do not include random cruft in the common name of smtp client certificates

author: elijah <elijah@riseup.net> 2015-08-07 20:17:10 -0700
committer: elijah <elijah@riseup.net> 2015-08-07 20:17:10 -0700
commit: 883b2eadb7b28756978c4009cb9f92e7177a9dba (patch)
tree: 5b4fa18a28c0534ca8a9f9b337a86d40f0e9eb31 /app/models/client_certificate.rb
parent: 1493e0ca5e32bf25d9778e7326ea70d5ebfe74e6 (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/app/models/client_certificate.rb b/app/models/client_certificate.rb
index 688d5c0..1716365 100644
--- a/app/models/client_certificate.rb
+++ b/app/models/client_certificate.rb
@@ -21,7 +21,13 @@ class ClientCertificate
     cert = CertificateAuthority::Certificate.new
 
     # set subject
-    cert.subject.common_name = common_name(options[:prefix])
+    if options[:prefix]
+      cert.subject.common_name = common_name_with_prefix(options[:prefix])
+    elsif options[:common_name]
+      cert.subject.common_name = options[:common_name]
+    else
+      raise ArgumentError.new
+    end
 
     # set expiration
     cert.not_before = last_month
@@ -77,7 +83,7 @@ class ClientCertificate
     Digest::MD5.hexdigest("#{rand(10**10)} -- #{Time.now}").to_i(16)
   end
 
-  def common_name(prefix = nil)
+  def common_name_with_prefix(prefix = nil)
     [prefix, random_common_name].join
   end
author	elijah <elijah@riseup.net>	2015-08-07 20:17:10 -0700
committer	elijah <elijah@riseup.net>	2015-08-07 20:17:10 -0700
commit	883b2eadb7b28756978c4009cb9f92e7177a9dba (patch)
tree	5b4fa18a28c0534ca8a9f9b337a86d40f0e9eb31 /app/models/client_certificate.rb
parent	1493e0ca5e32bf25d9778e7326ea70d5ebfe74e6 (diff)