puppet 4.10.4-x86-mingw32 → 4.10.5-x86-mingw32

data/lib/puppet/parser/functions/reverse_each.rb

@@ -79,5 +79,5 @@ $transformed_data = map(reverse_each($data)) |$item| { $item * 10 }
 
 DOC
 ) do |args|
-  Error.is4x('reverse_each')
+  Puppet::Parser::Functions::Error.is4x('reverse_each')
 end

data/lib/puppet/parser/functions/slice.rb

@@ -35,5 +35,5 @@ to empty arrays for a hash.
 - Since 4.0.0
 DOC
 ) do |args|
-  Error.is4x('slice')
+  Puppet::Parser::Functions::Error.is4x('slice')
 end

data/lib/puppet/parser/functions/step.rb

@@ -80,5 +80,5 @@ $transformed_data contains [0,50,100,150,200]
 
 DOC
 ) do |args|
-  Error.is4x('step')
+  Puppet::Parser::Functions::Error.is4x('step')
 end

data/lib/puppet/parser/functions/strftime.rb

@@ -181,5 +181,5 @@ notice($duration.strftime('%M:%S')) # outputs '200:30'
 - Since 4.8.0
 DOC
 ) do |args|
-  Error.is4x('strftime')
+  Puppet::Parser::Functions::Error.is4x('strftime')
 end

data/lib/puppet/parser/functions/then.rb

@@ -69,5 +69,5 @@ was not a String.
 
 DOC
 ) do |args|
-  Error.is4x('then')
+  Puppet::Parser::Functions::Error.is4x('then')
 end

data/lib/puppet/parser/functions/type.rb

@@ -49,5 +49,5 @@ function type(Any $value, InferenceFidelity $fidelity = 'detailed') # returns Ty
 
 DOC
 ) do |args|
-  Error.is4x('type')
+  Puppet::Parser::Functions::Error.is4x('type')
 end

data/lib/puppet/parser/functions/with.rb

@@ -24,5 +24,5 @@ $check_var = $x
 - Since 4.0.0
 DOC
 ) do |args|
-  Error.is4x('with')
+  Puppet::Parser::Functions::Error.is4x('with')
 end

data/lib/puppet/pops/evaluator/collector_transformer.rb

@@ -42,10 +42,10 @@ class CollectorTransformer
 
     case o.query
     when Model::VirtualQuery
-      newcoll = Collectors::CatalogCollector.new(scope, resource_type.name, code, overrides)
+      newcoll = Collectors::CatalogCollector.new(scope, resource_type, code, overrides)
     when Model::ExportedQuery
       match = match_unless_nop(o.query, scope)
-      newcoll = Collectors::ExportedCollector.new(scope, resource_type.name, match, code, overrides)
+      newcoll = Collectors::ExportedCollector.new(scope, resource_type, match, code, overrides)
     end
 
     scope.compiler.add_collection(newcoll)

data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb

@@ -3,14 +3,14 @@ class Puppet::Pops::Evaluator::Collectors::CatalogCollector < Puppet::Pops::Eval
   # Creates a CatalogCollector using the AbstractCollector's 
   # constructor to set the scope and overrides
   #
-  # param [Symbol] type the resource type to be collected
+  # param [Puppet::CompilableResourceType] type the resource type to be collected
   # param [Proc] query the query which defines which resources to match
   def initialize(scope, type, query, overrides = nil)
     super(scope, overrides)
 
     @query = query
 
-    @type = Puppet::Resource.new(type, "whatever").type
+    @type = Puppet::Resource.new(type, 'whatever').type
   end
 
   # Collects virtual resources based off a collection in a manifest

data/lib/puppet/pops/evaluator/collectors/exported_collector.rb

@@ -3,7 +3,7 @@ class Puppet::Pops::Evaluator::Collectors::ExportedCollector < Puppet::Pops::Eva
   # Creates an ExportedCollector using the AbstractCollector's
   # constructor to set the scope and overrides
   #
-  # param [Symbol] type the resource type to be collected
+  # param [Puppet::CompilableResourceType] type the resource type to be collected
   # param [Array] equery an array representation of the query (exported query)
   # param [Proc] cquery a proc representation of the query (catalog query)
   def initialize(scope, type, equery, cquery, overrides = nil)
@@ -12,7 +12,7 @@ class Puppet::Pops::Evaluator::Collectors::ExportedCollector < Puppet::Pops::Eva
     @equery = equery
     @cquery = cquery
 
-    @type = Puppet::Resource.new(type, "whatever").type
+    @type = Puppet::Resource.new(type, 'whatever').type
   end
 
   # Ensures that storeconfigs is present before calling AbstractCollector's

data/lib/puppet/pops/merge_strategy.rb

@@ -375,7 +375,7 @@ module Puppet::Pops
           'knockout_prefix=>Optional[String],'\
           'merge_debug=>Optional[Boolean],'\
           'merge_hash_arrays=>Optional[Boolean],'\
-          'sort_merge_arrays=>Optional[Boolean],'\
+          'sort_merged_arrays=>Optional[Boolean],'\
           '}]')
     end
 

data/lib/puppet/provider/nameservice.rb

@@ -24,11 +24,13 @@ class Puppet::Provider::NameService < Puppet::Provider
 
     def instances
       objects = []
-      Puppet::Etc.send("set#{section}ent")
       begin
-        while ent = Puppet::Etc.send("get#{section}ent")
+        method = Puppet::Etc.method(:"get#{section}ent")
+        while ent = method.call
           objects << new(:name => ent.name, :canonical_name => ent.canonical_name, :ensure => :present)
         end
+      ensure
+        Puppet::Etc.send("end#{section}ent")
       end
       objects
     end

data/lib/puppet/reports/http.rb

@@ -6,8 +6,10 @@ Puppet::Reports.register_report(:http) do
 
   desc <<-DESC
     Send reports via HTTP or HTTPS. This report processor submits reports as
-    POST requests to the address in the `reporturl` setting. The body of each POST
-    request is the YAML dump of a Puppet::Transaction::Report object, and the
+    POST requests to the address in the `reporturl` setting. When a HTTPS URL
+    is used, the remote server must present a certificate issued by the Puppet
+    CA or the connection will fail validation. The body of each POST request
+    is the YAML dump of a Puppet::Transaction::Report object, and the
     Content-Type is set as `application/x-yaml`.
   DESC
 

data/lib/puppet/resource/capability_finder.rb

@@ -87,7 +87,7 @@ module Puppet::Resource::CapabilityFinder
         Puppet::Util::Puppetdb.query_puppetdb(["from", "resources", query])
       # For PuppetDB < 4, use the old internal method action()
       else
-        url = "/pdb/query/v4/resource?query=#{CGI.escape(query.to_json)}"
+        url = "/pdb/query/v4/resource?query=#{Puppet::Util.uri_query_encode(query.to_json)}"
         response = Puppet::Util::Puppetdb::Http.action(url) do |conn, uri|
           conn.get(uri, { 'Accept' => 'application/json'})
         end

data/lib/puppet/type/file/source.rb

@@ -70,7 +70,7 @@ module Puppet
         next if Puppet::Util.absolute_path?(source)
 
         begin
-          uri = URI.parse(URI.escape(source))
+          uri = URI.parse(Puppet::Util.uri_encode(source))
         rescue => detail
           self.fail Puppet::Error, "Could not understand source #{source}: #{detail}", detail
         end
@@ -91,7 +91,13 @@ module Puppet
         source = self.class.normalize(source)
 
         if Puppet::Util.absolute_path?(source)
-          URI.unescape(Puppet::Util.path_to_uri(source).to_s)
+          # CGI.unescape will butcher properly escaped URIs
+          uri_string = Puppet::Util.path_to_uri(source).to_s
+          # Ruby 1.9.3 and earlier have a URI bug in URI
+          # to_s returns an ASCII string despite UTF-8 fragments
+          # since its escaped its safe to universally call encode
+          # URI.unescape always returns strings in the original encoding
+          URI.unescape(uri_string.encode(Encoding::UTF_8))
         else
           source
         end
@@ -219,7 +225,7 @@ module Puppet
     end
 
     def uri
-      @uri ||= URI.parse(URI.escape(metadata.source))
+      @uri ||= URI.parse(Puppet::Util.uri_encode(metadata.source))
     end
 
     def write(file)

data/lib/puppet/util.rb

@@ -321,7 +321,12 @@ module Util
       end
     end
 
-    params[:path] = URI.escape(path)
+    # have to split *after* any relevant escaping
+    params[:path], params[:query] = uri_encode(path).split('?')
+    search_for_fragment = params[:query] ? :query : :path
+    if params[search_for_fragment].include?('#')
+      params[search_for_fragment], _, params[:fragment] = params[search_for_fragment].rpartition('#')
+    end
 
     begin
       URI::Generic.build(params)
@@ -335,7 +340,9 @@ module Util
   def uri_to_path(uri)
     return unless uri.is_a?(URI)
 
-    path = URI.unescape(uri.path)
+    # CGI.unescape doesn't handle space rules properly in uri paths
+    # URI.unescape does, but returns strings in their original encoding
+    path = URI.unescape(uri.path.encode(Encoding::UTF_8))
 
     if Puppet.features.microsoft_windows? and uri.scheme == 'file'
       if uri.host
@@ -349,6 +356,119 @@ module Util
   end
   module_function :uri_to_path
 
+  private
+
+  RFC_3986_URI_REGEX = /^(?<scheme>([^:\/?#]+):)?(?<authority>\/\/([^\/?#]*))?(?<path>[^?#]*)(\?(?<query>[^#]*))?(#(?<fragment>.*))?$/
+
+  public
+
+  # Percent-encodes a URI query parameter per RFC3986 - https://tools.ietf.org/html/rfc3986
+  #
+  # The output will correctly round-trip through URI.unescape
+  #
+  # @param [String query_string] A URI query parameter that may contain reserved
+  #   characters that must be percent encoded for the key or value to be
+  #   properly decoded as part of a larger query string:
+  #
+  #   query
+  #   encodes as : query
+  #
+  #   query_with_special=chars like&and * and# plus+this
+  #   encodes as:
+  #   query_with_special%3Dchars%20like%26and%20%2A%20and%23%20plus%2Bthis
+  #
+  #   Note: Also usable by fragments, but not suitable for paths
+  #
+  # @return [String] a new string containing an encoded query string per the
+  #   rules of RFC3986.
+  #
+  #   In particular,
+  #   query will encode + as %2B and space as %20
+  def uri_query_encode(query_string)
+    return nil if query_string.nil?
+
+    # query can encode space to %20 OR +
+    # + MUST be encoded as %2B
+    # in RFC3968 both query and fragment are defined as:
+    # = *( pchar / "/" / "?" )
+    # CGI.escape turns space into + which is the most backward compatible
+    # however it doesn't roundtrip through URI.unescape which prefers %20
+    CGI.escape(query_string).gsub('+', '%20')
+  end
+  module_function :uri_query_encode
+
+  # Percent-encodes a URI string per RFC3986 - https://tools.ietf.org/html/rfc3986
+  #
+  # Properly handles escaping rules for paths, query strings and fragments
+  # independently
+  #
+  # The output is safe to pass to URI.parse or URI::Generic.build and will
+  # correctly round-trip through URI.unescape
+  #
+  # @param [String path] A URI string that may be in the form of:
+  #
+  #   http://foo.com/bar?query
+  #   file://tmp/foo bar
+  #   //foo.com/bar?query
+  #   /bar?query
+  #   bar?query
+  #   bar
+  #   .
+  #   C:\Windows\Temp
+  #
+  #   Note that with no specified scheme, authority or query parameter delimiter
+  #   ? that a naked string will be treated as a path.
+  #
+  #   Note that if query parameters need to contain data such as & or =
+  #   that this method should not be used, as there is no way to differentiate
+  #   query parameter data from query delimiters when multiple parameters
+  #   are specified
+  #
+  # @param [Hash{Symbol=>String} opts] Options to alter encoding
+  # @option opts [Array<Symbol>] :allow_fragment defaults to false. When false
+  #   will treat # as part of a path or query and not a fragment delimiter
+  #
+  # @return [String] a new string containing appropriate portions of the URI
+  #   encoded per the rules of RFC3986.
+  #   In particular,
+  #   path will not encode +, but will encode space as %20
+  #   query will encode + as %2B and space as %20
+  #   fragment behaves like query
+  def uri_encode(path, opts = { :allow_fragment => false })
+    raise ArgumentError.new('path may not be nil') if path.nil?
+
+    # ensure string starts as UTF-8 for the sake of Ruby 1.9.3
+    encoded = ''.encode!(Encoding::UTF_8)
+
+    # parse uri into named matches, then reassemble properly encoded
+    parts = path.match(RFC_3986_URI_REGEX)
+
+    encoded += parts[:scheme] unless parts[:scheme].nil?
+    encoded += parts[:authority] unless parts[:authority].nil?
+
+    # path requires space to be encoded as %20 (NEVER +)
+    # + should be left unencoded
+    # URI::parse and URI::Generic.build don't like paths encoded with CGI.escape
+    # URI.escape does not change / to %2F and : to %3A like CGI.escape
+    encoded += URI.escape(parts[:path]) unless parts[:path].nil?
+
+    # each query parameter
+    if !parts[:query].nil?
+      query_string = parts[:query].split('&').map do |pair|
+        # can optionally be separated by an =
+        pair.split('=').map do |v|
+          uri_query_encode(v)
+        end.join('=')
+      end.join('&')
+      encoded += '?' + query_string
+    end
+
+    encoded += ((opts[:allow_fragment] ? '#' : '%23') + uri_query_encode(parts[:fragment])) unless parts[:fragment].nil?
+
+    encoded
+  end
+  module_function :uri_encode
+
   def safe_posix_fork(stdin=$stdin, stdout=$stdout, stderr=$stderr, &block)
     child_pid = Kernel.fork do
       $stdin.reopen(stdin)

data/lib/puppet/util/execution.rb

@@ -83,7 +83,7 @@ module Puppet::Util::Execution
     end
 
     if failonfail && exitstatus != 0
-      raise Puppet::ExecutionFailure, output
+      raise Puppet::ExecutionFailure, output.to_s
     end
 
     output

data/lib/puppet/util/rdoc/generators/puppet_generator.rb

@@ -383,7 +383,7 @@ module Generators
       resources.each do |r|
         res << {
           "name" => CGI.escapeHTML(r.name),
-          "aref" => CGI.escape(path_prefix)+"\#"+CGI.escape(r.aref)
+          "aref" => Puppet::Util.uri_encode(path_prefix)+"\#"+Puppet::Util.uri_query_encode(r.aref)
         }
       end
       res

data/lib/puppet/version.rb

@@ -6,7 +6,7 @@
 # Raketasks and such to set the version based on the output of `git describe`
 
 module Puppet
-  PUPPETVERSION = '4.10.4'
+  PUPPETVERSION = '4.10.5'
 
   ##
   # version is a public API method intended to always provide a fast and

data/locales/puppet.pot

@@ -6,11 +6,11 @@
 #, fuzzy
 msgid ""
 msgstr ""
-"Project-Id-Version: Puppet automation framework 4.10.1-82-gd7074ee\n"
+"Project-Id-Version: Puppet automation framework 5.0.0-48-gd9d2edc\n"
 "\n"
 "Report-Msgid-Bugs-To: https://tickets.puppetlabs.com\n"
-"POT-Creation-Date: 2017-05-25 21:24+0000\n"
-"PO-Revision-Date: 2017-05-25 21:24+0000\n"
+"POT-Creation-Date: 2017-07-14 21:19+0000\n"
+"PO-Revision-Date: 2017-07-14 21:19+0000\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
 "Language: \n"
@@ -122,6 +122,14 @@ msgstr ""
 msgid "Existing backup does not match its expected sum, %{sum}. Overwriting corrupted backup."
 msgstr ""
 
+#: ../lib/puppet/module.rb:77
+msgid "GettextSetup initialization for %{module_name} failed with: %{error_message}"
+msgstr ""
+
+#: ../lib/puppet/module.rb:80
+msgid "GettextSetup is not available, skipping GettextSetup initialization for %{module_name}."
+msgstr ""
+
 #: ../lib/puppet/pops/lookup/environment_data_provider.rb:20
 msgid "hiera.yaml version 3 found at the environment root was ignored"
 msgstr ""
@@ -130,7 +138,7 @@ msgstr ""
 msgid "hiera.yaml version 3 found at module root was ignored"
 msgstr ""
 
-#: ../lib/puppet/provider/nameservice.rb:56
+#: ../lib/puppet/provider/nameservice.rb:58
 msgid "listbyname is deprecated and will be removed in a future release of Puppet. Please use `self.instances` to obtain a list of users."
 msgstr ""
 

data/spec/integration/application/apply_spec.rb

@@ -131,6 +131,16 @@ end
         expect(notices).to include('false')
         expect(notices).not_to include('the Puppet::Type says hello')
       end
+
+      it 'does not load the ruby type when when referenced from collector during compile' do
+        notices = eval_and_collect_notices("@applytest { 'applytest was here': }\nApplytest<| title == 'applytest was here' |>", node)
+        expect(notices).not_to include('the Puppet::Type says hello')
+      end
+
+      it 'does not load the ruby type when when referenced from exported collector during compile' do
+        notices = eval_and_collect_notices("@@applytest { 'applytest was here': }\nApplytest<<| |>>", node)
+        expect(notices).not_to include('the Puppet::Type says hello')
+      end
     end
   end
 

data/spec/integration/type/file_spec.rb

@@ -1074,6 +1074,35 @@ describe Puppet::Type.type(:file), :uses_checksums => true do
       expect(File.read(dest)).to eq("foo")
     end
 
+    it "should maintain source URIs as UTF-8 with Unicode characters in their names and be able to copy such files" do
+      # different UTF-8 widths
+      # 1-byte A
+      # 2-byte ۿ - http://www.fileformat.info/info/unicode/char/06ff/index.htm - 0xDB 0xBF / 219 191
+      # 3-byte ᚠ - http://www.fileformat.info/info/unicode/char/16A0/index.htm - 0xE1 0x9A 0xA0 / 225 154 160
+      # 4-byte <U+070E> - http://www.fileformat.info/info/unicode/char/2070E/index.htm - 0xF0 0xA0 0x9C 0x8E / 240 160 156 142
+      mixed_utf8 = "A\u06FF\u16A0\u{2070E}" # Aۿᚠ<U+070E>
+
+      dest = tmpfile("destwith #{mixed_utf8}")
+      source = tmpfile_with_contents("filewith #{mixed_utf8}", "foo")
+      catalog.add_resource described_class.new(:path => dest, :source => source)
+
+      catalog.apply
+
+      # find the resource and verify
+      resource = catalog.resources.first { |r| r.title == "File[#{dest}]" }
+      uri_path = resource.parameters[:source].uri.path
+
+      # note that Windows file:// style URIs get an extra / in front of c:/ like /c:/
+      source_prefix = Puppet.features.microsoft_windows? ? '/' : ''
+
+      # the URI can be round-tripped through unescape
+      expect(URI.unescape(uri_path)).to eq(source_prefix + source)
+      # and is properly UTF-8
+      expect(uri_path.encoding).to eq (Encoding::UTF_8)
+
+      expect(File.read(dest)).to eq('foo')
+    end
+
     it "should be able to copy individual files even if recurse has been specified" do
       source = tmpfile_with_contents("source", "foo")
       dest = tmpfile("dest")