anyone?

On Sat, Feb 15, 2020 at 10:54:40PM +0100, Remi Locherer wrote:
> ping
> 
> On Tue, Feb 04, 2020 at 05:32:24PM +0100, Remi Locherer wrote:
> > Hi,
> > 
> > Netshot 0.14.1 was released a while ago. The release notes list these items:
> > 
> > - Library update (vulnerability fix)
> > - Fix an error which could prevent the removal of credential sets
> > - Add support for PKCS12 keystores (default now)
> > 
> > I verified that after "pkg_add -u" netshot still works with an existing
> > Java key store file (*.jks).
> > 
> > I think it makes sense to keep the "@extra ${SYSCONFDIR}/netshot.jks" in
> > PLIST since that is what the example config suggested till now.
> > But I'm not sure on this one.
> > 
> > Comments, OKs?
> > 
> > Remi
> > 
> > 
> > Index: Makefile
> > ===================================================================
> > RCS file: /cvs/ports/sysutils/netshot/Makefile,v
> > retrieving revision 1.7
> > diff -u -p -r1.7 Makefile
> > --- Makefile        12 Sep 2019 21:21:25 -0000      1.7
> > +++ Makefile        27 Oct 2019 20:46:40 -0000
> > @@ -2,7 +2,7 @@
> >  
> >  COMMENT =          config backup and policy check for network devices
> >  
> > -V =                        0.14.0
> > +V =                        0.14.1
> >  DISTNAME =         netshot_${V}
> >  PKGNAME =          ${DISTNAME:S/_/-/}
> >  WRKDIST =          ${WRKDIR}
> > Index: distinfo
> > ===================================================================
> > RCS file: /cvs/ports/sysutils/netshot/distinfo,v
> > retrieving revision 1.3
> > diff -u -p -r1.3 distinfo
> > --- distinfo        12 Sep 2019 21:21:25 -0000      1.3
> > +++ distinfo        27 Oct 2019 20:52:12 -0000
> > @@ -1,2 +1,2 @@
> > -SHA256 (netshot_0.14.0.zip) = 7HX9oTy/mWagcSvTPsgekNX7WTelHS7eu1lNUbNdOO8=
> > -SIZE (netshot_0.14.0.zip) = 45721309
> > +SHA256 (netshot_0.14.1.zip) = MpKMvBCtsvuEu1SyFxOYGHBO0Xzf4GRszy2DiH6pGUE=
> > +SIZE (netshot_0.14.1.zip) = 45722115
> > Index: patches/patch-netshot_conf
> > ===================================================================
> > RCS file: /cvs/ports/sysutils/netshot/patches/patch-netshot_conf,v
> > retrieving revision 1.3
> > diff -u -p -r1.3 patch-netshot_conf
> > --- patches/patch-netshot_conf      12 Sep 2019 21:21:25 -0000      1.3
> > +++ patches/patch-netshot_conf      27 Oct 2019 21:06:03 -0000
> > @@ -19,8 +19,8 @@ Index: netshot.conf
> >   netshot.db.encryptionpassword = netshot
> >   
> >   # REST
> > --netshot.http.ssl.keystore.file = /usr/local/netshot/netshot.jks
> > -+netshot.http.ssl.keystore.file = ${SYSCONFDIR}/netshot.jks
> > +-netshot.http.ssl.keystore.file = /usr/local/netshot/netshot.pfx
> > ++netshot.http.ssl.keystore.file = ${SYSCONFDIR}/netshot.pfx
> >   netshot.http.ssl.keystore.pass = password
> >   #netshot.http.baseurl = https://localhost
> >   netshot.http.baseurl = https://0.0.0.0
> > Index: pkg/PLIST
> > ===================================================================
> > RCS file: /cvs/ports/sysutils/netshot/pkg/PLIST,v
> > retrieving revision 1.2
> > diff -u -p -r1.2 PLIST
> > --- pkg/PLIST       12 Sep 2019 21:21:25 -0000      1.2
> > +++ pkg/PLIST       27 Oct 2019 21:15:46 -0000
> > @@ -18,6 +18,7 @@ share/examples/netshot/netshot.conf
> >  @group _netshot
> >  @sample ${SYSCONFDIR}/netshot.conf
> >  @extra ${SYSCONFDIR}/netshot.jks
> > +@extra ${SYSCONFDIR}/netshot.pfx
> >  @mode 0750
> >  @owner _netshot
> >  @sample ${VARBASE}/log/netshot/
> > Index: pkg/README
> > ===================================================================
> > RCS file: /cvs/ports/sysutils/netshot/pkg/README,v
> > retrieving revision 1.1
> > diff -u -p -r1.1 README
> > --- pkg/README      12 Sep 2019 21:21:25 -0000      1.1
> > +++ pkg/README      4 Feb 2020 16:14:35 -0000
> > @@ -26,12 +26,18 @@ MariaDB on the same host.
> >    might be modified to look like this:
> >    netshot.db.url = jdbc:mysql://localhost/netshot01?serverTimezone=UTC
> >  
> > -- Create a TLS certificate in a Java keystore:
> > -  # ${LOCALBASE}/jdk-1.8.0/bin/keytool -genkey -keyalg RSA -alias 
> > selfsigned \
> > -    -keystore ${SYSCONFDIR}/netshot.jks -storepass password -validity 3600 
> > \
> > -    -keysize 4096
> > -  # chmod 640 ${SYSCONFDIR}/netshot.jks
> > -  # chgrp _netshot ${SYSCONFDIR}/netshot.jks
> > +- Create a TLS key and certificate and put it in a keystore for Java:
> > +  # openssl req -new -x509 -days 825 \
> > +    -subj '/CN=netshot.example.com' \
> > +    -addext 'subjectAltName = DNS:netshot.example.com' \
> > +    -keyout ${SYSCONFDIR}/ssl/private/netshot.key \
> > +    -out ${SYSCONFDIR}/ssl/netshot.crt
> > +  # openssl pkcs12 -export -name netshot \
> > +    -in ${SYSCONFDIR}/ssl/netshot.crt \
> > +    -inkey ${SYSCONFDIR}/ssl/private/netshot.key \
> > +    -out ${SYSCONFDIR}/netshot.pfx
> > +  # chmod 640 ${SYSCONFDIR}/netshot.pfx
> > +  # chgrp _netshot ${SYSCONFDIR}/netshot.pfx
> >  
> >  - Enable and start Netshot to create the database tables.
> >    # rcctl enable netshot; rcctl start netshot
> > 
>  

Reply via email to