[Pkg-freeipa-devel] [Git][freeipa-team/dogtag-pki][master] 46 commits: acme performance test script (#3368)
Timo Aaltonen
gitlab at salsa.debian.org
Tue Dec 15 22:11:27 GMT 2020
Timo Aaltonen pushed to branch master at FreeIPA packaging / dogtag-pki
Commits:
996a1bca by dpuniaredhat at 2020-11-18T11:33:23+05:30
acme performance test script (#3368)
How to Run:
1> Install httpd on client.
2> Install acme module eg. pip3 install acme
3> Run acme script with thread.
eg. python3 test_acme_cert_enrollment.py --directory-url http://pki1.example.com:8080/acme/directory --acme-dir /var/www/html/.well-known/acme-challenge --domain client.example.com --number-of-threads 1 --number-of-tests-per-thread 100
Signed-off-by: Deepak Punia <dpunia at redhat.com>
- - - - -
b0852c83 by Endi S. Dewata at 2020-11-19T13:34:56-06:00
Add CA test
- - - - -
553f4b46 by Endi S. Dewata at 2020-11-19T13:35:25-06:00
Add KRA test
- - - - -
437f5fda by Endi S. Dewata at 2020-11-19T14:00:45-06:00
Add OCSP test
- - - - -
f0a9aac5 by Endi S. Dewata at 2020-11-19T14:00:45-06:00
Add TKS test
- - - - -
a8a76e3a by Endi S. Dewata at 2020-11-19T14:00:45-06:00
Add TPS test
- - - - -
128f508a by Endi S. Dewata at 2020-11-19T14:04:36-06:00
Add Python test
- - - - -
acc7e369 by Endi S. Dewata at 2020-11-19T14:04:37-06:00
Update test badges in README.md
- - - - -
5f21c69f by Endi S. Dewata at 2020-11-19T14:04:50-06:00
Add subordinate CA test
- - - - -
5d8988bb by Endi S. Dewata at 2020-11-19T14:04:50-06:00
Add external CA test
- - - - -
91b5ff0f by Endi S. Dewata at 2020-11-19T14:04:50-06:00
Add CA clone test
- - - - -
43483e56 by Endi S. Dewata at 2020-11-19T16:19:25-06:00
Revert incorrect check-ins
- - - - -
1f1e37f7 by Endi S. Dewata at 2020-11-19T16:19:52-06:00
Add WITH_TPS option for CMake
- - - - -
b69ca648 by Endi S. Dewata at 2020-11-19T16:19:52-06:00
Add WITH_TKS option for CMake
- - - - -
62546988 by Endi S. Dewata at 2020-11-19T16:19:52-06:00
Add WITH_OCSP option for CMake
- - - - -
cb36af69 by Endi S. Dewata at 2020-11-19T16:19:52-06:00
Add WITH_KRA option for CMake
- - - - -
235b58e4 by Endi S. Dewata at 2020-11-19T16:19:52-06:00
Add WITH_CA option for CMake
- - - - -
ac2c5c9f by Endi S. Dewata at 2020-11-19T16:19:52-06:00
Add WITH_ACME option for CMake
- - - - -
21c3f7d5 by Endi S. Dewata at 2020-11-20T12:16:33-06:00
Replace SimpleDateFormat with FastDateFormat
The SimpleDateFormat has been replaced with FastDateFormat
which is thread-safe.
https://bugzilla.redhat.com/show_bug.cgi?id=1889691
- - - - -
ef7937c7 by Endi S. Dewata at 2020-11-30T09:28:23-06:00
Add CA test
- - - - -
1ecf2657 by Endi S. Dewata at 2020-11-30T09:28:23-06:00
Add KRA test
- - - - -
bbc2ff3d by Endi S. Dewata at 2020-11-30T09:28:23-06:00
Add OCSP test
- - - - -
89d50245 by Endi S. Dewata at 2020-11-30T09:28:23-06:00
Add TKS test
- - - - -
176440cd by Endi S. Dewata at 2020-11-30T09:28:23-06:00
Add TPS test
- - - - -
4ad77824 by Endi S. Dewata at 2020-11-30T09:28:23-06:00
Add Python test
- - - - -
4a405052 by Endi S. Dewata at 2020-11-30T09:28:23-06:00
Update status badges in README.md
- - - - -
c207ccb4 by Endi S. Dewata at 2020-11-30T19:26:21-06:00
Fix pki-server cert-fix
In commit e680746ac4926367aef5c3ae3404dbb23c07eb19 the
ResourceMessage was modified to no longer include empty
attributes. Because of this in certain cases the server
might return a CertEnrollmentRequest object (which extends
ResourceMessage) without the Input or Output attributes,
which broke the pki-server cert-fix command.
To fix the problem, the CertEnrollmentRequest.from_json()
has been modified to check whether the response contains
Input and Output before parsing the attributes.
https://bugzilla.redhat.com/show_bug.cgi?id=1897120
- - - - -
961d3ec4 by Endi S. Dewata at 2020-12-02T14:02:52-06:00
Add subordinate CA test
A new CI test has been added to verify subordinate CA
installation.
- - - - -
1ea6a0f9 by Endi S. Dewata at 2020-12-02T16:23:07-06:00
Update default metadata.conf
- - - - -
148f8110 by Endi S. Dewata at 2020-12-02T17:52:24-06:00
Add CA clone test
- - - - -
e1abd5ea by Endi S. Dewata at 2020-12-04T11:48:59-06:00
Add admin verification
- - - - -
a1992510 by Endi S. Dewata at 2020-12-07T13:15:25-06:00
Fix KRA/OCSP installation with external certs on HSM
The NSSDatabase.export_cert_from_db() has been modified
to use the fullname when exporting a cert from HSM.
The MigrateCLI.migrate_nssdb() has also been modified
to split the token name from the nickname properly.
https://bugzilla.redhat.com/show_bug.cgi?id=1890639
- - - - -
0132c567 by Endi S. Dewata at 2020-12-07T15:44:23-06:00
Add cert extension config for CA signing cert
- - - - -
41eb37bc by Endi S. Dewata at 2020-12-07T15:44:23-06:00
Add test for installing CA with external signing cert
- - - - -
fefa1fef by Endi S. Dewata at 2020-12-07T21:03:35-06:00
Update version number to 10.10.2
- - - - -
1b0a3737 by Christina Fu at 2020-12-08T10:35:27-06:00
Bug 1392616 - KRA key recovery cli kra-key-retrieve generates an invalid p12 file
This patch is to add back the try/catch block that was in place back in
DOGTAG_10_5_BRANCH. Initially I was going to just remove the two lines:
queue.processRequest(request);
queue.markAsServiced(request);
however, it's unclear to me if there is any scenario where they will be needed.
I'm leaving them the same as before.
Also, the reported issue might be misunderstanding due to unclear documentation.
>From the code, it seems the only way to download p12 is through the use
of a template file, which I will give example in the bug.
Man page has been updated as well in the area of PKCS12 key recovery.
fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1392616
- - - - -
0742e261 by Christina Fu at 2020-12-08T10:35:39-06:00
Bug1875563-part2-auditProfileUpgrade
This patch addresses the issue where when caSignedLogCert.cfg was renamed
caAuditSigningCert where
* The profileIDMapping and profileSetIDMapping params in the following
profile still contains the old names:
base/ca/shared/conf/caAuditSigningCert.profile
* at renewal time, the profile will no longer be available
The solution provided is to
* correct the two mapping param names in caAuditSigningCert.profile
* re-enable caSignedLogCert.cfg (but kept invisible)
fixes https://bugzilla.redhat.com/show_bug.cgi?id=1875563
- - - - -
0922585d by Endi S. Dewata at 2020-12-08T12:10:19-06:00
Move AddProfileCaAuditSigningCert.py
The upgrade script for adding a new audit signing cert and
deprecating the old audit signing cert has been moved from
10.10.0 to 10.10.2 to ensure that the changes will be
applied properly.
https://bugzilla.redhat.com/show_bug.cgi?id=1875563
- - - - -
c7e59bc8 by Endi S. Dewata at 2020-12-08T14:42:34-06:00
Add tools tests workflow
The PKICertImport test has been moved into a new tools
tests workflow to shorten the build time without reducing
test coverage.
- - - - -
45754068 by Endi S. Dewata at 2020-12-08T15:13:51-06:00
Fix pylint issue in AddProfileCaAuditSigningCert.py
https://bugzilla.redhat.com/show_bug.cgi?id=1875563
- - - - -
749d8573 by Timo Aaltonen at 2020-12-10T23:36:04+02:00
control: Add dependencies on openssl.
- - - - -
9907e41a by Timo Aaltonen at 2020-12-15T23:41:06+02:00
control: Add libjaxp1.3-java to build-depends and pki-base-java depends.
- - - - -
ab8a0e18 by Timo Aaltonen at 2020-12-15T23:58:54+02:00
control, fix-tomcat-jars.diff: Updated to use correct servlet.jar, drop libservlet3.1-java from dependencies.
- - - - -
3fb68676 by Timo Aaltonen at 2020-12-16T00:04:53+02:00
control: Move pki-tools to pki-base-java Suggests to avoid a circular dependency. (Closes: #977418)
- - - - -
cb83dfca by Timo Aaltonen at 2020-12-16T00:08:13+02:00
Merge branch 'upstream'
- - - - -
ca51396e by Timo Aaltonen at 2020-12-16T00:09:50+02:00
bump the version
- - - - -
30 changed files:
- + .github/workflows/ca-tests.yml
- − .github/workflows/installation-tests.yml
- .github/workflows/ipa-tests.yml
- + .github/workflows/kra-tests.yml
- + .github/workflows/ocsp-tests.yml
- + .github/workflows/python-tests.yml
- + .github/workflows/tks-tests.yml
- + .github/workflows/tools-tests.yml
- + .github/workflows/tps-tests.yml
- CMakeLists.txt
- README.md
- base/CMakeLists.txt
- base/acme/conf/metadata.conf
- base/acme/openshift/pki-acme-metadata.yaml
- base/acme/src/main/java/org/dogtagpki/acme/database/LDAPDatabase.java
- base/ca/shared/conf/caAuditSigningCert.profile
- base/ca/shared/profiles/ca/caSignedLogCert.cfg
- base/common/python/pki/cert.py
- base/common/python/pki/nssdb.py
- base/common/src/main/java/org/dogtagpki/acme/ACME.java
- base/kra/src/org/dogtagpki/server/kra/rest/KeyService.java
- base/server/CMakeLists.txt
- + base/server/certs/ca_signing.conf
- + base/server/examples/installation/ca-external-cert-step1.cfg
- + base/server/examples/installation/ca-external-cert-step2.cfg
- base/server/python/pki/server/cli/cert.py
- base/server/python/pki/server/cli/migrate.py
- base/server/upgrade/10.10.0/04-AddProfileCaAuditSigningCert.py → base/server/upgrade/10.10.2/01-AddProfileCaAuditSigningCert.py
- base/util/CMakeLists.txt
- debian/changelog
The diff was not included because it is too large.
View it on GitLab: https://salsa.debian.org/freeipa-team/dogtag-pki/-/compare/62e10fdb4a904145b1b993eb3ea787cde0f680fe...ca51396e4701f0e21b4cef5444ae94da48829c09
--
View it on GitLab: https://salsa.debian.org/freeipa-team/dogtag-pki/-/compare/62e10fdb4a904145b1b993eb3ea787cde0f680fe...ca51396e4701f0e21b4cef5444ae94da48829c09
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-freeipa-devel/attachments/20201215/72d01fb1/attachment-0001.html>
More information about the Pkg-freeipa-devel
mailing list