[Pkg-freeipa-devel] [Git][freeipa-team/tomcatjss][upstream] 4 commits: Updated version number to 7.3.5

Timo Aaltonen gitlab at salsa.debian.org
Mon Oct 15 08:26:06 BST 2018


Timo Aaltonen pushed to branch upstream at FreeIPA packaging / tomcatjss


Commits:
b841b2eb by Endi S. Dewata at 2018-08-13T21:51:57Z
Updated version number to 7.3.5

The tomcatjss.spec.in has been renamed into tomcatjss.spec for
consistency with other projects. The JSS dependency has been
updated as well.

Change-Id: I0ad9129e0d418e3571f1c864320199ec4114cb93

- - - - -
67052236 by Dinesh Prasanth M K at 2018-08-31T14:49:43Z
Fixes installation with space in HSM Label (#3)

- This is linked to the `pki` bug-fix ticket-3054

Pagure ticket: https://pagure.io/tomcatjss/issue/12

Signed-off-by: Dinesh Prasanth M K <dmoluguw at redhat.com>

- - - - -
84ce9907 by Jack Magne at 2018-09-21T01:13:32Z
Fix for Bug 1630469 - CC: tomcatjss: unable to enable OCSP checking from peer AIA extension.

Now the server.xml can be configured to enable ocsp AND leave other settings null, to trigger
NSS to use the AIA extension to locate the ocsp responder.

ex:

 <Connector name="Secure" port="18443" ...
     .....
     enableOCSP="true"  ocspCacheSize="1000" ocspMinCacheEntryDuration="60" ocspMaxCacheEntryDuration="120" ocspTimeout="10"

- - - - -
a84bdfcc by Alexander Scheel at 2018-10-03T20:00:49Z
Updated version number to 7.3.6

Signed-off-by: Alexander Scheel <ascheel at redhat.com>

- - - - -


5 changed files:

- .travis.yml
- build.sh
- src/org/apache/tomcat/util/net/jss/PlainPasswordFile.java
- src/org/apache/tomcat/util/net/jss/TomcatJSS.java
- tomcatjss.spec.in → tomcatjss.spec


Changes:

=====================================
.travis.yml
=====================================
@@ -20,7 +20,7 @@ install:
       registry.fedoraproject.org/fedora:$FEDORA
   - docker exec container dnf install -y dnf-plugins-core gcc make rpm-build
   - docker exec container dnf copr -y enable ${TOMCATJSS_7_3_REPO:- at pki/10.6}
-  - docker exec container dnf builddep -y --spec /root/tomcatjss/tomcatjss.spec.in
+  - docker exec container dnf builddep -y --spec /root/tomcatjss/tomcatjss.spec
   - docker exec container dnf remove -y tomcat-native
   - docker exec container /root/tomcatjss/build.sh --with-timestamp --with-commit-id rpm
 


=====================================
build.sh
=====================================
@@ -202,7 +202,7 @@ if [ "$BUILD_TARGET" != "src" ] &&
     exit 1
 fi
 
-SPEC_TEMPLATE="$SRC_DIR/$NAME.spec.in"
+SPEC_TEMPLATE="$SRC_DIR/$NAME.spec"
 VERSION="`rpmspec -P "$SPEC_TEMPLATE" | grep "^Version:" | awk '{print $2;}'`"
 
 if [ "$DEBUG" = true ] ; then


=====================================
src/org/apache/tomcat/util/net/jss/PlainPasswordFile.java
=====================================
@@ -19,27 +19,96 @@
 
 package org.apache.tomcat.util.net.jss;
 
+import java.io.BufferedReader;
+import java.io.BufferedWriter;
 import java.io.FileInputStream;
 import java.io.FileOutputStream;
 import java.io.IOException;
+import java.io.InputStreamReader;
+import java.io.OutputStreamWriter;
 import java.util.Enumeration;
 import java.util.Properties;
 
 public class PlainPasswordFile implements IPasswordStore {
     private String mPwdPath = "";
     private Properties mPwdStore;
-    private static final String PASSWORD_WRITER_HEADER = "";
+    private static org.slf4j.Logger logger = org.slf4j.LoggerFactory.getLogger(PlainPasswordFile.class);
 
     public PlainPasswordFile() {
+        mPwdStore = new Properties();
     }
 
+    /**
+     * Initialization method to read passwords(key and element pairs) from a file.
+     * <p>
+     * Every property occupies one line of the input stream. Each line is terminated by a line terminator (
+     * <code>\n</code> or <code>\r</code> or <code>\r\n</code>). Lines are processed until end of
+     * file is reached.
+     * <p>
+     * A line that contains only whitespace or whose first non-whitespace character is an ASCII <code>#</code>
+     * is ignored (thus, <code>#</code> indicates comment line).
+     * <p>
+     * Every line other than a blank line or a comment line describes one property to be added to the table.
+     * The characters before the delimiter <code>=</code> forms the <code>key</code> and the characters after
+     * the <code>=</code> is assigned as <code>value</code> to the key.
+     * <p>
+     * As an example, each of the following lines specify the key <code>"Truth"</code> and the associated element
+     * value <code>"Beauty"</code>:
+     * <p>
+     *
+     * <pre>
+     * Truth = Beauty
+     * Truth= Beauty
+     * Truth                    =Beauty
+     * </pre>
+     *
+     * <p>
+     * Note that the space appearing before/after <code>=</code> is ignored. However, the space appearing in between are
+     * stored.
+     * <p>
+     * Example:
+     *
+     * <pre>
+     * Welcome Message  = Hello World
+     * </pre>
+     *
+     * assigns value <code>Hello World</code> to key <code>Welcome Message</code>
+     * <p>
+     *
+     * If the line doesn't have the delimiter <code>=</code>, the method throws an IOException
+     *
+     * @param pwdPath the input file path.
+     * @exception IOException if an error occurred when reading from the
+     *                input stream.
+     */
     public void init(String pwdPath) throws IOException {
-        mPwdStore = new Properties();
+        logger.debug("PlainPasswordFile: Initializing PlainPasswordFile");
         // initialize mPwdStore
         mPwdPath = pwdPath;
 
-        FileInputStream file = new FileInputStream(mPwdPath);
-        mPwdStore.load(file);
+        try (FileInputStream file = new FileInputStream(mPwdPath);
+                InputStreamReader isr = new InputStreamReader(file);
+                BufferedReader br = new BufferedReader(isr)) {
+
+            String line;
+            int index = 1;
+            while ((line = br.readLine()) != null) {
+                // Remove any leading or trailing spaces
+                line = line.trim();
+
+                if (line.startsWith("#") || line.isEmpty())
+                    continue;
+
+                String[] parts = line.split("=", 2);
+                if (parts.length < 2) {
+                    throw new IOException("Missing delimiter '=' in file " + mPwdPath + " in line " + index);
+                }
+
+                // Load key value into the password store
+                mPwdStore.put(parts[0].trim(), parts[1].trim());
+                index++;
+            }
+        }
     }
 
     public String getPassword(String tag) {
@@ -60,9 +129,22 @@ public class PlainPasswordFile implements IPasswordStore {
         return mPwdStore.setProperty(tag, password);
     }
 
-    public void commit() throws IOException, ClassCastException,
-            NullPointerException {
-        FileOutputStream file = new FileOutputStream(mPwdPath);
-        mPwdStore.store(file, PASSWORD_WRITER_HEADER);
+    public synchronized void commit()
+            throws IOException, ClassCastException, NullPointerException {
+        try (FileOutputStream file = new FileOutputStream(mPwdPath);
+                OutputStreamWriter osw = new OutputStreamWriter(file);
+                BufferedWriter bw = new BufferedWriter(osw)) {
+
+            for (Enumeration<?> e = mPwdStore.keys(); e.hasMoreElements();) {
+                String key = ((String) e.nextElement()).trim();
+                String val = ((String) mPwdStore.get(key)).trim();
+                bw.write(key + "=" + val);
+                bw.newLine();
+            }
+        }
+    }
+
+    public int getSize() {
+        return mPwdStore.size();
     }
 }


=====================================
src/org/apache/tomcat/util/net/jss/TomcatJSS.java
=====================================
@@ -500,13 +500,24 @@ public class TomcatJSS implements SSLSocketListener {
         }
 
         logger.debug("ocspResponderURL: " + ocspResponderURL);
+ 
         if (StringUtils.isEmpty(ocspResponderURL)) {
-            throw new Exception("Missing ocspResponderURL");
+            ocspResponderURL = null;
         }
 
         logger.debug("ocspResponderCertNickname: " + ocspResponderCertNickname);
         if (StringUtils.isEmpty(ocspResponderCertNickname)) {
-            throw new Exception("Missing ocspResponderCertNickname");
+            ocspResponderCertNickname = null;
+        }
+
+        // Check to see if the ocsp url and nickname are both set or not set
+
+        if (ocspResponderURL == null && ocspResponderCertNickname != null) {
+            throw new Exception("Missing OCSP responder URL");
+        }
+
+        if (ocspResponderURL != null && ocspResponderCertNickname == null) {
+            throw new Exception("Missing OCSP responder certificate nickname");
         }
 
         manager.configureOCSP(


=====================================
tomcatjss.spec.in → tomcatjss.spec
=====================================
@@ -7,7 +7,7 @@ URL:              http://www.dogtagpki.org/wiki/TomcatJSS
 License:          LGPLv2+
 BuildArch:        noarch
 
-Version:          7.3.4
+Version:          7.3.6
 Release:          1%{?_timestamp}%{?_commit_id}%{?dist}
 # global           _phase -a1
 
@@ -57,7 +57,7 @@ BuildRequires:    slf4j-jdk14
 %if 0%{?rhel} && 0%{?rhel} <= 7
 BuildRequires:    jss >= 4.4.0-7
 %else
-BuildRequires:    jss >= 4.5.0-0.6
+BuildRequires:    jss >= 4.5.0-1
 %endif
 
 # Tomcat
@@ -100,7 +100,7 @@ Requires:         slf4j-jdk14
 %if 0%{?rhel} && 0%{?rhel} <= 7
 Requires:         jss >= 4.4.0-7
 %else
-Requires:         jss >= 4.5.0-0.6
+Requires:         jss >= 4.5.0-1
 %endif
 
 # Tomcat



View it on GitLab: https://salsa.debian.org/freeipa-team/tomcatjss/compare/f51f08b5afb1b025f818b43ff88e09d1f8e7a525...a84bdfcc2416b73aa0dfa7c6cb4f43959cd33d04

-- 
View it on GitLab: https://salsa.debian.org/freeipa-team/tomcatjss/compare/f51f08b5afb1b025f818b43ff88e09d1f8e7a525...a84bdfcc2416b73aa0dfa7c6cb4f43959cd33d04
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-freeipa-devel/attachments/20181015/db73abbc/attachment-0001.html>


More information about the Pkg-freeipa-devel mailing list