diff options
| author | Nimesh-Msys <nimesh.patni@msystechnologies.com> | 2019-02-13 17:55:05 +0530 |
|---|---|---|
| committer | Nimesh-Msys <nimesh.patni@msystechnologies.com> | 2019-02-13 17:55:05 +0530 |
| commit | 3031e99e96e9f9e046599d6e60e44cf5b1b1e2e1 (patch) | |
| tree | 3bf388310e20dd4ca5a93e401c04457fc23d4e83 | |
| parent | 0afdf28c1ff0522b534cdc325cfc84bda97436a0 (diff) | |
| download | chef-3031e99e96e9f9e046599d6e60e44cf5b1b1e2e1.tar.gz | |
Minor fixes as per the review comments.
- Checking file formats by uisng ruby itself, instead of shelling it out.
Signed-off-by: Nimesh-Msys <nimesh.patni@msystechnologies.com>
| -rw-r--r-- | lib/chef/resource/windows_certificate.rb | 37 |
1 files changed, 20 insertions, 17 deletions
diff --git a/lib/chef/resource/windows_certificate.rb b/lib/chef/resource/windows_certificate.rb index 252fa24fcd..c5db262d15 100644 --- a/lib/chef/resource/windows_certificate.rb +++ b/lib/chef/resource/windows_certificate.rb @@ -21,6 +21,7 @@ require "chef/util/path_helper" require "chef/resource" require "win32-certstore" if Chef::Platform.windows? require "openssl" +require "open3" class Chef class Resource @@ -275,19 +276,19 @@ class Chef # Uses powershell command to convert crt/der/cer/pfx & p7b certificates # In PEM format and returns its certificate content def convert_pem(ext) - out = case ext - when ".crt", ".cer", ".der" - command = "openssl x509 -text -in #{new_resource.source} -outform PEM" - command += " -inform DER" if binary_cert? - powershell_out(command) - when ".pfx" - powershell_out("openssl pkcs12 -in #{new_resource.source} -nodes -passin pass:'#{new_resource.pfx_password}'") - when ".p7b" - powershell_out("openssl pkcs7 -print_certs -in #{new_resource.source} -outform PEM") - else - powershell_out("openssl x509 -text -inform #{ext.delete(".")} -in #{new_resource.source} -outform PEM") - end - + command = case ext + when ".crt", ".cer", ".der" + cmd = "openssl x509 -text -in #{new_resource.source} -outform PEM" + pem_cert? ? cmd : cmd + " -inform DER" + when ".pfx" + "openssl pkcs12 -in #{new_resource.source} -nodes -passin pass:'#{new_resource.pfx_password}'" + when ".p7b" + "openssl pkcs7 -print_certs -in #{new_resource.source} -outform PEM" + else + "openssl x509 -text -inform #{ext.delete('.')} -in #{new_resource.source} -outform PEM" + end + + out = powershell_out(command) if out.exitstatus == 0 format_raw_out(out.stdout) else @@ -302,12 +303,14 @@ class Chef begin_cert + out[/#{begin_cert}(.*?)#{end_cert}/m, 1] + end_cert end - # Checks if the certificate is binary encoded or not - def binary_cert? - powershell_out("file -b --mime-encoding #{new_resource.source}").stdout.strip == "binary" + # Checks if the given certificate is a PEM certificate or not + def pem_cert? + details, status = Open3.capture2e("file", new_resource.source) + return false unless status.success? + + details.rpartition(":").last.strip == "PEM certificate" end end - end end end |