puppet 2.6.11 → 2.6.12
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- data/CHANGELOG +33 -0
- data/conf/redhat/puppet.spec +7 -4
- data/lib/puppet.rb +1 -1
- data/lib/puppet/application/cert.rb +17 -3
- data/lib/puppet/application/kick.rb +0 -2
- data/lib/puppet/defaults.rb +52 -3
- data/lib/puppet/network/handler/ca.rb +16 -106
- data/lib/puppet/network/handler/master.rb +0 -3
- data/lib/puppet/network/handler/runner.rb +1 -0
- data/lib/puppet/ssl/certificate.rb +6 -0
- data/lib/puppet/ssl/certificate_authority.rb +86 -11
- data/lib/puppet/ssl/certificate_authority/interface.rb +64 -19
- data/lib/puppet/ssl/certificate_factory.rb +112 -91
- data/lib/puppet/ssl/certificate_request.rb +88 -1
- data/lib/puppet/ssl/host.rb +16 -3
- data/lib/puppet/type/file.rb +0 -1
- data/lib/puppet/util/command_line/puppetca +23 -2
- data/lib/puppet/util/monkey_patches.rb +69 -0
- data/lib/puppet/util/settings.rb +5 -0
- data/spec/integration/defaults_spec.rb +11 -0
- data/spec/integration/network/handler_spec.rb +1 -1
- data/spec/unit/configurer_spec.rb +2 -2
- data/spec/unit/network/handler/ca_spec.rb +86 -0
- data/spec/unit/ssl/certificate_authority/interface_spec.rb +92 -53
- data/spec/unit/ssl/certificate_authority_spec.rb +133 -23
- data/spec/unit/ssl/certificate_factory_spec.rb +90 -70
- data/spec/unit/ssl/certificate_request_spec.rb +62 -1
- data/spec/unit/ssl/certificate_spec.rb +31 -0
- data/spec/unit/ssl/host_spec.rb +44 -2
- data/spec/unit/util/settings_spec.rb +10 -0
- data/test/language/functions.rb +0 -1
- data/test/language/snippets.rb +0 -9
- data/test/lib/puppettest/exetest.rb +1 -1
- data/test/lib/puppettest/servertest.rb +0 -1
- data/test/rails/rails.rb +0 -1
- data/test/ral/type/filesources.rb +0 -60
- metadata +5 -34
- data/lib/puppet/network/client.rb +0 -179
- data/lib/puppet/network/client/ca.rb +0 -56
- data/lib/puppet/network/client/file.rb +0 -6
- data/lib/puppet/network/client/proxy.rb +0 -27
- data/lib/puppet/network/client/report.rb +0 -26
- data/lib/puppet/network/client/runner.rb +0 -10
- data/lib/puppet/network/client/status.rb +0 -4
- data/lib/puppet/network/http_server.rb +0 -3
- data/lib/puppet/network/http_server/mongrel.rb +0 -150
- data/lib/puppet/network/http_server/webrick.rb +0 -155
- data/lib/puppet/network/xmlrpc/client.rb +0 -211
- data/lib/puppet/sslcertificates.rb +0 -146
- data/lib/puppet/sslcertificates/ca.rb +0 -375
- data/lib/puppet/sslcertificates/certificate.rb +0 -255
- data/lib/puppet/sslcertificates/inventory.rb +0 -38
- data/lib/puppet/sslcertificates/monkey_patch.rb +0 -6
- data/lib/puppet/sslcertificates/support.rb +0 -146
- data/spec/integration/network/client_spec.rb +0 -19
- data/spec/unit/network/client_spec.rb +0 -45
- data/spec/unit/network/xmlrpc/client_spec.rb +0 -172
- data/spec/unit/sslcertificates/ca_spec.rb +0 -110
- data/test/certmgr/certmgr.rb +0 -308
- data/test/certmgr/inventory.rb +0 -69
- data/test/certmgr/support.rb +0 -105
- data/test/network/client/ca.rb +0 -69
- data/test/network/client/dipper.rb +0 -34
- data/test/network/handler/ca.rb +0 -273
- data/test/network/server/mongrel_test.rb +0 -99
- data/test/network/server/webrick.rb +0 -128
- data/test/network/xmlrpc/client.rb +0 -45
@@ -90,6 +90,37 @@ describe Puppet::SSL::Certificate do
|
|
90
90
|
@certificate.should respond_to(:content)
|
91
91
|
end
|
92
92
|
|
93
|
+
describe "#subject_alt_names" do
|
94
|
+
it "should list all alternate names when the extension is present" do
|
95
|
+
key = Puppet::SSL::Key.new('quux')
|
96
|
+
key.generate
|
97
|
+
|
98
|
+
csr = Puppet::SSL::CertificateRequest.new('quux')
|
99
|
+
csr.generate(key, :dns_alt_names => 'foo, bar,baz')
|
100
|
+
|
101
|
+
raw_csr = csr.content
|
102
|
+
|
103
|
+
cert = Puppet::SSL::CertificateFactory.build('server', csr, raw_csr, 14)
|
104
|
+
certificate = @class.from_s(cert.to_pem)
|
105
|
+
certificate.subject_alt_names.
|
106
|
+
should =~ ['DNS:foo', 'DNS:bar', 'DNS:baz', 'DNS:quux']
|
107
|
+
end
|
108
|
+
|
109
|
+
it "should return an empty list of names if the extension is absent" do
|
110
|
+
key = Puppet::SSL::Key.new('quux')
|
111
|
+
key.generate
|
112
|
+
|
113
|
+
csr = Puppet::SSL::CertificateRequest.new('quux')
|
114
|
+
csr.generate(key)
|
115
|
+
|
116
|
+
raw_csr = csr.content
|
117
|
+
|
118
|
+
cert = Puppet::SSL::CertificateFactory.build('client', csr, raw_csr, 14)
|
119
|
+
certificate = @class.from_s(cert.to_pem)
|
120
|
+
certificate.subject_alt_names.should be_empty
|
121
|
+
end
|
122
|
+
end
|
123
|
+
|
93
124
|
it "should return a nil expiration if there is no actual certificate" do
|
94
125
|
@certificate.stubs(:content).returns nil
|
95
126
|
|
data/spec/unit/ssl/host_spec.rb
CHANGED
@@ -5,6 +5,8 @@ require File.dirname(__FILE__) + '/../../spec_helper'
|
|
5
5
|
require 'puppet/ssl/host'
|
6
6
|
|
7
7
|
describe Puppet::SSL::Host do
|
8
|
+
include PuppetSpec::Files
|
9
|
+
|
8
10
|
before do
|
9
11
|
@class = Puppet::SSL::Host
|
10
12
|
@host = @class.new("myname")
|
@@ -64,6 +66,46 @@ describe Puppet::SSL::Host do
|
|
64
66
|
Puppet::SSL::Host.localhost.should equal(host)
|
65
67
|
end
|
66
68
|
|
69
|
+
it "should create a localhost cert if no cert is available and it is a CA with autosign and it is using DNS alt names" do
|
70
|
+
Puppet[:autosign] = true
|
71
|
+
Puppet[:confdir] = tmpdir('conf')
|
72
|
+
Puppet[:dns_alt_names] = "foo,bar,baz"
|
73
|
+
ca = Puppet::SSL::CertificateAuthority.new
|
74
|
+
Puppet::SSL::CertificateAuthority.stubs(:instance).returns ca
|
75
|
+
|
76
|
+
localhost = Puppet::SSL::Host.localhost
|
77
|
+
cert = localhost.certificate
|
78
|
+
|
79
|
+
cert.should be_a(Puppet::SSL::Certificate)
|
80
|
+
cert.subject_alt_names.should =~ %W[DNS:#{Puppet[:certname]} DNS:foo DNS:bar DNS:baz]
|
81
|
+
end
|
82
|
+
|
83
|
+
context "with dns_alt_names" do
|
84
|
+
before :each do
|
85
|
+
Puppet[:dns_alt_names] = 'one, two'
|
86
|
+
|
87
|
+
@key = stub('key content')
|
88
|
+
key = stub('key', :generate => true, :save => true, :content => @key)
|
89
|
+
Puppet::SSL::Key.stubs(:new).returns key
|
90
|
+
|
91
|
+
@cr = stub('certificate request', :save => true)
|
92
|
+
Puppet::SSL::CertificateRequest.stubs(:new).returns @cr
|
93
|
+
end
|
94
|
+
|
95
|
+
it "should not include subjectAltName if not the local node" do
|
96
|
+
@cr.expects(:generate).with(@key, {})
|
97
|
+
|
98
|
+
Puppet::SSL::Host.new('not-the-' + Puppet[:certname]).generate
|
99
|
+
end
|
100
|
+
|
101
|
+
it "should include subjectAltName if I am a CA" do
|
102
|
+
@cr.expects(:generate).
|
103
|
+
with(@key, { :dns_alt_names => Puppet[:dns_alt_names] })
|
104
|
+
|
105
|
+
Puppet::SSL::Host.localhost
|
106
|
+
end
|
107
|
+
end
|
108
|
+
|
67
109
|
it "should always read the key for the localhost instance in from disk" do
|
68
110
|
host = stub 'host', :certificate => "eh"
|
69
111
|
Puppet::SSL::Host.expects(:new).returns host
|
@@ -377,7 +419,7 @@ describe Puppet::SSL::Host do
|
|
377
419
|
|
378
420
|
key = stub 'key', :public_key => mock("public_key"), :content => "mycontent"
|
379
421
|
@host.stubs(:key).returns(key)
|
380
|
-
@request.expects(:generate).with("mycontent")
|
422
|
+
@request.expects(:generate).with("mycontent", {})
|
381
423
|
@request.expects(:save)
|
382
424
|
|
383
425
|
@host.generate_certificate_request.should be_true
|
@@ -566,7 +608,7 @@ describe Puppet::SSL::Host do
|
|
566
608
|
it "should use the CA to sign its certificate request if it does not have a certificate" do
|
567
609
|
@host.expects(:certificate).returns nil
|
568
610
|
|
569
|
-
@ca.expects(:sign).with(@host.name)
|
611
|
+
@ca.expects(:sign).with(@host.name, true)
|
570
612
|
|
571
613
|
@host.generate
|
572
614
|
end
|
@@ -129,6 +129,16 @@ describe Puppet::Util::Settings do
|
|
129
129
|
@settings[:myval].should == ""
|
130
130
|
end
|
131
131
|
|
132
|
+
it "should flag settings from the CLI" do
|
133
|
+
@settings.handlearg("--myval")
|
134
|
+
@settings.setting(:myval).setbycli.should be_true
|
135
|
+
end
|
136
|
+
|
137
|
+
it "should not flag settings memory" do
|
138
|
+
@settings[:myval] = "12"
|
139
|
+
@settings.setting(:myval).setbycli.should be_false
|
140
|
+
end
|
141
|
+
|
132
142
|
it "should clear the cache when setting getopt-specific values" do
|
133
143
|
@settings.setdefaults :mysection, :one => ["whah", "yay"], :two => ["$one yay", "bah"]
|
134
144
|
@settings[:two].should == "whah yay"
|
data/test/language/functions.rb
CHANGED
data/test/language/snippets.rb
CHANGED
@@ -4,8 +4,6 @@ require File.dirname(__FILE__) + '/../lib/puppettest'
|
|
4
4
|
|
5
5
|
require 'puppet'
|
6
6
|
require 'puppet/parser/parser'
|
7
|
-
require 'puppet/network/client'
|
8
|
-
require 'puppet/network/handler'
|
9
7
|
require 'puppettest'
|
10
8
|
|
11
9
|
class TestSnippets < Test::Unit::TestCase
|
@@ -69,13 +67,6 @@ class TestSnippets < Test::Unit::TestCase
|
|
69
67
|
ast
|
70
68
|
end
|
71
69
|
|
72
|
-
def client
|
73
|
-
args = {
|
74
|
-
:Listen => false
|
75
|
-
}
|
76
|
-
Puppet::Network::Client.new(args)
|
77
|
-
end
|
78
|
-
|
79
70
|
def ast2scope(ast)
|
80
71
|
scope = Puppet::Parser::Scope.new
|
81
72
|
ast.evaluate(scope)
|
@@ -50,7 +50,7 @@ module PuppetTest::ExeTest
|
|
50
50
|
args += " --confdir #{Puppet[:confdir]}"
|
51
51
|
args += " --rundir #{File.join(Puppet[:vardir], "run")}"
|
52
52
|
args += " --vardir #{Puppet[:vardir]}"
|
53
|
-
args += " --
|
53
|
+
args += " --dns_alt_names #{Puppet[:master_dns_alt_names]}"
|
54
54
|
args += " --masterport #{@@port}"
|
55
55
|
args += " --user #{Puppet::Util::SUIDManager.uid}"
|
56
56
|
args += " --group #{Puppet::Util::SUIDManager.gid}"
|
data/test/rails/rails.rb
CHANGED
@@ -227,66 +227,6 @@ class TestFileSources < Test::Unit::TestCase
|
|
227
227
|
file
|
228
228
|
end
|
229
229
|
|
230
|
-
def test_unmountedNetworkSources
|
231
|
-
server = nil
|
232
|
-
mounts = {
|
233
|
-
"/" => "root",
|
234
|
-
"/noexistokay" => "noexist"
|
235
|
-
}
|
236
|
-
|
237
|
-
fileserverconf = mkfileserverconf(mounts)
|
238
|
-
|
239
|
-
Puppet[:autosign] = true
|
240
|
-
Puppet[:masterport] = @port
|
241
|
-
Puppet[:certdnsnames] = "localhost"
|
242
|
-
|
243
|
-
serverpid = nil
|
244
|
-
assert_nothing_raised("Could not start on port #{@port}") {
|
245
|
-
|
246
|
-
server = Puppet::Network::HTTPServer::WEBrick.new(
|
247
|
-
|
248
|
-
:Port => @port,
|
249
|
-
|
250
|
-
:Handlers => {
|
251
|
-
:CA => {}, # so that certs autogenerate
|
252
|
-
:FileServer => {
|
253
|
-
:Config => fileserverconf
|
254
|
-
}
|
255
|
-
}
|
256
|
-
)
|
257
|
-
|
258
|
-
}
|
259
|
-
|
260
|
-
serverpid = fork {
|
261
|
-
assert_nothing_raised {
|
262
|
-
#trap(:INT) { server.shutdown; Kernel.exit! }
|
263
|
-
trap(:INT) { server.shutdown }
|
264
|
-
server.start
|
265
|
-
}
|
266
|
-
}
|
267
|
-
@@tmppids << serverpid
|
268
|
-
|
269
|
-
sleep(1)
|
270
|
-
|
271
|
-
name = File.join(tmpdir, "nosourcefile")
|
272
|
-
|
273
|
-
file = Puppet::Type.type(:file).new(
|
274
|
-
|
275
|
-
:source => "puppet://localhost/noexist/file",
|
276
|
-
|
277
|
-
:name => name
|
278
|
-
)
|
279
|
-
|
280
|
-
assert_raise Puppet::Error do
|
281
|
-
file.retrieve
|
282
|
-
end
|
283
|
-
|
284
|
-
comp = mk_catalog(file)
|
285
|
-
comp.apply
|
286
|
-
|
287
|
-
assert(!FileTest.exists?(name), "File with no source exists anyway")
|
288
|
-
end
|
289
|
-
|
290
230
|
def test_sourcepaths
|
291
231
|
files = []
|
292
232
|
3.times {
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: puppet
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 15
|
5
5
|
prerelease:
|
6
6
|
segments:
|
7
7
|
- 2
|
8
8
|
- 6
|
9
|
-
-
|
10
|
-
version: 2.6.
|
9
|
+
- 12
|
10
|
+
version: 2.6.12
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- Puppet Labs
|
@@ -15,7 +15,7 @@ autorequire:
|
|
15
15
|
bindir: bin
|
16
16
|
cert_chain: []
|
17
17
|
|
18
|
-
date: 2011-
|
18
|
+
date: 2011-10-22 00:00:00 Z
|
19
19
|
dependencies:
|
20
20
|
- !ruby/object:Gem::Dependency
|
21
21
|
name: facter
|
@@ -208,13 +208,6 @@ files:
|
|
208
208
|
- lib/puppet/network/authconfig.rb
|
209
209
|
- lib/puppet/network/authorization.rb
|
210
210
|
- lib/puppet/network/authstore.rb
|
211
|
-
- lib/puppet/network/client/ca.rb
|
212
|
-
- lib/puppet/network/client/file.rb
|
213
|
-
- lib/puppet/network/client/proxy.rb
|
214
|
-
- lib/puppet/network/client/report.rb
|
215
|
-
- lib/puppet/network/client/runner.rb
|
216
|
-
- lib/puppet/network/client/status.rb
|
217
|
-
- lib/puppet/network/client.rb
|
218
211
|
- lib/puppet/network/client_request.rb
|
219
212
|
- lib/puppet/network/format.rb
|
220
213
|
- lib/puppet/network/format_handler.rb
|
@@ -241,15 +234,11 @@ files:
|
|
241
234
|
- lib/puppet/network/http/webrick.rb
|
242
235
|
- lib/puppet/network/http.rb
|
243
236
|
- lib/puppet/network/http_pool.rb
|
244
|
-
- lib/puppet/network/http_server/mongrel.rb
|
245
|
-
- lib/puppet/network/http_server/webrick.rb
|
246
|
-
- lib/puppet/network/http_server.rb
|
247
237
|
- lib/puppet/network/rest_authconfig.rb
|
248
238
|
- lib/puppet/network/rest_authorization.rb
|
249
239
|
- lib/puppet/network/rest_controller.rb
|
250
240
|
- lib/puppet/network/rights.rb
|
251
241
|
- lib/puppet/network/server.rb
|
252
|
-
- lib/puppet/network/xmlrpc/client.rb
|
253
242
|
- lib/puppet/network/xmlrpc/processor.rb
|
254
243
|
- lib/puppet/network/xmlrpc/server.rb
|
255
244
|
- lib/puppet/network/xmlrpc/webrick_servlet.rb
|
@@ -475,12 +464,6 @@ files:
|
|
475
464
|
- lib/puppet/ssl/inventory.rb
|
476
465
|
- lib/puppet/ssl/key.rb
|
477
466
|
- lib/puppet/ssl.rb
|
478
|
-
- lib/puppet/sslcertificates/ca.rb
|
479
|
-
- lib/puppet/sslcertificates/certificate.rb
|
480
|
-
- lib/puppet/sslcertificates/inventory.rb
|
481
|
-
- lib/puppet/sslcertificates/monkey_patch.rb
|
482
|
-
- lib/puppet/sslcertificates/support.rb
|
483
|
-
- lib/puppet/sslcertificates.rb
|
484
467
|
- lib/puppet/status.rb
|
485
468
|
- lib/puppet/transaction/event.rb
|
486
469
|
- lib/puppet/transaction/event_manager.rb
|
@@ -753,9 +736,6 @@ files:
|
|
753
736
|
- tasks/rake/sign.rake
|
754
737
|
- tasks/rake/testbranch.rake
|
755
738
|
- tasks/rake/yard.rake
|
756
|
-
- test/certmgr/certmgr.rb
|
757
|
-
- test/certmgr/inventory.rb
|
758
|
-
- test/certmgr/support.rb
|
759
739
|
- test/data/failers/badclassnoparam
|
760
740
|
- test/data/failers/badclassparam
|
761
741
|
- test/data/failers/badcompnoparam
|
@@ -873,18 +853,12 @@ files:
|
|
873
853
|
- test/network/authconfig.rb
|
874
854
|
- test/network/authorization.rb
|
875
855
|
- test/network/authstore.rb
|
876
|
-
- test/network/client/ca.rb
|
877
|
-
- test/network/client/dipper.rb
|
878
856
|
- test/network/client_request.rb
|
879
|
-
- test/network/handler/ca.rb
|
880
857
|
- test/network/handler/fileserver.rb
|
881
858
|
- test/network/handler/master.rb
|
882
859
|
- test/network/handler/report.rb
|
883
860
|
- test/network/handler/runner.rb
|
884
861
|
- test/network/rights.rb
|
885
|
-
- test/network/server/mongrel_test.rb
|
886
|
-
- test/network/server/webrick.rb
|
887
|
-
- test/network/xmlrpc/client.rb
|
888
862
|
- test/network/xmlrpc/processor.rb
|
889
863
|
- test/network/xmlrpc/server.rb
|
890
864
|
- test/network/xmlrpc/webrick_servlet.rb
|
@@ -972,7 +946,6 @@ files:
|
|
972
946
|
- spec/integration/indirector/file_metadata/file_server_spec.rb
|
973
947
|
- spec/integration/indirector/node/ldap_spec.rb
|
974
948
|
- spec/integration/indirector/report/rest_spec.rb
|
975
|
-
- spec/integration/network/client_spec.rb
|
976
949
|
- spec/integration/network/formats_spec.rb
|
977
950
|
- spec/integration/network/handler_spec.rb
|
978
951
|
- spec/integration/network/server/mongrel_spec.rb
|
@@ -1123,10 +1096,10 @@ files:
|
|
1123
1096
|
- spec/unit/module_spec.rb
|
1124
1097
|
- spec/unit/network/authconfig_spec.rb
|
1125
1098
|
- spec/unit/network/authstore_spec.rb
|
1126
|
-
- spec/unit/network/client_spec.rb
|
1127
1099
|
- spec/unit/network/format_handler_spec.rb
|
1128
1100
|
- spec/unit/network/format_spec.rb
|
1129
1101
|
- spec/unit/network/formats_spec.rb
|
1102
|
+
- spec/unit/network/handler/ca_spec.rb
|
1130
1103
|
- spec/unit/network/handler/fileserver_spec.rb
|
1131
1104
|
- spec/unit/network/http/api/v1_spec.rb
|
1132
1105
|
- spec/unit/network/http/compression_spec.rb
|
@@ -1146,7 +1119,6 @@ files:
|
|
1146
1119
|
- spec/unit/network/rest_authorization_spec.rb
|
1147
1120
|
- spec/unit/network/rights_spec.rb
|
1148
1121
|
- spec/unit/network/server_spec.rb
|
1149
|
-
- spec/unit/network/xmlrpc/client_spec.rb
|
1150
1122
|
- spec/unit/node/environment_spec.rb
|
1151
1123
|
- spec/unit/node/facts_spec.rb
|
1152
1124
|
- spec/unit/node_spec.rb
|
@@ -1294,7 +1266,6 @@ files:
|
|
1294
1266
|
- spec/unit/ssl/host_spec.rb
|
1295
1267
|
- spec/unit/ssl/inventory_spec.rb
|
1296
1268
|
- spec/unit/ssl/key_spec.rb
|
1297
|
-
- spec/unit/sslcertificates/ca_spec.rb
|
1298
1269
|
- spec/unit/status_spec.rb
|
1299
1270
|
- spec/unit/transaction/event_manager_spec.rb
|
1300
1271
|
- spec/unit/transaction/event_spec.rb
|
@@ -1,179 +0,0 @@
|
|
1
|
-
# the available clients
|
2
|
-
|
3
|
-
require 'puppet'
|
4
|
-
require 'puppet/network/xmlrpc/client'
|
5
|
-
require 'puppet/util/subclass_loader'
|
6
|
-
require 'puppet/util/methodhelper'
|
7
|
-
require 'puppet/sslcertificates/support'
|
8
|
-
|
9
|
-
require 'puppet/network/handler'
|
10
|
-
|
11
|
-
require 'net/http'
|
12
|
-
|
13
|
-
# Some versions of ruby don't have this method defined, which basically causes
|
14
|
-
# us to never use ssl. Yay.
|
15
|
-
class Net::HTTP
|
16
|
-
def use_ssl?
|
17
|
-
if defined?(@use_ssl)
|
18
|
-
@use_ssl
|
19
|
-
else
|
20
|
-
false
|
21
|
-
end
|
22
|
-
end
|
23
|
-
|
24
|
-
# JJM: This is a "backport" of sorts to older ruby versions which
|
25
|
-
# do not have this accessor. See #896 for more information.
|
26
|
-
attr_accessor :enable_post_connection_check unless Net::HTTP.instance_methods.include? "enable_post_connection_check"
|
27
|
-
end
|
28
|
-
|
29
|
-
# The base class for all of the clients. Many clients just directly
|
30
|
-
# call methods, but some of them need to do some extra work or
|
31
|
-
# provide a different interface.
|
32
|
-
class Puppet::Network::Client
|
33
|
-
Client = self
|
34
|
-
include Puppet::Util
|
35
|
-
extend Puppet::Util::SubclassLoader
|
36
|
-
include Puppet::Util::MethodHelper
|
37
|
-
|
38
|
-
# This handles reading in the key and such-like.
|
39
|
-
include Puppet::SSLCertificates::Support
|
40
|
-
|
41
|
-
attr_accessor :schedule, :lastrun, :local, :stopping
|
42
|
-
|
43
|
-
attr_reader :driver
|
44
|
-
|
45
|
-
# Set up subclass loading
|
46
|
-
handle_subclasses :client, "puppet/network/client"
|
47
|
-
|
48
|
-
# Determine what clients look for when being passed an object for local
|
49
|
-
# client/server stuff. E.g., you could call Client::CA.new(:CA => ca).
|
50
|
-
def self.drivername
|
51
|
-
@drivername ||= self.name
|
52
|
-
end
|
53
|
-
|
54
|
-
# Figure out the handler for our client.
|
55
|
-
def self.handler
|
56
|
-
@handler ||= Puppet::Network::Handler.handler(self.name)
|
57
|
-
end
|
58
|
-
|
59
|
-
# The class that handles xmlrpc interaction for us.
|
60
|
-
def self.xmlrpc_client
|
61
|
-
@xmlrpc_client ||= Puppet::Network::XMLRPCClient.handler_class(self.handler)
|
62
|
-
end
|
63
|
-
|
64
|
-
# Create our client.
|
65
|
-
def initialize(hash)
|
66
|
-
# to whom do we connect?
|
67
|
-
@server = nil
|
68
|
-
|
69
|
-
if hash.include?(:Cache)
|
70
|
-
@cache = hash[:Cache]
|
71
|
-
else
|
72
|
-
@cache = true
|
73
|
-
end
|
74
|
-
|
75
|
-
driverparam = self.class.drivername
|
76
|
-
if hash.include?(:Server)
|
77
|
-
args = {:Server => hash[:Server]}
|
78
|
-
@server = hash[:Server]
|
79
|
-
args[:Port] = hash[:Port] || Puppet[:masterport]
|
80
|
-
|
81
|
-
@driver = self.class.xmlrpc_client.new(args)
|
82
|
-
|
83
|
-
self.read_cert
|
84
|
-
|
85
|
-
# We have to start the HTTP connection manually before we start
|
86
|
-
# sending it requests or keep-alive won't work. Note that with #1010,
|
87
|
-
# we don't currently actually want keep-alive.
|
88
|
-
@driver.start if @driver.respond_to? :start and Puppet::Network::HttpPool.keep_alive?
|
89
|
-
|
90
|
-
@local = false
|
91
|
-
elsif hash.include?(driverparam)
|
92
|
-
@driver = hash[driverparam]
|
93
|
-
if @driver == true
|
94
|
-
@driver = self.class.handler.new
|
95
|
-
end
|
96
|
-
@local = true
|
97
|
-
else
|
98
|
-
raise Puppet::Network::ClientError, "#{self.class} must be passed a Server or #{driverparam}"
|
99
|
-
end
|
100
|
-
end
|
101
|
-
|
102
|
-
# Are we a local client?
|
103
|
-
def local?
|
104
|
-
if @local
|
105
|
-
true
|
106
|
-
else
|
107
|
-
false
|
108
|
-
end
|
109
|
-
end
|
110
|
-
|
111
|
-
# Make sure we set the driver up when we read the cert in.
|
112
|
-
def recycle_connection
|
113
|
-
@driver.recycle_connection if @driver.respond_to?(:recycle_connection)
|
114
|
-
end
|
115
|
-
|
116
|
-
# A wrapper method to run and then store the last run time
|
117
|
-
def runnow
|
118
|
-
if self.stopping
|
119
|
-
Puppet.notice "In shutdown progress; skipping run"
|
120
|
-
return
|
121
|
-
end
|
122
|
-
begin
|
123
|
-
self.run
|
124
|
-
self.lastrun = Time.now.to_i
|
125
|
-
rescue => detail
|
126
|
-
puts detail.backtrace if Puppet[:trace]
|
127
|
-
Puppet.err "Could not run #{self.class}: #{detail}"
|
128
|
-
end
|
129
|
-
end
|
130
|
-
|
131
|
-
def run
|
132
|
-
raise Puppet::DevError, "Client type #{self.class} did not override run"
|
133
|
-
end
|
134
|
-
|
135
|
-
def scheduled?
|
136
|
-
if sched = self.schedule
|
137
|
-
return sched.match?(self.lastrun)
|
138
|
-
else
|
139
|
-
return true
|
140
|
-
end
|
141
|
-
end
|
142
|
-
|
143
|
-
def shutdown
|
144
|
-
if self.stopping
|
145
|
-
Puppet.notice "Already in shutdown"
|
146
|
-
else
|
147
|
-
self.stopping = true
|
148
|
-
Puppet::Util::Storage.store if self.respond_to? :running? and self.running?
|
149
|
-
rmpidfile
|
150
|
-
end
|
151
|
-
end
|
152
|
-
|
153
|
-
# Start listening for events. We're pretty much just listening for
|
154
|
-
# timer events here.
|
155
|
-
def start
|
156
|
-
# Create our timer. Puppet will handle observing it and such.
|
157
|
-
|
158
|
-
timer = Puppet.newtimer(
|
159
|
-
|
160
|
-
:interval => Puppet[:runinterval],
|
161
|
-
:tolerance => 1,
|
162
|
-
|
163
|
-
:start? => true
|
164
|
-
) do
|
165
|
-
begin
|
166
|
-
self.runnow if self.scheduled?
|
167
|
-
rescue => detail
|
168
|
-
puts detail.backtrace if Puppet[:trace]
|
169
|
-
Puppet.err "Could not run client; got otherwise uncaught exception: #{detail}"
|
170
|
-
end
|
171
|
-
end
|
172
|
-
|
173
|
-
# Run once before we start following the timer
|
174
|
-
self.runnow
|
175
|
-
end
|
176
|
-
|
177
|
-
require 'puppet/network/client/proxy'
|
178
|
-
end
|
179
|
-
|