diff options
| -rw-r--r-- | lib/puppet/indirector/ssl_rsa.rb | 5 | ||||
| -rw-r--r-- | lib/puppet/indirector/ssl_rsa/file.rb | 33 | ||||
| -rw-r--r-- | lib/puppet/sslcertificates/monkey_patch.rb | 6 | ||||
| -rwxr-xr-x | spec/unit/indirector/ssl_rsa/file.rb | 116 |
4 files changed, 160 insertions, 0 deletions
diff --git a/lib/puppet/indirector/ssl_rsa.rb b/lib/puppet/indirector/ssl_rsa.rb new file mode 100644 index 000000000..162d8200a --- /dev/null +++ b/lib/puppet/indirector/ssl_rsa.rb @@ -0,0 +1,5 @@ +# This is a stub class + +class Puppet::Indirector::SslRsa #:nodoc: +end + diff --git a/lib/puppet/indirector/ssl_rsa/file.rb b/lib/puppet/indirector/ssl_rsa/file.rb new file mode 100644 index 000000000..435aa8f86 --- /dev/null +++ b/lib/puppet/indirector/ssl_rsa/file.rb @@ -0,0 +1,33 @@ +require 'puppet/indirector/file' +require 'puppet/indirector/ssl_rsa' + +class Puppet::Indirector::SslRsa::File < Puppet::Indirector::File + desc "Store SSL keys on disk." + + def initialize + Puppet.settings.use(:ssl) + end + + def path(name) + if name == :ca + File.join Puppet.settings[:cadir], "ca_key.pem" + else + File.join Puppet.settings[:publickeydir], name.to_s + ".pem" + end + end + + def save(key) + File.open(path(key.name), "w") { |f| f.print key.to_pem } + end + + def find(name) + return nil unless FileTest.exists?(path(name)) + OpenSSL::PKey::RSA.new(File.read(path(name))) + end + + def destroy(name) + return nil unless FileTest.exists?(path(name)) + File.unlink(path(name)) and true + end + +end diff --git a/lib/puppet/sslcertificates/monkey_patch.rb b/lib/puppet/sslcertificates/monkey_patch.rb new file mode 100644 index 000000000..663b944c1 --- /dev/null +++ b/lib/puppet/sslcertificates/monkey_patch.rb @@ -0,0 +1,6 @@ +# This is the file that we use to add indirection to all the SSL Certificate classes. + +require 'puppet/indirector' + +OpenSSL::PKey::RSA.extend Puppet::Indirector +OpenSSL::PKey::RSA.indirects :ssl_rsa, :terminus_class => :file diff --git a/spec/unit/indirector/ssl_rsa/file.rb b/spec/unit/indirector/ssl_rsa/file.rb new file mode 100755 index 000000000..76e5e3a94 --- /dev/null +++ b/spec/unit/indirector/ssl_rsa/file.rb @@ -0,0 +1,116 @@ +#!/usr/bin/env ruby +# +# Created by Luke Kanies on 2007-9-22. +# Copyright (c) 2007. All rights reserved. + +require File.dirname(__FILE__) + '/../../../spec_helper' + +require 'puppet/sslcertificates/monkey_patch' +require 'puppet/indirector/ssl_rsa/file' + + +describe Puppet::Indirector::SslRsa::File do + + it "should be a subclass of the File terminus class" do + Puppet::Indirector::SslRsa::File.superclass.should equal(Puppet::Indirector::File) + end + + it "should have documentation" do + Puppet::Indirector::SslRsa::File.doc.should be_instance_of(String) + end +end + +describe Puppet::Indirector::SslRsa::File, " when choosing a path for a ca key" do + before do + @file = Puppet::Indirector::SslRsa::File.new + @name = :ca + end + + it "should use the cadir" do + Puppet.settings.stubs(:value).with(:cadir).returns("/dir") + @file.path(@name).should =~ /^\/dir/ + end + + it "should use 'ca_key.pem' as the file name" do + @file.path(@name).should =~ /ca_key\.pem$/ + end +end + +describe Puppet::Indirector::SslRsa::File, " when choosing a path for a non-ca key" do + before do + @file = Puppet::Indirector::SslRsa::File.new + @name = :publickey + end + + it "should use the publickeydir" do + Puppet.settings.stubs(:value).with(:publickeydir).returns("/dir") + @file.path(@name).should =~ /^\/dir/ + end + + it "should use the key name with the pem file extension" do + @file.path(@name).should =~ /#{@name}\.pem$/ + end +end + +describe Puppet::Indirector::SslRsa::File, " when saving" do + before do + @file = Puppet::Indirector::SslRsa::File.new + + Puppet.settings.stubs(:value).with(:publickeydir).returns("/dir") + @key = stub "key", :name => "foo" + end + + it "should store the rsa key to disk in pem format" do + @key.expects(:to_pem).returns(:data) + @path = "/dir/foo.pem" + filehandle = mock "filehandle" + File.expects(:open).with(@path, "w").yields(filehandle) + filehandle.expects(:print).with(:data) + @file.save(@key) + end +end + +describe Puppet::Indirector::SslRsa::File, " when finding a key by name" do + before do + @file = Puppet::Indirector::SslRsa::File.new + + Puppet.settings.stubs(:value).with(:publickeydir).returns("/dir") + @name = "foo" + end + + it "should return the key as a key object on success" do + @path = "/dir/foo.pem" + FileTest.stubs(:exists?).with(@path).returns(true) + File.stubs(:read).with(@path).returns(:data) + OpenSSL::PKey::RSA.expects(:new).with(:data).returns(:mykey) + @file.find(@name).should == :mykey + end + + it "should return 'nil' on failure" do + @path = "/dir/foo.pem" + FileTest.stubs(:exists?).with(@path).returns(false) + @file.find(@name).should == nil + end +end + +describe Puppet::Indirector::SslRsa::File, " when removing a key" do + before do + @file = Puppet::Indirector::SslRsa::File.new + + Puppet.settings.stubs(:value).with(:publickeydir).returns("/dir") + @name = "foo" + end + + it "should remove the key from disk and return true" do + @path = "/dir/foo.pem" + FileTest.stubs(:exists?).with(@path).returns(true) + File.stubs(:unlink).with(@path).returns(true) + @file.destroy(@name).should == true + end + + it "should return an exception on failure" do + @path = "/dir/foo.pem" + FileTest.stubs(:exists?).with(@path).returns(false) + @file.destroy(@name).should == nil + end +end |