/[smecontribs]/rpms/phpki-ng/contribs10/phpki-ng.spec
ViewVC logotype

Diff of /rpms/phpki-ng/contribs10/phpki-ng.spec

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.8 by jcrisp, Thu Apr 1 09:12:23 2021 UTC Revision 1.16 by jpp, Wed Dec 14 21:52:41 2022 UTC
# Line 4  Line 4 
4    
5  %define         name phpki-ng  %define         name phpki-ng
6  %define         version 0.84  %define         version 0.84
7  %define         release 7  %define         release 15
8  Summary:        Phpki is a simple certificate management suite  Summary:        Phpki is a simple certificate management suite
9  Name:           %{name}  Name:           %{name}
10  Version:        %{version}  Version:        %{version}
# Line 20  Patch3:         phpki-ng-0.84-fix-crl.pa Line 20  Patch3:         phpki-ng-0.84-fix-crl.pa
20  Patch4:         phpki-ng-0.84-fix-missing-slash-certtype-detection.patch  Patch4:         phpki-ng-0.84-fix-missing-slash-certtype-detection.patch
21  Patch5:         phpki-ng-0.84-fix-html-directory-check.patch  Patch5:         phpki-ng-0.84-fix-html-directory-check.patch
22  Patch6:         phpki-ng-0.84-fix-download-cert.patch  Patch6:         phpki-ng-0.84-fix-download-cert.patch
23    Patch7:         phpki-ng-0.84-fix-html-syntax-in-help.patch
24    Patch8:         phpki-ng-0.84-fix-final-redirect.patch
25    Patch9:         phpki-ng-bz12272-bz12273-crl-whitespacepass.patch
26    Patch10:        phpki-ng-bz12274-regex-secu.patch
27    
28  BuildArch:      noarch  BuildArch:      noarch
29  BuildRoot:      /var/tmp/%{name}-%{version}  BuildRoot:      /var/tmp/%{name}-%{version}
# Line 42  With it, you may create and centrally ma Line 46  With it, you may create and centrally ma
46  e-mail clients, SSL servers, and VPN applications.  e-mail clients, SSL servers, and VPN applications.
47    
48  %changelog  %changelog
49    * Wed Dec 14 2022 Jean-Philippe Pialasse <tests@pialasse.com> 0.84-15.sme
50    - fix regex and potential code injection [SME: 12274]
51    
52    * Wed Dec 14 2022 Jean-Philippe Pialasse <tests@pialasse.com> 0.84-14.sme
53    - add easy and safe access to crl download [SME: 12272]
54    - fix revoke certificate failing on whitespace pass [SME: 12273]
55    - fix missing default_md in config.php from previous versions [SME: 12267]
56    - updated scriptlet to ease backup and restore
57    
58    * Fri Nov 18 2022 Jean-Philippe Pialasse <tests@pialasse.com> 0.84-13.sme
59    - remove extra space in URL in search.php [SME: 12232]
60    
61    * Thu Sep 30 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-12.sme
62    - Attempt to fix the final reload after CA creation [SME: 11192]
63    
64    * Thu Aug 05 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-11.sme
65    - Fix html syntax error in help - Thanks Mauro De Carolis [SME: 11688]
66    
67    * Tue Apr 06 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-10.sme
68    - And tidy up the copying wording. [SME: 11192]
69    - Credit to Terry Fage for persisting with testing
70    
71    * Mon Apr 05 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-9.sme
72    - Really fix the copy this time [SME: 11192]
73    
74    * Sat Apr 03 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-8.sme
75    - copy phpki-store as a backup instead of move [SME: 11192]
76    
77  * Thu Apr 01 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-7.sme  * Thu Apr 01 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-7.sme
78  - Fix broken Download Certificate in Cert generation [SME: 11513]  - Fix broken Download Certificate in Cert generation [SME: 11513]
79    
80  * Thu Mar 18 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-6.sme  * Thu Mar 18 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-6.sme
81  - Update html header info  - Update html header info [SME: 11192]
82  - Remove obsolete align  - Remove obsolete align
83  - Remove accidentally duplicated html  - Remove accidentally duplicated html
84  - Fix typo  - Fix typo
# Line 186  e-mail clients, SSL servers, and VPN app Line 218  e-mail clients, SSL servers, and VPN app
218  %patch4 -p1  %patch4 -p1
219  %patch5 -p1  %patch5 -p1
220  %patch6 -p1  %patch6 -p1
221    %patch7 -p1
222    %patch8 -p1
223    %patch9 -p1
224    %patch10 -p1
225    
226  %build  %build
227  %{__mkdir_p} root/opt/phpki/html  %{__mkdir_p} root/opt/phpki/html
# Line 243  echo "********************************** Line 279  echo "**********************************
279  echo "*  This contrib now has higher levels of encryption"  echo "*  This contrib now has higher levels of encryption"
280  echo "* "  echo "* "
281  echo "*  We cannot upgrade your existing certificates"  echo "*  We cannot upgrade your existing certificates"
282    echo "* existing certificates from SME9 or below have either "
283    echo "* md5WithRSAEncryption sha1WithRSAEncryption"
284    echo "* as Signature Algorithm (weak)."
285    echo "* only way to update to sha256 or sha512 is to "
286    echo "* start from scratch."
287  echo "* "  echo "* "
288  echo "*  If we detect an existing certificate store"  echo "*  If you have existing certificates you want to use"
289  echo "*  we are going to move it"  echo "*  then start with a new CA, backup up, and then restore"
290    echo "*  your phpki-store directory in /opt/phpki"
291  echo "* "  echo "* "
 echo "*  You can then start with a new CA and certificates"  
292  echo "******************************************************"  echo "******************************************************"
293  echo ""  echo ""
294    
295  if [ -d /opt/phpki/phpki-store ] ; then  if [ -d /opt/phpki/phpki-store ] ; then
296      echo "Backing up your /opt/phpki/phpki-store"      echo "Backing up your /opt/phpki/phpki-store"
297      RANDOM=$$      today=$(date "+%Y%m%d%H%M")
298      PHPKIDIR=$(( 1 + $RANDOM%99999 ))      echo "Copying from /opt/phpki/phpki-store to /opt/phpki/phpki-store.$today"
299      echo "Number is $PHPKIDIR"      /bin/cp -pr /opt/phpki/phpki-store "/opt/phpki/phpki-store.$today"
300      echo "moving from /opt/phpki/phpki-store to /opt/phpki/phpki-store.$PHPKIDIR"      echo "Directory copied... continuing to install"
301      mv /opt/phpki/phpki-store "/opt/phpki/phpki-store.$PHPKIDIR"      # fix missing md_default
302      echo "Directory moved...continuing installaton"      if ( grep default_md /opt/phpki/phpki-store/config/config.php -q ); then
303          echo "md_default OK"
304        else
305          echo "default_md missing in /opt/phpki/phpki-store/config/config.php"
306          echo "getting  value from /opt/phpki/phpki-store/config/openssl.cnf"
307          # it could ba acceptable to hash sha256 a certificate from a root with sha1.
308          defaultmd=$(awk '/^default_md/{print $NF}' /opt/phpki/phpki-store/config/openssl.cnf || echo "sha512")
309          echo "inserting $defaultmd default_md at end of /opt/phpki/phpki-store/config/config.php"
310          sed -i '/\?>/i \
311          # Define default md \
312          \$config['default_md']    = "'$defaultmd'";' /opt/phpki/phpki-store/config/config.php
313          echo "Done... continuing to install"
314        fi
315  else  else
316      echo "No directory detected...continuing installaton"      echo "No directory detected... continuing to install"
317  fi  fi
318    
319  echo "Creating phpki user"  
320    
321  if ! /usr/bin/id phpki &>/dev/null; then  if ! /usr/bin/id phpki &>/dev/null; then
322          /usr/sbin/useradd -c 'Phpki User' -s /sbin/nologin -r -d /opt/phpki/phpki-store phpki &>/dev/null || \    echo "Creating phpki user"
323      /usr/sbin/useradd -c 'Phpki User' -s /sbin/nologin -r -d /opt/phpki/phpki-store phpki &>/dev/null || \
324                  %logmsg "Unexpected error adding user \"phpki\". Abort installation."                  %logmsg "Unexpected error adding user \"phpki\". Abort installation."
325  fi  fi
326    
# Line 276  fi Line 330  fi
330  %post  %post
331  # First install, point index.php to setup.php  # First install, point index.php to setup.php
332  if [ $1 == 1 ]; then  if [ $1 == 1 ]; then
333      #do not do if there is already a CA (restore from backup))
334      if [ ! -f /opt/phpki/phpki-store/config/config.php ] ; then
335          %{__ln_s} /opt/phpki/html/setup.php-presetup /opt/phpki/html/index.php          %{__ln_s} /opt/phpki/html/setup.php-presetup /opt/phpki/html/index.php
336          %{__ln_s} /opt/phpki/html/setup.php-presetup /opt/phpki/html/setup.php          %{__ln_s} /opt/phpki/html/setup.php-presetup /opt/phpki/html/setup.php
337          echo "<?php    fi
338      echo "<?php
339  header(\"Location: ./../index.php\");  header(\"Location: ./../index.php\");
340  ?>  ?>
341  " > /opt/phpki/html/ca/index.php  " > /opt/phpki/html/ca/index.php

Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed