Class: Puppet::Indirector::SslFile

Inherits:
Terminus show all
Defined in:
lib/vendor/puppet/indirector/ssl_file.rb

Constant Summary

Constants included from Util

Util::AbsolutePathPosix, Util::AbsolutePathWindows

Constants included from Util::Docs

Util::Docs::HEADER_LEVELS

Class Attribute Summary collapse

Attributes included from Util::Docs

#doc, #nodoc

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from Terminus

abstract_terminus?, const2name, #indirection, indirection_name, inherited, mark_as_abstract_terminus, #model, model, #name, name2const, register_terminus_class, terminus_class, terminus_classes, #terminus_type

Methods included from Util::InstanceLoader

#instance_docs, #instance_hash, #instance_load, #instance_loader, #instance_loading?, #loaded_instance, #loaded_instances

Methods included from Util

absolute_path?, activerecord_version, benchmark, binread, chuser, classproxy, #execfail, #execpipe, execute, execute_posix, execute_windows, logmethods, memory, path_to_uri, proxy, replace_file, safe_posix_fork, symbolize, symbolizehash, symbolizehash!, synchronize_on, thinmark, #threadlock, uri_to_path, wait_for_output, which, withumask

Methods included from Util::POSIX

#get_posix_field, #gid, #idfield, #methodbyid, #methodbyname, #search_posix_field, #uid

Methods included from Util::Docs

#desc, #dochook, #doctable, #markdown_definitionlist, #markdown_header, #nodoc?, #pad, scrub

Constructor Details

#initializeSslFile

Returns a new instance of SslFile.



49
50
51
52
53
# File 'lib/vendor/puppet/indirector/ssl_file.rb', line 49

def initialize
  Puppet.settings.use(:main, :ssl)

  (collection_directory || file_location) or raise Puppet::DevError, "No file or directory setting provided; terminus #{self.class.name} cannot function"
end

Class Attribute Details

.ca_settingObject (readonly)

Returns the value of attribute ca_setting.



21
22
23
# File 'lib/vendor/puppet/indirector/ssl_file.rb', line 21

def ca_setting
  @ca_setting
end

.directory_settingObject (readonly)

Returns the value of attribute directory_setting.



21
22
23
# File 'lib/vendor/puppet/indirector/ssl_file.rb', line 21

def directory_setting
  @directory_setting
end

.file_settingObject (readonly)

Returns the value of attribute file_setting.



21
22
23
# File 'lib/vendor/puppet/indirector/ssl_file.rb', line 21

def file_setting
  @file_setting
end

Class Method Details

.ca_locationObject

The full path to a ca file we would be managing.



37
38
39
40
# File 'lib/vendor/puppet/indirector/ssl_file.rb', line 37

def self.ca_location
  return nil unless ca_setting
  Puppet.settings[ca_setting]
end

.collection_directoryObject

The full path to where we should store our files.



25
26
27
28
# File 'lib/vendor/puppet/indirector/ssl_file.rb', line 25

def self.collection_directory
  return nil unless directory_setting
  Puppet.settings[directory_setting]
end

.file_locationObject

The full path to an individual file we would be managing.



31
32
33
34
# File 'lib/vendor/puppet/indirector/ssl_file.rb', line 31

def self.file_location
  return nil unless file_setting
  Puppet.settings[file_setting]
end

.store_at(setting) ⇒ Object

Specify a single file location for storing just one file. This is used for things like the CRL.



11
12
13
# File 'lib/vendor/puppet/indirector/ssl_file.rb', line 11

def self.store_at(setting)
  @file_setting = setting
end

.store_ca_at(setting) ⇒ Object

Specify where a specific ca file should be stored.



16
17
18
# File 'lib/vendor/puppet/indirector/ssl_file.rb', line 16

def self.store_ca_at(setting)
  @ca_setting = setting
end

.store_in(setting) ⇒ Object

Specify the directory in which multiple files are stored.



5
6
7
# File 'lib/vendor/puppet/indirector/ssl_file.rb', line 5

def self.store_in(setting)
  @directory_setting = setting
end

Instance Method Details

#ca?(name) ⇒ Boolean

We assume that all files named ‘ca’ are pointing to individual ca files, rather than normal host files. It’s a bit hackish, but all the other solutions seemed even more hackish.

Returns:

  • (Boolean)


45
46
47
# File 'lib/vendor/puppet/indirector/ssl_file.rb', line 45

def ca?(name)
  name == Puppet::SSL::Host.ca_name
end

#destroy(request) ⇒ Object

Remove our file.



71
72
73
74
75
76
77
78
79
80
81
# File 'lib/vendor/puppet/indirector/ssl_file.rb', line 71

def destroy(request)
  path = path(request.key)
  return false unless FileTest.exist?(path)

  Puppet.notice "Removing file #{model} #{request.key} at '#{path}'"
  begin
    File.unlink(path)
  rescue => detail
    raise Puppet::Error, "Could not remove #{request.key}: #{detail}"
  end
end

#find(request) ⇒ Object

Find the file on disk, returning an instance of the model.



84
85
86
87
88
89
90
91
92
# File 'lib/vendor/puppet/indirector/ssl_file.rb', line 84

def find(request)
  path = path(request.key)

  return nil unless FileTest.exist?(path) or rename_files_with_uppercase(path)

  result = model.new(request.key)
  result.read(path)
  result
end

#path(name) ⇒ Object



55
56
57
58
59
60
61
62
63
64
65
66
67
68
# File 'lib/vendor/puppet/indirector/ssl_file.rb', line 55

def path(name)
  if name =~ Puppet::Indirector::BadNameRegexp then
    Puppet.crit("directory traversal detected in #{self.class}: #{name.inspect}")
    raise ArgumentError, "invalid key"
  end

  if ca?(name) and ca_location
    ca_location
  elsif collection_directory
    File.join(collection_directory, name.to_s + ".pem")
  else
    file_location
  end
end

#save(request) ⇒ Object

Save our file to disk.

Raises:



95
96
97
98
99
100
101
102
103
# File 'lib/vendor/puppet/indirector/ssl_file.rb', line 95

def save(request)
  path = path(request.key)
  dir = File.dirname(path)

  raise Puppet::Error.new("Cannot save #{request.key}; parent directory #{dir} does not exist") unless FileTest.directory?(dir)
  raise Puppet::Error.new("Cannot save #{request.key}; parent directory #{dir} is not writable") unless FileTest.writable?(dir)

  write(request.key, path) { |f| f.print request.instance.to_s }
end

#search(request) ⇒ Object

Search for more than one file. At this point, it just returns an instance for every file in the directory.



107
108
109
110
111
112
113
114
115
# File 'lib/vendor/puppet/indirector/ssl_file.rb', line 107

def search(request)
  dir = collection_directory
  Dir.entries(dir).reject { |file| file !~ /\.pem$/ }.collect do |file|
    name = file.sub(/\.pem$/, '')
    result = model.new(name)
    result.read(File.join(dir, file))
    result
  end
end