Class: Puppet::Util::Windows::RootCerts

Inherits:

Object

Object
Puppet::Util::Windows::RootCerts

show all

Extended by:: FFI::Library

Includes:: Enumerable

Defined in:: lib/puppet/util/windows/root_certs.rb

Overview

Represents a collection of trusted root certificates.

Defined Under Namespace

Classes: CERT_CONTEXT

Class Method Summary collapse

.instance ⇒ Puppet::Util::Windows::RootCerts

Returns a new instance.
.load_certs ⇒ Array<[OpenSSL::X509::Certificate]> private

Returns an array of root certificates.

Instance Method Summary collapse

#each {|cert| ... } ⇒ Object

Enumerates each root certificate.
#initialize(roots) ⇒ RootCerts constructor

A new instance of RootCerts.

Methods included from FFI::Library

attach_function_private

Methods included from Enumerable

#uniq

Constructor Details

#initialize(roots) ⇒ `RootCerts`

Returns a new instance of RootCerts.



12
13
14

# File 'lib/puppet/util/windows/root_certs.rb', line 12

def initialize(roots)
  @roots = roots
end

Class Method Details

.instance ⇒ `Puppet::Util::Windows::RootCerts`

Returns a new instance.

Returns:

(Puppet::Util::Windows::RootCerts) —

object constructed from current root certificates



25
26
27

# File 'lib/puppet/util/windows/root_certs.rb', line 25

def self.instance
  new(self.load_certs)
end

.load_certs ⇒ `Array<[OpenSSL::X509::Certificate]>`

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns an array of root certificates.

Returns:

(Array<[OpenSSL::X509::Certificate]>) —

an array of root certificates

# File 'lib/puppet/util/windows/root_certs.rb', line 33

def self.load_certs
  certs = []

  # This is based on a patch submitted to openssl:
  # https://www.mail-archive.com/[email protected]/msg26958.html
  ptr = FFI::Pointer::NULL
  store = CertOpenSystemStoreA(nil, "ROOT")
  begin
    while (ptr = CertEnumCertificatesInStore(store, ptr)) and not ptr.null?
      context = CERT_CONTEXT.new(ptr)
      cert_buf = context[:pbCertEncoded].read_bytes(context[:cbCertEncoded])
      begin
        certs << OpenSSL::X509::Certificate.new(cert_buf)
      rescue => detail
        Puppet.warning(_("Failed to import root certificate: %{detail}") % { detail: detail.inspect })
      end
    end
  ensure
    CertCloseStore(store, 0)
  end

  certs
end

Instance Method Details

#each {|cert| ... } ⇒ `Object`

Enumerates each root certificate.

Yield Parameters:

cert (OpenSSL::X509::Certificate) —

each root certificate



19
20
21

# File 'lib/puppet/util/windows/root_certs.rb', line 19

def each
  @roots.each {|cert| yield cert}
end