puppet 4.3.2-x64-mingw32 → 4.4.0-x64-mingw32

data/lib/puppet/util/windows/com.rb

@@ -49,7 +49,7 @@ module Puppet::Util::Windows::COM
   CLSCTX_ALL = CLSCTX_INPROC_SERVER | CLSCTX_INPROC_HANDLER | CLSCTX_LOCAL_SERVER | CLSCTX_REMOTE_SERVER
   CLSCTX_SERVER = CLSCTX_INPROC_SERVER | CLSCTX_LOCAL_SERVER | CLSCTX_REMOTE_SERVER
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/ms686615(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/ms686615(v=vs.85).aspx
   # HRESULT CoCreateInstance(
   #   _In_   REFCLSID rclsid,
   #   _In_   LPUNKNOWN pUnkOuter,
@@ -202,14 +202,14 @@ module Puppet::Util::Windows::COM
 
   Unknown = Instance[IUnknown]
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/ms678543(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/ms678543(v=vs.85).aspx
   # HRESULT CoInitialize(
   #   _In_opt_  LPVOID pvReserved
   # );
   ffi_lib :ole32
   attach_function_private :CoInitialize, [:lpvoid], :hresult
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/ms688715(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/ms688715(v=vs.85).aspx
   # void CoUninitialize(void);
   ffi_lib :ole32
   attach_function_private :CoUninitialize, [], :void

data/lib/puppet/util/windows/error.rb

@@ -66,7 +66,7 @@ class Puppet::Util::Windows::Error < Puppet::Error
 
   ffi_convention :stdcall
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/ms679351(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/ms679351(v=vs.85).aspx
   # DWORD WINAPI FormatMessage(
   #   _In_      DWORD dwFlags,
   #   _In_opt_  LPCVOID lpSource,

data/lib/puppet/util/windows/file.rb

@@ -272,7 +272,7 @@ module Puppet::Util::Windows::File
 
   private
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa364571(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa364571(v=vs.85).aspx
   FSCTL_GET_REPARSE_POINT = 0x900a8
 
   def self.resolve_symlink(handle)
@@ -290,7 +290,7 @@ module Puppet::Util::Windows::File
 
   ffi_convention :stdcall
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa365512(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa365512(v=vs.85).aspx
   # BOOL WINAPI ReplaceFile(
   #   _In_        LPCTSTR lpReplacedFileName,
   #   _In_        LPCTSTR lpReplacementFileName,
@@ -305,7 +305,7 @@ module Puppet::Util::Windows::File
   attach_function_private :ReplaceFileW,
     [:lpcwstr, :lpcwstr, :lpcwstr, :dword, :lpvoid, :lpvoid], :win32_bool
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa365240(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa365240(v=vs.85).aspx
   # BOOL WINAPI MoveFileEx(
   #   _In_      LPCTSTR lpExistingFileName,
   #   _In_opt_  LPCTSTR lpNewFileName,
@@ -328,7 +328,7 @@ module Puppet::Util::Windows::File
   rescue LoadError
   end
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa364944(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa364944(v=vs.85).aspx
   # DWORD WINAPI GetFileAttributes(
   #   _In_  LPCTSTR lpFileName
   # );
@@ -336,7 +336,7 @@ module Puppet::Util::Windows::File
   attach_function_private :GetFileAttributesW,
     [:lpcwstr], :dword
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa365535(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa365535(v=vs.85).aspx
   # BOOL WINAPI SetFileAttributes(
   #   _In_  LPCTSTR lpFileName,
   #   _In_  DWORD dwFileAttributes
@@ -358,7 +358,7 @@ module Puppet::Util::Windows::File
   attach_function_private :CreateFileW,
     [:lpcwstr, :dword, :dword, :pointer, :dword, :dword, :handle], :handle
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa363216(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa363216(v=vs.85).aspx
   # BOOL WINAPI DeviceIoControl(
   #   _In_         HANDLE hDevice,
   #   _In_         DWORD dwIoControlCode,
@@ -376,8 +376,8 @@ module Puppet::Util::Windows::File
   MAXIMUM_REPARSE_DATA_BUFFER_SIZE = 16384
 
   # REPARSE_DATA_BUFFER
-  # http://msdn.microsoft.com/en-us/library/cc232006.aspx
-  # http://msdn.microsoft.com/en-us/library/windows/hardware/ff552012(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/cc232006.aspx
+  # https://msdn.microsoft.com/en-us/library/windows/hardware/ff552012(v=vs.85).aspx
   # struct is always MAXIMUM_REPARSE_DATA_BUFFER_SIZE bytes
   class REPARSE_DATA_BUFFER < FFI::Struct
     layout :ReparseTag, :win32_ulong,

data/lib/puppet/util/windows/principal.rb

@@ -6,18 +6,24 @@ module Puppet::Util::Windows::SID
     attr_reader :account, :sid_bytes, :sid, :domain, :domain_account, :account_type
 
     def initialize(account, sid_bytes, sid, domain, account_type)
-      # Calling lookup_account_name like host\user is valid and therefore this
-      # value may include two components, but favor the domain value passed in
-      @account = account =~ /(.+)\\(.+)/ ? $2 : account
+      # This is only ever called from lookup_account_sid which has already
+      # removed the potential for passing in an account like host\user
+      @account = account
       @sid_bytes = sid_bytes
       @sid = sid
       @domain = domain
-      # when domain is available, combine it with parsed account
-      # otherwise use the account value directly
-      @domain_account = domain && !domain.empty? ?
-        "#{domain}\\#{@account}" : account
-
       @account_type = account_type
+      # When domain is available and it is a Domain principal, use domain only
+      #   otherwise if domain is available then combine it with parsed account
+      #   otherwise when the domain is not available, use the account value directly
+      # WinNT naming standard https://msdn.microsoft.com/en-us/library/windows/desktop/aa746534(v=vs.85).aspx
+      if (domain && !domain.empty? && @account_type == :SidTypeDomain)
+        @domain_account = @domain
+      elsif (domain && !domain.empty?)
+        @domain_account =  "#{domain}\\#{@account}"
+      else
+        @domain_account = account
+      end
     end
 
     # added for backward compatibility
@@ -68,12 +74,11 @@ module Puppet::Util::Windows::SID
                    raise Puppet::Util::Windows::Error.new('Failed to call LookupAccountNameW')
                   end
 
-                  return new(
-                    account_name,
-                    sid_ptr.read_bytes(sid_length_ptr.read_dword).unpack('C*'),
-                    Puppet::Util::Windows::SID.sid_ptr_to_string(sid_ptr),
-                    domain_ptr.read_wide_string(domain_length_ptr.read_dword),
-                    SID_NAME_USE[name_use_enum_ptr.read_uint32])
+                  # with a SID returned, loop back through lookup_account_sid to retrieve official name
+                  # necessary when accounts like . or '' are passed in
+                  return lookup_account_sid(
+                    system_name,
+                    sid_ptr.read_bytes(sid_length_ptr.read_dword).unpack('C*'))
                   end
                 end
               end
@@ -87,6 +92,10 @@ module Puppet::Util::Windows::SID
 
     def self.lookup_account_sid(system_name = nil, sid_bytes)
       system_name_ptr = FFI::Pointer::NULL
+      if (sid_bytes.nil? || (!sid_bytes.is_a? Array) || (sid_bytes.length == 0))
+        raise Puppet::Util::Windows::Error.new('Byte array for lookup_account_sid must not be nil and must be at least 1 byte long')
+      end
+
       begin
         if system_name
           system_name_wide = Puppet::Util::Windows::String.wide_string(system_name)

data/lib/puppet/util/windows/process.rb

@@ -224,6 +224,51 @@ module Puppet::Util::Windows::Process
   end
   module_function :windows_major_version
 
+  # Returns a hash of the current environment variables encoded as UTF-8
+  # The memory block returned from GetEnvironmentStringsW is double-null terminated and the vars are paired as below;
+  # Var1=Value1\0
+  # Var2=Value2\0
+  # VarX=ValueX\0\0
+  # Note - Some env variable names start with '=' and are excluded from the return value
+  # Note - The env_ptr MUST be freed using the FreeEnvironmentStringsW function
+  # Note - There is no technical limitation to the size of the environment block returned.
+  #   However a pracitcal limit of 64K is used as no single environment variable can exceed 32KB
+  def get_environment_strings
+    env_ptr = GetEnvironmentStringsW()
+
+    pairs = env_ptr.read_arbitrary_wide_string_up_to(65534, :double_null)
+      .split(?\x00)
+      .reject { |env_str| env_str.nil? || env_str.empty? || env_str[0] == '=' }
+      .map { |env_pair| env_pair.split('=', 2) }
+    Hash[ pairs ]
+  ensure
+    if env_ptr && ! env_ptr.null?
+      if FreeEnvironmentStringsW(env_ptr) == FFI::WIN32_FALSE
+        Puppet.debug "FreeEnvironmentStringsW memory leak"
+      end
+    end
+  end
+  module_function :get_environment_strings
+
+  def set_environment_variable(name, val)
+    raise Puppet::Util::Windows::Error('environment variable name must not be nil or empty') if ! name || name.empty?
+
+    FFI::MemoryPointer.from_string_to_wide_string(name) do |name_ptr|
+      if (val.nil?)
+        if SetEnvironmentVariableW(name_ptr, FFI::MemoryPointer::NULL) == FFI::WIN32_FALSE
+          raise Puppet::Util::Windows::Error.new("Failed to remove environment variable: #{name}")
+        end
+      else
+        FFI::MemoryPointer.from_string_to_wide_string(val) do |val_ptr|
+          if SetEnvironmentVariableW(name_ptr, val_ptr) == FFI::WIN32_FALSE
+            raise Puppet::Util::Windows::Error.new("Failed to set environment variable: #{name}")
+          end
+        end
+      end
+    end
+  end
+  module_function :set_environment_variable
+
   # Returns whether or not the OS has the ability to set elevated
   # token information.
   #
@@ -243,7 +288,7 @@ module Puppet::Util::Windows::Process
 
   ffi_convention :stdcall
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/ms687032(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/ms687032(v=vs.85).aspx
   # DWORD WINAPI WaitForSingleObject(
   #   _In_  HANDLE hHandle,
   #   _In_  DWORD dwMilliseconds
@@ -252,7 +297,7 @@ module Puppet::Util::Windows::Process
   attach_function_private :WaitForSingleObject,
     [:handle, :dword], :dword
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/ms683189(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/ms683189(v=vs.85).aspx
   # BOOL WINAPI GetExitCodeProcess(
   #   _In_   HANDLE hProcess,
   #   _Out_  LPDWORD lpExitCode
@@ -261,12 +306,34 @@ module Puppet::Util::Windows::Process
   attach_function_private :GetExitCodeProcess,
     [:handle, :lpdword], :win32_bool
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/ms683179(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/ms683179(v=vs.85).aspx
   # HANDLE WINAPI GetCurrentProcess(void);
   ffi_lib :kernel32
   attach_function_private :GetCurrentProcess, [], :handle
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa379295(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/ms683187(v=vs.85).aspx
+  # LPTCH GetEnvironmentStrings(void);
+  ffi_lib :kernel32
+  attach_function_private :GetEnvironmentStringsW, [], :pointer
+
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/ms683151(v=vs.85).aspx
+  # BOOL FreeEnvironmentStrings(
+  #   _In_ LPTCH lpszEnvironmentBlock
+  # );
+  ffi_lib :kernel32
+  attach_function_private :FreeEnvironmentStringsW,
+    [:pointer], :win32_bool
+
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/ms686206(v=vs.85).aspx
+  # BOOL WINAPI SetEnvironmentVariableW(
+  #     _In_     LPCTSTR lpName,
+  #     _In_opt_ LPCTSTR lpValue
+  #   );
+  ffi_lib :kernel32
+  attach_function_private :SetEnvironmentVariableW,
+    [:lpcwstr, :lpcwstr], :win32_bool
+
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa379295(v=vs.85).aspx
   # BOOL WINAPI OpenProcessToken(
   #   _In_   HANDLE ProcessHandle,
   #   _In_   DWORD DesiredAccess,
@@ -277,7 +344,7 @@ module Puppet::Util::Windows::Process
     [:handle, :dword, :phandle], :win32_bool
 
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa379261(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa379261(v=vs.85).aspx
   # typedef struct _LUID {
   #   DWORD LowPart;
   #   LONG  HighPart;
@@ -287,7 +354,7 @@ module Puppet::Util::Windows::Process
            :HighPart, :win32_long
   end
 
-  # http://msdn.microsoft.com/en-us/library/Windows/desktop/aa379180(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/Windows/desktop/aa379180(v=vs.85).aspx
   # BOOL WINAPI LookupPrivilegeValue(
   #   _In_opt_  LPCTSTR lpSystemName,
   #   _In_      LPCTSTR lpName,
@@ -297,7 +364,7 @@ module Puppet::Util::Windows::Process
   attach_function_private :LookupPrivilegeValueW,
     [:lpcwstr, :lpcwstr, :pointer], :win32_bool
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa379626(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa379626(v=vs.85).aspx
   TOKEN_INFORMATION_CLASS = enum(
       :TokenUser, 1,
       :TokenGroups,
@@ -342,7 +409,7 @@ module Puppet::Util::Windows::Process
       :MaxTokenInfoClass
   )
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa379263(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa379263(v=vs.85).aspx
   # typedef struct _LUID_AND_ATTRIBUTES {
   #   LUID  Luid;
   #   DWORD Attributes;
@@ -352,7 +419,7 @@ module Puppet::Util::Windows::Process
            :Attributes, :dword
   end
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa379630(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa379630(v=vs.85).aspx
   # typedef struct _TOKEN_PRIVILEGES {
   #   DWORD               PrivilegeCount;
   #   LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY];
@@ -362,7 +429,7 @@ module Puppet::Util::Windows::Process
            :Privileges, [LUID_AND_ATTRIBUTES, 1]    # placeholder for offset
   end
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/bb530717(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/bb530717(v=vs.85).aspx
   # typedef struct _TOKEN_ELEVATION {
   #   DWORD TokenIsElevated;
   # } TOKEN_ELEVATION, *PTOKEN_ELEVATION;
@@ -370,7 +437,7 @@ module Puppet::Util::Windows::Process
     layout :TokenIsElevated, :dword
   end
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa446671(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa446671(v=vs.85).aspx
   # BOOL WINAPI GetTokenInformation(
   #   _In_       HANDLE TokenHandle,
   #   _In_       TOKEN_INFORMATION_CLASS TokenInformationClass,

data/lib/puppet/util/windows/registry.rb

@@ -5,7 +5,7 @@ module Puppet::Util::Windows
     require 'ffi'
     extend FFI::Library
 
-    # http://msdn.microsoft.com/en-us/library/windows/desktop/aa384129(v=vs.85).aspx
+    # https://msdn.microsoft.com/en-us/library/windows/desktop/aa384129(v=vs.85).aspx
     KEY64 = 0x100
     KEY32 = 0x200
 

data/lib/puppet/util/windows/root_certs.rb

@@ -34,7 +34,7 @@ class Puppet::Util::Windows::RootCerts
     certs = []
 
     # This is based on a patch submitted to openssl:
-    # http://www.mail-archive.com/openssl-dev@openssl.org/msg26958.html
+    # https://www.mail-archive.com/openssl-dev@openssl.org/msg26958.html
     ptr = FFI::Pointer::NULL
     store = CertOpenSystemStoreA(nil, "ROOT")
     begin
@@ -57,7 +57,7 @@ class Puppet::Util::Windows::RootCerts
   ffi_convention :stdcall
   # typedef void *HCERTSTORE;
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa377189(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa377189(v=vs.85).aspx
   # typedef struct _CERT_CONTEXT {
   #   DWORD      dwCertEncodingType;
   #   BYTE       *pbCertEncoded;
@@ -75,7 +75,7 @@ class Puppet::Util::Windows::RootCerts
     )
   end
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa376560(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa376560(v=vs.85).aspx
   # HCERTSTORE
   # WINAPI
   # CertOpenSystemStoreA(
@@ -86,7 +86,7 @@ class Puppet::Util::Windows::RootCerts
   ffi_lib :crypt32
   attach_function_private :CertOpenSystemStoreA, [:ulong_ptr, :lpcstr], :handle
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa376050(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa376050(v=vs.85).aspx
   # PCCERT_CONTEXT
   # WINAPI
   # CertEnumCertificatesInStore(
@@ -96,7 +96,7 @@ class Puppet::Util::Windows::RootCerts
   ffi_lib :crypt32
   attach_function_private :CertEnumCertificatesInStore, [:handle, :pointer], :pointer
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa376026(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa376026(v=vs.85).aspx
   # BOOL
   # WINAPI
   # CertCloseStore(

data/lib/puppet/util/windows/security.rb

@@ -41,7 +41,7 @@
 #   must be running with elevated privileges.
 # * A file/dir can be deleted by anyone with the DELETE access right
 #   OR by anyone that has the FILE_DELETE_CHILD access right for the
-#   parent. See http://support.microsoft.com/kb/238018. But on Unix,
+#   parent. See https://support.microsoft.com/kb/238018. But on Unix,
 #   the user must have write access to the file/dir AND execute access
 #   to all of the parent path components.
 # * Many access control entries are inherited from parent directories,
@@ -65,8 +65,6 @@ require 'puppet/util/windows'
 require 'pathname'
 require 'ffi'
 
-require 'win32/security'
-
 module Puppet::Util::Windows::Security
   include Puppet::Util::Windows::String
 
@@ -199,9 +197,9 @@ module Puppet::Util::Windows::Security
   def get_mode(path)
     return unless supports_acl?(path)
 
-    well_known_world_sid = Win32::Security::SID::Everyone
-    well_known_nobody_sid = Win32::Security::SID::Nobody
-    well_known_system_sid = Win32::Security::SID::LocalSystem
+    well_known_world_sid = Puppet::Util::Windows::SID::Everyone
+    well_known_nobody_sid = Puppet::Util::Windows::SID::Nobody
+    well_known_system_sid = Puppet::Util::Windows::SID::LocalSystem
 
     mode = S_ISYSTEM_MISSING
 
@@ -278,9 +276,9 @@ module Puppet::Util::Windows::Security
   # that they do not have read and write access to.
   def set_mode(mode, path, protected = true)
     sd = get_security_descriptor(path)
-    well_known_world_sid = Win32::Security::SID::Everyone
-    well_known_nobody_sid = Win32::Security::SID::Nobody
-    well_known_system_sid = Win32::Security::SID::LocalSystem
+    well_known_world_sid = Puppet::Util::Windows::SID::Everyone
+    well_known_nobody_sid = Puppet::Util::Windows::SID::Nobody
+    well_known_system_sid = Puppet::Util::Windows::SID::LocalSystem
 
     owner_allow = FILE::STANDARD_RIGHTS_ALL  |
       FILE::FILE_READ_ATTRIBUTES |
@@ -361,12 +359,12 @@ module Puppet::Util::Windows::Security
     inherit_only = Puppet::Util::Windows::AccessControlEntry::INHERIT_ONLY_ACE
     if isdir
       inherit = inherit_only | Puppet::Util::Windows::AccessControlEntry::CONTAINER_INHERIT_ACE
-      dacl.allow(Win32::Security::SID::CreatorOwner, owner_allow, inherit)
-      dacl.allow(Win32::Security::SID::CreatorGroup, group_allow, inherit)
+      dacl.allow(Puppet::Util::Windows::SID::CreatorOwner, owner_allow, inherit)
+      dacl.allow(Puppet::Util::Windows::SID::CreatorGroup, group_allow, inherit)
 
       inherit = inherit_only | Puppet::Util::Windows::AccessControlEntry::OBJECT_INHERIT_ACE
-      dacl.allow(Win32::Security::SID::CreatorOwner, owner_allow & ~FILE::FILE_EXECUTE, inherit)
-      dacl.allow(Win32::Security::SID::CreatorGroup, group_allow & ~FILE::FILE_EXECUTE, inherit)
+      dacl.allow(Puppet::Util::Windows::SID::CreatorOwner, owner_allow & ~FILE::FILE_EXECUTE, inherit)
+      dacl.allow(Puppet::Util::Windows::SID::CreatorGroup, group_allow & ~FILE::FILE_EXECUTE, inherit)
     end
 
     new_sd = Puppet::Util::Windows::SecurityDescriptor.new(sd.owner, sd.group, dacl, protected)
@@ -579,7 +577,7 @@ module Puppet::Util::Windows::Security
   end
 
   def get_max_generic_acl_size(ace_count)
-    # http://msdn.microsoft.com/en-us/library/windows/desktop/aa378853(v=vs.85).aspx
+    # https://msdn.microsoft.com/en-us/library/windows/desktop/aa378853(v=vs.85).aspx
     # To calculate the initial size of an ACL, add the following together, and then align the result to the nearest DWORD:
     # * Size of the ACL structure.
     # * Size of each ACE structure that the ACL is to contain minus the SidStart member (DWORD) of the ACE.
@@ -643,7 +641,7 @@ module Puppet::Util::Windows::Security
 
   ffi_convention :stdcall
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa363858(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa363858(v=vs.85).aspx
   # HANDLE WINAPI CreateFile(
   #   _In_      LPCTSTR lpFileName,
   #   _In_      DWORD dwDesiredAccess,
@@ -657,7 +655,7 @@ module Puppet::Util::Windows::Security
   attach_function_private :CreateFileW,
     [:lpcwstr, :dword, :dword, :pointer, :dword, :dword, :handle], :handle
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa364993(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa364993(v=vs.85).aspx
   # BOOL WINAPI GetVolumeInformation(
   #   _In_opt_   LPCTSTR lpRootPathName,
   #   _Out_opt_  LPTSTR lpVolumeNameBuffer,
@@ -672,7 +670,7 @@ module Puppet::Util::Windows::Security
   attach_function_private :GetVolumeInformationW,
     [:lpcwstr, :lpwstr, :dword, :lpdword, :lpdword, :lpdword, :lpwstr, :dword], :win32_bool
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa374951(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa374951(v=vs.85).aspx
   # BOOL WINAPI AddAccessAllowedAceEx(
   #   _Inout_  PACL pAcl,
   #   _In_     DWORD dwAceRevision,
@@ -684,7 +682,7 @@ module Puppet::Util::Windows::Security
   attach_function_private :AddAccessAllowedAceEx,
     [:pointer, :dword, :dword, :dword, :pointer], :win32_bool
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa374964(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa374964(v=vs.85).aspx
   # BOOL WINAPI AddAccessDeniedAceEx(
   #   _Inout_  PACL pAcl,
   #   _In_     DWORD dwAceRevision,
@@ -696,7 +694,7 @@ module Puppet::Util::Windows::Security
   attach_function_private :AddAccessDeniedAceEx,
     [:pointer, :dword, :dword, :dword, :pointer], :win32_bool
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa374931(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa374931(v=vs.85).aspx
   # typedef struct _ACL {
   #   BYTE AclRevision;
   #   BYTE Sbz1;
@@ -712,9 +710,9 @@ module Puppet::Util::Windows::Security
            :Sbz2, :word
   end
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa374912(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa374912(v=vs.85).aspx
   # ACE types
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa374919(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa374919(v=vs.85).aspx
   # typedef struct _ACE_HEADER {
   #   BYTE AceType;
   #   BYTE AceFlags;
@@ -726,17 +724,17 @@ module Puppet::Util::Windows::Security
            :AceSize,  :word
   end
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa374892(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa374892(v=vs.85).aspx
   # ACCESS_MASK
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa374847(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa374847(v=vs.85).aspx
   # typedef struct _ACCESS_ALLOWED_ACE {
   #   ACE_HEADER  Header;
   #   ACCESS_MASK Mask;
   #   DWORD       SidStart;
   # } ACCESS_ALLOWED_ACE, *PACCESS_ALLOWED_ACE;
   #
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa374879(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa374879(v=vs.85).aspx
   # typedef struct _ACCESS_DENIED_ACE {
   #   ACE_HEADER  Header;
   #   ACCESS_MASK Mask;
@@ -751,12 +749,12 @@ module Puppet::Util::Windows::Security
            :SidStart, :dword
   end
 
-  # http://stackoverflow.com/a/1792930
+  # https://stackoverflow.com/a/1792930
   MAXIMUM_SID_BYTES_LENGTH = 68
   MAXIMUM_GENERIC_ACE_SIZE = GENERIC_ACCESS_ACE.offset_of(:SidStart) +
     MAXIMUM_SID_BYTES_LENGTH
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa446634(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa446634(v=vs.85).aspx
   # BOOL WINAPI GetAce(
   #   _In_   PACL pAcl,
   #   _In_   DWORD dwAceIndex,
@@ -766,7 +764,7 @@ module Puppet::Util::Windows::Security
   attach_function_private :GetAce,
     [:pointer, :dword, :pointer], :win32_bool
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa375202(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa375202(v=vs.85).aspx
   # BOOL WINAPI AdjustTokenPrivileges(
   #   _In_       HANDLE TokenHandle,
   #   _In_       BOOL DisableAllPrivileges,
@@ -779,9 +777,9 @@ module Puppet::Util::Windows::Security
   attach_function_private :AdjustTokenPrivileges,
     [:handle, :win32_bool, :pointer, :dword, :pointer, :pdword], :win32_bool
 
-  # http://msdn.microsoft.com/en-us/library/windows/hardware/ff556610(v=vs.85).aspx
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa379561(v=vs.85).aspx
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa446647(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/hardware/ff556610(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa379561(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa446647(v=vs.85).aspx
   # typedef WORD SECURITY_DESCRIPTOR_CONTROL, *PSECURITY_DESCRIPTOR_CONTROL;
   # BOOL WINAPI GetSecurityDescriptorControl(
   #   _In_   PSECURITY_DESCRIPTOR pSecurityDescriptor,
@@ -792,7 +790,7 @@ module Puppet::Util::Windows::Security
   attach_function_private :GetSecurityDescriptorControl,
     [:pointer, :lpword, :lpdword], :win32_bool
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa378853(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa378853(v=vs.85).aspx
   # BOOL WINAPI InitializeAcl(
   #   _Out_  PACL pAcl,
   #   _In_   DWORD nAclLength,
@@ -802,7 +800,7 @@ module Puppet::Util::Windows::Security
   attach_function_private :InitializeAcl,
     [:pointer, :dword, :dword], :win32_bool
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa379142(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa379142(v=vs.85).aspx
   # BOOL WINAPI IsValidAcl(
   #   _In_  PACL pAcl
   # );
@@ -810,7 +808,7 @@ module Puppet::Util::Windows::Security
   attach_function_private :IsValidAcl,
     [:pointer], :win32_bool
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa379593(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa379593(v=vs.85).aspx
   SE_OBJECT_TYPE = enum(
     :SE_UNKNOWN_OBJECT_TYPE, 0,
     :SE_FILE_OBJECT,
@@ -827,7 +825,7 @@ module Puppet::Util::Windows::Security
     :SE_REGISTRY_WOW64_32KEY
   )
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa446654(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa446654(v=vs.85).aspx
   # DWORD WINAPI GetSecurityInfo(
   #   _In_       HANDLE handle,
   #   _In_       SE_OBJECT_TYPE ObjectType,
@@ -842,7 +840,7 @@ module Puppet::Util::Windows::Security
   attach_function_private :GetSecurityInfo,
     [:handle, SE_OBJECT_TYPE, :dword, :pointer, :pointer, :pointer, :pointer, :pointer], :dword
 
-  # http://msdn.microsoft.com/en-us/library/windows/desktop/aa379588(v=vs.85).aspx
+  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa379588(v=vs.85).aspx
   # DWORD WINAPI SetSecurityInfo(
   #   _In_      HANDLE handle,
   #   _In_      SE_OBJECT_TYPE ObjectType,