From 883b2eadb7b28756978c4009cb9f92e7177a9dba Mon Sep 17 00:00:00 2001 From: elijah Date: Fri, 7 Aug 2015 20:17:10 -0700 Subject: do not include random cruft in the common name of smtp client certificates --- app/controllers/v1/smtp_certs_controller.rb | 2 +- app/models/client_certificate.rb | 10 ++++++++-- 2 files changed, 9 insertions(+), 3 deletions(-) (limited to 'app') diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb index fa53b26..75f524c 100644 --- a/app/controllers/v1/smtp_certs_controller.rb +++ b/app/controllers/v1/smtp_certs_controller.rb @@ -6,7 +6,7 @@ class V1::SmtpCertsController < ApiController # POST /1/smtp_cert def create - @cert = ClientCertificate.new prefix: current_user.email_address + @cert = ClientCertificate.new common_name: current_user.email_address @identity.register_cert(@cert) @identity.save render text: @cert.to_s, content_type: 'text/plain' diff --git a/app/models/client_certificate.rb b/app/models/client_certificate.rb index 688d5c0..1716365 100644 --- a/app/models/client_certificate.rb +++ b/app/models/client_certificate.rb @@ -21,7 +21,13 @@ class ClientCertificate cert = CertificateAuthority::Certificate.new # set subject - cert.subject.common_name = common_name(options[:prefix]) + if options[:prefix] + cert.subject.common_name = common_name_with_prefix(options[:prefix]) + elsif options[:common_name] + cert.subject.common_name = options[:common_name] + else + raise ArgumentError.new + end # set expiration cert.not_before = last_month @@ -77,7 +83,7 @@ class ClientCertificate Digest::MD5.hexdigest("#{rand(10**10)} -- #{Time.now}").to_i(16) end - def common_name(prefix = nil) + def common_name_with_prefix(prefix = nil) [prefix, random_common_name].join end -- cgit v1.2.3