Do not remove client certificate, even when TLS is disabled

It does not really make sense to remove it, as it can lock someone out of
their account, just by temporarily disabling TLS.
This commit is contained in:
Val Lorentz 2022-03-05 11:20:57 +01:00
parent 53b4d00732
commit ae7020f569
2 changed files with 4 additions and 8 deletions

View file

@ -184,10 +184,6 @@ Network.prototype.validate = function (client) {
this.rejectUnauthorized = true;
}
if (!this.tls) {
ClientCertificate.remove(this.uuid);
}
return true;
};

View file

@ -203,7 +203,7 @@ describe("Network", function () {
STSPolicies.update("irc.example.com", 7000, 0); // Cleanup
});
it("should remove client certs if TLS is disabled", function () {
it("should not remove client certs if TLS is disabled", function () {
Helper.config.public = false;
const client = {idMsg: 1, emit() {}, messageStorage: []};
@ -216,15 +216,15 @@ describe("Network", function () {
expect(client_cert).to.not.be.null;
expect(ClientCertificate.get(network.uuid)).to.deep.equal(client_cert);
expect(network.validate(client)).to.be.true; // Deletes the cert
expect(network.validate(client)).to.be.true;
expect(ClientCertificate.get(network.uuid)).to.not.deep.equal(client_cert); // Because ClientCertificate.get regenerates it
expect(ClientCertificate.get(network.uuid)).to.deep.equal(client_cert); // Should be unchanged
ClientCertificate.remove(network.uuid);
Helper.config.public = true;
});
it("should remove client certs if there is a STS policy", function () {
it("should not remove client certs if there is a STS policy", function () {
Helper.config.public = false;
const client = {idMsg: 1, emit() {}, messageStorage: []};