Class: Conjur::Command::Init
Class Method Summary
collapse
acting_as_option, annotate_option, api, api=, assert_empty, collection_option, command, command_impl_for_list, command_options_for_list, context_option, current_role, current_user, destination_role, display, display_members, elevated?, give_away_resource, has_admin?, hide_docs, integer?, interactive_option, method_missing, min_version, prompt_for_annotations, prompt_for_group, prompt_for_id, prompt_for_idnumber, prompt_for_password, prompt_for_public_key, prompt_to_confirm, read_till_eof, require_arg, retire_internal_role, retire_options, retire_resource, retire_role, validate_privileges, validate_public_key, validate_retire_privileges
#conjur_account, #full_resource_id, #get_kind_and_id_from_args
Class Method Details
128
129
130
131
132
133
134
|
# File 'lib/conjur/command/init.rb', line 128
def self.configure_cert_store certificate
unless certificate.blank?
cert_file = Tempfile.new("conjur_cert")
File.write cert_file.path, certificate
OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE.add_file cert_file.path
end
end
|
.get_certificate(connect_hostname) ⇒ Object
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
|
# File 'lib/conjur/command/init.rb', line 136
def self.get_certificate connect_hostname
include OpenSSL::SSL
host, port = connect_hostname.split ':'
port ||= 443
sock = TCPSocket.new host, port.to_i
ssock = SSLSocket.new sock
ssock.connect
chain = ssock.peer_cert_chain
cert = chain.first
fp = Digest::SHA1.digest cert.to_der
hexfp = (fp.unpack 'H*').first.upcase.scan(/../).join(':')
["SHA1 Fingerprint=#{hexfp}", chain.map(&:to_pem).join]
rescue
exit_now! "Unable to retrieve certificate from #{connect_hostname}"
ensure
ssock.close if ssock
sock.close if sock
end
|
.write_file(filename, force, &block) ⇒ Object
28
29
30
31
32
33
34
35
36
37
38
|
# File 'lib/conjur/command/init.rb', line 28
def self.write_file(filename, force, &block)
if File.exists?(filename)
unless force
force = true if highline.ask("File #{filename} exists. Overwrite (yes/no): ").strip == "yes"
end
exit_now! "Not overwriting #{filename}" unless force
end
File.open(filename, 'w') do |f|
yield f
end
end
|