upd: use serials lowercase-only

author Felix Dörre <felix@dogcraft.de>

Sun, 11 Sep 2016 08:46:54 +0000 (10:46 +0200)

committer Felix Dörre <felix@dogcraft.de>

Mon, 12 Sep 2016 21:54:31 +0000 (23:54 +0200)
author Felix Dörre <felix@dogcraft.de>
Sun, 11 Sep 2016 08:46:54 +0000 (10:46 +0200)
committer Felix Dörre <felix@dogcraft.de>
Mon, 12 Sep 2016 21:54:31 +0000 (23:54 +0200)
diff --git a/src/org/cacert/gigi/api/CATSResolve.java b/src/org/cacert/gigi/api/CATSResolve.java

index 1b25e9d5dd241c49d8e04f94272ad9b505ff1670..0e9f2a01e08bfc71f8a7760e0485d256936d02ba 100644 (file)
--- a/src/org/cacert/gigi/api/CATSResolve.java
+++ b/src/org/cacert/gigi/api/CATSResolve.java
@@ -29,7 +29,7 @@ public class CATSResolve extends APIPoint {
              return;
          }
  
              return;
          }
  
-        CertificateOwner o = CertificateOwner.getByEnabledSerial(target);
+        CertificateOwner o = CertificateOwner.getByEnabledSerial(target.toLowerCase());
          if ( !(o instanceof User)) {
              resp.sendError(500, "Error, requires valid serial");
              return;
          if ( !(o instanceof User)) {
              resp.sendError(500, "Error, requires valid serial");
              return;
diff --git a/src/org/cacert/gigi/dbObjects/CertificateOwner.java b/src/org/cacert/gigi/dbObjects/CertificateOwner.java

index cc96ade7c39a5f3e532986cf3ed68a5378f0f24b..ab854bccd1e0dd40eab1b9b17a8cb5e7f8b07b9c 100644 (file)
--- a/src/org/cacert/gigi/dbObjects/CertificateOwner.java
+++ b/src/org/cacert/gigi/dbObjects/CertificateOwner.java
@@ -127,7 +127,7 @@ public abstract class CertificateOwner implements IdCachable, Serializable {
  
      public static CertificateOwner getByEnabledSerial(String serial) {
          try (GigiPreparedStatement prep = new GigiPreparedStatement("SELECT `memid` FROM `certs` INNER JOIN `logincerts` ON `logincerts`.`id`=`certs`.`id` WHERE serial=? AND `revoked` is NULL")) {
  
      public static CertificateOwner getByEnabledSerial(String serial) {
          try (GigiPreparedStatement prep = new GigiPreparedStatement("SELECT `memid` FROM `certs` INNER JOIN `logincerts` ON `logincerts`.`id`=`certs`.`id` WHERE serial=? AND `revoked` is NULL")) {
-            prep.setString(1, serial.toLowerCase());
+            prep.setString(1, serial);
              GigiResultSet res = prep.executeQuery();
              if (res.next()) {
                  return getById(res.getInt(1));
              GigiResultSet res = prep.executeQuery();
              if (res.next()) {
                  return getById(res.getInt(1));
diff --git a/src/org/cacert/gigi/pages/LoginPage.java b/src/org/cacert/gigi/pages/LoginPage.java

index 5232c09446733bfd3e8290fd200f44fa83f24a31..69b05887bb0babd9d381603504031e8cccb55d2e 100644 (file)
--- a/src/org/cacert/gigi/pages/LoginPage.java
+++ b/src/org/cacert/gigi/pages/LoginPage.java
@@ -164,11 +164,11 @@ public class LoginPage extends Page {
      }
  
      public static String extractSerialFormCert(X509Certificate x509Certificate) {
      }
  
      public static String extractSerialFormCert(X509Certificate x509Certificate) {
-        return x509Certificate.getSerialNumber().toString(16).toUpperCase();
+        return x509Certificate.getSerialNumber().toString(16).toLowerCase();
      }
  
      public static User fetchUserBySerial(String serial) {
      }
  
      public static User fetchUserBySerial(String serial) {
-        if ( !serial.matches("[A-Fa-f0-9]+")) {
+        if ( !serial.matches("[a-f0-9]+")) {
              throw new Error("serial malformed.");
          }
  
              throw new Error("serial malformed.");
          }
  
diff --git a/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java b/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java

index 4d6529db3197554802749bfefeee3430c04db9aa..cbce25d49e17fa30e573b6b57582ed3df4432ea9 100644 (file)
--- a/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java
+++ b/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java
@@ -378,9 +378,9 @@ public class TestCertificateAdd extends ClientTest {
      @Test
      public void testSetLoginEnabled() throws IOException, GeneralSecurityException {
          X509Certificate parsedLoginNotEnabled = createCertWithValidity("&validFrom=now&validity=1m", false);
      @Test
      public void testSetLoginEnabled() throws IOException, GeneralSecurityException {
          X509Certificate parsedLoginNotEnabled = createCertWithValidity("&validFrom=now&validity=1m", false);
-        assertNull(CertificateOwner.getByEnabledSerial(parsedLoginNotEnabled.getSerialNumber().toString(16)));
+        assertNull(CertificateOwner.getByEnabledSerial(parsedLoginNotEnabled.getSerialNumber().toString(16).toLowerCase()));
  
          X509Certificate parsedLoginEnabled = createCertWithValidity("&validFrom=now&validity=1m", true);
  
          X509Certificate parsedLoginEnabled = createCertWithValidity("&validFrom=now&validity=1m", true);
-        assertEquals(u, CertificateOwner.getByEnabledSerial(parsedLoginEnabled.getSerialNumber().toString(16)));
+        assertEquals(u, CertificateOwner.getByEnabledSerial(parsedLoginEnabled.getSerialNumber().toString(16).toLowerCase()));
      }
  }
      }
  }
author	Felix Dörre <felix@dogcraft.de>
	Sun, 11 Sep 2016 08:46:54 +0000 (10:46 +0200)
committer	Felix Dörre <felix@dogcraft.de>
	Mon, 12 Sep 2016 21:54:31 +0000 (23:54 +0200)
src/org/cacert/gigi/api/CATSResolve.java		patch \| blob \| history
src/org/cacert/gigi/dbObjects/CertificateOwner.java		patch \| blob \| history
src/org/cacert/gigi/pages/LoginPage.java		patch \| blob \| history
tests/org/cacert/gigi/pages/account/TestCertificateAdd.java		patch \| blob \| history