Increment serial number in gencert.

2007-10-17 10:48:55 -07:00 · 2007-10-17 10:48:55 -07:00 · ed90fe2333
commit ed90fe2333
parent 66920f1fbd
4 changed files with 6 additions and 2 deletions
--- a/fas/fas/fasLDAP.py
+++ b/fas/fas/fasLDAP.py
@ -354,6 +354,7 @@ class Person(object):
                    'givenName' : givenName,
                    'mail' : mail,
                    'fedoraPersonKeyId' : '',
+                    'fedoraPersonCertSerial' : -1,
                    'description' : '',
                    'fedoraPersonCreationDate' : str(now),
                    'telephoneNumber' : telephoneNumber,
--- a/fas/fas/user.py
+++ b/fas/fas/user.py
@ -347,6 +347,7 @@ class User(controllers.Controller):
    def gencert(self):
      from fas.openssl_fas import *
      user = Person.byUserName(turbogears.identity.current.user_name)
+      user.fedoraPersonCertSerial = int(user.fedoraPersonCertSerial) + 1

      pkey = createKeyPair(TYPE_RSA, 1024);

@ -367,7 +368,7 @@ class User(controllers.Controller):
          emailAddress=user.mail,
          )

-      cert = createCertificate(req, (cacert, cakey), 0, (0, expire), digest='md5')
+      cert = createCertificate(req, (cacert, cakey), int(user.fedoraPersonCertSerial), (0, expire), digest='md5')
      certdump = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
      keydump = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
      return dict(cert=certdump, key=keydump)
--- a/fas/ldap/52fc-fedora-person.ldif
+++ b/fas/ldap/52fc-fedora-person.ldif
@ -10,8 +10,9 @@ attributeTypes: ( 2.5.444.16 NAME 'fedoraPersonIrcNick' DESC 'irc nick of the us
 attributetypes: ( 2.5.444.17 NAME 'fedoraPersonCreationDate' DESC 'date entry was created' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
 attributeTypes: ( 2.5.444.18 NAME 'fedoraPersonApprovalStatus' DESC 'users approval status' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} )
 attributeTypes: ( 2.5.444.19 NAME 'fedoraPersonKeyId' DESC 'users GPG key ID' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{50} )
+attributeTypes: ( 2.5.444.22 NAME 'fedoraPersonCertSerial' DESC 'users SSL cert serial' EQUALITY IntegerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
 # fedoraPerson
 # The fedoraPerson represents people who are a member of the fedora project
 # in some way.  It is a structural class and inherits
 # from the inetOrgPerson class
-objectClasses:	( 2.5.555.1 NAME 'fedoraPerson' DESC 'A member of the fedoraproject group' SUP inetOrgPerson STRUCTURAL MUST ( fedoraPersonSshKey $ mail $ fedoraPersonCreationDate ) MAY  (fedoraPersonIrcNick $ fedoraPersonApprovalStatus $ fedoraPersonBugzillaMail $ fedoraPersonKeyId ) )
+objectClasses:	( 2.5.555.1 NAME 'fedoraPerson' DESC 'A member of the fedoraproject group' SUP inetOrgPerson STRUCTURAL MUST ( fedoraPersonSshKey $ mail $ fedoraPersonCreationDate ) MAY  (fedoraPersonIrcNick $ fedoraPersonApprovalStatus $ fedoraPersonBugzillaMail $ fedoraPersonKeyId $ fedoraPersonCertSerial ) )
--- a/fas/ldap/PgToLDAP.py
+++ b/fas/ldap/PgToLDAP.py
@ -241,6 +241,7 @@ def main():
 	    userLdif.append(["cn",[str(user[1])]])
 	    userLdif.append(["givenName",[str(user[3])]])
 	    userLdif.append(["fedoraPersonKeyId",[str(user[4])]])
+	    userLdif.append(["fedoraPersonCertSerial",'-1'])
 	    userLdif.append(["fedoraPersonSshKey",[str(user[5])]])
 	    userLdif.append(["userPassword",[encode_SSHA_password(str(user[6]))]])
 	    userLdif.append(["postalAddress",[str(user[8])]])