From 1ab54dcffd65a6532c04c52c7e995d95c67950c1 Mon Sep 17 00:00:00 2001
From: Seth Vidal <skvidal@fedoraproject.org>
Date: Wed, 5 May 2010 00:14:31 -0400
Subject: [PATCH] add emailaddr option to the make_csr routine so we can
 identify a cert/key via email - not just assuming a hostname.

default still works the same as before root@cn
---
 certmaster/certs.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/certmaster/certs.py b/certmaster/certs.py
index 81409f3..da0942f 100644
--- a/certmaster/certs.py
+++ b/certmaster/certs.py
@@ -37,7 +37,7 @@ def make_keypair(dest=None):
     return pkey
 
 
-def make_csr(pkey, dest=None, cn=None, hostname=None):
+def make_csr(pkey, dest=None, cn=None, hostname=None, emailaddr=None):
     req = crypto.X509Req()
     req.get_subject()
     subj  = req.get_subject()
@@ -53,7 +53,10 @@ def make_csr(pkey, dest=None, cn=None, hostname=None):
     else:
         subj.CN = utils.gethostname()
 
-    subj.emailAddress = 'root@%s' % subj.CN       
+    if emailaddr:
+        subj.emailAddress = emailaddr
+    else:
+        subj.emailAddress = 'root@%s' % subj.CN       
         
     req.set_pubkey(pkey)
     req.sign(pkey, 'md5')
-- 
2.39.2