X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;ds=sidebyside;f=sfa%2Ftrust%2Fhierarchy.py;h=dc66ef80ce708151b45639c598c996fd4ca0cea5;hb=1e95f8a388325499564df5f8eb6eb1fd10ca2d42;hp=89bebcc6c417d9d586b0a82c4aa75e2fa792c17d;hpb=9c4523e9a0ea8ca5b578b3fe0182508705962f9b;p=sfa.git

diff --git a/sfa/trust/hierarchy.py b/sfa/trust/hierarchy.py
index 89bebcc6..dc66ef80 100644
--- a/sfa/trust/hierarchy.py
+++ b/sfa/trust/hierarchy.py
@@ -21,7 +21,7 @@ from sfa.trust.certificate import Keypair
 from sfa.trust.credential import Credential
 from sfa.trust.gid import GID, create_uuid
 from sfa.util.config import Config
-from sfa.util.sfaticket import SfaTicket
+from sfa.trust.sfaticket import SfaTicket
 
 ##
 # The AuthInfo class contains the information for an authority. This information
@@ -229,7 +229,7 @@ class Hierarchy:
     # @param uuid the unique identifier to store in the GID
     # @param pkey the public key to store in the GID
 
-    def create_gid(self, xrn, uuid, pkey):
+    def create_gid(self, xrn, uuid, pkey, CA=False):
         hrn, type = urn_to_hrn(xrn)
         parent_hrn = get_authority(hrn)
         # Using hrn_to_urn() here to make sure the urn is in the right format
@@ -239,9 +239,16 @@ class Hierarchy:
         gid = GID(subject=hrn, uuid=uuid, hrn=hrn, urn=urn)
 
         # is this a CA cert
-        if hrn == self.config.SFA_INTERFACE_HRN or \
-           or not parent_hrn or 'authority' in type:
+        if hrn == self.config.SFA_INTERFACE_HRN or not parent_hrn:
+            # root or sub authority  
             gid.set_intermediate_ca(True)
+        elif type and 'authority' in type:
+            # authority type
+            gid.set_intermediate_ca(True)
+        elif CA:
+            gid.set_intermediate_ca(True)
+        else:
+            gid.set_intermediate_ca(False)
 
         # set issuer
         if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN: