diff options
author | Azul <azul@leap.se> | 2013-01-26 11:08:05 +0100 |
---|---|---|
committer | Azul <azul@leap.se> | 2013-01-26 11:08:05 +0100 |
commit | 0975583e3c6ec9d2bf0269841073031537db1c37 (patch) | |
tree | d135b5fbadd2db85f1addf5c1f36a68628725463 | |
parent | 4c2abd107f5959ea0f15f052acf73440648d8d52 (diff) |
we're not using a cert pool anymore - remove anything related
-rw-r--r-- | certs/app/controllers/certs_controller.rb | 2 | ||||
-rw-r--r-- | certs/app/models/client_certificate.rb | 24 | ||||
-rw-r--r-- | certs/test/unit/cert_pool_test.rb | 52 |
3 files changed, 2 insertions, 76 deletions
diff --git a/certs/app/controllers/certs_controller.rb b/certs/app/controllers/certs_controller.rb index d81aea0..3ec2f68 100644 --- a/certs/app/controllers/certs_controller.rb +++ b/certs/app/controllers/certs_controller.rb @@ -4,7 +4,7 @@ class CertsController < ApplicationController # GET /cert def show - @cert = LeapCA::Cert.pick_from_pool + @cert = ClientCertificate.create render :text => @cert.key + @cert.cert, :content_type => 'text/plain' rescue RECORD_NOT_FOUND flash[:error] = t(:cert_pool_empty) diff --git a/certs/app/models/client_certificate.rb b/certs/app/models/client_certificate.rb index 0b1e43f..6abc1ee 100644 --- a/certs/app/models/client_certificate.rb +++ b/certs/app/models/client_certificate.rb @@ -18,34 +18,16 @@ class ClientCertificate < CouchRest::Model::Base property :key, String # the client private RSA key property :cert, String # the client x509 certificate, signed by the CA property :valid_until, Time # expiration time of the client certificate - property :random, Float, :accessible => false # used to help pick a random cert by the webapp - before_validation :generate, :set_random, :on => :create + before_validation :generate, :on => :create validates :key, :presence => true validates :cert, :presence => true - validates :random, :presence => true - validates :random, :numericality => {:greater_than => 0, :less_than => 1} design do - view :by_random end class << self - def sample - self.by_random.startkey(rand).first || self.by_random.first - end - - def pick_from_pool - cert = self.sample - raise RECORD_NOT_FOUND unless cert - cert.destroy - return cert - rescue RESOURCE_NOT_FOUND - retry if self.by_random.count > 0 - raise RECORD_NOT_FOUND - end - def valid_attributes_hash {:key => "ABCD", :cert => "A123"} end @@ -79,10 +61,6 @@ class ClientCertificate < CouchRest::Model::Base private - def set_random - self.random = rand - end - def self.root_ca @root_ca ||= begin crt = File.read(APP_CONFIG[:ca_cert_path]) diff --git a/certs/test/unit/cert_pool_test.rb b/certs/test/unit/cert_pool_test.rb deleted file mode 100644 index 06f7ce0..0000000 --- a/certs/test/unit/cert_pool_test.rb +++ /dev/null @@ -1,52 +0,0 @@ -require 'test_helper' - -class CertPoolTest < ActiveSupport::TestCase - - setup do - 2.times { LeapCA::Cert.create(LeapCA::Cert.valid_attributes_hash) } - end - - teardown do - LeapCA::Cert.all.each {|c| c.destroy} - end - - test "picks random sample" do - # with 3 certs chances are pretty low we pick the same one 40 times. - LeapCA::Cert.create! LeapCA::Cert.valid_attributes_hash - picked = [] - first = LeapCA::Cert.sample.id - current = LeapCA::Cert.sample.id - 40.times do - break if current != first - current = LeapCA::Cert.sample.id - end - assert_not_equal current, first - end - - test "picks cert from the pool" do - assert_difference "LeapCA::Cert.count", -1 do - cert = LeapCA::Cert.pick_from_pool - end - end - - test "err's out if all certs have been destroyed" do - sample = LeapCA::Cert.first.tap{|c| c.destroy} - LeapCA::Cert.all.each {|c| c.destroy} - assert_raises RECORD_NOT_FOUND do - LeapCA::Cert.expects(:sample).returns(sample) - cert = LeapCA::Cert.pick_from_pool - end - end - - test "picks other cert if first pick has been destroyed" do - first = LeapCA::Cert.first.tap{|c| c.destroy} - second = LeapCA::Cert.first - LeapCA::Cert.expects(:sample).at_least_once. - returns(first). - then.returns(second) - cert = LeapCA::Cert.pick_from_pool - assert_equal second, cert - assert_nil LeapCA::Cert.first - end - -end |