RubyGems - puppet - Versions diffs - 6.14.0-x64-mingw32 → 6.19.0-x64-mingw32 - Mend

puppet 6.14.0-x64-mingw32 → 6.19.0-x64-mingw32

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (496) hide show

checksums.yaml +4 -4
data/CODEOWNERS +2 -7
data/Gemfile +4 -2
data/Gemfile.lock +36 -34
data/README.md +3 -4
data/Rakefile +4 -12
data/ext/windows/service/daemon.rb +3 -3
data/lib/puppet.rb +33 -9
data/lib/puppet/agent.rb +20 -14
data/lib/puppet/agent/locker.rb +0 -7
data/lib/puppet/application/agent.rb +25 -9
data/lib/puppet/application/apply.rb +18 -20
data/lib/puppet/application/device.rb +1 -1
data/lib/puppet/application/doc.rb +1 -1
data/lib/puppet/application/filebucket.rb +5 -14
data/lib/puppet/application/lookup.rb +16 -4
data/lib/puppet/application/plugin.rb +1 -0
data/lib/puppet/application/ssl.rb +3 -3
data/lib/puppet/configurer.rb +68 -24
data/lib/puppet/configurer/downloader.rb +31 -10
data/lib/puppet/configurer/plugin_handler.rb +1 -1
data/lib/puppet/confine.rb +2 -2
data/lib/puppet/confine/any.rb +1 -1
data/lib/puppet/context/trusted_information.rb +14 -8
data/lib/puppet/daemon.rb +13 -27
data/lib/puppet/defaults.rb +141 -41
data/lib/puppet/environments.rb +55 -15
data/lib/puppet/face/catalog.rb +1 -1
data/lib/puppet/face/config.rb +46 -16
data/lib/puppet/face/facts.rb +1 -1
data/lib/puppet/face/help.rb +29 -3
data/lib/puppet/face/module/search.rb +5 -0
data/lib/puppet/face/node.rb +3 -3
data/lib/puppet/face/node/clean.rb +2 -2
data/lib/puppet/face/plugin.rb +2 -2
data/lib/puppet/face/status.rb +1 -1
data/lib/puppet/feature/base.rb +1 -1
data/lib/puppet/file_bucket/dipper.rb +1 -1
data/lib/puppet/file_serving/http_metadata.rb +14 -2
data/lib/puppet/file_serving/metadata.rb +4 -1
data/lib/puppet/file_serving/mount/locales.rb +1 -2
data/lib/puppet/file_serving/mount/pluginfacts.rb +1 -2
data/lib/puppet/file_serving/mount/plugins.rb +1 -2
data/lib/puppet/file_serving/terminus_selector.rb +7 -8
data/lib/puppet/file_system/file_impl.rb +17 -13
data/lib/puppet/file_system/uniquefile.rb +12 -16
data/lib/puppet/forge.rb +1 -1
data/lib/puppet/forge/cache.rb +1 -1
data/lib/puppet/forge/repository.rb +4 -7
data/lib/puppet/functions/call.rb +1 -1
data/lib/puppet/functions/filter.rb +1 -0
data/lib/puppet/functions/lstrip.rb +4 -4
data/lib/puppet/functions/new.rb +8 -3
data/lib/puppet/functions/reduce.rb +2 -4
data/lib/puppet/functions/reverse_each.rb +1 -1
data/lib/puppet/functions/rstrip.rb +4 -4
data/lib/puppet/functions/step.rb +1 -1
data/lib/puppet/functions/strip.rb +4 -4
data/lib/puppet/gettext/config.rb +5 -5
data/lib/puppet/gettext/module_translations.rb +4 -4
data/lib/puppet/http.rb +3 -0
data/lib/puppet/http/client.rb +215 -60
data/lib/puppet/http/external_client.rb +90 -0
data/lib/puppet/http/redirector.rb +43 -7
data/lib/puppet/http/resolver.rb +43 -3
data/lib/puppet/http/resolver/server_list.rb +66 -24
data/lib/puppet/http/resolver/settings.rb +21 -1
data/lib/puppet/http/resolver/srv.rb +28 -2
data/lib/puppet/http/response.rb +82 -1
data/lib/puppet/http/retry_after_handler.rb +39 -0
data/lib/puppet/http/service.rb +70 -2
data/lib/puppet/http/service/ca.rb +71 -9
data/lib/puppet/http/service/compiler.rb +214 -12
data/lib/puppet/http/service/file_server.rb +106 -5
data/lib/puppet/http/service/puppetserver.rb +39 -0
data/lib/puppet/http/service/report.rb +36 -3
data/lib/puppet/http/session.rb +60 -8
data/lib/puppet/indirector.rb +1 -1
data/lib/puppet/indirector/catalog/compiler.rb +1 -1
data/lib/puppet/indirector/catalog/rest.rb +2 -1
data/lib/puppet/indirector/exec.rb +1 -1
data/lib/puppet/indirector/facts/facter.rb +3 -3
data/lib/puppet/indirector/facts/rest.rb +2 -1
data/lib/puppet/indirector/facts/yaml.rb +1 -1
data/lib/puppet/indirector/file_bucket_file/rest.rb +48 -0
data/lib/puppet/indirector/file_content/http.rb +5 -0
data/lib/puppet/indirector/file_content/rest.rb +1 -1
data/lib/puppet/indirector/file_metadata/http.rb +28 -8
data/lib/puppet/indirector/file_metadata/rest.rb +6 -4
data/lib/puppet/indirector/hiera.rb +4 -0
data/lib/puppet/indirector/indirection.rb +1 -1
data/lib/puppet/indirector/json.rb +1 -1
data/lib/puppet/indirector/msgpack.rb +1 -1
data/lib/puppet/indirector/node/rest.rb +2 -1
data/lib/puppet/indirector/report/processor.rb +2 -2
data/lib/puppet/indirector/report/yaml.rb +23 -0
data/lib/puppet/indirector/request.rb +5 -5
data/lib/puppet/indirector/rest.rb +7 -1
data/lib/puppet/indirector/status/rest.rb +2 -1
data/lib/puppet/indirector/yaml.rb +1 -1
data/lib/puppet/metatype/manager.rb +80 -80
data/lib/puppet/module.rb +1 -2
data/lib/puppet/network/format_support.rb +2 -2
data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
data/lib/puppet/network/http/api/master/v3/environment.rb +3 -0
data/lib/puppet/network/http/api/master/v3/environments.rb +0 -1
data/lib/puppet/network/http/base_pool.rb +6 -1
data/lib/puppet/network/http/compression.rb +7 -0
data/lib/puppet/network/http/connection.rb +2 -0
data/lib/puppet/network/http/connection_adapter.rb +184 -0
data/lib/puppet/network/http/nocache_pool.rb +1 -0
data/lib/puppet/network/http/pool.rb +2 -4
data/lib/puppet/network/http/route.rb +2 -2
data/lib/puppet/network/http_pool.rb +2 -1
data/lib/puppet/node/environment.rb +22 -5
data/lib/puppet/node/facts.rb +17 -0
data/lib/puppet/pal/catalog_compiler.rb +5 -0
data/lib/puppet/pal/pal_impl.rb +30 -31
data/lib/puppet/parameter.rb +1 -1
data/lib/puppet/parser/ast/leaf.rb +5 -5
data/lib/puppet/parser/ast/pops_bridge.rb +0 -4
data/lib/puppet/parser/compiler.rb +43 -33
data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +2 -0
data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
data/lib/puppet/parser/environment_compiler.rb +4 -1
data/lib/puppet/parser/functions.rb +18 -9
data/lib/puppet/parser/functions/create_resources.rb +11 -7
data/lib/puppet/parser/functions/filter.rb +1 -0
data/lib/puppet/parser/resource.rb +3 -2
data/lib/puppet/parser/resource/param.rb +6 -0
data/lib/puppet/parser/type_loader.rb +2 -2
data/lib/puppet/pops/adaptable.rb +7 -13
data/lib/puppet/pops/adapters.rb +8 -4
data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +1 -3
data/lib/puppet/pops/evaluator/evaluator_impl.rb +5 -5
data/lib/puppet/pops/evaluator/runtime3_converter.rb +2 -2
data/lib/puppet/pops/issues.rb +5 -0
data/lib/puppet/pops/loader/runtime3_type_loader.rb +4 -2
data/lib/puppet/pops/loaders.rb +24 -15
data/lib/puppet/pops/lookup/context.rb +1 -1
data/lib/puppet/pops/lookup/hiera_config.rb +14 -1
data/lib/puppet/pops/resource/resource_type_impl.rb +2 -0
data/lib/puppet/pops/types/iterable.rb +34 -8
data/lib/puppet/pops/types/p_meta_type.rb +1 -1
data/lib/puppet/pops/types/p_type_set_type.rb +4 -0
data/lib/puppet/pops/validation/checker4_0.rb +29 -15
data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -0
data/lib/puppet/provider/file/windows.rb +1 -1
data/lib/puppet/provider/group/windows_adsi.rb +3 -3
data/lib/puppet/provider/package/aix.rb +17 -2
data/lib/puppet/provider/package/apt.rb +98 -1
data/lib/puppet/provider/package/aptitude.rb +1 -1
data/lib/puppet/provider/package/dnfmodule.rb +61 -14
data/lib/puppet/provider/package/dpkg.rb +1 -1
data/lib/puppet/provider/package/gem.rb +45 -9
data/lib/puppet/provider/package/pacman.rb +2 -5
data/lib/puppet/provider/package/pip.rb +143 -48
data/lib/puppet/provider/package/pip2.rb +17 -0
data/lib/puppet/provider/package/pip3.rb +0 -2
data/lib/puppet/provider/package/pkgdmg.rb +1 -1
data/lib/puppet/provider/package/pkgng.rb +16 -4
data/lib/puppet/provider/package/portage.rb +2 -2
data/lib/puppet/provider/package/puppet_gem.rb +11 -2
data/lib/puppet/provider/package/puppetserver_gem.rb +180 -0
data/lib/puppet/provider/package/rpm.rb +6 -213
data/lib/puppet/provider/package/yum.rb +101 -20
data/lib/puppet/provider/package/zypper.rb +62 -1
data/lib/puppet/provider/service/systemd.rb +22 -4
data/lib/puppet/provider/service/windows.rb +23 -7
data/lib/puppet/provider/user/aix.rb +1 -1
data/lib/puppet/provider/user/user_role_add.rb +1 -1
data/lib/puppet/provider/user/useradd.rb +16 -5
data/lib/puppet/provider/user/windows_adsi.rb +18 -1
data/lib/puppet/reports/http.rb +15 -9
data/lib/puppet/resource.rb +2 -1
data/lib/puppet/resource/type.rb +10 -1
data/lib/puppet/resource/type_collection.rb +20 -16
data/lib/puppet/rest/route.rb +2 -2
data/lib/puppet/runtime.rb +25 -2
data/lib/puppet/settings.rb +20 -6
data/lib/puppet/ssl.rb +1 -0
data/lib/puppet/ssl/host.rb +4 -4
data/lib/puppet/ssl/oids.rb +1 -0
data/lib/puppet/ssl/ssl_context.rb +2 -2
data/lib/puppet/ssl/ssl_provider.rb +20 -1
data/lib/puppet/ssl/state_machine.rb +79 -37
data/lib/puppet/ssl/validator/default_validator.rb +1 -1
data/lib/puppet/ssl/verifier_adapter.rb +9 -1
data/lib/puppet/test/test_helper.rb +19 -14
data/lib/puppet/transaction.rb +2 -2
data/lib/puppet/transaction/persistence.rb +1 -1
data/lib/puppet/transaction/report.rb +14 -10
data/lib/puppet/trusted_external.rb +29 -1
data/lib/puppet/type.rb +21 -8
data/lib/puppet/type/file.rb +40 -15
data/lib/puppet/type/file/checksum.rb +4 -4
data/lib/puppet/type/file/source.rb +35 -13
data/lib/puppet/type/filebucket.rb +1 -1
data/lib/puppet/type/notify.rb +2 -2
data/lib/puppet/type/package.rb +41 -3
data/lib/puppet/type/service.rb +59 -8
data/lib/puppet/type/user.rb +19 -29
data/lib/puppet/util.rb +41 -3
data/lib/puppet/util/at_fork.rb +1 -1
data/lib/puppet/util/autoload.rb +13 -25
data/lib/puppet/util/character_encoding.rb +9 -5
data/lib/puppet/util/checksums.rb +19 -4
data/lib/puppet/util/connection.rb +8 -8
data/lib/puppet/util/execution.rb +2 -2
data/lib/puppet/util/fileparsing.rb +2 -2
data/lib/puppet/util/instance_loader.rb +14 -10
data/lib/puppet/util/log/destinations.rb +1 -10
data/lib/puppet/util/package/version/debian.rb +175 -0
data/lib/puppet/util/package/version/gem.rb +15 -0
data/lib/puppet/util/package/version/pip.rb +167 -0
data/lib/puppet/util/package/version/range.rb +53 -0
data/lib/puppet/util/package/version/range/eq.rb +14 -0
data/lib/puppet/util/package/version/range/gt.rb +14 -0
data/lib/puppet/util/package/version/range/gt_eq.rb +14 -0
data/lib/puppet/util/package/version/range/lt.rb +14 -0
data/lib/puppet/util/package/version/range/lt_eq.rb +14 -0
data/lib/puppet/util/package/version/range/min_max.rb +21 -0
data/lib/puppet/util/package/version/range/simple.rb +11 -0
data/lib/puppet/util/package/version/rpm.rb +73 -0
data/lib/puppet/util/pidlock.rb +13 -7
data/lib/puppet/util/platform.rb +5 -0
data/lib/puppet/util/provider_features.rb +1 -1
data/lib/puppet/util/reference.rb +1 -1
data/lib/puppet/util/rpm_compare.rb +193 -0
data/lib/puppet/util/run_mode.rb +5 -1
data/lib/puppet/util/windows.rb +1 -0
data/lib/puppet/util/windows/adsi.rb +2 -2
data/lib/puppet/util/windows/api_types.rb +60 -33
data/lib/puppet/util/windows/eventlog.rb +1 -6
data/lib/puppet/util/windows/monkey_patches/dir.rb +40 -0
data/lib/puppet/util/windows/principal.rb +8 -6
data/lib/puppet/util/windows/process.rb +15 -14
data/lib/puppet/util/windows/registry.rb +11 -11
data/lib/puppet/util/windows/security.rb +5 -4
data/lib/puppet/util/windows/service.rb +43 -26
data/lib/puppet/util/windows/sid.rb +3 -3
data/lib/puppet/util/windows/user.rb +242 -8
data/lib/puppet/version.rb +1 -1
data/locales/puppet.pot +627 -507
data/man/man5/puppet.conf.5 +93 -20
data/man/man8/puppet-agent.8 +7 -4
data/man/man8/puppet-apply.8 +1 -1
data/man/man8/puppet-catalog.8 +1 -1
data/man/man8/puppet-config.8 +6 -6
data/man/man8/puppet-describe.8 +1 -1
data/man/man8/puppet-device.8 +1 -1
data/man/man8/puppet-doc.8 +1 -1
data/man/man8/puppet-epp.8 +1 -1
data/man/man8/puppet-facts.8 +1 -1
data/man/man8/puppet-filebucket.8 +1 -1
data/man/man8/puppet-generate.8 +1 -1
data/man/man8/puppet-help.8 +6 -3
data/man/man8/puppet-key.8 +1 -1
data/man/man8/puppet-lookup.8 +2 -2
data/man/man8/puppet-man.8 +1 -1
data/man/man8/puppet-module.8 +4 -1
data/man/man8/puppet-node.8 +4 -4
data/man/man8/puppet-parser.8 +1 -1
data/man/man8/puppet-plugin.8 +1 -1
data/man/man8/puppet-report.8 +1 -1
data/man/man8/puppet-resource.8 +1 -1
data/man/man8/puppet-script.8 +1 -1
data/man/man8/puppet-ssl.8 +1 -1
data/man/man8/puppet-status.8 +2 -2
data/man/man8/puppet.8 +2 -2
data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/provider/applytest/applytest.rb +2 -0
data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/type/applytest.rb +25 -0
data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +67 -0
data/spec/fixtures/ssl/unknown-127.0.0.1.pem +48 -0
data/spec/fixtures/ssl/unknown-ca-key.pem +67 -0
data/spec/fixtures/ssl/unknown-ca.pem +59 -0
data/spec/fixtures/unit/forge/bacula-releases.json +128 -0
data/spec/fixtures/unit/forge/bacula.tar.gz +0 -0
data/spec/fixtures/unit/provider/package/dnfmodule/{dnf-module-list-installed.txt → dnf-module-list.txt} +8 -0
data/spec/fixtures/unit/provider/package/pkgng/pkg.version +2 -0
data/spec/fixtures/unit/provider/package/puppetserver_gem/gem-list-local-packages +30 -0
data/spec/fixtures/unit/provider/package/yum/yum-check-update-subscription-manager.txt +9 -0
data/spec/fixtures/unit/provider/package/zypper/zypper-search-uninstalled.out +13 -0
data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services +9 -0
data/spec/integration/application/agent_spec.rb +479 -0
data/spec/integration/application/apply_spec.rb +279 -150
data/spec/integration/application/config_spec.rb +74 -0
data/spec/integration/application/doc_spec.rb +16 -6
data/spec/integration/application/filebucket_spec.rb +239 -0
data/spec/integration/application/help_spec.rb +42 -0
data/spec/integration/application/lookup_spec.rb +13 -0
data/spec/integration/application/module_spec.rb +68 -0
data/spec/integration/application/plugin_spec.rb +123 -0
data/spec/integration/configurer_spec.rb +14 -0
data/spec/integration/data_binding_spec.rb +82 -0
data/spec/integration/defaults_spec.rb +27 -3
data/spec/integration/directory_environments_spec.rb +17 -17
data/spec/integration/http/client_spec.rb +39 -40
data/spec/integration/indirector/facts/facter_spec.rb +8 -6
data/spec/integration/indirector/report/yaml.rb +83 -0
data/spec/integration/network/http_pool_spec.rb +84 -19
data/spec/integration/node/environment_spec.rb +15 -0
data/spec/integration/parser/compiler_spec.rb +11 -0
data/spec/integration/type/file_spec.rb +1 -1
data/spec/integration/util/execution_spec.rb +22 -0
data/spec/integration/util/windows/adsi_spec.rb +8 -3
data/spec/integration/util/windows/monkey_patches/dir_spec.rb +11 -0
data/spec/integration/util/windows/process_spec.rb +26 -32
data/spec/integration/util/windows/registry_spec.rb +7 -7
data/spec/integration/util/windows/user_spec.rb +47 -5
data/spec/integration/util_spec.rb +7 -33
data/spec/lib/puppet/test_ca.rb +2 -2
data/spec/lib/puppet_spec/https.rb +16 -7
data/spec/lib/puppet_spec/matchers.rb +0 -80
data/spec/lib/puppet_spec/puppetserver.rb +127 -0
data/spec/shared_contexts/https.rb +29 -0
data/spec/shared_contexts/types_setup.rb +2 -0
data/spec/unit/agent_spec.rb +80 -26
data/spec/unit/application/agent_spec.rb +12 -9
data/spec/unit/application/device_spec.rb +2 -2
data/spec/unit/application/doc_spec.rb +2 -2
data/spec/unit/application/face_base_spec.rb +6 -4
data/spec/unit/application/facts_spec.rb +41 -10
data/spec/unit/application/filebucket_spec.rb +22 -2
data/spec/unit/application/man_spec.rb +52 -0
data/spec/unit/application/resource_spec.rb +3 -1
data/spec/unit/application/ssl_spec.rb +15 -2
data/spec/unit/application_spec.rb +9 -4
data/spec/unit/configurer/downloader_spec.rb +10 -0
data/spec/unit/configurer/fact_handler_spec.rb +4 -4
data/spec/unit/configurer_spec.rb +87 -38
data/spec/unit/confine_spec.rb +2 -1
data/spec/unit/context/trusted_information_spec.rb +25 -2
data/spec/unit/daemon_spec.rb +5 -64
data/spec/unit/defaults_spec.rb +24 -1
data/spec/unit/environments_spec.rb +107 -32
data/spec/unit/face/config_spec.rb +59 -1
data/spec/unit/face/module/search_spec.rb +17 -0
data/spec/unit/face/node_spec.rb +2 -2
data/spec/unit/file_serving/http_metadata_spec.rb +37 -14
data/spec/unit/file_serving/mount/locales_spec.rb +2 -2
data/spec/unit/file_serving/mount/pluginfacts_spec.rb +2 -2
data/spec/unit/file_serving/mount/plugins_spec.rb +2 -2
data/spec/unit/file_serving/terminus_selector_spec.rb +45 -26
data/spec/unit/file_system/uniquefile_spec.rb +29 -0
data/spec/unit/file_system_spec.rb +11 -2
data/spec/unit/http/client_spec.rb +173 -59
data/spec/unit/http/external_client_spec.rb +201 -0
data/spec/unit/http/resolver_spec.rb +44 -5
data/spec/unit/http/response_spec.rb +6 -0
data/spec/unit/http/service/ca_spec.rb +27 -5
data/spec/unit/http/service/compiler_spec.rb +186 -9
data/spec/unit/http/service/file_server_spec.rb +37 -6
data/spec/unit/http/service/puppetserver_spec.rb +82 -0
data/spec/unit/http/service/report_spec.rb +5 -4
data/spec/unit/http/service_spec.rb +3 -4
data/spec/unit/http/session_spec.rb +48 -12
data/spec/unit/indirector/catalog/compiler_spec.rb +1 -0
data/spec/unit/indirector/catalog/json_spec.rb +1 -1
data/spec/unit/indirector/catalog/rest_spec.rb +1 -1
data/spec/unit/indirector/facts/rest_spec.rb +1 -1
data/spec/unit/indirector/file_bucket_file/rest_spec.rb +82 -2
data/spec/unit/indirector/file_metadata/http_spec.rb +194 -0
data/spec/unit/indirector/file_metadata/rest_spec.rb +15 -14
data/spec/unit/indirector/json_spec.rb +8 -8
data/spec/unit/indirector/msgpack_spec.rb +8 -8
data/spec/unit/indirector/node/rest_spec.rb +1 -1
data/spec/unit/indirector/request_spec.rb +5 -5
data/spec/unit/indirector/rest_spec.rb +14 -1
data/spec/unit/indirector/status/rest_spec.rb +1 -1
data/spec/unit/indirector/yaml_spec.rb +7 -7
data/spec/unit/interface_spec.rb +3 -3
data/spec/unit/module_tool/tar/mini_spec.rb +20 -0
data/spec/unit/network/format_support_spec.rb +3 -2
data/spec/unit/network/http/api/indirected_routes_spec.rb +2 -1
data/spec/unit/network/http/api/master/v3/environments_spec.rb +12 -23
data/spec/unit/network/http/connection_spec.rb +552 -190
data/spec/unit/network/http/nocache_pool_spec.rb +22 -0
data/spec/unit/network/http/pool_spec.rb +3 -3
data/spec/unit/network/http_pool_spec.rb +63 -57
data/spec/unit/network/http_spec.rb +1 -1
data/spec/unit/node/environment_spec.rb +33 -0
data/spec/unit/parser/ast/block_expression_spec.rb +1 -1
data/spec/unit/parser/environment_compiler_spec.rb +7 -0
data/spec/unit/parser/scope_spec.rb +1 -1
data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +15 -1
data/spec/unit/pops/loaders/loaders_spec.rb +71 -1
data/spec/unit/pops/lookup/lookup_spec.rb +25 -0
data/spec/unit/pops/types/type_calculator_spec.rb +1 -11
data/spec/unit/provider/exec_spec.rb +4 -3
data/spec/unit/provider/group/windows_adsi_spec.rb +43 -10
data/spec/unit/provider/package/aix_spec.rb +29 -0
data/spec/unit/provider/package/apt_spec.rb +107 -0
data/spec/unit/provider/package/aptitude_spec.rb +1 -0
data/spec/unit/provider/package/dnfmodule_spec.rb +54 -15
data/spec/unit/provider/package/dpkg_spec.rb +22 -7
data/spec/unit/provider/package/gem_spec.rb +40 -0
data/spec/unit/provider/package/openbsd_spec.rb +2 -0
data/spec/unit/provider/package/pacman_spec.rb +6 -21
data/spec/unit/provider/package/pip2_spec.rb +36 -0
data/spec/unit/provider/package/pip_spec.rb +68 -19
data/spec/unit/provider/package/pkgdmg_spec.rb +1 -1
data/spec/unit/provider/package/pkgng_spec.rb +38 -0
data/spec/unit/provider/package/portage_spec.rb +5 -0
data/spec/unit/provider/package/puppet_gem_spec.rb +12 -1
data/spec/unit/provider/package/puppetserver_gem_spec.rb +137 -0
data/spec/unit/provider/package/rpm_spec.rb +0 -212
data/spec/unit/provider/package/yum_spec.rb +274 -1
data/spec/unit/provider/package/zypper_spec.rb +98 -0
data/spec/unit/provider/service/base_spec.rb +2 -4
data/spec/unit/provider/service/bsd_spec.rb +5 -1
data/spec/unit/provider/service/daemontools_spec.rb +1 -1
data/spec/unit/provider/service/debian_spec.rb +3 -5
data/spec/unit/provider/service/freebsd_spec.rb +1 -1
data/spec/unit/provider/service/gentoo_spec.rb +4 -5
data/spec/unit/provider/service/init_spec.rb +46 -5
data/spec/unit/provider/service/launchd_spec.rb +5 -6
data/spec/unit/provider/service/openbsd_spec.rb +9 -0
data/spec/unit/provider/service/openrc_spec.rb +4 -5
data/spec/unit/provider/service/openwrt_spec.rb +2 -1
data/spec/unit/provider/service/redhat_spec.rb +10 -1
data/spec/unit/provider/service/runit_spec.rb +2 -1
data/spec/unit/provider/service/smf_spec.rb +1 -1
data/spec/unit/provider/service/src_spec.rb +3 -5
data/spec/unit/provider/service/systemd_spec.rb +95 -18
data/spec/unit/provider/service/upstart_spec.rb +4 -5
data/spec/unit/provider/service/windows_spec.rb +50 -14
data/spec/unit/provider/user/openbsd_spec.rb +1 -0
data/spec/unit/provider/user/useradd_spec.rb +30 -16
data/spec/unit/provider/user/windows_adsi_spec.rb +85 -3
data/spec/unit/puppet_pal_2pec.rb +11 -0
data/spec/unit/puppet_pal_catalog_spec.rb +43 -0
data/spec/unit/puppet_spec.rb +33 -0
data/spec/unit/reports/http_spec.rb +70 -52
data/spec/unit/reports/store_spec.rb +17 -13
data/spec/unit/resource_spec.rb +3 -3
data/spec/unit/rest/route_spec.rb +4 -4
data/spec/unit/settings_spec.rb +44 -22
data/spec/unit/ssl/host_spec.rb +4 -2
data/spec/unit/ssl/oids_spec.rb +1 -0
data/spec/unit/ssl/ssl_provider_spec.rb +69 -43
data/spec/unit/ssl/state_machine_spec.rb +90 -14
data/spec/unit/test/test_helper_spec.rb +17 -0
data/spec/unit/transaction/persistence_spec.rb +15 -0
data/spec/unit/transaction/report_spec.rb +7 -1
data/spec/unit/type/file/source_spec.rb +4 -4
data/spec/unit/type/file_spec.rb +122 -96
data/spec/unit/type/filebucket_spec.rb +1 -1
data/spec/unit/type/service_spec.rb +218 -8
data/spec/unit/type/user_spec.rb +32 -3
data/spec/unit/type_spec.rb +50 -0
data/spec/unit/util/at_fork_spec.rb +2 -2
data/spec/unit/util/autoload_spec.rb +2 -1
data/spec/unit/util/character_encoding_spec.rb +4 -4
data/spec/unit/util/checksums_spec.rb +16 -0
data/spec/unit/util/command_line_spec.rb +11 -6
data/spec/unit/util/log/destinations_spec.rb +1 -29
data/spec/unit/util/package/version/debian_spec.rb +83 -0
data/spec/unit/util/package/version/pip_spec.rb +464 -0
data/spec/unit/util/package/version/range_spec.rb +175 -0
data/spec/unit/util/package/version/rpm_spec.rb +121 -0
data/spec/unit/util/pidlock_spec.rb +83 -47
data/spec/unit/util/rpm_compare_spec.rb +196 -0
data/spec/unit/util/run_mode_spec.rb +6 -6
data/spec/unit/util/windows/adsi_spec.rb +4 -4
data/spec/unit/util/windows/api_types_spec.rb +104 -40
data/spec/unit/util/windows/service_spec.rb +4 -4
data/spec/unit/util/windows/sid_spec.rb +2 -2
data/spec/unit/util_spec.rb +3 -3
data/spec/unit/x509/cert_provider_spec.rb +1 -1
data/tasks/generate_cert_fixtures.rake +15 -1
data/tasks/manpages.rake +5 -35
metadata +90 -51
data/spec/integration/faces/config_spec.rb +0 -91
data/spec/integration/faces/documentation_spec.rb +0 -57
data/spec/integration/faces/plugin_spec.rb +0 -63
data/spec/integration/file_bucket/file_spec.rb +0 -50
data/spec/integration/file_serving/content_spec.rb +0 -7
data/spec/integration/file_serving/fileset_spec.rb +0 -12
data/spec/integration/file_serving/metadata_spec.rb +0 -8
data/spec/integration/file_serving/terminus_helper_spec.rb +0 -20
data/spec/integration/file_system/uniquefile_spec.rb +0 -26
data/spec/integration/module_tool/forge_spec.rb +0 -64
data/spec/integration/module_tool/tar/mini_spec.rb +0 -28
data/spec/integration/provider/service/init_spec.rb +0 -48
data/spec/integration/provider/service/systemd_spec.rb +0 -25
data/spec/integration/provider/service/windows_spec.rb +0 -50
data/spec/integration/reference/providers_spec.rb +0 -21
data/spec/integration/reports_spec.rb +0 -13
data/spec/integration/ssl/certificate_request_spec.rb +0 -44
data/spec/integration/ssl/host_spec.rb +0 -72
data/spec/integration/ssl/key_spec.rb +0 -99
data/spec/integration/test/test_helper_spec.rb +0 -31
data/spec/shared_behaviours/file_serving_model.rb +0 -51
data/spec/unit/face/man_spec.rb +0 -25
data/spec/unit/man_spec.rb +0 -31

data/lib/puppet/ssl/verifier_adapter.rb CHANGED

@@ -6,10 +6,18 @@
 #   loaded above.
 #
 class Puppet::SSL::VerifierAdapter
-  attr_reader :validator
+  attr_reader :validator, :ssl_context
   def initialize(validator)
     @validator = validator
+    if validator.is_a?(Puppet::SSL::Validator::NoValidator)
+      ssl = Puppet::SSL::SSLProvider.new
+      @ssl_context = ssl.create_insecure_context
+    else
+      # nil means use the default SSLContext
+      @ssl_context = nil
+    end
   end
   # Return true if `self` is reusable with `verifier` meaning they

data/lib/puppet/test/test_helper.rb CHANGED

@@ -68,7 +68,14 @@ module Puppet::Test
     #  any individual tests.
     # @return nil
     def self.before_all_tests()
-      # Make sure that all of the setup is also done for any before(:all) blocks
+      # The process environment is a shared, persistent resource.
+      # Can't use Puppet.features.microsoft_windows? as it may be mocked out in a test.  This can cause test recurring test failures
+      if (!!File::ALT_SEPARATOR)
+        mode = :windows
+      else
+        mode = :posix
+      end
+      $old_env = Puppet::Util.get_environment(mode)
     end
     # Call this method once, at the end of a test run, when no more tests
@@ -113,20 +120,14 @@ module Puppet::Test
       indirections = Puppet::Indirector::Indirection.send(:class_variable_get, :@@indirections)
       indirections.each do |indirector|
         $saved_indirection_state[indirector.name] = {
-            :@terminus_class => indirector.instance_variable_get(:@terminus_class).value,
-            :@cache_class    => indirector.instance_variable_get(:@cache_class).value
+          :@terminus_class => indirector.instance_variable_get(:@terminus_class).value,
+          :@cache_class    => indirector.instance_variable_get(:@cache_class).value,
+          # dup the termini hash so termini created and registered during
+          # the test aren't stored in our saved_indirection_state
+          :@termini        => indirector.instance_variable_get(:@termini).dup
         }
       end
-      # The process environment is a shared, persistent resource.
-      # Can't use Puppet.features.microsoft_windows? as it may be mocked out in a test.  This can cause test recurring test failures
-      if (!!File::ALT_SEPARATOR)
-        mode = :windows
-      else
-        mode = :posix
-      end
-      $old_env = Puppet::Util.get_environment(mode)
       # So is the load_path
       $old_load_path = $LOAD_PATH.dup
@@ -137,7 +138,7 @@ module Puppet::Test
           trusted_information:
             Puppet::Context::TrustedInformation.new('local', 'testing', {}, { "trusted_testhelper" => true }),
           ssl_context: Puppet::SSL::SSLContext.new(cacerts: []).freeze,
-          http_session: proc { Puppet.runtime["http"].create_session }
+          http_session: proc { Puppet.runtime[:http].create_session }
         },
         "Context for specs")
@@ -178,7 +179,11 @@ module Puppet::Test
       indirections = Puppet::Indirector::Indirection.send(:class_variable_get, :@@indirections)
       indirections.each do |indirector|
         $saved_indirection_state.fetch(indirector.name, {}).each do |variable, value|
-          indirector.instance_variable_get(variable).value = value
+          if variable == :@termini
+            indirector.instance_variable_set(variable, value)
+          else
+            indirector.instance_variable_get(variable).value = value
+          end
         end
       end
       $saved_indirection_state = nil

data/lib/puppet/transaction.rb CHANGED

@@ -202,7 +202,7 @@ class Puppet::Transaction
     # mark the end of transaction evaluate.
     report.transaction_completed = true
-    Puppet.debug "Finishing transaction #{object_id}"
+    Puppet.debug { "Finishing transaction #{object_id}" }
   end
   # Wraps application run state check to flag need to interrupt processing
@@ -373,7 +373,7 @@ class Puppet::Transaction
     type_name = provider_class.resource_type.name
     return if @prefetched_providers[type_name][provider_class.name] ||
       @prefetch_failed_providers[type_name][provider_class.name]
-    Puppet.debug "Prefetching #{provider_class.name} resources for #{type_name}"
+    Puppet.debug { "Prefetching #{provider_class.name} resources for #{type_name}" }
     begin
       provider_class.prefetch(resources)
     rescue LoadError, Puppet::MissingCommand => detail

data/lib/puppet/transaction/persistence.rb CHANGED

@@ -62,7 +62,7 @@ class Puppet::Transaction::Persistence
     result = nil
     Puppet::Util.benchmark(:debug, _("Loaded transaction store file in %{seconds} seconds")) do
       begin
-        result = Puppet::Util::Yaml.safe_load_file(filename, [Symbol])
+        result = Puppet::Util::Yaml.safe_load_file(filename, [Symbol, Time])
       rescue Puppet::Util::Yaml::YamlLoadError => detail
         Puppet.log_exception(detail, _("Transaction store file %{filename} is corrupt (%{detail}); replacing") % { filename: filename, detail: detail })

data/lib/puppet/transaction/report.rb CHANGED

@@ -63,9 +63,11 @@ class Puppet::Transaction::Report
   # or 'on_failure'
   attr_accessor :cached_catalog_status
-  # Contains the name and port of the master that was successfully contacted
+  # Contains the name and port of the server that was successfully contacted
   # @return [String] a string of the format 'servername:port'
-  attr_accessor :master_used
+  attr_accessor :server_used
+  alias :master_used :server_used
+  alias :master_used= :server_used=
   # The host name for which the report is generated
   # @return [String] the host name
@@ -122,7 +124,7 @@ class Puppet::Transaction::Report
   # @!attribute [r] corrective_change
   #   @return [Boolean] true if the report contains any events and resources that had
-  #      corrective changes.
+  #      corrective changes, including noop corrective changes.
   attr_reader :corrective_change
   # @return [Boolean] true if one or more resources attempted to generate
@@ -217,14 +219,14 @@ class Puppet::Transaction::Report
   end
   # @api private
-  def initialize(configuration_version=nil, environment=nil, transaction_uuid=nil, job_id=nil)
+  def initialize(configuration_version=nil, environment=nil, transaction_uuid=nil, job_id=nil, start_time=Time.now)
     @metrics = {}
     @logs = []
     @resource_statuses = {}
     @external_times ||= {}
     @host = Puppet[:node_name_value]
-    @time = Time.now
-    @report_format = 10
+    @time = start_time
+    @report_format = 11
     @puppet_version = Puppet.version
     @configuration_version = configuration_version
     @transaction_uuid = transaction_uuid
@@ -232,7 +234,7 @@ class Puppet::Transaction::Report
     @job_id = job_id
     @catalog_uuid = nil
     @cached_catalog_status = nil
-    @master_used = nil
+    @server_used = nil
     @environment = environment
     @status = 'failed' # assume failed until the report is finalized
     @noop = Puppet[:noop]
@@ -256,8 +258,10 @@ class Puppet::Transaction::Report
     @time = data['time']
     @corrective_change = data['corrective_change']
-    if data['master_used']
-      @master_used = data['master_used']
+    if data['server_used']
+      @server_used = data['server_used']
+    elsif data['master_used']
+      @server_used = data['master_used']
     end
     if data['catalog_uuid']
@@ -322,7 +326,7 @@ class Puppet::Transaction::Report
     }
     # The following is include only when set
-    hash['master_used'] = @master_used unless @master_used.nil?
+    hash['master_used'] = hash['server_used'] = @server_used unless @server_used.nil?
     hash['catalog_uuid'] = @catalog_uuid unless @catalog_uuid.nil?
     hash['code_id'] = @code_id unless @code_id.nil?
     hash['job_id'] = @job_id unless @job_id.nil?

data/lib/puppet/trusted_external.rb CHANGED

@@ -3,11 +3,39 @@ module Puppet::TrustedExternal
   def retrieve(certname)
     command = Puppet[:trusted_external_command]
     return nil unless command
+    Puppet.debug { _("Retrieving trusted external data from %{command}") % {command: command} }
+    setting_type = Puppet.settings.setting(:trusted_external_command).type
+    if setting_type == :file
+      return fetch_data(command, certname)
+    end
+    # command is a directory. Thus, data is a hash of <basename> => <data> for
+    # each executable file in command. For example, if the files 'servicenow.rb',
+    # 'unicorn.sh' are in command, then data is the following hash:
+    #   { 'servicenow' => <servicenow.rb output>, 'unicorn' => <unicorn.sh output> }
+    data = {}
+    Puppet::FileSystem.children(command).each do |file|
+      abs_path = Puppet::FileSystem.expand_path(file)
+      executable_file = Puppet::FileSystem.file?(abs_path) && Puppet::FileSystem.executable?(abs_path)
+      unless executable_file
+        Puppet.debug { _("Skipping non-executable file %{file}")  % { file: abs_path } }
+        next
+      end
+      basename = file.basename(file.extname).to_s
+      unless data[basename].nil?
+        raise Puppet::Error, _("There is more than one '%{basename}' script in %{dir}") % { basename: basename, dir: command }
+      end
+      data[basename] = fetch_data(abs_path, certname)
+    end
+    data
+  end
+  module_function :retrieve
+  def fetch_data(command, certname)
     result = Puppet::Util::Execution.execute([command, certname], {
       :combine => false,
       :failonfail => true,
     })
     JSON.parse(result)
   end
-  module_function :retrieve
+  module_function :fetch_data
 end

data/lib/puppet/type.rb CHANGED

@@ -10,6 +10,7 @@ require 'puppet/metatype/manager'
 require 'puppet/util/errors'
 require 'puppet/util/logging'
 require 'puppet/util/tagging'
+require 'puppet/concurrent/lock'
 # see the bottom of the file for the rest of the inclusions
@@ -84,6 +85,11 @@ class Type
   # Comparing type instances.
   include Comparable
+  # These variables are used in Metatype::Manager for managing types
+  @types = {}
+  @manager_lock = Puppet::Concurrent::Lock.new
+  extend Puppet::MetaType::Manager
   # Compares this type against the given _other_ (type) and returns -1, 0, or +1 depending on the order.
   # @param other [Object] the object to compare against (produces nil, if not kind of Type}
   # @return [-1, 0, +1, nil] produces -1 if this type is before the given _other_ type, 0 if equals, and 1 if after.
@@ -110,8 +116,10 @@ class Type
   # Allow declaring that a type is actually a capability
   class << self
+    # @deprecated application orchestration will be removed in puppet 7
     attr_accessor :is_capability
+    # @deprecated application orchestration will be removed in puppet 7
     def is_capability?
       c = is_capability
       c.nil? ? false : c
@@ -123,6 +131,8 @@ class Type
   # represent application instances, this implementation always returns
   # +false+. Having this method though makes code checking whether a
   # resource is an application instance simpler
+  #
+  # @deprecated application orchestration will be removed in puppet 7
   def self.application?
       false
   end
@@ -743,7 +753,7 @@ class Type
   # @param options [Hash] options merged with a fixed set of options defined by this method, passed on to {Puppet::Transaction::Event}.
   # @return [Puppet::Transaction::Event] the created event
   def event(options = {})
-    Puppet::Transaction::Event.new({:resource => self, :file => file, :line => line, :tags => tags}.merge(options))
+    Puppet::Transaction::Event.new(**{:resource => self, :file => file, :line => line, :tags => tags}.merge(options))
   end
   # @return [Object, nil] Returns the 'should' (wanted state) value for a specified property, or nil if the
@@ -1199,15 +1209,17 @@ class Type
       provider.instances.collect do |instance|
         # We always want to use the "first" provider instance we find, unless the resource
         # is already managed and has a different provider set
-        other = provider_instances[instance.name]
+        title = instance.respond_to?(:title) ? instance.title : instance.name
+        other = provider_instances[title]
         if other
-          Puppet.debug "%s %s found in both %s and %s; skipping the %s version" %
-            [self.name.to_s.capitalize, instance.name, other.class.name, instance.class.name, instance.class.name]
+          Puppet.debug {
+            "%s %s found in both %s and %s; skipping the %s version" % [self.name.to_s.capitalize, title, other.class.name, instance.class.name, instance.class.name]
+          }
           next
         end
-        provider_instances[instance.name] = instance
+        provider_instances[title] = instance
-        result = new(:name => instance.name, :provider => instance)
+        result = new(:name => instance.name, :provider => instance, :title => title)
         properties.each { |name| result.newattr(name) }
         result
       end
@@ -1708,6 +1720,7 @@ class Type
     }
   end
+  # @deprecated application orchestration will be removed in puppet 7
   newmetaparam(:export, :parent => RelationshipMetaparam, :attributes => {:direction => :out, :events => :NONE}) do
           desc <<EOS
 Export a capability resource.
@@ -1733,6 +1746,7 @@ web { server:
 EOS
   end
+  # @deprecated application orchestration will be removed in puppet 7
   newmetaparam(:consume, :parent => RelationshipMetaparam, :attributes => {:direction => :in, :events => :NONE}) do
           desc <<EOS
 Consume a capability resource.
@@ -1882,7 +1896,7 @@ end
     name = name.intern
     if unprovide(name)
-      Puppet.debug "Reloading #{name} #{self.name} provider"
+      Puppet.debug { "Reloading #{name} #{self.name} provider" }
     end
     pname = options[:parent]
@@ -2284,7 +2298,6 @@ end
     #
     attr_accessor :self_refresh
     include Enumerable, Puppet::Util::ClassGen
-    include Puppet::MetaType::Manager
     include Puppet::Util
     include Puppet::Util::Logging

data/lib/puppet/type/file.rb CHANGED

@@ -116,9 +116,9 @@ Puppet::Type.newtype(:file) do
         that sufficient disk space is available for the file backups. Generally, you
         can implement this using one of the following two options:
         - Use a `find` command and `crontab` entry to retain only the last X days
-        of file backups. For example,
+        of file backups. For example:
-        ```shell script
+        ```
         find /opt/puppetlabs/server/data/puppetserver/bucket -type f -mtime +45 -atime +45 -print0 | xargs -0 rm
         ```
@@ -401,8 +401,12 @@ Puppet::Type.newtype(:file) do
     end
   end
-  CREATORS = [:content, :source, :target]
-  SOURCE_ONLY_CHECKSUMS = [:none, :ctime, :mtime]
+  # mutually exclusive ways to create files
+  CREATORS = [:content, :source, :target].freeze
+  # This is both "checksum types that can't be used with the content property"
+  # and "checksum types that are not digest based"
+  SOURCE_ONLY_CHECKSUMS = [:none, :ctime, :mtime].freeze
   validate do
     creator_count = 0
@@ -428,7 +432,7 @@ Puppet::Type.newtype(:file) do
       @parameters[:content].value = @parameters[:checksum].sum(@parameters[:content].actual_content)
     end
-    if self[:checksum] && self[:checksum_value] && !send("#{self[:checksum]}?", self[:checksum_value])
+    if self[:checksum] && self[:checksum_value] && !valid_checksum?(self[:checksum], self[:checksum_value])
       self.fail _("Checksum value '%{value}' is not a valid checksum type %{checksum}") % { value: self[:checksum_value], checksum: self[:checksum] }
     end
@@ -930,7 +934,7 @@ Puppet::Type.newtype(:file) do
           # that out.
         end
-        fail_if_checksum_is_wrong(file.path, content_checksum) if validate_checksum?
+        fail_if_checksum_is_wrong(property, file.path, content_checksum)
       end
     else
       umask = mode ? 000 : 022
@@ -1040,17 +1044,38 @@ Puppet::Type.newtype(:file) do
     end
   end
-  # Should we validate the checksum of the file we're writing?
-  def validate_checksum?
-    self[:checksum] !~ /time/
-  end
   # Make sure the file we wrote out is what we think it is.
-  def fail_if_checksum_is_wrong(path, content_checksum)
-    newsum = parameter(:checksum).sum_file(path)
-    return if [:absent, nil, content_checksum].include?(newsum)
+  # @param [Puppet::Parameter] property the param or property that wrote the file, or nil
+  # @param [String] path to the file
+  # @param [String] the checksum for the local file
+  #
+  # @api private
+  #
+  def fail_if_checksum_is_wrong(property, path, content_checksum)
+    desired_checksum = desired_checksum(property, path)
-    self.fail _("File written to disk did not match checksum; discarding changes (%{content_checksum} vs %{newsum})") % { content_checksum: content_checksum, newsum: newsum }
+    if desired_checksum && content_checksum != desired_checksum
+      self.fail _("File written to disk did not match desired checksum; discarding changes (%{content_checksum} vs %{desired_checksum})") % { content_checksum: content_checksum, desired_checksum: desired_checksum }
+    end
+  end
+  # Return the desired checksum or nil
+  def desired_checksum(property, path)
+    return if SOURCE_ONLY_CHECKSUMS.include?(self[:checksum])
+    if self[:checksum] && self[:checksum_value]
+      "{#{self[:checksum]}}#{self[:checksum_value]}"
+    elsif property && property.name == :source
+      meta = property.metadata
+      return unless meta
+      # due to HttpMetadata the checksum type may fallback to mtime, so recheck
+      return if SOURCE_ONLY_CHECKSUMS.include?(meta.checksum_type)
+      meta.checksum
+    elsif property && property.name == :content
+      str = property.actual_content
+      str ? parameter(:checksum).sum(str) : nil
+    end
   end
   def write_temporary_file?

data/lib/puppet/type/file/checksum.rb CHANGED

@@ -9,7 +9,7 @@ Puppet::Type.type(:file).newparam(:checksum) do
     The default checksum type is md5."
-  newvalues "md5", "md5lite", "sha224", "sha256", "sha256lite", "sha384", "sha512", "mtime", "ctime", "none"
+  newvalues(*Puppet::Util::Checksums.known_checksum_types)
   defaultto do
     Puppet[:digest_algorithm].to_sym
@@ -23,18 +23,18 @@ Puppet::Type.type(:file).newparam(:checksum) do
   def sum(content)
     content = content.is_a?(Puppet::Pops::Types::PBinaryType::Binary) ? content.binary_buffer : content
-    type = digest_algorithm()
+    type = digest_algorithm
     "{#{type}}" + send(type, content)
   end
   def sum_file(path)
-    type = digest_algorithm()
+    type = digest_algorithm
     method = type.to_s + "_file"
     "{#{type}}" + send(method, path).to_s
   end
   def sum_stream(&block)
-    type = digest_algorithm()
+    type = digest_algorithm
     method = type.to_s + "_stream"
     checksum = send(method, &block)
     "{#{type}}#{checksum}"

data/lib/puppet/type/file/source.rb CHANGED

@@ -23,7 +23,7 @@ module Puppet
       * Fully qualified paths to locally available files (including files on NFS
       shares or Windows mapped drives).
       * `file:` URIs, which behave the same as local file paths.
-      * `http:` URIs, which point to files served by common web servers.
+      * `http(s):` URIs, which point to files served by common web servers.
       The normal form of a `puppet:` URI is:
@@ -44,9 +44,26 @@ module Puppet
       because HTTP servers do not transfer any metadata that translates to
       ownership or permission details.
-      The `http` source uses the server `Content-MD5` header as a checksum to
-      determine if the remote file has changed. If the server response does not
-      include that header, Puppet defaults to using the `Last-Modified` header.
+      Puppet determines if file content is synchronized by computing a checksum
+      for the local file and comparing it against the `checksum_value`
+      parameter. If the `checksum_value` parameter is not specified for
+      `puppet` and `file` sources, Puppet computes a checksum based on its
+      `Puppet[:digest_algorithm]`. For `http(s)` sources, Puppet uses the
+      first HTTP header it recognizes out of the following list:
+      `X-Checksum-Sha256`, `X-Checksum-Sha1`, `X-Checksum-Md5` or `Content-MD5`.
+      If the server response does not include one of these headers, Puppet
+      defaults to using the `Last-Modified` header. Puppet updates the local
+      file if the header is newer than the modified time (mtime) of the local
+      file.
+      _HTTP_ URIs can include a user information component so that Puppet can
+      retrieve file metadata and content from HTTP servers that require HTTP Basic
+      authentication. For example `https://<user>:<pass>@<server>:<port>/path/to/file.`
+      When connecting to _HTTPS_ servers, Puppet trusts CA certificates in the
+      puppet-agent certificate bundle and the Puppet CA. You can configure Puppet
+      to trust additional CA certificates using the `Puppet[:ssl_trust_store]`
+      setting.
       Multiple `source` values can be specified as an array, and Puppet will
       use the first source that exists. This can be used to serve different
@@ -96,8 +113,8 @@ module Puppet
           # Ruby 1.9.3 and earlier have a URI bug in URI
           # to_s returns an ASCII string despite UTF-8 fragments
           # since its escaped its safe to universally call encode
-          # URI.unescape always returns strings in the original encoding
-          URI.unescape(uri_string.encode(Encoding::UTF_8))
+          # Puppet::Util.uri_unescape always returns strings in the original encoding
+          Puppet::Util.uri_unescape(uri_string.encode(Encoding::UTF_8))
         else
           source
         end
@@ -208,7 +225,7 @@ module Puppet
     end
     def port
-      (uri and uri.port) or Puppet.settings[:masterport]
+      (uri and uri.port) or Puppet.settings[:serverport]
     end
     def uri
@@ -255,7 +272,7 @@ module Puppet
     def each_chunk_from(&block)
       if Puppet[:default_file_terminus] == :file_server && scheme == 'puppet' && (uri.host.nil? || uri.host.empty?)
-        chunk_file_from_disk(metadata.path, &block)
+        chunk_file_from_disk(metadata.full_path, &block)
       elsif local?
         chunk_file_from_disk(full_path, &block)
       else
@@ -276,7 +293,7 @@ module Puppet
       api = session.route_to(:fileserver, url: url)
       api.get_static_file_content(
-        path: URI.unescape(url.path),
+        path: Puppet::Util.uri_unescape(url.path),
         environment: resource.catalog.environment_instance.to_s,
         code_id: resource.catalog.code_id,
         &block
@@ -288,15 +305,15 @@ module Puppet
       api = session.route_to(:fileserver, url: url)
       api.get_file_content(
-        path: URI.unescape(url.path),
+        path: Puppet::Util.uri_unescape(url.path),
         environment: resource.catalog.environment_instance.to_s,
         &block
       )
     end
     def get_from_http_source(url, &block)
-      client = Puppet.runtime['http']
-      client.get(url) do |response|
+      client = Puppet.runtime[:http]
+      client.get(url, options: {include_system_store: true}) do |response|
         raise Puppet::HTTP::ResponseError.new(response) unless response.success?
         response.read_body(&block)
@@ -305,7 +322,12 @@ module Puppet
     def chunk_file_from_source(&block)
       if uri.scheme =~ /^https?/
-        get_from_http_source(uri, &block)
+        # Historically puppet has not encoded the http(s) source URL before parsing
+        # it, for example, if the path contains spaces, then it must be URL encoded
+        # as %20 in the manifest. Puppet behaves the same when retrieving file
+        # metadata via http(s), see Puppet::Indirector::FileMetadata::Http#find.
+        url = URI.parse(metadata.source)
+        get_from_http_source(url, &block)
       elsif metadata.content_uri
         content_url = URI.parse(Puppet::Util.uri_encode(metadata.content_uri))
         get_from_content_uri_source(content_url, &block)