Class: Puppet::SSL::CertificateAuthority::Interface

Inherits:

Object

• Object
• Puppet::SSL::CertificateAuthority::Interface

Defined in:

lib/puppet/ssl/certificate_authority/interface.rb

Defined Under Namespace

Classes: InterfaceError

Constant Summary

INTERFACE_METHODS =

[:destroy, :list, :revoke, :generate, :sign, :print, :verify, :fingerprint]

Instance Attribute Summary

• #digest ⇒ Object readonly

  Returns the value of attribute digest.

• #method ⇒ Object

  Returns the value of attribute method.

• #subjects ⇒ Object

  Returns the value of attribute subjects.

Instance Method Summary

• #apply(ca) ⇒ Object

  Actually perform the work.

• #fingerprint(ca) ⇒ Object

  Print certificate information.

• #generate(ca) ⇒ Object
• #initialize(method, options) ⇒ Interface constructor

  A new instance of Interface.

• #list(ca) ⇒ Object

  List the hosts.

• #print(ca) ⇒ Object

  Print certificate information.

• #sign(ca) ⇒ Object

  Sign a given certificate.

Constructor Details

#initialize(method, options) ⇒ Interface

Returns a new instance of Interface.

# File 'lib/puppet/ssl/certificate_authority/interface.rb', line 42

def initialize(method, options)
  self.method = method
  self.subjects = options[:to]
  @digest = options[:digest] || :MD5
end

Instance Attribute Details

#digest ⇒ Object (readonly)

Returns the value of attribute digest.

# File 'lib/puppet/ssl/certificate_authority/interface.rb', line 12

def digest
  @digest
end

#method ⇒ Object

Returns the value of attribute method.

# File 'lib/puppet/ssl/certificate_authority/interface.rb', line 12

def method
  @method
end

#subjects ⇒ Object

Returns the value of attribute subjects.

# File 'lib/puppet/ssl/certificate_authority/interface.rb', line 12

def subjects
  @subjects
end

Instance Method Details

#apply(ca) ⇒ Object

Actually perform the work.

# File 'lib/puppet/ssl/certificate_authority/interface.rb', line 15

def apply(ca)
  unless subjects or method == :list
    raise ArgumentError, "You must provide hosts or :all when using #{method}"
  end

  begin
    return send(method, ca) if respond_to?(method)

    (subjects == :all ? ca.list : subjects).each do |host|
      ca.send(method, host)
    end
  rescue InterfaceError
    raise
  rescue => detail
    puts detail.backtrace if Puppet[:trace]
    Puppet.err "Could not call #{method}: #{detail}"
  end
end

#fingerprint(ca) ⇒ Object

Print certificate information.

# File 'lib/puppet/ssl/certificate_authority/interface.rb', line 101

def fingerprint(ca)
  (subjects == :all ? ca.list + ca.waiting?: subjects).each do |host|
    if value = ca.fingerprint(host, @digest)
      puts "#{host} #{value}"
    else
      Puppet.err "Could not find certificate for #{host}"
    end
  end
end

#generate(ca) ⇒ Object

Raises:

• (InterfaceError)

# File 'lib/puppet/ssl/certificate_authority/interface.rb', line 34

def generate(ca)
  raise InterfaceError, "It makes no sense to generate all hosts; you must specify a list" if subjects == :all

  subjects.each do |host|
    ca.generate(host)
  end
end

#list(ca) ⇒ Object

List the hosts.

# File 'lib/puppet/ssl/certificate_authority/interface.rb', line 49

def list(ca)
  unless subjects
    puts ca.waiting?.join("\n")
    return nil
  end

  signed = ca.list
  requests = ca.waiting?

  if subjects == :all
    hosts = [signed, requests].flatten
  elsif subjects == :signed
    hosts = signed.flatten
  else
    hosts = subjects
  end

  hosts.uniq.sort.each do |host|
    invalid = false
    begin
      ca.verify(host) unless requests.include?(host)
    rescue Puppet::SSL::CertificateAuthority::CertificateVerificationError => details
      invalid = details.to_s
    end
    if not invalid and signed.include?(host)
      puts "+ #{host} (#{ca.fingerprint(host, @digest)})"
    elsif invalid
      puts "- #{host} (#{ca.fingerprint(host, @digest)}) (#{invalid})"
    else
      puts "#{host} (#{ca.fingerprint(host, @digest)})"
    end
  end
end

#print(ca) ⇒ Object

Print certificate information.

# File 'lib/puppet/ssl/certificate_authority/interface.rb', line 90

def print(ca)
  (subjects == :all ? ca.list  : subjects).each do |host|
    if value = ca.print(host)
      puts value
    else
      Puppet.err "Could not find certificate for #{host}"
    end
  end
end

#sign(ca) ⇒ Object

Sign a given certificate.

Raises:

• (InterfaceError)

# File 'lib/puppet/ssl/certificate_authority/interface.rb', line 112

def sign(ca)
  list = subjects == :all ? ca.waiting? : subjects
  raise InterfaceError, "No waiting certificate requests to sign" if list.empty?
  list.each do |host|
    ca.sign(host)
  end
end