From 672fefb15b7f764bc1cee014a3713e1e623ec696 Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Aug 27 2020 19:15:20 +0000
Subject: import tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9


---

diff --git a/.gitignore b/.gitignore
index e5a3916..dffe94a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/tomcatjss-7.5.0-a1.tar.gz
+SOURCES/tomcatjss-7.5.0.tar.gz
diff --git a/.tomcatjss.metadata b/.tomcatjss.metadata
index 0363b74..c1fffc7 100644
--- a/.tomcatjss.metadata
+++ b/.tomcatjss.metadata
@@ -1 +1 @@
-731bf76056488deb18c0794f921606af7a428900 SOURCES/tomcatjss-7.5.0-a1.tar.gz
+c74c6e4ca0a0ba0d2252dce896d5b0f88bf8ba6d SOURCES/tomcatjss-7.5.0.tar.gz
diff --git a/SOURCES/0001-Use-factory-for-JSSKeyManager-JSSTrustManager.patch b/SOURCES/0001-Use-factory-for-JSSKeyManager-JSSTrustManager.patch
deleted file mode 100644
index 8dcf646..0000000
--- a/SOURCES/0001-Use-factory-for-JSSKeyManager-JSSTrustManager.patch
+++ /dev/null
@@ -1,89 +0,0 @@
-From 54e26482643023a7fcbbba25376d691980ed6471 Mon Sep 17 00:00:00 2001
-From: Alexander Scheel <ascheel@redhat.com>
-Date: Thu, 25 Jun 2020 13:41:59 -0400
-Subject: [PATCH] Use factory for JSSKeyManager, JSSTrustManager
-
-Signed-off-by: Alexander Scheel <ascheel@redhat.com>
----
- tomcat-8.5/src/org/dogtagpki/tomcat/JSSContext.java | 12 ++++++++++--
- tomcat-8.5/src/org/dogtagpki/tomcat/JSSUtil.java    | 11 +++++++----
- 2 files changed, 17 insertions(+), 6 deletions(-)
-
-diff --git a/tomcat-8.5/src/org/dogtagpki/tomcat/JSSContext.java b/tomcat-8.5/src/org/dogtagpki/tomcat/JSSContext.java
-index 1f2082e..a3630e2 100644
---- a/tomcat-8.5/src/org/dogtagpki/tomcat/JSSContext.java
-+++ b/tomcat-8.5/src/org/dogtagpki/tomcat/JSSContext.java
-@@ -9,6 +9,7 @@ import java.util.List;
- import javax.net.ssl.KeyManager;
- import javax.net.ssl.KeyManagerFactory;
- import javax.net.ssl.TrustManager;
-+import javax.net.ssl.TrustManagerFactory;
- 
- import org.apache.tomcat.util.net.SSLContext;
- 
-@@ -36,8 +37,15 @@ public class JSSContext implements org.apache.tomcat.util.net.SSLContext {
- 
-         /* These KeyManagers and TrustManagers aren't used with the SSLEngine;
-          * they're only used to implement certain function calls below. */
--        jkm = new JSSKeyManager();
--        jtm = new JSSTrustManager();
-+        try {
-+            KeyManagerFactory kmf = KeyManagerFactory.getInstance("NssX509", "Mozilla-JSS");
-+            jkm = (JSSKeyManager) kmf.getKeyManagers()[0];
-+
-+            TrustManagerFactory tmf = TrustManagerFactory.getInstance("NssX509", "Mozilla-JSS");
-+            jtm = (JSSTrustManager) tmf.getTrustManagers()[0];
-+        } catch (Exception e) {
-+            throw new RuntimeException(e.getMessage(), e);
-+        }
-     }
- 
-     public void init(KeyManager[] kms, TrustManager[] tms, SecureRandom sr) throws KeyManagementException {
-diff --git a/tomcat-8.5/src/org/dogtagpki/tomcat/JSSUtil.java b/tomcat-8.5/src/org/dogtagpki/tomcat/JSSUtil.java
-index 8930bbd..cad3163 100644
---- a/tomcat-8.5/src/org/dogtagpki/tomcat/JSSUtil.java
-+++ b/tomcat-8.5/src/org/dogtagpki/tomcat/JSSUtil.java
-@@ -26,7 +26,9 @@ import java.util.Set;
- import java.util.HashSet;
- 
- import javax.net.ssl.KeyManager;
-+import javax.net.ssl.KeyManagerFactory;
- import javax.net.ssl.TrustManager;
-+import javax.net.ssl.TrustManagerFactory;
- import javax.net.ssl.SSLEngine;
- 
- import org.apache.juli.logging.Log;
-@@ -39,9 +41,7 @@ import org.apache.tomcat.util.net.SSLUtilBase;
- 
- import org.mozilla.jss.JSSProvider;
- import org.mozilla.jss.crypto.Policy;
--import org.mozilla.jss.provider.javax.crypto.JSSKeyManager;
- import org.mozilla.jss.provider.javax.crypto.JSSNativeTrustManager;
--import org.mozilla.jss.provider.javax.crypto.JSSTrustManager;
- import org.mozilla.jss.ssl.SSLCipher;
- import org.mozilla.jss.ssl.SSLVersion;
- 
-@@ -86,15 +86,18 @@ public class JSSUtil extends SSLUtilBase {
-     @Override
-     public KeyManager[] getKeyManagers() throws Exception {
-         logger.debug("JSSUtil: getKeyManagers()");
--        return new KeyManager[] { new JSSKeyManager() };
-+        KeyManagerFactory jkm = KeyManagerFactory.getInstance("NssX509", "Mozilla-JSS");
-+        return jkm.getKeyManagers();
-     }
- 
-     @Override
-     public TrustManager[] getTrustManagers() throws Exception {
-         logger.debug("JSSUtil: getTrustManagers()");
-         if (!JSSProvider.ENABLE_JSSENGINE) {
--            return new TrustManager[] { new JSSTrustManager() };
-+            TrustManagerFactory tmf = TrustManagerFactory.getInstance("NssX509");
-+            return tmf.getTrustManagers();
-         }
-+
-         return new TrustManager[] { new JSSNativeTrustManager() };
-     }
- 
--- 
-2.26.2
-
diff --git a/SPECS/tomcatjss.spec b/SPECS/tomcatjss.spec
index 0bbe4f0..8916b99 100644
--- a/SPECS/tomcatjss.spec
+++ b/SPECS/tomcatjss.spec
@@ -8,8 +8,8 @@ License:          LGPLv2+
 BuildArch:        noarch
 
 Version:          7.5.0
-Release:          0.2%{?_timestamp}%{?_commit_id}%{?dist}
-%global           _phase -a1
+Release:          1%{?_timestamp}%{?_commit_id}%{?dist}
+#global           _phase -a1
 
 # To generate the source tarball:
 # $ git clone https://github.com/dogtagpki/tomcatjss.git
@@ -27,7 +27,6 @@ Source:           https://github.com/dogtagpki/tomcatjss/archive/v%{version}%{?_
 #     <version tag> \
 #     > tomcatjss-VERSION-RELEASE.patch
 # Patch: tomcatjss-VERSION-RELEASE.patch
-Patch0: 0001-Use-factory-for-JSSKeyManager-JSSTrustManager.patch
 
 ################################################################################
 # Build Dependencies
@@ -186,6 +185,9 @@ ant -f build.xml \
 
 ################################################################################
 %changelog
+* Thu Jul 09 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 7.5.0-1
+- Rebased to TomcatJSS 7.5.0
+
 * Thu Jun 25 2020 Red Hat PKI Team <rhcs-maint@redhat.com> 7.5.0-0.2
 - Rebased to TomcatJSS 7.5.0-a2