[Pkg-freeipa-devel] dogtag-pki: Changes to 'refs/tags/debian/10.3.5+12-1'
Timo Aaltonen
tjaalton at moszumanska.debian.org
Wed Feb 15 09:08:42 UTC 2017
Tag 'debian/10.3.5+12-1' created by Timo Aaltonen <tjaalton at debian.org> at 2017-02-15 09:06 +0000
tagging package dogtag-pki version debian/10.3.5+12-1
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABCAAGBQJYpBozAAoJEMtwMWWoiYTc3XAP+wR2qrw8IbZqBpBOkltAJUvT
PMap0rQ3bsbqSDd9/DnJU7mt6ZccFeFKoLz7MNzH1h8vRU/Mmhm6iHIb7PixaCV9
54yxefufRjLP3AE+2vBHajFFDfUvYQVCgoxzExr72dohIM/tO+80T/Uv7S4SZd0r
lnEF4on2rgKQDBMjvbVXi1XpCee+y30P4L6LHo0xQ2UMfCZZ24rnr8sZ2fmAxGLc
6hlGuHfoy9U0j6X4MdCE9Ri/OnBdv41sF8SA9oJE4gNLBy/Uodb2o51QItC1j5cR
lWDr8j6HU+6DaO9Bphtfy9Fq+xgKhE+aFJtHwbsE8aabZADs2/yZSmT5tBcybb8W
xVxLtXG7iJug1KpC8yrAHe62+giYM4q0DBHH8phg1oP2B9x4xKPaEPcTe2HlvFIP
sUjmkgABNdPbMlOeGPGOH8lIRugb3GpkVoKa2foKgmJ6YoQMEJpB86NZoQvlGS8e
pA18WcvvWl2bH1NxWLgebiKMo/xEd+WxfDjvj4XvQimL8sW7HWcU/S70EqkpZKlI
4Yypfqpx+MqF1jr0wnK+iIj74/JiV35WX+NPmvwncJiEIwni/X24MrbYACaojBEh
uSoTK9oqTvoi8Uwota4VchaiKnZ/oYn16/bwDMOSAvVprAgfp8XVF8VyiUTrMwzF
qjm6FIHaonAZF4z5jkFw
=8vF5
-----END PGP SIGNATURE-----
Changes since debian/10.3.5-7:
Abhijeet Kasurde (1):
Added check for pki-server-nuxwdog parameter
Ade Lee (2):
Fix CertRequestInfo URLs
Add option to remove signing cert entry
Christina Fu (7):
Ticket #2446 pkispawn: make subject_dn defaults unique per instance name (for shared HSM)
Ticket #1527 TPS Enrollment always goes to "ca1" (bug fix)
Ticket #2496 Cert/Key recovery is successful when the cert serial number and key id on the ldap user mismatches
Ticket #2498 Token format with external reg fails when op.format.externalRegAddToToken.revokeCert=true
Ticket #2534 Automatic recovery of encryption cert - CA and TPS tokendb shows different certificate status
Ticket #1741 ECDSA certs Alg IDs contian parameter field
Ticket #2534 (additional) - reset cert status after successful unrevoke
Endi S. Dewata (52):
Removed PKCS #7 from add user cert dialog in TPS UI.
Added cert validation error message in selftest log.
Added exception wrapper for invalid LDAP attribute syntax.
Removed misleading log in SelfTestSubsystem.
Fixed SelfTestService.findSelfTests().
Added debug messages for ConfigurationUtils.handleCerts().
Allowing optional CA signing CSR.
Updated pki-server subsystem-cert-update CLI.
Added upgrade script to fix deployment descriptors.
Updated RPM spec for RHEL.
Fixed default token name for system certificates.
Moved subsystem initialization after database initialization.
Fixed debug log in UpdateNumberRange servlet.
Added support to create system certificates in different tokens.
Removed FixSELinuxContexts upgrade script.
Removed support for creating system certificates in different tokens.
Troubleshooting improvements for SigningUnit.
Troubleshooting improvements for ConfigurationUtils.
Additional improvements for SigningUnit.
Removed duplicate classes.
Troubleshooting improvements for GetCertChain.
Fixed NSSDatabase.create_request().
Fixed ConfigurationUtils.importCertChain().
Fixed typo in UserPwdDirAuthentication.
Fixed CryptoUtil.getTokenName().
Fixed TPS UI for agent approval.
Fixed TPS UI system menu.
Reformatted SecurityDataRecoveryService.serviceRequest().
Fixed KRA key recovery via CLI in FIPS mode.
Refactored PKIConnection.get().
Fixed problem with pki user-cert-add.
Updated NSS dependency on Fedora.
Updated pki-cert man page.
Updated AccountInfo.
Fixed TPS UI system menu.
Fixed TPS UI for agent approval.
Fixed problem installing subordinate CA with HSM in FIPS mode.
Fixed hanging subordinate CA with HSM installation in FIPS mode.
Removed unused CA and KRA logging.properties.
Removed unused OCSP, TKS, and TPS logging.properties.
Updated logging.properties.
Updated log4j.properties.
Added man pages for logging configuration.
Updated spec file for logging configuration man pages.
Added man pages for PKCS #12 utilities.
Updated pki-core.spec.
Replaced default AJP hostname with generic loopback address.
Added global TCP Keep-Alive option.
Added upgrade script to update AJP loopback address.
Fixed problem searching the latest certificate request.
Fixed missing SLF4J in Javadoc classpath.
Fixed Javadoc failure caused by HTML special characters.
Fraser Tweedale (7):
Revoke lightweight CA certificate on deletion
Prevent deletion of host CA cert and key from NSSDB
Accept LWCA entry with missing entryUSN if plugin enabled
Perform host authority check before entryUSN check
Do not attempt LWCA key retrieval for host authority
Compare serialised DNs in host authority check
Use BigInteger for entryUSN
Geetika Kapoor (1):
Fix for BZ 1358462
Jack Magne (8):
Authentication Instance Id PinDirEnrollment with authType value as SslclientAuth is not working.
Fix for: Add ability to disallow TPS to enroll a single user on multiple tokens. #1664
Another Fix for: Add ability to disallow TPS to enroll a single user on multiple tokens. #1664
Cert/Key recovery is successful when the cert serial number and key id on the ldap user mismatches
PIN_RESET policy is not giving expected results when set on a token.
TPS token enrollment fails to setupSecureChannel when TPS and TKS security db is on fips mode.
Resolve: pkispawn does not change default ecc key size from nistp256 when nistp384 is specified in spawn config
Change lifecycle at end of enrollment if it is not already set.
Matthew Harmsen (21):
Update version number to 10.3.6-0.1
Resolves: rhbz #1366465
pki-tools CMCEnroll man page (spec file)
Resolve python-requests dependencies appropriately by adding minimum required version
pki-tools HEADER/FOOTER changes
pki-tools CMCEnroll man page
spec file changes
Updated RPM spec.
Updated RPM spec.
Added openssl runtime dependency for support of External CA.
Updated RPM spec for 10.3.5-7.
Updated pki-console RPM spec for 10.3.5-2.
Fixed name of patch.
Fix for flake8 errors on Fedora 26 (cheimes)
Fix for flake8 errors on Fedora 26 (cheimes) - spec file changes
Revert "Fixed TPS UI for agent approval."
Revert "Fixed TPS UI system menu."
Updated pki-core spec file for 10.3.5-9.
Updated pki-core spec file for 10.3.5-11.
Cast 'char *' to 'const char *' in C++ files.
Checked-in under trivial file fix.
Timo Aaltonen (7):
Merge branch 'upstream'
update changelog
Merge branch 'upstream'
minor version update
sync-rpm-10.3.5-7.diff: Dropped.
use-resteasy-legacy.diff, control: Port to resteasy 3.1.0-2 which ships resteasy-legacy.jar. (LP: #1664457)
releasing package dogtag-pki version 10.3.5+12-1
---
CMakeLists.txt | 1
base/ca/shared/conf/logging.properties | 70
base/ca/src/CMakeLists.txt | 4
base/ca/src/com/netscape/ca/CertificateAuthority.java | 131
base/ca/src/com/netscape/ca/ExternalProcessKeyRetriever.java | 7
base/ca/src/com/netscape/ca/SigningUnit.java | 26
base/ca/src/org/dogtagpki/server/ca/rest/AuthorityService.java | 2
base/ca/src/org/dogtagpki/server/ca/rest/CAInstallerService.java | 50
base/common/man/man5/pki-logging.5 | 94
base/common/python/pki/nssdb.py | 64
base/common/share/etc/logging.properties | 3
base/common/src/CMakeLists.txt | 4
base/common/src/com/netscape/certsrv/account/AccountInfo.java | 8
base/common/src/com/netscape/certsrv/apps/CMS.java | 5
base/common/src/com/netscape/certsrv/apps/ICMSEngine.java | 8
base/common/src/com/netscape/certsrv/base/ResourceMessage.java | 11
base/common/src/com/netscape/certsrv/ca/ICertificateAuthority.java | 2
base/common/src/com/netscape/certsrv/client/PKIConnection.java | 8
base/common/src/com/netscape/certsrv/client/SubsystemClient.java | 26
base/common/src/com/netscape/certsrv/ldap/LDAPExceptionConverter.java | 6
base/common/src/com/netscape/certsrv/security/IEncryptionUnit.java | 3
base/common/src/com/netscape/certsrv/selftests/ISelfTestSubsystem.java | 4
base/common/src/com/netscape/certsrv/system/ConfigurationRequest.java | 32
base/common/src/org/dogtagpki/tps/apdu/APDU.java | 3
base/common/src/org/dogtagpki/tps/apdu/GetLifecycleAPDU.java | 35
base/console/src/CMakeLists.txt | 5
base/java-tools/man/man1/CMCEnroll.1 | 570 +
base/java-tools/man/man1/pki-cert.1 | 5
base/java-tools/man/man1/pki-pkcs12-cert.1 | 122
base/java-tools/man/man1/pki-pkcs12-key.1 | 76
base/java-tools/man/man1/pki-pkcs12.1 | 114
base/java-tools/src/CMakeLists.txt | 4
base/java-tools/src/com/netscape/cmstools/CMCEnroll.java | 13
base/java-tools/src/com/netscape/cmstools/CMCRequest.java | 4
base/java-tools/src/com/netscape/cmstools/CMCRevoke.java | 11
base/java-tools/src/com/netscape/cmstools/CRMFPopClient.java | 8
base/java-tools/src/com/netscape/cmstools/HttpClient.java | 2
base/java-tools/src/com/netscape/cmstools/PKCS10Client.java | 11
base/javadoc/CMakeLists.txt | 1
base/kra/shared/conf/logging.properties | 70
base/kra/src/CMakeLists.txt | 4
base/kra/src/com/netscape/kra/SecurityDataRecoveryService.java | 30
base/ocsp/shared/conf/logging.properties | 70
base/ocsp/src/CMakeLists.txt | 4
base/ocsp/src/com/netscape/ocsp/SigningUnit.java | 44
base/server/cms/src/CMakeLists.txt | 4
base/server/cms/src/com/netscape/cms/authentication/UserPwdDirAuthentication.java | 2
base/server/cms/src/com/netscape/cms/publish/publishers/LdapCaCertPublisher.java | 22
base/server/cms/src/com/netscape/cms/publish/publishers/LdapCrlPublisher.java | 22
base/server/cms/src/com/netscape/cms/publish/publishers/LdapUserCertPublisher.java | 22
base/server/cms/src/com/netscape/cms/selftests/common/SystemCertsVerification.java | 2
base/server/cms/src/com/netscape/cms/servlet/admin/PublisherAdminServlet.java | 11
base/server/cms/src/com/netscape/cms/servlet/cert/CertRequestDAO.java | 17
base/server/cms/src/com/netscape/cms/servlet/cert/CertRequestInfoFactory.java | 15
base/server/cms/src/com/netscape/cms/servlet/cert/DoRevokeTPS.java | 15
base/server/cms/src/com/netscape/cms/servlet/common/CMSTemplate.java | 2
base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java | 73
base/server/cms/src/com/netscape/cms/servlet/csadmin/GetCertChain.java | 21
base/server/cms/src/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java | 3
base/server/cms/src/com/netscape/cms/servlet/profile/ProfileReviewServlet.java | 1
base/server/cms/src/com/netscape/cms/servlet/request/QueryReq.java | 6
base/server/cms/src/com/netscape/cms/servlet/tks/SecureChannelProtocol.java | 4
base/server/cms/src/org/dogtagpki/server/rest/AccountService.java | 46
base/server/cms/src/org/dogtagpki/server/rest/SelfTestService.java | 2
base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java | 11
base/server/cms/src/org/dogtagpki/server/rest/UserService.java | 2
base/server/cmsbundle/src/LogMessages.properties | 2
base/server/cmscore/src/CMakeLists.txt | 4
base/server/cmscore/src/com/netscape/cmscore/apps/CMSEngine.java | 15
base/server/cmscore/src/com/netscape/cmscore/ldapconn/LdapAnonConnection.java | 2
base/server/cmscore/src/com/netscape/cmscore/ldapconn/LdapBoundConnection.java | 8
base/server/cmscore/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java | 117
base/server/cmscore/src/com/netscape/cmscore/ldapconn/PKISocketFactory.java | 211
base/server/cmscore/src/com/netscape/cmscore/profile/LDAPProfileSubsystem.java | 13
base/server/cmscore/src/com/netscape/cmscore/selftests/SelfTestSubsystem.java | 18
base/server/etc/default.cfg | 54
base/server/man/man5/pki-server-logging.5 | 191
base/server/man/man5/pki_default.cfg.5 | 2
base/server/python/pki/server/__init__.py | 3
base/server/python/pki/server/cli/subsystem.py | 74
base/server/python/pki/server/deployment/pkihelper.py | 16
base/server/python/pki/server/deployment/pkiparser.py | 33
base/server/python/pki/server/deployment/scriptlets/instance_layout.py | 23
base/server/sbin/pki-server-nuxwdog | 12
base/server/share/conf/log4j.properties | 45
base/server/share/conf/logging.properties | 24
base/server/test/com/netscape/cmscore/app/CMSEngineDefaultStub.java | 5
base/server/upgrade/10.3.5/02-FixDeploymentDescriptor | 110
base/server/upgrade/10.3.5/02-FixSELinuxContexts | 36
base/server/upgrade/10.3.5/03-UpdateAJPLoopbackAddress | 62
base/symkey/src/CMakeLists.txt | 4
base/symkey/src/com/netscape/symkey/CMakeLists.txt | 2
base/tks/shared/conf/logging.properties | 70
base/tks/src/CMakeLists.txt | 4
base/tps-client/src/CMakeLists.txt | 1
base/tps-client/src/apdu/Get_Lifecycle_APDU.cpp | 41
base/tps-client/src/include/apdu/APDU.h | 3
base/tps-client/src/include/apdu/Get_Lifecycle_APDU.h | 58
base/tps-client/src/main/ConfigStore.cpp | 2
base/tps-client/src/main/RollingLogFile.cpp | 2
base/tps-client/tools/raclient/RA_Conn.cpp | 14
base/tps-client/tools/raclient/RA_Token.cpp | 4
base/tps/shared/conf/CS.cfg | 36
base/tps/shared/conf/logging.properties | 70
base/tps/shared/webapps/tps/js/profile.js | 85
base/tps/shared/webapps/tps/js/tps.js | 132
base/tps/shared/webapps/tps/ui/index.html | 60
base/tps/shared/webapps/tps/ui/user-certs.html | 2
base/tps/src/CMakeLists.txt | 4
base/tps/src/org/dogtagpki/server/tps/TPSAccountService.java | 80
base/tps/src/org/dogtagpki/server/tps/TPSTokenPolicy.java | 8
base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java | 109
base/tps/src/org/dogtagpki/server/tps/cms/CARemoteRequestHandler.java | 48
base/tps/src/org/dogtagpki/server/tps/cms/KRARemoteRequestHandler.java | 45
base/tps/src/org/dogtagpki/server/tps/dbs/TokenCertStatus.java | 43
base/tps/src/org/dogtagpki/server/tps/engine/TPSEngine.java | 15
base/tps/src/org/dogtagpki/server/tps/main/ExternalRegAttrs.java | 35
base/tps/src/org/dogtagpki/server/tps/main/ExternalRegCertToRecover.java | 27
base/tps/src/org/dogtagpki/server/tps/main/PKCS11Obj.java | 3
base/tps/src/org/dogtagpki/server/tps/processor/EnrolledCertsInfo.java | 32
base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java | 337
base/tps/src/org/dogtagpki/server/tps/processor/TPSPinResetProcessor.java | 34
base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java | 54
base/tps/src/org/dogtagpki/server/tps/rest/TPSApplication.java | 4
base/tps/src/org/dogtagpki/server/tps/rest/TPSInstallerService.java | 2
base/util/src/CMakeLists.txt | 8
base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java | 23
base/util/src/netscape/security/pkcs/PKCS12.java | 6
base/util/src/netscape/security/x509/AlgorithmId.java | 41
debian/changelog | 10
debian/control | 2
debian/patches/series | 2
debian/patches/sync-rpm-10.3.5-7.diff | 3687 ----------
debian/patches/use-resteasy-legacy.diff | 357
specs/pki-console.spec | 10
specs/pki-core.spec | 364
136 files changed, 4095 insertions(+), 5043 deletions(-)
---
More information about the Pkg-freeipa-devel
mailing list