diff options
author | elijah <elijah@riseup.net> | 2013-02-27 20:54:50 -0800 |
---|---|---|
committer | elijah <elijah@riseup.net> | 2013-02-27 20:54:50 -0800 |
commit | f053c1c53f00962ee9ca25d591d248e7695e6fa5 (patch) | |
tree | 1f7868a1f420ef749cfb1e274e1e7a8c7cd5a92c | |
parent | 1a369be11b776cd75b3c046fa508ea1bca499227 (diff) |
change free cert postfix to be a prefix (this is required for how openvpn does common name matching)
-rw-r--r-- | certs/app/models/client_certificate.rb | 3 | ||||
-rw-r--r-- | certs/test/unit/client_certificate_test.rb | 12 | ||||
-rw-r--r-- | config/defaults.yml | 3 |
3 files changed, 8 insertions, 10 deletions
diff --git a/certs/app/models/client_certificate.rb b/certs/app/models/client_certificate.rb index 1bc34c6..13e0318 100644 --- a/certs/app/models/client_certificate.rb +++ b/certs/app/models/client_certificate.rb @@ -66,8 +66,7 @@ class ClientCertificate end def common_name(for_free_cert = false) - random_common_name + - (for_free_cert ? APP_CONFIG[:free_cert_postfix] : '') + (for_free_cert ? APP_CONFIG[:free_cert_prefix] : '') + random_common_name end # diff --git a/certs/test/unit/client_certificate_test.rb b/certs/test/unit/client_certificate_test.rb index bcc61cc..abb5560 100644 --- a/certs/test/unit/client_certificate_test.rb +++ b/certs/test/unit/client_certificate_test.rb @@ -9,16 +9,16 @@ class ClientCertificateTest < ActiveSupport::TestCase assert sample.to_s end - test "free cert has configured postfix" do + test "free cert has configured prefix" do sample = ClientCertificate.new(free: true) - postfix = APP_CONFIG[:free_cert_postfix] - assert sample.cert.subject.common_name.include?(postfix) + prefix = APP_CONFIG[:free_cert_prefix] + assert sample.cert.subject.common_name.starts_with?(prefix) end - test "real cert has no free cert postfix" do + test "real cert has no free cert prefix" do sample = ClientCertificate.new - postfix = APP_CONFIG[:free_cert_postfix] - assert !sample.cert.subject.common_name.include?(postfix) + prefix = APP_CONFIG[:free_cert_prefix] + assert !sample.cert.subject.common_name.starts_with?(prefix) end test "cert issuer matches ca subject" do diff --git a/config/defaults.yml b/config/defaults.yml index 54e4178..d0fb52f 100644 --- a/config/defaults.yml +++ b/config/defaults.yml @@ -8,7 +8,7 @@ cert_options: &cert_options client_cert_bit_size: 2024 client_cert_hash: "SHA256" free_certs_enabled: true - free_cert_postfix: "*Free Cert*" + free_cert_prefix: "FREE" development: <<: *dev_ca @@ -21,7 +21,6 @@ test: <<: *cert_options admins: [admin, admin2] domain: test.me - production: <<: *cert_options |