The certificate and key are now correctly interacting

with the existing cert/key store.  Certificate requests
are not yet handled, nor are the ca-specific collections.

3 files changed, 30 insertions, 26 deletions

diff --git a/lib/puppet/indirector/key/file.rb b/lib/puppet/indirector/key/file.rb
index d4f39ac2e..9efcd1a31 100644
--- a/lib/puppet/indirector/key/file.rb
+++ b/lib/puppet/indirector/key/file.rb
@@ -1,40 +1,36 @@
-require 'puppet/indirector/file'
+require 'puppet/indirector/ssl_file'
 require 'puppet/ssl/key'
 
-class Puppet::SSL::Key::File < Puppet::Indirector::File
+class Puppet::SSL::Key::File < Puppet::Indirector::SslFile
     desc "Manage SSL private and public keys on disk."
 
-    def path(name)
-        if name == :ca
-            Puppet.settings[:cakey]
-        else
-            File.join(Puppet.settings[:privatekeydir], name.to_s + ".pem")
-        end
-    end
+    store_in :privatekeydir
 
     def public_key_path(name)
-        if name == :ca
-            Puppet.settings[:capub]
-        else
-            File.join(Puppet.settings[:publickeydir], name.to_s + ".pem")
-        end
+        File.join(Puppet[:publickeydir], name.to_s + ".pem")
     end
 
-    def save(key)
-        # Save the private key
-        File.open(path(key.name), "w") { |f| f.print key.to_pem }
+    # Remove the public key, in addition to the private key
+    def destroy(key)
+        super
 
-        # Now save the public key
-        File.open(public_key_path(name), "w") { |f| f.print key.to_pem }
-    end
+        return unless FileTest.exist?(public_key_path(key.name))
 
-    def find(name)
-        return nil unless FileTest.exist?(path(name))
-        OpenSSL::PKey::RSA.new(File.read(path(name)))
+        begin
+            File.unlink(public_key_path(key.name))
+        rescue => detail
+            raise Puppet::Error, "Could not remove %s public key: %s" % [key.name, detail]
+        end
     end
 
-    def destroy(name)
-        return nil unless FileTest.exist?(path(name))
-        File.unlink(path(name)) and true
+    # Save the public key, in addition to the private key.
+    def save(key)
+        super
+
+        begin
+            File.open(public_key_path(key.name), "w") { |f| f.print key.content.public_key.to_pem }
+        rescue => detail
+            raise Puppet::Error, "Could not write %s: %s" % [key, detail]
+        end
     end
 end
diff --git a/lib/puppet/indirector/ssl_file.rb b/lib/puppet/indirector/ssl_file.rb
index 50e9eb8df..6125d46e4 100644
--- a/lib/puppet/indirector/ssl_file.rb
+++ b/lib/puppet/indirector/ssl_file.rb
@@ -9,6 +9,7 @@ class Puppet::Indirector::SslFile < Puppet::Indirector::Terminus
         attr_reader :directory_setting
     end
 
+    # The full path to where we should store our files.
     def self.collection_directory
         raise(Puppet::DevError, "No setting defined for %s" % self) unless @directory_setting
         Puppet.settings[@directory_setting]
@@ -23,6 +24,7 @@ class Puppet::Indirector::SslFile < Puppet::Indirector::Terminus
         File.join(collection_directory, name.to_s + ".pem")
     end
 
+    # Remove our file.
     def destroy(file)
         path = path(file.name)
         raise Puppet::Error.new("File %s does not exist; cannot destroy" % [file]) unless FileTest.exist?(path)
@@ -34,6 +36,7 @@ class Puppet::Indirector::SslFile < Puppet::Indirector::Terminus
         end
     end
 
+    # Find the file on disk, returning an instance of the model.
     def find(name)
         path = path(name)
 
@@ -44,6 +47,7 @@ class Puppet::Indirector::SslFile < Puppet::Indirector::Terminus
         result
     end
 
+    # Save our file to disk.
     def save(file)
         path = path(file.name)
         dir = File.dirname(path)
@@ -60,6 +64,7 @@ class Puppet::Indirector::SslFile < Puppet::Indirector::Terminus
 
     private
 
+    # A demeterish pointer to the collection directory.
     def collection_directory
         self.class.collection_directory
     end
diff --git a/lib/puppet/ssl.rb b/lib/puppet/ssl.rb
index ae8f0abea..68c65ca80 100644
--- a/lib/puppet/ssl.rb
+++ b/lib/puppet/ssl.rb
@@ -1,3 +1,6 @@
 # Just to make the constants work out.
+require 'puppet'
+require 'openssl'
+
 module Puppet::SSL # :nodoc:
 end