diff options
| author | Alexander Sulfrian <alexander@sulfrian.net> | 2015-06-12 01:20:16 +0200 |
|---|---|---|
| committer | Alexander Sulfrian <alexander@sulfrian.net> | 2015-06-12 03:39:34 +0200 |
| commit | 33e53dde2a85b8783c8e4935868d9c5f50dea440 (patch) | |
| tree | db7ffd6e4fc403a2d0b361481423003ee674802f /src/lib/Bcfg2/Server/Plugins/Metadata.py | |
| parent | f6b4bd47fc071f0a5230cbb6f59cbffc6b2b624b (diff) | |
| parent | ee11ee47bf86b67db100d76932a912d8239fa9d9 (diff) | |
| download | bcfg2-33e53dde2a85b8783c8e4935868d9c5f50dea440.tar.gz bcfg2-33e53dde2a85b8783c8e4935868d9c5f50dea440.tar.bz2 bcfg2-33e53dde2a85b8783c8e4935868d9c5f50dea440.zip | |
Merge branch 'maint'
Conflicts:
debian/changelog
doc/conf.py
misc/bcfg2-selinux.spec
misc/bcfg2.spec
osx/Makefile
osx/macports/Portfile
solaris-ips/MANIFEST.bcfg2-server.header
solaris-ips/MANIFEST.bcfg2.header
solaris-ips/Makefile
solaris-ips/pkginfo.bcfg2
solaris-ips/pkginfo.bcfg2-server
solaris/Makefile
solaris/pkginfo.bcfg2
solaris/pkginfo.bcfg2-server
src/lib/Bcfg2/Client/Tools/APT.py
src/lib/Bcfg2/Client/Tools/FreeBSDInit.py
src/lib/Bcfg2/Client/Tools/__init__.py
src/lib/Bcfg2/Options.py
src/lib/Bcfg2/Reporting/Collector.py
src/lib/Bcfg2/Reporting/templates/base.html
src/lib/Bcfg2/Server/CherrypyCore.py
src/lib/Bcfg2/Server/Core.py
src/lib/Bcfg2/Server/FileMonitor/__init__.py
src/lib/Bcfg2/Server/Lint/Validate.py
src/lib/Bcfg2/Server/Lint/__init__.py
src/lib/Bcfg2/Server/MultiprocessingCore.py
src/lib/Bcfg2/Server/Plugin/__init__.py
src/lib/Bcfg2/Server/Plugins/GroupPatterns.py
src/lib/Bcfg2/Server/Plugins/Metadata.py
src/lib/Bcfg2/Server/Plugins/Packages/Source.py
src/lib/Bcfg2/Server/Plugins/Packages/Yum.py
src/lib/Bcfg2/Server/Plugins/SSHbase.py
src/lib/Bcfg2/Server/Plugins/SSLCA.py
src/lib/Bcfg2/version.py
src/sbin/bcfg2-info
src/sbin/bcfg2-test
testsuite/requirements.txt
Diffstat (limited to 'src/lib/Bcfg2/Server/Plugins/Metadata.py')
| -rw-r--r-- | src/lib/Bcfg2/Server/Plugins/Metadata.py | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/src/lib/Bcfg2/Server/Plugins/Metadata.py b/src/lib/Bcfg2/Server/Plugins/Metadata.py index b850c1870..657e4df31 100644 --- a/src/lib/Bcfg2/Server/Plugins/Metadata.py +++ b/src/lib/Bcfg2/Server/Plugins/Metadata.py @@ -1394,8 +1394,6 @@ class Metadata(Bcfg2.Server.Plugin.Metadata, # look at cert.cN client = certinfo['commonName'] self.debug_log("Got cN %s; using as client name" % client) - auth_type = self.auth.get(client, - Bcfg2.Options.setup.authentication) elif user == 'root': id_method = 'address' try: @@ -1417,6 +1415,13 @@ class Metadata(Bcfg2.Server.Plugin.Metadata, # we have the client name self.debug_log("Authenticating client %s" % client) + # validate id_method + auth_type = self.auth.get(client, Bcfg2.Options.setup.authentication) + if auth_type == 'cert' and id_method != 'cert': + self.logger.error("Client %s does not provide a cert, but only " + "cert auth is allowed" % client) + return False + # next we validate the address if (id_method != 'uuid' and not self.validate_client_address(client, address)): |