The full path to a ca file we would be managing.
# File lib/puppet/indirector/ssl_file.rb, line 37 def self.ca_location return nil unless ca_setting Puppet.settings[ca_setting] end
The full path to where we should store our files.
# File lib/puppet/indirector/ssl_file.rb, line 25 def self.collection_directory return nil unless directory_setting Puppet.settings[directory_setting] end
The full path to an individual file we would be managing.
# File lib/puppet/indirector/ssl_file.rb, line 31 def self.file_location return nil unless file_setting Puppet.settings[file_setting] end
# File lib/puppet/indirector/ssl_file.rb, line 49 def initialize Puppet.settings.use(:main, :ssl) (collection_directory || file_location) or raise Puppet::DevError, "No file or directory setting provided; terminus #{self.class.name} cannot function" end
Specify a single file location for storing just one file. This is used for things like the CRL.
# File lib/puppet/indirector/ssl_file.rb, line 11 def self.store_at(setting) @file_setting = setting end
Specify where a specific ca file should be stored.
# File lib/puppet/indirector/ssl_file.rb, line 16 def self.store_ca_at(setting) @ca_setting = setting end
Specify the directory in which multiple files are stored.
# File lib/puppet/indirector/ssl_file.rb, line 5 def self.store_in(setting) @directory_setting = setting end
We assume that all files named ‘ca’ are pointing to individual ca files, rather than normal host files. It’s a bit hackish, but all the other solutions seemed even more hackish.
# File lib/puppet/indirector/ssl_file.rb, line 45 def ca?(name) name == Puppet::SSL::Host.ca_name end
Remove our file.
# File lib/puppet/indirector/ssl_file.rb, line 71 def destroy(request) path = path(request.key) return false unless FileTest.exist?(path) Puppet.notice "Removing file #{model} #{request.key} at '#{path}'" begin File.unlink(path) rescue => detail raise Puppet::Error, "Could not remove #{request.key}: #{detail}" end end
Find the file on disk, returning an instance of the model.
# File lib/puppet/indirector/ssl_file.rb, line 84 def find(request) filename = rename_files_with_uppercase(path(request.key)) filename ? create_model(request.key, filename) : nil end
# File lib/puppet/indirector/ssl_file.rb, line 55 def path(name) if name =~ Puppet::Indirector::BadNameRegexp then Puppet.crit("directory traversal detected in #{self.class}: #{name.inspect}") raise ArgumentError, "invalid key" end if ca?(name) and ca_location ca_location elsif collection_directory File.join(collection_directory, name.to_s + ".pem") else file_location end end
Save our file to disk.
# File lib/puppet/indirector/ssl_file.rb, line 91 def save(request) path = path(request.key) dir = File.dirname(path) raise Puppet::Error.new("Cannot save #{request.key}; parent directory #{dir} does not exist") unless FileTest.directory?(dir) raise Puppet::Error.new("Cannot save #{request.key}; parent directory #{dir} is not writable") unless FileTest.writable?(dir) write(request.key, path) { |f| f.print request.instance.to_s } end
Search for more than one file. At this point, it just returns an instance for every file in the directory.
# File lib/puppet/indirector/ssl_file.rb, line 103 def search(request) dir = collection_directory Dir.entries(dir). select { |file| file =~ /\.pem$/ }. collect { |file| create_model(file.sub(/\.pem$/, ''), File.join(dir, file)) }. compact end