openvox 7.37.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1120) hide show
  1. checksums.yaml +7 -0
  2. data/CHANGELOG.md +15 -0
  3. data/CODEOWNERS +11 -0
  4. data/CODE_OF_CONDUCT.md +70 -0
  5. data/CONTRIBUTING.md +161 -0
  6. data/Gemfile +82 -0
  7. data/Guardfile.example +76 -0
  8. data/LICENSE +202 -0
  9. data/README.md +68 -0
  10. data/Rakefile +160 -0
  11. data/bin/puppet +9 -0
  12. data/conf/environment.conf +18 -0
  13. data/conf/fileserver.conf +32 -0
  14. data/conf/hiera.yaml +11 -0
  15. data/conf/puppet.conf +6 -0
  16. data/examples/enc/regexp_nodes/classes/databases +2 -0
  17. data/examples/enc/regexp_nodes/classes/webservers +2 -0
  18. data/examples/enc/regexp_nodes/environment/development +2 -0
  19. data/examples/enc/regexp_nodes/parameters/service/prod +1 -0
  20. data/examples/enc/regexp_nodes/parameters/service/qa +3 -0
  21. data/examples/enc/regexp_nodes/parameters/service/sandbox +1 -0
  22. data/examples/enc/regexp_nodes/regexp_nodes.rb +270 -0
  23. data/examples/hiera/README.md +91 -0
  24. data/examples/hiera/etc/hiera.yaml +15 -0
  25. data/examples/hiera/etc/hieradb/common.yaml +3 -0
  26. data/examples/hiera/etc/hieradb/dc1.yaml +6 -0
  27. data/examples/hiera/etc/hieradb/development.yaml +2 -0
  28. data/examples/hiera/etc/puppet.conf +3 -0
  29. data/examples/hiera/modules/data/manifests/common.pp +4 -0
  30. data/examples/hiera/modules/ntp/manifests/config.pp +6 -0
  31. data/examples/hiera/modules/ntp/manifests/data.pp +4 -0
  32. data/examples/hiera/modules/ntp/templates/ntp.conf.erb +3 -0
  33. data/examples/hiera/modules/users/manifests/common.pp +4 -0
  34. data/examples/hiera/modules/users/manifests/dc1.pp +4 -0
  35. data/examples/hiera/modules/users/manifests/development.pp +4 -0
  36. data/examples/hiera/site.pp +3 -0
  37. data/examples/nagios/check_puppet.rb +123 -0
  38. data/ext/README.md +13 -0
  39. data/ext/build_defaults.yaml +18 -0
  40. data/ext/debian/puppet.default +4 -0
  41. data/ext/debian/puppet.init +113 -0
  42. data/ext/hiera/hiera.yaml +15 -0
  43. data/ext/osx/puppet.plist +32 -0
  44. data/ext/project_data.yaml +20 -0
  45. data/ext/redhat/client.init +169 -0
  46. data/ext/redhat/client.sysconfig +2 -0
  47. data/ext/solaris/smf/puppet +44 -0
  48. data/ext/solaris/smf/puppet.xml +46 -0
  49. data/ext/suse/client.init +141 -0
  50. data/ext/systemd/puppet.service +26 -0
  51. data/ext/windows/puppet_interactive.bat +6 -0
  52. data/ext/windows/puppet_shell.bat +9 -0
  53. data/ext/windows/run_puppet_interactive.bat +9 -0
  54. data/ext/windows/service/daemon.bat +6 -0
  55. data/ext/windows/service/daemon.rb +225 -0
  56. data/install.rb +499 -0
  57. data/lib/hiera/puppet_function.rb +84 -0
  58. data/lib/hiera/scope.rb +90 -0
  59. data/lib/hiera_puppet.rb +80 -0
  60. data/lib/puppet/agent/disabler.rb +53 -0
  61. data/lib/puppet/agent/locker.rb +46 -0
  62. data/lib/puppet/agent.rb +176 -0
  63. data/lib/puppet/application/agent.rb +523 -0
  64. data/lib/puppet/application/apply.rb +428 -0
  65. data/lib/puppet/application/catalog.rb +4 -0
  66. data/lib/puppet/application/config.rb +5 -0
  67. data/lib/puppet/application/describe.rb +253 -0
  68. data/lib/puppet/application/device.rb +439 -0
  69. data/lib/puppet/application/doc.rb +233 -0
  70. data/lib/puppet/application/epp.rb +5 -0
  71. data/lib/puppet/application/face_base.rb +276 -0
  72. data/lib/puppet/application/facts.rb +9 -0
  73. data/lib/puppet/application/filebucket.rb +318 -0
  74. data/lib/puppet/application/generate.rb +5 -0
  75. data/lib/puppet/application/help.rb +5 -0
  76. data/lib/puppet/application/indirection_base.rb +4 -0
  77. data/lib/puppet/application/lookup.rb +433 -0
  78. data/lib/puppet/application/module.rb +4 -0
  79. data/lib/puppet/application/node.rb +4 -0
  80. data/lib/puppet/application/parser.rb +5 -0
  81. data/lib/puppet/application/plugin.rb +4 -0
  82. data/lib/puppet/application/report.rb +4 -0
  83. data/lib/puppet/application/resource.rb +254 -0
  84. data/lib/puppet/application/script.rb +264 -0
  85. data/lib/puppet/application/ssl.rb +323 -0
  86. data/lib/puppet/application.rb +596 -0
  87. data/lib/puppet/application_support.rb +68 -0
  88. data/lib/puppet/coercion.rb +40 -0
  89. data/lib/puppet/compilable_resource_type.rb +15 -0
  90. data/lib/puppet/concurrent/lock.rb +16 -0
  91. data/lib/puppet/concurrent/synchronized.rb +15 -0
  92. data/lib/puppet/concurrent/thread_local_singleton.rb +17 -0
  93. data/lib/puppet/concurrent.rb +2 -0
  94. data/lib/puppet/configurer/downloader.rb +85 -0
  95. data/lib/puppet/configurer/fact_handler.rb +50 -0
  96. data/lib/puppet/configurer/plugin_handler.rb +59 -0
  97. data/lib/puppet/configurer.rb +755 -0
  98. data/lib/puppet/confine/any.rb +26 -0
  99. data/lib/puppet/confine/boolean.rb +45 -0
  100. data/lib/puppet/confine/exists.rb +19 -0
  101. data/lib/puppet/confine/false.rb +25 -0
  102. data/lib/puppet/confine/feature.rb +17 -0
  103. data/lib/puppet/confine/true.rb +26 -0
  104. data/lib/puppet/confine/variable.rb +59 -0
  105. data/lib/puppet/confine.rb +83 -0
  106. data/lib/puppet/confine_collection.rb +51 -0
  107. data/lib/puppet/confiner.rb +46 -0
  108. data/lib/puppet/context/trusted_information.rb +120 -0
  109. data/lib/puppet/context.rb +188 -0
  110. data/lib/puppet/daemon.rb +182 -0
  111. data/lib/puppet/data_binding.rb +14 -0
  112. data/lib/puppet/datatypes/error.rb +21 -0
  113. data/lib/puppet/datatypes/impl/error.rb +40 -0
  114. data/lib/puppet/datatypes.rb +213 -0
  115. data/lib/puppet/defaults.rb +2277 -0
  116. data/lib/puppet/environments.rb +601 -0
  117. data/lib/puppet/error.rb +138 -0
  118. data/lib/puppet/etc.rb +180 -0
  119. data/lib/puppet/external/dot.rb +325 -0
  120. data/lib/puppet/external/pson/common.rb +374 -0
  121. data/lib/puppet/external/pson/pure/generator.rb +395 -0
  122. data/lib/puppet/external/pson/pure/parser.rb +308 -0
  123. data/lib/puppet/external/pson/pure.rb +15 -0
  124. data/lib/puppet/external/pson/version.rb +8 -0
  125. data/lib/puppet/face/catalog/select.rb +49 -0
  126. data/lib/puppet/face/catalog.rb +165 -0
  127. data/lib/puppet/face/config.rb +267 -0
  128. data/lib/puppet/face/epp.rb +566 -0
  129. data/lib/puppet/face/facts.rb +174 -0
  130. data/lib/puppet/face/generate.rb +66 -0
  131. data/lib/puppet/face/help/action.erb +90 -0
  132. data/lib/puppet/face/help/face.erb +115 -0
  133. data/lib/puppet/face/help/global.erb +16 -0
  134. data/lib/puppet/face/help/man.erb +152 -0
  135. data/lib/puppet/face/help.rb +242 -0
  136. data/lib/puppet/face/module/changes.rb +43 -0
  137. data/lib/puppet/face/module/install.rb +146 -0
  138. data/lib/puppet/face/module/list.rb +272 -0
  139. data/lib/puppet/face/module/uninstall.rb +89 -0
  140. data/lib/puppet/face/module/upgrade.rb +87 -0
  141. data/lib/puppet/face/module.rb +19 -0
  142. data/lib/puppet/face/node/clean.rb +107 -0
  143. data/lib/puppet/face/node.rb +43 -0
  144. data/lib/puppet/face/parser.rb +227 -0
  145. data/lib/puppet/face/plugin.rb +60 -0
  146. data/lib/puppet/face/report.rb +54 -0
  147. data/lib/puppet/face/resource.rb +53 -0
  148. data/lib/puppet/face.rb +12 -0
  149. data/lib/puppet/facter_impl.rb +96 -0
  150. data/lib/puppet/feature/base.rb +76 -0
  151. data/lib/puppet/feature/bolt.rb +3 -0
  152. data/lib/puppet/feature/cfpropertylist.rb +3 -0
  153. data/lib/puppet/feature/eventlog.rb +5 -0
  154. data/lib/puppet/feature/hiera_eyaml.rb +3 -0
  155. data/lib/puppet/feature/hocon.rb +3 -0
  156. data/lib/puppet/feature/libuser.rb +8 -0
  157. data/lib/puppet/feature/msgpack.rb +3 -0
  158. data/lib/puppet/feature/pe_license.rb +4 -0
  159. data/lib/puppet/feature/selinux.rb +3 -0
  160. data/lib/puppet/feature/ssh.rb +3 -0
  161. data/lib/puppet/feature/telnet.rb +9 -0
  162. data/lib/puppet/feature/zlib.rb +5 -0
  163. data/lib/puppet/ffi/posix/constants.rb +14 -0
  164. data/lib/puppet/ffi/posix/functions.rb +24 -0
  165. data/lib/puppet/ffi/posix.rb +10 -0
  166. data/lib/puppet/ffi/windows/api_types.rb +311 -0
  167. data/lib/puppet/ffi/windows/constants.rb +404 -0
  168. data/lib/puppet/ffi/windows/functions.rb +628 -0
  169. data/lib/puppet/ffi/windows/structs.rb +338 -0
  170. data/lib/puppet/ffi/windows.rb +12 -0
  171. data/lib/puppet/file_bucket/dipper.rb +174 -0
  172. data/lib/puppet/file_bucket/file.rb +129 -0
  173. data/lib/puppet/file_bucket.rb +4 -0
  174. data/lib/puppet/file_serving/base.rb +86 -0
  175. data/lib/puppet/file_serving/configuration/parser.rb +113 -0
  176. data/lib/puppet/file_serving/configuration.rb +113 -0
  177. data/lib/puppet/file_serving/content.rb +43 -0
  178. data/lib/puppet/file_serving/fileset.rb +186 -0
  179. data/lib/puppet/file_serving/http_metadata.rb +62 -0
  180. data/lib/puppet/file_serving/metadata.rb +171 -0
  181. data/lib/puppet/file_serving/mount/file.rb +122 -0
  182. data/lib/puppet/file_serving/mount/locales.rb +35 -0
  183. data/lib/puppet/file_serving/mount/modules.rb +26 -0
  184. data/lib/puppet/file_serving/mount/pluginfacts.rb +35 -0
  185. data/lib/puppet/file_serving/mount/plugins.rb +35 -0
  186. data/lib/puppet/file_serving/mount/scripts.rb +24 -0
  187. data/lib/puppet/file_serving/mount/tasks.rb +23 -0
  188. data/lib/puppet/file_serving/mount.rb +38 -0
  189. data/lib/puppet/file_serving/terminus_helper.rb +31 -0
  190. data/lib/puppet/file_serving/terminus_selector.rb +31 -0
  191. data/lib/puppet/file_serving.rb +3 -0
  192. data/lib/puppet/file_system/file_impl.rb +188 -0
  193. data/lib/puppet/file_system/jruby.rb +23 -0
  194. data/lib/puppet/file_system/memory_file.rb +79 -0
  195. data/lib/puppet/file_system/memory_impl.rb +99 -0
  196. data/lib/puppet/file_system/path_pattern.rb +93 -0
  197. data/lib/puppet/file_system/posix.rb +47 -0
  198. data/lib/puppet/file_system/uniquefile.rb +188 -0
  199. data/lib/puppet/file_system/windows.rb +213 -0
  200. data/lib/puppet/file_system.rb +419 -0
  201. data/lib/puppet/forge/cache.rb +60 -0
  202. data/lib/puppet/forge/errors.rb +114 -0
  203. data/lib/puppet/forge/repository.rb +95 -0
  204. data/lib/puppet/forge.rb +259 -0
  205. data/lib/puppet/functions/abs.rb +61 -0
  206. data/lib/puppet/functions/alert.rb +14 -0
  207. data/lib/puppet/functions/all.rb +104 -0
  208. data/lib/puppet/functions/annotate.rb +108 -0
  209. data/lib/puppet/functions/any.rb +109 -0
  210. data/lib/puppet/functions/assert_type.rb +93 -0
  211. data/lib/puppet/functions/binary_file.rb +32 -0
  212. data/lib/puppet/functions/break.rb +47 -0
  213. data/lib/puppet/functions/call.rb +80 -0
  214. data/lib/puppet/functions/camelcase.rb +62 -0
  215. data/lib/puppet/functions/capitalize.rb +61 -0
  216. data/lib/puppet/functions/ceiling.rb +37 -0
  217. data/lib/puppet/functions/chomp.rb +57 -0
  218. data/lib/puppet/functions/chop.rb +67 -0
  219. data/lib/puppet/functions/compare.rb +125 -0
  220. data/lib/puppet/functions/contain.rb +55 -0
  221. data/lib/puppet/functions/convert_to.rb +34 -0
  222. data/lib/puppet/functions/crit.rb +14 -0
  223. data/lib/puppet/functions/debug.rb +14 -0
  224. data/lib/puppet/functions/defined.rb +159 -0
  225. data/lib/puppet/functions/dig.rb +67 -0
  226. data/lib/puppet/functions/downcase.rb +89 -0
  227. data/lib/puppet/functions/each.rb +167 -0
  228. data/lib/puppet/functions/emerg.rb +14 -0
  229. data/lib/puppet/functions/empty.rb +85 -0
  230. data/lib/puppet/functions/epp.rb +49 -0
  231. data/lib/puppet/functions/err.rb +14 -0
  232. data/lib/puppet/functions/eyaml_lookup_key.rb +102 -0
  233. data/lib/puppet/functions/filter.rb +137 -0
  234. data/lib/puppet/functions/find_file.rb +44 -0
  235. data/lib/puppet/functions/find_template.rb +63 -0
  236. data/lib/puppet/functions/flatten.rb +64 -0
  237. data/lib/puppet/functions/floor.rb +37 -0
  238. data/lib/puppet/functions/get.rb +150 -0
  239. data/lib/puppet/functions/getvar.rb +87 -0
  240. data/lib/puppet/functions/group_by.rb +62 -0
  241. data/lib/puppet/functions/hiera.rb +89 -0
  242. data/lib/puppet/functions/hiera_array.rb +81 -0
  243. data/lib/puppet/functions/hiera_hash.rb +92 -0
  244. data/lib/puppet/functions/hiera_include.rb +104 -0
  245. data/lib/puppet/functions/hocon_data.rb +41 -0
  246. data/lib/puppet/functions/import.rb +7 -0
  247. data/lib/puppet/functions/include.rb +53 -0
  248. data/lib/puppet/functions/index.rb +167 -0
  249. data/lib/puppet/functions/info.rb +14 -0
  250. data/lib/puppet/functions/inline_epp.rb +60 -0
  251. data/lib/puppet/functions/join.rb +56 -0
  252. data/lib/puppet/functions/json_data.rb +33 -0
  253. data/lib/puppet/functions/keys.rb +25 -0
  254. data/lib/puppet/functions/length.rb +44 -0
  255. data/lib/puppet/functions/lest.rb +55 -0
  256. data/lib/puppet/functions/lookup.rb +224 -0
  257. data/lib/puppet/functions/lstrip.rb +58 -0
  258. data/lib/puppet/functions/map.rb +135 -0
  259. data/lib/puppet/functions/match.rb +130 -0
  260. data/lib/puppet/functions/max.rb +183 -0
  261. data/lib/puppet/functions/min.rb +182 -0
  262. data/lib/puppet/functions/module_directory.rb +41 -0
  263. data/lib/puppet/functions/new.rb +1011 -0
  264. data/lib/puppet/functions/next.rb +33 -0
  265. data/lib/puppet/functions/notice.rb +14 -0
  266. data/lib/puppet/functions/partition.rb +62 -0
  267. data/lib/puppet/functions/reduce.rb +162 -0
  268. data/lib/puppet/functions/regsubst.rb +101 -0
  269. data/lib/puppet/functions/require.rb +77 -0
  270. data/lib/puppet/functions/return.rb +15 -0
  271. data/lib/puppet/functions/reverse_each.rb +94 -0
  272. data/lib/puppet/functions/round.rb +24 -0
  273. data/lib/puppet/functions/rstrip.rb +58 -0
  274. data/lib/puppet/functions/scanf.rb +44 -0
  275. data/lib/puppet/functions/size.rb +15 -0
  276. data/lib/puppet/functions/slice.rb +124 -0
  277. data/lib/puppet/functions/sort.rb +74 -0
  278. data/lib/puppet/functions/split.rb +76 -0
  279. data/lib/puppet/functions/step.rb +98 -0
  280. data/lib/puppet/functions/strftime.rb +212 -0
  281. data/lib/puppet/functions/strip.rb +58 -0
  282. data/lib/puppet/functions/then.rb +77 -0
  283. data/lib/puppet/functions/tree_each.rb +197 -0
  284. data/lib/puppet/functions/type.rb +72 -0
  285. data/lib/puppet/functions/unique.rb +132 -0
  286. data/lib/puppet/functions/unwrap.rb +59 -0
  287. data/lib/puppet/functions/upcase.rb +89 -0
  288. data/lib/puppet/functions/values.rb +25 -0
  289. data/lib/puppet/functions/versioncmp.rb +40 -0
  290. data/lib/puppet/functions/warning.rb +14 -0
  291. data/lib/puppet/functions/with.rb +32 -0
  292. data/lib/puppet/functions/yaml_data.rb +45 -0
  293. data/lib/puppet/functions.rb +862 -0
  294. data/lib/puppet/generate/models/type/property.rb +70 -0
  295. data/lib/puppet/generate/models/type/type.rb +65 -0
  296. data/lib/puppet/generate/templates/type/pcore.erb +42 -0
  297. data/lib/puppet/generate/type.rb +249 -0
  298. data/lib/puppet/gettext/config.rb +275 -0
  299. data/lib/puppet/gettext/module_translations.rb +42 -0
  300. data/lib/puppet/gettext/stubs.rb +11 -0
  301. data/lib/puppet/graph/key.rb +26 -0
  302. data/lib/puppet/graph/prioritizer.rb +29 -0
  303. data/lib/puppet/graph/rb_tree_map.rb +388 -0
  304. data/lib/puppet/graph/relationship_graph.rb +284 -0
  305. data/lib/puppet/graph/sequential_prioritizer.rb +31 -0
  306. data/lib/puppet/graph/simple_graph.rb +546 -0
  307. data/lib/puppet/graph.rb +9 -0
  308. data/lib/puppet/http/client.rb +525 -0
  309. data/lib/puppet/http/dns.rb +159 -0
  310. data/lib/puppet/http/errors.rb +48 -0
  311. data/lib/puppet/http/external_client.rb +88 -0
  312. data/lib/puppet/http/factory.rb +51 -0
  313. data/lib/puppet/http/pool.rb +172 -0
  314. data/lib/puppet/http/pool_entry.rb +17 -0
  315. data/lib/puppet/http/proxy.rb +137 -0
  316. data/lib/puppet/http/redirector.rb +85 -0
  317. data/lib/puppet/http/resolver/server_list.rb +87 -0
  318. data/lib/puppet/http/resolver/settings.rb +23 -0
  319. data/lib/puppet/http/resolver/srv.rb +41 -0
  320. data/lib/puppet/http/resolver.rb +48 -0
  321. data/lib/puppet/http/response.rb +102 -0
  322. data/lib/puppet/http/response_converter.rb +24 -0
  323. data/lib/puppet/http/response_net_http.rb +42 -0
  324. data/lib/puppet/http/retry_after_handler.rb +77 -0
  325. data/lib/puppet/http/service/ca.rb +101 -0
  326. data/lib/puppet/http/service/compiler.rb +353 -0
  327. data/lib/puppet/http/service/file_server.rb +198 -0
  328. data/lib/puppet/http/service/puppetserver.rb +53 -0
  329. data/lib/puppet/http/service/report.rb +64 -0
  330. data/lib/puppet/http/service.rb +182 -0
  331. data/lib/puppet/http/session.rb +122 -0
  332. data/lib/puppet/http/site.rb +42 -0
  333. data/lib/puppet/http.rb +46 -0
  334. data/lib/puppet/indirector/catalog/compiler.rb +431 -0
  335. data/lib/puppet/indirector/catalog/json.rb +40 -0
  336. data/lib/puppet/indirector/catalog/msgpack.rb +6 -0
  337. data/lib/puppet/indirector/catalog/rest.rb +49 -0
  338. data/lib/puppet/indirector/catalog/store_configs.rb +8 -0
  339. data/lib/puppet/indirector/catalog/yaml.rb +6 -0
  340. data/lib/puppet/indirector/code.rb +6 -0
  341. data/lib/puppet/indirector/data_binding/hiera.rb +7 -0
  342. data/lib/puppet/indirector/data_binding/none.rb +8 -0
  343. data/lib/puppet/indirector/direct_file_server.rb +17 -0
  344. data/lib/puppet/indirector/envelope.rb +11 -0
  345. data/lib/puppet/indirector/errors.rb +5 -0
  346. data/lib/puppet/indirector/exec.rb +38 -0
  347. data/lib/puppet/indirector/face.rb +153 -0
  348. data/lib/puppet/indirector/fact_search.rb +60 -0
  349. data/lib/puppet/indirector/facts/facter.rb +117 -0
  350. data/lib/puppet/indirector/facts/json.rb +27 -0
  351. data/lib/puppet/indirector/facts/memory.rb +9 -0
  352. data/lib/puppet/indirector/facts/network_device.rb +27 -0
  353. data/lib/puppet/indirector/facts/rest.rb +44 -0
  354. data/lib/puppet/indirector/facts/store_configs.rb +11 -0
  355. data/lib/puppet/indirector/facts/yaml.rb +29 -0
  356. data/lib/puppet/indirector/file_bucket_file/file.rb +262 -0
  357. data/lib/puppet/indirector/file_bucket_file/rest.rb +50 -0
  358. data/lib/puppet/indirector/file_bucket_file/selector.rb +53 -0
  359. data/lib/puppet/indirector/file_content/file.rb +7 -0
  360. data/lib/puppet/indirector/file_content/file_server.rb +7 -0
  361. data/lib/puppet/indirector/file_content/rest.rb +35 -0
  362. data/lib/puppet/indirector/file_content/selector.rb +30 -0
  363. data/lib/puppet/indirector/file_content.rb +5 -0
  364. data/lib/puppet/indirector/file_metadata/file.rb +7 -0
  365. data/lib/puppet/indirector/file_metadata/file_server.rb +7 -0
  366. data/lib/puppet/indirector/file_metadata/http.rb +47 -0
  367. data/lib/puppet/indirector/file_metadata/rest.rb +56 -0
  368. data/lib/puppet/indirector/file_metadata/selector.rb +30 -0
  369. data/lib/puppet/indirector/file_metadata.rb +5 -0
  370. data/lib/puppet/indirector/file_server.rb +54 -0
  371. data/lib/puppet/indirector/generic_http.rb +5 -0
  372. data/lib/puppet/indirector/hiera.rb +100 -0
  373. data/lib/puppet/indirector/indirection.rb +372 -0
  374. data/lib/puppet/indirector/json.rb +79 -0
  375. data/lib/puppet/indirector/memory.rb +34 -0
  376. data/lib/puppet/indirector/msgpack.rb +83 -0
  377. data/lib/puppet/indirector/node/exec.rb +70 -0
  378. data/lib/puppet/indirector/node/json.rb +8 -0
  379. data/lib/puppet/indirector/node/memory.rb +10 -0
  380. data/lib/puppet/indirector/node/msgpack.rb +7 -0
  381. data/lib/puppet/indirector/node/plain.rb +21 -0
  382. data/lib/puppet/indirector/node/rest.rb +29 -0
  383. data/lib/puppet/indirector/node/store_configs.rb +8 -0
  384. data/lib/puppet/indirector/node/yaml.rb +7 -0
  385. data/lib/puppet/indirector/none.rb +9 -0
  386. data/lib/puppet/indirector/plain.rb +9 -0
  387. data/lib/puppet/indirector/report/json.rb +34 -0
  388. data/lib/puppet/indirector/report/msgpack.rb +11 -0
  389. data/lib/puppet/indirector/report/processor.rb +60 -0
  390. data/lib/puppet/indirector/report/rest.rb +42 -0
  391. data/lib/puppet/indirector/report/yaml.rb +34 -0
  392. data/lib/puppet/indirector/request.rb +194 -0
  393. data/lib/puppet/indirector/resource/ral.rb +66 -0
  394. data/lib/puppet/indirector/resource/store_configs.rb +12 -0
  395. data/lib/puppet/indirector/resource/validator.rb +8 -0
  396. data/lib/puppet/indirector/rest.rb +64 -0
  397. data/lib/puppet/indirector/store_configs.rb +30 -0
  398. data/lib/puppet/indirector/terminus.rb +176 -0
  399. data/lib/puppet/indirector/yaml.rb +63 -0
  400. data/lib/puppet/indirector.rb +61 -0
  401. data/lib/puppet/info_service/class_information_service.rb +109 -0
  402. data/lib/puppet/info_service/plan_information_service.rb +36 -0
  403. data/lib/puppet/info_service/task_information_service.rb +44 -0
  404. data/lib/puppet/info_service.rb +26 -0
  405. data/lib/puppet/interface/action.rb +406 -0
  406. data/lib/puppet/interface/action_builder.rb +161 -0
  407. data/lib/puppet/interface/action_manager.rb +98 -0
  408. data/lib/puppet/interface/documentation.rb +357 -0
  409. data/lib/puppet/interface/face_collection.rb +137 -0
  410. data/lib/puppet/interface/option.rb +172 -0
  411. data/lib/puppet/interface/option_builder.rb +105 -0
  412. data/lib/puppet/interface/option_manager.rb +106 -0
  413. data/lib/puppet/interface.rb +239 -0
  414. data/lib/puppet/loaders.rb +30 -0
  415. data/lib/puppet/metatype/manager.rb +197 -0
  416. data/lib/puppet/module/plan.rb +159 -0
  417. data/lib/puppet/module/task.rb +283 -0
  418. data/lib/puppet/module.rb +475 -0
  419. data/lib/puppet/module_tool/applications/application.rb +91 -0
  420. data/lib/puppet/module_tool/applications/checksummer.rb +62 -0
  421. data/lib/puppet/module_tool/applications/installer.rb +411 -0
  422. data/lib/puppet/module_tool/applications/uninstaller.rb +119 -0
  423. data/lib/puppet/module_tool/applications/unpacker.rb +100 -0
  424. data/lib/puppet/module_tool/applications/upgrader.rb +282 -0
  425. data/lib/puppet/module_tool/applications.rb +12 -0
  426. data/lib/puppet/module_tool/checksums.rb +49 -0
  427. data/lib/puppet/module_tool/contents_description.rb +89 -0
  428. data/lib/puppet/module_tool/dependency.rb +41 -0
  429. data/lib/puppet/module_tool/errors/base.rb +15 -0
  430. data/lib/puppet/module_tool/errors/installer.rb +93 -0
  431. data/lib/puppet/module_tool/errors/shared.rb +227 -0
  432. data/lib/puppet/module_tool/errors/uninstaller.rb +50 -0
  433. data/lib/puppet/module_tool/errors/upgrader.rb +63 -0
  434. data/lib/puppet/module_tool/errors.rb +11 -0
  435. data/lib/puppet/module_tool/install_directory.rb +45 -0
  436. data/lib/puppet/module_tool/installed_modules.rb +96 -0
  437. data/lib/puppet/module_tool/local_tarball.rb +90 -0
  438. data/lib/puppet/module_tool/metadata.rb +221 -0
  439. data/lib/puppet/module_tool/shared_behaviors.rb +181 -0
  440. data/lib/puppet/module_tool/tar/gnu.rb +19 -0
  441. data/lib/puppet/module_tool/tar/mini.rb +116 -0
  442. data/lib/puppet/module_tool/tar.rb +18 -0
  443. data/lib/puppet/module_tool.rb +194 -0
  444. data/lib/puppet/network/authconfig.rb +7 -0
  445. data/lib/puppet/network/authorization.rb +19 -0
  446. data/lib/puppet/network/client_request.rb +29 -0
  447. data/lib/puppet/network/format.rb +110 -0
  448. data/lib/puppet/network/format_handler.rb +108 -0
  449. data/lib/puppet/network/format_support.rb +139 -0
  450. data/lib/puppet/network/formats.rb +329 -0
  451. data/lib/puppet/network/http/api/indirected_routes.rb +277 -0
  452. data/lib/puppet/network/http/api/indirection_type.rb +32 -0
  453. data/lib/puppet/network/http/api/master/v3/environments.rb +3 -0
  454. data/lib/puppet/network/http/api/master/v3.rb +3 -0
  455. data/lib/puppet/network/http/api/master.rb +3 -0
  456. data/lib/puppet/network/http/api/server/v3/environments.rb +48 -0
  457. data/lib/puppet/network/http/api/server/v3.rb +39 -0
  458. data/lib/puppet/network/http/api/server.rb +10 -0
  459. data/lib/puppet/network/http/api.rb +39 -0
  460. data/lib/puppet/network/http/connection.rb +286 -0
  461. data/lib/puppet/network/http/error.rb +73 -0
  462. data/lib/puppet/network/http/handler.rb +215 -0
  463. data/lib/puppet/network/http/issues.rb +12 -0
  464. data/lib/puppet/network/http/memory_response.rb +13 -0
  465. data/lib/puppet/network/http/request.rb +71 -0
  466. data/lib/puppet/network/http/response.rb +23 -0
  467. data/lib/puppet/network/http/route.rb +101 -0
  468. data/lib/puppet/network/http.rb +28 -0
  469. data/lib/puppet/network/http_pool.rb +77 -0
  470. data/lib/puppet/network/uri.rb +18 -0
  471. data/lib/puppet/network.rb +3 -0
  472. data/lib/puppet/node/environment.rb +635 -0
  473. data/lib/puppet/node/facts.rb +165 -0
  474. data/lib/puppet/node/server_facts.rb +46 -0
  475. data/lib/puppet/node.rb +256 -0
  476. data/lib/puppet/pal/catalog_compiler.rb +108 -0
  477. data/lib/puppet/pal/compiler.rb +222 -0
  478. data/lib/puppet/pal/function_signature.rb +52 -0
  479. data/lib/puppet/pal/json_catalog_encoder.rb +71 -0
  480. data/lib/puppet/pal/pal_api.rb +15 -0
  481. data/lib/puppet/pal/pal_impl.rb +590 -0
  482. data/lib/puppet/pal/plan_signature.rb +71 -0
  483. data/lib/puppet/pal/script_compiler.rb +73 -0
  484. data/lib/puppet/pal/task_signature.rb +58 -0
  485. data/lib/puppet/parameter/boolean.rb +15 -0
  486. data/lib/puppet/parameter/package_options.rb +31 -0
  487. data/lib/puppet/parameter/path.rb +57 -0
  488. data/lib/puppet/parameter/value.rb +91 -0
  489. data/lib/puppet/parameter/value_collection.rb +212 -0
  490. data/lib/puppet/parameter.rb +589 -0
  491. data/lib/puppet/parser/abstract_compiler.rb +36 -0
  492. data/lib/puppet/parser/ast/block_expression.rb +15 -0
  493. data/lib/puppet/parser/ast/branch.rb +19 -0
  494. data/lib/puppet/parser/ast/hostclass.rb +27 -0
  495. data/lib/puppet/parser/ast/leaf.rb +81 -0
  496. data/lib/puppet/parser/ast/node.rb +17 -0
  497. data/lib/puppet/parser/ast/pops_bridge.rb +245 -0
  498. data/lib/puppet/parser/ast/resource.rb +66 -0
  499. data/lib/puppet/parser/ast/resource_instance.rb +10 -0
  500. data/lib/puppet/parser/ast/resourceparam.rb +31 -0
  501. data/lib/puppet/parser/ast/top_level_construct.rb +4 -0
  502. data/lib/puppet/parser/ast.rb +61 -0
  503. data/lib/puppet/parser/catalog_compiler.rb +56 -0
  504. data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +39 -0
  505. data/lib/puppet/parser/compiler/catalog_validator.rb +33 -0
  506. data/lib/puppet/parser/compiler.rb +615 -0
  507. data/lib/puppet/parser/e4_parser_adapter.rb +60 -0
  508. data/lib/puppet/parser/files.rb +93 -0
  509. data/lib/puppet/parser/functions/assert_type.rb +60 -0
  510. data/lib/puppet/parser/functions/binary_file.rb +24 -0
  511. data/lib/puppet/parser/functions/break.rb +39 -0
  512. data/lib/puppet/parser/functions/contain.rb +30 -0
  513. data/lib/puppet/parser/functions/create_resources.rb +110 -0
  514. data/lib/puppet/parser/functions/defined.rb +107 -0
  515. data/lib/puppet/parser/functions/dig.rb +38 -0
  516. data/lib/puppet/parser/functions/digest.rb +5 -0
  517. data/lib/puppet/parser/functions/each.rb +104 -0
  518. data/lib/puppet/parser/functions/epp.rb +39 -0
  519. data/lib/puppet/parser/functions/fail.rb +11 -0
  520. data/lib/puppet/parser/functions/file.rb +33 -0
  521. data/lib/puppet/parser/functions/filter.rb +79 -0
  522. data/lib/puppet/parser/functions/find_file.rb +28 -0
  523. data/lib/puppet/parser/functions/fqdn_rand.rb +44 -0
  524. data/lib/puppet/parser/functions/generate.rb +37 -0
  525. data/lib/puppet/parser/functions/hiera.rb +103 -0
  526. data/lib/puppet/parser/functions/hiera_array.rb +92 -0
  527. data/lib/puppet/parser/functions/hiera_hash.rb +102 -0
  528. data/lib/puppet/parser/functions/hiera_include.rb +101 -0
  529. data/lib/puppet/parser/functions/include.rb +34 -0
  530. data/lib/puppet/parser/functions/inline_epp.rb +51 -0
  531. data/lib/puppet/parser/functions/inline_template.rb +26 -0
  532. data/lib/puppet/parser/functions/lest.rb +49 -0
  533. data/lib/puppet/parser/functions/lookup.rb +132 -0
  534. data/lib/puppet/parser/functions/map.rb +76 -0
  535. data/lib/puppet/parser/functions/match.rb +43 -0
  536. data/lib/puppet/parser/functions/md5.rb +5 -0
  537. data/lib/puppet/parser/functions/new.rb +991 -0
  538. data/lib/puppet/parser/functions/next.rb +38 -0
  539. data/lib/puppet/parser/functions/realize.rb +20 -0
  540. data/lib/puppet/parser/functions/reduce.rb +137 -0
  541. data/lib/puppet/parser/functions/regsubst.rb +62 -0
  542. data/lib/puppet/parser/functions/require.rb +40 -0
  543. data/lib/puppet/parser/functions/return.rb +92 -0
  544. data/lib/puppet/parser/functions/reverse_each.rb +83 -0
  545. data/lib/puppet/parser/functions/scanf.rb +38 -0
  546. data/lib/puppet/parser/functions/sha1.rb +5 -0
  547. data/lib/puppet/parser/functions/sha256.rb +5 -0
  548. data/lib/puppet/parser/functions/shellquote.rb +61 -0
  549. data/lib/puppet/parser/functions/slice.rb +39 -0
  550. data/lib/puppet/parser/functions/split.rb +28 -0
  551. data/lib/puppet/parser/functions/sprintf.rb +61 -0
  552. data/lib/puppet/parser/functions/step.rb +84 -0
  553. data/lib/puppet/parser/functions/strftime.rb +185 -0
  554. data/lib/puppet/parser/functions/tag.rb +12 -0
  555. data/lib/puppet/parser/functions/tagged.rb +21 -0
  556. data/lib/puppet/parser/functions/template.rb +39 -0
  557. data/lib/puppet/parser/functions/then.rb +73 -0
  558. data/lib/puppet/parser/functions/type.rb +53 -0
  559. data/lib/puppet/parser/functions/versioncmp.rb +30 -0
  560. data/lib/puppet/parser/functions/with.rb +28 -0
  561. data/lib/puppet/parser/functions.rb +321 -0
  562. data/lib/puppet/parser/parser_factory.rb +30 -0
  563. data/lib/puppet/parser/relationship.rb +84 -0
  564. data/lib/puppet/parser/resource/param.rb +35 -0
  565. data/lib/puppet/parser/resource.rb +351 -0
  566. data/lib/puppet/parser/scope.rb +1127 -0
  567. data/lib/puppet/parser/script_compiler.rb +123 -0
  568. data/lib/puppet/parser/templatewrapper.rb +104 -0
  569. data/lib/puppet/parser/type_loader.rb +150 -0
  570. data/lib/puppet/parser.rb +20 -0
  571. data/lib/puppet/plugins/configuration.rb +29 -0
  572. data/lib/puppet/plugins/syntax_checkers.rb +98 -0
  573. data/lib/puppet/plugins.rb +9 -0
  574. data/lib/puppet/pops/adaptable.rb +197 -0
  575. data/lib/puppet/pops/adapters.rb +156 -0
  576. data/lib/puppet/pops/evaluator/access_operator.rb +719 -0
  577. data/lib/puppet/pops/evaluator/callable_signature.rb +107 -0
  578. data/lib/puppet/pops/evaluator/closure.rb +375 -0
  579. data/lib/puppet/pops/evaluator/collector_transformer.rb +234 -0
  580. data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +86 -0
  581. data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +29 -0
  582. data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +70 -0
  583. data/lib/puppet/pops/evaluator/collectors/fixed_set_collector.rb +38 -0
  584. data/lib/puppet/pops/evaluator/compare_operator.rb +254 -0
  585. data/lib/puppet/pops/evaluator/deferred_resolver.rb +225 -0
  586. data/lib/puppet/pops/evaluator/epp_evaluator.rb +120 -0
  587. data/lib/puppet/pops/evaluator/evaluator_impl.rb +1317 -0
  588. data/lib/puppet/pops/evaluator/external_syntax_support.rb +46 -0
  589. data/lib/puppet/pops/evaluator/json_strict_literal_evaluator.rb +82 -0
  590. data/lib/puppet/pops/evaluator/literal_evaluator.rb +100 -0
  591. data/lib/puppet/pops/evaluator/puppet_proc.rb +69 -0
  592. data/lib/puppet/pops/evaluator/relationship_operator.rb +185 -0
  593. data/lib/puppet/pops/evaluator/runtime3_converter.rb +221 -0
  594. data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +119 -0
  595. data/lib/puppet/pops/evaluator/runtime3_support.rb +535 -0
  596. data/lib/puppet/pops/functions/dispatch.rb +107 -0
  597. data/lib/puppet/pops/functions/dispatcher.rb +75 -0
  598. data/lib/puppet/pops/functions/function.rb +139 -0
  599. data/lib/puppet/pops/issue_reporter.rb +137 -0
  600. data/lib/puppet/pops/issues.rb +928 -0
  601. data/lib/puppet/pops/label_provider.rb +90 -0
  602. data/lib/puppet/pops/loader/base_loader.rb +178 -0
  603. data/lib/puppet/pops/loader/dependency_loader.rb +91 -0
  604. data/lib/puppet/pops/loader/gem_support.rb +51 -0
  605. data/lib/puppet/pops/loader/generic_plan_instantiator.rb +28 -0
  606. data/lib/puppet/pops/loader/loader.rb +221 -0
  607. data/lib/puppet/pops/loader/loader_paths.rb +412 -0
  608. data/lib/puppet/pops/loader/module_loaders.rb +556 -0
  609. data/lib/puppet/pops/loader/predefined_loader.rb +28 -0
  610. data/lib/puppet/pops/loader/puppet_function_instantiator.rb +84 -0
  611. data/lib/puppet/pops/loader/puppet_plan_instantiator.rb +93 -0
  612. data/lib/puppet/pops/loader/puppet_resource_type_impl_instantiator.rb +79 -0
  613. data/lib/puppet/pops/loader/ruby_data_type_instantiator.rb +39 -0
  614. data/lib/puppet/pops/loader/ruby_function_instantiator.rb +45 -0
  615. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +120 -0
  616. data/lib/puppet/pops/loader/runtime3_type_loader.rb +103 -0
  617. data/lib/puppet/pops/loader/simple_environment_loader.rb +20 -0
  618. data/lib/puppet/pops/loader/static_loader.rb +131 -0
  619. data/lib/puppet/pops/loader/task_instantiator.rb +44 -0
  620. data/lib/puppet/pops/loader/type_definition_instantiator.rb +100 -0
  621. data/lib/puppet/pops/loader/typed_name.rb +54 -0
  622. data/lib/puppet/pops/loader/uri_helper.rb +22 -0
  623. data/lib/puppet/pops/loaders.rb +546 -0
  624. data/lib/puppet/pops/lookup/configured_data_provider.rb +93 -0
  625. data/lib/puppet/pops/lookup/context.rb +199 -0
  626. data/lib/puppet/pops/lookup/data_adapter.rb +27 -0
  627. data/lib/puppet/pops/lookup/data_dig_function_provider.rb +145 -0
  628. data/lib/puppet/pops/lookup/data_hash_function_provider.rb +126 -0
  629. data/lib/puppet/pops/lookup/data_provider.rb +92 -0
  630. data/lib/puppet/pops/lookup/environment_data_provider.rb +35 -0
  631. data/lib/puppet/pops/lookup/explainer.rb +595 -0
  632. data/lib/puppet/pops/lookup/function_provider.rb +110 -0
  633. data/lib/puppet/pops/lookup/global_data_provider.rb +75 -0
  634. data/lib/puppet/pops/lookup/hiera_config.rb +775 -0
  635. data/lib/puppet/pops/lookup/interpolation.rb +155 -0
  636. data/lib/puppet/pops/lookup/invocation.rb +268 -0
  637. data/lib/puppet/pops/lookup/key_recorder.rb +18 -0
  638. data/lib/puppet/pops/lookup/location_resolver.rb +99 -0
  639. data/lib/puppet/pops/lookup/lookup_adapter.rb +528 -0
  640. data/lib/puppet/pops/lookup/lookup_key.rb +99 -0
  641. data/lib/puppet/pops/lookup/lookup_key_function_provider.rb +92 -0
  642. data/lib/puppet/pops/lookup/module_data_provider.rb +89 -0
  643. data/lib/puppet/pops/lookup/sub_lookup.rb +92 -0
  644. data/lib/puppet/pops/lookup.rb +97 -0
  645. data/lib/puppet/pops/merge_strategy.rb +441 -0
  646. data/lib/puppet/pops/migration/migration_checker.rb +58 -0
  647. data/lib/puppet/pops/model/ast.pp +669 -0
  648. data/lib/puppet/pops/model/ast.rb +4675 -0
  649. data/lib/puppet/pops/model/ast_transformer.rb +131 -0
  650. data/lib/puppet/pops/model/factory.rb +1155 -0
  651. data/lib/puppet/pops/model/model_label_provider.rb +134 -0
  652. data/lib/puppet/pops/model/model_tree_dumper.rb +445 -0
  653. data/lib/puppet/pops/model/pn_transformer.rb +385 -0
  654. data/lib/puppet/pops/model/tree_dumper.rb +59 -0
  655. data/lib/puppet/pops/parser/code_merger.rb +29 -0
  656. data/lib/puppet/pops/parser/egrammar.ra +889 -0
  657. data/lib/puppet/pops/parser/eparser.rb +3184 -0
  658. data/lib/puppet/pops/parser/epp_parser.rb +51 -0
  659. data/lib/puppet/pops/parser/epp_support.rb +265 -0
  660. data/lib/puppet/pops/parser/evaluating_parser.rb +162 -0
  661. data/lib/puppet/pops/parser/heredoc_support.rb +153 -0
  662. data/lib/puppet/pops/parser/interpolation_support.rb +249 -0
  663. data/lib/puppet/pops/parser/lexer2.rb +777 -0
  664. data/lib/puppet/pops/parser/lexer_support.rb +221 -0
  665. data/lib/puppet/pops/parser/locatable.rb +23 -0
  666. data/lib/puppet/pops/parser/locator.rb +357 -0
  667. data/lib/puppet/pops/parser/parser_support.rb +251 -0
  668. data/lib/puppet/pops/parser/pn_parser.rb +317 -0
  669. data/lib/puppet/pops/parser/slurp_support.rb +118 -0
  670. data/lib/puppet/pops/patterns.rb +60 -0
  671. data/lib/puppet/pops/pcore.rb +135 -0
  672. data/lib/puppet/pops/pn.rb +236 -0
  673. data/lib/puppet/pops/puppet_stack.rb +61 -0
  674. data/lib/puppet/pops/resource/param.rb +55 -0
  675. data/lib/puppet/pops/resource/resource_type_impl.rb +294 -0
  676. data/lib/puppet/pops/resource/resource_type_set.pcore +22 -0
  677. data/lib/puppet/pops/semantic_error.rb +29 -0
  678. data/lib/puppet/pops/serialization/abstract_reader.rb +180 -0
  679. data/lib/puppet/pops/serialization/abstract_writer.rb +222 -0
  680. data/lib/puppet/pops/serialization/deserializer.rb +80 -0
  681. data/lib/puppet/pops/serialization/extension.rb +158 -0
  682. data/lib/puppet/pops/serialization/from_data_converter.rb +224 -0
  683. data/lib/puppet/pops/serialization/instance_reader.rb +19 -0
  684. data/lib/puppet/pops/serialization/instance_writer.rb +14 -0
  685. data/lib/puppet/pops/serialization/json.rb +297 -0
  686. data/lib/puppet/pops/serialization/json_path.rb +127 -0
  687. data/lib/puppet/pops/serialization/object.rb +70 -0
  688. data/lib/puppet/pops/serialization/serializer.rb +140 -0
  689. data/lib/puppet/pops/serialization/time_factory.rb +67 -0
  690. data/lib/puppet/pops/serialization/to_data_converter.rb +313 -0
  691. data/lib/puppet/pops/serialization/to_stringified_converter.rb +226 -0
  692. data/lib/puppet/pops/serialization.rb +43 -0
  693. data/lib/puppet/pops/time/timespan.rb +716 -0
  694. data/lib/puppet/pops/time/timestamp.rb +160 -0
  695. data/lib/puppet/pops/types/annotatable.rb +36 -0
  696. data/lib/puppet/pops/types/annotation.rb +71 -0
  697. data/lib/puppet/pops/types/class_loader.rb +132 -0
  698. data/lib/puppet/pops/types/implementation_registry.rb +134 -0
  699. data/lib/puppet/pops/types/iterable.rb +365 -0
  700. data/lib/puppet/pops/types/p_binary_type.rb +232 -0
  701. data/lib/puppet/pops/types/p_init_type.rb +238 -0
  702. data/lib/puppet/pops/types/p_meta_type.rb +94 -0
  703. data/lib/puppet/pops/types/p_object_type.rb +1117 -0
  704. data/lib/puppet/pops/types/p_object_type_extension.rb +228 -0
  705. data/lib/puppet/pops/types/p_runtime_type.rb +115 -0
  706. data/lib/puppet/pops/types/p_sem_ver_range_type.rb +190 -0
  707. data/lib/puppet/pops/types/p_sem_ver_type.rb +155 -0
  708. data/lib/puppet/pops/types/p_sensitive_type.rb +83 -0
  709. data/lib/puppet/pops/types/p_timespan_type.rb +192 -0
  710. data/lib/puppet/pops/types/p_timestamp_type.rb +73 -0
  711. data/lib/puppet/pops/types/p_type_set_type.rb +387 -0
  712. data/lib/puppet/pops/types/p_uri_type.rb +190 -0
  713. data/lib/puppet/pops/types/puppet_object.rb +40 -0
  714. data/lib/puppet/pops/types/recursion_guard.rb +136 -0
  715. data/lib/puppet/pops/types/ruby_generator.rb +472 -0
  716. data/lib/puppet/pops/types/ruby_method.rb +31 -0
  717. data/lib/puppet/pops/types/string_converter.rb +1134 -0
  718. data/lib/puppet/pops/types/tree_iterators.rb +254 -0
  719. data/lib/puppet/pops/types/type_acceptor.rb +25 -0
  720. data/lib/puppet/pops/types/type_asserter.rb +47 -0
  721. data/lib/puppet/pops/types/type_assertion_error.rb +27 -0
  722. data/lib/puppet/pops/types/type_calculator.rb +822 -0
  723. data/lib/puppet/pops/types/type_conversion_error.rb +15 -0
  724. data/lib/puppet/pops/types/type_factory.rb +631 -0
  725. data/lib/puppet/pops/types/type_formatter.rb +801 -0
  726. data/lib/puppet/pops/types/type_mismatch_describer.rb +1096 -0
  727. data/lib/puppet/pops/types/type_parser.rb +683 -0
  728. data/lib/puppet/pops/types/type_set_reference.rb +59 -0
  729. data/lib/puppet/pops/types/type_with_members.rb +43 -0
  730. data/lib/puppet/pops/types/types.rb +3633 -0
  731. data/lib/puppet/pops/utils.rb +119 -0
  732. data/lib/puppet/pops/validation/checker4_0.rb +1148 -0
  733. data/lib/puppet/pops/validation/tasks_checker.rb +93 -0
  734. data/lib/puppet/pops/validation/validator_factory_4_0.rb +45 -0
  735. data/lib/puppet/pops/validation.rb +459 -0
  736. data/lib/puppet/pops/visitable.rb +6 -0
  737. data/lib/puppet/pops/visitor.rb +122 -0
  738. data/lib/puppet/pops.rb +121 -0
  739. data/lib/puppet/property/boolean.rb +7 -0
  740. data/lib/puppet/property/ensure.rb +106 -0
  741. data/lib/puppet/property/keyvalue.rb +158 -0
  742. data/lib/puppet/property/list.rb +70 -0
  743. data/lib/puppet/property/ordered_list.rb +29 -0
  744. data/lib/puppet/property.rb +611 -0
  745. data/lib/puppet/provider/aix_object.rb +485 -0
  746. data/lib/puppet/provider/command.rb +25 -0
  747. data/lib/puppet/provider/confine.rb +6 -0
  748. data/lib/puppet/provider/exec/posix.rb +60 -0
  749. data/lib/puppet/provider/exec/shell.rb +25 -0
  750. data/lib/puppet/provider/exec/windows.rb +55 -0
  751. data/lib/puppet/provider/exec.rb +105 -0
  752. data/lib/puppet/provider/file/posix.rb +144 -0
  753. data/lib/puppet/provider/file/windows.rb +152 -0
  754. data/lib/puppet/provider/group/aix.rb +99 -0
  755. data/lib/puppet/provider/group/directoryservice.rb +22 -0
  756. data/lib/puppet/provider/group/groupadd.rb +174 -0
  757. data/lib/puppet/provider/group/ldap.rb +48 -0
  758. data/lib/puppet/provider/group/pw.rb +51 -0
  759. data/lib/puppet/provider/group/windows_adsi.rb +113 -0
  760. data/lib/puppet/provider/ldap.rb +141 -0
  761. data/lib/puppet/provider/nameservice/directoryservice.rb +512 -0
  762. data/lib/puppet/provider/nameservice/objectadd.rb +22 -0
  763. data/lib/puppet/provider/nameservice/pw.rb +21 -0
  764. data/lib/puppet/provider/nameservice.rb +293 -0
  765. data/lib/puppet/provider/network_device.rb +74 -0
  766. data/lib/puppet/provider/package/aix.rb +169 -0
  767. data/lib/puppet/provider/package/appdmg.rb +111 -0
  768. data/lib/puppet/provider/package/apple.rb +47 -0
  769. data/lib/puppet/provider/package/apt.rb +262 -0
  770. data/lib/puppet/provider/package/aptitude.rb +35 -0
  771. data/lib/puppet/provider/package/aptrpm.rb +83 -0
  772. data/lib/puppet/provider/package/blastwave.rb +112 -0
  773. data/lib/puppet/provider/package/dnf.rb +50 -0
  774. data/lib/puppet/provider/package/dnfmodule.rb +141 -0
  775. data/lib/puppet/provider/package/dpkg.rb +192 -0
  776. data/lib/puppet/provider/package/fink.rb +97 -0
  777. data/lib/puppet/provider/package/freebsd.rb +47 -0
  778. data/lib/puppet/provider/package/gem.rb +293 -0
  779. data/lib/puppet/provider/package/hpux.rb +44 -0
  780. data/lib/puppet/provider/package/macports.rb +110 -0
  781. data/lib/puppet/provider/package/nim.rb +291 -0
  782. data/lib/puppet/provider/package/openbsd.rb +260 -0
  783. data/lib/puppet/provider/package/opkg.rb +82 -0
  784. data/lib/puppet/provider/package/pacman.rb +273 -0
  785. data/lib/puppet/provider/package/pip.rb +346 -0
  786. data/lib/puppet/provider/package/pip2.rb +17 -0
  787. data/lib/puppet/provider/package/pip3.rb +17 -0
  788. data/lib/puppet/provider/package/pkg.rb +295 -0
  789. data/lib/puppet/provider/package/pkgdmg.rb +153 -0
  790. data/lib/puppet/provider/package/pkgin.rb +87 -0
  791. data/lib/puppet/provider/package/pkgng.rb +173 -0
  792. data/lib/puppet/provider/package/pkgutil.rb +187 -0
  793. data/lib/puppet/provider/package/portage.rb +310 -0
  794. data/lib/puppet/provider/package/ports.rb +91 -0
  795. data/lib/puppet/provider/package/portupgrade.rb +240 -0
  796. data/lib/puppet/provider/package/puppet_gem.rb +34 -0
  797. data/lib/puppet/provider/package/puppetserver_gem.rb +171 -0
  798. data/lib/puppet/provider/package/rpm.rb +250 -0
  799. data/lib/puppet/provider/package/rug.rb +51 -0
  800. data/lib/puppet/provider/package/sun.rb +133 -0
  801. data/lib/puppet/provider/package/sunfreeware.rb +9 -0
  802. data/lib/puppet/provider/package/tdnf.rb +28 -0
  803. data/lib/puppet/provider/package/up2date.rb +40 -0
  804. data/lib/puppet/provider/package/urpmi.rb +55 -0
  805. data/lib/puppet/provider/package/windows/exe_package.rb +106 -0
  806. data/lib/puppet/provider/package/windows/msi_package.rb +70 -0
  807. data/lib/puppet/provider/package/windows/package.rb +110 -0
  808. data/lib/puppet/provider/package/windows.rb +130 -0
  809. data/lib/puppet/provider/package/yum.rb +387 -0
  810. data/lib/puppet/provider/package/zypper.rb +206 -0
  811. data/lib/puppet/provider/package.rb +59 -0
  812. data/lib/puppet/provider/package_targetable.rb +69 -0
  813. data/lib/puppet/provider/parsedfile.rb +490 -0
  814. data/lib/puppet/provider/service/base.rb +139 -0
  815. data/lib/puppet/provider/service/bsd.rb +51 -0
  816. data/lib/puppet/provider/service/daemontools.rb +193 -0
  817. data/lib/puppet/provider/service/debian.rb +75 -0
  818. data/lib/puppet/provider/service/freebsd.rb +143 -0
  819. data/lib/puppet/provider/service/gentoo.rb +45 -0
  820. data/lib/puppet/provider/service/init.rb +192 -0
  821. data/lib/puppet/provider/service/launchd.rb +384 -0
  822. data/lib/puppet/provider/service/openbsd.rb +100 -0
  823. data/lib/puppet/provider/service/openrc.rb +71 -0
  824. data/lib/puppet/provider/service/openwrt.rb +36 -0
  825. data/lib/puppet/provider/service/rcng.rb +51 -0
  826. data/lib/puppet/provider/service/redhat.rb +72 -0
  827. data/lib/puppet/provider/service/runit.rb +106 -0
  828. data/lib/puppet/provider/service/service.rb +68 -0
  829. data/lib/puppet/provider/service/smf.rb +317 -0
  830. data/lib/puppet/provider/service/src.rb +147 -0
  831. data/lib/puppet/provider/service/systemd.rb +232 -0
  832. data/lib/puppet/provider/service/upstart.rb +385 -0
  833. data/lib/puppet/provider/service/windows.rb +182 -0
  834. data/lib/puppet/provider/user/aix.rb +361 -0
  835. data/lib/puppet/provider/user/directoryservice.rb +680 -0
  836. data/lib/puppet/provider/user/hpux.rb +95 -0
  837. data/lib/puppet/provider/user/ldap.rb +132 -0
  838. data/lib/puppet/provider/user/openbsd.rb +77 -0
  839. data/lib/puppet/provider/user/pw.rb +108 -0
  840. data/lib/puppet/provider/user/user_role_add.rb +239 -0
  841. data/lib/puppet/provider/user/useradd.rb +406 -0
  842. data/lib/puppet/provider/user/windows_adsi.rb +172 -0
  843. data/lib/puppet/provider.rb +612 -0
  844. data/lib/puppet/reference/configuration.rb +97 -0
  845. data/lib/puppet/reference/function.rb +17 -0
  846. data/lib/puppet/reference/indirection.rb +71 -0
  847. data/lib/puppet/reference/metaparameter.rb +33 -0
  848. data/lib/puppet/reference/providers.rb +117 -0
  849. data/lib/puppet/reference/report.rb +20 -0
  850. data/lib/puppet/reference/type.rb +109 -0
  851. data/lib/puppet/relationship.rb +84 -0
  852. data/lib/puppet/reports/http.rb +44 -0
  853. data/lib/puppet/reports/log.rb +14 -0
  854. data/lib/puppet/reports/store.rb +68 -0
  855. data/lib/puppet/reports.rb +93 -0
  856. data/lib/puppet/resource/catalog.rb +654 -0
  857. data/lib/puppet/resource/status.rb +229 -0
  858. data/lib/puppet/resource/type.rb +425 -0
  859. data/lib/puppet/resource/type_collection.rb +231 -0
  860. data/lib/puppet/resource.rb +663 -0
  861. data/lib/puppet/runtime.rb +65 -0
  862. data/lib/puppet/scheduler/job.rb +53 -0
  863. data/lib/puppet/scheduler/scheduler.rb +44 -0
  864. data/lib/puppet/scheduler/splay_job.rb +32 -0
  865. data/lib/puppet/scheduler/timer.rb +13 -0
  866. data/lib/puppet/scheduler.rb +16 -0
  867. data/lib/puppet/settings/alias_setting.rb +37 -0
  868. data/lib/puppet/settings/array_setting.rb +17 -0
  869. data/lib/puppet/settings/autosign_setting.rb +22 -0
  870. data/lib/puppet/settings/base_setting.rb +223 -0
  871. data/lib/puppet/settings/boolean_setting.rb +32 -0
  872. data/lib/puppet/settings/certificate_revocation_setting.rb +21 -0
  873. data/lib/puppet/settings/config_file.rb +146 -0
  874. data/lib/puppet/settings/directory_setting.rb +18 -0
  875. data/lib/puppet/settings/duration_setting.rb +32 -0
  876. data/lib/puppet/settings/enum_setting.rb +16 -0
  877. data/lib/puppet/settings/environment_conf.rb +224 -0
  878. data/lib/puppet/settings/errors.rb +11 -0
  879. data/lib/puppet/settings/file_or_directory_setting.rb +40 -0
  880. data/lib/puppet/settings/file_setting.rb +241 -0
  881. data/lib/puppet/settings/http_extra_headers_setting.rb +25 -0
  882. data/lib/puppet/settings/ini_file.rb +226 -0
  883. data/lib/puppet/settings/integer_setting.rb +17 -0
  884. data/lib/puppet/settings/path_setting.rb +8 -0
  885. data/lib/puppet/settings/port_setting.rb +15 -0
  886. data/lib/puppet/settings/priority_setting.rb +43 -0
  887. data/lib/puppet/settings/server_list_setting.rb +29 -0
  888. data/lib/puppet/settings/string_setting.rb +9 -0
  889. data/lib/puppet/settings/symbolic_enum_setting.rb +17 -0
  890. data/lib/puppet/settings/terminus_setting.rb +14 -0
  891. data/lib/puppet/settings/ttl_setting.rb +51 -0
  892. data/lib/puppet/settings/value_translator.rb +14 -0
  893. data/lib/puppet/settings.rb +1642 -0
  894. data/lib/puppet/ssl/base.rb +149 -0
  895. data/lib/puppet/ssl/certificate.rb +96 -0
  896. data/lib/puppet/ssl/certificate_request.rb +324 -0
  897. data/lib/puppet/ssl/certificate_request_attributes.rb +37 -0
  898. data/lib/puppet/ssl/certificate_signer.rb +39 -0
  899. data/lib/puppet/ssl/digest.rb +20 -0
  900. data/lib/puppet/ssl/error.rb +26 -0
  901. data/lib/puppet/ssl/oids.rb +197 -0
  902. data/lib/puppet/ssl/openssl_loader.rb +24 -0
  903. data/lib/puppet/ssl/ssl_context.rb +25 -0
  904. data/lib/puppet/ssl/ssl_provider.rb +350 -0
  905. data/lib/puppet/ssl/state_machine.rb +474 -0
  906. data/lib/puppet/ssl/verifier.rb +142 -0
  907. data/lib/puppet/ssl.rb +23 -0
  908. data/lib/puppet/syntax_checkers/base64.rb +40 -0
  909. data/lib/puppet/syntax_checkers/epp.rb +34 -0
  910. data/lib/puppet/syntax_checkers/json.rb +35 -0
  911. data/lib/puppet/syntax_checkers/pp.rb +34 -0
  912. data/lib/puppet/syntax_checkers.rb +3 -0
  913. data/lib/puppet/test/test_helper.rb +265 -0
  914. data/lib/puppet/thread_local.rb +4 -0
  915. data/lib/puppet/transaction/additional_resource_generator.rb +220 -0
  916. data/lib/puppet/transaction/event.rb +168 -0
  917. data/lib/puppet/transaction/event_manager.rb +179 -0
  918. data/lib/puppet/transaction/persistence.rb +119 -0
  919. data/lib/puppet/transaction/report.rb +504 -0
  920. data/lib/puppet/transaction/resource_harness.rb +323 -0
  921. data/lib/puppet/transaction.rb +491 -0
  922. data/lib/puppet/trusted_external.rb +41 -0
  923. data/lib/puppet/type/component.rb +89 -0
  924. data/lib/puppet/type/exec.rb +720 -0
  925. data/lib/puppet/type/file/checksum.rb +50 -0
  926. data/lib/puppet/type/file/checksum_value.rb +54 -0
  927. data/lib/puppet/type/file/content.rb +176 -0
  928. data/lib/puppet/type/file/ctime.rb +21 -0
  929. data/lib/puppet/type/file/data_sync.rb +98 -0
  930. data/lib/puppet/type/file/ensure.rb +195 -0
  931. data/lib/puppet/type/file/group.rb +48 -0
  932. data/lib/puppet/type/file/mode.rb +189 -0
  933. data/lib/puppet/type/file/mtime.rb +19 -0
  934. data/lib/puppet/type/file/owner.rb +51 -0
  935. data/lib/puppet/type/file/selcontext.rb +142 -0
  936. data/lib/puppet/type/file/source.rb +379 -0
  937. data/lib/puppet/type/file/target.rb +88 -0
  938. data/lib/puppet/type/file/type.rb +20 -0
  939. data/lib/puppet/type/file.rb +1133 -0
  940. data/lib/puppet/type/filebucket.rb +121 -0
  941. data/lib/puppet/type/group.rb +237 -0
  942. data/lib/puppet/type/notify.rb +47 -0
  943. data/lib/puppet/type/package.rb +713 -0
  944. data/lib/puppet/type/resources.rb +187 -0
  945. data/lib/puppet/type/schedule.rb +441 -0
  946. data/lib/puppet/type/service.rb +309 -0
  947. data/lib/puppet/type/stage.rb +27 -0
  948. data/lib/puppet/type/tidy.rb +376 -0
  949. data/lib/puppet/type/user.rb +859 -0
  950. data/lib/puppet/type/whit.rb +34 -0
  951. data/lib/puppet/type.rb +2676 -0
  952. data/lib/puppet/util/at_fork/noop.rb +18 -0
  953. data/lib/puppet/util/at_fork/solaris.rb +160 -0
  954. data/lib/puppet/util/at_fork.rb +35 -0
  955. data/lib/puppet/util/autoload.rb +215 -0
  956. data/lib/puppet/util/backups.rb +86 -0
  957. data/lib/puppet/util/character_encoding.rb +80 -0
  958. data/lib/puppet/util/checksums.rb +376 -0
  959. data/lib/puppet/util/classgen.rb +228 -0
  960. data/lib/puppet/util/colors.rb +100 -0
  961. data/lib/puppet/util/command_line/puppet_option_parser.rb +87 -0
  962. data/lib/puppet/util/command_line/trollop.rb +825 -0
  963. data/lib/puppet/util/command_line.rb +196 -0
  964. data/lib/puppet/util/constant_inflector.rb +24 -0
  965. data/lib/puppet/util/diff.rb +81 -0
  966. data/lib/puppet/util/docs.rb +128 -0
  967. data/lib/puppet/util/errors.rb +159 -0
  968. data/lib/puppet/util/execution.rb +424 -0
  969. data/lib/puppet/util/execution_stub.rb +26 -0
  970. data/lib/puppet/util/feature.rb +129 -0
  971. data/lib/puppet/util/file_watcher.rb +28 -0
  972. data/lib/puppet/util/fileparsing.rb +408 -0
  973. data/lib/puppet/util/filetype.rb +358 -0
  974. data/lib/puppet/util/http_proxy.rb +4 -0
  975. data/lib/puppet/util/inifile.rb +340 -0
  976. data/lib/puppet/util/instance_loader.rb +66 -0
  977. data/lib/puppet/util/json.rb +92 -0
  978. data/lib/puppet/util/json_lockfile.rb +44 -0
  979. data/lib/puppet/util/ldap/connection.rb +73 -0
  980. data/lib/puppet/util/ldap/generator.rb +42 -0
  981. data/lib/puppet/util/ldap/manager.rb +284 -0
  982. data/lib/puppet/util/ldap.rb +2 -0
  983. data/lib/puppet/util/libuser.conf +15 -0
  984. data/lib/puppet/util/libuser.rb +12 -0
  985. data/lib/puppet/util/limits.rb +12 -0
  986. data/lib/puppet/util/lockfile.rb +66 -0
  987. data/lib/puppet/util/log/destination.rb +49 -0
  988. data/lib/puppet/util/log/destinations.rb +253 -0
  989. data/lib/puppet/util/log.rb +427 -0
  990. data/lib/puppet/util/logging.rb +300 -0
  991. data/lib/puppet/util/metaid.rb +21 -0
  992. data/lib/puppet/util/metric.rb +65 -0
  993. data/lib/puppet/util/monkey_patches.rb +122 -0
  994. data/lib/puppet/util/multi_match.rb +51 -0
  995. data/lib/puppet/util/network_device/base.rb +23 -0
  996. data/lib/puppet/util/network_device/config.rb +105 -0
  997. data/lib/puppet/util/network_device/transport/base.rb +26 -0
  998. data/lib/puppet/util/network_device/transport.rb +5 -0
  999. data/lib/puppet/util/network_device.rb +17 -0
  1000. data/lib/puppet/util/package/version/debian.rb +175 -0
  1001. data/lib/puppet/util/package/version/gem.rb +15 -0
  1002. data/lib/puppet/util/package/version/pip.rb +167 -0
  1003. data/lib/puppet/util/package/version/range/eq.rb +14 -0
  1004. data/lib/puppet/util/package/version/range/gt.rb +14 -0
  1005. data/lib/puppet/util/package/version/range/gt_eq.rb +14 -0
  1006. data/lib/puppet/util/package/version/range/lt.rb +14 -0
  1007. data/lib/puppet/util/package/version/range/lt_eq.rb +14 -0
  1008. data/lib/puppet/util/package/version/range/min_max.rb +21 -0
  1009. data/lib/puppet/util/package/version/range/simple.rb +11 -0
  1010. data/lib/puppet/util/package/version/range.rb +53 -0
  1011. data/lib/puppet/util/package/version/rpm.rb +73 -0
  1012. data/lib/puppet/util/package.rb +40 -0
  1013. data/lib/puppet/util/pidlock.rb +102 -0
  1014. data/lib/puppet/util/platform.rb +70 -0
  1015. data/lib/puppet/util/plist.rb +161 -0
  1016. data/lib/puppet/util/posix.rb +203 -0
  1017. data/lib/puppet/util/profiler/aggregate.rb +85 -0
  1018. data/lib/puppet/util/profiler/around_profiler.rb +67 -0
  1019. data/lib/puppet/util/profiler/logging.rb +48 -0
  1020. data/lib/puppet/util/profiler/object_counts.rb +17 -0
  1021. data/lib/puppet/util/profiler/wall_clock.rb +35 -0
  1022. data/lib/puppet/util/profiler.rb +53 -0
  1023. data/lib/puppet/util/provider_features.rb +179 -0
  1024. data/lib/puppet/util/psych_support.rb +30 -0
  1025. data/lib/puppet/util/rdoc/code_objects.rb +295 -0
  1026. data/lib/puppet/util/rdoc/generators/puppet_generator.rb +912 -0
  1027. data/lib/puppet/util/rdoc/generators/template/puppet/puppet.rb +1085 -0
  1028. data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +259 -0
  1029. data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc2.rb +14 -0
  1030. data/lib/puppet/util/rdoc/parser.rb +12 -0
  1031. data/lib/puppet/util/rdoc.rb +53 -0
  1032. data/lib/puppet/util/reference.rb +119 -0
  1033. data/lib/puppet/util/resource_template.rb +61 -0
  1034. data/lib/puppet/util/retry_action.rb +46 -0
  1035. data/lib/puppet/util/rpm_compare.rb +193 -0
  1036. data/lib/puppet/util/rubygems.rb +67 -0
  1037. data/lib/puppet/util/run_mode.rb +122 -0
  1038. data/lib/puppet/util/selinux.rb +297 -0
  1039. data/lib/puppet/util/skip_tags.rb +13 -0
  1040. data/lib/puppet/util/splayer.rb +18 -0
  1041. data/lib/puppet/util/storage.rb +100 -0
  1042. data/lib/puppet/util/suidmanager.rb +166 -0
  1043. data/lib/puppet/util/symbolic_file_mode.rb +156 -0
  1044. data/lib/puppet/util/tag_set.rb +27 -0
  1045. data/lib/puppet/util/tagging.rb +132 -0
  1046. data/lib/puppet/util/terminal.rb +16 -0
  1047. data/lib/puppet/util/user_attr.rb +21 -0
  1048. data/lib/puppet/util/warnings.rb +31 -0
  1049. data/lib/puppet/util/watched_file.rb +37 -0
  1050. data/lib/puppet/util/watcher/change_watcher.rb +33 -0
  1051. data/lib/puppet/util/watcher/periodic_watcher.rb +37 -0
  1052. data/lib/puppet/util/watcher/timer.rb +19 -0
  1053. data/lib/puppet/util/watcher.rb +17 -0
  1054. data/lib/puppet/util/windows/access_control_entry.rb +84 -0
  1055. data/lib/puppet/util/windows/access_control_list.rb +113 -0
  1056. data/lib/puppet/util/windows/adsi.rb +654 -0
  1057. data/lib/puppet/util/windows/com.rb +225 -0
  1058. data/lib/puppet/util/windows/daemon.rb +343 -0
  1059. data/lib/puppet/util/windows/error.rb +84 -0
  1060. data/lib/puppet/util/windows/eventlog.rb +187 -0
  1061. data/lib/puppet/util/windows/file.rb +355 -0
  1062. data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
  1063. data/lib/puppet/util/windows/principal.rb +201 -0
  1064. data/lib/puppet/util/windows/process.rb +364 -0
  1065. data/lib/puppet/util/windows/registry.rb +441 -0
  1066. data/lib/puppet/util/windows/root_certs.rb +108 -0
  1067. data/lib/puppet/util/windows/security.rb +907 -0
  1068. data/lib/puppet/util/windows/security_descriptor.rb +62 -0
  1069. data/lib/puppet/util/windows/service.rb +696 -0
  1070. data/lib/puppet/util/windows/sid.rb +289 -0
  1071. data/lib/puppet/util/windows/string.rb +15 -0
  1072. data/lib/puppet/util/windows/user.rb +550 -0
  1073. data/lib/puppet/util/windows.rb +51 -0
  1074. data/lib/puppet/util/yaml.rb +65 -0
  1075. data/lib/puppet/util.rb +808 -0
  1076. data/lib/puppet/vendor/require_vendored.rb +4 -0
  1077. data/lib/puppet/vendor.rb +57 -0
  1078. data/lib/puppet/version.rb +95 -0
  1079. data/lib/puppet/x509/cert_provider.rb +369 -0
  1080. data/lib/puppet/x509/pem_store.rb +55 -0
  1081. data/lib/puppet/x509.rb +11 -0
  1082. data/lib/puppet.rb +345 -0
  1083. data/lib/puppet_pal.rb +8 -0
  1084. data/lib/puppet_x.rb +14 -0
  1085. data/locales/config.yaml +29 -0
  1086. data/locales/en/puppet.po +19 -0
  1087. data/locales/puppet.pot +20 -0
  1088. data/man/man5/puppet.conf.5 +2198 -0
  1089. data/man/man8/puppet-agent.8 +203 -0
  1090. data/man/man8/puppet-apply.8 +100 -0
  1091. data/man/man8/puppet-catalog.8 +291 -0
  1092. data/man/man8/puppet-config.8 +151 -0
  1093. data/man/man8/puppet-describe.8 +51 -0
  1094. data/man/man8/puppet-device.8 +119 -0
  1095. data/man/man8/puppet-doc.8 +46 -0
  1096. data/man/man8/puppet-epp.8 +377 -0
  1097. data/man/man8/puppet-facts.8 +234 -0
  1098. data/man/man8/puppet-filebucket.8 +166 -0
  1099. data/man/man8/puppet-generate.8 +84 -0
  1100. data/man/man8/puppet-help.8 +67 -0
  1101. data/man/man8/puppet-lookup.8 +107 -0
  1102. data/man/man8/puppet-module.8 +325 -0
  1103. data/man/man8/puppet-node.8 +163 -0
  1104. data/man/man8/puppet-parser.8 +130 -0
  1105. data/man/man8/puppet-plugin.8 +73 -0
  1106. data/man/man8/puppet-report.8 +127 -0
  1107. data/man/man8/puppet-resource.8 +88 -0
  1108. data/man/man8/puppet-script.8 +70 -0
  1109. data/man/man8/puppet-ssl.8 +63 -0
  1110. data/man/man8/puppet.8 +28 -0
  1111. data/tasks/benchmark.rake +180 -0
  1112. data/tasks/ci.rake +24 -0
  1113. data/tasks/generate_ast_model.rake +90 -0
  1114. data/tasks/generate_cert_fixtures.rake +194 -0
  1115. data/tasks/manpages.rake +67 -0
  1116. data/tasks/memwalk.rake +195 -0
  1117. data/tasks/parallel.rake +410 -0
  1118. data/tasks/parser.rake +22 -0
  1119. data/tasks/yard.rake +59 -0
  1120. metadata +1324 -0
@@ -0,0 +1,197 @@
1
+ require_relative '../../puppet/ssl'
2
+
3
+ # This module defines OIDs for use within Puppet.
4
+ #
5
+ # # ASN.1 Definition
6
+ #
7
+ # The following is the formal definition of OIDs specified in this file.
8
+ #
9
+ # ```
10
+ # puppetCertExtensions OBJECT IDENTIFIER ::= {iso(1) identified-organization(3)
11
+ # dod(6) internet(1) private(4) enterprise(1) 34380 1}
12
+ #
13
+ # -- the tree under registeredExtensions 'belongs' to puppetlabs
14
+ # -- privateExtensions can be extended by enterprises to suit their own needs
15
+ # registeredExtensions OBJECT IDENTIFIER ::= { puppetCertExtensions 1 }
16
+ # privateExtensions OBJECT IDENTIFIER ::= { puppetCertExtensions 2 }
17
+ # authorizationExtensions OBJECT IDENTIFIER ::= { puppetCertExtensions 3 }
18
+ #
19
+ # -- subtree of common registered extensions
20
+ # -- The short names for these OIDs are intentionally lowercased and formatted
21
+ # -- since they may be exposed inside the Puppet DSL as variables.
22
+ # pp_uuid OBJECT IDENTIFIER ::= { registeredExtensions 1 }
23
+ # pp_instance_id OBJECT IDENTIFIER ::= { registeredExtensions 2 }
24
+ # pp_image_name OBJECT IDENTIFIER ::= { registeredExtensions 3 }
25
+ # pp_preshared_key OBJECT IDENTIFIER ::= { registeredExtensions 4 }
26
+ # ```
27
+ #
28
+ # @api private
29
+ module Puppet::SSL::Oids
30
+
31
+ # Note: When updating the following OIDs make sure to also update the OID
32
+ # definitions here:
33
+ # https://github.com/puppetlabs/puppetserver/blob/master/src/clj/puppetlabs/puppetserver/certificate_authority.clj#L122-L159
34
+
35
+ PUPPET_OIDS = [
36
+ ["1.3.6.1.4.1.34380", 'puppetlabs', 'Puppet Labs'],
37
+ ["1.3.6.1.4.1.34380.1", 'ppCertExt', 'Puppet Certificate Extension'],
38
+
39
+ ["1.3.6.1.4.1.34380.1.1", 'ppRegCertExt', 'Puppet Registered Certificate Extension'],
40
+
41
+ ["1.3.6.1.4.1.34380.1.1.1", 'pp_uuid', 'Puppet Node UUID'],
42
+ ["1.3.6.1.4.1.34380.1.1.2", 'pp_instance_id', 'Puppet Node Instance ID'],
43
+ ["1.3.6.1.4.1.34380.1.1.3", 'pp_image_name', 'Puppet Node Image Name'],
44
+ ["1.3.6.1.4.1.34380.1.1.4", 'pp_preshared_key', 'Puppet Node Preshared Key'],
45
+ ["1.3.6.1.4.1.34380.1.1.5", 'pp_cost_center', 'Puppet Node Cost Center Name'],
46
+ ["1.3.6.1.4.1.34380.1.1.6", 'pp_product', 'Puppet Node Product Name'],
47
+ ["1.3.6.1.4.1.34380.1.1.7", 'pp_project', 'Puppet Node Project Name'],
48
+ ["1.3.6.1.4.1.34380.1.1.8", 'pp_application', 'Puppet Node Application Name'],
49
+ ["1.3.6.1.4.1.34380.1.1.9", 'pp_service', 'Puppet Node Service Name'],
50
+ ["1.3.6.1.4.1.34380.1.1.10", 'pp_employee', 'Puppet Node Employee Name'],
51
+ ["1.3.6.1.4.1.34380.1.1.11", 'pp_created_by', 'Puppet Node created_by Tag'],
52
+ ["1.3.6.1.4.1.34380.1.1.12", 'pp_environment', 'Puppet Node Environment Name'],
53
+ ["1.3.6.1.4.1.34380.1.1.13", 'pp_role', 'Puppet Node Role Name'],
54
+ ["1.3.6.1.4.1.34380.1.1.14", 'pp_software_version', 'Puppet Node Software Version'],
55
+ ["1.3.6.1.4.1.34380.1.1.15", 'pp_department', 'Puppet Node Department Name'],
56
+ ["1.3.6.1.4.1.34380.1.1.16", 'pp_cluster', 'Puppet Node Cluster Name'],
57
+ ["1.3.6.1.4.1.34380.1.1.17", 'pp_provisioner', 'Puppet Node Provisioner Name'],
58
+ ["1.3.6.1.4.1.34380.1.1.18", 'pp_region', 'Puppet Node Region Name'],
59
+ ["1.3.6.1.4.1.34380.1.1.19", 'pp_datacenter', 'Puppet Node Datacenter Name'],
60
+ ["1.3.6.1.4.1.34380.1.1.20", 'pp_zone', 'Puppet Node Zone Name'],
61
+ ["1.3.6.1.4.1.34380.1.1.21", 'pp_network', 'Puppet Node Network Name'],
62
+ ["1.3.6.1.4.1.34380.1.1.22", 'pp_securitypolicy', 'Puppet Node Security Policy Name'],
63
+ ["1.3.6.1.4.1.34380.1.1.23", 'pp_cloudplatform', 'Puppet Node Cloud Platform Name'],
64
+ ["1.3.6.1.4.1.34380.1.1.24", 'pp_apptier', 'Puppet Node Application Tier'],
65
+ ["1.3.6.1.4.1.34380.1.1.25", 'pp_hostname', 'Puppet Node Hostname'],
66
+ ["1.3.6.1.4.1.34380.1.1.26", 'pp_owner', 'Puppet Node Owner'],
67
+
68
+ ["1.3.6.1.4.1.34380.1.2", 'ppPrivCertExt', 'Puppet Private Certificate Extension'],
69
+
70
+ ["1.3.6.1.4.1.34380.1.3", 'ppAuthCertExt', 'Puppet Certificate Authorization Extension'],
71
+
72
+ ["1.3.6.1.4.1.34380.1.3.1", 'pp_authorization', 'Certificate Extension Authorization'],
73
+ ["1.3.6.1.4.1.34380.1.3.13", 'pp_auth_role', 'Puppet Node Role Name for Authorization'],
74
+ ["1.3.6.1.4.1.34380.1.3.39", 'pp_cli_auth', 'Puppetserver CA CLI Authorization'],
75
+ ]
76
+
77
+ @did_register_puppet_oids = false
78
+
79
+ # Register our custom Puppet OIDs with OpenSSL so they can be used as CSR
80
+ # extensions. Without registering these OIDs, OpenSSL will fail when it
81
+ # encounters such an extension in a CSR.
82
+ def self.register_puppet_oids()
83
+ if !@did_register_puppet_oids
84
+ PUPPET_OIDS.each do |oid_defn|
85
+ OpenSSL::ASN1::ObjectId.register(*oid_defn)
86
+ end
87
+
88
+ @did_register_puppet_oids = true
89
+ end
90
+ end
91
+
92
+ # Parse custom OID mapping file that enables custom OIDs to be resolved
93
+ # into user-friendly names.
94
+ #
95
+ # @param custom_oid_file [String] File to obtain custom OIDs mapping from
96
+ # @param map_key [String] Hash key in which custom OIDs mapping is stored
97
+ #
98
+ # @example Custom OID mapping file
99
+ # ---
100
+ # oid_mapping:
101
+ # '1.3.6.1.4.1.34380.1.2.1.1':
102
+ # shortname : 'myshortname'
103
+ # longname : 'Long name'
104
+ # '1.3.6.1.4.1.34380.1.2.1.2':
105
+ # shortname: 'myothershortname'
106
+ # longname: 'Other Long name'
107
+ def self.parse_custom_oid_file(custom_oid_file, map_key='oid_mapping')
108
+ if File.exist?(custom_oid_file) && File.readable?(custom_oid_file)
109
+ mapping = nil
110
+ begin
111
+ mapping = Puppet::Util::Yaml.safe_load_file(custom_oid_file, [Symbol])
112
+ rescue => err
113
+ raise Puppet::Error, _("Error loading ssl custom OIDs mapping file from '%{custom_oid_file}': %{err}") % { custom_oid_file: custom_oid_file, err: err }, err.backtrace
114
+ end
115
+
116
+ unless mapping.has_key?(map_key)
117
+ raise Puppet::Error, _("Error loading ssl custom OIDs mapping file from '%{custom_oid_file}': no such index '%{map_key}'") % { custom_oid_file: custom_oid_file, map_key: map_key }
118
+ end
119
+
120
+ unless mapping[map_key].is_a?(Hash)
121
+ raise Puppet::Error, _("Error loading ssl custom OIDs mapping file from '%{custom_oid_file}': data under index '%{map_key}' must be a Hash") % { custom_oid_file: custom_oid_file, map_key: map_key }
122
+ end
123
+
124
+ oid_defns = []
125
+ mapping[map_key].keys.each do |oid|
126
+ shortname, longname = mapping[map_key][oid].values_at("shortname","longname")
127
+ if shortname.nil? || longname.nil?
128
+ raise Puppet::Error, _("Error loading ssl custom OIDs mapping file from '%{custom_oid_file}': incomplete definition of oid '%{oid}'") % { custom_oid_file: custom_oid_file, oid: oid }
129
+ end
130
+ oid_defns << [oid, shortname, longname]
131
+ end
132
+
133
+ oid_defns
134
+ end
135
+ end
136
+
137
+ # Load custom OID mapping file that enables custom OIDs to be resolved
138
+ # into user-friendly names.
139
+ #
140
+ # @param custom_oid_file [String] File to obtain custom OIDs mapping from
141
+ # @param map_key [String] Hash key in which custom OIDs mapping is stored
142
+ #
143
+ # @example Custom OID mapping file
144
+ # ---
145
+ # oid_mapping:
146
+ # '1.3.6.1.4.1.34380.1.2.1.1':
147
+ # shortname : 'myshortname'
148
+ # longname : 'Long name'
149
+ # '1.3.6.1.4.1.34380.1.2.1.2':
150
+ # shortname: 'myothershortname'
151
+ # longname: 'Other Long name'
152
+ def self.load_custom_oid_file(custom_oid_file, map_key='oid_mapping')
153
+ oid_defns = parse_custom_oid_file(custom_oid_file, map_key)
154
+ unless oid_defns.nil?
155
+ begin
156
+ oid_defns.each do |oid_defn|
157
+ OpenSSL::ASN1::ObjectId.register(*oid_defn)
158
+ end
159
+ rescue => err
160
+ raise ArgumentError, _("Error registering ssl custom OIDs mapping from file '%{custom_oid_file}': %{err}") % { custom_oid_file: custom_oid_file, err: err }, err.backtrace
161
+ end
162
+ end
163
+ end
164
+
165
+ # Determine if the first OID contains the second OID
166
+ #
167
+ # @param first [String] The containing OID, in dotted form or as the short name
168
+ # @param second [String] The contained OID, in dotted form or as the short name
169
+ # @param exclusive [true, false] If an OID should not be considered as a subtree of itself
170
+ #
171
+ # @example Comparing two dotted OIDs
172
+ # Puppet::SSL::Oids.subtree_of?('1.3.6.1', '1.3.6.1.4.1') #=> true
173
+ # Puppet::SSL::Oids.subtree_of?('1.3.6.1', '1.3.6') #=> false
174
+ #
175
+ # @example Comparing an OID short name with a dotted OID
176
+ # Puppet::SSL::Oids.subtree_of?('IANA', '1.3.6.1.4.1') #=> true
177
+ # Puppet::SSL::Oids.subtree_of?('1.3.6.1', 'enterprises') #=> true
178
+ #
179
+ # @example Comparing an OID against itself
180
+ # Puppet::SSL::Oids.subtree_of?('IANA', 'IANA') #=> true
181
+ # Puppet::SSL::Oids.subtree_of?('IANA', 'IANA', true) #=> false
182
+ #
183
+ # @return [true, false]
184
+ def self.subtree_of?(first, second, exclusive = false)
185
+ first_oid = OpenSSL::ASN1::ObjectId.new(first).oid
186
+ second_oid = OpenSSL::ASN1::ObjectId.new(second).oid
187
+
188
+
189
+ if exclusive and first_oid == second_oid
190
+ false
191
+ else
192
+ second_oid.index(first_oid) == 0
193
+ end
194
+ rescue OpenSSL::ASN1::ASN1Error, TypeError
195
+ false
196
+ end
197
+ end
@@ -0,0 +1,24 @@
1
+ require_relative '../../puppet/util/platform'
2
+
3
+ # This file should be required instead of writing `require 'openssl'`
4
+ # or any library that loads openssl like `net/https`. This allows the
5
+ # core Puppet code to load correctly in JRuby environments that do not
6
+ # have a functioning openssl (eg a FIPS enabled one).
7
+
8
+ unless Puppet::Util::Platform.jruby_fips?
9
+ require 'openssl'
10
+ require 'net/https'
11
+ else
12
+ # Even in JRuby we need to define the constants that are wrapped in
13
+ # Indirections: Puppet::SSL::{Key, Certificate, CertificateRequest}
14
+ module OpenSSL
15
+ module PKey
16
+ class RSA; end
17
+ end
18
+
19
+ module X509
20
+ class Request; end
21
+ class Certificate; end
22
+ end
23
+ end
24
+ end
@@ -0,0 +1,25 @@
1
+ require_relative '../../puppet/ssl'
2
+
3
+ module Puppet::SSL
4
+ # The `keyword_init: true` option is no longer needed in Ruby >= 3.2
5
+ SSLContext = Struct.new(
6
+ :store,
7
+ :cacerts,
8
+ :crls,
9
+ :private_key,
10
+ :client_cert,
11
+ :client_chain,
12
+ :revocation,
13
+ :verify_peer,
14
+ keyword_init: true
15
+ ) do
16
+ def initialize(*)
17
+ super
18
+ self[:cacerts] ||= []
19
+ self[:crls] ||= []
20
+ self[:client_chain] ||= []
21
+ self[:revocation] = true if self[:revocation].nil?
22
+ self[:verify_peer] = true if self[:verify_peer].nil?
23
+ end
24
+ end
25
+ end
@@ -0,0 +1,350 @@
1
+ require_relative '../../puppet/ssl'
2
+
3
+ # SSL Provider creates `SSLContext` objects that can be used to create
4
+ # secure connections.
5
+ #
6
+ # @example To load an SSLContext from an existing private key and related certs/crls:
7
+ # ssl_context = provider.load_context
8
+ #
9
+ # @example To load an SSLContext from an existing password-protected private key and related certs/crls:
10
+ # ssl_context = provider.load_context(password: 'opensesame')
11
+ #
12
+ # @example To create an SSLContext from in-memory certs and keys:
13
+ # cacerts = [<OpenSSL::X509::Certificate>]
14
+ # crls = [<OpenSSL::X509::CRL>]
15
+ # key = <OpenSSL::X509::PKey>
16
+ # cert = <OpenSSL::X509::Certificate>
17
+ # ssl_context = provider.create_context(cacerts: cacerts, crls: crls, private_key: key, client_cert: cert)
18
+ #
19
+ # @example To create an SSLContext to connect to non-puppet HTTPS servers:
20
+ # cacerts = [<OpenSSL::X509::Certificate>]
21
+ # ssl_context = provider.create_root_context(cacerts: cacerts)
22
+ #
23
+ # @api private
24
+ class Puppet::SSL::SSLProvider
25
+ # Create an insecure `SSLContext`. Connections made from the returned context
26
+ # will not authenticate the server, i.e. `VERIFY_NONE`, and are vulnerable to
27
+ # MITM. Do not call this method.
28
+ #
29
+ # @return [Puppet::SSL::SSLContext] A context to use to create connections
30
+ # @api private
31
+ def create_insecure_context
32
+ store = create_x509_store([], [], false)
33
+
34
+ Puppet::SSL::SSLContext.new(store: store, verify_peer: false).freeze
35
+ end
36
+
37
+ # Create an `SSLContext` using the trusted `cacerts` and optional `crls`.
38
+ # Connections made from the returned context will authenticate the server,
39
+ # i.e. `VERIFY_PEER`, but will not use a client certificate.
40
+ #
41
+ # The `crls` parameter must contain CRLs corresponding to each CA in `cacerts`
42
+ # depending on the `revocation` mode. See {#create_context}.
43
+ #
44
+ # @param cacerts [Array<OpenSSL::X509::Certificate>] Array of trusted CA certs
45
+ # @param crls [Array<OpenSSL::X509::CRL>] Array of CRLs
46
+ # @param revocation [:chain, :leaf, false] revocation mode
47
+ # @return [Puppet::SSL::SSLContext] A context to use to create connections
48
+ # @raise (see #create_context)
49
+ # @api private
50
+ def create_root_context(cacerts:, crls: [], revocation: Puppet[:certificate_revocation])
51
+ store = create_x509_store(cacerts, crls, revocation)
52
+
53
+ Puppet::SSL::SSLContext.new(store: store, cacerts: cacerts, crls: crls, revocation: revocation).freeze
54
+ end
55
+
56
+ # Create an `SSLContext` using the trusted `cacerts` and any certs in OpenSSL's
57
+ # default verify path locations. When running puppet as a gem, the location is
58
+ # system dependent. When running puppet from puppet-agent packages, the location
59
+ # refers to the cacerts bundle in the puppet-agent package.
60
+ #
61
+ # Connections made from the returned context will authenticate the server,
62
+ # i.e. `VERIFY_PEER`, but will not use a client certificate (unless requested)
63
+ # and will not perform revocation checking.
64
+ #
65
+ # @param cacerts [Array<OpenSSL::X509::Certificate>] Array of trusted CA certs
66
+ # @param path [String, nil] A file containing additional trusted CA certs.
67
+ # @param include_client_cert [true, false] If true, the client cert will be added to the context
68
+ # allowing mutual TLS authentication. The default is false. If the client cert doesn't exist
69
+ # then the option will be ignored.
70
+ # @return [Puppet::SSL::SSLContext] A context to use to create connections
71
+ # @raise (see #create_context)
72
+ # @api private
73
+ def create_system_context(cacerts:, path: Puppet[:ssl_trust_store], include_client_cert: false)
74
+ store = create_x509_store(cacerts, [], false, include_system_store: true)
75
+
76
+ if path
77
+ stat = Puppet::FileSystem.stat(path)
78
+ if stat
79
+ if stat.ftype == 'file'
80
+ # don't add empty files as ruby/openssl will raise
81
+ if stat.size > 0
82
+ begin
83
+ store.add_file(path)
84
+ rescue => e
85
+ Puppet.err(_("Failed to add '%{path}' as a trusted CA file: %{detail}" % { path: path, detail: e.message }, e))
86
+ end
87
+ end
88
+ else
89
+ Puppet.warning(_("The 'ssl_trust_store' setting does not refer to a file and will be ignored: '%{path}'" % { path: path }))
90
+ end
91
+ end
92
+ end
93
+
94
+ if include_client_cert
95
+ cert_provider = Puppet::X509::CertProvider.new
96
+ private_key = cert_provider.load_private_key(Puppet[:certname], required: false)
97
+ unless private_key
98
+ Puppet.warning("Private key for '#{Puppet[:certname]}' does not exist")
99
+ end
100
+
101
+ client_cert = cert_provider.load_client_cert(Puppet[:certname], required: false)
102
+ unless client_cert
103
+ Puppet.warning("Client certificate for '#{Puppet[:certname]}' does not exist")
104
+ end
105
+
106
+ if private_key && client_cert
107
+ client_chain = resolve_client_chain(store, client_cert, private_key)
108
+
109
+ return Puppet::SSL::SSLContext.new(
110
+ store: store, cacerts: cacerts, crls: [],
111
+ private_key: private_key, client_cert: client_cert, client_chain: client_chain,
112
+ revocation: false
113
+ ).freeze
114
+ end
115
+ end
116
+
117
+ Puppet::SSL::SSLContext.new(store: store, cacerts: cacerts, crls: [], revocation: false).freeze
118
+ end
119
+
120
+ # Create an `SSLContext` using the trusted `cacerts`, `crls`, `private_key`,
121
+ # `client_cert`, and `revocation` mode. Connections made from the returned
122
+ # context will be mutually authenticated.
123
+ #
124
+ # The `crls` parameter must contain CRLs corresponding to each CA in `cacerts`
125
+ # depending on the `revocation` mode:
126
+ #
127
+ # * `:chain` - `crls` must contain a CRL for every CA in `cacerts`
128
+ # * `:leaf` - `crls` must contain (at least) the CRL for the leaf CA in `cacerts`
129
+ # * `false` - `crls` can be empty
130
+ #
131
+ # The `private_key` and public key from the `client_cert` must match.
132
+ #
133
+ # @param cacerts [Array<OpenSSL::X509::Certificate>] Array of trusted CA certs
134
+ # @param crls [Array<OpenSSL::X509::CRL>] Array of CRLs
135
+ # @param private_key [OpenSSL::PKey::RSA, OpenSSL::PKey::EC] client's private key
136
+ # @param client_cert [OpenSSL::X509::Certificate] client's cert whose public
137
+ # key matches the `private_key`
138
+ # @param revocation [:chain, :leaf, false] revocation mode
139
+ # @param include_system_store [true, false] Also trust system CA
140
+ # @return [Puppet::SSL::SSLContext] A context to use to create connections
141
+ # @raise [Puppet::SSL::CertVerifyError] There was an issue with
142
+ # one of the certs or CRLs.
143
+ # @raise [Puppet::SSL::SSLError] There was an issue with the
144
+ # `private_key`.
145
+ # @api private
146
+ def create_context(cacerts:, crls:, private_key:, client_cert:, revocation: Puppet[:certificate_revocation], include_system_store: false)
147
+ raise ArgumentError, _("CA certs are missing") unless cacerts
148
+ raise ArgumentError, _("CRLs are missing") unless crls
149
+ raise ArgumentError, _("Private key is missing") unless private_key
150
+ raise ArgumentError, _("Client cert is missing") unless client_cert
151
+
152
+ store = create_x509_store(cacerts, crls, revocation, include_system_store: include_system_store)
153
+ client_chain = resolve_client_chain(store, client_cert, private_key)
154
+
155
+ Puppet::SSL::SSLContext.new(
156
+ store: store, cacerts: cacerts, crls: crls,
157
+ private_key: private_key, client_cert: client_cert, client_chain: client_chain,
158
+ revocation: revocation
159
+ ).freeze
160
+ end
161
+
162
+ # Load an `SSLContext` using available certs and keys. An exception is raised
163
+ # if any component is missing or is invalid, such as a mismatched client cert
164
+ # and private key. Connections made from the returned context will be mutually
165
+ # authenticated.
166
+ #
167
+ # @param certname [String] Which cert & key to load
168
+ # @param revocation [:chain, :leaf, false] revocation mode
169
+ # @param password [String, nil] If the private key is encrypted, decrypt
170
+ # it using the password. If the key is encrypted, but a password is
171
+ # not specified, then the key cannot be loaded.
172
+ # @param include_system_store [true, false] Also trust system CA
173
+ # @return [Puppet::SSL::SSLContext] A context to use to create connections
174
+ # @raise [Puppet::SSL::CertVerifyError] There was an issue with
175
+ # one of the certs or CRLs.
176
+ # @raise [Puppet::Error] There was an issue with one of the required components.
177
+ # @api private
178
+ def load_context(certname: Puppet[:certname], revocation: Puppet[:certificate_revocation], password: nil, include_system_store: false)
179
+ cert = Puppet::X509::CertProvider.new
180
+ cacerts = cert.load_cacerts(required: true)
181
+ crls = case revocation
182
+ when :chain, :leaf
183
+ cert.load_crls(required: true)
184
+ else
185
+ []
186
+ end
187
+ private_key = cert.load_private_key(certname, required: true, password: password)
188
+ client_cert = cert.load_client_cert(certname, required: true)
189
+
190
+ create_context(cacerts: cacerts, crls: crls, private_key: private_key, client_cert: client_cert, revocation: revocation, include_system_store: include_system_store)
191
+ rescue OpenSSL::PKey::PKeyError => e
192
+ raise Puppet::SSL::SSLError.new(_("Failed to load private key for host '%{name}': %{message}") % { name: certname, message: e.message }, e)
193
+ end
194
+
195
+ # Verify the `csr` was signed with a private key corresponding to the
196
+ # `public_key`. This ensures the CSR was signed by someone in possession
197
+ # of the private key, and that it hasn't been tampered with since.
198
+ #
199
+ # @param csr [OpenSSL::X509::Request] certificate signing request
200
+ # @param public_key [OpenSSL::PKey::RSA, OpenSSL::PKey::EC] public key
201
+ # @raise [Puppet::SSL:SSLError] The private_key for the given `public_key` was
202
+ # not used to sign the CSR.
203
+ # @api private
204
+ def verify_request(csr, public_key)
205
+ unless csr.verify(public_key)
206
+ raise Puppet::SSL::SSLError, _("The CSR for host '%{name}' does not match the public key") % { name: subject(csr) }
207
+ end
208
+
209
+ csr
210
+ end
211
+
212
+ def print(ssl_context, alg = 'SHA256')
213
+ if Puppet::Util::Log.sendlevel?(:debug)
214
+ chain = ssl_context.client_chain
215
+ # print from root to client
216
+ chain.reverse.each_with_index do |cert, i|
217
+ digest = Puppet::SSL::Digest.new(alg, cert.to_der)
218
+ if i == chain.length - 1
219
+ Puppet.debug(_("Verified client certificate '%{subject}' fingerprint %{digest}") % {subject: cert.subject.to_utf8, digest: digest})
220
+ else
221
+ Puppet.debug(_("Verified CA certificate '%{subject}' fingerprint %{digest}") % {subject: cert.subject.to_utf8, digest: digest})
222
+ end
223
+ end
224
+ ssl_context.crls.each do |crl|
225
+ oid_values = Hash[crl.extensions.map { |ext| [ext.oid, ext.value] }]
226
+ crlNumber = oid_values['crlNumber'] || 'unknown'
227
+ authKeyId = (oid_values['authorityKeyIdentifier'] || 'unknown').chomp!
228
+ Puppet.debug("Using CRL '#{crl.issuer.to_utf8}' authorityKeyIdentifier '#{authKeyId}' crlNumber '#{crlNumber }'")
229
+ end
230
+ end
231
+ end
232
+
233
+ private
234
+
235
+ def default_flags
236
+ # checking the signature of the self-signed cert doesn't add any security,
237
+ # but it's a sanity check to make sure the cert isn't corrupt. This option
238
+ # is only available in openssl 1.1+
239
+ if defined?(OpenSSL::X509::V_FLAG_CHECK_SS_SIGNATURE)
240
+ OpenSSL::X509::V_FLAG_CHECK_SS_SIGNATURE
241
+ else
242
+ 0
243
+ end
244
+ end
245
+
246
+ def create_x509_store(roots, crls, revocation, include_system_store: false)
247
+ store = OpenSSL::X509::Store.new
248
+ store.purpose = OpenSSL::X509::PURPOSE_ANY
249
+ store.flags = default_flags | revocation_mode(revocation)
250
+
251
+ roots.each { |cert| store.add_cert(cert) }
252
+ crls.each { |crl| store.add_crl(crl) }
253
+
254
+ store.set_default_paths if include_system_store
255
+
256
+ store
257
+ end
258
+
259
+ def subject(x509)
260
+ x509.subject.to_utf8
261
+ end
262
+
263
+ def issuer(x509)
264
+ x509.issuer.to_utf8
265
+ end
266
+
267
+ def revocation_mode(mode)
268
+ case mode
269
+ when false
270
+ 0
271
+ when :leaf
272
+ OpenSSL::X509::V_FLAG_CRL_CHECK
273
+ else
274
+ # :chain is the default
275
+ OpenSSL::X509::V_FLAG_CRL_CHECK | OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
276
+ end
277
+ end
278
+
279
+ def resolve_client_chain(store, client_cert, private_key)
280
+ client_chain = verify_cert_with_store(store, client_cert)
281
+
282
+ if !private_key.is_a?(OpenSSL::PKey::RSA) && !private_key.is_a?(OpenSSL::PKey::EC)
283
+ raise Puppet::SSL::SSLError, _("Unsupported key '%{type}'") % { type: private_key.class.name }
284
+ end
285
+
286
+ unless client_cert.check_private_key(private_key)
287
+ raise Puppet::SSL::SSLError, _("The certificate for '%{name}' does not match its private key") % { name: subject(client_cert) }
288
+ end
289
+
290
+ client_chain
291
+ end
292
+
293
+ def verify_cert_with_store(store, cert)
294
+ # StoreContext#initialize accepts a chain argument, but it's set to [] because
295
+ # puppet requires any intermediate CA certs needed to complete the client's
296
+ # chain to be in the CA bundle that we downloaded from the server, and
297
+ # they've already been added to the store. See PUP-9500.
298
+
299
+ store_context = OpenSSL::X509::StoreContext.new(store, cert, [])
300
+ unless store_context.verify
301
+ current_cert = store_context.current_cert
302
+
303
+ # If the client cert's intermediate CA is not in the CA bundle, then warn,
304
+ # but don't error, because SSL allows the client to send an incomplete
305
+ # chain, and have the server resolve it.
306
+ if store_context.error == OpenSSL::X509::V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
307
+ Puppet.warning _("The issuer '%{issuer}' of certificate '%{subject}' cannot be found locally") % {
308
+ issuer: issuer(current_cert), subject: subject(current_cert)
309
+ }
310
+ else
311
+ raise_cert_verify_error(store_context, current_cert)
312
+ end
313
+ end
314
+
315
+ # resolved chain from leaf to root
316
+ store_context.chain
317
+ end
318
+
319
+ def raise_cert_verify_error(store_context, current_cert)
320
+ message =
321
+ case store_context.error
322
+ when OpenSSL::X509::V_ERR_CERT_NOT_YET_VALID
323
+ _("The certificate '%{subject}' is not yet valid, verify time is synchronized") % { subject: subject(current_cert) }
324
+ when OpenSSL::X509::V_ERR_CERT_HAS_EXPIRED
325
+ _("The certificate '%{subject}' has expired, verify time is synchronized") % { subject: subject(current_cert) }
326
+ when OpenSSL::X509::V_ERR_CRL_NOT_YET_VALID
327
+ _("The CRL issued by '%{issuer}' is not yet valid, verify time is synchronized") % { issuer: issuer(current_cert) }
328
+ when OpenSSL::X509::V_ERR_CRL_HAS_EXPIRED
329
+ _("The CRL issued by '%{issuer}' has expired, verify time is synchronized") % { issuer: issuer(current_cert) }
330
+ when OpenSSL::X509::V_ERR_CERT_SIGNATURE_FAILURE
331
+ _("Invalid signature for certificate '%{subject}'") % { subject: subject(current_cert) }
332
+ when OpenSSL::X509::V_ERR_CRL_SIGNATURE_FAILURE
333
+ _("Invalid signature for CRL issued by '%{issuer}'") % { issuer: issuer(current_cert) }
334
+ when OpenSSL::X509::V_ERR_UNABLE_TO_GET_ISSUER_CERT
335
+ _("The issuer '%{issuer}' of certificate '%{subject}' is missing") % {
336
+ issuer: issuer(current_cert), subject: subject(current_cert) }
337
+ when OpenSSL::X509::V_ERR_UNABLE_TO_GET_CRL
338
+ _("The CRL issued by '%{issuer}' is missing") % { issuer: issuer(current_cert) }
339
+ when OpenSSL::X509::V_ERR_CERT_REVOKED
340
+ _("Certificate '%{subject}' is revoked") % { subject: subject(current_cert) }
341
+ else
342
+ # error_string is labeled ASCII-8BIT, but is encoded based on Encoding.default_external
343
+ err_utf8 = Puppet::Util::CharacterEncoding.convert_to_utf_8(store_context.error_string)
344
+ _("Certificate '%{subject}' failed verification (%{err}): %{err_utf8}") % {
345
+ subject: subject(current_cert), err: store_context.error, err_utf8: err_utf8 }
346
+ end
347
+
348
+ raise Puppet::SSL::CertVerifyError.new(message, store_context.error, current_cert)
349
+ end
350
+ end