From e8f8f671e9a95aa3daa42a6a6d8793c070edcea7 Mon Sep 17 00:00:00 2001
From: Dennis Gilmore <dennis@ausil.us>
Date: Sun, 30 Mar 2008 23:01:39 -0500
Subject: Version 0.3.0 We now use pyOpenSSL to get username and check that the
 cert is valid

---
 src/fedora-cvs.py | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

(limited to 'src/fedora-cvs.py')

diff --git a/src/fedora-cvs.py b/src/fedora-cvs.py
index 3ca9bb8..956ecc8 100755
--- a/src/fedora-cvs.py
+++ b/src/fedora-cvs.py
@@ -4,6 +4,7 @@ import os
 import string
 import sys
 import commands
+from OpenSSL import crypto
 
 def readUser():
     ''' sample line "Subject: C=US, ST=North Carolina, O=Fedora Project, OU=Dennis Gilmore, CN=ausil/emailAddress=dennis@ausil.us" '''
@@ -14,14 +15,14 @@ def readUser():
         print "!!!    cannot read your ~/.fedora.cert file   !!!"
         print "!!! Ensure the file is readable and try again !!!"
         os.exit(1)
-    for certLine in  userCert.split("\n"):
-        if not len(certLine):
-            continue
-        stripCertLine = certLine.strip()
-        if stripCertLine.startswith("Subject: "):
-            subjectLine = certLine.split("CN=")
-            name = subjectLine[1].split("/")
-            return name[0]
+    myCert = crypto.load_certificate(1, userCert)
+    if myCert.has_expired():
+        print "Certificate expired please get a new one"
+        sys.exit(1)
+    subject = str(myCert.get_subject())
+    subjectLine = subject.split("CN=")
+    name = subjectLine[1].split("/")
+    return name[0]
       
 
 def cvsco(user, module):
-- 
cgit