%if %mdkversion < 1020 %define apache_conf_dir %{_sysconfdir}/httpd/conf.d %else %define apache_conf_dir %{_sysconfdir}/httpd/conf/webapps.d %endif Summary: OpenCA Certification Authority Name: openca Version: 0.9.3 Release: %mkrel 0.rc1.1 License: BSD-like Group: System/Servers URL: http://www.openca.org/ Source0: http://www.openca.org/ftp/openca/v0.9/openca-%{version}-rc1.tar.gz Source1: mandriva-apache-config-1.0.tar.bz2 Source2: openca.init Source3: README.Mandriva Source4: openca_bootstrap.sh Source5: device_permissions.template Patch0: openca-disable_external_modules_and_optional_c_modules.diff Patch1: openca-bindir.diff Patch2: openca-0.9.2-20040928-install_fix.diff Patch3: openca-0.9.2.4-bug20735.diff Patch4: OpenCA-0.9.2.5-ldap_hostname.diff Patch5: OpenCA-0.9.2.5-bug1414780.diff Patch6: openca-engine_pkcs11.diff Patch7: openca-wrong_dir_mode.diff BuildRequires: openssl >= 0.9.7 BuildRequires: openldap-devel BuildRequires: perl-devel BuildRequires: libxslt-proc BuildRequires: automake1.7 BuildRequires: autoconf2.5 BuildRequires: file BuildRequires: perl(OpenCA::Tools) #BuildRequires: fop BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-root %description The OpenCA Project is a collaborative effort to develop a robust, full-featured and Open Source out-of-the-box Certification Authority implementing the most used protocols with full-strength cryptography world-wide. OpenCA is based on many Open-Source Projects. Among the supported software is OpenLDAP, OpenSSL, Apache Project, Apache mod_ssl. This product includes OpenCA software written by Massimiliano Pala (madwolf@openca.org) and the OpenCA Group (www.openca.org) %package common Summary: OpenCA common components Group: System/Servers Requires(post): rpm-helper apache-mod_ssl openca-sv Requires(preun): rpm-helper apache-mod_ssl openca-sv Requires(pre): rpm-helper Requires(postun): rpm-helper Requires: apache-mod_ssl Requires: openca-sv Requires: glibc-i18ndata Requires: openssl >= 0.9.7 Requires: engine_pkcs11 Requires: perl-Net-Server >= 0.86 Requires: MailTransportAgent Requires: perl-CGI-Session Requires: perl-Convert-ASN1 Requires: perl-Digest-SHA1 Requires: perl-ldap Requires: perl-libintl-perl Requires: perl-MailTools Requires: perl-MIME-Base64 Requires: perl-MIME-tools Requires: perl-MIME-Lite Requires: perl-OpenCA-AC Requires: perl-OpenCA-Configuration Requires: perl-OpenCA-CRL Requires: perl-OpenCA-Crypto Requires: perl-OpenCA-DB Requires: perl-OpenCA-DBI #Requires: perl-OpenCA-LDAP Requires: perl-OpenCA-Log Requires: perl-OpenCA-OpenSSL Requires: perl-OpenCA-PKCS7 Requires: perl-OpenCA-REQ Requires: perl-OpenCA-Session Requires: perl-OpenCA-StateMachine Requires: perl-OpenCA-Tools Requires: perl-OpenCA-TRIStateCGI Requires: perl-OpenCA-UI-HTML Requires: perl-OpenCA-X509 Requires: perl-OpenCA-XML-Cache Requires: perl-URI Requires: perl-X500-DN Requires: locales-de Requires: locales-el Requires: locales-en Requires: locales-es Requires: locales-fr Requires: locales-it Requires: locales-ja Requires: locales-pl Requires: locales-ru Requires: locales-sl Requires: cdrecord Requires: mkisofs #Requires: perl-XML-Grove #Requires: perl-XML-Twig #Requires: perl-XML-XPath %define _requires_exceptions perl(OpenCA::\@dbmodule\@) %description common OpenCA common components. This package includes all parts of OpenCA which are common for the CA and the RAServer and are not included in a module. This product includes OpenCA software written by Massimiliano Pala (madwolf@openca.org) and the OpenCA Group (www.openca.org) This package contains common functionality required everywhere. %package web-interfaces-ca Summary: OpenCA Certification Authority Group: System/Servers Requires(post): openca-common openca-web-interfaces-node Requires(preun): openca-common openca-web-interfaces-node Requires: openca-common = %{version}-%{release} Requires: openca-web-interfaces-node = %{version}-%{release} # OE: Please do not remove this commented stuff #Requires: perl-MIME-Base64 #Requires: perl-OpenCA-Configuration #Requires: perl-OpenCA-CRL #Requires: perl-OpenCA-DB #Requires: perl-OpenCA-DBI #Requires: perl-OpenCA-OpenSSL #Requires: perl-OpenCA-PKCS7 #Requires: perl-OpenCA-REQ #Requires: perl-OpenCA-Tools #Requires: perl-OpenCA-TRIStateCGI #Requires: perl-OpenCA-X509 Provides: %{name} %description web-interfaces-ca The OpenCA Project is a collaborative effort to develop a robust, full-featured and Open Source out-of-the-box Certification Authority implementing the most used protocols with full-strength cryptography world-wide. OpenCA is based on many Open-Source Projects. Among the supported software is OpenLDAP, OpenSSL, Apache Project, Apache mod_ssl. This product includes OpenCA software written by Massimiliano Pala (madwolf@openca.org) and the OpenCA Group (www.openca.org) This package is designed to run on a stand alone machine, without Internet access, and is used to sign authorized requests. %package web-interfaces-node Summary: OpenCA Node Management at CA level Group: System/Servers Requires(post): openca-common Requires(preun): openca-common # OE: Please do not remove this commented stuff #Requires: perl-ldap #Requires: perl-MIME-Base64 #Requires: perl-OpenCA-Configuration #Requires: perl-OpenCA-CRL #Requires: perl-OpenCA-DB #Requires: perl-OpenCA-DBI #Requires: perl-OpenCA-OpenSSL #Requires: perl-OpenCA-PKCS7 #Requires: perl-OpenCA-REQ #Requires: perl-OpenCA-Tools #Requires: perl-OpenCA-TRIStateCGI #Requires: perl-OpenCA-X509 %description web-interfaces-node OpenCA Node Management at CA level This product includes OpenCA software written by Massimiliano Pala (madwolf@openca.org) and the OpenCA Group (www.openca.org) This packages provide the basic node handling procedures to the ca|ra|ldap|pub interfaces. It manages backups and dataexchange. %package web-interfaces-ldap Summary: OpenCA Certification Authority Group: System/Servers Requires(post): openca-common openca-web-interfaces-node Requires(preun): openca-common openca-web-interfaces-node Requires: openca-common = %{version}-%{release} Requires: openca-web-interfaces-node = %{version}-%{release} # OE: Please do not remove this commented stuff #Requires: perl-MIME-Base64 #Requires: perl-OpenCA-CRL #Requires: perl-OpenCA-Configuration #Requires: perl-OpenCA-DB #Requires: perl-OpenCA-DBI Requires: perl-OpenCA-LDAP #Requires: perl-OpenCA-OpenSSL #Requires: perl-OpenCA-PKCS7 #Requires: perl-OpenCA-REQ #Requires: perl-OpenCA-TRIStateCGI #Requires: perl-OpenCA-Tools #Requires: perl-OpenCA-X509 #Requires: perl-ldap %description web-interfaces-ldap OpenCA LDAP This product includes OpenCA software written by Massimiliano Pala (madwolf@openca.org) and the OpenCA Group (www.openca.org) This package is designed to handle LDAP management. %package web-interfaces-pub Summary: OpenCA Public Web Interface Group: System/Servers Requires(post): openca-common openca-web-interfaces-node Requires(preun): openca-common openca-web-interfaces-node Requires: openca-common = %{version}-%{release} Requires: openca-web-interfaces-node = %{version}-%{release} # OE: Please do not remove this commented stuff #Requires: perl-ldap #Requires: perl-MIME-Base64 #Requires: perl-OpenCA-Configuration #Requires: perl-OpenCA-CRL #Requires: perl-OpenCA-DB #Requires: perl-OpenCA-DBI #Requires: perl-OpenCA-OpenSSL #Requires: perl-OpenCA-PKCS7 #Requires: perl-OpenCA-REQ #Requires: perl-OpenCA-Tools #Requires: perl-OpenCA-TRIStateCGI #Requires: perl-OpenCA-X509 %description web-interfaces-pub OpenCA Public Web Interface This product includes OpenCA software written by Massimiliano Pala (madwolf@openca.org) and the OpenCA Group (www.openca.org) This package is designed to run on a secure networked host that is used for placing requests. %package web-interfaces-ra Summary: OpenCA Registration Authority Group: System/Servers Requires(post): openca-common openca-web-interfaces-node Requires(preun): openca-common openca-web-interfaces-node Requires: openca-common = %{version}-%{release} Requires: openca-web-interfaces-node = %{version}-%{release} # OE: Please do not remove this commented stuff #Requires: perl-ldap #Requires: perl-MIME-Base64 #Requires: perl-OpenCA-Configuration #Requires: perl-OpenCA-CRL #Requires: perl-OpenCA-DB #Requires: perl-OpenCA-DBI #Requires: perl-OpenCA-OpenSSL #Requires: perl-OpenCA-PKCS7 #Requires: perl-OpenCA-REQ #Requires: perl-OpenCA-Tools #Requires: perl-OpenCA-TRIStateCGI #Requires: perl-OpenCA-X509 %description web-interfaces-ra OpenCA Registration Authority This product includes OpenCA software written by Massimiliano Pala (madwolf@openca.org) and the OpenCA Group (www.openca.org) This package is designed to run on a secure networked host that is used for placing requests. %package web-interfaces-scep Summary: OpenCA SCEP Interface Group: System/Servers Requires(post): openca-common openca-web-interfaces-node Requires(preun): openca-common openca-web-interfaces-node Requires: openca-common = %{version}-%{release} Requires: openca-web-interfaces-node = %{version}-%{release} # OE: Please do not remove this commented stuff #Requires: perl-ldap #Requires: perl-MIME-Base64 #Requires: perl-OpenCA-Configuration #Requires: perl-OpenCA-CRL #Requires: perl-OpenCA-DB #Requires: perl-OpenCA-DBI #Requires: perl-OpenCA-OpenSSL #Requires: perl-OpenCA-PKCS7 #Requires: perl-OpenCA-REQ #Requires: perl-OpenCA-Tools #Requires: perl-OpenCA-TRIStateCGI #Requires: perl-OpenCA-X509 %description web-interfaces-scep OpenCA SCEP Interface This product includes OpenCA software written by Massimiliano Pala (madwolf@openca.org) and the OpenCA Group (www.openca.org) Simple Certificate Enrollment Protocol was developed by Cisco and is used to handle the communication between a PKI and networkcomponents like router, switches and other (perhaps software) VPN components. %package web-interfaces-batch Summary: OpenCA Batch System Group: System/Servers Requires(post): openca-common openca-web-interfaces-node Requires(preun): openca-common openca-web-interfaces-node Requires: openca-common = %{version}-%{release} Requires: openca-web-interfaces-node = %{version}-%{release} %description web-interfaces-batch OpenCA Batch System. This product includes OpenCA software written by Massimiliano Pala (madwolf@openca.org) and the OpenCA Group (www.openca.org) This package is designed to run on a secure networked host that is used for placing requests. %prep %setup -q -n openca-%{version}-rc1 -a1 # fix strange perms find . -type d -perm 0700 -exec chmod 755 {} \; find . -type f -perm 0555 -exec chmod 755 {} \; find . -type f -perm 0444 -exec chmod 644 {} \; %patch0 -p1 %patch1 -p1 %patch2 -p0 %patch3 -p0 %patch4 -p1 %patch5 -p0 %patch6 -p0 %patch7 -p1 cp %{SOURCE2} openca.init cp %{SOURCE3} README.Mandriva cp %{SOURCE4} openca_bootstrap.sh cp %{SOURCE5} device_permissions.template # cleanup rm -rf src/common/etc/tmp src/modules src/ext-modules # strip away annoying ^M find . -type f|xargs file|grep 'CRLF'|cut -d: -f1|xargs perl -p -i -e 's/\r//' find . -type f|xargs file|grep 'text'|cut -d: -f1|xargs perl -p -i -e 's/\r//' %build %serverbuild make clean export WANT_AUTOCONF_2_5=1 rm -f configure rm -rf autom4te.cache aclocal-1.7; autoconf --force # fix install as non root export INST_UID=`id -nu` export INST_GID=`id -ng` export OPENCA_SV="%{_bindir}/openca-sv" export OPENCA_SCEP="%{_bindir}/openca-scep" export INSTALL="%{_bindir}/install" %configure2_5x \ --prefix=%{_datadir}/openca \ --enable-package-build \ --with-openca-user=openca \ --with-openca-group=openca \ --with-openca-prefix=%{_datadir}/openca \ --with-etc-prefix=%{_sysconfdir}/openca \ --with-lib-prefix=%{_datadir}/openca \ --with-var-prefix=%{_localstatedir}/openca \ --with-web-host="_WEB_HOST_NAME_" \ --with-httpd-user=apache \ --with-httpd-group=apache \ --with-cgi-fs-prefix=/var/www/cgi-bin/openca \ --with-cgi-url-prefix=/cgi-bin/openca \ --with-htdocs-fs-prefix=/var/www/html/openca \ --with-httpd-url-prefix=/openca \ --with-htdocs-url-prefix=/openca \ --with-httpd-fs-prefix=/var/www \ --with-ldap-host="_LDAP_HOST_NAME_" \ --with-ca-organization="OpenCA PKI Services" \ --with-ca-country=IT \ --with-ca-locality=Modena \ --with-ldap-port=389 \ --with-ldap-root="cn=Manager,o=OpenCA,c=IT" \ --with-ldap-root-pwd="openca" \ --with-engine=no \ --with-db-type=mysql \ --with-db-name=openca \ --with-db-host=localhost \ --with-db-port=3306 \ --with-db-user=openca \ --with-db-passwd="openca" \ --with-service-mail-account="pki@openca.org" \ --with-language=en_EN \ --with-hierarchy-level=ca \ --enable-dbi \ --enable-rbac \ --with-module-prefix="%{_prefix}/lib" \ --with-sendmail=%{_sbindir}/sendmail \ --with-dist-user=$INST_UID \ --with-dist-group=$INST_GID \ --enable-package-build make ca ext doc %install [ -n "%{buildroot}" -a "%{buildroot}" != / ] && rm -rf %{buildroot} # don't fiddle with the initscript! export DONT_GPRINTIFY=1 # fix install as non root export INST_UID=`id -nu` export INST_GID=`id -ng` # weird stuff ahead, begin # (close your eyes, don't ask...) INSTALL_STUFF="ca common ldap pub ra scep node batch" for i in $INSTALL_STUFF; do make \ USER=$INST_UID GROUP=$INST_GID httpd_user=$INST_UID httpd_group=$INST_GID openca_user=$INST_UID openca_group=$INST_GID \ DEST_BINDIR="%{buildroot}%{_bindir}" \ DEST_DATADIR="%{buildroot}%{_datadir}/openca" \ DEST_LIBDIR="%{buildroot}%{_prefix}/lib" \ DEST_MANDIR="%{buildroot}%{_mandir}" \ DEST_SBINDIR="%{buildroot}%{_sbindir}" \ DEST_LIB_STYLESHEET_DIR="%{buildroot}/installed_stuff-${i}/%{_datadir}/openca/stylesheets" \ DESTDIR="%{buildroot}/installed_stuff-${i}" \ install-${i} > /dev/null done for i in $INSTALL_STUFF; do # maybe do something clever with this file list later on? find %{buildroot}/installed_stuff-${i} -type f | sed "s@^%{buildroot}/installed_stuff-${i}@@g" > ${i}.files cp -rp %{buildroot}/installed_stuff-${i}/* %{buildroot}/ rm -rf %{buildroot}/installed_stuff-${i} done # weird stuff ahead, end # (it's safe to open your eyes now...) # install a simple sysv script install -d %{buildroot}%{_initrddir} install -m0755 openca.init %{buildroot}%{_initrddir}/openca # fix apache config install -d %{buildroot}%{apache_conf_dir} install -d %{buildroot}%{_sysconfdir}/openca/apache/ pushd mandriva-apache-config-* for i in 404_*; do new_name=`echo $i|sed -e 's/^404_//'|sed -e 's/\.template$//'` %{buildroot}%{_bindir}/openca-configure %{buildroot}%{_sysconfdir}/openca/config.xml $i %{buildroot}%{apache_conf_dir}/$new_name chmod 644 %{buildroot}%{apache_conf_dir}/$new_name pushd %{buildroot}%{_sysconfdir}/openca/apache ln -s %{apache_conf_dir}/$new_name $new_name popd done popd install -m0644 mandriva-apache-config-*/openca-*.template %{buildroot}%{_sysconfdir}/openca/apache/ # install a simple openca_bootstrap.sh script install -d %{buildroot}%{_sbindir}/ install -m0755 openca_bootstrap.sh %{buildroot}%{_sbindir}/ # fix device permissions install -m0644 device_permissions.template %{buildroot}%{_sysconfdir}/openca/ %pre common %_pre_useradd openca %{_datadir}/openca /bin/sh # make openca able to use the cdrom and floppy %{_bindir}/gpasswd -a apache floppy 1>&2 > /dev/null || : %{_bindir}/gpasswd -a apache cdrom 1>&2 > /dev/null || : %{_bindir}/gpasswd -a openca floppy 1>&2 > /dev/null || : %{_bindir}/gpasswd -a openca cdrom 1>&2 > /dev/null || : %post common %_post_service openca if [ -f %{_var}/lock/subsys/httpd ]; then %{_initrddir}/httpd restart 1>&2; fi %preun common %_preun_service openca %postun common %_postun_userdel openca if [ "$1" = "0" ]; then if [ -f %{_var}/lock/subsys/httpd ]; then %{_initrddir}/httpd restart 1>&2 fi fi %clean [ -n "%{buildroot}" -a "%{buildroot}" != / ] && rm -rf %{buildroot} %files common %defattr(-,root,root) %doc CHANGES HISTORY I18N LICENSE NOTES.Chain README STATUS THANKS TODO README.Mandriva %attr(0755,root,root) %{_initrddir}/openca %attr(0644,root,root) %config(noreplace) %{apache_conf_dir}/openca-batch.conf %attr(0644,root,root) %config(noreplace) %{apache_conf_dir}/openca-ca.conf %attr(0644,root,root) %config(noreplace) %{apache_conf_dir}/openca-ldap.conf %attr(0644,root,root) %config(noreplace) %{apache_conf_dir}/openca-node.conf %attr(0644,root,root) %config(noreplace) %{apache_conf_dir}/openca-pub.conf %attr(0644,root,root) %config(noreplace) %{apache_conf_dir}/openca-ra.conf %attr(0644,root,root) %config(noreplace) %{apache_conf_dir}/openca-scep.conf %attr(0755,apache,apache) %dir %{_sysconfdir}/openca %attr(0755,apache,apache) %dir %{_sysconfdir}/openca/access_control %attr(0755,apache,apache) %dir %{_sysconfdir}/openca/apache %attr(0755,apache,apache) %dir %{_sysconfdir}/openca/bp %attr(0755,apache,apache) %dir %{_sysconfdir}/openca/bp/functions %attr(0755,apache,apache) %dir %{_sysconfdir}/openca/database %attr(0755,apache,apache) %dir %{_sysconfdir}/openca/openssl %attr(0755,apache,apache) %dir %{_sysconfdir}/openca/openssl/extfiles %attr(0755,apache,apache) %dir %{_sysconfdir}/openca/openssl/openssl %attr(0755,apache,apache) %dir %{_sysconfdir}/openca/rbac %attr(0755,apache,apache) %dir %{_sysconfdir}/openca/rbac/cmds %attr(0755,apache,apache) %dir %{_sysconfdir}/openca/scep %attr(0755,apache,apache) %dir %{_sysconfdir}/openca/servers %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/apache/openca-batch.conf %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/apache/openca-ca.conf %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/apache/openca-ldap.conf %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/apache/openca-node.conf %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/apache/openca-pub.conf %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/apache/openca-ra.conf %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/apache/openca-scep.conf %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/*.xml* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/bp/*.xml* %attr(0644,openca,openca) %{_sysconfdir}/openca/bp/*.txt %attr(0644,openca,openca) %{_sysconfdir}/openca/bp/functions/*.txt %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/database/*.conf* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/openssl/openssl.cnf* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/openssl/sample-openssl.conf* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/openssl/sample-openssl.ext* %attr(0644,apache,apache) %config(noreplace) %{_sysconfdir}/openca/openssl/extfiles/*.ext* %attr(0644,apache,apache) %config(noreplace) %{_sysconfdir}/openca/openssl/openssl/*.conf* %attr(0644,apache,apache) %config(noreplace) %{_sysconfdir}/openca/rbac/*.xml* %attr(0644,apache,apache) %config(noreplace) %{_sysconfdir}/openca/rbac/cmds/*.xml* %attr(0644,apache,apache) %config(noreplace) %{_sysconfdir}/openca/rbac/cmds/*.pl %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/utf8_latin1_selector.sh.template %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/device_permissions.template %attr(0644,openca,openca) %config(noreplace) %{_datadir}/openca/mails/*/*.msg* %attr(0755,root,root) %{_sysconfdir}/openca/configure_etc.sh %attr(0755,root,root) %{_sysconfdir}/openca/openca_rc %attr(0755,root,root) %{_sysconfdir}/openca/openca_start* %attr(0755,root,root) %{_sysconfdir}/openca/openca_stop* %attr(0755,openca,openca) %{_bindir}/openca-addcert %attr(0755,openca,openca) %{_bindir}/openca-backup %attr(0755,openca,openca) %{_bindir}/openca-browserexp %attr(0755,openca,openca) %{_bindir}/openca-configure %attr(0755,openca,openca) %{_bindir}/openca-dbbuild %attr(0755,openca,openca) %{_bindir}/openca-dbcreate %attr(0755,openca,openca) %{_bindir}/openca-dblist %attr(0755,openca,openca) %{_bindir}/openca-dbview %attr(0755,openca,openca) %{_bindir}/openca-digest %attr(0755,openca,openca) %{_bindir}/openca-getcert %attr(0755,openca,openca) %{_bindir}/openca-getitem %attr(0755,openca,openca) %{_bindir}/openca-importcerts %attr(0755,openca,openca) %{_bindir}/openca-importreqs %attr(0755,openca,openca) %{_bindir}/openca-newcert %attr(0755,openca,openca) %{_bindir}/openca-unrevoke %attr(0755,openca,openca) %{_bindir}/openssl-setopt %attr(0644,openca,openca) %{_datadir}/openca/bp/*.sub %attr(0644,openca,openca) %{_datadir}/openca/cmds/* %attr(0644,openca,openca) %{_datadir}/openca/functions/* %attr(0644,openca,openca) %{_datadir}/openca/locale/*/LC_MESSAGES/*.mo #%attr(0755,openca,openca) %dir %{_datadir}/openca/servers %attr(0644,openca,openca) %{_datadir}/openca/stylesheets/*.css %attr(0755,apache,apache) %dir %{_localstatedir}/openca/bp %attr(0755,apache,apache) %dir %{_localstatedir}/openca/bp/users %attr(0755,apache,apache) %dir %{_localstatedir}/openca/bp/dataexchange %attr(0755,apache,apache) %dir %{_localstatedir}/openca/bp/dataexchange/pkcs12 %attr(0755,apache,apache) %dir %{_localstatedir}/openca/crypto %attr(0755,apache,apache) %dir %{_localstatedir}/openca/crypto/cacerts %attr(0755,apache,apache) %dir %{_localstatedir}/openca/crypto/certs %attr(0755,apache,apache) %dir %{_localstatedir}/openca/crypto/chain %attr(0755,apache,apache) %dir %{_localstatedir}/openca/crypto/crls %attr(0755,apache,apache) %dir %{_localstatedir}/openca/crypto/keys %attr(0755,apache,apache) %dir %{_localstatedir}/openca/crypto/reqs %attr(0755,apache,apache) %dir %{_localstatedir}/openca/db %attr(0755,apache,apache) %dir %{_localstatedir}/openca/log %attr(0755,apache,apache) %dir %{_localstatedir}/openca/log/enroll %attr(0755,apache,apache) %dir %{_localstatedir}/openca/log/download %attr(0755,apache,apache) %dir %{_localstatedir}/openca/log/receive %attr(0755,apache,apache) %dir %{_localstatedir}/openca/log/upload %attr(0755,apache,apache) %dir %{_localstatedir}/openca/log/xml %attr(0755,apache,apache) %dir %{_localstatedir}/openca/log/xml/class %attr(0755,apache,apache) %dir %{_localstatedir}/openca/log/xml/level %attr(0755,apache,apache) %dir %{_localstatedir}/openca/log/xml/session %attr(0755,apache,apache) %dir %{_localstatedir}/openca/log/xml/time %attr(0755,apache,apache) %dir %{_localstatedir}/openca/mail %attr(0755,apache,apache) %dir %{_localstatedir}/openca/mail/crins %attr(0755,apache,apache) %dir %{_localstatedir}/openca/mail/default %attr(0755,apache,apache) %dir %{_localstatedir}/openca/session %attr(0755,apache,apache) %dir %{_localstatedir}/openca/session/cookie %attr(0755,apache,apache) %dir %{_localstatedir}/openca/tmp %attr(0644,apache,apache) %{_localstatedir}/openca/log/xml_cache.log %attr(0644,apache,apache) %{_localstatedir}/openca/crypto/chain/Makefile %attr(0644,apache,apache) %{_localstatedir}/openca/crypto/serial %attr(0644,apache,apache) %{_localstatedir}/openca/crypto/index.txt %attr(0644,apache,apache) %{_localstatedir}/openca/crypto/crlnumber #%attr(0644,apache,apache) %{_localstatedir}/openca/mail/crins/mailcounter #%attr(0644,apache,apache) %{_localstatedir}/openca/mail/default/mailcounter %attr(0644,apache,apache) %{_localstatedir}/openca/crypto/cacerts/*.crt %attr(0644,apache,apache) %{_localstatedir}/openca/crypto/cacerts/*.pem %attr(0644,apache,apache) %{_localstatedir}/openca/crypto/cacerts/*.cer %attr(0644,apache,apache) %{_localstatedir}/openca/crypto/keys/*.pem %attr(0754,root,root) %{_sbindir}/openca_bootstrap.sh %files web-interfaces-ca %defattr(-,root,root) %attr(0644,root,root) %config(noreplace) %{apache_conf_dir}/openca-ca.conf %attr(0640,openca,apache) %config(noreplace) %{_sysconfdir}/openca/servers/ca.conf* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/access_control/ca.xml* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/apache/openca-ca.conf.template #%attr(-,openca,openca) %{_datadir}/openca/servers/ca %attr(0711,openca,openca) %dir /var/www/cgi-bin/openca %attr(0755,openca,openca) /var/www/cgi-bin/openca/ca %attr(-,openca,openca) /var/www/html/openca/ca %attr(0750,apache,apache) %dir %{_localstatedir}/openca/session/cookie/ca %files web-interfaces-node %defattr(-,root,root) %attr(0644,root,root) %config(noreplace) %{apache_conf_dir}/openca-node.conf %attr(0640,openca,apache) %config(noreplace) %{_sysconfdir}/openca/servers/node.conf* %attr(0640,openca,apache) %config(noreplace) %{_sysconfdir}/openca/servers/common.conf* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/access_control/node.xml* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/apache/openca-node.conf.template #%attr(-,openca,openca) %{_datadir}/openca/servers/node %attr(0711,openca,openca) %dir /var/www/cgi-bin/openca/node %attr(0755,openca,openca) /var/www/cgi-bin/openca/node/node %attr(-,openca,openca) /var/www/html/openca/node %attr(0750,apache,apache) %dir %{_localstatedir}/openca/session/cookie/node %files web-interfaces-ldap %defattr(-,root,root) %attr(0644,root,root) %config(noreplace) %{apache_conf_dir}/openca-ldap.conf %attr(0640,openca,apache) %config(noreplace) %{_sysconfdir}/openca/servers/ldap.conf* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/access_control/ldap.xml* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/apache/openca-ldap.conf.template #%attr(-,openca,openca) %{_datadir}/openca/servers/ldap %attr(0711,openca,openca) %dir /var/www/cgi-bin/openca/ldap %attr(0755,openca,openca) /var/www/cgi-bin/openca/ldap/ldap %attr(-,openca,openca) /var/www/html/openca/ldap %attr(0750,apache,apache) %dir %{_localstatedir}/openca/session/cookie/ldap %files web-interfaces-pub %defattr(-,root,root) %attr(0644,root,root) %config(noreplace) %{apache_conf_dir}/openca-pub.conf %attr(0640,openca,apache) %config(noreplace) %{_sysconfdir}/openca/servers/pub.conf* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/access_control/pub.xml* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/apache/openca-pub.conf.template #%attr(-,openca,openca) %{_datadir}/openca/servers/pub %attr(0711,openca,openca) %dir /var/www/cgi-bin/openca/pub %attr(0755,openca,openca) /var/www/cgi-bin/openca/pub/pki %attr(0755,openca,openca) /var/www/cgi-bin/openca/pub/download.cer %attr(-,openca,openca) /var/www/html/openca/pub %attr(0750,apache,apache) %dir %{_localstatedir}/openca/session/cookie/pub %files web-interfaces-ra %defattr(-,root,root) %attr(0644,root,root) %config(noreplace) %{apache_conf_dir}/openca-ra.conf %attr(0640,openca,apache) %config(noreplace) %{_sysconfdir}/openca/servers/ra.conf* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/access_control/ra.xml* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/apache/openca-ra.conf.template #%attr(-,openca,openca) %{_datadir}/openca/servers/ra %attr(0711,openca,openca) %dir /var/www/cgi-bin/openca/ra %attr(0755,openca,openca) /var/www/cgi-bin/openca/ra/RAServer %attr(-,openca,openca) /var/www/html/openca/ra %attr(0750,apache,apache) %dir %{_localstatedir}/openca/session/cookie/ra %files web-interfaces-scep %defattr(-,root,root) %attr(0644,root,root) %config(noreplace) %{apache_conf_dir}/openca-scep.conf %attr(0640,openca,apache) %config(noreplace) %{_sysconfdir}/openca/servers/scep.conf* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/access_control/scep.xml* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/apache/openca-scep.conf.template #%attr(-,openca,openca) %{_datadir}/openca/servers/scep %attr(0711,openca,openca) %dir /var/www/cgi-bin/openca/scep %attr(0755,openca,openca) /var/www/cgi-bin/openca/scep/scep %attr(0755,openca,openca) /var/www/cgi-bin/openca/scep/pkiclient.exe %attr(0750,apache,apache) %dir %{_localstatedir}/openca/session/cookie/scep %files web-interfaces-batch %defattr(-,root,root) %attr(0644,root,root) %config(noreplace) %{apache_conf_dir}/openca-batch.conf %attr(0640,openca,apache) %config(noreplace) %{_sysconfdir}/openca/servers/batch.conf* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/access_control/batch.xml* %attr(0644,openca,openca) %config(noreplace) %{_sysconfdir}/openca/apache/openca-batch.conf.template #%attr(-,openca,openca) %{_datadir}/openca/servers/batch %attr(0711,openca,openca) %dir /var/www/cgi-bin/openca/batch %attr(0755,openca,openca) /var/www/cgi-bin/openca/batch/batch %attr(-,openca,openca) /var/www/html/openca/batch %changelog * Fri Aug 17 2007 Oden Eriksson <oeriksson@mandriva.com> 0.9.3-0.rc1.1mdv2008.0 + Revision: 64988 - 0.9.3-rc1 - rediffed patches - added one new patch (engine_pkcs11) and deps - cleaned up the spec file a little * Fri Mar 02 2007 Oden Eriksson <oeriksson@mandriva.com> 0.9.2.5-6mdv2007.0 + Revision: 131337 - bunzip sources - make it "build" - Import openca * Tue Apr 25 2006 Nicolas Lécureuil <neoclust@mandriva.org> 0.9.2.5-6mdk - Add BuildRequires * Mon Mar 06 2006 Oden Eriksson <oeriksson@mandriva.com> 0.9.2.5-5mdk - added a long forgotten batch web interface (oops!) - fixed much smarter and dynamic apache config (S1) * Mon Mar 06 2006 Oden Eriksson <oeriksson@mandriva.com> 0.9.2.5-4mdk - added a patch from the sf tracker (sf #1414780, P5) - fix device permissions using plan b (S5) * Thu Mar 02 2006 Oden Eriksson <oeriksson@mandriva.com> 0.9.2.5-3mdk - require the supported locales - fix libdir - fix the apache config - fix deps - added one simple bootstrap script, it takes only two arguments for now, fqdn for the web and ldap server, if omitted it uses the hostname of the machine it is run on * Fri Feb 17 2006 Oden Eriksson <oeriksson@mandriva.com> 0.9.2.5-2mdk - fix deps * Fri Feb 17 2006 Oden Eriksson <oeriksson@mandriva.com> 0.9.2.5-1mdk - 0.9.2.5 * Fri Feb 03 2006 Oden Eriksson <oeriksson@mandriva.com> 0.9.2.4-2mdk - fix #20735 - make openca able to use the cdrom and floppy * Fri Nov 11 2005 Oden Eriksson <oeriksson@mandriva.com> 0.9.2.4-1mdk - 0.9.2.4 * Fri Aug 26 2005 Lenny Cartier <lenny@mandriva.com> 0.9.2.2-2mdk - rebuild without requiring liballegro testing devel * Tue Mar 08 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2.2-1mdk - 0.9.2.2 - strip away annoying ^M - fixed the init script - added a virtual provide for the web-interfaces-ca sub package on openca. "urpmi openca" should now install the minimum... * Tue Nov 02 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2.1-1mdk - 0.9.2.1 - drop P3, it's implemented upstream * Wed Oct 27 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2.0-1mdk - 0.9.2.0 - added P1 & P2 - misc spec file fixes * Sun Oct 10 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.20040907.1mdk - use a snap from 2004-09-07, adresses CAN-2004-0787 - new P0 * Mon Sep 06 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.20040905.1mdk - use a current snap (200400905), more bugfixes. - fix deps * Fri Aug 27 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.20040826.1mdk - use a current snap (200400826), more bugfixes. * Mon Aug 16 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.20040815.1mdk - use a current snap (200400815), more bugfixes. * Sun Aug 01 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.20040731.1mdk - use a current snap (20040731), more bugfixes. - added more info in S2 * Wed Jul 28 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.20040727.1mdk - use a current snap (20040727), more bugfixes. * Wed Jul 21 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.20040720.1mdk - use a current snap (20040720), more bugfixes. * Wed Jul 14 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.20040713.1mdk - use a current snap (20040713) as it contains a lot of bugfixes and some security fixes. * Mon Jul 12 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.RC5.2mdk - built for cooker - fix some deps (Stefan van der Eijk) * Fri Jun 18 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.RC5.1mdk - 0.9.2-RC5 * Sun May 30 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.20040529.1mdk - 20040529 * Tue May 25 2004 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.20040524.1mdk - 20040524 * Fri May 14 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.20040513.1mdk - 20040513 * Wed May 05 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.20040504.2mdk - make openca-common and openca-web-interfaces-ldap require external perl modules as find-requires can't seem to do its job here. * Wed May 05 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.20040504.1mdk - use a cvs snap - drop P2 - broke out ocspd, scep and sv into its own packages (easier to maintain) - new P0 - BuildArch: noarch * Fri Apr 30 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.4mdk - added P2 (CVS fixes) * Fri Apr 23 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.3mdk - requires perl-Net-Server >= 0.86 - added S3 * Thu Apr 22 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.2mdk - 0.9.2-RC4 - rediffed P0 - added P1 * Thu Apr 22 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 0.9.2-0.1mdk - initial Mandrake package, used bits and pieces from the provided spec files and also from the latest work by Michael Bell - added P0 - added P10 and S1 (OCSPD) - added S2