diff --git a/pki-10.6.9-3.patch b/pki-10.6.9-3.patch new file mode 100644 index 0000000..b17208e --- /dev/null +++ b/pki-10.6.9-3.patch @@ -0,0 +1,265 @@ +From 0971afcf0afa8195bf60707a611476048b9f2f57 Mon Sep 17 00:00:00 2001 +From: Stanislav Levin +Date: Mon, 21 Jan 2019 17:03:00 +0300 +Subject: [PATCH] Fix flake8 3.6.0 errors + +Since 3.6.0 flake8 respects '# flake8: noqa' processor rule if +it is only on a line by itself. + +http://flake8.pycqa.org/en/latest/release-notes/3.6.0.html?highlight=noqa + +Additionally this fixes simple Python style errors found here. + +Fixes: https://pagure.io/dogtagpki/issue/3090 +Signed-off-by: Stanislav Levin +--- + base/common/python/pki/cli/password.py | 2 +- + base/common/python/pki/cli/pkcs12.py | 5 ++-- + base/common/python/setup.py | 4 +-- + base/server/python/pki/server/cli/cert.py | 25 ++++++++++++------- + base/server/python/pki/server/cli/http.py | 14 +++++++---- + base/server/python/pki/server/cli/instance.py | 15 ++++++----- + .../server/python/pki/server/cli/subsystem.py | 17 ++++++++----- + 7 files changed, 51 insertions(+), 31 deletions(-) + +diff --git a/base/common/python/pki/cli/password.py b/base/common/python/pki/cli/password.py +index 7b055fbef..68985e6cb 100644 +--- a/base/common/python/pki/cli/password.py ++++ b/base/common/python/pki/cli/password.py +@@ -43,7 +43,7 @@ class PasswordGenerateCLI(pki.cli.CLI): + super(PasswordGenerateCLI, self).__init__( + 'generate', 'Generate secure random password') + +- def print_help(self): # flake8: noqa ++ def print_help(self): + print('Usage: pki password-generate [OPTIONS]') + print() + print(' -v, --verbose Run in verbose mode.') +diff --git a/base/common/python/pki/cli/pkcs12.py b/base/common/python/pki/cli/pkcs12.py +index 5eb069024..09dbb4133 100644 +--- a/base/common/python/pki/cli/pkcs12.py ++++ b/base/common/python/pki/cli/pkcs12.py +@@ -50,10 +50,11 @@ class PKCS12ImportCLI(pki.cli.CLI): + super(PKCS12ImportCLI, self).__init__( + 'import', 'Import PKCS #12 file into NSS database') + +- def print_help(self): # flake8: noqa ++ def print_help(self): + print('Usage: pki pkcs12-import [OPTIONS]') + print() +- print(' --pkcs12-file PKCS #12 file containing certificates and keys.') ++ print(' --pkcs12-file PKCS #12 file containing certificates and ' ++ 'keys.') + print(' --pkcs12-password Password for the PKCS #12 file.') + print(' --pkcs12-password-file containing the PKCS #12 password.') + print(' --no-trust-flags Do not include trust flags') +diff --git a/base/common/python/setup.py b/base/common/python/setup.py +index c90f6e2e4..d7150289e 100644 +--- a/base/common/python/setup.py ++++ b/base/common/python/setup.py +@@ -49,8 +49,8 @@ from distutils.cmd import Command + class VersionInfo(Command): + user_options = [] + +- version_re = re.compile('^Version:\s*(\d+\.\d+\.\d+)') +- release_re = re.compile('^Release:.*?([\d\.]+)') ++ version_re = re.compile(r'^Version:\s*(\d+\.\d+\.\d+)') ++ release_re = re.compile(r'^Release:.*?([\d\.]+)') + specfile = '../../../pki.spec' + + def initialize_options(self): +diff --git a/base/server/python/pki/server/cli/cert.py b/base/server/python/pki/server/cli/cert.py +index 59f31e0ff..b37d49aeb 100644 +--- a/base/server/python/pki/server/cli/cert.py ++++ b/base/server/python/pki/server/cli/cert.py +@@ -644,19 +644,25 @@ class CertExportCLI(pki.cli.CLI): + super(CertExportCLI, self).__init__( + 'export', 'Export system certificate.') + +- def print_help(self): # flake8: noqa ++ def print_help(self): + print('Usage: pki-server cert-export [OPTIONS] ') + print() + print('Specify at least one output file: certificate, CSR, or PKCS #12.') + print() + print(' -i, --instance Instance ID (default: pki-tomcat).') +- print(' --cert-file Output file to store the exported certificate in PEM format.') +- print(' --csr-file Output file to store the exported CSR in PEM format.') +- print(' --pkcs12-file Output file to store the exported certificate and key in PKCS #12 format.') ++ print(' --cert-file Output file to store the exported certificate ' ++ 'in PEM format.') ++ print(' --csr-file Output file to store the exported CSR in PEM ' ++ 'format.') ++ print(' --pkcs12-file Output file to store the exported certificate ' ++ 'and key in PKCS #12 format.') + print(' --pkcs12-password Password for the PKCS #12 file.') +- print(' --pkcs12-password-file Input file containing the password for the PKCS #12 file.') +- print(' --friendly-name Friendly name for the certificate in PKCS #12 file.') +- print(' --cert-encryption Certificate encryption algorithm (default: none).') ++ print(' --pkcs12-password-file Input file containing the password for the ' ++ 'PKCS #12 file.') ++ print(' --friendly-name Friendly name for the certificate in PKCS #12 ' ++ 'file.') ++ print(' --cert-encryption Certificate encryption algorithm (default: ' ++ 'none).') + print(' --key-encryption Key encryption algorithm (default: PBES2).') + print(' --append Append into an existing PKCS #12 file.') + print(' --no-trust-flags Do not include trust flags') +@@ -967,7 +973,7 @@ class CertFixCLI(pki.cli.CLI): + super(CertFixCLI, self).__init__( + 'fix', 'Fix expired system certificate(s).') + +- def print_help(self): # flake8: noqa ++ def print_help(self): + print('Usage: pki-server cert-fix [OPTIONS]') + # CertID: subsystem, sslserver, kra_storage, kra_transport, ca_ocsp_signing, + # ca_audit_signing, kra_audit_signing +@@ -977,7 +983,8 @@ class CertFixCLI(pki.cli.CLI): + print(' -i, --instance Instance ID (default: pki-tomcat).') + print(' -d NSS database location (default: ~/.dogtag/nssdb)') + print(' -c NSS database password') +- print(' -C Input file containing the password for the NSS database.') ++ print(' -C Input file containing the password for the NSS ' ++ 'database.') + print(' -n Client certificate nickname') + print(' -v, --verbose Run in verbose mode.') + print(' --debug Run in debug mode.') +diff --git a/base/server/python/pki/server/cli/http.py b/base/server/python/pki/server/cli/http.py +index def5fe48b..cbe9b30b4 100644 +--- a/base/server/python/pki/server/cli/http.py ++++ b/base/server/python/pki/server/cli/http.py +@@ -68,7 +68,7 @@ class HTTPConnectorCLI(pki.cli.CLI): + connector.attrib.pop(name) + + @staticmethod +- def print_connector(connector): # flake8: noqa ++ def print_connector(connector): + + HTTPConnectorCLI.print_param(connector, 'name', 'Connector ID') + HTTPConnectorCLI.print_param(connector, 'scheme', 'Scheme') +@@ -77,8 +77,10 @@ class HTTPConnectorCLI(pki.cli.CLI): + + HTTPConnectorCLI.print_param(connector, 'sslImplementationName', 'SSL Implementation') + +- HTTPConnectorCLI.print_param(connector, 'sslVersionRangeStream', 'SSL Version Range Stream') +- HTTPConnectorCLI.print_param(connector, 'sslVersionRangeDatagram', 'SSL Version Range Datagram') ++ HTTPConnectorCLI.print_param(connector, 'sslVersionRangeStream', ++ 'SSL Version Range Stream') ++ HTTPConnectorCLI.print_param(connector, 'sslVersionRangeDatagram', ++ 'SSL Version Range Datagram') + HTTPConnectorCLI.print_param(connector, 'sslRangeCiphers', 'SSL Range Ciphers') + + HTTPConnectorCLI.print_param(connector, 'certdbDir', 'NSS Database Directory') +@@ -330,7 +332,8 @@ class HTTPConnectorModCLI(pki.cli.CLI): + connector = connectors[name] + + HTTPConnectorCLI.set_param(connector, 'certdbDir', nss_database_dir) +- HTTPConnectorCLI.set_param(connector, 'passwordClass', 'org.apache.tomcat.util.net.jss.PlainPasswordFile') ++ HTTPConnectorCLI.set_param(connector, 'passwordClass', ++ 'org.apache.tomcat.util.net.jss.PlainPasswordFile') + HTTPConnectorCLI.set_param(connector, 'passwordFile', nss_password_file) + HTTPConnectorCLI.set_param(connector, 'serverCertNickFile', server_cert_nickname_file) + +@@ -364,7 +367,8 @@ class HTTPConnectorModCLI(pki.cli.CLI): + HTTPConnectorCLI.set_param(connector, 'keystorePassFile', keystore_password_file) + HTTPConnectorCLI.set_param(connector, 'keyAlias', 'sslserver') + +- HTTPConnectorCLI.set_param(connector, 'trustManagerClassName', 'org.dogtagpki.tomcat.PKITrustManager') ++ HTTPConnectorCLI.set_param(connector, 'trustManagerClassName', ++ 'org.dogtagpki.tomcat.PKITrustManager') + + else: + raise Exception('Invalid connector type: %s' % connector_type) +diff --git a/base/server/python/pki/server/cli/instance.py b/base/server/python/pki/server/cli/instance.py +index 079281fee..4c97bbbaf 100644 +--- a/base/server/python/pki/server/cli/instance.py ++++ b/base/server/python/pki/server/cli/instance.py +@@ -70,13 +70,15 @@ class InstanceCertExportCLI(pki.cli.CLI): + super(InstanceCertExportCLI, self).__init__( + 'export', 'Export system certificates') + +- def print_help(self): # flake8: noqa ++ def print_help(self): + print('Usage: pki-server instance-cert-export [OPTIONS] [nicknames...]') + print() + print(' -i, --instance Instance ID (default: pki-tomcat).') +- print(' --pkcs12-file Output file to store the exported certificate and key in PKCS #12 format.') ++ print(' --pkcs12-file Output file to store the exported certificate ' ++ 'and key in PKCS #12 format.') + print(' --pkcs12-password Password for the PKCS #12 file.') +- print(' --pkcs12-password-file Input file containing the password for the PKCS #12 file.') ++ print(' --pkcs12-password-file Input file containing the password for the ' ++ 'PKCS #12 file.') + print(' --append Append into an existing PKCS #12 file.') + print(' --no-trust-flags Do not include trust flags') + print(' --no-key Do not include private key') +@@ -624,7 +626,8 @@ class InstanceExternalCertAddCLI(pki.cli.CLI): + print('Usage: pki-server instance-externalcert-add [OPTIONS]') + print() + print(' -i, --instance Instance ID (default: pki-tomcat).') +- print(' --cert-file Input file containing the external certificate or certificate chain.') ++ print(' --cert-file Input file containing the external certificate' ++ ' or certificate chain.') + print(' --trust-args Trust args (default \",,\").') + print(' --nickname Nickname to be used.') + print(' --token Token (default: internal).') +@@ -636,7 +639,7 @@ class InstanceExternalCertAddCLI(pki.cli.CLI): + try: + opts, _ = getopt.gnu_getopt(argv, 'i:v', [ + 'instance=', +- 'cert-file=', 'trust-args=', 'nickname=','token=', ++ 'cert-file=', 'trust-args=', 'nickname=', 'token=', + 'verbose', 'help']) + + except getopt.GetoptError as e: +@@ -745,7 +748,7 @@ class InstanceExternalCertDeleteCLI(pki.cli.CLI): + def execute(self, argv): + try: + opts, _ = getopt.gnu_getopt(argv, 'i:v', [ +- 'instance=', 'nickname=','token=', ++ 'instance=', 'nickname=', 'token=', + 'verbose', 'help']) + + except getopt.GetoptError as e: +diff --git a/base/server/python/pki/server/cli/subsystem.py b/base/server/python/pki/server/cli/subsystem.py +index 45570a74d..3fa1384ae 100644 +--- a/base/server/python/pki/server/cli/subsystem.py ++++ b/base/server/python/pki/server/cli/subsystem.py +@@ -564,15 +564,19 @@ class SubsystemCertExportCLI(pki.cli.CLI): + super(SubsystemCertExportCLI, self).__init__( + 'export', 'Export subsystem certificate') + +- def print_help(self): # flake8: noqa ++ def print_help(self): + print('Usage: pki-server subsystem-cert-export [OPTIONS] [cert ID]') + print() + print(' -i, --instance Instance ID (default: pki-tomcat).') +- print(' --cert-file Output file to store the exported certificate in PEM format.') +- print(' --csr-file Output file to store the exported CSR in PEM format.') +- print(' --pkcs12-file Output file to store the exported certificate and key in PKCS #12 format.') ++ print(' --cert-file Output file to store the exported certificate ' ++ 'in PEM format.') ++ print(' --csr-file Output file to store the exported CSR in PEM ' ++ 'format.') ++ print(' --pkcs12-file Output file to store the exported certificate ' ++ 'and key in PKCS #12 format.') + print(' --pkcs12-password Password for the PKCS #12 file.') +- print(' --pkcs12-password-file Input file containing the password for the PKCS #12 file.') ++ print(' --pkcs12-password-file Input file containing the password for the ' ++ 'PKCS #12 file.') + print(' --append Append into an existing PKCS #12 file.') + print(' --no-trust-flags Do not include trust flags') + print(' --no-key Do not include private key') +@@ -839,7 +843,8 @@ class SubsystemCertUpdateCLI(pki.cli.CLI): + + if data: + if self.verbose: +- print('Removing old %s certificate from database.' % subsystem_cert['nickname']) ++ print('Removing old %s certificate from database.' ++ % subsystem_cert['nickname']) + nssdb.remove_cert(nickname=subsystem_cert['nickname']) + if self.verbose: + print('Adding new %s certificate into database.' % subsystem_cert['nickname']) +-- +2.17.2 + diff --git a/pki-core.spec b/pki-core.spec index 902378a..42b3fde 100644 --- a/pki-core.spec +++ b/pki-core.spec @@ -8,7 +8,7 @@ URL: http://www.dogtagpki.org/ License: GPLv2 and LGPLv2 Version: 10.6.9 -Release: 2%{?_timestamp}%{?_commit_id}%{?dist} +Release: 3%{?_timestamp}%{?_commit_id}%{?dist} # global _phase -a1 # To create a tarball from a version tag: @@ -24,7 +24,7 @@ Source: https://github.com/dogtagpki/pki/archive/v%{version}%{?_phase}/pki-%{ver # --stdout \ # \ # > pki-VERSION-RELEASE.patch -# Patch: pki-VERSION-RELEASE.patch +Patch: pki-10.6.9-3.patch ################################################################################ # NSS @@ -668,7 +668,6 @@ Requires: tomcat >= 1:9.0.7 Requires: velocity Requires(post): systemd-units -Requires(preun): systemd-units Requires(postun): systemd-units Requires(pre): shadow-utils %if 0%{?rhel} && 0%{?rhel} <= 7 @@ -702,7 +701,6 @@ BuildArch: noarch Requires: pki-server >= %{version}-%{release} Requires(post): systemd-units -Requires(preun): systemd-units Requires(postun): systemd-units %description -n pki-ca @@ -726,7 +724,6 @@ BuildArch: noarch Requires: pki-server >= %{version}-%{release} Requires(post): systemd-units -Requires(preun): systemd-units Requires(postun): systemd-units %description -n pki-kra @@ -756,7 +753,6 @@ BuildArch: noarch Requires: pki-server >= %{version}-%{release} Requires(post): systemd-units -Requires(preun): systemd-units Requires(postun): systemd-units %description -n pki-ocsp @@ -793,7 +789,6 @@ BuildArch: noarch Requires: pki-server >= %{version}-%{release} Requires(post): systemd-units -Requires(preun): systemd-units Requires(postun): systemd-units %description -n pki-tks @@ -823,7 +818,6 @@ Summary: PKI TPS Package Requires: pki-server >= %{version}-%{release} Requires(post): systemd-units -Requires(preun): systemd-units Requires(postun): systemd-units # additional runtime requirements needed to run native 'tpsclient' @@ -1581,6 +1575,10 @@ fi ################################################################################ %changelog +* Tue Mar 12 2019 Tim Landscheidt - 10.6.9-3 +- Fix flake8 errors +- Remove obsolete requirements for preun scriptlets + * Sat Feb 02 2019 Fedora Release Engineering - 10.6.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild