From ed90fe2333b42ad25346615d849c0a677cd6d5a8 Mon Sep 17 00:00:00 2001 From: Ricky Zhou Date: Wed, 17 Oct 2007 10:48:55 -0700 Subject: [PATCH] Increment serial number in gencert. --- fas/fas/fasLDAP.py | 1 + fas/fas/user.py | 3 ++- fas/ldap/52fc-fedora-person.ldif | 3 ++- fas/ldap/PgToLDAP.py | 1 + 4 files changed, 6 insertions(+), 2 deletions(-) diff --git a/fas/fas/fasLDAP.py b/fas/fas/fasLDAP.py index e06ea99..fa0a71b 100644 --- a/fas/fas/fasLDAP.py +++ b/fas/fas/fasLDAP.py @@ -354,6 +354,7 @@ class Person(object): 'givenName' : givenName, 'mail' : mail, 'fedoraPersonKeyId' : '', + 'fedoraPersonCertSerial' : -1, 'description' : '', 'fedoraPersonCreationDate' : str(now), 'telephoneNumber' : telephoneNumber, diff --git a/fas/fas/user.py b/fas/fas/user.py index 06b36c4..4224940 100644 --- a/fas/fas/user.py +++ b/fas/fas/user.py @@ -347,6 +347,7 @@ class User(controllers.Controller): def gencert(self): from fas.openssl_fas import * user = Person.byUserName(turbogears.identity.current.user_name) + user.fedoraPersonCertSerial = int(user.fedoraPersonCertSerial) + 1 pkey = createKeyPair(TYPE_RSA, 1024); @@ -367,7 +368,7 @@ class User(controllers.Controller): emailAddress=user.mail, ) - cert = createCertificate(req, (cacert, cakey), 0, (0, expire), digest='md5') + cert = createCertificate(req, (cacert, cakey), int(user.fedoraPersonCertSerial), (0, expire), digest='md5') certdump = crypto.dump_certificate(crypto.FILETYPE_PEM, cert) keydump = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey) return dict(cert=certdump, key=keydump) diff --git a/fas/ldap/52fc-fedora-person.ldif b/fas/ldap/52fc-fedora-person.ldif index e61c35d..03e448a 100644 --- a/fas/ldap/52fc-fedora-person.ldif +++ b/fas/ldap/52fc-fedora-person.ldif @@ -10,8 +10,9 @@ attributeTypes: ( 2.5.444.16 NAME 'fedoraPersonIrcNick' DESC 'irc nick of the us attributetypes: ( 2.5.444.17 NAME 'fedoraPersonCreationDate' DESC 'date entry was created' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) attributeTypes: ( 2.5.444.18 NAME 'fedoraPersonApprovalStatus' DESC 'users approval status' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} ) attributeTypes: ( 2.5.444.19 NAME 'fedoraPersonKeyId' DESC 'users GPG key ID' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} ) +attributeTypes: ( 2.5.444.22 NAME 'fedoraPersonCertSerial' DESC 'users SSL cert serial' EQUALITY IntegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) # fedoraPerson # The fedoraPerson represents people who are a member of the fedora project # in some way. It is a structural class and inherits # from the inetOrgPerson class -objectClasses: ( 2.5.555.1 NAME 'fedoraPerson' DESC 'A member of the fedoraproject group' SUP inetOrgPerson STRUCTURAL MUST ( fedoraPersonSshKey $ mail $ fedoraPersonCreationDate ) MAY (fedoraPersonIrcNick $ fedoraPersonApprovalStatus $ fedoraPersonBugzillaMail $ fedoraPersonKeyId ) ) +objectClasses: ( 2.5.555.1 NAME 'fedoraPerson' DESC 'A member of the fedoraproject group' SUP inetOrgPerson STRUCTURAL MUST ( fedoraPersonSshKey $ mail $ fedoraPersonCreationDate ) MAY (fedoraPersonIrcNick $ fedoraPersonApprovalStatus $ fedoraPersonBugzillaMail $ fedoraPersonKeyId $ fedoraPersonCertSerial ) ) diff --git a/fas/ldap/PgToLDAP.py b/fas/ldap/PgToLDAP.py index c5cabda..70fe111 100755 --- a/fas/ldap/PgToLDAP.py +++ b/fas/ldap/PgToLDAP.py @@ -241,6 +241,7 @@ def main(): userLdif.append(["cn",[str(user[1])]]) userLdif.append(["givenName",[str(user[3])]]) userLdif.append(["fedoraPersonKeyId",[str(user[4])]]) + userLdif.append(["fedoraPersonCertSerial",'-1']) userLdif.append(["fedoraPersonSshKey",[str(user[5])]]) userLdif.append(["userPassword",[encode_SSHA_password(str(user[6]))]]) userLdif.append(["postalAddress",[str(user[8])]])