From aaf5959fe3e9ff90d7288bb1ba8805bad2e7d05a Mon Sep 17 00:00:00 2001 From: luke Date: Mon, 6 Aug 2007 20:05:28 +0000 Subject: Adding test support for the other mongrel configuration header git-svn-id: https://reductivelabs.com/svn/puppet/trunk@2752 980ebf18-57e1-0310-9a29-db15c13687c0 --- lib/puppet/configuration.rb | 4 ++++ lib/puppet/network/server/mongrel.rb | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/puppet/configuration.rb b/lib/puppet/configuration.rb index 79ada647b..65e0d9fa8 100644 --- a/lib/puppet/configuration.rb +++ b/lib/puppet/configuration.rb @@ -313,6 +313,10 @@ module Puppet :ssl_client_header => ["HTTP_X_CLIENT_DN", "The header containing an authenticated client's SSL DN. Only used with Mongrel. This header must be set by the proxy to the authenticated client's SSL DN (e.g., ``/CN=puppet.reductivelabs.com``). + See the `UsingMongrel`:trac: wiki page for more information."], + :ssl_client_verify_header => ["HTTP_X_CLIENT_VERIFY", "The header containing the status + message of the client verification. Only used with Mongrel. This header must be set by the proxy + to 'SUCCESS' if the client successfully authenticated, and anything else otherwise. See the `UsingMongrel`:trac: wiki page for more information."] ) diff --git a/lib/puppet/network/server/mongrel.rb b/lib/puppet/network/server/mongrel.rb index 37a10d348..5bce40756 100644 --- a/lib/puppet/network/server/mongrel.rb +++ b/lib/puppet/network/server/mongrel.rb @@ -118,7 +118,7 @@ module Puppet::Network ip = params["REMOTE_ADDR"] if dn = params[Puppet[:ssl_client_header]] and dn.include?("/CN=") client = dn.sub("/CN=", '') - valid = (params["HTTP_X_CLIENT_VERIFY"] == 'SUCCESS') + valid = (params[Puppet[:ssl_client_verify_header]] == 'SUCCESS') else client = Resolv.getname(ip) valid = false -- cgit