diff options
| author | Markus Roberts <Markus@reality.com> | 2010-03-29 17:16:05 -0700 |
|---|---|---|
| committer | test branch <puppet-dev@googlegroups.com> | 2010-02-17 06:50:53 -0800 |
| commit | 49be54e5d4c5c19ec1f7e5e454666bb59ebfe88f (patch) | |
| tree | a3efe74b49b771200e9a45b59961266083107434 /lib/puppet/sslcertificates | |
| parent | e69b7db9124b9b1cd65ab89a2f5c6968928f256d (diff) | |
| download | puppet-49be54e5d4c5c19ec1f7e5e454666bb59ebfe88f.tar.gz puppet-49be54e5d4c5c19ec1f7e5e454666bb59ebfe88f.tar.xz puppet-49be54e5d4c5c19ec1f7e5e454666bb59ebfe88f.zip | |
Revert the guts of #2890
This patch reverts the semantically significant parts of #2890 due to the
issues discussed on #3360 (security concerns when used with autosign,
inconsistency between REST & XMLRPC semantics) but leaves the semantically
neutral changes (code cleanup, added tests) in place.
This patch is intended for 0.25.x, but may also be applied as a step in the
resolution of #3450 (refactored #2890, add "remove_certs" flag) in Rolwf.
Diffstat (limited to 'lib/puppet/sslcertificates')
| -rw-r--r-- | lib/puppet/sslcertificates/ca.rb | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/lib/puppet/sslcertificates/ca.rb b/lib/puppet/sslcertificates/ca.rb index f9efc02f7..f6bcbc1f7 100644 --- a/lib/puppet/sslcertificates/ca.rb +++ b/lib/puppet/sslcertificates/ca.rb @@ -278,13 +278,12 @@ class Puppet::SSLCertificates::CA host = thing2name(csr) csrfile = host2csrfile(host) - raise Puppet::Error, "Certificate request for #{host} already exists" if File.exists?(csrfile) - Puppet.settings.writesub(:csrdir, csrfile) { |f| f.print csr.to_pem } + if File.exists?(csrfile) + raise Puppet::Error, "Certificate request for %s already exists" % host + end - certfile = host2certfile(host) - if File.exists?(certfile) - Puppet.notice "Removing previously signed certificate #{certfile} for #{host}" - Puppet::SSLCertificates::Inventory::rebuild + Puppet.settings.writesub(:csrdir, csrfile) do |f| + f.print csr.to_pem end end |