diff options
author | azul <azul@riseup.net> | 2013-02-26 07:25:12 -0800 |
---|---|---|
committer | azul <azul@riseup.net> | 2013-02-26 07:25:12 -0800 |
commit | 5dbbf733a6abe809a38667e8b3277fd06db24788 (patch) | |
tree | 14f60e6facd88dc5d218aec14175a59fdf5834ad /certs/app/models | |
parent | 1023cac35016bb1a89864d10ac89acabe86cf227 (diff) | |
parent | 2eafc17ea68e75e6b040b6c6677e5eebd3371f0e (diff) |
Merge pull request #27 from leapcode/feature/free-certs
Enable free certs
Diffstat (limited to 'certs/app/models')
-rw-r--r-- | certs/app/models/client_certificate.rb | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/certs/app/models/client_certificate.rb b/certs/app/models/client_certificate.rb index be0ac63..1bc34c6 100644 --- a/certs/app/models/client_certificate.rb +++ b/certs/app/models/client_certificate.rb @@ -1,5 +1,5 @@ # -# Model for certificates stored in CouchDB. +# Model for certificates # # This file must be loaded after Config has been loaded. # @@ -17,11 +17,11 @@ class ClientCertificate # # generate the private key and client certificate # - def initialize + def initialize(options = {}) cert = CertificateAuthority::Certificate.new # set subject - cert.subject.common_name = random_common_name + cert.subject.common_name = common_name(options[:free]) # set expiration cert.not_before = yesterday @@ -35,8 +35,12 @@ class ClientCertificate cert.parent = ClientCertificate.root_ca cert.sign! client_signing_profile - self.key = cert.key_material.private_key.to_pem - self.cert = cert.to_pem + self.key = cert.key_material.private_key + self.cert = cert + end + + def to_s + self.key.to_pem + self.cert.to_pem end private @@ -61,6 +65,11 @@ class ClientCertificate Digest::MD5.hexdigest("#{rand(10**10)} -- #{Time.now}").to_i(16) end + def common_name(for_free_cert = false) + random_common_name + + (for_free_cert ? APP_CONFIG[:free_cert_postfix] : '') + end + # # for the random common name, we need a text string that will be unique across all certs. # ruby 1.8 doesn't have a built-in uuid generator, or we would use SecureRandom.uuid |