puppet 2.6.11 → 2.6.12

data/spec/unit/ssl/certificate_spec.rb

@@ -90,6 +90,37 @@ describe Puppet::SSL::Certificate do
       @certificate.should respond_to(:content)
     end
 
+    describe "#subject_alt_names" do
+      it "should list all alternate names when the extension is present" do
+        key = Puppet::SSL::Key.new('quux')
+        key.generate
+
+        csr = Puppet::SSL::CertificateRequest.new('quux')
+        csr.generate(key, :dns_alt_names => 'foo, bar,baz')
+
+        raw_csr = csr.content
+
+        cert = Puppet::SSL::CertificateFactory.build('server', csr, raw_csr, 14)
+        certificate = @class.from_s(cert.to_pem)
+        certificate.subject_alt_names.
+          should =~ ['DNS:foo', 'DNS:bar', 'DNS:baz', 'DNS:quux']
+      end
+
+      it "should return an empty list of names if the extension is absent" do
+        key = Puppet::SSL::Key.new('quux')
+        key.generate
+
+        csr = Puppet::SSL::CertificateRequest.new('quux')
+        csr.generate(key)
+
+        raw_csr = csr.content
+
+        cert = Puppet::SSL::CertificateFactory.build('client', csr, raw_csr, 14)
+        certificate = @class.from_s(cert.to_pem)
+        certificate.subject_alt_names.should be_empty
+      end
+    end
+
     it "should return a nil expiration if there is no actual certificate" do
       @certificate.stubs(:content).returns nil
 

data/spec/unit/ssl/host_spec.rb

@@ -5,6 +5,8 @@ require File.dirname(__FILE__) + '/../../spec_helper'
 require 'puppet/ssl/host'
 
 describe Puppet::SSL::Host do
+  include PuppetSpec::Files
+
   before do
     @class = Puppet::SSL::Host
     @host = @class.new("myname")
@@ -64,6 +66,46 @@ describe Puppet::SSL::Host do
     Puppet::SSL::Host.localhost.should equal(host)
   end
 
+  it "should create a localhost cert if no cert is available and it is a CA with autosign and it is using DNS alt names" do
+    Puppet[:autosign] = true
+    Puppet[:confdir] = tmpdir('conf')
+    Puppet[:dns_alt_names] = "foo,bar,baz"
+    ca = Puppet::SSL::CertificateAuthority.new
+    Puppet::SSL::CertificateAuthority.stubs(:instance).returns ca
+
+    localhost = Puppet::SSL::Host.localhost
+    cert = localhost.certificate
+
+    cert.should be_a(Puppet::SSL::Certificate)
+    cert.subject_alt_names.should =~ %W[DNS:#{Puppet[:certname]} DNS:foo DNS:bar DNS:baz]
+  end
+
+  context "with dns_alt_names" do
+    before :each do
+      Puppet[:dns_alt_names] = 'one, two'
+
+      @key = stub('key content')
+      key = stub('key', :generate => true, :save => true, :content => @key)
+      Puppet::SSL::Key.stubs(:new).returns key
+
+      @cr = stub('certificate request', :save => true)
+      Puppet::SSL::CertificateRequest.stubs(:new).returns @cr
+    end
+
+    it "should not include subjectAltName if not the local node" do
+      @cr.expects(:generate).with(@key, {})
+
+      Puppet::SSL::Host.new('not-the-' + Puppet[:certname]).generate
+    end
+
+    it "should include subjectAltName if I am a CA" do
+      @cr.expects(:generate).
+        with(@key, { :dns_alt_names => Puppet[:dns_alt_names] })
+
+      Puppet::SSL::Host.localhost
+    end
+  end
+
   it "should always read the key for the localhost instance in from disk" do
     host = stub 'host', :certificate => "eh"
     Puppet::SSL::Host.expects(:new).returns host
@@ -377,7 +419,7 @@ describe Puppet::SSL::Host do
 
       key = stub 'key', :public_key => mock("public_key"), :content => "mycontent"
       @host.stubs(:key).returns(key)
-      @request.expects(:generate).with("mycontent")
+      @request.expects(:generate).with("mycontent", {})
       @request.expects(:save)
 
       @host.generate_certificate_request.should be_true
@@ -566,7 +608,7 @@ describe Puppet::SSL::Host do
       it "should use the CA to sign its certificate request if it does not have a certificate" do
         @host.expects(:certificate).returns nil
 
-        @ca.expects(:sign).with(@host.name)
+        @ca.expects(:sign).with(@host.name, true)
 
         @host.generate
       end

data/spec/unit/util/settings_spec.rb

@@ -129,6 +129,16 @@ describe Puppet::Util::Settings do
       @settings[:myval].should == ""
     end
 
+    it "should flag settings from the CLI" do
+      @settings.handlearg("--myval")
+      @settings.setting(:myval).setbycli.should be_true
+    end
+
+    it "should not flag settings memory" do
+      @settings[:myval] = "12"
+      @settings.setting(:myval).setbycli.should be_false
+    end
+
     it "should clear the cache when setting getopt-specific values" do
       @settings.setdefaults :mysection, :one => ["whah", "yay"], :two => ["$one yay", "bah"]
       @settings[:two].should == "whah yay"

data/test/language/functions.rb

@@ -4,7 +4,6 @@ require File.dirname(__FILE__) + '/../lib/puppettest'
 
 require 'puppet'
 require 'puppet/parser/parser'
-require 'puppet/network/client'
 require 'puppettest'
 require 'puppettest/resourcetesting'
 

data/test/language/snippets.rb

@@ -4,8 +4,6 @@ require File.dirname(__FILE__) + '/../lib/puppettest'
 
 require 'puppet'
 require 'puppet/parser/parser'
-require 'puppet/network/client'
-require 'puppet/network/handler'
 require 'puppettest'
 
 class TestSnippets < Test::Unit::TestCase
@@ -69,13 +67,6 @@ class TestSnippets < Test::Unit::TestCase
     ast
   end
 
-  def client
-    args = {
-      :Listen => false
-    }
-    Puppet::Network::Client.new(args)
-  end
-
   def ast2scope(ast)
     scope = Puppet::Parser::Scope.new
     ast.evaluate(scope)

data/test/lib/puppettest/exetest.rb

@@ -50,7 +50,7 @@ module PuppetTest::ExeTest
     args += " --confdir #{Puppet[:confdir]}"
     args += " --rundir #{File.join(Puppet[:vardir], "run")}"
     args += " --vardir #{Puppet[:vardir]}"
-    args += " --certdnsnames #{Puppet[:certdnsnames]}"
+    args += " --dns_alt_names #{Puppet[:master_dns_alt_names]}"
     args += " --masterport #{@@port}"
     args += " --user #{Puppet::Util::SUIDManager.uid}"
     args += " --group #{Puppet::Util::SUIDManager.gid}"

data/test/lib/puppettest/servertest.rb

@@ -1,5 +1,4 @@
 require 'puppettest'
-require 'puppet/network/http_server/webrick'
 
 module PuppetTest::ServerTest
   include PuppetTest

data/test/rails/rails.rb

@@ -5,7 +5,6 @@ require File.dirname(__FILE__) + '/../lib/puppettest'
 require 'puppet'
 require 'puppet/rails'
 require 'puppet/parser/parser'
-require 'puppet/network/client'
 require 'puppettest'
 require 'puppettest/parsertesting'
 require 'puppettest/resourcetesting'

data/test/ral/type/filesources.rb

@@ -227,66 +227,6 @@ class TestFileSources < Test::Unit::TestCase
     file
   end
 
-  def test_unmountedNetworkSources
-    server = nil
-    mounts = {
-      "/" => "root",
-      "/noexistokay" => "noexist"
-    }
-
-    fileserverconf = mkfileserverconf(mounts)
-
-    Puppet[:autosign] = true
-    Puppet[:masterport] = @port
-    Puppet[:certdnsnames] = "localhost"
-
-    serverpid = nil
-    assert_nothing_raised("Could not start on port #{@port}") {
-
-            server = Puppet::Network::HTTPServer::WEBrick.new(
-                
-        :Port => @port,
-        
-        :Handlers => {
-          :CA => {}, # so that certs autogenerate
-          :FileServer => {
-            :Config => fileserverconf
-          }
-        }
-      )
-
-    }
-
-    serverpid = fork {
-      assert_nothing_raised {
-        #trap(:INT) { server.shutdown; Kernel.exit! }
-        trap(:INT) { server.shutdown }
-        server.start
-      }
-    }
-    @@tmppids << serverpid
-
-    sleep(1)
-
-    name = File.join(tmpdir, "nosourcefile")
-
-          file = Puppet::Type.type(:file).new(
-                
-      :source => "puppet://localhost/noexist/file",
-        
-      :name => name
-    )
-
-    assert_raise Puppet::Error do
-      file.retrieve
-    end
-
-    comp = mk_catalog(file)
-    comp.apply
-
-    assert(!FileTest.exists?(name), "File with no source exists anyway")
-  end
-
   def test_sourcepaths
     files = []
     3.times {

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: puppet
 version: !ruby/object:Gem::Version 
-  hash: 1
+  hash: 15
   prerelease: 
   segments: 
   - 2
   - 6
-  - 11
-  version: 2.6.11
+  - 12
+  version: 2.6.12
 platform: ruby
 authors: 
 - Puppet Labs
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-09-30 00:00:00 Z
+date: 2011-10-22 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: facter
@@ -208,13 +208,6 @@ files:
 - lib/puppet/network/authconfig.rb
 - lib/puppet/network/authorization.rb
 - lib/puppet/network/authstore.rb
-- lib/puppet/network/client/ca.rb
-- lib/puppet/network/client/file.rb
-- lib/puppet/network/client/proxy.rb
-- lib/puppet/network/client/report.rb
-- lib/puppet/network/client/runner.rb
-- lib/puppet/network/client/status.rb
-- lib/puppet/network/client.rb
 - lib/puppet/network/client_request.rb
 - lib/puppet/network/format.rb
 - lib/puppet/network/format_handler.rb
@@ -241,15 +234,11 @@ files:
 - lib/puppet/network/http/webrick.rb
 - lib/puppet/network/http.rb
 - lib/puppet/network/http_pool.rb
-- lib/puppet/network/http_server/mongrel.rb
-- lib/puppet/network/http_server/webrick.rb
-- lib/puppet/network/http_server.rb
 - lib/puppet/network/rest_authconfig.rb
 - lib/puppet/network/rest_authorization.rb
 - lib/puppet/network/rest_controller.rb
 - lib/puppet/network/rights.rb
 - lib/puppet/network/server.rb
-- lib/puppet/network/xmlrpc/client.rb
 - lib/puppet/network/xmlrpc/processor.rb
 - lib/puppet/network/xmlrpc/server.rb
 - lib/puppet/network/xmlrpc/webrick_servlet.rb
@@ -475,12 +464,6 @@ files:
 - lib/puppet/ssl/inventory.rb
 - lib/puppet/ssl/key.rb
 - lib/puppet/ssl.rb
-- lib/puppet/sslcertificates/ca.rb
-- lib/puppet/sslcertificates/certificate.rb
-- lib/puppet/sslcertificates/inventory.rb
-- lib/puppet/sslcertificates/monkey_patch.rb
-- lib/puppet/sslcertificates/support.rb
-- lib/puppet/sslcertificates.rb
 - lib/puppet/status.rb
 - lib/puppet/transaction/event.rb
 - lib/puppet/transaction/event_manager.rb
@@ -753,9 +736,6 @@ files:
 - tasks/rake/sign.rake
 - tasks/rake/testbranch.rake
 - tasks/rake/yard.rake
-- test/certmgr/certmgr.rb
-- test/certmgr/inventory.rb
-- test/certmgr/support.rb
 - test/data/failers/badclassnoparam
 - test/data/failers/badclassparam
 - test/data/failers/badcompnoparam
@@ -873,18 +853,12 @@ files:
 - test/network/authconfig.rb
 - test/network/authorization.rb
 - test/network/authstore.rb
-- test/network/client/ca.rb
-- test/network/client/dipper.rb
 - test/network/client_request.rb
-- test/network/handler/ca.rb
 - test/network/handler/fileserver.rb
 - test/network/handler/master.rb
 - test/network/handler/report.rb
 - test/network/handler/runner.rb
 - test/network/rights.rb
-- test/network/server/mongrel_test.rb
-- test/network/server/webrick.rb
-- test/network/xmlrpc/client.rb
 - test/network/xmlrpc/processor.rb
 - test/network/xmlrpc/server.rb
 - test/network/xmlrpc/webrick_servlet.rb
@@ -972,7 +946,6 @@ files:
 - spec/integration/indirector/file_metadata/file_server_spec.rb
 - spec/integration/indirector/node/ldap_spec.rb
 - spec/integration/indirector/report/rest_spec.rb
-- spec/integration/network/client_spec.rb
 - spec/integration/network/formats_spec.rb
 - spec/integration/network/handler_spec.rb
 - spec/integration/network/server/mongrel_spec.rb
@@ -1123,10 +1096,10 @@ files:
 - spec/unit/module_spec.rb
 - spec/unit/network/authconfig_spec.rb
 - spec/unit/network/authstore_spec.rb
-- spec/unit/network/client_spec.rb
 - spec/unit/network/format_handler_spec.rb
 - spec/unit/network/format_spec.rb
 - spec/unit/network/formats_spec.rb
+- spec/unit/network/handler/ca_spec.rb
 - spec/unit/network/handler/fileserver_spec.rb
 - spec/unit/network/http/api/v1_spec.rb
 - spec/unit/network/http/compression_spec.rb
@@ -1146,7 +1119,6 @@ files:
 - spec/unit/network/rest_authorization_spec.rb
 - spec/unit/network/rights_spec.rb
 - spec/unit/network/server_spec.rb
-- spec/unit/network/xmlrpc/client_spec.rb
 - spec/unit/node/environment_spec.rb
 - spec/unit/node/facts_spec.rb
 - spec/unit/node_spec.rb
@@ -1294,7 +1266,6 @@ files:
 - spec/unit/ssl/host_spec.rb
 - spec/unit/ssl/inventory_spec.rb
 - spec/unit/ssl/key_spec.rb
-- spec/unit/sslcertificates/ca_spec.rb
 - spec/unit/status_spec.rb
 - spec/unit/transaction/event_manager_spec.rb
 - spec/unit/transaction/event_spec.rb

data/lib/puppet/network/client.rb

@@ -1,179 +0,0 @@
-# the available clients
-
-require 'puppet'
-require 'puppet/network/xmlrpc/client'
-require 'puppet/util/subclass_loader'
-require 'puppet/util/methodhelper'
-require 'puppet/sslcertificates/support'
-
-require 'puppet/network/handler'
-
-require 'net/http'
-
-# Some versions of ruby don't have this method defined, which basically causes
-# us to never use ssl.  Yay.
-class Net::HTTP
-  def use_ssl?
-    if defined?(@use_ssl)
-      @use_ssl
-    else
-      false
-    end
-  end
-
-  # JJM: This is a "backport" of sorts to older ruby versions which
-  # do not have this accessor.  See #896 for more information.
-  attr_accessor :enable_post_connection_check unless Net::HTTP.instance_methods.include? "enable_post_connection_check"
-end
-
-# The base class for all of the clients.  Many clients just directly
-# call methods, but some of them need to do some extra work or
-# provide a different interface.
-class Puppet::Network::Client
-  Client = self
-  include Puppet::Util
-  extend Puppet::Util::SubclassLoader
-  include Puppet::Util::MethodHelper
-
-  # This handles reading in the key and such-like.
-  include Puppet::SSLCertificates::Support
-
-  attr_accessor :schedule, :lastrun, :local, :stopping
-
-  attr_reader :driver
-
-  # Set up subclass loading
-  handle_subclasses :client, "puppet/network/client"
-
-  # Determine what clients look for when being passed an object for local
-  # client/server stuff.  E.g., you could call Client::CA.new(:CA => ca).
-  def self.drivername
-    @drivername ||= self.name
-  end
-
-  # Figure out the handler for our client.
-  def self.handler
-    @handler ||= Puppet::Network::Handler.handler(self.name)
-  end
-
-  # The class that handles xmlrpc interaction for us.
-  def self.xmlrpc_client
-    @xmlrpc_client ||= Puppet::Network::XMLRPCClient.handler_class(self.handler)
-  end
-
-  # Create our client.
-  def initialize(hash)
-    # to whom do we connect?
-    @server = nil
-
-    if hash.include?(:Cache)
-      @cache = hash[:Cache]
-    else
-      @cache = true
-    end
-
-    driverparam = self.class.drivername
-    if hash.include?(:Server)
-      args = {:Server => hash[:Server]}
-      @server = hash[:Server]
-      args[:Port] = hash[:Port] || Puppet[:masterport]
-
-      @driver = self.class.xmlrpc_client.new(args)
-
-      self.read_cert
-
-      # We have to start the HTTP connection manually before we start
-      # sending it requests or keep-alive won't work.  Note that with #1010,
-      # we don't currently actually want keep-alive.
-      @driver.start if @driver.respond_to? :start and Puppet::Network::HttpPool.keep_alive?
-
-      @local = false
-    elsif hash.include?(driverparam)
-      @driver = hash[driverparam]
-      if @driver == true
-        @driver = self.class.handler.new
-      end
-      @local = true
-    else
-      raise Puppet::Network::ClientError, "#{self.class} must be passed a Server or #{driverparam}"
-    end
-  end
-
-  # Are we a local client?
-  def local?
-    if @local
-      true
-    else
-      false
-    end
-  end
-
-  # Make sure we set the driver up when we read the cert in.
-  def recycle_connection
-    @driver.recycle_connection if @driver.respond_to?(:recycle_connection)
-  end
-
-  # A wrapper method to run and then store the last run time
-  def runnow
-    if self.stopping
-      Puppet.notice "In shutdown progress; skipping run"
-      return
-    end
-    begin
-      self.run
-      self.lastrun = Time.now.to_i
-    rescue => detail
-      puts detail.backtrace if Puppet[:trace]
-      Puppet.err "Could not run #{self.class}: #{detail}"
-    end
-  end
-
-  def run
-    raise Puppet::DevError, "Client type #{self.class} did not override run"
-  end
-
-  def scheduled?
-    if sched = self.schedule
-      return sched.match?(self.lastrun)
-    else
-      return true
-    end
-  end
-
-  def shutdown
-    if self.stopping
-      Puppet.notice "Already in shutdown"
-    else
-      self.stopping = true
-      Puppet::Util::Storage.store if self.respond_to? :running? and self.running?
-      rmpidfile
-    end
-  end
-
-  # Start listening for events.  We're pretty much just listening for
-  # timer events here.
-  def start
-    # Create our timer.  Puppet will handle observing it and such.
-
-          timer = Puppet.newtimer(
-                
-      :interval => Puppet[:runinterval],
-      :tolerance => 1,
-        
-      :start? => true
-    ) do
-      begin
-        self.runnow if self.scheduled?
-      rescue => detail
-        puts detail.backtrace if Puppet[:trace]
-        Puppet.err "Could not run client; got otherwise uncaught exception: #{detail}"
-      end
-    end
-
-    # Run once before we start following the timer
-    self.runnow
-  end
-
-  require 'puppet/network/client/proxy'
-end
-