(#8925) Added new function called 'get_certificate' for retrieving

certificates from a CA (or locally). This function works by either obtaining the file locally or remotely based on Puppets configuration. Also added get_pubkey which wraps get_certificate and extracts the public key.
author: Ken Barber <ken@bob.sh> 2011-08-14 03:47:32 +0200
committer: Ken Barber <ken@bob.sh> 2011-08-17 16:36:59 +0200
commit: 9b912d028fe1a2622ec61a56b1f0774ef3c9f43b (patch)
tree: 56c1be57410b1c1e6532b03c42cda4e1602ffd08 /lib/puppet/parser/functions/get_pubkey.rb
parent: 33887f9be50c4fd94bbd08d7c00d9b3d97e29d21 (diff)
1 files changed, 25 insertions, 0 deletions
diff --git a/lib/puppet/parser/functions/get_pubkey.rb b/lib/puppet/parser/functions/get_pubkey.rb
new file mode 100644
index 0000000..744b9df
--- /dev/null
+++ b/lib/puppet/parser/functions/get_pubkey.rb
@@ -0,0 +1,25 @@
+module Puppet::Parser::Functions
+  newfunction(:get_pubkey, :type => :rvalue, :doc => <<-EOS
+Gets a public key given a CN. This function accepts all the same
+parameters as get_certificate(), but instead returns the public
+key portion of the certificate.
+
+See get_certificate() for a more complete list of options available.
+EOS
+  ) do |arguments|
+
+    # Wrap the get_certificate method
+    method = Puppet::Parser::Functions.function(:get_certificate)
+    cert_text = send(method, arguments)
+
+    require 'openssl'
+    
+    if cert_text == :undef then
+      return :undef
+    else
+      cert = OpenSSL::X509::Certificate.new(cert_text)
+      pubkey = cert.public_key
+      return pubkey.to_s
+    end
+  end
+end
author	Ken Barber <ken@bob.sh>	2011-08-14 03:47:32 +0200
committer	Ken Barber <ken@bob.sh>	2011-08-17 16:36:59 +0200
commit	9b912d028fe1a2622ec61a56b1f0774ef3c9f43b (patch)
tree	56c1be57410b1c1e6532b03c42cda4e1602ffd08 /lib/puppet/parser/functions/get_pubkey.rb
parent	33887f9be50c4fd94bbd08d7c00d9b3d97e29d21 (diff)