summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2013-02-27 20:54:50 -0800
committerelijah <elijah@riseup.net>2013-02-27 20:54:50 -0800
commitf053c1c53f00962ee9ca25d591d248e7695e6fa5 (patch)
tree1f7868a1f420ef749cfb1e274e1e7a8c7cd5a92c
parent1a369be11b776cd75b3c046fa508ea1bca499227 (diff)
change free cert postfix to be a prefix (this is required for how openvpn does common name matching)
-rw-r--r--certs/app/models/client_certificate.rb3
-rw-r--r--certs/test/unit/client_certificate_test.rb12
-rw-r--r--config/defaults.yml3
3 files changed, 8 insertions, 10 deletions
diff --git a/certs/app/models/client_certificate.rb b/certs/app/models/client_certificate.rb
index 1bc34c6..13e0318 100644
--- a/certs/app/models/client_certificate.rb
+++ b/certs/app/models/client_certificate.rb
@@ -66,8 +66,7 @@ class ClientCertificate
end
def common_name(for_free_cert = false)
- random_common_name +
- (for_free_cert ? APP_CONFIG[:free_cert_postfix] : '')
+ (for_free_cert ? APP_CONFIG[:free_cert_prefix] : '') + random_common_name
end
#
diff --git a/certs/test/unit/client_certificate_test.rb b/certs/test/unit/client_certificate_test.rb
index bcc61cc..abb5560 100644
--- a/certs/test/unit/client_certificate_test.rb
+++ b/certs/test/unit/client_certificate_test.rb
@@ -9,16 +9,16 @@ class ClientCertificateTest < ActiveSupport::TestCase
assert sample.to_s
end
- test "free cert has configured postfix" do
+ test "free cert has configured prefix" do
sample = ClientCertificate.new(free: true)
- postfix = APP_CONFIG[:free_cert_postfix]
- assert sample.cert.subject.common_name.include?(postfix)
+ prefix = APP_CONFIG[:free_cert_prefix]
+ assert sample.cert.subject.common_name.starts_with?(prefix)
end
- test "real cert has no free cert postfix" do
+ test "real cert has no free cert prefix" do
sample = ClientCertificate.new
- postfix = APP_CONFIG[:free_cert_postfix]
- assert !sample.cert.subject.common_name.include?(postfix)
+ prefix = APP_CONFIG[:free_cert_prefix]
+ assert !sample.cert.subject.common_name.starts_with?(prefix)
end
test "cert issuer matches ca subject" do
diff --git a/config/defaults.yml b/config/defaults.yml
index 54e4178..d0fb52f 100644
--- a/config/defaults.yml
+++ b/config/defaults.yml
@@ -8,7 +8,7 @@ cert_options: &cert_options
client_cert_bit_size: 2024
client_cert_hash: "SHA256"
free_certs_enabled: true
- free_cert_postfix: "*Free Cert*"
+ free_cert_prefix: "FREE"
development:
<<: *dev_ca
@@ -21,7 +21,6 @@ test:
<<: *cert_options
admins: [admin, admin2]
domain: test.me
-
production:
<<: *cert_options