Sophie

Sophie

distrib > Fedora > 13 > i386 > by-pkgid > 2043b0ead690dba2b729be191f788ad1 > files > 2

pki-ca-1.3.6-1.fc13.src.rpm

Name:           pki-ca
Version:        1.3.6
Release:        1%{?dist}
Summary:        Dogtag Certificate System - Certificate Authority
URL:            http://pki.fedoraproject.org/
License:        GPLv2
Group:          System Environment/Daemons

BuildArch:      noarch

BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

BuildRequires:  ant
BuildRequires:  java-devel >= 1:1.6.0
BuildRequires:  jpackage-utils
BuildRequires:  jss >= 4.2.6
BuildRequires:  pki-common
BuildRequires:  pki-util
BuildRequires:  tomcatjss

Requires:       java >= 1:1.6.0
Requires:       pki-ca-ui
Requires:       pki-common
Requires:       pki-console
Requires:       pki-selinux
Requires:       pki-silent
Requires(post):    chkconfig
Requires(preun):   chkconfig
Requires(preun):   initscripts
Requires(postun):  initscripts

Source0:        http://pki.fedoraproject.org/pki/sources/%{name}/%{name}-%{version}.tar.gz

%description
Dogtag Certificate System is an enterprise software system designed
to manage enterprise Public Key Infrastructure (PKI) deployments.

The Dogtag Certificate Authority is a required PKI subsystem which issues,
renews, revokes, and publishes certificates as well as compiling and
publishing Certificate Revocation Lists (CRLs).
The Dogtag Certificate Authority can be configured as a self-signing
Certificate Authority (CA), where it is the root CA, or it can act as a
subordinate CA, where it obtains its own signing certificate from a public CA.

%prep

%setup -q

%build
ant \
    -Dinit.d="rc.d/init.d" \
    -Dproduct.ui.flavor.prefix="" \
    -Dproduct.prefix="pki" \
    -Dproduct="ca" \
    -Dversion="%{version}"

%install
%define major_version %(echo `echo %{version} | awk -F. '{ print $1 }'`)
%define minor_version %(echo `echo %{version} | awk -F. '{ print $2 }'`)
%define patch_version %(echo `echo %{version} | awk -F. '{ print $3 }'`)

rm -rf %{buildroot}
cd dist/binary
unzip %{name}-%{version}.zip -d %{buildroot}
sed -i 's/^preop.product.version=.*$/preop.product.version=%{version}/' %{buildroot}%{_datadir}/pki/ca/conf/CS.cfg
sed -i 's/^cms.version=.*$/cms.version=%{major_version}.%{minor_version}/' %{buildroot}%{_datadir}/pki/ca/conf/CS.cfg
mkdir -p %{buildroot}%{_localstatedir}/lock/pki/ca
mkdir -p %{buildroot}%{_localstatedir}/run/pki/ca
cd %{buildroot}%{_javadir}
mv ca.jar ca-%{version}.jar
ln -s ca-%{version}.jar ca.jar

# supply convenience symlink(s) for backwards compatibility
mkdir -p %{buildroot}%{_javadir}/pki/ca
cd %{buildroot}%{_javadir}/pki/ca
ln -s ../../ca.jar ca.jar

%clean
rm -rf %{buildroot}

%post
# This adds the proper /etc/rc*.d links for the script
/sbin/chkconfig --add pki-cad || :

%preun
if [ $1 = 0 ] ; then
    /sbin/service pki-cad stop >/dev/null 2>&1
    /sbin/chkconfig --del pki-cad || :
fi

%postun
if [ "$1" -ge "1" ] ; then
    /sbin/service pki-cad condrestart >/dev/null 2>&1 || :
fi

%files
%defattr(-,root,root,-)
%doc LICENSE
%{_initrddir}/*
%{_javadir}/*
%{_datadir}/pki/
%{_localstatedir}/lock/*
%{_localstatedir}/run/*

%changelog
* Wed Aug 4 2010 Matthew Harmsen <mharmsen@redhat.com> 1.3.6-1
- Bugzilla Bug #608086 - CC: CA, OCSP, and DRM need to add more audit calls
- Bugzilla Bug #527593 - More robust signature digest alg, like SHA256
  instead of SHA1 for ECC
- Bugzilla Bug #528236 - rhcs80 web conf wizard - cannot specify CA signing
  algorithm
- Bugzilla Bug #533510 - tps exception, cannot start when signed audit true
- Bugzilla Bug #529280 - TPS returns HTTP data without ending in 0rn per
  RFC 2616
- Bugzilla Bug #498299 - Should not be able to change the status manually
  on a token marked as permanently lost or destroyed
- Bugzilla Bug #554892 - configurable frequency signed audit
- Bugzilla Bug #500700 - tps log rotation
- Bugzilla Bug #562893 - tps shutdown if audit logs full
- Bugzilla Bug #557346 - Name Constraints Extension cant be marked critical
- Bugzilla Bug #556152 - ACL changes to CA and OCSP
- Bugzilla Bug #556167 - ACL changes to CA and OCSP
- Bugzilla Bug #581004 - add more audit logging to the TPS
- Bugzilla Bug #566517 - CC: Add client auth to OCSP publishing, and move
  to a client-auth port
- Bugzilla Bug #565842 - Clone config throws errors - fix key_algorithm
- Bugzilla Bug #581017 - enabling log signing from tps ui pages causes tps
  crash
- Bugzilla Bug #581004 - add more audit logs
- Bugzilla Bug #595871 - CC: TKS needed audit message changes
- Bugzilla Bug #598752 - Common Criteria: TKS ACL analysis result.
- Bugzilla Bug #598666 - Common Criteria: incorrect ACLs for signedAudit
- Bugzilla Bug #504905 - Smart card renewal should load old encryption cert
  on the token.
- Bugzilla Bug #499292 - TPS - Enrollments where keys are recovered need
  to do both GenerateNewKey and RecoverLast operation for encryption key.
- Bugzilla Bug #498299 - fix case where no transitions available
- Bugzilla Bug #595391 - session domain table to be moved to ldap
- Bugzilla Bug #598643 - Common Criteria: incorrect ACLs (non-existing groups)
- Bugzilla Bug #472597 - Disable policy code,UI
- Bugzilla Bug #504359 - pkiconsole - Administrator Group's Description
  References Fedora

* Fri May 21 2010 Christina Fu <cfu@redhat.com> 1.3.5-1
- Bugzilla Bug #580203 - Existing renewals generate certificates with validity
  limited by current validity

* Mon Apr 26 2010 Ade Lee <alee@redhat.com> 1.3.4-2
- Bugzilla Bug 584917- Can not access CA Configuration Web UI after CA installation

* Mon Apr 26 2010 Andrew Wnuk <awnuk@redhat.com> 1.3.4-1
- Bugzilla Bug #493765 - console renewal fix for ca, ocsp, and ssl certificates

* Tue Mar 9 2010 Ade Lee <alee@redhat.com> 1.3.3-1
- Bugzilla Bug #545935 -  Add new client-auth ee port to address CVE-2009-3555 
  TLS: MITM attacks via session renegotiation

* Tue Feb 16 2010 Matthew Harmsen <mharmsen@redhat.com> 1.3.2-2
- Bugzilla Bug #566059 -  Add 'pki-console' as a runtime dependency
  for CA, KRA, OCSP, and TKS . . .

* Wed Feb 10 2010 Andrew Wnuk <awnuk@redhat.com> 1.3.2-1
- Bugzilla Bug #516632 -  CS Incorrectly Issuing Multiple Certificates
  from the Same Request
- Bugzilla Bug #563742 -  IPA certificate profile needs CRL distribution
  extension.

* Mon Feb 8 2010 Matthew Harmsen <mharmsen@redhat.com> 1.3.1-1
- Bugzilla Bug #562986 -  Supply convenience symlink(s) for backwards
  compatibility (rename jar files as appropriate)

* Fri Jan 15 2010 Kevin Wright <kwright@redhat.com> 1.3.0-8
- removed BuildRequires dogtag-pki-ca-ui

* Tue Jan 12 2010 Matthew Harmsen <mharmsen@redhat.com> 1.3.0-7
- Corrected "|| :" scriptlet logic (see Bugzilla Bug #475895)

* Mon Dec 7 2009 Matthew Harmsen <mharmsen@redhat.com> 1.3.0-6
- Bugzilla Bug #522210 - Packaging for Fedora Dogtag
- Bugzilla Bug #529070 -  rpm packaging problems (cannot reinstall correctly) 
- Removed 'with exceptions' from License

* Tue Nov 24 2009 Matthew Harmsen <mharmsen@redhat.com> 1.3.0-5
- Bugzilla Bug #522210 - Packaging for Fedora Dogtag
- Use "_javadir" macro when appropriate

* Mon Nov 2 2009 Matthew Harmsen <mharmsen@redhat.com> 1.3.0-4
- Bugzilla Bug #522210 - Packaging for Fedora Dogtag
- Take ownership of directories

* Tue Oct 13 2009 Matthew Harmsen <mharmsen@redhat.com> 1.3.0-3
- Bugzilla Bug #522210 - Packaging for Fedora Dogtag

* Fri Sep 18 2009 Ade Lee <alee@redhat.com> 1.3.0-2
- Bugzilla Bug 522210 - addtional changes for packaging for Fedora Dogtag
  remove unused defines, unneeded attr defs, unneeded comments, autoreqprov

* Wed Sep 9 2009 Ade Lee <alee@redhat.com> 1.3.0-1
- Bugzilla Bug 522210 - Packaging for Fedora Dogtag

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional