From b520e9f12161c6ed3c68a395617c8fc405ddca7d Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Wed, 28 Nov 2012 17:31:12 -0500
Subject: [PATCH] Gitblit CA generation needs to use the default OIDs

---
 src/com/gitblit/authority/GitblitAuthority.java |   69 +++++++++++++++++++++-------------
 1 files changed, 43 insertions(+), 26 deletions(-)

diff --git a/src/com/gitblit/authority/GitblitAuthority.java b/src/com/gitblit/authority/GitblitAuthority.java
index 6d219b7..441fa13 100644
--- a/src/com/gitblit/authority/GitblitAuthority.java
+++ b/src/com/gitblit/authority/GitblitAuthority.java
@@ -329,6 +329,7 @@
 		}
 
 		X509Metadata metadata = new X509Metadata("localhost", caKeystorePassword);
+		setMetadataDefaults(metadata);
 		X509Utils.prepareX509Infrastructure(metadata, folder, this);
 		return true;
 	}
@@ -396,29 +397,11 @@
 				}
 
 				Date notAfter = metadata.notAfter;
-				metadata.serverHostname = gitblitSettings.getString(Keys.web.siteName, Constants.NAME);
-				if (StringUtils.isEmpty(metadata.serverHostname)) {
-					metadata.serverHostname = Constants.NAME;
-				}
-				UserModel user = ucm.user;				
-				
-				// set default values from config file
-				File certificatesConfigFile = new File(folder, X509Utils.CA_CONFIG);
-				FileBasedConfig config = new FileBasedConfig(certificatesConfigFile, FS.detect());
-				if (certificatesConfigFile.exists()) {
-					try {
-						config.load();
-					} catch (Exception e) {
-						Utils.showException(GitblitAuthority.this, e);
-					}
-					NewCertificateConfig certificateConfig = NewCertificateConfig.KEY.parse(config);
-					certificateConfig.update(metadata);
-				}
-				
-				// restore expiration date
+				setMetadataDefaults(metadata);
 				metadata.notAfter = notAfter;
 				
 				// set user's specified OID values
+				UserModel user = ucm.user;				
 				if (!StringUtils.isEmpty(user.organizationalUnit)) {
 					metadata.oids.put("OU", user.organizationalUnit);
 				}
@@ -442,12 +425,8 @@
 				if (ucm.expires == null || metadata.notAfter.before(ucm.expires)) {
 					ucm.expires = metadata.notAfter;
 				}
-				ucm.update(config);
-				try {
-					config.save();
-				} catch (Exception e) {
-					Utils.showException(GitblitAuthority.this, e);
-				}
+				
+				updateAuthorityConfig(ucm);
 				
 				// refresh user
 				ucm.certs = null;
@@ -818,4 +797,42 @@
 		}
 		return false;
 	}
+	
+	private void setMetadataDefaults(X509Metadata metadata) {
+		metadata.serverHostname = gitblitSettings.getString(Keys.web.siteName, Constants.NAME);
+		if (StringUtils.isEmpty(metadata.serverHostname)) {
+			metadata.serverHostname = Constants.NAME;
+		}
+		
+		// set default values from config file
+		File certificatesConfigFile = new File(folder, X509Utils.CA_CONFIG);
+		FileBasedConfig config = new FileBasedConfig(certificatesConfigFile, FS.detect());
+		if (certificatesConfigFile.exists()) {
+			try {
+				config.load();
+			} catch (Exception e) {
+				Utils.showException(GitblitAuthority.this, e);
+			}
+			NewCertificateConfig certificateConfig = NewCertificateConfig.KEY.parse(config);
+			certificateConfig.update(metadata);
+		}
+	}
+	
+	private void updateAuthorityConfig(UserCertificateModel ucm) {
+		File certificatesConfigFile = new File(folder, X509Utils.CA_CONFIG);
+		FileBasedConfig config = new FileBasedConfig(certificatesConfigFile, FS.detect());
+		if (certificatesConfigFile.exists()) {
+			try {
+				config.load();
+			} catch (Exception e) {
+				Utils.showException(GitblitAuthority.this, e);
+			}
+		}
+		ucm.update(config);
+		try {
+			config.save();
+		} catch (Exception e) {
+			Utils.showException(GitblitAuthority.this, e);
+		}
+	}
 }

--
Gitblit v1.9.1