diff options
| author | Paul Berry <paul@puppetlabs.com> | 2010-11-29 16:32:41 -0800 |
|---|---|---|
| committer | Paul Berry <paul@puppetlabs.com> | 2010-11-30 12:03:57 -0800 |
| commit | beb85d65e4cced7691163add392f53ec58cb1a3d (patch) | |
| tree | 3db2c281fca6b507d90a5915afac9673e065c5b3 | |
| parent | 3063000155ddc475d1703d10cfc13770f687c3b2 (diff) | |
| download | puppet-beb85d65e4cced7691163add392f53ec58cb1a3d.tar.gz puppet-beb85d65e4cced7691163add392f53ec58cb1a3d.tar.xz puppet-beb85d65e4cced7691163add392f53ec58cb1a3d.zip | |
Maint: Moved auto-signing logic into an indirector extension
Autosigning was previously accomplished by overriding
CertificateRequest#save. This meant that it wouldn't work if
certificate requests were saved via a direct call to Indirection#save.
Changed it to use the indirector :extend mechanism, which works no
matter how the save is invoked.
| -rw-r--r-- | lib/puppet/ssl/certificate_request.rb | 24 | ||||
| -rwxr-xr-x | spec/unit/ssl/certificate_request_spec.rb | 8 |
2 files changed, 20 insertions, 12 deletions
diff --git a/lib/puppet/ssl/certificate_request.rb b/lib/puppet/ssl/certificate_request.rb index 2f6cae3f5..8c83339a1 100644 --- a/lib/puppet/ssl/certificate_request.rb +++ b/lib/puppet/ssl/certificate_request.rb @@ -5,7 +5,20 @@ class Puppet::SSL::CertificateRequest < Puppet::SSL::Base wraps OpenSSL::X509::Request extend Puppet::Indirector - indirects :certificate_request, :terminus_class => :file + + # If auto-signing is on, sign any certificate requests as they are saved. + module AutoSigner + def save(instance, key = nil) + super + + # Try to autosign the CSR. + if ca = Puppet::SSL::CertificateAuthority.instance + ca.autosign + end + end + end + + indirects :certificate_request, :terminus_class => :file, :extend => AutoSigner # Convert a string into an instance. def self.from_s(string) @@ -46,13 +59,4 @@ class Puppet::SSL::CertificateRequest < Puppet::SSL::Base Puppet.info "Certificate Request fingerprint (md5): #{fingerprint}" @content end - - def save(args = {}) - super() - - # Try to autosign the CSR. - if ca = Puppet::SSL::CertificateAuthority.instance - ca.autosign - end - end end diff --git a/spec/unit/ssl/certificate_request_spec.rb b/spec/unit/ssl/certificate_request_spec.rb index f37f9bae4..25b77b332 100755 --- a/spec/unit/ssl/certificate_request_spec.rb +++ b/spec/unit/ssl/certificate_request_spec.rb @@ -200,7 +200,9 @@ describe Puppet::SSL::CertificateRequest do Puppet::SSL::CertificateAuthority.expects(:instance).returns ca csr = Puppet::SSL::CertificateRequest.new("me") - Puppet::SSL::CertificateRequest.indirection.expects(:save).with(csr, nil) + terminus = mock 'terminus' + Puppet::SSL::CertificateRequest.indirection.expects(:prepare).returns(terminus) + terminus.expects(:save).with { |request| puts request.key.inspect; request.instance == csr && request.key == "me" } csr.save end @@ -211,7 +213,9 @@ describe Puppet::SSL::CertificateRequest do Puppet::SSL::CertificateAuthority.expects(:instance).returns nil csr = Puppet::SSL::CertificateRequest.new("me") - Puppet::SSL::CertificateRequest.indirection.expects(:save).with(csr, nil) + terminus = mock 'terminus' + Puppet::SSL::CertificateRequest.indirection.expects(:prepare).returns(terminus) + terminus.expects(:save).with { |request| puts request.key.inspect; request.instance == csr && request.key == "me" } csr.save end |