diff options
| -rw-r--r-- | README.md | 16 | ||||
| -rw-r--r-- | app/controllers/v1/smtp_certs_controller.rb | 2 | ||||
| -rw-r--r-- | app/models/client_certificate.rb | 10 | ||||
| -rw-r--r-- | test/functional/v1/smtp_certs_controller_test.rb | 6 | ||||
| -rw-r--r-- | test/unit/client_certificate_test.rb | 4 |
5 files changed, 19 insertions, 19 deletions
@@ -49,17 +49,11 @@ these instructions: ### Install system requirements - sudo apt-get install git ruby1.9.3 rubygems couchdb - sudo gem install bundler - -On Debian Wheezy or later, there is a Debian package for bundler, so you -can alternately run ``sudo apt-get install bundler``. + sudo apt-get install git ruby1.9.3 rubygems couchdb bundler ### Download source - git clone git://leap.se/leap_web - cd leap_web - git submodule update --init + git clone --recursive git://leap.se/leap_web ### Install required ruby libraries @@ -83,9 +77,9 @@ There are a few values you should make sure to modify: admins: ["myusername","otherusername"] domain: example.net force_ssl: true - secret_token: "4be2f60fafaf615bd4a13b96bfccf2c2c905898dad34..." - client_ca_key: "/etc/ssl/ca.key" - client_ca_cert: "/etc/ssl/ca.crt" + secret_token: "4be2f60fafaf615bd4a13b96bfccf2c2c905898dad34" + client_ca_key: "./test/files/ca.key" + client_ca_cert: "./test/files/ca.key" ca_key_password: nil * `admins` is an array of usernames that are granted special admin diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb index fa53b26..75f524c 100644 --- a/app/controllers/v1/smtp_certs_controller.rb +++ b/app/controllers/v1/smtp_certs_controller.rb @@ -6,7 +6,7 @@ class V1::SmtpCertsController < ApiController # POST /1/smtp_cert def create - @cert = ClientCertificate.new prefix: current_user.email_address + @cert = ClientCertificate.new common_name: current_user.email_address @identity.register_cert(@cert) @identity.save render text: @cert.to_s, content_type: 'text/plain' diff --git a/app/models/client_certificate.rb b/app/models/client_certificate.rb index 688d5c0..1716365 100644 --- a/app/models/client_certificate.rb +++ b/app/models/client_certificate.rb @@ -21,7 +21,13 @@ class ClientCertificate cert = CertificateAuthority::Certificate.new # set subject - cert.subject.common_name = common_name(options[:prefix]) + if options[:prefix] + cert.subject.common_name = common_name_with_prefix(options[:prefix]) + elsif options[:common_name] + cert.subject.common_name = options[:common_name] + else + raise ArgumentError.new + end # set expiration cert.not_before = last_month @@ -77,7 +83,7 @@ class ClientCertificate Digest::MD5.hexdigest("#{rand(10**10)} -- #{Time.now}").to_i(16) end - def common_name(prefix = nil) + def common_name_with_prefix(prefix = nil) [prefix, random_common_name].join end diff --git a/test/functional/v1/smtp_certs_controller_test.rb b/test/functional/v1/smtp_certs_controller_test.rb index 3427e2d..ba70410 100644 --- a/test/functional/v1/smtp_certs_controller_test.rb +++ b/test/functional/v1/smtp_certs_controller_test.rb @@ -26,11 +26,11 @@ class V1::SmtpCertsControllerTest < ActionController::TestCase protected - def expect_cert(prefix) - cert = stub to_s: "#{prefix.downcase} cert", + def expect_cert(email) + cert = stub to_s: "#{email.downcase} cert", expiry: 1.month.from_now.utc.at_midnight ClientCertificate.expects(:new). - with(:prefix => prefix). + with(:common_name => email). returns(cert) return cert end diff --git a/test/unit/client_certificate_test.rb b/test/unit/client_certificate_test.rb index 036e724..7f7e14b 100644 --- a/test/unit/client_certificate_test.rb +++ b/test/unit/client_certificate_test.rb @@ -3,7 +3,7 @@ require 'test_helper' class ClientCertificateTest < ActiveSupport::TestCase test "new cert has all we need" do - sample = ClientCertificate.new + sample = ClientCertificate.new(:common_name => 'test') assert sample.key assert sample.cert assert sample.to_s @@ -16,7 +16,7 @@ class ClientCertificateTest < ActiveSupport::TestCase end test "cert issuer matches ca subject" do - sample = ClientCertificate.new + sample = ClientCertificate.new(:prefix => 'test') cert = OpenSSL::X509::Certificate.new(sample.cert.to_pem) assert_equal ClientCertificate.root_ca.openssl_body.subject, cert.issuer end |