diff options
author | Luke Kanies <luke@madstop.com> | 2008-04-15 21:28:57 -0500 |
---|---|---|
committer | Luke Kanies <luke@madstop.com> | 2008-04-15 21:34:07 -0500 |
commit | 054e4e431a145737c42d767249f1b94685c9a6d7 (patch) | |
tree | 10037d7b41d0ebc56e8489534c2b8586944f8fd6 /lib/puppet/ssl | |
parent | 6900f9776a7875ea13cbb5fe1f2eaa48fe05e667 (diff) | |
download | puppet-054e4e431a145737c42d767249f1b94685c9a6d7.tar.gz puppet-054e4e431a145737c42d767249f1b94685c9a6d7.tar.xz puppet-054e4e431a145737c42d767249f1b94685c9a6d7.zip |
Making the first pass at using requests instead of
specifying the terminus class. The individual ssl
classes now work, but the ssl host class doesn't yet.
Diffstat (limited to 'lib/puppet/ssl')
-rw-r--r-- | lib/puppet/ssl/base.rb | 1 | ||||
-rw-r--r-- | lib/puppet/ssl/certificate.rb | 28 | ||||
-rw-r--r-- | lib/puppet/ssl/certificate_request.rb | 2 | ||||
-rw-r--r-- | lib/puppet/ssl/indirection_hooks.rb | 17 | ||||
-rw-r--r-- | lib/puppet/ssl/key.rb | 2 |
5 files changed, 8 insertions, 42 deletions
diff --git a/lib/puppet/ssl/base.rb b/lib/puppet/ssl/base.rb index 674330373..ab040152d 100644 --- a/lib/puppet/ssl/base.rb +++ b/lib/puppet/ssl/base.rb @@ -1,5 +1,4 @@ require 'puppet/ssl' -require 'puppet/ssl/indirection_hooks' # The base class for wrapping SSL instances. class Puppet::SSL::Base diff --git a/lib/puppet/ssl/certificate.rb b/lib/puppet/ssl/certificate.rb index 697b2e785..9b1e2a79a 100644 --- a/lib/puppet/ssl/certificate.rb +++ b/lib/puppet/ssl/certificate.rb @@ -1,12 +1,16 @@ require 'puppet/ssl/base' -# Manage certificates themselves. +# Manage certificates themselves. This class has no +# 'generate' method because the CA is responsible +# for turning CSRs into certificates; we can only +# retrieve them from the CA (or not, as is often +# the case). class Puppet::SSL::Certificate < Puppet::SSL::Base # This is defined from the base class wraps OpenSSL::X509::Certificate extend Puppet::Indirector - indirects :certificate, :extend => Puppet::SSL::IndirectionHooks + indirects :certificate # Indicate where we should get our signed certs from. def self.ca_is(dest) @@ -22,24 +26,4 @@ class Puppet::SSL::Certificate < Puppet::SSL::Base :local end end - - # Request a certificate from our CA. - def generate(request) - if self.class.ca_location == :local - terminus = :ca_file - else - terminus = :rest - end - - # Save our certificate request. - request.save :in => terminus - - # And see if we can retrieve the certificate. - if cert = self.class.find(name, :in => terminus) - @content = cert.content - return true - else - return false - end - end end diff --git a/lib/puppet/ssl/certificate_request.rb b/lib/puppet/ssl/certificate_request.rb index e8cbbbade..4ca6d9899 100644 --- a/lib/puppet/ssl/certificate_request.rb +++ b/lib/puppet/ssl/certificate_request.rb @@ -5,7 +5,7 @@ class Puppet::SSL::CertificateRequest < Puppet::SSL::Base wraps OpenSSL::X509::Request extend Puppet::Indirector - indirects :certificate_request, :extend => Puppet::SSL::IndirectionHooks + indirects :certificate_request # How to create a certificate request with our system defaults. def generate(key) diff --git a/lib/puppet/ssl/indirection_hooks.rb b/lib/puppet/ssl/indirection_hooks.rb deleted file mode 100644 index c2a3442c0..000000000 --- a/lib/puppet/ssl/indirection_hooks.rb +++ /dev/null @@ -1,17 +0,0 @@ -# -# Created by Luke Kanies on 2008-3-10. -# Copyright (c) 2008. All rights reserved. - -require 'uri' -require 'puppet/ssl' - -# This module is used to pick the appropriate terminus -# in certificate indirections. This is necessary because -# we need the ability to choose between interacting with the CA -# or the local certs. -module Puppet::SSL::IndirectionHooks - # Pick an appropriate terminus based on what's specified, defaulting to :file. - def select_terminus(full_uri, options = {}) - return options[:to] || options[:in] || :file - end -end diff --git a/lib/puppet/ssl/key.rb b/lib/puppet/ssl/key.rb index 65294ac00..124d4c2d7 100644 --- a/lib/puppet/ssl/key.rb +++ b/lib/puppet/ssl/key.rb @@ -6,7 +6,7 @@ class Puppet::SSL::Key < Puppet::SSL::Base wraps OpenSSL::PKey::RSA extend Puppet::Indirector - indirects :key, :terminus_class => :file + indirects :key attr_reader :password_file |