alexvanin/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity

Check at the cert type instead of at the body.

Browse source
This commit is contained in:
Mariano Cano 2019-11-27 14:48:14 -08:00 committed by max furman
parent 5d7829b198
commit f6ffa2cc43
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
api/ssh.go
View file

@ -56,7 +56,7 @@ func (s *SSHSignRequest) Validate() error {
// Validate identity signature if provided // Validate identity signature if provided
if s.IdentityCSR.CertificateRequest != nil { if s.IdentityCSR.CertificateRequest != nil {
if err := s.IdentityCSR.CertificateRequest.CheckSignature(); err != nil { if err := s.IdentityCSR.CertificateRequest.CheckSignature(); err != nil {
return errors.Wrap(err, "invalid csr") return errors.Wrap(err, "invalid identityCSR")
} }
} }
return nil return nil
@ -308,7 +308,7 @@ func (h *caHandler) SSHSign(w http.ResponseWriter, r *http.Request) {
if cr := body.IdentityCSR.CertificateRequest; cr != nil { if cr := body.IdentityCSR.CertificateRequest; cr != nil {
var opts provisioner.Options var opts provisioner.Options
// Use same duration as ssh certificate for user certificates // Use same duration as ssh certificate for user certificates
if body.CertType == provisioner.SSHUserCert { if cert.CertType == ssh.UserCert {
opts = provisioner.Options{ opts = provisioner.Options{
NotBefore: provisioner.NewTimeDuration(time.Unix(int64(cert.ValidAfter), 0)), NotBefore: provisioner.NewTimeDuration(time.Unix(int64(cert.ValidAfter), 0)),
NotAfter: provisioner.NewTimeDuration(time.Unix(int64(cert.ValidBefore), 0)), NotAfter: provisioner.NewTimeDuration(time.Unix(int64(cert.ValidBefore), 0)),