openvox 8.19.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1104) hide show
  1. checksums.yaml +7 -0
  2. data/CHANGELOG.md +19 -0
  3. data/CODEOWNERS +11 -0
  4. data/CODE_OF_CONDUCT.md +70 -0
  5. data/Gemfile +87 -0
  6. data/Guardfile.example +76 -0
  7. data/LICENSE +202 -0
  8. data/README.md +63 -0
  9. data/Rakefile +170 -0
  10. data/bin/puppet +10 -0
  11. data/conf/environment.conf +18 -0
  12. data/conf/fileserver.conf +32 -0
  13. data/conf/hiera.yaml +11 -0
  14. data/conf/puppet.conf +6 -0
  15. data/examples/enc/regexp_nodes/classes/databases +2 -0
  16. data/examples/enc/regexp_nodes/classes/webservers +2 -0
  17. data/examples/enc/regexp_nodes/environment/development +2 -0
  18. data/examples/enc/regexp_nodes/parameters/service/prod +1 -0
  19. data/examples/enc/regexp_nodes/parameters/service/qa +3 -0
  20. data/examples/enc/regexp_nodes/parameters/service/sandbox +1 -0
  21. data/examples/enc/regexp_nodes/regexp_nodes.rb +270 -0
  22. data/examples/hiera/README.md +102 -0
  23. data/examples/hiera/data/common.yaml +12 -0
  24. data/examples/hiera/data/dc1.yaml +6 -0
  25. data/examples/hiera/hiera.yaml +15 -0
  26. data/examples/hiera/modules/ntp/data/common.yaml +4 -0
  27. data/examples/hiera/modules/ntp/hiera.yaml +9 -0
  28. data/examples/hiera/modules/ntp/manifests/config.pp +18 -0
  29. data/examples/hiera/modules/ntp/templates/ntp.conf.epp +3 -0
  30. data/examples/hiera/modules/users/manifests/common.pp +9 -0
  31. data/examples/hiera/modules/users/manifests/dc1.pp +9 -0
  32. data/examples/hiera/site.pp +3 -0
  33. data/examples/nagios/check_puppet.rb +123 -0
  34. data/ext/README.md +13 -0
  35. data/ext/build_defaults.yaml +18 -0
  36. data/ext/debian/puppet.default +4 -0
  37. data/ext/debian/puppet.init +113 -0
  38. data/ext/hiera/hiera.yaml +15 -0
  39. data/ext/osx/puppet.plist +32 -0
  40. data/ext/project_data.yaml +20 -0
  41. data/ext/redhat/client.init +169 -0
  42. data/ext/redhat/client.sysconfig +2 -0
  43. data/ext/solaris/smf/puppet +44 -0
  44. data/ext/solaris/smf/puppet.xml +46 -0
  45. data/ext/suse/client.init +141 -0
  46. data/ext/systemd/puppet.service +26 -0
  47. data/ext/windows/puppet_interactive.bat +6 -0
  48. data/ext/windows/puppet_shell.bat +9 -0
  49. data/ext/windows/run_puppet_interactive.bat +9 -0
  50. data/ext/windows/service/daemon.bat +6 -0
  51. data/ext/windows/service/daemon.rb +219 -0
  52. data/install.rb +428 -0
  53. data/lib/hiera/puppet_function.rb +86 -0
  54. data/lib/hiera/scope.rb +92 -0
  55. data/lib/hiera_puppet.rb +78 -0
  56. data/lib/puppet/agent/disabler.rb +55 -0
  57. data/lib/puppet/agent/locker.rb +46 -0
  58. data/lib/puppet/agent.rb +178 -0
  59. data/lib/puppet/application/agent.rb +527 -0
  60. data/lib/puppet/application/apply.rb +435 -0
  61. data/lib/puppet/application/catalog.rb +6 -0
  62. data/lib/puppet/application/config.rb +7 -0
  63. data/lib/puppet/application/describe.rb +255 -0
  64. data/lib/puppet/application/device.rb +440 -0
  65. data/lib/puppet/application/doc.rb +232 -0
  66. data/lib/puppet/application/epp.rb +7 -0
  67. data/lib/puppet/application/face_base.rb +277 -0
  68. data/lib/puppet/application/facts.rb +11 -0
  69. data/lib/puppet/application/filebucket.rb +324 -0
  70. data/lib/puppet/application/generate.rb +7 -0
  71. data/lib/puppet/application/help.rb +7 -0
  72. data/lib/puppet/application/indirection_base.rb +6 -0
  73. data/lib/puppet/application/lookup.rb +433 -0
  74. data/lib/puppet/application/module.rb +6 -0
  75. data/lib/puppet/application/node.rb +6 -0
  76. data/lib/puppet/application/parser.rb +7 -0
  77. data/lib/puppet/application/plugin.rb +6 -0
  78. data/lib/puppet/application/report.rb +6 -0
  79. data/lib/puppet/application/resource.rb +264 -0
  80. data/lib/puppet/application/script.rb +266 -0
  81. data/lib/puppet/application/ssl.rb +331 -0
  82. data/lib/puppet/application.rb +596 -0
  83. data/lib/puppet/application_support.rb +69 -0
  84. data/lib/puppet/coercion.rb +42 -0
  85. data/lib/puppet/compilable_resource_type.rb +17 -0
  86. data/lib/puppet/concurrent/lock.rb +15 -0
  87. data/lib/puppet/concurrent/synchronized.rb +15 -0
  88. data/lib/puppet/concurrent/thread_local_singleton.rb +18 -0
  89. data/lib/puppet/concurrent.rb +4 -0
  90. data/lib/puppet/configurer/downloader.rb +91 -0
  91. data/lib/puppet/configurer/fact_handler.rb +51 -0
  92. data/lib/puppet/configurer/plugin_handler.rb +61 -0
  93. data/lib/puppet/configurer.rb +759 -0
  94. data/lib/puppet/confine/any.rb +28 -0
  95. data/lib/puppet/confine/boolean.rb +47 -0
  96. data/lib/puppet/confine/exists.rb +21 -0
  97. data/lib/puppet/confine/false.rb +27 -0
  98. data/lib/puppet/confine/feature.rb +18 -0
  99. data/lib/puppet/confine/true.rb +28 -0
  100. data/lib/puppet/confine/variable.rb +61 -0
  101. data/lib/puppet/confine.rb +86 -0
  102. data/lib/puppet/confine_collection.rb +54 -0
  103. data/lib/puppet/confiner.rb +48 -0
  104. data/lib/puppet/context/trusted_information.rb +122 -0
  105. data/lib/puppet/context.rb +190 -0
  106. data/lib/puppet/daemon.rb +198 -0
  107. data/lib/puppet/data_binding.rb +16 -0
  108. data/lib/puppet/datatypes/error.rb +23 -0
  109. data/lib/puppet/datatypes/impl/error.rb +42 -0
  110. data/lib/puppet/datatypes.rb +218 -0
  111. data/lib/puppet/defaults.rb +2316 -0
  112. data/lib/puppet/environments.rb +599 -0
  113. data/lib/puppet/error.rb +142 -0
  114. data/lib/puppet/etc.rb +185 -0
  115. data/lib/puppet/external/dot.rb +315 -0
  116. data/lib/puppet/face/catalog/select.rb +51 -0
  117. data/lib/puppet/face/catalog.rb +167 -0
  118. data/lib/puppet/face/config.rb +266 -0
  119. data/lib/puppet/face/epp.rb +565 -0
  120. data/lib/puppet/face/facts.rb +176 -0
  121. data/lib/puppet/face/generate.rb +69 -0
  122. data/lib/puppet/face/help/action.erb +89 -0
  123. data/lib/puppet/face/help/face.erb +114 -0
  124. data/lib/puppet/face/help/global.erb +16 -0
  125. data/lib/puppet/face/help/man.erb +152 -0
  126. data/lib/puppet/face/help.rb +260 -0
  127. data/lib/puppet/face/module/changes.rb +44 -0
  128. data/lib/puppet/face/module/install.rb +149 -0
  129. data/lib/puppet/face/module/list.rb +271 -0
  130. data/lib/puppet/face/module/uninstall.rb +91 -0
  131. data/lib/puppet/face/module/upgrade.rb +89 -0
  132. data/lib/puppet/face/module.rb +21 -0
  133. data/lib/puppet/face/node/clean.rb +109 -0
  134. data/lib/puppet/face/node.rb +45 -0
  135. data/lib/puppet/face/parser.rb +226 -0
  136. data/lib/puppet/face/plugin.rb +62 -0
  137. data/lib/puppet/face/report.rb +54 -0
  138. data/lib/puppet/face/resource.rb +55 -0
  139. data/lib/puppet/face.rb +14 -0
  140. data/lib/puppet/facter_impl.rb +96 -0
  141. data/lib/puppet/feature/base.rb +76 -0
  142. data/lib/puppet/feature/bolt.rb +5 -0
  143. data/lib/puppet/feature/cfpropertylist.rb +5 -0
  144. data/lib/puppet/feature/eventlog.rb +7 -0
  145. data/lib/puppet/feature/hiera_eyaml.rb +5 -0
  146. data/lib/puppet/feature/hocon.rb +5 -0
  147. data/lib/puppet/feature/libuser.rb +10 -0
  148. data/lib/puppet/feature/msgpack.rb +5 -0
  149. data/lib/puppet/feature/pe_license.rb +6 -0
  150. data/lib/puppet/feature/pson.rb +6 -0
  151. data/lib/puppet/feature/selinux.rb +5 -0
  152. data/lib/puppet/feature/ssh.rb +5 -0
  153. data/lib/puppet/feature/telnet.rb +5 -0
  154. data/lib/puppet/feature/zlib.rb +7 -0
  155. data/lib/puppet/ffi/posix/constants.rb +16 -0
  156. data/lib/puppet/ffi/posix/functions.rb +25 -0
  157. data/lib/puppet/ffi/posix.rb +12 -0
  158. data/lib/puppet/ffi/windows/api_types.rb +313 -0
  159. data/lib/puppet/ffi/windows/constants.rb +406 -0
  160. data/lib/puppet/ffi/windows/functions.rb +629 -0
  161. data/lib/puppet/ffi/windows/structs.rb +339 -0
  162. data/lib/puppet/ffi/windows.rb +14 -0
  163. data/lib/puppet/file_bucket/dipper.rb +183 -0
  164. data/lib/puppet/file_bucket/file.rb +131 -0
  165. data/lib/puppet/file_bucket.rb +6 -0
  166. data/lib/puppet/file_serving/base.rb +94 -0
  167. data/lib/puppet/file_serving/configuration/parser.rb +116 -0
  168. data/lib/puppet/file_serving/configuration.rb +116 -0
  169. data/lib/puppet/file_serving/content.rb +45 -0
  170. data/lib/puppet/file_serving/fileset.rb +190 -0
  171. data/lib/puppet/file_serving/http_metadata.rb +61 -0
  172. data/lib/puppet/file_serving/metadata.rb +174 -0
  173. data/lib/puppet/file_serving/mount/file.rb +126 -0
  174. data/lib/puppet/file_serving/mount/locales.rb +35 -0
  175. data/lib/puppet/file_serving/mount/modules.rb +29 -0
  176. data/lib/puppet/file_serving/mount/pluginfacts.rb +35 -0
  177. data/lib/puppet/file_serving/mount/plugins.rb +35 -0
  178. data/lib/puppet/file_serving/mount/scripts.rb +27 -0
  179. data/lib/puppet/file_serving/mount/tasks.rb +26 -0
  180. data/lib/puppet/file_serving/mount.rb +41 -0
  181. data/lib/puppet/file_serving/terminus_helper.rb +33 -0
  182. data/lib/puppet/file_serving/terminus_selector.rb +33 -0
  183. data/lib/puppet/file_serving.rb +5 -0
  184. data/lib/puppet/file_system/file_impl.rb +189 -0
  185. data/lib/puppet/file_system/jruby.rb +25 -0
  186. data/lib/puppet/file_system/memory_file.rb +82 -0
  187. data/lib/puppet/file_system/memory_impl.rb +103 -0
  188. data/lib/puppet/file_system/path_pattern.rb +95 -0
  189. data/lib/puppet/file_system/posix.rb +52 -0
  190. data/lib/puppet/file_system/uniquefile.rb +190 -0
  191. data/lib/puppet/file_system/windows.rb +224 -0
  192. data/lib/puppet/file_system.rb +421 -0
  193. data/lib/puppet/forge/cache.rb +61 -0
  194. data/lib/puppet/forge/errors.rb +113 -0
  195. data/lib/puppet/forge/repository.rb +98 -0
  196. data/lib/puppet/forge.rb +257 -0
  197. data/lib/puppet/functions/abs.rb +64 -0
  198. data/lib/puppet/functions/alert.rb +16 -0
  199. data/lib/puppet/functions/all.rb +106 -0
  200. data/lib/puppet/functions/annotate.rb +110 -0
  201. data/lib/puppet/functions/any.rb +111 -0
  202. data/lib/puppet/functions/assert_type.rb +96 -0
  203. data/lib/puppet/functions/binary_file.rb +35 -0
  204. data/lib/puppet/functions/break.rb +49 -0
  205. data/lib/puppet/functions/call.rb +81 -0
  206. data/lib/puppet/functions/camelcase.rb +63 -0
  207. data/lib/puppet/functions/capitalize.rb +62 -0
  208. data/lib/puppet/functions/ceiling.rb +38 -0
  209. data/lib/puppet/functions/chomp.rb +58 -0
  210. data/lib/puppet/functions/chop.rb +68 -0
  211. data/lib/puppet/functions/compare.rb +127 -0
  212. data/lib/puppet/functions/contain.rb +58 -0
  213. data/lib/puppet/functions/convert_to.rb +36 -0
  214. data/lib/puppet/functions/crit.rb +16 -0
  215. data/lib/puppet/functions/debug.rb +16 -0
  216. data/lib/puppet/functions/defined.rb +163 -0
  217. data/lib/puppet/functions/dig.rb +70 -0
  218. data/lib/puppet/functions/downcase.rb +91 -0
  219. data/lib/puppet/functions/each.rb +169 -0
  220. data/lib/puppet/functions/emerg.rb +16 -0
  221. data/lib/puppet/functions/empty.rb +87 -0
  222. data/lib/puppet/functions/epp.rb +50 -0
  223. data/lib/puppet/functions/err.rb +16 -0
  224. data/lib/puppet/functions/eyaml_lookup_key.rb +103 -0
  225. data/lib/puppet/functions/filter.rb +138 -0
  226. data/lib/puppet/functions/find_file.rb +50 -0
  227. data/lib/puppet/functions/find_template.rb +65 -0
  228. data/lib/puppet/functions/flatten.rb +66 -0
  229. data/lib/puppet/functions/floor.rb +38 -0
  230. data/lib/puppet/functions/get.rb +152 -0
  231. data/lib/puppet/functions/getvar.rb +89 -0
  232. data/lib/puppet/functions/group_by.rb +62 -0
  233. data/lib/puppet/functions/hiera.rb +91 -0
  234. data/lib/puppet/functions/hiera_array.rb +83 -0
  235. data/lib/puppet/functions/hiera_hash.rb +94 -0
  236. data/lib/puppet/functions/hiera_include.rb +107 -0
  237. data/lib/puppet/functions/hocon_data.rb +41 -0
  238. data/lib/puppet/functions/import.rb +9 -0
  239. data/lib/puppet/functions/include.rb +56 -0
  240. data/lib/puppet/functions/index.rb +168 -0
  241. data/lib/puppet/functions/info.rb +16 -0
  242. data/lib/puppet/functions/inline_epp.rb +61 -0
  243. data/lib/puppet/functions/join.rb +58 -0
  244. data/lib/puppet/functions/json_data.rb +33 -0
  245. data/lib/puppet/functions/keys.rb +27 -0
  246. data/lib/puppet/functions/length.rb +45 -0
  247. data/lib/puppet/functions/lest.rb +57 -0
  248. data/lib/puppet/functions/lookup.rb +224 -0
  249. data/lib/puppet/functions/lstrip.rb +59 -0
  250. data/lib/puppet/functions/map.rb +137 -0
  251. data/lib/puppet/functions/match.rb +133 -0
  252. data/lib/puppet/functions/max.rb +250 -0
  253. data/lib/puppet/functions/min.rb +249 -0
  254. data/lib/puppet/functions/module_directory.rb +43 -0
  255. data/lib/puppet/functions/new.rb +1013 -0
  256. data/lib/puppet/functions/next.rb +35 -0
  257. data/lib/puppet/functions/notice.rb +16 -0
  258. data/lib/puppet/functions/partition.rb +62 -0
  259. data/lib/puppet/functions/reduce.rb +159 -0
  260. data/lib/puppet/functions/regsubst.rb +100 -0
  261. data/lib/puppet/functions/require.rb +81 -0
  262. data/lib/puppet/functions/return.rb +17 -0
  263. data/lib/puppet/functions/reverse_each.rb +96 -0
  264. data/lib/puppet/functions/round.rb +26 -0
  265. data/lib/puppet/functions/rstrip.rb +59 -0
  266. data/lib/puppet/functions/scanf.rb +46 -0
  267. data/lib/puppet/functions/size.rb +15 -0
  268. data/lib/puppet/functions/slice.rb +127 -0
  269. data/lib/puppet/functions/sort.rb +76 -0
  270. data/lib/puppet/functions/split.rb +78 -0
  271. data/lib/puppet/functions/step.rb +100 -0
  272. data/lib/puppet/functions/strftime.rb +214 -0
  273. data/lib/puppet/functions/strip.rb +59 -0
  274. data/lib/puppet/functions/then.rb +80 -0
  275. data/lib/puppet/functions/tree_each.rb +198 -0
  276. data/lib/puppet/functions/type.rb +74 -0
  277. data/lib/puppet/functions/unique.rb +135 -0
  278. data/lib/puppet/functions/unwrap.rb +61 -0
  279. data/lib/puppet/functions/upcase.rb +91 -0
  280. data/lib/puppet/functions/values.rb +27 -0
  281. data/lib/puppet/functions/versioncmp.rb +41 -0
  282. data/lib/puppet/functions/warning.rb +16 -0
  283. data/lib/puppet/functions/with.rb +34 -0
  284. data/lib/puppet/functions/yaml_data.rb +45 -0
  285. data/lib/puppet/functions.rb +858 -0
  286. data/lib/puppet/generate/models/type/property.rb +73 -0
  287. data/lib/puppet/generate/models/type/type.rb +68 -0
  288. data/lib/puppet/generate/templates/type/pcore.erb +42 -0
  289. data/lib/puppet/generate/type.rb +255 -0
  290. data/lib/puppet/gettext/config.rb +282 -0
  291. data/lib/puppet/gettext/module_translations.rb +43 -0
  292. data/lib/puppet/gettext/stubs.rb +13 -0
  293. data/lib/puppet/graph/key.rb +28 -0
  294. data/lib/puppet/graph/prioritizer.rb +31 -0
  295. data/lib/puppet/graph/rb_tree_map.rb +407 -0
  296. data/lib/puppet/graph/relationship_graph.rb +286 -0
  297. data/lib/puppet/graph/sequential_prioritizer.rb +33 -0
  298. data/lib/puppet/graph/simple_graph.rb +552 -0
  299. data/lib/puppet/graph.rb +11 -0
  300. data/lib/puppet/http/client.rb +529 -0
  301. data/lib/puppet/http/dns.rb +159 -0
  302. data/lib/puppet/http/errors.rb +50 -0
  303. data/lib/puppet/http/external_client.rb +89 -0
  304. data/lib/puppet/http/factory.rb +53 -0
  305. data/lib/puppet/http/pool.rb +174 -0
  306. data/lib/puppet/http/pool_entry.rb +19 -0
  307. data/lib/puppet/http/proxy.rb +139 -0
  308. data/lib/puppet/http/redirector.rb +87 -0
  309. data/lib/puppet/http/resolver/server_list.rb +88 -0
  310. data/lib/puppet/http/resolver/settings.rb +24 -0
  311. data/lib/puppet/http/resolver/srv.rb +42 -0
  312. data/lib/puppet/http/resolver.rb +50 -0
  313. data/lib/puppet/http/response.rb +104 -0
  314. data/lib/puppet/http/response_converter.rb +25 -0
  315. data/lib/puppet/http/response_net_http.rb +43 -0
  316. data/lib/puppet/http/retry_after_handler.rb +78 -0
  317. data/lib/puppet/http/service/ca.rb +133 -0
  318. data/lib/puppet/http/service/compiler.rb +356 -0
  319. data/lib/puppet/http/service/file_server.rb +200 -0
  320. data/lib/puppet/http/service/puppetserver.rb +54 -0
  321. data/lib/puppet/http/service/report.rb +62 -0
  322. data/lib/puppet/http/service.rb +177 -0
  323. data/lib/puppet/http/session.rb +124 -0
  324. data/lib/puppet/http/site.rb +44 -0
  325. data/lib/puppet/http.rb +48 -0
  326. data/lib/puppet/indirector/catalog/compiler.rb +432 -0
  327. data/lib/puppet/indirector/catalog/json.rb +42 -0
  328. data/lib/puppet/indirector/catalog/msgpack.rb +8 -0
  329. data/lib/puppet/indirector/catalog/rest.rb +51 -0
  330. data/lib/puppet/indirector/catalog/store_configs.rb +8 -0
  331. data/lib/puppet/indirector/catalog/yaml.rb +8 -0
  332. data/lib/puppet/indirector/code.rb +8 -0
  333. data/lib/puppet/indirector/data_binding/hiera.rb +8 -0
  334. data/lib/puppet/indirector/data_binding/none.rb +10 -0
  335. data/lib/puppet/indirector/direct_file_server.rb +20 -0
  336. data/lib/puppet/indirector/envelope.rb +13 -0
  337. data/lib/puppet/indirector/errors.rb +7 -0
  338. data/lib/puppet/indirector/exec.rb +40 -0
  339. data/lib/puppet/indirector/face.rb +142 -0
  340. data/lib/puppet/indirector/fact_search.rb +62 -0
  341. data/lib/puppet/indirector/facts/facter.rb +120 -0
  342. data/lib/puppet/indirector/facts/json.rb +29 -0
  343. data/lib/puppet/indirector/facts/memory.rb +11 -0
  344. data/lib/puppet/indirector/facts/network_device.rb +29 -0
  345. data/lib/puppet/indirector/facts/rest.rb +46 -0
  346. data/lib/puppet/indirector/facts/store_configs.rb +12 -0
  347. data/lib/puppet/indirector/facts/yaml.rb +31 -0
  348. data/lib/puppet/indirector/file_bucket_file/file.rb +268 -0
  349. data/lib/puppet/indirector/file_bucket_file/rest.rb +53 -0
  350. data/lib/puppet/indirector/file_bucket_file/selector.rb +54 -0
  351. data/lib/puppet/indirector/file_content/file.rb +9 -0
  352. data/lib/puppet/indirector/file_content/file_server.rb +9 -0
  353. data/lib/puppet/indirector/file_content/rest.rb +37 -0
  354. data/lib/puppet/indirector/file_content/selector.rb +32 -0
  355. data/lib/puppet/indirector/file_content.rb +7 -0
  356. data/lib/puppet/indirector/file_metadata/file.rb +9 -0
  357. data/lib/puppet/indirector/file_metadata/file_server.rb +9 -0
  358. data/lib/puppet/indirector/file_metadata/http.rb +49 -0
  359. data/lib/puppet/indirector/file_metadata/rest.rb +58 -0
  360. data/lib/puppet/indirector/file_metadata/selector.rb +32 -0
  361. data/lib/puppet/indirector/file_metadata.rb +7 -0
  362. data/lib/puppet/indirector/file_server.rb +57 -0
  363. data/lib/puppet/indirector/generic_http.rb +7 -0
  364. data/lib/puppet/indirector/hiera.rb +101 -0
  365. data/lib/puppet/indirector/indirection.rb +381 -0
  366. data/lib/puppet/indirector/json.rb +82 -0
  367. data/lib/puppet/indirector/memory.rb +37 -0
  368. data/lib/puppet/indirector/msgpack.rb +87 -0
  369. data/lib/puppet/indirector/node/exec.rb +70 -0
  370. data/lib/puppet/indirector/node/json.rb +9 -0
  371. data/lib/puppet/indirector/node/memory.rb +12 -0
  372. data/lib/puppet/indirector/node/msgpack.rb +9 -0
  373. data/lib/puppet/indirector/node/plain.rb +23 -0
  374. data/lib/puppet/indirector/node/rest.rb +31 -0
  375. data/lib/puppet/indirector/node/store_configs.rb +8 -0
  376. data/lib/puppet/indirector/node/yaml.rb +9 -0
  377. data/lib/puppet/indirector/none.rb +10 -0
  378. data/lib/puppet/indirector/plain.rb +11 -0
  379. data/lib/puppet/indirector/report/json.rb +36 -0
  380. data/lib/puppet/indirector/report/msgpack.rb +13 -0
  381. data/lib/puppet/indirector/report/processor.rb +63 -0
  382. data/lib/puppet/indirector/report/rest.rb +31 -0
  383. data/lib/puppet/indirector/report/yaml.rb +36 -0
  384. data/lib/puppet/indirector/request.rb +197 -0
  385. data/lib/puppet/indirector/resource/ral.rb +66 -0
  386. data/lib/puppet/indirector/resource/store_configs.rb +14 -0
  387. data/lib/puppet/indirector/resource/validator.rb +10 -0
  388. data/lib/puppet/indirector/rest.rb +66 -0
  389. data/lib/puppet/indirector/store_configs.rb +32 -0
  390. data/lib/puppet/indirector/terminus.rb +180 -0
  391. data/lib/puppet/indirector/yaml.rb +65 -0
  392. data/lib/puppet/indirector.rb +64 -0
  393. data/lib/puppet/info_service/class_information_service.rb +108 -0
  394. data/lib/puppet/info_service/plan_information_service.rb +38 -0
  395. data/lib/puppet/info_service/task_information_service.rb +45 -0
  396. data/lib/puppet/info_service.rb +27 -0
  397. data/lib/puppet/interface/action.rb +410 -0
  398. data/lib/puppet/interface/action_builder.rb +167 -0
  399. data/lib/puppet/interface/action_manager.rb +101 -0
  400. data/lib/puppet/interface/documentation.rb +363 -0
  401. data/lib/puppet/interface/face_collection.rb +141 -0
  402. data/lib/puppet/interface/option.rb +184 -0
  403. data/lib/puppet/interface/option_builder.rb +110 -0
  404. data/lib/puppet/interface/option_manager.rb +108 -0
  405. data/lib/puppet/interface.rb +240 -0
  406. data/lib/puppet/loaders.rb +31 -0
  407. data/lib/puppet/metatype/manager.rb +198 -0
  408. data/lib/puppet/module/plan.rb +166 -0
  409. data/lib/puppet/module/task.rb +288 -0
  410. data/lib/puppet/module.rb +487 -0
  411. data/lib/puppet/module_tool/applications/application.rb +96 -0
  412. data/lib/puppet/module_tool/applications/checksummer.rb +62 -0
  413. data/lib/puppet/module_tool/applications/installer.rb +402 -0
  414. data/lib/puppet/module_tool/applications/uninstaller.rb +121 -0
  415. data/lib/puppet/module_tool/applications/unpacker.rb +102 -0
  416. data/lib/puppet/module_tool/applications/upgrader.rb +288 -0
  417. data/lib/puppet/module_tool/applications.rb +14 -0
  418. data/lib/puppet/module_tool/checksums.rb +50 -0
  419. data/lib/puppet/module_tool/dependency.rb +42 -0
  420. data/lib/puppet/module_tool/errors/base.rb +17 -0
  421. data/lib/puppet/module_tool/errors/installer.rb +94 -0
  422. data/lib/puppet/module_tool/errors/shared.rb +228 -0
  423. data/lib/puppet/module_tool/errors/uninstaller.rb +51 -0
  424. data/lib/puppet/module_tool/errors/upgrader.rb +64 -0
  425. data/lib/puppet/module_tool/errors.rb +13 -0
  426. data/lib/puppet/module_tool/install_directory.rb +48 -0
  427. data/lib/puppet/module_tool/installed_modules.rb +99 -0
  428. data/lib/puppet/module_tool/local_tarball.rb +92 -0
  429. data/lib/puppet/module_tool/metadata.rb +227 -0
  430. data/lib/puppet/module_tool/shared_behaviors.rb +199 -0
  431. data/lib/puppet/module_tool/tar/gnu.rb +23 -0
  432. data/lib/puppet/module_tool/tar/mini.rb +118 -0
  433. data/lib/puppet/module_tool/tar.rb +20 -0
  434. data/lib/puppet/module_tool.rb +194 -0
  435. data/lib/puppet/network/authconfig.rb +9 -0
  436. data/lib/puppet/network/authorization.rb +21 -0
  437. data/lib/puppet/network/client_request.rb +32 -0
  438. data/lib/puppet/network/format.rb +116 -0
  439. data/lib/puppet/network/format_handler.rb +110 -0
  440. data/lib/puppet/network/format_support.rb +140 -0
  441. data/lib/puppet/network/formats.rb +338 -0
  442. data/lib/puppet/network/http/api/indirected_routes.rb +270 -0
  443. data/lib/puppet/network/http/api/indirection_type.rb +33 -0
  444. data/lib/puppet/network/http/api/master/v3/environments.rb +4 -0
  445. data/lib/puppet/network/http/api/master/v3.rb +4 -0
  446. data/lib/puppet/network/http/api/master.rb +5 -0
  447. data/lib/puppet/network/http/api/server/v3/environments.rb +54 -0
  448. data/lib/puppet/network/http/api/server/v3.rb +40 -0
  449. data/lib/puppet/network/http/api/server.rb +12 -0
  450. data/lib/puppet/network/http/api.rb +41 -0
  451. data/lib/puppet/network/http/connection.rb +288 -0
  452. data/lib/puppet/network/http/error.rb +75 -0
  453. data/lib/puppet/network/http/handler.rb +213 -0
  454. data/lib/puppet/network/http/issues.rb +14 -0
  455. data/lib/puppet/network/http/memory_response.rb +15 -0
  456. data/lib/puppet/network/http/request.rb +83 -0
  457. data/lib/puppet/network/http/response.rb +25 -0
  458. data/lib/puppet/network/http/route.rb +104 -0
  459. data/lib/puppet/network/http.rb +30 -0
  460. data/lib/puppet/network/http_pool.rb +78 -0
  461. data/lib/puppet/network/uri.rb +20 -0
  462. data/lib/puppet/network.rb +5 -0
  463. data/lib/puppet/node/environment.rb +638 -0
  464. data/lib/puppet/node/facts.rb +165 -0
  465. data/lib/puppet/node/server_facts.rb +46 -0
  466. data/lib/puppet/node.rb +256 -0
  467. data/lib/puppet/pal/catalog_compiler.rb +107 -0
  468. data/lib/puppet/pal/compiler.rb +227 -0
  469. data/lib/puppet/pal/function_signature.rb +54 -0
  470. data/lib/puppet/pal/json_catalog_encoder.rb +76 -0
  471. data/lib/puppet/pal/pal_api.rb +17 -0
  472. data/lib/puppet/pal/pal_impl.rb +585 -0
  473. data/lib/puppet/pal/plan_signature.rb +73 -0
  474. data/lib/puppet/pal/script_compiler.rb +75 -0
  475. data/lib/puppet/pal/task_signature.rb +64 -0
  476. data/lib/puppet/parameter/boolean.rb +17 -0
  477. data/lib/puppet/parameter/package_options.rb +33 -0
  478. data/lib/puppet/parameter/path.rb +61 -0
  479. data/lib/puppet/parameter/value.rb +93 -0
  480. data/lib/puppet/parameter/value_collection.rb +213 -0
  481. data/lib/puppet/parameter.rb +590 -0
  482. data/lib/puppet/parser/abstract_compiler.rb +35 -0
  483. data/lib/puppet/parser/ast/block_expression.rb +17 -0
  484. data/lib/puppet/parser/ast/branch.rb +21 -0
  485. data/lib/puppet/parser/ast/hostclass.rb +29 -0
  486. data/lib/puppet/parser/ast/leaf.rb +84 -0
  487. data/lib/puppet/parser/ast/node.rb +19 -0
  488. data/lib/puppet/parser/ast/pops_bridge.rb +245 -0
  489. data/lib/puppet/parser/ast/resource.rb +66 -0
  490. data/lib/puppet/parser/ast/resource_instance.rb +13 -0
  491. data/lib/puppet/parser/ast/resourceparam.rb +33 -0
  492. data/lib/puppet/parser/ast/top_level_construct.rb +6 -0
  493. data/lib/puppet/parser/ast.rb +62 -0
  494. data/lib/puppet/parser/catalog_compiler.rb +56 -0
  495. data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +41 -0
  496. data/lib/puppet/parser/compiler/catalog_validator.rb +35 -0
  497. data/lib/puppet/parser/compiler.rb +616 -0
  498. data/lib/puppet/parser/e4_parser_adapter.rb +61 -0
  499. data/lib/puppet/parser/files.rb +95 -0
  500. data/lib/puppet/parser/functions/assert_type.rb +62 -0
  501. data/lib/puppet/parser/functions/binary_file.rb +26 -0
  502. data/lib/puppet/parser/functions/break.rb +41 -0
  503. data/lib/puppet/parser/functions/contain.rb +32 -0
  504. data/lib/puppet/parser/functions/create_resources.rb +114 -0
  505. data/lib/puppet/parser/functions/defined.rb +109 -0
  506. data/lib/puppet/parser/functions/dig.rb +40 -0
  507. data/lib/puppet/parser/functions/digest.rb +7 -0
  508. data/lib/puppet/parser/functions/each.rb +106 -0
  509. data/lib/puppet/parser/functions/epp.rb +40 -0
  510. data/lib/puppet/parser/functions/fail.rb +13 -0
  511. data/lib/puppet/parser/functions/file.rb +35 -0
  512. data/lib/puppet/parser/functions/filter.rb +81 -0
  513. data/lib/puppet/parser/functions/find_file.rb +29 -0
  514. data/lib/puppet/parser/functions/fqdn_rand.rb +46 -0
  515. data/lib/puppet/parser/functions/generate.rb +39 -0
  516. data/lib/puppet/parser/functions/hiera.rb +105 -0
  517. data/lib/puppet/parser/functions/hiera_array.rb +93 -0
  518. data/lib/puppet/parser/functions/hiera_hash.rb +103 -0
  519. data/lib/puppet/parser/functions/hiera_include.rb +102 -0
  520. data/lib/puppet/parser/functions/include.rb +36 -0
  521. data/lib/puppet/parser/functions/inline_epp.rb +52 -0
  522. data/lib/puppet/parser/functions/inline_template.rb +28 -0
  523. data/lib/puppet/parser/functions/lest.rb +51 -0
  524. data/lib/puppet/parser/functions/lookup.rb +134 -0
  525. data/lib/puppet/parser/functions/map.rb +78 -0
  526. data/lib/puppet/parser/functions/match.rb +45 -0
  527. data/lib/puppet/parser/functions/md5.rb +7 -0
  528. data/lib/puppet/parser/functions/new.rb +992 -0
  529. data/lib/puppet/parser/functions/next.rb +40 -0
  530. data/lib/puppet/parser/functions/realize.rb +22 -0
  531. data/lib/puppet/parser/functions/reduce.rb +139 -0
  532. data/lib/puppet/parser/functions/regsubst.rb +65 -0
  533. data/lib/puppet/parser/functions/require.rb +43 -0
  534. data/lib/puppet/parser/functions/return.rb +94 -0
  535. data/lib/puppet/parser/functions/reverse_each.rb +85 -0
  536. data/lib/puppet/parser/functions/scanf.rb +40 -0
  537. data/lib/puppet/parser/functions/sha1.rb +7 -0
  538. data/lib/puppet/parser/functions/sha256.rb +7 -0
  539. data/lib/puppet/parser/functions/shellquote.rb +63 -0
  540. data/lib/puppet/parser/functions/slice.rb +41 -0
  541. data/lib/puppet/parser/functions/split.rb +29 -0
  542. data/lib/puppet/parser/functions/sprintf.rb +62 -0
  543. data/lib/puppet/parser/functions/step.rb +86 -0
  544. data/lib/puppet/parser/functions/strftime.rb +187 -0
  545. data/lib/puppet/parser/functions/tag.rb +15 -0
  546. data/lib/puppet/parser/functions/tagged.rb +24 -0
  547. data/lib/puppet/parser/functions/template.rb +42 -0
  548. data/lib/puppet/parser/functions/then.rb +75 -0
  549. data/lib/puppet/parser/functions/type.rb +55 -0
  550. data/lib/puppet/parser/functions/versioncmp.rb +31 -0
  551. data/lib/puppet/parser/functions/with.rb +30 -0
  552. data/lib/puppet/parser/functions.rb +324 -0
  553. data/lib/puppet/parser/parser_factory.rb +32 -0
  554. data/lib/puppet/parser/relationship.rb +90 -0
  555. data/lib/puppet/parser/resource/param.rb +37 -0
  556. data/lib/puppet/parser/resource.rb +353 -0
  557. data/lib/puppet/parser/scope.rb +1141 -0
  558. data/lib/puppet/parser/script_compiler.rb +123 -0
  559. data/lib/puppet/parser/templatewrapper.rb +105 -0
  560. data/lib/puppet/parser/type_loader.rb +151 -0
  561. data/lib/puppet/parser.rb +22 -0
  562. data/lib/puppet/plugins/configuration.rb +31 -0
  563. data/lib/puppet/plugins/syntax_checkers.rb +99 -0
  564. data/lib/puppet/plugins.rb +11 -0
  565. data/lib/puppet/pops/adaptable.rb +199 -0
  566. data/lib/puppet/pops/adapters.rb +159 -0
  567. data/lib/puppet/pops/evaluator/access_operator.rb +732 -0
  568. data/lib/puppet/pops/evaluator/callable_signature.rb +108 -0
  569. data/lib/puppet/pops/evaluator/closure.rb +370 -0
  570. data/lib/puppet/pops/evaluator/collector_transformer.rb +237 -0
  571. data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +88 -0
  572. data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +30 -0
  573. data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +71 -0
  574. data/lib/puppet/pops/evaluator/collectors/fixed_set_collector.rb +38 -0
  575. data/lib/puppet/pops/evaluator/compare_operator.rb +269 -0
  576. data/lib/puppet/pops/evaluator/deferred_resolver.rb +227 -0
  577. data/lib/puppet/pops/evaluator/epp_evaluator.rb +121 -0
  578. data/lib/puppet/pops/evaluator/evaluator_impl.rb +1317 -0
  579. data/lib/puppet/pops/evaluator/external_syntax_support.rb +47 -0
  580. data/lib/puppet/pops/evaluator/json_strict_literal_evaluator.rb +83 -0
  581. data/lib/puppet/pops/evaluator/literal_evaluator.rb +100 -0
  582. data/lib/puppet/pops/evaluator/puppet_proc.rb +72 -0
  583. data/lib/puppet/pops/evaluator/relationship_operator.rb +188 -0
  584. data/lib/puppet/pops/evaluator/runtime3_converter.rb +225 -0
  585. data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +119 -0
  586. data/lib/puppet/pops/evaluator/runtime3_support.rb +528 -0
  587. data/lib/puppet/pops/functions/dispatch.rb +107 -0
  588. data/lib/puppet/pops/functions/dispatcher.rb +76 -0
  589. data/lib/puppet/pops/functions/function.rb +137 -0
  590. data/lib/puppet/pops/issue_reporter.rb +140 -0
  591. data/lib/puppet/pops/issues.rb +933 -0
  592. data/lib/puppet/pops/label_provider.rb +92 -0
  593. data/lib/puppet/pops/loader/base_loader.rb +178 -0
  594. data/lib/puppet/pops/loader/dependency_loader.rb +95 -0
  595. data/lib/puppet/pops/loader/gem_support.rb +54 -0
  596. data/lib/puppet/pops/loader/generic_plan_instantiator.rb +30 -0
  597. data/lib/puppet/pops/loader/loader.rb +221 -0
  598. data/lib/puppet/pops/loader/loader_paths.rb +413 -0
  599. data/lib/puppet/pops/loader/module_loaders.rb +552 -0
  600. data/lib/puppet/pops/loader/predefined_loader.rb +28 -0
  601. data/lib/puppet/pops/loader/puppet_function_instantiator.rb +88 -0
  602. data/lib/puppet/pops/loader/puppet_plan_instantiator.rb +97 -0
  603. data/lib/puppet/pops/loader/puppet_resource_type_impl_instantiator.rb +80 -0
  604. data/lib/puppet/pops/loader/ruby_data_type_instantiator.rb +43 -0
  605. data/lib/puppet/pops/loader/ruby_function_instantiator.rb +49 -0
  606. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +130 -0
  607. data/lib/puppet/pops/loader/runtime3_type_loader.rb +104 -0
  608. data/lib/puppet/pops/loader/simple_environment_loader.rb +20 -0
  609. data/lib/puppet/pops/loader/static_loader.rb +133 -0
  610. data/lib/puppet/pops/loader/task_instantiator.rb +46 -0
  611. data/lib/puppet/pops/loader/type_definition_instantiator.rb +104 -0
  612. data/lib/puppet/pops/loader/typed_name.rb +56 -0
  613. data/lib/puppet/pops/loader/uri_helper.rb +24 -0
  614. data/lib/puppet/pops/loaders.rb +550 -0
  615. data/lib/puppet/pops/lookup/configured_data_provider.rb +95 -0
  616. data/lib/puppet/pops/lookup/context.rb +208 -0
  617. data/lib/puppet/pops/lookup/data_adapter.rb +29 -0
  618. data/lib/puppet/pops/lookup/data_dig_function_provider.rb +146 -0
  619. data/lib/puppet/pops/lookup/data_hash_function_provider.rb +128 -0
  620. data/lib/puppet/pops/lookup/data_provider.rb +94 -0
  621. data/lib/puppet/pops/lookup/environment_data_provider.rb +37 -0
  622. data/lib/puppet/pops/lookup/explainer.rb +597 -0
  623. data/lib/puppet/pops/lookup/function_provider.rb +112 -0
  624. data/lib/puppet/pops/lookup/global_data_provider.rb +76 -0
  625. data/lib/puppet/pops/lookup/hiera_config.rb +823 -0
  626. data/lib/puppet/pops/lookup/interpolation.rb +166 -0
  627. data/lib/puppet/pops/lookup/invocation.rb +272 -0
  628. data/lib/puppet/pops/lookup/key_recorder.rb +21 -0
  629. data/lib/puppet/pops/lookup/location_resolver.rb +101 -0
  630. data/lib/puppet/pops/lookup/lookup_adapter.rb +533 -0
  631. data/lib/puppet/pops/lookup/lookup_key.rb +101 -0
  632. data/lib/puppet/pops/lookup/lookup_key_function_provider.rb +94 -0
  633. data/lib/puppet/pops/lookup/module_data_provider.rb +92 -0
  634. data/lib/puppet/pops/lookup/sub_lookup.rb +96 -0
  635. data/lib/puppet/pops/lookup.rb +102 -0
  636. data/lib/puppet/pops/merge_strategy.rb +447 -0
  637. data/lib/puppet/pops/migration/migration_checker.rb +61 -0
  638. data/lib/puppet/pops/model/ast.pp +669 -0
  639. data/lib/puppet/pops/model/ast.rb +4776 -0
  640. data/lib/puppet/pops/model/ast_transformer.rb +131 -0
  641. data/lib/puppet/pops/model/factory.rb +1157 -0
  642. data/lib/puppet/pops/model/model_label_provider.rb +137 -0
  643. data/lib/puppet/pops/model/model_tree_dumper.rb +447 -0
  644. data/lib/puppet/pops/model/pn_transformer.rb +384 -0
  645. data/lib/puppet/pops/model/tree_dumper.rb +62 -0
  646. data/lib/puppet/pops/parser/code_merger.rb +29 -0
  647. data/lib/puppet/pops/parser/egrammar.ra +889 -0
  648. data/lib/puppet/pops/parser/eparser.rb +3184 -0
  649. data/lib/puppet/pops/parser/epp_parser.rb +52 -0
  650. data/lib/puppet/pops/parser/epp_support.rb +266 -0
  651. data/lib/puppet/pops/parser/evaluating_parser.rb +166 -0
  652. data/lib/puppet/pops/parser/heredoc_support.rb +153 -0
  653. data/lib/puppet/pops/parser/interpolation_support.rb +249 -0
  654. data/lib/puppet/pops/parser/lexer2.rb +789 -0
  655. data/lib/puppet/pops/parser/lexer_support.rb +221 -0
  656. data/lib/puppet/pops/parser/locatable.rb +23 -0
  657. data/lib/puppet/pops/parser/locator.rb +361 -0
  658. data/lib/puppet/pops/parser/parser_support.rb +252 -0
  659. data/lib/puppet/pops/parser/pn_parser.rb +318 -0
  660. data/lib/puppet/pops/parser/slurp_support.rb +119 -0
  661. data/lib/puppet/pops/patterns.rb +60 -0
  662. data/lib/puppet/pops/pcore.rb +136 -0
  663. data/lib/puppet/pops/pn.rb +239 -0
  664. data/lib/puppet/pops/puppet_stack.rb +63 -0
  665. data/lib/puppet/pops/resource/param.rb +56 -0
  666. data/lib/puppet/pops/resource/resource_type_impl.rb +296 -0
  667. data/lib/puppet/pops/resource/resource_type_set.pcore +22 -0
  668. data/lib/puppet/pops/semantic_error.rb +31 -0
  669. data/lib/puppet/pops/serialization/abstract_reader.rb +182 -0
  670. data/lib/puppet/pops/serialization/abstract_writer.rb +224 -0
  671. data/lib/puppet/pops/serialization/deserializer.rb +83 -0
  672. data/lib/puppet/pops/serialization/extension.rb +166 -0
  673. data/lib/puppet/pops/serialization/from_data_converter.rb +231 -0
  674. data/lib/puppet/pops/serialization/instance_reader.rb +21 -0
  675. data/lib/puppet/pops/serialization/instance_writer.rb +16 -0
  676. data/lib/puppet/pops/serialization/json.rb +301 -0
  677. data/lib/puppet/pops/serialization/json_path.rb +129 -0
  678. data/lib/puppet/pops/serialization/object.rb +73 -0
  679. data/lib/puppet/pops/serialization/serializer.rb +144 -0
  680. data/lib/puppet/pops/serialization/time_factory.rb +68 -0
  681. data/lib/puppet/pops/serialization/to_data_converter.rb +316 -0
  682. data/lib/puppet/pops/serialization/to_stringified_converter.rb +227 -0
  683. data/lib/puppet/pops/serialization.rb +45 -0
  684. data/lib/puppet/pops/time/timespan.rb +728 -0
  685. data/lib/puppet/pops/time/timestamp.rb +167 -0
  686. data/lib/puppet/pops/types/annotatable.rb +37 -0
  687. data/lib/puppet/pops/types/annotation.rb +73 -0
  688. data/lib/puppet/pops/types/class_loader.rb +134 -0
  689. data/lib/puppet/pops/types/implementation_registry.rb +137 -0
  690. data/lib/puppet/pops/types/iterable.rb +375 -0
  691. data/lib/puppet/pops/types/p_binary_type.rb +232 -0
  692. data/lib/puppet/pops/types/p_init_type.rb +241 -0
  693. data/lib/puppet/pops/types/p_meta_type.rb +95 -0
  694. data/lib/puppet/pops/types/p_object_type.rb +1142 -0
  695. data/lib/puppet/pops/types/p_object_type_extension.rb +229 -0
  696. data/lib/puppet/pops/types/p_runtime_type.rb +117 -0
  697. data/lib/puppet/pops/types/p_sem_ver_range_type.rb +191 -0
  698. data/lib/puppet/pops/types/p_sem_ver_type.rb +155 -0
  699. data/lib/puppet/pops/types/p_sensitive_type.rb +81 -0
  700. data/lib/puppet/pops/types/p_timespan_type.rb +194 -0
  701. data/lib/puppet/pops/types/p_timestamp_type.rb +74 -0
  702. data/lib/puppet/pops/types/p_type_set_type.rb +394 -0
  703. data/lib/puppet/pops/types/p_uri_type.rb +198 -0
  704. data/lib/puppet/pops/types/puppet_object.rb +41 -0
  705. data/lib/puppet/pops/types/recursion_guard.rb +142 -0
  706. data/lib/puppet/pops/types/ruby_generator.rb +477 -0
  707. data/lib/puppet/pops/types/ruby_method.rb +32 -0
  708. data/lib/puppet/pops/types/string_converter.rb +1144 -0
  709. data/lib/puppet/pops/types/tree_iterators.rb +250 -0
  710. data/lib/puppet/pops/types/type_acceptor.rb +27 -0
  711. data/lib/puppet/pops/types/type_asserter.rb +49 -0
  712. data/lib/puppet/pops/types/type_assertion_error.rb +27 -0
  713. data/lib/puppet/pops/types/type_calculator.rb +829 -0
  714. data/lib/puppet/pops/types/type_conversion_error.rb +7 -0
  715. data/lib/puppet/pops/types/type_factory.rb +640 -0
  716. data/lib/puppet/pops/types/type_formatter.rb +796 -0
  717. data/lib/puppet/pops/types/type_mismatch_describer.rb +1105 -0
  718. data/lib/puppet/pops/types/type_parser.rb +690 -0
  719. data/lib/puppet/pops/types/type_set_reference.rb +62 -0
  720. data/lib/puppet/pops/types/type_with_members.rb +43 -0
  721. data/lib/puppet/pops/types/types.rb +3651 -0
  722. data/lib/puppet/pops/utils.rb +117 -0
  723. data/lib/puppet/pops/validation/checker4_0.rb +1155 -0
  724. data/lib/puppet/pops/validation/tasks_checker.rb +95 -0
  725. data/lib/puppet/pops/validation/validator_factory_4_0.rb +45 -0
  726. data/lib/puppet/pops/validation.rb +462 -0
  727. data/lib/puppet/pops/visitable.rb +8 -0
  728. data/lib/puppet/pops/visitor.rb +136 -0
  729. data/lib/puppet/pops.rb +124 -0
  730. data/lib/puppet/property/boolean.rb +9 -0
  731. data/lib/puppet/property/ensure.rb +107 -0
  732. data/lib/puppet/property/keyvalue.rb +159 -0
  733. data/lib/puppet/property/list.rb +71 -0
  734. data/lib/puppet/property/ordered_list.rb +30 -0
  735. data/lib/puppet/property.rb +610 -0
  736. data/lib/puppet/provider/aix_object.rb +491 -0
  737. data/lib/puppet/provider/command.rb +27 -0
  738. data/lib/puppet/provider/confine.rb +8 -0
  739. data/lib/puppet/provider/exec/posix.rb +63 -0
  740. data/lib/puppet/provider/exec/shell.rb +27 -0
  741. data/lib/puppet/provider/exec/windows.rb +57 -0
  742. data/lib/puppet/provider/exec.rb +107 -0
  743. data/lib/puppet/provider/file/posix.rb +162 -0
  744. data/lib/puppet/provider/file/windows.rb +151 -0
  745. data/lib/puppet/provider/group/aix.rb +101 -0
  746. data/lib/puppet/provider/group/directoryservice.rb +24 -0
  747. data/lib/puppet/provider/group/groupadd.rb +180 -0
  748. data/lib/puppet/provider/group/ldap.rb +51 -0
  749. data/lib/puppet/provider/group/pw.rb +52 -0
  750. data/lib/puppet/provider/group/windows_adsi.rb +116 -0
  751. data/lib/puppet/provider/ldap.rb +143 -0
  752. data/lib/puppet/provider/nameservice/directoryservice.rb +522 -0
  753. data/lib/puppet/provider/nameservice/objectadd.rb +22 -0
  754. data/lib/puppet/provider/nameservice/pw.rb +21 -0
  755. data/lib/puppet/provider/nameservice.rb +297 -0
  756. data/lib/puppet/provider/network_device.rb +74 -0
  757. data/lib/puppet/provider/package/aix.rb +171 -0
  758. data/lib/puppet/provider/package/appdmg.rb +113 -0
  759. data/lib/puppet/provider/package/apple.rb +49 -0
  760. data/lib/puppet/provider/package/apt.rb +265 -0
  761. data/lib/puppet/provider/package/aptitude.rb +35 -0
  762. data/lib/puppet/provider/package/aptrpm.rb +87 -0
  763. data/lib/puppet/provider/package/blastwave.rb +109 -0
  764. data/lib/puppet/provider/package/dnf.rb +57 -0
  765. data/lib/puppet/provider/package/dnfmodule.rb +143 -0
  766. data/lib/puppet/provider/package/dpkg.rb +191 -0
  767. data/lib/puppet/provider/package/fink.rb +99 -0
  768. data/lib/puppet/provider/package/freebsd.rb +49 -0
  769. data/lib/puppet/provider/package/gem.rb +296 -0
  770. data/lib/puppet/provider/package/hpux.rb +46 -0
  771. data/lib/puppet/provider/package/macports.rb +112 -0
  772. data/lib/puppet/provider/package/nim.rb +290 -0
  773. data/lib/puppet/provider/package/openbsd.rb +263 -0
  774. data/lib/puppet/provider/package/opkg.rb +85 -0
  775. data/lib/puppet/provider/package/pacman.rb +270 -0
  776. data/lib/puppet/provider/package/pip.rb +347 -0
  777. data/lib/puppet/provider/package/pip2.rb +18 -0
  778. data/lib/puppet/provider/package/pip3.rb +18 -0
  779. data/lib/puppet/provider/package/pkg.rb +300 -0
  780. data/lib/puppet/provider/package/pkgdmg.rb +159 -0
  781. data/lib/puppet/provider/package/pkgin.rb +88 -0
  782. data/lib/puppet/provider/package/pkgng.rb +178 -0
  783. data/lib/puppet/provider/package/pkgutil.rb +186 -0
  784. data/lib/puppet/provider/package/portage.rb +314 -0
  785. data/lib/puppet/provider/package/ports.rb +94 -0
  786. data/lib/puppet/provider/package/portupgrade.rb +233 -0
  787. data/lib/puppet/provider/package/puppet_gem.rb +25 -0
  788. data/lib/puppet/provider/package/puppetserver_gem.rb +174 -0
  789. data/lib/puppet/provider/package/rpm.rb +255 -0
  790. data/lib/puppet/provider/package/rug.rb +51 -0
  791. data/lib/puppet/provider/package/sun.rb +137 -0
  792. data/lib/puppet/provider/package/sunfreeware.rb +11 -0
  793. data/lib/puppet/provider/package/tdnf.rb +35 -0
  794. data/lib/puppet/provider/package/up2date.rb +40 -0
  795. data/lib/puppet/provider/package/urpmi.rb +57 -0
  796. data/lib/puppet/provider/package/windows/exe_package.rb +108 -0
  797. data/lib/puppet/provider/package/windows/msi_package.rb +72 -0
  798. data/lib/puppet/provider/package/windows/package.rb +113 -0
  799. data/lib/puppet/provider/package/windows.rb +131 -0
  800. data/lib/puppet/provider/package/xbps.rb +127 -0
  801. data/lib/puppet/provider/package/yum.rb +390 -0
  802. data/lib/puppet/provider/package/zypper.rb +206 -0
  803. data/lib/puppet/provider/package.rb +61 -0
  804. data/lib/puppet/provider/package_targetable.rb +71 -0
  805. data/lib/puppet/provider/parsedfile.rb +494 -0
  806. data/lib/puppet/provider/service/base.rb +135 -0
  807. data/lib/puppet/provider/service/bsd.rb +53 -0
  808. data/lib/puppet/provider/service/daemontools.rb +196 -0
  809. data/lib/puppet/provider/service/debian.rb +77 -0
  810. data/lib/puppet/provider/service/freebsd.rb +141 -0
  811. data/lib/puppet/provider/service/gentoo.rb +47 -0
  812. data/lib/puppet/provider/service/init.rb +194 -0
  813. data/lib/puppet/provider/service/launchd.rb +391 -0
  814. data/lib/puppet/provider/service/openbsd.rb +101 -0
  815. data/lib/puppet/provider/service/openrc.rb +72 -0
  816. data/lib/puppet/provider/service/openwrt.rb +37 -0
  817. data/lib/puppet/provider/service/rcng.rb +53 -0
  818. data/lib/puppet/provider/service/redhat.rb +75 -0
  819. data/lib/puppet/provider/service/runit.rb +107 -0
  820. data/lib/puppet/provider/service/service.rb +67 -0
  821. data/lib/puppet/provider/service/smf.rb +322 -0
  822. data/lib/puppet/provider/service/src.rb +147 -0
  823. data/lib/puppet/provider/service/systemd.rb +232 -0
  824. data/lib/puppet/provider/service/upstart.rb +385 -0
  825. data/lib/puppet/provider/service/windows.rb +179 -0
  826. data/lib/puppet/provider/user/aix.rb +365 -0
  827. data/lib/puppet/provider/user/directoryservice.rb +687 -0
  828. data/lib/puppet/provider/user/hpux.rb +93 -0
  829. data/lib/puppet/provider/user/ldap.rb +135 -0
  830. data/lib/puppet/provider/user/openbsd.rb +79 -0
  831. data/lib/puppet/provider/user/pw.rb +109 -0
  832. data/lib/puppet/provider/user/user_role_add.rb +243 -0
  833. data/lib/puppet/provider/user/useradd.rb +417 -0
  834. data/lib/puppet/provider/user/windows_adsi.rb +176 -0
  835. data/lib/puppet/provider.rb +613 -0
  836. data/lib/puppet/reference/configuration.rb +105 -0
  837. data/lib/puppet/reference/function.rb +19 -0
  838. data/lib/puppet/reference/indirection.rb +76 -0
  839. data/lib/puppet/reference/metaparameter.rb +35 -0
  840. data/lib/puppet/reference/providers.rb +119 -0
  841. data/lib/puppet/reference/report.rb +22 -0
  842. data/lib/puppet/reference/type.rb +111 -0
  843. data/lib/puppet/relationship.rb +85 -0
  844. data/lib/puppet/reports/http.rb +45 -0
  845. data/lib/puppet/reports/log.rb +15 -0
  846. data/lib/puppet/reports/store.rb +71 -0
  847. data/lib/puppet/reports.rb +95 -0
  848. data/lib/puppet/resource/catalog.rb +655 -0
  849. data/lib/puppet/resource/status.rb +231 -0
  850. data/lib/puppet/resource/type.rb +449 -0
  851. data/lib/puppet/resource/type_collection.rb +235 -0
  852. data/lib/puppet/resource.rb +673 -0
  853. data/lib/puppet/runtime.rb +67 -0
  854. data/lib/puppet/scheduler/job.rb +55 -0
  855. data/lib/puppet/scheduler/scheduler.rb +46 -0
  856. data/lib/puppet/scheduler/splay_job.rb +45 -0
  857. data/lib/puppet/scheduler/timer.rb +15 -0
  858. data/lib/puppet/scheduler.rb +18 -0
  859. data/lib/puppet/settings/alias_setting.rb +37 -0
  860. data/lib/puppet/settings/array_setting.rb +18 -0
  861. data/lib/puppet/settings/autosign_setting.rb +23 -0
  862. data/lib/puppet/settings/base_setting.rb +228 -0
  863. data/lib/puppet/settings/boolean_setting.rb +34 -0
  864. data/lib/puppet/settings/certificate_revocation_setting.rb +22 -0
  865. data/lib/puppet/settings/config_file.rb +148 -0
  866. data/lib/puppet/settings/directory_setting.rb +20 -0
  867. data/lib/puppet/settings/duration_setting.rb +33 -0
  868. data/lib/puppet/settings/enum_setting.rb +18 -0
  869. data/lib/puppet/settings/environment_conf.rb +228 -0
  870. data/lib/puppet/settings/errors.rb +14 -0
  871. data/lib/puppet/settings/file_or_directory_setting.rb +37 -0
  872. data/lib/puppet/settings/file_setting.rb +232 -0
  873. data/lib/puppet/settings/http_extra_headers_setting.rb +26 -0
  874. data/lib/puppet/settings/ini_file.rb +228 -0
  875. data/lib/puppet/settings/integer_setting.rb +19 -0
  876. data/lib/puppet/settings/path_setting.rb +10 -0
  877. data/lib/puppet/settings/port_setting.rb +17 -0
  878. data/lib/puppet/settings/priority_setting.rb +44 -0
  879. data/lib/puppet/settings/server_list_setting.rb +30 -0
  880. data/lib/puppet/settings/string_setting.rb +11 -0
  881. data/lib/puppet/settings/symbolic_enum_setting.rb +19 -0
  882. data/lib/puppet/settings/terminus_setting.rb +16 -0
  883. data/lib/puppet/settings/ttl_setting.rb +53 -0
  884. data/lib/puppet/settings/value_translator.rb +16 -0
  885. data/lib/puppet/settings.rb +1650 -0
  886. data/lib/puppet/ssl/base.rb +152 -0
  887. data/lib/puppet/ssl/certificate.rb +98 -0
  888. data/lib/puppet/ssl/certificate_request.rb +320 -0
  889. data/lib/puppet/ssl/certificate_request_attributes.rb +40 -0
  890. data/lib/puppet/ssl/certificate_signer.rb +39 -0
  891. data/lib/puppet/ssl/digest.rb +22 -0
  892. data/lib/puppet/ssl/error.rb +29 -0
  893. data/lib/puppet/ssl/oids.rb +199 -0
  894. data/lib/puppet/ssl/openssl_loader.rb +26 -0
  895. data/lib/puppet/ssl/ssl_context.rb +27 -0
  896. data/lib/puppet/ssl/ssl_provider.rb +354 -0
  897. data/lib/puppet/ssl/state_machine.rb +605 -0
  898. data/lib/puppet/ssl/verifier.rb +143 -0
  899. data/lib/puppet/ssl.rb +25 -0
  900. data/lib/puppet/syntax_checkers/base64.rb +42 -0
  901. data/lib/puppet/syntax_checkers/epp.rb +35 -0
  902. data/lib/puppet/syntax_checkers/json.rb +35 -0
  903. data/lib/puppet/syntax_checkers/pp.rb +35 -0
  904. data/lib/puppet/syntax_checkers.rb +5 -0
  905. data/lib/puppet/test/test_helper.rb +251 -0
  906. data/lib/puppet/thread_local.rb +6 -0
  907. data/lib/puppet/transaction/additional_resource_generator.rb +225 -0
  908. data/lib/puppet/transaction/event.rb +171 -0
  909. data/lib/puppet/transaction/event_manager.rb +180 -0
  910. data/lib/puppet/transaction/persistence.rb +119 -0
  911. data/lib/puppet/transaction/report.rb +511 -0
  912. data/lib/puppet/transaction/resource_harness.rb +331 -0
  913. data/lib/puppet/transaction.rb +493 -0
  914. data/lib/puppet/trusted_external.rb +46 -0
  915. data/lib/puppet/type/component.rb +96 -0
  916. data/lib/puppet/type/exec.rb +730 -0
  917. data/lib/puppet/type/file/checksum.rb +54 -0
  918. data/lib/puppet/type/file/checksum_value.rb +56 -0
  919. data/lib/puppet/type/file/content.rb +180 -0
  920. data/lib/puppet/type/file/ctime.rb +22 -0
  921. data/lib/puppet/type/file/data_sync.rb +101 -0
  922. data/lib/puppet/type/file/ensure.rb +194 -0
  923. data/lib/puppet/type/file/group.rb +50 -0
  924. data/lib/puppet/type/file/mode.rb +192 -0
  925. data/lib/puppet/type/file/mtime.rb +21 -0
  926. data/lib/puppet/type/file/owner.rb +52 -0
  927. data/lib/puppet/type/file/selcontext.rb +143 -0
  928. data/lib/puppet/type/file/source.rb +380 -0
  929. data/lib/puppet/type/file/target.rb +86 -0
  930. data/lib/puppet/type/file/type.rb +21 -0
  931. data/lib/puppet/type/file.rb +1139 -0
  932. data/lib/puppet/type/filebucket.rb +123 -0
  933. data/lib/puppet/type/group.rb +238 -0
  934. data/lib/puppet/type/notify.rb +48 -0
  935. data/lib/puppet/type/package.rb +715 -0
  936. data/lib/puppet/type/resources.rb +192 -0
  937. data/lib/puppet/type/schedule.rb +441 -0
  938. data/lib/puppet/type/service.rb +310 -0
  939. data/lib/puppet/type/stage.rb +29 -0
  940. data/lib/puppet/type/tidy.rb +382 -0
  941. data/lib/puppet/type/user.rb +865 -0
  942. data/lib/puppet/type/whit.rb +35 -0
  943. data/lib/puppet/type.rb +2629 -0
  944. data/lib/puppet/util/at_fork/noop.rb +20 -0
  945. data/lib/puppet/util/at_fork/solaris.rb +158 -0
  946. data/lib/puppet/util/at_fork.rb +37 -0
  947. data/lib/puppet/util/autoload.rb +221 -0
  948. data/lib/puppet/util/backups.rb +88 -0
  949. data/lib/puppet/util/character_encoding.rb +83 -0
  950. data/lib/puppet/util/checksums.rb +380 -0
  951. data/lib/puppet/util/classgen.rb +223 -0
  952. data/lib/puppet/util/colors.rb +102 -0
  953. data/lib/puppet/util/command_line/puppet_option_parser.rb +89 -0
  954. data/lib/puppet/util/command_line/trollop.rb +847 -0
  955. data/lib/puppet/util/command_line.rb +198 -0
  956. data/lib/puppet/util/constant_inflector.rb +25 -0
  957. data/lib/puppet/util/diff.rb +80 -0
  958. data/lib/puppet/util/docs.rb +132 -0
  959. data/lib/puppet/util/errors.rb +161 -0
  960. data/lib/puppet/util/execution.rb +446 -0
  961. data/lib/puppet/util/execution_stub.rb +28 -0
  962. data/lib/puppet/util/feature.rb +129 -0
  963. data/lib/puppet/util/file_watcher.rb +31 -0
  964. data/lib/puppet/util/fileparsing.rb +404 -0
  965. data/lib/puppet/util/filetype.rb +358 -0
  966. data/lib/puppet/util/http_proxy.rb +6 -0
  967. data/lib/puppet/util/inifile.rb +335 -0
  968. data/lib/puppet/util/instance_loader.rb +69 -0
  969. data/lib/puppet/util/json.rb +94 -0
  970. data/lib/puppet/util/json_lockfile.rb +47 -0
  971. data/lib/puppet/util/ldap/connection.rb +75 -0
  972. data/lib/puppet/util/ldap/generator.rb +44 -0
  973. data/lib/puppet/util/ldap/manager.rb +283 -0
  974. data/lib/puppet/util/ldap.rb +4 -0
  975. data/lib/puppet/util/libuser.conf +15 -0
  976. data/lib/puppet/util/libuser.rb +13 -0
  977. data/lib/puppet/util/limits.rb +14 -0
  978. data/lib/puppet/util/lockfile.rb +66 -0
  979. data/lib/puppet/util/log/destination.rb +50 -0
  980. data/lib/puppet/util/log/destinations.rb +253 -0
  981. data/lib/puppet/util/log.rb +436 -0
  982. data/lib/puppet/util/logging.rb +304 -0
  983. data/lib/puppet/util/metaid.rb +22 -0
  984. data/lib/puppet/util/metric.rb +68 -0
  985. data/lib/puppet/util/monkey_patches.rb +114 -0
  986. data/lib/puppet/util/multi_match.rb +55 -0
  987. data/lib/puppet/util/network_device/base.rb +24 -0
  988. data/lib/puppet/util/network_device/config.rb +105 -0
  989. data/lib/puppet/util/network_device/transport/base.rb +26 -0
  990. data/lib/puppet/util/network_device/transport.rb +7 -0
  991. data/lib/puppet/util/network_device.rb +19 -0
  992. data/lib/puppet/util/package/version/debian.rb +177 -0
  993. data/lib/puppet/util/package/version/gem.rb +18 -0
  994. data/lib/puppet/util/package/version/pip.rb +173 -0
  995. data/lib/puppet/util/package/version/range/eq.rb +17 -0
  996. data/lib/puppet/util/package/version/range/gt.rb +17 -0
  997. data/lib/puppet/util/package/version/range/gt_eq.rb +17 -0
  998. data/lib/puppet/util/package/version/range/lt.rb +17 -0
  999. data/lib/puppet/util/package/version/range/lt_eq.rb +17 -0
  1000. data/lib/puppet/util/package/version/range/min_max.rb +26 -0
  1001. data/lib/puppet/util/package/version/range/simple.rb +13 -0
  1002. data/lib/puppet/util/package/version/range.rb +57 -0
  1003. data/lib/puppet/util/package/version/rpm.rb +75 -0
  1004. data/lib/puppet/util/package.rb +43 -0
  1005. data/lib/puppet/util/pidlock.rb +103 -0
  1006. data/lib/puppet/util/platform.rb +72 -0
  1007. data/lib/puppet/util/plist.rb +161 -0
  1008. data/lib/puppet/util/posix.rb +206 -0
  1009. data/lib/puppet/util/profiler/aggregate.rb +82 -0
  1010. data/lib/puppet/util/profiler/around_profiler.rb +68 -0
  1011. data/lib/puppet/util/profiler/logging.rb +50 -0
  1012. data/lib/puppet/util/profiler/object_counts.rb +19 -0
  1013. data/lib/puppet/util/profiler/wall_clock.rb +36 -0
  1014. data/lib/puppet/util/profiler.rb +55 -0
  1015. data/lib/puppet/util/provider_features.rb +183 -0
  1016. data/lib/puppet/util/psych_support.rb +32 -0
  1017. data/lib/puppet/util/rdoc/code_objects.rb +293 -0
  1018. data/lib/puppet/util/rdoc/generators/puppet_generator.rb +902 -0
  1019. data/lib/puppet/util/rdoc/generators/template/puppet/puppet.rb +1068 -0
  1020. data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +262 -0
  1021. data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc2.rb +16 -0
  1022. data/lib/puppet/util/rdoc/parser.rb +14 -0
  1023. data/lib/puppet/util/rdoc.rb +54 -0
  1024. data/lib/puppet/util/reference.rb +94 -0
  1025. data/lib/puppet/util/resource_template.rb +63 -0
  1026. data/lib/puppet/util/retry_action.rb +47 -0
  1027. data/lib/puppet/util/rpm_compare.rb +196 -0
  1028. data/lib/puppet/util/rubygems.rb +67 -0
  1029. data/lib/puppet/util/run_mode.rb +164 -0
  1030. data/lib/puppet/util/selinux.rb +331 -0
  1031. data/lib/puppet/util/skip_tags.rb +15 -0
  1032. data/lib/puppet/util/splayer.rb +20 -0
  1033. data/lib/puppet/util/storage.rb +100 -0
  1034. data/lib/puppet/util/suidmanager.rb +167 -0
  1035. data/lib/puppet/util/symbolic_file_mode.rb +156 -0
  1036. data/lib/puppet/util/tag_set.rb +29 -0
  1037. data/lib/puppet/util/tagging.rb +131 -0
  1038. data/lib/puppet/util/terminal.rb +18 -0
  1039. data/lib/puppet/util/user_attr.rb +23 -0
  1040. data/lib/puppet/util/warnings.rb +35 -0
  1041. data/lib/puppet/util/watched_file.rb +40 -0
  1042. data/lib/puppet/util/watcher/change_watcher.rb +35 -0
  1043. data/lib/puppet/util/watcher/periodic_watcher.rb +38 -0
  1044. data/lib/puppet/util/watcher/timer.rb +21 -0
  1045. data/lib/puppet/util/watcher.rb +17 -0
  1046. data/lib/puppet/util/windows/access_control_entry.rb +86 -0
  1047. data/lib/puppet/util/windows/access_control_list.rb +116 -0
  1048. data/lib/puppet/util/windows/adsi.rb +662 -0
  1049. data/lib/puppet/util/windows/com.rb +228 -0
  1050. data/lib/puppet/util/windows/daemon.rb +340 -0
  1051. data/lib/puppet/util/windows/error.rb +86 -0
  1052. data/lib/puppet/util/windows/eventlog.rb +191 -0
  1053. data/lib/puppet/util/windows/file.rb +359 -0
  1054. data/lib/puppet/util/windows/monkey_patches/process.rb +413 -0
  1055. data/lib/puppet/util/windows/principal.rb +204 -0
  1056. data/lib/puppet/util/windows/process.rb +360 -0
  1057. data/lib/puppet/util/windows/registry.rb +443 -0
  1058. data/lib/puppet/util/windows/root_certs.rb +110 -0
  1059. data/lib/puppet/util/windows/security.rb +909 -0
  1060. data/lib/puppet/util/windows/security_descriptor.rb +64 -0
  1061. data/lib/puppet/util/windows/service.rb +708 -0
  1062. data/lib/puppet/util/windows/sid.rb +291 -0
  1063. data/lib/puppet/util/windows/string.rb +17 -0
  1064. data/lib/puppet/util/windows/user.rb +551 -0
  1065. data/lib/puppet/util/windows.rb +58 -0
  1066. data/lib/puppet/util/yaml.rb +67 -0
  1067. data/lib/puppet/util.rb +759 -0
  1068. data/lib/puppet/vendor/require_vendored.rb +4 -0
  1069. data/lib/puppet/vendor.rb +59 -0
  1070. data/lib/puppet/version.rb +98 -0
  1071. data/lib/puppet/x509/cert_provider.rb +405 -0
  1072. data/lib/puppet/x509/pem_store.rb +57 -0
  1073. data/lib/puppet/x509.rb +13 -0
  1074. data/lib/puppet.rb +348 -0
  1075. data/lib/puppet_pal.rb +10 -0
  1076. data/lib/puppet_x.rb +16 -0
  1077. data/locales/config.yaml +29 -0
  1078. data/locales/en/puppet.po +19 -0
  1079. data/locales/puppet.pot +9738 -0
  1080. data/man/man5/puppet.conf.5 +1407 -0
  1081. data/man/man8/puppet-agent.8 +135 -0
  1082. data/man/man8/puppet-apply.8 +67 -0
  1083. data/man/man8/puppet-catalog.8 +194 -0
  1084. data/man/man8/puppet-config.8 +103 -0
  1085. data/man/man8/puppet-describe.8 +35 -0
  1086. data/man/man8/puppet-device.8 +83 -0
  1087. data/man/man8/puppet-doc.8 +30 -0
  1088. data/man/man8/puppet-epp.8 +232 -0
  1089. data/man/man8/puppet-facts.8 +156 -0
  1090. data/man/man8/puppet-filebucket.8 +134 -0
  1091. data/man/man8/puppet-generate.8 +54 -0
  1092. data/man/man8/puppet-help.8 +46 -0
  1093. data/man/man8/puppet-lookup.8 +71 -0
  1094. data/man/man8/puppet-module.8 +220 -0
  1095. data/man/man8/puppet-node.8 +142 -0
  1096. data/man/man8/puppet-parser.8 +87 -0
  1097. data/man/man8/puppet-plugin.8 +50 -0
  1098. data/man/man8/puppet-report.8 +84 -0
  1099. data/man/man8/puppet-resource.8 +63 -0
  1100. data/man/man8/puppet-script.8 +48 -0
  1101. data/man/man8/puppet-ssl.8 +45 -0
  1102. data/man/man8/puppet.8 +98 -0
  1103. data/tasks/tag.rake +34 -0
  1104. metadata +1336 -0
@@ -0,0 +1,29 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Puppet::SSL
4
+ class SSLError < Puppet::Error; end
5
+
6
+ class CertVerifyError < Puppet::SSL::SSLError
7
+ attr_reader :code, :cert
8
+
9
+ def initialize(message, code, cert)
10
+ super(message)
11
+ @code = code
12
+ @cert = cert
13
+ end
14
+ end
15
+
16
+ class CertMismatchError < Puppet::SSL::SSLError
17
+ def initialize(peer_cert, host)
18
+ valid_certnames = [peer_cert.subject.to_utf8.sub(/.*=/, ''),
19
+ *Puppet::SSL::Certificate.subject_alt_names_for(peer_cert)].uniq
20
+ if valid_certnames.size > 1
21
+ expected_certnames = _("expected one of %{certnames}") % { certnames: valid_certnames.join(', ') }
22
+ else
23
+ expected_certnames = _("expected %{certname}") % { certname: valid_certnames.first }
24
+ end
25
+
26
+ super(_("Server hostname '%{host}' did not match server certificate; %{expected_certnames}") % { host: host, expected_certnames: expected_certnames })
27
+ end
28
+ end
29
+ end
@@ -0,0 +1,199 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative '../../puppet/ssl'
4
+
5
+ # This module defines OIDs for use within Puppet.
6
+ #
7
+ # # ASN.1 Definition
8
+ #
9
+ # The following is the formal definition of OIDs specified in this file.
10
+ #
11
+ # ```
12
+ # puppetCertExtensions OBJECT IDENTIFIER ::= {iso(1) identified-organization(3)
13
+ # dod(6) internet(1) private(4) enterprise(1) 34380 1}
14
+ #
15
+ # -- the tree under registeredExtensions 'belongs' to puppetlabs
16
+ # -- privateExtensions can be extended by enterprises to suit their own needs
17
+ # registeredExtensions OBJECT IDENTIFIER ::= { puppetCertExtensions 1 }
18
+ # privateExtensions OBJECT IDENTIFIER ::= { puppetCertExtensions 2 }
19
+ # authorizationExtensions OBJECT IDENTIFIER ::= { puppetCertExtensions 3 }
20
+ #
21
+ # -- subtree of common registered extensions
22
+ # -- The short names for these OIDs are intentionally lowercased and formatted
23
+ # -- since they may be exposed inside the Puppet DSL as variables.
24
+ # pp_uuid OBJECT IDENTIFIER ::= { registeredExtensions 1 }
25
+ # pp_instance_id OBJECT IDENTIFIER ::= { registeredExtensions 2 }
26
+ # pp_image_name OBJECT IDENTIFIER ::= { registeredExtensions 3 }
27
+ # pp_preshared_key OBJECT IDENTIFIER ::= { registeredExtensions 4 }
28
+ # ```
29
+ #
30
+ # @api private
31
+ module Puppet::SSL::Oids
32
+ # Note: When updating the following OIDs make sure to also update the OID
33
+ # definitions here:
34
+ # https://github.com/puppetlabs/puppetserver/blob/master/src/clj/puppetlabs/puppetserver/certificate_authority.clj#L122-L159
35
+
36
+ PUPPET_OIDS = [
37
+ ["1.3.6.1.4.1.34380", 'puppetlabs', 'Puppet Labs'],
38
+ ["1.3.6.1.4.1.34380.1", 'ppCertExt', 'Puppet Certificate Extension'],
39
+
40
+ ["1.3.6.1.4.1.34380.1.1", 'ppRegCertExt', 'Puppet Registered Certificate Extension'],
41
+
42
+ ["1.3.6.1.4.1.34380.1.1.1", 'pp_uuid', 'Puppet Node UUID'],
43
+ ["1.3.6.1.4.1.34380.1.1.2", 'pp_instance_id', 'Puppet Node Instance ID'],
44
+ ["1.3.6.1.4.1.34380.1.1.3", 'pp_image_name', 'Puppet Node Image Name'],
45
+ ["1.3.6.1.4.1.34380.1.1.4", 'pp_preshared_key', 'Puppet Node Preshared Key'],
46
+ ["1.3.6.1.4.1.34380.1.1.5", 'pp_cost_center', 'Puppet Node Cost Center Name'],
47
+ ["1.3.6.1.4.1.34380.1.1.6", 'pp_product', 'Puppet Node Product Name'],
48
+ ["1.3.6.1.4.1.34380.1.1.7", 'pp_project', 'Puppet Node Project Name'],
49
+ ["1.3.6.1.4.1.34380.1.1.8", 'pp_application', 'Puppet Node Application Name'],
50
+ ["1.3.6.1.4.1.34380.1.1.9", 'pp_service', 'Puppet Node Service Name'],
51
+ ["1.3.6.1.4.1.34380.1.1.10", 'pp_employee', 'Puppet Node Employee Name'],
52
+ ["1.3.6.1.4.1.34380.1.1.11", 'pp_created_by', 'Puppet Node created_by Tag'],
53
+ ["1.3.6.1.4.1.34380.1.1.12", 'pp_environment', 'Puppet Node Environment Name'],
54
+ ["1.3.6.1.4.1.34380.1.1.13", 'pp_role', 'Puppet Node Role Name'],
55
+ ["1.3.6.1.4.1.34380.1.1.14", 'pp_software_version', 'Puppet Node Software Version'],
56
+ ["1.3.6.1.4.1.34380.1.1.15", 'pp_department', 'Puppet Node Department Name'],
57
+ ["1.3.6.1.4.1.34380.1.1.16", 'pp_cluster', 'Puppet Node Cluster Name'],
58
+ ["1.3.6.1.4.1.34380.1.1.17", 'pp_provisioner', 'Puppet Node Provisioner Name'],
59
+ ["1.3.6.1.4.1.34380.1.1.18", 'pp_region', 'Puppet Node Region Name'],
60
+ ["1.3.6.1.4.1.34380.1.1.19", 'pp_datacenter', 'Puppet Node Datacenter Name'],
61
+ ["1.3.6.1.4.1.34380.1.1.20", 'pp_zone', 'Puppet Node Zone Name'],
62
+ ["1.3.6.1.4.1.34380.1.1.21", 'pp_network', 'Puppet Node Network Name'],
63
+ ["1.3.6.1.4.1.34380.1.1.22", 'pp_securitypolicy', 'Puppet Node Security Policy Name'],
64
+ ["1.3.6.1.4.1.34380.1.1.23", 'pp_cloudplatform', 'Puppet Node Cloud Platform Name'],
65
+ ["1.3.6.1.4.1.34380.1.1.24", 'pp_apptier', 'Puppet Node Application Tier'],
66
+ ["1.3.6.1.4.1.34380.1.1.25", 'pp_hostname', 'Puppet Node Hostname'],
67
+ ["1.3.6.1.4.1.34380.1.1.26", 'pp_owner', 'Puppet Node Owner'],
68
+
69
+ ["1.3.6.1.4.1.34380.1.2", 'ppPrivCertExt', 'Puppet Private Certificate Extension'],
70
+
71
+ ["1.3.6.1.4.1.34380.1.3", 'ppAuthCertExt', 'Puppet Certificate Authorization Extension'],
72
+
73
+ ["1.3.6.1.4.1.34380.1.3.1", 'pp_authorization', 'Certificate Extension Authorization'],
74
+ ["1.3.6.1.4.1.34380.1.3.2", 'pp_auth_auto_renew', 'Auto-Renew Certificate Attribute'],
75
+ ["1.3.6.1.4.1.34380.1.3.13", 'pp_auth_role', 'Puppet Node Role Name for Authorization'],
76
+ ["1.3.6.1.4.1.34380.1.3.39", 'pp_cli_auth', 'Puppetserver CA CLI Authorization']
77
+ ]
78
+
79
+ @did_register_puppet_oids = false
80
+
81
+ # Register our custom Puppet OIDs with OpenSSL so they can be used as CSR
82
+ # extensions. Without registering these OIDs, OpenSSL will fail when it
83
+ # encounters such an extension in a CSR.
84
+ def self.register_puppet_oids
85
+ unless @did_register_puppet_oids
86
+ PUPPET_OIDS.each do |oid_defn|
87
+ OpenSSL::ASN1::ObjectId.register(*oid_defn)
88
+ end
89
+
90
+ @did_register_puppet_oids = true
91
+ end
92
+ end
93
+
94
+ # Parse custom OID mapping file that enables custom OIDs to be resolved
95
+ # into user-friendly names.
96
+ #
97
+ # @param custom_oid_file [String] File to obtain custom OIDs mapping from
98
+ # @param map_key [String] Hash key in which custom OIDs mapping is stored
99
+ #
100
+ # @example Custom OID mapping file
101
+ # ---
102
+ # oid_mapping:
103
+ # '1.3.6.1.4.1.34380.1.2.1.1':
104
+ # shortname : 'myshortname'
105
+ # longname : 'Long name'
106
+ # '1.3.6.1.4.1.34380.1.2.1.2':
107
+ # shortname: 'myothershortname'
108
+ # longname: 'Other Long name'
109
+ def self.parse_custom_oid_file(custom_oid_file, map_key = 'oid_mapping')
110
+ if File.exist?(custom_oid_file) && File.readable?(custom_oid_file)
111
+ mapping = nil
112
+ begin
113
+ mapping = Puppet::Util::Yaml.safe_load_file(custom_oid_file, [Symbol])
114
+ rescue => err
115
+ raise Puppet::Error, _("Error loading ssl custom OIDs mapping file from '%{custom_oid_file}': %{err}") % { custom_oid_file: custom_oid_file, err: err }, err.backtrace
116
+ end
117
+
118
+ unless mapping.has_key?(map_key)
119
+ raise Puppet::Error, _("Error loading ssl custom OIDs mapping file from '%{custom_oid_file}': no such index '%{map_key}'") % { custom_oid_file: custom_oid_file, map_key: map_key }
120
+ end
121
+
122
+ unless mapping[map_key].is_a?(Hash)
123
+ raise Puppet::Error, _("Error loading ssl custom OIDs mapping file from '%{custom_oid_file}': data under index '%{map_key}' must be a Hash") % { custom_oid_file: custom_oid_file, map_key: map_key }
124
+ end
125
+
126
+ oid_defns = []
127
+ mapping[map_key].keys.each do |oid|
128
+ shortname, longname = mapping[map_key][oid].values_at("shortname", "longname")
129
+ if shortname.nil? || longname.nil?
130
+ raise Puppet::Error, _("Error loading ssl custom OIDs mapping file from '%{custom_oid_file}': incomplete definition of oid '%{oid}'") % { custom_oid_file: custom_oid_file, oid: oid }
131
+ end
132
+
133
+ oid_defns << [oid, shortname, longname]
134
+ end
135
+
136
+ oid_defns
137
+ end
138
+ end
139
+
140
+ # Load custom OID mapping file that enables custom OIDs to be resolved
141
+ # into user-friendly names.
142
+ #
143
+ # @param custom_oid_file [String] File to obtain custom OIDs mapping from
144
+ # @param map_key [String] Hash key in which custom OIDs mapping is stored
145
+ #
146
+ # @example Custom OID mapping file
147
+ # ---
148
+ # oid_mapping:
149
+ # '1.3.6.1.4.1.34380.1.2.1.1':
150
+ # shortname : 'myshortname'
151
+ # longname : 'Long name'
152
+ # '1.3.6.1.4.1.34380.1.2.1.2':
153
+ # shortname: 'myothershortname'
154
+ # longname: 'Other Long name'
155
+ def self.load_custom_oid_file(custom_oid_file, map_key = 'oid_mapping')
156
+ oid_defns = parse_custom_oid_file(custom_oid_file, map_key)
157
+ unless oid_defns.nil?
158
+ begin
159
+ oid_defns.each do |oid_defn|
160
+ OpenSSL::ASN1::ObjectId.register(*oid_defn)
161
+ end
162
+ rescue => err
163
+ raise ArgumentError, _("Error registering ssl custom OIDs mapping from file '%{custom_oid_file}': %{err}") % { custom_oid_file: custom_oid_file, err: err }, err.backtrace
164
+ end
165
+ end
166
+ end
167
+
168
+ # Determine if the first OID contains the second OID
169
+ #
170
+ # @param first [String] The containing OID, in dotted form or as the short name
171
+ # @param second [String] The contained OID, in dotted form or as the short name
172
+ # @param exclusive [true, false] If an OID should not be considered as a subtree of itself
173
+ #
174
+ # @example Comparing two dotted OIDs
175
+ # Puppet::SSL::Oids.subtree_of?('1.3.6.1', '1.3.6.1.4.1') #=> true
176
+ # Puppet::SSL::Oids.subtree_of?('1.3.6.1', '1.3.6') #=> false
177
+ #
178
+ # @example Comparing an OID short name with a dotted OID
179
+ # Puppet::SSL::Oids.subtree_of?('IANA', '1.3.6.1.4.1') #=> true
180
+ # Puppet::SSL::Oids.subtree_of?('1.3.6.1', 'enterprises') #=> true
181
+ #
182
+ # @example Comparing an OID against itself
183
+ # Puppet::SSL::Oids.subtree_of?('IANA', 'IANA') #=> true
184
+ # Puppet::SSL::Oids.subtree_of?('IANA', 'IANA', true) #=> false
185
+ #
186
+ # @return [true, false]
187
+ def self.subtree_of?(first, second, exclusive = false)
188
+ first_oid = OpenSSL::ASN1::ObjectId.new(first).oid
189
+ second_oid = OpenSSL::ASN1::ObjectId.new(second).oid
190
+
191
+ if exclusive and first_oid == second_oid
192
+ false
193
+ else
194
+ second_oid.index(first_oid) == 0
195
+ end
196
+ rescue OpenSSL::ASN1::ASN1Error, TypeError
197
+ false
198
+ end
199
+ end
@@ -0,0 +1,26 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative '../../puppet/util/platform'
4
+
5
+ # This file should be required instead of writing `require 'openssl'`
6
+ # or any library that loads openssl like `net/https`. This allows the
7
+ # core Puppet code to load correctly in JRuby environments that do not
8
+ # have a functioning openssl (eg a FIPS enabled one).
9
+
10
+ if Puppet::Util::Platform.jruby_fips?
11
+ # Even in JRuby we need to define the constants that are wrapped in
12
+ # Indirections: Puppet::SSL::{Key, Certificate, CertificateRequest}
13
+ module OpenSSL
14
+ module PKey
15
+ class RSA; end
16
+ end
17
+
18
+ module X509
19
+ class Request; end
20
+ class Certificate; end
21
+ end
22
+ end
23
+ else
24
+ require 'openssl'
25
+ require 'net/https'
26
+ end
@@ -0,0 +1,27 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative '../../puppet/ssl'
4
+
5
+ module Puppet::SSL
6
+ # The `keyword_init: true` option is no longer needed in Ruby >= 3.2
7
+ SSLContext = Struct.new(
8
+ :store,
9
+ :cacerts,
10
+ :crls,
11
+ :private_key,
12
+ :client_cert,
13
+ :client_chain,
14
+ :revocation,
15
+ :verify_peer,
16
+ keyword_init: true
17
+ ) do
18
+ def initialize(*)
19
+ super
20
+ self[:cacerts] ||= []
21
+ self[:crls] ||= []
22
+ self[:client_chain] ||= []
23
+ self[:revocation] = true if self[:revocation].nil?
24
+ self[:verify_peer] = true if self[:verify_peer].nil?
25
+ end
26
+ end
27
+ end
@@ -0,0 +1,354 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative '../../puppet/ssl'
4
+
5
+ # SSL Provider creates `SSLContext` objects that can be used to create
6
+ # secure connections.
7
+ #
8
+ # @example To load an SSLContext from an existing private key and related certs/crls:
9
+ # ssl_context = provider.load_context
10
+ #
11
+ # @example To load an SSLContext from an existing password-protected private key and related certs/crls:
12
+ # ssl_context = provider.load_context(password: 'opensesame')
13
+ #
14
+ # @example To create an SSLContext from in-memory certs and keys:
15
+ # cacerts = [<OpenSSL::X509::Certificate>]
16
+ # crls = [<OpenSSL::X509::CRL>]
17
+ # key = <OpenSSL::X509::PKey>
18
+ # cert = <OpenSSL::X509::Certificate>
19
+ # ssl_context = provider.create_context(cacerts: cacerts, crls: crls, private_key: key, client_cert: cert)
20
+ #
21
+ # @example To create an SSLContext to connect to non-puppet HTTPS servers:
22
+ # cacerts = [<OpenSSL::X509::Certificate>]
23
+ # ssl_context = provider.create_root_context(cacerts: cacerts)
24
+ #
25
+ # @api private
26
+ class Puppet::SSL::SSLProvider
27
+ # Create an insecure `SSLContext`. Connections made from the returned context
28
+ # will not authenticate the server, i.e. `VERIFY_NONE`, and are vulnerable to
29
+ # MITM. Do not call this method.
30
+ #
31
+ # @return [Puppet::SSL::SSLContext] A context to use to create connections
32
+ # @api private
33
+ def create_insecure_context
34
+ store = create_x509_store([], [], false)
35
+
36
+ Puppet::SSL::SSLContext.new(store: store, verify_peer: false).freeze
37
+ end
38
+
39
+ # Create an `SSLContext` using the trusted `cacerts` and optional `crls`.
40
+ # Connections made from the returned context will authenticate the server,
41
+ # i.e. `VERIFY_PEER`, but will not use a client certificate.
42
+ #
43
+ # The `crls` parameter must contain CRLs corresponding to each CA in `cacerts`
44
+ # depending on the `revocation` mode. See {#create_context}.
45
+ #
46
+ # @param cacerts [Array<OpenSSL::X509::Certificate>] Array of trusted CA certs
47
+ # @param crls [Array<OpenSSL::X509::CRL>] Array of CRLs
48
+ # @param revocation [:chain, :leaf, false] revocation mode
49
+ # @return [Puppet::SSL::SSLContext] A context to use to create connections
50
+ # @raise (see #create_context)
51
+ # @api private
52
+ def create_root_context(cacerts:, crls: [], revocation: Puppet[:certificate_revocation])
53
+ store = create_x509_store(cacerts, crls, revocation)
54
+
55
+ Puppet::SSL::SSLContext.new(store: store, cacerts: cacerts, crls: crls, revocation: revocation).freeze
56
+ end
57
+
58
+ # Create an `SSLContext` using the trusted `cacerts` and any certs in OpenSSL's
59
+ # default verify path locations. When running puppet as a gem, the location is
60
+ # system dependent. When running puppet from puppet-agent packages, the location
61
+ # refers to the cacerts bundle in the puppet-agent package.
62
+ #
63
+ # Connections made from the returned context will authenticate the server,
64
+ # i.e. `VERIFY_PEER`, but will not use a client certificate (unless requested)
65
+ # and will not perform revocation checking.
66
+ #
67
+ # @param cacerts [Array<OpenSSL::X509::Certificate>] Array of trusted CA certs
68
+ # @param path [String, nil] A file containing additional trusted CA certs.
69
+ # @param include_client_cert [true, false] If true, the client cert will be added to the context
70
+ # allowing mutual TLS authentication. The default is false. If the client cert doesn't exist
71
+ # then the option will be ignored.
72
+ # @return [Puppet::SSL::SSLContext] A context to use to create connections
73
+ # @raise (see #create_context)
74
+ # @api private
75
+ def create_system_context(cacerts:, path: Puppet[:ssl_trust_store], include_client_cert: false)
76
+ store = create_x509_store(cacerts, [], false, include_system_store: true)
77
+
78
+ if path
79
+ stat = Puppet::FileSystem.stat(path)
80
+ if stat
81
+ if stat.ftype == 'file'
82
+ # don't add empty files as ruby/openssl will raise
83
+ if stat.size > 0
84
+ begin
85
+ store.add_file(path)
86
+ rescue => e
87
+ Puppet.err(_("Failed to add '%{path}' as a trusted CA file: %{detail}" % { path: path, detail: e.message }, e))
88
+ end
89
+ end
90
+ else
91
+ Puppet.warning(_("The 'ssl_trust_store' setting does not refer to a file and will be ignored: '%{path}'" % { path: path }))
92
+ end
93
+ end
94
+ end
95
+
96
+ if include_client_cert
97
+ cert_provider = Puppet::X509::CertProvider.new
98
+ private_key = cert_provider.load_private_key(Puppet[:certname], required: false)
99
+ unless private_key
100
+ Puppet.warning("Private key for '#{Puppet[:certname]}' does not exist")
101
+ end
102
+
103
+ client_cert = cert_provider.load_client_cert(Puppet[:certname], required: false)
104
+ unless client_cert
105
+ Puppet.warning("Client certificate for '#{Puppet[:certname]}' does not exist")
106
+ end
107
+
108
+ if private_key && client_cert
109
+ client_chain = resolve_client_chain(store, client_cert, private_key)
110
+
111
+ return Puppet::SSL::SSLContext.new(
112
+ store: store, cacerts: cacerts, crls: [],
113
+ private_key: private_key, client_cert: client_cert, client_chain: client_chain,
114
+ revocation: false
115
+ ).freeze
116
+ end
117
+ end
118
+
119
+ Puppet::SSL::SSLContext.new(store: store, cacerts: cacerts, crls: [], revocation: false).freeze
120
+ end
121
+
122
+ # Create an `SSLContext` using the trusted `cacerts`, `crls`, `private_key`,
123
+ # `client_cert`, and `revocation` mode. Connections made from the returned
124
+ # context will be mutually authenticated.
125
+ #
126
+ # The `crls` parameter must contain CRLs corresponding to each CA in `cacerts`
127
+ # depending on the `revocation` mode:
128
+ #
129
+ # * `:chain` - `crls` must contain a CRL for every CA in `cacerts`
130
+ # * `:leaf` - `crls` must contain (at least) the CRL for the leaf CA in `cacerts`
131
+ # * `false` - `crls` can be empty
132
+ #
133
+ # The `private_key` and public key from the `client_cert` must match.
134
+ #
135
+ # @param cacerts [Array<OpenSSL::X509::Certificate>] Array of trusted CA certs
136
+ # @param crls [Array<OpenSSL::X509::CRL>] Array of CRLs
137
+ # @param private_key [OpenSSL::PKey::RSA, OpenSSL::PKey::EC] client's private key
138
+ # @param client_cert [OpenSSL::X509::Certificate] client's cert whose public
139
+ # key matches the `private_key`
140
+ # @param revocation [:chain, :leaf, false] revocation mode
141
+ # @param include_system_store [true, false] Also trust system CA
142
+ # @return [Puppet::SSL::SSLContext] A context to use to create connections
143
+ # @raise [Puppet::SSL::CertVerifyError] There was an issue with
144
+ # one of the certs or CRLs.
145
+ # @raise [Puppet::SSL::SSLError] There was an issue with the
146
+ # `private_key`.
147
+ # @api private
148
+ def create_context(cacerts:, crls:, private_key:, client_cert:, revocation: Puppet[:certificate_revocation], include_system_store: false)
149
+ raise ArgumentError, _("CA certs are missing") unless cacerts
150
+ raise ArgumentError, _("CRLs are missing") unless crls
151
+ raise ArgumentError, _("Private key is missing") unless private_key
152
+ raise ArgumentError, _("Client cert is missing") unless client_cert
153
+
154
+ store = create_x509_store(cacerts, crls, revocation, include_system_store: include_system_store)
155
+ client_chain = resolve_client_chain(store, client_cert, private_key)
156
+
157
+ Puppet::SSL::SSLContext.new(
158
+ store: store, cacerts: cacerts, crls: crls,
159
+ private_key: private_key, client_cert: client_cert, client_chain: client_chain,
160
+ revocation: revocation
161
+ ).freeze
162
+ end
163
+
164
+ # Load an `SSLContext` using available certs and keys. An exception is raised
165
+ # if any component is missing or is invalid, such as a mismatched client cert
166
+ # and private key. Connections made from the returned context will be mutually
167
+ # authenticated.
168
+ #
169
+ # @param certname [String] Which cert & key to load
170
+ # @param revocation [:chain, :leaf, false] revocation mode
171
+ # @param password [String, nil] If the private key is encrypted, decrypt
172
+ # it using the password. If the key is encrypted, but a password is
173
+ # not specified, then the key cannot be loaded.
174
+ # @param include_system_store [true, false] Also trust system CA
175
+ # @return [Puppet::SSL::SSLContext] A context to use to create connections
176
+ # @raise [Puppet::SSL::CertVerifyError] There was an issue with
177
+ # one of the certs or CRLs.
178
+ # @raise [Puppet::Error] There was an issue with one of the required components.
179
+ # @api private
180
+ def load_context(certname: Puppet[:certname], revocation: Puppet[:certificate_revocation], password: nil, include_system_store: false)
181
+ cert = Puppet::X509::CertProvider.new
182
+ cacerts = cert.load_cacerts(required: true)
183
+ crls = case revocation
184
+ when :chain, :leaf
185
+ cert.load_crls(required: true)
186
+ else
187
+ []
188
+ end
189
+ private_key = cert.load_private_key(certname, required: true, password: password)
190
+ client_cert = cert.load_client_cert(certname, required: true)
191
+
192
+ create_context(cacerts: cacerts, crls: crls, private_key: private_key, client_cert: client_cert, revocation: revocation, include_system_store: include_system_store)
193
+ rescue OpenSSL::PKey::PKeyError => e
194
+ raise Puppet::SSL::SSLError.new(_("Failed to load private key for host '%{name}': %{message}") % { name: certname, message: e.message }, e)
195
+ end
196
+
197
+ # Verify the `csr` was signed with a private key corresponding to the
198
+ # `public_key`. This ensures the CSR was signed by someone in possession
199
+ # of the private key, and that it hasn't been tampered with since.
200
+ #
201
+ # @param csr [OpenSSL::X509::Request] certificate signing request
202
+ # @param public_key [OpenSSL::PKey::RSA, OpenSSL::PKey::EC] public key
203
+ # @raise [Puppet::SSL:SSLError] The private_key for the given `public_key` was
204
+ # not used to sign the CSR.
205
+ # @api private
206
+ def verify_request(csr, public_key)
207
+ unless csr.verify(public_key)
208
+ raise Puppet::SSL::SSLError, _("The CSR for host '%{name}' does not match the public key") % { name: subject(csr) }
209
+ end
210
+
211
+ csr
212
+ end
213
+
214
+ def print(ssl_context, alg = 'SHA256')
215
+ if Puppet::Util::Log.sendlevel?(:debug)
216
+ chain = ssl_context.client_chain
217
+ # print from root to client
218
+ chain.reverse.each_with_index do |cert, i|
219
+ digest = Puppet::SSL::Digest.new(alg, cert.to_der)
220
+ if i == chain.length - 1
221
+ Puppet.debug(_("Verified client certificate '%{subject}' fingerprint %{digest}") % { subject: cert.subject.to_utf8, digest: digest })
222
+ else
223
+ Puppet.debug(_("Verified CA certificate '%{subject}' fingerprint %{digest}") % { subject: cert.subject.to_utf8, digest: digest })
224
+ end
225
+ end
226
+ ssl_context.crls.each do |crl|
227
+ oid_values = crl.extensions.to_h { |ext| [ext.oid, ext.value] }
228
+ crlNumber = oid_values['crlNumber'] || 'unknown'
229
+ authKeyId = (oid_values['authorityKeyIdentifier'] || 'unknown').chomp
230
+ Puppet.debug("Using CRL '#{crl.issuer.to_utf8}' authorityKeyIdentifier '#{authKeyId}' crlNumber '#{crlNumber}'")
231
+ end
232
+ end
233
+ end
234
+
235
+ private
236
+
237
+ def default_flags
238
+ # checking the signature of the self-signed cert doesn't add any security,
239
+ # but it's a sanity check to make sure the cert isn't corrupt. This option
240
+ # is not available in JRuby's OpenSSL library.
241
+ if defined?(OpenSSL::X509::V_FLAG_CHECK_SS_SIGNATURE)
242
+ OpenSSL::X509::V_FLAG_CHECK_SS_SIGNATURE
243
+ else
244
+ 0
245
+ end
246
+ end
247
+
248
+ def create_x509_store(roots, crls, revocation, include_system_store: false)
249
+ store = OpenSSL::X509::Store.new
250
+ store.purpose = OpenSSL::X509::PURPOSE_ANY
251
+ store.flags = default_flags | revocation_mode(revocation)
252
+
253
+ roots.each { |cert| store.add_cert(cert) }
254
+ crls.each { |crl| store.add_crl(crl) }
255
+
256
+ store.set_default_paths if include_system_store
257
+
258
+ store
259
+ end
260
+
261
+ def subject(x509)
262
+ x509.subject.to_utf8
263
+ end
264
+
265
+ def issuer(x509)
266
+ x509.issuer.to_utf8
267
+ end
268
+
269
+ def revocation_mode(mode)
270
+ case mode
271
+ when false
272
+ 0
273
+ when :leaf
274
+ OpenSSL::X509::V_FLAG_CRL_CHECK
275
+ else
276
+ # :chain is the default
277
+ OpenSSL::X509::V_FLAG_CRL_CHECK | OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
278
+ end
279
+ end
280
+
281
+ def resolve_client_chain(store, client_cert, private_key)
282
+ client_chain = verify_cert_with_store(store, client_cert)
283
+
284
+ if !private_key.is_a?(OpenSSL::PKey::RSA) && !private_key.is_a?(OpenSSL::PKey::EC)
285
+ raise Puppet::SSL::SSLError, _("Unsupported key '%{type}'") % { type: private_key.class.name }
286
+ end
287
+
288
+ unless client_cert.check_private_key(private_key)
289
+ raise Puppet::SSL::SSLError, _("The certificate for '%{name}' does not match its private key") % { name: subject(client_cert) }
290
+ end
291
+
292
+ client_chain
293
+ end
294
+
295
+ def verify_cert_with_store(store, cert)
296
+ # StoreContext#initialize accepts a chain argument, but it's set to [] because
297
+ # puppet requires any intermediate CA certs needed to complete the client's
298
+ # chain to be in the CA bundle that we downloaded from the server, and
299
+ # they've already been added to the store. See PUP-9500.
300
+
301
+ store_context = OpenSSL::X509::StoreContext.new(store, cert, [])
302
+ unless store_context.verify
303
+ current_cert = store_context.current_cert
304
+
305
+ # If the client cert's intermediate CA is not in the CA bundle, then warn,
306
+ # but don't error, because SSL allows the client to send an incomplete
307
+ # chain, and have the server resolve it.
308
+ if store_context.error == OpenSSL::X509::V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
309
+ Puppet.warning _("The issuer '%{issuer}' of certificate '%{subject}' cannot be found locally") % {
310
+ issuer: issuer(current_cert), subject: subject(current_cert)
311
+ }
312
+ else
313
+ raise_cert_verify_error(store_context, current_cert)
314
+ end
315
+ end
316
+
317
+ # resolved chain from leaf to root
318
+ store_context.chain
319
+ end
320
+
321
+ def raise_cert_verify_error(store_context, current_cert)
322
+ message =
323
+ case store_context.error
324
+ when OpenSSL::X509::V_ERR_CERT_NOT_YET_VALID
325
+ _("The certificate '%{subject}' is not yet valid, verify time is synchronized") % { subject: subject(current_cert) }
326
+ when OpenSSL::X509::V_ERR_CERT_HAS_EXPIRED
327
+ _("The certificate '%{subject}' has expired, verify time is synchronized") % { subject: subject(current_cert) }
328
+ when OpenSSL::X509::V_ERR_CRL_NOT_YET_VALID
329
+ _("The CRL issued by '%{issuer}' is not yet valid, verify time is synchronized") % { issuer: issuer(current_cert) }
330
+ when OpenSSL::X509::V_ERR_CRL_HAS_EXPIRED
331
+ _("The CRL issued by '%{issuer}' has expired, verify time is synchronized") % { issuer: issuer(current_cert) }
332
+ when OpenSSL::X509::V_ERR_CERT_SIGNATURE_FAILURE
333
+ _("Invalid signature for certificate '%{subject}'") % { subject: subject(current_cert) }
334
+ when OpenSSL::X509::V_ERR_CRL_SIGNATURE_FAILURE
335
+ _("Invalid signature for CRL issued by '%{issuer}'") % { issuer: issuer(current_cert) }
336
+ when OpenSSL::X509::V_ERR_UNABLE_TO_GET_ISSUER_CERT
337
+ _("The issuer '%{issuer}' of certificate '%{subject}' is missing") % {
338
+ issuer: issuer(current_cert), subject: subject(current_cert)
339
+ }
340
+ when OpenSSL::X509::V_ERR_UNABLE_TO_GET_CRL
341
+ _("The CRL issued by '%{issuer}' is missing") % { issuer: issuer(current_cert) }
342
+ when OpenSSL::X509::V_ERR_CERT_REVOKED
343
+ _("Certificate '%{subject}' is revoked") % { subject: subject(current_cert) }
344
+ else
345
+ # error_string is labeled ASCII-8BIT, but is encoded based on Encoding.default_external
346
+ err_utf8 = Puppet::Util::CharacterEncoding.convert_to_utf_8(store_context.error_string)
347
+ _("Certificate '%{subject}' failed verification (%{err}): %{err_utf8}") % {
348
+ subject: subject(current_cert), err: store_context.error, err_utf8: err_utf8
349
+ }
350
+ end
351
+
352
+ raise Puppet::SSL::CertVerifyError.new(message, store_context.error, current_cert)
353
+ end
354
+ end