On 20/05/09 20:25, Brice Figureau wrote: > On 20/05/09 18:37, Tom Santos wrote: >> I just checked up on this bug and it looks like they checked in a fix >> on May 11. I don't know if it fixes your Puppet woes but I was >> thinking of trying to run Puppet with JRuby myself (and haven't got >> around to it yet). Here's the JRuby git repo, if you want to try it >> out: >> >> git://github.com/jruby/jruby.git > > Yes, I know since I started the whole thing :-) > > If you try you'll soon end with the same issues I got, namely: > > * more fcntl glitches (it appears Jruby doesn't implement completely > fcntl, and the part which is implemented is wrong. I have a JRuby dirty > patch for this issue, so when I'll have time to clean it up, I'll submit > it upstream).
Good news, this has been fixed in latest jruby HEAD. (make sure to get the latest HEAD if you don't want to get your feet in: http://jira.codehaus.org/browse/JRUBY-3683) > * jruby openssl doesn't support certs with serial = 0 (I have yet to > send a Puppet patch for this) I have a trivial patch pending for this. > * then the next issue (which I didn't solve yet) is a strange ssl > errors, which I'm copying here for reference: > info: Creating a new SSL key for ca > info: Creating a new SSL certificate request for ca > notice: Signed certificate request for ca > notice: Rebuilding inventory file > err: Cached certificate for ca failed: > 2.5.29.14 = à«Do);r›qÿÑ´Èõj«î: illegal hex > digit This one has been fixed in jruby-openssl 0.5. Unfortunately there are still some missing bits in jruby-openssl to allow puppet to fully run. Up to now I identified: * OpenSSL::X509::Certificate#check_private_key is not implemented, but should be easy to add. I removed this non-essential call in puppet just to progress. * Request.to_pem is not implemented (I have a jruby-openssl patch for this one, which was trivial) * OpenSSL::X509..Store#add_file is not implemented (I'll try to code this later this week). There is still some work on jruby-openssl before we can run fully the master. Hopefully, once all the missing SSL bits will be implemented, I don't expect any new issues :-) -- Brice Figureau http://www.masterzen.fr/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en -~----------~----~----~----~------~----~------~--~---
