Issue #17879 has been updated by Jeff McCune.
Just as an update on this bug, we think we've fixed this in #15561 The Puppet 3.2 release will have this fix included. -Jeff ---------------------------------------- Bug #17879: extract cert name properly from subject DN https://projects.puppetlabs.com/issues/17879#change-87970 * Author: Yuri Arabadji * Status: Duplicate * Priority: High * Assignee: * Category: * Target version: * Affected Puppet version: * Keywords: * Branch: ---------------------------------------- You owe me $200 for my time on debugging this. Hi. --- /usr/local/rvm/gems/ruby-1.9.3-p286@puppet30/gems/puppet-3.0.1/lib/puppet/ssl/base.rb.orig 2012-11-30 10:23:24.531533928 -0500 +++ /usr/local/rvm/gems/ruby-1.9.3-p286@puppet30/gems/puppet-3.0.1/lib/puppet/ssl/base.rb 2012-11-30 10:35:25.653400099 -0500 @@ -49,7 +49,9 @@ # Method to extract a 'name' from the subject of a certificate def self.name_from_subject(subject) - subject.to_s.sub(/\/CN=/i, '') + if triplet = subject.to_a.find {|name, data, type| name == 'CN' } + triplet[1] + end end # Create an instance of our Puppet::SSL::* class using a given instance of the wrapped class Otherwise subject DN /O=Organization/OU=Something/CN=host.name.com will be converted into some mess and fail validation with exception being thrown right in the middle of the code that doesn't expect it. So don't be shy, make connection.verify_callback block catch the exception and actually raise SSLError or the like and actually fill in the error message (class not found, name incorrect and such). That's all for now, dears. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
