/[smecontribs]/rpms/phpki-ng/contribs10/phpki-ng.spec
ViewVC logotype

Diff of /rpms/phpki-ng/contribs10/phpki-ng.spec

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.14 by jpp, Mon Nov 21 02:09:06 2022 UTC Revision 1.15 by jpp, Wed Dec 14 18:32:49 2022 UTC
# Line 4  Line 4 
4    
5  %define         name phpki-ng  %define         name phpki-ng
6  %define         version 0.84  %define         version 0.84
7  %define         release 13  %define         release 14
8  Summary:        Phpki is a simple certificate management suite  Summary:        Phpki is a simple certificate management suite
9  Name:           %{name}  Name:           %{name}
10  Version:        %{version}  Version:        %{version}
# Line 22  Patch5:         phpki-ng-0.84-fix-html-d Line 22  Patch5:         phpki-ng-0.84-fix-html-d
22  Patch6:         phpki-ng-0.84-fix-download-cert.patch  Patch6:         phpki-ng-0.84-fix-download-cert.patch
23  Patch7:         phpki-ng-0.84-fix-html-syntax-in-help.patch  Patch7:         phpki-ng-0.84-fix-html-syntax-in-help.patch
24  Patch8:         phpki-ng-0.84-fix-final-redirect.patch  Patch8:         phpki-ng-0.84-fix-final-redirect.patch
25    Patch9:         phpki-ng-bz12272-bz12273-crl-whitespacepass.patch
26    
27  BuildArch:      noarch  BuildArch:      noarch
28  BuildRoot:      /var/tmp/%{name}-%{version}  BuildRoot:      /var/tmp/%{name}-%{version}
# Line 45  With it, you may create and centrally ma Line 45  With it, you may create and centrally ma
45  e-mail clients, SSL servers, and VPN applications.  e-mail clients, SSL servers, and VPN applications.
46    
47  %changelog  %changelog
48  * Fri Nov 18 2022 Jean-Philippe Pialasse <tests@pialasse.com> %{version}-13.sme  * Wed Dec 14 2022 Jean-Philippe Pialasse <tests@pialasse.com> 0.84-14.sme
49    - add easy and safe access to crl download [SME: 12272]
50    - fix revoke certificate failing on whitespace pass [SME: 12273]
51    - fix missing default_md in config.php from previous versions [SME: 12267]
52    - updated scriptlet to ease backup and restore
53    
54    * Fri Nov 18 2022 Jean-Philippe Pialasse <tests@pialasse.com> 0.84-13.sme
55  - remove extra space in URL in search.php [SME: 12232]  - remove extra space in URL in search.php [SME: 12232]
56    
57  * Thu Sep 30 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-12.sme  * Thu Sep 30 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-12.sme
# Line 210  e-mail clients, SSL servers, and VPN app Line 216  e-mail clients, SSL servers, and VPN app
216  %patch6 -p1  %patch6 -p1
217  %patch7 -p1  %patch7 -p1
218  %patch8 -p1  %patch8 -p1
219    %patch9 -p1
220    
221  %build  %build
222  %{__mkdir_p} root/opt/phpki/html  %{__mkdir_p} root/opt/phpki/html
# Line 267  echo "********************************** Line 274  echo "**********************************
274  echo "*  This contrib now has higher levels of encryption"  echo "*  This contrib now has higher levels of encryption"
275  echo "* "  echo "* "
276  echo "*  We cannot upgrade your existing certificates"  echo "*  We cannot upgrade your existing certificates"
277    echo "* existing certificates from SME9 or below have either "
278    echo "* md5WithRSAEncryption sha1WithRSAEncryption"
279    echo "* as Signature Algorithm (weak)."
280    echo "* only way to update to sha256 or sha512 is to "
281    echo "* start from scratch."
282  echo "* "  echo "* "
283  echo "*  If you have existing certificates you want to use"  echo "*  If you have existing certificates you want to use"
284  echo "*  then start with a new CA, backup up, and then restore"  echo "*  then start with a new CA, backup up, and then restore"
# Line 277  echo "" Line 289  echo ""
289    
290  if [ -d /opt/phpki/phpki-store ] ; then  if [ -d /opt/phpki/phpki-store ] ; then
291      echo "Backing up your /opt/phpki/phpki-store"      echo "Backing up your /opt/phpki/phpki-store"
292      RANDOM=$$      today=$(date "+%Y%m%d%H%M")
293      PHPKIDIR=$(( 1 + $RANDOM%99999 ))      echo "Copying from /opt/phpki/phpki-store to /opt/phpki/phpki-store.$today"
294      echo "Number is $PHPKIDIR"      /bin/cp -pr /opt/phpki/phpki-store "/opt/phpki/phpki-store.$today"
295      echo "Copying from /opt/phpki/phpki-store to /opt/phpki/phpki-store.$PHPKIDIR"      echo "Directory copied... continuing to install"
296      /bin/cp -pr /opt/phpki/phpki-store "/opt/phpki/phpki-store.$PHPKIDIR"      # fix missing md_default
297      echo "Directory copied...continuing installaton"      if ( grep default_md /opt/phpki/phpki-store/config/config.php -q ); then
298          echo "md_default OK"
299        else
300          echo "default_md missing in /opt/phpki/phpki-store/config/config.php"
301          echo "getting  value from /opt/phpki/phpki-store/config/openssl.cnf"
302          # it could ba acceptable to hash sha256 a certificate from a root with sha1.
303          defaultmd=$(awk '/^default_md/{print $NF}' /opt/phpki/phpki-store/config/openssl.cnf || echo "sha512")
304          echo "inserting $defaultmd default_md at end of /opt/phpki/phpki-store/config/config.php"
305          sed -i '/\?>/i \
306          # Define default md \
307          \$config['default_md']    = "'$defaultmd'";' /opt/phpki/phpki-store/config/config.php
308          echo "Done... continuing to install"
309        fi
310  else  else
311      echo "No directory detected...continuing installaton"      echo "No directory detected... continuing to install"
312  fi  fi
313    
314    
315    
316  if ! /usr/bin/id phpki &>/dev/null; then  if ! /usr/bin/id phpki &>/dev/null; then
317  echo "Creating phpki user"    echo "Creating phpki user"
318          /usr/sbin/useradd -c 'Phpki User' -s /sbin/nologin -r -d /opt/phpki/phpki-store phpki &>/dev/null || \    /usr/sbin/useradd -c 'Phpki User' -s /sbin/nologin -r -d /opt/phpki/phpki-store phpki &>/dev/null || \
319                  %logmsg "Unexpected error adding user \"phpki\". Abort installation."                  %logmsg "Unexpected error adding user \"phpki\". Abort installation."
320  fi  fi
321    
# Line 301  fi Line 325  fi
325  %post  %post
326  # First install, point index.php to setup.php  # First install, point index.php to setup.php
327  if [ $1 == 1 ]; then  if [ $1 == 1 ]; then
328      #do not do if there is already a CA (restore from backup))
329      if [ ! -f /opt/phpki/phpki-store/config/config.php ] ; then
330          %{__ln_s} /opt/phpki/html/setup.php-presetup /opt/phpki/html/index.php          %{__ln_s} /opt/phpki/html/setup.php-presetup /opt/phpki/html/index.php
331          %{__ln_s} /opt/phpki/html/setup.php-presetup /opt/phpki/html/setup.php          %{__ln_s} /opt/phpki/html/setup.php-presetup /opt/phpki/html/setup.php
332          echo "<?php    fi
333      echo "<?php
334  header(\"Location: ./../index.php\");  header(\"Location: ./../index.php\");
335  ?>  ?>
336  " > /opt/phpki/html/ca/index.php  " > /opt/phpki/html/ca/index.php

Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed