diff options
| author | John McCrae <jmccrae@chf.io> | 2022-05-09 19:04:49 +0600 |
|---|---|---|
| committer | John McCrae <jmccrae@chf.io> | 2022-05-18 07:36:38 +0600 |
| commit | d04de476b9d58c2496adb09459573b93f0db537a (patch) | |
| tree | 392abec6c70883881e9104203a8d395b66fb65fa | |
| parent | 7ffaa658b6bc68c9eb9636c535884caf9ea67d0c (diff) | |
| download | chef-d04de476b9d58c2496adb09459573b93f0db537a.tar.gz | |
Removing redundant code and simplifying looking up a certificate
Signed-off-by: John McCrae <jmccrae@chf.io>
| -rw-r--r-- | chef-universal-mingw32.gemspec | 2 | ||||
| -rw-r--r-- | lib/chef/resource/windows_certificate.rb | 11 |
2 files changed, 7 insertions, 6 deletions
diff --git a/chef-universal-mingw32.gemspec b/chef-universal-mingw32.gemspec index c869ac2384..08664bd3cb 100644 --- a/chef-universal-mingw32.gemspec +++ b/chef-universal-mingw32.gemspec @@ -14,7 +14,7 @@ gemspec.add_dependency "win32-service", ">= 2.1.5", "< 3.0" gemspec.add_dependency "wmi-lite", "~> 1.0" gemspec.add_dependency "win32-taskscheduler", "~> 2.0" gemspec.add_dependency "iso8601", ">= 0.12.1", "< 0.14" # validate 0.14 when it comes out -gemspec.add_dependency "win32-certstore", "~> 0.6.2" # 0.5+ required for specifying user vs. system store +gemspec.add_dependency "win32-certstore", "~> 0.6.10" # 0.5+ required for specifying user vs. system store gemspec.add_dependency "chef-powershell", "~> 1.0.12" # The guts of the powershell_exec code have been moved to its own gem, chef-powershell. It's part of the chef-powershell-shim repo. gemspec.extensions << "ext/win32-eventlog/Rakefile" gemspec.files += Dir.glob("{distro,ext}/**/*") diff --git a/lib/chef/resource/windows_certificate.rb b/lib/chef/resource/windows_certificate.rb index 3fcaec0948..848ceae658 100644 --- a/lib/chef/resource/windows_certificate.rb +++ b/lib/chef/resource/windows_certificate.rb @@ -275,11 +275,12 @@ class Chef def verify_cert(thumbprint = new_resource.source) store = ::Win32::Certstore.open(new_resource.store_name, store_location: native_cert_location) - if new_resource.pfx_password.nil? - store.valid?(resolve_thumbprint(thumbprint), store_location: native_cert_location, store_name: new_resource.store_name ) - else - store.valid?(resolve_thumbprint(thumbprint), store_location: native_cert_location, store_name: new_resource.store_name) - end + store.cert_lookup_by_token(resolve_thumbprint(thumbprint)) + # if new_resource.pfx_password.nil? + # store.valid?(resolve_thumbprint(thumbprint), store_location: native_cert_location, store_name: new_resource.store_name ) + # else + # store.valid?(resolve_thumbprint(thumbprint), store_location: native_cert_location, store_name: new_resource.store_name) + # end end # this array structure is solving 2 problems. The first is that we need to have support for both the CurrentUser AND LocalMachine stores |