/[smecontribs]/rpms/phpki-ng/contribs10/phpki-ng.spec
ViewVC logotype

Diff of /rpms/phpki-ng/contribs10/phpki-ng.spec

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.11 by jcrisp, Tue Apr 6 00:24:42 2021 UTC Revision 1.17 by jpp, Sat Dec 17 07:19:17 2022 UTC
# Line 4  Line 4 
4    
5  %define         name phpki-ng  %define         name phpki-ng
6  %define         version 0.84  %define         version 0.84
7  %define         release 10  %define         release 16
8  Summary:        Phpki is a simple certificate management suite  Summary:        Phpki is a simple certificate management suite
9  Name:           %{name}  Name:           %{name}
10  Version:        %{version}  Version:        %{version}
# Line 20  Patch3:         phpki-ng-0.84-fix-crl.pa Line 20  Patch3:         phpki-ng-0.84-fix-crl.pa
20  Patch4:         phpki-ng-0.84-fix-missing-slash-certtype-detection.patch  Patch4:         phpki-ng-0.84-fix-missing-slash-certtype-detection.patch
21  Patch5:         phpki-ng-0.84-fix-html-directory-check.patch  Patch5:         phpki-ng-0.84-fix-html-directory-check.patch
22  Patch6:         phpki-ng-0.84-fix-download-cert.patch  Patch6:         phpki-ng-0.84-fix-download-cert.patch
23    Patch7:         phpki-ng-0.84-fix-html-syntax-in-help.patch
24    Patch8:         phpki-ng-0.84-fix-final-redirect.patch
25    Patch9:         phpki-ng-bz12272-bz12273-crl-whitespacepass.patch
26    Patch10:        phpki-ng-bz12274-regex-secu.patch
27    
28  BuildArch:      noarch  BuildArch:      noarch
29  BuildRoot:      /var/tmp/%{name}-%{version}  BuildRoot:      /var/tmp/%{name}-%{version}
# Line 42  With it, you may create and centrally ma Line 46  With it, you may create and centrally ma
46  e-mail clients, SSL servers, and VPN applications.  e-mail clients, SSL servers, and VPN applications.
47    
48  %changelog  %changelog
49  * Tue Apr 06 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-9.sme  * Sat Dec 17 2022 Jean-Philippe Pialasse <tests@pialasse.com> 0.84-16.sme
50    - add dl_crl_pem.php [SME: 12272]
51    
52    * Wed Dec 14 2022 Jean-Philippe Pialasse <tests@pialasse.com> 0.84-15.sme
53    - fix regex and potential code injection [SME: 12274]
54    
55    * Wed Dec 14 2022 Jean-Philippe Pialasse <tests@pialasse.com> 0.84-14.sme
56    - add easy and safe access to crl download [SME: 12272]
57    - fix revoke certificate failing on whitespace pass [SME: 12273]
58    - fix missing default_md in config.php from previous versions [SME: 12267]
59    - updated scriptlet to ease backup and restore
60    
61    * Fri Nov 18 2022 Jean-Philippe Pialasse <tests@pialasse.com> 0.84-13.sme
62    - remove extra space in URL in search.php [SME: 12232]
63    
64    * Thu Sep 30 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-12.sme
65    - Attempt to fix the final reload after CA creation [SME: 11192]
66    
67    * Thu Aug 05 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-11.sme
68    - Fix html syntax error in help - Thanks Mauro De Carolis [SME: 11688]
69    
70    * Tue Apr 06 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-10.sme
71  - And tidy up the copying wording. [SME: 11192]  - And tidy up the copying wording. [SME: 11192]
72  - Credit to Terry Fage for persisting with testing  - Credit to Terry Fage for persisting with testing
73    
# Line 196  e-mail clients, SSL servers, and VPN app Line 221  e-mail clients, SSL servers, and VPN app
221  %patch4 -p1  %patch4 -p1
222  %patch5 -p1  %patch5 -p1
223  %patch6 -p1  %patch6 -p1
224    %patch7 -p1
225    %patch8 -p1
226    %patch9 -p1
227    %patch10 -p1
228    
229  %build  %build
230  %{__mkdir_p} root/opt/phpki/html  %{__mkdir_p} root/opt/phpki/html
# Line 253  echo "********************************** Line 282  echo "**********************************
282  echo "*  This contrib now has higher levels of encryption"  echo "*  This contrib now has higher levels of encryption"
283  echo "* "  echo "* "
284  echo "*  We cannot upgrade your existing certificates"  echo "*  We cannot upgrade your existing certificates"
285    echo "* existing certificates from SME9 or below have either "
286    echo "* md5WithRSAEncryption sha1WithRSAEncryption"
287    echo "* as Signature Algorithm (weak)."
288    echo "* only way to update to sha256 or sha512 is to "
289    echo "* start from scratch."
290  echo "* "  echo "* "
291  echo "*  If you have existing certificates you want to use"  echo "*  If you have existing certificates you want to use"
292  echo "*  then start with a new CA, backup up, and then restore"  echo "*  then start with a new CA, backup up, and then restore"
# Line 263  echo "" Line 297  echo ""
297    
298  if [ -d /opt/phpki/phpki-store ] ; then  if [ -d /opt/phpki/phpki-store ] ; then
299      echo "Backing up your /opt/phpki/phpki-store"      echo "Backing up your /opt/phpki/phpki-store"
300      RANDOM=$$      today=$(date "+%Y%m%d%H%M")
301      PHPKIDIR=$(( 1 + $RANDOM%99999 ))      echo "Copying from /opt/phpki/phpki-store to /opt/phpki/phpki-store.$today"
302      echo "Number is $PHPKIDIR"      /bin/cp -pr /opt/phpki/phpki-store "/opt/phpki/phpki-store.$today"
303      echo "Copying from /opt/phpki/phpki-store to /opt/phpki/phpki-store.$PHPKIDIR"      echo "Directory copied... continuing to install"
304      /bin/cp -pr /opt/phpki/phpki-store "/opt/phpki/phpki-store.$PHPKIDIR"      # fix missing md_default
305      echo "Directory copied...continuing installaton"      if ( grep default_md /opt/phpki/phpki-store/config/config.php -q ); then
306          echo "md_default OK"
307        else
308          echo "default_md missing in /opt/phpki/phpki-store/config/config.php"
309          echo "getting  value from /opt/phpki/phpki-store/config/openssl.cnf"
310          # it could ba acceptable to hash sha256 a certificate from a root with sha1.
311          defaultmd=$(awk '/^default_md/{print $NF}' /opt/phpki/phpki-store/config/openssl.cnf || echo "sha512")
312          echo "inserting $defaultmd default_md at end of /opt/phpki/phpki-store/config/config.php"
313          sed -i '/\?>/i \
314          # Define default md \
315          \$config['default_md']    = "'$defaultmd'";' /opt/phpki/phpki-store/config/config.php
316          echo "Done... continuing to install"
317        fi
318  else  else
319      echo "No directory detected...continuing installaton"      echo "No directory detected... continuing to install"
320  fi  fi
321    
322    
323    
324  if ! /usr/bin/id phpki &>/dev/null; then  if ! /usr/bin/id phpki &>/dev/null; then
325  echo "Creating phpki user"    echo "Creating phpki user"
326          /usr/sbin/useradd -c 'Phpki User' -s /sbin/nologin -r -d /opt/phpki/phpki-store phpki &>/dev/null || \    /usr/sbin/useradd -c 'Phpki User' -s /sbin/nologin -r -d /opt/phpki/phpki-store phpki &>/dev/null || \
327                  %logmsg "Unexpected error adding user \"phpki\". Abort installation."                  %logmsg "Unexpected error adding user \"phpki\". Abort installation."
328  fi  fi
329    
# Line 287  fi Line 333  fi
333  %post  %post
334  # First install, point index.php to setup.php  # First install, point index.php to setup.php
335  if [ $1 == 1 ]; then  if [ $1 == 1 ]; then
336      #do not do if there is already a CA (restore from backup))
337      if [ ! -f /opt/phpki/phpki-store/config/config.php ] ; then
338          %{__ln_s} /opt/phpki/html/setup.php-presetup /opt/phpki/html/index.php          %{__ln_s} /opt/phpki/html/setup.php-presetup /opt/phpki/html/index.php
339          %{__ln_s} /opt/phpki/html/setup.php-presetup /opt/phpki/html/setup.php          %{__ln_s} /opt/phpki/html/setup.php-presetup /opt/phpki/html/setup.php
340          echo "<?php    fi
341      echo "<?php
342  header(\"Location: ./../index.php\");  header(\"Location: ./../index.php\");
343  ?>  ?>
344  " > /opt/phpki/html/ca/index.php  " > /opt/phpki/html/ca/index.php

Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed