Signed-off-by: Brice Figureau <[email protected]>
---
lib/puppet/network/http/mongrel/rest.rb | 7 +++++++
lib/puppet/network/http/webrick/rest.rb | 8 ++++++++
spec/unit/network/http/mongrel/rest.rb | 5 +++--
spec/unit/network/http/webrick/rest.rb | 7 +++++--
4 files changed, 23 insertions(+), 4 deletions(-)
diff --git a/lib/puppet/network/http/mongrel/rest.rb
b/lib/puppet/network/http/mongrel/rest.rb
index d9913dc..199e450 100644
--- a/lib/puppet/network/http/mongrel/rest.rb
+++ b/lib/puppet/network/http/mongrel/rest.rb
@@ -1,4 +1,5 @@
require 'puppet/network/http/handler'
+require 'resolv'
class Puppet::Network::HTTP::MongrelREST < Mongrel::HttpHandler
@@ -71,6 +72,12 @@ class Puppet::Network::HTTP::MongrelREST <
Mongrel::HttpHandler
result[:node] = dn_matchdata[1].to_str
result[:authenticated] =
(params[Puppet[:ssl_client_verify_header]] == 'SUCCESS')
else
+ begin
+ result[:node] = Resolv.getname(result[:ip])
+ rescue => detail
+ Puppet.err "Could not resolve %s: %s" % [result[:ip], detail]
+ result[:node] = nil
+ end
result[:authenticated] = false
end
diff --git a/lib/puppet/network/http/webrick/rest.rb
b/lib/puppet/network/http/webrick/rest.rb
index 8120c87..d419e8a 100644
--- a/lib/puppet/network/http/webrick/rest.rb
+++ b/lib/puppet/network/http/webrick/rest.rb
@@ -1,4 +1,5 @@
require 'puppet/network/http/handler'
+require 'resolv'
class Puppet::Network::HTTP::WEBrickREST <
WEBrick::HTTPServlet::AbstractServlet
@@ -66,6 +67,13 @@ class Puppet::Network::HTTP::WEBrickREST <
WEBrick::HTTPServlet::AbstractServlet
if cert = request.client_cert and nameary = cert.subject.to_a.find {
|ary| ary[0] == "CN" }
result[:node] = nameary[1]
result[:authenticated] = true
+ else
+ begin
+ result[:node] = Resolv.getname(result[:ip])
+ rescue => detail
+ Puppet.err "Could not resolve %s: %s" % [ip, detail]
+ result[:node] = nil
+ end
end
result
diff --git a/spec/unit/network/http/mongrel/rest.rb
b/spec/unit/network/http/mongrel/rest.rb
index 1926a6e..f797bc2 100755
--- a/spec/unit/network/http/mongrel/rest.rb
+++ b/spec/unit/network/http/mongrel/rest.rb
@@ -194,11 +194,12 @@ describe "Puppet::Network::HTTP::MongrelREST" do
@handler.params(@request)[:authenticated].should be_false
end
- it "should not pass a node name to model method if no certificate
information is present" do
+ it "should pass a reverse lookup of ip to model method if no
certificate information is present" do
Puppet.settings.stubs(:value).returns "eh"
Puppet.settings.expects(:value).with(:ssl_client_header).returns "myheader"
@request.stubs(:params).returns("myheader" => nil)
- @handler.params(@request).should_not be_include(:node)
+ Resolv.expects(:getname).returns("host.domain.com")
+ @handler.params(@request)[:node].should == "host.domain.com"
end
end
end
diff --git a/spec/unit/network/http/webrick/rest.rb
b/spec/unit/network/http/webrick/rest.rb
index 7600cff..d2046af 100755
--- a/spec/unit/network/http/webrick/rest.rb
+++ b/spec/unit/network/http/webrick/rest.rb
@@ -138,9 +138,12 @@ describe Puppet::Network::HTTP::WEBrickREST do
@handler.params(@request)[:node].should == "host.domain.com"
end
- it "should not pass a node name to model method if no certificate
is present" do
+ it "should pass the reverse lookup of ip as node name to model
method if no certificate is present" do
@request.stubs(:client_cert).returns nil
- @handler.params(@request).should_not be_include(:node)
+
+ Resolv.expects(:getname).returns('host.domain.com')
+
+ @handler.params(@request)[:node].should == "host.domain.com"
end
end
end
--
1.6.0.2
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/puppet-dev?hl=en
-~----------~----~----~----~------~----~------~--~---
