/[smecontribs]/rpms/phpki/contribs9/phpki.spec
ViewVC logotype

Annotation of /rpms/phpki/contribs9/phpki.spec

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.3 - (hide annotations) (download)
Mon Oct 8 07:35:31 2018 UTC (6 years, 1 month ago) by dani
Branch: MAIN
CVS Tags: phpki-0_82-18_el6_sme
Changes since 1.2: +7 -2 lines
* Mon Oct 8 2018 Daniel B. <daniel@firewall-services.com> 0.82-18.sme
- Fix potential XSS with unsafe use of PHP_SELF [SME: 10626]

1 dani 1.3 # $Id: phpki.spec,v 1.2 2018/09/08 20:59:10 jcrisp Exp $
2 vip-ire 1.1 # Authority: vip-ire
3     # Name: Daniel Berteaud
4    
5     %define name phpki
6     %define version 0.82
7 dani 1.3 %define release 18
8 vip-ire 1.1 Summary: Phpki is a simple certificate management suite
9     Name: %{name}
10     Version: %{version}
11     Release: %{release}%{?dist}
12     License: GNU GPL version 2
13     URL: http://sourceforge.net/projects/phpki/
14     Group: SMEserver/addon
15     #wget http://www.fooweb.com/downloads/foo-3.6.431.tar.gz
16     Source: phpki-0.82.tar.gz
17     Patch1: phpki-0.82-email_signing.patch
18     Patch2: phpki-0.82-sme_openvpn_bridge_compat.patch
19     Patch3: phpki-0.82-sme_admin_user.patch
20     Patch4: phpki-0.82-openvpn_static_key.patch
21     Patch5: phpki-0.82-expirey.patch
22     Patch6: phpki-0.82-dl_display_ta_dh.patch
23     Patch7: phpki-0.82-dl_crl_in_pem.patch
24     Patch8: phpki-0.82-remove_email_from_upload_file_name.patch
25     Patch9: phpki-0.82-display_root_pem.patch
26     Patch10: phpki-0.82-disable_download_after_create.patch
27     Patch11: phpki-0.82-remove_security_warning.patch
28     Patch12: phpki-0.82-remove_email_from_upload_file_name.patch2
29     Patch13: phpki-0.82-ca_help.patch
30     Patch14: phpki-0.82-empty_pass_php_5.2.patch
31     Patch15: phpki-0.82-update_crl_via_cron.patch
32     Patch16: phpki-0.82-use_sha1.patch
33     Patch17: phpki-0.82-ca_admin_users.patch
34 jcrisp 1.2 Patch18: phpki-0.82.bz10622.fixphpwarnings.patch
35 dani 1.3 Patch19: phpki-0.82-potential_xss_php_self.patch
36 vip-ire 1.1
37     BuildArch: noarch
38     BuildRoot: /var/tmp/%{name}-%{version}
39    
40     BuildRequires: e-smith-devtools
41    
42     Requires: e-smith-release >= 7.0
43     Requires: php
44     Requires: openssl
45     Requires: openvpn
46     AutoReqProv: no
47    
48     %description
49     http://sourceforge.net/projects/phpki/
50     PHPki is an Open Source Web application for managing a multi-agency PKI for HIPAA compliance.
51     With it, you may create and centrally manage X.509 certificates for use with S/MIME enabled
52     e-mail clients, SSL servers, and VPN applications.
53    
54     %changelog
55 dani 1.3 * Mon Oct 8 2018 Daniel B. <daniel@firewall-services.com> 0.82-18.sme
56     - Fix potential XSS with unsafe use of PHP_SELF [SME: 10626]
57    
58 jcrisp 1.2 * Thu Sep 6 2018 brian r. <brianr@bjsystems.co.uk> 0.82-17.sme
59     - Replace use of ereg by preg_replace as per deprecated in php 5.3 and removed in 7.0
60    
61 vip-ire 1.1 * Mon Dec 12 2011 Daniel B. <daniel@firewall-services.com> 0.82-16.sme
62     - Remove php-posix dependency (not available, nor needed on SME 7.x) [SME: 6805]
63    
64     * Wed Oct 26 2011 Daniel B. <daniel@firewall-services.com> 0.82-15.sme
65     - Requires php-posix
66    
67     * Wed Jun 29 2011 Daniel B. <daniel@firewall-services.com> 0.82-14.sme
68     - Don't check issuer (everyone allowed to access /ca can manage
69     all the certificates, access to /ca is controlled by apache)
70    
71     * Tue Mar 15 2011 Daniel B. <daniel@firewall-services.com> 0.82-13.sme
72     - Replace md5 with sha1 for signing
73    
74     * Fri May 28 2010 Daniel B. <daniel@firewall-services.com> [0.82-12]
75     - Weekly update the CRL via cron so MS Crypto API will be happy
76    
77     * Thu Mar 18 2010 Daniel B. <daniel@firewall-services.com> [0.82-11]
78     - Fixe empty password with PHP 5.2 (SME 8b5)
79    
80     * Wed Aug 26 2009 Daniel B. <daniel@firewall-services.com> [0.82-10]
81     - Fixe links for CA help page
82    
83     * Mon Mar 23 2009 Daniel B. <daniel@firewall-services.com> [0.82-9]
84     - Remove links after uninstall so you can easily re-install the contrib
85     later [SME: 5091]
86    
87     * Tue Mar 03 2009 Daniel B. <daniel@firewall-services.com> [0.82-8]
88     - Add e-smith-devtools as a dependencie
89    
90     * Tue Jan 20 2009 Daniel B. <daniel@firewall-services.com> [0.82-7]
91     - Don't replace config file on upgrades
92    
93     * Wed Jan 07 2009 Daniel B. <daniel@firewall-services.com> [0.82-6]
94     - Remove the email address from the file name during upload (in search page)
95     - Remove secure.sh script
96    
97     * Tue Dec 16 2008 Daniel B. <daniel@firewall-services.com> [0.82-5]
98     - Link index.php to setup-presetup.php
99    
100     * Mon Dec 08 2008 Daniel B. <daniel@firewall-services.com> [0.82-4]
101     - Changes so certificates imported from openvpn-bridge are recognized
102     - Configure default admin user to 'admin'
103     - Create a static key for OpenVPN TLS auth (requires openvpn)
104     - Add expirey values (3 Months, 6 Months)
105     - Display or download takey.pem and dhparam1024.pem from
106     the certificate management menue
107     - Display the Root certificate in PEM format
108     - Possibility to download the CRL in PEM format
109     - Remove the email address from the file name during upload
110     - Disable download of certificate after creating a new one
111     - Remove security warning after setup
112    
113     * Wed Dec 05 2008 Daniel B. <daniel@firewall-services.com> [0.82-3]
114     - Correct extension name for email_signing certificates
115     - Remove links, and recreate them in the %post section so upgrade can be done smoothly
116    
117     * Wed Nov 26 2008 Daniel B. <daniel@firewall-services.com> [0.82-0]
118     - initial release
119     - builds from unchanged .tar.gz
120    
121     %prep
122     %setup -c -n %{name}
123     %patch1 -p1
124     %patch2 -p1
125     %patch3 -p1
126     %patch4 -p1
127     %patch5 -p1
128     %patch6 -p1
129     %patch7 -p1
130     %patch8 -p1
131     %patch9 -p1
132     %patch10 -p1
133     %patch11 -p1
134     %patch12 -p1
135     %patch13 -p1
136     %patch14 -p1
137     %patch15 -p1
138     %patch16 -p1
139     %patch17 -p1
140 jcrisp 1.2 %patch18 -p1
141 dani 1.3 %patch19 -p1
142 vip-ire 1.1
143     %build
144     %{__mkdir_p} root/opt/phpki/html
145     %{__mkdir_p} root/opt/phpki/phpki-store
146     %{__mkdir_p} root/opt/phpki/bin
147     %{__mkdir_p} root/%{_sysconfdir}/cron.weekly/
148     %{__mv} %{name}-%{version}/gen_crl.php root/opt/phpki/bin/
149     %{__mv} %{name}-%{version}/* root/opt/phpki/html/
150    
151    
152     cat <<"HERE" > root/%{_sysconfdir}/cron.weekly/phpki_update_crl
153     #!/bin/bash
154    
155     cd /opt/phpki/bin
156     php ./gen_crl.php 2>&1 > /dev/null
157    
158     HERE
159    
160    
161     # Remove links to setup page so upgrades can be done smoothly
162     %{__rm} -f root/opt/phpki/html/index.php
163     %{__rm} -f root/opt/phpki/html/ca/index.php
164     %{__rm} -f root/opt/phpki/html/setup.php
165    
166     # This script shouldn't be here
167     %{__rm} -f root/opt/phpki/html/secure.sh
168    
169    
170     %install
171     rm -rf $RPM_BUILD_ROOT
172     (cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT)
173     rm -f %{name}-%{version}-filelist
174     /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
175     --file '/opt/phpki/html/config.php' 'attr(660,root,phpki) %config(noreplace)' \
176     --file '/opt/phpki/html/openssl.cnf' 'attr(660,root,phpki) %config(noreplace)' \
177     --file '%{_sysconfdir}/cron.weekly/phpki_update_crl' 'attr(744,root,root)' \
178     --dir '/opt/phpki/html' 'attr(770,root,phpki)' \
179     --dir '/opt/phpki/html/ca' 'attr(770,root,phpki)' \
180     --dir '/opt/phpki/phpki-store' 'attr(750,phpki,phpki)' \
181     > %{name}-%{version}-filelist
182    
183     %files -f %{name}-%{version}-filelist
184     %defattr(-,root,root)
185    
186     %clean
187     cd ..
188     rm -rf $RPM_BUILD_ROOT
189    
190     %pre
191     if ! /usr/bin/id phpki &>/dev/null; then
192     /usr/sbin/useradd -c 'Phpki User' -s /sbin/nologin -r -d /opt/phpki/phpki-store phpki &>/dev/null || \
193     %logmsg "Unexpected error adding user \"phpki\". Abort installation."
194     fi
195    
196     %preun
197    
198     %post
199     # First install, point index.php to setup.php
200     if [ $1 == 1 ]; then
201     %{__ln_s} /opt/phpki/html/setup.php-presetup /opt/phpki/html/index.php
202     %{__ln_s} /opt/phpki/html/setup.php-presetup /opt/phpki/html/setup.php
203     echo "<?php
204     header(\"Location: ./../index.php\");
205     ?>
206     " > /opt/phpki/html/ca/index.php
207     fi
208    
209     %postun
210     # Remove the links to index.php after uninstall
211     if [ $1 == 0 ]; then
212     %{__rm} -f /opt/phpki/html/index.php
213     %{__rm} -f /opt/phpki/html/setup.php
214     %{__rm} -f /opt/phpki/html/ca/index.php
215     fi
216    
217    
218     true

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed