Difference between revisions of "PKI Open Source History 2016"

From Dogtag
Jump to: navigation, search
m (Dogtag Certificate Server 10.3.0 (Beta 1)        [04/19/2016])
m (Dogtag Certificate Server 10.3.1                      [05/17/2016])
Line 189: Line 189:
 
     Run the following commands on the "master" branch:
 
     Run the following commands on the "master" branch:
 
      
 
      
 +
        # cd pki
 +
       
 
         # git --no-pager log --since "04/20/2016" --until "05/17/2016" > ../history_10.3.1
 
         # git --no-pager log --since "04/20/2016" --until "05/17/2016" > ../history_10.3.1
 
          
 
          

Revision as of 00:39, 21 May 2016

Open Source History (2016)

Dogtag Certificate Server 10.3.0 (Alpha 1)       [03/07/2016]

Dogtag Certificate System 10.3.0.a1 represents the first alpha of Dogtag 10.3, and is associated with Fedora 24.

Project Name:

  • Dogtag Certificate System 10.3.0.a1

Releases:

  • [03/07/2016] Dogtag Certificate Server 10.3.0.a1 [32-bit & 64-bit Fedora 24]

Packages

  • Fedora 24
    • dogtag-pki-10.3.0.a1-1.fc24 [2016-03-08]
    • dogtag-pki-theme-10.3.0.a1-1.fc24 [2016-03-07]
    • pki-core-10.3.0.a1-2.fc24 [2016-03-23]
    • pki-console-10.3.0.a1-1.fc24 [2016-03-08]
  • Fedora 25
    • dogtag-pki-10.3.0.a1-1.fc25 [2016-03-08]
    • dogtag-pki-theme-10.3.0.a1-1.fc25 [2016-03-07]
    • pki-core-10.3.0.a1-2.fc25 [2016-03-23]
    • pki-console-10.3.0.a1-1.fc25 [2016-03-08]

Upgrade Notes:

After running fedup, simply use dnf (as necessary) to update existing packages.

PKI Instance updates from 10.2 to 10.3.0.a1 are not supported.

Highlights since Dogtag 10.2.6

The primary purpose of Dogtag 10.3 was to continue adding features and stream-lining the java Tomcat-based TPS process that was created in Dogtag 10.2.

The numerous tickets fixed during this particular phase can be found in the specified milestones of the PKI TRAC Ticket Instance:

  • 10.3.0.a1 - page 12 (15 tickets)
  • 10.3 - page 12 (64 tickets)

Detailed Changes since Dogtag 10.2.6

The following list of dependencies was gleaned from the following procedure (which includes tickets from the 10.3 and 10.3.0.a1 milestones):

   Dogtag 10_3:      [08/08/2015[ (master --> 10.3.0-0.1)
   Dogtag 10.3.0.a1: [03/07/2016] (master --> end of 10.3.0.a1)
   
   Run the following commands on the "master" branch:
   
       # git --no-pager log --since "08/08/2015" --until "03/07/2016" > ../history_10.3.0.a1
   
   and compose the following list.

Dogtag Certificate Server 10.3.0 (Alpha 2)       [04/07/2016]

Dogtag Certificate System 10.3.0.a2 represents the second alpha of Dogtag 10.3, and is associated with Fedora 24.

Project Name:

  • Dogtag Certificate System 10.3.0.a2

Releases:

  • [04/07/2016] Dogtag Certificate Server 10.3.0.a2 [32-bit & 64-bit Fedora 24]

Packages

  • Fedora 24
    • dogtag-pki-10.3.0.a2-1.fc24 [2016-04-07]
    • dogtag-pki-theme-10.3.0.a2-1.fc24 [2016-04-07]
    • pki-core-10.3.0.a2-2.fc24 [2016-04-09]
    • pki-console-10.3.0.a2-1.fc24 [2016-04-08]
  • Fedora 25
    • dogtag-pki-10.3.0.a2-1.fc25 [2016-04-07]
    • dogtag-pki-theme-10.3.0.a2-1.fc25 [2016-04-07]
    • pki-core-10.3.0.a2-2.fc25 [2016-04-09]
    • pki-console-10.3.0.a2-1.fc25 [2016-04-08]

Upgrade Notes:

After running fedup, simply use dnf (as necessary) to update existing packages.

PKI Instance updates from 10.2 or 10.3.0.a1 to 10.3.0.a2 are not supported.

Highlights since Dogtag 10.3.0.a1

The primary purpose of Dogtag 10.3 was to continue adding features and stream-lining the java Tomcat-based TPS process that was created in Dogtag 10.2.

The numerous tickets fixed during this particular phase can be found in the specified milestones of the PKI TRAC Ticket Instance:

  • 10.3.0.a2 - pages 11-12 (16 tickets)

Detailed Changes since Dogtag 10.3.0.a1

The following list of dependencies was gleaned from the following procedure:

   Dogtag 10.3.0.a2: [03/08/2016] (master --> beginning of 10.3.0.a2)
                     [04/07/2016] (master --> end of 10.3.0.a2)
   
   Run the following commands on the "master" branch:
   
       # git --no-pager log --since "03/08/2016" --until "04/07/2016" > ../history_10.3.0.a2
   
   and compose the following list.

Dogtag Certificate Server 10.3.0 (Beta 1)        [04/19/2016]

Dogtag Certificate System 10.3.0.b1 represents the first beta of Dogtag 10.3, and is associated with Fedora 24.

Project Name:

  • Dogtag Certificate System 10.3.0.b1

Releases:

  • [04/19/2016] Dogtag Certificate Server 10.3.0.b1 [32-bit & 64-bit Fedora 24]

Packages

  • Fedora 24
    • dogtag-pki-10.3.0.b1-1.fc24 [2016-04-18]
    • dogtag-pki-theme-10.3.0.b1-1.fc24 [2016-04-18]
    • pki-core-10.3.0.b1-1.fc24 [2016-04-19]
    • pki-console-10.3.0.b1-1.fc24 [2016-04-19]
  • Fedora 25
    • dogtag-pki-10.3.0.b1-1.fc25 [2016-04-18]
    • dogtag-pki-theme-10.3.0.b1-1.fc25 [2016-04-18]
    • pki-core-10.3.0.b1-1.fc25 [2016-04-19]
    • pki-console-10.3.0.b1-1.fc25 [2016-04-19]

Upgrade Notes:

After running fedup, simply use dnf (as necessary) to update existing packages.

PKI Instance updates from 10.2, 10.3.0.a1, or 10.3.0.a2 to 10.3.0.b1 are not supported.

Highlights since Dogtag 10.2.6

The primary purpose of Dogtag 10.3 was to continue adding features and stream-lining the java Tomcat-based TPS process that was created in Dogtag 10.2.

The numerous tickets fixed during this particular phase can be found in the specified milestones of the PKI TRAC Ticket Instance:

  • 10.3.0.b1 - page 11 (7 tickets)

Detailed Changes since Dogtag 10.3.0.a2

The following list of dependencies was gleaned from the following procedure:

   Dogtag 10.3.0.b1: [04/08/2016] (master --> start of 10.3.0.b1)
                     [04/19/2016] (master --> end of 10.3.0.b1)
   
   Run the following commands on the "master" branch:
   
       # git --no-pager log --since "04/08/2016" --until "04/19/2016" > ../history_10.3.0.b1
   
   and compose the following list.

Dogtag Certificate Server 10.3.1                      [05/17/2016]

Dogtag Certificate System 10.3.1 represents the first release of Dogtag 10.3, and is associated with Fedora 24.

Project Name:

  • Dogtag Certificate System 10.3.1

Releases:

  • [05/17/2016] Dogtag Certificate Server 10.3.1 [32-bit & 64-bit Fedora 24]

Packages

  • Fedora 24
    • dogtag-pki-10.3.1-1.fc24 [2016-05-17]
    • dogtag-pki-theme-10.3.1-2.fc24 [2016-05-17]
    • pki-core-10.3.1-1.fc24 [2016-05-17]
    • pki-console-10.3.1-1.fc24 [2016-05-17]
  • Fedora 25
    • dogtag-pki-10.3.1-1.fc25 [2016-05-17]
    • dogtag-pki-theme-10.3.1-2.fc25 [2016-05-17]
    • pki-core-10.3.1-1.fc25 [2016-05-17]
    • pki-console-10.3.1-1.fc25 [2016-05-17]

Upgrade Notes:

After running fedup, simply use dnf (as necessary) to update existing packages.

PKI Instance updates from 10.3.0.a1, 10.3.0.a2, or 10.3.0.b1 to 10.3.1 are not supported.

Highlights since Dogtag 10.3.0.b1

The primary purpose of Dogtag 10.3 was to continue adding features and stream-lining the java Tomcat-based TPS process that was created in Dogtag 10.2.

The numerous tickets fixed during this particular phase can be found in the specified milestones of the PKI TRAC Ticket Instance:

  • 10.3.1 - page 11 (51 tickets)

Detailed Changes since Dogtag 10.3.0.b1

The following list of dependencies was gleaned from the following procedure:

   Dogtag 10.3.1:    [04/20/2016] (master --> start of 10.3.1)
                     [05/17/2016] (master --> end of 10.3.1)
   
   Run the following commands on the "master" branch:
   
       # cd pki
       
       # git --no-pager log --since "04/20/2016" --until "05/17/2016" > ../history_10.3.1
       
       # cd ..
       
       # grep "Author:" history_10.3.1 | sort -u
       Author: Ade Lee <alee@redhat.com>
       Author: Christina Fu <cfu@redhat.com>
       Author: Endi S. Dewata <edewata@redhat.com>
       Author: Fraser Tweedale <ftweedal@redhat.com>
       Author: Jack Magne <jmagne@dhcp-16-206.sjc.redhat.com>
       Author: Matthew Harmsen <mharmsen@pki.usersys.redhat.com>
       Author: Matthew Harmsen <mharmsen@redhat.com>
       
       # vi 10.3.1.log
         * alee
         * cfu
         * edewata
         * ftweedal
         * jmagne
         * mharmsen
       
   From history_10.3.1, manually add tickets/check-ins per user to 10.3.1.log to compose the following list.
  • alee (7)
    • 1247 - Fix error output when request is rejected
    • 2041 - Add authz realm check for cert enrollment
    • 2041 - Add migration script for realm changes in registry.cfg
    • 2043 - Add CLI to check system certificate status
    • 2043 - Add validity check for the signing certificate in pkispawn
    • Fix existing ca setup to work with HSM
    • Fix problem in creating certificate requests
  • cfu (2)
    • 1508 - Missing token prefix for connectors in TPS Installation with HSM
    • 2303 - Key recovery fails with KRA on lunaSA
  • edewata (29)
    • 1290 - Updated default TPS token state transitions.
    • 1654 - Added log messages for pre-op mode.
    • 1667 - Renamed pki-server ca-db-upgrade to db-upgrade.
    • 1736 - Removed unused code for existing CA installation.
    • 2043 - Fixed pki-server subsystem-cert-validate command.
    • 2261 - Fixed TPS UI navigation.
    • 2262 - Fixed TPS UI navigation.
    • 2264 - Removed unused TPS user fields and group.
    • 2265 - Removed unused TPS user fields and group.
    • 2266 - Removed unused TPS user fields and group.
    • 2268 - Replaced TPS OP_DO_TOKEN activity.
    • 2278 - Renamed CS.cfg.in to CS.cfg.
               - Simplified slot substitution.
               - Added deployment parameters for number ranges.
    • 2286 - Refactored TokenStatus enumeration.
               - Renamed token status TEMP_LOST to SUSPENDED.
    • 2287 - Added token status UNFORMATTED.
               - Added warning message for token reuse.
    • 2288 - Renamed token status READY to FORMATTED.
               - Renamed token status UNINITIALIZED to READY.
    • 2296 - Fixed token status search filter.
    • 2304 - Removed default certificate validity delay.
    • 2312 - Fixed missing CSR extensions for external CA case.
    • Added TPSCertRecord.getSerialNumberInBigInteger().
    • Moved TPSTokendb.tdbGetTokenEntry() invocations.
    • Added TPSTokendb.revokeCert() and unrevokeCert().
    • Fixed activity logs for certificate revocations.
    • Updated TPS UI version number.
    • Removed unused variables in deployment scriptlets.
    • Fixed build issue with apache-commons-codec 1.8.
    • Fixed problem uninstalling standalone KRA.
    • Fixed duplicate executions of finalization scriptlet.
    • Fixed install-only message in external CA case.
    • Fixed error handling ConfigurationUtils.handleCertRequest().
  • ftweedal (8)
    • 1618 - Lightweight CAs: add issuer DN and serial to AuthorityData
    • 1625 - Lightweight CAs: fix bad import in key retriever script
               - Lightweight CAs: accept "host-authority" as valid parent
               - Lightweight CAs: allow specifying authority via ProfileSubmitServlet
               - Lightweight CAs: add IPACustodiaKeyRetriever
               - Lightweight CAs: add key retrieval framework
               - Add ca-authority-key-export command
               - Add method CryptoUtil.importPKIArchiveOptions
               - Lightweight CAs: authority schema changes
    • 1667 - Add pki-server ca-db-upgrade command
    • 2301 - Fix NSSDB certificate search method
    • 2317 - Reject cert request if resultant subject DN is invalid
    • 2321 - Support certificate search by issuer DN.
    • 2322 - Include issuer DN in CertDataInfo
    • Lightweight CAs: add missing authoritySerial attr to default schema
  • jmagne (3)
    • 1636 - TPS auth special characters fix.
    • 1921 - Update default values of connectionTimeout to format smart cards
    • Enhance tkstool for capabilities and security
  • mharmsen (6)
    • 856 - Fixed incorrect clone installation summary
    • 1669 - Fixed adminEnroll servlet browser import issue
    • 2248 - Removed pkidaemon support of apache instances
    • 2249 - fix bashisms
    • 2306 - Detect inability to submit ECC CSR on Chrome
    • 2323 - Added Chrome keygen warning