From 0732f55d7c110181e1119e17e8bb71d0bab57859 Mon Sep 17 00:00:00 2001
From: Martin Lensment <mlensment@gmail.com>
Date: Wed, 17 Jun 2015 16:41:36 +0300
Subject: [PATCH] Sanitize cert before saving #2687

---
 app/controllers/admin/certificates_controller.rb | 2 +-
 app/models/certificate.rb                        | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/app/controllers/admin/certificates_controller.rb b/app/controllers/admin/certificates_controller.rb
index c2b6b5cc9..bedf5094b 100644
--- a/app/controllers/admin/certificates_controller.rb
+++ b/app/controllers/admin/certificates_controller.rb
@@ -15,7 +15,7 @@ class Admin::CertificatesController < AdminController
     crt = certificate_params[:crt].open.read if certificate_params[:crt]
     csr = certificate_params[:csr].open.read if certificate_params[:csr]
 
-    @certificate = @api_user.certificates.build(csr: csr, crt: crt)
+    @certificate = @api_user.certificates.build(csr: Certificate.sanitize(csr), crt: Certificate.sanitize(crt))
     if @api_user.save
       flash[:notice] = I18n.t('record_created')
       redirect_to [:admin, @api_user, @certificate]
diff --git a/app/models/certificate.rb b/app/models/certificate.rb
index b354f87f2..f789a00df 100644
--- a/app/models/certificate.rb
+++ b/app/models/certificate.rb
@@ -132,6 +132,11 @@ class Certificate < ActiveRecord::Base
   end
 
   class << self
+    def sanitize(c)
+      return nil unless c
+      c.gsub("\r", '')
+    end
+
     def update_crl
       update_id_crl
       update_registry_crl