puppet 5.5.14-universal-darwin → 5.5.16-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (83) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +2 -0
  3. data/Gemfile.lock +18 -17
  4. data/ext/solaris/smf/puppet.xml +2 -0
  5. data/lib/hiera/scope.rb +7 -0
  6. data/lib/puppet.rb +1 -1
  7. data/lib/puppet/application/device.rb +22 -10
  8. data/lib/puppet/configurer.rb +23 -38
  9. data/lib/puppet/network/http/connection.rb +2 -0
  10. data/lib/puppet/pops/types/types.rb +5 -3
  11. data/lib/puppet/provider.rb +1 -2
  12. data/lib/puppet/provider/cron/crontab.rb +1 -1
  13. data/lib/puppet/provider/package.rb +2 -0
  14. data/lib/puppet/provider/package/dpkg.rb +15 -2
  15. data/lib/puppet/provider/package/gem.rb +65 -29
  16. data/lib/puppet/provider/package/pip.rb +136 -111
  17. data/lib/puppet/provider/package/pip3.rb +1 -1
  18. data/lib/puppet/provider/package/puppet_gem.rb +1 -1
  19. data/lib/puppet/provider/package/rpm.rb +27 -16
  20. data/lib/puppet/provider/package/yum.rb +1 -1
  21. data/lib/puppet/provider/package_targetable.rb +68 -0
  22. data/lib/puppet/provider/service/upstart.rb +8 -8
  23. data/lib/puppet/provider/user/useradd.rb +16 -13
  24. data/lib/puppet/settings/server_list_setting.rb +9 -0
  25. data/lib/puppet/ssl/validator/default_validator.rb +30 -0
  26. data/lib/puppet/type/package.rb +46 -9
  27. data/lib/puppet/util/pidlock.rb +15 -1
  28. data/lib/puppet/util/windows/process.rb +70 -0
  29. data/lib/puppet/util/windows/registry.rb +7 -1
  30. data/lib/puppet/util/windows/user.rb +14 -4
  31. data/lib/puppet/version.rb +1 -1
  32. data/locales/puppet.pot +81 -78
  33. data/man/man5/puppet.conf.5 +2 -2
  34. data/man/man8/puppet-agent.8 +1 -1
  35. data/man/man8/puppet-apply.8 +1 -1
  36. data/man/man8/puppet-ca.8 +1 -1
  37. data/man/man8/puppet-catalog.8 +1 -1
  38. data/man/man8/puppet-cert.8 +1 -1
  39. data/man/man8/puppet-certificate.8 +1 -1
  40. data/man/man8/puppet-certificate_request.8 +1 -1
  41. data/man/man8/puppet-certificate_revocation_list.8 +1 -1
  42. data/man/man8/puppet-config.8 +1 -1
  43. data/man/man8/puppet-describe.8 +1 -1
  44. data/man/man8/puppet-device.8 +1 -1
  45. data/man/man8/puppet-doc.8 +1 -1
  46. data/man/man8/puppet-epp.8 +1 -1
  47. data/man/man8/puppet-facts.8 +1 -1
  48. data/man/man8/puppet-filebucket.8 +1 -1
  49. data/man/man8/puppet-generate.8 +1 -1
  50. data/man/man8/puppet-help.8 +1 -1
  51. data/man/man8/puppet-key.8 +1 -1
  52. data/man/man8/puppet-lookup.8 +1 -1
  53. data/man/man8/puppet-man.8 +1 -1
  54. data/man/man8/puppet-master.8 +1 -1
  55. data/man/man8/puppet-module.8 +1 -1
  56. data/man/man8/puppet-node.8 +1 -1
  57. data/man/man8/puppet-parser.8 +1 -1
  58. data/man/man8/puppet-plugin.8 +1 -1
  59. data/man/man8/puppet-report.8 +1 -1
  60. data/man/man8/puppet-resource.8 +1 -1
  61. data/man/man8/puppet-script.8 +1 -1
  62. data/man/man8/puppet-status.8 +1 -1
  63. data/man/man8/puppet.8 +2 -2
  64. data/spec/integration/network/http_pool_spec.rb +120 -0
  65. data/spec/integration/type/package_spec.rb +1 -1
  66. data/spec/integration/util/windows/registry_spec.rb +52 -0
  67. data/spec/integration/util/windows/user_spec.rb +19 -0
  68. data/spec/lib/puppet_spec/https.rb +166 -0
  69. data/spec/unit/configurer_spec.rb +49 -13
  70. data/spec/unit/functions/new_spec.rb +15 -0
  71. data/spec/unit/hiera/scope_spec.rb +7 -0
  72. data/spec/unit/network/http/connection_spec.rb +0 -130
  73. data/spec/unit/provider/package/dpkg_spec.rb +18 -1
  74. data/spec/unit/provider/package/gem_spec.rb +101 -48
  75. data/spec/unit/provider/package/pip3_spec.rb +17 -0
  76. data/spec/unit/provider/package/pip_spec.rb +59 -68
  77. data/spec/unit/provider/package/puppet_gem_spec.rb +22 -6
  78. data/spec/unit/provider/package/rpm_spec.rb +116 -27
  79. data/spec/unit/provider/service/upstart_spec.rb +3 -19
  80. data/spec/unit/settings/server_list_setting_spec.rb +21 -0
  81. data/spec/unit/ssl/validator_spec.rb +2 -0
  82. data/spec/unit/util/pidlock_spec.rb +46 -0
  83. metadata +9 -2
@@ -106,6 +106,12 @@ describe "Puppet::Util::Windows::User", :if => Puppet.features.microsoft_windows
106
106
  end
107
107
 
108
108
  describe "logon_user" do
109
+ let(:fLOGON32_PROVIDER_DEFAULT) {0}
110
+ let(:fLOGON32_LOGON_INTERACTIVE) {2}
111
+ let(:fLOGON32_LOGON_NETWORK) {3}
112
+ let(:token) {'test'}
113
+ let(:user) {'test'}
114
+ let(:passwd) {'test'}
109
115
  it "should raise an error when provided with an incorrect username and password" do
110
116
  expect_logon_failure_error {
111
117
  Puppet::Util::Windows::User.logon_user(username, bad_password)
@@ -117,8 +123,21 @@ describe "Puppet::Util::Windows::User", :if => Puppet.features.microsoft_windows
117
123
  Puppet::Util::Windows::User.logon_user(username, nil)
118
124
  }
119
125
  end
126
+
127
+ it 'should raise error given that logon returns false' do
128
+
129
+ allow(Puppet::Util::Windows::User).to receive(:logon_user_by_logon_type).with(
130
+ user, passwd, fLOGON32_LOGON_NETWORK, fLOGON32_PROVIDER_DEFAULT, anything).and_return (0)
131
+ allow(Puppet::Util::Windows::User).to receive(:logon_user_by_logon_type).with(
132
+ user, passwd, fLOGON32_LOGON_INTERACTIVE, fLOGON32_PROVIDER_DEFAULT, anything).and_return(0)
133
+
134
+ expect {Puppet::Util::Windows::User.logon_user(user, passwd) {}}
135
+ .to raise_error(Puppet::Util::Windows::Error, /Failed to logon user/)
136
+
137
+ end
120
138
  end
121
139
 
140
+
122
141
  describe "password_is?" do
123
142
  it "should return false given an incorrect username and password" do
124
143
  expect(Puppet::Util::Windows::User.password_is?(username, bad_password)).to be_falsey
@@ -0,0 +1,166 @@
1
+ require 'spec_helper'
2
+ require 'webrick'
3
+
4
+ class PuppetSpec::HTTPSServer
5
+ attr_reader :ca_cert, :ca_crl, :server_cert, :server_key
6
+
7
+ def initialize
8
+ @ca_cert = OpenSSL::X509::Certificate.new(CA_CERT)
9
+ @ca_crl = OpenSSL::X509::CRL.new(CRL)
10
+ @server_key = OpenSSL::PKey::RSA.new(SERVER_KEY)
11
+ @server_cert = OpenSSL::X509::Certificate.new(SERVER_CERT)
12
+ @config = WEBrick::Config::HTTP.dup
13
+ end
14
+
15
+ def handle_request(ctx, ssl)
16
+ req = WEBrick::HTTPRequest.new(@config)
17
+ req.parse(ssl)
18
+
19
+ res = WEBrick::HTTPResponse.new(@config)
20
+ res.status = 200
21
+ res.body = 'OK'
22
+ res.send_response(ssl)
23
+ end
24
+
25
+ def start_server(&block)
26
+ errors = []
27
+
28
+ IO.pipe {|stop_pipe_r, stop_pipe_w|
29
+ store = OpenSSL::X509::Store.new
30
+ store.add_cert(@ca_cert)
31
+ store.purpose = OpenSSL::X509::PURPOSE_SSL_CLIENT
32
+ ctx = OpenSSL::SSL::SSLContext.new
33
+ ctx.cert_store = store
34
+ ctx.cert = @server_cert
35
+ ctx.key = @server_key
36
+ ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE
37
+
38
+ Socket.do_not_reverse_lookup = true
39
+ tcps = TCPServer.new("127.0.0.1", 0)
40
+ begin
41
+ port = tcps.connect_address.ip_port
42
+ begin
43
+ server_thread = Thread.new do
44
+ begin
45
+ ssls = OpenSSL::SSL::SSLServer.new(tcps, ctx)
46
+ ssls.start_immediately = true
47
+
48
+ loop do
49
+ readable, = IO.select([ssls, stop_pipe_r])
50
+ break if readable.include? stop_pipe_r
51
+
52
+ ssl = ssls.accept
53
+ begin
54
+ handle_request(ctx, ssl)
55
+ ensure
56
+ ssl.close
57
+ end
58
+ end
59
+ rescue => e
60
+ # uncomment this line if something goes wrong
61
+ # puts "SERVER #{e.message}"
62
+ errors << e
63
+ end
64
+ end
65
+
66
+ begin
67
+ yield port
68
+ ensure
69
+ stop_pipe_w.close
70
+ end
71
+ ensure
72
+ server_thread.join
73
+ end
74
+ ensure
75
+ tcps.close
76
+ end
77
+ }
78
+
79
+ errors
80
+ end
81
+
82
+ CA_CERT = <<END
83
+ -----BEGIN CERTIFICATE-----
84
+ MIICMjCCAZugAwIBAgIBADANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdUZXN0
85
+ IENBMB4XDTcwMDEwMTAwMDAwMFoXDTI5MDMwMTIxMzgxMVowEjEQMA4GA1UEAwwH
86
+ VGVzdCBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvPbXy4tgmUZsLx39
87
+ Q7/Fuo5cOVk9yNzwMN4000jZQjAC8DQKXSDkbJ/6MmaiRo+VgwWlEIRVttYjrXF/
88
+ YPKZowbEIaggc9uK96+HLiGiZ0H6rNM7DYsJiCX4OzJ91SOx9qsyJbyNxLbf+IP0
89
+ 961sTQhsRaqLn8vsn8Mv9I87eHsCAwEAAaOBlzCBlDAPBgNVHRMBAf8EBTADAQH/
90
+ MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUlJ+BUoL64NmMn+IAgiLokQqr0zcw
91
+ MQYJYIZIAYb4QgENBCQWIlB1cHBldCBTZXJ2ZXIgSW50ZXJuYWwgQ2VydGlmaWNh
92
+ dGUwHwYDVR0jBBgwFoAUlJ+BUoL64NmMn+IAgiLokQqr0zcwDQYJKoZIhvcNAQEL
93
+ BQADgYEAbIca4hMdGmQvLOnNIQJ+PaMsIQ9ZT6dr+NCvIf1Ass1dEr0qRy7tpyP0
94
+ scgYmnIrOHDoe+ecyvEuG1oDb/6wLCGzD4OJXRsOzqsSCZJ31HkmDircQGpd+XbR
95
+ BxqltBWaWmSBH+e64Himc1HbHRq5xb8JFRMK9dSqiF3DrREMN/A=
96
+ -----END CERTIFICATE-----
97
+ END
98
+
99
+ CRL = <<END
100
+ -----BEGIN X509 CRL-----
101
+ MIIBCjB1AgEBMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNVBAMMB1Rlc3QgQ0EXDTcw
102
+ MDEwMTAwMDAwMFoXDTI5MDMwMTIxMzgxMVqgLzAtMB8GA1UdIwQYMBaAFJSfgVKC
103
+ +uDZjJ/iAIIi6JEKq9M3MAoGA1UdFAQDAgEAMA0GCSqGSIb3DQEBCwUAA4GBAK/r
104
+ 2fz+PGgDzu85Od5Tp6jH+3Ons5WURxZzpfveGcG5fgRIG274E5Q1z+Aoj9KW/J5V
105
+ 6FPbuoVEpykTicKKQaALHfryOEaLqIbTPu+94AivOx9RxzHhYPrblvjuDkmVf+fp
106
+ O3/6YKoeOom3FP/ftKdcsx7tGXy8UxCMUaBGVb5J
107
+ -----END X509 CRL-----
108
+ END
109
+
110
+ SERVER_CERT = <<END
111
+ -----BEGIN CERTIFICATE-----
112
+ MIIBvzCCASigAwIBAgIBAzANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdUZXN0
113
+ IENBMB4XDTcwMDEwMTAwMDAwMFoXDTI5MDMwMTIxMzgxMVowFDESMBAGA1UEAwwJ
114
+ MTI3LjAuMC4xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRTWFUYiB9TnI/
115
+ ByjHHWnjnA02ieuczgAgI5CzrlrQCbCiogmsyvLmcKp4zJFVPTC6eG6Xy4sXANcn
116
+ g44l5gr3wcSzYctukk05HSbbdoBK5jjAzMT6al9l4mQdVXmv6dIkPFq27rIEaJTu
117
+ pOPaLn+mq64o2+lhTLLESOxygzOlWQIDAQABoyMwITAfBgNVHREEGDAWggkxMjcu
118
+ MC4wLjGCCTEyNy4wLjAuMjANBgkqhkiG9w0BAQsFAAOBgQCNdGVATsyhgfNHe4K8
119
+ 19Bi80kA6bvrNQ+6dOwNA3bfpOXog3MU+T5+Sv1tlHl7lL+fnTHZkfRzcQhA10Fw
120
+ YdAxLDyDcY4PzgQcWSw7Lu74TLucfzcR+s+MYHAy8XXP002kjCBrSoSMiQPtXF7P
121
+ f/MQaTCXjA8BP6Ldw4wdlODR5A==
122
+ -----END CERTIFICATE-----
123
+ END
124
+
125
+ SERVER_KEY = <<END
126
+ -----BEGIN RSA PRIVATE KEY-----
127
+ MIICXAIBAAKBgQDRTWFUYiB9TnI/ByjHHWnjnA02ieuczgAgI5CzrlrQCbCiogms
128
+ yvLmcKp4zJFVPTC6eG6Xy4sXANcng44l5gr3wcSzYctukk05HSbbdoBK5jjAzMT6
129
+ al9l4mQdVXmv6dIkPFq27rIEaJTupOPaLn+mq64o2+lhTLLESOxygzOlWQIDAQAB
130
+ AoGAYbM9O6aSg+uaaNFut4ODajvt7wdydD+0z0vKwBUjTvk2+rOo0H/r4qW07a6Q
131
+ KLnnhSOyfCkHRDWgOVGviQFZHHVptrxiMA6oiyWUL/CuKjGdDQi+Q1xnuEPh0qEz
132
+ Q5ELkY1amDFS0pQV0LkDOweF4rc57haJcgRFxOz2HQJKeAECQQD0csJ4/sTq7lsg
133
+ ebIFn0kKL/k99H53rUH3XlrnGo9CnVChLe6K9J/4smp98MCre0eSgc9ahNs2c4Fs
134
+ ZpcgT8mVAkEA2zFwDhSXkkcWGmfk2Q/pfj/0OqLcIGTYkvi3sc2uirHb93VOLlvj
135
+ ClM2XwRWeeeiEW+Ev5bLmHVGuK55+h/jtQJAfwTatJB9ti2gwGE79dvs0hRXiK/w
136
+ vzMSIf2vcoLEijLAYOBDIYU3Ur0yxLpDA1gNur0lB74dQlAGolM0mB+deQJBAKBf
137
+ RYsnydY+qI9dYHToTYAPrtOQANq6rjKqQ0yWHpRfmX8ulqsYk78kLu3KMLM0pMF5
138
+ BHlhDUlY1QuerKQy3NkCQENWVz2NfnrrcgXUMHBojONcP3mkkOUocO4Ezm4GAgXO
139
+ L55O+hAtuLYdxmuNPNhT2eyOsJ/pmPntS2k/rp39Hf4=
140
+ -----END RSA PRIVATE KEY-----
141
+ END
142
+
143
+ UNKNOWN_CA = <<END
144
+ -----BEGIN CERTIFICATE-----
145
+ MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQGEwJIVTERMA8G
146
+ A1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3MDUGA1UECwwuVGFuw7pzw610
147
+ dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNlcnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBB
148
+ cmFueSAoQ2xhc3MgR29sZCkgRsWRdGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgx
149
+ MjA2MTUwODIxWjCBpzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxO
150
+ ZXRMb2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlmaWNhdGlv
151
+ biBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNzIEdvbGQpIEbFkXRhbsO6
152
+ c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCRec75LbRTDofTjl5Bu
153
+ 0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrTlF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw
154
+ /HpYzY6b7cNGbIRwXdrzAZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAk
155
+ H3B5r9s5VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRGILdw
156
+ fzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2BJtr+UBdADTHLpl1
157
+ neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAGAQH/AgEEMA4GA1UdDwEB/wQEAwIB
158
+ BjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2MU9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwW
159
+ qZw8UQCgwBEIBaeZ5m8BiFRhbvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTta
160
+ YtOUZcTh5m2C+C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC
161
+ bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2FuLjbvrW5Kfna
162
+ NwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2XjG4Kvte9nHfRCaexOYNkbQu
163
+ dZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E=
164
+ -----END CERTIFICATE-----
165
+ END
166
+ end
@@ -1013,29 +1013,65 @@ describe Puppet::Configurer do
1013
1013
  @agent.run :catalog => catalog
1014
1014
  end
1015
1015
 
1016
- it "should select a server when provided" do
1016
+ it "should select a server when it receives 200 OK response" do
1017
1017
  Puppet.settings[:server_list] = ["myserver:123"]
1018
- pool = Puppet::Network::HTTP::Pool.new(Puppet[:http_keepalive_timeout])
1019
- expect(Puppet::Network::HTTP::Pool).to receive(:new).and_return(pool)
1020
- expect(Puppet).to receive(:override).with({:http_pool => pool}).and_yield
1021
- expect(Puppet).to receive(:override).with({:server => "myserver", :serverport => '123'}).twice.and_yield
1022
- expect(Puppet::Node.indirection).to receive(:find).and_return(nil)
1023
- expect(@agent).to receive(:run_internal).and_return(nil)
1018
+ response = Net::HTTPOK.new(nil, 200, 'OK')
1019
+ allow(Puppet::Network::HttpPool).to receive(:http_ssl_instance).with('myserver', '123').and_return(double('request', get: response))
1020
+ allow(@agent).to receive(:run_internal)
1021
+
1022
+ options = {}
1023
+ @agent.run(options)
1024
+ expect(options[:report].master_used).to eq('myserver:123')
1025
+ end
1026
+
1027
+ it "should select a server when it receives 403 Forbidden" do
1028
+ Puppet.settings[:server_list] = ["myserver:123"]
1029
+ response = Net::HTTPForbidden.new(nil, 403, 'Forbidden')
1030
+ allow(Puppet::Network::HttpPool).to receive(:http_ssl_instance).with('myserver', '123').and_return(double('request', get: response))
1031
+ allow(@agent).to receive(:run_internal)
1032
+
1033
+ options = {}
1034
+ @agent.run(options)
1035
+ expect(options[:report].master_used).to eq('myserver:123')
1036
+ end
1037
+
1038
+ it "queries the simple status for the 'master' service" do
1039
+ Puppet.settings[:server_list] = ["myserver:123"]
1040
+ response = Net::HTTPOK.new(nil, 200, 'OK')
1041
+ http = double('request')
1042
+ expect(http).to receive(:get).with('/status/v1/simple/master').and_return(response)
1043
+ allow(Puppet::Network::HttpPool).to receive(:http_ssl_instance).with('myserver', '123').and_return(http)
1044
+ allow(@agent).to receive(:run_internal)
1045
+
1024
1046
  @agent.run
1025
1047
  end
1026
1048
 
1027
- it "should error when no servers in 'server_list' are reachable" do
1049
+ it "should report when a server is unavailable" do
1028
1050
  Puppet.settings[:server_list] = ["myserver:123"]
1051
+ response = Net::HTTPInternalServerError.new(nil, 500, 'Internal Server Error')
1052
+ allow(Puppet::Network::HttpPool).to receive(:http_ssl_instance).with('myserver', '123').and_return(double('request', get: response))
1053
+ allow(@agent).to receive(:run_internal)
1054
+
1055
+ expect(Puppet).to receive(:debug).with("Puppet server myserver:123 is unavailable: 500 Internal Server Error")
1056
+ expect { @agent.run }.to raise_error(Puppet::Error, /Could not select a functional puppet master from server_list:/)
1057
+ end
1058
+
1059
+ it "should error when no servers in 'server_list' are reachable" do
1060
+ Puppet.settings[:server_list] = "myserver:123,someotherservername"
1029
1061
  pool = Puppet::Network::HTTP::Pool.new(Puppet[:http_keepalive_timeout])
1030
- expect(Puppet::Network::HTTP::Pool).to receive(:new).and_return(pool)
1031
- expect(Puppet).to receive(:override).with({:http_pool => pool}).and_yield
1032
- expect(Puppet).to receive(:override).with({:server => "myserver", :serverport => '123'}).and_yield
1062
+ allow(Puppet::Network::HTTP::Pool).to receive(:new).and_return(pool)
1063
+ allow(Puppet).to receive(:override).with({:http_pool => pool}).and_yield
1064
+ allow(Puppet).to receive(:override).with({:server => "myserver", :serverport => '123'}).and_yield
1065
+ allow(Puppet).to receive(:override).with({:server => "someotherservername", :serverport => 8140}).and_yield
1033
1066
  error = Net::HTTPError.new(400, 'dummy server communication error')
1034
- expect(Puppet::Node.indirection).to receive(:find).and_raise(error)
1035
- expect{ @agent.run }.to raise_error(Puppet::Error, /Could not select a functional puppet master from server_list/)
1067
+ allow(Puppet::Node.indirection).to receive(:find).and_raise(error)
1068
+ expect{ @agent.run }.to raise_error(Puppet::Error, /Could not select a functional puppet master from server_list: 'myserver:123,someotherservername'/)
1036
1069
  end
1037
1070
 
1038
1071
  it "should not make multiple node requets when the server is found" do
1072
+ response = Net::HTTPOK.new(nil, 200, 'OK')
1073
+ allow(Puppet::Network::HttpPool).to receive(:http_ssl_instance).with('myserver', '123').and_return(double('request', get: response))
1074
+
1039
1075
  Puppet.settings[:server_list] = ["myserver:123"]
1040
1076
  expect(Puppet::Node.indirection).to receive(:find).and_return("mynode").once
1041
1077
  expect(@agent).to receive(:prepare_and_retrieve_catalog).and_return(nil)
@@ -174,6 +174,19 @@ describe 'the new function' do
174
174
  )).to have_resource("Notify[Integer, #{result}]")
175
175
  end
176
176
  end
177
+
178
+ { '0x0G' => :error,
179
+ '08' => :error,
180
+ '10F' => :error,
181
+ '0B2' => :error,
182
+ }.each do |str, result|
183
+ it "errors when given a non Integer compliant string '#{str}'" do
184
+ expect{compile_to_catalog(<<-"MANIFEST"
185
+ $x = Integer.new("#{str}")
186
+ MANIFEST
187
+ )}.to raise_error(Puppet::Error, /invalid value|cannot be converted to Integer/)
188
+ end
189
+ end
177
190
  end
178
191
 
179
192
  context "when radix is explicitly set to 'default' it" do
@@ -307,6 +320,8 @@ describe 'the new function' do
307
320
  { "10" => 10,
308
321
  "010" => 10,
309
322
  "00010" => 10,
323
+ "08" => 8,
324
+ "0008" => 8,
310
325
  }.each do |str, result|
311
326
  it "produces #{result} from the string '#{str}'" do
312
327
  expect(compile_to_catalog(<<-"MANIFEST"
@@ -90,4 +90,11 @@ describe Hiera::Scope do
90
90
  expect(scope.include?("calling_module")).to eq(true)
91
91
  end
92
92
  end
93
+
94
+ describe "#call_function" do
95
+ it "should delegate a call to call_function to the real scope" do
96
+ expect(real).to receive(:call_function).once
97
+ scope.call_function('some_function', [1,2,3])
98
+ end
99
+ end
93
100
  end
@@ -61,136 +61,6 @@ describe Puppet::Network::HTTP::Connection do
61
61
  end
62
62
  end
63
63
 
64
- class ConstantErrorValidator
65
- def initialize(args)
66
- @fails_with = args[:fails_with]
67
- @error_string = args[:error_string] || ""
68
- @peer_certs = args[:peer_certs] || []
69
- end
70
-
71
- def setup_connection(connection)
72
- end
73
-
74
- def peer_certs
75
- @peer_certs
76
- end
77
-
78
- def verify_errors
79
- [@error_string]
80
- end
81
- end
82
-
83
- class NoProblemsValidator
84
- def initialize(cert)
85
- @cert = cert
86
- end
87
-
88
- def setup_connection(connection)
89
- end
90
-
91
- def peer_certs
92
- [@cert]
93
- end
94
-
95
- def verify_errors
96
- []
97
- end
98
- end
99
-
100
- shared_examples_for 'ssl verifier' do
101
- include PuppetSpec::Files
102
-
103
- let (:host) { "my_server" }
104
- let (:port) { 8140 }
105
-
106
- before :all do
107
- WebMock.disable!
108
- end
109
-
110
- after :all do
111
- WebMock.enable!
112
- end
113
-
114
- before(:each) do
115
- allow_any_instance_of(ConstantErrorValidator).to receive(:setup_connection) do |cev, connection|
116
- allow(connection).to receive(:start).and_raise(OpenSSL::SSL::SSLError.new(cev.instance_variable_get(:@fails_with)))
117
- end
118
- end
119
-
120
- it "should provide a useful error message when one is available and certificate validation fails", :unless => Puppet.features.microsoft_windows? do
121
- connection = Puppet::Network::HTTP::Connection.new(
122
- host, port,
123
- :verify => ConstantErrorValidator.new(:fails_with => 'certificate verify failed',
124
- :error_string => 'shady looking signature'))
125
-
126
- expect do
127
- connection.get('request')
128
- end.to raise_error(Puppet::Error, /certificate verify failed: \[shady looking signature\]/)
129
- end
130
-
131
- it "should provide a helpful error message when hostname was not match with server certificate", :unless => Puppet.features.microsoft_windows? do
132
- Puppet[:confdir] = tmpdir('conf')
133
-
134
- connection = Puppet::Network::HTTP::Connection.new(
135
- host, port,
136
- :verify => ConstantErrorValidator.new(
137
- :fails_with => 'hostname was not match with server certificate',
138
- :peer_certs => [Puppet::SSL::CertificateAuthority.new.generate(
139
- 'not_my_server', :dns_alt_names => 'foo,bar,baz')]))
140
-
141
- expect do
142
- connection.get('request')
143
- end.to raise_error(Puppet::Error) do |error|
144
- error.message =~ /\AServer hostname 'my_server' did not match server certificate; expected one of (.+)/
145
- expect($1.split(', ')).to match_array(%w[DNS:foo DNS:bar DNS:baz DNS:not_my_server not_my_server])
146
- end
147
- end
148
-
149
- it "should pass along the error message otherwise" do
150
- connection = Puppet::Network::HTTP::Connection.new(
151
- host, port,
152
- :verify => ConstantErrorValidator.new(:fails_with => 'some other message'))
153
-
154
- expect do
155
- connection.get('request')
156
- end.to raise_error(/some other message/)
157
- end
158
-
159
- it "should check all peer certificates for upcoming expiration", :unless => Puppet.features.microsoft_windows? do
160
- Puppet[:confdir] = tmpdir('conf')
161
- cert = Puppet::SSL::CertificateAuthority.new.generate(
162
- 'server', :dns_alt_names => 'foo,bar,baz')
163
-
164
- connection = Puppet::Network::HTTP::Connection.new(
165
- host, port,
166
- :verify => NoProblemsValidator.new(cert))
167
-
168
- allow_any_instance_of(Net::HTTP).to receive(:start)
169
- allow_any_instance_of(Net::HTTP).to receive(:request).and_return(httpok)
170
- allow_any_instance_of(Puppet::Network::HTTP::Pool).to receive(:setsockopts)
171
-
172
- connection.get('request')
173
- end
174
- end
175
-
176
- context "when using single use HTTPS connections" do
177
- it_behaves_like 'ssl verifier' do
178
- end
179
- end
180
-
181
- context "when using persistent HTTPS connections" do
182
- around :each do |example|
183
- pool = Puppet::Network::HTTP::Pool.new
184
- Puppet.override(:http_pool => pool) do
185
- example.run
186
- end
187
- pool.close
188
- end
189
-
190
- it_behaves_like 'ssl verifier' do
191
- end
192
- end
193
-
194
64
  context "when response is a redirect" do
195
65
  let (:site) { Puppet::Network::HTTP::Site.new('http', 'my_server', 8140) }
196
66
  let (:other_site) { Puppet::Network::HTTP::Site.new('http', 'redirected', 9292) }