class Net::Openvpn::Generators::Keys::Base
Attributes
props[R]
Public Class Methods
new(name, props)
click to toggle source
# File lib/net/openvpn/generators/keys/base.rb, line 8 def initialize(name, props) @name = name @props = Openvpn.props.merge props @props[:key_cn] = @name @key_dir = Directory.new(@props) Properties.validate! @props end
Public Instance Methods
exist?()
click to toggle source
Returns true if all the generated keys exist or false if not
# File lib/net/openvpn/generators/keys/base.rb, line 22 def exist? filepaths.each do |file| return false if !File.exist? file end true end
generate()
click to toggle source
# File lib/net/openvpn/generators/keys/base.rb, line 17 def generate raise NotImplementedError end
revoke!()
click to toggle source
Revokes the keys
Returns true if the keys were revoked or false if the keys do not exist or are not valid
raises ‘Net::Openvpn::Errors::CertificateRevocation` if the key failed to be revoked
# File lib/net/openvpn/generators/keys/base.rb, line 57 def revoke! return false unless exist? and valid? FileUtils.cd(Openvpn.props[:easy_rsa]) do output = %x[#{cli_prop_vars} ./revoke-full #{@name}] raise Errors::CertificateRevocation, "Revoke command failed" if !output.include? "error 23" # error 23 means key was revoked end !valid? or raise Errors::CertificateRevocation, "Certificates were still valid after being revoked" true end
valid?()
click to toggle source
Returns true if the generated keys are valid by checking the key index and then checking the pemfile against the crt file.
# File lib/net/openvpn/generators/keys/base.rb, line 32 def valid? return false unless @key_dir.exist? # read the index file m = File.read(Openvpn.props[:key_index]).match /^V.*CN=#{@name}.*$/ return false if m.nil? # get the pem number and build the paths pem = m[0].split("\t")[3] pem_path = "#{Openvpn.props[:key_dir]}/#{pem}.pem" crt_path = "#{Openvpn.props[:key_dir]}/#{@name}.crt" # Check the pem against the current cert for the name File.read(pem_path) == File.read(crt_path) end
Private Instance Methods
cli_prop_vars()
click to toggle source
Generates the variable string of key properties to preceed easy-rsa script calls
An example with just two properties:
EASY_RSA="/usr/share/easy-rsa" KEY_CN="fred" build-key ...
# File lib/net/openvpn/generators/keys/base.rb, line 79 def cli_prop_vars Properties.to_cli_vars(@props) end
filepaths()
click to toggle source
# File lib/net/openvpn/generators/keys/base.rb, line 83 def filepaths raise NotImplementedError end