Issue #12501 has been reported by Jascha Lee. ---------------------------------------- Bug #12501: Certificate CN parsing is broken https://projects.puppetlabs.com/issues/12501
Author: Jascha Lee Status: Unreviewed Priority: Normal Assignee: Category: Target version: Affected Puppet version: 2.6.6 Keywords: Branch: In lib/puppet/network/http/rack/rest.rb, the regex to extract the Common Name (CN) from a cert has an unterminated pattern that will only work if the CN comes last in the Subject: line. If it doesn't come last, the pattern will also match everything after it causing the client to not be authenticated: dn_matchdata = dn.match(/^.*?CN\s*=\s*(.*)/) err: Could not retrieve catalog from remote server: Error 403 on SERVER: Forbidden request: hostname.tivo.com/O=TiVo Inc./OU=IT/L=Alviso/ST=California/C=US(x.x.x.x) access to /catalog/hostname.tivo.com [find] authenticated at line 52 -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
