| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
Some spec files like active_record.rb had names that would confuse the
load path and get loaded instead of the intended implentation when the
spec was run from the same directory as the file.
Author: Matt Robinson <matt@puppetlabs.com>
Date: Fri Jun 11 15:29:33 2010 -0700
|
| |
|
|
|
|
|
|
|
|
| |
The setting enable_post_connection_check doesn't exist on very many
versions of ruby, and on those systems there's no way to disable domain
name checking on HTTPS.
The recommended work-around is to replace certificates when they have
incorrect hostnames.
Signed-off-by: Jesse Wolfe <jes5199@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was a "There's A Hole In The Bucket" problem caused when trying
to establish a connection to get a certificate before there was
a certificate with which to establish the connection, ad
infinitum. The solution was to test for the presence of the
CA cert as well as the host cert before attempting to use them.
This patch modifies existing tests to pass with the new code (by
stubbing out the additional FileTests) and adds a new test which
catches the original problem.
Signed-off-by: Markus Roberts <Markus@reality.com>
|
| |
|
|
|
|
|
|
|
|
| |
The main aspect of this solution is to create a site-wide
Puppet::SSL::Host instance to cache ssl key and certificate,
so that by the time we've switched UIDs, we've got the key and
cert in memory. Then webrick just uses that, rather than creating
a new Host instance.
Signed-off-by: Luke Kanies <luke@madstop.com>
|
| |
|
|
| |
Signed-off-by: Luke Kanies <luke@madstop.com>
|
| |
|
|
| |
Signed-off-by: Luke Kanies <luke@madstop.com>
|
| |\
| |
| |
| |
| |
| |
| | |
Conflicts:
CHANGELOG
lib/puppet/transaction.rb
|
| | | |
|
| | |
| |
| |
| |
| | |
This provides a single, global bit for determining whether
a given piece of cached data is still valid.
|
| | |
| |
| |
| |
| |
| |
| | |
The HttpPool module now removes its cached ssl_host instance
when clearing its cache. This is really only useful
for testing, but it correctly causes the pool to use
new certificates when they're available.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
We can't have the HttpPool class use the Indirector to see
if it has a cert available, because it might be being used to
try to download one, which would cause it to make an http instance,
which would cause it to... Well, you get the idea.
Adding and fixing a few other tests I ran into on the way.
|
| |/
|
|
|
| |
It uses an instance of SSL::Host for getting its certificate
and ssl store.
|
| | |
|
| |
|
|
|
|
|
| |
There is now a constant in Puppet::Network::HttpPool that will
disable or enable this feature, but note that we determined
that it can cause corruption, especially in file serving (but
it's client-side corruption).
|
| |
|
|
| |
Some minor refactoring, pulling repeated setup up to 'before'
|
| |
|
|
|
| |
from the filesystem and failed when those keys
were unreadable.
|
| |
|
|
| |
since it didn't work and is now unnecessary.
|
|
|
a central module responsible for managing the http pool
(Puppet::Network::HttpPool), and it also handles
setting certificate information. This gets rid of
what were otherwise long chains of method calls,
and it makes the code paths much clearer.
|
