RubyGems - bolt - Versions diffs - 0.20.3 → 0.20.5 - Mend

bolt 0.20.3 → 0.20.5

Potentially problematic release.

This version of bolt might be problematic. Click here for more details.

Files changed (256) hide show

data/vendored/puppet/lib/puppet/feature/rack.rb DELETED

@@ -1,19 +0,0 @@
-require 'puppet/util/feature'
-# See if we have rack available, an HTTP Application Stack
-# Explicitly depend on rack library version >= 1.0.0
-Puppet.features.add(:rack) do
-  require 'rack'
-  if ! (defined?(::Rack) and defined?(::Rack.release))
-    false
-  else
-    major_version = ::Rack.release.split('.')[0].to_i
-    if major_version >= 1
-      true
-    else
-      false
-    end
-  end
-end

data/vendored/puppet/lib/puppet/network/http/api/ca.rb DELETED

	@@ -1,2 +0,0 @@
1	- module Puppet::Network::HTTP::API::CA
2	- end

data/vendored/puppet/lib/puppet/network/http/api/ca/v1.rb DELETED

@@ -1,11 +0,0 @@
-require 'puppet/network/http/api/indirected_routes'
-class Puppet::Network::HTTP::API::CA::V1
-  INDIRECTED = Puppet::Network::HTTP::Route.
-    path(/.*/).
-    any(Puppet::Network::HTTP::API::IndirectedRoutes.new)
-  def self.routes
-    Puppet::Network::HTTP::Route.path(%r{v1}).any.chain(INDIRECTED)
-  end
-end

data/vendored/puppet/lib/puppet/network/http/rack.rb DELETED

@@ -1,33 +0,0 @@
-require 'rack'
-require 'rack/request'
-require 'rack/response'
-require 'puppet/network/http'
-require 'puppet/network/http/rack/rest'
-# An rack application, for running the Puppet HTTP Server.
-class Puppet::Network::HTTP::Rack
-  # The real rack application (which needs to respond to call).
-  # The work we need to do, roughly is:
-  # * Read request (from env) and prepare a response
-  # * Route the request to the correct handler
-  # * Return the response (in rack-format) to our caller.
-  def call(env)
-    request = Rack::Request.new(env)
-    response = Rack::Response.new
-    Puppet.debug 'Handling request: %s %s' % [request.request_method, request.fullpath]
-    begin
-      Puppet::Network::HTTP::RackREST.new.process(request, response)
-    rescue => detail
-      # Send a Status 500 Error on unhandled exceptions.
-      response.status = 500
-      response['Content-Type'] = 'text/plain'
-      response.write _("Internal Server Error: \"%{message}\"") % { message: detail.message }
-      # log what happened
-      Puppet.log_exception(detail, _("Puppet Server (Rack): Internal Server Error: Unhandled Exception: \"%{message}\"") % { message: detail.message })
-    end
-    response.finish
-  end
-end

data/vendored/puppet/lib/puppet/network/http/rack/rest.rb DELETED

@@ -1,162 +0,0 @@
-require 'openssl'
-require 'cgi'
-require 'puppet/network/http/handler'
-require 'puppet/util/ssl'
-require 'uri'
-class Puppet::Network::HTTP::RackREST
-  include Puppet::Network::HTTP::Handler
-  ContentType = 'Content-Type'.freeze
-  CHUNK_SIZE = 8192
-  class RackFile
-    def initialize(file)
-      @file = file
-    end
-    def each
-      while chunk = @file.read(CHUNK_SIZE)
-        yield chunk
-      end
-    end
-    def close
-      @file.close
-    end
-  end
-  def initialize(args={})
-    super()
-    register([Puppet::Network::HTTP::API.master_routes,
-              Puppet::Network::HTTP::API.ca_routes,
-              Puppet::Network::HTTP::API.not_found_upgrade])
-  end
-  def set_content_type(response, format)
-    response[ContentType] = format
-  end
-  # produce the body of the response
-  def set_response(response, result, status = 200)
-    response.status = status
-    unless result.is_a?(File)
-      response.write result
-    else
-      response["Content-Length"] = result.stat.size.to_s
-      response.body = RackFile.new(result)
-    end
-  end
-  # Retrieve all headers from the http request, as a map.
-  def headers(request)
-    headers = request.env.select {|k,v| k.start_with? 'HTTP_'}.inject({}) do |m, (k,v)|
-      m[k.sub(/^HTTP_/, '').gsub('_','-').downcase] = v
-      m
-    end
-    headers['content-type'] = request.content_type
-    headers
-  end
-  # Return which HTTP verb was used in this request.
-  def http_method(request)
-    request.request_method
-  end
-  # Return the query params for this request.
-  def params(request)
-    if request.post?
-      params = request.params
-    else
-      # rack doesn't support multi-valued query parameters,
-      # e.g. ignore, so parse them ourselves
-      params = CGI.parse(request.query_string)
-      convert_singular_arrays_to_value(params)
-    end
-    result = decode_params(params)
-    result.merge(extract_client_info(request))
-  end
-  # what path was requested? (this is, without any query parameters)
-  def path(request)
-    # The value that Passenger provides for 'path' is escaped
-    # (URL percent-encoded), see
-    # https://github.com/phusion/passenger/blob/release-5.0.26/src/apache2_module/Hooks.cpp#L885
-    # for the implementation as hooked up to an Apache web server.  Code
-    # in the indirector / HTTP layer which consumes this path, however, assumes
-    # that it has already been unescaped, so it is unescaped here.
-    if request.path
-      # don't use CGI.unescape which mangles space handling
-      URI.unescape(request.path.encode(Encoding::UTF_8))
-    end
-  end
-  # return the request body
-  def body(request)
-    request.body.read
-  end
-  def client_cert(request)
-    # This environment variable is set by mod_ssl, note that it
-    # requires the `+ExportCertData` option in the `SSLOptions` directive
-    cert = request.env['SSL_CLIENT_CERT']
-    # NOTE: The SSL_CLIENT_CERT environment variable will be the empty string
-    # when Puppet agent nodes have not yet obtained a signed certificate.
-    if cert.nil? || cert.empty?
-      # When running with unicorn, the SSL_CLIENT_CERT variable is not available
-      # in the environment, therefore we have to pass a header: 'X-SSL-Client-Cert'
-      cert = request.env['HTTP_X_SSL_CLIENT_CERT']
-      if cert.nil? || cert.empty?
-        nil
-      else
-        # in contrast to the environment variable, the client cert is passed in
-        # as single string, therefore restore the certificate to a valid pem
-        # encoded certificate
-        cert.gsub!(/ /, "\n")
-        cert.gsub!(/BEGIN\nCERT/, "BEGIN CERT")
-        cert.gsub!(/END\nCERT/, "END CERT")
-        cert = Puppet::SSL::Certificate.from_instance(OpenSSL::X509::Certificate.new(cert))
-        cert
-      end
-    else
-      Puppet::SSL::Certificate.from_instance(OpenSSL::X509::Certificate.new(cert))
-    end
-  end
-  # Passenger freaks out if we finish handling the request without reading any
-  # part of the body, so make sure we have.
-  def cleanup(request)
-    request.body.read(1)
-    nil
-  end
-  def extract_client_info(request)
-    result = {}
-    result[:ip] = request.ip
-    # if we find SSL info in the headers, use them to get a hostname from the CN.
-    # try this with :ssl_client_header, which defaults should work for
-    # Apache with StdEnvVars.
-    subj_str = request.env[Puppet[:ssl_client_header]]
-    subject = Puppet::Util::SSL.subject_from_dn(subj_str || "")
-    if cn = Puppet::Util::SSL.cn_from_subject(subject)
-      result[:node] = cn
-      result[:authenticated] = (request.env[Puppet[:ssl_client_verify_header]] == 'SUCCESS')
-    else
-      result[:node] = resolve_node(result)
-      result[:authenticated] = false
-    end
-    result
-  end
-  def convert_singular_arrays_to_value(hash)
-    hash.each do |key, value|
-      if value.size == 1
-        hash[key] = value.first
-      end
-    end
-  end
-end

data/vendored/puppet/lib/puppet/network/http/webrick.rb DELETED

@@ -1,124 +0,0 @@
-require 'webrick'
-require 'webrick/https'
-require 'puppet/network/http/webrick/rest'
-require 'thread'
-require 'puppet/ssl/certificate'
-require 'puppet/ssl/certificate_revocation_list'
-require 'puppet/ssl/configuration'
-class Puppet::Network::HTTP::WEBrick
-  CIPHERS = "EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA"
-  def initialize
-    @listening = false
-  end
-  def listen(address, port)
-    @server = create_server(address, port)
-    @server.mount('/', Puppet::Network::HTTP::WEBrickREST)
-    raise _("WEBrick server is already listening") if @listening
-    @listening = true
-    @thread = Thread.new do
-      @server.start do |sock|
-        timeout = 10.0
-        if ! IO.select([sock],nil,nil,timeout)
-          raise _("Client did not send data within %{timeout} seconds of connecting") % { timeout: ("%.1f") % timeout }
-        end
-        sock.accept
-        @server.run(sock)
-      end
-    end
-    sleep 0.1 until @server.status == :Running
-  end
-  def unlisten
-    raise _("WEBrick server is not listening") unless @listening
-    @server.shutdown
-    wait_for_shutdown
-    @server = nil
-    @listening = false
-  end
-  def listening?
-    @listening
-  end
-  def wait_for_shutdown
-    @thread.join
-  end
-  # @api private
-  def create_server(address, port)
-    address = nil if address == '*'
-    arguments = {:BindAddress => address, :Port => port, :DoNotReverseLookup => true}
-    arguments.merge!(setup_logger)
-    arguments.merge!(setup_ssl)
-    BasicSocket.do_not_reverse_lookup = true
-    server = WEBrick::HTTPServer.new(arguments)
-    server.ssl_context.ciphers = CIPHERS
-    server
-  end
-  # Configure our http log file.
-  def setup_logger
-    # Make sure the settings are all ready for us.
-    Puppet.settings.use(:main, :ssl, :application)
-    file = Puppet[:masterhttplog]
-    # open the log manually to prevent file descriptor leak
-    # webrick logged strings may contain UTF-8
-    file_io = ::File.open(file, "a+:UTF-8")
-    file_io.sync = true
-    if defined?(Fcntl::FD_CLOEXEC)
-      file_io.fcntl(Fcntl::F_SETFD, Fcntl::FD_CLOEXEC)
-    end
-    args = [file_io]
-    args << WEBrick::Log::DEBUG if Puppet::Util::Log.level == :debug
-    logger = WEBrick::Log.new(*args)
-    return :Logger => logger, :AccessLog => [
-      [logger, WEBrick::AccessLog::COMMON_LOG_FORMAT ],
-      [logger, WEBrick::AccessLog::REFERER_LOG_FORMAT ]
-    ]
-  end
-  # Add all of the ssl cert information.
-  def setup_ssl
-    results = {}
-    # Get the cached copy.  We know it's been generated, too.
-    host = Puppet::SSL::Host.localhost
-    raise Puppet::Error, _("Could not retrieve certificate for %{host} and not running on a valid certificate authority") % { value0: host.name } unless host.certificate
-    results[:SSLPrivateKey] = host.key.content
-    results[:SSLCertificate] = host.certificate.content
-    results[:SSLStartImmediately] = false
-    results[:SSLEnable] = true
-    results[:SSLOptions] = OpenSSL::SSL::OP_NO_SSLv2 | OpenSSL::SSL::OP_NO_SSLv3
-    raise Puppet::Error, _("Could not find CA certificate") unless Puppet::SSL::Certificate.indirection.find(Puppet::SSL::CA_NAME)
-    results[:SSLCACertificateFile] = ssl_configuration.ca_auth_file
-    results[:SSLVerifyClient] = OpenSSL::SSL::VERIFY_PEER
-    results[:SSLCertificateStore] = host.ssl_store
-    results
-  end
-  private
-  def ssl_configuration
-    @ssl_configuration ||= Puppet::SSL::Configuration.new(
-      Puppet[:localcacert],
-      :ca_auth_file  => Puppet[:ssl_server_ca_auth])
-  end
-end

data/vendored/puppet/lib/puppet/network/http/webrick/rest.rb DELETED

@@ -1,114 +0,0 @@
-require 'puppet/network/http/handler'
-require 'resolv'
-require 'webrick'
-require 'webrick/httputils'
-require 'puppet/util/ssl'
-class Puppet::Network::HTTP::WEBrickREST < WEBrick::HTTPServlet::AbstractServlet
-  include Puppet::Network::HTTP::Handler
-  def self.mutex
-    @mutex ||= Mutex.new
-  end
-  def initialize(server)
-    raise ArgumentError, _("server is required") unless server
-    register([Puppet::Network::HTTP::API.master_routes,
-              Puppet::Network::HTTP::API.ca_routes,
-              Puppet::Network::HTTP::API.not_found_upgrade])
-    super(server)
-  end
-  # Retrieve the request parameters, including authentication information.
-  def params(request)
-    query = request.query || {}
-    params =
-        if request.request_method == "PUT"
-          # webrick doesn't look at the query string for PUT requests, it only
-          # looks at the body, and then only if the body has a content type that
-          # looks like url-encoded form data.  We need the query string data as well.
-          WEBrick::HTTPUtils.parse_query(request.query_string).merge(query)
-        else
-          query
-        end
-    params = Hash[params.collect do |key, value|
-      all_values = value.list
-      [key, all_values.length == 1 ? value : all_values]
-    end]
-    params = decode_params(params)
-    params.merge(client_information(request))
-  end
-  # WEBrick uses a service method to respond to requests.  Simply delegate to
-  # the handler response method.
-  def service(request, response)
-    self.class.mutex.synchronize do
-      process(request, response)
-    end
-  end
-  def headers(request)
-    result = {}
-    request.each do |k, v|
-      result[k.downcase] = v
-    end
-    result
-  end
-  def http_method(request)
-    request.request_method
-  end
-  def path(request)
-    request.path
-  end
-  def body(request)
-    request.body
-  end
-  def client_cert(request)
-    if cert = request.client_cert
-      Puppet::SSL::Certificate.from_instance(cert)
-    else
-      nil
-    end
-  end
-  # Set the specified format as the content type of the response.
-  def set_content_type(response, format)
-    response["content-type"] = format
-  end
-  def set_response(response, result, status = 200)
-    response.status = status
-    if status >= 200 and status != 304
-      response.body = result
-      response["content-length"] = result.stat.size if result.is_a?(File)
-    end
-  end
-  # Retrieve node/cert/ip information from the request object.
-  def client_information(request)
-    result = {}
-    if peer = request.peeraddr and ip = peer[3]
-      result[:ip] = ip
-    end
-    # If they have a certificate (which will almost always be true)
-    # then we get the hostname from the cert, instead of via IP
-    # info
-    result[:authenticated] = false
-    if cert = request.client_cert and cn = Puppet::Util::SSL.cn_from_subject(cert.subject)
-      result[:node] = cn
-      result[:authenticated] = true
-    else
-      result[:node] = resolve_node(result)
-    end
-    result
-  end
-end