diff --git a/lib/puppet/network/http_pool.rb b/lib/puppet/network/http_pool.rb index 884cf8055..8c2783d36 100644 --- a/lib/puppet/network/http_pool.rb +++ b/lib/puppet/network/http_pool.rb @@ -1,62 +1,62 @@ require 'puppet/network/http/connection' module Puppet::Network; end # This module contains the factory methods that should be used for getting a # {Puppet::Network::HTTP::Connection} instance. # # @note The name "HttpPool" is a misnomer, and a leftover of history, but we would # like to make this cache connections in the future. # # @api public # module Puppet::Network::HttpPool @http_client_class = Puppet::Network::HTTP::Connection def self.http_client_class @http_client_class end - def self.set_http_client_class(clazz) - @http_client_class = clazz + def self.http_client_class=(klass) + @http_client_class = klass end # Retrieve a connection for the given host and port. # # @param host [String] The hostname to connect to # @param port [Integer] The port on the host to connect to # @param use_ssl [Boolean] Whether to use an SSL connection # @param verify_peer [Boolean] Whether to verify the peer credentials, if possible. Verification will not take place if the CA certificate is missing. # @return [Puppet::Network::HTTP::Connection] # # @api public # def self.http_instance(host, port, use_ssl = true, verify_peer = true) verifier = if verify_peer Puppet::SSL::Validator.default_validator() else Puppet::SSL::Validator.no_validator() end http_client_class.new(host, port, :use_ssl => use_ssl, :verify => verifier) end # Get an http connection that will be secured with SSL and have the # connection verified with the given verifier # # @param host [String] the DNS name to connect to # @param port [Integer] the port to connect to # @param verifier [#setup_connection, #peer_certs, #verify_errors] An object that will setup the appropriate # verification on a Net::HTTP instance and report any errors and the certificates used. # @return [Puppet::Network::HTTP::Connection] # # @api public # def self.http_ssl_instance(host, port, verifier = Puppet::SSL::Validator.default_validator()) http_client_class.new(host, port, :use_ssl => true, :verify => verifier) end end diff --git a/spec/unit/network/http_pool_spec.rb b/spec/unit/network/http_pool_spec.rb index 154a147f3..d8b84232e 100755 --- a/spec/unit/network/http_pool_spec.rb +++ b/spec/unit/network/http_pool_spec.rb @@ -1,95 +1,95 @@ #! /usr/bin/env ruby require 'spec_helper' require 'puppet/network/http_pool' describe Puppet::Network::HttpPool do before :each do Puppet::SSL::Key.indirection.terminus_class = :memory Puppet::SSL::CertificateRequest.indirection.terminus_class = :memory end describe "when managing http instances" do it "should return an http instance created with the passed host and port" do http = Puppet::Network::HttpPool.http_instance("me", 54321) http.should be_an_instance_of Puppet::Network::HTTP::Connection http.address.should == 'me' http.port.should == 54321 end it "should support using an alternate http client implementation" do begin class FooClient def initialize(host, port, options = {}) @host = host @port = port end attr_reader :host, :port end orig_class = Puppet::Network::HttpPool.http_client_class - Puppet::Network::HttpPool.set_http_client_class(FooClient) + Puppet::Network::HttpPool.http_client_class = FooClient http = Puppet::Network::HttpPool.http_instance("me", 54321) http.should be_an_instance_of FooClient http.host.should == 'me' http.port.should == 54321 ensure - Puppet::Network::HttpPool.set_http_client_class(orig_class) + Puppet::Network::HttpPool.http_client_class = orig_class end end it "should enable ssl on the http instance by default" do Puppet::Network::HttpPool.http_instance("me", 54321).should be_use_ssl end it "can set ssl using an option" do Puppet::Network::HttpPool.http_instance("me", 54321, false).should_not be_use_ssl Puppet::Network::HttpPool.http_instance("me", 54321, true).should be_use_ssl end describe 'peer verification' do def setup_standard_ssl_configuration ca_cert_file = File.expand_path('/path/to/ssl/certs/ca_cert.pem') Puppet[:ssl_client_ca_auth] = ca_cert_file Puppet::FileSystem.stubs(:exist?).with(ca_cert_file).returns(true) end def setup_standard_hostcert host_cert_file = File.expand_path('/path/to/ssl/certs/host_cert.pem') Puppet::FileSystem.stubs(:exist?).with(host_cert_file).returns(true) Puppet[:hostcert] = host_cert_file end def setup_standard_ssl_host cert = stub('cert', :content => 'real_cert') key = stub('key', :content => 'real_key') host = stub('host', :certificate => cert, :key => key, :ssl_store => stub('store')) Puppet::SSL::Host.stubs(:localhost).returns(host) end before do setup_standard_ssl_configuration setup_standard_hostcert setup_standard_ssl_host end it 'can enable peer verification' do Puppet::Network::HttpPool.http_instance("me", 54321, true, true).send(:connection).verify_mode.should == OpenSSL::SSL::VERIFY_PEER end it 'can disable peer verification' do Puppet::Network::HttpPool.http_instance("me", 54321, true, false).send(:connection).verify_mode.should == OpenSSL::SSL::VERIFY_NONE end end it "should not cache http instances" do Puppet::Network::HttpPool.http_instance("me", 54321). should_not equal(Puppet::Network::HttpPool.http_instance("me", 54321)) end end end