facter 3.9.6.cfacter.20180612 → 3.11.0.cfacter.20180319

data/ext/facter/facter/lib/src/cwrapper.cc

@@ -30,7 +30,12 @@ uint8_t get_default_facts(char **result) {
 
         auto json_facts = stream.str();
         auto l = json_facts.length()+1;
+
         *result = static_cast<char*>(malloc(sizeof(char)*l));
+        if (*result == nullptr) {
+            return EXIT_FAILURE;
+        }
+
         strncpy(*result, json_facts.c_str(), l);
     } catch (const std::exception&) {
         return EXIT_FAILURE;

data/ext/facter/facter/lib/src/facts/aix/disk_resolver.cc

@@ -36,18 +36,9 @@ namespace facter { namespace facts { namespace aix {
 
                 {
                     string device = (boost::format("/dev/%1%") % d.name).str();
-                    auto descriptor = open(device.c_str(), O_RDONLY);
-                    if (descriptor < 0) {
-                        LOG_DEBUG("Could not open device %1% for reading: %2% (%3%). Disk facts will not be populated for this device", d.name, strerror(errno), errno);
-                        continue;
-                    }
-                    scoped_descriptor fd(descriptor);
+                    scoped_descriptor fd(open(device.c_str(), O_RDONLY));
                     devinfo info;
-                    auto result = ioctl(fd, IOCINFO, &info);
-                    if (result < 0) {
-                        LOG_DEBUG("Ioctl IOCINFO failed for device %1%: %2% (%3%). Disk facts will not be populated for this device", d.name, strerror(errno), errno);
-                        continue;
-                    }
+                    ioctl(fd, IOCINFO, &info);
                     switch (info.devtype) {
                     case DD_DISK:
                     case DD_SCDISK:

data/ext/facter/facter/lib/src/facts/aix/networking_resolver.cc

@@ -241,10 +241,5 @@ namespace facter { namespace facts { namespace aix {
         return nullptr;
     }
 
-    uint8_t networking_resolver::get_link_address_length(const sockaddr * addr) const
-    {
-        return 0;
-    }
-
 
 }}}  // namespace facter::facts::aix

data/ext/facter/facter/lib/src/facts/freebsd/dmi_resolver.cc

@@ -20,6 +20,10 @@ namespace facter { namespace facts { namespace freebsd {
             result.product_name = result.bios_vendor;
         }
         result.manufacturer = kenv_lookup("smbios.system.maker");
+        // Fix for Proxmox VMs
+        if (result.manufacturer == "QEMU") {
+            result.product_name = "KVM";
+        }
 
         return result;
     }
@@ -30,7 +34,7 @@ namespace facter { namespace facts { namespace freebsd {
 
         LOG_DEBUG("kenv lookup for {1}", file);
         if (kenv(KENV_GET, file, buffer, sizeof(buffer) - 1) == -1) {
-            LOG_WARNING("kenv lookup for {1} failed: {2} ({3})", file, strerror(errno), errno);
+            LOG_INFO("kenv lookup for {1} failed: {2} ({3})", file, strerror(errno), errno);
             return "";
         }
         return buffer;

data/ext/facter/facter/lib/src/facts/freebsd/networking_resolver.cc

@@ -27,21 +27,12 @@ namespace facter { namespace facts { namespace freebsd {
             return nullptr;
         }
         sockaddr_dl const* link_addr = reinterpret_cast<sockaddr_dl const*>(addr);
-        if (link_addr->sdl_alen != 6 && link_addr->sdl_alen != 20) {
+        if (link_addr->sdl_alen != 6) {
             return nullptr;
         }
         return reinterpret_cast<uint8_t const*>(LLADDR(link_addr));
      }
 
-    uint8_t networking_resolver::get_link_address_length(sockaddr const* addr) const
-    {
-        if (!is_link_address(addr)) {
-            return 0;
-        }
-        sockaddr_dl const* link_addr = reinterpret_cast<sockaddr_dl const*>(addr);
-        return link_addr->sdl_alen;
-    }
-
     boost::optional<uint64_t> networking_resolver::get_link_mtu(string const& interface, void* data) const
     {
         ifreq ifr;

data/ext/facter/facter/lib/src/facts/freebsd/virtualization_resolver.cc

@@ -20,10 +20,7 @@ namespace facter { namespace facts { namespace freebsd {
         string value = get_jail_vm();
 
         if (value.empty()) {
-            auto product_name = facts.get<string_value>(fact::product_name);
-            if (product_name) {
-                value = get_product_name_vm(product_name->value());
-            }
+            value = get_fact_vm(facts);
         }
 
         return value;

data/ext/facter/facter/lib/src/facts/linux/collection.cc

@@ -14,6 +14,7 @@
 #include <internal/facts/linux/memory_resolver.hpp>
 #include <internal/facts/glib/load_average_resolver.hpp>
 #include <internal/facts/posix/xen_resolver.hpp>
+#include <internal/facts/linux/fips_resolver.hpp>
 
 
 using namespace std;
@@ -37,6 +38,7 @@ namespace facter { namespace facts {
         add(make_shared<linux::memory_resolver>());
         add(make_shared<glib::load_average_resolver>());
         add(make_shared<posix::xen_resolver>());
+        add(make_shared<linux::fips_resolver>());
     }
 
 }}  // namespace facter::facts

data/ext/facter/facter/lib/src/facts/linux/fips_resolver.cc

@@ -0,0 +1,31 @@
+#include <internal/facts/linux/fips_resolver.hpp>
+#include <leatherman/file_util/file.hpp>
+#include <boost/algorithm/string.hpp>
+#include <boost/lexical_cast.hpp>
+
+using namespace std;
+
+using boost::lexical_cast;
+using boost::bad_lexical_cast;
+
+namespace lth_file = leatherman::file_util;
+
+namespace facter { namespace facts { namespace linux {
+
+    fips_resolver::data fips_resolver::collect_data(collection& facts)
+    {
+        data result;
+
+        // Set a safe default
+        result.is_fips_mode_enabled = false;
+
+        lth_file::each_line("/proc/sys/crypto/fips_enabled", [&](string& line) {
+            boost::trim(line);
+            result.is_fips_mode_enabled = line != "0";
+
+            return true;
+        });
+        return result;
+    }
+
+}}}  // namespace facter::facts::linux

data/ext/facter/facter/lib/src/facts/linux/networking_resolver.cc

@@ -67,21 +67,12 @@ namespace facter { namespace facts { namespace linux {
             return nullptr;
         }
         sockaddr_ll const* link_addr = reinterpret_cast<sockaddr_ll const*>(addr);
-        if (link_addr->sll_halen != 6 && link_addr->sll_halen != 20) {
+        if (link_addr->sll_halen != 6) {
             return nullptr;
         }
         return reinterpret_cast<uint8_t const*>(link_addr->sll_addr);
     }
 
-    uint8_t networking_resolver::get_link_address_length(sockaddr const* addr) const
-    {
-        if (!is_link_address(addr)) {
-            return 0;
-        }
-        sockaddr_ll const* link_addr = reinterpret_cast<sockaddr_ll const*>(addr);
-        return link_addr->sll_halen;
-    }
-
     boost::optional<uint64_t> networking_resolver::get_link_mtu(string const& interface, void* data) const
     {
         // Unfortunately in Linux, the data points at interface statistics

data/ext/facter/facter/lib/src/facts/openbsd/networking_resolver.cc

@@ -27,21 +27,12 @@ namespace facter { namespace facts { namespace openbsd {
             return nullptr;
         }
         sockaddr_dl const* link_addr = reinterpret_cast<sockaddr_dl const*>(addr);
-        if (link_addr->sdl_alen != 6 && link_addr->sdl_alen != 20) {
+        if (link_addr->sdl_alen != 6) {
             return nullptr;
         }
         return reinterpret_cast<uint8_t const*>(LLADDR(link_addr));
      }
 
-    uint8_t networking_resolver::get_link_address_length(sockaddr const* addr) const
-    {
-        if (!is_link_address(addr)) {
-            return 0;
-        }
-        sockaddr_dl const* link_addr = reinterpret_cast<sockaddr_dl const*>(addr);
-        return link_addr->sdl_alen;
-    }
-
     boost::optional<uint64_t> networking_resolver::get_link_mtu(string const& interface, void* data) const
     {
         ifreq ifr;

data/ext/facter/facter/lib/src/facts/osx/networking_resolver.cc

@@ -23,21 +23,12 @@ namespace facter { namespace facts { namespace osx {
             return nullptr;
         }
         sockaddr_dl const* link_addr = reinterpret_cast<sockaddr_dl const*>(addr);
-        if (link_addr->sdl_alen != 6 && link_addr->sdl_alen != 20) {
+        if (link_addr->sdl_alen != 6) {
             return nullptr;
         }
         return reinterpret_cast<uint8_t const*>(LLADDR(link_addr));
     }
 
-    uint8_t networking_resolver::get_link_address_length(sockaddr const* addr) const
-    {
-        if (!is_link_address(addr)) {
-            return 0;
-        }
-        sockaddr_dl const* link_addr = reinterpret_cast<sockaddr_dl const*>(addr);
-        return link_addr->sdl_alen;
-    }
-
     boost::optional<uint64_t> networking_resolver::get_link_mtu(string const& interface, void* data) const
     {
         if (!data) {

data/ext/facter/facter/lib/src/facts/posix/networking_resolver.cc

@@ -49,9 +49,8 @@ namespace facter { namespace facts { namespace posix {
             return buffer;
         } else if (is_link_address(addr)) {
             auto link_addr = get_link_address_bytes(addr);
-            uint8_t link_addr_len = get_link_address_length(addr);
             if (link_addr) {
-                return macaddress_to_string(reinterpret_cast<uint8_t const*>(link_addr), link_addr_len);
+                return macaddress_to_string(reinterpret_cast<uint8_t const*>(link_addr));
             }
         }
 
@@ -69,7 +68,7 @@ namespace facter { namespace facts { namespace posix {
         }
         // Get the hostname (+1 to ensure a null is returned on platforms where maximum truncation may occur)
         vector<char> name(size + 1);
-        if (gethostname(name.data(), size) != 0) {
+        if (gethostname(name.data(), size + 1) != 0) {
             LOG_WARNING("gethostname failed: {1} ({2}): hostname is unavailable.", strerror(errno), errno);
         } else {
             // Check for fully-qualified hostname

data/ext/facter/facter/lib/src/facts/posix/ssh_resolver.cc

@@ -72,7 +72,7 @@ namespace facter { namespace facts { namespace posix {
             return;
         }
 
-        // The SSH file format should be <algo> <key> <hostname>
+        // The SSH public key file format is <algo> <key> <comment>
         vector<boost::iterator_range<string::iterator>> parts;
         boost::split(parts, contents, boost::is_any_of(" "), boost::token_compress_on);
         if (parts.size() < 2) {
@@ -80,7 +80,8 @@ namespace facter { namespace facts { namespace posix {
             return;
         }
 
-        // Assign the key
+        // Assign the key and its type
+        key.type.assign(parts[0].begin(), parts[0].end());
         key.key.assign(parts[1].begin(), parts[1].end());
 
         // Only fingerprint if we are using OpenSSL

data/ext/facter/facter/lib/src/facts/resolvers/fips_resolver.cc

@@ -0,0 +1,23 @@
+#include <internal/facts/resolvers/fips_resolver.hpp>
+#include <facter/facts/collection.hpp>
+#include <facter/facts/fact.hpp>
+#include <facter/facts/map_value.hpp>
+#include <facter/facts/scalar_value.hpp>
+
+using namespace std;
+using namespace facter::facts;
+
+namespace facter { namespace facts { namespace resolvers {
+
+    fips_resolver::fips_resolver() :
+        resolver("fips", {fact::fips_enabled})
+    {
+    }
+
+    void fips_resolver::resolve(collection& facts)
+    {
+        auto data = collect_data(facts);
+        facts.add(fact::fips_enabled, make_value<boolean_value>(data.is_fips_mode_enabled));
+    }
+
+}}}  // namespace facter::facts::resolvers

data/ext/facter/facter/lib/src/facts/resolvers/networking_resolver.cc

@@ -151,15 +151,15 @@ namespace facter { namespace facts { namespace resolvers {
         }
     }
 
-    string networking_resolver::macaddress_to_string(uint8_t const* bytes, uint8_t byte_count)
+    string networking_resolver::macaddress_to_string(uint8_t const* bytes)
     {
-        if (!bytes || (byte_count != 6 && byte_count != 20)) {
+        if (!bytes) {
             return {};
         }
 
         // Ignore MAC address "0"
         bool nonzero = false;
-        for (size_t i = 0; i < byte_count; ++i) {
+        for (size_t i = 0; i < 6; ++i) {
             if (bytes[i] != 0) {
                 nonzero = true;
                 break;
@@ -169,26 +169,10 @@ namespace facter { namespace facts { namespace resolvers {
             return {};
         }
 
-        if (byte_count == 6) {
-            return (boost::format("%02x:%02x:%02x:%02x:%02x:%02x") %
-                    static_cast<int>(bytes[0]) % static_cast<int>(bytes[1]) %
-                    static_cast<int>(bytes[2]) % static_cast<int>(bytes[3]) %
-                    static_cast<int>(bytes[4]) % static_cast<int>(bytes[5])).str();
-        } else if (byte_count == 20) {
-            return (boost::format("%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x") %
-                    static_cast<int>(bytes[0]) % static_cast<int>(bytes[1]) %
-                    static_cast<int>(bytes[2]) % static_cast<int>(bytes[3]) %
-                    static_cast<int>(bytes[4]) % static_cast<int>(bytes[5]) %
-                    static_cast<int>(bytes[6]) % static_cast<int>(bytes[7]) %
-                    static_cast<int>(bytes[8]) % static_cast<int>(bytes[9]) %
-                    static_cast<int>(bytes[10]) % static_cast<int>(bytes[11]) %
-                    static_cast<int>(bytes[12]) % static_cast<int>(bytes[13]) %
-                    static_cast<int>(bytes[14]) % static_cast<int>(bytes[15]) %
-                    static_cast<int>(bytes[16]) % static_cast<int>(bytes[17]) %
-                    static_cast<int>(bytes[18]) % static_cast<int>(bytes[19])).str();
-        } else {
-            return {};
-        }
+        return (boost::format("%02x:%02x:%02x:%02x:%02x:%02x") %
+                static_cast<int>(bytes[0]) % static_cast<int>(bytes[1]) %
+                static_cast<int>(bytes[2]) % static_cast<int>(bytes[3]) %
+                static_cast<int>(bytes[4]) % static_cast<int>(bytes[5])).str();
     }
 
     bool networking_resolver::ignored_ipv4_address(string const& addr)

data/ext/facter/facter/lib/src/facts/resolvers/ssh_resolver.cc

@@ -50,6 +50,7 @@ namespace facter { namespace facts { namespace resolvers {
 
         facts.add(string(key_fact_name), make_value<string_value>(key.key, true));
         key_value->add("key", make_value<string_value>(move(key.key)));
+        key_value->add("type", make_value<string_value>(move(key.type)));
 
         string fingerprint;
         if (!key.digest.sha1.empty()) {

data/ext/facter/facter/lib/src/facts/solaris/networking_resolver.cc

@@ -171,11 +171,6 @@ namespace facter { namespace facts { namespace solaris {
         return nullptr;
     }
 
-    uint8_t networking_resolver::get_link_address_length(const sockaddr * addr) const
-    {
-        return 0;
-    }
-
     string networking_resolver::find_dhcp_server(string const& interface) const
     {
         auto exec = execute("dhcpinfo", { "-i", interface, "ServerID" });

data/ext/facter/facter/lib/tests/facts/resolvers/ssh_resolver.cc

@@ -27,15 +27,19 @@ struct test_ssh_resolver : ssh_resolver
     {
         data result;
         result.dsa.key = "dsa:key";
+        result.dsa.type = "dsa:type";
         result.dsa.digest.sha1 = "dsa:sha1";
         result.dsa.digest.sha256 = "dsa:sha256";
         result.ecdsa.key = "ecdsa:key";
+        result.ecdsa.type = "ecdsa:type";
         result.ecdsa.digest.sha1 = "ecdsa:sha1";
         result.ecdsa.digest.sha256 = "ecdsa:sha256";
         result.ed25519.key = "ed25519:key";
+        result.ed25519.type = "ed25519:type";
         result.ed25519.digest.sha1 = "ed25519:sha1";
         result.ed25519.digest.sha256 = "ed25519:sha256";
         result.rsa.key = "rsa:key";
+        result.rsa.type = "rsa:type";
         result.rsa.digest.sha1 = "rsa:sha1";
         result.rsa.digest.sha256 = "rsa:sha256";
         return result;
@@ -66,10 +70,13 @@ SCENARIO("using the ssh resolver") {
             for (auto const& algorithm : algorithms) {
                 auto entry = ssh->get<map_value>(algorithm);
                 REQUIRE(entry);
-                REQUIRE(entry->size() == 2u);
+                REQUIRE(entry->size() == 3u);
                 auto key = entry->get<string_value>("key");
                 REQUIRE(key);
                 REQUIRE(key->value() == algorithm + ":key");
+                auto type = entry->get<string_value>("type");
+                REQUIRE(type);
+                REQUIRE(type->value() == algorithm + ":type");
                 auto fingerprints = entry->get<map_value>("fingerprints");
                 REQUIRE(fingerprints);
                 REQUIRE(fingerprints->size() == 2u);

data/ext/facter/facter/lib/tests/facts/schema.cc

@@ -17,6 +17,7 @@
 #include <internal/facts/resolvers/dmi_resolver.hpp>
 #include <internal/facts/resolvers/ec2_resolver.hpp>
 #include <internal/facts/resolvers/filesystem_resolver.hpp>
+#include <internal/facts/resolvers/fips_resolver.hpp>
 #include <internal/facts/resolvers/gce_resolver.hpp>
 #include <internal/facts/resolvers/hypervisors_resolver.hpp>
 #include <internal/facts/resolvers/identity_resolver.hpp>
@@ -139,6 +140,17 @@ struct filesystem_resolver : resolvers::filesystem_resolver
     }
 };
 
+struct fips_resolver : resolvers::fips_resolver
+{
+ protected:
+    virtual data collect_data(collection& facts) override
+    {
+        data result;
+        result.is_fips_mode_enabled = false;
+        return result;
+    }
+};
+
 using hypervisor_data = std::unordered_map<std::string, std::unordered_map<std::string, boost::variant<std::string, bool, int>>>;
 
 struct hypervisors_resolver_test : resolvers::hypervisors_resolver_base
@@ -310,15 +322,19 @@ protected:
     {
         data result;
         result.dsa.key = "dsa:key";
+        result.dsa.type = "dsa:type";
         result.dsa.digest.sha1 = "dsa:sha1";
         result.dsa.digest.sha256 = "dsa:sha256";
         result.ecdsa.key = "ecdsa:key";
+        result.ecdsa.type = "ecdsa:type";
         result.ecdsa.digest.sha1 = "ecdsa:sha1";
         result.ecdsa.digest.sha256 = "ecdsa:sha256";
         result.ed25519.key = "ed25519:key";
+        result.ed25519.type = "ed25519:type";
         result.ed25519.digest.sha1 = "ed25519:sha1";
         result.ed25519.digest.sha256 = "ed25519:sha256";
         result.rsa.key = "rsa:key";
+        result.rsa.type = "rsa:type";
         result.rsa.digest.sha1 = "rsa:sha1";
         result.rsa.digest.sha256 = "rsa:sha256";
         return result;
@@ -469,6 +485,7 @@ void add_all_facts(collection& facts)
     facts.add(make_shared<disk_resolver>());
     facts.add(make_shared<dmi_resolver>());
     facts.add(make_shared<filesystem_resolver>());
+    facts.add(make_shared<fips_resolver>());
     // TODO: refactor the EC2 resolver to use the "collect_data" pattern
     facts.add(make_shared<ec2_resolver>());
     // TODO: refactor the GCE resolver to use the "collect_data" pattern