Skip to content

Instantly share code, notes, and snippets.

@niw

niw/puppet.rb

Last active December 19, 2015 11:09
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save niw/5945787 to your computer and use it in GitHub Desktop.
Save niw/5945787 to your computer and use it in GitHub Desktop.
Download ZIP
Non-SSL Puppet command. Just insecure.
Raw
puppet.rb
#!/usr/bin/env ruby
# Puppet command running without SSL. Try:
# $ ruby puppet.rb master --debug --no-daemonize --logdest console
# $ ruby puppet.rb agent --server 127.0.0.1 --debug --no-daemonize --onetime --noop
require "puppet/util/command_line"
require "puppet/network/http/connection"
require "puppet/network/http/webrick"
module Puppet::Network::HTTP
CERTNAME_HEADER = "Puppet-Certname"
# See /lib/puppet/network/http/connection.rb
class Connection
# Non-SSL Net::HTTP Client
class HTTP < ::Net::HTTP
def use_ssl=(a)
false
end
def use_ssl?
false
end
# See /lib/net/http.rb
def request(req, *args, &block)
# Inject Puppet-Certname HTTP header
req[CERTNAME_HEADER] = Puppet[:certname]
super
end
end
def cert_setup; end
def request(method, *args)
connection.send(method, *args)
end
def create_connection(*args)
HTTP.new(*args)
end
end
# Non-SSL WEBrick handler
# See /lib/puppet/network/http/webrick/rest.rb
class WEBrickREST
def client_cert(request); end
def client_information(request)
# Use CN in Puppet-Certname header.
{
:ip => request.peeraddr && request.peeraddr[3],
:node => request[CERTNAME_HEADER],
:authenticated => true
}
end
end
# Append SSLServer and SSLSocket compatible methods
# used in Puppet::Network::HTTP::WEBrick to avoid NoMethodError.
class ::TCPServer
def start_immediately=(a); end
end
class ::TCPSocket
def accept; end
end
# Non-SSL WEBrick server
# See /lib/puppet/network/http/webrick.rb
class WEBrick
def setup_ssl
{}
end
end
end
Puppet::Util::CommandLine.new.execute
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment