summaryrefslogtreecommitdiffstats
path: root/lib/puppet/ssl
diff options
context:
space:
mode:
authorLuke Kanies <luke@madstop.com>2008-04-15 21:28:57 -0500
committerLuke Kanies <luke@madstop.com>2008-04-15 21:34:07 -0500
commit054e4e431a145737c42d767249f1b94685c9a6d7 (patch)
tree10037d7b41d0ebc56e8489534c2b8586944f8fd6 /lib/puppet/ssl
parent6900f9776a7875ea13cbb5fe1f2eaa48fe05e667 (diff)
downloadpuppet-054e4e431a145737c42d767249f1b94685c9a6d7.tar.gz
puppet-054e4e431a145737c42d767249f1b94685c9a6d7.tar.xz
puppet-054e4e431a145737c42d767249f1b94685c9a6d7.zip
Making the first pass at using requests instead of
specifying the terminus class. The individual ssl classes now work, but the ssl host class doesn't yet.
Diffstat (limited to 'lib/puppet/ssl')
-rw-r--r--lib/puppet/ssl/base.rb1
-rw-r--r--lib/puppet/ssl/certificate.rb28
-rw-r--r--lib/puppet/ssl/certificate_request.rb2
-rw-r--r--lib/puppet/ssl/indirection_hooks.rb17
-rw-r--r--lib/puppet/ssl/key.rb2
5 files changed, 8 insertions, 42 deletions
diff --git a/lib/puppet/ssl/base.rb b/lib/puppet/ssl/base.rb
index 674330373..ab040152d 100644
--- a/lib/puppet/ssl/base.rb
+++ b/lib/puppet/ssl/base.rb
@@ -1,5 +1,4 @@
require 'puppet/ssl'
-require 'puppet/ssl/indirection_hooks'
# The base class for wrapping SSL instances.
class Puppet::SSL::Base
diff --git a/lib/puppet/ssl/certificate.rb b/lib/puppet/ssl/certificate.rb
index 697b2e785..9b1e2a79a 100644
--- a/lib/puppet/ssl/certificate.rb
+++ b/lib/puppet/ssl/certificate.rb
@@ -1,12 +1,16 @@
require 'puppet/ssl/base'
-# Manage certificates themselves.
+# Manage certificates themselves. This class has no
+# 'generate' method because the CA is responsible
+# for turning CSRs into certificates; we can only
+# retrieve them from the CA (or not, as is often
+# the case).
class Puppet::SSL::Certificate < Puppet::SSL::Base
# This is defined from the base class
wraps OpenSSL::X509::Certificate
extend Puppet::Indirector
- indirects :certificate, :extend => Puppet::SSL::IndirectionHooks
+ indirects :certificate
# Indicate where we should get our signed certs from.
def self.ca_is(dest)
@@ -22,24 +26,4 @@ class Puppet::SSL::Certificate < Puppet::SSL::Base
:local
end
end
-
- # Request a certificate from our CA.
- def generate(request)
- if self.class.ca_location == :local
- terminus = :ca_file
- else
- terminus = :rest
- end
-
- # Save our certificate request.
- request.save :in => terminus
-
- # And see if we can retrieve the certificate.
- if cert = self.class.find(name, :in => terminus)
- @content = cert.content
- return true
- else
- return false
- end
- end
end
diff --git a/lib/puppet/ssl/certificate_request.rb b/lib/puppet/ssl/certificate_request.rb
index e8cbbbade..4ca6d9899 100644
--- a/lib/puppet/ssl/certificate_request.rb
+++ b/lib/puppet/ssl/certificate_request.rb
@@ -5,7 +5,7 @@ class Puppet::SSL::CertificateRequest < Puppet::SSL::Base
wraps OpenSSL::X509::Request
extend Puppet::Indirector
- indirects :certificate_request, :extend => Puppet::SSL::IndirectionHooks
+ indirects :certificate_request
# How to create a certificate request with our system defaults.
def generate(key)
diff --git a/lib/puppet/ssl/indirection_hooks.rb b/lib/puppet/ssl/indirection_hooks.rb
deleted file mode 100644
index c2a3442c0..000000000
--- a/lib/puppet/ssl/indirection_hooks.rb
+++ /dev/null
@@ -1,17 +0,0 @@
-#
-# Created by Luke Kanies on 2008-3-10.
-# Copyright (c) 2008. All rights reserved.
-
-require 'uri'
-require 'puppet/ssl'
-
-# This module is used to pick the appropriate terminus
-# in certificate indirections. This is necessary because
-# we need the ability to choose between interacting with the CA
-# or the local certs.
-module Puppet::SSL::IndirectionHooks
- # Pick an appropriate terminus based on what's specified, defaulting to :file.
- def select_terminus(full_uri, options = {})
- return options[:to] || options[:in] || :file
- end
-end
diff --git a/lib/puppet/ssl/key.rb b/lib/puppet/ssl/key.rb
index 65294ac00..124d4c2d7 100644
--- a/lib/puppet/ssl/key.rb
+++ b/lib/puppet/ssl/key.rb
@@ -6,7 +6,7 @@ class Puppet::SSL::Key < Puppet::SSL::Base
wraps OpenSSL::PKey::RSA
extend Puppet::Indirector
- indirects :key, :terminus_class => :file
+ indirects :key
attr_reader :password_file