comment
Formatting fixes
dogtag: check for agent creds when given options
Update dogtag man pages for the -O option
Update translations and their sources
tag 0.76.8
Add missing bug ID reference to the changelog
Add a note about supporting (parts of) ACME
Add missing bug ID to changelog
Fix a static analysis warning
Fix a typo
Update reference for kx509
Try to better enforce DSA key sizes
Add a bug reference for #1180978
Add some bookkeeping request fields for rekeying
First pass at rekey-friendly keygen behavior
Sanitize candidate key filenames and nicknames
Fix detection of candidate key permission errors
Add support for reading candidate keyinfo
First pass at rekey support for CSR generation
First pass at self-signing while rekeying
First pass at saving while rekeying
Add data fields for storing SCEP-specific CA data
Add logic to ask helpers for SCEP-specific CA data
Teach submit-h to return binary-safe data
Generate SCEP transactionIDs when generating CSRs
Add part of the SCEP submission helper
More SCEP helper bits, mostly TODO notes
Fix talloc/free mismatch
Fix a missing #include
Fix an infinite loop sending the request
Add a note about removing old candidates
Make sure we clear the candidate marker on save
Make preserving keys on rekey an option
Finish cleaning up rekey renaming
Fix various warnings and static analysis bugs
Fix a couple of static analysis warnings
Auto-spawn a server when there is no server socket
Auto-launch a daemon for "request", too
Fix a timing issue with this self-test
Fix computation of the buffer size for PEM wrapper
Generate mini-certificates for signing SCEP reqs
Correct the serial number in minicerts
Add logic for pulling certs out of PKCS7 blobs
Correctly parse PKCS#7 SCEP GetCACert replies
Accept redirection on HTTP with no client auth
Add a function for wrapping a CSR in an envelope
Get even more flexible parsing PKCS#7 signed-data
Refactor enveloping code
Add issuer-and-subject envelopes, use binary mode
Set a default SCEP CA ID for GetCACert messages
Also retrieve and cache an SCEP server's CA's cert
Add storage for SCEP request data
Encode the right subject name
First part of SCEP request generation
Tweak parsing PKCS#7 lists of certificates
Extend the pile-of-certificate parsing API
Fix and test sorting of certificate chains
Fetch an SCEP server's CA chain, too
Add the signer's chain to signed-data for SCEP
In-progress changes to handle chains better in NSS
Refactor the code to make reusing the signing easier
Work around NSS's always-verify behavior
Add SCEP attributes to signed messages
Add the ability to check for RSA keys
Wire in new states to trigger SCEP generation
Restart any waiting scepgen tasks with new certs
Let helpers see SCEP data, cache SCEP CA IDs
Encode pkiMessages when talking to SCEP servers
We don't have a place to put other certs yet
Shorten the wait after realizing we need SCEP data
Only restart when encryption certs *change*
Add a couple of diagnostics for now, clarify names
Always generate fresh SCEP data
Stop depending on PKCS7_SIGNER_INFO_sign()
Quick fix for a test on older RHEL
Include a missing header
Include a missing header
Add missing script
Really fix that timing issue this time
Strip out random blank lines in issued certificate
Send the right operation type for SCEP enrollments
Add a content-type signed attribute to SCEP reqs
Expand on ChallengePassword handling
Fix a few subprocess exit status values
Be ready to refresh SCEP server certificates
PEM-encode application/x-pki-message SCEP replies
Send verbose messages to stderr
Add logic for parsing SCEP PKCS#7 signed-data
Use defined names for SCEP protocol constants
Verify SCEP requests, start parsing SCEP replies
Put contentInfo inside of encapsulatedContentInfo
Understand md5, des, and des3 as preferences
Improve algorithm selection when generating SCEP
Clean up parsing of SCEP CA data
Fix a couple of warnings, expand SCEP failure text
Refactor passing of args to external helpers
Postprocess helper "success" output
Check for handling of binary helper output
Add more error checking to the HTTP part of SCEP
Use the right macro; drop an unused variable
Add hooks for decrypting PKCS#7 EnvelopedData
Add a framework for decrypting enveloped-data
Add missing source files
Rewrite parsing of enveloped-data using NSS
Avoid EVP_PKEY_CTX, which wasn't there on EL5
Avoid X509_ALGOR_set0(), which wasn't on EL5
Right, so PK11_PrivDecrypt() wasn't always there
Fix a few compiler warnings
Avoid crashing the test harness
Fix a string comparison (static analysis)
Fix a dereference-before-check (static analysis)
Add a missing include header
Check key_from_file()'s return (static analysis)
Skip a redundant check (static analysis)
Free some memory before _exit() (static analysis)
Handle not having an RA cert (static analysis)
Tweak some logic to make static analysis happy
Drop a redundant goto to the next line (static analysis)
Drop some dead code (static analysis)
Drop some dead code (static analysis)
Whoops, missing a break; (static analysis)
Call va_end() even on error (static analysis)
Fix a copy/paste error (static analysis)
Free an error string in the IPA helper (static analysis)
Free memory returned by cm_submit_u_pem_from_base64() (static analysis)
Open the right "next" key (static analysis)
Fix an uninitialized pointer compare (static analysis)
Set the recipient_nonce correctly (static analysis)
Correct result (static analysis)
Also do a run-through with SCEP ops
Accept a passed-in CA certificate as an anchor
Whoops, getcert should accept -l/-L properly
Avoid an integer expression overflow on 32-bit
Fix the width of the format specifier
Add a man page for scep-submit(8).
Remove a redundant check for no old key (static analysis)
Document scep-submit's -i option
Correctly select the SCEP request digest
Store SCEP request data in PEM form
Expose SCEP CA data as properties
Display an SCEP CA's certificate's thumbprint
Display thumbprint values for SCEP, as appropriate
Refresh all of a CA's data when its helper changes
Add tests for reading ssvs arguments
Make the scep-ca-identifier property settable
Drop an errant sed invocation
Add getcert add-ca/add-scep-ca/modify-ca/remove-ca
Update status docs
Add a bit of docs on how to use SCEP
SCEP needs OpenSSL in many places, so require it
Fix a syntax error
Drop cadata when a helper reports "unsupported"
Cache the last-transmitted SCEP nonce value
Update helper documentation
NUL-terminate the result string properly
Only generate "new key" SCEP data with a new key
Rework which keys we prefer for SCEP
Add framework for PIN, token certsave errors
Fix a couple of memory leaks (static analysis)
Remove a line of dead code (static analysis)
Remove logically dead code (static analysis)
Call BIO_new_mem_buf() with length -1 for strings
Add more PKCS#7/SCEP debug logging
Clean up the SCEP -R/-r options
Correct use of certsave-specific status codes
Test rekey saving with encrypted keys, too
Log in to NSS key databases for cert saving
Set a PIN, if one hasn't been set, during certsave
Move from Transifex to Zanata
Update translations
Have "getcert list" print the certificate profile
Drop Transifex config, since we're using Zanata
The CA profile is supposed to be read-only
Clear SCEP data when we generate a new CSR
Whoops, we use cmsutil in tests now
Handle "rejected" status from CA data requests
Try to sanity-check capabilities CA data by size
Try to accommodate Dogtag's GetCACert results
Break out of the cert retrieval loop on duplicates
Learn about Dogtag's SCEP failInfo status codes
Debug log SCEP replies in base64-encoded form
Update translations
Tag 0.77
Whoops, tag 0.77.1
A slide on using SCEP
Separate local validity lifetime's from selfsign's
Read nsCertType extension, write EnrollmentProfile
Note that SCEP usually wants a ChallengePassword
Expose certificate validity as D-Bus properties
Add plumbing for "long long" D-Bus properties
Fix potential segfault when parsing helper output
Document the dogtag helper's -N and -R flags
Update translations
tag 0.77.2
Retrieve the list of profiles from Dogtag CAs
Handle success from Dogtag's submit endpoint
Rename some variables
Learn to pass submission params to Dogtag
Add more auth options to dogtag-submit
Wire valgrind in to self-tests
Whitespace fixup
Fix a self-test uninitialized memory bug
Avoid using xmlXPathNodeEval(), not in EL 5
Add a barely-working "ls" knockoff
Manage ownership and permissions on keys and certs
Fix a potential crash in the local signer
Fix certificate retrieval in dogtag-submit
Update self-tests
Don't use O_NOFOLLOW
Silence a static analysis warning
Try to address a static analysis TOC-TOU warning
Start switching to popt
Add $POPT_CFLAGS and $POPT_LIBS to the test tools
Switch base2pem test tool to popt
Switch base64 test tool to popt
Switch the cadata test tool to popt
Switch the casave test tool to popt
Switch the hooks test tool to popt
Drop an unused #include header
Whitespace edits for makefiles
Port toklist sample to popt
Port the tlslayer WIP code to popt
Port the tdbusm-check tool to popt
Port the submit-x tool to popt
Port submit-h to using popt
Port the SCEP submit helper to use popt
Port the submit-d tool to popt
Port the certmaster submit helper to use popt
Port the local signer to use popt
Port the dogtag submit helper to use popt
Port the IPA submit helper to use popt
Port the main certmonger binary to popt
Port "getcert" to popt
Fix a static analysis warning
Check for error results from fcntl() and remove()
Fix a static analysis warning
Fix a memory leak in cm_submit_d_submit_result()
Remember to close a descriptor when saving to NSS
Update translations
Pass the template/profile to IPA as a "profile"
Default to re-using ns-certtype values
configure should error out without popt
Fix a typo in a self-test error message
Work around changes in OpenSSL 1.0.2a
Handle properties with no value in self-test
Handle setting template ns-certtype, key/cert perms
Wire {key,cert}_{owner,perms} into getcert
Also track per-certificate CA sets
When saving CA certs, also save per-request certs
Add a 'getcert rekey' option
Double-check that keys were changed in rekey test
Actualy test the 'modify' D-Bus method
Add a debug message if we're ignoring idle timeout
Fix an overrun gathering arguments
Add some JSON support
Update translations
Correct the wrong flag in a man page
Whoops, actually run those new tests
Add one more invalid sample to the json test cases
Update the expected output for that last test
Check for strtold(), use strtod() otherwise
Don't depend on getline(), in case it isn't there
Be consistent about using our stpcpy() knockoff
Fix a possible NULL dereference
Remove an unused variable (static analysis)
Fix the prototype for the getline() stand-in
Silence some dead-code warnings
Don't assign one uninitialized pointer to another
Have the self-test check the file size after open
Fix a read-after-close in a self-test
Handle 0 bytes in JSON strings
Handle setting NULL to remove items from JSON objs
Catch invalid expressions when parsing JSON
Add more type-safety to the JSON bits
When parsing possibly-PKCS#7, handle length==1
Add some more PKCS#7 parsing cases
Add another expected-to-fail-to-parse JSON sample
Add entry callbacks to the 'iterate' test tool
Make sure leafs aren't tops when parsing PKCS#7
When saving CA certs fails, add a couple of logs
Add a way for helpers to provide per-cert roots
Give helpers a way to force us to rekey
Handle CERT_ImportCerts() returning an empty array
Start keeping track of key lifetimes and usage
Catch unterminated string values in JSON
Catch up the test helper on new helper exit codes
Only record next-key info when we have a next-key
Add debug log checking for key/cert pubkey matches
Handle cases where the CA reuses a key on us
Remove an unused OID variable
Add some comments
tag 0.77.3
Fix an uninitialized pointer error (valgrind)
Correct a self-test error
Let NSS's safeguards against key deletion work
Fix the -c flag for vanilla getcert
Add a --wait-timeout flag for use with the -w flag
New test: getcert request/resubmit/rekey
Add some more info to this test run's output
Make the getcert test include preserving rekey
Suppress PINs in "getcert list" output (#42)
Expose key generation time and use count as props
Add test cases for CA-reuses-key-on-rekey-request
Trigger rekeying on key lifetime or use count
getcert: correctly pass the command to certmonger
Display the right command in help output
Rework how we clean up after rekeys with NSS
Extend a post-0.77 test case for that last change
merge changelog from 0.77.4
scep-submit: always keep track of the mode
Mention exit status 17 (need-rekey) in helper mans
Provide requested IP addresses to helpers
Handle more unusual PKCS#7 verification for SCEP
Handle CERTMONGER_REQ_IP_ADDRESS in requirements
Use preprocessor names for document elements
Add some JSON type checking in submit-e
Accept CA roots as a JSON object
Expand on comments for 481811e76908f50b
Guess "profile_id" instead of "profile" for IPA
Add a -v/--version option to the daemon
Rework parsing of JSON enrollment results
Tweak the accepted CA JSON format
Resync .spec file with Fedora
Add logic for SCEP renewal with key change
Document the helper interface from the helper PoV
Add more expected-to-parse-correctly JSON samples
Check generated key size after checking for NULL
Fix a signedness comparison problem
Require that binary decoding leaves no leftovers
Add an alternate accepted result for DSA keygen
Accept 1016 instead of 1024 bit for DSA keygen
Add a missing flag to the synopsis in the scep man
Whitespace fixup
Update translations
Log more about what's going on in SCEP
tag 0.78
Update translations
Add some bugzilla/tracs references to the chglog
Get vague about what we expect from certutil
Tag 0.78.1
Add a wrapper to avoid passing NULL to setenv()
Don't check a never-NULL pointer for being NULL
Fix checking for errors when fetching SCEP chain
Don't forget to close the output file structure
Register our bus name after setting up handlers
Rework how we do system bus activation
Updated translations
tag 0.78.2
Use poptGetOptArg() correctly
tag 0.78.3
When we get an error from a pkcsReq, log correctly
Fix "getcert start-tracking"'s -L and -l options
tag 0.78.4
Timo Aaltonen (6):
Merge branch 'upstream'
bump the version
control: Add libpopt-dev to build-depends.
Merge branch 'upstream'
update the changelog
releasing package certmonger version 0.78.4-1
vagrant (1):
Print the full gate command in debug mode
---
Makefile.am | 3
STATUS | 17
certmonger.spec | 171 +
configure.ac | 131 +
debian/changelog | 7
debian/control | 1
doc/api.txt | 4
doc/design.txt | 215 +-
doc/getting-started.txt | 45
doc/helpers.txt | 227 ++
doc/scep.odp |binary
doc/scep.txt | 38
doc/selinux.txt | 2
doc/submit.txt | 48
po/ach.po | 1339 +++++++++++---
po/af.po | 1339 +++++++++++---
po/af_ZA.po | 1307 +++++++++++---
po/aln.po | 1339 +++++++++++---
po/am.po | 1339 +++++++++++---
po/ar.po | 1342 +++++++++++---
po/as.po | 1339 +++++++++++---
po/ast.po | 1339 +++++++++++---
po/az.po | 1339 +++++++++++---
po/bal.po | 1339 +++++++++++---
po/be.po | 1342 +++++++++++---
po/bg.po | 1454 ++++++++++++----
po/bn.po | 1339 +++++++++++---
po/bn_IN.po | 1339 +++++++++++---
po/bo.po | 1339 +++++++++++---
po/br.po | 1339 +++++++++++---
po/brx.po | 1339 +++++++++++---
po/bs.po | 1342 +++++++++++---
po/ca.po | 1843 ++++++++++++++------
po/certmonger.pot | 1309 +++++++++++---
po/cs.po | 1339 +++++++++++---
po/cs_CZ.po | 1307 +++++++++++---
po/cy.po | 1342 +++++++++++---
po/da.po | 1395 +++++++++++----
po/de.po | 1457 ++++++++++++----
po/de_CH.po | 1339 +++++++++++---
po/dz.po | 1339 +++++++++++---
po/el.po | 1339 +++++++++++---
po/en_GB.po | 1339 +++++++++++---
po/eo.po | 1339 +++++++++++---
po/es.po | 1559 +++++++++++++----
po/es_ES.po | 1307 +++++++++++---
po/et.po | 1339 +++++++++++---
po/eu.po | 1344 +++++++++++----
po/eu_ES.po | 1307 +++++++++++---
po/fa.po | 1339 +++++++++++---
po/fa_IR.po | 1307 +++++++++++---
po/fi.po | 1339 +++++++++++---
po/fr.po | 1507 ++++++++++++----
po/ga.po | 1342 +++++++++++---
po/gl.po | 1339 +++++++++++---
po/gu.po | 1344 +++++++++++----
po/he.po | 1339 +++++++++++---
po/hi.po | 1339 +++++++++++---
po/hr.po | 1342 +++++++++++---
po/hr_HR.po | 1307 +++++++++++---
po/hu.po | 1490 ++++++++++++----
po/hy.po | 1339 +++++++++++---
po/ia.po | 1339 +++++++++++---
po/id.po | 1381 +++++++++++----
po/ilo.po | 1339 +++++++++++---
po/is.po | 1339 +++++++++++---
po/it.po | 1425 ++++++++++++---
po/it_IT.po | 1307 +++++++++++---
po/ja.po | 1388 +++++++++++----
po/ja_JP.po | 1307 +++++++++++---
po/ka.po | 1339 +++++++++++---
po/kk.po | 1339 +++++++++++---
po/km.po | 1339 +++++++++++---
po/kn.po | 1339 +++++++++++---
po/ko.po | 1339 +++++++++++---
po/ks.po | 1339 +++++++++++---
po/ku.po | 1339 +++++++++++---
po/ky.po | 1339 +++++++++++---
po/la.po | 1339 +++++++++++---
po/lo.po | 1339 +++++++++++---
po/lt.po | 1406 ++++++++++++---
po/lv.po | 1342 +++++++++++---
po/mai.po | 1339 +++++++++++---
po/mg.po | 1339 +++++++++++---
po/mk.po | 1339 +++++++++++---
po/ml.po | 1339 +++++++++++---
po/mn.po | 1339 +++++++++++---
po/mr.po | 1339 +++++++++++---
po/ms.po | 1339 +++++++++++---
po/ms_MY.po | 1307 +++++++++++---
po/my.po | 1339 +++++++++++---
po/nb.po | 1344 +++++++++++----
po/nds.po | 1339 +++++++++++---
po/ne.po | 1339 +++++++++++---
po/nl.po | 1504 ++++++++++++----
po/nn.po | 1339 +++++++++++---
po/no.po | 1339 +++++++++++---
po/nso.po | 1339 +++++++++++---
po/or.po | 1339 +++++++++++---
po/pa.po | 1339 +++++++++++---
po/pl.po | 1479 ++++++++++++----
po/pt.po | 1412 ++++++++++++---
po/pt_BR.po | 1541 +++++++++++++----
po/ro.po | 1342 +++++++++++---
po/ru.po | 1360 +++++++++++----
po/ru_RU.po | 1344 +++++++++++----
po/si.po | 1339 +++++++++++---
po/sk.po | 1339 +++++++++++---
po/sl.po | 1342 +++++++++++---
po/sq.po | 1339 +++++++++++---
po/sr.po | 1342 +++++++++++---
po/sr at latin.po | 1342 +++++++++++---
po/sv.po | 1428 ++++++++++++---
po/ta.po | 1342 +++++++++++---
po/ta_IN.po | 1307 +++++++++++---
po/te.po | 1339 +++++++++++---
po/tg.po | 1339 +++++++++++---
po/th.po | 1339 +++++++++++---
po/tl.po | 1339 +++++++++++---
po/tr.po | 1342 +++++++++++---
po/uk.po | 1524 ++++++++++++-----
po/uk_UA.po | 1307 +++++++++++---
po/ur.po | 1339 +++++++++++---
po/uz.po | 1339 +++++++++++---
po/vi.po | 1339 +++++++++++---
po/wo.po | 1339 +++++++++++---
po/xh.po | 1339 +++++++++++---
po/zh_CN.GB2312.po | 1931 +++++++++++++++++++++
po/zh_CN.po | 1377 +++++++++++----
po/zh_HK.po | 1339 +++++++++++---
po/zh_TW.Big5.po | 1931 +++++++++++++++++++++
po/zh_TW.po | 1353 +++++++++++----
po/zu.po | 1339 +++++++++++---
src/Makefile.am | 107 -
src/cadata.c | 449 ++++-
src/cadata.h | 5
src/canalyze.c | 108 +
src/canalyze.h | 3
src/casave.c | 140 +
src/certext.c | 246 ++
src/certmaster-getcert.1.in | 14
src/certmaster.c | 79
src/certmonger-certmaster-submit.8.in | 11
src/certmonger-dogtag-ipa-renew-agent-submit.8.in | 32
src/certmonger-dogtag-submit.8.in | 239 ++
src/certmonger-ipa-submit.8.in | 29
src/certmonger-local-submit.8.in | 12
src/certmonger-scep-submit.8.in | 146 +
src/certmonger.8.in | 41
src/certmonger.conf.5.in | 43
src/certmonger.conf.in | 3
src/certread-n.c | 10
src/certread-o.c | 7
src/certread.c | 12
src/certsave-int.h | 10
src/certsave-n.c | 312 +++
src/certsave-o.c | 353 +++
src/certsave.c | 21
src/certsave.h | 7
src/cm.c | 51
src/cm.h | 4
src/csrgen-int.h | 3
src/csrgen-n.c | 499 +++++
src/csrgen-o.c | 170 +
src/csrgen.c | 69
src/dogtag-ipa.c | 50
src/dogtag-ipa.h | 23
src/dogtag.c | 426 +++-
src/env-session.c | 6
src/env-shared.c | 6
src/env-system.c | 11
src/getcert-add-ca.1.in | 52
src/getcert-add-scep-ca.1.in | 84
src/getcert-list-cas.1.in | 9
src/getcert-list.1.in | 65
src/getcert-modify-ca.1.in | 47
src/getcert-refresh-ca.1.in | 9
src/getcert-refresh.1.in | 9
src/getcert-remove-ca.1.in | 45
src/getcert-request.1.in | 22
src/getcert-resubmit.1.in | 22
src/getcert-start-tracking.1.in | 22
src/getcert-status.1.in | 11
src/getcert-stop-tracking.1.in | 11
src/getcert.1.in | 25
src/getcert.c | 1969 +++++++++++++++++++---
src/hook.c | 2
src/introspect.sh.in | 15
src/ipa-getcert.1.in | 12
src/ipa.c | 837 ++++++---
src/iterate.c | 625 +++++-
src/json.c | 1155 ++++++++++++
src/json.h | 78
src/keygen-n.c | 245 ++
src/keygen-o.c | 160 +
src/keyiread-n.c | 94 -
src/keyiread-n.h | 6
src/keyiread-o.c | 78
src/keyiread.c | 60
src/local-getcert.1.in | 12
src/local.c | 71
src/log.h | 2
src/main.c | 200 +-
src/notify.c | 41
src/notify.h | 1
src/pkcs7.c | 1208 +++++++++++++
src/pkcs7.h | 66
src/prefs-n.c | 56
src/prefs-n.h | 4
src/prefs-o.c | 29
src/prefs-o.h | 2
src/prefs.c | 71
src/prefs.h | 11
src/scep-o.c | 82
src/scep-o.h | 28
src/scep.c | 1109 ++++++++++++
src/scep.h | 47
src/scepgen-int.h | 51
src/scepgen-n.c | 475 +++++
src/scepgen-o.c | 855 +++++++++
src/scepgen.c | 115 +
src/scepgen.h | 57
src/selfsign-getcert.1.in | 12
src/srvloc.c | 249 ++
src/srvloc.h | 31
src/store-files.c | 509 +++++
src/store-gen.c | 42
src/store-int.h | 76
src/store.h | 2
src/submit-d.c | 393 +++-
src/submit-d.h | 12
src/submit-e.c | 831 +++++++--
src/submit-e.h | 13
src/submit-h.c | 140 -
src/submit-h.h | 5
src/submit-int.h | 25
src/submit-n.c | 471 +++++
src/submit-o.c | 109 +
src/submit-o.h | 3
src/submit-sn.c | 48
src/submit-so.c | 50
src/submit-u.c | 33
src/submit-x.c | 108 -
src/submit.c | 14
src/submit.h | 6
src/subproc.c | 35
src/subproc.h | 2
src/tdbus.c | 371 +++-
src/tdbus.h | 29
src/tdbush.c | 743 ++++++++
src/tdbush.h | 3
src/tdbusm-check.c | 46
src/tdbusm.c | 61
src/tdbusm.h | 3
src/tlslayer.c | 75
src/toklist.c | 44
src/util-m.h | 4
src/util-n.c | 191 ++
src/util-n.h | 10
src/util-o.c | 119 +
src/util-o.h | 12
systemd/Makefile.am | 5
systemd/certmonger.path.in | 9
systemd/org.fedorahosted.certmonger.service.in | 4
tests/001-keyiread-dsa/expected.out | 36
tests/001-keyiread-dsa/run.sh | 10
tests/002-keygen-dsa/expected.out.2 | 45
tests/002-keygen-dsa/expected.out.3 | 45
tests/002-keygen/expected.out | 72
tests/002-keygen/run.sh | 22
tests/003-csrgen-dsa/expected.out | 2
tests/003-csrgen-dsa/run.sh | 7
tests/003-csrgen-ec/expected.out | 2
tests/003-csrgen-ec/run.sh | 7
tests/003-csrgen/expected.out | 48
tests/003-csrgen/run.sh | 94 -
tests/004-selfsign/run.sh | 3
tests/005-dbusm/expected.out | 1
tests/008-certread/expected.out | 1
tests/010-iterate/expected.out | 232 ++
tests/010-iterate/run.sh | 237 ++
tests/019-dparse/expected.out | 162 +
tests/019-dparse/good.profileList | 1028 +++++++++++
tests/019-dparse/good.profileSubmit.issued | 1
tests/019-dparse/run.sh | 4
tests/021-resume/expected.out | 436 +++-
tests/021-resume/run.sh | 23
tests/023-cadata/expected.out | 24
tests/023-cadata/run.sh | 23
tests/024-citerate/expected.out | 200 ++
tests/024-citerate/run.sh | 8
tests/025-casave/expected.out | 62
tests/025-casave/run.sh | 186 ++
tests/028-dbus/entry | 6
tests/028-dbus/expected.out | 62
tests/028-dbus/run.sh | 1
tests/028-dbus/walk.py | 47
tests/030-rekey/expected.out | 345 +++
tests/030-rekey/run.sh | 246 ++
tests/031-pkcs7/expected.out | 209 ++
tests/031-pkcs7/prequal.sh | 2
tests/031-pkcs7/run.sh | 252 ++
tests/032-chain/expected.out | 1
tests/032-chain/run.sh | 54
tests/033-scep/expected.out | 24
tests/033-scep/run.sh | 213 ++
tests/034-perms-dbm/expected.out | 94 +
tests/034-perms-dbm/run.sh | 2
tests/034-perms-sql/expected.out | 94 +
tests/034-perms-sql/run.sh | 2
tests/034-perms/expected.out | 94 +
tests/034-perms/run.sh | 199 ++
tests/035-json/bad.1 | 14
tests/035-json/bad.15 | 1
tests/035-json/bad.1a | 14
tests/035-json/bad.1b | 14
tests/035-json/bad.1c | 14
tests/035-json/bad.1d | 13
tests/035-json/bad.1e | 14
tests/035-json/bad.2 |binary
tests/035-json/bad.3 | 1
tests/035-json/bad.4 | 60
tests/035-json/bad.5 | 1
tests/035-json/bad.6 | 1
tests/035-json/bad.8 | 1
tests/035-json/bad.9 | 1
tests/035-json/expected.out | 66
tests/035-json/good.1 | 14
tests/035-json/good.10 | 1
tests/035-json/good.11 | 1
tests/035-json/good.12 | 1
tests/035-json/good.13 | 1
tests/035-json/good.14 | 1
tests/035-json/good.15 | 1
tests/035-json/good.16 | 22
tests/035-json/good.17 | 23
tests/035-json/good.18 | 22
tests/035-json/good.19 | 11
tests/035-json/good.2 | 23
tests/035-json/good.20 | 26
tests/035-json/good.21 | 88
tests/035-json/good.22 | 27
tests/035-json/good.2a | 10
tests/035-json/good.2b | 10
tests/035-json/good.2c | 12
tests/035-json/good.3 | 1
tests/035-json/good.4 | 1
tests/035-json/good.5 | 1
tests/035-json/good.6 | 1
tests/035-json/good.7 | 1
tests/035-json/good.8 | 1
tests/035-json/good.9 | 1
tests/035-json/run.sh | 20
tests/036-getcert/expected.out | 74
tests/036-getcert/run.sh | 190 ++
tests/037-rekey2/expected.out | 233 ++
tests/037-rekey2/run.sh | 205 ++
tests/Makefile.am | 48
tests/run-tests.sh | 16
tests/tools/Makefile.am | 18
tests/tools/addcinfo.c | 109 +
tests/tools/base2pem.c | 29
tests/tools/base64.c | 46
tests/tools/cachain.sh | 90 +
tests/tools/cadata.c | 72
tests/tools/casave.c | 58
tests/tools/dparse.c | 27
tests/tools/hooks.c | 58
tests/tools/iterate.c | 68
tests/tools/json-utf8.c | 112 +
tests/tools/json.c | 187 ++
tests/tools/keyiread.c | 85
tests/tools/ls.c | 82
tests/tools/pk7decrypt.c | 106 +
tests/tools/pk7env.c | 183 ++
tests/tools/pk7parse.c | 102 +
tests/tools/pk7verify.c | 159 +
tests/tools/prefs.c | 9
tests/tools/printenv.c | 40
tests/tools/scepgen.c | 142 +
tests/tools/srv.c | 53
tests/tools/submit.c | 22
zanata.xml | 106 +
383 files changed, 151966 insertions(+), 38948 deletions(-)
---
More information about the Pkg-freeipa-devel
mailing list