diff options
Diffstat (limited to 'lib/puppet')
| -rw-r--r-- | lib/puppet/network/http/handler.rb | 12 | ||||
| -rw-r--r-- | lib/puppet/network/http/mongrel/rest.rb | 1 | ||||
| -rw-r--r-- | lib/puppet/network/http/webrick/rest.rb | 3 |
3 files changed, 16 insertions, 0 deletions
diff --git a/lib/puppet/network/http/handler.rb b/lib/puppet/network/http/handler.rb index c6d34fe43..679bb8dcd 100644 --- a/lib/puppet/network/http/handler.rb +++ b/lib/puppet/network/http/handler.rb @@ -4,6 +4,7 @@ end require 'puppet/network/http/api/v1' require 'puppet/network/rest_authorization' require 'puppet/network/rights' +require 'resolv' module Puppet::Network::HTTP::Handler include Puppet::Network::HTTP::API::V1 @@ -125,6 +126,17 @@ module Puppet::Network::HTTP::Handler set_response(response, result.to_yaml) end + # resolve node name from peer's ip address + # this is used when the request is unauthenticated + def resolve_node(result) + begin + return Resolv.getname(result[:ip]) + rescue => detail + Puppet.err "Could not resolve %s: %s" % [result[:ip], detail] + end + return result[:ip] + end + private # LAK:NOTE This has to be here for testing; it's a stub-point so diff --git a/lib/puppet/network/http/mongrel/rest.rb b/lib/puppet/network/http/mongrel/rest.rb index d9913dc45..2f49506c8 100644 --- a/lib/puppet/network/http/mongrel/rest.rb +++ b/lib/puppet/network/http/mongrel/rest.rb @@ -71,6 +71,7 @@ class Puppet::Network::HTTP::MongrelREST < Mongrel::HttpHandler result[:node] = dn_matchdata[1].to_str result[:authenticated] = (params[Puppet[:ssl_client_verify_header]] == 'SUCCESS') else + result[:node] = resolve_node(result) result[:authenticated] = false end diff --git a/lib/puppet/network/http/webrick/rest.rb b/lib/puppet/network/http/webrick/rest.rb index 8120c87db..5f77da87a 100644 --- a/lib/puppet/network/http/webrick/rest.rb +++ b/lib/puppet/network/http/webrick/rest.rb @@ -1,4 +1,5 @@ require 'puppet/network/http/handler' +require 'resolv' class Puppet::Network::HTTP::WEBrickREST < WEBrick::HTTPServlet::AbstractServlet @@ -66,6 +67,8 @@ class Puppet::Network::HTTP::WEBrickREST < WEBrick::HTTPServlet::AbstractServlet if cert = request.client_cert and nameary = cert.subject.to_a.find { |ary| ary[0] == "CN" } result[:node] = nameary[1] result[:authenticated] = true + else + result[:node] = resolve_node(result) end result |