Making the first pass at using requests instead of

specifying the terminus class.  The individual ssl
classes now work, but the ssl host class doesn't yet.

8 files changed, 30 insertions, 64 deletions

diff --git a/lib/puppet/indirector/certificate_request/ca_file.rb b/lib/puppet/indirector/certificate_request/ca_file.rb
index 24c262ef3..8c43f18d8 100644
--- a/lib/puppet/indirector/certificate_request/ca_file.rb
+++ b/lib/puppet/indirector/certificate_request/ca_file.rb
@@ -6,9 +6,9 @@ class Puppet::SSL::CertificateRequest::CaFile < Puppet::Indirector::SslFile
 
     store_in :csrdir
 
-    def save(instance, *args)
+    def save(request)
         result = super
-        Puppet.notice "%s has a waiting certificate request" % instance.name
+        Puppet.notice "%s has a waiting certificate request" % request.key
         result
     end
 end
diff --git a/lib/puppet/indirector/key/file.rb b/lib/puppet/indirector/key/file.rb
index 03e94ed2d..41d30a2d4 100644
--- a/lib/puppet/indirector/key/file.rb
+++ b/lib/puppet/indirector/key/file.rb
@@ -11,24 +11,24 @@ class Puppet::SSL::Key::File < Puppet::Indirector::SslFile
     end
 
     # Remove the public key, in addition to the private key
-    def destroy(key, options = {})
+    def destroy(request)
         super
 
-        return unless FileTest.exist?(public_key_path(key.name))
+        return unless FileTest.exist?(public_key_path(request.key))
 
         begin
-            File.unlink(public_key_path(key.name))
+            File.unlink(public_key_path(request.key))
         rescue => detail
-            raise Puppet::Error, "Could not remove %s public key: %s" % [key.name, detail]
+            raise Puppet::Error, "Could not remove %s public key: %s" % [request.key, detail]
         end
     end
 
     # Save the public key, in addition to the private key.
-    def save(key, options = {})
+    def save(request)
         super
 
         begin
-            File.open(public_key_path(key.name), "w") { |f| f.print key.content.public_key.to_pem }
+            File.open(public_key_path(request.key), "w") { |f| f.print request.instance.content.public_key.to_pem }
         rescue => detail
             raise Puppet::Error, "Could not write %s: %s" % [key, detail]
         end
diff --git a/lib/puppet/indirector/ssl_file.rb b/lib/puppet/indirector/ssl_file.rb
index 17cb0a144..c66d71e91 100644
--- a/lib/puppet/indirector/ssl_file.rb
+++ b/lib/puppet/indirector/ssl_file.rb
@@ -25,46 +25,46 @@ class Puppet::Indirector::SslFile < Puppet::Indirector::Terminus
     end
 
     # Remove our file.
-    def destroy(file, options = {})
-        path = path(file.name)
-        raise Puppet::Error.new("File %s does not exist; cannot destroy" % [file]) unless FileTest.exist?(path)
+    def destroy(request)
+        path = path(request.key)
+        raise Puppet::Error.new("File %s does not exist; cannot destroy" % [request.key]) unless FileTest.exist?(path)
 
         begin
             File.unlink(path)
         rescue => detail
-            raise Puppet::Error, "Could not remove %s: %s" % [file, detail]
+            raise Puppet::Error, "Could not remove %s: %s" % [request.key, detail]
         end
     end
 
     # Find the file on disk, returning an instance of the model.
-    def find(name, options = {})
-        path = path(name)
+    def find(request)
+        path = path(request.key)
 
         return nil unless FileTest.exist?(path)
 
-        result = model.new(name)
+        result = model.new(request.key)
         result.read(path)
         result
     end
 
     # Save our file to disk.
-    def save(file, options = {})
-        path = path(file.name)
+    def save(request)
+        path = path(request.key)
         dir = File.dirname(path)
 
-        raise Puppet::Error.new("Cannot save %s; parent directory %s does not exist" % [file, dir]) unless FileTest.directory?(dir)
-        raise Puppet::Error.new("Cannot save %s; parent directory %s does not exist" % [file, dir]) unless FileTest.writable?(dir)
+        raise Puppet::Error.new("Cannot save %s; parent directory %s does not exist" % [request.key, dir]) unless FileTest.directory?(dir)
+        raise Puppet::Error.new("Cannot save %s; parent directory %s does not exist" % [request.key, dir]) unless FileTest.writable?(dir)
 
         begin
-            File.open(path, "w") { |f| f.print file.to_s }
+            File.open(path, "w") { |f| f.print request.instance.to_s }
         rescue => detail
-            raise Puppet::Error, "Could not write %s: %s" % [file, detail]
+            raise Puppet::Error, "Could not write %s: %s" % [request.key, detail]
         end
     end
 
     # Search for more than one file.  At this point, it just returns
     # an instance for every file in the directory.
-    def search(options = {})
+    def search(request)
         dir = collection_directory
         Dir.entries(dir).reject { |file| file !~ /\.pem$/ }.collect do |file|
             name = file.sub(/\.pem$/, '')
diff --git a/lib/puppet/ssl/base.rb b/lib/puppet/ssl/base.rb
index 674330373..ab040152d 100644
--- a/lib/puppet/ssl/base.rb
+++ b/lib/puppet/ssl/base.rb
@@ -1,5 +1,4 @@
 require 'puppet/ssl'
-require 'puppet/ssl/indirection_hooks'
 
 # The base class for wrapping SSL instances.
 class Puppet::SSL::Base
diff --git a/lib/puppet/ssl/certificate.rb b/lib/puppet/ssl/certificate.rb
index 697b2e785..9b1e2a79a 100644
--- a/lib/puppet/ssl/certificate.rb
+++ b/lib/puppet/ssl/certificate.rb
@@ -1,12 +1,16 @@
 require 'puppet/ssl/base'
 
-# Manage certificates themselves.
+# Manage certificates themselves.  This class has no
+# 'generate' method because the CA is responsible
+# for turning CSRs into certificates; we can only
+# retrieve them from the CA (or not, as is often
+# the case).
 class Puppet::SSL::Certificate < Puppet::SSL::Base
     # This is defined from the base class
     wraps OpenSSL::X509::Certificate
 
     extend Puppet::Indirector
-    indirects :certificate, :extend => Puppet::SSL::IndirectionHooks
+    indirects :certificate
 
     # Indicate where we should get our signed certs from.
     def self.ca_is(dest)
@@ -22,24 +26,4 @@ class Puppet::SSL::Certificate < Puppet::SSL::Base
             :local
         end
     end
-
-    # Request a certificate from our CA.
-    def generate(request)
-        if self.class.ca_location == :local
-            terminus = :ca_file
-        else
-            terminus = :rest
-        end
-
-        # Save our certificate request.
-        request.save :in => terminus
-
-        # And see if we can retrieve the certificate.
-        if cert = self.class.find(name, :in => terminus)
-            @content = cert.content
-            return true
-        else
-            return false
-        end
-    end
 end
diff --git a/lib/puppet/ssl/certificate_request.rb b/lib/puppet/ssl/certificate_request.rb
index e8cbbbade..4ca6d9899 100644
--- a/lib/puppet/ssl/certificate_request.rb
+++ b/lib/puppet/ssl/certificate_request.rb
@@ -5,7 +5,7 @@ class Puppet::SSL::CertificateRequest < Puppet::SSL::Base
     wraps OpenSSL::X509::Request
 
     extend Puppet::Indirector
-    indirects :certificate_request, :extend => Puppet::SSL::IndirectionHooks
+    indirects :certificate_request
 
     # How to create a certificate request with our system defaults.
     def generate(key)
diff --git a/lib/puppet/ssl/indirection_hooks.rb b/lib/puppet/ssl/indirection_hooks.rb
deleted file mode 100644
index c2a3442c0..000000000
--- a/lib/puppet/ssl/indirection_hooks.rb
+++ /dev/null
@@ -1,17 +0,0 @@
-#
-#  Created by Luke Kanies on 2008-3-10.
-#  Copyright (c) 2008. All rights reserved.
-
-require 'uri'
-require 'puppet/ssl'
-
-# This module is used to pick the appropriate terminus
-# in certificate indirections.  This is necessary because
-# we need the ability to choose between interacting with the CA
-# or the local certs.
-module Puppet::SSL::IndirectionHooks
-    # Pick an appropriate terminus based on what's specified, defaulting to :file.
-    def select_terminus(full_uri, options = {})
-        return options[:to] || options[:in] || :file
-    end
-end
diff --git a/lib/puppet/ssl/key.rb b/lib/puppet/ssl/key.rb
index 65294ac00..124d4c2d7 100644
--- a/lib/puppet/ssl/key.rb
+++ b/lib/puppet/ssl/key.rb
@@ -6,7 +6,7 @@ class Puppet::SSL::Key < Puppet::SSL::Base
     wraps OpenSSL::PKey::RSA
 
     extend Puppet::Indirector
-    indirects :key, :terminus_class => :file
+    indirects :key
 
     attr_reader :password_file