Revision 538faca7
Added by Paul Kelly about 7 years ago
| modules/puppetca/puppetca_main.rb | ||
|---|---|---|
|
require 'openssl'
|
||
|
require 'set'
|
||
|
|
||
|
# rubocop:disable ModuleLength
|
||
|
module Proxy::PuppetCa
|
||
|
extend ::Proxy::Log
|
||
|
extend ::Proxy::Util
|
||
| ... | ... | |
|
raise "No such file #{autosign_file}" unless File.exist?(autosign_file)
|
||
|
|
||
|
found = false
|
||
|
entries = File.open(autosign_file, File::RDONLY).readlines.collect do |l|
|
||
|
entries = File.readlines(autosign_file).collect do |l|
|
||
|
if l.chomp != certname
|
||
|
l
|
||
|
else
|
||
| ... | ... | |
|
end
|
||
|
end.uniq.compact
|
||
|
if found
|
||
|
autosign = File.open(autosign_file, File::TRUNC|File::RDWR)
|
||
|
autosign.write entries.join("\n")
|
||
|
autosign.write "\n"
|
||
|
autosign.close
|
||
|
open(autosign_file, File::TRUNC|File::RDWR) do |autosign|
|
||
|
autosign.write entries.join
|
||
|
end
|
||
|
logger.debug "Removed #{certname} from autosign"
|
||
|
else
|
||
|
logger.debug "Attempt to remove nonexistent client autosign for #{certname}"
|
||
| ... | ... | |
|
def autosign certname
|
||
|
FileUtils.touch(autosign_file) unless File.exist?(autosign_file)
|
||
|
|
||
|
autosign = File.open(autosign_file, File::RDWR)
|
||
|
# Check that we don't have that host already
|
||
|
found = autosign.readlines.find { |line| line.chomp == certname }
|
||
|
autosign.puts certname unless found
|
||
|
autosign.close
|
||
|
open(autosign_file, File::RDWR) do |autosign|
|
||
|
# Check that we don't have that host already
|
||
|
found = autosign.readlines.find { |line| line.chomp == certname }
|
||
|
autosign.puts certname unless found
|
||
|
end
|
||
|
logger.debug "Added #{certname} to autosign"
|
||
|
end
|
||
|
|
||
| ... | ... | |
|
end
|
||
|
end
|
||
|
end
|
||
|
# rubocop:enable ModuleLength
|
||
Also available in: Unified diff
fixes #18177 - file descriptor leak in puppet autosign handling