hiera-ldapprovider 1.0.1 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/core_ext/string/json.rb +13 -0
- data/lib/core_ext/string/yaml.rb +14 -0
- data/lib/hiera/backend/ldap.rb +1 -1
- data/lib/hiera/backend/ldap_backend.rb +8 -44
- data/lib/net/ldap/connection.rb +18 -0
- metadata +4 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f9dcce63a21cecc44d7d78fccb8e63834fe6228e
|
|
4
|
+
data.tar.gz: 7ca58c58013a8f9bd01465460a74fd5cbfcee36d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c667b30b72e476d9f47c97fc77660ad0c81fa1aa06114205c420ed1dbddcddf649377aa77a32b7f8b86e26d6ba377fe0afad1a2576963463e3b4c5feae2b4434
|
|
7
|
+
data.tar.gz: b1d945b0817353de2c1e6182a42bfaa96503897a054cbf56dd752d8d2456574854375b9f3e34154cdf06acfae2610f40ed1fa72cf1baf7ccfd3cd62c552f808a
|
data/lib/hiera/backend/ldap.rb
CHANGED
|
@@ -1,50 +1,16 @@
|
|
|
1
1
|
require 'rubygems'
|
|
2
|
+
require 'core_ext/string/json'
|
|
3
|
+
require 'core_ext/string/yaml'
|
|
2
4
|
require 'net/ldap'
|
|
5
|
+
require 'net/ldap/connection'
|
|
3
6
|
require 'hiera/backend/ldap'
|
|
4
7
|
|
|
5
|
-
# Monkey patch Net::LDAP::Connection to ensure SSL certs aren't verified
|
|
6
|
-
class Net::LDAP::Connection
|
|
7
|
-
def self.wrap_with_ssl(io)
|
|
8
|
-
raise Net::LDAP::LdapError, "OpenSSL is unavailable" unless Net::LDAP::HasOpenSSL
|
|
9
|
-
ctx = OpenSSL::SSL::SSLContext.new
|
|
10
|
-
ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
|
11
|
-
conn = OpenSSL::SSL::SSLSocket.new(io, ctx)
|
|
12
|
-
conn.connect
|
|
13
|
-
conn.sync_close = true
|
|
14
|
-
|
|
15
|
-
conn.extend(GetbyteForSSLSocket) unless conn.respond_to?(:getbyte)
|
|
16
|
-
|
|
17
|
-
conn
|
|
18
|
-
end
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
class String
|
|
22
|
-
def valid_json?
|
|
23
|
-
require 'json'
|
|
24
|
-
JSON.parse(self)
|
|
25
|
-
true
|
|
26
|
-
rescue JSON::ParserError
|
|
27
|
-
false
|
|
28
|
-
end
|
|
29
|
-
|
|
30
|
-
def valid_yaml?
|
|
31
|
-
YAML.load(self)
|
|
32
|
-
true
|
|
33
|
-
rescue Psych::SyntaxError
|
|
34
|
-
false
|
|
35
|
-
rescue Exception
|
|
36
|
-
false
|
|
37
|
-
end
|
|
38
|
-
|
|
39
|
-
end
|
|
40
8
|
class Hiera
|
|
41
9
|
module Backend
|
|
42
10
|
class Ldap_backend
|
|
43
11
|
def initialize
|
|
44
12
|
@attr = get_config_value(:attribute, "cn")
|
|
45
|
-
|
|
46
13
|
Hiera.debug("Hiera LDAP backend starting")
|
|
47
|
-
|
|
48
14
|
@connection = Net::LDAP.new(
|
|
49
15
|
:host => conf[:host],
|
|
50
16
|
:port => get_config_value(:port, "389"),
|
|
@@ -66,22 +32,16 @@ class Hiera
|
|
|
66
32
|
|
|
67
33
|
def lookup(key, scope, order_override, resolution_type)
|
|
68
34
|
answer = nil
|
|
69
|
-
|
|
70
35
|
Hiera.debug("Looking up #{key} in LDAP backend")
|
|
71
|
-
|
|
72
36
|
Backend.datasources(scope, order_override) do |source|
|
|
73
37
|
Hiera.debug("Looking for data source #{source}")
|
|
74
38
|
base = @conf[:base]
|
|
75
|
-
|
|
76
39
|
Hiera.debug("Searching on base: #{base}")
|
|
77
|
-
|
|
78
|
-
|
|
79
40
|
filter = Net::LDAP::Filter.eq(@attr, source)
|
|
80
41
|
Hiera.debug("Searching with filter: %s" % filter.to_s)
|
|
81
42
|
searchresult = @connection.search(:filter => filter, :return_result => true)
|
|
82
43
|
result = []
|
|
83
44
|
alt_key = key.downcase.to_sym
|
|
84
|
-
|
|
85
45
|
begin
|
|
86
46
|
searchresult.each do |entry|
|
|
87
47
|
if entry.attribute_names.include?(alt_key)
|
|
@@ -109,6 +69,11 @@ class Hiera
|
|
|
109
69
|
elsif res.valid_yaml?
|
|
110
70
|
res = YAML.load(res)
|
|
111
71
|
end
|
|
72
|
+
if !res.kind_of? Hash
|
|
73
|
+
res_old = res.dup
|
|
74
|
+
res = {}
|
|
75
|
+
res[key] = result
|
|
76
|
+
end
|
|
112
77
|
answer = Backend.merge_answer(res,answer)
|
|
113
78
|
end
|
|
114
79
|
else
|
|
@@ -120,7 +85,6 @@ class Hiera
|
|
|
120
85
|
break
|
|
121
86
|
end
|
|
122
87
|
Hiera.debug("Answer: #{answer}")
|
|
123
|
-
|
|
124
88
|
end
|
|
125
89
|
return answer
|
|
126
90
|
end
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
module Net
|
|
2
|
+
class LDAP
|
|
3
|
+
class Connection
|
|
4
|
+
|
|
5
|
+
# == Public: Monkey patch to ensure SSL certificates aren't verified
|
|
6
|
+
def self.wrap_with_ssl(io)
|
|
7
|
+
raise Net::LDAP::LdapError, "OpenSSL is unavailable" unless Net::LDAP::HasOpenSSL
|
|
8
|
+
ctx = OpenSSL::SSL::SSLContext.new
|
|
9
|
+
ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
|
10
|
+
conn = OpenSSL::SSL::SSLSocket.new(io, ctx)
|
|
11
|
+
conn.connect
|
|
12
|
+
conn.sync_close = true
|
|
13
|
+
conn.extend(GetbyteForSSLSocket) unless conn.respond_to?(:getbyte)
|
|
14
|
+
conn
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: hiera-ldapprovider
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Florian Kasper
|
|
@@ -49,8 +49,11 @@ files:
|
|
|
49
49
|
- README.md
|
|
50
50
|
- Rakefile
|
|
51
51
|
- hiera-ldap.gemspec
|
|
52
|
+
- lib/core_ext/string/json.rb
|
|
53
|
+
- lib/core_ext/string/yaml.rb
|
|
52
54
|
- lib/hiera/backend/ldap.rb
|
|
53
55
|
- lib/hiera/backend/ldap_backend.rb
|
|
56
|
+
- lib/net/ldap/connection.rb
|
|
54
57
|
homepage: http://github.com/Corscience/hiera-ldap
|
|
55
58
|
licenses:
|
|
56
59
|
- MIT
|