openvox 7.37.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1120) hide show
  1. checksums.yaml +7 -0
  2. data/CHANGELOG.md +15 -0
  3. data/CODEOWNERS +11 -0
  4. data/CODE_OF_CONDUCT.md +70 -0
  5. data/CONTRIBUTING.md +161 -0
  6. data/Gemfile +82 -0
  7. data/Guardfile.example +76 -0
  8. data/LICENSE +202 -0
  9. data/README.md +68 -0
  10. data/Rakefile +160 -0
  11. data/bin/puppet +9 -0
  12. data/conf/environment.conf +18 -0
  13. data/conf/fileserver.conf +32 -0
  14. data/conf/hiera.yaml +11 -0
  15. data/conf/puppet.conf +6 -0
  16. data/examples/enc/regexp_nodes/classes/databases +2 -0
  17. data/examples/enc/regexp_nodes/classes/webservers +2 -0
  18. data/examples/enc/regexp_nodes/environment/development +2 -0
  19. data/examples/enc/regexp_nodes/parameters/service/prod +1 -0
  20. data/examples/enc/regexp_nodes/parameters/service/qa +3 -0
  21. data/examples/enc/regexp_nodes/parameters/service/sandbox +1 -0
  22. data/examples/enc/regexp_nodes/regexp_nodes.rb +270 -0
  23. data/examples/hiera/README.md +91 -0
  24. data/examples/hiera/etc/hiera.yaml +15 -0
  25. data/examples/hiera/etc/hieradb/common.yaml +3 -0
  26. data/examples/hiera/etc/hieradb/dc1.yaml +6 -0
  27. data/examples/hiera/etc/hieradb/development.yaml +2 -0
  28. data/examples/hiera/etc/puppet.conf +3 -0
  29. data/examples/hiera/modules/data/manifests/common.pp +4 -0
  30. data/examples/hiera/modules/ntp/manifests/config.pp +6 -0
  31. data/examples/hiera/modules/ntp/manifests/data.pp +4 -0
  32. data/examples/hiera/modules/ntp/templates/ntp.conf.erb +3 -0
  33. data/examples/hiera/modules/users/manifests/common.pp +4 -0
  34. data/examples/hiera/modules/users/manifests/dc1.pp +4 -0
  35. data/examples/hiera/modules/users/manifests/development.pp +4 -0
  36. data/examples/hiera/site.pp +3 -0
  37. data/examples/nagios/check_puppet.rb +123 -0
  38. data/ext/README.md +13 -0
  39. data/ext/build_defaults.yaml +18 -0
  40. data/ext/debian/puppet.default +4 -0
  41. data/ext/debian/puppet.init +113 -0
  42. data/ext/hiera/hiera.yaml +15 -0
  43. data/ext/osx/puppet.plist +32 -0
  44. data/ext/project_data.yaml +20 -0
  45. data/ext/redhat/client.init +169 -0
  46. data/ext/redhat/client.sysconfig +2 -0
  47. data/ext/solaris/smf/puppet +44 -0
  48. data/ext/solaris/smf/puppet.xml +46 -0
  49. data/ext/suse/client.init +141 -0
  50. data/ext/systemd/puppet.service +26 -0
  51. data/ext/windows/puppet_interactive.bat +6 -0
  52. data/ext/windows/puppet_shell.bat +9 -0
  53. data/ext/windows/run_puppet_interactive.bat +9 -0
  54. data/ext/windows/service/daemon.bat +6 -0
  55. data/ext/windows/service/daemon.rb +225 -0
  56. data/install.rb +499 -0
  57. data/lib/hiera/puppet_function.rb +84 -0
  58. data/lib/hiera/scope.rb +90 -0
  59. data/lib/hiera_puppet.rb +80 -0
  60. data/lib/puppet/agent/disabler.rb +53 -0
  61. data/lib/puppet/agent/locker.rb +46 -0
  62. data/lib/puppet/agent.rb +176 -0
  63. data/lib/puppet/application/agent.rb +523 -0
  64. data/lib/puppet/application/apply.rb +428 -0
  65. data/lib/puppet/application/catalog.rb +4 -0
  66. data/lib/puppet/application/config.rb +5 -0
  67. data/lib/puppet/application/describe.rb +253 -0
  68. data/lib/puppet/application/device.rb +439 -0
  69. data/lib/puppet/application/doc.rb +233 -0
  70. data/lib/puppet/application/epp.rb +5 -0
  71. data/lib/puppet/application/face_base.rb +276 -0
  72. data/lib/puppet/application/facts.rb +9 -0
  73. data/lib/puppet/application/filebucket.rb +318 -0
  74. data/lib/puppet/application/generate.rb +5 -0
  75. data/lib/puppet/application/help.rb +5 -0
  76. data/lib/puppet/application/indirection_base.rb +4 -0
  77. data/lib/puppet/application/lookup.rb +433 -0
  78. data/lib/puppet/application/module.rb +4 -0
  79. data/lib/puppet/application/node.rb +4 -0
  80. data/lib/puppet/application/parser.rb +5 -0
  81. data/lib/puppet/application/plugin.rb +4 -0
  82. data/lib/puppet/application/report.rb +4 -0
  83. data/lib/puppet/application/resource.rb +254 -0
  84. data/lib/puppet/application/script.rb +264 -0
  85. data/lib/puppet/application/ssl.rb +323 -0
  86. data/lib/puppet/application.rb +596 -0
  87. data/lib/puppet/application_support.rb +68 -0
  88. data/lib/puppet/coercion.rb +40 -0
  89. data/lib/puppet/compilable_resource_type.rb +15 -0
  90. data/lib/puppet/concurrent/lock.rb +16 -0
  91. data/lib/puppet/concurrent/synchronized.rb +15 -0
  92. data/lib/puppet/concurrent/thread_local_singleton.rb +17 -0
  93. data/lib/puppet/concurrent.rb +2 -0
  94. data/lib/puppet/configurer/downloader.rb +85 -0
  95. data/lib/puppet/configurer/fact_handler.rb +50 -0
  96. data/lib/puppet/configurer/plugin_handler.rb +59 -0
  97. data/lib/puppet/configurer.rb +755 -0
  98. data/lib/puppet/confine/any.rb +26 -0
  99. data/lib/puppet/confine/boolean.rb +45 -0
  100. data/lib/puppet/confine/exists.rb +19 -0
  101. data/lib/puppet/confine/false.rb +25 -0
  102. data/lib/puppet/confine/feature.rb +17 -0
  103. data/lib/puppet/confine/true.rb +26 -0
  104. data/lib/puppet/confine/variable.rb +59 -0
  105. data/lib/puppet/confine.rb +83 -0
  106. data/lib/puppet/confine_collection.rb +51 -0
  107. data/lib/puppet/confiner.rb +46 -0
  108. data/lib/puppet/context/trusted_information.rb +120 -0
  109. data/lib/puppet/context.rb +188 -0
  110. data/lib/puppet/daemon.rb +182 -0
  111. data/lib/puppet/data_binding.rb +14 -0
  112. data/lib/puppet/datatypes/error.rb +21 -0
  113. data/lib/puppet/datatypes/impl/error.rb +40 -0
  114. data/lib/puppet/datatypes.rb +213 -0
  115. data/lib/puppet/defaults.rb +2277 -0
  116. data/lib/puppet/environments.rb +601 -0
  117. data/lib/puppet/error.rb +138 -0
  118. data/lib/puppet/etc.rb +180 -0
  119. data/lib/puppet/external/dot.rb +325 -0
  120. data/lib/puppet/external/pson/common.rb +374 -0
  121. data/lib/puppet/external/pson/pure/generator.rb +395 -0
  122. data/lib/puppet/external/pson/pure/parser.rb +308 -0
  123. data/lib/puppet/external/pson/pure.rb +15 -0
  124. data/lib/puppet/external/pson/version.rb +8 -0
  125. data/lib/puppet/face/catalog/select.rb +49 -0
  126. data/lib/puppet/face/catalog.rb +165 -0
  127. data/lib/puppet/face/config.rb +267 -0
  128. data/lib/puppet/face/epp.rb +566 -0
  129. data/lib/puppet/face/facts.rb +174 -0
  130. data/lib/puppet/face/generate.rb +66 -0
  131. data/lib/puppet/face/help/action.erb +90 -0
  132. data/lib/puppet/face/help/face.erb +115 -0
  133. data/lib/puppet/face/help/global.erb +16 -0
  134. data/lib/puppet/face/help/man.erb +152 -0
  135. data/lib/puppet/face/help.rb +242 -0
  136. data/lib/puppet/face/module/changes.rb +43 -0
  137. data/lib/puppet/face/module/install.rb +146 -0
  138. data/lib/puppet/face/module/list.rb +272 -0
  139. data/lib/puppet/face/module/uninstall.rb +89 -0
  140. data/lib/puppet/face/module/upgrade.rb +87 -0
  141. data/lib/puppet/face/module.rb +19 -0
  142. data/lib/puppet/face/node/clean.rb +107 -0
  143. data/lib/puppet/face/node.rb +43 -0
  144. data/lib/puppet/face/parser.rb +227 -0
  145. data/lib/puppet/face/plugin.rb +60 -0
  146. data/lib/puppet/face/report.rb +54 -0
  147. data/lib/puppet/face/resource.rb +53 -0
  148. data/lib/puppet/face.rb +12 -0
  149. data/lib/puppet/facter_impl.rb +96 -0
  150. data/lib/puppet/feature/base.rb +76 -0
  151. data/lib/puppet/feature/bolt.rb +3 -0
  152. data/lib/puppet/feature/cfpropertylist.rb +3 -0
  153. data/lib/puppet/feature/eventlog.rb +5 -0
  154. data/lib/puppet/feature/hiera_eyaml.rb +3 -0
  155. data/lib/puppet/feature/hocon.rb +3 -0
  156. data/lib/puppet/feature/libuser.rb +8 -0
  157. data/lib/puppet/feature/msgpack.rb +3 -0
  158. data/lib/puppet/feature/pe_license.rb +4 -0
  159. data/lib/puppet/feature/selinux.rb +3 -0
  160. data/lib/puppet/feature/ssh.rb +3 -0
  161. data/lib/puppet/feature/telnet.rb +9 -0
  162. data/lib/puppet/feature/zlib.rb +5 -0
  163. data/lib/puppet/ffi/posix/constants.rb +14 -0
  164. data/lib/puppet/ffi/posix/functions.rb +24 -0
  165. data/lib/puppet/ffi/posix.rb +10 -0
  166. data/lib/puppet/ffi/windows/api_types.rb +311 -0
  167. data/lib/puppet/ffi/windows/constants.rb +404 -0
  168. data/lib/puppet/ffi/windows/functions.rb +628 -0
  169. data/lib/puppet/ffi/windows/structs.rb +338 -0
  170. data/lib/puppet/ffi/windows.rb +12 -0
  171. data/lib/puppet/file_bucket/dipper.rb +174 -0
  172. data/lib/puppet/file_bucket/file.rb +129 -0
  173. data/lib/puppet/file_bucket.rb +4 -0
  174. data/lib/puppet/file_serving/base.rb +86 -0
  175. data/lib/puppet/file_serving/configuration/parser.rb +113 -0
  176. data/lib/puppet/file_serving/configuration.rb +113 -0
  177. data/lib/puppet/file_serving/content.rb +43 -0
  178. data/lib/puppet/file_serving/fileset.rb +186 -0
  179. data/lib/puppet/file_serving/http_metadata.rb +62 -0
  180. data/lib/puppet/file_serving/metadata.rb +171 -0
  181. data/lib/puppet/file_serving/mount/file.rb +122 -0
  182. data/lib/puppet/file_serving/mount/locales.rb +35 -0
  183. data/lib/puppet/file_serving/mount/modules.rb +26 -0
  184. data/lib/puppet/file_serving/mount/pluginfacts.rb +35 -0
  185. data/lib/puppet/file_serving/mount/plugins.rb +35 -0
  186. data/lib/puppet/file_serving/mount/scripts.rb +24 -0
  187. data/lib/puppet/file_serving/mount/tasks.rb +23 -0
  188. data/lib/puppet/file_serving/mount.rb +38 -0
  189. data/lib/puppet/file_serving/terminus_helper.rb +31 -0
  190. data/lib/puppet/file_serving/terminus_selector.rb +31 -0
  191. data/lib/puppet/file_serving.rb +3 -0
  192. data/lib/puppet/file_system/file_impl.rb +188 -0
  193. data/lib/puppet/file_system/jruby.rb +23 -0
  194. data/lib/puppet/file_system/memory_file.rb +79 -0
  195. data/lib/puppet/file_system/memory_impl.rb +99 -0
  196. data/lib/puppet/file_system/path_pattern.rb +93 -0
  197. data/lib/puppet/file_system/posix.rb +47 -0
  198. data/lib/puppet/file_system/uniquefile.rb +188 -0
  199. data/lib/puppet/file_system/windows.rb +213 -0
  200. data/lib/puppet/file_system.rb +419 -0
  201. data/lib/puppet/forge/cache.rb +60 -0
  202. data/lib/puppet/forge/errors.rb +114 -0
  203. data/lib/puppet/forge/repository.rb +95 -0
  204. data/lib/puppet/forge.rb +259 -0
  205. data/lib/puppet/functions/abs.rb +61 -0
  206. data/lib/puppet/functions/alert.rb +14 -0
  207. data/lib/puppet/functions/all.rb +104 -0
  208. data/lib/puppet/functions/annotate.rb +108 -0
  209. data/lib/puppet/functions/any.rb +109 -0
  210. data/lib/puppet/functions/assert_type.rb +93 -0
  211. data/lib/puppet/functions/binary_file.rb +32 -0
  212. data/lib/puppet/functions/break.rb +47 -0
  213. data/lib/puppet/functions/call.rb +80 -0
  214. data/lib/puppet/functions/camelcase.rb +62 -0
  215. data/lib/puppet/functions/capitalize.rb +61 -0
  216. data/lib/puppet/functions/ceiling.rb +37 -0
  217. data/lib/puppet/functions/chomp.rb +57 -0
  218. data/lib/puppet/functions/chop.rb +67 -0
  219. data/lib/puppet/functions/compare.rb +125 -0
  220. data/lib/puppet/functions/contain.rb +55 -0
  221. data/lib/puppet/functions/convert_to.rb +34 -0
  222. data/lib/puppet/functions/crit.rb +14 -0
  223. data/lib/puppet/functions/debug.rb +14 -0
  224. data/lib/puppet/functions/defined.rb +159 -0
  225. data/lib/puppet/functions/dig.rb +67 -0
  226. data/lib/puppet/functions/downcase.rb +89 -0
  227. data/lib/puppet/functions/each.rb +167 -0
  228. data/lib/puppet/functions/emerg.rb +14 -0
  229. data/lib/puppet/functions/empty.rb +85 -0
  230. data/lib/puppet/functions/epp.rb +49 -0
  231. data/lib/puppet/functions/err.rb +14 -0
  232. data/lib/puppet/functions/eyaml_lookup_key.rb +102 -0
  233. data/lib/puppet/functions/filter.rb +137 -0
  234. data/lib/puppet/functions/find_file.rb +44 -0
  235. data/lib/puppet/functions/find_template.rb +63 -0
  236. data/lib/puppet/functions/flatten.rb +64 -0
  237. data/lib/puppet/functions/floor.rb +37 -0
  238. data/lib/puppet/functions/get.rb +150 -0
  239. data/lib/puppet/functions/getvar.rb +87 -0
  240. data/lib/puppet/functions/group_by.rb +62 -0
  241. data/lib/puppet/functions/hiera.rb +89 -0
  242. data/lib/puppet/functions/hiera_array.rb +81 -0
  243. data/lib/puppet/functions/hiera_hash.rb +92 -0
  244. data/lib/puppet/functions/hiera_include.rb +104 -0
  245. data/lib/puppet/functions/hocon_data.rb +41 -0
  246. data/lib/puppet/functions/import.rb +7 -0
  247. data/lib/puppet/functions/include.rb +53 -0
  248. data/lib/puppet/functions/index.rb +167 -0
  249. data/lib/puppet/functions/info.rb +14 -0
  250. data/lib/puppet/functions/inline_epp.rb +60 -0
  251. data/lib/puppet/functions/join.rb +56 -0
  252. data/lib/puppet/functions/json_data.rb +33 -0
  253. data/lib/puppet/functions/keys.rb +25 -0
  254. data/lib/puppet/functions/length.rb +44 -0
  255. data/lib/puppet/functions/lest.rb +55 -0
  256. data/lib/puppet/functions/lookup.rb +224 -0
  257. data/lib/puppet/functions/lstrip.rb +58 -0
  258. data/lib/puppet/functions/map.rb +135 -0
  259. data/lib/puppet/functions/match.rb +130 -0
  260. data/lib/puppet/functions/max.rb +183 -0
  261. data/lib/puppet/functions/min.rb +182 -0
  262. data/lib/puppet/functions/module_directory.rb +41 -0
  263. data/lib/puppet/functions/new.rb +1011 -0
  264. data/lib/puppet/functions/next.rb +33 -0
  265. data/lib/puppet/functions/notice.rb +14 -0
  266. data/lib/puppet/functions/partition.rb +62 -0
  267. data/lib/puppet/functions/reduce.rb +162 -0
  268. data/lib/puppet/functions/regsubst.rb +101 -0
  269. data/lib/puppet/functions/require.rb +77 -0
  270. data/lib/puppet/functions/return.rb +15 -0
  271. data/lib/puppet/functions/reverse_each.rb +94 -0
  272. data/lib/puppet/functions/round.rb +24 -0
  273. data/lib/puppet/functions/rstrip.rb +58 -0
  274. data/lib/puppet/functions/scanf.rb +44 -0
  275. data/lib/puppet/functions/size.rb +15 -0
  276. data/lib/puppet/functions/slice.rb +124 -0
  277. data/lib/puppet/functions/sort.rb +74 -0
  278. data/lib/puppet/functions/split.rb +76 -0
  279. data/lib/puppet/functions/step.rb +98 -0
  280. data/lib/puppet/functions/strftime.rb +212 -0
  281. data/lib/puppet/functions/strip.rb +58 -0
  282. data/lib/puppet/functions/then.rb +77 -0
  283. data/lib/puppet/functions/tree_each.rb +197 -0
  284. data/lib/puppet/functions/type.rb +72 -0
  285. data/lib/puppet/functions/unique.rb +132 -0
  286. data/lib/puppet/functions/unwrap.rb +59 -0
  287. data/lib/puppet/functions/upcase.rb +89 -0
  288. data/lib/puppet/functions/values.rb +25 -0
  289. data/lib/puppet/functions/versioncmp.rb +40 -0
  290. data/lib/puppet/functions/warning.rb +14 -0
  291. data/lib/puppet/functions/with.rb +32 -0
  292. data/lib/puppet/functions/yaml_data.rb +45 -0
  293. data/lib/puppet/functions.rb +862 -0
  294. data/lib/puppet/generate/models/type/property.rb +70 -0
  295. data/lib/puppet/generate/models/type/type.rb +65 -0
  296. data/lib/puppet/generate/templates/type/pcore.erb +42 -0
  297. data/lib/puppet/generate/type.rb +249 -0
  298. data/lib/puppet/gettext/config.rb +275 -0
  299. data/lib/puppet/gettext/module_translations.rb +42 -0
  300. data/lib/puppet/gettext/stubs.rb +11 -0
  301. data/lib/puppet/graph/key.rb +26 -0
  302. data/lib/puppet/graph/prioritizer.rb +29 -0
  303. data/lib/puppet/graph/rb_tree_map.rb +388 -0
  304. data/lib/puppet/graph/relationship_graph.rb +284 -0
  305. data/lib/puppet/graph/sequential_prioritizer.rb +31 -0
  306. data/lib/puppet/graph/simple_graph.rb +546 -0
  307. data/lib/puppet/graph.rb +9 -0
  308. data/lib/puppet/http/client.rb +525 -0
  309. data/lib/puppet/http/dns.rb +159 -0
  310. data/lib/puppet/http/errors.rb +48 -0
  311. data/lib/puppet/http/external_client.rb +88 -0
  312. data/lib/puppet/http/factory.rb +51 -0
  313. data/lib/puppet/http/pool.rb +172 -0
  314. data/lib/puppet/http/pool_entry.rb +17 -0
  315. data/lib/puppet/http/proxy.rb +137 -0
  316. data/lib/puppet/http/redirector.rb +85 -0
  317. data/lib/puppet/http/resolver/server_list.rb +87 -0
  318. data/lib/puppet/http/resolver/settings.rb +23 -0
  319. data/lib/puppet/http/resolver/srv.rb +41 -0
  320. data/lib/puppet/http/resolver.rb +48 -0
  321. data/lib/puppet/http/response.rb +102 -0
  322. data/lib/puppet/http/response_converter.rb +24 -0
  323. data/lib/puppet/http/response_net_http.rb +42 -0
  324. data/lib/puppet/http/retry_after_handler.rb +77 -0
  325. data/lib/puppet/http/service/ca.rb +101 -0
  326. data/lib/puppet/http/service/compiler.rb +353 -0
  327. data/lib/puppet/http/service/file_server.rb +198 -0
  328. data/lib/puppet/http/service/puppetserver.rb +53 -0
  329. data/lib/puppet/http/service/report.rb +64 -0
  330. data/lib/puppet/http/service.rb +182 -0
  331. data/lib/puppet/http/session.rb +122 -0
  332. data/lib/puppet/http/site.rb +42 -0
  333. data/lib/puppet/http.rb +46 -0
  334. data/lib/puppet/indirector/catalog/compiler.rb +431 -0
  335. data/lib/puppet/indirector/catalog/json.rb +40 -0
  336. data/lib/puppet/indirector/catalog/msgpack.rb +6 -0
  337. data/lib/puppet/indirector/catalog/rest.rb +49 -0
  338. data/lib/puppet/indirector/catalog/store_configs.rb +8 -0
  339. data/lib/puppet/indirector/catalog/yaml.rb +6 -0
  340. data/lib/puppet/indirector/code.rb +6 -0
  341. data/lib/puppet/indirector/data_binding/hiera.rb +7 -0
  342. data/lib/puppet/indirector/data_binding/none.rb +8 -0
  343. data/lib/puppet/indirector/direct_file_server.rb +17 -0
  344. data/lib/puppet/indirector/envelope.rb +11 -0
  345. data/lib/puppet/indirector/errors.rb +5 -0
  346. data/lib/puppet/indirector/exec.rb +38 -0
  347. data/lib/puppet/indirector/face.rb +153 -0
  348. data/lib/puppet/indirector/fact_search.rb +60 -0
  349. data/lib/puppet/indirector/facts/facter.rb +117 -0
  350. data/lib/puppet/indirector/facts/json.rb +27 -0
  351. data/lib/puppet/indirector/facts/memory.rb +9 -0
  352. data/lib/puppet/indirector/facts/network_device.rb +27 -0
  353. data/lib/puppet/indirector/facts/rest.rb +44 -0
  354. data/lib/puppet/indirector/facts/store_configs.rb +11 -0
  355. data/lib/puppet/indirector/facts/yaml.rb +29 -0
  356. data/lib/puppet/indirector/file_bucket_file/file.rb +262 -0
  357. data/lib/puppet/indirector/file_bucket_file/rest.rb +50 -0
  358. data/lib/puppet/indirector/file_bucket_file/selector.rb +53 -0
  359. data/lib/puppet/indirector/file_content/file.rb +7 -0
  360. data/lib/puppet/indirector/file_content/file_server.rb +7 -0
  361. data/lib/puppet/indirector/file_content/rest.rb +35 -0
  362. data/lib/puppet/indirector/file_content/selector.rb +30 -0
  363. data/lib/puppet/indirector/file_content.rb +5 -0
  364. data/lib/puppet/indirector/file_metadata/file.rb +7 -0
  365. data/lib/puppet/indirector/file_metadata/file_server.rb +7 -0
  366. data/lib/puppet/indirector/file_metadata/http.rb +47 -0
  367. data/lib/puppet/indirector/file_metadata/rest.rb +56 -0
  368. data/lib/puppet/indirector/file_metadata/selector.rb +30 -0
  369. data/lib/puppet/indirector/file_metadata.rb +5 -0
  370. data/lib/puppet/indirector/file_server.rb +54 -0
  371. data/lib/puppet/indirector/generic_http.rb +5 -0
  372. data/lib/puppet/indirector/hiera.rb +100 -0
  373. data/lib/puppet/indirector/indirection.rb +372 -0
  374. data/lib/puppet/indirector/json.rb +79 -0
  375. data/lib/puppet/indirector/memory.rb +34 -0
  376. data/lib/puppet/indirector/msgpack.rb +83 -0
  377. data/lib/puppet/indirector/node/exec.rb +70 -0
  378. data/lib/puppet/indirector/node/json.rb +8 -0
  379. data/lib/puppet/indirector/node/memory.rb +10 -0
  380. data/lib/puppet/indirector/node/msgpack.rb +7 -0
  381. data/lib/puppet/indirector/node/plain.rb +21 -0
  382. data/lib/puppet/indirector/node/rest.rb +29 -0
  383. data/lib/puppet/indirector/node/store_configs.rb +8 -0
  384. data/lib/puppet/indirector/node/yaml.rb +7 -0
  385. data/lib/puppet/indirector/none.rb +9 -0
  386. data/lib/puppet/indirector/plain.rb +9 -0
  387. data/lib/puppet/indirector/report/json.rb +34 -0
  388. data/lib/puppet/indirector/report/msgpack.rb +11 -0
  389. data/lib/puppet/indirector/report/processor.rb +60 -0
  390. data/lib/puppet/indirector/report/rest.rb +42 -0
  391. data/lib/puppet/indirector/report/yaml.rb +34 -0
  392. data/lib/puppet/indirector/request.rb +194 -0
  393. data/lib/puppet/indirector/resource/ral.rb +66 -0
  394. data/lib/puppet/indirector/resource/store_configs.rb +12 -0
  395. data/lib/puppet/indirector/resource/validator.rb +8 -0
  396. data/lib/puppet/indirector/rest.rb +64 -0
  397. data/lib/puppet/indirector/store_configs.rb +30 -0
  398. data/lib/puppet/indirector/terminus.rb +176 -0
  399. data/lib/puppet/indirector/yaml.rb +63 -0
  400. data/lib/puppet/indirector.rb +61 -0
  401. data/lib/puppet/info_service/class_information_service.rb +109 -0
  402. data/lib/puppet/info_service/plan_information_service.rb +36 -0
  403. data/lib/puppet/info_service/task_information_service.rb +44 -0
  404. data/lib/puppet/info_service.rb +26 -0
  405. data/lib/puppet/interface/action.rb +406 -0
  406. data/lib/puppet/interface/action_builder.rb +161 -0
  407. data/lib/puppet/interface/action_manager.rb +98 -0
  408. data/lib/puppet/interface/documentation.rb +357 -0
  409. data/lib/puppet/interface/face_collection.rb +137 -0
  410. data/lib/puppet/interface/option.rb +172 -0
  411. data/lib/puppet/interface/option_builder.rb +105 -0
  412. data/lib/puppet/interface/option_manager.rb +106 -0
  413. data/lib/puppet/interface.rb +239 -0
  414. data/lib/puppet/loaders.rb +30 -0
  415. data/lib/puppet/metatype/manager.rb +197 -0
  416. data/lib/puppet/module/plan.rb +159 -0
  417. data/lib/puppet/module/task.rb +283 -0
  418. data/lib/puppet/module.rb +475 -0
  419. data/lib/puppet/module_tool/applications/application.rb +91 -0
  420. data/lib/puppet/module_tool/applications/checksummer.rb +62 -0
  421. data/lib/puppet/module_tool/applications/installer.rb +411 -0
  422. data/lib/puppet/module_tool/applications/uninstaller.rb +119 -0
  423. data/lib/puppet/module_tool/applications/unpacker.rb +100 -0
  424. data/lib/puppet/module_tool/applications/upgrader.rb +282 -0
  425. data/lib/puppet/module_tool/applications.rb +12 -0
  426. data/lib/puppet/module_tool/checksums.rb +49 -0
  427. data/lib/puppet/module_tool/contents_description.rb +89 -0
  428. data/lib/puppet/module_tool/dependency.rb +41 -0
  429. data/lib/puppet/module_tool/errors/base.rb +15 -0
  430. data/lib/puppet/module_tool/errors/installer.rb +93 -0
  431. data/lib/puppet/module_tool/errors/shared.rb +227 -0
  432. data/lib/puppet/module_tool/errors/uninstaller.rb +50 -0
  433. data/lib/puppet/module_tool/errors/upgrader.rb +63 -0
  434. data/lib/puppet/module_tool/errors.rb +11 -0
  435. data/lib/puppet/module_tool/install_directory.rb +45 -0
  436. data/lib/puppet/module_tool/installed_modules.rb +96 -0
  437. data/lib/puppet/module_tool/local_tarball.rb +90 -0
  438. data/lib/puppet/module_tool/metadata.rb +221 -0
  439. data/lib/puppet/module_tool/shared_behaviors.rb +181 -0
  440. data/lib/puppet/module_tool/tar/gnu.rb +19 -0
  441. data/lib/puppet/module_tool/tar/mini.rb +116 -0
  442. data/lib/puppet/module_tool/tar.rb +18 -0
  443. data/lib/puppet/module_tool.rb +194 -0
  444. data/lib/puppet/network/authconfig.rb +7 -0
  445. data/lib/puppet/network/authorization.rb +19 -0
  446. data/lib/puppet/network/client_request.rb +29 -0
  447. data/lib/puppet/network/format.rb +110 -0
  448. data/lib/puppet/network/format_handler.rb +108 -0
  449. data/lib/puppet/network/format_support.rb +139 -0
  450. data/lib/puppet/network/formats.rb +329 -0
  451. data/lib/puppet/network/http/api/indirected_routes.rb +277 -0
  452. data/lib/puppet/network/http/api/indirection_type.rb +32 -0
  453. data/lib/puppet/network/http/api/master/v3/environments.rb +3 -0
  454. data/lib/puppet/network/http/api/master/v3.rb +3 -0
  455. data/lib/puppet/network/http/api/master.rb +3 -0
  456. data/lib/puppet/network/http/api/server/v3/environments.rb +48 -0
  457. data/lib/puppet/network/http/api/server/v3.rb +39 -0
  458. data/lib/puppet/network/http/api/server.rb +10 -0
  459. data/lib/puppet/network/http/api.rb +39 -0
  460. data/lib/puppet/network/http/connection.rb +286 -0
  461. data/lib/puppet/network/http/error.rb +73 -0
  462. data/lib/puppet/network/http/handler.rb +215 -0
  463. data/lib/puppet/network/http/issues.rb +12 -0
  464. data/lib/puppet/network/http/memory_response.rb +13 -0
  465. data/lib/puppet/network/http/request.rb +71 -0
  466. data/lib/puppet/network/http/response.rb +23 -0
  467. data/lib/puppet/network/http/route.rb +101 -0
  468. data/lib/puppet/network/http.rb +28 -0
  469. data/lib/puppet/network/http_pool.rb +77 -0
  470. data/lib/puppet/network/uri.rb +18 -0
  471. data/lib/puppet/network.rb +3 -0
  472. data/lib/puppet/node/environment.rb +635 -0
  473. data/lib/puppet/node/facts.rb +165 -0
  474. data/lib/puppet/node/server_facts.rb +46 -0
  475. data/lib/puppet/node.rb +256 -0
  476. data/lib/puppet/pal/catalog_compiler.rb +108 -0
  477. data/lib/puppet/pal/compiler.rb +222 -0
  478. data/lib/puppet/pal/function_signature.rb +52 -0
  479. data/lib/puppet/pal/json_catalog_encoder.rb +71 -0
  480. data/lib/puppet/pal/pal_api.rb +15 -0
  481. data/lib/puppet/pal/pal_impl.rb +590 -0
  482. data/lib/puppet/pal/plan_signature.rb +71 -0
  483. data/lib/puppet/pal/script_compiler.rb +73 -0
  484. data/lib/puppet/pal/task_signature.rb +58 -0
  485. data/lib/puppet/parameter/boolean.rb +15 -0
  486. data/lib/puppet/parameter/package_options.rb +31 -0
  487. data/lib/puppet/parameter/path.rb +57 -0
  488. data/lib/puppet/parameter/value.rb +91 -0
  489. data/lib/puppet/parameter/value_collection.rb +212 -0
  490. data/lib/puppet/parameter.rb +589 -0
  491. data/lib/puppet/parser/abstract_compiler.rb +36 -0
  492. data/lib/puppet/parser/ast/block_expression.rb +15 -0
  493. data/lib/puppet/parser/ast/branch.rb +19 -0
  494. data/lib/puppet/parser/ast/hostclass.rb +27 -0
  495. data/lib/puppet/parser/ast/leaf.rb +81 -0
  496. data/lib/puppet/parser/ast/node.rb +17 -0
  497. data/lib/puppet/parser/ast/pops_bridge.rb +245 -0
  498. data/lib/puppet/parser/ast/resource.rb +66 -0
  499. data/lib/puppet/parser/ast/resource_instance.rb +10 -0
  500. data/lib/puppet/parser/ast/resourceparam.rb +31 -0
  501. data/lib/puppet/parser/ast/top_level_construct.rb +4 -0
  502. data/lib/puppet/parser/ast.rb +61 -0
  503. data/lib/puppet/parser/catalog_compiler.rb +56 -0
  504. data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +39 -0
  505. data/lib/puppet/parser/compiler/catalog_validator.rb +33 -0
  506. data/lib/puppet/parser/compiler.rb +615 -0
  507. data/lib/puppet/parser/e4_parser_adapter.rb +60 -0
  508. data/lib/puppet/parser/files.rb +93 -0
  509. data/lib/puppet/parser/functions/assert_type.rb +60 -0
  510. data/lib/puppet/parser/functions/binary_file.rb +24 -0
  511. data/lib/puppet/parser/functions/break.rb +39 -0
  512. data/lib/puppet/parser/functions/contain.rb +30 -0
  513. data/lib/puppet/parser/functions/create_resources.rb +110 -0
  514. data/lib/puppet/parser/functions/defined.rb +107 -0
  515. data/lib/puppet/parser/functions/dig.rb +38 -0
  516. data/lib/puppet/parser/functions/digest.rb +5 -0
  517. data/lib/puppet/parser/functions/each.rb +104 -0
  518. data/lib/puppet/parser/functions/epp.rb +39 -0
  519. data/lib/puppet/parser/functions/fail.rb +11 -0
  520. data/lib/puppet/parser/functions/file.rb +33 -0
  521. data/lib/puppet/parser/functions/filter.rb +79 -0
  522. data/lib/puppet/parser/functions/find_file.rb +28 -0
  523. data/lib/puppet/parser/functions/fqdn_rand.rb +44 -0
  524. data/lib/puppet/parser/functions/generate.rb +37 -0
  525. data/lib/puppet/parser/functions/hiera.rb +103 -0
  526. data/lib/puppet/parser/functions/hiera_array.rb +92 -0
  527. data/lib/puppet/parser/functions/hiera_hash.rb +102 -0
  528. data/lib/puppet/parser/functions/hiera_include.rb +101 -0
  529. data/lib/puppet/parser/functions/include.rb +34 -0
  530. data/lib/puppet/parser/functions/inline_epp.rb +51 -0
  531. data/lib/puppet/parser/functions/inline_template.rb +26 -0
  532. data/lib/puppet/parser/functions/lest.rb +49 -0
  533. data/lib/puppet/parser/functions/lookup.rb +132 -0
  534. data/lib/puppet/parser/functions/map.rb +76 -0
  535. data/lib/puppet/parser/functions/match.rb +43 -0
  536. data/lib/puppet/parser/functions/md5.rb +5 -0
  537. data/lib/puppet/parser/functions/new.rb +991 -0
  538. data/lib/puppet/parser/functions/next.rb +38 -0
  539. data/lib/puppet/parser/functions/realize.rb +20 -0
  540. data/lib/puppet/parser/functions/reduce.rb +137 -0
  541. data/lib/puppet/parser/functions/regsubst.rb +62 -0
  542. data/lib/puppet/parser/functions/require.rb +40 -0
  543. data/lib/puppet/parser/functions/return.rb +92 -0
  544. data/lib/puppet/parser/functions/reverse_each.rb +83 -0
  545. data/lib/puppet/parser/functions/scanf.rb +38 -0
  546. data/lib/puppet/parser/functions/sha1.rb +5 -0
  547. data/lib/puppet/parser/functions/sha256.rb +5 -0
  548. data/lib/puppet/parser/functions/shellquote.rb +61 -0
  549. data/lib/puppet/parser/functions/slice.rb +39 -0
  550. data/lib/puppet/parser/functions/split.rb +28 -0
  551. data/lib/puppet/parser/functions/sprintf.rb +61 -0
  552. data/lib/puppet/parser/functions/step.rb +84 -0
  553. data/lib/puppet/parser/functions/strftime.rb +185 -0
  554. data/lib/puppet/parser/functions/tag.rb +12 -0
  555. data/lib/puppet/parser/functions/tagged.rb +21 -0
  556. data/lib/puppet/parser/functions/template.rb +39 -0
  557. data/lib/puppet/parser/functions/then.rb +73 -0
  558. data/lib/puppet/parser/functions/type.rb +53 -0
  559. data/lib/puppet/parser/functions/versioncmp.rb +30 -0
  560. data/lib/puppet/parser/functions/with.rb +28 -0
  561. data/lib/puppet/parser/functions.rb +321 -0
  562. data/lib/puppet/parser/parser_factory.rb +30 -0
  563. data/lib/puppet/parser/relationship.rb +84 -0
  564. data/lib/puppet/parser/resource/param.rb +35 -0
  565. data/lib/puppet/parser/resource.rb +351 -0
  566. data/lib/puppet/parser/scope.rb +1127 -0
  567. data/lib/puppet/parser/script_compiler.rb +123 -0
  568. data/lib/puppet/parser/templatewrapper.rb +104 -0
  569. data/lib/puppet/parser/type_loader.rb +150 -0
  570. data/lib/puppet/parser.rb +20 -0
  571. data/lib/puppet/plugins/configuration.rb +29 -0
  572. data/lib/puppet/plugins/syntax_checkers.rb +98 -0
  573. data/lib/puppet/plugins.rb +9 -0
  574. data/lib/puppet/pops/adaptable.rb +197 -0
  575. data/lib/puppet/pops/adapters.rb +156 -0
  576. data/lib/puppet/pops/evaluator/access_operator.rb +719 -0
  577. data/lib/puppet/pops/evaluator/callable_signature.rb +107 -0
  578. data/lib/puppet/pops/evaluator/closure.rb +375 -0
  579. data/lib/puppet/pops/evaluator/collector_transformer.rb +234 -0
  580. data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +86 -0
  581. data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +29 -0
  582. data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +70 -0
  583. data/lib/puppet/pops/evaluator/collectors/fixed_set_collector.rb +38 -0
  584. data/lib/puppet/pops/evaluator/compare_operator.rb +254 -0
  585. data/lib/puppet/pops/evaluator/deferred_resolver.rb +225 -0
  586. data/lib/puppet/pops/evaluator/epp_evaluator.rb +120 -0
  587. data/lib/puppet/pops/evaluator/evaluator_impl.rb +1317 -0
  588. data/lib/puppet/pops/evaluator/external_syntax_support.rb +46 -0
  589. data/lib/puppet/pops/evaluator/json_strict_literal_evaluator.rb +82 -0
  590. data/lib/puppet/pops/evaluator/literal_evaluator.rb +100 -0
  591. data/lib/puppet/pops/evaluator/puppet_proc.rb +69 -0
  592. data/lib/puppet/pops/evaluator/relationship_operator.rb +185 -0
  593. data/lib/puppet/pops/evaluator/runtime3_converter.rb +221 -0
  594. data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +119 -0
  595. data/lib/puppet/pops/evaluator/runtime3_support.rb +535 -0
  596. data/lib/puppet/pops/functions/dispatch.rb +107 -0
  597. data/lib/puppet/pops/functions/dispatcher.rb +75 -0
  598. data/lib/puppet/pops/functions/function.rb +139 -0
  599. data/lib/puppet/pops/issue_reporter.rb +137 -0
  600. data/lib/puppet/pops/issues.rb +928 -0
  601. data/lib/puppet/pops/label_provider.rb +90 -0
  602. data/lib/puppet/pops/loader/base_loader.rb +178 -0
  603. data/lib/puppet/pops/loader/dependency_loader.rb +91 -0
  604. data/lib/puppet/pops/loader/gem_support.rb +51 -0
  605. data/lib/puppet/pops/loader/generic_plan_instantiator.rb +28 -0
  606. data/lib/puppet/pops/loader/loader.rb +221 -0
  607. data/lib/puppet/pops/loader/loader_paths.rb +412 -0
  608. data/lib/puppet/pops/loader/module_loaders.rb +556 -0
  609. data/lib/puppet/pops/loader/predefined_loader.rb +28 -0
  610. data/lib/puppet/pops/loader/puppet_function_instantiator.rb +84 -0
  611. data/lib/puppet/pops/loader/puppet_plan_instantiator.rb +93 -0
  612. data/lib/puppet/pops/loader/puppet_resource_type_impl_instantiator.rb +79 -0
  613. data/lib/puppet/pops/loader/ruby_data_type_instantiator.rb +39 -0
  614. data/lib/puppet/pops/loader/ruby_function_instantiator.rb +45 -0
  615. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +120 -0
  616. data/lib/puppet/pops/loader/runtime3_type_loader.rb +103 -0
  617. data/lib/puppet/pops/loader/simple_environment_loader.rb +20 -0
  618. data/lib/puppet/pops/loader/static_loader.rb +131 -0
  619. data/lib/puppet/pops/loader/task_instantiator.rb +44 -0
  620. data/lib/puppet/pops/loader/type_definition_instantiator.rb +100 -0
  621. data/lib/puppet/pops/loader/typed_name.rb +54 -0
  622. data/lib/puppet/pops/loader/uri_helper.rb +22 -0
  623. data/lib/puppet/pops/loaders.rb +546 -0
  624. data/lib/puppet/pops/lookup/configured_data_provider.rb +93 -0
  625. data/lib/puppet/pops/lookup/context.rb +199 -0
  626. data/lib/puppet/pops/lookup/data_adapter.rb +27 -0
  627. data/lib/puppet/pops/lookup/data_dig_function_provider.rb +145 -0
  628. data/lib/puppet/pops/lookup/data_hash_function_provider.rb +126 -0
  629. data/lib/puppet/pops/lookup/data_provider.rb +92 -0
  630. data/lib/puppet/pops/lookup/environment_data_provider.rb +35 -0
  631. data/lib/puppet/pops/lookup/explainer.rb +595 -0
  632. data/lib/puppet/pops/lookup/function_provider.rb +110 -0
  633. data/lib/puppet/pops/lookup/global_data_provider.rb +75 -0
  634. data/lib/puppet/pops/lookup/hiera_config.rb +775 -0
  635. data/lib/puppet/pops/lookup/interpolation.rb +155 -0
  636. data/lib/puppet/pops/lookup/invocation.rb +268 -0
  637. data/lib/puppet/pops/lookup/key_recorder.rb +18 -0
  638. data/lib/puppet/pops/lookup/location_resolver.rb +99 -0
  639. data/lib/puppet/pops/lookup/lookup_adapter.rb +528 -0
  640. data/lib/puppet/pops/lookup/lookup_key.rb +99 -0
  641. data/lib/puppet/pops/lookup/lookup_key_function_provider.rb +92 -0
  642. data/lib/puppet/pops/lookup/module_data_provider.rb +89 -0
  643. data/lib/puppet/pops/lookup/sub_lookup.rb +92 -0
  644. data/lib/puppet/pops/lookup.rb +97 -0
  645. data/lib/puppet/pops/merge_strategy.rb +441 -0
  646. data/lib/puppet/pops/migration/migration_checker.rb +58 -0
  647. data/lib/puppet/pops/model/ast.pp +669 -0
  648. data/lib/puppet/pops/model/ast.rb +4675 -0
  649. data/lib/puppet/pops/model/ast_transformer.rb +131 -0
  650. data/lib/puppet/pops/model/factory.rb +1155 -0
  651. data/lib/puppet/pops/model/model_label_provider.rb +134 -0
  652. data/lib/puppet/pops/model/model_tree_dumper.rb +445 -0
  653. data/lib/puppet/pops/model/pn_transformer.rb +385 -0
  654. data/lib/puppet/pops/model/tree_dumper.rb +59 -0
  655. data/lib/puppet/pops/parser/code_merger.rb +29 -0
  656. data/lib/puppet/pops/parser/egrammar.ra +889 -0
  657. data/lib/puppet/pops/parser/eparser.rb +3184 -0
  658. data/lib/puppet/pops/parser/epp_parser.rb +51 -0
  659. data/lib/puppet/pops/parser/epp_support.rb +265 -0
  660. data/lib/puppet/pops/parser/evaluating_parser.rb +162 -0
  661. data/lib/puppet/pops/parser/heredoc_support.rb +153 -0
  662. data/lib/puppet/pops/parser/interpolation_support.rb +249 -0
  663. data/lib/puppet/pops/parser/lexer2.rb +777 -0
  664. data/lib/puppet/pops/parser/lexer_support.rb +221 -0
  665. data/lib/puppet/pops/parser/locatable.rb +23 -0
  666. data/lib/puppet/pops/parser/locator.rb +357 -0
  667. data/lib/puppet/pops/parser/parser_support.rb +251 -0
  668. data/lib/puppet/pops/parser/pn_parser.rb +317 -0
  669. data/lib/puppet/pops/parser/slurp_support.rb +118 -0
  670. data/lib/puppet/pops/patterns.rb +60 -0
  671. data/lib/puppet/pops/pcore.rb +135 -0
  672. data/lib/puppet/pops/pn.rb +236 -0
  673. data/lib/puppet/pops/puppet_stack.rb +61 -0
  674. data/lib/puppet/pops/resource/param.rb +55 -0
  675. data/lib/puppet/pops/resource/resource_type_impl.rb +294 -0
  676. data/lib/puppet/pops/resource/resource_type_set.pcore +22 -0
  677. data/lib/puppet/pops/semantic_error.rb +29 -0
  678. data/lib/puppet/pops/serialization/abstract_reader.rb +180 -0
  679. data/lib/puppet/pops/serialization/abstract_writer.rb +222 -0
  680. data/lib/puppet/pops/serialization/deserializer.rb +80 -0
  681. data/lib/puppet/pops/serialization/extension.rb +158 -0
  682. data/lib/puppet/pops/serialization/from_data_converter.rb +224 -0
  683. data/lib/puppet/pops/serialization/instance_reader.rb +19 -0
  684. data/lib/puppet/pops/serialization/instance_writer.rb +14 -0
  685. data/lib/puppet/pops/serialization/json.rb +297 -0
  686. data/lib/puppet/pops/serialization/json_path.rb +127 -0
  687. data/lib/puppet/pops/serialization/object.rb +70 -0
  688. data/lib/puppet/pops/serialization/serializer.rb +140 -0
  689. data/lib/puppet/pops/serialization/time_factory.rb +67 -0
  690. data/lib/puppet/pops/serialization/to_data_converter.rb +313 -0
  691. data/lib/puppet/pops/serialization/to_stringified_converter.rb +226 -0
  692. data/lib/puppet/pops/serialization.rb +43 -0
  693. data/lib/puppet/pops/time/timespan.rb +716 -0
  694. data/lib/puppet/pops/time/timestamp.rb +160 -0
  695. data/lib/puppet/pops/types/annotatable.rb +36 -0
  696. data/lib/puppet/pops/types/annotation.rb +71 -0
  697. data/lib/puppet/pops/types/class_loader.rb +132 -0
  698. data/lib/puppet/pops/types/implementation_registry.rb +134 -0
  699. data/lib/puppet/pops/types/iterable.rb +365 -0
  700. data/lib/puppet/pops/types/p_binary_type.rb +232 -0
  701. data/lib/puppet/pops/types/p_init_type.rb +238 -0
  702. data/lib/puppet/pops/types/p_meta_type.rb +94 -0
  703. data/lib/puppet/pops/types/p_object_type.rb +1117 -0
  704. data/lib/puppet/pops/types/p_object_type_extension.rb +228 -0
  705. data/lib/puppet/pops/types/p_runtime_type.rb +115 -0
  706. data/lib/puppet/pops/types/p_sem_ver_range_type.rb +190 -0
  707. data/lib/puppet/pops/types/p_sem_ver_type.rb +155 -0
  708. data/lib/puppet/pops/types/p_sensitive_type.rb +83 -0
  709. data/lib/puppet/pops/types/p_timespan_type.rb +192 -0
  710. data/lib/puppet/pops/types/p_timestamp_type.rb +73 -0
  711. data/lib/puppet/pops/types/p_type_set_type.rb +387 -0
  712. data/lib/puppet/pops/types/p_uri_type.rb +190 -0
  713. data/lib/puppet/pops/types/puppet_object.rb +40 -0
  714. data/lib/puppet/pops/types/recursion_guard.rb +136 -0
  715. data/lib/puppet/pops/types/ruby_generator.rb +472 -0
  716. data/lib/puppet/pops/types/ruby_method.rb +31 -0
  717. data/lib/puppet/pops/types/string_converter.rb +1134 -0
  718. data/lib/puppet/pops/types/tree_iterators.rb +254 -0
  719. data/lib/puppet/pops/types/type_acceptor.rb +25 -0
  720. data/lib/puppet/pops/types/type_asserter.rb +47 -0
  721. data/lib/puppet/pops/types/type_assertion_error.rb +27 -0
  722. data/lib/puppet/pops/types/type_calculator.rb +822 -0
  723. data/lib/puppet/pops/types/type_conversion_error.rb +15 -0
  724. data/lib/puppet/pops/types/type_factory.rb +631 -0
  725. data/lib/puppet/pops/types/type_formatter.rb +801 -0
  726. data/lib/puppet/pops/types/type_mismatch_describer.rb +1096 -0
  727. data/lib/puppet/pops/types/type_parser.rb +683 -0
  728. data/lib/puppet/pops/types/type_set_reference.rb +59 -0
  729. data/lib/puppet/pops/types/type_with_members.rb +43 -0
  730. data/lib/puppet/pops/types/types.rb +3633 -0
  731. data/lib/puppet/pops/utils.rb +119 -0
  732. data/lib/puppet/pops/validation/checker4_0.rb +1148 -0
  733. data/lib/puppet/pops/validation/tasks_checker.rb +93 -0
  734. data/lib/puppet/pops/validation/validator_factory_4_0.rb +45 -0
  735. data/lib/puppet/pops/validation.rb +459 -0
  736. data/lib/puppet/pops/visitable.rb +6 -0
  737. data/lib/puppet/pops/visitor.rb +122 -0
  738. data/lib/puppet/pops.rb +121 -0
  739. data/lib/puppet/property/boolean.rb +7 -0
  740. data/lib/puppet/property/ensure.rb +106 -0
  741. data/lib/puppet/property/keyvalue.rb +158 -0
  742. data/lib/puppet/property/list.rb +70 -0
  743. data/lib/puppet/property/ordered_list.rb +29 -0
  744. data/lib/puppet/property.rb +611 -0
  745. data/lib/puppet/provider/aix_object.rb +485 -0
  746. data/lib/puppet/provider/command.rb +25 -0
  747. data/lib/puppet/provider/confine.rb +6 -0
  748. data/lib/puppet/provider/exec/posix.rb +60 -0
  749. data/lib/puppet/provider/exec/shell.rb +25 -0
  750. data/lib/puppet/provider/exec/windows.rb +55 -0
  751. data/lib/puppet/provider/exec.rb +105 -0
  752. data/lib/puppet/provider/file/posix.rb +144 -0
  753. data/lib/puppet/provider/file/windows.rb +152 -0
  754. data/lib/puppet/provider/group/aix.rb +99 -0
  755. data/lib/puppet/provider/group/directoryservice.rb +22 -0
  756. data/lib/puppet/provider/group/groupadd.rb +174 -0
  757. data/lib/puppet/provider/group/ldap.rb +48 -0
  758. data/lib/puppet/provider/group/pw.rb +51 -0
  759. data/lib/puppet/provider/group/windows_adsi.rb +113 -0
  760. data/lib/puppet/provider/ldap.rb +141 -0
  761. data/lib/puppet/provider/nameservice/directoryservice.rb +512 -0
  762. data/lib/puppet/provider/nameservice/objectadd.rb +22 -0
  763. data/lib/puppet/provider/nameservice/pw.rb +21 -0
  764. data/lib/puppet/provider/nameservice.rb +293 -0
  765. data/lib/puppet/provider/network_device.rb +74 -0
  766. data/lib/puppet/provider/package/aix.rb +169 -0
  767. data/lib/puppet/provider/package/appdmg.rb +111 -0
  768. data/lib/puppet/provider/package/apple.rb +47 -0
  769. data/lib/puppet/provider/package/apt.rb +262 -0
  770. data/lib/puppet/provider/package/aptitude.rb +35 -0
  771. data/lib/puppet/provider/package/aptrpm.rb +83 -0
  772. data/lib/puppet/provider/package/blastwave.rb +112 -0
  773. data/lib/puppet/provider/package/dnf.rb +50 -0
  774. data/lib/puppet/provider/package/dnfmodule.rb +141 -0
  775. data/lib/puppet/provider/package/dpkg.rb +192 -0
  776. data/lib/puppet/provider/package/fink.rb +97 -0
  777. data/lib/puppet/provider/package/freebsd.rb +47 -0
  778. data/lib/puppet/provider/package/gem.rb +293 -0
  779. data/lib/puppet/provider/package/hpux.rb +44 -0
  780. data/lib/puppet/provider/package/macports.rb +110 -0
  781. data/lib/puppet/provider/package/nim.rb +291 -0
  782. data/lib/puppet/provider/package/openbsd.rb +260 -0
  783. data/lib/puppet/provider/package/opkg.rb +82 -0
  784. data/lib/puppet/provider/package/pacman.rb +273 -0
  785. data/lib/puppet/provider/package/pip.rb +346 -0
  786. data/lib/puppet/provider/package/pip2.rb +17 -0
  787. data/lib/puppet/provider/package/pip3.rb +17 -0
  788. data/lib/puppet/provider/package/pkg.rb +295 -0
  789. data/lib/puppet/provider/package/pkgdmg.rb +153 -0
  790. data/lib/puppet/provider/package/pkgin.rb +87 -0
  791. data/lib/puppet/provider/package/pkgng.rb +173 -0
  792. data/lib/puppet/provider/package/pkgutil.rb +187 -0
  793. data/lib/puppet/provider/package/portage.rb +310 -0
  794. data/lib/puppet/provider/package/ports.rb +91 -0
  795. data/lib/puppet/provider/package/portupgrade.rb +240 -0
  796. data/lib/puppet/provider/package/puppet_gem.rb +34 -0
  797. data/lib/puppet/provider/package/puppetserver_gem.rb +171 -0
  798. data/lib/puppet/provider/package/rpm.rb +250 -0
  799. data/lib/puppet/provider/package/rug.rb +51 -0
  800. data/lib/puppet/provider/package/sun.rb +133 -0
  801. data/lib/puppet/provider/package/sunfreeware.rb +9 -0
  802. data/lib/puppet/provider/package/tdnf.rb +28 -0
  803. data/lib/puppet/provider/package/up2date.rb +40 -0
  804. data/lib/puppet/provider/package/urpmi.rb +55 -0
  805. data/lib/puppet/provider/package/windows/exe_package.rb +106 -0
  806. data/lib/puppet/provider/package/windows/msi_package.rb +70 -0
  807. data/lib/puppet/provider/package/windows/package.rb +110 -0
  808. data/lib/puppet/provider/package/windows.rb +130 -0
  809. data/lib/puppet/provider/package/yum.rb +387 -0
  810. data/lib/puppet/provider/package/zypper.rb +206 -0
  811. data/lib/puppet/provider/package.rb +59 -0
  812. data/lib/puppet/provider/package_targetable.rb +69 -0
  813. data/lib/puppet/provider/parsedfile.rb +490 -0
  814. data/lib/puppet/provider/service/base.rb +139 -0
  815. data/lib/puppet/provider/service/bsd.rb +51 -0
  816. data/lib/puppet/provider/service/daemontools.rb +193 -0
  817. data/lib/puppet/provider/service/debian.rb +75 -0
  818. data/lib/puppet/provider/service/freebsd.rb +143 -0
  819. data/lib/puppet/provider/service/gentoo.rb +45 -0
  820. data/lib/puppet/provider/service/init.rb +192 -0
  821. data/lib/puppet/provider/service/launchd.rb +384 -0
  822. data/lib/puppet/provider/service/openbsd.rb +100 -0
  823. data/lib/puppet/provider/service/openrc.rb +71 -0
  824. data/lib/puppet/provider/service/openwrt.rb +36 -0
  825. data/lib/puppet/provider/service/rcng.rb +51 -0
  826. data/lib/puppet/provider/service/redhat.rb +72 -0
  827. data/lib/puppet/provider/service/runit.rb +106 -0
  828. data/lib/puppet/provider/service/service.rb +68 -0
  829. data/lib/puppet/provider/service/smf.rb +317 -0
  830. data/lib/puppet/provider/service/src.rb +147 -0
  831. data/lib/puppet/provider/service/systemd.rb +232 -0
  832. data/lib/puppet/provider/service/upstart.rb +385 -0
  833. data/lib/puppet/provider/service/windows.rb +182 -0
  834. data/lib/puppet/provider/user/aix.rb +361 -0
  835. data/lib/puppet/provider/user/directoryservice.rb +680 -0
  836. data/lib/puppet/provider/user/hpux.rb +95 -0
  837. data/lib/puppet/provider/user/ldap.rb +132 -0
  838. data/lib/puppet/provider/user/openbsd.rb +77 -0
  839. data/lib/puppet/provider/user/pw.rb +108 -0
  840. data/lib/puppet/provider/user/user_role_add.rb +239 -0
  841. data/lib/puppet/provider/user/useradd.rb +406 -0
  842. data/lib/puppet/provider/user/windows_adsi.rb +172 -0
  843. data/lib/puppet/provider.rb +612 -0
  844. data/lib/puppet/reference/configuration.rb +97 -0
  845. data/lib/puppet/reference/function.rb +17 -0
  846. data/lib/puppet/reference/indirection.rb +71 -0
  847. data/lib/puppet/reference/metaparameter.rb +33 -0
  848. data/lib/puppet/reference/providers.rb +117 -0
  849. data/lib/puppet/reference/report.rb +20 -0
  850. data/lib/puppet/reference/type.rb +109 -0
  851. data/lib/puppet/relationship.rb +84 -0
  852. data/lib/puppet/reports/http.rb +44 -0
  853. data/lib/puppet/reports/log.rb +14 -0
  854. data/lib/puppet/reports/store.rb +68 -0
  855. data/lib/puppet/reports.rb +93 -0
  856. data/lib/puppet/resource/catalog.rb +654 -0
  857. data/lib/puppet/resource/status.rb +229 -0
  858. data/lib/puppet/resource/type.rb +425 -0
  859. data/lib/puppet/resource/type_collection.rb +231 -0
  860. data/lib/puppet/resource.rb +663 -0
  861. data/lib/puppet/runtime.rb +65 -0
  862. data/lib/puppet/scheduler/job.rb +53 -0
  863. data/lib/puppet/scheduler/scheduler.rb +44 -0
  864. data/lib/puppet/scheduler/splay_job.rb +32 -0
  865. data/lib/puppet/scheduler/timer.rb +13 -0
  866. data/lib/puppet/scheduler.rb +16 -0
  867. data/lib/puppet/settings/alias_setting.rb +37 -0
  868. data/lib/puppet/settings/array_setting.rb +17 -0
  869. data/lib/puppet/settings/autosign_setting.rb +22 -0
  870. data/lib/puppet/settings/base_setting.rb +223 -0
  871. data/lib/puppet/settings/boolean_setting.rb +32 -0
  872. data/lib/puppet/settings/certificate_revocation_setting.rb +21 -0
  873. data/lib/puppet/settings/config_file.rb +146 -0
  874. data/lib/puppet/settings/directory_setting.rb +18 -0
  875. data/lib/puppet/settings/duration_setting.rb +32 -0
  876. data/lib/puppet/settings/enum_setting.rb +16 -0
  877. data/lib/puppet/settings/environment_conf.rb +224 -0
  878. data/lib/puppet/settings/errors.rb +11 -0
  879. data/lib/puppet/settings/file_or_directory_setting.rb +40 -0
  880. data/lib/puppet/settings/file_setting.rb +241 -0
  881. data/lib/puppet/settings/http_extra_headers_setting.rb +25 -0
  882. data/lib/puppet/settings/ini_file.rb +226 -0
  883. data/lib/puppet/settings/integer_setting.rb +17 -0
  884. data/lib/puppet/settings/path_setting.rb +8 -0
  885. data/lib/puppet/settings/port_setting.rb +15 -0
  886. data/lib/puppet/settings/priority_setting.rb +43 -0
  887. data/lib/puppet/settings/server_list_setting.rb +29 -0
  888. data/lib/puppet/settings/string_setting.rb +9 -0
  889. data/lib/puppet/settings/symbolic_enum_setting.rb +17 -0
  890. data/lib/puppet/settings/terminus_setting.rb +14 -0
  891. data/lib/puppet/settings/ttl_setting.rb +51 -0
  892. data/lib/puppet/settings/value_translator.rb +14 -0
  893. data/lib/puppet/settings.rb +1642 -0
  894. data/lib/puppet/ssl/base.rb +149 -0
  895. data/lib/puppet/ssl/certificate.rb +96 -0
  896. data/lib/puppet/ssl/certificate_request.rb +324 -0
  897. data/lib/puppet/ssl/certificate_request_attributes.rb +37 -0
  898. data/lib/puppet/ssl/certificate_signer.rb +39 -0
  899. data/lib/puppet/ssl/digest.rb +20 -0
  900. data/lib/puppet/ssl/error.rb +26 -0
  901. data/lib/puppet/ssl/oids.rb +197 -0
  902. data/lib/puppet/ssl/openssl_loader.rb +24 -0
  903. data/lib/puppet/ssl/ssl_context.rb +25 -0
  904. data/lib/puppet/ssl/ssl_provider.rb +350 -0
  905. data/lib/puppet/ssl/state_machine.rb +474 -0
  906. data/lib/puppet/ssl/verifier.rb +142 -0
  907. data/lib/puppet/ssl.rb +23 -0
  908. data/lib/puppet/syntax_checkers/base64.rb +40 -0
  909. data/lib/puppet/syntax_checkers/epp.rb +34 -0
  910. data/lib/puppet/syntax_checkers/json.rb +35 -0
  911. data/lib/puppet/syntax_checkers/pp.rb +34 -0
  912. data/lib/puppet/syntax_checkers.rb +3 -0
  913. data/lib/puppet/test/test_helper.rb +265 -0
  914. data/lib/puppet/thread_local.rb +4 -0
  915. data/lib/puppet/transaction/additional_resource_generator.rb +220 -0
  916. data/lib/puppet/transaction/event.rb +168 -0
  917. data/lib/puppet/transaction/event_manager.rb +179 -0
  918. data/lib/puppet/transaction/persistence.rb +119 -0
  919. data/lib/puppet/transaction/report.rb +504 -0
  920. data/lib/puppet/transaction/resource_harness.rb +323 -0
  921. data/lib/puppet/transaction.rb +491 -0
  922. data/lib/puppet/trusted_external.rb +41 -0
  923. data/lib/puppet/type/component.rb +89 -0
  924. data/lib/puppet/type/exec.rb +720 -0
  925. data/lib/puppet/type/file/checksum.rb +50 -0
  926. data/lib/puppet/type/file/checksum_value.rb +54 -0
  927. data/lib/puppet/type/file/content.rb +176 -0
  928. data/lib/puppet/type/file/ctime.rb +21 -0
  929. data/lib/puppet/type/file/data_sync.rb +98 -0
  930. data/lib/puppet/type/file/ensure.rb +195 -0
  931. data/lib/puppet/type/file/group.rb +48 -0
  932. data/lib/puppet/type/file/mode.rb +189 -0
  933. data/lib/puppet/type/file/mtime.rb +19 -0
  934. data/lib/puppet/type/file/owner.rb +51 -0
  935. data/lib/puppet/type/file/selcontext.rb +142 -0
  936. data/lib/puppet/type/file/source.rb +379 -0
  937. data/lib/puppet/type/file/target.rb +88 -0
  938. data/lib/puppet/type/file/type.rb +20 -0
  939. data/lib/puppet/type/file.rb +1133 -0
  940. data/lib/puppet/type/filebucket.rb +121 -0
  941. data/lib/puppet/type/group.rb +237 -0
  942. data/lib/puppet/type/notify.rb +47 -0
  943. data/lib/puppet/type/package.rb +713 -0
  944. data/lib/puppet/type/resources.rb +187 -0
  945. data/lib/puppet/type/schedule.rb +441 -0
  946. data/lib/puppet/type/service.rb +309 -0
  947. data/lib/puppet/type/stage.rb +27 -0
  948. data/lib/puppet/type/tidy.rb +376 -0
  949. data/lib/puppet/type/user.rb +859 -0
  950. data/lib/puppet/type/whit.rb +34 -0
  951. data/lib/puppet/type.rb +2676 -0
  952. data/lib/puppet/util/at_fork/noop.rb +18 -0
  953. data/lib/puppet/util/at_fork/solaris.rb +160 -0
  954. data/lib/puppet/util/at_fork.rb +35 -0
  955. data/lib/puppet/util/autoload.rb +215 -0
  956. data/lib/puppet/util/backups.rb +86 -0
  957. data/lib/puppet/util/character_encoding.rb +80 -0
  958. data/lib/puppet/util/checksums.rb +376 -0
  959. data/lib/puppet/util/classgen.rb +228 -0
  960. data/lib/puppet/util/colors.rb +100 -0
  961. data/lib/puppet/util/command_line/puppet_option_parser.rb +87 -0
  962. data/lib/puppet/util/command_line/trollop.rb +825 -0
  963. data/lib/puppet/util/command_line.rb +196 -0
  964. data/lib/puppet/util/constant_inflector.rb +24 -0
  965. data/lib/puppet/util/diff.rb +81 -0
  966. data/lib/puppet/util/docs.rb +128 -0
  967. data/lib/puppet/util/errors.rb +159 -0
  968. data/lib/puppet/util/execution.rb +424 -0
  969. data/lib/puppet/util/execution_stub.rb +26 -0
  970. data/lib/puppet/util/feature.rb +129 -0
  971. data/lib/puppet/util/file_watcher.rb +28 -0
  972. data/lib/puppet/util/fileparsing.rb +408 -0
  973. data/lib/puppet/util/filetype.rb +358 -0
  974. data/lib/puppet/util/http_proxy.rb +4 -0
  975. data/lib/puppet/util/inifile.rb +340 -0
  976. data/lib/puppet/util/instance_loader.rb +66 -0
  977. data/lib/puppet/util/json.rb +92 -0
  978. data/lib/puppet/util/json_lockfile.rb +44 -0
  979. data/lib/puppet/util/ldap/connection.rb +73 -0
  980. data/lib/puppet/util/ldap/generator.rb +42 -0
  981. data/lib/puppet/util/ldap/manager.rb +284 -0
  982. data/lib/puppet/util/ldap.rb +2 -0
  983. data/lib/puppet/util/libuser.conf +15 -0
  984. data/lib/puppet/util/libuser.rb +12 -0
  985. data/lib/puppet/util/limits.rb +12 -0
  986. data/lib/puppet/util/lockfile.rb +66 -0
  987. data/lib/puppet/util/log/destination.rb +49 -0
  988. data/lib/puppet/util/log/destinations.rb +253 -0
  989. data/lib/puppet/util/log.rb +427 -0
  990. data/lib/puppet/util/logging.rb +300 -0
  991. data/lib/puppet/util/metaid.rb +21 -0
  992. data/lib/puppet/util/metric.rb +65 -0
  993. data/lib/puppet/util/monkey_patches.rb +122 -0
  994. data/lib/puppet/util/multi_match.rb +51 -0
  995. data/lib/puppet/util/network_device/base.rb +23 -0
  996. data/lib/puppet/util/network_device/config.rb +105 -0
  997. data/lib/puppet/util/network_device/transport/base.rb +26 -0
  998. data/lib/puppet/util/network_device/transport.rb +5 -0
  999. data/lib/puppet/util/network_device.rb +17 -0
  1000. data/lib/puppet/util/package/version/debian.rb +175 -0
  1001. data/lib/puppet/util/package/version/gem.rb +15 -0
  1002. data/lib/puppet/util/package/version/pip.rb +167 -0
  1003. data/lib/puppet/util/package/version/range/eq.rb +14 -0
  1004. data/lib/puppet/util/package/version/range/gt.rb +14 -0
  1005. data/lib/puppet/util/package/version/range/gt_eq.rb +14 -0
  1006. data/lib/puppet/util/package/version/range/lt.rb +14 -0
  1007. data/lib/puppet/util/package/version/range/lt_eq.rb +14 -0
  1008. data/lib/puppet/util/package/version/range/min_max.rb +21 -0
  1009. data/lib/puppet/util/package/version/range/simple.rb +11 -0
  1010. data/lib/puppet/util/package/version/range.rb +53 -0
  1011. data/lib/puppet/util/package/version/rpm.rb +73 -0
  1012. data/lib/puppet/util/package.rb +40 -0
  1013. data/lib/puppet/util/pidlock.rb +102 -0
  1014. data/lib/puppet/util/platform.rb +70 -0
  1015. data/lib/puppet/util/plist.rb +161 -0
  1016. data/lib/puppet/util/posix.rb +203 -0
  1017. data/lib/puppet/util/profiler/aggregate.rb +85 -0
  1018. data/lib/puppet/util/profiler/around_profiler.rb +67 -0
  1019. data/lib/puppet/util/profiler/logging.rb +48 -0
  1020. data/lib/puppet/util/profiler/object_counts.rb +17 -0
  1021. data/lib/puppet/util/profiler/wall_clock.rb +35 -0
  1022. data/lib/puppet/util/profiler.rb +53 -0
  1023. data/lib/puppet/util/provider_features.rb +179 -0
  1024. data/lib/puppet/util/psych_support.rb +30 -0
  1025. data/lib/puppet/util/rdoc/code_objects.rb +295 -0
  1026. data/lib/puppet/util/rdoc/generators/puppet_generator.rb +912 -0
  1027. data/lib/puppet/util/rdoc/generators/template/puppet/puppet.rb +1085 -0
  1028. data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +259 -0
  1029. data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc2.rb +14 -0
  1030. data/lib/puppet/util/rdoc/parser.rb +12 -0
  1031. data/lib/puppet/util/rdoc.rb +53 -0
  1032. data/lib/puppet/util/reference.rb +119 -0
  1033. data/lib/puppet/util/resource_template.rb +61 -0
  1034. data/lib/puppet/util/retry_action.rb +46 -0
  1035. data/lib/puppet/util/rpm_compare.rb +193 -0
  1036. data/lib/puppet/util/rubygems.rb +67 -0
  1037. data/lib/puppet/util/run_mode.rb +122 -0
  1038. data/lib/puppet/util/selinux.rb +297 -0
  1039. data/lib/puppet/util/skip_tags.rb +13 -0
  1040. data/lib/puppet/util/splayer.rb +18 -0
  1041. data/lib/puppet/util/storage.rb +100 -0
  1042. data/lib/puppet/util/suidmanager.rb +166 -0
  1043. data/lib/puppet/util/symbolic_file_mode.rb +156 -0
  1044. data/lib/puppet/util/tag_set.rb +27 -0
  1045. data/lib/puppet/util/tagging.rb +132 -0
  1046. data/lib/puppet/util/terminal.rb +16 -0
  1047. data/lib/puppet/util/user_attr.rb +21 -0
  1048. data/lib/puppet/util/warnings.rb +31 -0
  1049. data/lib/puppet/util/watched_file.rb +37 -0
  1050. data/lib/puppet/util/watcher/change_watcher.rb +33 -0
  1051. data/lib/puppet/util/watcher/periodic_watcher.rb +37 -0
  1052. data/lib/puppet/util/watcher/timer.rb +19 -0
  1053. data/lib/puppet/util/watcher.rb +17 -0
  1054. data/lib/puppet/util/windows/access_control_entry.rb +84 -0
  1055. data/lib/puppet/util/windows/access_control_list.rb +113 -0
  1056. data/lib/puppet/util/windows/adsi.rb +654 -0
  1057. data/lib/puppet/util/windows/com.rb +225 -0
  1058. data/lib/puppet/util/windows/daemon.rb +343 -0
  1059. data/lib/puppet/util/windows/error.rb +84 -0
  1060. data/lib/puppet/util/windows/eventlog.rb +187 -0
  1061. data/lib/puppet/util/windows/file.rb +355 -0
  1062. data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
  1063. data/lib/puppet/util/windows/principal.rb +201 -0
  1064. data/lib/puppet/util/windows/process.rb +364 -0
  1065. data/lib/puppet/util/windows/registry.rb +441 -0
  1066. data/lib/puppet/util/windows/root_certs.rb +108 -0
  1067. data/lib/puppet/util/windows/security.rb +907 -0
  1068. data/lib/puppet/util/windows/security_descriptor.rb +62 -0
  1069. data/lib/puppet/util/windows/service.rb +696 -0
  1070. data/lib/puppet/util/windows/sid.rb +289 -0
  1071. data/lib/puppet/util/windows/string.rb +15 -0
  1072. data/lib/puppet/util/windows/user.rb +550 -0
  1073. data/lib/puppet/util/windows.rb +51 -0
  1074. data/lib/puppet/util/yaml.rb +65 -0
  1075. data/lib/puppet/util.rb +808 -0
  1076. data/lib/puppet/vendor/require_vendored.rb +4 -0
  1077. data/lib/puppet/vendor.rb +57 -0
  1078. data/lib/puppet/version.rb +95 -0
  1079. data/lib/puppet/x509/cert_provider.rb +369 -0
  1080. data/lib/puppet/x509/pem_store.rb +55 -0
  1081. data/lib/puppet/x509.rb +11 -0
  1082. data/lib/puppet.rb +345 -0
  1083. data/lib/puppet_pal.rb +8 -0
  1084. data/lib/puppet_x.rb +14 -0
  1085. data/locales/config.yaml +29 -0
  1086. data/locales/en/puppet.po +19 -0
  1087. data/locales/puppet.pot +20 -0
  1088. data/man/man5/puppet.conf.5 +2198 -0
  1089. data/man/man8/puppet-agent.8 +203 -0
  1090. data/man/man8/puppet-apply.8 +100 -0
  1091. data/man/man8/puppet-catalog.8 +291 -0
  1092. data/man/man8/puppet-config.8 +151 -0
  1093. data/man/man8/puppet-describe.8 +51 -0
  1094. data/man/man8/puppet-device.8 +119 -0
  1095. data/man/man8/puppet-doc.8 +46 -0
  1096. data/man/man8/puppet-epp.8 +377 -0
  1097. data/man/man8/puppet-facts.8 +234 -0
  1098. data/man/man8/puppet-filebucket.8 +166 -0
  1099. data/man/man8/puppet-generate.8 +84 -0
  1100. data/man/man8/puppet-help.8 +67 -0
  1101. data/man/man8/puppet-lookup.8 +107 -0
  1102. data/man/man8/puppet-module.8 +325 -0
  1103. data/man/man8/puppet-node.8 +163 -0
  1104. data/man/man8/puppet-parser.8 +130 -0
  1105. data/man/man8/puppet-plugin.8 +73 -0
  1106. data/man/man8/puppet-report.8 +127 -0
  1107. data/man/man8/puppet-resource.8 +88 -0
  1108. data/man/man8/puppet-script.8 +70 -0
  1109. data/man/man8/puppet-ssl.8 +63 -0
  1110. data/man/man8/puppet.8 +28 -0
  1111. data/tasks/benchmark.rake +180 -0
  1112. data/tasks/ci.rake +24 -0
  1113. data/tasks/generate_ast_model.rake +90 -0
  1114. data/tasks/generate_cert_fixtures.rake +194 -0
  1115. data/tasks/manpages.rake +67 -0
  1116. data/tasks/memwalk.rake +195 -0
  1117. data/tasks/parallel.rake +410 -0
  1118. data/tasks/parser.rake +22 -0
  1119. data/tasks/yard.rake +59 -0
  1120. metadata +1324 -0
@@ -0,0 +1,474 @@
1
+ require_relative '../../puppet/ssl'
2
+ require_relative '../../puppet/util/pidlock'
3
+
4
+ # This class implements a state machine for bootstrapping a host's CA and CRL
5
+ # bundles, private key and signed client certificate. Each state has a frozen
6
+ # SSLContext that it uses to make network connections. If a state makes progress
7
+ # bootstrapping the host, then the state will generate a new frozen SSLContext
8
+ # and pass that to the next state. For example, the NeedCACerts state will load
9
+ # or download a CA bundle, and generate a new SSLContext containing those CA
10
+ # certs. This way we're sure about which SSLContext is being used during any
11
+ # phase of the bootstrapping process.
12
+ #
13
+ # @api private
14
+ class Puppet::SSL::StateMachine
15
+ class SSLState
16
+ attr_reader :ssl_context
17
+
18
+ def initialize(machine, ssl_context)
19
+ @machine = machine
20
+ @ssl_context = ssl_context
21
+ @cert_provider = machine.cert_provider
22
+ @ssl_provider = machine.ssl_provider
23
+ end
24
+
25
+ def to_error(message, cause)
26
+ detail = Puppet::Error.new(message)
27
+ detail.set_backtrace(cause.backtrace)
28
+ Error.new(@machine, message, detail)
29
+ end
30
+
31
+ def log_error(message)
32
+ # When running daemonized we set stdout to /dev/null, so write to the log instead
33
+ if Puppet[:daemonize]
34
+ Puppet.err(message)
35
+ else
36
+ $stdout.puts(message)
37
+ end
38
+ end
39
+ end
40
+
41
+ # Load existing CA certs or download them. Transition to NeedCRLs.
42
+ #
43
+ class NeedCACerts < SSLState
44
+ def initialize(machine)
45
+ super(machine, nil)
46
+ @ssl_context = @ssl_provider.create_insecure_context
47
+ end
48
+
49
+ def next_state
50
+ Puppet.debug("Loading CA certs")
51
+
52
+ cacerts = @cert_provider.load_cacerts
53
+ if cacerts
54
+ next_ctx = @ssl_provider.create_root_context(cacerts: cacerts, revocation: false)
55
+ else
56
+ route = @machine.session.route_to(:ca, ssl_context: @ssl_context)
57
+ _, pem = route.get_certificate(Puppet::SSL::CA_NAME, ssl_context: @ssl_context)
58
+ if @machine.ca_fingerprint
59
+ actual_digest = Puppet::SSL::Digest.new(@machine.digest, pem).to_hex
60
+ expected_digest = @machine.ca_fingerprint.scan(/../).join(':').upcase
61
+ if actual_digest == expected_digest
62
+ Puppet.info(_("Verified CA bundle with digest (%{digest_type}) %{actual_digest}") %
63
+ { digest_type: @machine.digest, actual_digest: actual_digest })
64
+ else
65
+ e = Puppet::Error.new(_("CA bundle with digest (%{digest_type}) %{actual_digest} did not match expected digest %{expected_digest}") % { digest_type: @machine.digest, actual_digest: actual_digest, expected_digest: expected_digest })
66
+ return Error.new(@machine, e.message, e)
67
+ end
68
+ end
69
+
70
+ cacerts = @cert_provider.load_cacerts_from_pem(pem)
71
+ # verify cacerts before saving
72
+ next_ctx = @ssl_provider.create_root_context(cacerts: cacerts, revocation: false)
73
+ @cert_provider.save_cacerts(cacerts)
74
+ end
75
+
76
+ NeedCRLs.new(@machine, next_ctx)
77
+ rescue OpenSSL::X509::CertificateError => e
78
+ Error.new(@machine, e.message, e)
79
+ rescue Puppet::HTTP::ResponseError => e
80
+ if e.response.code == 404
81
+ to_error(_('CA certificate is missing from the server'), e)
82
+ else
83
+ to_error(_('Could not download CA certificate: %{message}') % { message: e.message }, e)
84
+ end
85
+ end
86
+ end
87
+
88
+ # If revocation is enabled, load CRLs or download them, using the CA bundle
89
+ # from the previous state. Transition to NeedKey. Even if Puppet[:certificate_revocation]
90
+ # is leaf or chain, disable revocation when downloading the CRL, since 1) we may
91
+ # not have one yet or 2) the connection will fail if NeedCACerts downloaded a new CA
92
+ # for which we don't have a CRL
93
+ #
94
+ class NeedCRLs < SSLState
95
+ def next_state
96
+ Puppet.debug("Loading CRLs")
97
+
98
+ case Puppet[:certificate_revocation]
99
+ when :chain, :leaf
100
+ crls = @cert_provider.load_crls
101
+ if crls
102
+ next_ctx = @ssl_provider.create_root_context(cacerts: ssl_context[:cacerts], crls: crls)
103
+
104
+ crl_ttl = Puppet[:crl_refresh_interval]
105
+ if crl_ttl
106
+ last_update = @cert_provider.crl_last_update
107
+ now = Time.now
108
+ if last_update.nil? || now.to_i > last_update.to_i + crl_ttl
109
+ # set last updated time first, then make a best effort to refresh
110
+ @cert_provider.crl_last_update = now
111
+ next_ctx = refresh_crl(next_ctx, last_update)
112
+ end
113
+ end
114
+ else
115
+ next_ctx = download_crl(@ssl_context, nil)
116
+ end
117
+ else
118
+ Puppet.info("Certificate revocation is disabled, skipping CRL download")
119
+ next_ctx = @ssl_provider.create_root_context(cacerts: ssl_context[:cacerts], crls: [])
120
+ end
121
+
122
+ NeedKey.new(@machine, next_ctx)
123
+ rescue OpenSSL::X509::CRLError => e
124
+ Error.new(@machine, e.message, e)
125
+ rescue Puppet::HTTP::ResponseError => e
126
+ if e.response.code == 404
127
+ to_error(_('CRL is missing from the server'), e)
128
+ else
129
+ to_error(_('Could not download CRLs: %{message}') % { message: e.message }, e)
130
+ end
131
+ end
132
+
133
+ private
134
+
135
+ def refresh_crl(ssl_ctx, last_update)
136
+ Puppet.info(_("Refreshing CRL"))
137
+
138
+ # return the next_ctx containing the updated crl
139
+ download_crl(ssl_ctx, last_update)
140
+ rescue Puppet::HTTP::ResponseError => e
141
+ if e.response.code == 304
142
+ Puppet.info(_("CRL is unmodified, using existing CRL"))
143
+ else
144
+ Puppet.info(_("Failed to refresh CRL, using existing CRL: %{message}") % {message: e.message})
145
+ end
146
+
147
+ # return the original ssl_ctx
148
+ ssl_ctx
149
+ rescue Puppet::HTTP::HTTPError => e
150
+ Puppet.warning(_("Failed to refresh CRL, using existing CRL: %{message}") % {message: e.message})
151
+
152
+ # return the original ssl_ctx
153
+ ssl_ctx
154
+ end
155
+
156
+ def download_crl(ssl_ctx, last_update)
157
+ route = @machine.session.route_to(:ca, ssl_context: ssl_ctx)
158
+ _, pem = route.get_certificate_revocation_list(if_modified_since: last_update, ssl_context: ssl_ctx)
159
+ crls = @cert_provider.load_crls_from_pem(pem)
160
+ # verify crls before saving
161
+ next_ctx = @ssl_provider.create_root_context(cacerts: ssl_ctx[:cacerts], crls: crls)
162
+ @cert_provider.save_crls(crls)
163
+
164
+ next_ctx
165
+ end
166
+ end
167
+
168
+ # Load or generate a private key. If the key exists, try to load the client cert
169
+ # and transition to Done. If the cert is mismatched or otherwise fails valiation,
170
+ # raise an error. If the key doesn't exist yet, generate one, and save it. If the
171
+ # cert doesn't exist yet, transition to NeedSubmitCSR.
172
+ #
173
+ class NeedKey < SSLState
174
+ def next_state
175
+ Puppet.debug(_("Loading/generating private key"))
176
+
177
+ password = @cert_provider.load_private_key_password
178
+ key = @cert_provider.load_private_key(Puppet[:certname], password: password)
179
+ if key
180
+ cert = @cert_provider.load_client_cert(Puppet[:certname])
181
+ if cert
182
+ next_ctx = @ssl_provider.create_context(
183
+ cacerts: @ssl_context.cacerts, crls: @ssl_context.crls, private_key: key, client_cert: cert
184
+ )
185
+ return Done.new(@machine, next_ctx)
186
+ end
187
+ else
188
+ if Puppet[:key_type] == 'ec'
189
+ Puppet.info _("Creating a new EC SSL key for %{name} using curve %{curve}") % { name: Puppet[:certname], curve: Puppet[:named_curve] }
190
+ key = OpenSSL::PKey::EC.generate(Puppet[:named_curve])
191
+ else
192
+ Puppet.info _("Creating a new RSA SSL key for %{name}") % { name: Puppet[:certname] }
193
+ key = OpenSSL::PKey::RSA.new(Puppet[:keylength].to_i)
194
+ end
195
+
196
+ @cert_provider.save_private_key(Puppet[:certname], key, password: password)
197
+ end
198
+
199
+ NeedSubmitCSR.new(@machine, @ssl_context, key)
200
+ end
201
+ end
202
+
203
+ # Base class for states with a private key.
204
+ #
205
+ class KeySSLState < SSLState
206
+ attr_reader :private_key
207
+
208
+ def initialize(machine, ssl_context, private_key)
209
+ super(machine, ssl_context)
210
+ @private_key = private_key
211
+ end
212
+ end
213
+
214
+ # Generate and submit a CSR using the CA cert bundle and optional CRL bundle
215
+ # from earlier states. If the request is submitted, proceed to NeedCert,
216
+ # otherwise Wait. This could be due to the server already having a CSR
217
+ # for this host (either the same or different CSR content), having a
218
+ # signed certificate, or a revoked certificate.
219
+ #
220
+ class NeedSubmitCSR < KeySSLState
221
+ def next_state
222
+ Puppet.debug(_("Generating and submitting a CSR"))
223
+
224
+ csr = @cert_provider.create_request(Puppet[:certname], @private_key)
225
+ route = @machine.session.route_to(:ca, ssl_context: @ssl_context)
226
+ route.put_certificate_request(Puppet[:certname], csr, ssl_context: @ssl_context)
227
+ @cert_provider.save_request(Puppet[:certname], csr)
228
+ NeedCert.new(@machine, @ssl_context, @private_key)
229
+ rescue Puppet::HTTP::ResponseError => e
230
+ if e.response.code == 400
231
+ NeedCert.new(@machine, @ssl_context, @private_key)
232
+ else
233
+ to_error(_("Failed to submit the CSR, HTTP response was %{code}") % { code: e.response.code }, e)
234
+ end
235
+ end
236
+ end
237
+
238
+ # Attempt to load or retrieve our signed cert.
239
+ #
240
+ class NeedCert < KeySSLState
241
+ def next_state
242
+ Puppet.debug(_("Downloading client certificate"))
243
+
244
+ route = @machine.session.route_to(:ca, ssl_context: @ssl_context)
245
+ cert = OpenSSL::X509::Certificate.new(
246
+ route.get_certificate(Puppet[:certname], ssl_context: @ssl_context)[1]
247
+ )
248
+ Puppet.info _("Downloaded certificate for %{name} from %{url}") % { name: Puppet[:certname], url: route.url }
249
+ # verify client cert before saving
250
+ next_ctx = @ssl_provider.create_context(
251
+ cacerts: @ssl_context.cacerts, crls: @ssl_context.crls, private_key: @private_key, client_cert: cert
252
+ )
253
+ @cert_provider.save_client_cert(Puppet[:certname], cert)
254
+ @cert_provider.delete_request(Puppet[:certname])
255
+ Done.new(@machine, next_ctx)
256
+ rescue Puppet::SSL::SSLError => e
257
+ Error.new(@machine, e.message, e)
258
+ rescue OpenSSL::X509::CertificateError => e
259
+ Error.new(@machine, _("Failed to parse certificate: %{message}") % {message: e.message}, e)
260
+ rescue Puppet::HTTP::ResponseError => e
261
+ if e.response.code == 404
262
+ Puppet.info(_("Certificate for %{certname} has not been signed yet") % {certname: Puppet[:certname]})
263
+ $stdout.puts _("Couldn't fetch certificate from CA server; you might still need to sign this agent's certificate (%{name}).") % { name: Puppet[:certname] }
264
+ Wait.new(@machine)
265
+ else
266
+ to_error(_("Failed to retrieve certificate for %{certname}: %{message}") %
267
+ {certname: Puppet[:certname], message: e.response.message}, e)
268
+ end
269
+ end
270
+ end
271
+
272
+ # We cannot make progress, so wait if allowed to do so, or exit.
273
+ #
274
+ class Wait < SSLState
275
+ def initialize(machine)
276
+ super(machine, nil)
277
+ end
278
+
279
+ def next_state
280
+ time = @machine.waitforcert
281
+ if time < 1
282
+ log_error(_("Exiting now because the waitforcert setting is set to 0."))
283
+ exit(1)
284
+ elsif Time.now.to_i > @machine.wait_deadline
285
+ log_error(_("Couldn't fetch certificate from CA server; you might still need to sign this agent's certificate (%{name}). Exiting now because the maxwaitforcert timeout has been exceeded.") % {name: Puppet[:certname] })
286
+ exit(1)
287
+ else
288
+ Puppet.info(_("Will try again in %{time} seconds.") % {time: time})
289
+
290
+ # close http/tls and session state before sleeping
291
+ Puppet.runtime[:http].close
292
+ @machine.session = Puppet.runtime[:http].create_session
293
+
294
+ @machine.unlock
295
+ Kernel.sleep(time)
296
+ NeedLock.new(@machine)
297
+ end
298
+ end
299
+ end
300
+
301
+ # Acquire the ssl lock or return LockFailure causing us to exit.
302
+ #
303
+ class NeedLock < SSLState
304
+ def initialize(machine)
305
+ super(machine, nil)
306
+ end
307
+
308
+ def next_state
309
+ if @machine.lock
310
+ # our ssl directory may have been cleaned while we were
311
+ # sleeping, start over from the top
312
+ NeedCACerts.new(@machine)
313
+ elsif @machine.waitforlock < 1
314
+ LockFailure.new(@machine, _("Another puppet instance is already running and the waitforlock setting is set to 0; exiting"))
315
+ elsif Time.now.to_i >= @machine.waitlock_deadline
316
+ LockFailure.new(@machine, _("Another puppet instance is already running and the maxwaitforlock timeout has been exceeded; exiting"))
317
+ else
318
+ Puppet.info _("Another puppet instance is already running; waiting for it to finish")
319
+ Puppet.info _("Will try again in %{time} seconds.") % {time: @machine.waitforlock}
320
+ Kernel.sleep @machine.waitforlock
321
+
322
+ # try again
323
+ self
324
+ end
325
+ end
326
+ end
327
+
328
+ # We failed to acquire the lock, so exit
329
+ #
330
+ class LockFailure < SSLState
331
+ attr_reader :message
332
+
333
+ def initialize(machine, message)
334
+ super(machine, nil)
335
+ @message = message
336
+ end
337
+ end
338
+
339
+ # We cannot make progress due to an error.
340
+ #
341
+ class Error < SSLState
342
+ attr_reader :message, :error
343
+
344
+ def initialize(machine, message, error)
345
+ super(machine, nil)
346
+ @message = message
347
+ @error = error
348
+ end
349
+
350
+ def next_state
351
+ Puppet.log_exception(@error, @message)
352
+ Wait.new(@machine)
353
+ end
354
+ end
355
+
356
+ # We have a CA bundle, optional CRL bundle, a private key and matching cert
357
+ # that chains to one of the root certs in our bundle.
358
+ #
359
+ class Done < SSLState; end
360
+
361
+ attr_reader :waitforcert, :wait_deadline, :waitforlock, :waitlock_deadline, :cert_provider, :ssl_provider, :ca_fingerprint, :digest
362
+ attr_accessor :session
363
+
364
+ # Construct a state machine to manage the SSL initialization process. By
365
+ # default, if the state machine encounters an exception, it will log the
366
+ # exception and wait for `waitforcert` seconds and retry, restarting from the
367
+ # beginning of the state machine.
368
+ #
369
+ # However, if `onetime` is true, then the state machine will raise the first
370
+ # error it encounters, instead of waiting. Otherwise, if `waitforcert` is 0,
371
+ # then then state machine will exit instead of wait.
372
+ #
373
+ # @param waitforcert [Integer] how many seconds to wait between attempts
374
+ # @param maxwaitforcert [Integer] maximum amount of seconds to wait for the
375
+ # server to sign the certificate request
376
+ # @param waitforlock [Integer] how many seconds to wait between attempts for
377
+ # acquiring the ssl lock
378
+ # @param maxwaitforlock [Integer] maximum amount of seconds to wait for an
379
+ # already running process to release the ssl lock
380
+ # @param onetime [Boolean] whether to run onetime
381
+ # @param lockfile [Puppet::Util::Pidlock] lockfile to protect against
382
+ # concurrent modification by multiple processes
383
+ # @param cert_provider [Puppet::X509::CertProvider] cert provider to use
384
+ # to load and save X509 objects.
385
+ # @param ssl_provider [Puppet::SSL::SSLProvider] ssl provider to use
386
+ # to construct ssl contexts.
387
+ # @param digest [String] digest algorithm to use for certificate fingerprinting
388
+ # @param ca_fingerprint [String] optional fingerprint to verify the
389
+ # downloaded CA bundle
390
+ def initialize(waitforcert: Puppet[:waitforcert],
391
+ maxwaitforcert: Puppet[:maxwaitforcert],
392
+ waitforlock: Puppet[:waitforlock],
393
+ maxwaitforlock: Puppet[:maxwaitforlock],
394
+ onetime: Puppet[:onetime],
395
+ cert_provider: Puppet::X509::CertProvider.new,
396
+ ssl_provider: Puppet::SSL::SSLProvider.new,
397
+ lockfile: Puppet::Util::Pidlock.new(Puppet[:ssl_lockfile]),
398
+ digest: 'SHA256',
399
+ ca_fingerprint: Puppet[:ca_fingerprint])
400
+ @waitforcert = waitforcert
401
+ @wait_deadline = Time.now.to_i + maxwaitforcert
402
+ @waitforlock = waitforlock
403
+ @waitlock_deadline = Time.now.to_i + maxwaitforlock
404
+ @onetime = onetime
405
+ @cert_provider = cert_provider
406
+ @ssl_provider = ssl_provider
407
+ @lockfile = lockfile
408
+ @digest = digest
409
+ @ca_fingerprint = ca_fingerprint
410
+ @session = Puppet.runtime[:http].create_session
411
+ end
412
+
413
+ # Run the state machine for CA certs and CRLs.
414
+ #
415
+ # @return [Puppet::SSL::SSLContext] initialized SSLContext
416
+ # @raise [Puppet::Error] If we fail to generate an SSLContext
417
+ # @api private
418
+ def ensure_ca_certificates
419
+ final_state = run_machine(NeedLock.new(self), NeedKey)
420
+ final_state.ssl_context
421
+ end
422
+
423
+ # Run the state machine for CA certs and CRLs.
424
+ #
425
+ # @return [Puppet::SSL::SSLContext] initialized SSLContext
426
+ # @raise [Puppet::Error] If we fail to generate an SSLContext
427
+ # @api private
428
+ def ensure_client_certificate
429
+ final_state = run_machine(NeedLock.new(self), Done)
430
+ ssl_context = final_state.ssl_context
431
+ @ssl_provider.print(ssl_context, @digest)
432
+ ssl_context
433
+ end
434
+
435
+ def lock
436
+ @lockfile.lock
437
+ end
438
+
439
+ def unlock
440
+ @lockfile.unlock
441
+ end
442
+
443
+ private
444
+
445
+ def run_machine(state, stop)
446
+ loop do
447
+ state = run_step(state)
448
+
449
+ case state
450
+ when stop
451
+ break
452
+ when LockFailure
453
+ raise Puppet::Error, state.message
454
+ when Error
455
+ if @onetime
456
+ Puppet.log_exception(state.error)
457
+ raise state.error
458
+ end
459
+ else
460
+ # fall through
461
+ end
462
+ end
463
+
464
+ state
465
+ ensure
466
+ @lockfile.unlock if @lockfile.locked?
467
+ end
468
+
469
+ def run_step(state)
470
+ state.next_state
471
+ rescue => e
472
+ state.to_error(e.message, e)
473
+ end
474
+ end
@@ -0,0 +1,142 @@
1
+ require_relative '../../puppet/ssl'
2
+
3
+ # Verify an SSL connection.
4
+ #
5
+ # @api private
6
+ class Puppet::SSL::Verifier
7
+
8
+ FIVE_MINUTES_AS_SECONDS = 5 * 60
9
+
10
+ attr_reader :ssl_context
11
+
12
+ # Create a verifier using an `ssl_context`.
13
+ #
14
+ # @param hostname [String] FQDN of the server we're attempting to connect to
15
+ # @param ssl_context [Puppet::SSL::SSLContext] ssl_context containing CA certs,
16
+ # CRLs, etc needed to verify the server's certificate chain
17
+ # @api private
18
+ def initialize(hostname, ssl_context)
19
+ @hostname = hostname
20
+ @ssl_context = ssl_context
21
+ end
22
+
23
+ # Return true if `self` is reusable with `verifier` meaning they
24
+ # are using the same `ssl_context`, so there's no loss of security
25
+ # when using a cached connection.
26
+ #
27
+ # @param verifier [Puppet::SSL::Verifier] the verifier to compare against
28
+ # @return [Boolean] return true if a cached connection can be used, false otherwise
29
+ # @api private
30
+ def reusable?(verifier)
31
+ verifier.instance_of?(self.class) &&
32
+ verifier.ssl_context.object_id == @ssl_context.object_id
33
+ end
34
+
35
+ # Configure the `http` connection based on the current `ssl_context`.
36
+ #
37
+ # @param http [Net::HTTP] connection
38
+ # @api private
39
+ def setup_connection(http)
40
+ http.cert_store = @ssl_context[:store]
41
+ http.cert = @ssl_context[:client_cert]
42
+ http.key = @ssl_context[:private_key]
43
+ # default to VERIFY_PEER
44
+ http.verify_mode = if !@ssl_context[:verify_peer]
45
+ OpenSSL::SSL::VERIFY_NONE
46
+ else
47
+ OpenSSL::SSL::VERIFY_PEER
48
+ end
49
+ http.verify_callback = self
50
+ end
51
+
52
+ # This method is called if `Net::HTTP#start` raises an exception, which
53
+ # could be a result of an openssl error during cert verification, due
54
+ # to ruby's `Socket#post_connection_check`, or general SSL connection
55
+ # error.
56
+ #
57
+ # @param http [Net::HTTP] connection
58
+ # @param error [OpenSSL::SSL::SSLError] connection error
59
+ # @raise [Puppet::SSL::CertVerifyError] SSL connection failed due to a
60
+ # verification error with the server's certificate or chain
61
+ # @raise [Puppet::Error] server hostname does not match certificate
62
+ # @raise [OpenSSL::SSL::SSLError] low-level SSL connection failure
63
+ # @api private
64
+ def handle_connection_error(http, error)
65
+ raise @last_error if @last_error
66
+
67
+ # ruby can pass SSL validation but fail post_connection_check
68
+ peer_cert = http.peer_cert
69
+ if peer_cert && !OpenSSL::SSL.verify_certificate_identity(peer_cert, @hostname)
70
+ raise Puppet::SSL::CertMismatchError.new(peer_cert, @hostname)
71
+ else
72
+ raise error
73
+ end
74
+ end
75
+
76
+ # OpenSSL will call this method with the verification result for each cert in
77
+ # the server's chain, working from the root CA to the server's cert. If
78
+ # preverify_ok is `true`, then that cert passed verification. If it's `false`
79
+ # then the current verification error is contained in `store_context.error`.
80
+ # and the current cert is in `store_context.current_cert`.
81
+ #
82
+ # If this method returns `false`, then verification stops and ruby will raise
83
+ # an `OpenSSL::SSL::Error` with "certificate verification failed". If this
84
+ # method returns `true`, then verification continues.
85
+ #
86
+ # If this method ignores a verification error, such as the cert's CRL will be
87
+ # valid within the next 5 minutes, then this method may be called with a
88
+ # different verification error for the same cert.
89
+ #
90
+ # WARNING: If `store_context.error` returns `OpenSSL::X509::V_OK`, don't
91
+ # assume verification passed. Ruby 2.4+ implements certificate hostname
92
+ # checking by default, and if the cert doesn't match the hostname, then the
93
+ # error will be V_OK. Always use `preverify_ok` to determine if verification
94
+ # succeeded or not.
95
+ #
96
+ # @param preverify_ok [Boolean] if `true` the current certificate in `store_context`
97
+ # was verified. Otherwise, check for the current error in `store_context.error`
98
+ # @param store_context [OpenSSL::X509::StoreContext] The context holding the
99
+ # verification result for one certificate
100
+ # @return [Boolean] If `true`, continue verifying the chain, even if that means
101
+ # ignoring the current verification error. If `false`, abort the connection.
102
+ #
103
+ # @api private
104
+ def call(preverify_ok, store_context)
105
+ return true if preverify_ok
106
+
107
+ peer_cert = store_context.current_cert
108
+
109
+ case store_context.error
110
+ when OpenSSL::X509::V_OK
111
+ # chain is from leaf to root, opposite of the order that `call` is invoked
112
+ chain_cert = store_context.chain.first
113
+
114
+ # ruby 2.4 doesn't compare certs based on value, so force to DER byte array
115
+ if peer_cert && chain_cert && peer_cert.to_der == chain_cert.to_der && !OpenSSL::SSL.verify_certificate_identity(peer_cert, @hostname)
116
+ @last_error = Puppet::SSL::CertMismatchError.new(peer_cert, @hostname)
117
+ return false
118
+ end
119
+
120
+ # ruby-openssl#74ef8c0cc56b840b772240f2ee2b0fc0aafa2743 now sets the
121
+ # store_context error when the cert is mismatched
122
+ when OpenSSL::X509::V_ERR_HOSTNAME_MISMATCH
123
+ @last_error = Puppet::SSL::CertMismatchError.new(peer_cert, @hostname)
124
+ return false
125
+
126
+ when OpenSSL::X509::V_ERR_CRL_NOT_YET_VALID
127
+ crl = store_context.current_crl
128
+ if crl && crl.last_update && crl.last_update < Time.now + FIVE_MINUTES_AS_SECONDS
129
+ Puppet.debug("Ignoring CRL not yet valid, current time #{Time.now.utc}, CRL last updated #{crl.last_update.utc}")
130
+ return true
131
+ end
132
+ end
133
+
134
+ # TRANSLATORS: `error` is an untranslated message from openssl describing why a certificate in the server's chain is invalid, and `subject` is the identity/name of the failed certificate
135
+ @last_error = Puppet::SSL::CertVerifyError.new(
136
+ _("certificate verify failed [%{error} for %{subject}]") %
137
+ { error: store_context.error_string, subject: peer_cert.subject.to_utf8 },
138
+ store_context.error, peer_cert
139
+ )
140
+ false
141
+ end
142
+ end
data/lib/puppet/ssl.rb ADDED
@@ -0,0 +1,23 @@
1
+ # Just to make the constants work out.
2
+ require_relative '../puppet'
3
+ require_relative 'ssl/openssl_loader'
4
+
5
+ # Responsible for bootstrapping an agent's certificate and private key, generating
6
+ # SSLContexts for use in making HTTPS connections, and handling CSR attributes and
7
+ # certificate extensions.
8
+ #
9
+ # @see Puppet::SSL::SSLProvider
10
+ # @api private
11
+ module Puppet::SSL
12
+ CA_NAME = "ca".freeze
13
+
14
+ require_relative 'ssl/oids'
15
+ require_relative 'ssl/error'
16
+ require_relative 'ssl/ssl_context'
17
+ require_relative 'ssl/verifier'
18
+ require_relative 'ssl/ssl_provider'
19
+ require_relative 'ssl/state_machine'
20
+ require_relative 'ssl/certificate'
21
+ require_relative 'ssl/certificate_request'
22
+ require_relative 'ssl/certificate_request_attributes'
23
+ end
@@ -0,0 +1,40 @@
1
+ # A syntax checker for Base64.
2
+ # @api public
3
+ require_relative '../../puppet/syntax_checkers'
4
+ require 'base64'
5
+ class Puppet::SyntaxCheckers::Base64 < Puppet::Plugins::SyntaxCheckers::SyntaxChecker
6
+
7
+ # Checks the text for BASE64 syntax issues and reports them to the given acceptor.
8
+ # This checker allows the most relaxed form of Base64, including newlines and missing padding.
9
+ # It also accept URLsafe input.
10
+ #
11
+ # @param text [String] The text to check
12
+ # @param syntax [String] The syntax identifier in mime style (e.g. 'base64', 'text/xxx+base64')
13
+ # @param acceptor [#accept] A Diagnostic acceptor
14
+ # @param source_pos [Puppet::Pops::Adapters::SourcePosAdapter] A source pos adapter with location information
15
+ # @api public
16
+ #
17
+ def check(text, syntax, acceptor, source_pos)
18
+ raise ArgumentError.new(_("Base64 syntax checker: the text to check must be a String.")) unless text.is_a?(String)
19
+ raise ArgumentError.new(_("Base64 syntax checker: the syntax identifier must be a String, e.g. json, data+json")) unless syntax.is_a?(String)
20
+ raise ArgumentError.new(_("Base64 syntax checker: invalid Acceptor, got: '%{klass}'.") % { klass: acceptor.class.name }) unless acceptor.is_a?(Puppet::Pops::Validation::Acceptor)
21
+ cleaned_text = text.gsub(/[\r?\n[:blank:]]/, '')
22
+ begin
23
+ # Do a strict decode64 on text with all whitespace stripped since the non strict version
24
+ # simply skips all non base64 characters
25
+ Base64.strict_decode64(cleaned_text)
26
+ rescue
27
+ msg = if (cleaned_text.bytes.to_a.size * 8) % 6 != 0
28
+ _("Base64 syntax checker: Cannot parse invalid Base64 string - padding is not correct")
29
+ else
30
+ _("Base64 syntax checker: Cannot parse invalid Base64 string - contains letters outside strict base 64 range (or whitespace)")
31
+ end
32
+
33
+ # TODO: improve the pops API to allow simpler diagnostic creation while still maintaining capabilities
34
+ # and the issue code. (In this case especially, where there is only a single error message being issued).
35
+ #
36
+ issue = Puppet::Pops::Issues::issue(:ILLEGAL_BASE64) { msg }
37
+ acceptor.accept(Puppet::Pops::Validation::Diagnostic.new(:error, issue, source_pos.file, source_pos, {}))
38
+ end
39
+ end
40
+ end