diff options
author | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2008-08-06 18:05:30 +0000 |
---|---|---|
committer | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2008-08-06 18:05:30 +0000 |
commit | aa977c69563d670b4f1cf172ba6b6b087f59687c (patch) | |
tree | f70c8162e502aa11e91492b388b46c553680b31a /pki/base/common/src/com/netscape/cms/profile | |
parent | bf11408fdcf61fd017b5721c1bf9b8863b98fbbd (diff) | |
download | pki-aa977c69563d670b4f1cf172ba6b6b087f59687c.tar.gz pki-aa977c69563d670b4f1cf172ba6b6b087f59687c.tar.xz pki-aa977c69563d670b4f1cf172ba6b6b087f59687c.zip |
457983 CA certificate enrollment profile framework allows user-specified extensions by default
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@74 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/profile')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java | 3 | ||||
-rw-r--r-- | pki/base/common/src/com/netscape/cms/profile/def/UserExtensionDefault.java | 13 |
2 files changed, 13 insertions, 3 deletions
diff --git a/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java b/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java index 841e07573..9a8183a5e 100644 --- a/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java +++ b/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java @@ -933,7 +933,8 @@ public abstract class EnrollProfile extends BasicProfile CertificateExtensions exts = new CertificateExtensions(extIn); if (exts != null) { CMS.debug("Set extensions " + exts); - info.set(X509CertInfo.EXTENSIONS, exts); + // info.set(X509CertInfo.EXTENSIONS, exts); + req.setExtData(REQUEST_EXTENSIONS, exts); } } else { CMS.debug("PKCS10 extension Not Found"); diff --git a/pki/base/common/src/com/netscape/cms/profile/def/UserExtensionDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/UserExtensionDefault.java index 5be4198ca..cc956412e 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/UserExtensionDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/UserExtensionDefault.java @@ -135,11 +135,20 @@ public class UserExtensionDefault extends EnrollExtDefault { public void populate(IRequest request, X509CertInfo info) throws EProfileException { CertificateExtensions inExts = null; + String oid = getConfig(CONFIG_OID); inExts = request.getExtDataInCertExts(IEnrollProfile.REQUEST_EXTENSIONS); + if (inExts == null) + return; Extension ext = getExtension(getConfig(CONFIG_OID), inExts); - if (ext == null) + if (ext == null) { + CMS.debug("UserExtensionDefault: no user ext supplied for "+ oid); return; - addExtension(getConfig(CONFIG_OID), ext, info); + } + + // user supplied the ext that's allowed, replace the def set by system + deleteExtension(oid, info); + CMS.debug("UserExtensionDefault: using user supplied ext for "+ oid); + addExtension(oid, ext, info); } } |