[Pki-devel] [PATCH] pki-cfu-0055-Ticket-1295-CA-OCSP-via-GET-does-not-work.patch

[Christina Fu]

Thanks Endi.  All comments addressed...

commit 2aa7ed131f4d229269088775513f23ec8b3793ec
Author: Christina Fu <cfu at redhat.com>
Date:   Mon May 4 15:51:48 2015 -0700

     Ticket 1295 Upgrade script for - CA: OCSP via GET does not work

Christina

On 05/05/2015 07:11 AM, Endi Sukma Dewata wrote:
> On 5/4/2015 6:38 PM, Christina Fu wrote:
>> here is the patch for the upgrade script for this ticket
>> https://fedorahosted.org/pki/ticket/1295
>> Please review.
>>
>> Note: I was able to get the xml element added to the web.xml and the
>> server will work with the ocsp GET request, however, there is a cosmetic
>> issue with missing blank line and a few spaces for the next element
>> after.  If anyone has ideas on how to fix this, please feel free to make
>> suggestions.
>> Here is how it looks like now:
>> http://fpaste.org/218405/
>>
>> thanks,
>> Christina
>
> A few minor issues:
>
> 1. I was able to fix the missing blank line and spaces with the 
> changes that you mentioned on IRC:
>
>   mapping.tail = '\n\n  '
>
> You might want to test it again (and make sure the web.xml is clean).
>
> 2. The indentations of the XML elements in OCSPGETServletMappingData 
> should match those in the web.xml (3 and 6 spaces).
>
> 3. Recently we implemented direct deployment for all subsystems 
> (commit 533b33a753801b3cc91529d83ac75f2214f86fcf), so newly deployed 
> subsystems will not have a web.xml in the instance folder (they will 
> be updated automatically during RPM upgrade). However, old subsystems 
> (or custom subsystems) will still have it. So we should perform the 
> upgrade only if the file exists. Without this check, you might see an 
> error in pki-server-upgrade log.
>
> 4. Since this is the first upgrade script for 10.2.4, there should be 
> a 10.2.4 folder in base/common/upgrade as well with just a .gitignore 
> file.
>
> These issues should be easy to fix before push. ACK.
>