[Pkg-puppet-devel] [SCM] Puppet packaging for Debian branch, upstream, updated. 0.25.4-89-gcbbd363

James Turnbull james at lovedthanlost.net
Tue May 18 09:03:24 UTC 2010


The following commit has been merged in the upstream branch:
commit b473264fe76f92b8eddeed7175c4283c9f8484d2
Author: Jesse Wolfe <jes5199 at gmail.com>
Date:   Tue Dec 29 13:31:35 2009 -0800

    Fix #1842 Net::HTTP#enable_post_connection_check doesn't work anymore
    
    The setting enable_post_connection_check doesn't exist on very many
    versions of ruby, and on those systems there's no way to disable domain
    name checking on HTTPS.
    The recommended work-around is to replace certificates when they have
    incorrect hostnames.
    
    Signed-off-by: Jesse Wolfe <jes5199 at gmail.com>

diff --git a/lib/puppet/defaults.rb b/lib/puppet/defaults.rb
index 21cee7a..d4a5a18 100644
--- a/lib/puppet/defaults.rb
+++ b/lib/puppet/defaults.rb
@@ -159,9 +159,6 @@ module Puppet
             may need to use a FQDN for the server hostname when using a proxy."],
         :http_proxy_port => [3128,
             "The HTTP proxy port to use for outgoing connections"],
-        :http_enable_post_connection_check => [true,
-            "Boolean; whether or not puppetd should validate the server
-            SSL certificate against the request hostname."],
         :filetimeout => [ 15,
             "The minimum time to wait (in seconds) between checking for updates in
             configuration files.  This timeout determines how quickly Puppet checks whether
diff --git a/lib/puppet/network/http_pool.rb b/lib/puppet/network/http_pool.rb
index 6de204a..4789d47 100644
--- a/lib/puppet/network/http_pool.rb
+++ b/lib/puppet/network/http_pool.rb
@@ -94,8 +94,6 @@ module Puppet::Network::HttpPool
         # Use configured timeout (#1176)
         http.read_timeout = Puppet[:configtimeout]
         http.open_timeout = Puppet[:configtimeout]
-        # JJM Configurable fix for #896.
-        http.enable_post_connection_check = Puppet[:http_enable_post_connection_check]
 
         cert_setup(http)
 
diff --git a/spec/integration/indirector/certificate/rest.rb b/spec/integration/indirector/certificate/rest.rb
index 71ef443..a814e00 100755
--- a/spec/integration/indirector/certificate/rest.rb
+++ b/spec/integration/indirector/certificate/rest.rb
@@ -19,7 +19,6 @@ describe "Certificate REST Terminus" do
         Puppet.settings[:vardir] = @dir
         Puppet.settings[:server] = "127.0.0.1"
         Puppet.settings[:masterport] = "34343"
-        Puppet.settings[:http_enable_post_connection_check] = false
 
         Puppet::Util::Cacher.expire
 
diff --git a/spec/integration/indirector/certificate_request/rest.rb b/spec/integration/indirector/certificate_request/rest.rb
index 211188e..86fb1ba 100755
--- a/spec/integration/indirector/certificate_request/rest.rb
+++ b/spec/integration/indirector/certificate_request/rest.rb
@@ -21,7 +21,6 @@ describe "Certificate Request REST Terminus" do
         Puppet.settings[:vardir] = @dir
         Puppet.settings[:server] = "127.0.0.1"
         Puppet.settings[:masterport] = "34343"
-        Puppet.settings[:http_enable_post_connection_check] = false
 
         Puppet[:servertype] = 'webrick'
         Puppet[:server] = '127.0.0.1'
diff --git a/spec/integration/indirector/certificate_revocation_list/rest.rb b/spec/integration/indirector/certificate_revocation_list/rest.rb
index f308543..5c68467 100755
--- a/spec/integration/indirector/certificate_revocation_list/rest.rb
+++ b/spec/integration/indirector/certificate_revocation_list/rest.rb
@@ -19,7 +19,6 @@ describe "Certificate REST Terminus" do
         Puppet.settings[:vardir] = @dir
         Puppet.settings[:server] = "127.0.0.1"
         Puppet.settings[:masterport] = "34343"
-        Puppet.settings[:http_enable_post_connection_check] = false
 
         Puppet::Util::Cacher.expire
 
diff --git a/spec/integration/indirector/report/rest.rb b/spec/integration/indirector/report/rest.rb
index 6525065..a3894f9 100644
--- a/spec/integration/indirector/report/rest.rb
+++ b/spec/integration/indirector/report/rest.rb
@@ -19,7 +19,6 @@ describe "Report REST Terminus" do
         Puppet.settings[:vardir] = @dir
         Puppet.settings[:server] = "127.0.0.1"
         Puppet.settings[:masterport] = "34343"
-        Puppet.settings[:http_enable_post_connection_check] = false
 
         Puppet::Util::Cacher.expire
 
diff --git a/spec/integration/indirector/rest.rb b/spec/integration/indirector/rest.rb
index 077a74f..f4561c6 100755
--- a/spec/integration/indirector/rest.rb
+++ b/spec/integration/indirector/rest.rb
@@ -40,7 +40,6 @@ describe Puppet::Indirector::REST do
         Puppet.settings[:vardir] = @dir
         Puppet.settings[:server] = "127.0.0.1"
         Puppet.settings[:masterport] = "34343"
-        Puppet.settings[:http_enable_post_connection_check] = false
 
         Puppet::SSL::Host.ca_location = :local
 
diff --git a/spec/unit/network/http_pool.rb b/spec/unit/network/http_pool.rb
index 65f91ef..7fe55c5 100755
--- a/spec/unit/network/http_pool.rb
+++ b/spec/unit/network/http_pool.rb
@@ -36,7 +36,7 @@ describe Puppet::Network::HttpPool do
         end
 
         it "should return an http instance created with the passed host and port" do
-            http = stub 'http', :use_ssl= => nil, :read_timeout= => nil, :open_timeout= => nil, :enable_post_connection_check= => nil, :started? => false
+            http = stub 'http', :use_ssl= => nil, :read_timeout= => nil, :open_timeout= => nil, :started? => false
             Net::HTTP.expects(:new).with("me", 54321, nil, nil).returns(http)
             Puppet::Network::HttpPool.http_instance("me", 54321).should equal(http)
         end
@@ -53,16 +53,8 @@ describe Puppet::Network::HttpPool do
             Puppet::Network::HttpPool.http_instance("me", 54321).open_timeout.should == 120
         end
 
-        it "should default to http_enable_post_connection_check being enabled" do
-            Puppet.settings[:http_enable_post_connection_check].should be_true
-        end
-
-        it "should set enable_post_connection_check true " do
-            Puppet::Network::HttpPool.http_instance("me", 54321).instance_variable_get("@enable_post_connection_check").should be(Puppet.settings[:http_enable_post_connection_check])
-        end
-
         it "should create the http instance with the proxy host and port set if the http_proxy is not set to 'none'" do
-            stub_settings :http_proxy_host => "myhost", :http_proxy_port => 432, :configtimeout => 120, :http_enable_post_connection_check => true
+            stub_settings :http_proxy_host => "myhost", :http_proxy_port => 432, :configtimeout => 120
             Puppet::Network::HttpPool.http_instance("me", 54321).open_timeout.should == 120
         end
 
@@ -72,19 +64,19 @@ describe Puppet::Network::HttpPool do
             end
 
             it "should cache http instances" do
-                stub_settings :http_proxy_host => "myhost", :http_proxy_port => 432, :configtimeout => 120, :http_enable_post_connection_check => true
+                stub_settings :http_proxy_host => "myhost", :http_proxy_port => 432, :configtimeout => 120
                 old = Puppet::Network::HttpPool.http_instance("me", 54321)
                 Puppet::Network::HttpPool.http_instance("me", 54321).should equal(old)
             end
 
             it "should have a mechanism for getting a new http instance instead of the cached instance" do
-                stub_settings :http_proxy_host => "myhost", :http_proxy_port => 432, :configtimeout => 120, :http_enable_post_connection_check => true
+                stub_settings :http_proxy_host => "myhost", :http_proxy_port => 432, :configtimeout => 120
                 old = Puppet::Network::HttpPool.http_instance("me", 54321)
                 Puppet::Network::HttpPool.http_instance("me", 54321, true).should_not equal(old)
             end
 
             it "should close existing, open connections when requesting a new connection" do
-                stub_settings :http_proxy_host => "myhost", :http_proxy_port => 432, :configtimeout => 120, :http_enable_post_connection_check => true
+                stub_settings :http_proxy_host => "myhost", :http_proxy_port => 432, :configtimeout => 120
                 old = Puppet::Network::HttpPool.http_instance("me", 54321)
                 old.expects(:started?).returns(true)
                 old.expects(:finish)
@@ -92,7 +84,7 @@ describe Puppet::Network::HttpPool do
             end
 
             it "should have a mechanism for clearing the http cache" do
-                stub_settings :http_proxy_host => "myhost", :http_proxy_port => 432, :configtimeout => 120, :http_enable_post_connection_check => true
+                stub_settings :http_proxy_host => "myhost", :http_proxy_port => 432, :configtimeout => 120
                 old = Puppet::Network::HttpPool.http_instance("me", 54321)
                 Puppet::Network::HttpPool.http_instance("me", 54321).should equal(old)
                 old = Puppet::Network::HttpPool.http_instance("me", 54321)
@@ -101,7 +93,7 @@ describe Puppet::Network::HttpPool do
             end
 
             it "should close open http connections when clearing the cache" do
-                stub_settings :http_proxy_host => "myhost", :http_proxy_port => 432, :configtimeout => 120, :http_enable_post_connection_check => true
+                stub_settings :http_proxy_host => "myhost", :http_proxy_port => 432, :configtimeout => 120
                 one = Puppet::Network::HttpPool.http_instance("me", 54321)
                 one.expects(:started?).returns(true)
                 one.expects(:finish).returns(true)
@@ -109,7 +101,7 @@ describe Puppet::Network::HttpPool do
             end
 
             it "should not close unopened http connections when clearing the cache" do
-                stub_settings :http_proxy_host => "myhost", :http_proxy_port => 432, :configtimeout => 120, :http_enable_post_connection_check => true
+                stub_settings :http_proxy_host => "myhost", :http_proxy_port => 432, :configtimeout => 120
                 one = Puppet::Network::HttpPool.http_instance("me", 54321)
                 one.expects(:started?).returns(false)
                 one.expects(:finish).never
@@ -123,7 +115,7 @@ describe Puppet::Network::HttpPool do
             end
 
             it "should not cache http instances" do
-                stub_settings :http_proxy_host => "myhost", :http_proxy_port => 432, :configtimeout => 120, :http_enable_post_connection_check => true
+                stub_settings :http_proxy_host => "myhost", :http_proxy_port => 432, :configtimeout => 120
                 old = Puppet::Network::HttpPool.http_instance("me", 54321)
                 Puppet::Network::HttpPool.http_instance("me", 54321).should_not equal(old)
             end

-- 
Puppet packaging for Debian



More information about the Pkg-puppet-devel mailing list