From d99bcf4b0d0b8716ab0da58ea7320fb33bac78bb Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Mon, 25 Feb 2013 13:01:07 +0100
Subject: enable free certs with a common name postfix

---
 certs/app/controllers/certs_controller.rb |  2 +-
 certs/app/models/client_certificate.rb    | 22 +++++++++++++++++-----
 2 files changed, 18 insertions(+), 6 deletions(-)

(limited to 'certs/app')

diff --git a/certs/app/controllers/certs_controller.rb b/certs/app/controllers/certs_controller.rb
index 6099ac0..3b7d35d 100644
--- a/certs/app/controllers/certs_controller.rb
+++ b/certs/app/controllers/certs_controller.rb
@@ -3,7 +3,7 @@ class CertsController < ApplicationController
   # GET /cert
   def show
     @cert = ClientCertificate.new(free: !logged_in?)
-    render :text => @cert.key + @cert.cert, :content_type => 'text/plain'
+    render text: @cert.to_s, content_type: 'text/plain'
   end
 
 end
diff --git a/certs/app/models/client_certificate.rb b/certs/app/models/client_certificate.rb
index be0ac63..3a82d1a 100644
--- a/certs/app/models/client_certificate.rb
+++ b/certs/app/models/client_certificate.rb
@@ -1,5 +1,5 @@
 #
-# Model for certificates stored in CouchDB.
+# Model for certificates
 #
 # This file must be loaded after Config has been loaded.
 #
@@ -17,11 +17,11 @@ class ClientCertificate
   #
   # generate the private key and client certificate
   #
-  def initialize
+  def initialize(options = {})
     cert = CertificateAuthority::Certificate.new
 
     # set subject
-    cert.subject.common_name = random_common_name
+    cert.subject.common_name = common_name(options[:free])
 
     # set expiration
     cert.not_before = yesterday
@@ -35,8 +35,12 @@ class ClientCertificate
     cert.parent = ClientCertificate.root_ca
     cert.sign! client_signing_profile
 
-    self.key = cert.key_material.private_key.to_pem
-    self.cert = cert.to_pem
+    self.key = cert.key_material.private_key
+    self.cert = cert
+  end
+
+  def to_s
+    self.key.to_pem + self.cert.to_pem
   end
 
   private
@@ -61,6 +65,14 @@ class ClientCertificate
     Digest::MD5.hexdigest("#{rand(10**10)} -- #{Time.now}").to_i(16)
   end
 
+  def common_name(for_free_cert = false)
+    if for_free_cert
+      random_common_name + ' ' + APP_CONFIG[:free_cert_postfix]
+    else
+      random_common_name
+    end
+  end
+
   #
   # for the random common name, we need a text string that will be unique across all certs.
   # ruby 1.8 doesn't have a built-in uuid generator, or we would use SecureRandom.uuid
-- 
cgit v1.2.3