correctly include email in subjectAltName section of user certificates/gids

[sfa.git] / sfa / trust / gid.py

diff --git a/sfa/trust/gid.py b/sfa/trust/gid.py
index 8d1017f..96d375e 100644 (file)
--- a/sfa/trust/gid.py
+++ b/sfa/trust/gid.py
@@ -80,9 +80,9 @@ class GID(Certificate):
     # @param filename If filename!=None, load the GID from a file
     # @param lifeDays life of GID in days - default is 1825==5 years
 
-    def __init__(self, create=False, subject=None, string=None, filename=None, uuid=None, hrn=None, urn=None, lifeDays=1825):
+    def __init__(self, create=False, subject=None, string=None, filename=None, uuid=None, hrn=None, urn=None, lifeDays=1825, email=None):
         
-        Certificate.__init__(self, lifeDays, create, subject, string, filename)
+        Certificate.__init__(self, lifeDays, create, subject, string, filename, email=email)
         if subject:
             logger.debug("Creating GID for subject: %s" % subject)
         if uuid:
@@ -158,8 +158,6 @@ class GID(Certificate):
 
         self.set_data(str, 'subjectAltName')
 
-        
-
 
     ##
     # Decode the subject-alt-name field of the X509 certificate into the
@@ -251,7 +249,7 @@ class GID(Certificate):
             #    trusted_hrn = trusted_hrn[:trusted_hrn.rindex('.')]
             cur_hrn = self.get_hrn()
             if not hrn_authfor_hrn(trusted_hrn, cur_hrn):
-                raise GidParentHrn("Trusted root with HRN %s isn't a namespace authority for this cert %s" % (trusted_hrn, cur_hrn))
+                raise GidParentHrn("Trusted root with HRN %s isn't a namespace authority for this cert: %s" % (trusted_hrn, cur_hrn))
 
             # There are multiple types of authority - accept them all here
             if not trusted_type.find('authority') == 0: