[Pki-devel] [PATCH] pki-tools man pages

[Matthew Harmsen]

Please review the following patch which includes a batch of man pages for:

 * PKI TRAC Ticket #690 - [MAN] pki-tools man pages
   

which includes new man pages for the following:

 * AtoB
 * BtoA
 * KRATool
 * PrettyPrintCert
 * PrettyPrintCrl

I have also included the patch for the spec file which adds a 
compatibility symlink from DRMTool.1.gz -> KRATool.1.gz, and packaging 
for the AuditVerify.1.gz tool.


-- Matt

P. S. - I am currently at work on the man pages for the various CMC tools.

From 8b91b1531812c9ecbd25ac54c97edb2e29b4f12c Mon Sep 17 00:00:00 2001
From: Matthew Harmsen 
Date: Fri, 22 Jul 2016 20:43:48 -0600
Subject: [PATCH] pki-tools man pages

* PKI TRAC Ticket #690 - [MAN] pki-tools man pages
  - AtoB,
  - BtoA,
  - KRATool,
  - PrettyPrintCert, and
  - PrettyPrintCrl
---
 base/java-tools/man/man1/AtoB.1|  56 
 base/java-tools/man/man1/BtoA.1|  56 
 base/java-tools/man/man1/KRATool.1 | 459 +
 base/java-tools/man/man1/PrettyPrintCert.1 | 204 +
 base/java-tools/man/man1/PrettyPrintCrl.1  | 141 +
 5 files changed, 916 insertions(+)
 create mode 100644 base/java-tools/man/man1/AtoB.1
 create mode 100644 base/java-tools/man/man1/BtoA.1
 create mode 100644 base/java-tools/man/man1/KRATool.1
 create mode 100644 base/java-tools/man/man1/PrettyPrintCert.1
 create mode 100644 base/java-tools/man/man1/PrettyPrintCrl.1

diff --git a/base/java-tools/man/man1/AtoB.1 b/base/java-tools/man/man1/AtoB.1
new file mode 100644
index 000..6b7d6f0
--- /dev/null
+++ b/base/java-tools/man/man1/AtoB.1
@@ -0,0 +1,56 @@
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH AtoB 1 "July 20, 2016" "version 10.3" "PKI ASCII to Binary Conversion Tool" Dogtag Team
+.\" Please adjust this date whenever revising the man page.
+.\"
+.\" Some roff macros, for reference:
+.\" .nhdisable hyphenation
+.\" .hyenable hyphenation
+.\" .ad l  left justify
+.\" .ad b  justify to both left and right margins
+.\" .nfdisable filling
+.\" .fienable filling
+.\" .brinsert line break
+.\" .sp insert n+1 empty lines
+.\" for man page specific macros, see man(7)
+.SH NAME
+AtoB  \- Convert ASCII base-64 encoded data to binary base-64 encoded data.
+
+.SH SYNOPSIS
+.PP
+\fBAtoB  \fP
+
+.SH DESCRIPTION
+.PP
+The \fBAtoB\fP command provides a command-line utility used to convert ASCII base-64 encoded data to binary base-64 encoded data.
+
+.SH OPTIONS
+.PP
+The following parameters are mandatory:
+.TP
+.B 
+Specifies the path and file to the base-64 encoded ASCII data.
+
+.TP
+.B 
+Specifies the path and file where the utility should write the binary output.
+
+.SH EXAMPLES
+.PP
+This example command takes the base-64 ASCII data in the \fBascii_data.pem\fP file and writes the binary equivalent of the data to the \fBbinary_data.der\fP file:
+.IP
+.nf
+AtoB ascii_data.pem binary_data.der
+.if
+
+.SH AUTHORS
+Matthew Harmsen .
+
+.SH COPYRIGHT
+Copyright (c) 2016 Red Hat, Inc. This is licensed under the GNU General Public
+License, version 2 (GPLv2). A copy of this license is available at
+http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
+
+.SH SEE ALSO
+.BR BtoA(1), pki(1)
diff --git a/base/java-tools/man/man1/BtoA.1 b/base/java-tools/man/man1/BtoA.1
new file mode 100644
index 000..0d1ad1f
--- /dev/null
+++ b/base/java-tools/man/man1/BtoA.1
@@ -0,0 +1,56 @@
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH BtoA 1 "July 20, 2016" "version 10.3" "PKI Binary to ASCII Conversion Tool" Dogtag Team
+.\" Please adjust this date whenever revising the man page.
+.\"
+.\" Some roff macros, for reference:
+.\" .nhdisable hyphenation
+.\" .hyenable hyphenation
+.\" .ad l  left justify
+.\" .ad b  justify to both left and right margins
+.\" .nfdisable filling
+.\" .fienable filling
+.\" .brinsert line break
+.\" .sp insert n+1 empty lines
+.\" for man page specific macros, see man(7)
+.SH NAME
+BtoA  \- Convert binary base-64 encoded data to ASCII base-64 encoded data.
+
+.SH SYNOPSIS
+.PP
+\fBBtoA  \fP
+
+.SH DESCRIPTION
+.PP
+The \fBBtoA\fP command provides a command-line utility used to convert binary base-64 encoded data to ASCII base-64 encoded data.
+
+.SH OPTIONS
+.PP
+The following parameters are mandatory:
+.TP
+.B 
+Specifies the path and file to the base-64 encoded binary data.
+
+.TP
+.B 
+Specifies the path and file where the utility should write the ASCII output.
+
+.SH EXAMPLES
+.PP
+This example command takes the base-64 binary data in the \fBbinary_data.der\fP file and writes the ASCII equivalent of the data to the \fBascii_data.pem\fP file:
+.IP
+.nf
+BtoA bin

[Pki-devel] [PATCH] 796 Added CMake target dependencies.

[Endi Sukma Dewata]

To help troubleshooting build issues, some CMake dependencies have
been added to some targets even though the actual codes do not
require those dependencies. This will ensure the targets are built
sequentially so build failures can be found more easily at the end
of the build log.

https://fedorahosted.org/pki/ticket/2403

--
Endi S. Dewata
>From 77fbfe25fa0b2910c911d87d4c81ca7668c8a1da Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" 
Date: Thu, 21 Jul 2016 02:26:24 +0200
Subject: [PATCH] Added CMake target dependencies.

To help troubleshooting build issues, some CMake dependencies have
been added to some targets even though the actual codes do not
require those dependencies. This will ensure the targets are built
sequentially so build failures can be found more easily at the end
of the build log.

https://fedorahosted.org/pki/ticket/2403
---
 base/native-tools/src/tkstool/CMakeLists.txt   | 2 +-
 base/server/tomcat/src/CMakeLists.txt  | 2 ++
 base/tps-client/src/CMakeLists.txt | 1 +
 base/tps-client/src/authentication/CMakeLists.txt  | 1 +
 base/tps-client/src/modules/tokendb/CMakeLists.txt | 1 +
 base/tps-client/src/modules/tps/CMakeLists.txt | 1 +
 base/tps-client/src/tus/CMakeLists.txt | 1 +
 7 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/base/native-tools/src/tkstool/CMakeLists.txt b/base/native-tools/src/tkstool/CMakeLists.txt
index 8b07950eb1220bd19f3b72bc1690cc54e99d1d9d..8c65717883393248c3d1585bf2b53946930a1594 100644
--- a/base/native-tools/src/tkstool/CMakeLists.txt
+++ b/base/native-tools/src/tkstool/CMakeLists.txt
@@ -34,7 +34,7 @@ set(tkstool_SRCS
 include_directories(${TKSTOOL_PRIVATE_INCLUDE_DIRS})
 
 add_executable(tkstool ${tkstool_SRCS})
-
+add_dependencies(tkstool pki-certsrv-jar)
 target_link_libraries(tkstool ${TKSTOOL_LINK_LIBRARIES})
 
 install(
diff --git a/base/server/tomcat/src/CMakeLists.txt b/base/server/tomcat/src/CMakeLists.txt
index 4cb40ada4e83d4ec6ee9040e96f2c72aacec1ae3..c5897580da6e9121200f7570b1819fe4d99a33f6 100644
--- a/base/server/tomcat/src/CMakeLists.txt
+++ b/base/server/tomcat/src/CMakeLists.txt
@@ -135,4 +135,6 @@ javac(pki-tomcat-classes
 		${NUXWDOG_JAR} ${APACHE_COMMONS_LANG_JAR} ${TOMCATJSS_JAR}
 OUTPUT_DIR
 ${CMAKE_BINARY_DIR}/../../tomcat
+DEPENDS
+pki-certsrv-jar
 )
diff --git a/base/tps-client/src/CMakeLists.txt b/base/tps-client/src/CMakeLists.txt
index b0276f8e27f67da4c3e671d5d3aaa2fcbd7d15da..28ca2e45056ab772ce41091a6304fc30b2175791 100644
--- a/base/tps-client/src/CMakeLists.txt
+++ b/base/tps-client/src/CMakeLists.txt
@@ -129,6 +129,7 @@ set(tps_library_SRCS
 include_directories(${TPS_PRIVATE_INCLUDE_DIRS})
 
 add_library(${TPS_SHARED_LIBRARY} SHARED ${tps_library_SRCS})
+add_dependencies(${TPS_SHARED_LIBRARY} pki-tps-jar)
 target_link_libraries(${TPS_SHARED_LIBRARY} ${TPS_LINK_LIBRARIES})
 
 set_target_properties(
diff --git a/base/tps-client/src/authentication/CMakeLists.txt b/base/tps-client/src/authentication/CMakeLists.txt
index ba8ca07dceed36660a8799098799e5459e2cf776..b0ca83a7cd21bf27312e27206426bed3ba4ad849 100644
--- a/base/tps-client/src/authentication/CMakeLists.txt
+++ b/base/tps-client/src/authentication/CMakeLists.txt
@@ -37,6 +37,7 @@ set(ldapauth_library_SRCS
 include_directories(${LDAPAUTH_PRIVATE_INCLUDE_DIRS})
 
 add_library(${LDAPAUTH_SHARED_LIBRARY} SHARED ${ldapauth_library_SRCS})
+add_dependencies(${LDAPAUTH_SHARED_LIBRARY} pki-tps-jar)
 target_link_libraries(${LDAPAUTH_SHARED_LIBRARY} ${LDAPAUTH_LINK_LIBRARIES})
 
 set_target_properties(${LDAPAUTH_SHARED_LIBRARY}
diff --git a/base/tps-client/src/modules/tokendb/CMakeLists.txt b/base/tps-client/src/modules/tokendb/CMakeLists.txt
index 7b6edae91ddbb6ce5b86f5b5edc28c9676f53bd3..94db88e8c356a81180f5c0e41c675acef9c3ac59 100644
--- a/base/tps-client/src/modules/tokendb/CMakeLists.txt
+++ b/base/tps-client/src/modules/tokendb/CMakeLists.txt
@@ -31,6 +31,7 @@ set(tokendb_module_SRCS
 include_directories(${TOKENDB_PRIVATE_INCLUDE_DIRS})
 
 add_library(${TOKENDB_MODULE} MODULE ${tokendb_module_SRCS})
+add_dependencies(${TOKENDB_MODULE} pki-tps-jar)
 target_link_libraries(${TOKENDB_MODULE} ${TOKENDB_LINK_LIBRARIES})
 
 set_target_properties(${TOKENDB_MODULE}
diff --git a/base/tps-client/src/modules/tps/CMakeLists.txt b/base/tps-client/src/modules/tps/CMakeLists.txt
index 275d8b30a1909319af1bdd3a87474941578b8430..ac990e5f23daf0b65ea5404a8c82ab4277a9292e 100644
--- a/base/tps-client/src/modules/tps/CMakeLists.txt
+++ b/base/tps-client/src/modules/tps/CMakeLists.txt
@@ -35,6 +35,7 @@ set(tps_module_SRCS
 include_directories(${TPS_PRIVATE_INCLUDE_DIRS})
 
 add_library(${TPS_MODULE} MODULE ${tps_module_SRCS})
+add_dependencies(${TPS_MODULE} pki-tps-jar)
 target_link_libraries(${TPS_MODULE} ${TPS_LINK_LIBRARIES})
 
 set_target_properties(${TPS_MODULE}
diff --git a/base/tps-client/src/tus/CMakeLists.txt b/base/tps-client/src/tus/CMakeLists.txt
index 3148d9e598233a3d03d55ff1cdc95f79e43fa04b..912075f529bb88c

[Pki-devel] [PATCH] 797 Removed hard-coded paths in pki.policy.

[Endi Sukma Dewata]

The operations script has been modified to generate pki.policy
dynamically from links in the /common/lib directory.
This allows the pki.policy to match the actual paths in different
platforms.

https://fedorahosted.org/pki/ticket/2403

--
Endi S. Dewata
>From c837aafc90f9d95dbe38cc2fa8e38118016a515c Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" 
Date: Fri, 22 Jul 2016 17:31:20 +0200
Subject: [PATCH] Removed hard-coded paths in pki.policy.

The operations script has been modified to generate pki.policy
dynamically from links in the /common/lib directory.
This allows the pki.policy to match the actual paths in different
platforms.

https://fedorahosted.org/pki/ticket/2403
---
 base/server/scripts/operations|  16 -
 base/server/share/conf/pki.policy | 132 +-
 2 files changed, 17 insertions(+), 131 deletions(-)

diff --git a/base/server/scripts/operations b/base/server/scripts/operations
index 14443c4a5251c8f5405dc8abf2146e2b45fae0c7..59916700866073ca64201004c874116cbdbc1bb9 100644
--- a/base/server/scripts/operations
+++ b/base/server/scripts/operations
@@ -1352,10 +1352,24 @@ start_instance()
 return $rv
 fi
 
+# Copy pki.policy template
+/bin/cp /usr/share/pki/server/conf/pki.policy /var/lib/pki/$PKI_INSTANCE_NAME/conf
+
+# Add permissions for all JAR files in /var/lib/pki/$PKI_INSTANCE_NAME/common/lib
+for path in /var/lib/pki/$PKI_INSTANCE_NAME/common/lib/*; do
+
+cat >> /var/lib/pki/$PKI_INSTANCE_NAME/conf/pki.policy << EOF
+
+grant codeBase "file:$(realpath $path)" {
+permission java.security.AllPermission;
+};
+EOF
+done
+
 # Generate catalina.policy dynamically.
 cat /usr/share/pki/server/conf/catalina.policy \
 /usr/share/tomcat/conf/catalina.policy \
-/usr/share/pki/server/conf/pki.policy \
+/var/lib/pki/$PKI_INSTANCE_NAME/conf/pki.policy \
 /var/lib/pki/$PKI_INSTANCE_NAME/conf/custom.policy > \
 /var/lib/pki/$PKI_INSTANCE_NAME/conf/catalina.policy
 
diff --git a/base/server/share/conf/pki.policy b/base/server/share/conf/pki.policy
index e281e0191690e770082740745ac9eea964da55c4..7d8cfec4591ec3ee28ade876253f4f593e086e67 100644
--- a/base/server/share/conf/pki.policy
+++ b/base/server/share/conf/pki.policy
@@ -4,10 +4,10 @@
 // --- END COPYRIGHT BLOCK ---
 
 // 
-// pki.policy - Default Security Policy Permissions for PKI on Tomcat 7
+// pki.policy - Default Security Policy Permissions for PKI on Tomcat
 //
 // This file contains a default set of security policies for PKI running inside
-// Tomcat 7.
+// Tomcat.
 // 
 
 grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
@@ -22,42 +22,6 @@ grant codeBase "file:${catalina.base}/lib/-" {
 permission java.security.AllPermission;
 };
 
-grant codeBase "file:/usr/lib/java/jss4.jar" {
-permission java.security.AllPermission;
-};
-
-grant codeBase "file:/usr/lib/java/symkey.jar" {
-permission java.security.AllPermission;
-};
-
-grant codeBase "file:/usr/lib64/java/jss4.jar" {
-permission java.security.AllPermission;
-};
-
-grant codeBase "file:/usr/lib64/java/symkey.jar" {
-permission java.security.AllPermission;
-};
-
-grant codeBase "file:/usr/share/java/commons-codec.jar" {
-permission java.security.AllPermission;
-};
-
-grant codeBase "file:/usr/share/java/apache-commons-collections.jar" {
-permission java.security.AllPermission;
-};
-
-grant codeBase "file:/usr/share/java/apache-commons-io.jar" {
-permission java.security.AllPermission;
-};
-
-grant codeBase "file:/usr/share/java/apache-commons-lang.jar" {
-permission java.security.AllPermission;
-};
-
-grant codeBase "file:/usr/share/java/apache-commons-logging.jar" {
-permission java.security.AllPermission;
-};
-
 grant codeBase "file:/usr/share/java/ecj.jar" {
 permission java.security.AllPermission;
 };
@@ -70,18 +34,6 @@ grant codeBase "file:/usr/share/java/glassfish-jsp.jar" {
 permission java.security.AllPermission;
 };
 
-grant codeBase "file:/usr/share/java/httpcomponents/httpclient.jar" {
-permission java.security.AllPermission;
-};
-
-grant codeBase "file:/usr/share/java/httpcomponents/httpcore.jar" {
-permission java.security.AllPermission;
-};
-
-grant codeBase "file:/usr/share/java/javassist.jar" {
-permission java.security.AllPermission;
-};
-
 grant codeBase "file:/usr/share/java/jaxb-api.jar" {
 permission java.security.AllPermission;
 };
@@ -98,66 +50,10 @@ grant codeBase "file:/usr/share/java/jboss-web.jar" {
 permission java.security.AllPermission;
 };
 
-grant codeBase "file:/usr/share/java/jackson/jackson-core-asl.jar" {
-permission java.security.AllPermission;
-};
-
-grant codeBase "file:/usr/share/java/jackson/jackson-jaxrs.jar" {
-perm

[Pki-devel] [PATCH] 795 Fixed param substitution problem.

[Endi Sukma Dewata]

The string splice operation in substitute_deployment_params() has
been fixed to include the rest of the string.

https://fedorahosted.org/pki/ticket/2399

Pushed under one-liner/trivial rule.

--
Endi S. Dewata
>From 3998429da6e4a96b1ec667436f1da6b96d0ca33c Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" 
Date: Fri, 22 Jul 2016 13:35:54 +0200
Subject: [PATCH] Fixed param substitution problem.

The string splice operation in substitute_deployment_params() has
been fixed to include the rest of the string.

https://fedorahosted.org/pki/ticket/2399
---
 base/server/python/pki/server/deployment/pkihelper.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/base/server/python/pki/server/deployment/pkihelper.py b/base/server/python/pki/server/deployment/pkihelper.py
index 54ffe27b75c997f58e4005315ea5d7caa4180db1..6ac68b111da01f021daa899212a883e53a53846d 100644
--- a/base/server/python/pki/server/deployment/pkihelper.py
+++ b/base/server/python/pki/server/deployment/pkihelper.py
@@ -1810,8 +1810,8 @@ class File:
 line[begin:end + 1], value,
 extra=config.PKI_INDENTATION_LEVEL_3)
 
-# replace parameter with value
-line = line[0:begin] + value + line[end + 1]
+# replace parameter with value, keep the rest of the line
+line = line[0:begin] + value + line[end + 1:]
 
 # calculate the new end position
 end = begin + len(value) + 1
-- 
2.5.5

___
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel