Do not remove client certificate, even when TLS is disabled

It does not really make sense to remove it, as it can lock someone out of
their account, just by temporarily disabling TLS.
This commit is contained in:
Val Lorentz 2022-03-05 11:20:57 +01:00
parent 53b4d00732
commit ae7020f569
2 changed files with 4 additions and 8 deletions

View File

@ -184,10 +184,6 @@ Network.prototype.validate = function (client) {
this.rejectUnauthorized = true; this.rejectUnauthorized = true;
} }
if (!this.tls) {
ClientCertificate.remove(this.uuid);
}
return true; return true;
}; };

View File

@ -203,7 +203,7 @@ describe("Network", function () {
STSPolicies.update("irc.example.com", 7000, 0); // Cleanup STSPolicies.update("irc.example.com", 7000, 0); // Cleanup
}); });
it("should remove client certs if TLS is disabled", function () { it("should not remove client certs if TLS is disabled", function () {
Helper.config.public = false; Helper.config.public = false;
const client = {idMsg: 1, emit() {}, messageStorage: []}; const client = {idMsg: 1, emit() {}, messageStorage: []};
@ -216,15 +216,15 @@ describe("Network", function () {
expect(client_cert).to.not.be.null; expect(client_cert).to.not.be.null;
expect(ClientCertificate.get(network.uuid)).to.deep.equal(client_cert); expect(ClientCertificate.get(network.uuid)).to.deep.equal(client_cert);
expect(network.validate(client)).to.be.true; // Deletes the cert expect(network.validate(client)).to.be.true;
expect(ClientCertificate.get(network.uuid)).to.not.deep.equal(client_cert); // Because ClientCertificate.get regenerates it expect(ClientCertificate.get(network.uuid)).to.deep.equal(client_cert); // Should be unchanged
ClientCertificate.remove(network.uuid); ClientCertificate.remove(network.uuid);
Helper.config.public = true; Helper.config.public = true;
}); });
it("should remove client certs if there is a STS policy", function () { it("should not remove client certs if there is a STS policy", function () {
Helper.config.public = false; Helper.config.public = false;
const client = {idMsg: 1, emit() {}, messageStorage: []}; const client = {idMsg: 1, emit() {}, messageStorage: []};