Switching the SSL::Host class to return Puppet instances.

Previously, the class was returning OpenSSL instances
(e.g, OpenSSL::X509::Certificate) instead of Puppet instances
(e.g., Puppet::SSL::Certificate).  This made some things
easier, but it made them asymmetric (e.g., you assigned the
key as a Puppet instance but got back an OpenSSL instance), and
it also reduced your flexibility and introspectiveness.

3 files changed, 14 insertions, 13 deletions

diff --git a/lib/puppet/ssl/certificate_authority.rb b/lib/puppet/ssl/certificate_authority.rb
index f9786fb1a..6a1986bc9 100644
--- a/lib/puppet/ssl/certificate_authority.rb
+++ b/lib/puppet/ssl/certificate_authority.rb
@@ -50,12 +50,12 @@ class Puppet::SSL::CertificateAuthority
             unless csr = Puppet::SSL::CertificateRequest.find(hostname)
                 raise ArgumentError, "Could not find certificate request for %s" % hostname
             end
-            issuer = host.certificate
+            issuer = host.certificate.content
         end
 
         cert = Puppet::SSL::Certificate.new(hostname)
         cert.content = Puppet::SSL::CertificateFactory.new(cert_type, csr.content, issuer, next_serial).result
-        cert.content.sign(host.key, OpenSSL::Digest::SHA1.new)
+        cert.content.sign(host.key.content, OpenSSL::Digest::SHA1.new)
 
         Puppet.notice "Signed certificate request for %s" % hostname
 
diff --git a/lib/puppet/ssl/certificate_request.rb b/lib/puppet/ssl/certificate_request.rb
index 8ef0b800e..2c93a9c56 100644
--- a/lib/puppet/ssl/certificate_request.rb
+++ b/lib/puppet/ssl/certificate_request.rb
@@ -11,6 +11,9 @@ class Puppet::SSL::CertificateRequest < Puppet::SSL::Base
     def generate(key)
         Puppet.info "Creating a new SSL certificate request for %s" % name
 
+        # Support either an actual SSL key, or a Puppet key.
+        key = key.content if key.is_a?(Puppet::SSL::Key)
+
         csr = OpenSSL::X509::Request.new
         csr.version = 0
         csr.subject = OpenSSL::X509::Name.new([["CN", name]])
diff --git a/lib/puppet/ssl/host.rb b/lib/puppet/ssl/host.rb
index 9b0ba2c71..9c7ca767e 100644
--- a/lib/puppet/ssl/host.rb
+++ b/lib/puppet/ssl/host.rb
@@ -108,8 +108,8 @@ class Puppet::SSL::Host
     end
 
     def key
-        return nil unless (defined?(@key) and @key) or @key = Key.find(name)
-        @key.content
+        return nil unless @key ||= Key.find(name)
+        @key
     end
 
     # This is the private key; we can create it from scratch
@@ -122,30 +122,28 @@ class Puppet::SSL::Host
     end
 
     def certificate_request
-        return nil unless (defined?(@certificate_request) and @certificate_request) or @certificate_request = CertificateRequest.find(name)
-        @certificate_request.content
+        return nil unless @certificate_request ||= CertificateRequest.find(name)
+        @certificate_request
     end
 
     # Our certificate request requires the key but that's all.
     def generate_certificate_request
         generate_key unless key
         @certificate_request = CertificateRequest.new(name)
-        @certificate_request.generate(key)
+        @certificate_request.generate(key.content)
         @certificate_request.save
         return true
     end
 
-    # There's no ability to generate a certificate -- if we don't have it, then we should be
-    # automatically looking in the ca, and if the ca doesn't have it, we don't have one.
     def certificate
-        return nil unless (defined?(@certificate) and @certificate) or @certificate = Certificate.find(name)
-        @certificate.content
+        return nil unless @certificate ||= Certificate.find(name)
+        @certificate
     end
 
     # Remove all traces of this ssl host
     def destroy
         [key, certificate, certificate_request].each do |instance|
-            instance.class.destroy(instance) if instance
+            instance.class.destroy(name) if instance
         end
     end
 
@@ -157,6 +155,6 @@ class Puppet::SSL::Host
 
     # Extract the public key from the private key.
     def public_key
-        key.public_key
+        key.content.public_key
     end
 end