mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-21 03:10:25 +08:00
Include a (userCertificate:certificateExactMatch:=SN$DN) assertion.
This commit is contained in:
parent
3fbe93c704
commit
2cd974b435
@ -136,3 +136,40 @@ userCertificate;binary:: MIIDazCCAtSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADB3MQswCQYDV
|
||||
05xpoXocZtKdNvBu3FNxB/jFkiOcLU2lX7Px1Ijnsjh60qVRy9HOsHCungIKlGcnXLKHmKu0y//5j
|
||||
ds/HnaJsGcHI5JRG7CBJbW+wrwge3trJ1xHJI8prN
|
||||
|
||||
# (userCertificate:certificateExactMatch:=3$EMAIL=ca@example.com,CN=Example CA,O=Openldap Example\5C, Ltd.,ST=California,C=US)
|
||||
dn: cn=Jennifer Smith,ou=Alumni Association,ou=People,o=University of Michigan
|
||||
,c=US
|
||||
objectClass: OpenLDAPperson
|
||||
objectClass: strongAuthenticationUser
|
||||
cn: Jennifer Smith
|
||||
cn: Jen Smith
|
||||
sn: Smith
|
||||
uid: jen
|
||||
postalAddress: Alumni Association $ 111 Maple St $ Ann Arbor, MI 48109
|
||||
seeAlso: cn=All Staff,ou=Groups,o=University of Michigan,c=US
|
||||
drink: Sam Adams
|
||||
homePostalAddress: 1000 Maple #44 $ Ann Arbor, MI 48103
|
||||
title: Telemarketer, UM Alumni Association
|
||||
mail: jen@mail.alumni.example.com
|
||||
homePhone: +1 313 555 2333
|
||||
pager: +1 313 555 6442
|
||||
facsimileTelephoneNumber: +1 313 555 2756
|
||||
telephoneNumber: +1 313 555 8232
|
||||
userCertificate;binary:: MIIDjDCCAvWgAwIBAgIBAzANBgkqhkiG9w0BAQQFADB3MQswCQYDV
|
||||
QQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEfMB0GA1UEChMWT3BlbkxEQVAgRXhhbXBsZSwgTH
|
||||
RkLjETMBEGA1UEAxMKRXhhbXBsZSBDQTEdMBsGCSqGSIb3DQEJARYOY2FAZXhhbXBsZS5jb20wHhc
|
||||
NMDMxMDE3MTYzNTM1WhcNMDQxMDE2MTYzNTM1WjCBnjELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE1p
|
||||
Y2hpZ2FuMR8wHQYDVQQKExZPcGVuTERBUCBFeGFtcGxlLCBMdGQuMRswGQYDVQQLExJBbHVtbmkgQ
|
||||
XNzb2ljYXRpb24xEjAQBgNVBAMTCUplbiBTbWl0aDEqMCgGCSqGSIb3DQEJARYbamVuQG1haWwuYW
|
||||
x1bW5pLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDpnXWAL0VkROGO1Rg
|
||||
8J3u6F4F7yMqQCbUMsV9rxQisYj45+pmqiHV5urogvT4MGD6eLNFZKBn+0KRni++uu7gbartzpmBa
|
||||
HOlzRII9ZdVMFfrT2xYNgAlkne6pb6IZIN9UONuH/httENCDJ5WEpjZ48D1Lrml/HYO/W+SAMkpEq
|
||||
QIDAQABo4H/MIH8MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIE
|
||||
NlcnRpZmljYXRlMB0GA1UdDgQWBBTB2saht/od/nis76b9m+pjxfhSPjCBoQYDVR0jBIGZMIGWgBR
|
||||
LbyEaNiTSkPlDsFNHLX3hwOaYI6F7pHkwdzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3Ju
|
||||
aWExHzAdBgNVBAoTFk9wZW5MREFQIEV4YW1wbGUsIEx0ZC4xEzARBgNVBAMTCkV4YW1wbGUgQ0ExH
|
||||
TAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUuY29tggEAMA0GCSqGSIb3DQEBBAUAA4GBAIoGPc/AS0
|
||||
cNkMRDNoMIzcFdF9lONMduKBiSuFvv+x8nCek+LUdXxF59V2NPKh2V5gFh5xbAchyv6FVBnpVtPdB
|
||||
5akCr5tdFQhuBLUXXDk/tTHGpIWt7OAjEmpuMzsz3GUB8Zf9rioHOs1DMw+GpzWdnFITxXhAqEDc3
|
||||
quqPrpxZ
|
||||
|
||||
|
@ -231,6 +231,19 @@ if test $RC != 0 ; then
|
||||
exit $RC
|
||||
fi
|
||||
|
||||
SNAI='3$EMAIL=ca@example.com,CN=Example CA,O=Openldap Example\5C, Ltd.,ST=California,C=US'
|
||||
|
||||
echo 'Using ldapsearch to retrieve (userCertificate:certificateExactMatch:=serialNumberAndIssuer) ...'
|
||||
echo "# (userCertificate:certificateExactMatch:=$SNAI)" >> $SEARCHOUT
|
||||
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
|
||||
"(userCertificate:certificateExactMatch:=$SNAI)" >> $SEARCHOUT 2>&1
|
||||
RC=$?
|
||||
if test $RC != 0 ; then
|
||||
echo "ldapsearch failed ($RC)!"
|
||||
kill -HUP $PID
|
||||
exit $RC
|
||||
fi
|
||||
|
||||
kill -HUP $PID
|
||||
|
||||
if test "$WITHTLS" = no ; then
|
||||
|
Loading…
Reference in New Issue
Block a user