RubyGems - puppet - Versions diffs - 5.5.16-universal-darwin → 5.5.21-universal-darwin - Mend

puppet 5.5.16-universal-darwin → 5.5.21-universal-darwin

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (359) hide show

checksums.yaml +4 -4
data/CODEOWNERS +10 -10
data/Gemfile +2 -3
data/Gemfile.lock +57 -52
data/ext/build_defaults.yaml +1 -0
data/ext/cert_inspector +3 -3
data/ext/project_data.yaml +2 -2
data/ext/puppet-test +2 -2
data/ext/regexp_nodes/regexp_nodes.rb +4 -4
data/ext/windows/service/daemon.rb +54 -8
data/install.rb +6 -24
data/lib/puppet.rb +5 -2
data/lib/puppet/agent.rb +5 -13
data/lib/puppet/application.rb +1 -1
data/lib/puppet/application/agent.rb +15 -1
data/lib/puppet/application/apply.rb +2 -2
data/lib/puppet/application/describe.rb +3 -9
data/lib/puppet/application/device.rb +4 -4
data/lib/puppet/application/doc.rb +1 -1
data/lib/puppet/application/filebucket.rb +13 -0
data/lib/puppet/application/lookup.rb +1 -1
data/lib/puppet/application/resource.rb +4 -4
data/lib/puppet/application/script.rb +2 -2
data/lib/puppet/configurer.rb +86 -28
data/lib/puppet/configurer/downloader.rb +2 -6
data/lib/puppet/daemon.rb +1 -1
data/lib/puppet/defaults.rb +82 -38
data/lib/puppet/error.rb +9 -1
data/lib/puppet/external/nagios/base.rb +1 -1
data/lib/puppet/face/ca.rb +1 -1
data/lib/puppet/face/config.rb +10 -48
data/lib/puppet/face/facts.rb +1 -1
data/lib/puppet/face/module/list.rb +5 -5
data/lib/puppet/face/module/search.rb +1 -1
data/lib/puppet/face/module/uninstall.rb +1 -1
data/lib/puppet/face/module/upgrade.rb +1 -1
data/lib/puppet/face/plugin.rb +9 -2
data/lib/puppet/file_serving/http_metadata.rb +1 -1
data/lib/puppet/file_system.rb +0 -8
data/lib/puppet/file_system/memory_file.rb +1 -1
data/lib/puppet/file_system/posix.rb +3 -2
data/lib/puppet/file_system/uniquefile.rb +4 -0
data/lib/puppet/forge.rb +3 -3
data/lib/puppet/functions/epp.rb +4 -4
data/lib/puppet/functions/inline_epp.rb +5 -5
data/lib/puppet/functions/reduce.rb +2 -4
data/lib/puppet/gettext/module_translations.rb +1 -1
data/lib/puppet/graph/rb_tree_map.rb +2 -2
data/lib/puppet/graph/simple_graph.rb +6 -5
data/lib/puppet/indirector/catalog/compiler.rb +8 -0
data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
data/lib/puppet/indirector/hiera.rb +2 -0
data/lib/puppet/indirector/resource/ral.rb +1 -3
data/lib/puppet/indirector/resource/validator.rb +1 -1
data/lib/puppet/interface.rb +2 -1
data/lib/puppet/loaders.rb +0 -1
data/lib/puppet/metatype/manager.rb +1 -1
data/lib/puppet/module.rb +1 -1
data/lib/puppet/module_tool/applications/builder.rb +1 -1
data/lib/puppet/module_tool/applications/installer.rb +1 -1
data/lib/puppet/module_tool/applications/uninstaller.rb +3 -3
data/lib/puppet/module_tool/metadata.rb +1 -1
data/lib/puppet/module_tool/shared_behaviors.rb +4 -4
data/lib/puppet/module_tool/tar/mini.rb +12 -2
data/lib/puppet/network/http/api/indirected_routes.rb +13 -12
data/lib/puppet/network/http/api/master/v3/environment.rb +3 -0
data/lib/puppet/network/http/connection.rb +14 -12
data/lib/puppet/network/http/factory.rb +1 -11
data/lib/puppet/network/http/pool.rb +7 -1
data/lib/puppet/network/http/rack/rest.rb +2 -2
data/lib/puppet/network/http/site.rb +1 -1
data/lib/puppet/network/resolver.rb +2 -2
data/lib/puppet/node/environment.rb +4 -2
data/lib/puppet/parameter.rb +8 -0
data/lib/puppet/parser/ast.rb +1 -1
data/lib/puppet/parser/ast/resourceparam.rb +1 -1
data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +2 -0
data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
data/lib/puppet/parser/environment_compiler.rb +3 -0
data/lib/puppet/parser/functions.rb +1 -1
data/lib/puppet/parser/functions/epp.rb +3 -3
data/lib/puppet/parser/functions/inline_epp.rb +5 -5
data/lib/puppet/parser/resource.rb +3 -2
data/lib/puppet/parser/resource/param.rb +6 -0
data/lib/puppet/pops/evaluator/access_operator.rb +2 -2
data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +1 -1
data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +1 -1
data/lib/puppet/pops/evaluator/evaluator_impl.rb +1 -1
data/lib/puppet/pops/evaluator/external_syntax_support.rb +3 -2
data/lib/puppet/pops/evaluator/runtime3_support.rb +4 -4
data/lib/puppet/pops/issues.rb +5 -0
data/lib/puppet/pops/loaders.rb +1 -1
data/lib/puppet/pops/lookup/hiera_config.rb +1 -0
data/lib/puppet/pops/lookup/sub_lookup.rb +1 -1
data/lib/puppet/pops/merge_strategy.rb +22 -18
data/lib/puppet/pops/parser/heredoc_support.rb +1 -1
data/lib/puppet/pops/parser/interpolation_support.rb +4 -4
data/lib/puppet/pops/parser/locator.rb +1 -1
data/lib/puppet/pops/parser/pn_parser.rb +17 -16
data/lib/puppet/pops/puppet_stack.rb +51 -48
data/lib/puppet/pops/resource/resource_type_impl.rb +2 -0
data/lib/puppet/pops/types/p_sensitive_type.rb +1 -1
data/lib/puppet/pops/types/string_converter.rb +10 -10
data/lib/puppet/pops/types/type_calculator.rb +24 -0
data/lib/puppet/pops/types/types.rb +3 -3
data/lib/puppet/pops/validation/checker4_0.rb +10 -0
data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -0
data/lib/puppet/property.rb +1 -1
data/lib/puppet/property/ensure.rb +1 -1
data/lib/puppet/provider/augeas/augeas.rb +1 -1
data/lib/puppet/provider/cron/crontab.rb +1 -1
data/lib/puppet/provider/exec.rb +6 -2
data/lib/puppet/provider/file/posix.rb +5 -0
data/lib/puppet/provider/group/groupadd.rb +19 -19
data/lib/puppet/provider/group/windows_adsi.rb +3 -3
data/lib/puppet/provider/mailalias/aliases.rb +1 -1
data/lib/puppet/provider/mount.rb +1 -1
data/lib/puppet/provider/mount/parsed.rb +8 -8
data/lib/puppet/provider/nameservice.rb +10 -3
data/lib/puppet/provider/nameservice/directoryservice.rb +1 -1
data/lib/puppet/provider/nameservice/pw.rb +2 -2
data/lib/puppet/provider/package/aix.rb +17 -2
data/lib/puppet/provider/package/apt.rb +14 -3
data/lib/puppet/provider/package/dnf.rb +1 -1
data/lib/puppet/provider/package/dnfmodule.rb +141 -0
data/lib/puppet/provider/package/dpkg.rb +16 -18
data/lib/puppet/provider/package/fink.rb +20 -3
data/lib/puppet/provider/package/openbsd.rb +14 -2
data/lib/puppet/provider/package/pip.rb +37 -10
data/lib/puppet/provider/package/pkg.rb +18 -5
data/lib/puppet/provider/package/pkgdmg.rb +1 -1
data/lib/puppet/provider/package/pkgng.rb +16 -4
data/lib/puppet/provider/package/portage.rb +4 -4
data/lib/puppet/provider/package/rpm.rb +57 -19
data/lib/puppet/provider/package/windows/package.rb +1 -1
data/lib/puppet/provider/package/yum.rb +35 -24
data/lib/puppet/provider/package/zypper.rb +1 -0
data/lib/puppet/provider/package_targetable.rb +5 -4
data/lib/puppet/provider/parsedfile.rb +1 -1
data/lib/puppet/provider/scheduled_task/win32_taskscheduler.rb +3 -3
data/lib/puppet/provider/selmodule/semodule.rb +43 -26
data/lib/puppet/provider/service/daemontools.rb +9 -9
data/lib/puppet/provider/service/launchd.rb +20 -5
data/lib/puppet/provider/service/openbsd.rb +1 -1
data/lib/puppet/provider/service/rcng.rb +2 -2
data/lib/puppet/provider/service/runit.rb +2 -8
data/lib/puppet/provider/service/systemd.rb +35 -22
data/lib/puppet/provider/service/windows.rb +8 -0
data/lib/puppet/provider/user/directoryservice.rb +31 -6
data/lib/puppet/provider/user/hpux.rb +1 -1
data/lib/puppet/provider/user/pw.rb +12 -3
data/lib/puppet/provider/user/user_role_add.rb +5 -1
data/lib/puppet/provider/user/useradd.rb +62 -27
data/lib/puppet/provider/user/windows_adsi.rb +4 -5
data/lib/puppet/provider/yumrepo/inifile.rb +2 -2
data/lib/puppet/reference/indirection.rb +2 -2
data/lib/puppet/reference/metaparameter.rb +1 -3
data/lib/puppet/reference/providers.rb +1 -1
data/lib/puppet/reference/type.rb +3 -9
data/lib/puppet/reports.rb +1 -1
data/lib/puppet/resource.rb +18 -1
data/lib/puppet/resource/catalog.rb +1 -1
data/lib/puppet/resource/type.rb +8 -0
data/lib/puppet/settings.rb +43 -3
data/lib/puppet/settings/environment_conf.rb +1 -0
data/lib/puppet/ssl/certificate.rb +2 -1
data/lib/puppet/ssl/certificate_authority.rb +6 -5
data/lib/puppet/ssl/certificate_authority/interface.rb +1 -1
data/lib/puppet/ssl/certificate_factory.rb +2 -2
data/lib/puppet/ssl/host.rb +3 -3
data/lib/puppet/ssl/oids.rb +1 -1
data/lib/puppet/test/test_helper.rb +15 -10
data/lib/puppet/transaction/report.rb +1 -1
data/lib/puppet/transaction/resource_harness.rb +1 -1
data/lib/puppet/type.rb +15 -4
data/lib/puppet/type/cron.rb +1 -1
data/lib/puppet/type/exec.rb +21 -9
data/lib/puppet/type/file.rb +14 -2
data/lib/puppet/type/file/data_sync.rb +5 -1
data/lib/puppet/type/group.rb +4 -2
data/lib/puppet/type/interface.rb +1 -1
data/lib/puppet/type/notify.rb +3 -2
data/lib/puppet/type/package.rb +107 -8
data/lib/puppet/type/schedule.rb +1 -1
data/lib/puppet/type/selboolean.rb +17 -3
data/lib/puppet/type/service.rb +9 -10
data/lib/puppet/type/user.rb +6 -24
data/lib/puppet/type/yumrepo.rb +3 -7
data/lib/puppet/util.rb +47 -25
data/lib/puppet/util/command_line/trollop.rb +1 -1
data/lib/puppet/util/execution.rb +4 -3
data/lib/puppet/util/http_proxy.rb +24 -16
data/lib/puppet/util/instance_loader.rb +1 -1
data/lib/puppet/util/log.rb +1 -1
data/lib/puppet/util/log/destinations.rb +3 -12
data/lib/puppet/util/logging.rb +30 -18
data/lib/puppet/util/metric.rb +2 -2
data/lib/puppet/util/monkey_patches.rb +1 -1
data/lib/puppet/util/nagios_maker.rb +2 -2
data/lib/puppet/util/network_device/cisco/device.rb +1 -1
data/lib/puppet/util/network_device/cisco/interface.rb +2 -2
data/lib/puppet/util/network_device/transport/ssh.rb +1 -1
data/lib/puppet/util/pidlock.rb +12 -6
data/lib/puppet/util/plist.rb +6 -0
data/lib/puppet/util/provider_features.rb +2 -4
data/lib/puppet/util/rdoc.rb +1 -1
data/lib/puppet/util/reference.rb +1 -1
data/lib/puppet/util/resource_template.rb +1 -1
data/lib/puppet/util/selinux.rb +8 -2
data/lib/puppet/util/windows/adsi.rb +60 -30
data/lib/puppet/util/windows/api_types.rb +45 -32
data/lib/puppet/util/windows/eventlog.rb +1 -6
data/lib/puppet/util/windows/principal.rb +8 -6
data/lib/puppet/util/windows/process.rb +16 -15
data/lib/puppet/util/windows/registry.rb +17 -15
data/lib/puppet/util/windows/security.rb +3 -0
data/lib/puppet/util/windows/service.rb +149 -4
data/lib/puppet/util/windows/sid.rb +4 -3
data/lib/puppet/vendor.rb +1 -1
data/lib/puppet/version.rb +1 -1
data/lib/puppet_pal.rb +2 -2
data/locales/puppet.pot +479 -443
data/man/man5/puppet.conf.5 +38 -8
data/man/man8/puppet-agent.8 +2 -2
data/man/man8/puppet-apply.8 +1 -1
data/man/man8/puppet-ca.8 +1 -1
data/man/man8/puppet-catalog.8 +1 -1
data/man/man8/puppet-cert.8 +1 -1
data/man/man8/puppet-certificate.8 +1 -1
data/man/man8/puppet-certificate_request.8 +1 -1
data/man/man8/puppet-certificate_revocation_list.8 +1 -1
data/man/man8/puppet-config.8 +1 -1
data/man/man8/puppet-describe.8 +1 -1
data/man/man8/puppet-device.8 +1 -1
data/man/man8/puppet-doc.8 +1 -1
data/man/man8/puppet-epp.8 +1 -1
data/man/man8/puppet-facts.8 +1 -1
data/man/man8/puppet-filebucket.8 +16 -1
data/man/man8/puppet-generate.8 +1 -1
data/man/man8/puppet-help.8 +1 -1
data/man/man8/puppet-key.8 +1 -1
data/man/man8/puppet-lookup.8 +1 -1
data/man/man8/puppet-man.8 +1 -1
data/man/man8/puppet-master.8 +1 -1
data/man/man8/puppet-module.8 +1 -1
data/man/man8/puppet-node.8 +1 -1
data/man/man8/puppet-parser.8 +1 -1
data/man/man8/puppet-plugin.8 +1 -1
data/man/man8/puppet-report.8 +1 -1
data/man/man8/puppet-resource.8 +1 -1
data/man/man8/puppet-script.8 +1 -1
data/man/man8/puppet-status.8 +1 -1
data/man/man8/puppet.8 +2 -2
data/spec/fixtures/integration/provider/mailalias/aliases/test1 +1 -0
data/spec/fixtures/unit/provider/package/dnfmodule/dnf-module-list.txt +19 -0
data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
data/spec/integration/configurer_spec.rb +52 -0
data/spec/integration/defaults_spec.rb +1 -2
data/spec/integration/indirector/facts/facter_spec.rb +4 -0
data/spec/integration/parser/compiler_spec.rb +11 -0
data/spec/integration/provider/service/systemd_spec.rb +8 -5
data/spec/integration/type/file_spec.rb +28 -0
data/spec/integration/type/notify_spec.rb +46 -0
data/spec/integration/util/execution_spec.rb +27 -0
data/spec/integration/util/windows/adsi_spec.rb +6 -1
data/spec/integration/util/windows/registry_spec.rb +7 -7
data/spec/unit/agent_spec.rb +34 -26
data/spec/unit/application/agent_spec.rb +18 -0
data/spec/unit/application/apply_spec.rb +2 -12
data/spec/unit/application/device_spec.rb +1 -1
data/spec/unit/configurer/fact_handler_spec.rb +0 -4
data/spec/unit/configurer_spec.rb +377 -397
data/spec/unit/daemon_spec.rb +0 -1
data/spec/unit/face/facts_spec.rb +9 -0
data/spec/unit/face/plugin_spec.rb +8 -0
data/spec/unit/file_system/uniquefile_spec.rb +11 -0
data/spec/unit/forge/forge_spec.rb +1 -3
data/spec/unit/forge/repository_spec.rb +1 -3
data/spec/unit/indirector/catalog/compiler_spec.rb +45 -26
data/spec/unit/indirector/resource/ral_spec.rb +4 -4
data/spec/unit/module_tool/tar/mini_spec.rb +1 -1
data/spec/unit/network/http/api/indirected_routes_spec.rb +28 -11
data/spec/unit/network/http/connection_spec.rb +43 -1
data/spec/unit/network/http/factory_spec.rb +27 -5
data/spec/unit/network/http/pool_spec.rb +32 -0
data/spec/unit/node_spec.rb +7 -4
data/spec/unit/parser/environment_compiler_spec.rb +7 -0
data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +8 -3
data/spec/unit/pops/validator/validator_spec.rb +7 -0
data/spec/unit/provider/exec_spec.rb +209 -0
data/spec/unit/provider/group/groupadd_spec.rb +30 -1
data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
data/spec/unit/provider/package/aix_spec.rb +29 -0
data/spec/unit/provider/package/apt_spec.rb +13 -2
data/spec/unit/provider/package/aptitude_spec.rb +1 -0
data/spec/unit/provider/package/aptrpm_spec.rb +1 -1
data/spec/unit/provider/package/dnf_spec.rb +7 -0
data/spec/unit/provider/package/dnfmodule_spec.rb +247 -0
data/spec/unit/provider/package/dpkg_spec.rb +35 -7
data/spec/unit/provider/package/openbsd_spec.rb +17 -0
data/spec/unit/provider/package/pip_spec.rb +93 -22
data/spec/unit/provider/package/pkg_spec.rb +13 -1
data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
data/spec/unit/provider/package/pkgng_spec.rb +36 -0
data/spec/unit/provider/package/portage_spec.rb +4 -4
data/spec/unit/provider/package/rpm_spec.rb +150 -16
data/spec/unit/provider/package/yum_spec.rb +66 -0
data/spec/unit/provider/package/zypper_spec.rb +13 -0
data/spec/unit/provider/package_targetable_spec.rb +60 -0
data/spec/unit/provider/selmodule_spec.rb +118 -47
data/spec/unit/provider/service/daemontools_spec.rb +24 -0
data/spec/unit/provider/service/launchd_spec.rb +28 -0
data/spec/unit/provider/service/runit_spec.rb +24 -0
data/spec/unit/provider/service/systemd_spec.rb +109 -36
data/spec/unit/provider/service/windows_spec.rb +20 -0
data/spec/unit/provider/user/directoryservice_spec.rb +41 -0
data/spec/unit/provider/user/hpux_spec.rb +2 -2
data/spec/unit/provider/user/openbsd_spec.rb +1 -0
data/spec/unit/provider/user/pw_spec.rb +37 -0
data/spec/unit/provider/user/useradd_spec.rb +122 -15
data/spec/unit/provider/user/windows_adsi_spec.rb +3 -3
data/spec/unit/puppet_pal_2pec.rb +3 -0
data/spec/unit/resource_spec.rb +26 -1
data/spec/unit/ssl/certificate_authority_spec.rb +2 -3
data/spec/unit/ssl/certificate_spec.rb +7 -0
data/spec/unit/test/test_helper_spec.rb +17 -0
data/spec/unit/transaction_spec.rb +18 -0
data/spec/unit/type/exec_spec.rb +15 -12
data/spec/unit/type/file/content_spec.rb +9 -3
data/spec/unit/type/file/source_spec.rb +4 -4
data/spec/unit/type/file_spec.rb +9 -4
data/spec/unit/type/package_spec.rb +8 -0
data/spec/unit/type/schedule_spec.rb +3 -1
data/spec/unit/type/selboolean_spec.rb +4 -6
data/spec/unit/type/service_spec.rb +25 -8
data/spec/unit/type/user_spec.rb +32 -26
data/spec/unit/type/yumrepo_spec.rb +30 -0
data/spec/unit/type_spec.rb +40 -0
data/spec/unit/util/execution_spec.rb +16 -0
data/spec/unit/util/http_proxy_spec.rb +121 -1
data/spec/unit/util/log/destinations_spec.rb +2 -26
data/spec/unit/util/log_spec.rb +0 -112
data/spec/unit/util/logging_spec.rb +200 -0
data/spec/unit/util/pidlock_spec.rb +67 -40
data/spec/unit/util/plist_spec.rb +20 -0
data/spec/unit/util/windows/adsi_spec.rb +55 -4
data/spec/unit/util/windows/api_types_spec.rb +104 -40
data/spec/unit/util/windows/service_spec.rb +9 -0
data/spec/unit/util/windows/sid_spec.rb +2 -2
data/tasks/manpages.rake +1 -0
metadata +16 -11
data/ext/windows/eventlog/Rakefile +0 -32
data/ext/windows/eventlog/puppetres.dll +0 -0
data/ext/windows/eventlog/puppetres.mc +0 -18
data/lib/puppet/pops/loader/null_loader.rb +0 -60
data/locales/ja/puppet.po +0 -12114
data/spec/integration/test/test_helper_spec.rb +0 -31

data/lib/puppet/util/windows/eventlog.rb CHANGED

@@ -140,12 +140,7 @@ class Puppet::Util::Windows::EventLog
   # @api private
   def from_string_to_wide_string(str, &block)
     str = wide_string(str)
-    FFI::MemoryPointer.new(:uchar, str.bytesize) do |ptr|
-      # uchar here is synonymous with byte
-      ptr.put_array_of_uchar(0, str.bytes.to_a)
-      yield ptr
-    end
+    FFI::MemoryPointer.from_wide_string(str) { |ptr| yield ptr }
     # ptr has already had free called, so nothing to return
     nil

data/lib/puppet/util/windows/principal.rb CHANGED

@@ -41,6 +41,7 @@ module Puppet::Util::Windows::SID
     # = 8 + max sub identifiers (15) * 4
     MAXIMUM_SID_BYTE_LENGTH = 68
+    ERROR_INVALID_PARAMETER   = 87
     ERROR_INSUFFICIENT_BUFFER = 122
     def self.lookup_account_name(system_name = nil, account_name)
@@ -48,9 +49,7 @@ module Puppet::Util::Windows::SID
       begin
         if system_name
           system_name_wide = Puppet::Util::Windows::String.wide_string(system_name)
-          # uchar here is synonymous with byte
-          system_name_ptr = FFI::MemoryPointer.new(:byte, system_name_wide.bytesize)
-          system_name_ptr.put_array_of_uchar(0, system_name_wide.bytes.to_a)
+          system_name_ptr = FFI::MemoryPointer.from_wide_string(system_name_wide)
         end
         FFI::MemoryPointer.from_string_to_wide_string(account_name) do |account_name_ptr|
@@ -101,9 +100,7 @@ module Puppet::Util::Windows::SID
       begin
         if system_name
           system_name_wide = Puppet::Util::Windows::String.wide_string(system_name)
-          # uchar here is synonymous with byte
-          system_name_ptr = FFI::MemoryPointer.new(:byte, system_name_wide.bytesize)
-          system_name_ptr.put_array_of_uchar(0, system_name_wide.bytes.to_a)
+          system_name_ptr = FFI::MemoryPointer.from_wide_string(system_name_wide)
         end
         FFI::MemoryPointer.new(:byte, sid_bytes.length) do |sid_ptr|
@@ -112,6 +109,11 @@ module Puppet::Util::Windows::SID
               FFI::MemoryPointer.new(:uint32, 1) do |name_use_enum_ptr|
                 sid_ptr.write_array_of_uchar(sid_bytes)
+                if Puppet::Util::Windows::SID.IsValidSid(sid_ptr) == FFI::WIN32_FALSE
+                  raise Puppet::Util::Windows::Error.new(_('Byte array for lookup_account_sid is invalid: %{sid_bytes}') % { sid_bytes: sid_bytes }, ERROR_INVALID_PARAMETER)
+                end
                 success = LookupAccountSidW(system_name_ptr, sid_ptr, FFI::Pointer::NULL, name_length_ptr,
                   FFI::Pointer::NULL, domain_length_ptr, name_use_enum_ptr)
                 last_error = FFI.errno

data/lib/puppet/util/windows/process.rb CHANGED

@@ -124,26 +124,27 @@ module Puppet::Util::Windows::Process
   def get_process_image_name_by_pid(pid)
     image_name = ""
-     open_process(PROCESS_QUERY_INFORMATION, false, pid) do |phandle|
-       FFI::MemoryPointer.new(:dword, 1) do |exe_name_length_ptr|
-        # UTF is 2 bytes/char:
-        max_chars = MAX_PATH_LENGTH + 1
-        exe_name_length_ptr.write_dword(max_chars)
-        FFI::MemoryPointer.new(:wchar, max_chars) do |exe_name_ptr|
-          use_win32_path_format = 0
-          result = QueryFullProcessImageNameW(phandle, use_win32_path_format, exe_name_ptr, exe_name_length_ptr)
-          if result == FFI::WIN32_FALSE
-            raise Puppet::Util::Windows::Error.new(
-              "QueryFullProcessImageNameW(phandle, #{use_win32_path_format}, " +
-              "exe_name_ptr, #{max_chars}")
+    Puppet::Util::Windows::Security.with_privilege(Puppet::Util::Windows::Security::SE_DEBUG_NAME) do
+      open_process(PROCESS_QUERY_INFORMATION, false, pid) do |phandle|
+        FFI::MemoryPointer.new(:dword, 1) do |exe_name_length_ptr|
+          # UTF is 2 bytes/char:
+          max_chars = MAX_PATH_LENGTH + 1
+          exe_name_length_ptr.write_dword(max_chars)
+          FFI::MemoryPointer.new(:wchar, max_chars) do |exe_name_ptr|
+            use_win32_path_format = 0
+            result = QueryFullProcessImageNameW(phandle, use_win32_path_format, exe_name_ptr, exe_name_length_ptr)
+            if result == FFI::WIN32_FALSE
+              raise Puppet::Util::Windows::Error.new(
+                      "QueryFullProcessImageNameW(phandle, #{use_win32_path_format}, " +
+                      "exe_name_ptr, #{max_chars}")
+            end
+            image_name = exe_name_ptr.read_wide_string(exe_name_length_ptr.read_dword)
           end
-          image_name = exe_name_ptr.read_wide_string(exe_name_length_ptr.read_dword)
         end
       end
     end
-     image_name
+    image_name
   end
   module_function :get_process_image_name_by_pid

data/lib/puppet/util/windows/registry.rb CHANGED

@@ -46,11 +46,12 @@ module Puppet::Util::Windows
       subkey_max_len, _ = reg_query_info_key_max_lengths(key)
-      begin
+      loop do
         subkey, filetime = reg_enum_key(key, index, subkey_max_len)
         yield subkey, filetime if !subkey.nil?
         index += 1
-      end while !subkey.nil?
+        break if subkey.nil?
+      end
       index
     end
@@ -93,11 +94,12 @@ module Puppet::Util::Windows
       _, value_max_len = reg_query_info_key_max_lengths(key)
-      begin
+      loop do
         subkey, type, data = reg_enum_value(key, index, value_max_len)
         yield subkey, type, data if !subkey.nil?
         index += 1
-      end while !subkey.nil?
+        break if subkey.nil?
+      end
       index
     end
@@ -108,13 +110,16 @@ module Puppet::Util::Windows
     private
-    def reg_enum_key(key, index, max_key_length = Win32::Registry::Constants::MAX_KEY_LENGTH)
+    # max number of wide characters including NULL terminator
+    MAX_KEY_CHAR_LENGTH = 255 + 1
+    def reg_enum_key(key, index, max_key_char_length = MAX_KEY_CHAR_LENGTH)
       subkey, filetime = nil, nil
       FFI::MemoryPointer.new(:dword) do |subkey_length_ptr|
         FFI::MemoryPointer.new(FFI::WIN32::FILETIME.size) do |filetime_ptr|
-          FFI::MemoryPointer.new(:wchar, max_key_length) do |subkey_ptr|
-            subkey_length_ptr.write_dword(max_key_length)
+          FFI::MemoryPointer.new(:wchar, max_key_char_length) do |subkey_ptr|
+            subkey_length_ptr.write_dword(max_key_char_length)
             # RegEnumKeyEx cannot be called twice to properly size the buffer
             result = RegEnumKeyExW(key.hkey, index,
@@ -139,7 +144,10 @@ module Puppet::Util::Windows
       [subkey, filetime]
     end
-    def reg_enum_value(key, index, max_value_length = Win32::Registry::Constants::MAX_VALUE_LENGTH)
+    # max number of wide characters including NULL terminator
+    MAX_VALUE_CHAR_LENGTH = 16383 + 1
+    def reg_enum_value(key, index, max_value_length = MAX_VALUE_CHAR_LENGTH)
       subkey, type, data = nil, nil, nil
       FFI::MemoryPointer.new(:dword) do |subkey_length_ptr|
@@ -232,7 +240,7 @@ module Puppet::Util::Windows
         begin
           case type
             when Win32::Registry::REG_SZ, Win32::Registry::REG_EXPAND_SZ
-              result = [ type, sanitize(data_ptr.read_wide_string(string_length)) ]
+              result = [ type, data_ptr.read_wide_string(string_length, Encoding::UTF_8, true) ]
             when Win32::Registry::REG_MULTI_SZ
               result = [ type, data_ptr.read_wide_string(string_length).split(/\0/) ]
             when Win32::Registry::REG_BINARY
@@ -312,12 +320,6 @@ module Puppet::Util::Windows
       result
     end
-    def sanitize(value)
-      # Replace null bytes with a space
-      value.gsub!("\x00", ' ')
-      value
-    end
     ffi_convention :stdcall
     # https://msdn.microsoft.com/en-us/library/windows/desktop/ms724862(v=vs.85).aspx

data/lib/puppet/util/windows/security.rb CHANGED

@@ -97,6 +97,7 @@ module Puppet::Util::Windows::Security
   FILE = Puppet::Util::Windows::File
   SE_BACKUP_NAME              = 'SeBackupPrivilege'
+  SE_DEBUG_NAME               = 'SeDebugPrivilege'
   SE_RESTORE_NAME             = 'SeRestorePrivilege'
   DELETE                      = 0x00010000
@@ -200,6 +201,7 @@ module Puppet::Util::Windows::Security
     well_known_world_sid = Puppet::Util::Windows::SID::Everyone
     well_known_nobody_sid = Puppet::Util::Windows::SID::Nobody
     well_known_system_sid = Puppet::Util::Windows::SID::LocalSystem
+    well_known_app_packages_sid = Puppet::Util::Windows::SID::AllAppPackages
     mode = S_ISYSTEM_MISSING
@@ -234,6 +236,7 @@ module Puppet::Util::Windows::Security
         if (ace.mask & FILE::FILE_APPEND_DATA).nonzero?
           mode |= S_ISVTX
         end
+      when well_known_app_packages_sid
       when well_known_system_sid
       else
         #puts "Warning, unable to map SID into POSIX mode: #{ace.sid}"

data/lib/puppet/util/windows/service.rb CHANGED

@@ -1,3 +1,4 @@
+# coding: utf-8
 require 'puppet/util/windows'
 require 'ffi'
@@ -180,7 +181,30 @@ module Puppet::Util::Windows
     # // Value to indicate no change to an optional parameter
     # //
     # #define SERVICE_NO_CHANGE              0xffffffff
-    SERVICE_NO_CHANGE = 0xffffffff
+    # https://docs.microsoft.com/en-us/windows/win32/api/winsvc/nf-winsvc-changeserviceconfig2w
+    SERVICE_CONFIG_DESCRIPTION              = 0x00000001
+    SERVICE_CONFIG_FAILURE_ACTIONS          = 0x00000002
+    SERVICE_CONFIG_DELAYED_AUTO_START_INFO  = 0x00000003
+    SERVICE_CONFIG_FAILURE_ACTIONS_FLAG     = 0x00000004
+    SERVICE_CONFIG_SERVICE_SID_INFO         = 0x00000005
+    SERVICE_CONFIG_REQUIRED_PRIVILEGES_INFO = 0x00000006
+    SERVICE_CONFIG_PRESHUTDOWN_INFO         = 0x00000007
+    SERVICE_CONFIG_TRIGGER_INFO             = 0x00000008
+    SERVICE_CONFIG_PREFERRED_NODE           = 0x00000009
+    SERVICE_CONFIG_LAUNCH_PROTECTED         = 0x00000012
+    SERVICE_NO_CHANGE                       = 0xffffffff
+    SERVICE_CONFIG_TYPES = {
+      SERVICE_CONFIG_DESCRIPTION => :SERVICE_CONFIG_DESCRIPTION,
+      SERVICE_CONFIG_FAILURE_ACTIONS => :SERVICE_CONFIG_FAILURE_ACTIONS,
+      SERVICE_CONFIG_DELAYED_AUTO_START_INFO => :SERVICE_CONFIG_DELAYED_AUTO_START_INFO,
+      SERVICE_CONFIG_FAILURE_ACTIONS_FLAG => :SERVICE_CONFIG_FAILURE_ACTIONS_FLAG,
+      SERVICE_CONFIG_SERVICE_SID_INFO => :SERVICE_CONFIG_SERVICE_SID_INFO,
+      SERVICE_CONFIG_REQUIRED_PRIVILEGES_INFO => :SERVICE_CONFIG_REQUIRED_PRIVILEGES_INFO,
+      SERVICE_CONFIG_PRESHUTDOWN_INFO => :SERVICE_CONFIG_PRESHUTDOWN_INFO,
+      SERVICE_CONFIG_TRIGGER_INFO => :SERVICE_CONFIG_TRIGGER_INFO,
+      SERVICE_CONFIG_PREFERRED_NODE => :SERVICE_CONFIG_PREFERRED_NODE,
+      SERVICE_CONFIG_LAUNCH_PROTECTED => :SERVICE_CONFIG_LAUNCH_PROTECTED,
+    }
     # Service enum codes
     # https://docs.microsoft.com/en-us/windows/desktop/api/winsvc/nf-winsvc-enumservicesstatusexa
@@ -219,6 +243,19 @@ module Puppet::Util::Windows
       )
     end
+    # https://docs.microsoft.com/en-us/windows/win32/api/winsvc/ns-winsvc-service_delayed_auto_start_info
+    # typedef struct _SERVICE_DELAYED_AUTO_START_INFO {
+    #   BOOL fDelayedAutostart;
+    # } SERVICE_DELAYED_AUTO_START_INFO, *LPSERVICE_DELAYED_AUTO_START_INFO;
+    class SERVICE_DELAYED_AUTO_START_INFO < FFI::Struct
+      layout(:fDelayedAutostart, :int)
+      alias aset []=
+      # Intercept the accessor so that we can handle either true/false or 1/0.
+      # Since there is only one member, there’s no need to check the key name.
+      def []=(key, value)
+        [0, false].include?(value) ? aset(key, 0) : aset(key, 1)
+      end
+    end
     # https://docs.microsoft.com/en-us/windows/desktop/api/winsvc/ns-winsvc-_enum_service_status_processw
     # typedef struct _ENUM_SERVICE_STATUS_PROCESSW {
@@ -374,6 +411,7 @@ module Puppet::Util::Windows
     module_function :service_state
     # Query the configuration of a service using QueryServiceConfigW
+    # or QueryServiceConfig2W
     #
     # @param [:string] service_name name of the service to query
     # @return [QUERY_SERVICE_CONFIGW.struct] the configuration of the service
@@ -384,6 +422,14 @@ module Puppet::Util::Windows
           start_type = SERVICE_START_TYPES[config[:dwStartType]]
         end
       end
+      # if the service has type AUTO_START, check if it's a delayed service
+      if start_type == :SERVICE_AUTO_START
+        open_service(service_name, SC_MANAGER_CONNECT, SERVICE_QUERY_CONFIG) do |service|
+          query_config2(service, SERVICE_CONFIG_DELAYED_AUTO_START_INFO) do |config|
+            return :SERVICE_DELAYED_AUTO_START if config[:fDelayedAutostart] == 1
+          end
+        end
+      end
       if start_type.nil?
         raise Puppet::Error.new(_("Unknown start type '%{start_type}' for '%{service_name}'") % { start_type: start_type.to_s, service_name: service_name})
       end
@@ -393,11 +439,12 @@ module Puppet::Util::Windows
     # Change the startup mode of a windows service
     #
-    # @param [string] service_name the name of the service to modify
-    # @param [Int] startup_type a code corresponding to a start type for
+    # @param [String] service_name the name of the service to modify
+    # @param [Integer] startup_type a code corresponding to a start type for
     #  windows service, see the "Service start type codes" section in the
     #  Puppet::Util::Windows::Service file for the list of available codes
-    def set_startup_mode(service_name, startup_type)
+    # @param [Bool] delayed whether the service should be started with a delay
+    def set_startup_mode(service_name, startup_type, delayed=false)
       startup_code = SERVICE_START_TYPES.key(startup_type)
       if startup_code.nil?
         raise Puppet::Error.new(_("Unknown start type %{start_type}") % {startup_type: startup_type.to_s})
@@ -424,6 +471,7 @@ module Puppet::Util::Windows
           raise Puppet::Util::Windows::Error.new(_("Failed to update service configuration"))
         end
       end
+      set_startup_mode_delayed(service_name, delayed)
     end
     module_function :set_startup_mode
@@ -705,6 +753,82 @@ module Puppet::Util::Windows
       end
       private :query_config
+      # @api private
+      # perform QueryServiceConfig2W on a windows service and return the
+      # result
+      #
+      # @param [:handle] service handle of the service to query
+      # @param [Integer] info_level the configuration information to be queried
+      # @return [QUERY_SERVICE_CONFIG2W struct] the result of the query
+      def query_config2(service, info_level, &block)
+        config = nil
+        size_required = nil
+        # Fetch the bytes of memory required to be allocated
+        # for QueryServiceConfig2W to return succesfully. This
+        # is done by sending NULL and 0 for the pointer and size
+        # respectively, letting the command fail, then reading the
+        # value of pcbBytesNeeded
+        FFI::MemoryPointer.new(:lpword) do |bytes_pointer|
+          # return value will be false from this call, since it's designed
+          # to fail. Just ignore it
+          QueryServiceConfig2W(service, info_level, FFI::Pointer::NULL, 0, bytes_pointer)
+          size_required = bytes_pointer.read_dword
+          FFI::MemoryPointer.new(size_required) do |ssp_ptr|
+            # We need to supply the appropriate struct to be created based on
+            # the info_level
+            case info_level
+            when SERVICE_CONFIG_DELAYED_AUTO_START_INFO
+              config = SERVICE_DELAYED_AUTO_START_INFO.new(ssp_ptr)
+            end
+            success = QueryServiceConfig2W(
+              service,
+              info_level,
+              ssp_ptr,
+              size_required,
+              bytes_pointer
+            )
+            if success == FFI::WIN32_FALSE
+              raise Puppet::Util::Windows::Error.new(_("Service query for %{parameter_name} failed") % { parameter_name: SERVICE_CONFIG_TYPES[info_level] } )
+            end
+            yield config
+          end
+        end
+      end
+      private :query_config2
+      # @api private
+      # Sets an optional parameter on a service by calling
+      # ChangeServiceConfig2W
+      #
+      # @param [String] service_name name of service
+      # @param [Integer] change parameter to change
+      # @param [struct] value appropriate struct based on the parameter to change
+      def set_optional_parameter(service_name, change, value)
+        open_service(service_name, SC_MANAGER_CONNECT, SERVICE_CHANGE_CONFIG) do |service|
+          success = ChangeServiceConfig2W(
+            service,
+            change, # dwInfoLevel
+            value,  # lpInfo
+          )
+          if success == FFI::WIN32_FALSE
+            raise Puppet::Util::windows::Error.new(_("Failed to update service %{change} configuration") % { change: change } )
+          end
+        end
+      end
+      private :set_optional_parameter
+      # @api private
+      # Controls the delayed auto-start setting of a service
+      #
+      # @param [String] service_name name of service
+      # @param [Bool] delayed whether the service should be started with a delay or not
+      def set_startup_mode_delayed(service_name, delayed)
+        delayed_start = SERVICE_DELAYED_AUTO_START_INFO.new
+        delayed_start[:fDelayedAutostart] = delayed
+        set_optional_parameter(service_name, SERVICE_CONFIG_DELAYED_AUTO_START_INFO, delayed_start)
+      end
+      private :set_startup_mode_delayed
       # @api private
       # Sends a service control signal to a service
       #
@@ -899,6 +1023,18 @@ module Puppet::Util::Windows
     attach_function_private :QueryServiceConfigW,
       [:handle, :lpbyte, :dword, :lpdword], :win32_bool
+    # https://docs.microsoft.com/en-us/windows/win32/api/winsvc/nf-winsvc-queryserviceconfig2w
+    # BOOL QueryServiceConfig2W(
+    #   SC_HANDLE hService,
+    #   DWORD     dwInfoLevel,
+    #   LPBYTE    lpBuffer,
+    #   DWORD     cbBufSize,
+    #   LPDWORD   pcbBytesNeeded
+    # );
+    ffi_lib :advapi32
+    attach_function_private :QueryServiceConfig2W,
+      [:handle, :dword, :lpbyte, :dword, :lpdword], :win32_bool
     # https://docs.microsoft.com/en-us/windows/desktop/api/Winsvc/nf-winsvc-startservicew
     # BOOL StartServiceW(
     #   SC_HANDLE hService,
@@ -949,6 +1085,15 @@ module Puppet::Util::Windows
         :lpcwstr
       ], :win32_bool
+    # https://docs.microsoft.com/en-us/windows/win32/api/winsvc/nf-winsvc-changeserviceconfig2w
+    # BOOL ChangeServiceConfig2W(
+    #   SC_HANDLE hService,
+    #   DWORD     dwInfoLevel,
+    #   LPVOID    lpInfo
+    # );
+    ffi_lib :advapi32
+    attach_function_private :ChangeServiceConfig2W,
+      [:handle, :dword, :lpvoid], :win32_bool
     # https://docs.microsoft.com/en-us/windows/desktop/api/winsvc/nf-winsvc-enumservicesstatusexw
     # BOOL EnumServicesStatusExW(

data/lib/puppet/util/windows/sid.rb CHANGED

@@ -46,6 +46,7 @@ module Puppet::Util::Windows
     PrintOperators              = 'S-1-5-32-550'
     BackupOperators             = 'S-1-5-32-551'
     Replicators                 = 'S-1-5-32-552'
+    AllAppPackages              = 'S-1-15-2-1'
     # Convert an account name, e.g. 'Administrators' into a SID string,
     # e.g. 'S-1-5-32-544'. The name can be specified as 'Administrators',
@@ -63,7 +64,7 @@ module Puppet::Util::Windows
     # 'BUILTIN\Administrators', or 'S-1-5-32-544', and will return the
     # SID object. Returns nil if the account doesn't exist.
     # This method returns a SID::Principal with the account, domain, SID, etc
-    def name_to_principal(name)
+    def name_to_principal(name, allow_unresolved = false)
       # Apparently, we accept a symbol..
       name = name.to_s.strip if name
@@ -78,7 +79,7 @@ module Puppet::Util::Windows
       raw_sid_bytes ? Principal.lookup_account_sid(raw_sid_bytes) : Principal.lookup_account_name(name)
     rescue
-      nil
+      (allow_unresolved && raw_sid_bytes) ? unresolved_principal(name, raw_sid_bytes) : nil
     end
     module_function :name_to_principal
     class << self; alias name_to_sid_object name_to_principal; end
@@ -235,7 +236,7 @@ module Puppet::Util::Windows
     # @api private
     def self.unresolved_principal(name, sid_bytes)
       Principal.new(
-        name + " (unresolvable)", # account
+        name, # account
         sid_bytes, # sid_bytes
         name, # sid string
         nil, #domain