From 313fb4aa9ac647aa33634d77e7b3b551f59a4e82 Mon Sep 17 00:00:00 2001
From: Tony Mack <tmack@cs.princeton.edu>
Date: Thu, 15 Oct 2009 03:03:02 +0000
Subject: [PATCH] check peer_cert

---
 sfa/methods/get_gid.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/sfa/methods/get_gid.py b/sfa/methods/get_gid.py
index b6bf56a9..c63b1b77 100644
--- a/sfa/methods/get_gid.py
+++ b/sfa/methods/get_gid.py
@@ -34,6 +34,7 @@ class get_gid(Method):
     
     def call(self, cert, hrn, type, requestHash):
       
+        self.api.auth.verify_object_belongs_to_me(hrn)
         certificate = Certificate(string=cert) 
         table = GeniTable()
         records = table.find({'hrn': hrn, 'type': type})
@@ -43,8 +44,8 @@ class get_gid(Method):
         gidStr = record['gid']
         gid = GID(string=gidStr)
          
-        #if not certificate.is_pubkey(gid.get_pubkey()):
-        #    raise ConnectionKeyGIDMismatch(gid.get_subject())
+        if not certificate.is_pubkey(gid.get_pubkey()):
+            raise ConnectionKeyGIDMismatch(gid.get_subject())
         
         # authenticate the gid
         self.api.auth.authenticateGid(gidStr, [cert, hrn, type], requestHash)
-- 
2.47.0