puppet 0.24.4 → 0.24.5

data/lib/puppet/network/http/handler.rb

@@ -1,108 +1,118 @@
-class Puppet::Network::HTTP::Handler
-    def initialize(args = {})
+module Puppet::Network::HTTP::Handler
+
+    def initialize_for_puppet(args = {})
         raise ArgumentError unless @server = args[:server]
         raise ArgumentError unless @handler = args[:handler]
         @model = find_model_for_handler(@handler)
-        register_handler
     end
-    
+
     # handle an HTTP request
     def process(request, response)
         return do_find(request, response)       if get?(request)    and singular?(request)
         return do_search(request, response)     if get?(request)    and plural?(request)
         return do_destroy(request, response)    if delete?(request) and singular?(request)
-        return do_save(request, response)       if put?(request) and singular?(request)
+        return do_save(request, response)       if put?(request)    and singular?(request)
         raise ArgumentError, "Did not understand HTTP #{http_method(request)} request for '#{path(request)}'"
     rescue Exception => e
         return do_exception(request, response, e)
     end
-    
+
   private
-    
+
+    def model
+        @model
+    end
+
     def do_find(request, response)
-        key = request_key(request) || raise(ArgumentError, "Could not locate lookup key in request path [#{path}]")
+        key = request_key(request) || raise(ArgumentError, "Could not locate lookup key in request path [#{path(request)}]")
         args = params(request)
-        result = @model.find(key, args).to_yaml
+        result = model.find(key, args).to_yaml
         encode_result(request, response, result)
     end
 
     def do_search(request, response)
         args = params(request)
-        result = @model.search(args).collect {|obj| obj.to_yaml }
+        result = model.search(args).collect {|result| result.to_yaml }.to_yaml
         encode_result(request, response, result) 
     end
 
     def do_destroy(request, response)
-        key = request_key(request) || raise(ArgumentError, "Could not locate lookup key in request path [#{path}]")
+        key = request_key(request) || raise(ArgumentError, "Could not locate lookup key in request path [#{path(request)}]")
         args = params(request)
-        result = @model.destroy(key, args)
+        result = model.destroy(key, args)
         encode_result(request, response, YAML.dump(result))
     end
 
     def do_save(request, response)
-        data = body(request)
+        data = body(request).to_s
         raise ArgumentError, "No data to save" if !data or data.empty?
         args = params(request)
-        obj = @model.new
-        result = obj.save(args.merge(:data => data)).to_yaml
+        obj = model.from_yaml(data)
+        result = save_object(obj, args).to_yaml
         encode_result(request, response, result)
     end
-  
+
+    # LAK:NOTE This has to be here for testing; it's a stub-point so
+    # we keep infinite recursion from happening.
+    def save_object(object, args)
+        object.save(args)
+    end
+
     def do_exception(request, response, exception, status=404)
-        encode_result(request, response, exception.to_s, status)
+        encode_result(request, response, exception.to_yaml, status)
     end
-  
+
     def find_model_for_handler(handler)
         Puppet::Indirector::Indirection.model(handler) || 
             raise(ArgumentError, "Cannot locate indirection [#{handler}].")
     end
-    
+
     def get?(request)
         http_method(request) == 'GET'
     end
-    
+
     def put?(request)
         http_method(request) == 'PUT'
     end
-    
+
     def delete?(request)
         http_method(request) == 'DELETE'
     end
-    
+
     def singular?(request)
         %r{/#{@handler.to_s}$}.match(path(request))
     end
-    
+
     def plural?(request)
         %r{/#{@handler.to_s}s$}.match(path(request))
     end
-    
-  # methods specific to a given web server
-    
+
+    # methods to be overridden by the including web server class
+
     def register_handler
         raise NotImplementedError
     end
-    
+
     def http_method(request)
         raise NotImplementedError
     end
-    
+
     def path(request)
         raise NotImplementedError
     end    
-    
+
     def request_key(request)
         raise NotImplementedError
     end
-    
+
     def body(request)
         raise NotImplementedError
     end
-    
+
     def params(request)
         raise NotImplementedError
     end
-    
+
     def encode_result(request, response, result, status = 200)
         raise NotImplementedError
     end

data/lib/puppet/network/http/mongrel.rb

@@ -1,7 +1,6 @@
 require 'mongrel' if Puppet.features.mongrel?
 
 require 'puppet/network/http/mongrel/rest'
-require 'puppet/network/http/mongrel/xmlrpc'
 
 class Puppet::Network::HTTP::Mongrel
     def initialize(args = {})
@@ -14,20 +13,20 @@ class Puppet::Network::HTTP::Mongrel
         raise ArgumentError, ":address must be specified." unless args[:address]
         raise ArgumentError, ":port must be specified." unless args[:port]
         raise "Mongrel server is already listening" if listening?
-        
+
         @protocols = args[:protocols]
         @handlers = args[:handlers]
-        @server = Mongrel::HttpServer.new(args[:address], args[:port])
-
+        @server = Mongrel::HttpServer.new(args[:address], args[:port]) 
         setup_handlers
 
-        @server.run
         @listening = true
+        @server.run
     end
     
     def unlisten
         raise "Mongrel server is not listening" unless listening?
-        @server.graceful_shutdown
+        @server.stop
+        @server = nil
         @listening = false
     end
     
@@ -39,16 +38,16 @@ class Puppet::Network::HTTP::Mongrel
   
     def setup_handlers
         @protocols.each do |protocol|
+            klass = class_for_protocol(protocol)
             @handlers.each do |handler|
-                class_for_protocol(protocol).new(:server => @server, :handler => handler)
+                @server.register('/' + handler.to_s, klass.new(:server => @server, :handler => handler))
+                @server.register('/' + handler.to_s + 's', klass.new(:server => @server, :handler => handler))
             end
         end
     end
   
-    # TODO/FIXME: need a spec which forces delegation to the real class
     def class_for_protocol(protocol)
         return Puppet::Network::HTTP::MongrelREST if protocol.to_sym == :rest
-        return Puppet::Network::HTTP::MongrelXMLRPC if protocol.to_sym == :xmlrpc
         raise ArgumentError, "Unknown protocol [#{protocol}]."
     end
 end

data/lib/puppet/network/http/mongrel/rest.rb

@@ -1,39 +1,66 @@
 require 'puppet/network/http/handler'
 
-class Puppet::Network::HTTP::MongrelREST < Puppet::Network::HTTP::Handler
+class Puppet::Network::HTTP::MongrelREST < Mongrel::HttpHandler
 
-  private
-    
-    def register_handler
-        @server.register('/' + @handler.to_s, self)
-        @server.register('/' + @handler.to_s + 's', self)
+    include Puppet::Network::HTTP::Handler
+
+    def initialize(args={})
+        super()
+        initialize_for_puppet(args)
+    end
+
+    # Return the query params for this request.  We had to expose this method for
+    # testing purposes.
+    def params(request)
+        Mongrel::HttpRequest.query_parse(request.params["QUERY_STRING"]).merge(client_info(request))
     end
-    
+
+  private
+
+    # which HTTP verb was used in this request
     def http_method(request)
         request.params[Mongrel::Const::REQUEST_METHOD]
     end
-    
+
+    # what path was requested?
     def path(request)
         # LAK:NOTE See http://snurl.com/21zf8  [groups_google_com] 
         x = '/' + request.params[Mongrel::Const::REQUEST_PATH].split('/')[1]
     end
-    
+
+    # return the key included in the request path
     def request_key(request)
         # LAK:NOTE See http://snurl.com/21zf8  [groups_google_com] 
         x = request.params[Mongrel::Const::REQUEST_PATH].split('/')[2]        
     end
-    
+
+    # return the request body
     def body(request)
         request.body
     end
-    
-    def params(request)
-        Mongrel::HttpRequest.query_parse(request.params["QUERY_STRING"])
-    end
-    
+
+    # produce the body of the response
     def encode_result(request, response, result, status = 200)
         response.start(status) do |head, body|
             body.write(result)
         end
     end
+
+    def client_info(request)
+        result = {}
+        params = request.params
+        result[:ip] = params["REMOTE_ADDR"]
+
+        # JJM #906 The following dn.match regular expression is forgiving
+        # enough to match the two Distinguished Name string contents
+        # coming from Apache, Pound or other reverse SSL proxies.
+        if dn = params[Puppet[:ssl_client_header]] and dn_matchdata = dn.match(/^.*?CN\s*=\s*(.*)/)
+            result[:node] = dn_matchdata[1].to_str
+            result[:authenticated] = (params[Puppet[:ssl_client_verify_header]] == 'SUCCESS')
+        else
+            result[:authenticated] = false
+        end
+
+        return result
+    end
 end

data/lib/puppet/network/http/webrick.rb

@@ -1,11 +1,17 @@
 require 'webrick'
 require 'webrick/https'
 require 'puppet/network/http/webrick/rest'
-require 'puppet/network/http/webrick/xmlrpc'
+require 'thread'
 
 class Puppet::Network::HTTP::WEBrick
     def initialize(args = {})
         @listening = false
+        @mutex = Mutex.new
+    end
+    
+    def self.class_for_protocol(protocol)
+        return Puppet::Network::HTTP::WEBrickREST if protocol.to_sym == :rest
+        raise "Unknown protocol [#{protocol}]."
     end
     
     def listen(args = {})
@@ -13,39 +19,44 @@ class Puppet::Network::HTTP::WEBrick
         raise ArgumentError, ":protocols must be specified." if !args[:protocols] or args[:protocols].empty?
         raise ArgumentError, ":address must be specified." unless args[:address]
         raise ArgumentError, ":port must be specified." unless args[:port]
-        raise "WEBrick server is already listening" if listening?
         
         @protocols = args[:protocols]
         @handlers = args[:handlers]        
         @server = WEBrick::HTTPServer.new(:BindAddress => args[:address], :Port => args[:port])
         setup_handlers
-        @server.start
-        @listening = true
+
+        @mutex.synchronize do
+            raise "WEBrick server is already listening" if @listening        
+            @listening = true
+            @thread = Thread.new { @server.start }
+        end
     end
     
     def unlisten
-        raise "WEBrick server is not listening" unless listening?
-        @server.shutdown
-        @listening = false
+        @mutex.synchronize do
+            raise "WEBrick server is not listening" unless @listening
+            @server.shutdown
+            @thread.join
+            @server = nil
+            @listening = false
+        end
     end
     
     def listening?
-        @listening
+        @mutex.synchronize do
+            @listening
+        end
     end
-    
+
   private
     
     def setup_handlers
         @protocols.each do |protocol|
+            klass = self.class.class_for_protocol(protocol)
             @handlers.each do |handler|
-                class_for_protocol(protocol).new(:server => @server, :handler => handler)
+                @server.mount('/' + handler.to_s, klass, handler)
+                @server.mount('/' + handler.to_s + 's', klass, handler)
             end
         end
     end
-    
-    def class_for_protocol(protocol)
-        return Puppet::Network::HTTP::WEBrickREST if protocol.to_sym == :rest
-        return Puppet::Network::HTTP::WEBrickXMLRPC if protocol.to_sym == :xmlrpc
-        raise ArgumentError, "Unknown protocol [#{protocol}]."
-    end
 end

data/lib/puppet/network/http/webrick/rest.rb

@@ -1,6 +1,20 @@
 require 'puppet/network/http/handler'
 
-class Puppet::Network::HTTP::WEBrickREST < Puppet::Network::HTTP::Handler
+class Puppet::Network::HTTP::WEBrickREST < WEBrick::HTTPServlet::AbstractServlet
+
+    include Puppet::Network::HTTP::Handler
+
+    def initialize(server, handler)
+        raise ArgumentError, "server is required" unless server
+        super(server)
+        initialize_for_puppet(:server => server, :handler => handler)
+    end
+
+    # We had to expose this method for testing purposes.
+    def params(request)
+        result = request.query
+        result.merge(client_information(request))
+    end
 
     # WEBrick uses a service() method to respond to requests.  Simply delegate to the handler response() method.
     def service(request, response)
@@ -8,36 +22,46 @@ class Puppet::Network::HTTP::WEBrickREST < Puppet::Network::HTTP::Handler
     end
 
   private
-    
-    def register_handler
-        @server.mount('/' + @handler.to_s, self)
-        @server.mount('/' + @handler.to_s + 's', self)
-    end
 
     def http_method(request)
         request.request_method
     end
-    
+
     def path(request)
         # LAK:NOTE See http://snurl.com/21zf8  [groups_google_com] 
         x = '/' + request.path.split('/')[1]
     end
-    
+
     def request_key(request)
         # LAK:NOTE See http://snurl.com/21zf8  [groups_google_com] 
         x = request.path.split('/')[2]
     end
-    
+
     def body(request)
         request.body
     end
-    
-    def params(request)
-        request.query
-    end
-    
+
     def encode_result(request, response, result, status = 200)
         response.status = status
         response.body = result
     end
+
+    # Retrieve node/cert/ip information from the request object.
+    def client_information(request)
+        result = {}
+        if peer = request.peeraddr and ip = peer[3]
+            result[:ip] = ip
+        end
+
+        # If they have a certificate (which will almost always be true)
+        # then we get the hostname from the cert, instead of via IP
+        # info
+        result[:authenticated] = false
+        if cert = request.client_cert and nameary = cert.subject.to_a.find { |ary| ary[0] == "CN" }
+            result[:node] = nameary[1]
+            result[:authenticated] = true
+        end
+
+        result
+    end
 end

data/lib/puppet/network/http_pool.rb

@@ -88,8 +88,9 @@ module Puppet::Network::HttpPool
         class << http; attr_accessor :ca_file; end
 
         http.use_ssl = true
-        http.read_timeout = 120
-        http.open_timeout = 120
+        # Use configured timeout (#1176)
+        http.read_timeout = Puppet[:configtimeout]
+        http.open_timeout = Puppet[:configtimeout]
         # JJM Configurable fix for #896.
         if Puppet[:http_enable_post_connection_check]
             http.enable_post_connection_check = true