Commit 2b5246b9 authored by Leigh B Stoller's avatar Leigh B Stoller
Browse files

Add "internal" and "nodelete" flags to the pubkeys table so that we

can stop using the comment field to determine which keys are the ones
generated by emulab. Internal keys are the unencrypted keys created
for users. They are also nodelete, but we also mark the ssh public
derived from the user's encrypted ssl certificate as nodelete.
parent a78fd522
......@@ -3897,6 +3897,8 @@ CREATE TABLE `user_pubkeys` (
`uid` varchar(8) NOT NULL default '',
`uid_idx` mediumint(8) unsigned NOT NULL default '0',
`idx` int(10) unsigned NOT NULL auto_increment,
`internal` tinyint(1) NOT NULL default '0',
`nodelete` tinyint(1) NOT NULL default '0',
`pubkey` text,
`stamp` datetime default NULL,
`comment` varchar(128) NOT NULL default '',
......
#
# Tweak the ssh table to prevent deletion of internal keys.
#
use strict;
use libdb;
use EmulabConstants;
sub DoUpdate($$$)
{
my ($dbhandle, $dbname, $version) = @_;
my $OURDOMAIN = $EmulabConstants::OURDOMAIN;
#
# Mark the unencrypted Emulab generated keys as internal so we
# know which ones they are.
#
if (!DBSlotExists("user_pubkeys", "internal")) {
DBQueryFatal("ALTER TABLE user_pubkeys ADD ".
" `internal` tinyint(1) NOT NULL default '0' ".
" after idx");
}
#
# Other keys can be marked nodelete so that user cannot remove them.
#
if (!DBSlotExists("user_pubkeys", "nodelete")) {
DBQueryFatal("ALTER TABLE user_pubkeys ADD ".
" `nodelete` tinyint(1) NOT NULL default '0' ".
" after internal");
}
DBQueryFatal("update user_pubkeys set internal=1 ".
"where comment like '%\@${OURDOMAIN}' and ".
" comment=concat(uid, '\@${OURDOMAIN}')");
return 0;
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment