| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| dont-require-an-nss-database.diff | Don't require an NSS database in cm_certread_n_parse If CM_DEFAULT_CERT_STORAGE_LOCATION points to a non-existant NSS database then parsing certificates will fail. This is noticable during IPA install when the CA certificates are tracked and the database doesn't exist. If the NSS Init fails then certmonger thinks there is no cert at all and tries to obtain a new one, only to fail again and again because of the failed parsing. This function only loads the certificate to parse out attributes from the certificate. It already initialized with NSS_INIT_NOCERTDB, NSS_INIT_READONLY and NSS_INIT_NOROOTINIT which basically says only initialize the volatile certdb, read-only and don't load root certificates. So not far from NSS_NoDB_Init. Adding the NSS_INIT_NOMODDB causes it to not open the security module database and only initialize its own softoken. This is sufficient to load a certificate from PEM and parse it. |
Rob Crittenden <rcritten@redhat.com> | no | 2023-03-17 | ||
| cross.patch | no | |||||
| fix-keythi-h-path.diff | Fix configure test to find keythi.h | no | ||||
| fix-service-environment.diff | fix the environment file path | no | ||||
| use-dbus-run-session.diff | no |