knife-openvpn 0.0.4 → 0.0.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +1 -1
- data/knife-openvpn.gemspec +1 -1
- data/lib/chef/knife/openvpn.rb +16 -7
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f6d0e8a8e3cbc7fc159f7319c7579af86f97ce04
|
4
|
+
data.tar.gz: 14cf40403d89c4347c9041133e5c181b92b1019d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5480342506ce0996291557aae9091d972032968f17d7e4ac0e6de96f35155e62299f43b6fe64e50a7d5c8a6a0371f1066aefad8987eb071c0a4c0ab50176f691
|
7
|
+
data.tar.gz: df9a18c14f29f87cf50c67ac75ff2b47ee0e666eded5bff7d0e1fc53b4b9ce258ef9ce993cd10968f546d1e29bdb8c9eb74a0f8f13691ad9982668f8fc17252a
|
data/.rubocop.yml
CHANGED
data/knife-openvpn.gemspec
CHANGED
@@ -3,7 +3,7 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
|
|
3
3
|
|
4
4
|
Gem::Specification.new do |gem|
|
5
5
|
gem.name = 'knife-openvpn'
|
6
|
-
gem.version = '0.0.
|
6
|
+
gem.version = '0.0.5'
|
7
7
|
gem.summary = 'A knife plugin for Express 42 openvpn cookbook'
|
8
8
|
gem.description = gem.summary
|
9
9
|
gem.authors = ['LLC Express 42']
|
data/lib/chef/knife/openvpn.rb
CHANGED
@@ -34,6 +34,7 @@ module OpenvpnPlugin
|
|
34
34
|
require 'chef/encrypted_data_bag_item'
|
35
35
|
require 'json'
|
36
36
|
require 'openssl'
|
37
|
+
require 'time'
|
37
38
|
end
|
38
39
|
|
39
40
|
def check_databag_secret
|
@@ -142,8 +143,16 @@ module OpenvpnPlugin
|
|
142
143
|
crl.next_update = nextup
|
143
144
|
revoke_info.each do|rserial, time, reason_code|
|
144
145
|
revoked = OpenSSL::X509::Revoked.new
|
145
|
-
|
146
|
-
|
146
|
+
if rserial.is_a? OpenSSL::BN
|
147
|
+
revoked.serial = rserial
|
148
|
+
else
|
149
|
+
revoked.serial = OpenSSL::BN.new(rserial)
|
150
|
+
end
|
151
|
+
if time.is_a? Time
|
152
|
+
revoked.time = time
|
153
|
+
else
|
154
|
+
revoked.time = Time.parse(time)
|
155
|
+
end
|
147
156
|
enum = OpenSSL::ASN1::Enumerated(reason_code)
|
148
157
|
ext = OpenSSL::X509::Extension.new('CRLReason', enum)
|
149
158
|
revoked.add_extension(ext)
|
@@ -181,16 +190,16 @@ module OpenvpnPlugin
|
|
181
190
|
databag_name
|
182
191
|
end
|
183
192
|
|
184
|
-
def save_databag_item(id, server_name, item_hash)
|
193
|
+
def save_databag_item(id, server_name, item_hash, force = false)
|
185
194
|
databag_path = get_databag_path server_name
|
186
195
|
item_hash['id'] = id
|
187
196
|
item_path = File.join(databag_path, "#{id}.json")
|
188
197
|
secret = load_databag_secret
|
189
198
|
encrypted_data = Chef::EncryptedDataBagItem.encrypt_data_bag_item(item_hash, secret)
|
190
|
-
if File.exist?
|
191
|
-
fail_with "#{item_path} already exists"
|
192
|
-
else
|
199
|
+
if force || !File.exist?(item_path)
|
193
200
|
File.write item_path, JSON.pretty_generate(encrypted_data)
|
201
|
+
else
|
202
|
+
fail_with "#{item_path} already exists"
|
194
203
|
end
|
195
204
|
end
|
196
205
|
|
@@ -474,7 +483,7 @@ module OpenvpnPlugin
|
|
474
483
|
user_revoke_info = [[user_cert.serial, now, 0]]
|
475
484
|
new_revoke_info = revoke_info + user_revoke_info
|
476
485
|
new_crl = add_user_to_crl ca_cert, ca_key, old_crl, new_revoke_info
|
477
|
-
save_databag_item('openvpn-crl', server_name, 'crl' => new_crl.to_pem, 'revoke_info' => new_revoke_info)
|
486
|
+
save_databag_item('openvpn-crl', server_name, { 'crl' => new_crl.to_pem, 'revoke_info' => new_revoke_info }, true)
|
478
487
|
ui.info "revoked #{user_name}, do not forget to upload CRL databag item"
|
479
488
|
end
|
480
489
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: knife-openvpn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- LLC Express 42
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-
|
11
|
+
date: 2015-10-02 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: A knife plugin for Express 42 openvpn cookbook
|
14
14
|
email: cookbooks@express42.com
|