declare speaks_for_gid

author Tony Mack <tmack@paris.CS.Princeton.EDU>

Fri, 23 May 2014 13:47:30 +0000 (09:47 -0400)

committer Tony Mack <tmack@paris.CS.Princeton.EDU>

Fri, 23 May 2014 13:47:30 +0000 (09:47 -0400)
author Tony Mack <tmack@paris.CS.Princeton.EDU>
Fri, 23 May 2014 13:47:30 +0000 (09:47 -0400)
committer Tony Mack <tmack@paris.CS.Princeton.EDU>
Fri, 23 May 2014 13:47:30 +0000 (09:47 -0400)
diff --git a/sfa/trust/auth.py b/sfa/trust/auth.py

index 1ffcbe9..65ce3fc 100644 (file)
--- a/sfa/trust/auth.py
+++ b/sfa/trust/auth.py
@@ -69,6 +69,11 @@ class Auth:
          if not hrns: hrns = [None]
          error=[None,None]
  
+        # if speaks for gid matches caller cert then we've found a valid
+        # speaks for credential      
+        speaks_for_gid = determine_speaks_for(logger, creds, self.peer_cert, \
+                                              options, self.trusted_cert_list)
+
          if self.peer_cert and \
             not self.peer_cert.is_pubkey(speaks_for_gid.get_pubkey()):
              valid = creds
author	Tony Mack <tmack@paris.CS.Princeton.EDU>
	Fri, 23 May 2014 13:47:30 +0000 (09:47 -0400)
committer	Tony Mack <tmack@paris.CS.Princeton.EDU>
	Fri, 23 May 2014 13:47:30 +0000 (09:47 -0400)