RubyGems - TrueCar-chef - Versions diffs - 0.10.0.beta.3 - Mend

TrueCar-chef 0.10.0.beta.3

Files changed (372) hide show

data/LICENSE +201 -0
data/README.rdoc +171 -0
data/bin/chef-client +26 -0
data/bin/chef-solo +25 -0
data/bin/knife +26 -0
data/bin/shef +34 -0
data/distro/README +2 -0
data/distro/arch/etc/conf.d/chef-client.conf +5 -0
data/distro/arch/etc/conf.d/chef-server-webui.conf +10 -0
data/distro/arch/etc/conf.d/chef-server.conf +10 -0
data/distro/arch/etc/conf.d/chef-solr-indexer.conf +8 -0
data/distro/arch/etc/conf.d/chef-solr.conf +8 -0
data/distro/arch/etc/rc.d/chef-client +76 -0
data/distro/arch/etc/rc.d/chef-server +78 -0
data/distro/arch/etc/rc.d/chef-server-webui +78 -0
data/distro/arch/etc/rc.d/chef-solr +78 -0
data/distro/arch/etc/rc.d/chef-solr-indexer +78 -0
data/distro/common/man/man1/chef-indexer.1 +42 -0
data/distro/common/man/man1/chef-server-webui.1 +106 -0
data/distro/common/man/man1/chef-server.1 +107 -0
data/distro/common/man/man1/chef-solr-indexer.1 +55 -0
data/distro/common/man/man1/chef-solr.1 +55 -0
data/distro/common/man/man8/chef-client.8 +63 -0
data/distro/common/man/man8/chef-solo.8 +57 -0
data/distro/common/man/man8/chef-solr-rebuild.8 +37 -0
data/distro/common/man/man8/knife.8 +1349 -0
data/distro/common/man/man8/shef.8 +45 -0
data/distro/common/markdown/README +3 -0
data/distro/common/markdown/knife.mkd +865 -0
data/distro/debian/etc/default/chef-client +4 -0
data/distro/debian/etc/default/chef-server +9 -0
data/distro/debian/etc/default/chef-server-webui +9 -0
data/distro/debian/etc/default/chef-solr +8 -0
data/distro/debian/etc/default/chef-solr-indexer +7 -0
data/distro/debian/etc/init.d/chef-client +175 -0
data/distro/debian/etc/init.d/chef-server +122 -0
data/distro/debian/etc/init.d/chef-server-webui +123 -0
data/distro/debian/etc/init.d/chef-solr +176 -0
data/distro/debian/etc/init.d/chef-solr-indexer +176 -0
data/distro/debian/etc/init/chef-client.conf +17 -0
data/distro/debian/etc/init/chef-server-webui.conf +17 -0
data/distro/debian/etc/init/chef-server.conf +17 -0
data/distro/debian/etc/init/chef-solr-indexer.conf +17 -0
data/distro/debian/etc/init/chef-solr.conf +17 -0
data/distro/redhat/etc/init.d/chef-client +106 -0
data/distro/redhat/etc/init.d/chef-server +112 -0
data/distro/redhat/etc/init.d/chef-server-webui +112 -0
data/distro/redhat/etc/init.d/chef-solr +104 -0
data/distro/redhat/etc/init.d/chef-solr-indexer +104 -0
data/distro/redhat/etc/logrotate.d/chef-client +8 -0
data/distro/redhat/etc/logrotate.d/chef-server +8 -0
data/distro/redhat/etc/logrotate.d/chef-server-webui +8 -0
data/distro/redhat/etc/logrotate.d/chef-solr +8 -0
data/distro/redhat/etc/logrotate.d/chef-solr-indexer +8 -0
data/distro/redhat/etc/sysconfig/chef-client +15 -0
data/distro/redhat/etc/sysconfig/chef-server +14 -0
data/distro/redhat/etc/sysconfig/chef-server-webui +14 -0
data/distro/redhat/etc/sysconfig/chef-solr +8 -0
data/distro/redhat/etc/sysconfig/chef-solr-indexer +7 -0
data/lib/chef.rb +40 -0
data/lib/chef/api_client.rb +264 -0
data/lib/chef/application.rb +137 -0
data/lib/chef/application/agent.rb +18 -0
data/lib/chef/application/client.rb +242 -0
data/lib/chef/application/knife.rb +169 -0
data/lib/chef/application/solo.rb +217 -0
data/lib/chef/applications.rb +4 -0
data/lib/chef/certificate.rb +194 -0
data/lib/chef/checksum.rb +182 -0
data/lib/chef/checksum_cache.rb +189 -0
data/lib/chef/client.rb +362 -0
data/lib/chef/config.rb +244 -0
data/lib/chef/cookbook/chefignore.rb +66 -0
data/lib/chef/cookbook/cookbook_collection.rb +45 -0
data/lib/chef/cookbook/cookbook_version_loader.rb +151 -0
data/lib/chef/cookbook/file_system_file_vendor.rb +56 -0
data/lib/chef/cookbook/file_vendor.rb +48 -0
data/lib/chef/cookbook/metadata.rb +592 -0
data/lib/chef/cookbook/remote_file_vendor.rb +87 -0
data/lib/chef/cookbook/syntax_check.rb +136 -0
data/lib/chef/cookbook_loader.rb +103 -0
data/lib/chef/cookbook_site_streaming_uploader.rb +244 -0
data/lib/chef/cookbook_uploader.rb +125 -0
data/lib/chef/cookbook_version.rb +979 -0
data/lib/chef/cookbook_version_selector.rb +163 -0
data/lib/chef/couchdb.rb +247 -0
data/lib/chef/daemon.rb +172 -0
data/lib/chef/data_bag.rb +223 -0
data/lib/chef/data_bag_item.rb +267 -0
data/lib/chef/encrypted_data_bag_item.rb +126 -0
data/lib/chef/environment.rb +386 -0
data/lib/chef/exceptions.rb +153 -0
data/lib/chef/file_access_control.rb +140 -0
data/lib/chef/file_cache.rb +218 -0
data/lib/chef/handler.rb +206 -0
data/lib/chef/handler/json_file.rb +58 -0
data/lib/chef/index_queue.rb +29 -0
data/lib/chef/index_queue/amqp_client.rb +116 -0
data/lib/chef/index_queue/consumer.rb +76 -0
data/lib/chef/index_queue/indexable.rb +109 -0
data/lib/chef/json_compat.rb +52 -0
data/lib/chef/knife.rb +424 -0
data/lib/chef/knife/bootstrap.rb +185 -0
data/lib/chef/knife/bootstrap/archlinux-gems.erb +47 -0
data/lib/chef/knife/bootstrap/centos5-gems.erb +41 -0
data/lib/chef/knife/bootstrap/client-install.vbs +80 -0
data/lib/chef/knife/bootstrap/fedora13-gems.erb +38 -0
data/lib/chef/knife/bootstrap/ubuntu10.04-apt.erb +32 -0
data/lib/chef/knife/bootstrap/ubuntu10.04-gems.erb +46 -0
data/lib/chef/knife/bootstrap/windows-gems.erb +34 -0
data/lib/chef/knife/client_bulk_delete.rb +43 -0
data/lib/chef/knife/client_create.rb +73 -0
data/lib/chef/knife/client_delete.rb +48 -0
data/lib/chef/knife/client_edit.rb +48 -0
data/lib/chef/knife/client_list.rb +43 -0
data/lib/chef/knife/client_reregister.rb +59 -0
data/lib/chef/knife/client_show.rb +53 -0
data/lib/chef/knife/configure.rb +136 -0
data/lib/chef/knife/configure_client.rb +52 -0
data/lib/chef/knife/cookbook_bulk_delete.rb +61 -0
data/lib/chef/knife/cookbook_create.rb +274 -0
data/lib/chef/knife/cookbook_delete.rb +149 -0
data/lib/chef/knife/cookbook_download.rb +134 -0
data/lib/chef/knife/cookbook_list.rb +50 -0
data/lib/chef/knife/cookbook_metadata.rb +102 -0
data/lib/chef/knife/cookbook_metadata_from_file.rb +44 -0
data/lib/chef/knife/cookbook_show.rb +101 -0
data/lib/chef/knife/cookbook_site_download.rb +58 -0
data/lib/chef/knife/cookbook_site_list.rb +56 -0
data/lib/chef/knife/cookbook_site_search.rb +51 -0
data/lib/chef/knife/cookbook_site_share.rb +114 -0
data/lib/chef/knife/cookbook_site_show.rb +57 -0
data/lib/chef/knife/cookbook_site_unshare.rb +56 -0
data/lib/chef/knife/cookbook_site_vendor.rb +145 -0
data/lib/chef/knife/cookbook_test.rb +82 -0
data/lib/chef/knife/cookbook_upload.rb +146 -0
data/lib/chef/knife/data_bag_create.rb +94 -0
data/lib/chef/knife/data_bag_delete.rb +51 -0
data/lib/chef/knife/data_bag_edit.rb +94 -0
data/lib/chef/knife/data_bag_from_file.rb +85 -0
data/lib/chef/knife/data_bag_list.rb +46 -0
data/lib/chef/knife/data_bag_show.rb +81 -0
data/lib/chef/knife/environment_create.rb +53 -0
data/lib/chef/knife/environment_delete.rb +45 -0
data/lib/chef/knife/environment_edit.rb +45 -0
data/lib/chef/knife/environment_from_file.rb +39 -0
data/lib/chef/knife/environment_list.rb +42 -0
data/lib/chef/knife/environment_show.rb +46 -0
data/lib/chef/knife/exec.rb +51 -0
data/lib/chef/knife/index_rebuild.rb +50 -0
data/lib/chef/knife/node_bulk_delete.rb +46 -0
data/lib/chef/knife/node_create.rb +50 -0
data/lib/chef/knife/node_delete.rb +47 -0
data/lib/chef/knife/node_edit.rb +163 -0
data/lib/chef/knife/node_from_file.rb +45 -0
data/lib/chef/knife/node_list.rb +46 -0
data/lib/chef/knife/node_run_list_add.rb +67 -0
data/lib/chef/knife/node_run_list_remove.rb +48 -0
data/lib/chef/knife/node_show.rb +62 -0
data/lib/chef/knife/recipe_list.rb +33 -0
data/lib/chef/knife/role_bulk_delete.rb +47 -0
data/lib/chef/knife/role_create.rb +55 -0
data/lib/chef/knife/role_delete.rb +47 -0
data/lib/chef/knife/role_edit.rb +48 -0
data/lib/chef/knife/role_from_file.rb +49 -0
data/lib/chef/knife/role_list.rb +43 -0
data/lib/chef/knife/role_show.rb +54 -0
data/lib/chef/knife/search.rb +123 -0
data/lib/chef/knife/ssh.rb +318 -0
data/lib/chef/knife/status.rb +90 -0
data/lib/chef/knife/subcommand_loader.rb +101 -0
data/lib/chef/knife/tag_create.rb +31 -0
data/lib/chef/knife/tag_delete.rb +31 -0
data/lib/chef/knife/tag_list.rb +29 -0
data/lib/chef/knife/ui.rb +227 -0
data/lib/chef/knife/windows_bootstrap.rb +157 -0
data/lib/chef/log.rb +39 -0
data/lib/chef/mash.rb +211 -0
data/lib/chef/mixin/check_helper.rb +31 -0
data/lib/chef/mixin/checksum.rb +32 -0
data/lib/chef/mixin/command.rb +221 -0
data/lib/chef/mixin/command/unix.rb +215 -0
data/lib/chef/mixin/command/windows.rb +76 -0
data/lib/chef/mixin/convert_to_class_name.rb +63 -0
data/lib/chef/mixin/create_path.rb +56 -0
data/lib/chef/mixin/deep_merge.rb +225 -0
data/lib/chef/mixin/deprecation.rb +65 -0
data/lib/chef/mixin/from_file.rb +50 -0
data/lib/chef/mixin/language.rb +165 -0
data/lib/chef/mixin/language_include_attribute.rb +61 -0
data/lib/chef/mixin/language_include_recipe.rb +52 -0
data/lib/chef/mixin/params_validate.rb +225 -0
data/lib/chef/mixin/recipe_definition_dsl_core.rb +81 -0
data/lib/chef/mixin/shell_out.rb +40 -0
data/lib/chef/mixin/template.rb +95 -0
data/lib/chef/mixin/xml_escape.rb +140 -0
data/lib/chef/mixins.rb +15 -0
data/lib/chef/monkey_patches/dir.rb +36 -0
data/lib/chef/monkey_patches/numeric.rb +7 -0
data/lib/chef/monkey_patches/regexp.rb +34 -0
data/lib/chef/monkey_patches/string.rb +28 -0
data/lib/chef/monkey_patches/tempfile.rb +64 -0
data/lib/chef/nil_argument.rb +3 -0
data/lib/chef/node.rb +661 -0
data/lib/chef/node/attribute.rb +487 -0
data/lib/chef/openid_registration.rb +187 -0
data/lib/chef/platform.rb +409 -0
data/lib/chef/provider.rb +124 -0
data/lib/chef/provider/breakpoint.rb +36 -0
data/lib/chef/provider/cookbook_file.rb +101 -0
data/lib/chef/provider/cron.rb +186 -0
data/lib/chef/provider/cron/solaris.rb +195 -0
data/lib/chef/provider/deploy.rb +320 -0
data/lib/chef/provider/deploy/revision.rb +80 -0
data/lib/chef/provider/deploy/timestamped.rb +33 -0
data/lib/chef/provider/directory.rb +72 -0
data/lib/chef/provider/env.rb +152 -0
data/lib/chef/provider/env/windows.rb +75 -0
data/lib/chef/provider/erl_call.rb +100 -0
data/lib/chef/provider/execute.rb +60 -0
data/lib/chef/provider/file.rb +222 -0
data/lib/chef/provider/git.rb +221 -0
data/lib/chef/provider/group.rb +133 -0
data/lib/chef/provider/group/aix.rb +70 -0
data/lib/chef/provider/group/dscl.rb +121 -0
data/lib/chef/provider/group/gpasswd.rb +53 -0
data/lib/chef/provider/group/groupadd.rb +81 -0
data/lib/chef/provider/group/pw.rb +84 -0
data/lib/chef/provider/group/usermod.rb +57 -0
data/lib/chef/provider/group/windows.rb +79 -0
data/lib/chef/provider/http_request.rb +122 -0
data/lib/chef/provider/ifconfig.rb +132 -0
data/lib/chef/provider/link.rb +161 -0
data/lib/chef/provider/log.rb +54 -0
data/lib/chef/provider/mdadm.rb +91 -0
data/lib/chef/provider/mount.rb +117 -0
data/lib/chef/provider/mount/mount.rb +232 -0
data/lib/chef/provider/mount/windows.rb +80 -0
data/lib/chef/provider/ohai.rb +41 -0
data/lib/chef/provider/package.rb +160 -0
data/lib/chef/provider/package/apt.rb +110 -0
data/lib/chef/provider/package/dpkg.rb +112 -0
data/lib/chef/provider/package/easy_install.rb +136 -0
data/lib/chef/provider/package/freebsd.rb +123 -0
data/lib/chef/provider/package/macports.rb +105 -0
data/lib/chef/provider/package/pacman.rb +101 -0
data/lib/chef/provider/package/portage.rb +135 -0
data/lib/chef/provider/package/rpm.rb +101 -0
data/lib/chef/provider/package/rubygems.rb +462 -0
data/lib/chef/provider/package/solaris.rb +127 -0
data/lib/chef/provider/package/yum-dump.py +128 -0
data/lib/chef/provider/package/yum.rb +261 -0
data/lib/chef/provider/package/zypper.rb +133 -0
data/lib/chef/provider/remote_directory.rb +138 -0
data/lib/chef/provider/remote_file.rb +119 -0
data/lib/chef/provider/route.rb +195 -0
data/lib/chef/provider/ruby_block.rb +33 -0
data/lib/chef/provider/script.rb +55 -0
data/lib/chef/provider/service.rb +128 -0
data/lib/chef/provider/service/arch.rb +109 -0
data/lib/chef/provider/service/debian.rb +130 -0
data/lib/chef/provider/service/freebsd.rb +156 -0
data/lib/chef/provider/service/gentoo.rb +54 -0
data/lib/chef/provider/service/init.rb +71 -0
data/lib/chef/provider/service/insserv.rb +52 -0
data/lib/chef/provider/service/redhat.rb +60 -0
data/lib/chef/provider/service/simple.rb +118 -0
data/lib/chef/provider/service/solaris.rb +85 -0
data/lib/chef/provider/service/upstart.rb +192 -0
data/lib/chef/provider/service/windows.rb +146 -0
data/lib/chef/provider/subversion.rb +194 -0
data/lib/chef/provider/template.rb +105 -0
data/lib/chef/provider/user.rb +187 -0
data/lib/chef/provider/user/dscl.rb +280 -0
data/lib/chef/provider/user/pw.rb +113 -0
data/lib/chef/provider/user/useradd.rb +137 -0
data/lib/chef/provider/user/windows.rb +124 -0
data/lib/chef/providers.rb +93 -0
data/lib/chef/recipe.rb +128 -0
data/lib/chef/resource.rb +530 -0
data/lib/chef/resource/apt_package.rb +34 -0
data/lib/chef/resource/bash.rb +33 -0
data/lib/chef/resource/breakpoint.rb +35 -0
data/lib/chef/resource/cookbook_file.rb +45 -0
data/lib/chef/resource/cron.rb +188 -0
data/lib/chef/resource/csh.rb +33 -0
data/lib/chef/resource/deploy.rb +371 -0
data/lib/chef/resource/deploy_revision.rb +35 -0
data/lib/chef/resource/directory.rb +76 -0
data/lib/chef/resource/dpkg_package.rb +34 -0
data/lib/chef/resource/easy_install_package.rb +57 -0
data/lib/chef/resource/env.rb +58 -0
data/lib/chef/resource/erl_call.rb +83 -0
data/lib/chef/resource/execute.rb +127 -0
data/lib/chef/resource/file.rb +99 -0
data/lib/chef/resource/freebsd_package.rb +35 -0
data/lib/chef/resource/gem_package.rb +53 -0
data/lib/chef/resource/git.rb +37 -0
data/lib/chef/resource/group.rb +70 -0
data/lib/chef/resource/http_request.rb +61 -0
data/lib/chef/resource/ifconfig.rb +134 -0
data/lib/chef/resource/link.rb +78 -0
data/lib/chef/resource/log.rb +62 -0
data/lib/chef/resource/macports_package.rb +29 -0
data/lib/chef/resource/mdadm.rb +82 -0
data/lib/chef/resource/mount.rb +135 -0
data/lib/chef/resource/ohai.rb +40 -0
data/lib/chef/resource/package.rb +80 -0
data/lib/chef/resource/pacman_package.rb +33 -0
data/lib/chef/resource/perl.rb +33 -0
data/lib/chef/resource/portage_package.rb +33 -0
data/lib/chef/resource/python.rb +33 -0
data/lib/chef/resource/remote_directory.rb +109 -0
data/lib/chef/resource/remote_file.rb +83 -0
data/lib/chef/resource/route.rb +135 -0
data/lib/chef/resource/rpm_package.rb +34 -0
data/lib/chef/resource/ruby.rb +33 -0
data/lib/chef/resource/ruby_block.rb +40 -0
data/lib/chef/resource/scm.rb +147 -0
data/lib/chef/resource/script.rb +60 -0
data/lib/chef/resource/service.rb +160 -0
data/lib/chef/resource/solaris_package.rb +36 -0
data/lib/chef/resource/subversion.rb +36 -0
data/lib/chef/resource/template.rb +69 -0
data/lib/chef/resource/timestamped_deploy.rb +31 -0
data/lib/chef/resource/user.rb +130 -0
data/lib/chef/resource/yum_package.rb +43 -0
data/lib/chef/resource_collection.rb +217 -0
data/lib/chef/resource_collection/stepable_iterator.rb +124 -0
data/lib/chef/resource_definition.rb +67 -0
data/lib/chef/resource_definition_list.rb +38 -0
data/lib/chef/resources.rb +64 -0
data/lib/chef/rest.rb +386 -0
data/lib/chef/rest/auth_credentials.rb +71 -0
data/lib/chef/rest/cookie_jar.rb +31 -0
data/lib/chef/rest/rest_request.rb +188 -0
data/lib/chef/role.rb +341 -0
data/lib/chef/run_context.rb +126 -0
data/lib/chef/run_list.rb +165 -0
data/lib/chef/run_list/run_list_expansion.rb +193 -0
data/lib/chef/run_list/run_list_item.rb +92 -0
data/lib/chef/run_list/versioned_recipe_list.rb +68 -0
data/lib/chef/run_status.rb +121 -0
data/lib/chef/runner.rb +99 -0
data/lib/chef/sandbox.rb +153 -0
data/lib/chef/search/query.rb +65 -0
data/lib/chef/shef.rb +326 -0
data/lib/chef/shef/ext.rb +569 -0
data/lib/chef/shef/model_wrapper.rb +120 -0
data/lib/chef/shef/shef_rest.rb +28 -0
data/lib/chef/shef/shef_session.rb +284 -0
data/lib/chef/shell_out.rb +238 -0
data/lib/chef/shell_out/unix.rb +223 -0
data/lib/chef/shell_out/windows.rb +98 -0
data/lib/chef/solr_query.rb +187 -0
data/lib/chef/solr_query/lucene.treetop +150 -0
data/lib/chef/solr_query/lucene_nodes.rb +285 -0
data/lib/chef/solr_query/query_transform.rb +65 -0
data/lib/chef/solr_query/solr_http_request.rb +118 -0
data/lib/chef/streaming_cookbook_uploader.rb +201 -0
data/lib/chef/tasks/chef_repo.rake +256 -0
data/lib/chef/util/file_edit.rb +122 -0
data/lib/chef/util/windows.rb +56 -0
data/lib/chef/util/windows/net_group.rb +101 -0
data/lib/chef/util/windows/net_use.rb +121 -0
data/lib/chef/util/windows/net_user.rb +198 -0
data/lib/chef/util/windows/volume.rb +59 -0
data/lib/chef/version.rb +23 -0
data/lib/chef/version_class.rb +70 -0
data/lib/chef/version_constraint.rb +116 -0
data/lib/chef/webui_user.rb +231 -0
metadata +600 -0

@@ -0,0 +1,4 @@
+require 'chef/application/agent'
+require 'chef/application/client'
+require 'chef/application/knife'
+require 'chef/application/solo'

data/lib/chef/certificate.rb ADDED

@@ -0,0 +1,194 @@
+#
+# Author:: Adam Jacob (<adam@opscode.com>)
+# Author:: Christopher Brown (<cb@opscode.com>)
+# Copyright:: Copyright (c) 2009 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+require 'chef/log'
+require 'chef/config'
+require 'chef/api_client'
+require 'openssl'
+require 'fileutils'
+class Chef
+  class Certificate
+    class << self
+      # Generates a new CA Certificate and Key, and writes them out to
+      # Chef::Config[:signing_ca_cert] and Chef::Config[:signing_ca_key].
+      def generate_signing_ca
+        ca_cert_file = Chef::Config[:signing_ca_cert]
+        ca_keypair_file = Chef::Config[:signing_ca_key]
+        unless File.exists?(ca_cert_file) && File.exists?(ca_keypair_file)
+          Chef::Log.info("Creating new signing certificate")
+          [ ca_cert_file, ca_keypair_file ].each do |f|
+            ca_basedir = File.dirname(f)
+            FileUtils.mkdir_p ca_basedir
+          end
+          keypair = OpenSSL::PKey::RSA.generate(1024)
+          ca_cert = OpenSSL::X509::Certificate.new
+          ca_cert.version = 3
+          ca_cert.serial = 1
+          info = [
+            ["C", Chef::Config[:signing_ca_country]],
+            ["ST", Chef::Config[:signing_ca_state]],
+            ["L", Chef::Config[:signing_ca_location]],
+            ["O", Chef::Config[:signing_ca_org]],
+            ["OU", "Certificate Service"],
+            ["CN", "#{Chef::Config[:signing_ca_domain]}/emailAddress=#{Chef::Config[:signing_ca_email]}"]
+          ]
+          ca_cert.subject = ca_cert.issuer = OpenSSL::X509::Name.new(info)
+          ca_cert.not_before = Time.now
+          ca_cert.not_after = Time.now + 10 * 365 * 24 * 60 * 60 # 10 years
+          ca_cert.public_key = keypair.public_key
+          ef = OpenSSL::X509::ExtensionFactory.new
+          ef.subject_certificate = ca_cert
+          ef.issuer_certificate = ca_cert
+          ca_cert.extensions = [
+                  ef.create_extension("basicConstraints", "CA:TRUE", true),
+                  ef.create_extension("subjectKeyIdentifier", "hash"),
+                  ef.create_extension("keyUsage", "cRLSign,keyCertSign", true),
+          ]
+          ca_cert.add_extension ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always")
+          ca_cert.sign keypair, OpenSSL::Digest::SHA1.new
+          File.open(ca_cert_file, "w") { |f| f.write ca_cert.to_pem }
+          File.open(ca_keypair_file, File::WRONLY|File::EXCL|File::CREAT, 0600) { |f| f.write keypair.to_pem }
+          if (Chef::Config[:signing_ca_user] && Chef::Config[:signing_ca_group])
+            FileUtils.chown(Chef::Config[:signing_ca_user], Chef::Config[:signing_ca_group], ca_keypair_file)
+          end
+        end
+        self
+      end
+      # Creates a new key pair, and signs them with the signing certificate
+      # and key generated from generate_signing_ca above.
+      #
+      # @param [String] The common name for the key pair.
+      # @param [Optional String] The subject alternative name.
+      # @return [Object, Object] The public and private key objects.
+      def gen_keypair(common_name, subject_alternative_name = nil)
+        Chef::Log.info("Creating new key pair for #{common_name}")
+        # generate client keypair
+        client_keypair = OpenSSL::PKey::RSA.generate(2048)
+        client_cert = OpenSSL::X509::Certificate.new
+        ca_cert = OpenSSL::X509::Certificate.new(File.read(Chef::Config[:signing_ca_cert]))
+        info = [
+          ["C", Chef::Config[:signing_ca_country]],
+          ["ST", Chef::Config[:signing_ca_state]],
+          ["L", Chef::Config[:signing_ca_location]],
+          ["O", Chef::Config[:signing_ca_org]],
+          ["OU", "Certificate Service"],
+          ["CN", common_name ]
+        ]
+        client_cert.subject = OpenSSL::X509::Name.new(info)
+        client_cert.issuer = ca_cert.subject
+        client_cert.not_before = Time.now
+        client_cert.not_after = Time.now + 10 * 365 * 24 * 60 * 60 # 10 years
+        client_cert.public_key = client_keypair.public_key
+        client_cert.serial = 1
+        client_cert.version = 3
+        ef = OpenSSL::X509::ExtensionFactory.new
+        ef.subject_certificate = client_cert
+        ef.issuer_certificate = ca_cert
+        client_cert.extensions = [
+                ef.create_extension("basicConstraints", "CA:FALSE", true),
+                ef.create_extension("subjectKeyIdentifier", "hash")
+        ]
+        client_cert.add_extension ef.create_extension("subjectAltName", subject_alternative_name) if subject_alternative_name
+        client_cert.sign(OpenSSL::PKey::RSA.new(File.read(Chef::Config[:signing_ca_key])), OpenSSL::Digest::SHA1.new)
+        return client_cert.public_key, client_keypair
+      end
+      def gen_validation_key(name=Chef::Config[:validation_client_name], key_file=Chef::Config[:validation_key], admin=false)
+        # Create the validation key
+        api_client = Chef::ApiClient.new
+        api_client.name(name)
+        api_client.admin(admin)
+        begin
+          # If both the couch record and file exist, don't do anything. Otherwise,
+          # re-generate the validation key.
+          Chef::ApiClient.cdb_load(name)
+          # The couch document was loaded successfully if we got to here; if we
+          # can't also load the file on the filesystem, we'll regenerate it all.
+          File.open(key_file, "r") do |file|
+          end
+        rescue Chef::Exceptions::CouchDBNotFound
+          create_validation_key(api_client, key_file)
+        rescue
+          if $!.class.name =~ /Errno::/
+            Chef::Log.error("Error opening validation key: #{$!} -- destroying and regenerating")
+            begin
+              api_client.cdb_destroy
+            rescue Bunny::ServerDownError => e
+              # create_validation_key is gonna fail anyway, so let's just bail out.
+              Chef::Log.fatal("Could not de-index (to rabbitmq) previous validation key - rabbitmq is down! Start rabbitmq then restart chef-server to re-generate it")
+              raise
+            end
+            create_validation_key(api_client, key_file)
+          else
+            raise
+          end
+        end
+      end
+      private
+      def create_validation_key(api_client, key_file)
+        Chef::Log.info("Creating validation key...")
+        api_client.create_keys
+        begin
+          api_client.cdb_save
+        rescue Bunny::ServerDownError => e
+          # If rabbitmq is down, the client will have been saved in CouchDB,
+          # but not in the index.
+          Chef::Log.fatal("Could not index (to rabbitmq) validation key - rabbitmq is down! Start rabbitmq then restart chef-server to re-generate it")
+          # re-raise so the error bubbles out and nukes chef-server
+          raise e
+        end
+        key_dir = File.dirname(key_file)
+        FileUtils.mkdir_p(key_dir) unless File.directory?(key_dir)
+        File.open(key_file, File::WRONLY|File::CREAT, 0600) do |f|
+          f.print(api_client.private_key)
+        end
+        if (Chef::Config[:signing_ca_user] && Chef::Config[:signing_ca_group])
+          FileUtils.chown(Chef::Config[:signing_ca_user], Chef::Config[:signing_ca_group], key_file)
+        end
+      end
+    end
+  end
+end

data/lib/chef/checksum.rb ADDED

@@ -0,0 +1,182 @@
+#
+# Author:: Tim Hinderliter (<tim@opscode.com>)
+# Copyright:: Copyright (c) 2010 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+require 'chef/log'
+require 'uuidtools'
+class Chef
+  # == Chef::Checksum
+  # Checksum for an individual file; e.g., used for sandbox/cookbook uploading
+  # to track which files the system already manages.
+  class Checksum
+    attr_accessor :checksum, :create_time
+    attr_accessor :couchdb_id, :couchdb_rev
+    # When a Checksum commits a sandboxed file to its final home in the checksum
+    # repo, this attribute will have the original on-disk path where the file
+    # was stored; it will be used if the commit is reverted to restore the sandbox
+    # to the pre-commit state.
+    attr_reader :original_committed_file_location
+    DESIGN_DOCUMENT = {
+      "version" => 1,
+      "language" => "javascript",
+      "views" => {
+        "all" => {
+          "map" => <<-EOJS
+          function(doc) {
+            if (doc.chef_type == "checksum") {
+              emit(doc.checksum, doc);
+            }
+          }
+          EOJS
+        },
+      }
+    }
+    # Creates a new Chef::Checksum object.
+    # === Arguments
+    # checksum::: the MD5 content hash of the file
+    # couchdb::: An instance of Chef::CouchDB
+    #
+    # === Returns
+    # object<Chef::Checksum>:: Duh. :)
+    def initialize(checksum=nil, couchdb=nil)
+      @create_time = Time.now.iso8601
+      @checksum = checksum
+      @original_committed_file_location = nil
+    end
+    def to_json(*a)
+      result = {
+        :checksum => checksum,
+        :create_time => create_time,
+        :json_class => self.class.name,
+        :chef_type => 'checksum',
+        # For Chef::CouchDB (id_to_name, name_to_id)
+        :name => checksum
+      }
+      result.to_json(*a)
+    end
+    def self.json_create(o)
+      checksum = new(o['checksum'])
+      checksum.create_time = o['create_time']
+      if o.has_key?('_rev')
+        checksum.couchdb_rev = o["_rev"]
+        o.delete("_rev")
+      end
+      if o.has_key?("_id")
+        checksum.couchdb_id = o["_id"]
+        o.delete("_id")
+      end
+      checksum
+    end
+    ##
+    # On-Disk Checksum File Repo (Chef Server API)
+    ##
+    def file_location
+      File.join(checksum_repo_directory, checksum)
+    end
+    def checksum_repo_directory
+      File.join(Chef::Config.checksum_path, checksum[0..1])
+    end
+    # Moves the given +sandbox_file+ into the checksum repo using the path
+    # given by +file_location+ and saves the Checksum to the database
+    def commit_sandbox_file(sandbox_file)
+      @original_committed_file_location = sandbox_file
+      Chef::Log.info("commiting sandbox file: move #{sandbox_file} to #{file_location}")
+      FileUtils.mkdir_p(checksum_repo_directory)
+      File.rename(sandbox_file, file_location)
+      cdb_save
+    end
+    # Moves the checksum file back to its pre-commit location and deletes
+    # the checksum object from the database, effectively undoing +commit_sandbox_file+.
+    # Raises Chef::Exceptions::IllegalChecksumRevert if the original file location
+    # is unknown, which is will be the case if commit_sandbox_file was not
+    # previously called
+    def revert_sandbox_file_commit
+      unless original_committed_file_location
+        raise Chef::Exceptions::IllegalChecksumRevert, "Checksum #{self.inspect} cannot be reverted because the original sandbox file location is not known"
+      end
+      Chef::Log.warn("reverting sandbox file commit: moving #{file_location} back to #{original_committed_file_location}")
+      File.rename(file_location, original_committed_file_location)
+      cdb_destroy
+    end
+    # Removes the on-disk file backing this checksum object, then removes it
+    # from the database
+    def purge
+      purge_file
+      cdb_destroy
+    end
+    ##
+    # Couchdb
+    ##
+    def self.create_design_document(couchdb=nil)
+      (couchdb || Chef::CouchDB.new).create_design_document("checksums", DESIGN_DOCUMENT)
+    end
+    def self.cdb_list(inflate=false, couchdb=nil)
+      rs = (couchdb || Chef::CouchDB.new).list("checksums", inflate)
+      lookup = (inflate ? "value" : "key")
+      rs["rows"].collect { |r| r[lookup] }
+    end
+    def self.cdb_all_checksums(couchdb = nil)
+      rs = (couchdb || Chef::CouchDB.new).list("checksums", true)
+      rs["rows"].inject({}) { |hash_result, r| hash_result[r['key']] = 1; hash_result }
+    end
+    def self.cdb_load(checksum, couchdb=nil)
+      # Probably want to look for a view here at some point
+      (couchdb || Chef::CouchDB.new).load("checksum", checksum)
+    end
+    def cdb_destroy(couchdb=nil)
+      (couchdb || Chef::CouchDB.new).delete("checksum", checksum, @couchdb_rev)
+    end
+    def cdb_save(couchdb=nil)
+      @couchdb_rev = (couchdb || Chef::CouchDB.new).store("checksum", checksum, self)["rev"]
+    end
+    private
+    # Deletes the file backing this checksum from the on-disk repo.
+    # Purging the checksums is how users can get back to a valid state if
+    # they've deleted files, so we silently swallow Errno::ENOENT here.
+    def purge_file
+      FileUtils.rm(file_location)
+    rescue Errno::ENOENT
+      true
+    end
+  end
+end

data/lib/chef/checksum_cache.rb ADDED

@@ -0,0 +1,189 @@
+#
+# Author:: Adam Jacob (<adam@opscode.com>)
+# Author:: Daniel DeLeo (<dan@kallistec.com>)
+# Copyright:: Copyright (c) 2009 Opscode, Inc.
+# Copyright:: Copyright (c) 2009 Daniel DeLeo
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+require 'set'
+require 'fileutils'
+require 'chef/log'
+require 'chef/config'
+require 'chef/client'
+require 'chef/mixin/convert_to_class_name'
+require 'singleton'
+require 'moneta'
+class Chef
+  class ChecksumCache
+    include Chef::Mixin::ConvertToClassName
+    include ::Singleton
+    attr_reader :moneta
+    def initialize(*args)
+      self.reset!(*args)
+    end
+    def reset!(backend=nil, options=nil)
+      backend ||= Chef::Config[:cache_type]
+      options ||= Chef::Config[:cache_options]
+      begin
+        require "moneta/#{convert_to_snake_case(backend, 'Moneta')}"
+      rescue LoadError => e
+        Chef::Log.fatal("Could not load Moneta back end #{backend.inspect}")
+        raise e
+      end
+      @moneta = Moneta.const_get(backend).new(options)
+    end
+    def self.reset_cache_validity
+      @valid_cached_checksums = nil
+    end
+    Chef::Client.when_run_starts do |run_status|
+      reset_cache_validity
+    end
+    def self.valid_cached_checksums
+      @valid_cached_checksums ||= Set.new
+    end
+    def self.validate_checksum(checksum_key)
+      valid_cached_checksums << checksum_key
+    end
+    def self.all_cached_checksums
+      all_checksums_with_filenames = {}
+      Dir[File.join(Chef::Config[:cache_options][:path], '*')].each do |cksum_file|
+        all_checksums_with_filenames[File.basename(cksum_file)] = cksum_file
+      end
+      all_checksums_with_filenames
+    end
+    def self.cleanup_checksum_cache
+      Chef::Log.info("cleaning the checksum cache")
+      if (Chef::Config[:cache_type].to_s == "BasicFile")
+        all_cached_checksums.each do |cache_key, cksum_cache_file|
+          unless valid_cached_checksums.include?(cache_key)
+            remove_unused_checksum(cksum_cache_file)
+          end
+        end
+      end
+    end
+    Chef::Client.when_run_completes_successfully do |run_status|
+      cleanup_checksum_cache
+    end
+    def self.remove_unused_checksum(checksum_file)
+      Chef::Log.debug("removing unused checksum cache file #{checksum_file}")
+      FileUtils.rm(checksum_file)
+    end
+    def self.checksum_for_file(*args)
+      instance.checksum_for_file(*args)
+    end
+    def validate_checksum(*args)
+      self.class.validate_checksum(*args)
+    end
+    def checksum_for_file(file, key=nil)
+      key ||= generate_key(file)
+      fstat = File.stat(file)
+      lookup_checksum(key, fstat) || generate_checksum(key, file, fstat)
+    end
+    def lookup_checksum(key, fstat)
+      cached = fetch(key)
+      if cached && file_unchanged?(cached, fstat)
+        validate_checksum(key)
+        cached["checksum"]
+      else
+        nil
+      end
+    end
+    def generate_checksum(key, file, fstat)
+      checksum = checksum_file(file, Digest::SHA256.new)
+      moneta.store(key, {"mtime" => fstat.mtime.to_f, "checksum" => checksum})
+      validate_checksum(key)
+      checksum
+    end
+    def generate_key(file, group="chef")
+      "#{group}-file-#{file.gsub(/(#{File::SEPARATOR}|\.)/, '-')}"
+    end
+    def self.generate_md5_checksum_for_file(*args)
+      instance.generate_md5_checksum_for_file(*args)
+    end
+    def generate_md5_checksum_for_file(file)
+      checksum_file(file, Digest::MD5.new)
+    end
+    def generate_md5_checksum(io)
+      checksum_io(io, Digest::MD5.new)
+    end
+    private
+    def fetch(key)
+      @moneta.fetch(key)
+    rescue ArgumentError => e
+      Log.warn "Error loading cached checksum for key #{key.inspect}"
+      Log.warn(e)
+      repair_checksum_cache
+      nil
+    end
+    def repair_checksum_cache
+      Chef::Log.info("Removing invalid checksum cache files")
+      Dir["#{Chef::Config[:cache_options][:path]}/*"].each do |file_path|
+        File.unlink(file_path) unless File.size?(file_path)
+      end
+    end
+    def file_unchanged?(cached, fstat)
+      cached["mtime"].to_f == fstat.mtime.to_f
+    end
+    def checksum_file(file, digest)
+      File.open(file, 'rb') { |f| checksum_io(f, digest) }
+    end
+    def checksum_io(io, digest)
+      while chunk = io.read(1024 * 8)
+        digest.update(chunk)
+      end
+      digest.hexdigest
+    end
+  end
+end
+module Moneta
+  module Defaults
+    def default
+      nil
+    end
+  end
+end