Class: Puppet::Network::HTTP::WEBrick
- Defined in:
- lib/puppet/network/http/webrick.rb
Constant Summary collapse
- CIPHERS =
"EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA"
Instance Method Summary collapse
- #create_server(address, port) ⇒ Object private
-
#initialize ⇒ WEBrick
constructor
A new instance of WEBrick.
- #listen(address, port) ⇒ Object
- #listening? ⇒ Boolean
-
#setup_logger ⇒ Object
Configure our http log file.
-
#setup_ssl ⇒ Object
Add all of the ssl cert information.
- #unlisten ⇒ Object
- #wait_for_shutdown ⇒ Object
Constructor Details
#initialize ⇒ WEBrick
Returns a new instance of WEBrick.
13 14 15 |
# File 'lib/puppet/network/http/webrick.rb', line 13 def initialize @listening = false end |
Instance Method Details
#create_server(address, port) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
56 57 58 59 60 61 62 63 64 65 66 |
# File 'lib/puppet/network/http/webrick.rb', line 56 def create_server(address, port) arguments = {:BindAddress => address, :Port => port, :DoNotReverseLookup => true} arguments.merge!(setup_logger) arguments.merge!(setup_ssl) BasicSocket.do_not_reverse_lookup = true server = WEBrick::HTTPServer.new(arguments) server.ssl_context.ciphers = CIPHERS server end |
#listen(address, port) ⇒ Object
17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
# File 'lib/puppet/network/http/webrick.rb', line 17 def listen(address, port) @server = create_server(address, port) @server.listeners.each { |l| l.start_immediately = false } @server.mount('/', Puppet::Network::HTTP::WEBrickREST) raise _("WEBrick server is already listening") if @listening @listening = true @thread = Thread.new do @server.start do |sock| timeout = 10.0 if ! IO.select([sock],nil,nil,timeout) raise _("Client did not send data within %.1f seconds of connecting") % timeout end sock.accept @server.run(sock) end end sleep 0.1 until @server.status == :Running end |
#listening? ⇒ Boolean
47 48 49 |
# File 'lib/puppet/network/http/webrick.rb', line 47 def listening? @listening end |
#setup_logger ⇒ Object
Configure our http log file.
69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 |
# File 'lib/puppet/network/http/webrick.rb', line 69 def setup_logger # Make sure the settings are all ready for us. Puppet.settings.use(:main, :ssl, :application) file = Puppet[:masterhttplog] # open the log manually to prevent file descriptor leak # webrick logged strings may contain UTF-8 file_io = ::File.open(file, "a+:UTF-8") file_io.sync = true if defined?(Fcntl::FD_CLOEXEC) file_io.fcntl(Fcntl::F_SETFD, Fcntl::FD_CLOEXEC) end args = [file_io] args << WEBrick::Log::DEBUG if Puppet::Util::Log.level == :debug logger = WEBrick::Log.new(*args) return :Logger => logger, :AccessLog => [ [logger, WEBrick::AccessLog::COMMON_LOG_FORMAT ], [logger, WEBrick::AccessLog::REFERER_LOG_FORMAT ] ] end |
#setup_ssl ⇒ Object
Add all of the ssl cert information.
94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 |
# File 'lib/puppet/network/http/webrick.rb', line 94 def setup_ssl results = {} # Get the cached copy. We know it's been generated, too. host = Puppet::SSL::Host.localhost raise Puppet::Error, _("Could not retrieve certificate for %{host} and not running on a valid certificate authority") % { value0: host.name } unless host.certificate results[:SSLPrivateKey] = host.key.content results[:SSLCertificate] = host.certificate.content results[:SSLStartImmediately] = true results[:SSLEnable] = true results[:SSLOptions] = OpenSSL::SSL::OP_NO_SSLv2 | OpenSSL::SSL::OP_NO_SSLv3 raise Puppet::Error, _("Could not find CA certificate") unless Puppet::SSL::Certificate.indirection.find(Puppet::SSL::CA_NAME) results[:SSLCACertificateFile] = ssl_configuration.ca_auth_file results[:SSLVerifyClient] = OpenSSL::SSL::VERIFY_PEER results[:SSLCertificateStore] = host.ssl_store results end |
#unlisten ⇒ Object
39 40 41 42 43 44 45 |
# File 'lib/puppet/network/http/webrick.rb', line 39 def unlisten raise _("WEBrick server is not listening") unless @listening @server.shutdown wait_for_shutdown @server = nil @listening = false end |
#wait_for_shutdown ⇒ Object
51 52 53 |
# File 'lib/puppet/network/http/webrick.rb', line 51 def wait_for_shutdown @thread.join end |