chef 0.7.16 → 0.8.2

data/lib/chef/application/server.rb

@@ -15,4 +15,5 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-require 'chef/application'
+require 'chef/application'
+

data/lib/chef/application/solo.rb

@@ -20,7 +20,7 @@ require 'chef/client'
 require 'chef/config'
 require 'chef/daemon'
 require 'chef/log'
-require 'net/http'
+require 'chef/rest'
 require 'open-uri'
 require 'fileutils'
 
@@ -132,7 +132,13 @@ class Chef::Application::Solo < Chef::Application
     
     if Chef::Config[:json_attribs]
       begin
-          json_io = open(Chef::Config[:json_attribs])
+        json_io = case Chef::Config[:json_attribs]
+                  when /^(http|https):\/\//
+                    @rest = Chef::REST.new(Chef::Config[:json_attribs], nil, nil)
+                    @rest.get_rest(Chef::Config[:json_attribs], true).open
+                  else
+                    open(Chef::Config[:json_attribs])
+                  end
       rescue SocketError => error
         Chef::Application.fatal!("I cannot connect to #{Chef::Config[:json_attribs]}", 2)
       rescue Errno::ENOENT => error
@@ -145,6 +151,7 @@ class Chef::Application::Solo < Chef::Application
 
       begin
         @chef_solo_json = JSON.parse(json_io.read)
+        json_io.close unless json_io.closed?
       rescue JSON::ParserError => error
         Chef::Application.fatal!("Could not parse the provided JSON file (#{Chef::Config[:json_attribs]})!: " + error.message, 2)
       end

data/lib/chef/cache.rb

@@ -0,0 +1,61 @@
+#
+# Author:: Adam Jacob (<adam@opscode.com>)
+# Author:: Daniel DeLeo (<dan@kallistec.com>)
+# Copyright:: Copyright (c) 2009 Opscode, Inc.
+# Copyright:: Copyright (c) 2009 Daniel DeLeo
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# 
+#     http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/log'
+require 'chef/config'
+require 'chef/mixin/convert_to_class_name'
+require 'singleton'
+require 'moneta'
+
+class Chef 
+  class Cache
+    include Chef::Mixin::ConvertToClassName
+    include ::Singleton
+    
+    attr_reader :moneta
+    
+    def initialize(*args)
+      self.reset!(*args)
+    end
+    
+    def reset!(backend=nil, options=nil)
+      backend ||= Chef::Config[:cache_type]
+      options ||= Chef::Config[:cache_options]
+      
+      begin
+        require "moneta/#{convert_to_snake_case(backend, 'Moneta')}"
+      rescue LoadError => e
+        Chef::Log.fatal("Could not load Moneta back end #{backend.inspect}")
+        raise e
+      end
+     
+      @moneta = Moneta.const_get(backend).new(options)
+    end
+
+  end
+end
+
+module Moneta
+  module Defaults
+    def default
+      nil
+    end
+  end
+end

data/lib/chef/cache/checksum.rb

@@ -0,0 +1,70 @@
+#
+# Author:: Adam Jacob (<adam@opscode.com>)
+# Author:: Daniel DeLeo (<dan@kallistec.com>)
+# Copyright:: Copyright (c) 2009 Opscode, Inc.
+# Copyright:: Copyright (c) 2009 Daniel DeLeo
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# 
+#     http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/cache'
+
+class Chef
+  class Cache
+    class Checksum < Chef::Cache
+    
+      def self.checksum_for_file(*args)
+        instance.checksum_for_file(*args)
+      end
+      
+      def checksum_for_file(file)
+        key, fstat = filename_to_key(file), File.stat(file)
+        lookup_checksum(key, fstat) || generate_checksum(key, file, fstat)
+      end
+      
+      def lookup_checksum(key, fstat)
+        cached = @moneta.fetch(key)
+        if cached && file_unchanged?(cached, fstat)
+          cached["checksum"]
+        else
+          nil
+        end
+      end
+      
+      def generate_checksum(key, file, fstat)
+        checksum = checksum_file(file)
+        moneta.store(key, {"mtime" => fstat.mtime.to_f, "checksum" => checksum})
+        checksum
+      end
+      
+      private
+      
+      def file_unchanged?(cached, fstat)
+        cached["mtime"].to_f == fstat.mtime.to_f
+      end
+      
+      def checksum_file(file)
+        digest = Digest::SHA256.new
+        IO.foreach(file) {|line| digest.update(line) }
+        digest.hexdigest
+      end
+      
+      def filename_to_key(file)
+        "chef-file-#{file.gsub(/(#{File::SEPARATOR}|\.)/, '-')}"
+      end
+
+    end
+  end
+end
+

data/lib/chef/certificate.rb

@@ -0,0 +1,154 @@
+#
+# Author:: Adam Jacob (<adam@opscode.com>)
+# Author:: Christopher Brown (<cb@opscode.com>)
+# Copyright:: Copyright (c) 2009 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/log'
+require 'chef/config'
+require 'chef/api_client'
+require 'openssl'
+require 'fileutils'
+
+class Chef
+  class Certificate
+    class << self
+  
+      # Generates a new CA Certificate and Key, and writes them out to
+      # Chef::Config[:signing_ca_cert] and Chef::Config[:signing_ca_key].
+      def generate_signing_ca
+        ca_cert_file = Chef::Config[:signing_ca_cert]
+        ca_keypair_file = Chef::Config[:signing_ca_key] 
+
+        unless File.exists?(ca_cert_file) && File.exists?(ca_keypair_file)
+          Chef::Log.info("Creating new signing certificate")
+        
+          [ ca_cert_file, ca_keypair_file ].each do |f|
+            ca_basedir = File.dirname(f)
+            FileUtils.mkdir_p ca_basedir
+          end
+
+          keypair = OpenSSL::PKey::RSA.generate(1024)
+
+          ca_cert = OpenSSL::X509::Certificate.new
+          ca_cert.version = 3
+          ca_cert.serial = 1
+          info = [
+            ["C", Chef::Config[:signing_ca_country]], 
+            ["ST", Chef::Config[:signing_ca_state]], 
+            ["L", Chef::Config[:signing_ca_location]], 
+            ["O", Chef::Config[:signing_ca_org]],
+            ["OU", "Certificate Service"], 
+            ["CN", "#{Chef::Config[:signing_ca_domain]}/emailAddress=#{Chef::Config[:signing_ca_email]}"]
+          ]
+          ca_cert.subject = ca_cert.issuer = OpenSSL::X509::Name.new(info)
+          ca_cert.not_before = Time.now
+          ca_cert.not_after = Time.now + 10 * 365 * 24 * 60 * 60 # 10 years
+          ca_cert.public_key = keypair.public_key
+
+          ef = OpenSSL::X509::ExtensionFactory.new
+          ef.subject_certificate = ca_cert
+          ef.issuer_certificate = ca_cert
+          ca_cert.extensions = [
+                  ef.create_extension("basicConstraints", "CA:TRUE", true),
+                  ef.create_extension("subjectKeyIdentifier", "hash"),
+                  ef.create_extension("keyUsage", "cRLSign,keyCertSign", true),
+          ]
+          ca_cert.add_extension ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always")
+          ca_cert.sign keypair, OpenSSL::Digest::SHA1.new
+
+          File.open(ca_cert_file, "w") { |f| f.write ca_cert.to_pem }
+          File.open(ca_keypair_file, "w") { |f| f.write keypair.to_pem }
+        end
+        self
+      end
+
+      # Creates a new key pair, and signs them with the signing certificate
+      # and key generated from generate_signing_ca above.  
+      #
+      # @param [String] The common name for the key pair.
+      # @param [Optional String] The subject alternative name.
+      # @return [Object, Object] The public and private key objects.
+      def gen_keypair(common_name, subject_alternative_name = nil)
+
+        Chef::Log.info("Creating new key pair for #{common_name}")
+
+        # generate client keypair
+        client_keypair = OpenSSL::PKey::RSA.generate(2048)
+
+        client_cert = OpenSSL::X509::Certificate.new
+
+        ca_cert = OpenSSL::X509::Certificate.new(File.read(Chef::Config[:signing_ca_cert]))
+
+        info = [
+          ["C", Chef::Config[:signing_ca_country]], 
+          ["ST", Chef::Config[:signing_ca_state]], 
+          ["L", Chef::Config[:signing_ca_location]], 
+          ["O", Chef::Config[:signing_ca_org]],
+          ["OU", "Certificate Service"], 
+          ["CN", common_name ]
+        ]
+
+        client_cert.subject = OpenSSL::X509::Name.new(info)
+        client_cert.issuer = ca_cert.subject
+        client_cert.not_before = Time.now
+        client_cert.not_after = Time.now + 10 * 365 * 24 * 60 * 60 # 10 years
+        client_cert.public_key = client_keypair.public_key
+        client_cert.serial = 1
+        client_cert.version = 3
+
+        ef = OpenSSL::X509::ExtensionFactory.new
+        ef.subject_certificate = client_cert
+        ef.issuer_certificate = ca_cert
+
+        client_cert.extensions = [
+                ef.create_extension("basicConstraints", "CA:FALSE", true),
+                ef.create_extension("subjectKeyIdentifier", "hash")
+        ]
+        client_cert.add_extension ef.create_extension("subjectAltName", subject_alternative_name) if subject_alternative_name
+
+        client_cert.sign(OpenSSL::PKey::RSA.new(File.read(Chef::Config[:signing_ca_key])), OpenSSL::Digest::SHA1.new)
+
+        return client_cert.public_key, client_keypair
+      end
+
+      def gen_validation_key(name=Chef::Config[:validation_client_name], key_file=Chef::Config[:validation_key])
+        # Create the validation key
+        create_key = false 
+        begin
+          c = Chef::ApiClient.cdb_load(name)
+        rescue Chef::Exceptions::CouchDBNotFound
+          create_key = true
+        end
+
+        if create_key
+          Chef::Log.info("Creating validation key...")
+          api_client = Chef::ApiClient.new
+          api_client.name(name)
+          api_client.admin(true)
+          api_client.create_keys
+          api_client.cdb_save
+          key_dir = File.dirname(key_file)
+          FileUtils.mkdir_p(key_dir) unless File.directory?(key_dir)
+          File.open(key_file, File::WRONLY|File::EXCL|File::CREAT, 0600) do |f|
+            f.print(api_client.private_key)
+          end
+        end
+      end
+
+    end
+  end
+end

data/lib/chef/client.rb

@@ -1,6 +1,7 @@
 #
 # Author:: Adam Jacob (<adam@opscode.com>)
 # Author:: Christopher Walters (<cw@opscode.com>)
+# Author:: Christopher Brown (<cb@opscode.com>)
 # Copyright:: Copyright (c) 2008 Opscode, Inc.
 # License:: Apache License, Version 2.0
 #
@@ -36,20 +37,25 @@ class Chef
     include Chef::Mixin::GenerateURL
     include Chef::Mixin::Checksum
     
-    attr_accessor :node, :registration, :safe_name, :json_attribs, :validation_token, :node_name, :ohai
+    attr_accessor :node, :registration, :json_attribs, :validation_token, :node_name, :ohai, :rest
     
     # Creates a new Chef::Client.
     def initialize()
       @node = nil
-      @safe_name = nil
       @validation_token = nil
       @registration = nil
       @json_attribs = nil
       @node_name = nil
-      @node_exists = true 
-      Ohai::Log.logger = Chef::Log.logger
+      @node_exists = true
       @ohai = Ohai::System.new
-      @rest = Chef::REST.new(Chef::Config[:registration_url])
+      Chef::Log.verbose = Chef::Config[:verbose_logging]
+      Mixlib::Authentication::Log.logger = Ohai::Log.logger = Chef::Log.logger
+      @ohai_has_run = false
+      @rest = if File.exists?(Chef::Config[:client_key])
+                Chef::REST.new(Chef::Config[:chef_server_url])
+              else
+                Chef::REST.new(Chef::Config[:chef_server_url], nil, nil)
+              end
     end
     
     # Do a full run for this Chef::Client.  Calls:
@@ -76,15 +82,9 @@ class Chef
       
       determine_node_name
       register
-      authenticate
       build_node(@node_name)
       save_node
-      sync_library_files
-      sync_provider_files
-      sync_resource_files
-      sync_attribute_files
-      sync_definitions
-      sync_recipes
+      sync_cookbooks
       save_node
       converge
       save_node
@@ -115,18 +115,22 @@ class Chef
     end
 
     def run_ohai
-      if @ohai.keys
-        @ohai.refresh_plugins
+      if ohai.keys
+        ohai.refresh_plugins
       else
-        @ohai.all_plugins
+        ohai.all_plugins
       end
     end
 
     def determine_node_name
-      run_ohai
-      unless safe_name && node_name
-        @node_name ||= @ohai[:fqdn] ? @ohai[:fqdn] : @ohai[:hostname]
-        @safe_name = @node_name.gsub(/\./, '_')
+      run_ohai      
+      unless node_name
+        if Chef::Config[:node_name]
+          @node_name = Chef::Config[:node_name]
+        else
+          @node_name ||= ohai[:fqdn] ? ohai[:fqdn] : ohai[:hostname]
+          Chef::Config[:node_name] = @node_name
+        end
       end
       @node_name
     end
@@ -142,37 +146,24 @@ class Chef
     def build_node(node_name=nil, solo=false)
       node_name ||= determine_node_name
       raise RuntimeError, "Unable to determine node name from ohai" unless node_name
-      Chef::Log.debug("Building node object for #{@safe_name}")
+      Chef::Log.debug("Building node object for #{@node_name}")
+
       unless solo
-        begin
-          @node = @rest.get_rest("nodes/#{@safe_name}")
-        rescue Net::HTTPServerException => e
-          unless e.message =~ /^404/
-            raise e
-          end
-        end
+        @node = begin
+                  rest.get_rest("nodes/#{@node_name}")
+                rescue Net::HTTPServerException => e
+                  raise unless e.message =~ /^404/
+                end
       end
+      
       unless @node
         @node_exists = false
         @node ||= Chef::Node.new
         @node.name(node_name)
       end
-      if @json_attribs
-        Chef::Log.debug("Adding JSON Attributes")
-        @json_attribs.each do |key, value|
-          if key == "recipes" || key == "run_list"
-            value.each do |recipe|
-              unless @node.recipes.detect { |r| r == recipe }
-                Chef::Log.debug("Adding recipe #{recipe}")
-                @node.recipes << recipe
-              end
-            end
-          else
-            Chef::Log.debug("JSON Attribute: #{key} - #{value.inspect}")
-            @node[key] = value
-          end
-        end
-      end
+      
+      @node.consume_attributes(@json_attribs)
+      
       ohai.each do |field, value|
         Chef::Log.debug("Ohai Attribute: #{field} - #{value.inspect}")
         @node[field] = value
@@ -181,69 +172,21 @@ class Chef
       Chef::Log.debug("Platform is #{platform} version #{version}")
       @node[:platform] = platform
       @node[:platform_version] = version
-      @node[:tags] = Array.new unless @node.attribute?(:tags)
       @node
     end
-    
-    # If this node has been registered before, this method will fetch the current registration
-    # data.
-    #
-    # If it has not, we register it by calling create_registration.
-    #
+   
+    # 
     # === Returns
-    # true:: Always returns true
+    # rest<Chef::REST>:: returns Chef::REST connection object
     def register
-      determine_node_name unless @node_name
-      Chef::Log.debug("Registering #{@safe_name} for an openid") 
-      
-      begin
-        if @rest.get_rest("registrations/#{@safe_name}")
-          @secret = Chef::FileCache.load(File.join("registration", @safe_name))
-        end
-      rescue Net::HTTPServerException => e
-        case e.message
-        when /^404/
-          create_registration
-        else
-          raise
-        end
-      rescue Chef::Exceptions::FileNotFound
-        Chef::Application.fatal! "A remote registration already exists for #{@safe_name}, however the local shared secret does not exist." +
-          " To remedy this, you could delete the registration via webUI/REST, change the node_name option in config.rb" +
-          " (or use the -N/--node-name option to the CLI) or" +
-          " copy the old shared secret to #{File.join(Chef::Config[:file_cache_path], 'registration', @safe_name)}", 3
+      if File.exists?(Chef::Config[:client_key])
+        Chef::Log.debug("Client key #{Chef::Config[:client_key]} is present - skipping registration")
+      else
+        Chef::Log.info("Client key #{Chef::Config[:client_key]} is not present - registering")
+        Chef::REST.new(Chef::Config[:client_url], Chef::Config[:validation_client_name], Chef::Config[:validation_key]).register(@node_name, Chef::Config[:client_key])
       end
-
-      true
-    end
-    
-    # Generates a random secret, stores it in the Chef::Filestore with the "registration" key,
-    # and posts our nodes registration information to the server.
-    #
-    # === Returns
-    # true:: Always returns true
-    def create_registration
-      @secret = random_password(500)
-      Chef::FileCache.store(File.join("registration", @safe_name), @secret)
-      @rest.post_rest("registrations", { :id => @safe_name, :password => @secret, :validation_token => @validation_token })
-      true
-    end
-    
-    # Authenticates the node via OpenID.
-    #
-    # === Returns
-    # true:: Always returns true
-    def authenticate
-      determine_node_name unless @node_name
-      Chef::Log.debug("Authenticating #{@safe_name} via openid") 
-      response = @rest.post_rest('openid/consumer/start', { 
-        "openid_identifier" => "#{Chef::Config[:openid_url]}/openid/server/node/#{@safe_name}",
-        "submit" => "Verify"
-      })
-      @rest.post_rest(
-        "#{Chef::Config[:openid_url]}#{response["action"]}",
-        { "password" => @secret }
-      )
+      # We now have the client key, and should use it from now on.
+      self.rest = Chef::REST.new(Chef::Config[:chef_server_url])
     end
     
     # Update the file caches for a given cache segment.  Takes a segment name
@@ -253,54 +196,64 @@ class Chef
     # === Parameters
     # segment<String>:: The cache segment to update
     # remote_list<Hash>:: A cookbooks/_attribute_files style remote file listing
-    def update_file_cache(segment, remote_list)  
-      # We need the list of known good attribute files, so we can delete any that are
-      # just laying about.
+    def update_file_cache(cookbook_name, parts)  
+      Chef::Log.debug("Synchronizing cookbook #{cookbook_name}")
+
       file_canonical = Hash.new
-      
-      remote_list.each do |rf|
-        cache_file = File.join("cookbooks", rf['cookbook'], segment, rf['name'])
-        file_canonical[cache_file] = true
 
-        # For back-compat between older clients and new chef servers
-        rf['checksum'] ||= nil 
-      
-        current_checksum = nil
-        if Chef::FileCache.has_key?(cache_file)
-          current_checksum = checksum(Chef::FileCache.load(cache_file, false))
-        end
+      [ "recipes", "attributes", "definitions", "libraries", "resources", "providers" ].each do |segment|
+        remote_list = parts.has_key?(segment) ? parts[segment] : []
 
-        rf_url = generate_cookbook_url(
-          rf['name'], 
-          rf['cookbook'], 
-          segment, 
-          @node, 
-          current_checksum ? { 'checksum' => current_checksum } : nil
-        )
-        Chef::Log.debug(rf_url)
+        # segement = cookbook segment
+        # remote_list = list of file hashes
+        #
+        # We need the list of known good attribute files, so we can delete any that are
+        # just laying about.
+        
+        remote_list.each do |rf|
+          cache_file = File.join("cookbooks", cookbook_name, segment, rf['name'])
+          file_canonical[cache_file] = true
 
-        if current_checksum != rf['checksum']
-          changed = true
-          begin
-            raw_file = @rest.get_rest(rf_url, true)
-          rescue Net::HTTPRetriableError => e
-            if e.response.kind_of?(Net::HTTPNotModified)
-              changed = false
-              Chef::Log.debug("Cache file #{cache_file} is unchanged")
-            else
-              raise e
-            end
+          # For back-compat between older clients and new chef servers
+          rf['checksum'] ||= nil 
+        
+          current_checksum = nil
+          if Chef::FileCache.has_key?(cache_file)
+            current_checksum = checksum(Chef::FileCache.load(cache_file, false))
           end
 
-          if changed
-            Chef::Log.info("Storing updated #{cache_file} in the cache.")
-            Chef::FileCache.move_to(raw_file.path, cache_file)
+          if current_checksum != rf['checksum']
+            rf_url = generate_cookbook_url(
+              rf['name'], 
+              cookbook_name, 
+              segment, 
+              @node, 
+              current_checksum ? { 'checksum' => current_checksum } : nil
+            )
+
+            changed = true
+            begin
+              raw_file = rest.get_rest(rf_url, true)
+            rescue Net::HTTPRetriableError => e
+              if e.response.kind_of?(Net::HTTPNotModified)
+                changed = false
+                Chef::Log.debug("Cache file #{cache_file} is unchanged")
+              else
+                raise e
+              end
+            end
+
+            if changed
+              Chef::Log.info("Storing updated #{cache_file} in the cache.")
+              Chef::FileCache.move_to(raw_file.path, cache_file)
+            end
           end
         end
+
       end
-      
+
       Chef::FileCache.list.each do |cache_file|
-        if cache_file.match("cookbooks/.+?/#{segment}")
+        if cache_file =~ /^cookbooks\/#{cookbook_name}\/(recipes|attributes|definitions|libraries|resources|providers)\//
           unless file_canonical[cache_file]
             Chef::Log.info("Removing #{cache_file} from the cache; it is no longer on the server.")
             Chef::FileCache.delete(cache_file)
@@ -309,69 +262,26 @@ class Chef
       end
       
     end
-    
-    # Gets all the attribute files included in all the cookbooks available on the server,
-    # and executes them.
-    #
-    # === Returns
-    # true:: Always returns true
-    def sync_attribute_files
-      Chef::Log.debug("Synchronizing attributes")
-      update_file_cache("attributes", @rest.get_rest("cookbooks/_attribute_files?node=#{@node.name}"))
-      true
-    end
-    
-    # Gets all the library files included in all the cookbooks available on the server,
-    # and loads them.
-    #
-    # === Returns
-    # true:: Always returns true
-    def sync_library_files
-      Chef::Log.debug("Synchronizing libraries")
-      update_file_cache("libraries", @rest.get_rest("cookbooks/_library_files?node=#{@node.name}"))
-      true
-    end
-
-    # Gets all the provider files included in all the cookbooks available on the server,
-    # and loads them.
-    #
-    # === Returns
-    # true:: Always returns true
-    def sync_provider_files
-      Chef::Log.debug("Synchronizing providers") 
-      update_file_cache("providers", @rest.get_rest("cookbooks/_provider_files?node=#{@node.name}"))
-      true
-    end
-    
-    # Gets all the resource files included in all the cookbooks available on the server,
-    # and loads them.
-    #
-    # === Returns
-    # true:: Always returns true
-    def sync_resource_files
-      Chef::Log.debug("Synchronizing resources")
-      update_file_cache("resources", @rest.get_rest("cookbooks/_resource_files?node=#{@node.name}"))
-      true
-    end
 
-    # Gets all the definition files included in all the cookbooks available on the server,
-    # and loads them.
-    #
-    # === Returns
-    # true:: Always returns true
-    def sync_definitions
-      Chef::Log.debug("Synchronizing definitions") 
-      update_file_cache("definitions", @rest.get_rest("cookbooks/_definition_files?node=#{@node.name}"))
-    end
-    
-    # Gets all the recipe files included in all the cookbooks available on the server,
-    # and loads them.
+    # Synchronizes all the cookbooks from the chef-server.
     #
     # === Returns
     # true:: Always returns true
-    def sync_recipes
-      Chef::Log.debug("Synchronizing recipes")
-      update_file_cache("recipes", @rest.get_rest("cookbooks/_recipe_files?node=#{@node.name}"))
+    def sync_cookbooks
+      Chef::Log.debug("Synchronizing cookbooks")
+      cookbook_hash = rest.get_rest("nodes/#{@node_name}/cookbooks")
+      Chef::Log.debug("Cookbooks to load: #{cookbook_hash.inspect}")
+      Chef::FileCache.list.each do |cache_file|
+        if cache_file =~ /^cookbooks\/(.+?)\//
+          unless cookbook_hash.has_key?($1)
+            Chef::Log.info("Removing #{cache_file} from the cache; it's cookbook is no longer needed on this client.")
+            Chef::FileCache.delete(cache_file) 
+          end
+        end
+      end
+      cookbook_hash.each do |cookbook_name, parts|
+        update_file_cache(cookbook_name, parts)
+      end
     end
     
     # Updates the current node configuration on the server.
@@ -379,15 +289,18 @@ class Chef
     # === Returns
     # true:: Always returns true
     def save_node
-      Chef::Log.debug("Saving the current state of node #{@safe_name}")
-      if @node_exists
-        @node = @rest.put_rest("nodes/#{@safe_name}", @node)
-      else
-        result = @rest.post_rest("nodes", @node)
-        @node = @rest.get_rest(result['uri'])
-        @node_exists = true
-      end
-      true
+      Chef::Log.debug("Saving the current state of node #{@node_name}")
+      @node = begin
+                if @node_exists
+                  rest.put_rest("nodes/#{@node_name}", @node)
+                else
+                  result = rest.post_rest("nodes", @node)
+                  @node_exists = true
+                  rest.get_rest(result['uri'])
+                end
+              rescue
+                nil
+              end
     end
     
     # Compiles the full list of recipes for the server, and passes it to an instance of
@@ -396,26 +309,16 @@ class Chef
     # === Returns
     # true:: Always returns true
     def converge(solo=false)
-      Chef::Log.debug("Compiling recipes for node #{@safe_name}")
+      Chef::Log.debug("Compiling recipes for node #{@node_name}")
       unless solo
         Chef::Config[:cookbook_path] = File.join(Chef::Config[:file_cache_path], "cookbooks")
       end
       compile = Chef::Compile.new(@node)
       
-      Chef::Log.debug("Converging node #{@safe_name}")
-      cr = Chef::Runner.new(@node, compile.collection, compile.definitions, compile.cookbook_loader)
-      cr.converge
+      Chef::Log.debug("Converging node #{@node_name}")
+      Chef::Runner.new(@node, compile.collection, compile.definitions, compile.cookbook_loader).converge
       true
     end
-        
-    protected
-      # Generates a random password of "len" length.
-      def random_password(len)
-        chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
-        newpass = ""
-        1.upto(len) { |i| newpass << chars[rand(chars.size-1)] }
-        newpass
-      end
 
   end
 end