Merge "Document Security section of the Release Notes"

diff --git a/auth/docker/d.props b/auth/docker/d.props
index 4522c2b..e56d459 100644 (file)
--- a/auth/docker/d.props
+++ b/auth/docker/d.props
@@ -3,6 +3,7 @@ ORG=onap
 PROJECT=aaf
 DOCKER_REPOSITORY=nexus3.onap.org:10003
 OLD_VERSION=2.1.0-SNAPSHOT
+NEW_VERSION=2.1.1
 VERSION=2.1.1-SNAPSHOT
 CONF_ROOT_DIR=/opt/app/osaaf
 

diff --git a/auth/docker/dbuild.sh b/auth/docker/dbuild.sh
index f5b4dee..ce29917 100755 (executable)
--- a/auth/docker/dbuild.sh
+++ b/auth/docker/dbuild.sh
@@ -18,6 +18,7 @@ for AAF_COMPONENT in ${AAF_COMPONENTS}; do
         cd ..
         docker build -t ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_${AAF_COMPONENT}:${VERSION}  aaf_${VERSION}
                docker tag ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_${AAF_COMPONENT}:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_${AAF_COMPONENT}:${OLD_VERSION}
+               docker tag ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_${AAF_COMPONENT}:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_${AAF_COMPONENT}:${NEW_VERSION}
         rm aaf_${VERSION}/Dockerfile
         cd -
 done

diff --git a/auth/docker/dpush.sh b/auth/docker/dpush.sh
index 8d0c2f6..7812979 100644 (file)
--- a/auth/docker/dpush.sh
+++ b/auth/docker/dpush.sh
@@ -13,5 +13,6 @@ fi
 for AAF_COMPONENT in ${AAF_COMPONENTS}; do
         docker push ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_${AAF_COMPONENT}:${OLD_VERSION}
                docker push ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_${AAF_COMPONENT}:${VERSION}
+               docker push ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_${AAF_COMPONENT}:${NEW_VERSION}
 
 done

diff --git a/auth/sample/local/org.osaaf.aaf.p12 b/auth/sample/local/org.osaaf.aaf.p12
index 1e1ce69..ac1dece 100644 (file)
Binary files a/auth/sample/local/org.osaaf.aaf.p12 and b/auth/sample/local/org.osaaf.aaf.p12 differ

diff --git a/conf/CA/intermediate.sh b/conf/CA/intermediate.sh
deleted file mode 100644 (file)
index b207150..0000000
--- a/conf/CA/intermediate.sh
+++ /dev/null
@@ -1,57 +0,0 @@
-#
-# Initialize a manual Cert.  This is NOT entered in Certman Records
-#
-  if [ -e intermediate.serial ]; then
-    ((SERIAL=`cat intermediate.serial` + 1))
-  else
-    SERIAL=1
-  fi
-  echo $SERIAL > intermediate.serial
-DIR=intermediate_$SERIAL
-
-mkdir -p $DIR/private $DIR/certs $DIR/newcerts
-chmod 700 $DIR/private
-chmod 755 $DIR/certs $DIR/newcerts
-touch $DIR/index.txt
-if [ ! -e $DIR/serial ]; then
-  echo '01' > $DIR/serial
-fi
-cp manual.sh p12.sh subject.aaf $DIR
-
-if [  "$1" == "" ]; then
-  CN=intermediateCA_$SERIAL
-else
-  CN=$1
-fi
-
-SUBJECT="/CN=$CN`cat subject.aaf`"
-echo $SUBJECT
-  echo "IMPORTANT: If for any reason, you kill this process, type 'stty sane'"
-  echo "Enter the PassPhrase for the Key for $CN: "
-  `stty -echo`
-  read PASSPHRASE
-  `stty echo`
- 
-  # Create a regaular rsa encrypted key
-  openssl req -new -newkey rsa:4096 -sha256 -keyout $DIR/private/ca.key \
-          -out $DIR/$CN.csr -outform PEM -subj "$SUBJECT" \
-          -passout stdin  << EOF
-$PASSPHRASE
-EOF
-
-  chmod 400 $DIR/private/$CN.key 
-  openssl req -verify -text -noout -in $DIR/$CN.csr
-
-  # Sign it
-  openssl ca -config openssl.conf -extensions v3_intermediate_ca \
-     -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
-       -infiles $DIR/$CN.csr
-
-    openssl x509 -text -noout -in $DIR/certs/ca.crt
-
-
-     openssl verify -CAfile certs/ca.crt $DIR/certs/ca.crt
-
-
-
-

diff --git a/conf/CA/newIntermediate.sh b/conf/CA/newIntermediate.sh
index 88b524b..9410305 100644 (file)
--- a/conf/CA/newIntermediate.sh
+++ b/conf/CA/newIntermediate.sh
@@ -44,7 +44,8 @@ EOF
 
   # Sign it
   openssl ca -config openssl.conf -extensions v3_intermediate_ca \
-     -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
+       -days 1826 \
+       -cert certs/ca.crt -keyfile private/ca.key -out $DIR/certs/ca.crt \
        -infiles $DIR/$CN.csr
 
     openssl x509 -text -noout -in $DIR/certs/ca.crt