Adding the requirement that the cert dn have /CN= in it, thus hopefully catching clients without certs

git-svn-id: https://reductivelabs.com/svn/puppet/trunk@2728 980ebf18-57e1-0310-9a29-db15c13687c0
author: luke <luke@980ebf18-57e1-0310-9a29-db15c13687c0> 2007-07-30 16:18:33 +0000
committer: luke <luke@980ebf18-57e1-0310-9a29-db15c13687c0> 2007-07-30 16:18:33 +0000
commit: 87da1726551a9e8c6596146fd3efe07780d728e1 (patch)
tree: 691f81a23e3ce5ad543794e90d9a3bab3d48b67b /lib/puppet
parent: 530d29031ddb8adf4fb9c1148ca3d0ac749c87dc (diff)
download: puppet-87da1726551a9e8c6596146fd3efe07780d728e1.tar.gz
puppet-87da1726551a9e8c6596146fd3efe07780d728e1.tar.xz
puppet-87da1726551a9e8c6596146fd3efe07780d728e1.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/puppet/network/server/mongrel.rb b/lib/puppet/network/server/mongrel.rb
index 9d3388e5d..37a10d348 100644
--- a/lib/puppet/network/server/mongrel.rb
+++ b/lib/puppet/network/server/mongrel.rb
@@ -116,7 +116,7 @@ module Puppet::Network
         def client_info(request)
             params = request.params
             ip = params["REMOTE_ADDR"]
-            if dn = params[Puppet[:ssl_client_header]]
+            if dn = params[Puppet[:ssl_client_header]] and dn.include?("/CN=")
                 client = dn.sub("/CN=", '')
                 valid = (params["HTTP_X_CLIENT_VERIFY"] == 'SUCCESS')
             else
author	luke <luke@980ebf18-57e1-0310-9a29-db15c13687c0>	2007-07-30 16:18:33 +0000
committer	luke <luke@980ebf18-57e1-0310-9a29-db15c13687c0>	2007-07-30 16:18:33 +0000
commit	87da1726551a9e8c6596146fd3efe07780d728e1 (patch)
tree	691f81a23e3ce5ad543794e90d9a3bab3d48b67b /lib/puppet
parent	530d29031ddb8adf4fb9c1148ca3d0ac749c87dc (diff)
download	puppet-87da1726551a9e8c6596146fd3efe07780d728e1.tar.gz puppet-87da1726551a9e8c6596146fd3efe07780d728e1.tar.xz puppet-87da1726551a9e8c6596146fd3efe07780d728e1.zip