Commit b7efd342 authored by Leigh Stoller's avatar Leigh Stoller

Fix up deletion of sslcert derived key; they were not getting deleted

when regenerating your key. Also pass new flag to addpubkey to make the
key as internal.
parent 3f0c3934
......@@ -657,11 +657,19 @@ if ($encrypted) {
or fatal("Could not extract ssh pubkey from $pemfile");
#
# And add the pubkey to the DB. Mark it as nodelete and that it should
# remove existing key with same comment.
# Need to remove the current ssh pubkey from the database, but we just
# updated the new serial number so the comment is no longer valid for
# lookup.
#
$target_user->DeleteSSLCertSSHKey();
#
# And add the pubkey to the DB. Mark it as nodelete and
# as internal since we do not want to delete these except when
# creating a new certificate.
#
$EUID = $UID;
system("$ADDKEY -s -N -R -C $comment -u $user_uid ".
system("$ADDKEY -s -N -I -C $comment -u $user_uid ".
" -f $sshdir/encrypted.pub")
== 0 or fatal("Could not add pubkey $sshdir/encrypted.pub");
}
......
......@@ -213,6 +213,10 @@ sub nonlocal_id($) { return field($_[0], "nonlocal_id"); }
sub nonlocal_type($) { return field($_[0], "nonlocal_type"); }
sub IsLocal($) { return (defined($_[0]->nonlocal_id()) ? 0 : 1); };
sub IsNonLocal($) { return (defined($_[0]->nonlocal_id()) ? 1 : 0); };
sub genesis($) { return field($_[0], "genesis"); }
sub isAPT($) { return $_[0]->genesis() eq "aptlab" ? 1 : 0; }
sub isCloud($) { return $_[0]->genesis() eq "cloudlab" ? 1 : 0; }
sub isEmulab($) { return $_[0]->genesis() eq "emulab" ? 1 : 0; }
# Temporary data storage ... useful.
sub GetTempData($$) { return field($_[0], "tempdata"); }
......@@ -1199,6 +1203,45 @@ sub GetSSHKeys($$)
return 0;
}
#
# Look to see if ssh key is a current key for user.
#
sub LookupSSHKey($$)
{
my ($self, $sshkey) = @_;
my $uid_idx = $self->uid_idx();
#
# Strip off the comment.
#
if ($sshkey =~ /(.+)\s+(.*)\s*$/) {
$sshkey = $1;
}
my $safe_key = DBQuoteSpecial($sshkey . '%');
my $query_result =
DBQueryWarn("select idx from user_pubkeys ".
"where uid_idx='$uid_idx' and pubkey like $safe_key");
return 0
if (!defined($query_result));
return $query_result->numrows;
}
sub DeleteSSLCertSSHKey($)
{
my ($self) = @_;
my $uid_idx = $self->uid_idx();
my $query_result =
DBQueryWarn("delete from user_pubkeys ".
"where uid_idx='$uid_idx' and internal=1 and ".
" comment like 'sslcert:'");
return 0
if (!defined($query_result));
return $query_result->numrows;
}
#
# Delete ssh keys, except for emulab created keys.
#
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment