RubyGems - puppet - Versions diffs - 0.24.9 → 0.25.0 - Mend

puppet 0.24.9 → 0.25.0

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (910) hide show

data/CHANGELOG +18680 -1241
data/CHANGELOG.old +1705 -0
data/LICENSE +2 -2
data/README +1 -1
data/README.queueing +126 -0
data/README.rst +4 -4
data/Rakefile +62 -216
data/bin/filebucket +6 -117
data/bin/pi +50 -0
data/bin/puppet +7 -188
data/bin/puppetdoc +7 -198
data/bin/ralsh +4 -191
data/conf/auth.conf +94 -0
data/conf/gentoo/init.d/puppetmaster +30 -30
data/conf/osx/PackageInfo.plist +30 -30
data/conf/osx/createpackage.sh +23 -18
data/conf/osx/preflight +8 -0
data/conf/puppet-queue.conf +10 -0
data/conf/redhat/client.init +52 -41
data/conf/redhat/logrotate +1 -0
data/conf/redhat/puppet.spec +74 -36
data/conf/redhat/rundir-perms.patch +28 -0
data/conf/redhat/server.init +48 -43
data/conf/redhat/server.sysconfig +4 -4
data/conf/solaris/smf/puppetd.xml +53 -53
data/conf/solaris/smf/puppetmasterd.xml +53 -53
data/conf/solaris/smf/svc-puppetd +4 -4
data/conf/solaris/smf/svc-puppetmasterd +3 -3
data/conf/suse/client.init +4 -4
data/conf/suse/puppet.spec +14 -14
data/conf/suse/server.init +17 -17
data/examples/etc/init.d/sleeper +8 -8
data/examples/mac_dscl.pp +2 -2
data/examples/mac_dscl_revert.pp +1 -1
data/examples/mcx_dock_default.pp +108 -108
data/examples/mcx_dock_full.pp +108 -108
data/examples/mcx_nogroup.pp +108 -108
data/examples/modules/sample-module/lib/puppet/parser/functions/hostname_to_dn.rb +5 -5
data/examples/modules/sample-module/manifests/init.pp +2 -2
data/examples/relationships +1 -1
data/ext/autotest/config +6 -6
data/ext/bin/sleeper +12 -12
data/ext/dbfix.sql +21 -21
data/ext/emacs/puppet-mode.el +42 -41
data/ext/extlookup.rb +183 -0
data/ext/ldap/puppet.schema +2 -1
data/ext/logcheck/puppet +1 -1
data/ext/module_puppet +7 -7
data/ext/nagios/check_puppet.rb +83 -83
data/ext/nagios/naggen +302 -0
data/ext/puppet-test +61 -18
data/ext/puppetlisten/puppetlisten.rb +76 -0
data/ext/puppetlisten/puppetrun.rb +39 -0
data/ext/puppetstoredconfigclean.rb +29 -29
data/ext/rack/README +73 -0
data/ext/rack/files/apache2.conf +38 -0
data/ext/rack/files/config.ru +18 -0
data/ext/rack/manifest.pp +59 -0
data/ext/vim/syntax/puppet.vim +54 -35
data/install.rb +37 -26
data/lib/puppet.rb +15 -227
data/lib/puppet/agent.rb +134 -0
data/lib/puppet/agent/locker.rb +42 -0
data/lib/puppet/agent/runner.rb +65 -0
data/lib/puppet/application.rb +313 -0
data/lib/puppet/application/filebucket.rb +87 -0
data/lib/puppet/application/pi.rb +214 -0
data/lib/puppet/application/puppet.rb +177 -0
data/lib/puppet/application/puppetca.rb +71 -0
data/lib/puppet/application/puppetd.rb +256 -0
data/lib/puppet/application/puppetdoc.rb +222 -0
data/lib/puppet/application/puppetmasterd.rb +168 -0
data/lib/puppet/application/puppetqd.rb +96 -0
data/lib/puppet/application/puppetrun.rb +219 -0
data/lib/puppet/application/ralsh.rb +168 -0
data/lib/puppet/configurer.rb +177 -0
data/lib/puppet/configurer/downloader.rb +79 -0
data/lib/puppet/configurer/fact_handler.rb +68 -0
data/lib/puppet/configurer/plugin_handler.rb +26 -0
data/lib/puppet/daemon.rb +78 -28
data/lib/puppet/defaults.rb +239 -166
data/lib/puppet/dsl.rb +7 -7
data/lib/puppet/external/dot.rb +271 -271
data/lib/puppet/external/event-loop/better-definers.rb +298 -298
data/lib/puppet/external/event-loop/event-loop.rb +274 -274
data/lib/puppet/external/event-loop/signal-system.rb +163 -163
data/lib/puppet/external/lock.rb +1 -1
data/lib/puppet/external/nagios.rb +20 -20
data/lib/puppet/external/nagios/base.rb +3 -3
data/lib/puppet/external/nagios/grammar.ry +185 -0
data/lib/puppet/external/nagios/makefile +9 -0
data/lib/puppet/external/nagios/parser.rb +1 -1
data/lib/puppet/feature/json.rb +2 -0
data/lib/puppet/feature/rack.rb +24 -0
data/lib/puppet/feature/rails.rb +23 -33
data/lib/puppet/feature/rubygems.rb +6 -0
data/lib/puppet/feature/stomp.rb +6 -0
data/lib/puppet/file_serving/{file_base.rb → base.rb} +10 -9
data/lib/puppet/file_serving/configuration.rb +61 -61
data/lib/puppet/file_serving/configuration/parser.rb +24 -29
data/lib/puppet/file_serving/content.rb +26 -11
data/lib/puppet/file_serving/fileset.rb +54 -19
data/lib/puppet/file_serving/indirection_hooks.rb +12 -24
data/lib/puppet/file_serving/metadata.rb +8 -8
data/lib/puppet/file_serving/mount.rb +9 -151
data/lib/puppet/file_serving/mount/file.rb +126 -0
data/lib/puppet/file_serving/mount/modules.rb +25 -0
data/lib/puppet/file_serving/mount/plugins.rb +27 -0
data/lib/puppet/file_serving/terminus_helper.rb +9 -4
data/lib/puppet/indirector.rb +6 -4
data/lib/puppet/indirector/active_record.rb +28 -0
data/lib/puppet/indirector/catalog/active_record.rb +36 -0
data/lib/puppet/indirector/catalog/compiler.rb +50 -24
data/lib/puppet/indirector/catalog/queue.rb +5 -0
data/lib/puppet/indirector/catalog/rest.rb +6 -0
data/lib/puppet/indirector/catalog/yaml.rb +2 -4
data/lib/puppet/indirector/certificate/ca.rb +9 -0
data/lib/puppet/indirector/certificate/file.rb +9 -0
data/lib/puppet/indirector/certificate/rest.rb +9 -0
data/lib/puppet/indirector/certificate_request/ca.rb +14 -0
data/lib/puppet/indirector/certificate_request/file.rb +8 -0
data/lib/puppet/indirector/certificate_request/rest.rb +9 -0
data/lib/puppet/indirector/certificate_revocation_list/ca.rb +8 -0
data/lib/puppet/indirector/certificate_revocation_list/file.rb +8 -0
data/lib/puppet/indirector/certificate_revocation_list/rest.rb +9 -0
data/lib/puppet/indirector/direct_file_server.rb +4 -8
data/lib/puppet/indirector/exec.rb +2 -6
data/lib/puppet/indirector/facts/active_record.rb +36 -0
data/lib/puppet/indirector/facts/facter.rb +30 -22
data/lib/puppet/indirector/facts/rest.rb +6 -0
data/lib/puppet/indirector/file.rb +1 -0
data/lib/puppet/indirector/file_content/rest.rb +0 -1
data/lib/puppet/indirector/file_metadata/file.rb +2 -2
data/lib/puppet/indirector/file_metadata/rest.rb +0 -1
data/lib/puppet/indirector/file_server.rb +31 -18
data/lib/puppet/indirector/indirection.rb +46 -33
data/lib/puppet/indirector/key/ca.rb +12 -0
data/lib/puppet/indirector/key/file.rb +42 -0
data/lib/puppet/indirector/node/active_record.rb +13 -0
data/lib/puppet/indirector/node/ldap.rb +1 -1
data/lib/puppet/indirector/queue.rb +83 -0
data/lib/puppet/indirector/report/processor.rb +1 -1
data/lib/puppet/indirector/report/rest.rb +7 -0
data/lib/puppet/indirector/request.rb +158 -15
data/lib/puppet/indirector/rest.rb +74 -36
data/lib/puppet/indirector/runner/rest.rb +7 -0
data/lib/puppet/indirector/ssl_file.rb +174 -0
data/lib/puppet/indirector/terminus.rb +4 -4
data/lib/puppet/indirector/yaml.rb +1 -1
data/lib/puppet/metatype/manager.rb +3 -3
data/lib/puppet/module.rb +99 -124
data/lib/puppet/network/authconfig.rb +57 -42
data/lib/puppet/network/authstore.rb +58 -10
data/lib/puppet/network/client.rb +0 -2
data/lib/puppet/network/client/ca.rb +1 -1
data/lib/puppet/network/client/dipper.rb +7 -2
data/lib/puppet/network/format.rb +123 -0
data/lib/puppet/network/format_handler.rb +156 -0
data/lib/puppet/network/formats.rb +123 -0
data/lib/puppet/network/handler/filebucket.rb +1 -1
data/lib/puppet/network/handler/fileserver.rb +43 -35
data/lib/puppet/network/handler/master.rb +4 -4
data/lib/puppet/network/handler/report.rb +1 -1
data/lib/puppet/network/handler/resource.rb +16 -20
data/lib/puppet/network/handler/runner.rb +9 -42
data/lib/puppet/network/http.rb +4 -4
data/lib/puppet/network/http/api.rb +4 -0
data/lib/puppet/network/http/api/v1.rb +65 -0
data/lib/puppet/network/http/handler.rb +163 -56
data/lib/puppet/network/http/mongrel.rb +19 -15
data/lib/puppet/network/http/mongrel/rest.rb +35 -17
data/lib/puppet/network/http/rack.rb +62 -0
data/lib/puppet/network/http/rack/httphandler.rb +34 -0
data/lib/puppet/network/http/rack/rest.rb +79 -0
data/lib/puppet/network/http/rack/xmlrpc.rb +65 -0
data/lib/puppet/network/http/webrick.rb +89 -16
data/lib/puppet/network/http/webrick/rest.rb +24 -11
data/lib/puppet/network/http_pool.rb +28 -29
data/lib/puppet/network/http_server/mongrel.rb +8 -10
data/lib/puppet/network/http_server/webrick.rb +1 -3
data/lib/puppet/network/rest_authconfig.rb +89 -0
data/lib/puppet/network/rest_authorization.rb +25 -0
data/lib/puppet/network/rights.rb +230 -27
data/lib/puppet/network/server.rb +133 -31
data/lib/puppet/network/xmlrpc/client.rb +5 -5
data/lib/puppet/network/xmlrpc/webrick_servlet.rb +6 -6
data/lib/puppet/node.rb +28 -21
data/lib/puppet/node/environment.rb +48 -0
data/lib/puppet/node/facts.rb +21 -0
data/lib/puppet/parameter.rb +291 -219
data/lib/puppet/parser/ast.rb +1 -0
data/lib/puppet/parser/ast/astarray.rb +5 -1
data/lib/puppet/parser/ast/boolean_operator.rb +3 -3
data/lib/puppet/parser/ast/caseopt.rb +10 -0
data/lib/puppet/parser/ast/casestatement.rb +12 -27
data/lib/puppet/parser/ast/collection.rb +31 -0
data/lib/puppet/parser/ast/collexpr.rb +18 -11
data/lib/puppet/parser/ast/comparison_operator.rb +1 -1
data/lib/puppet/parser/ast/definition.rb +6 -2
data/lib/puppet/parser/ast/function.rb +7 -2
data/lib/puppet/parser/ast/ifstatement.rb +11 -6
data/lib/puppet/parser/ast/leaf.rb +106 -3
data/lib/puppet/parser/ast/match_operator.rb +31 -0
data/lib/puppet/parser/ast/node.rb +10 -6
data/lib/puppet/parser/ast/resource_defaults.rb +2 -2
data/lib/puppet/parser/ast/resource_override.rb +1 -1
data/lib/puppet/parser/ast/resource_reference.rb +11 -3
data/lib/puppet/parser/ast/selector.rb +14 -32
data/lib/puppet/parser/ast/vardef.rb +1 -1
data/lib/puppet/parser/collector.rb +67 -15
data/lib/puppet/parser/compiler.rb +21 -53
data/lib/puppet/parser/files.rb +92 -0
data/lib/puppet/parser/functions.rb +3 -3
data/lib/puppet/parser/functions/defined.rb +3 -3
data/lib/puppet/parser/functions/fqdn_rand.rb +3 -3
data/lib/puppet/parser/functions/inline_template.rb +4 -4
data/lib/puppet/parser/functions/regsubst.rb +37 -35
data/lib/puppet/parser/functions/require.rb +34 -0
data/lib/puppet/parser/functions/shellquote.rb +41 -0
data/lib/puppet/parser/functions/split.rb +29 -0
data/lib/puppet/parser/functions/sprintf.rb +6 -6
data/lib/puppet/parser/functions/template.rb +4 -4
data/lib/puppet/parser/functions/versioncmp.rb +22 -1
data/lib/puppet/parser/grammar.ra +812 -0
data/lib/puppet/parser/interpreter.rb +4 -4
data/lib/puppet/parser/lexer.rb +44 -15
data/lib/puppet/parser/loaded_code.rb +115 -0
data/lib/puppet/parser/makefile +8 -0
data/lib/puppet/parser/parser.rb +1080 -928
data/lib/puppet/parser/parser_support.rb +118 -96
data/lib/puppet/parser/resource.rb +56 -126
data/lib/puppet/parser/resource/param.rb +2 -76
data/lib/puppet/parser/resource/reference.rb +15 -8
data/lib/puppet/parser/scope.rb +68 -35
data/lib/puppet/parser/templatewrapper.rb +8 -8
data/lib/puppet/parser/yaml_trimmer.rb +11 -0
data/lib/puppet/property.rb +69 -124
data/lib/puppet/property/list.rb +3 -3
data/lib/puppet/provider.rb +5 -5
data/lib/puppet/provider/augeas/augeas.rb +119 -118
data/lib/puppet/provider/computer/computer.rb +3 -3
data/lib/puppet/provider/confine/variable.rb +1 -1
data/lib/puppet/provider/cron/crontab.rb +8 -7
data/lib/puppet/provider/group/directoryservice.rb +2 -2
data/lib/puppet/provider/group/groupadd.rb +1 -1
data/lib/puppet/provider/group/ldap.rb +3 -3
data/lib/puppet/provider/group/pw.rb +1 -1
data/lib/puppet/provider/host/parsed.rb +3 -3
data/lib/puppet/provider/ldap.rb +1 -3
data/lib/puppet/provider/macauthorization/macauthorization.rb +62 -55
data/lib/puppet/provider/mailalias/aliases.rb +9 -1
data/lib/puppet/provider/maillist/mailman.rb +8 -4
data/lib/puppet/provider/mcx/mcxcontent.rb +11 -11
data/lib/puppet/provider/mount/parsed.rb +2 -2
data/lib/puppet/provider/nameservice.rb +6 -6
data/lib/puppet/provider/nameservice/directoryservice.rb +83 -87
data/lib/puppet/provider/package/appdmg.rb +10 -9
data/lib/puppet/provider/package/apple.rb +1 -3
data/lib/puppet/provider/package/apt.rb +5 -5
data/lib/puppet/provider/package/aptitude.rb +1 -1
data/lib/puppet/provider/package/aptrpm.rb +1 -1
data/lib/puppet/provider/package/darwinport.rb +1 -1
data/lib/puppet/provider/package/dpkg.rb +2 -2
data/lib/puppet/provider/package/fink.rb +6 -6
data/lib/puppet/provider/package/freebsd.rb +1 -1
data/lib/puppet/provider/package/gem.rb +2 -2
data/lib/puppet/provider/package/hpux.rb +5 -5
data/lib/puppet/provider/package/pkgdmg.rb +30 -22
data/lib/puppet/provider/package/portage.rb +1 -1
data/lib/puppet/provider/package/ports.rb +1 -1
data/lib/puppet/provider/package/rpm.rb +5 -5
data/lib/puppet/provider/package/rug.rb +1 -1
data/lib/puppet/provider/package/sun.rb +7 -7
data/lib/puppet/provider/package/up2date.rb +1 -1
data/lib/puppet/provider/package/yum.rb +2 -2
data/lib/puppet/provider/package/yumhelper.py +2 -2
data/lib/puppet/provider/port/parsed.rb +1 -1
data/lib/puppet/provider/selmodule/semodule.rb +3 -3
data/lib/puppet/provider/service/base.rb +21 -12
data/lib/puppet/provider/service/daemontools.rb +86 -49
data/lib/puppet/provider/service/debian.rb +20 -12
data/lib/puppet/provider/service/freebsd.rb +5 -5
data/lib/puppet/provider/service/gentoo.rb +2 -2
data/lib/puppet/provider/service/init.rb +21 -33
data/lib/puppet/provider/service/launchd.rb +120 -48
data/lib/puppet/provider/service/redhat.rb +12 -21
data/lib/puppet/provider/service/runit.rb +19 -9
data/lib/puppet/provider/service/smf.rb +49 -34
data/lib/puppet/provider/ssh_authorized_key/parsed.rb +34 -0
data/lib/puppet/provider/sshkey/parsed.rb +2 -2
data/lib/puppet/provider/user/directoryservice.rb +12 -29
data/lib/puppet/provider/user/hpux.rb +3 -3
data/lib/puppet/provider/user/ldap.rb +2 -2
data/lib/puppet/provider/zfs/solaris.rb +1 -1
data/lib/puppet/provider/zone/solaris.rb +4 -4
data/lib/puppet/provider/zpool/solaris.rb +3 -3
data/lib/puppet/rails.rb +9 -9
data/lib/puppet/rails/benchmark.rb +69 -0
data/lib/puppet/rails/database/001_add_created_at_to_all_tables.rb +5 -5
data/lib/puppet/rails/database/002_remove_duplicated_index_on_all_tables.rb +2 -2
data/lib/puppet/rails/database/003_add_environment_to_host.rb +1 -1
data/lib/puppet/rails/database/schema.rb +8 -8
data/lib/puppet/rails/fact_value.rb +1 -1
data/lib/puppet/rails/host.rb +211 -93
data/lib/puppet/rails/param_name.rb +5 -1
data/lib/puppet/rails/param_value.rb +29 -2
data/lib/puppet/rails/puppet_tag.rb +5 -0
data/lib/puppet/rails/resource.rb +120 -20
data/lib/puppet/rails/resource_tag.rb +1 -1
data/lib/puppet/rails/source_file.rb +1 -1
data/lib/puppet/reference/configuration.rb +14 -14
data/lib/puppet/reference/function.rb +1 -1
data/lib/puppet/reference/metaparameter.rb +48 -0
data/lib/puppet/reference/providers.rb +6 -6
data/lib/puppet/reference/type.rb +1 -37
data/lib/puppet/relationship.rb +57 -30
data/lib/puppet/reports/rrdgraph.rb +4 -4
data/lib/puppet/reports/store.rb +3 -3
data/lib/puppet/reports/tagmail.rb +15 -15
data/lib/puppet/resource.rb +265 -0
data/lib/puppet/{node → resource}/catalog.rb +188 -112
data/lib/puppet/{resource_reference.rb → resource/reference.rb} +46 -24
data/lib/puppet/simple_graph.rb +165 -27
data/lib/puppet/ssl.rb +7 -0
data/lib/puppet/ssl/base.rb +62 -0
data/lib/puppet/ssl/certificate.rb +34 -0
data/lib/puppet/ssl/certificate_authority.rb +298 -0
data/lib/puppet/ssl/certificate_authority/interface.rb +118 -0
data/lib/puppet/ssl/certificate_factory.rb +145 -0
data/lib/puppet/ssl/certificate_request.rb +51 -0
data/lib/puppet/ssl/certificate_revocation_list.rb +86 -0
data/lib/puppet/ssl/host.rb +271 -0
data/lib/puppet/ssl/inventory.rb +52 -0
data/lib/puppet/ssl/key.rb +56 -0
data/lib/puppet/sslcertificates.rb +6 -6
data/lib/puppet/sslcertificates/ca.rb +15 -15
data/lib/puppet/sslcertificates/certificate.rb +4 -4
data/lib/puppet/sslcertificates/inventory.rb +3 -3
data/lib/puppet/transaction.rb +113 -139
data/lib/puppet/transaction/change.rb +6 -6
data/lib/puppet/transaction/event.rb +1 -1
data/lib/puppet/transaction/report.rb +7 -1
data/lib/puppet/transportable.rb +28 -28
data/lib/puppet/type.rb +263 -688
data/lib/puppet/type/augeas.rb +3 -2
data/lib/puppet/type/component.rb +28 -95
data/lib/puppet/type/computer.rb +10 -10
data/lib/puppet/type/cron.rb +19 -14
data/lib/puppet/type/exec.rb +21 -20
data/lib/puppet/type/file.rb +306 -633
data/lib/puppet/type/file/checksum.rb +10 -11
data/lib/puppet/type/file/content.rb +83 -22
data/lib/puppet/type/file/ensure.rb +15 -9
data/lib/puppet/type/file/group.rb +7 -1
data/lib/puppet/type/file/mode.rb +1 -1
data/lib/puppet/type/file/owner.rb +9 -3
data/lib/puppet/type/file/selcontext.rb +4 -4
data/lib/puppet/type/file/source.rb +78 -179
data/lib/puppet/type/file/target.rb +3 -3
data/lib/puppet/type/file/type.rb +2 -2
data/lib/puppet/type/filebucket.rb +33 -54
data/lib/puppet/type/group.rb +8 -8
data/lib/puppet/type/host.rb +7 -7
data/lib/puppet/type/k5login.rb +2 -2
data/lib/puppet/type/macauthorization.rb +77 -52
data/lib/puppet/type/mailalias.rb +2 -2
data/lib/puppet/type/maillist.rb +2 -2
data/lib/puppet/type/mcx.rb +3 -3
data/lib/puppet/type/mount.rb +16 -11
data/lib/puppet/type/notify.rb +4 -4
data/lib/puppet/type/package.rb +6 -28
data/lib/puppet/type/port.rb +1 -1
data/lib/puppet/type/resources.rb +19 -19
data/lib/puppet/type/schedule.rb +18 -20
data/lib/puppet/type/selmodule.rb +1 -1
data/lib/puppet/type/service.rb +11 -7
data/lib/puppet/type/ssh_authorized_key.rb +26 -9
data/lib/puppet/type/sshkey.rb +2 -2
data/lib/puppet/type/tidy.rb +285 -289
data/lib/puppet/type/user.rb +9 -7
data/lib/puppet/type/yumrepo.rb +17 -16
data/lib/puppet/type/zone.rb +8 -7
data/lib/puppet/util.rb +11 -36
data/lib/puppet/util/autoload.rb +31 -19
data/lib/puppet/util/autoload/file_cache.rb +115 -0
data/lib/puppet/util/backups.rb +86 -0
data/lib/puppet/util/cacher.rb +135 -0
data/lib/puppet/util/checksums.rb +11 -1
data/lib/puppet/util/classgen.rb +1 -1
data/lib/puppet/util/config_store.rb +2 -2
data/lib/puppet/util/constant_inflector.rb +1 -1
data/lib/puppet/util/diff.rb +2 -2
data/lib/puppet/util/docs.rb +9 -3
data/lib/puppet/util/execution.rb +1 -1
data/lib/puppet/util/feature.rb +27 -20
data/lib/puppet/util/fileparsing.rb +3 -3
data/lib/puppet/util/filetype.rb +8 -6
data/lib/puppet/util/graph.rb +5 -5
data/lib/puppet/util/inifile.rb +5 -5
data/lib/puppet/util/json.rb +13 -0
data/lib/puppet/util/ldap/connection.rb +2 -2
data/lib/puppet/util/log.rb +48 -31
data/lib/puppet/util/metric.rb +4 -4
data/lib/puppet/util/monkey_patches.rb +43 -0
data/lib/puppet/util/nagios_maker.rb +1 -1
data/lib/puppet/util/package.rb +4 -4
data/lib/puppet/util/pidlock.rb +59 -59
data/lib/puppet/util/posix.rb +13 -52
data/lib/puppet/util/provider_features.rb +3 -3
data/lib/puppet/util/queue.rb +96 -0
data/lib/puppet/util/queue/stomp.rb +47 -0
data/lib/puppet/util/rails/cache_accumulator.rb +65 -0
data/lib/puppet/util/rails/collection_merger.rb +0 -39
data/lib/puppet/util/rails/reference_serializer.rb +17 -3
data/lib/puppet/util/rdoc.rb +1 -0
data/lib/puppet/util/rdoc/code_objects.rb +5 -1
data/lib/puppet/util/rdoc/generators/puppet_generator.rb +5 -5
data/lib/puppet/util/rdoc/generators/template/puppet/puppet.rb +13 -13
data/lib/puppet/util/rdoc/parser.rb +28 -32
data/lib/puppet/util/reference.rb +29 -8
data/lib/puppet/util/resource_template.rb +1 -1
data/lib/puppet/util/selinux.rb +12 -6
data/lib/puppet/util/settings.rb +203 -578
data/lib/puppet/util/settings/boolean_setting.rb +33 -0
data/lib/puppet/util/settings/file_setting.rb +119 -0
data/lib/puppet/util/settings/setting.rb +110 -0
data/lib/puppet/util/subclass_loader.rb +1 -1
data/lib/puppet/util/suidmanager.rb +2 -2
data/lib/puppet/util/tagging.rb +1 -1
data/lib/puppet/util/warnings.rb +17 -9
data/man/man8/filebucket.8 +2 -2
data/man/man8/pi.8 +2 -2
data/man/man8/puppet.8 +3 -4
data/man/man8/puppet.conf.8 +63 -63
data/man/man8/puppetca.8 +2 -2
data/man/man8/puppetd.8 +2 -2
data/man/man8/puppetdoc.8 +2 -2
data/man/man8/puppetmasterd.8 +2 -2
data/man/man8/puppetrun.8 +2 -2
data/man/man8/ralsh.8 +3 -3
data/sbin/puppetca +102 -0
data/sbin/puppetd +159 -0
data/sbin/puppetmasterd +66 -0
data/sbin/puppetqd +53 -0
data/sbin/puppetrun +130 -0
data/spec/Rakefile +2 -2
data/spec/integration/application/puppet.rb +33 -0
data/spec/integration/bin/puppetmasterd.rb +110 -0
data/spec/integration/configurer.rb +18 -0
data/spec/integration/defaults.rb +158 -7
data/spec/integration/file_serving/content.rb +2 -0
data/spec/integration/file_serving/fileset.rb +14 -0
data/spec/integration/file_serving/metadata.rb +2 -0
data/spec/integration/file_serving/terminus_helper.rb +22 -0
data/spec/integration/indirector/catalog/compiler.rb +67 -0
data/spec/integration/indirector/catalog/queue.rb +61 -0
data/spec/integration/indirector/certificate/rest.rb +69 -0
data/spec/integration/indirector/certificate_request/rest.rb +89 -0
data/spec/integration/indirector/certificate_revocation_list/rest.rb +77 -0
data/spec/integration/indirector/direct_file_server.rb +16 -23
data/spec/integration/indirector/file_content/file_server.rb +75 -0
data/spec/integration/indirector/report/rest.rb +95 -0
data/spec/integration/indirector/rest.rb +207 -147
data/spec/integration/network/client.rb +19 -0
data/spec/integration/network/formats.rb +110 -0
data/spec/integration/network/handler.rb +25 -0
data/spec/integration/network/server/mongrel.rb +26 -8
data/spec/integration/network/server/webrick.rb +49 -11
data/spec/integration/node/environment.rb +58 -0
data/spec/integration/node/facts.rb +4 -2
data/spec/integration/parser/compiler.rb +29 -0
data/spec/integration/parser/functions/require.rb +67 -0
data/spec/integration/provider/mailalias/aliases.rb +25 -0
data/spec/integration/{node → resource}/catalog.rb +17 -10
data/spec/integration/ssl/certificate_authority.rb +135 -0
data/spec/integration/ssl/certificate_request.rb +59 -0
data/spec/integration/ssl/certificate_revocation_list.rb +42 -0
data/spec/integration/ssl/host.rb +90 -0
data/spec/integration/transaction.rb +66 -0
data/spec/integration/transaction/report.rb +2 -5
data/spec/integration/type.rb +22 -0
data/spec/integration/type/file.rb +458 -0
data/spec/integration/type/package.rb +1 -1
data/spec/integration/type/tidy.rb +27 -0
data/spec/integration/util/autoload.rb +114 -0
data/spec/integration/util/feature.rb +54 -0
data/spec/integration/util/file_locking.rb +2 -1
data/spec/integration/util/settings.rb +27 -0
data/spec/lib/puppet_spec/files.rb +9 -0
data/spec/monkey_patches/add_confine_and_runnable_to_rspec_dsl.rb +1 -0
data/spec/monkey_patches/alias_should_to_must.rb +1 -0
data/spec/shared_behaviours/file_server_terminus.rb +14 -11
data/spec/shared_behaviours/file_serving.rb +13 -17
data/spec/spec_helper.rb +22 -5
data/spec/unit/agent.rb +259 -0
data/spec/unit/agent/locker.rb +100 -0
data/spec/unit/agent/runner.rb +118 -0
data/spec/unit/application.rb +420 -0
data/spec/unit/application/filebucket.rb +220 -0
data/spec/unit/application/pi.rb +84 -0
data/spec/unit/application/puppet.rb +404 -0
data/spec/unit/application/puppetca.rb +142 -0
data/spec/unit/application/puppetd.rb +502 -0
data/spec/unit/application/puppetdoc.rb +345 -0
data/spec/unit/application/puppetmasterd.rb +456 -0
data/spec/unit/application/puppetqd.rb +186 -0
data/spec/unit/application/puppetrun.rb +279 -0
data/spec/unit/application/ralsh.rb +237 -0
data/spec/unit/configurer.rb +232 -0
data/spec/unit/configurer/downloader.rb +188 -0
data/spec/unit/configurer/fact_handler.rb +150 -0
data/spec/unit/configurer/plugin_handler.rb +112 -0
data/spec/unit/daemon.rb +287 -0
data/spec/unit/file_serving/{file_base.rb → base.rb} +39 -31
data/spec/unit/file_serving/configuration.rb +104 -93
data/spec/unit/file_serving/configuration/parser.rb +64 -18
data/spec/unit/file_serving/content.rb +65 -26
data/spec/unit/file_serving/fileset.rb +116 -14
data/spec/unit/file_serving/indirection_hooks.rb +34 -95
data/spec/unit/file_serving/metadata.rb +27 -40
data/spec/unit/file_serving/mount.rb +7 -118
data/spec/unit/file_serving/mount/file.rb +188 -0
data/spec/unit/file_serving/mount/modules.rb +63 -0
data/spec/unit/file_serving/mount/plugins.rb +61 -0
data/spec/unit/file_serving/terminus_helper.rb +39 -27
data/spec/unit/indirector.rb +6 -1
data/spec/unit/indirector/active_record.rb +76 -0
data/spec/unit/indirector/catalog/active_record.rb +122 -0
data/spec/unit/indirector/catalog/compiler.rb +222 -118
data/spec/unit/indirector/catalog/queue.rb +20 -0
data/spec/unit/indirector/catalog/rest.rb +11 -0
data/spec/unit/indirector/catalog/yaml.rb +6 -6
data/spec/unit/indirector/certificate/ca.rb +28 -0
data/spec/unit/indirector/certificate/file.rb +28 -0
data/spec/unit/indirector/certificate/rest.rb +23 -0
data/spec/unit/indirector/certificate_request/ca.rb +19 -0
data/spec/unit/indirector/certificate_request/file.rb +19 -0
data/spec/unit/indirector/certificate_request/rest.rb +23 -0
data/spec/unit/indirector/certificate_revocation_list/ca.rb +21 -0
data/spec/unit/indirector/certificate_revocation_list/file.rb +20 -0
data/spec/unit/indirector/certificate_revocation_list/rest.rb +23 -0
data/spec/unit/indirector/direct_file_server.rb +3 -8
data/spec/unit/indirector/exec.rb +6 -1
data/spec/unit/indirector/facts/active_record.rb +104 -0
data/spec/unit/indirector/facts/facter.rb +53 -12
data/spec/unit/indirector/facts/rest.rb +11 -0
data/spec/unit/indirector/file.rb +8 -1
data/spec/unit/indirector/file_metadata/file.rb +5 -5
data/spec/unit/indirector/file_server.rb +181 -98
data/spec/unit/indirector/indirection.rb +102 -38
data/spec/unit/indirector/key/ca.rb +28 -0
data/spec/unit/indirector/key/file.rb +104 -0
data/spec/unit/indirector/node/active_record.rb +34 -0
data/spec/unit/indirector/node/ldap.rb +1 -1
data/spec/unit/indirector/node/rest.rb +2 -2
data/spec/unit/indirector/queue.rb +123 -0
data/spec/unit/indirector/report/rest.rb +28 -0
data/spec/unit/indirector/request.rb +221 -0
data/spec/unit/indirector/rest.rb +343 -334
data/spec/unit/indirector/runner/rest.rb +11 -0
data/spec/unit/indirector/ssl_file.rb +280 -0
data/spec/unit/module.rb +180 -180
data/spec/unit/network/authconfig.rb +292 -0
data/spec/unit/network/authstore.rb +94 -0
data/spec/unit/network/client.rb +2 -2
data/spec/unit/network/client/dipper.rb +16 -0
data/spec/unit/network/format.rb +191 -0
data/spec/unit/network/format_handler.rb +306 -0
data/spec/unit/network/formats.rb +249 -0
data/spec/unit/network/handler/fileserver.rb +2 -5
data/spec/unit/network/http.rb +3 -3
data/spec/unit/network/http/api/v1.rb +122 -0
data/spec/unit/network/http/handler.rb +448 -0
data/spec/unit/network/http/mongrel.rb +46 -32
data/spec/unit/network/http/mongrel/rest.rb +174 -319
data/spec/unit/network/http/rack.rb +102 -0
data/spec/unit/network/http/rack/rest.rb +199 -0
data/spec/unit/network/http/rack/xmlrpc.rb +157 -0
data/spec/unit/network/http/webrick.rb +249 -37
data/spec/unit/network/http/webrick/rest.rb +113 -279
data/spec/unit/network/http_pool.rb +86 -110
data/spec/unit/network/rest_authconfig.rb +146 -0
data/spec/unit/network/rest_authorization.rb +43 -0
data/spec/unit/network/rights.rb +519 -0
data/spec/unit/network/server.rb +475 -257
data/spec/unit/node.rb +43 -10
data/spec/unit/node/environment.rb +143 -9
data/spec/unit/node/facts.rb +77 -24
data/spec/unit/other/selinux.rb +85 -0
data/spec/unit/other/transbucket.rb +29 -13
data/spec/unit/other/transobject.rb +35 -15
data/spec/unit/parameter.rb +378 -5
data/spec/unit/parser/ast.rb +1 -1
data/spec/unit/parser/ast/arithmetic_operator.rb +17 -17
data/spec/unit/parser/ast/astarray.rb +16 -10
data/spec/unit/parser/ast/boolean_operator.rb +2 -2
data/spec/unit/parser/ast/casestatement.rb +143 -0
data/spec/unit/parser/ast/collection.rb +63 -0
data/spec/unit/parser/ast/collexpr.rb +31 -8
data/spec/unit/parser/ast/comparison_operator.rb +9 -9
data/spec/unit/parser/ast/definition.rb +18 -0
data/spec/unit/parser/ast/function.rb +6 -0
data/spec/unit/parser/ast/ifstatement.rb +75 -0
data/spec/unit/parser/ast/leaf.rb +261 -0
data/spec/unit/parser/ast/match_operator.rb +50 -0
data/spec/unit/parser/ast/minus.rb +1 -1
data/spec/unit/parser/ast/node.rb +20 -0
data/spec/unit/parser/ast/not.rb +1 -1
data/spec/unit/parser/ast/resource_override.rb +5 -5
data/spec/unit/parser/ast/resource_reference.rb +11 -5
data/spec/unit/parser/ast/selector.rb +156 -0
data/spec/unit/parser/ast/vardef.rb +11 -11
data/spec/unit/parser/collector.rb +167 -48
data/spec/unit/parser/compiler.rb +128 -104
data/spec/unit/parser/files.rb +190 -0
data/spec/unit/parser/functions/inline_template.rb +0 -0
data/spec/unit/parser/functions/regsubst.rb +42 -42
data/spec/unit/parser/functions/require.rb +36 -0
data/spec/unit/parser/functions/shellquote.rb +92 -0
data/spec/unit/parser/functions/split.rb +51 -0
data/spec/unit/parser/functions/sprintf.rb +11 -11
data/spec/unit/parser/functions/template.rb +0 -0
data/spec/unit/parser/functions/versioncmp.rb +2 -2
data/spec/unit/parser/interpreter.rb +16 -7
data/spec/unit/parser/lexer.rb +72 -12
data/spec/unit/parser/loaded_code.rb +198 -0
data/spec/unit/parser/parser.rb +215 -28
data/spec/unit/parser/resource.rb +131 -22
data/spec/unit/parser/scope.rb +207 -12
data/spec/unit/parser/templatewrapper.rb +8 -3
data/spec/unit/property.rb +270 -16
data/spec/unit/property/list.rb +12 -6
data/spec/unit/provider.rb +31 -0
data/spec/unit/provider/augeas/augeas.rb +61 -33
data/spec/unit/provider/macauthorization.rb +29 -29
data/spec/unit/provider/mcx/mcxcontent.rb +4 -4
data/spec/unit/provider/mount/parsed.rb +5 -8
data/spec/unit/provider/naginator.rb +0 -0
data/spec/unit/provider/package/apt.rb +6 -6
data/spec/unit/provider/package/pkgdmg.rb +73 -0
data/spec/unit/provider/selboolean.rb +1 -1
data/spec/unit/provider/selmodule.rb +2 -2
data/spec/unit/provider/service/daemontools.rb +40 -15
data/spec/unit/provider/service/debian.rb +89 -0
data/spec/unit/provider/service/init.rb +106 -0
data/spec/unit/provider/service/launchd.rb +71 -13
data/spec/unit/provider/service/redhat.rb +94 -0
data/spec/unit/provider/service/runit.rb +14 -2
data/spec/unit/provider/ssh_authorized_key/parsed.rb +66 -2
data/spec/unit/provider/user/ldap.rb +1 -1
data/spec/unit/provider/user/user_role_add.rb +1 -1
data/spec/unit/provider/zfs/solaris.rb +18 -6
data/spec/unit/provider/zone/solaris.rb +1 -1
data/spec/unit/rails.rb +16 -22
data/spec/unit/rails/host.rb +163 -0
data/spec/unit/rails/param_value.rb +49 -0
data/spec/unit/rails/resource.rb +87 -0
data/spec/unit/relationship.rb +141 -29
data/spec/unit/resource.rb +504 -0
data/spec/unit/resource/catalog.rb +1061 -0
data/spec/unit/resource/reference.rb +111 -0
data/spec/unit/simple_graph.rb +448 -191
data/spec/unit/ssl/certificate.rb +124 -0
data/spec/unit/ssl/certificate_authority.rb +741 -0
data/spec/unit/ssl/certificate_authority/interface.rb +269 -0
data/spec/unit/ssl/certificate_factory.rb +107 -0
data/spec/unit/ssl/certificate_request.rb +193 -0
data/spec/unit/ssl/certificate_revocation_list.rb +180 -0
data/spec/unit/ssl/host.rb +704 -0
data/spec/unit/ssl/inventory.rb +180 -0
data/spec/unit/ssl/key.rb +198 -0
data/spec/unit/transaction.rb +65 -2
data/spec/unit/transaction/change.rb +1 -1
data/spec/unit/transaction/report.rb +1 -1
data/spec/unit/type.rb +361 -8
data/spec/unit/type/augeas.rb +30 -37
data/spec/unit/type/component.rb +63 -0
data/spec/unit/type/computer.rb +17 -21
data/spec/unit/type/exec.rb +27 -2
data/spec/unit/type/file.rb +704 -83
data/spec/unit/type/file/content.rb +253 -15
data/spec/unit/type/file/ensure.rb +65 -2
data/spec/unit/type/file/group.rb +5 -0
data/spec/unit/type/file/owner.rb +5 -0
data/spec/unit/type/file/selinux.rb +12 -16
data/spec/unit/type/file/source.rb +264 -0
data/spec/unit/type/filebucket.rb +74 -0
data/spec/unit/type/group.rb +1 -5
data/spec/unit/type/macauthorization.rb +59 -26
data/spec/unit/type/mcx.rb +8 -16
data/spec/unit/type/mount.rb +8 -16
data/spec/unit/type/noop_metaparam.rb +0 -2
data/spec/unit/type/package.rb +13 -23
data/spec/unit/type/resources.rb +4 -7
data/spec/unit/type/schedule.rb +1 -7
data/spec/unit/type/selboolean.rb +4 -6
data/spec/unit/type/service.rb +23 -33
data/spec/unit/type/ssh_authorized_key.rb +25 -14
data/spec/unit/type/tidy.rb +329 -21
data/spec/unit/type/user.rb +18 -10
data/spec/unit/type/zfs.rb +6 -6
data/spec/unit/util/autoload.rb +94 -3
data/spec/unit/util/autoload/file_cache.rb +183 -0
data/spec/unit/util/backups.rb +159 -0
data/spec/unit/util/cache_accumulator.rb +69 -0
data/spec/unit/util/cacher.rb +185 -0
data/spec/unit/util/checksums.rb +9 -1
data/spec/unit/util/feature.rb +72 -0
data/spec/unit/util/filetype.rb +1 -11
data/spec/unit/util/json.rb +21 -0
data/spec/unit/util/log.rb +45 -0
data/spec/unit/util/package.rb +2 -2
data/spec/unit/util/queue.rb +88 -0
data/spec/unit/util/queue/stomp.rb +140 -0
data/spec/unit/util/reference_serializer.rb +52 -0
data/spec/unit/util/selinux.rb +5 -3
data/spec/unit/util/settings.rb +413 -264
data/spec/unit/util/settings/file_setting.rb +223 -0
data/spec/unit/util/storage.rb +11 -11
data/spec/unit/util/warnings.rb +21 -17
data/test/Rakefile +6 -5
data/test/certmgr/ca.rb +5 -5
data/test/certmgr/certmgr.rb +4 -4
data/test/data/providers/cron/crontab.allthree +2 -2
data/test/data/providers/cron/crontab.envNcomment +1 -1
data/test/data/providers/cron/crontab.envNname +1 -1
data/test/data/providers/cron/crontab.multirecords +1 -1
data/test/data/providers/cron/crontab_collections.yaml +14 -14
data/test/data/providers/cron/crontab_multiple_with_env.yaml +6 -6
data/test/data/providers/cron/crontab_sample_records.yaml +102 -102
data/test/data/providers/mailalias/aliases/test1 +28 -0
data/test/data/providers/package/testpackages.yaml +6 -6
data/test/data/reports/1.yaml +17 -17
data/test/data/reports/tagmail_passers.conf +2 -2
data/test/data/snippets/append.pp +5 -5
data/test/data/snippets/casestatement.pp +9 -2
data/test/data/snippets/classincludes.pp +1 -1
data/test/data/snippets/collection_override.pp +8 -0
data/test/data/snippets/fqparents.pp +2 -2
data/test/data/snippets/ifexpression.pp +12 -0
data/test/data/snippets/multilinecomments.pp +5 -1
data/test/data/snippets/selectorvalues.pp +7 -0
data/test/data/types/hosts/1 +1 -1
data/test/data/types/hosts/2 +3 -3
data/test/data/types/hosts/solaris +2 -2
data/test/data/types/mount/freebsd.fstab +7 -7
data/test/data/types/mount/solaris.fstab +10 -10
data/test/data/types/port/1 +472 -472
data/test/data/types/port/darwin +4347 -4347
data/test/language/ast.rb +3 -2
data/test/language/ast/casestatement.rb +12 -12
data/test/language/ast/resource.rb +4 -4
data/test/language/ast/resource_reference.rb +5 -5
data/test/language/ast/selector.rb +11 -11
data/test/language/ast/variable.rb +4 -4
data/test/language/functions.rb +16 -16
data/test/language/parser.rb +89 -111
data/test/language/resource.rb +3 -88
data/test/language/scope.rb +14 -55
data/test/language/snippets.rb +31 -31
data/test/lib/puppettest.rb +12 -12
data/test/lib/puppettest/certificates.rb +2 -2
data/test/lib/puppettest/exetest.rb +0 -1
data/test/lib/puppettest/fakes.rb +1 -1
data/test/lib/puppettest/parsertesting.rb +9 -4
data/test/lib/puppettest/railstesting.rb +3 -3
data/test/lib/puppettest/servertest.rb +1 -1
data/test/lib/puppettest/support/assertions.rb +2 -2
data/test/lib/puppettest/support/collection.rb +1 -1
data/test/lib/puppettest/support/resources.rb +7 -7
data/test/lib/puppettest/support/utils.rb +10 -16
data/test/lib/puppettest/testcase.rb +2 -1
data/test/network/authconfig.rb +1 -1
data/test/network/authorization.rb +1 -1
data/test/network/authstore.rb +57 -14
data/test/network/client/ca.rb +1 -0
data/test/network/client/resource.rb +12 -50
data/test/network/client_request.rb +1 -1
data/test/network/handler/bucket.rb +2 -2
data/test/network/handler/fileserver.rb +17 -21
data/test/network/handler/master.rb +5 -5
data/test/network/handler/report.rb +3 -3
data/test/network/handler/resource.rb +29 -75
data/test/network/handler/runner.rb +8 -58
data/test/network/rights.rb +1 -1
data/test/network/server/mongrel_test.rb +15 -1
data/test/network/server/webrick.rb +0 -36
data/test/network/xmlrpc/webrick_servlet.rb +5 -5
data/test/other/dsl.rb +3 -3
data/test/other/events.rb +15 -15
data/test/other/puppet.rb +2 -32
data/test/other/relationships.rb +21 -148
data/test/other/report.rb +20 -23
data/test/other/transactions.rb +110 -298
data/test/puppet/defaults.rb +1 -1
data/test/puppet/tc_suidmanager.rb +1 -1
data/test/rails/railsparameter.rb +4 -4
data/test/ral/manager/attributes.rb +12 -68
data/test/ral/manager/instances.rb +3 -19
data/test/ral/manager/manager.rb +7 -7
data/test/ral/manager/provider.rb +7 -7
data/test/ral/manager/type.rb +54 -349
data/test/ral/providers/cron/crontab.rb +14 -14
data/test/ral/providers/group.rb +5 -6
data/test/ral/providers/host/parsed.rb +3 -3
data/test/ral/providers/mailalias/aliases.rb +4 -4
data/test/ral/providers/package.rb +3 -3
data/test/ral/providers/package/aptitude.rb +55 -55
data/test/ral/providers/package/aptrpm.rb +7 -7
data/test/ral/providers/parsedfile.rb +10 -14
data/test/ral/providers/port/parsed.rb +6 -6
data/test/ral/providers/provider.rb +10 -10
data/test/ral/providers/service/base.rb +32 -32
data/test/ral/providers/sshkey/parsed.rb +14 -14
data/test/ral/providers/user.rb +16 -17
data/test/ral/providers/user/useradd.rb +19 -22
data/test/ral/type/cron.rb +21 -28
data/test/ral/type/exec.rb +57 -60
data/test/ral/type/file.rb +88 -862
data/test/ral/type/file/target.rb +21 -70
data/test/ral/type/fileignoresource.rb +37 -44
data/test/ral/type/filesources.rb +43 -473
data/test/ral/type/group.rb +6 -7
data/test/ral/type/host.rb +14 -30
data/test/ral/type/mailalias.rb +3 -3
data/test/ral/type/port.rb +5 -5
data/test/ral/type/resources.rb +37 -37
data/test/ral/type/service.rb +3 -3
data/test/ral/type/sshkey.rb +34 -39
data/test/ral/type/user.rb +15 -14
data/test/ral/type/yumrepo.rb +18 -17
data/test/ral/type/zone.rb +4 -6
data/test/test +9 -9
data/test/util/fileparsing.rb +10 -10
data/test/util/inifile.rb +6 -6
data/test/util/instance_loader.rb +1 -1
data/test/util/log.rb +2 -2
data/test/util/metrics.rb +1 -6
data/test/util/package.rb +1 -1
data/test/util/pidlock.rb +116 -116
data/test/util/settings.rb +40 -429
data/test/util/storage.rb +5 -5
data/test/util/subclass_loader.rb +0 -7
data/test/util/utiltest.rb +10 -29
metadata +1369 -941
data/bin/puppetca +0 -363
data/bin/puppetd +0 -439
data/bin/puppetmasterd +0 -289
data/bin/puppetrun +0 -369
data/conf/redhat/lsb-config.patch +0 -51
data/conf/redhat/no-chuser-0.15.1.patch +0 -38
data/conf/redhat/no-lockdir.patch +0 -13
data/examples/mac_netinfo.pp +0 -5
data/ext/passenger/README +0 -63
data/ext/passenger/apache2.conf +0 -29
data/ext/passenger/config.ru +0 -40
data/lib/puppet/config_stores/rest.rb +0 -60
data/lib/puppet/executables/client/certhandler.rb +0 -82
data/lib/puppet/indirector/file_content/modules.rb +0 -11
data/lib/puppet/indirector/file_metadata/modules.rb +0 -17
data/lib/puppet/indirector/module_files.rb +0 -82
data/lib/puppet/indirector/ssl_rsa.rb +0 -5
data/lib/puppet/indirector/ssl_rsa/file.rb +0 -33
data/lib/puppet/network/client/master.rb +0 -524
data/lib/puppet/network/http_server/rack.rb +0 -148
data/lib/puppet/pgraph.rb +0 -121
data/lib/puppet/provider/group/netinfo.rb +0 -15
data/lib/puppet/provider/host/netinfo.rb +0 -19
data/lib/puppet/provider/mount/netinfo.rb +0 -37
data/lib/puppet/provider/nameservice/netinfo.rb +0 -224
data/lib/puppet/provider/user/netinfo.rb +0 -111
data/lib/puppet/util/fact_store.rb +0 -59
data/lib/puppet/util/uri_helper.rb +0 -22
data/spec/integration/file_serving/configuration.rb +0 -43
data/spec/integration/indirector/module_files.rb +0 -57
data/spec/unit/executables/client/certhandler.rb +0 -135
data/spec/unit/indirector/file_content/modules.rb +0 -18
data/spec/unit/indirector/file_metadata/modules.rb +0 -42
data/spec/unit/indirector/module_files.rb +0 -259
data/spec/unit/indirector/ssl_rsa/file.rb +0 -121
data/spec/unit/network/client/master.rb +0 -442
data/spec/unit/node/catalog.rb +0 -865
data/spec/unit/other/pgraph.rb +0 -210
data/spec/unit/resource_reference.rb +0 -73
data/spec/unit/util/uri_helper.rb +0 -41
data/test/data/snippets/ifexpression.rb +0 -6
data/test/executables/filebucket.rb +0 -51
data/test/executables/puppetbin.rb +0 -104
data/test/executables/puppetca.rb +0 -115
data/test/executables/puppetd.rb +0 -55
data/test/executables/puppetmasterd.rb +0 -147
data/test/network/client/client.rb +0 -195
data/test/network/client/master.rb +0 -490
data/test/network/daemon.rb +0 -70
data/test/network/handler/handler.rb +0 -63
data/test/other/overrides.rb +0 -107
data/test/puppet/conffiles.rb +0 -107
data/test/rails/ast.rb +0 -73
data/test/rails/configuration.rb +0 -71
data/test/rails/host.rb +0 -154
data/test/rails/railsresource.rb +0 -251
data/test/ral/providers/host/netinfo.rb +0 -56
data/test/ral/providers/mount/netinfo.rb +0 -79
data/test/ral/type/basic.rb +0 -85
data/test/ral/type/filebucket.rb +0 -157
data/test/ral/type/parameter.rb +0 -174
data/test/ral/type/property.rb +0 -388
data/test/ral/type/tidy.rb +0 -291
data/test/util/autoload.rb +0 -145
data/test/util/features.rb +0 -95

data/lib/puppet/ssl/certificate_factory.rb ADDED

@@ -0,0 +1,145 @@
+require 'puppet/ssl'
+# The tedious class that does all the manipulations to the
+# certificate to correctly sign it.  Yay.
+class Puppet::SSL::CertificateFactory
+    # How we convert from various units to the required seconds.
+    UNITMAP = {
+        "y" => 365 * 24 * 60 * 60,
+        "d" => 24 * 60 * 60,
+        "h" => 60 * 60,
+        "s" => 1
+    }
+    attr_reader :name, :cert_type, :csr, :issuer, :serial
+    def initialize(cert_type, csr, issuer, serial)
+        @cert_type, @csr, @issuer, @serial = cert_type, csr, issuer, serial
+        @name = @csr.subject
+    end
+    # Actually generate our certificate.
+    def result
+        @cert = OpenSSL::X509::Certificate.new
+        @cert.version = 2 # X509v3
+        @cert.subject = @csr.subject
+        @cert.issuer = @issuer.subject
+        @cert.public_key = @csr.public_key
+        @cert.serial = @serial
+        build_extensions()
+        set_ttl
+        @cert
+    end
+    private
+    # This is pretty ugly, but I'm not really sure it's even possible to do
+    # it any other way.
+    def build_extensions
+        @ef = OpenSSL::X509::ExtensionFactory.new
+        @ef.subject_certificate = @cert
+        if @issuer.is_a?(OpenSSL::X509::Request) # It's a self-signed cert
+            @ef.issuer_certificate = @cert
+        else
+            @ef.issuer_certificate = @issuer
+        end
+        @subject_alt_name = []
+        @key_usage = nil
+        @ext_key_usage = nil
+        @extensions = []
+        method = "add_#{@cert_type.to_s}_extensions"
+        begin
+            send(method)
+        rescue NoMethodError
+            raise ArgumentError, "%s is an invalid certificate type" % @cert_type
+        end
+        @extensions << @ef.create_extension("nsComment", "Puppet Ruby/OpenSSL Generated Certificate")
+        @extensions << @ef.create_extension("basicConstraints", @basic_constraint, true)
+        @extensions << @ef.create_extension("subjectKeyIdentifier", "hash")
+        @extensions << @ef.create_extension("keyUsage", @key_usage.join(",")) if @key_usage
+        @extensions << @ef.create_extension("extendedKeyUsage", @ext_key_usage.join(",")) if @ext_key_usage
+        @extensions << @ef.create_extension("subjectAltName", @subject_alt_name.join(",")) if ! @subject_alt_name.empty?
+        @cert.extensions = @extensions
+        # for some reason this _must_ be the last extension added
+        @extensions << @ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always") if @cert_type == :ca
+    end
+    # TTL for new certificates in seconds. If config param :ca_ttl is set,
+    # use that, otherwise use :ca_days for backwards compatibility
+    def ttl
+        ttl = Puppet.settings[:ca_ttl]
+        return ttl unless ttl.is_a?(String)
+        raise ArgumentError, "Invalid ca_ttl #{ttl}" unless ttl =~ /^(\d+)(y|d|h|s)$/
+        return $1.to_i * UNITMAP[$2]
+    end
+    def set_ttl
+        # Make the certificate valid as of yesterday, because
+        # so many people's clocks are out of sync.
+        from = Time.now - (60*60*24)
+        @cert.not_before = from
+        @cert.not_after = from + ttl
+    end
+    # Woot! We're a CA.
+    def add_ca_extensions
+        @basic_constraint = "CA:TRUE"
+        @key_usage = %w{cRLSign keyCertSign}
+    end
+    # We're a terminal CA, probably not self-signed.
+    def add_terminalsubca_extensions
+        @basic_constraint = "CA:TRUE,pathlen:0"
+        @key_usage = %w{cRLSign keyCertSign}
+    end
+    # We're a normal server.
+    def add_server_extensions
+        @basic_constraint = "CA:FALSE"
+        dnsnames = Puppet[:certdnsnames]
+        name = @name.to_s.sub(%r{/CN=},'')
+        if dnsnames != ""
+            dnsnames.split(':').each { |d| @subject_alt_name << 'DNS:' + d }
+            @subject_alt_name << 'DNS:' + name # Add the fqdn as an alias
+        elsif name == Facter.value(:fqdn) # we're a CA server, and thus probably the server
+            @subject_alt_name << 'DNS:' + "puppet" # Add 'puppet' as an alias
+            @subject_alt_name << 'DNS:' + name # Add the fqdn as an alias
+            @subject_alt_name << 'DNS:' + name.sub(/^[^.]+./, "puppet.") # add puppet.domain as an alias
+        end
+        @key_usage = %w{digitalSignature keyEncipherment}
+        @ext_key_usage = %w{serverAuth clientAuth emailProtection}
+    end
+    # Um, no idea.
+    def add_ocsp_extensions
+        @basic_constraint = "CA:FALSE"
+        @key_usage = %w{nonRepudiation digitalSignature}
+        @ext_key_usage = %w{serverAuth OCSPSigning}
+    end
+    # Normal client.
+    def add_client_extensions
+        @basic_constraint = "CA:FALSE"
+        @key_usage = %w{nonRepudiation digitalSignature keyEncipherment}
+        @ext_key_usage = %w{clientAuth emailProtection}
+        @extensions << @ef.create_extension("nsCertType", "client,email")
+    end
+end

data/lib/puppet/ssl/certificate_request.rb ADDED

@@ -0,0 +1,51 @@
+require 'puppet/ssl/base'
+# Manage certificate requests.
+class Puppet::SSL::CertificateRequest < Puppet::SSL::Base
+    wraps OpenSSL::X509::Request
+    extend Puppet::Indirector
+    indirects :certificate_request, :terminus_class => :file
+    # Convert a string into an instance.
+    def self.from_s(string)
+        instance = wrapped_class.new(string)
+        name = instance.subject.to_s.sub(/\/CN=/i, '').downcase
+        result = new(name)
+        result.content = instance
+        result
+    end
+    # Because of how the format handler class is included, this
+    # can't be in the base class.
+    def self.supported_formats
+        [:s]
+    end
+    # How to create a certificate request with our system defaults.
+    def generate(key)
+        Puppet.info "Creating a new SSL certificate request for %s" % name
+        # Support either an actual SSL key, or a Puppet key.
+        key = key.content if key.is_a?(Puppet::SSL::Key)
+        csr = OpenSSL::X509::Request.new
+        csr.version = 0
+        csr.subject = OpenSSL::X509::Name.new([["CN", name]])
+        csr.public_key = key.public_key
+        csr.sign(key, OpenSSL::Digest::MD5.new)
+        raise Puppet::Error, "CSR sign verification failed; you need to clean the certificate request for %s on the server" % name unless csr.verify(key.public_key)
+        @content = csr
+    end
+    def save(args = {})
+        super()
+        # Try to autosign the CSR.
+        if ca = Puppet::SSL::CertificateAuthority.instance
+            ca.autosign
+        end
+    end
+end

data/lib/puppet/ssl/certificate_revocation_list.rb ADDED

@@ -0,0 +1,86 @@
+require 'puppet/ssl/base'
+require 'puppet/indirector'
+# Manage the CRL.
+class Puppet::SSL::CertificateRevocationList < Puppet::SSL::Base
+    wraps OpenSSL::X509::CRL
+    extend Puppet::Indirector
+    indirects :certificate_revocation_list, :terminus_class => :file
+    # Convert a string into an instance.
+    def self.from_s(string)
+        instance = wrapped_class.new(string)
+        result = new('foo') # The name doesn't matter
+        result.content = instance
+        result
+    end
+    # Because of how the format handler class is included, this
+    # can't be in the base class.
+    def self.supported_formats
+        [:s]
+    end
+    # Knows how to create a CRL with our system defaults.
+    def generate(cert, cakey)
+        Puppet.info "Creating a new certificate revocation list"
+        @content = wrapped_class.new
+        @content.issuer = cert.subject
+        @content.version = 1
+        # Init the CRL number.
+        crlNum = OpenSSL::ASN1::Integer(0)
+        @content.extensions = [OpenSSL::X509::Extension.new("crlNumber", crlNum)]
+        # Set last/next update
+        @content.last_update = Time.now
+        # Keep CRL valid for 5 years
+        @content.next_update = Time.now + 5 * 365*24*60*60
+        @content.sign(cakey, OpenSSL::Digest::SHA1.new)
+        @content
+    end
+    # The name doesn't actually matter; there's only one CRL.
+    # We just need the name so our Indirector stuff all works more easily.
+    def initialize(fakename)
+        raise Puppet::Error, "Cannot manage the CRL when :cacrl is set to false" if [false, "false"].include?(Puppet[:cacrl])
+        @name = "crl"
+    end
+    # Revoke the certificate with serial number SERIAL issued by this
+    # CA, then write the CRL back to disk. The REASON must be one of the
+    # OpenSSL::OCSP::REVOKED_* reasons
+    def revoke(serial, cakey, reason = OpenSSL::OCSP::REVOKED_STATUS_KEYCOMPROMISE)
+        Puppet.notice "Revoked certificate with serial %s" % serial
+        time = Time.now
+        # Add our revocation to the CRL.
+        revoked = OpenSSL::X509::Revoked.new
+        revoked.serial = serial
+        revoked.time = time
+        enum = OpenSSL::ASN1::Enumerated(reason)
+        ext = OpenSSL::X509::Extension.new("CRLReason", enum)
+        revoked.add_extension(ext)
+        @content.add_revoked(revoked)
+        # Increment the crlNumber
+        e = @content.extensions.find { |e| e.oid == 'crlNumber' }
+        ext = @content.extensions.reject { |e| e.oid == 'crlNumber' }
+        crlNum = OpenSSL::ASN1::Integer(e ? e.value.to_i + 1 : 0)
+        ext << OpenSSL::X509::Extension.new("crlNumber", crlNum)
+        @content.extensions = ext
+        # Set last/next update
+        @content.last_update = time
+        # Keep CRL valid for 5 years
+        @content.next_update = time + 5 * 365*24*60*60
+        @content.sign(cakey, OpenSSL::Digest::SHA1.new)
+        save
+    end
+end

data/lib/puppet/ssl/host.rb ADDED

@@ -0,0 +1,271 @@
+require 'puppet/ssl'
+require 'puppet/ssl/key'
+require 'puppet/ssl/certificate'
+require 'puppet/ssl/certificate_request'
+require 'puppet/ssl/certificate_revocation_list'
+require 'puppet/util/cacher'
+# The class that manages all aspects of our SSL certificates --
+# private keys, public keys, requests, etc.
+class Puppet::SSL::Host
+    # Yay, ruby's strange constant lookups.
+    Key = Puppet::SSL::Key
+    Certificate = Puppet::SSL::Certificate
+    CertificateRequest = Puppet::SSL::CertificateRequest
+    CertificateRevocationList = Puppet::SSL::CertificateRevocationList
+    attr_reader :name
+    attr_accessor :ca
+    attr_writer :key, :certificate, :certificate_request
+    class << self
+        include Puppet::Util::Cacher
+        cached_attr(:localhost) do
+            result = new()
+            result.generate unless result.certificate
+            result.key # Make sure it's read in
+            result
+        end
+    end
+    CA_NAME = "ca"
+    # This is the constant that people will use to mark that a given host is
+    # a certificate authority.
+    def self.ca_name
+        CA_NAME
+    end
+    class << self
+        attr_reader :ca_location
+    end
+    # Configure how our various classes interact with their various terminuses.
+    def self.configure_indirection(terminus, cache = nil)
+        Certificate.terminus_class = terminus
+        CertificateRequest.terminus_class = terminus
+        CertificateRevocationList.terminus_class = terminus
+        if cache
+            # This is weird; we don't actually cache our keys, we
+            # use what would otherwise be the cache as our normal
+            # terminus.
+            Key.terminus_class = cache
+        else
+            Key.terminus_class = terminus
+        end
+        if cache
+            Certificate.cache_class = cache
+            CertificateRequest.cache_class = cache
+            CertificateRevocationList.cache_class = cache
+        else
+            # Make sure we have no cache configured.  puppetmasterd
+            # switches the configurations around a bit, so it's important
+            # that we specify the configs for absolutely everything, every
+            # time.
+            Certificate.cache_class = nil
+            CertificateRequest.cache_class = nil
+            CertificateRevocationList.cache_class = nil
+        end
+    end
+    CA_MODES = {
+        # Our ca is local, so we use it as the ultimate source of information
+        # And we cache files locally.
+        :local => [:ca, :file],
+        # We're a remote CA client.
+        :remote => [:rest, :file],
+        # We are the CA, so we don't have read/write access to the normal certificates.
+        :only => [:ca],
+        # We have no CA, so we just look in the local file store.
+        :none => [:file]
+    }
+    # Specify how we expect to interact with our certificate authority.
+    def self.ca_location=(mode)
+        raise ArgumentError, "CA Mode can only be %s" % CA_MODES.collect { |m| m.to_s }.join(", ") unless CA_MODES.include?(mode)
+        @ca_location = mode
+        configure_indirection(*CA_MODES[@ca_location])
+    end
+    # Remove all traces of a given host
+    def self.destroy(name)
+        [Key, Certificate, CertificateRequest].inject(false) do |result, klass|
+            if klass.destroy(name)
+                result = true
+            end
+            result
+        end
+    end
+    # Search for more than one host, optionally only specifying
+    # an interest in hosts with a given file type.
+    # This just allows our non-indirected class to have one of
+    # indirection methods.
+    def self.search(options = {})
+        classes = [Key, CertificateRequest, Certificate]
+        if klass = options[:for]
+            classlist = [klass].flatten
+        else
+            classlist = [Key, CertificateRequest, Certificate]
+        end
+        # Collect the results from each class, flatten them, collect all of the names, make the name list unique,
+        # then create a Host instance for each one.
+        classlist.collect { |klass| klass.search }.flatten.collect { |r| r.name }.uniq.collect do |name|
+            new(name)
+        end
+    end
+    # Is this a ca host, meaning that all of its files go in the CA location?
+    def ca?
+        ca
+    end
+    def key
+        return nil unless @key ||= Key.find(name)
+        @key
+    end
+    # This is the private key; we can create it from scratch
+    # with no inputs.
+    def generate_key
+        @key = Key.new(name)
+        @key.generate
+        begin
+            @key.save
+        rescue
+            @key = nil
+            raise
+        end
+        true
+    end
+    def certificate_request
+        return nil unless @certificate_request ||= CertificateRequest.find(name)
+        @certificate_request
+    end
+    # Our certificate request requires the key but that's all.
+    def generate_certificate_request
+        generate_key unless key
+        @certificate_request = CertificateRequest.new(name)
+        @certificate_request.generate(key.content)
+        begin
+            @certificate_request.save
+        rescue
+            @certificate_request = nil
+            raise
+        end
+        return true
+    end
+    def certificate
+        unless @certificate
+            generate_key unless key
+            # get the CA cert first, since it's required for the normal cert
+            # to be of any use.
+            return nil unless Certificate.find("ca") unless ca?
+            return nil unless @certificate = Certificate.find(name)
+            unless certificate_matches_key?
+                raise Puppet::Error, "Retrieved certificate does not match private key; please remove certificate from server and regenerate it with the current key"
+            end
+        end
+        @certificate
+    end
+    def certificate_matches_key?
+        return false unless key
+        return false unless certificate
+        return certificate.content.check_private_key(key.content)
+    end
+    # Generate all necessary parts of our ssl host.
+    def generate
+        generate_key unless key
+        generate_certificate_request unless certificate_request
+        # If we can get a CA instance, then we're a valid CA, and we
+        # should use it to sign our request; else, just try to read
+        # the cert.
+        if ! certificate() and ca = Puppet::SSL::CertificateAuthority.instance
+            ca.sign(self.name)
+        end
+    end
+    def initialize(name = nil)
+        @name = (name || Puppet[:certname]).downcase
+        @key = @certificate = @certificate_request = nil
+        @ca = (name == self.class.ca_name)
+    end
+    # Extract the public key from the private key.
+    def public_key
+        key.content.public_key
+    end
+    # Create/return a store that uses our SSL info to validate
+    # connections.
+    def ssl_store(purpose = OpenSSL::X509::PURPOSE_ANY)
+        unless defined?(@ssl_store) and @ssl_store
+            @ssl_store = OpenSSL::X509::Store.new
+            @ssl_store.purpose = purpose
+            # Use the file path here, because we don't want to cause
+            # a lookup in the middle of setting our ssl connection.
+            @ssl_store.add_file(Puppet[:localcacert])
+            # If there's a CRL, add it to our store.
+            if crl = Puppet::SSL::CertificateRevocationList.find("ca")
+                @ssl_store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL|OpenSSL::X509::V_FLAG_CRL_CHECK
+                @ssl_store.add_crl(crl.content)
+            end
+            return @ssl_store
+        end
+        @ssl_store
+    end
+    # Attempt to retrieve a cert, if we don't already have one.
+    def wait_for_cert(time)
+        return if certificate
+        begin
+            generate
+            return if certificate
+        rescue StandardError => detail
+            Puppet.err "Could not request certificate: %s" % detail.to_s
+            if time < 1
+                puts "Exiting; failed to retrieve certificate and watiforcert is disabled"
+                exit(1)
+            else
+                sleep(time)
+            end
+            retry
+        end
+        if time < 1
+            puts "Exiting; no certificate found and waitforcert is disabled"
+            exit(1)
+        end
+        while true do
+            sleep time
+            begin
+                break if certificate
+                Puppet.notice "Did not receive certificate"
+            rescue StandardError => detail
+                Puppet.err "Could not request certificate: %s" % detail.to_s
+            end
+        end
+    end
+end
+require 'puppet/ssl/certificate_authority'