Set scep to true in the db when the certificate has been issued by scep

inverse-inc · Dec 30, 2021 · 146a871 · 146a871
1 parent eb3e122
commit 146a871
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 1 deletion.
diff --git a/db/pf-schema-X.Y.sql b/db/pf-schema-X.Y.sql
@@ -1455,6 +1455,7 @@ CREATE TABLE `pki_certs` (
   `serial_number` varchar(255) DEFAULT NULL,
   `dns_names` varchar(255) DEFAULT NULL,
   `ip_addresses` varchar(255) DEFAULT NULL,
+  `scep` BOOLEAN DEFAULT FALSE,
   UNIQUE KEY `cn` (`cn`),
   KEY `profile_name` (`profile_name`),
   KEY `valid_until` (`valid_until`),

diff --git a/db/upgrade-X.X-X.Y.sql b/db/upgrade-X.X-X.Y.sql
@@ -47,6 +47,9 @@ DELIMITER ;
 call ValidateVersion;
 DROP PROCEDURE IF EXISTS ValidateVersion;
 
+\! echo "altering pki_certs"
+ALTER TABLE pki_certs
+    ADD COLUMN IF NOT EXISTS `scep` BOOLEAN DEFAULT FALSE AFTER ip_addresses;
 
 \! echo "Incrementing PacketFence schema version...";
 INSERT IGNORE INTO pf_version (id, version, created_at) VALUES (@VERSION_INT, CONCAT_WS('.', @MAJOR_VERSION, @MINOR_VERSION), NOW());

diff --git a/go/caddy/pfpki/models/models.go b/go/caddy/pfpki/models/models.go
@@ -139,6 +139,7 @@ type (
 		SerialNumber       string          `json:"serial_number,omitempty"`
 		DNSNames           string          `json:"dns_names,omitempty"`
 		IPAddresses        string          `json:"ip_addresses,omitempty"`
+		Scep               bool            `json:"scep,omitempty" gorm:"default:false"`
 	}
 
 	// RevokedCert struct
@@ -518,7 +519,7 @@ func (c CA) Put(cn string, crt *x509.Certificate, options ...string) error {
 		c.DB.First(&ca)
 	}
 
-	if err := c.DB.Create(&Cert{Cn: cn, Ca: ca, CaName: ca.Cn, ProfileName: profiledb[0].Name, SerialNumber: crt.SerialNumber.String(), Mail: attributeMap["emailAddress"], StreetAddress: attributeMap["streetAddress"], Organisation: attributeMap["O"], OrganisationalUnit: attributeMap["OU"], Country: attributeMap["C"], State: attributeMap["ST"], Locality: attributeMap["L"], PostalCode: attributeMap["emailAddress"], Profile: profiledb[0], Key: "", Cert: publicKey.String(), ValidUntil: crt.NotAfter}).Error; err != nil {
+	if err := c.DB.Create(&Cert{Cn: cn, Ca: ca, CaName: ca.Cn, ProfileName: profiledb[0].Name, SerialNumber: crt.SerialNumber.String(), Mail: attributeMap["emailAddress"], StreetAddress: attributeMap["streetAddress"], Organisation: attributeMap["O"], OrganisationalUnit: attributeMap["OU"], Country: attributeMap["C"], State: attributeMap["ST"], Locality: attributeMap["L"], PostalCode: attributeMap["emailAddress"], Profile: profiledb[0], Key: "", Cert: publicKey.String(), ValidUntil: crt.NotAfter, Scep: true}).Error; err != nil {
 		return errors.New("A database error occured. See log for details.")
 	}