RubyGems - puppet - Versions diffs - 0.18.4 → 0.22.4 - Mend

puppet 0.18.4 → 0.22.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (673) hide show

data/CHANGELOG +288 -0
data/README +2 -2
data/Rakefile +78 -5
data/bin/puppet +28 -36
data/bin/puppetca +81 -38
data/bin/puppetd +65 -62
data/bin/puppetdoc +409 -140
data/bin/puppetmasterd +59 -47
data/bin/puppetrun +38 -23
data/conf/freebsd/puppetd +26 -0
data/conf/freebsd/puppetmasterd +26 -0
data/conf/gentoo/conf.d/puppet +5 -0
data/conf/gentoo/conf.d/puppetmaster +12 -0
data/conf/gentoo/init.d/puppet +38 -0
data/conf/gentoo/init.d/puppetmaster +50 -0
data/conf/gentoo/puppet/fileserver.conf +12 -0
data/conf/gentoo/puppet/puppetca.conf +29 -0
data/conf/gentoo/puppet/puppetd.conf +29 -0
data/conf/gentoo/puppet/puppetmasterd.conf +29 -0
data/conf/redhat/client.init +10 -5
data/conf/redhat/client.sysconfig +1 -1
data/conf/redhat/fileserver.conf +2 -2
data/conf/redhat/logrotate +1 -1
data/conf/redhat/no-lockdir.patch +13 -0
data/conf/redhat/puppet.spec +65 -8
data/conf/redhat/puppetd.conf +0 -4
data/conf/redhat/server.init +3 -6
data/conf/solaris/pkginfo +1 -1
data/conf/solaris/smf/svc-puppetd +2 -2
data/conf/suse/client.init +142 -0
data/conf/suse/puppet.spec +221 -0
data/conf/suse/server.init +162 -0
data/examples/code/mac_automount.pp +16 -0
data/examples/root/bin/sleeper +3 -5
data/examples/root/etc/init.d/sleeper +8 -2
data/examples/root/etc/puppet/fileserver.conf +12 -2
data/examples/root/etc/puppet/namespaceauth.conf +20 -0
data/examples/root/etc/puppet/puppetd.conf +4 -0
data/examples/root/etc/puppet/puppetmasterd.conf +6 -9
data/examples/root/etc/puppet/tagmail.conf +1 -0
data/ext/emacs/puppet-mode.el +46 -1
data/ext/logcheck/puppet +15 -0
data/ext/module_puppet +15 -23
data/ext/vim/puppet.vim +4 -2
data/install.rb +2 -1
data/lib/puppet.rb +76 -207
data/lib/puppet/configuration.rb +331 -0
data/lib/puppet/daemon.rb +63 -246
data/lib/puppet/dsl.rb +371 -0
data/lib/puppet/element.rb +8 -26
data/lib/puppet/error.rb +54 -0
data/lib/puppet/event.rb +8 -243
data/lib/puppet/{base64.rb → external/base64.rb} +0 -0
data/lib/puppet/external/event-loop.rb +1 -0
data/lib/puppet/{event-loop → external/event-loop}/better-definers.rb +0 -0
data/lib/puppet/{event-loop → external/event-loop}/event-loop.rb +2 -2
data/lib/puppet/{event-loop → external/event-loop}/signal-system.rb +1 -1
data/lib/puppet/external/gratr.rb +33 -0
data/lib/puppet/external/gratr/adjacency_graph.rb +257 -0
data/lib/puppet/external/gratr/base.rb +34 -0
data/lib/puppet/external/gratr/biconnected.rb +116 -0
data/lib/puppet/external/gratr/chinese_postman.rb +123 -0
data/lib/puppet/external/gratr/common.rb +73 -0
data/lib/puppet/external/gratr/comparability.rb +92 -0
data/lib/puppet/external/gratr/digraph.rb +116 -0
data/lib/puppet/external/gratr/digraph_distance.rb +185 -0
data/lib/puppet/external/gratr/dot.rb +90 -0
data/lib/puppet/external/gratr/edge.rb +145 -0
data/lib/puppet/external/gratr/graph.rb +303 -0
data/lib/puppet/external/gratr/graph_api.rb +83 -0
data/lib/puppet/external/gratr/import.rb +44 -0
data/lib/puppet/external/gratr/labels.rb +90 -0
data/lib/puppet/external/gratr/maximum_flow.rb +64 -0
data/lib/puppet/external/gratr/rdot.rb +327 -0
data/lib/puppet/external/gratr/search.rb +409 -0
data/lib/puppet/external/gratr/strong_components.rb +127 -0
data/lib/puppet/external/gratr/undirected_graph.rb +153 -0
data/lib/puppet/{lock.rb → external/lock.rb} +1 -1
data/lib/puppet/feature/base.rb +20 -0
data/lib/puppet/feature/rails.rb +52 -0
data/lib/puppet/metatype/attributes.rb +719 -0
data/lib/puppet/metatype/closure.rb +111 -0
data/lib/puppet/metatype/container.rb +94 -0
data/lib/puppet/metatype/evaluation.rb +118 -0
data/lib/puppet/metatype/instances.rb +261 -0
data/lib/puppet/metatype/manager.rb +169 -0
data/lib/puppet/metatype/metaparams.rb +409 -0
data/lib/puppet/metatype/providers.rb +260 -0
data/lib/puppet/metatype/relationships.rb +116 -0
data/lib/puppet/metatype/schedules.rb +39 -0
data/lib/puppet/metatype/tags.rb +39 -0
data/lib/puppet/modules.rb +113 -0
data/lib/puppet/network/authconfig.rb +168 -0
data/lib/puppet/network/authorization.rb +84 -0
data/lib/puppet/network/authstore.rb +293 -0
data/lib/puppet/network/client.rb +187 -0
data/lib/puppet/network/client/ca.rb +56 -0
data/lib/puppet/network/client/dipper.rb +81 -0
data/lib/puppet/network/client/file.rb +7 -0
data/lib/puppet/network/client/logger.rb +6 -0
data/lib/puppet/network/client/master.rb +644 -0
data/lib/puppet/{client → network/client}/proxy.rb +3 -3
data/lib/puppet/{client/reporter.rb → network/client/report.rb} +4 -7
data/lib/puppet/{client/pelement.rb → network/client/resource.rb} +6 -19
data/lib/puppet/network/client/runner.rb +13 -0
data/lib/puppet/network/client/status.rb +5 -0
data/lib/puppet/network/client_request.rb +32 -0
data/lib/puppet/network/handler.rb +33 -0
data/lib/puppet/{server → network/handler}/ca.rb +5 -6
data/lib/puppet/network/handler/filebucket.rb +180 -0
data/lib/puppet/{server → network/handler}/fileserver.rb +277 -219
data/lib/puppet/{server → network/handler}/logger.rb +3 -5
data/lib/puppet/{server → network/handler}/master.rb +42 -8
data/lib/puppet/network/handler/report.rb +158 -0
data/lib/puppet/network/handler/resource.rb +190 -0
data/lib/puppet/{server → network/handler}/runner.rb +17 -18
data/lib/puppet/network/handler/status.rb +13 -0
data/lib/puppet/network/rights.rb +74 -0
data/lib/puppet/network/server.rb +5 -0
data/lib/puppet/network/server/mongrel.rb +138 -0
data/lib/puppet/network/server/webrick.rb +153 -0
data/lib/puppet/network/xmlrpc/client.rb +129 -0
data/lib/puppet/network/xmlrpc/processor.rb +91 -0
data/lib/puppet/network/xmlrpc/server.rb +20 -0
data/lib/puppet/network/xmlrpc/webrick_servlet.rb +121 -0
data/lib/puppet/parameter.rb +390 -346
data/lib/puppet/parser/ast.rb +116 -147
data/lib/puppet/parser/ast/astarray.rb +17 -33
data/lib/puppet/parser/ast/branch.rb +2 -0
data/lib/puppet/parser/ast/caseopt.rb +7 -12
data/lib/puppet/parser/ast/casestatement.rb +23 -32
data/lib/puppet/parser/ast/collection.rb +19 -80
data/lib/puppet/parser/ast/collexpr.rb +81 -0
data/lib/puppet/parser/ast/component.rb +160 -89
data/lib/puppet/parser/ast/else.rb +30 -0
data/lib/puppet/parser/ast/function.rb +9 -2
data/lib/puppet/parser/ast/hostclass.rb +47 -131
data/lib/puppet/parser/ast/ifstatement.rb +43 -0
data/lib/puppet/parser/ast/leaf.rb +10 -21
data/lib/puppet/parser/ast/node.rb +32 -79
data/lib/puppet/parser/ast/resourcedef.rb +222 -0
data/lib/puppet/parser/ast/{typedefaults.rb → resourcedefaults.rb} +10 -16
data/lib/puppet/parser/ast/resourceoverride.rb +62 -0
data/lib/puppet/parser/ast/{objectparam.rb → resourceparam.rb} +12 -6
data/lib/puppet/parser/ast/resourceref.rb +44 -0
data/lib/puppet/parser/ast/selector.rb +16 -8
data/lib/puppet/parser/ast/tag.rb +3 -1
data/lib/puppet/parser/ast/vardef.rb +8 -12
data/lib/puppet/parser/collector.rb +181 -0
data/lib/puppet/parser/functions.rb +191 -36
data/lib/puppet/parser/interpreter.rb +802 -380
data/lib/puppet/parser/lexer.rb +86 -19
data/lib/puppet/parser/parser.rb +1123 -960
data/lib/puppet/parser/resource.rb +353 -0
data/lib/puppet/parser/resource/param.rb +57 -0
data/lib/puppet/parser/resource/reference.rb +71 -0
data/lib/puppet/parser/scope.rb +573 -1000
data/lib/puppet/parser/templatewrapper.rb +54 -0
data/lib/puppet/pgraph.rb +208 -0
data/lib/puppet/propertychange.rb +143 -0
data/lib/puppet/provider.rb +302 -0
data/lib/puppet/provider/cron/crontab.rb +187 -0
data/lib/puppet/provider/group/groupadd.rb +29 -0
data/lib/puppet/provider/group/netinfo.rb +12 -0
data/lib/puppet/provider/group/pw.rb +31 -0
data/lib/puppet/provider/host/netinfo.rb +18 -0
data/lib/puppet/provider/host/parsed.rb +73 -0
data/lib/puppet/provider/mount.rb +57 -0
data/lib/puppet/provider/mount/netinfo.rb +38 -0
data/lib/puppet/provider/mount/parsed.rb +37 -0
data/lib/puppet/provider/nameservice.rb +344 -0
data/lib/puppet/provider/nameservice/netinfo.rb +210 -0
data/lib/puppet/provider/nameservice/objectadd.rb +45 -0
data/lib/puppet/provider/nameservice/pw.rb +22 -0
data/lib/puppet/provider/package/apple.rb +53 -0
data/lib/puppet/provider/package/apt.rb +119 -0
data/lib/puppet/provider/package/aptitude.rb +30 -0
data/lib/puppet/provider/package/aptrpm.rb +79 -0
data/lib/puppet/provider/package/blastwave.rb +114 -0
data/lib/puppet/provider/package/darwinport.rb +88 -0
data/lib/puppet/provider/package/dpkg.rb +109 -0
data/lib/puppet/provider/package/freebsd.rb +43 -0
data/lib/puppet/provider/package/gem.rb +104 -0
data/lib/puppet/provider/package/openbsd.rb +93 -0
data/lib/puppet/provider/package/pkgdmg.rb +119 -0
data/lib/puppet/provider/package/portage.rb +112 -0
data/lib/puppet/provider/package/ports.rb +94 -0
data/lib/puppet/provider/package/rpm.rb +125 -0
data/lib/puppet/provider/package/rug.rb +53 -0
data/lib/puppet/provider/package/sun.rb +168 -0
data/lib/puppet/provider/package/sunfreeware.rb +9 -0
data/lib/puppet/provider/package/up2date.rb +45 -0
data/lib/puppet/provider/package/yum.rb +54 -0
data/lib/puppet/provider/parsedfile.rb +342 -0
data/lib/puppet/provider/port/parsed.rb +174 -0
data/lib/puppet/provider/service/base.rb +136 -0
data/lib/puppet/provider/service/debian.rb +32 -0
data/lib/puppet/provider/service/gentoo.rb +49 -0
data/lib/puppet/{type → provider}/service/init.rb +42 -40
data/lib/puppet/provider/service/redhat.rb +59 -0
data/lib/puppet/{type → provider}/service/smf.rb +24 -13
data/lib/puppet/provider/sshkey/parsed.rb +36 -0
data/lib/puppet/provider/user/netinfo.rb +106 -0
data/lib/puppet/provider/user/pw.rb +41 -0
data/lib/puppet/provider/user/useradd.rb +67 -0
data/lib/puppet/provider/zone/solaris.rb +208 -0
data/lib/puppet/rails.rb +102 -66
data/lib/puppet/rails/database/001_add_indexes.rb +38 -0
data/lib/puppet/rails/database/schema.rb +89 -0
data/lib/puppet/rails/external/tagging/acts_as_taggable.rb +62 -0
data/lib/puppet/rails/external/tagging/init.rb +5 -0
data/lib/puppet/rails/external/tagging/tag.rb +50 -0
data/lib/puppet/rails/external/tagging/tagging.rb +12 -0
data/lib/puppet/rails/fact_name.rb +7 -0
data/lib/puppet/rails/fact_value.rb +5 -0
data/lib/puppet/rails/host.rb +95 -46
data/lib/puppet/rails/param_name.rb +28 -0
data/lib/puppet/rails/param_value.rb +5 -0
data/lib/puppet/rails/puppet_class.rb +9 -0
data/lib/puppet/rails/resource.rb +95 -0
data/lib/puppet/rails/source_file.rb +5 -0
data/lib/puppet/relationship.rb +63 -0
data/lib/puppet/reports/log.rb +14 -0
data/lib/puppet/reports/rrdgraph.rb +114 -10
data/lib/puppet/reports/store.rb +64 -0
data/lib/puppet/reports/tagmail.rb +144 -71
data/lib/puppet/sslcertificates.rb +38 -5
data/lib/puppet/sslcertificates/ca.rb +142 -37
data/lib/puppet/sslcertificates/certificate.rb +3 -3
data/lib/puppet/sslcertificates/inventory.rb +53 -0
data/lib/puppet/sslcertificates/support.rb +128 -0
data/lib/puppet/transaction.rb +568 -189
data/lib/puppet/transaction/report.rb +14 -3
data/lib/puppet/transportable.rb +18 -10
data/lib/puppet/type.rb +279 -2299
data/lib/puppet/type/component.rb +63 -63
data/lib/puppet/type/cron.rb +294 -710
data/lib/puppet/type/exec.rb +185 -129
data/lib/puppet/type/group.rb +38 -89
data/lib/puppet/type/host.rb +110 -0
data/lib/puppet/type/mount.rb +189 -0
data/lib/puppet/type/notify.rb +47 -0
data/lib/puppet/type/package.rb +129 -257
data/lib/puppet/type/parsedtype.rb +172 -297
data/lib/puppet/type/pfile.rb +540 -319
data/lib/puppet/type/pfile/checksum.rb +103 -76
data/lib/puppet/type/pfile/content.rb +16 -10
data/lib/puppet/type/pfile/ensure.rb +52 -34
data/lib/puppet/type/pfile/group.rb +25 -18
data/lib/puppet/type/pfile/mode.rb +7 -4
data/lib/puppet/type/pfile/{uid.rb → owner.rb} +21 -17
data/lib/puppet/type/pfile/source.rb +119 -124
data/lib/puppet/type/pfile/target.rb +29 -45
data/lib/puppet/type/pfile/type.rb +2 -2
data/lib/puppet/type/pfilebucket.rb +18 -14
data/lib/puppet/type/port.rb +121 -0
data/lib/puppet/type/property.rb +530 -0
data/lib/puppet/type/resources.rb +150 -0
data/lib/puppet/type/schedule.rb +38 -22
data/lib/puppet/type/service.rb +70 -326
data/lib/puppet/type/sshkey.rb +76 -0
data/lib/puppet/type/tidy.rb +197 -97
data/lib/puppet/type/user.rb +107 -183
data/lib/puppet/type/yumrepo.rb +53 -34
data/lib/puppet/type/zone.rb +55 -208
data/lib/puppet/util.rb +239 -201
data/lib/puppet/util/autoload.rb +107 -0
data/lib/puppet/util/classgen.rb +208 -0
data/lib/puppet/{config.rb → util/config.rb} +102 -54
data/lib/puppet/util/docs.rb +104 -0
data/lib/puppet/util/errors.rb +55 -0
data/lib/puppet/util/execution.rb +22 -0
data/lib/puppet/util/feature.rb +76 -0
data/lib/puppet/util/fileparsing.rb +380 -0
data/lib/puppet/util/filetype.rb +300 -0
data/lib/puppet/util/graph.rb +39 -0
data/lib/puppet/util/inifile.rb +209 -0
data/lib/puppet/util/loadedfile.rb +71 -0
data/lib/puppet/util/log.rb +549 -0
data/lib/puppet/util/logging.rb +20 -0
data/lib/puppet/util/metaid.rb +22 -0
data/lib/puppet/util/methodhelper.rb +37 -0
data/lib/puppet/util/metric.rb +160 -0
data/lib/puppet/util/package.rb +31 -0
data/lib/puppet/util/pidlock.rb +68 -0
data/lib/puppet/util/plist.rb +24 -0
data/lib/puppet/util/plist/generator.rb +226 -0
data/lib/puppet/util/plist/parser.rb +227 -0
data/lib/puppet/util/posix.rb +87 -0
data/lib/puppet/util/provider_features.rb +170 -0
data/lib/puppet/util/rails/collection_merger.rb +42 -0
data/lib/puppet/util/storage.rb +103 -0
data/lib/puppet/util/subclass_loader.rb +83 -0
data/lib/puppet/util/suidmanager.rb +86 -0
data/lib/puppet/util/variables.rb +39 -0
data/lib/puppet/util/warnings.rb +15 -0
data/test/Rakefile +97 -0
data/test/certmgr/ca.rb +81 -0
data/test/certmgr/certmgr.rb +77 -50
data/test/certmgr/inventory.rb +79 -0
data/test/certmgr/support.rb +81 -0
data/test/executables/filebucket.rb +49 -0
data/test/executables/puppetbin.rb +28 -12
data/test/executables/puppetca.rb +75 -54
data/test/executables/puppetd.rb +10 -13
data/test/executables/puppetmasterd.rb +12 -17
data/test/executables/puppetmodule.rb +18 -17
data/test/language/ast.rb +242 -798
data/test/language/ast/casestatement.rb +104 -0
data/test/language/ast/component.rb +133 -0
data/test/language/ast/hostclass.rb +162 -0
data/test/language/ast/selector.rb +62 -0
data/test/language/ast/variable.rb +31 -0
data/test/language/collector.rb +369 -0
data/test/language/functions.rb +305 -18
data/test/language/interpreter.rb +894 -125
data/test/language/lexer.rb +98 -12
data/test/language/node.rb +37 -53
data/test/language/parser.rb +455 -148
data/test/language/resource.rb +535 -0
data/test/language/scope.rb +451 -561
data/test/language/snippets.rb +101 -111
data/test/language/transportable.rb +6 -8
data/test/lib/mocha.rb +19 -0
data/test/lib/mocha/any_instance_method.rb +35 -0
data/test/lib/mocha/auto_verify.rb +113 -0
data/test/lib/mocha/central.rb +35 -0
data/test/lib/mocha/class_method.rb +62 -0
data/test/lib/mocha/expectation.rb +295 -0
data/test/lib/mocha/expectation_error.rb +6 -0
data/test/lib/mocha/infinite_range.rb +27 -0
data/test/lib/mocha/inspect.rb +37 -0
data/test/lib/mocha/instance_method.rb +8 -0
data/test/lib/mocha/metaclass.rb +7 -0
data/test/lib/mocha/mock.rb +20 -0
data/test/lib/mocha/mock_methods.rb +122 -0
data/test/lib/mocha/object.rb +100 -0
data/test/lib/mocha/pretty_parameters.rb +28 -0
data/test/lib/mocha/setup_and_teardown.rb +23 -0
data/test/lib/mocha/standalone.rb +30 -0
data/test/lib/mocha/test_case_adapter.rb +49 -0
data/test/lib/mocha_standalone.rb +2 -0
data/test/lib/puppettest.rb +294 -0
data/test/lib/puppettest/certificates.rb +61 -0
data/test/lib/puppettest/exetest.rb +123 -0
data/test/lib/puppettest/fakes.rb +194 -0
data/test/lib/puppettest/fileparsing.rb +33 -0
data/test/lib/puppettest/filetesting.rb +231 -0
data/test/lib/puppettest/graph.rb +41 -0
data/test/lib/puppettest/parsertesting.rb +392 -0
data/test/lib/puppettest/railstesting.rb +56 -0
data/test/lib/puppettest/reporttesting.rb +19 -0
data/test/lib/puppettest/resourcetesting.rb +73 -0
data/test/lib/puppettest/servertest.rb +72 -0
data/test/lib/puppettest/support.rb +8 -0
data/test/lib/puppettest/support/assertions.rb +101 -0
data/test/lib/puppettest/support/helpers.rb +23 -0
data/test/lib/puppettest/support/resources.rb +37 -0
data/test/lib/puppettest/support/utils.rb +160 -0
data/test/lib/puppettest/testcase.rb +48 -0
data/test/lib/rake/puppet_test_loader.rb +17 -0
data/test/lib/rake/puppet_testtask.rb +17 -0
data/test/lib/spec.rb +8 -0
data/test/lib/spec/callback.rb +11 -0
data/test/lib/spec/callback/callback_container.rb +60 -0
data/test/lib/spec/callback/extensions/module.rb +24 -0
data/test/lib/spec/callback/extensions/object.rb +37 -0
data/test/lib/spec/deprecated.rb +3 -0
data/test/lib/spec/expectations.rb +59 -0
data/test/lib/spec/expectations/differs/default.rb +62 -0
data/test/lib/spec/expectations/errors.rb +6 -0
data/test/lib/spec/expectations/extensions.rb +3 -0
data/test/lib/spec/expectations/extensions/object.rb +109 -0
data/test/lib/spec/expectations/extensions/proc.rb +57 -0
data/test/lib/spec/expectations/extensions/string_and_symbol.rb +17 -0
data/test/lib/spec/expectations/handler.rb +47 -0
data/test/lib/spec/expectations/should.rb +5 -0
data/test/lib/spec/expectations/should/base.rb +64 -0
data/test/lib/spec/expectations/should/change.rb +69 -0
data/test/lib/spec/expectations/should/have.rb +128 -0
data/test/lib/spec/expectations/should/not.rb +74 -0
data/test/lib/spec/expectations/should/should.rb +81 -0
data/test/lib/spec/expectations/sugar.rb +47 -0
data/test/lib/spec/matchers.rb +160 -0
data/test/lib/spec/matchers/be.rb +161 -0
data/test/lib/spec/matchers/be_close.rb +37 -0
data/test/lib/spec/matchers/change.rb +120 -0
data/test/lib/spec/matchers/eql.rb +43 -0
data/test/lib/spec/matchers/equal.rb +43 -0
data/test/lib/spec/matchers/has.rb +44 -0
data/test/lib/spec/matchers/have.rb +140 -0
data/test/lib/spec/matchers/include.rb +50 -0
data/test/lib/spec/matchers/match.rb +41 -0
data/test/lib/spec/matchers/raise_error.rb +100 -0
data/test/lib/spec/matchers/respond_to.rb +35 -0
data/test/lib/spec/matchers/satisfy.rb +47 -0
data/test/lib/spec/matchers/throw_symbol.rb +75 -0
data/test/lib/spec/mocks.rb +232 -0
data/test/lib/spec/mocks/argument_expectation.rb +132 -0
data/test/lib/spec/mocks/error_generator.rb +85 -0
data/test/lib/spec/mocks/errors.rb +10 -0
data/test/lib/spec/mocks/extensions/object.rb +3 -0
data/test/lib/spec/mocks/message_expectation.rb +231 -0
data/test/lib/spec/mocks/methods.rb +40 -0
data/test/lib/spec/mocks/mock.rb +26 -0
data/test/lib/spec/mocks/mock_handler.rb +166 -0
data/test/lib/spec/mocks/order_group.rb +29 -0
data/test/lib/spec/rake/spectask.rb +173 -0
data/test/lib/spec/rake/verify_rcov.rb +47 -0
data/test/lib/spec/runner.rb +132 -0
data/test/lib/spec/runner/backtrace_tweaker.rb +55 -0
data/test/lib/spec/runner/command_line.rb +34 -0
data/test/lib/spec/runner/context.rb +154 -0
data/test/lib/spec/runner/context_eval.rb +142 -0
data/test/lib/spec/runner/context_runner.rb +55 -0
data/test/lib/spec/runner/drb_command_line.rb +21 -0
data/test/lib/spec/runner/execution_context.rb +17 -0
data/test/lib/spec/runner/extensions/kernel.rb +17 -0
data/test/lib/spec/runner/extensions/object.rb +32 -0
data/test/lib/spec/runner/formatter.rb +5 -0
data/test/lib/spec/runner/formatter/base_text_formatter.rb +118 -0
data/test/lib/spec/runner/formatter/html_formatter.rb +219 -0
data/test/lib/spec/runner/formatter/progress_bar_formatter.rb +27 -0
data/test/lib/spec/runner/formatter/rdoc_formatter.rb +22 -0
data/test/lib/spec/runner/formatter/specdoc_formatter.rb +23 -0
data/test/lib/spec/runner/heckle_runner.rb +71 -0
data/test/lib/spec/runner/heckle_runner_win.rb +10 -0
data/test/lib/spec/runner/option_parser.rb +224 -0
data/test/lib/spec/runner/reporter.rb +105 -0
data/test/lib/spec/runner/spec_matcher.rb +25 -0
data/test/lib/spec/runner/spec_parser.rb +41 -0
data/test/lib/spec/runner/spec_should_raise_handler.rb +74 -0
data/test/lib/spec/runner/specification.rb +114 -0
data/test/lib/spec/translator.rb +87 -0
data/test/lib/spec/version.rb +30 -0
data/test/lib/stubba.rb +2 -0
data/test/network/authconfig.rb +72 -0
data/test/network/authorization.rb +138 -0
data/test/network/authstore.rb +450 -0
data/test/network/client/ca.rb +38 -0
data/test/{client → network/client}/client.rb +107 -24
data/test/network/client/dipper.rb +35 -0
data/test/network/client/master.rb +627 -0
data/test/{client/pelement.rb → network/client/resource.rb} +13 -29
data/test/network/client_request.rb +39 -0
data/test/network/daemon.rb +71 -0
data/test/{server → network/handler}/bucket.rb +103 -27
data/test/{server → network/handler}/ca.rb +14 -19
data/test/{server → network/handler}/fileserver.rb +443 -68
data/test/network/handler/handler.rb +64 -0
data/test/{server → network/handler}/logger.rb +26 -26
data/test/network/handler/master.rb +352 -0
data/test/network/handler/report.rb +185 -0
data/test/{server/pelement.rb → network/handler/resource.rb} +25 -38
data/test/{server → network/handler}/runner.rb +17 -16
data/test/network/rights.rb +38 -0
data/test/network/server/webrick.rb +140 -0
data/test/network/xmlrpc/client.rb +68 -0
data/test/network/xmlrpc/processor.rb +80 -0
data/test/network/xmlrpc/server.rb +28 -0
data/test/network/xmlrpc/webrick_servlet.rb +26 -0
data/test/other/dsl.rb +218 -0
data/test/other/events.rb +22 -15
data/test/other/overrides.rb +9 -14
data/test/other/pgraph.rb +289 -0
data/test/other/propertychange.rb +142 -0
data/test/other/provider.rb +162 -0
data/test/other/puppet.rb +63 -10
data/test/other/relationship.rb +74 -0
data/test/other/relationships.rb +199 -123
data/test/other/report.rb +152 -23
data/test/other/transactions.rb +824 -78
data/test/puppet/conffiles.rb +16 -11
data/test/puppet/defaults.rb +7 -10
data/test/puppet/{error.rb → errortest.rb} +5 -8
data/test/puppet/modules.rb +58 -0
data/test/puppet/tc_suidmanager.rb +107 -0
data/test/rails/host.rb +177 -0
data/test/rails/rails.rb +27 -0
data/test/rails/railsparameter.rb +62 -0
data/test/rails/railsresource.rb +100 -0
data/test/ral/manager/attributes.rb +296 -0
data/test/ral/manager/manager.rb +55 -0
data/test/ral/manager/provider.rb +54 -0
data/test/ral/manager/type.rb +837 -0
data/test/ral/providers/cron/crontab.rb +346 -0
data/test/ral/providers/group.rb +252 -0
data/test/ral/providers/host/netinfo.rb +58 -0
data/test/ral/providers/host/parsed.rb +226 -0
data/test/ral/providers/mount/netinfo.rb +80 -0
data/test/ral/providers/mount/parsed.rb +223 -0
data/test/ral/providers/nameservice.rb +33 -0
data/test/ral/providers/package.rb +253 -0
data/test/ral/providers/package/apt.rb +89 -0
data/test/ral/providers/package/aptitude.rb +69 -0
data/test/ral/providers/package/aptrpm.rb +89 -0
data/test/ral/providers/package/dpkg.rb +64 -0
data/test/ral/providers/parsedfile.rb +668 -0
data/test/ral/providers/parsedport.rb +233 -0
data/test/ral/providers/provider.rb +423 -0
data/test/{types → ral/providers}/service.rb +20 -121
data/test/ral/providers/service/base.rb +75 -0
data/test/ral/providers/sshkey/parsed.rb +111 -0
data/test/ral/providers/user.rb +567 -0
data/test/ral/providers/user/useradd.rb +250 -0
data/test/ral/types/basic.rb +90 -0
data/test/ral/types/component.rb +113 -0
data/test/ral/types/cron.rb +480 -0
data/test/{types → ral/types}/exec.rb +278 -82
data/test/ral/types/file.rb +1799 -0
data/test/ral/types/file/target.rb +363 -0
data/test/{types → ral/types}/filebucket.rb +15 -17
data/test/{types → ral/types}/fileignoresource.rb +9 -15
data/test/ral/types/filesources.rb +1046 -0
data/test/ral/types/group.rb +169 -0
data/test/ral/types/host.rb +155 -0
data/test/ral/types/mount.rb +312 -0
data/test/ral/types/package.rb +85 -0
data/test/ral/types/parameter.rb +172 -0
data/test/ral/types/port.rb +148 -0
data/test/ral/types/property.rb +343 -0
data/test/ral/types/resources.rb +221 -0
data/test/{types → ral/types}/schedule.rb +34 -12
data/test/ral/types/service.rb +37 -0
data/test/{types → ral/types}/sshkey.rb +75 -65
data/test/ral/types/tidy.rb +240 -0
data/test/ral/types/user.rb +493 -0
data/test/{types → ral/types}/yumrepo.rb +7 -11
data/test/{types → ral/types}/zone.rb +45 -45
data/test/tagging/tagging.rb +17 -26
data/test/util/autoload.rb +130 -0
data/test/util/classgen.rb +227 -0
data/test/{other → util}/config.rb +373 -113
data/test/util/execution.rb +34 -0
data/test/util/features.rb +94 -0
data/test/util/fileparsing.rb +677 -0
data/test/{other → util}/filetype.rb +9 -12
data/test/util/graph.rb +108 -0
data/test/{other → util}/inifile.rb +24 -11
data/test/util/loadedfile.rb +106 -0
data/test/{other → util}/log.rb +96 -50
data/test/{other → util}/metrics.rb +7 -17
data/test/util/package.rb +27 -0
data/test/util/pidlock.rb +126 -0
data/test/util/posixtest.rb +173 -0
data/test/util/storage.rb +123 -0
data/test/util/subclass_loader.rb +100 -0
data/test/util/utiltest.rb +368 -0
metadata +449 -169
data/examples/code/classing +0 -35
data/examples/code/failers/badclassnoparam +0 -10
data/examples/code/failers/badclassparam +0 -10
data/examples/code/failers/badcompnoparam +0 -9
data/examples/code/failers/badcompparam +0 -9
data/examples/code/failers/badtypeparam +0 -3
data/examples/code/failers/noobjectrvalue +0 -1
data/examples/code/snippets/aliastest.pp +0 -16
data/examples/code/snippets/argumentdefaults +0 -14
data/examples/code/snippets/casestatement.pp +0 -58
data/examples/code/snippets/classheirarchy.pp +0 -15
data/examples/code/snippets/classincludes.pp +0 -17
data/examples/code/snippets/classpathtest +0 -11
data/examples/code/snippets/componentmetaparams.pp +0 -11
data/examples/code/snippets/deepclassheirarchy.pp +0 -23
data/examples/code/snippets/defineoverrides.pp +0 -17
data/examples/code/snippets/dirchmod +0 -19
data/examples/code/snippets/emptyclass.pp +0 -9
data/examples/code/snippets/emptyexec.pp +0 -3
data/examples/code/snippets/failmissingexecpath.pp +0 -13
data/examples/code/snippets/falsevalues.pp +0 -3
data/examples/code/snippets/filecreate +0 -11
data/examples/code/snippets/implicititeration +0 -15
data/examples/code/snippets/multipleinstances +0 -7
data/examples/code/snippets/namevartest +0 -9
data/examples/code/snippets/scopetest +0 -13
data/examples/code/snippets/selectorvalues.pp +0 -42
data/examples/code/snippets/simpledefaults +0 -5
data/examples/code/snippets/simpleselector +0 -38
data/examples/code/snippets/singleary.pp +0 -19
data/examples/code/snippets/singlequote.pp +0 -11
data/examples/code/snippets/singleselector.pp +0 -22
data/examples/code/snippets/tag.pp +0 -9
data/examples/code/snippets/tagged.pp +0 -35
data/lib/puppet/client.rb +0 -177
data/lib/puppet/client/ca.rb +0 -21
data/lib/puppet/client/dipper.rb +0 -76
data/lib/puppet/client/file.rb +0 -20
data/lib/puppet/client/log.rb +0 -17
data/lib/puppet/client/master.rb +0 -531
data/lib/puppet/client/runner.rb +0 -17
data/lib/puppet/client/status.rb +0 -7
data/lib/puppet/event-loop.rb +0 -1
data/lib/puppet/filetype.rb +0 -308
data/lib/puppet/inifile.rb +0 -201
data/lib/puppet/log.rb +0 -524
data/lib/puppet/metric.rb +0 -132
data/lib/puppet/networkclient.rb +0 -175
data/lib/puppet/parsedfile.rb +0 -58
data/lib/puppet/parser/ast/classdef.rb +0 -79
data/lib/puppet/parser/ast/compdef.rb +0 -75
data/lib/puppet/parser/ast/nodedef.rb +0 -73
data/lib/puppet/parser/ast/objectdef.rb +0 -284
data/lib/puppet/parser/ast/objectref.rb +0 -77
data/lib/puppet/rails/database.rb +0 -40
data/lib/puppet/rails/rails_object.rb +0 -42
data/lib/puppet/rails/rails_parameter.rb +0 -5
data/lib/puppet/server.rb +0 -196
data/lib/puppet/server/authconfig.rb +0 -177
data/lib/puppet/server/authstore.rb +0 -226
data/lib/puppet/server/filebucket.rb +0 -155
data/lib/puppet/server/pelement.rb +0 -188
data/lib/puppet/server/report.rb +0 -184
data/lib/puppet/server/rights.rb +0 -78
data/lib/puppet/server/servlet.rb +0 -274
data/lib/puppet/statechange.rb +0 -129
data/lib/puppet/storage.rb +0 -98
data/lib/puppet/type/nameservice.rb +0 -264
data/lib/puppet/type/nameservice/netinfo.rb +0 -232
data/lib/puppet/type/nameservice/objectadd.rb +0 -146
data/lib/puppet/type/nameservice/posix.rb +0 -12
data/lib/puppet/type/nameservice/pw.rb +0 -107
data/lib/puppet/type/package/apple.rb +0 -41
data/lib/puppet/type/package/apt.rb +0 -107
data/lib/puppet/type/package/blastwave.rb +0 -136
data/lib/puppet/type/package/darwinport.rb +0 -97
data/lib/puppet/type/package/dpkg.rb +0 -113
data/lib/puppet/type/package/freebsd.rb +0 -19
data/lib/puppet/type/package/gem.rb +0 -119
data/lib/puppet/type/package/openbsd.rb +0 -112
data/lib/puppet/type/package/ports.rb +0 -103
data/lib/puppet/type/package/rpm.rb +0 -121
data/lib/puppet/type/package/sun.rb +0 -174
data/lib/puppet/type/package/sunfreeware.rb +0 -7
data/lib/puppet/type/package/yum.rb +0 -52
data/lib/puppet/type/parsedtype/host.rb +0 -144
data/lib/puppet/type/parsedtype/mount.rb +0 -271
data/lib/puppet/type/parsedtype/port.rb +0 -261
data/lib/puppet/type/parsedtype/sshkey.rb +0 -123
data/lib/puppet/type/service/base.rb +0 -12
data/lib/puppet/type/service/debian.rb +0 -46
data/lib/puppet/type/service/redhat.rb +0 -38
data/lib/puppet/type/state.rb +0 -393
data/lib/puppet/type/symlink.rb +0 -186
data/test/client/master.rb +0 -207
data/test/language/rails.rb +0 -105
data/test/other/parsedfile.rb +0 -58
data/test/other/storage.rb +0 -100
data/test/puppet/utiltest.rb +0 -299
data/test/puppettest.rb +0 -1170
data/test/server/authconfig.rb +0 -56
data/test/server/authstore.rb +0 -218
data/test/server/master.rb +0 -201
data/test/server/report.rb +0 -93
data/test/server/rights.rb +0 -41
data/test/server/server.rb +0 -152
data/test/test +0 -61
data/test/types/basic.rb +0 -117
data/test/types/component.rb +0 -298
data/test/types/cron.rb +0 -718
data/test/types/file.rb +0 -1314
data/test/types/filesources.rb +0 -590
data/test/types/group.rb +0 -323
data/test/types/host.rb +0 -186
data/test/types/mount.rb +0 -294
data/test/types/package.rb +0 -538
data/test/types/parameter.rb +0 -107
data/test/types/port.rb +0 -201
data/test/types/query.rb +0 -101
data/test/types/state.rb +0 -92
data/test/types/symlink.rb +0 -120
data/test/types/tidy.rb +0 -102
data/test/types/type.rb +0 -469
data/test/types/user.rb +0 -563

data/lib/puppet/reports/store.rb ADDED

@@ -0,0 +1,64 @@
+require 'puppet'
+Puppet::Network::Handler.report.newreport(:store, :useyaml => true) do
+    Puppet.config.use(:reporting)
+    desc "Store the yaml report on disk.  Each host sends its report as a YAML dump
+        and this just stores the file on disk, in the ``reportdir`` directory.
+        These files collect quickly -- one every half hour -- so it is a good idea
+        to perform some maintenance on them if you use this report (it's the only
+        default report)."
+    def mkclientdir(client, dir)
+        config = Puppet::Util::Config.new
+        config.setdefaults("reportclient-#{client}",
+            "clientdir-#{client}" => { :default => dir,
+                :mode => 0750,
+                :desc => "Client dir for %s" % client,
+                :owner => Puppet[:user],
+                :group => Puppet[:group]
+            }
+        )
+        config.use("reportclient-#{client}")
+    end
+    def process(yaml)
+        # We don't want any tracking back in the fs.  Unlikely, but there
+        # you go.
+        client = self.host.gsub("..",".")
+        dir = File.join(Puppet[:reportdir], client)
+        unless FileTest.exists?(dir)
+            mkclientdir(client, dir)
+        end
+        # Now store the report.
+        now = Time.now.gmtime
+        name = %w{year month day hour min}.collect do |method|
+            # Make sure we're at least two digits everywhere
+            "%02d" % now.send(method).to_s
+        end.join("") + ".yaml"
+        file = File.join(dir, name)
+        begin
+            File.open(file, "w", 0640) do |f|
+                f.print yaml
+            end
+        rescue => detail
+            if Puppet[:trace]
+                puts detail.backtrace
+            end
+            Puppet.warning "Could not write report for %s at %s: %s" %
+                [client, file, detail]
+        end
+        # Only testing cares about the return value
+        return file
+    end
+end
+# $Id: store.rb 2259 2007-03-06 19:03:05Z luke $

data/lib/puppet/reports/tagmail.rb CHANGED

@@ -1,94 +1,167 @@
 require 'puppet'
-Puppet.config.setdefaults(:reporting,
-    :tagmap => ["$confdir/tagmail.conf",
-        "The mapping between reporting tags and email addresses."],
-    :sendmail => [%x{which sendmail 2>/dev/null}.chomp,
-        "Where to find the sendmail binary with which to send email."],
-    :reportfrom => ["report@" + [Facter["hostname"].value, Facter["domain"].value].join("."),
-        "The 'from' email address for the reports."],
-    :smtpserver => ["none",
-        "The server through which to send email reports."]
-)
+require 'pp'
 require 'net/smtp'
-Puppet::Server::Report.newreport(:tagmail) do |report|
-    unless FileTest.exists?(Puppet[:tagmap])
-        Puppet.notice "Cannot send tagmail report; no tagmap file %s" %
-            Puppet[:tagmap]
-        return
-    end
+Puppet::Network::Handler.report.newreport(:tagmail) do
+    desc "This report sends specific log messages to specific email addresses
+        based on the tags in the log messages.  See the
+        `UsingTags tag documentation`:trac: for more information
+        on tags.
+        To use this report, you must create a ``tagmail.conf`` (in the location
+        specified by ``tagmap``).  This is a simple file that maps tags to
+        email addresses:  Any log messages in the report that match the specified
+        tags will be sent to the specified email addresses.
+        Tags must be comma-separated, and they can be negated so that messages
+        only match when they do not have that tag.  The tags are separated from
+        the email addresses by a colon, and the email addresses should also
+        be comma-separated.
-    # Load the config file
-    tags = {}
-    File.readlines(Puppet[:tagmap]).each do |line|
-        taglist, emails = line.chomp.split(/\s*:\s*/)
+        Lastly, there is an ``all`` tag that will always match all log messages.
+        Here is an example tagmail.conf::
+            all: me@domain.com
+            webserver, !mailserver: httpadmins@domain.com
+        This will send all messages to ``me@domain.com``, and all messages from
+        webservers that are not also from mailservers to ``httpadmins@domain.com``.
+        "
+    # Find all matching messages.
+    def match(taglists)
+        reports = []
+        taglists.each do |emails, pos, neg|
+            # First find all of the messages matched by our positive tags
+            messages = nil
+            if pos.include?("all")
+                messages = self.logs
+            else
+                # Find all of the messages that are tagged with any of our
+                # tags.
+                messages = self.logs.find_all do |log|
+                    pos.detect { |tag| log.tagged?(tag) }
+                end
+            end
+            # Now go through and remove any messages that match our negative tags
+            messages = messages.reject do |log|
+                if neg.detect do |tag| log.tagged?(tag) end
+                    true
+                end
+            end
-        emails = emails.split(/\s*,\s*/)
-        taglist.split(/\s*,\s*/).each do |tag|
-            tags[tag] = emails
+            if messages.empty?
+                Puppet.info "No messages to report to %s" % emails.join(",")
+                next
+            else
+                reports << [emails, messages.collect { |m| m.to_report }.join("\n")]
+            end
         end
+        return reports
     end
+    # Load the config file
+    def parse(text)
+        taglists = []
+        text.split("\n").each do |line|
+            taglist = emails = nil
+            case line.chomp
+            when /^\s*#/: next
+            when /^\s*$/: next
+            when /^\s*(.+)\s*:\s*(.+)\s*$/:
+                taglist = $1
+                emails = $2.sub(/#.*$/,'')
+            else
+                raise ArgumentError, "Invalid tagmail config file"
+            end
-    # Now find any appropriately tagged messages.
-    reports = {}
-    tags.each do |tag, emails|
-        messages = nil
-        if tag == "all"
-            messages = report.logs
-        else
-            messages = report.logs.find_all do |log|
-                log.tagged?(tag)
+            pos = []
+            neg = []
+            taglist.sub(/\s+$/,'').split(/\s*,\s*/).each do |tag|
+                unless tag =~ /^!?[-\w]+$/
+                    raise ArgumentError, "Invalid tag %s" % tag.inspect
+                end
+                case tag
+                when /^\w+/: pos << tag
+                when /^!\w+/: neg << tag.sub("!", '')
+                else
+                    raise Puppet::Error, "Invalid tag '%s'" % tag
+                end
             end
-        end
-        if messages and ! messages.empty?
-            reports[emails] = messages.collect { |m| m.to_report }.join("\n")
-        else
-            Puppet.info "No messages to report"
+            # Now split the emails
+            emails = emails.sub(/\s+$/,'').split(/\s*,\s*/)
+            taglists << [emails, pos, neg]
         end
+        return taglists
     end
-    # Let's fork for the sending of the email, since you never know what might
-    # happen.
-    fork do
-        if Puppet[:smtpserver] != "none"
-            begin
-                Net::SMTP.start(Puppet[:smtpserver]) do |smtp|
+    # Process the report.  This just calls the other associated messages.
+    def process
+        unless FileTest.exists?(Puppet[:tagmap])
+            Puppet.notice "Cannot send tagmail report; no tagmap file %s" %
+                Puppet[:tagmap]
+            return
+        end
+        taglists = parse(File.read(Puppet[:tagmap]))
+        # Now find any appropriately tagged messages.
+        reports = match(taglists)
+        send(reports)
+    end
+    # Send the email reports.
+    def send(reports)
+        pid = fork do
+            if Puppet[:smtpserver] != "none"
+                begin
+                    Net::SMTP.start(Puppet[:smtpserver]) do |smtp|
+                        reports.each do |emails, messages|
+                            Puppet.info "Sending report to %s" % emails.join(", ")
+                            smtp.send_message(messages, Puppet[:reportfrom], *emails)
+                        end
+                    end
+                rescue => detail
+                    if Puppet[:debug]
+                        puts detail.backtrace
+                    end
+                    raise Puppet::Error,
+                        "Could not send report emails through smtp: %s" % detail
+                end
+            elsif Puppet[:sendmail] != ""
+                begin
                     reports.each do |emails, messages|
                         Puppet.info "Sending report to %s" % emails.join(", ")
-                        smtp.send_message(messages, Puppet[:reportfrom], *emails)
+                        # We need to open a separate process for every set of email addresses
+                        IO.popen(Puppet[:sendmail] + " " + emails.join(" "), "w") do |p|
+                            p.puts "From: #{Puppet[:reportfrom]}"
+                            p.puts "Subject: Puppet Report for %s" % self.host
+                            p.puts "To: " + emails.join(", ")
+                            p.puts messages
+                        end
                     end
-                end
-            rescue => detail
-                if Puppet[:debug]
-                    puts detail.backtrace
-                end
-                raise Puppet::Error,
-                    "Could not send report emails through smtp: %s" % detail
-            end
-        elsif Puppet[:sendmail] != ""
-            begin
-                reports.each do |emails, messages|
-                    Puppet.info "Sending report to %s" % emails.join(", ")
-                    # We need to open a separate process for every set of email addresses
-                    IO.popen(Puppet[:sendmail] + " " + emails.join(" "), "w") do |p|
-                        p.puts "From: #{Puppet[:reportfrom]}"
-                        p.puts "Subject: Puppet Report for %s" % report.host
-                        p.puts messages
+                rescue => detail
+                    if Puppet[:debug]
+                        puts detail.backtrace
                     end
+                    raise Puppet::Error,
+                        "Could not send report emails via sendmail: %s" % detail
                 end
-            rescue => detail
-                if Puppet[:debug]
-                    puts detail.backtrace
-                end
-                raise Puppet::Error,
-                    "Could not send report emails via sendmail: %s" % detail
+            else
+                raise Puppet::Error, "SMTP server is unset and could not find sendmail"
             end
-        else
-            raise Puppet::Error, "SMTP server is unset and could not find sendmail"
         end
+        # Don't bother waiting for the pid to return.
+        Process.detach(pid)
     end
 end
+# $Id: tagmail.rb 2406 2007-04-23 06:16:10Z luke $

data/lib/puppet/sslcertificates.rb CHANGED

@@ -9,7 +9,17 @@ rescue LoadError
 end
 module Puppet::SSLCertificates
+    hostname = Facter["hostname"].value
+    domain = Facter["domain"].value
+    if domain and domain != ""
+        fqdn = [hostname, domain].join(".")
+    else
+        fqdn = hostname
+    end
     Puppet.setdefaults("certificates",
+        :certname => [fqdn, "The name to use when handling certificates.  Defaults
+            to the fully qualified domain name."],
         :certdir => ["$ssldir/certs", "The certificate directory."],
         :publickeydir => ["$ssldir/public_keys", "The public key directory."],
         :privatekeydir => { :default => "$ssldir/private_keys",
@@ -24,19 +34,41 @@ module Puppet::SSLCertificates
             :mode => 0640,
             :desc => "Where puppetd stores the password for its private key.
                 Generally unused."
+        },
+        :hostcsr => { :default => "$ssldir/csr_$certname.pem",
+            :mode => 0644,
+            :desc => "Where individual hosts store and look for their certificates."
+        },
+        :hostcert => { :default => "$certdir/$certname.pem",
+            :mode => 0644,
+            :desc => "Where individual hosts store and look for their certificates."
+        },
+        :hostprivkey => { :default => "$privatekeydir/$certname.pem",
+            :mode => 0600,
+            :desc => "Where individual hosts store and look for their private key."
+        },
+        :hostpubkey => { :default => "$publickeydir/$certname.pem",
+            :mode => 0644,
+            :desc => "Where individual hosts store and look for their public key."
+        },
+        :localcacert => { :default => "$certdir/ca.pem",
+            :mode => 0644,
+            :desc => "Where each client stores the CA certificate."
         }
     )
-    #def self.mkcert(type, name, days, issuercert, issuername, serial, publickey)
+    #def self.mkcert(type, name, ttl, issuercert, issuername, serial, publickey)
     def self.mkcert(hash)
-        [:type, :name, :days, :issuer, :serial, :publickey].each { |param|
+        [:type, :name, :ttl, :issuer, :serial, :publickey].each { |param|
             unless hash.include?(param)
                 raise ArgumentError, "mkcert called without %s" % param
             end
         }
         cert = OpenSSL::X509::Certificate.new
-        from = Time.now
+        # Make the certificate valid as of yesterday, because
+        # so many people's clocks are out of sync.
+        from = Time.now - (60*60*24)
         cert.subject = hash[:name]
         if hash[:issuer]
@@ -46,7 +78,7 @@ module Puppet::SSLCertificates
             cert.issuer = hash[:name]
         end
         cert.not_before = from
-        cert.not_after = from + (hash[:days] * 24 * 60 * 60)
+        cert.not_after = from + hash[:ttl]
         cert.version = 2 # X509v3
         cert.public_key = hash[:publickey]
@@ -154,7 +186,8 @@ module Puppet::SSLCertificates
         return hashpath
     end
     require 'puppet/sslcertificates/certificate'
+    require 'puppet/sslcertificates/inventory'
     require 'puppet/sslcertificates/ca'
 end
-# $Id: sslcertificates.rb 1117 2006-04-19 15:35:04Z luke $
+# $Id: sslcertificates.rb 2376 2007-03-30 23:45:48Z luke $

data/lib/puppet/sslcertificates/ca.rb CHANGED

@@ -1,6 +1,8 @@
 class Puppet::SSLCertificates::CA
+    include Puppet::Util::Warnings
     Certificate = Puppet::SSLCertificates::Certificate
-    attr_accessor :keyfile, :file, :config, :dir, :cert
+    attr_accessor :keyfile, :file, :config, :dir, :cert, :crl
     Puppet.setdefaults(:ca,
         :cadir => {  :default => "$ssldir/ca",
@@ -26,6 +28,12 @@ class Puppet::SSLCertificates::CA
             :group => "$group",
             :desc => "The CA public key."
         },
+        :cacrl => { :default => "$cadir/ca_crl.pem",
+            :owner => "$user",
+            :group => "$group",
+            :mode => 0664,
+            :desc => "The certificate revocation list (CRL) for the CA. Set this to 'none' if you do not want to use a CRL."
+        },
         :caprivatedir => { :default => "$cadir/private",
             :owner => "$user",
             :group => "$group",
@@ -55,12 +63,19 @@ class Puppet::SSLCertificates::CA
             :desc => "Where the serial number for certificates is stored."
         },
         :autosign => { :default => "$confdir/autosign.conf",
-            :mode => 0640,
+            :mode => 0644,
             :desc => "Whether to enable autosign.  Valid values are true (which
                 autosigns any key request, and is a very bad idea), false (which
                 never autosigns any key request), and the path to a file, which
                 uses that configuration file to determine which keys to sign."},
-        :ca_days => [1825, "How long a certificate should be valid."],
+        :ca_days => ["", "How long a certificate should be valid.
+                 This parameter is deprecated, use ca_ttl instead"],
+        :ca_ttl => ["5y", "The default TTL for new certificates; valid values
+                must be an integer, optionally followed by one of the units
+                'y' (years of 365 days), 'd' (days), 'h' (hours), or
+                's' (seconds). The unit defaults to seconds. If this parameter
+                is set, ca_days is ignored. Examples are '3600' (one hour)
+                and '1825d', which is the same as '5y' (5 years) "],
         :ca_md => ["md5", "The type of hash used in certificates."],
         :req_bits => [2048, "The bit length of the certificates."],
         :keylength => [1024, "The bit length of keys."]
@@ -72,6 +87,7 @@ class Puppet::SSLCertificates::CA
     # Remove all traces of a given host.  This is kind of hackish, but, eh.
     def clean(host)
+        host = host.downcase
         [:csrdir, :signeddir, :publickeydir, :privatekeydir, :certdir].each do |name|
             dir = Puppet[name]
@@ -79,7 +95,7 @@ class Puppet::SSLCertificates::CA
             if FileTest.exists?(file)
                 begin
-                    if Puppet.name == "puppetca"
+                    if Puppet[:name] == "puppetca"
                         puts "Removing %s" % file
                     else
                         Puppet.info "Removing %s" % file
@@ -95,13 +111,13 @@ class Puppet::SSLCertificates::CA
     end
     def host2csrfile(hostname)
-        File.join(Puppet[:csrdir], [hostname, "pem"].join("."))
+        File.join(Puppet[:csrdir], [hostname.downcase, "pem"].join("."))
     end
     # this stores signed certs in a directory unrelated to
     # normal client certs
     def host2certfile(hostname)
-        File.join(Puppet[:signeddir], [hostname, "pem"].join("."))
+        File.join(Puppet[:signeddir], [hostname.downcase, "pem"].join("."))
     end
     # Turn our hostname into a Name object
@@ -130,6 +146,7 @@ class Puppet::SSLCertificates::CA
         end
         self.getcert
+        init_crl
         unless FileTest.exists?(@config[:serial])
             Puppet.config.write(:serial) do |f|
                 f << "%04X" % 1
@@ -190,7 +207,8 @@ class Puppet::SSLCertificates::CA
         return [OpenSSL::X509::Certificate.new(File.read(certfile)), @cert]
     end
-    # List certificates waiting to be signed.
+    # List certificates waiting to be signed.  This returns a list of hostnames, not actual
+    # files -- the names can be converted to full paths with host2csrfile.
     def list
         return Dir.entries(Puppet[:csrdir]).find_all { |file|
             file =~ /\.pem$/
@@ -212,18 +230,20 @@ class Puppet::SSLCertificates::CA
             :encrypt => @config[:capass],
             :key => @config[:cakey],
             :selfsign => true,
-            :length => 1825,
+            :ttl => ttl,
             :type => :ca
         )
         # This creates the cakey file
-        Puppet::Util.asuser(Puppet[:user], Puppet[:group]) do
+        Puppet::Util::SUIDManager.asuser(Puppet[:user], Puppet[:group]) do
             @cert = cert.mkselfsigned
         end
         Puppet.config.write(:cacert) do |f|
             f.puts @cert.to_pem
         end
-        @key = cert.key
+        Puppet.config.write(:capub) do |f|
+            f.puts @cert.public_key
+        end
         return cert
     end
@@ -236,6 +256,23 @@ class Puppet::SSLCertificates::CA
         File.unlink(csrfile)
     end
+    # Revoke the certificate with serial number SERIAL issued by this
+    # CA. The REASON must be one of the OpenSSL::OCSP::REVOKED_* reasons
+    def revoke(serial, reason = OpenSSL::OCSP::REVOKED_STATUS_KEYCOMPROMISE)
+        if @config[:cacrl] == 'none'
+            raise Puppet::Error, "Revocation requires a CRL, but ca_crl is set to 'none'"
+        end
+        time = Time.now
+        revoked = OpenSSL::X509::Revoked.new
+        revoked.serial = serial
+        revoked.time = time
+        enum = OpenSSL::ASN1::Enumerated(reason)
+        ext = OpenSSL::X509::Extension.new("CRLReason", enum)
+        revoked.add_extension(ext)
+        @crl.add_revoked(revoked)
+        store_crl
+    end
     # Take the Puppet config and store it locally.
     def setconfig(hash)
         @config = {}
@@ -278,34 +315,12 @@ class Puppet::SSLCertificates::CA
             raise Puppet::Error, "CSR sign verification failed"
         end
-        # i should probably check key length...
-        # read the ca cert in
-        cacert = OpenSSL::X509::Certificate.new(
-            File.read(@config[:cacert])
-        )
-        cakey = nil
-        if @config[:password]
-            cakey = OpenSSL::PKey::RSA.new(
-                File.read(@config[:cakey]), @config[:password]
-            )
-        else
-            cakey = OpenSSL::PKey::RSA.new(
-                File.read(@config[:cakey])
-            )
-        end
-        unless cacert.check_private_key(cakey)
-            raise Puppet::Error, "CA Certificate is invalid"
-        end
         serial = File.read(@config[:serial]).chomp.hex
         newcert = Puppet::SSLCertificates.mkcert(
             :type => :server,
             :name => csr.subject,
-            :days => @config[:ca_days],
-            :issuer => cacert,
+            :ttl => ttl,
+            :issuer => @cert,
             :serial => serial,
             :publickey => csr.public_key
         )
@@ -315,11 +330,11 @@ class Puppet::SSLCertificates::CA
             f << "%04X" % (serial + 1)
         end
-        newcert.sign(cakey, OpenSSL::Digest::SHA1.new)
+        sign_with_key(newcert)
         self.storeclientcert(newcert)
-        return [newcert, cacert]
+        return [newcert, @cert]
     end
     # Store the client's CSR for later signing.  This is called from
@@ -348,10 +363,100 @@ class Puppet::SSLCertificates::CA
                 [certfile, host]
         end
+        Puppet::SSLCertificates::Inventory::add(cert)
         Puppet.config.writesub(:signeddir, certfile) do |f|
             f.print cert.to_pem
         end
     end
+    # TTL for new certificates in seconds. If config param :ca_ttl is set,
+    # use that, otherwise use :ca_days for backwards compatibility
+    def ttl
+        days = @config[:ca_days]
+        if days && days.size > 0
+            warnonce "Parameter ca_ttl is not set. Using depecated ca_days instead."
+            return @config[:ca_days] * 24 * 60 * 60
+        else
+            ttl = @config[:ca_ttl]
+            if ttl.is_a?(String)
+                unless ttl =~ /^(\d+)(y|d|h|s)$/
+                    raise ArgumentError, "Invalid ca_ttl #{ttl}"
+                end
+                case $2
+                when 'y'
+                    unit = 365 * 24 * 60 * 60
+                when 'd'
+                    unit = 24 * 60 * 60
+                when 'h'
+                    unit = 60 * 60
+                when 's'
+                    unit = 1
+                else
+                    raise ArgumentError, "Invalid unit for ca_ttl #{ttl}"
+                end
+                return $1.to_i * unit
+            else
+                return ttl
+            end
+        end
+    end
+    private
+    def init_crl
+        if FileTest.exists?(@config[:cacrl])
+            @crl = OpenSSL::X509::CRL.new(
+                File.read(@config[:cacrl])
+            )
+        elsif @config[:cacrl] == 'none'
+            @crl = nil
+        else
+            # Create new CRL
+            @crl = OpenSSL::X509::CRL.new
+            @crl.issuer = @cert.subject
+            @crl.version = 1
+            store_crl
+            @crl
+        end
+    end
+    def store_crl
+        # Increment the crlNumber
+        e = @crl.extensions.find { |e| e.oid == 'crlNumber' }
+        ext = @crl.extensions.reject { |e| e.oid == 'crlNumber' }
+        crlNum = OpenSSL::ASN1::Integer(e ? e.value.to_i + 1 : 0)
+        ext << OpenSSL::X509::Extension.new("crlNumber", crlNum)
+        @crl.extensions = ext
+        # Set last/next update
+        now = Time.now
+        @crl.last_update = now
+        # Keep CRL valid for 5 years
+        @crl.next_update = now + 5 * 365*24*60*60
+        sign_with_key(@crl)
+        Puppet.config.write(:cacrl) do |f|
+            f.puts @crl.to_pem
+        end
+    end
+    def sign_with_key(signable, digest = OpenSSL::Digest::SHA1.new)
+        cakey = nil
+        if @config[:password]
+            cakey = OpenSSL::PKey::RSA.new(
+                File.read(@config[:cakey]), @config[:password]
+            )
+        else
+            cakey = OpenSSL::PKey::RSA.new(
+                File.read(@config[:cakey])
+            )
+        end
+        unless @cert.check_private_key(cakey)
+            raise Puppet::Error, "CA Certificate is invalid"
+        end
+        signable.sign(cakey, digest)
+    end
 end
-# $Id: ca.rb 1145 2006-04-28 04:08:38Z luke $
+# $Id: ca.rb 2259 2007-03-06 19:03:05Z luke $