import club.wpia.gigi.util.PEM;
import club.wpia.gigi.util.RateLimit;
import club.wpia.gigi.util.ServerConstants;
+import club.wpia.gigi.util.TimeConditions;
import sun.security.pkcs.PKCS9Attribute;
import sun.security.pkcs10.PKCS10;
import sun.security.pkcs10.PKCS10Attribute;
valid = false;
}
}
- } else if (san.getType() == SANType.EMAIL) {
- if (emailTemp != null && owner.isValidEmail(san.getName())) {
+ } else if (san.getType() == SANType.EMAIL && emailTemp != null) {
+ if (owner.isValidEmail(san.getName())) {
if (pMail != null && !emailTemp.isMultiple()) {
// remove
} else {
filteredSANs.add(san);
continue;
}
+ } else {
+ // remove
+ error.mergeInto(new GigiApiException(SprintfCommand.createSimple(//
+ "The requested subject alternate name email address \"{0}\" needs a verification via email ping within the past {1} months.", san.getType().toString().toLowerCase() + ":" + san.getName(), TimeConditions.getInstance().getEmailPingMonths())));
+ break;
}
}
error.mergeInto(new GigiApiException(SprintfCommand.createSimple(//
subject.put("OU", ou);
}
}
- System.out.println(subject);
+
if ( !error.isEmpty()) {
throw error;
}
User u = (User) ctx.getTarget();
if (name != null && u.isValidName(name)) {
if (realIsOK) {
- verifiedCN = name;
+ if (u.isValidNameVerification(name)) {
+ verifiedCN = name;
+ } else {
+ error.mergeInto(new GigiApiException(SprintfCommand.createSimple("The entered name needs a valid verification within the last {0} months.", TimeConditions.getInstance().getVerificationMonths())));
+ }
} else {
error.mergeInto(new GigiApiException("Your real name is not allowed in this certificate."));
if (defaultIsOK) {