+1 On Apr 28, 2009, at 3:41 PM, Christian Hofstaedtler wrote:
> > From: Christian Hofstaedtler <[email protected]> > > > Signed-off-by: Christian Hofstaedtler <[email protected]> > --- > lib/puppet/network/http/rack/xmlrpc.rb | 46 ++++++++++ > spec/unit/network/http/rack/xmlrpc.rb | 156 +++++++++++++++++++++++ > +++++++++ > 2 files changed, 202 insertions(+), 0 deletions(-) > create mode 100644 lib/puppet/network/http/rack/xmlrpc.rb > create mode 100755 spec/unit/network/http/rack/xmlrpc.rb > > diff --git a/lib/puppet/network/http/rack/xmlrpc.rb b/lib/puppet/ > network/http/rack/xmlrpc.rb > new file mode 100644 > index 0000000..88a3c5a > --- /dev/null > +++ b/lib/puppet/network/http/rack/xmlrpc.rb > @@ -0,0 +1,46 @@ > +require 'puppet/network/http/rack/httphandler' > +require 'puppet/network/xmlrpc/server' > + > +class Puppet::Network::HTTP::RackXMLRPC < > Puppet::Network::HTTP::RackHttpHandler > + def initialize(handlers) > + @xmlrpc_server = Puppet::Network::XMLRPCServer.new > + handlers.each do |name| > + Puppet.debug " -> register xmlrpc namespace %s" % name > + unless handler = Puppet::Network::Handler.handler(name) > + raise ArgumentError, "Invalid XMLRPC handler %s" % > name > + end > + @xmlrpc_server.add_handler(handler.interface, > handler.new({})) > + end > + super() > + end > + > + def process(request, response) > + # errors are sent as text/plain > + response['Content-Type'] = 'text/plain' > + if not request.post? then > + response.status = 405 > + response.write 'Method Not Allowed' > + return > + end > + if request.media_type() != "text/xml" then > + response.status = 400 > + response.write 'Bad Request' > + return > + end > + > + # get auth/certificate data > + info = extract_client_info(request) > + if not info[:node] > + info[:node] = nil > + end > + info = Puppet::Network::ClientRequest.new(info[:node], > info[:ip], info[:authenticated]) > + > + response_body = @xmlrpc_server.process(request.body, info) > + > + response.status = 200 > + response['Content-Type'] = 'text/xml; charset=utf-8' > + response.write response_body > + end > + > +end > + > diff --git a/spec/unit/network/http/rack/xmlrpc.rb b/spec/unit/ > network/http/rack/xmlrpc.rb > new file mode 100755 > index 0000000..d3d2235 > --- /dev/null > +++ b/spec/unit/network/http/rack/xmlrpc.rb > @@ -0,0 +1,156 @@ > +#!/usr/bin/env ruby > + > +require File.dirname(__FILE__) + '/../../../../spec_helper' > +require 'puppet/network/http/rack' > +require 'puppet/network/http/rack/xmlrpc' > + > +describe "Puppet::Network::HTTP::RackXMLRPC" do > + confine "Rack is not available" => Puppet.features.rack? > + > + describe "when initializing" do > + it "should create an Puppet::Network::XMLRPCServer" do > + Puppet::Network::XMLRPCServer.expects(:new).returns > stub_everything > + Puppet::Network::HTTP::RackXMLRPC.new([]) > + end > + > + it "should create each handler" do > + handler = stub_everything 'handler' > + > Puppet::Network::XMLRPCServer.any_instance.stubs(:add_handler) > + > Puppet::Network::Handler.expects(:handler).returns(handler).times(2) > + Puppet::Network::HTTP::RackXMLRPC.new([:foo, :bar]) > + end > + > + it "should add each handler to the XMLRPCserver" do > + handler = stub_everything 'handler' > + Puppet::Network::Handler.stubs(:handler).returns(handler) > + > Puppet > ::Network::XMLRPCServer.any_instance.expects(:add_handler).times(2) > + Puppet::Network::HTTP::RackXMLRPC.new([:foo, :bar]) > + end > + end > + > + describe "when serving a request" do > + > + before :each do > + foo_handler = stub_everything 'foo_handler' > + > Puppet::Network::Handler.stubs(:handler).with(:foo).returns > foo_handler > + > Puppet::Network::XMLRPCServer.any_instance.stubs(:add_handler) > + > Puppet > ::Network::XMLRPCServer.any_instance.stubs(:process).returns('<xml/>') > + @handler = Puppet::Network::HTTP::RackXMLRPC.new([:foo]) > + end > + > + before :each do > + @response = Rack::Response.new() > + end > + > + def mk_req(opts = {}) > + opts[:method] = 'POST' if !opts[:method] > + opts['CONTENT_TYPE'] = 'text/xml; foo=bar' if ! > opts['CONTENT_TYPE'] > + env = Rack::MockRequest.env_for('/RPC2', opts) > + Rack::Request.new(env) > + end > + > + it "should reject non-POST requests" do > + req = mk_req :method => 'PUT' > + @handler.process(req, @response) > + @response.status.should == 405 > + end > + > + it "should reject non text/xml requests" do > + req = mk_req 'CONTENT_TYPE' => 'yadda/plain' > + end > + > + it "should create a ClientRequest" do > + cr = Puppet::Network::ClientRequest.new(nil, > '127.0.0.1', false) > + Puppet::Network::ClientRequest.expects(:new).returns cr > + req = mk_req > + @handler.process(req, @response) > + end > + > + it "should let xmlrpcserver process the request" do > + > Puppet > ::Network::XMLRPCServer.any_instance.expects(:process).returns('yay') > + req = mk_req > + @handler.process(req, @response) > + end > + > + it "should report the response as OK" do > + req = mk_req > + @handler.process(req, @response) > + @response.status.should == 200 > + end > + > + it "should report the response with the correct content > type" do > + req = mk_req > + @handler.process(req, @response) > + @response['Content-Type'].should == 'text/xml; > charset=utf-8' > + end > + > + it "should set 'authenticated' to false if no certificate > is present" do > + req = mk_req > + Puppet::Network::ClientRequest.expects(:new).with() { | > node,ip,authenticated| authenticated == false } > + @handler.process(req, @response) > + end > + > + it "should use the client's ip address" do > + req = mk_req 'REMOTE_ADDR' => 'ipaddress' > + Puppet::Network::ClientRequest.expects(:new).with() { | > node,ip,authenticated| ip == 'ipaddress' } > + @handler.process(req, @response) > + end > + > + describe "with pre-validated certificates" do > + > + it "should use the :ssl_client_header to determine the > parameter when looking for the certificate" do > + Puppet.settings.stubs(:value).returns "eh" > + > Puppet.settings.expects(:value).with(:ssl_client_header).returns > "myheader" > + req = mk_req "myheader" => "/CN=host.domain.com" > + @handler.process(req, @response) > + end > + > + it "should retrieve the hostname by matching the > certificate parameter" do > + Puppet.settings.stubs(:value).returns "eh" > + > Puppet.settings.expects(:value).with(:ssl_client_header).returns > "myheader" > + Puppet::Network::ClientRequest.expects(:new).with() > { |node,ip,authenticated| node == "host.domain.com" } > + req = mk_req "myheader" => "/CN=host.domain.com" > + @handler.process(req, @response) > + end > + > + it "should use the :ssl_client_header to determine the > parameter for checking whether the host certificate is valid" do > + > Puppet.settings.stubs(:value).with(:ssl_client_header).returns > "certheader" > + > Puppet > .settings.expects(:value).with(:ssl_client_verify_header).returns > "myheader" > + req = mk_req "myheader" => "SUCCESS", "certheader" > => "/CN=host.domain.com" > + @handler.process(req, @response) > + end > + > + it "should consider the host authenticated if the > validity parameter contains 'SUCCESS'" do > + > Puppet.settings.stubs(:value).with(:ssl_client_header).returns > "certheader" > + > Puppet > .settings.stubs(:value).with(:ssl_client_verify_header).returns > "myheader" > + Puppet::Network::ClientRequest.expects(:new).with() > { |node,ip,authenticated| authenticated == true } > + req = mk_req "myheader" => "SUCCESS", "certheader" > => "/CN=host.domain.com" > + @handler.process(req, @response) > + end > + > + it "should consider the host unauthenticated if the > validity parameter does not contain 'SUCCESS'" do > + > Puppet.settings.stubs(:value).with(:ssl_client_header).returns > "certheader" > + > Puppet > .settings.stubs(:value).with(:ssl_client_verify_header).returns > "myheader" > + Puppet::Network::ClientRequest.expects(:new).with() > { |node,ip,authenticated| authenticated == false } > + req = mk_req "myheader" => "whatever", "certheader" > => "/CN=host.domain.com" > + @handler.process(req, @response) > + end > + > + it "should consider the host unauthenticated if no > certificate information is present" do > + > Puppet.settings.stubs(:value).with(:ssl_client_header).returns > "certheader" > + > Puppet > .settings.stubs(:value).with(:ssl_client_verify_header).returns > "myheader" > + Puppet::Network::ClientRequest.expects(:new).with() > { |node,ip,authenticated| authenticated == false } > + req = mk_req "myheader" => nil, "certheader" => "/ > CN=host.domain.com" > + @handler.process(req, @response) > + end > + > + it "should not have a node name if no certificate > information is present" do > + Puppet.settings.stubs(:value).returns "eh" > + > Puppet.settings.expects(:value).with(:ssl_client_header).returns > "myheader" > + Puppet::Network::ClientRequest.expects(:new).with() > { |node,ip,authenticated| node == nil } > + req = mk_req "myheader" => nil > + @handler.process(req, @response) > + end > + end > + end > +end > -- > 1.5.6.5 > > > > -- If a dog jumps onto your lap it is because he is fond of you; but if a cat does the same thing it is because your lap is warmer. -- Alfred North Whitehead --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en -~----------~----~----~----~------~----~------~--~---
