| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
For a while Luke, and other authors, injected a created tag, copyright
statement, and "All rights reserved" into every new file they added to the
Puppet project.
This isn't really true, and we have a global license covering the code, so
we have now stripped out all those old tags.
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This error message is grammatically incorrect and unhelpful, so we replace it
with a message that explains more correctly what went wrong and what was
expected. This message happens when making an authenticated connection to a
server where the certificate doesn't match its hostname. This happens in the
REST terminuses, so we wrap their HTTP methods with a helper that will catch
the appropriate SSLError and re-raise it with the better message stating the
hostname used, and the list of hostnames that we were expecting it to be a part
of.
Unfortunately, because the certificate in question isn't available at error
time, we have to use the Net::HTTP#verify_callback to capture it.
Paired-With: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-By: Dominic Maraglia <dominic@puppetlabs.com>
|
| |
|
|
|
|
|
| |
We now use a shebang of: #!/usr/bin/env rspec
This enables the direct execution of spec tests again, which was lost earlier
during the transition to more directly using the rspec2 runtime environment.
|
| |
|
|
|
|
|
|
|
|
|
| |
rspec2 automatically sets a bunch of load-path stuff we were by hand, so we
can just stop. As a side-effect we can now avoid a whole pile of stupid things
to try and include the spec_helper.rb file...
...and then we can stop protecting spec_helper from evaluating twice, since we
now require it with a consistent name. Yay.
Reviewed-By: Pieter van de Bruggen <pieter@puppetlabs.com>
|
| |
|
|
|
|
|
|
|
| |
Doing a require to a relative path can cause files to be required more
than once when they're required from different relative paths. If you
expand the path fully, this won't happen. Ruby 1.9 also requires that
you use expand_path when doing these requires.
Paired-with: Jesse Wolfe
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replaced 106806 occurances of ^( +)(.*$) with
The ruby community almost universally (i.e. everyone but Luke, Markus, and the other eleven people
who learned ruby in the 1900s) uses two-space indentation.
3 Examples:
The code:
end
# Tell getopt which arguments are valid
def test_get_getopt_args
element = Setting.new :name => "foo", :desc => "anything", :settings => Puppet::Util::Settings.new
assert_equal([["--foo", GetoptLong::REQUIRED_ARGUMENT]], element.getopt_args, "Did not produce appropriate getopt args")
becomes:
end
# Tell getopt which arguments are valid
def test_get_getopt_args
element = Setting.new :name => "foo", :desc => "anything", :settings => Puppet::Util::Settings.new
assert_equal([["--foo", GetoptLong::REQUIRED_ARGUMENT]], element.getopt_args, "Did not produce appropriate getopt args")
The code:
assert_equal(str, val)
assert_instance_of(Float, result)
end
# Now test it with a passed object
becomes:
assert_equal(str, val)
assert_instance_of(Float, result)
end
# Now test it with a passed object
The code:
end
assert_nothing_raised do
klass[:Yay] = "boo"
klass["Cool"] = :yayness
end
becomes:
end
assert_nothing_raised do
klass[:Yay] = "boo"
klass["Cool"] = :yayness
end
|
| |
|
|
| |
Part 2 re-did the change on the spec files, which it shouldn't have.
|
| |
|
|
|
|
|
|
|
| |
Some spec files like active_record.rb had names that would confuse the
load path and get loaded instead of the intended implentation when the
spec was run from the same directory as the file.
Author: Matt Robinson <matt@puppetlabs.com>
Date: Fri Jun 11 15:29:33 2010 -0700
|
| |
|
|
|
|
|
|
|
| |
Some spec files like active_record.rb had names that would confuse the
load path and get loaded instead of the intended implentation when the
spec was run from the same directory as the file.
Author: Matt Robinson <matt@puppetlabs.com>
Date: Fri Jun 11 15:29:33 2010 -0700
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds HTTP response decompression (both gzip and deflate streams).
This feature is disabled by default, and enabled with --http_compression.
This feature can be activated only if the local ruby version supports the
zlib ruby extension.
HTTP response decompression is active for all REST communications and file
sourcing.
To enable http compression on the server side, it is needed to use a
reverse proxy like Apache or Nginx with adhoc configuration:
Nginx:
gzip on;
gzip_types text/pson text/json text/marshall text/yaml application/x-raw text/plain;
Apache:
LoadModule deflate_module /usr/lib/apache2/modules/mod_deflate.so
AddOutputFilterByType DEFLATE text/plain text/pson text/json text/marshall text/yaml application/x-raw
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| |
|
|
|
|
|
|
|
|
| |
This allows us to search for a cert, and we use the searched-for
term as the cert name (for the wrapper, not the actual cert object),
rather than the real cert name.
This allows us to use symbolic names like 'ca', as we're currently doing.
Signed-off-by: Luke Kanies <luke@madstop.com>
|
| |
|
|
|
|
|
| |
The various REST SSL terminii were never setup to use the
ca_server/ca_port if one is setup.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
|
| | |
|
| |
|
|
|
|
|
| |
saves to the :localcacert instead of :cacert.
This way the :ca terminus saves to :cacert and the :file
terminus saves to :localcacert.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Without this, then you could end up duplicating your CA
key into the normal directory depending on how caching
was set up.
Again, this design aspect isn't the most straightforward,
but at least it's functional now.
|
| |
|
|
|
|
|
|
| |
terminus classes, rather than the normal :file classes.
This is unfortunately complicated, and it means that the Key
:ca_file is only ever actually used for retrieving the CA key
itself.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a kind of weird design situation. For instance, we've got a
collection of certificates in the :certdir, but then there's a special
CA certificate off by itself. Rather than build a whole separate
infrastructure for managing those separate files (cert and key, at least),
I decided to add special support for specifying where to find the CA-specific
bits, and then code for handling them when necessary.
This requires that we have a standard way of knowing whether we should be
managing the CA bits or normal host files. The Puppet::SSL::Host class now has
a 'ca_name' method that returns the string we're using for the CA name; this
name is currently 'ca'. We have to use a name, because the name is the only
thing that all methods have access to (e.g., when trying to 'find' the right
cert, we only have the name available).
What this means is that if you want access to the CA key or cert, then create
a Puppet::SSL::Host instance with the name 'ca'.
You'll still get the CA cert created with the host's :certname; it will just
be stored in a different location.
|
| |
|
|
| |
classes, finally including the certificate requests.
|
| |
|
|
|
| |
with the existing cert/key store. Certificate requests
are not yet handled, nor are the ca-specific collections.
|
|
|
indirection terminii are done. I need to move most of
the test code to a shared behaviour now.
|
