diff options
| author | Luke Kanies <luke@madstop.com> | 2008-04-19 14:59:11 -0500 |
|---|---|---|
| committer | Luke Kanies <luke@madstop.com> | 2008-04-19 14:59:11 -0500 |
| commit | d4813f1e03d96551e91b104e48b028fb4074d398 (patch) | |
| tree | 535b8ebeadc42be7e3d1bcc8679c1790a341ec19 | |
| parent | 809fc77bc767fb3acabc83d55183686200b1e384 (diff) | |
| download | puppet-d4813f1e03d96551e91b104e48b028fb4074d398.tar.gz puppet-d4813f1e03d96551e91b104e48b028fb4074d398.tar.xz puppet-d4813f1e03d96551e91b104e48b028fb4074d398.zip | |
Adding the last functionality needed for puppetca to use the Indirector.
This commit adds 'list' and 'print' support to the CA.
They're mostly delegator methods, but now the CA should be
the sole interface for puppetca.
| -rw-r--r-- | lib/puppet/ssl/certificate_authority.rb | 14 | ||||
| -rwxr-xr-x | spec/unit/ssl/certificate_authority.rb | 20 |
2 files changed, 34 insertions, 0 deletions
diff --git a/lib/puppet/ssl/certificate_authority.rb b/lib/puppet/ssl/certificate_authority.rb index 62e799ef6..2399c7204 100644 --- a/lib/puppet/ssl/certificate_authority.rb +++ b/lib/puppet/ssl/certificate_authority.rb @@ -96,6 +96,11 @@ class Puppet::SSL::CertificateAuthority return pass end + # List all signed certificates. + def list + Puppet::SSL::Certificate.search("*").collect { |c| c.name } + end + # Read the next serial from the serial file, and increment the # file so this one is considered used. def next_serial @@ -119,6 +124,15 @@ class Puppet::SSL::CertificateAuthority FileTest.exist? Puppet[:capass] end + # Print a given host's certificate as text. + def print(name) + if cert = Puppet::SSL::Certificate.find(name) + return cert.to_text + else + return nil + end + end + # Revoke a given certificate. def revoke(name) raise ArgumentError, "Cannot revoke certificates when the CRL is disabled" unless crl diff --git a/spec/unit/ssl/certificate_authority.rb b/spec/unit/ssl/certificate_authority.rb index a4d8568fe..50f8cec9a 100755 --- a/spec/unit/ssl/certificate_authority.rb +++ b/spec/unit/ssl/certificate_authority.rb @@ -400,6 +400,26 @@ describe Puppet::SSL::CertificateAuthority do @ca.should respond_to(:verify) end + it "should list certificates as the sorted list of all existing signed certificates" do + cert1 = stub 'cert1', :name => "cert1" + cert2 = stub 'cert2', :name => "cert2" + Puppet::SSL::Certificate.expects(:search).with("*").returns [cert1, cert2] + @ca.list.should == %w{cert1 cert2} + end + + describe "and printing certificates" do + it "should return nil if the certificate cannot be found" do + Puppet::SSL::Certificate.expects(:find).with("myhost").returns nil + @ca.print("myhost").should be_nil + end + + it "should print certificates by calling :to_text on the host's certificate" do + cert1 = stub 'cert1', :name => "cert1", :to_text => "mytext" + Puppet::SSL::Certificate.expects(:find).with("myhost").returns cert1 + @ca.print("myhost").should == "mytext" + end + end + describe "and verifying certificates" do before do @store = stub 'store', :verify => true, :add_file => nil, :purpose= => nil, :add_crl => true |