[Pkg-puppet-devel] [SCM] Puppet packaging for Debian branch, upstream, updated. puppet-0.24.5-rc3-1601-gf8c1b08

James Turnbull james at lovedthanlost.net
Fri Jan 15 09:08:23 UTC 2010 

The following commit has been merged in the upstream branch:
commit e4bb5294d9e13d73a87b79c65039e2f6a15b2815
Author: Markus Roberts <Markus at reality.com>
Date:   Mon Dec 21 16:45:54 2009 -0800

    Fix for #2967 (RFC-1123 problem and regression on wildcarded domains)
    
    The core bug here was a regression introduced by my IPv6 patch.
    Wildcarded domains are stored as ["com","reductivelabs","*"] but
    the code in question was assuming it was in normal order.
    
    Added tests to prevet recurrence.
    
    Signed-off-by: Markus Roberts <Markus at reality.com>

diff --git a/lib/puppet/network/authstore.rb b/lib/puppet/network/authstore.rb
index 796d3d8..a7029a0 100755
--- a/lib/puppet/network/authstore.rb
+++ b/lib/puppet/network/authstore.rb
@@ -240,7 +240,7 @@ module Puppet
                     # Change to /^(\w[-\w]*\.)+[-\w]+\.?$/ for FQDN support
                     [:domain,:exact,nil,munge_name(value)]
                 when /^\*(\.(\w[-\w]*)){1,}$/                             # *.domain.com
-                    host_sans_star = munge_name(value)[1..-1]
+                    host_sans_star = munge_name(value)[0..-2]
                     [:domain,:inexact,host_sans_star.length,host_sans_star]
                 when /\$\d+/                                              # a backreference pattern ala $1.reductivelabs.com or 192.168.0.$1 or $1.$2
                     [:dynamic,:exact,nil,munge_name(value)]
diff --git a/spec/unit/network/authstore.rb b/spec/unit/network/authstore.rb
index c822c90..58eb926 100644
--- a/spec/unit/network/authstore.rb
+++ b/spec/unit/network/authstore.rb
@@ -278,6 +278,28 @@ describe Puppet::Network::AuthStore::Declaration do
         end
     }
 
+    ['abc.12seps.edu.phisher.biz','www.google.com','slashdot.org'].each { |host|
+        (1...(host.split('.').length)).each { |n|
+            describe "when the pattern is #{"*."+host.split('.')[-n,n].join('.')}" do
+                before :each do
+                    @pattern = "*."+host.split('.')[-n,n].join('.')
+                    @declaration = Puppet::Network::AuthStore::Declaration.new(:allow, at pattern)
+                end
+                it "should match #{host}" do
+                    @declaration.should be_match(host,'1.2.3.4')
+                end
+                it "should not match www.testsite.gov" do
+                    @declaration.should_not be_match('www.testsite.gov','200.101.99.98')
+                end
+                it "should not match hosts that differ in the first non-wildcard segment" do
+                    other = host.split('.')
+                    other[-n].succ!
+                    @declaration.should_not be_match(other.join('.'),'1.2.3.4')
+                end
+            end
+        }
+    }
+
     describe "when the pattern is a FQDN" do
         before :each do
             @host = 'spirit.mars.nasa.gov.'

-- 
Puppet packaging for Debian

More information about the Pkg-puppet-devel mailing list