Class: Puppet::Util::Windows::RootCerts

Inherits:
Object
  • Object
show all
Extended by:
FFI::Library
Includes:
Enumerable
Defined in:
lib/puppet/util/windows/root_certs.rb

Overview

Represents a collection of trusted root certificates.

Defined Under Namespace

Classes: CERT_CONTEXT

Class Method Summary collapse

Instance Method Summary collapse

Methods included from FFI::Library

attach_function_private

Methods included from Enumerable

#uniq

Constructor Details

#initialize(roots) ⇒ RootCerts

Returns a new instance of RootCerts


12
13
14
# File 'lib/puppet/util/windows/root_certs.rb', line 12

def initialize(roots)
  @roots = roots
end

Class Method Details

.instancePuppet::Util::Windows::RootCerts

Returns a new instance.


25
26
27
# File 'lib/puppet/util/windows/root_certs.rb', line 25

def self.instance
  new(self.load_certs)
end

.load_certsArray<[OpenSSL::X509::Certificate]>

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns an array of root certificates.


33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
# File 'lib/puppet/util/windows/root_certs.rb', line 33

def self.load_certs
  certs = []

  # This is based on a patch submitted to openssl:
  # https://www.mail-archive.com/[email protected]/msg26958.html
  ptr = FFI::Pointer::NULL
  store = CertOpenSystemStoreA(nil, "ROOT")
  begin
    while (ptr = CertEnumCertificatesInStore(store, ptr)) and not ptr.null?
      context = CERT_CONTEXT.new(ptr)
      cert_buf = context[:pbCertEncoded].read_bytes(context[:cbCertEncoded])
      begin
        certs << OpenSSL::X509::Certificate.new(cert_buf)
      rescue => detail
        Puppet.warning(_("Failed to import root certificate: %{detail}") % { detail: detail.inspect })
      end
    end
  ensure
    CertCloseStore(store, 0)
  end

  certs
end

Instance Method Details

#each {|cert| ... } ⇒ Object

Enumerates each root certificate.

Yield Parameters:


19
20
21
# File 'lib/puppet/util/windows/root_certs.rb', line 19

def each
  @roots.each {|cert| yield cert}
end