rpms / pki-core

Clone
Source Code
GIT

Blame SOURCES/pki-core-rhel-7-9-rhcs-9-7-bu-6.0.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-10.6 c8-stream-10.6 c8s-stream-10.6 c9 c9-beta
  1.   c7
  2.   SOURCES
  3.   pki-core-rhel-7-9-rhcs-9-7-bu-6.0.patch
Blob History Raw
bdfa3c 
From 54a1664ddd7b6b2a8b2a0c7f0eec403507c246c1 Mon Sep 17 00:00:00 2001
bdfa3c 
From: Jack Magne <jmagne@test.host.com>
bdfa3c 
Date: Thu, 15 Apr 2021 18:42:31 -0400
bdfa3c 
Subject: [PATCH 1/2] pkispawn fails against 389-ds 1.4.3.19 #3458 (#3465)
bdfa3c
bdfa3c 
    Add suggested patch from stanislavlevin to solve this issue.
bdfa3c 
    Also add f34 to the ipa tests,this time really add the tests.
bdfa3c 
    Upon further review, back out of f34 tests until the infractructure
bdfa3c 
    supports it.
bdfa3c
bdfa3c 
    Also hardcode tomcat app setting in spec file for the moment to
bdfa3c 
    avoid possible glitches on certain platform.
bdfa3c
bdfa3c 
    Co-authored-by: Jack Magne <jmagne@localhost.localdomain>
bdfa3c
bdfa3c 
(cherry picked from commit 9e1ef2557403d1a5117858322af0ae7fc1f4fd44)
bdfa3c 
---
bdfa3c 
 .../src/com/netscape/cmscore/apps/CMSEngine.java     | 20 +++++++++-----------
bdfa3c 
 1 file changed, 9 insertions(+), 11 deletions(-)
bdfa3c
bdfa3c 
diff --git a/base/server/cmscore/src/com/netscape/cmscore/apps/CMSEngine.java b/base/server/cmscore/src/com/netscape/cmscore/apps/CMSEngine.java
bdfa3c 
index 08e6f8d..db341d5 100644
bdfa3c 
--- a/base/server/cmscore/src/com/netscape/cmscore/apps/CMSEngine.java
bdfa3c 
+++ b/base/server/cmscore/src/com/netscape/cmscore/apps/CMSEngine.java
bdfa3c 
@@ -287,9 +287,8 @@ public class CMSEngine implements ICMSEngine {
bdfa3c
bdfa3c 
     private static final int PW_OK =0;
bdfa3c 
     private static final int PW_BAD_SETUP = 1;
bdfa3c 
-    private static final int PW_INVALID_PASSWORD = 2;
bdfa3c 
+    private static final int PW_INVALID_CREDENTIALS = 2;
bdfa3c 
     private static final int PW_CANNOT_CONNECT = 3;
bdfa3c 
-    private static final int PW_NO_USER = 4;
bdfa3c 
     private static final int PW_MAX_ATTEMPTS = 3;
bdfa3c
bdfa3c
bdfa3c 
@@ -365,7 +364,7 @@ public class CMSEngine implements ICMSEngine {
bdfa3c
bdfa3c 
         for (String tag : tags) {
bdfa3c 
             int iteration = 0;
bdfa3c 
-            int result = PW_INVALID_PASSWORD;
bdfa3c 
+            int result = PW_INVALID_CREDENTIALS;
bdfa3c 
             String binddn;
bdfa3c 
             String authType;
bdfa3c 
             LdapConnInfo connInfo = null;
bdfa3c 
@@ -450,10 +449,10 @@ public class CMSEngine implements ICMSEngine {
bdfa3c 
                 String passwd = mPasswordStore.getPassword(tag, iteration);
bdfa3c 
                 result = testLDAPConnection(tag, connInfo, binddn, passwd);
bdfa3c 
                 iteration++;
bdfa3c 
-            } while ((result == PW_INVALID_PASSWORD) && (iteration < PW_MAX_ATTEMPTS));
bdfa3c 
+            } while ((result == PW_INVALID_CREDENTIALS) && (iteration < PW_MAX_ATTEMPTS));
bdfa3c
bdfa3c 
             if (result != PW_OK) {
bdfa3c 
-                if ((result == PW_NO_USER) && (tag.equals("replicationdb"))) {
bdfa3c 
+                if ((result == PW_INVALID_CREDENTIALS) && (tag.equals("replicationdb"))) {
bdfa3c 
                     System.out.println(
bdfa3c 
                         "CMSEngine: init(): password test execution failed for replicationdb" +
bdfa3c 
                         "with NO_SUCH_USER.  This may not be a latest instance.  Ignoring ..");
bdfa3c 
@@ -473,8 +472,10 @@ public class CMSEngine implements ICMSEngine {
bdfa3c 
     public int testLDAPConnection(String name, LdapConnInfo info, String binddn, String pwd) {
bdfa3c 
         int ret = PW_OK;
bdfa3c
bdfa3c 
-        if (StringUtils.isEmpty(pwd))
bdfa3c 
-            return PW_INVALID_PASSWORD;
bdfa3c 
+        if (StringUtils.isEmpty(pwd)) {
bdfa3c 
+            return PW_INVALID_CREDENTIALS;
bdfa3c 
+        }
bdfa3c 
+
bdfa3c
bdfa3c 
         String host = info.getHost();
bdfa3c 
         int port = info.getPort();
bdfa3c 
@@ -488,12 +489,9 @@ public class CMSEngine implements ICMSEngine {
bdfa3c 
         } catch (LDAPException e) {
bdfa3c 
             switch (e.getLDAPResultCode()) {
bdfa3c 
             case LDAPException.NO_SUCH_OBJECT:
bdfa3c 
-                System.out.println("testLDAPConnection: The specified user " + binddn + " does not exist");
bdfa3c 
-                ret = PW_NO_USER;
bdfa3c 
-                break;
bdfa3c 
             case LDAPException.INVALID_CREDENTIALS:
bdfa3c 
                 System.out.println("testLDAPConnection: Invalid Password");
bdfa3c 
-                ret = PW_INVALID_PASSWORD;
bdfa3c 
+                ret = PW_INVALID_CREDENTIALS;
bdfa3c 
                 break;
bdfa3c 
             default:
bdfa3c 
                 System.out.println("testLDAPConnection: Unable to connect to " + name + ": " + e);
bdfa3c 
--
bdfa3c 
1.8.3.1
bdfa3c
bdfa3c
bdfa3c 
From d511e7f255350881333b14ba9b68a879335abddc Mon Sep 17 00:00:00 2001
bdfa3c 
From: Christina Fu <cfu@redhat.com>
bdfa3c 
Date: Wed, 21 Apr 2021 17:32:42 -0700
bdfa3c 
Subject: [PATCH 2/2] bug1949656 CRMF requests with non-SKID extensions
bdfa3c
bdfa3c 
This patch address the issue where if a CRMF request bears any extension
bdfa3c 
other than SKID then it fails to process.
bdfa3c
bdfa3c 
fixes https://bugzilla.redhat.com/show_bug.cgi?id=1949656
bdfa3c
bdfa3c 
(cherry picked from commit fe133f9affcde7b56fe69bf0c7daef6930749e74)
bdfa3c 
---
bdfa3c 
 base/server/cms/src/com/netscape/cms/profile/common/EnrollProfile.java | 2 +-
bdfa3c 
 1 file changed, 1 insertion(+), 1 deletion(-)
bdfa3c
bdfa3c 
diff --git a/base/server/cms/src/com/netscape/cms/profile/common/EnrollProfile.java b/base/server/cms/src/com/netscape/cms/profile/common/EnrollProfile.java
bdfa3c 
index f9903c6..b7fdb9e 100644
bdfa3c 
--- a/base/server/cms/src/com/netscape/cms/profile/common/EnrollProfile.java
bdfa3c 
+++ b/base/server/cms/src/com/netscape/cms/profile/common/EnrollProfile.java
bdfa3c 
@@ -2286,7 +2286,7 @@ public abstract class EnrollProfile extends BasicProfile
bdfa3c 
                         ext = new SubjectKeyIdentifierExtension(false,
bdfa3c 
                                 jssext.getExtnValue().toByteArray());
bdfa3c 
                     } else {
bdfa3c 
-                        new Extension(oid, isCritical, extValue);
bdfa3c 
+                        ext = new Extension(oid, isCritical, extValue);
bdfa3c 
                     }
bdfa3c
bdfa3c 
                     extensions.parseExtension(ext);
bdfa3c 
--
bdfa3c 
1.8.3.1
bdfa3c

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation