Skip to content

Commit

Permalink
Ensure that we don't break when Windows registry is missing our keys
Browse files Browse the repository at this point in the history
This situation is common when using HFTs where the registry will be
empty initially. Here we just ensure that errors result in no fatal
paths to make sure that HFTs can work properly.
  • Loading branch information
sgnn7 committed Jul 14, 2020
1 parent 81e5f2b commit 79554a2
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 4 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
### Fixed
- Fix windows credential search for HFT-created identities.
[cyberark/conjur-puppet#47](https://github.com/org/repo/issues/47)
- Fix windows registry exceptions on new HFT-based hosts
[cyberark/conjur-puppet#112](https://github.com/org/repo/issues/112)

## [2.0.3] - 2020-05-10
### Changed
Expand Down
17 changes: 13 additions & 4 deletions lib/conjur/puppet_module/config.rb
Original file line number Diff line number Diff line change
Expand Up @@ -27,12 +27,21 @@ def from_registry
unless Puppet.features.microsoft_windows?

require 'win32/registry'
c = Win32::Registry::HKEY_LOCAL_MACHINE.open(REG_KEY_NAME) do |reg|
# Convert registry value names from camel case to underscores
# e.g. ApplianceUrl => appliance_url
reg.map { |name, _type, data| [name.gsub(/(.)([A-Z])/, '\1_\2').downcase, data] }.to_h

c = {}
begin
Win32::Registry::HKEY_LOCAL_MACHINE.open(REG_KEY_NAME) do |reg|
# Convert registry value names from camel case to underscores
# e.g. ApplianceUrl => appliance_url
c = reg.map { |name, _type, data| [name.gsub(/(.)([A-Z])/, '\1_\2').downcase, data] }.to_h
end
rescue
Puppet.warning "Agent’s registry did not contain path #{REG_KEY_NAME}. If this is the " +
"first time using HFTs on this node, this is expected behavior."
end

c['ssl_certificate'] ||= File.read c['cert_file'] if c['cert_file']

c
end
end
Expand Down

0 comments on commit 79554a2

Please sign in to comment.