Class: Conjur::Command::Init

Inherits:
Conjur::Command show all
Defined in:
lib/conjur/command/init.rb

Class Method Summary collapse

Methods inherited from Conjur::Command

acting_as_option, annotate_option, api, api=, assert_empty, collection_option, command, command_impl_for_list, command_options_for_list, context_option, current_role, current_user, destination_role, display, display_members, elevated?, give_away_resource, has_admin?, hide_docs, integer?, interactive_option, method_missing, min_version, prompt_for_annotations, prompt_for_group, prompt_for_id, prompt_for_idnumber, prompt_for_password, prompt_for_public_key, prompt_to_confirm, read_till_eof, require_arg, retire_internal_role, retire_options, retire_resource, retire_role, validate_privileges, validate_public_key, validate_retire_privileges

Methods included from IdentifierManipulation

#conjur_account, #full_resource_id, #get_kind_and_id_from_args

Class Method Details

.configure_cert_store(certificate) ⇒ Object 



128
129
130
131
132
133
134
 
# File 'lib/conjur/command/init.rb', line 128

def self.configure_cert_store certificate
  unless certificate.blank?
    cert_file = Tempfile.new("conjur_cert")
    File.write cert_file.path, certificate
    OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE.add_file cert_file.path
  end
end

.get_certificate(connect_hostname) ⇒ Object 



136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
 
# File 'lib/conjur/command/init.rb', line 136

def self.get_certificate connect_hostname
  include OpenSSL::SSL
  host, port = connect_hostname.split ':'
  port ||= 443

  sock = TCPSocket.new host, port.to_i
  ssock = SSLSocket.new sock
  ssock.connect
  chain = ssock.peer_cert_chain
  cert = chain.first
  fp = Digest::SHA1.digest cert.to_der

  # convert to hex, then split into bytes with :
  hexfp = (fp.unpack 'H*').first.upcase.scan(/../).join(':')

  ["SHA1 Fingerprint=#{hexfp}", chain.map(&:to_pem).join]
rescue
  exit_now! "Unable to retrieve certificate from #{connect_hostname}"
ensure
  ssock.close if ssock
  sock.close if sock
end

.write_file(filename, force, &block) ⇒ Object 



28
29
30
31
32
33
34
35
36
37
38
 
# File 'lib/conjur/command/init.rb', line 28

def self.write_file(filename, force, &block)
  if File.exists?(filename)
    unless force
      force = true if highline.ask("File #{filename} exists. Overwrite (yes/no): ").strip == "yes"
    end
    exit_now! "Not overwriting #{filename}" unless force
  end
  File.open(filename, 'w') do |f|
    yield f
  end
end