Module: Puppet::SSLCertificates::Support

Included in:: Network::Client, Network::HTTPServer::WEBrick

Defined in:: lib/puppet/sslcertificates/support.rb

Overview

A module to handle reading of certificates.

Defined Under Namespace

Classes: InvalidCertificate, MissingCertificate

Instance Attribute Summary collapse

#cacert ⇒ Object readonly

Returns the value of attribute cacert.

Class Method Summary collapse

.keytype(name, options, &block) ⇒ Object

Some metaprogramming to create methods for retrieving and creating keys.

Instance Method Summary collapse

#rename_files_with_uppercase(file) ⇒ Object

A hack method to deal with files that exist with a different case.
#requestcert ⇒ Object

Request a certificate from the remote system.

Instance Attribute Details

#cacert ⇒ `Object` (readonly)

Returns the value of attribute cacert.



8
9
10

# File 'lib/puppet/sslcertificates/support.rb', line 8

def cacert
  @cacert
end

Class Method Details

.keytype(name, options, &block) ⇒ `Object`

Some metaprogramming to create methods for retrieving and creating keys. This probably isn’t fewer lines than defining each separately…

# File 'lib/puppet/sslcertificates/support.rb', line 12

def self.keytype(name, options, &block)
  var = "@#{name}"

  maker = "mk_#{name}"
  reader = "read_#{name}"

  unless param = options[:param]
    raise ArgumentError, "You must specify the parameter for the key"
  end

  unless klass = options[:class]
    raise ArgumentError, "You must specify the class for the key"
  end

  # Define the method that creates it.
  define_method(maker, &block)

  # Define the reading method.
  define_method(reader) do
    return nil unless FileTest.exists?(Puppet[param]) or rename_files_with_uppercase(Puppet[param])

    begin
      instance_variable_set(var, klass.new(File.read(Puppet[param])))
    rescue => detail
      raise InvalidCertificate, "Could not read #{param}: #{detail}"
    end
  end

  # Define the overall method, which just calls the reader and maker
  # as appropriate.
  define_method(name) do
    unless cert = instance_variable_get(var)
      unless cert = send(reader)
        cert = send(maker)
        Puppet.settings.write(param) { |f| f.puts cert.to_pem }
      end
      instance_variable_set(var, cert)
    end
    cert
  end
end

Instance Method Details

#rename_files_with_uppercase(file) ⇒ `Object`

A hack method to deal with files that exist with a different case. Just renames it; doesn’t read it in or anything.

Raises:

(ArgumentError)

# File 'lib/puppet/sslcertificates/support.rb', line 122

def rename_files_with_uppercase(file)
  dir = File.dirname(file)
  short = File.basename(file)

  # If the dir isn't present, we clearly don't have the file.
  #return nil unless FileTest.directory?(dir)

  raise ArgumentError, "Tried to fix SSL files to a file containing uppercase" unless short.downcase == short

  return false unless File.directory?(dir)

  real_file = Dir.entries(dir).reject { |f| f =~ /^\./ }.find do |other|
    other.downcase == short
  end

  return nil unless real_file

  full_file = File.join(dir, real_file)

  Puppet.notice "Fixing case in #{full_file}; renaming to #{file}"
  File.rename(full_file, file)

  true
end

#requestcert ⇒ `Object`

Request a certificate from the remote system. This does all of the work of creating the cert request, contacting the remote system, and storing the cert locally.