openvox 8.19.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/CHANGELOG.md +19 -0
- data/CODEOWNERS +11 -0
- data/CODE_OF_CONDUCT.md +70 -0
- data/Gemfile +87 -0
- data/Guardfile.example +76 -0
- data/LICENSE +202 -0
- data/README.md +63 -0
- data/Rakefile +170 -0
- data/bin/puppet +10 -0
- data/conf/environment.conf +18 -0
- data/conf/fileserver.conf +32 -0
- data/conf/hiera.yaml +11 -0
- data/conf/puppet.conf +6 -0
- data/examples/enc/regexp_nodes/classes/databases +2 -0
- data/examples/enc/regexp_nodes/classes/webservers +2 -0
- data/examples/enc/regexp_nodes/environment/development +2 -0
- data/examples/enc/regexp_nodes/parameters/service/prod +1 -0
- data/examples/enc/regexp_nodes/parameters/service/qa +3 -0
- data/examples/enc/regexp_nodes/parameters/service/sandbox +1 -0
- data/examples/enc/regexp_nodes/regexp_nodes.rb +270 -0
- data/examples/hiera/README.md +102 -0
- data/examples/hiera/data/common.yaml +12 -0
- data/examples/hiera/data/dc1.yaml +6 -0
- data/examples/hiera/hiera.yaml +15 -0
- data/examples/hiera/modules/ntp/data/common.yaml +4 -0
- data/examples/hiera/modules/ntp/hiera.yaml +9 -0
- data/examples/hiera/modules/ntp/manifests/config.pp +18 -0
- data/examples/hiera/modules/ntp/templates/ntp.conf.epp +3 -0
- data/examples/hiera/modules/users/manifests/common.pp +9 -0
- data/examples/hiera/modules/users/manifests/dc1.pp +9 -0
- data/examples/hiera/site.pp +3 -0
- data/examples/nagios/check_puppet.rb +123 -0
- data/ext/README.md +13 -0
- data/ext/build_defaults.yaml +18 -0
- data/ext/debian/puppet.default +4 -0
- data/ext/debian/puppet.init +113 -0
- data/ext/hiera/hiera.yaml +15 -0
- data/ext/osx/puppet.plist +32 -0
- data/ext/project_data.yaml +20 -0
- data/ext/redhat/client.init +169 -0
- data/ext/redhat/client.sysconfig +2 -0
- data/ext/solaris/smf/puppet +44 -0
- data/ext/solaris/smf/puppet.xml +46 -0
- data/ext/suse/client.init +141 -0
- data/ext/systemd/puppet.service +26 -0
- data/ext/windows/puppet_interactive.bat +6 -0
- data/ext/windows/puppet_shell.bat +9 -0
- data/ext/windows/run_puppet_interactive.bat +9 -0
- data/ext/windows/service/daemon.bat +6 -0
- data/ext/windows/service/daemon.rb +219 -0
- data/install.rb +428 -0
- data/lib/hiera/puppet_function.rb +86 -0
- data/lib/hiera/scope.rb +92 -0
- data/lib/hiera_puppet.rb +78 -0
- data/lib/puppet/agent/disabler.rb +55 -0
- data/lib/puppet/agent/locker.rb +46 -0
- data/lib/puppet/agent.rb +178 -0
- data/lib/puppet/application/agent.rb +527 -0
- data/lib/puppet/application/apply.rb +435 -0
- data/lib/puppet/application/catalog.rb +6 -0
- data/lib/puppet/application/config.rb +7 -0
- data/lib/puppet/application/describe.rb +255 -0
- data/lib/puppet/application/device.rb +440 -0
- data/lib/puppet/application/doc.rb +232 -0
- data/lib/puppet/application/epp.rb +7 -0
- data/lib/puppet/application/face_base.rb +277 -0
- data/lib/puppet/application/facts.rb +11 -0
- data/lib/puppet/application/filebucket.rb +324 -0
- data/lib/puppet/application/generate.rb +7 -0
- data/lib/puppet/application/help.rb +7 -0
- data/lib/puppet/application/indirection_base.rb +6 -0
- data/lib/puppet/application/lookup.rb +433 -0
- data/lib/puppet/application/module.rb +6 -0
- data/lib/puppet/application/node.rb +6 -0
- data/lib/puppet/application/parser.rb +7 -0
- data/lib/puppet/application/plugin.rb +6 -0
- data/lib/puppet/application/report.rb +6 -0
- data/lib/puppet/application/resource.rb +264 -0
- data/lib/puppet/application/script.rb +266 -0
- data/lib/puppet/application/ssl.rb +331 -0
- data/lib/puppet/application.rb +596 -0
- data/lib/puppet/application_support.rb +69 -0
- data/lib/puppet/coercion.rb +42 -0
- data/lib/puppet/compilable_resource_type.rb +17 -0
- data/lib/puppet/concurrent/lock.rb +15 -0
- data/lib/puppet/concurrent/synchronized.rb +15 -0
- data/lib/puppet/concurrent/thread_local_singleton.rb +18 -0
- data/lib/puppet/concurrent.rb +4 -0
- data/lib/puppet/configurer/downloader.rb +91 -0
- data/lib/puppet/configurer/fact_handler.rb +51 -0
- data/lib/puppet/configurer/plugin_handler.rb +61 -0
- data/lib/puppet/configurer.rb +759 -0
- data/lib/puppet/confine/any.rb +28 -0
- data/lib/puppet/confine/boolean.rb +47 -0
- data/lib/puppet/confine/exists.rb +21 -0
- data/lib/puppet/confine/false.rb +27 -0
- data/lib/puppet/confine/feature.rb +18 -0
- data/lib/puppet/confine/true.rb +28 -0
- data/lib/puppet/confine/variable.rb +61 -0
- data/lib/puppet/confine.rb +86 -0
- data/lib/puppet/confine_collection.rb +54 -0
- data/lib/puppet/confiner.rb +48 -0
- data/lib/puppet/context/trusted_information.rb +122 -0
- data/lib/puppet/context.rb +190 -0
- data/lib/puppet/daemon.rb +198 -0
- data/lib/puppet/data_binding.rb +16 -0
- data/lib/puppet/datatypes/error.rb +23 -0
- data/lib/puppet/datatypes/impl/error.rb +42 -0
- data/lib/puppet/datatypes.rb +218 -0
- data/lib/puppet/defaults.rb +2316 -0
- data/lib/puppet/environments.rb +599 -0
- data/lib/puppet/error.rb +142 -0
- data/lib/puppet/etc.rb +185 -0
- data/lib/puppet/external/dot.rb +315 -0
- data/lib/puppet/face/catalog/select.rb +51 -0
- data/lib/puppet/face/catalog.rb +167 -0
- data/lib/puppet/face/config.rb +266 -0
- data/lib/puppet/face/epp.rb +565 -0
- data/lib/puppet/face/facts.rb +176 -0
- data/lib/puppet/face/generate.rb +69 -0
- data/lib/puppet/face/help/action.erb +89 -0
- data/lib/puppet/face/help/face.erb +114 -0
- data/lib/puppet/face/help/global.erb +16 -0
- data/lib/puppet/face/help/man.erb +152 -0
- data/lib/puppet/face/help.rb +260 -0
- data/lib/puppet/face/module/changes.rb +44 -0
- data/lib/puppet/face/module/install.rb +149 -0
- data/lib/puppet/face/module/list.rb +271 -0
- data/lib/puppet/face/module/uninstall.rb +91 -0
- data/lib/puppet/face/module/upgrade.rb +89 -0
- data/lib/puppet/face/module.rb +21 -0
- data/lib/puppet/face/node/clean.rb +109 -0
- data/lib/puppet/face/node.rb +45 -0
- data/lib/puppet/face/parser.rb +226 -0
- data/lib/puppet/face/plugin.rb +62 -0
- data/lib/puppet/face/report.rb +54 -0
- data/lib/puppet/face/resource.rb +55 -0
- data/lib/puppet/face.rb +14 -0
- data/lib/puppet/facter_impl.rb +96 -0
- data/lib/puppet/feature/base.rb +76 -0
- data/lib/puppet/feature/bolt.rb +5 -0
- data/lib/puppet/feature/cfpropertylist.rb +5 -0
- data/lib/puppet/feature/eventlog.rb +7 -0
- data/lib/puppet/feature/hiera_eyaml.rb +5 -0
- data/lib/puppet/feature/hocon.rb +5 -0
- data/lib/puppet/feature/libuser.rb +10 -0
- data/lib/puppet/feature/msgpack.rb +5 -0
- data/lib/puppet/feature/pe_license.rb +6 -0
- data/lib/puppet/feature/pson.rb +6 -0
- data/lib/puppet/feature/selinux.rb +5 -0
- data/lib/puppet/feature/ssh.rb +5 -0
- data/lib/puppet/feature/telnet.rb +5 -0
- data/lib/puppet/feature/zlib.rb +7 -0
- data/lib/puppet/ffi/posix/constants.rb +16 -0
- data/lib/puppet/ffi/posix/functions.rb +25 -0
- data/lib/puppet/ffi/posix.rb +12 -0
- data/lib/puppet/ffi/windows/api_types.rb +313 -0
- data/lib/puppet/ffi/windows/constants.rb +406 -0
- data/lib/puppet/ffi/windows/functions.rb +629 -0
- data/lib/puppet/ffi/windows/structs.rb +339 -0
- data/lib/puppet/ffi/windows.rb +14 -0
- data/lib/puppet/file_bucket/dipper.rb +183 -0
- data/lib/puppet/file_bucket/file.rb +131 -0
- data/lib/puppet/file_bucket.rb +6 -0
- data/lib/puppet/file_serving/base.rb +94 -0
- data/lib/puppet/file_serving/configuration/parser.rb +116 -0
- data/lib/puppet/file_serving/configuration.rb +116 -0
- data/lib/puppet/file_serving/content.rb +45 -0
- data/lib/puppet/file_serving/fileset.rb +190 -0
- data/lib/puppet/file_serving/http_metadata.rb +61 -0
- data/lib/puppet/file_serving/metadata.rb +174 -0
- data/lib/puppet/file_serving/mount/file.rb +126 -0
- data/lib/puppet/file_serving/mount/locales.rb +35 -0
- data/lib/puppet/file_serving/mount/modules.rb +29 -0
- data/lib/puppet/file_serving/mount/pluginfacts.rb +35 -0
- data/lib/puppet/file_serving/mount/plugins.rb +35 -0
- data/lib/puppet/file_serving/mount/scripts.rb +27 -0
- data/lib/puppet/file_serving/mount/tasks.rb +26 -0
- data/lib/puppet/file_serving/mount.rb +41 -0
- data/lib/puppet/file_serving/terminus_helper.rb +33 -0
- data/lib/puppet/file_serving/terminus_selector.rb +33 -0
- data/lib/puppet/file_serving.rb +5 -0
- data/lib/puppet/file_system/file_impl.rb +189 -0
- data/lib/puppet/file_system/jruby.rb +25 -0
- data/lib/puppet/file_system/memory_file.rb +82 -0
- data/lib/puppet/file_system/memory_impl.rb +103 -0
- data/lib/puppet/file_system/path_pattern.rb +95 -0
- data/lib/puppet/file_system/posix.rb +52 -0
- data/lib/puppet/file_system/uniquefile.rb +190 -0
- data/lib/puppet/file_system/windows.rb +224 -0
- data/lib/puppet/file_system.rb +421 -0
- data/lib/puppet/forge/cache.rb +61 -0
- data/lib/puppet/forge/errors.rb +113 -0
- data/lib/puppet/forge/repository.rb +98 -0
- data/lib/puppet/forge.rb +257 -0
- data/lib/puppet/functions/abs.rb +64 -0
- data/lib/puppet/functions/alert.rb +16 -0
- data/lib/puppet/functions/all.rb +106 -0
- data/lib/puppet/functions/annotate.rb +110 -0
- data/lib/puppet/functions/any.rb +111 -0
- data/lib/puppet/functions/assert_type.rb +96 -0
- data/lib/puppet/functions/binary_file.rb +35 -0
- data/lib/puppet/functions/break.rb +49 -0
- data/lib/puppet/functions/call.rb +81 -0
- data/lib/puppet/functions/camelcase.rb +63 -0
- data/lib/puppet/functions/capitalize.rb +62 -0
- data/lib/puppet/functions/ceiling.rb +38 -0
- data/lib/puppet/functions/chomp.rb +58 -0
- data/lib/puppet/functions/chop.rb +68 -0
- data/lib/puppet/functions/compare.rb +127 -0
- data/lib/puppet/functions/contain.rb +58 -0
- data/lib/puppet/functions/convert_to.rb +36 -0
- data/lib/puppet/functions/crit.rb +16 -0
- data/lib/puppet/functions/debug.rb +16 -0
- data/lib/puppet/functions/defined.rb +163 -0
- data/lib/puppet/functions/dig.rb +70 -0
- data/lib/puppet/functions/downcase.rb +91 -0
- data/lib/puppet/functions/each.rb +169 -0
- data/lib/puppet/functions/emerg.rb +16 -0
- data/lib/puppet/functions/empty.rb +87 -0
- data/lib/puppet/functions/epp.rb +50 -0
- data/lib/puppet/functions/err.rb +16 -0
- data/lib/puppet/functions/eyaml_lookup_key.rb +103 -0
- data/lib/puppet/functions/filter.rb +138 -0
- data/lib/puppet/functions/find_file.rb +50 -0
- data/lib/puppet/functions/find_template.rb +65 -0
- data/lib/puppet/functions/flatten.rb +66 -0
- data/lib/puppet/functions/floor.rb +38 -0
- data/lib/puppet/functions/get.rb +152 -0
- data/lib/puppet/functions/getvar.rb +89 -0
- data/lib/puppet/functions/group_by.rb +62 -0
- data/lib/puppet/functions/hiera.rb +91 -0
- data/lib/puppet/functions/hiera_array.rb +83 -0
- data/lib/puppet/functions/hiera_hash.rb +94 -0
- data/lib/puppet/functions/hiera_include.rb +107 -0
- data/lib/puppet/functions/hocon_data.rb +41 -0
- data/lib/puppet/functions/import.rb +9 -0
- data/lib/puppet/functions/include.rb +56 -0
- data/lib/puppet/functions/index.rb +168 -0
- data/lib/puppet/functions/info.rb +16 -0
- data/lib/puppet/functions/inline_epp.rb +61 -0
- data/lib/puppet/functions/join.rb +58 -0
- data/lib/puppet/functions/json_data.rb +33 -0
- data/lib/puppet/functions/keys.rb +27 -0
- data/lib/puppet/functions/length.rb +45 -0
- data/lib/puppet/functions/lest.rb +57 -0
- data/lib/puppet/functions/lookup.rb +224 -0
- data/lib/puppet/functions/lstrip.rb +59 -0
- data/lib/puppet/functions/map.rb +137 -0
- data/lib/puppet/functions/match.rb +133 -0
- data/lib/puppet/functions/max.rb +250 -0
- data/lib/puppet/functions/min.rb +249 -0
- data/lib/puppet/functions/module_directory.rb +43 -0
- data/lib/puppet/functions/new.rb +1013 -0
- data/lib/puppet/functions/next.rb +35 -0
- data/lib/puppet/functions/notice.rb +16 -0
- data/lib/puppet/functions/partition.rb +62 -0
- data/lib/puppet/functions/reduce.rb +159 -0
- data/lib/puppet/functions/regsubst.rb +100 -0
- data/lib/puppet/functions/require.rb +81 -0
- data/lib/puppet/functions/return.rb +17 -0
- data/lib/puppet/functions/reverse_each.rb +96 -0
- data/lib/puppet/functions/round.rb +26 -0
- data/lib/puppet/functions/rstrip.rb +59 -0
- data/lib/puppet/functions/scanf.rb +46 -0
- data/lib/puppet/functions/size.rb +15 -0
- data/lib/puppet/functions/slice.rb +127 -0
- data/lib/puppet/functions/sort.rb +76 -0
- data/lib/puppet/functions/split.rb +78 -0
- data/lib/puppet/functions/step.rb +100 -0
- data/lib/puppet/functions/strftime.rb +214 -0
- data/lib/puppet/functions/strip.rb +59 -0
- data/lib/puppet/functions/then.rb +80 -0
- data/lib/puppet/functions/tree_each.rb +198 -0
- data/lib/puppet/functions/type.rb +74 -0
- data/lib/puppet/functions/unique.rb +135 -0
- data/lib/puppet/functions/unwrap.rb +61 -0
- data/lib/puppet/functions/upcase.rb +91 -0
- data/lib/puppet/functions/values.rb +27 -0
- data/lib/puppet/functions/versioncmp.rb +41 -0
- data/lib/puppet/functions/warning.rb +16 -0
- data/lib/puppet/functions/with.rb +34 -0
- data/lib/puppet/functions/yaml_data.rb +45 -0
- data/lib/puppet/functions.rb +858 -0
- data/lib/puppet/generate/models/type/property.rb +73 -0
- data/lib/puppet/generate/models/type/type.rb +68 -0
- data/lib/puppet/generate/templates/type/pcore.erb +42 -0
- data/lib/puppet/generate/type.rb +255 -0
- data/lib/puppet/gettext/config.rb +282 -0
- data/lib/puppet/gettext/module_translations.rb +43 -0
- data/lib/puppet/gettext/stubs.rb +13 -0
- data/lib/puppet/graph/key.rb +28 -0
- data/lib/puppet/graph/prioritizer.rb +31 -0
- data/lib/puppet/graph/rb_tree_map.rb +407 -0
- data/lib/puppet/graph/relationship_graph.rb +286 -0
- data/lib/puppet/graph/sequential_prioritizer.rb +33 -0
- data/lib/puppet/graph/simple_graph.rb +552 -0
- data/lib/puppet/graph.rb +11 -0
- data/lib/puppet/http/client.rb +529 -0
- data/lib/puppet/http/dns.rb +159 -0
- data/lib/puppet/http/errors.rb +50 -0
- data/lib/puppet/http/external_client.rb +89 -0
- data/lib/puppet/http/factory.rb +53 -0
- data/lib/puppet/http/pool.rb +174 -0
- data/lib/puppet/http/pool_entry.rb +19 -0
- data/lib/puppet/http/proxy.rb +139 -0
- data/lib/puppet/http/redirector.rb +87 -0
- data/lib/puppet/http/resolver/server_list.rb +88 -0
- data/lib/puppet/http/resolver/settings.rb +24 -0
- data/lib/puppet/http/resolver/srv.rb +42 -0
- data/lib/puppet/http/resolver.rb +50 -0
- data/lib/puppet/http/response.rb +104 -0
- data/lib/puppet/http/response_converter.rb +25 -0
- data/lib/puppet/http/response_net_http.rb +43 -0
- data/lib/puppet/http/retry_after_handler.rb +78 -0
- data/lib/puppet/http/service/ca.rb +133 -0
- data/lib/puppet/http/service/compiler.rb +356 -0
- data/lib/puppet/http/service/file_server.rb +200 -0
- data/lib/puppet/http/service/puppetserver.rb +54 -0
- data/lib/puppet/http/service/report.rb +62 -0
- data/lib/puppet/http/service.rb +177 -0
- data/lib/puppet/http/session.rb +124 -0
- data/lib/puppet/http/site.rb +44 -0
- data/lib/puppet/http.rb +48 -0
- data/lib/puppet/indirector/catalog/compiler.rb +432 -0
- data/lib/puppet/indirector/catalog/json.rb +42 -0
- data/lib/puppet/indirector/catalog/msgpack.rb +8 -0
- data/lib/puppet/indirector/catalog/rest.rb +51 -0
- data/lib/puppet/indirector/catalog/store_configs.rb +8 -0
- data/lib/puppet/indirector/catalog/yaml.rb +8 -0
- data/lib/puppet/indirector/code.rb +8 -0
- data/lib/puppet/indirector/data_binding/hiera.rb +8 -0
- data/lib/puppet/indirector/data_binding/none.rb +10 -0
- data/lib/puppet/indirector/direct_file_server.rb +20 -0
- data/lib/puppet/indirector/envelope.rb +13 -0
- data/lib/puppet/indirector/errors.rb +7 -0
- data/lib/puppet/indirector/exec.rb +40 -0
- data/lib/puppet/indirector/face.rb +142 -0
- data/lib/puppet/indirector/fact_search.rb +62 -0
- data/lib/puppet/indirector/facts/facter.rb +120 -0
- data/lib/puppet/indirector/facts/json.rb +29 -0
- data/lib/puppet/indirector/facts/memory.rb +11 -0
- data/lib/puppet/indirector/facts/network_device.rb +29 -0
- data/lib/puppet/indirector/facts/rest.rb +46 -0
- data/lib/puppet/indirector/facts/store_configs.rb +12 -0
- data/lib/puppet/indirector/facts/yaml.rb +31 -0
- data/lib/puppet/indirector/file_bucket_file/file.rb +268 -0
- data/lib/puppet/indirector/file_bucket_file/rest.rb +53 -0
- data/lib/puppet/indirector/file_bucket_file/selector.rb +54 -0
- data/lib/puppet/indirector/file_content/file.rb +9 -0
- data/lib/puppet/indirector/file_content/file_server.rb +9 -0
- data/lib/puppet/indirector/file_content/rest.rb +37 -0
- data/lib/puppet/indirector/file_content/selector.rb +32 -0
- data/lib/puppet/indirector/file_content.rb +7 -0
- data/lib/puppet/indirector/file_metadata/file.rb +9 -0
- data/lib/puppet/indirector/file_metadata/file_server.rb +9 -0
- data/lib/puppet/indirector/file_metadata/http.rb +49 -0
- data/lib/puppet/indirector/file_metadata/rest.rb +58 -0
- data/lib/puppet/indirector/file_metadata/selector.rb +32 -0
- data/lib/puppet/indirector/file_metadata.rb +7 -0
- data/lib/puppet/indirector/file_server.rb +57 -0
- data/lib/puppet/indirector/generic_http.rb +7 -0
- data/lib/puppet/indirector/hiera.rb +101 -0
- data/lib/puppet/indirector/indirection.rb +381 -0
- data/lib/puppet/indirector/json.rb +82 -0
- data/lib/puppet/indirector/memory.rb +37 -0
- data/lib/puppet/indirector/msgpack.rb +87 -0
- data/lib/puppet/indirector/node/exec.rb +70 -0
- data/lib/puppet/indirector/node/json.rb +9 -0
- data/lib/puppet/indirector/node/memory.rb +12 -0
- data/lib/puppet/indirector/node/msgpack.rb +9 -0
- data/lib/puppet/indirector/node/plain.rb +23 -0
- data/lib/puppet/indirector/node/rest.rb +31 -0
- data/lib/puppet/indirector/node/store_configs.rb +8 -0
- data/lib/puppet/indirector/node/yaml.rb +9 -0
- data/lib/puppet/indirector/none.rb +10 -0
- data/lib/puppet/indirector/plain.rb +11 -0
- data/lib/puppet/indirector/report/json.rb +36 -0
- data/lib/puppet/indirector/report/msgpack.rb +13 -0
- data/lib/puppet/indirector/report/processor.rb +63 -0
- data/lib/puppet/indirector/report/rest.rb +31 -0
- data/lib/puppet/indirector/report/yaml.rb +36 -0
- data/lib/puppet/indirector/request.rb +197 -0
- data/lib/puppet/indirector/resource/ral.rb +66 -0
- data/lib/puppet/indirector/resource/store_configs.rb +14 -0
- data/lib/puppet/indirector/resource/validator.rb +10 -0
- data/lib/puppet/indirector/rest.rb +66 -0
- data/lib/puppet/indirector/store_configs.rb +32 -0
- data/lib/puppet/indirector/terminus.rb +180 -0
- data/lib/puppet/indirector/yaml.rb +65 -0
- data/lib/puppet/indirector.rb +64 -0
- data/lib/puppet/info_service/class_information_service.rb +108 -0
- data/lib/puppet/info_service/plan_information_service.rb +38 -0
- data/lib/puppet/info_service/task_information_service.rb +45 -0
- data/lib/puppet/info_service.rb +27 -0
- data/lib/puppet/interface/action.rb +410 -0
- data/lib/puppet/interface/action_builder.rb +167 -0
- data/lib/puppet/interface/action_manager.rb +101 -0
- data/lib/puppet/interface/documentation.rb +363 -0
- data/lib/puppet/interface/face_collection.rb +141 -0
- data/lib/puppet/interface/option.rb +184 -0
- data/lib/puppet/interface/option_builder.rb +110 -0
- data/lib/puppet/interface/option_manager.rb +108 -0
- data/lib/puppet/interface.rb +240 -0
- data/lib/puppet/loaders.rb +31 -0
- data/lib/puppet/metatype/manager.rb +198 -0
- data/lib/puppet/module/plan.rb +166 -0
- data/lib/puppet/module/task.rb +288 -0
- data/lib/puppet/module.rb +487 -0
- data/lib/puppet/module_tool/applications/application.rb +96 -0
- data/lib/puppet/module_tool/applications/checksummer.rb +62 -0
- data/lib/puppet/module_tool/applications/installer.rb +402 -0
- data/lib/puppet/module_tool/applications/uninstaller.rb +121 -0
- data/lib/puppet/module_tool/applications/unpacker.rb +102 -0
- data/lib/puppet/module_tool/applications/upgrader.rb +288 -0
- data/lib/puppet/module_tool/applications.rb +14 -0
- data/lib/puppet/module_tool/checksums.rb +50 -0
- data/lib/puppet/module_tool/dependency.rb +42 -0
- data/lib/puppet/module_tool/errors/base.rb +17 -0
- data/lib/puppet/module_tool/errors/installer.rb +94 -0
- data/lib/puppet/module_tool/errors/shared.rb +228 -0
- data/lib/puppet/module_tool/errors/uninstaller.rb +51 -0
- data/lib/puppet/module_tool/errors/upgrader.rb +64 -0
- data/lib/puppet/module_tool/errors.rb +13 -0
- data/lib/puppet/module_tool/install_directory.rb +48 -0
- data/lib/puppet/module_tool/installed_modules.rb +99 -0
- data/lib/puppet/module_tool/local_tarball.rb +92 -0
- data/lib/puppet/module_tool/metadata.rb +227 -0
- data/lib/puppet/module_tool/shared_behaviors.rb +199 -0
- data/lib/puppet/module_tool/tar/gnu.rb +23 -0
- data/lib/puppet/module_tool/tar/mini.rb +118 -0
- data/lib/puppet/module_tool/tar.rb +20 -0
- data/lib/puppet/module_tool.rb +194 -0
- data/lib/puppet/network/authconfig.rb +9 -0
- data/lib/puppet/network/authorization.rb +21 -0
- data/lib/puppet/network/client_request.rb +32 -0
- data/lib/puppet/network/format.rb +116 -0
- data/lib/puppet/network/format_handler.rb +110 -0
- data/lib/puppet/network/format_support.rb +140 -0
- data/lib/puppet/network/formats.rb +338 -0
- data/lib/puppet/network/http/api/indirected_routes.rb +270 -0
- data/lib/puppet/network/http/api/indirection_type.rb +33 -0
- data/lib/puppet/network/http/api/master/v3/environments.rb +4 -0
- data/lib/puppet/network/http/api/master/v3.rb +4 -0
- data/lib/puppet/network/http/api/master.rb +5 -0
- data/lib/puppet/network/http/api/server/v3/environments.rb +54 -0
- data/lib/puppet/network/http/api/server/v3.rb +40 -0
- data/lib/puppet/network/http/api/server.rb +12 -0
- data/lib/puppet/network/http/api.rb +41 -0
- data/lib/puppet/network/http/connection.rb +288 -0
- data/lib/puppet/network/http/error.rb +75 -0
- data/lib/puppet/network/http/handler.rb +213 -0
- data/lib/puppet/network/http/issues.rb +14 -0
- data/lib/puppet/network/http/memory_response.rb +15 -0
- data/lib/puppet/network/http/request.rb +83 -0
- data/lib/puppet/network/http/response.rb +25 -0
- data/lib/puppet/network/http/route.rb +104 -0
- data/lib/puppet/network/http.rb +30 -0
- data/lib/puppet/network/http_pool.rb +78 -0
- data/lib/puppet/network/uri.rb +20 -0
- data/lib/puppet/network.rb +5 -0
- data/lib/puppet/node/environment.rb +638 -0
- data/lib/puppet/node/facts.rb +165 -0
- data/lib/puppet/node/server_facts.rb +46 -0
- data/lib/puppet/node.rb +256 -0
- data/lib/puppet/pal/catalog_compiler.rb +107 -0
- data/lib/puppet/pal/compiler.rb +227 -0
- data/lib/puppet/pal/function_signature.rb +54 -0
- data/lib/puppet/pal/json_catalog_encoder.rb +76 -0
- data/lib/puppet/pal/pal_api.rb +17 -0
- data/lib/puppet/pal/pal_impl.rb +585 -0
- data/lib/puppet/pal/plan_signature.rb +73 -0
- data/lib/puppet/pal/script_compiler.rb +75 -0
- data/lib/puppet/pal/task_signature.rb +64 -0
- data/lib/puppet/parameter/boolean.rb +17 -0
- data/lib/puppet/parameter/package_options.rb +33 -0
- data/lib/puppet/parameter/path.rb +61 -0
- data/lib/puppet/parameter/value.rb +93 -0
- data/lib/puppet/parameter/value_collection.rb +213 -0
- data/lib/puppet/parameter.rb +590 -0
- data/lib/puppet/parser/abstract_compiler.rb +35 -0
- data/lib/puppet/parser/ast/block_expression.rb +17 -0
- data/lib/puppet/parser/ast/branch.rb +21 -0
- data/lib/puppet/parser/ast/hostclass.rb +29 -0
- data/lib/puppet/parser/ast/leaf.rb +84 -0
- data/lib/puppet/parser/ast/node.rb +19 -0
- data/lib/puppet/parser/ast/pops_bridge.rb +245 -0
- data/lib/puppet/parser/ast/resource.rb +66 -0
- data/lib/puppet/parser/ast/resource_instance.rb +13 -0
- data/lib/puppet/parser/ast/resourceparam.rb +33 -0
- data/lib/puppet/parser/ast/top_level_construct.rb +6 -0
- data/lib/puppet/parser/ast.rb +62 -0
- data/lib/puppet/parser/catalog_compiler.rb +56 -0
- data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +41 -0
- data/lib/puppet/parser/compiler/catalog_validator.rb +35 -0
- data/lib/puppet/parser/compiler.rb +616 -0
- data/lib/puppet/parser/e4_parser_adapter.rb +61 -0
- data/lib/puppet/parser/files.rb +95 -0
- data/lib/puppet/parser/functions/assert_type.rb +62 -0
- data/lib/puppet/parser/functions/binary_file.rb +26 -0
- data/lib/puppet/parser/functions/break.rb +41 -0
- data/lib/puppet/parser/functions/contain.rb +32 -0
- data/lib/puppet/parser/functions/create_resources.rb +114 -0
- data/lib/puppet/parser/functions/defined.rb +109 -0
- data/lib/puppet/parser/functions/dig.rb +40 -0
- data/lib/puppet/parser/functions/digest.rb +7 -0
- data/lib/puppet/parser/functions/each.rb +106 -0
- data/lib/puppet/parser/functions/epp.rb +40 -0
- data/lib/puppet/parser/functions/fail.rb +13 -0
- data/lib/puppet/parser/functions/file.rb +35 -0
- data/lib/puppet/parser/functions/filter.rb +81 -0
- data/lib/puppet/parser/functions/find_file.rb +29 -0
- data/lib/puppet/parser/functions/fqdn_rand.rb +46 -0
- data/lib/puppet/parser/functions/generate.rb +39 -0
- data/lib/puppet/parser/functions/hiera.rb +105 -0
- data/lib/puppet/parser/functions/hiera_array.rb +93 -0
- data/lib/puppet/parser/functions/hiera_hash.rb +103 -0
- data/lib/puppet/parser/functions/hiera_include.rb +102 -0
- data/lib/puppet/parser/functions/include.rb +36 -0
- data/lib/puppet/parser/functions/inline_epp.rb +52 -0
- data/lib/puppet/parser/functions/inline_template.rb +28 -0
- data/lib/puppet/parser/functions/lest.rb +51 -0
- data/lib/puppet/parser/functions/lookup.rb +134 -0
- data/lib/puppet/parser/functions/map.rb +78 -0
- data/lib/puppet/parser/functions/match.rb +45 -0
- data/lib/puppet/parser/functions/md5.rb +7 -0
- data/lib/puppet/parser/functions/new.rb +992 -0
- data/lib/puppet/parser/functions/next.rb +40 -0
- data/lib/puppet/parser/functions/realize.rb +22 -0
- data/lib/puppet/parser/functions/reduce.rb +139 -0
- data/lib/puppet/parser/functions/regsubst.rb +65 -0
- data/lib/puppet/parser/functions/require.rb +43 -0
- data/lib/puppet/parser/functions/return.rb +94 -0
- data/lib/puppet/parser/functions/reverse_each.rb +85 -0
- data/lib/puppet/parser/functions/scanf.rb +40 -0
- data/lib/puppet/parser/functions/sha1.rb +7 -0
- data/lib/puppet/parser/functions/sha256.rb +7 -0
- data/lib/puppet/parser/functions/shellquote.rb +63 -0
- data/lib/puppet/parser/functions/slice.rb +41 -0
- data/lib/puppet/parser/functions/split.rb +29 -0
- data/lib/puppet/parser/functions/sprintf.rb +62 -0
- data/lib/puppet/parser/functions/step.rb +86 -0
- data/lib/puppet/parser/functions/strftime.rb +187 -0
- data/lib/puppet/parser/functions/tag.rb +15 -0
- data/lib/puppet/parser/functions/tagged.rb +24 -0
- data/lib/puppet/parser/functions/template.rb +42 -0
- data/lib/puppet/parser/functions/then.rb +75 -0
- data/lib/puppet/parser/functions/type.rb +55 -0
- data/lib/puppet/parser/functions/versioncmp.rb +31 -0
- data/lib/puppet/parser/functions/with.rb +30 -0
- data/lib/puppet/parser/functions.rb +324 -0
- data/lib/puppet/parser/parser_factory.rb +32 -0
- data/lib/puppet/parser/relationship.rb +90 -0
- data/lib/puppet/parser/resource/param.rb +37 -0
- data/lib/puppet/parser/resource.rb +353 -0
- data/lib/puppet/parser/scope.rb +1141 -0
- data/lib/puppet/parser/script_compiler.rb +123 -0
- data/lib/puppet/parser/templatewrapper.rb +105 -0
- data/lib/puppet/parser/type_loader.rb +151 -0
- data/lib/puppet/parser.rb +22 -0
- data/lib/puppet/plugins/configuration.rb +31 -0
- data/lib/puppet/plugins/syntax_checkers.rb +99 -0
- data/lib/puppet/plugins.rb +11 -0
- data/lib/puppet/pops/adaptable.rb +199 -0
- data/lib/puppet/pops/adapters.rb +159 -0
- data/lib/puppet/pops/evaluator/access_operator.rb +732 -0
- data/lib/puppet/pops/evaluator/callable_signature.rb +108 -0
- data/lib/puppet/pops/evaluator/closure.rb +370 -0
- data/lib/puppet/pops/evaluator/collector_transformer.rb +237 -0
- data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +88 -0
- data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +30 -0
- data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +71 -0
- data/lib/puppet/pops/evaluator/collectors/fixed_set_collector.rb +38 -0
- data/lib/puppet/pops/evaluator/compare_operator.rb +269 -0
- data/lib/puppet/pops/evaluator/deferred_resolver.rb +227 -0
- data/lib/puppet/pops/evaluator/epp_evaluator.rb +121 -0
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +1317 -0
- data/lib/puppet/pops/evaluator/external_syntax_support.rb +47 -0
- data/lib/puppet/pops/evaluator/json_strict_literal_evaluator.rb +83 -0
- data/lib/puppet/pops/evaluator/literal_evaluator.rb +100 -0
- data/lib/puppet/pops/evaluator/puppet_proc.rb +72 -0
- data/lib/puppet/pops/evaluator/relationship_operator.rb +188 -0
- data/lib/puppet/pops/evaluator/runtime3_converter.rb +225 -0
- data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +119 -0
- data/lib/puppet/pops/evaluator/runtime3_support.rb +528 -0
- data/lib/puppet/pops/functions/dispatch.rb +107 -0
- data/lib/puppet/pops/functions/dispatcher.rb +76 -0
- data/lib/puppet/pops/functions/function.rb +137 -0
- data/lib/puppet/pops/issue_reporter.rb +140 -0
- data/lib/puppet/pops/issues.rb +933 -0
- data/lib/puppet/pops/label_provider.rb +92 -0
- data/lib/puppet/pops/loader/base_loader.rb +178 -0
- data/lib/puppet/pops/loader/dependency_loader.rb +95 -0
- data/lib/puppet/pops/loader/gem_support.rb +54 -0
- data/lib/puppet/pops/loader/generic_plan_instantiator.rb +30 -0
- data/lib/puppet/pops/loader/loader.rb +221 -0
- data/lib/puppet/pops/loader/loader_paths.rb +413 -0
- data/lib/puppet/pops/loader/module_loaders.rb +552 -0
- data/lib/puppet/pops/loader/predefined_loader.rb +28 -0
- data/lib/puppet/pops/loader/puppet_function_instantiator.rb +88 -0
- data/lib/puppet/pops/loader/puppet_plan_instantiator.rb +97 -0
- data/lib/puppet/pops/loader/puppet_resource_type_impl_instantiator.rb +80 -0
- data/lib/puppet/pops/loader/ruby_data_type_instantiator.rb +43 -0
- data/lib/puppet/pops/loader/ruby_function_instantiator.rb +49 -0
- data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +130 -0
- data/lib/puppet/pops/loader/runtime3_type_loader.rb +104 -0
- data/lib/puppet/pops/loader/simple_environment_loader.rb +20 -0
- data/lib/puppet/pops/loader/static_loader.rb +133 -0
- data/lib/puppet/pops/loader/task_instantiator.rb +46 -0
- data/lib/puppet/pops/loader/type_definition_instantiator.rb +104 -0
- data/lib/puppet/pops/loader/typed_name.rb +56 -0
- data/lib/puppet/pops/loader/uri_helper.rb +24 -0
- data/lib/puppet/pops/loaders.rb +550 -0
- data/lib/puppet/pops/lookup/configured_data_provider.rb +95 -0
- data/lib/puppet/pops/lookup/context.rb +208 -0
- data/lib/puppet/pops/lookup/data_adapter.rb +29 -0
- data/lib/puppet/pops/lookup/data_dig_function_provider.rb +146 -0
- data/lib/puppet/pops/lookup/data_hash_function_provider.rb +128 -0
- data/lib/puppet/pops/lookup/data_provider.rb +94 -0
- data/lib/puppet/pops/lookup/environment_data_provider.rb +37 -0
- data/lib/puppet/pops/lookup/explainer.rb +597 -0
- data/lib/puppet/pops/lookup/function_provider.rb +112 -0
- data/lib/puppet/pops/lookup/global_data_provider.rb +76 -0
- data/lib/puppet/pops/lookup/hiera_config.rb +823 -0
- data/lib/puppet/pops/lookup/interpolation.rb +166 -0
- data/lib/puppet/pops/lookup/invocation.rb +272 -0
- data/lib/puppet/pops/lookup/key_recorder.rb +21 -0
- data/lib/puppet/pops/lookup/location_resolver.rb +101 -0
- data/lib/puppet/pops/lookup/lookup_adapter.rb +533 -0
- data/lib/puppet/pops/lookup/lookup_key.rb +101 -0
- data/lib/puppet/pops/lookup/lookup_key_function_provider.rb +94 -0
- data/lib/puppet/pops/lookup/module_data_provider.rb +92 -0
- data/lib/puppet/pops/lookup/sub_lookup.rb +96 -0
- data/lib/puppet/pops/lookup.rb +102 -0
- data/lib/puppet/pops/merge_strategy.rb +447 -0
- data/lib/puppet/pops/migration/migration_checker.rb +61 -0
- data/lib/puppet/pops/model/ast.pp +669 -0
- data/lib/puppet/pops/model/ast.rb +4776 -0
- data/lib/puppet/pops/model/ast_transformer.rb +131 -0
- data/lib/puppet/pops/model/factory.rb +1157 -0
- data/lib/puppet/pops/model/model_label_provider.rb +137 -0
- data/lib/puppet/pops/model/model_tree_dumper.rb +447 -0
- data/lib/puppet/pops/model/pn_transformer.rb +384 -0
- data/lib/puppet/pops/model/tree_dumper.rb +62 -0
- data/lib/puppet/pops/parser/code_merger.rb +29 -0
- data/lib/puppet/pops/parser/egrammar.ra +889 -0
- data/lib/puppet/pops/parser/eparser.rb +3184 -0
- data/lib/puppet/pops/parser/epp_parser.rb +52 -0
- data/lib/puppet/pops/parser/epp_support.rb +266 -0
- data/lib/puppet/pops/parser/evaluating_parser.rb +166 -0
- data/lib/puppet/pops/parser/heredoc_support.rb +153 -0
- data/lib/puppet/pops/parser/interpolation_support.rb +249 -0
- data/lib/puppet/pops/parser/lexer2.rb +789 -0
- data/lib/puppet/pops/parser/lexer_support.rb +221 -0
- data/lib/puppet/pops/parser/locatable.rb +23 -0
- data/lib/puppet/pops/parser/locator.rb +361 -0
- data/lib/puppet/pops/parser/parser_support.rb +252 -0
- data/lib/puppet/pops/parser/pn_parser.rb +318 -0
- data/lib/puppet/pops/parser/slurp_support.rb +119 -0
- data/lib/puppet/pops/patterns.rb +60 -0
- data/lib/puppet/pops/pcore.rb +136 -0
- data/lib/puppet/pops/pn.rb +239 -0
- data/lib/puppet/pops/puppet_stack.rb +63 -0
- data/lib/puppet/pops/resource/param.rb +56 -0
- data/lib/puppet/pops/resource/resource_type_impl.rb +296 -0
- data/lib/puppet/pops/resource/resource_type_set.pcore +22 -0
- data/lib/puppet/pops/semantic_error.rb +31 -0
- data/lib/puppet/pops/serialization/abstract_reader.rb +182 -0
- data/lib/puppet/pops/serialization/abstract_writer.rb +224 -0
- data/lib/puppet/pops/serialization/deserializer.rb +83 -0
- data/lib/puppet/pops/serialization/extension.rb +166 -0
- data/lib/puppet/pops/serialization/from_data_converter.rb +231 -0
- data/lib/puppet/pops/serialization/instance_reader.rb +21 -0
- data/lib/puppet/pops/serialization/instance_writer.rb +16 -0
- data/lib/puppet/pops/serialization/json.rb +301 -0
- data/lib/puppet/pops/serialization/json_path.rb +129 -0
- data/lib/puppet/pops/serialization/object.rb +73 -0
- data/lib/puppet/pops/serialization/serializer.rb +144 -0
- data/lib/puppet/pops/serialization/time_factory.rb +68 -0
- data/lib/puppet/pops/serialization/to_data_converter.rb +316 -0
- data/lib/puppet/pops/serialization/to_stringified_converter.rb +227 -0
- data/lib/puppet/pops/serialization.rb +45 -0
- data/lib/puppet/pops/time/timespan.rb +728 -0
- data/lib/puppet/pops/time/timestamp.rb +167 -0
- data/lib/puppet/pops/types/annotatable.rb +37 -0
- data/lib/puppet/pops/types/annotation.rb +73 -0
- data/lib/puppet/pops/types/class_loader.rb +134 -0
- data/lib/puppet/pops/types/implementation_registry.rb +137 -0
- data/lib/puppet/pops/types/iterable.rb +375 -0
- data/lib/puppet/pops/types/p_binary_type.rb +232 -0
- data/lib/puppet/pops/types/p_init_type.rb +241 -0
- data/lib/puppet/pops/types/p_meta_type.rb +95 -0
- data/lib/puppet/pops/types/p_object_type.rb +1142 -0
- data/lib/puppet/pops/types/p_object_type_extension.rb +229 -0
- data/lib/puppet/pops/types/p_runtime_type.rb +117 -0
- data/lib/puppet/pops/types/p_sem_ver_range_type.rb +191 -0
- data/lib/puppet/pops/types/p_sem_ver_type.rb +155 -0
- data/lib/puppet/pops/types/p_sensitive_type.rb +81 -0
- data/lib/puppet/pops/types/p_timespan_type.rb +194 -0
- data/lib/puppet/pops/types/p_timestamp_type.rb +74 -0
- data/lib/puppet/pops/types/p_type_set_type.rb +394 -0
- data/lib/puppet/pops/types/p_uri_type.rb +198 -0
- data/lib/puppet/pops/types/puppet_object.rb +41 -0
- data/lib/puppet/pops/types/recursion_guard.rb +142 -0
- data/lib/puppet/pops/types/ruby_generator.rb +477 -0
- data/lib/puppet/pops/types/ruby_method.rb +32 -0
- data/lib/puppet/pops/types/string_converter.rb +1144 -0
- data/lib/puppet/pops/types/tree_iterators.rb +250 -0
- data/lib/puppet/pops/types/type_acceptor.rb +27 -0
- data/lib/puppet/pops/types/type_asserter.rb +49 -0
- data/lib/puppet/pops/types/type_assertion_error.rb +27 -0
- data/lib/puppet/pops/types/type_calculator.rb +829 -0
- data/lib/puppet/pops/types/type_conversion_error.rb +7 -0
- data/lib/puppet/pops/types/type_factory.rb +640 -0
- data/lib/puppet/pops/types/type_formatter.rb +796 -0
- data/lib/puppet/pops/types/type_mismatch_describer.rb +1105 -0
- data/lib/puppet/pops/types/type_parser.rb +690 -0
- data/lib/puppet/pops/types/type_set_reference.rb +62 -0
- data/lib/puppet/pops/types/type_with_members.rb +43 -0
- data/lib/puppet/pops/types/types.rb +3651 -0
- data/lib/puppet/pops/utils.rb +117 -0
- data/lib/puppet/pops/validation/checker4_0.rb +1155 -0
- data/lib/puppet/pops/validation/tasks_checker.rb +95 -0
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +45 -0
- data/lib/puppet/pops/validation.rb +462 -0
- data/lib/puppet/pops/visitable.rb +8 -0
- data/lib/puppet/pops/visitor.rb +136 -0
- data/lib/puppet/pops.rb +124 -0
- data/lib/puppet/property/boolean.rb +9 -0
- data/lib/puppet/property/ensure.rb +107 -0
- data/lib/puppet/property/keyvalue.rb +159 -0
- data/lib/puppet/property/list.rb +71 -0
- data/lib/puppet/property/ordered_list.rb +30 -0
- data/lib/puppet/property.rb +610 -0
- data/lib/puppet/provider/aix_object.rb +491 -0
- data/lib/puppet/provider/command.rb +27 -0
- data/lib/puppet/provider/confine.rb +8 -0
- data/lib/puppet/provider/exec/posix.rb +63 -0
- data/lib/puppet/provider/exec/shell.rb +27 -0
- data/lib/puppet/provider/exec/windows.rb +57 -0
- data/lib/puppet/provider/exec.rb +107 -0
- data/lib/puppet/provider/file/posix.rb +162 -0
- data/lib/puppet/provider/file/windows.rb +151 -0
- data/lib/puppet/provider/group/aix.rb +101 -0
- data/lib/puppet/provider/group/directoryservice.rb +24 -0
- data/lib/puppet/provider/group/groupadd.rb +180 -0
- data/lib/puppet/provider/group/ldap.rb +51 -0
- data/lib/puppet/provider/group/pw.rb +52 -0
- data/lib/puppet/provider/group/windows_adsi.rb +116 -0
- data/lib/puppet/provider/ldap.rb +143 -0
- data/lib/puppet/provider/nameservice/directoryservice.rb +522 -0
- data/lib/puppet/provider/nameservice/objectadd.rb +22 -0
- data/lib/puppet/provider/nameservice/pw.rb +21 -0
- data/lib/puppet/provider/nameservice.rb +297 -0
- data/lib/puppet/provider/network_device.rb +74 -0
- data/lib/puppet/provider/package/aix.rb +171 -0
- data/lib/puppet/provider/package/appdmg.rb +113 -0
- data/lib/puppet/provider/package/apple.rb +49 -0
- data/lib/puppet/provider/package/apt.rb +265 -0
- data/lib/puppet/provider/package/aptitude.rb +35 -0
- data/lib/puppet/provider/package/aptrpm.rb +87 -0
- data/lib/puppet/provider/package/blastwave.rb +109 -0
- data/lib/puppet/provider/package/dnf.rb +57 -0
- data/lib/puppet/provider/package/dnfmodule.rb +143 -0
- data/lib/puppet/provider/package/dpkg.rb +191 -0
- data/lib/puppet/provider/package/fink.rb +99 -0
- data/lib/puppet/provider/package/freebsd.rb +49 -0
- data/lib/puppet/provider/package/gem.rb +296 -0
- data/lib/puppet/provider/package/hpux.rb +46 -0
- data/lib/puppet/provider/package/macports.rb +112 -0
- data/lib/puppet/provider/package/nim.rb +290 -0
- data/lib/puppet/provider/package/openbsd.rb +263 -0
- data/lib/puppet/provider/package/opkg.rb +85 -0
- data/lib/puppet/provider/package/pacman.rb +270 -0
- data/lib/puppet/provider/package/pip.rb +347 -0
- data/lib/puppet/provider/package/pip2.rb +18 -0
- data/lib/puppet/provider/package/pip3.rb +18 -0
- data/lib/puppet/provider/package/pkg.rb +300 -0
- data/lib/puppet/provider/package/pkgdmg.rb +159 -0
- data/lib/puppet/provider/package/pkgin.rb +88 -0
- data/lib/puppet/provider/package/pkgng.rb +178 -0
- data/lib/puppet/provider/package/pkgutil.rb +186 -0
- data/lib/puppet/provider/package/portage.rb +314 -0
- data/lib/puppet/provider/package/ports.rb +94 -0
- data/lib/puppet/provider/package/portupgrade.rb +233 -0
- data/lib/puppet/provider/package/puppet_gem.rb +25 -0
- data/lib/puppet/provider/package/puppetserver_gem.rb +174 -0
- data/lib/puppet/provider/package/rpm.rb +255 -0
- data/lib/puppet/provider/package/rug.rb +51 -0
- data/lib/puppet/provider/package/sun.rb +137 -0
- data/lib/puppet/provider/package/sunfreeware.rb +11 -0
- data/lib/puppet/provider/package/tdnf.rb +35 -0
- data/lib/puppet/provider/package/up2date.rb +40 -0
- data/lib/puppet/provider/package/urpmi.rb +57 -0
- data/lib/puppet/provider/package/windows/exe_package.rb +108 -0
- data/lib/puppet/provider/package/windows/msi_package.rb +72 -0
- data/lib/puppet/provider/package/windows/package.rb +113 -0
- data/lib/puppet/provider/package/windows.rb +131 -0
- data/lib/puppet/provider/package/xbps.rb +127 -0
- data/lib/puppet/provider/package/yum.rb +390 -0
- data/lib/puppet/provider/package/zypper.rb +206 -0
- data/lib/puppet/provider/package.rb +61 -0
- data/lib/puppet/provider/package_targetable.rb +71 -0
- data/lib/puppet/provider/parsedfile.rb +494 -0
- data/lib/puppet/provider/service/base.rb +135 -0
- data/lib/puppet/provider/service/bsd.rb +53 -0
- data/lib/puppet/provider/service/daemontools.rb +196 -0
- data/lib/puppet/provider/service/debian.rb +77 -0
- data/lib/puppet/provider/service/freebsd.rb +141 -0
- data/lib/puppet/provider/service/gentoo.rb +47 -0
- data/lib/puppet/provider/service/init.rb +194 -0
- data/lib/puppet/provider/service/launchd.rb +391 -0
- data/lib/puppet/provider/service/openbsd.rb +101 -0
- data/lib/puppet/provider/service/openrc.rb +72 -0
- data/lib/puppet/provider/service/openwrt.rb +37 -0
- data/lib/puppet/provider/service/rcng.rb +53 -0
- data/lib/puppet/provider/service/redhat.rb +75 -0
- data/lib/puppet/provider/service/runit.rb +107 -0
- data/lib/puppet/provider/service/service.rb +67 -0
- data/lib/puppet/provider/service/smf.rb +322 -0
- data/lib/puppet/provider/service/src.rb +147 -0
- data/lib/puppet/provider/service/systemd.rb +232 -0
- data/lib/puppet/provider/service/upstart.rb +385 -0
- data/lib/puppet/provider/service/windows.rb +179 -0
- data/lib/puppet/provider/user/aix.rb +365 -0
- data/lib/puppet/provider/user/directoryservice.rb +687 -0
- data/lib/puppet/provider/user/hpux.rb +93 -0
- data/lib/puppet/provider/user/ldap.rb +135 -0
- data/lib/puppet/provider/user/openbsd.rb +79 -0
- data/lib/puppet/provider/user/pw.rb +109 -0
- data/lib/puppet/provider/user/user_role_add.rb +243 -0
- data/lib/puppet/provider/user/useradd.rb +417 -0
- data/lib/puppet/provider/user/windows_adsi.rb +176 -0
- data/lib/puppet/provider.rb +613 -0
- data/lib/puppet/reference/configuration.rb +105 -0
- data/lib/puppet/reference/function.rb +19 -0
- data/lib/puppet/reference/indirection.rb +76 -0
- data/lib/puppet/reference/metaparameter.rb +35 -0
- data/lib/puppet/reference/providers.rb +119 -0
- data/lib/puppet/reference/report.rb +22 -0
- data/lib/puppet/reference/type.rb +111 -0
- data/lib/puppet/relationship.rb +85 -0
- data/lib/puppet/reports/http.rb +45 -0
- data/lib/puppet/reports/log.rb +15 -0
- data/lib/puppet/reports/store.rb +71 -0
- data/lib/puppet/reports.rb +95 -0
- data/lib/puppet/resource/catalog.rb +655 -0
- data/lib/puppet/resource/status.rb +231 -0
- data/lib/puppet/resource/type.rb +449 -0
- data/lib/puppet/resource/type_collection.rb +235 -0
- data/lib/puppet/resource.rb +673 -0
- data/lib/puppet/runtime.rb +67 -0
- data/lib/puppet/scheduler/job.rb +55 -0
- data/lib/puppet/scheduler/scheduler.rb +46 -0
- data/lib/puppet/scheduler/splay_job.rb +45 -0
- data/lib/puppet/scheduler/timer.rb +15 -0
- data/lib/puppet/scheduler.rb +18 -0
- data/lib/puppet/settings/alias_setting.rb +37 -0
- data/lib/puppet/settings/array_setting.rb +18 -0
- data/lib/puppet/settings/autosign_setting.rb +23 -0
- data/lib/puppet/settings/base_setting.rb +228 -0
- data/lib/puppet/settings/boolean_setting.rb +34 -0
- data/lib/puppet/settings/certificate_revocation_setting.rb +22 -0
- data/lib/puppet/settings/config_file.rb +148 -0
- data/lib/puppet/settings/directory_setting.rb +20 -0
- data/lib/puppet/settings/duration_setting.rb +33 -0
- data/lib/puppet/settings/enum_setting.rb +18 -0
- data/lib/puppet/settings/environment_conf.rb +228 -0
- data/lib/puppet/settings/errors.rb +14 -0
- data/lib/puppet/settings/file_or_directory_setting.rb +37 -0
- data/lib/puppet/settings/file_setting.rb +232 -0
- data/lib/puppet/settings/http_extra_headers_setting.rb +26 -0
- data/lib/puppet/settings/ini_file.rb +228 -0
- data/lib/puppet/settings/integer_setting.rb +19 -0
- data/lib/puppet/settings/path_setting.rb +10 -0
- data/lib/puppet/settings/port_setting.rb +17 -0
- data/lib/puppet/settings/priority_setting.rb +44 -0
- data/lib/puppet/settings/server_list_setting.rb +30 -0
- data/lib/puppet/settings/string_setting.rb +11 -0
- data/lib/puppet/settings/symbolic_enum_setting.rb +19 -0
- data/lib/puppet/settings/terminus_setting.rb +16 -0
- data/lib/puppet/settings/ttl_setting.rb +53 -0
- data/lib/puppet/settings/value_translator.rb +16 -0
- data/lib/puppet/settings.rb +1650 -0
- data/lib/puppet/ssl/base.rb +152 -0
- data/lib/puppet/ssl/certificate.rb +98 -0
- data/lib/puppet/ssl/certificate_request.rb +320 -0
- data/lib/puppet/ssl/certificate_request_attributes.rb +40 -0
- data/lib/puppet/ssl/certificate_signer.rb +39 -0
- data/lib/puppet/ssl/digest.rb +22 -0
- data/lib/puppet/ssl/error.rb +29 -0
- data/lib/puppet/ssl/oids.rb +199 -0
- data/lib/puppet/ssl/openssl_loader.rb +26 -0
- data/lib/puppet/ssl/ssl_context.rb +27 -0
- data/lib/puppet/ssl/ssl_provider.rb +354 -0
- data/lib/puppet/ssl/state_machine.rb +605 -0
- data/lib/puppet/ssl/verifier.rb +143 -0
- data/lib/puppet/ssl.rb +25 -0
- data/lib/puppet/syntax_checkers/base64.rb +42 -0
- data/lib/puppet/syntax_checkers/epp.rb +35 -0
- data/lib/puppet/syntax_checkers/json.rb +35 -0
- data/lib/puppet/syntax_checkers/pp.rb +35 -0
- data/lib/puppet/syntax_checkers.rb +5 -0
- data/lib/puppet/test/test_helper.rb +251 -0
- data/lib/puppet/thread_local.rb +6 -0
- data/lib/puppet/transaction/additional_resource_generator.rb +225 -0
- data/lib/puppet/transaction/event.rb +171 -0
- data/lib/puppet/transaction/event_manager.rb +180 -0
- data/lib/puppet/transaction/persistence.rb +119 -0
- data/lib/puppet/transaction/report.rb +511 -0
- data/lib/puppet/transaction/resource_harness.rb +331 -0
- data/lib/puppet/transaction.rb +493 -0
- data/lib/puppet/trusted_external.rb +46 -0
- data/lib/puppet/type/component.rb +96 -0
- data/lib/puppet/type/exec.rb +730 -0
- data/lib/puppet/type/file/checksum.rb +54 -0
- data/lib/puppet/type/file/checksum_value.rb +56 -0
- data/lib/puppet/type/file/content.rb +180 -0
- data/lib/puppet/type/file/ctime.rb +22 -0
- data/lib/puppet/type/file/data_sync.rb +101 -0
- data/lib/puppet/type/file/ensure.rb +194 -0
- data/lib/puppet/type/file/group.rb +50 -0
- data/lib/puppet/type/file/mode.rb +192 -0
- data/lib/puppet/type/file/mtime.rb +21 -0
- data/lib/puppet/type/file/owner.rb +52 -0
- data/lib/puppet/type/file/selcontext.rb +143 -0
- data/lib/puppet/type/file/source.rb +380 -0
- data/lib/puppet/type/file/target.rb +86 -0
- data/lib/puppet/type/file/type.rb +21 -0
- data/lib/puppet/type/file.rb +1139 -0
- data/lib/puppet/type/filebucket.rb +123 -0
- data/lib/puppet/type/group.rb +238 -0
- data/lib/puppet/type/notify.rb +48 -0
- data/lib/puppet/type/package.rb +715 -0
- data/lib/puppet/type/resources.rb +192 -0
- data/lib/puppet/type/schedule.rb +441 -0
- data/lib/puppet/type/service.rb +310 -0
- data/lib/puppet/type/stage.rb +29 -0
- data/lib/puppet/type/tidy.rb +382 -0
- data/lib/puppet/type/user.rb +865 -0
- data/lib/puppet/type/whit.rb +35 -0
- data/lib/puppet/type.rb +2629 -0
- data/lib/puppet/util/at_fork/noop.rb +20 -0
- data/lib/puppet/util/at_fork/solaris.rb +158 -0
- data/lib/puppet/util/at_fork.rb +37 -0
- data/lib/puppet/util/autoload.rb +221 -0
- data/lib/puppet/util/backups.rb +88 -0
- data/lib/puppet/util/character_encoding.rb +83 -0
- data/lib/puppet/util/checksums.rb +380 -0
- data/lib/puppet/util/classgen.rb +223 -0
- data/lib/puppet/util/colors.rb +102 -0
- data/lib/puppet/util/command_line/puppet_option_parser.rb +89 -0
- data/lib/puppet/util/command_line/trollop.rb +847 -0
- data/lib/puppet/util/command_line.rb +198 -0
- data/lib/puppet/util/constant_inflector.rb +25 -0
- data/lib/puppet/util/diff.rb +80 -0
- data/lib/puppet/util/docs.rb +132 -0
- data/lib/puppet/util/errors.rb +161 -0
- data/lib/puppet/util/execution.rb +446 -0
- data/lib/puppet/util/execution_stub.rb +28 -0
- data/lib/puppet/util/feature.rb +129 -0
- data/lib/puppet/util/file_watcher.rb +31 -0
- data/lib/puppet/util/fileparsing.rb +404 -0
- data/lib/puppet/util/filetype.rb +358 -0
- data/lib/puppet/util/http_proxy.rb +6 -0
- data/lib/puppet/util/inifile.rb +335 -0
- data/lib/puppet/util/instance_loader.rb +69 -0
- data/lib/puppet/util/json.rb +94 -0
- data/lib/puppet/util/json_lockfile.rb +47 -0
- data/lib/puppet/util/ldap/connection.rb +75 -0
- data/lib/puppet/util/ldap/generator.rb +44 -0
- data/lib/puppet/util/ldap/manager.rb +283 -0
- data/lib/puppet/util/ldap.rb +4 -0
- data/lib/puppet/util/libuser.conf +15 -0
- data/lib/puppet/util/libuser.rb +13 -0
- data/lib/puppet/util/limits.rb +14 -0
- data/lib/puppet/util/lockfile.rb +66 -0
- data/lib/puppet/util/log/destination.rb +50 -0
- data/lib/puppet/util/log/destinations.rb +253 -0
- data/lib/puppet/util/log.rb +436 -0
- data/lib/puppet/util/logging.rb +304 -0
- data/lib/puppet/util/metaid.rb +22 -0
- data/lib/puppet/util/metric.rb +68 -0
- data/lib/puppet/util/monkey_patches.rb +114 -0
- data/lib/puppet/util/multi_match.rb +55 -0
- data/lib/puppet/util/network_device/base.rb +24 -0
- data/lib/puppet/util/network_device/config.rb +105 -0
- data/lib/puppet/util/network_device/transport/base.rb +26 -0
- data/lib/puppet/util/network_device/transport.rb +7 -0
- data/lib/puppet/util/network_device.rb +19 -0
- data/lib/puppet/util/package/version/debian.rb +177 -0
- data/lib/puppet/util/package/version/gem.rb +18 -0
- data/lib/puppet/util/package/version/pip.rb +173 -0
- data/lib/puppet/util/package/version/range/eq.rb +17 -0
- data/lib/puppet/util/package/version/range/gt.rb +17 -0
- data/lib/puppet/util/package/version/range/gt_eq.rb +17 -0
- data/lib/puppet/util/package/version/range/lt.rb +17 -0
- data/lib/puppet/util/package/version/range/lt_eq.rb +17 -0
- data/lib/puppet/util/package/version/range/min_max.rb +26 -0
- data/lib/puppet/util/package/version/range/simple.rb +13 -0
- data/lib/puppet/util/package/version/range.rb +57 -0
- data/lib/puppet/util/package/version/rpm.rb +75 -0
- data/lib/puppet/util/package.rb +43 -0
- data/lib/puppet/util/pidlock.rb +103 -0
- data/lib/puppet/util/platform.rb +72 -0
- data/lib/puppet/util/plist.rb +161 -0
- data/lib/puppet/util/posix.rb +206 -0
- data/lib/puppet/util/profiler/aggregate.rb +82 -0
- data/lib/puppet/util/profiler/around_profiler.rb +68 -0
- data/lib/puppet/util/profiler/logging.rb +50 -0
- data/lib/puppet/util/profiler/object_counts.rb +19 -0
- data/lib/puppet/util/profiler/wall_clock.rb +36 -0
- data/lib/puppet/util/profiler.rb +55 -0
- data/lib/puppet/util/provider_features.rb +183 -0
- data/lib/puppet/util/psych_support.rb +32 -0
- data/lib/puppet/util/rdoc/code_objects.rb +293 -0
- data/lib/puppet/util/rdoc/generators/puppet_generator.rb +902 -0
- data/lib/puppet/util/rdoc/generators/template/puppet/puppet.rb +1068 -0
- data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +262 -0
- data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc2.rb +16 -0
- data/lib/puppet/util/rdoc/parser.rb +14 -0
- data/lib/puppet/util/rdoc.rb +54 -0
- data/lib/puppet/util/reference.rb +94 -0
- data/lib/puppet/util/resource_template.rb +63 -0
- data/lib/puppet/util/retry_action.rb +47 -0
- data/lib/puppet/util/rpm_compare.rb +196 -0
- data/lib/puppet/util/rubygems.rb +67 -0
- data/lib/puppet/util/run_mode.rb +164 -0
- data/lib/puppet/util/selinux.rb +331 -0
- data/lib/puppet/util/skip_tags.rb +15 -0
- data/lib/puppet/util/splayer.rb +20 -0
- data/lib/puppet/util/storage.rb +100 -0
- data/lib/puppet/util/suidmanager.rb +167 -0
- data/lib/puppet/util/symbolic_file_mode.rb +156 -0
- data/lib/puppet/util/tag_set.rb +29 -0
- data/lib/puppet/util/tagging.rb +131 -0
- data/lib/puppet/util/terminal.rb +18 -0
- data/lib/puppet/util/user_attr.rb +23 -0
- data/lib/puppet/util/warnings.rb +35 -0
- data/lib/puppet/util/watched_file.rb +40 -0
- data/lib/puppet/util/watcher/change_watcher.rb +35 -0
- data/lib/puppet/util/watcher/periodic_watcher.rb +38 -0
- data/lib/puppet/util/watcher/timer.rb +21 -0
- data/lib/puppet/util/watcher.rb +17 -0
- data/lib/puppet/util/windows/access_control_entry.rb +86 -0
- data/lib/puppet/util/windows/access_control_list.rb +116 -0
- data/lib/puppet/util/windows/adsi.rb +662 -0
- data/lib/puppet/util/windows/com.rb +228 -0
- data/lib/puppet/util/windows/daemon.rb +340 -0
- data/lib/puppet/util/windows/error.rb +86 -0
- data/lib/puppet/util/windows/eventlog.rb +191 -0
- data/lib/puppet/util/windows/file.rb +359 -0
- data/lib/puppet/util/windows/monkey_patches/process.rb +413 -0
- data/lib/puppet/util/windows/principal.rb +204 -0
- data/lib/puppet/util/windows/process.rb +360 -0
- data/lib/puppet/util/windows/registry.rb +443 -0
- data/lib/puppet/util/windows/root_certs.rb +110 -0
- data/lib/puppet/util/windows/security.rb +909 -0
- data/lib/puppet/util/windows/security_descriptor.rb +64 -0
- data/lib/puppet/util/windows/service.rb +708 -0
- data/lib/puppet/util/windows/sid.rb +291 -0
- data/lib/puppet/util/windows/string.rb +17 -0
- data/lib/puppet/util/windows/user.rb +551 -0
- data/lib/puppet/util/windows.rb +58 -0
- data/lib/puppet/util/yaml.rb +67 -0
- data/lib/puppet/util.rb +759 -0
- data/lib/puppet/vendor/require_vendored.rb +4 -0
- data/lib/puppet/vendor.rb +59 -0
- data/lib/puppet/version.rb +98 -0
- data/lib/puppet/x509/cert_provider.rb +405 -0
- data/lib/puppet/x509/pem_store.rb +57 -0
- data/lib/puppet/x509.rb +13 -0
- data/lib/puppet.rb +348 -0
- data/lib/puppet_pal.rb +10 -0
- data/lib/puppet_x.rb +16 -0
- data/locales/config.yaml +29 -0
- data/locales/en/puppet.po +19 -0
- data/locales/puppet.pot +9738 -0
- data/man/man5/puppet.conf.5 +1407 -0
- data/man/man8/puppet-agent.8 +135 -0
- data/man/man8/puppet-apply.8 +67 -0
- data/man/man8/puppet-catalog.8 +194 -0
- data/man/man8/puppet-config.8 +103 -0
- data/man/man8/puppet-describe.8 +35 -0
- data/man/man8/puppet-device.8 +83 -0
- data/man/man8/puppet-doc.8 +30 -0
- data/man/man8/puppet-epp.8 +232 -0
- data/man/man8/puppet-facts.8 +156 -0
- data/man/man8/puppet-filebucket.8 +134 -0
- data/man/man8/puppet-generate.8 +54 -0
- data/man/man8/puppet-help.8 +46 -0
- data/man/man8/puppet-lookup.8 +71 -0
- data/man/man8/puppet-module.8 +220 -0
- data/man/man8/puppet-node.8 +142 -0
- data/man/man8/puppet-parser.8 +87 -0
- data/man/man8/puppet-plugin.8 +50 -0
- data/man/man8/puppet-report.8 +84 -0
- data/man/man8/puppet-resource.8 +63 -0
- data/man/man8/puppet-script.8 +48 -0
- data/man/man8/puppet-ssl.8 +45 -0
- data/man/man8/puppet.8 +98 -0
- data/tasks/tag.rake +34 -0
- metadata +1336 -0
@@ -0,0 +1,605 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require_relative '../../puppet/ssl'
|
4
|
+
require_relative '../../puppet/util/pidlock'
|
5
|
+
|
6
|
+
# This class implements a state machine for bootstrapping a host's CA and CRL
|
7
|
+
# bundles, private key and signed client certificate. Each state has a frozen
|
8
|
+
# SSLContext that it uses to make network connections. If a state makes progress
|
9
|
+
# bootstrapping the host, then the state will generate a new frozen SSLContext
|
10
|
+
# and pass that to the next state. For example, the NeedCACerts state will load
|
11
|
+
# or download a CA bundle, and generate a new SSLContext containing those CA
|
12
|
+
# certs. This way we're sure about which SSLContext is being used during any
|
13
|
+
# phase of the bootstrapping process.
|
14
|
+
#
|
15
|
+
# @api private
|
16
|
+
class Puppet::SSL::StateMachine
|
17
|
+
class SSLState
|
18
|
+
attr_reader :ssl_context
|
19
|
+
|
20
|
+
def initialize(machine, ssl_context)
|
21
|
+
@machine = machine
|
22
|
+
@ssl_context = ssl_context
|
23
|
+
@cert_provider = machine.cert_provider
|
24
|
+
@ssl_provider = machine.ssl_provider
|
25
|
+
end
|
26
|
+
|
27
|
+
def to_error(message, cause)
|
28
|
+
detail = Puppet::Error.new(message)
|
29
|
+
detail.set_backtrace(cause.backtrace)
|
30
|
+
Error.new(@machine, message, detail)
|
31
|
+
end
|
32
|
+
|
33
|
+
def log_error(message)
|
34
|
+
# When running daemonized we set stdout to /dev/null, so write to the log instead
|
35
|
+
if Puppet[:daemonize]
|
36
|
+
Puppet.err(message)
|
37
|
+
else
|
38
|
+
$stdout.puts(message)
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
# Load existing CA certs or download them. Transition to NeedCRLs.
|
44
|
+
#
|
45
|
+
class NeedCACerts < SSLState
|
46
|
+
def initialize(machine)
|
47
|
+
super(machine, nil)
|
48
|
+
@ssl_context = @ssl_provider.create_insecure_context
|
49
|
+
end
|
50
|
+
|
51
|
+
def next_state
|
52
|
+
Puppet.debug("Loading CA certs")
|
53
|
+
|
54
|
+
force_crl_refresh = false
|
55
|
+
|
56
|
+
cacerts = @cert_provider.load_cacerts
|
57
|
+
if cacerts
|
58
|
+
next_ctx = @ssl_provider.create_root_context(cacerts: cacerts, revocation: false)
|
59
|
+
|
60
|
+
now = Time.now
|
61
|
+
last_update = @cert_provider.ca_last_update
|
62
|
+
if needs_refresh?(now, last_update)
|
63
|
+
# If we refresh the CA, then we need to force the CRL to be refreshed too,
|
64
|
+
# since if there is a new CA in the chain, then we need its CRL to check
|
65
|
+
# the full chain for revocation status.
|
66
|
+
next_ctx, force_crl_refresh = refresh_ca(next_ctx, last_update)
|
67
|
+
end
|
68
|
+
else
|
69
|
+
route = @machine.session.route_to(:ca, ssl_context: @ssl_context)
|
70
|
+
_, pem = route.get_certificate(Puppet::SSL::CA_NAME, ssl_context: @ssl_context)
|
71
|
+
if @machine.ca_fingerprint
|
72
|
+
actual_digest = @machine.digest_as_hex(pem)
|
73
|
+
expected_digest = @machine.ca_fingerprint.scan(/../).join(':').upcase
|
74
|
+
if actual_digest == expected_digest
|
75
|
+
Puppet.info(_("Verified CA bundle with digest (%{digest_type}) %{actual_digest}") %
|
76
|
+
{ digest_type: @machine.digest, actual_digest: actual_digest })
|
77
|
+
else
|
78
|
+
e = Puppet::Error.new(_("CA bundle with digest (%{digest_type}) %{actual_digest} did not match expected digest %{expected_digest}") % { digest_type: @machine.digest, actual_digest: actual_digest, expected_digest: expected_digest })
|
79
|
+
return Error.new(@machine, e.message, e)
|
80
|
+
end
|
81
|
+
end
|
82
|
+
|
83
|
+
cacerts = @cert_provider.load_cacerts_from_pem(pem)
|
84
|
+
# verify cacerts before saving
|
85
|
+
next_ctx = @ssl_provider.create_root_context(cacerts: cacerts, revocation: false)
|
86
|
+
@cert_provider.save_cacerts(cacerts)
|
87
|
+
end
|
88
|
+
|
89
|
+
NeedCRLs.new(@machine, next_ctx, force_crl_refresh)
|
90
|
+
rescue OpenSSL::X509::CertificateError => e
|
91
|
+
Error.new(@machine, e.message, e)
|
92
|
+
rescue Puppet::HTTP::ResponseError => e
|
93
|
+
if e.response.code == 404
|
94
|
+
to_error(_('CA certificate is missing from the server'), e)
|
95
|
+
else
|
96
|
+
to_error(_('Could not download CA certificate: %{message}') % { message: e.message }, e)
|
97
|
+
end
|
98
|
+
end
|
99
|
+
|
100
|
+
private
|
101
|
+
|
102
|
+
def needs_refresh?(now, last_update)
|
103
|
+
return true if last_update.nil?
|
104
|
+
|
105
|
+
ca_ttl = Puppet[:ca_refresh_interval]
|
106
|
+
return false unless ca_ttl
|
107
|
+
|
108
|
+
now.to_i > last_update.to_i + ca_ttl
|
109
|
+
end
|
110
|
+
|
111
|
+
def refresh_ca(ssl_ctx, last_update)
|
112
|
+
Puppet.info(_("Refreshing CA certificate"))
|
113
|
+
|
114
|
+
# return the next_ctx containing the updated ca
|
115
|
+
next_ctx = [download_ca(ssl_ctx, last_update), true]
|
116
|
+
|
117
|
+
# After a successful refresh, update ca_last_update
|
118
|
+
@cert_provider.ca_last_update = Time.now
|
119
|
+
|
120
|
+
next_ctx
|
121
|
+
rescue Puppet::HTTP::ResponseError => e
|
122
|
+
if e.response.code == 304
|
123
|
+
Puppet.info(_("CA certificate is unmodified, using existing CA certificate"))
|
124
|
+
else
|
125
|
+
Puppet.info(_("Failed to refresh CA certificate, using existing CA certificate: %{message}") % { message: e.message })
|
126
|
+
end
|
127
|
+
|
128
|
+
# return the original ssl_ctx
|
129
|
+
[ssl_ctx, false]
|
130
|
+
rescue Puppet::HTTP::HTTPError => e
|
131
|
+
Puppet.warning(_("Failed to refresh CA certificate, using existing CA certificate: %{message}") % { message: e.message })
|
132
|
+
|
133
|
+
# return the original ssl_ctx
|
134
|
+
[ssl_ctx, false]
|
135
|
+
end
|
136
|
+
|
137
|
+
def download_ca(ssl_ctx, last_update)
|
138
|
+
route = @machine.session.route_to(:ca, ssl_context: ssl_ctx)
|
139
|
+
_, pem = route.get_certificate(Puppet::SSL::CA_NAME, if_modified_since: last_update, ssl_context: ssl_ctx)
|
140
|
+
cacerts = @cert_provider.load_cacerts_from_pem(pem)
|
141
|
+
# verify cacerts before saving
|
142
|
+
next_ctx = @ssl_provider.create_root_context(cacerts: cacerts, revocation: false)
|
143
|
+
@cert_provider.save_cacerts(cacerts)
|
144
|
+
|
145
|
+
Puppet.info("Refreshed CA certificate: #{@machine.digest_as_hex(pem)}")
|
146
|
+
|
147
|
+
next_ctx
|
148
|
+
end
|
149
|
+
end
|
150
|
+
|
151
|
+
# If revocation is enabled, load CRLs or download them, using the CA bundle
|
152
|
+
# from the previous state. Transition to NeedKey. Even if Puppet[:certificate_revocation]
|
153
|
+
# is leaf or chain, disable revocation when downloading the CRL, since 1) we may
|
154
|
+
# not have one yet or 2) the connection will fail if NeedCACerts downloaded a new CA
|
155
|
+
# for which we don't have a CRL
|
156
|
+
#
|
157
|
+
class NeedCRLs < SSLState
|
158
|
+
attr_reader :force_crl_refresh
|
159
|
+
|
160
|
+
def initialize(machine, ssl_context, force_crl_refresh = false)
|
161
|
+
super(machine, ssl_context)
|
162
|
+
@force_crl_refresh = force_crl_refresh
|
163
|
+
end
|
164
|
+
|
165
|
+
def next_state
|
166
|
+
Puppet.debug("Loading CRLs")
|
167
|
+
|
168
|
+
case Puppet[:certificate_revocation]
|
169
|
+
when :chain, :leaf
|
170
|
+
crls = @cert_provider.load_crls
|
171
|
+
if crls
|
172
|
+
next_ctx = @ssl_provider.create_root_context(cacerts: ssl_context[:cacerts], crls: crls)
|
173
|
+
|
174
|
+
now = Time.now
|
175
|
+
last_update = @cert_provider.crl_last_update
|
176
|
+
if needs_refresh?(now, last_update)
|
177
|
+
next_ctx = refresh_crl(next_ctx, last_update)
|
178
|
+
end
|
179
|
+
else
|
180
|
+
next_ctx = download_crl(@ssl_context, nil)
|
181
|
+
end
|
182
|
+
else
|
183
|
+
Puppet.info("Certificate revocation is disabled, skipping CRL download")
|
184
|
+
next_ctx = @ssl_provider.create_root_context(cacerts: ssl_context[:cacerts], crls: [])
|
185
|
+
end
|
186
|
+
|
187
|
+
NeedKey.new(@machine, next_ctx)
|
188
|
+
rescue OpenSSL::X509::CRLError => e
|
189
|
+
Error.new(@machine, e.message, e)
|
190
|
+
rescue Puppet::HTTP::ResponseError => e
|
191
|
+
if e.response.code == 404
|
192
|
+
to_error(_('CRL is missing from the server'), e)
|
193
|
+
else
|
194
|
+
to_error(_('Could not download CRLs: %{message}') % { message: e.message }, e)
|
195
|
+
end
|
196
|
+
end
|
197
|
+
|
198
|
+
private
|
199
|
+
|
200
|
+
def needs_refresh?(now, last_update)
|
201
|
+
return true if @force_crl_refresh || last_update.nil?
|
202
|
+
|
203
|
+
crl_ttl = Puppet[:crl_refresh_interval]
|
204
|
+
return false unless crl_ttl
|
205
|
+
|
206
|
+
now.to_i > last_update.to_i + crl_ttl
|
207
|
+
end
|
208
|
+
|
209
|
+
def refresh_crl(ssl_ctx, last_update)
|
210
|
+
Puppet.info(_("Refreshing CRL"))
|
211
|
+
|
212
|
+
# return the next_ctx containing the updated crl
|
213
|
+
next_ctx = download_crl(ssl_ctx, last_update)
|
214
|
+
|
215
|
+
# After a successful refresh, update crl_last_update
|
216
|
+
@cert_provider.crl_last_update = Time.now
|
217
|
+
|
218
|
+
next_ctx
|
219
|
+
rescue Puppet::HTTP::ResponseError => e
|
220
|
+
if e.response.code == 304
|
221
|
+
Puppet.info(_("CRL is unmodified, using existing CRL"))
|
222
|
+
else
|
223
|
+
Puppet.info(_("Failed to refresh CRL, using existing CRL: %{message}") % { message: e.message })
|
224
|
+
end
|
225
|
+
|
226
|
+
# return the original ssl_ctx
|
227
|
+
ssl_ctx
|
228
|
+
rescue Puppet::HTTP::HTTPError => e
|
229
|
+
Puppet.warning(_("Failed to refresh CRL, using existing CRL: %{message}") % { message: e.message })
|
230
|
+
|
231
|
+
# return the original ssl_ctx
|
232
|
+
ssl_ctx
|
233
|
+
end
|
234
|
+
|
235
|
+
def download_crl(ssl_ctx, last_update)
|
236
|
+
route = @machine.session.route_to(:ca, ssl_context: ssl_ctx)
|
237
|
+
_, pem = route.get_certificate_revocation_list(if_modified_since: last_update, ssl_context: ssl_ctx)
|
238
|
+
crls = @cert_provider.load_crls_from_pem(pem)
|
239
|
+
# verify crls before saving
|
240
|
+
next_ctx = @ssl_provider.create_root_context(cacerts: ssl_ctx[:cacerts], crls: crls)
|
241
|
+
@cert_provider.save_crls(crls)
|
242
|
+
|
243
|
+
Puppet.info("Refreshed CRL: #{@machine.digest_as_hex(pem)}")
|
244
|
+
|
245
|
+
next_ctx
|
246
|
+
end
|
247
|
+
end
|
248
|
+
|
249
|
+
# Load or generate a private key. If the key exists, try to load the client cert
|
250
|
+
# and transition to Done. If the cert is mismatched or otherwise fails valiation,
|
251
|
+
# raise an error. If the key doesn't exist yet, generate one, and save it. If the
|
252
|
+
# cert doesn't exist yet, transition to NeedSubmitCSR.
|
253
|
+
#
|
254
|
+
class NeedKey < SSLState
|
255
|
+
def next_state
|
256
|
+
Puppet.debug(_("Loading/generating private key"))
|
257
|
+
|
258
|
+
password = @cert_provider.load_private_key_password
|
259
|
+
key = @cert_provider.load_private_key(Puppet[:certname], password: password)
|
260
|
+
if key
|
261
|
+
cert = @cert_provider.load_client_cert(Puppet[:certname])
|
262
|
+
if cert
|
263
|
+
next_ctx = @ssl_provider.create_context(
|
264
|
+
cacerts: @ssl_context.cacerts, crls: @ssl_context.crls, private_key: key, client_cert: cert
|
265
|
+
)
|
266
|
+
if needs_refresh?(cert)
|
267
|
+
return NeedRenewedCert.new(@machine, next_ctx, key)
|
268
|
+
else
|
269
|
+
return Done.new(@machine, next_ctx)
|
270
|
+
end
|
271
|
+
end
|
272
|
+
else
|
273
|
+
if Puppet[:key_type] == 'ec'
|
274
|
+
Puppet.info _("Creating a new EC SSL key for %{name} using curve %{curve}") % { name: Puppet[:certname], curve: Puppet[:named_curve] }
|
275
|
+
key = OpenSSL::PKey::EC.generate(Puppet[:named_curve])
|
276
|
+
else
|
277
|
+
Puppet.info _("Creating a new RSA SSL key for %{name}") % { name: Puppet[:certname] }
|
278
|
+
key = OpenSSL::PKey::RSA.new(Puppet[:keylength].to_i)
|
279
|
+
end
|
280
|
+
|
281
|
+
@cert_provider.save_private_key(Puppet[:certname], key, password: password)
|
282
|
+
end
|
283
|
+
|
284
|
+
NeedSubmitCSR.new(@machine, @ssl_context, key)
|
285
|
+
end
|
286
|
+
|
287
|
+
private
|
288
|
+
|
289
|
+
def needs_refresh?(cert)
|
290
|
+
cert_ttl = Puppet[:hostcert_renewal_interval]
|
291
|
+
return false unless cert_ttl
|
292
|
+
|
293
|
+
Time.now.to_i >= (cert.not_after.to_i - cert_ttl)
|
294
|
+
end
|
295
|
+
end
|
296
|
+
|
297
|
+
# Base class for states with a private key.
|
298
|
+
#
|
299
|
+
class KeySSLState < SSLState
|
300
|
+
attr_reader :private_key
|
301
|
+
|
302
|
+
def initialize(machine, ssl_context, private_key)
|
303
|
+
super(machine, ssl_context)
|
304
|
+
@private_key = private_key
|
305
|
+
end
|
306
|
+
end
|
307
|
+
|
308
|
+
# Generate and submit a CSR using the CA cert bundle and optional CRL bundle
|
309
|
+
# from earlier states. If the request is submitted, proceed to NeedCert,
|
310
|
+
# otherwise Wait. This could be due to the server already having a CSR
|
311
|
+
# for this host (either the same or different CSR content), having a
|
312
|
+
# signed certificate, or a revoked certificate.
|
313
|
+
#
|
314
|
+
class NeedSubmitCSR < KeySSLState
|
315
|
+
def next_state
|
316
|
+
Puppet.debug(_("Generating and submitting a CSR"))
|
317
|
+
|
318
|
+
csr = @cert_provider.create_request(Puppet[:certname], @private_key)
|
319
|
+
route = @machine.session.route_to(:ca, ssl_context: @ssl_context)
|
320
|
+
route.put_certificate_request(Puppet[:certname], csr, ssl_context: @ssl_context)
|
321
|
+
@cert_provider.save_request(Puppet[:certname], csr)
|
322
|
+
NeedCert.new(@machine, @ssl_context, @private_key)
|
323
|
+
rescue Puppet::HTTP::ResponseError => e
|
324
|
+
if e.response.code == 400
|
325
|
+
NeedCert.new(@machine, @ssl_context, @private_key)
|
326
|
+
else
|
327
|
+
to_error(_("Failed to submit the CSR, HTTP response was %{code}") % { code: e.response.code }, e)
|
328
|
+
end
|
329
|
+
end
|
330
|
+
end
|
331
|
+
|
332
|
+
# Attempt to load or retrieve our signed cert.
|
333
|
+
#
|
334
|
+
class NeedCert < KeySSLState
|
335
|
+
def next_state
|
336
|
+
Puppet.debug(_("Downloading client certificate"))
|
337
|
+
|
338
|
+
route = @machine.session.route_to(:ca, ssl_context: @ssl_context)
|
339
|
+
cert = OpenSSL::X509::Certificate.new(
|
340
|
+
route.get_certificate(Puppet[:certname], ssl_context: @ssl_context)[1]
|
341
|
+
)
|
342
|
+
Puppet.info _("Downloaded certificate for %{name} from %{url}") % { name: Puppet[:certname], url: route.url }
|
343
|
+
# verify client cert before saving
|
344
|
+
next_ctx = @ssl_provider.create_context(
|
345
|
+
cacerts: @ssl_context.cacerts, crls: @ssl_context.crls, private_key: @private_key, client_cert: cert
|
346
|
+
)
|
347
|
+
@cert_provider.save_client_cert(Puppet[:certname], cert)
|
348
|
+
@cert_provider.delete_request(Puppet[:certname])
|
349
|
+
Done.new(@machine, next_ctx)
|
350
|
+
rescue Puppet::SSL::SSLError => e
|
351
|
+
Error.new(@machine, e.message, e)
|
352
|
+
rescue OpenSSL::X509::CertificateError => e
|
353
|
+
Error.new(@machine, _("Failed to parse certificate: %{message}") % { message: e.message }, e)
|
354
|
+
rescue Puppet::HTTP::ResponseError => e
|
355
|
+
if e.response.code == 404
|
356
|
+
Puppet.info(_("Certificate for %{certname} has not been signed yet") % { certname: Puppet[:certname] })
|
357
|
+
$stdout.puts _("Couldn't fetch certificate from CA server; you might still need to sign this agent's certificate (%{name}).") % { name: Puppet[:certname] }
|
358
|
+
Wait.new(@machine)
|
359
|
+
else
|
360
|
+
to_error(_("Failed to retrieve certificate for %{certname}: %{message}") %
|
361
|
+
{ certname: Puppet[:certname], message: e.message }, e)
|
362
|
+
end
|
363
|
+
end
|
364
|
+
end
|
365
|
+
|
366
|
+
# Class to renew a client/host certificate automatically.
|
367
|
+
#
|
368
|
+
class NeedRenewedCert < KeySSLState
|
369
|
+
def next_state
|
370
|
+
Puppet.debug(_("Renewing client certificate"))
|
371
|
+
|
372
|
+
route = @machine.session.route_to(:ca, ssl_context: @ssl_context)
|
373
|
+
cert = OpenSSL::X509::Certificate.new(
|
374
|
+
route.post_certificate_renewal(@ssl_context)[1]
|
375
|
+
)
|
376
|
+
|
377
|
+
# verify client cert before saving
|
378
|
+
next_ctx = @ssl_provider.create_context(
|
379
|
+
cacerts: @ssl_context.cacerts, crls: @ssl_context.crls, private_key: @private_key, client_cert: cert
|
380
|
+
)
|
381
|
+
@cert_provider.save_client_cert(Puppet[:certname], cert)
|
382
|
+
|
383
|
+
Puppet.info(_("Renewed client certificate: %{cert_digest}, not before '%{not_before}', not after '%{not_after}'") % { cert_digest: @machine.digest_as_hex(cert.to_pem), not_before: cert.not_before, not_after: cert.not_after })
|
384
|
+
|
385
|
+
Done.new(@machine, next_ctx)
|
386
|
+
rescue Puppet::HTTP::ResponseError => e
|
387
|
+
if e.response.code == 404
|
388
|
+
Puppet.info(_("Certificate autorenewal has not been enabled on the server."))
|
389
|
+
else
|
390
|
+
Puppet.warning(_("Failed to automatically renew certificate: %{code} %{reason}") % { code: e.response.code, reason: e.response.reason })
|
391
|
+
end
|
392
|
+
Done.new(@machine, @ssl_context)
|
393
|
+
rescue => e
|
394
|
+
Puppet.warning(_("Unable to automatically renew certificate: %{message}") % { message: e.message })
|
395
|
+
Done.new(@machine, @ssl_context)
|
396
|
+
end
|
397
|
+
end
|
398
|
+
|
399
|
+
# We cannot make progress, so wait if allowed to do so, or exit.
|
400
|
+
#
|
401
|
+
class Wait < SSLState
|
402
|
+
def initialize(machine)
|
403
|
+
super(machine, nil)
|
404
|
+
end
|
405
|
+
|
406
|
+
def next_state
|
407
|
+
time = @machine.waitforcert
|
408
|
+
if time < 1
|
409
|
+
log_error(_("Exiting now because the waitforcert setting is set to 0."))
|
410
|
+
exit(1)
|
411
|
+
elsif Time.now.to_i > @machine.wait_deadline
|
412
|
+
log_error(_("Couldn't fetch certificate from CA server; you might still need to sign this agent's certificate (%{name}). Exiting now because the maxwaitforcert timeout has been exceeded.") % { name: Puppet[:certname] })
|
413
|
+
exit(1)
|
414
|
+
else
|
415
|
+
Puppet.info(_("Will try again in %{time} seconds.") % { time: time })
|
416
|
+
|
417
|
+
# close http/tls and session state before sleeping
|
418
|
+
Puppet.runtime[:http].close
|
419
|
+
@machine.session = Puppet.runtime[:http].create_session
|
420
|
+
|
421
|
+
@machine.unlock
|
422
|
+
Kernel.sleep(time)
|
423
|
+
NeedLock.new(@machine)
|
424
|
+
end
|
425
|
+
end
|
426
|
+
end
|
427
|
+
|
428
|
+
# Acquire the ssl lock or return LockFailure causing us to exit.
|
429
|
+
#
|
430
|
+
class NeedLock < SSLState
|
431
|
+
def initialize(machine)
|
432
|
+
super(machine, nil)
|
433
|
+
end
|
434
|
+
|
435
|
+
def next_state
|
436
|
+
if @machine.lock
|
437
|
+
# our ssl directory may have been cleaned while we were
|
438
|
+
# sleeping, start over from the top
|
439
|
+
NeedCACerts.new(@machine)
|
440
|
+
elsif @machine.waitforlock < 1
|
441
|
+
LockFailure.new(@machine, _("Another puppet instance is already running and the waitforlock setting is set to 0; exiting"))
|
442
|
+
elsif Time.now.to_i >= @machine.waitlock_deadline
|
443
|
+
LockFailure.new(@machine, _("Another puppet instance is already running and the maxwaitforlock timeout has been exceeded; exiting"))
|
444
|
+
else
|
445
|
+
Puppet.info _("Another puppet instance is already running; waiting for it to finish")
|
446
|
+
Puppet.info _("Will try again in %{time} seconds.") % { time: @machine.waitforlock }
|
447
|
+
Kernel.sleep @machine.waitforlock
|
448
|
+
|
449
|
+
# try again
|
450
|
+
self
|
451
|
+
end
|
452
|
+
end
|
453
|
+
end
|
454
|
+
|
455
|
+
# We failed to acquire the lock, so exit
|
456
|
+
#
|
457
|
+
class LockFailure < SSLState
|
458
|
+
attr_reader :message
|
459
|
+
|
460
|
+
def initialize(machine, message)
|
461
|
+
super(machine, nil)
|
462
|
+
@message = message
|
463
|
+
end
|
464
|
+
end
|
465
|
+
|
466
|
+
# We cannot make progress due to an error.
|
467
|
+
#
|
468
|
+
class Error < SSLState
|
469
|
+
attr_reader :message, :error
|
470
|
+
|
471
|
+
def initialize(machine, message, error)
|
472
|
+
super(machine, nil)
|
473
|
+
@message = message
|
474
|
+
@error = error
|
475
|
+
end
|
476
|
+
|
477
|
+
def next_state
|
478
|
+
Puppet.log_exception(@error, @message)
|
479
|
+
Wait.new(@machine)
|
480
|
+
end
|
481
|
+
end
|
482
|
+
|
483
|
+
# We have a CA bundle, optional CRL bundle, a private key and matching cert
|
484
|
+
# that chains to one of the root certs in our bundle.
|
485
|
+
#
|
486
|
+
class Done < SSLState; end
|
487
|
+
|
488
|
+
attr_reader :waitforcert, :wait_deadline, :waitforlock, :waitlock_deadline, :cert_provider, :ssl_provider, :ca_fingerprint, :digest
|
489
|
+
attr_accessor :session
|
490
|
+
|
491
|
+
# Construct a state machine to manage the SSL initialization process. By
|
492
|
+
# default, if the state machine encounters an exception, it will log the
|
493
|
+
# exception and wait for `waitforcert` seconds and retry, restarting from the
|
494
|
+
# beginning of the state machine.
|
495
|
+
#
|
496
|
+
# However, if `onetime` is true, then the state machine will raise the first
|
497
|
+
# error it encounters, instead of waiting. Otherwise, if `waitforcert` is 0,
|
498
|
+
# then then state machine will exit instead of wait.
|
499
|
+
#
|
500
|
+
# @param waitforcert [Integer] how many seconds to wait between attempts
|
501
|
+
# @param maxwaitforcert [Integer] maximum amount of seconds to wait for the
|
502
|
+
# server to sign the certificate request
|
503
|
+
# @param waitforlock [Integer] how many seconds to wait between attempts for
|
504
|
+
# acquiring the ssl lock
|
505
|
+
# @param maxwaitforlock [Integer] maximum amount of seconds to wait for an
|
506
|
+
# already running process to release the ssl lock
|
507
|
+
# @param onetime [Boolean] whether to run onetime
|
508
|
+
# @param lockfile [Puppet::Util::Pidlock] lockfile to protect against
|
509
|
+
# concurrent modification by multiple processes
|
510
|
+
# @param cert_provider [Puppet::X509::CertProvider] cert provider to use
|
511
|
+
# to load and save X509 objects.
|
512
|
+
# @param ssl_provider [Puppet::SSL::SSLProvider] ssl provider to use
|
513
|
+
# to construct ssl contexts.
|
514
|
+
# @param digest [String] digest algorithm to use for certificate fingerprinting
|
515
|
+
# @param ca_fingerprint [String] optional fingerprint to verify the
|
516
|
+
# downloaded CA bundle
|
517
|
+
def initialize(waitforcert: Puppet[:waitforcert],
|
518
|
+
maxwaitforcert: Puppet[:maxwaitforcert],
|
519
|
+
waitforlock: Puppet[:waitforlock],
|
520
|
+
maxwaitforlock: Puppet[:maxwaitforlock],
|
521
|
+
onetime: Puppet[:onetime],
|
522
|
+
cert_provider: Puppet::X509::CertProvider.new,
|
523
|
+
ssl_provider: Puppet::SSL::SSLProvider.new,
|
524
|
+
lockfile: Puppet::Util::Pidlock.new(Puppet[:ssl_lockfile]),
|
525
|
+
digest: 'SHA256',
|
526
|
+
ca_fingerprint: Puppet[:ca_fingerprint])
|
527
|
+
@waitforcert = waitforcert
|
528
|
+
@wait_deadline = Time.now.to_i + maxwaitforcert
|
529
|
+
@waitforlock = waitforlock
|
530
|
+
@waitlock_deadline = Time.now.to_i + maxwaitforlock
|
531
|
+
@onetime = onetime
|
532
|
+
@cert_provider = cert_provider
|
533
|
+
@ssl_provider = ssl_provider
|
534
|
+
@lockfile = lockfile
|
535
|
+
@digest = digest
|
536
|
+
@ca_fingerprint = ca_fingerprint
|
537
|
+
@session = Puppet.runtime[:http].create_session
|
538
|
+
end
|
539
|
+
|
540
|
+
# Run the state machine for CA certs and CRLs.
|
541
|
+
#
|
542
|
+
# @return [Puppet::SSL::SSLContext] initialized SSLContext
|
543
|
+
# @raise [Puppet::Error] If we fail to generate an SSLContext
|
544
|
+
# @api private
|
545
|
+
def ensure_ca_certificates
|
546
|
+
final_state = run_machine(NeedLock.new(self), NeedKey)
|
547
|
+
final_state.ssl_context
|
548
|
+
end
|
549
|
+
|
550
|
+
# Run the state machine for client certs.
|
551
|
+
#
|
552
|
+
# @return [Puppet::SSL::SSLContext] initialized SSLContext
|
553
|
+
# @raise [Puppet::Error] If we fail to generate an SSLContext
|
554
|
+
# @api private
|
555
|
+
def ensure_client_certificate
|
556
|
+
final_state = run_machine(NeedLock.new(self), Done)
|
557
|
+
ssl_context = final_state.ssl_context
|
558
|
+
@ssl_provider.print(ssl_context, @digest)
|
559
|
+
ssl_context
|
560
|
+
end
|
561
|
+
|
562
|
+
def lock
|
563
|
+
@lockfile.lock
|
564
|
+
end
|
565
|
+
|
566
|
+
def unlock
|
567
|
+
@lockfile.unlock
|
568
|
+
end
|
569
|
+
|
570
|
+
def digest_as_hex(str)
|
571
|
+
Puppet::SSL::Digest.new(digest, str).to_hex
|
572
|
+
end
|
573
|
+
|
574
|
+
private
|
575
|
+
|
576
|
+
def run_machine(state, stop)
|
577
|
+
loop do
|
578
|
+
state = run_step(state)
|
579
|
+
|
580
|
+
case state
|
581
|
+
when stop
|
582
|
+
break
|
583
|
+
when LockFailure
|
584
|
+
raise Puppet::Error, state.message
|
585
|
+
when Error
|
586
|
+
if @onetime
|
587
|
+
Puppet.log_exception(state.error)
|
588
|
+
raise state.error
|
589
|
+
end
|
590
|
+
else
|
591
|
+
# fall through
|
592
|
+
end
|
593
|
+
end
|
594
|
+
|
595
|
+
state
|
596
|
+
ensure
|
597
|
+
@lockfile.unlock if @lockfile.locked?
|
598
|
+
end
|
599
|
+
|
600
|
+
def run_step(state)
|
601
|
+
state.next_state
|
602
|
+
rescue => e
|
603
|
+
state.to_error(e.message, e)
|
604
|
+
end
|
605
|
+
end
|