summaryrefslogtreecommitdiff
path: root/certs/app/models
diff options
context:
space:
mode:
authorazul <azul@riseup.net>2013-02-26 07:25:12 -0800
committerazul <azul@riseup.net>2013-02-26 07:25:12 -0800
commit5dbbf733a6abe809a38667e8b3277fd06db24788 (patch)
tree14f60e6facd88dc5d218aec14175a59fdf5834ad /certs/app/models
parent1023cac35016bb1a89864d10ac89acabe86cf227 (diff)
parent2eafc17ea68e75e6b040b6c6677e5eebd3371f0e (diff)
Merge pull request #27 from leapcode/feature/free-certs
Enable free certs
Diffstat (limited to 'certs/app/models')
-rw-r--r--certs/app/models/client_certificate.rb19
1 files changed, 14 insertions, 5 deletions
diff --git a/certs/app/models/client_certificate.rb b/certs/app/models/client_certificate.rb
index be0ac63..1bc34c6 100644
--- a/certs/app/models/client_certificate.rb
+++ b/certs/app/models/client_certificate.rb
@@ -1,5 +1,5 @@
#
-# Model for certificates stored in CouchDB.
+# Model for certificates
#
# This file must be loaded after Config has been loaded.
#
@@ -17,11 +17,11 @@ class ClientCertificate
#
# generate the private key and client certificate
#
- def initialize
+ def initialize(options = {})
cert = CertificateAuthority::Certificate.new
# set subject
- cert.subject.common_name = random_common_name
+ cert.subject.common_name = common_name(options[:free])
# set expiration
cert.not_before = yesterday
@@ -35,8 +35,12 @@ class ClientCertificate
cert.parent = ClientCertificate.root_ca
cert.sign! client_signing_profile
- self.key = cert.key_material.private_key.to_pem
- self.cert = cert.to_pem
+ self.key = cert.key_material.private_key
+ self.cert = cert
+ end
+
+ def to_s
+ self.key.to_pem + self.cert.to_pem
end
private
@@ -61,6 +65,11 @@ class ClientCertificate
Digest::MD5.hexdigest("#{rand(10**10)} -- #{Time.now}").to_i(16)
end
+ def common_name(for_free_cert = false)
+ random_common_name +
+ (for_free_cert ? APP_CONFIG[:free_cert_postfix] : '')
+ end
+
#
# for the random common name, we need a text string that will be unique across all certs.
# ruby 1.8 doesn't have a built-in uuid generator, or we would use SecureRandom.uuid