diff options
| author | John McCrae <john.mccrae@progress.com> | 2021-09-23 17:23:30 -0700 |
|---|---|---|
| committer | John McCrae <john.mccrae@progress.com> | 2021-09-23 17:23:30 -0700 |
| commit | 4760855c27c4d5de08ea4d7030645054014d1f0b (patch) | |
| tree | 44c970d08df2c5a430a59a504a6337a969629f8a | |
| parent | 16d832c93840ef1ec00172a1555189427f09a428 (diff) | |
| download | chef-jfm/win32_regressions.tar.gz | |
Updated the code to correct errors in error-handling.jfm/win32_regressions
Signed-off-by: John McCrae <john.mccrae@progress.com>
| -rw-r--r-- | lib/chef/resource/windows_certificate.rb | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/lib/chef/resource/windows_certificate.rb b/lib/chef/resource/windows_certificate.rb index 528b0c53f6..3065fbcf16 100644 --- a/lib/chef/resource/windows_certificate.rb +++ b/lib/chef/resource/windows_certificate.rb @@ -146,7 +146,10 @@ class Chef end if ::File.extname(new_resource.output_path) == ".pfx" - powershell_exec!(pfx_ps_cmd(resolve_thumbprint(new_resource.source), store_location: ps_cert_location, store_name: new_resource.store_name, output_path: new_resource.output_path, password: new_resource.pfx_password )) + thumbprint = resolve_thumbprint(new_resource.source) + store = Win32::Certstore.open(new_resource.store_name, store_location: native_cert_location) + store.valid?(thumbprint) + powershell_exec!(pfx_ps_cmd(thumbprint, store_location: ps_cert_location, store_name: new_resource.store_name, output_path: new_resource.output_path, password: new_resource.pfx_password )) else cert_obj = fetch_cert end @@ -251,7 +254,9 @@ class Chef # Thumbprints should be exactly 40 Hex characters def valid_thumbprint?(string) - string.match?(/[0-9A-Fa-f]/) && string.length == 40 + unless string.match?(/[0-9A-Fa-f]/) && string.length == 40 + raise ArgumentError, "Invalid certificate thumbprint." + end end def get_thumbprint(store_name, location, source) @@ -292,7 +297,7 @@ class Chef def pfx_ps_cmd(thumbprint, store_location: "LocalMachine", store_name: "My", output_path:, password: ) <<-CMD $my_pwd = ConvertTo-SecureString -String "#{password}" -Force -AsPlainText - $cert = Get-ChildItem -path cert:\\#{store_location}\\#{store_name} -Recurse | Where { $_.Thumbprint -eq "#{thumbprint.upcase}" } + $cert = Get-ChildItem -path cert:\\#{store_location}\\#{store_name} -Recurse | Where { $_.Thumbprint -eq "#{thumbprint}" } Export-PfxCertificate -Cert $cert -FilePath "#{output_path}" -Password $my_pwd CMD end |