summaryrefslogtreecommitdiffstats
path: root/spec
Commit message (Collapse)AuthorAgeFilesLines
...
| * | Fixing the user test.Luke Kanies2008-05-151-6/+4
| | | | | | | | | | | | It was causing exceptions when run as part of the whole suite.
| * | Added the ability to add arbitrary attributes to ldap.Gunnar Wrobel2008-05-151-0/+91
| |/ | | | | | | This fixes #1179.
| * Correcting whitespace in the templatewrapper code.Luke Kanies2008-05-131-52/+52
| | | | | | | | Also slightly modified the wording of some of the tests.
| * Adding has_variable? support, fixing ticket #1177Adam Jacob2008-05-131-0/+57
| |
| * Merge branch 'authorized_keys' into 0.24.xLuke Kanies2008-05-122-0/+154
| |\
| | * adding execute bits to testsLuke Kanies2008-05-122-0/+0
| | |
| | * New native ssh_authorized_key typeFrancois Deppierraz2008-05-072-0/+154
| | |
| * | Adding ldap providers for the user and group type.Luke Kanies2008-05-126-0/+1388
| | | | | | | | | | | | | | | | | | These providers use posixAccount and posixGroup. This is a collapsed merge, fwiw.
| * | Fixing another test that wrote to ~Luke Kanies2008-05-121-0/+1
| | |
| * | Fixing a test that wrote to ~.Luke Kanies2008-05-121-0/+8
| |/
* | Using the new Cacher class for handling cached data.Luke Kanies2008-05-1320-95/+55
| | | | | | | | | | This provides a single, global bit for determining whether a given piece of cached data is still valid.
* | Adding a module for handling caching information.Luke Kanies2008-05-071-0/+142
| | | | | | | | | | | | | | I keep having issues with integration tests keeping cached values around, and this module should hopefully give us a single place to invalidate all caches, thus making testing this much easier.
* | Fixing some broken tests.Luke Kanies2008-05-071-0/+10
| | | | | | | | | | | | | | The HttpPool module now removes its cached ssl_host instance when clearing its cache. This is really only useful for testing, but it correctly causes the pool to use new certificates when they're available.
* | The CRL is now automatically used or ignored.Luke Kanies2008-05-075-78/+21
| | | | | | | | | | | | | | | | | | Previously, you had to configure whether you wanted the CRL or not, which resulted in errors all the time when it was configured but unavailable. Now, Puppet will always create and try to use it, but you won't get failures if it's unavailable.
* | The master and client now successfully speak xmlrpc using the new system.Luke Kanies2008-05-074-1/+114
| | | | | | | | | | | | The server is actually serving REST, but the client can't use it until we resolve the format and security issues that REST hasn't yet tackled.
* | Adding pidfile management and daemonization to the ServerLuke Kanies2008-05-071-195/+301
| | | | | | | | class.
* | Fixing the HttpPool module to get rid of an infinite loop.Luke Kanies2008-05-064-6/+31
| | | | | | | | | | | | | | | | | | We can't have the HttpPool class use the Indirector to see if it has a cert available, because it might be being used to try to download one, which would cause it to make an http instance, which would cause it to... Well, you get the idea. Adding and fixing a few other tests I ran into on the way.
* | Adding REST terminuses for the SSL-related indirections.Luke Kanies2008-05-063-0/+45
| |
* | Adding autosigning to the new CA.Luke Kanies2008-05-062-10/+103
| | | | | | | | | | Now the CSR class triggers autosigning when any CSR is saved, if it's running on a CA host.
* | Moving the CA Interface class to a separate file.Luke Kanies2008-05-062-255/+270
| |
* | The master is now functionally serving REST and xmlrpc.Luke Kanies2008-05-051-9/+3
| | | | | | | | | | | | | | | | | | | | ...as far as I can tell. The client, however, is broken, since it used the old http_pool/ssl_support stuff, which no longer works. I have to port puppetd over to using the new ssl stuff, then I'll at least be able to verify that the master can still speak xmlrpc.
* | The REST infrastructure now correctly the SSL certificates.Luke Kanies2008-05-052-740/+719
| | | | | | | | | | | | | | I don't think the whole thing is done, but at least the basic flows are in place. Now it's just a question of doing real-world tests and fleshing out the unit tests as necessary.
* | Fixing the webrick integration tests to use the newly-functionalLuke Kanies2008-05-051-1/+7
| | | | | | | | SSL code.
* | The Certificate Authority now automatically creates a CRL when appropriate.Luke Kanies2008-05-052-16/+51
| | | | | | | | This requires less setup and configuration on the part of the user.
* | The Settings class now clears the 'used' sections when a value is changed.Luke Kanies2008-05-051-0/+5
| | | | | | | | | | | | | | | | | | This makes is so that if you, for instance, reset the vardir, then the next time an initialization call is made, we reuse any previously used sections, thus (hopefully) correctly creating any newly needed directories. This is mostly helpful during testing.
* | The http pool manager now uses new-style certificate management.Luke Kanies2008-05-051-94/+72
| | | | | | | | | | It uses an instance of SSL::Host for getting its certificate and ssl store.
* | Fixing some tests that were insufficiently mocking their configurations.Luke Kanies2008-05-052-0/+8
| | | | | | | | These were still writing to ~.
* | Fixing a critical problem in how CRLs were saved and moving SSL Store ↵Luke Kanies2008-05-054-67/+134
| | | | | | | | | | | | | | | | | | | | | | | | | | | | responsibilities to the SSL::Host class. I was previously saving invalid CRLs unless they'd had a revocation done in them; this commit fixes them so that they're always valid. Also, I've added to SSL::Host the ability to generate a valid SSL Store, suitable for validation. This is now used by Webrick and can be used by the http clients, too. This should have been two commits, but I'm kind of down the rabbit hole ATM.
* | The SSL::Host class now uses the CA to generate its certificate when ↵Luke Kanies2008-05-051-3/+24
| | | | | | | | | | | | | | | | appropriate. It uses the CA singleton method to determine whether it's on valid CA host, and if so, uses the CA instance to sign its generated CSR.
* | The CA now initializes itself.Luke Kanies2008-05-052-11/+80
| | | | | | | | | | | | | | I realized that it never made sense to have a CA that didn't know how to initialize itself, so we now have a singleton method for the CA, and it also automatically initializes itself.
* | Switched puppetmasterd to use the new-style server plumbing.Luke Kanies2008-05-022-1/+12
| | | | | | | | | | | | | | | | The code is much cleaner, and it seems to be mostly functional, but we have to pick a strategy for signing the host's certificate on first startup. Also, I haven't actually done end-to-end testing yet, which needs the certs working first.
* | Adding xmlrpc backward compatibility to the new Mongrel code.Luke Kanies2008-05-022-11/+38
| |
* | Adding xmlrpc support to webrick.Luke Kanies2008-05-023-39/+95
| | | | | | | | | | This provides the backward compatibility for webrick, and only Mongrel is left.
* | Adding configuration support for XMLRPC handlers.Luke Kanies2008-05-021-118/+218
| | | | | | | | | | | | | | | | | | This provides the interface for configuring backward compatibility in the new-style server code. It requires a completely different configuration step, in that REST and xmlrpc handlers are configured separately, rather than using the same handler names, but this was considered less evil than having a large abstraction layer for specifying how the handlers are related.
* | I think I've now got the Webrick SSL support working.Luke Kanies2008-04-285-9/+48
| | | | | | | | | | Now I just need to get xmlrpc working alongside REST in both mongrel and webrick.
* | Interim commit, since I want to work but have no network available.Luke Kanies2008-04-283-58/+224
| |
* | Merge branch '0.24.x'Luke Kanies2008-04-211-8/+8
|\| | | | | | | | | | | Conflicts: bin/puppetca
| * Fixed some tests broken by #1176James Turnbull2008-04-191-8/+8
| |
* | Changing the File certificate terminus so that itLuke Kanies2008-04-211-2/+2
| | | | | | | | | | | | | | saves to the :localcacert instead of :cacert. This way the :ca terminus saves to :cacert and the :file terminus saves to :localcacert.
* | Renaming the 'ca_file' ssl terminus type to 'ca'.Luke Kanies2008-04-215-22/+22
| |
* | Temporarily disabling the revoke/verify test in the CA.Luke Kanies2008-04-191-3/+5
| | | | | | | | | | It looks like it's not taking the CRL into account, so I can't seem to actually get a cert to fail verification.
* | Fixing how the CRL is used for certificate verification.Luke Kanies2008-04-191-2/+2
| | | | | | | | | | | | | | | | The CRL was not correctly being added to the Store used for verification. It does not appear to be working, though, since revoked certificates still pass verification.
* | Added an Interface class to the CA to model puppetca's usage.Luke Kanies2008-04-192-3/+285
| | | | | | | | | | | | | | | | | | | | This class provides all of the semantics from puppetca, and appears to entirely duplicate the behaviour of the existing executable, with basically all of the code in a library file, instead of the executable. As such, I've deleted the test for the executable. We should have one, but it's not nearly as important.
* | Making the SSL::Host's destroy method a class method,Luke Kanies2008-04-191-16/+30
| | | | | | | | rather than an instance method.
* | Adding the last functionality needed for puppetca to use the Indirector.Luke Kanies2008-04-191-0/+20
| | | | | | | | | | | | | | This commit adds 'list' and 'print' support to the CA. They're mostly delegator methods, but now the CA should be the sole interface for puppetca.
* | Finishing the interface between the CA and the CRL.Luke Kanies2008-04-195-28/+277
| | | | | | | | | | | | Certificate revocation now works, the CA knows how to generate the CRL, and the SSL::Host class knows how to configure the CRL class for indirection.
* | Adding inventory support to the new certificate authority.Luke Kanies2008-04-182-3/+22
| | | | | | | | | | The new-style CA now keeps track of all of its signed certificates in its inventory file.
* | Adding support within the inventory for real certs or Puppet cert wrappers.Luke Kanies2008-04-181-0/+12
| |
* | Changing the Inventory class to rebuild when theLuke Kanies2008-04-181-40/+45
| | | | | | | | first cert is added, so it's easier to test.
* | Adding an SSl::Inventory class for managing the ssl inventory.Luke Kanies2008-04-181-0/+136
| | | | | | | | | | This models the existing Inventory module in the sslcertificates/ directory, but does so as an instance, rather than a module.
generated by cgit (git 2.34.1) at 2025-10-02 10:16:44 +0000