dont verify request hash in auth.check()

author Tony Mack <tmack@cs.princeton.edu>

Thu, 15 Oct 2009 01:55:41 +0000 (01:55 +0000)

committer Tony Mack <tmack@cs.princeton.edu>

Thu, 15 Oct 2009 01:55:41 +0000 (01:55 +0000)
author Tony Mack <tmack@cs.princeton.edu>
Thu, 15 Oct 2009 01:55:41 +0000 (01:55 +0000)
committer Tony Mack <tmack@cs.princeton.edu>
Thu, 15 Oct 2009 01:55:41 +0000 (01:55 +0000)
diff --git a/sfa/trust/auth.py b/sfa/trust/auth.py

index 611a9ba..f15da14 100644 (file)
--- a/sfa/trust/auth.py
+++ b/sfa/trust/auth.py
@@ -45,6 +45,10 @@ class Auth:
          # make sure the client_gid is not blank
          if not self.client_gid:
              raise MissingCallerGID(self.client_cred.get_subject())
+       
+        # validate the client cert if it exists
+        if peer_cert:
+            self.verifyPeerCert()                   
  
          # make sure the client is allowed to perform the operation
          if operation:
author	Tony Mack <tmack@cs.princeton.edu>
	Thu, 15 Oct 2009 01:55:41 +0000 (01:55 +0000)
committer	Tony Mack <tmack@cs.princeton.edu>
	Thu, 15 Oct 2009 01:55:41 +0000 (01:55 +0000)