puppet 6.16.0-x64-mingw32 → 7.0.0-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (645) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +5 -3
  3. data/Gemfile.lock +31 -33
  4. data/README.md +4 -5
  5. data/Rakefile +4 -12
  6. data/conf/fileserver.conf +5 -10
  7. data/ext/build_defaults.yaml +1 -1
  8. data/ext/osx/file_mapping.yaml +0 -5
  9. data/ext/project_data.yaml +1 -14
  10. data/ext/redhat/puppet.spec.erb +0 -1
  11. data/ext/windows/service/daemon.rb +6 -5
  12. data/install.rb +21 -17
  13. data/lib/puppet.rb +11 -20
  14. data/lib/puppet/agent.rb +2 -2
  15. data/lib/puppet/agent/locker.rb +0 -7
  16. data/lib/puppet/application.rb +172 -98
  17. data/lib/puppet/application/agent.rb +22 -6
  18. data/lib/puppet/application/apply.rb +18 -20
  19. data/lib/puppet/application/device.rb +100 -104
  20. data/lib/puppet/application/doc.rb +1 -1
  21. data/lib/puppet/application/filebucket.rb +15 -11
  22. data/lib/puppet/application/lookup.rb +16 -4
  23. data/lib/puppet/application/ssl.rb +1 -1
  24. data/lib/puppet/configurer.rb +66 -31
  25. data/lib/puppet/configurer/downloader.rb +31 -10
  26. data/lib/puppet/configurer/plugin_handler.rb +21 -19
  27. data/lib/puppet/confine.rb +2 -2
  28. data/lib/puppet/confine/any.rb +1 -1
  29. data/lib/puppet/defaults.rb +166 -169
  30. data/lib/puppet/environments.rb +41 -15
  31. data/lib/puppet/face/catalog.rb +1 -1
  32. data/lib/puppet/face/config.rb +56 -16
  33. data/lib/puppet/face/epp.rb +12 -2
  34. data/lib/puppet/face/facts.rb +66 -6
  35. data/lib/puppet/face/help.rb +1 -1
  36. data/lib/puppet/face/node.rb +3 -3
  37. data/lib/puppet/face/node/clean.rb +2 -2
  38. data/lib/puppet/face/plugin.rb +5 -8
  39. data/lib/puppet/feature/base.rb +1 -1
  40. data/lib/puppet/ffi/windows.rb +12 -0
  41. data/lib/puppet/ffi/windows/api_types.rb +311 -0
  42. data/lib/puppet/ffi/windows/constants.rb +404 -0
  43. data/lib/puppet/ffi/windows/functions.rb +628 -0
  44. data/lib/puppet/ffi/windows/structs.rb +338 -0
  45. data/lib/puppet/file_bucket/dipper.rb +1 -1
  46. data/lib/puppet/file_serving/configuration.rb +0 -5
  47. data/lib/puppet/file_serving/configuration/parser.rb +3 -32
  48. data/lib/puppet/file_serving/http_metadata.rb +13 -1
  49. data/lib/puppet/file_serving/metadata.rb +4 -1
  50. data/lib/puppet/file_serving/mount.rb +1 -2
  51. data/lib/puppet/file_serving/mount/locales.rb +1 -2
  52. data/lib/puppet/file_serving/mount/pluginfacts.rb +1 -2
  53. data/lib/puppet/file_serving/mount/plugins.rb +1 -2
  54. data/lib/puppet/file_serving/terminus_selector.rb +7 -8
  55. data/lib/puppet/file_system/file_impl.rb +4 -4
  56. data/lib/puppet/file_system/uniquefile.rb +8 -16
  57. data/lib/puppet/forge.rb +1 -1
  58. data/lib/puppet/forge/cache.rb +1 -1
  59. data/lib/puppet/forge/repository.rb +3 -8
  60. data/lib/puppet/functions/epp.rb +1 -0
  61. data/lib/puppet/functions/inline_epp.rb +1 -0
  62. data/lib/puppet/functions/lstrip.rb +4 -4
  63. data/lib/puppet/functions/new.rb +8 -3
  64. data/lib/puppet/functions/reverse_each.rb +1 -1
  65. data/lib/puppet/functions/rstrip.rb +4 -4
  66. data/lib/puppet/functions/step.rb +1 -1
  67. data/lib/puppet/functions/strip.rb +4 -4
  68. data/lib/puppet/generate/models/type/type.rb +4 -1
  69. data/lib/puppet/gettext/config.rb +5 -5
  70. data/lib/puppet/gettext/module_translations.rb +4 -4
  71. data/lib/puppet/http.rb +23 -13
  72. data/lib/puppet/http/client.rb +170 -115
  73. data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
  74. data/lib/puppet/http/errors.rb +16 -0
  75. data/lib/puppet/http/external_client.rb +5 -7
  76. data/lib/puppet/{network/http → http}/factory.rb +8 -11
  77. data/lib/puppet/{network/http → http}/pool.rb +61 -26
  78. data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
  79. data/lib/puppet/http/proxy.rb +137 -0
  80. data/lib/puppet/http/redirector.rb +13 -19
  81. data/lib/puppet/http/resolver.rb +10 -23
  82. data/lib/puppet/http/resolver/server_list.rb +23 -45
  83. data/lib/puppet/http/resolver/settings.rb +7 -10
  84. data/lib/puppet/http/resolver/srv.rb +11 -15
  85. data/lib/puppet/http/response.rb +49 -48
  86. data/lib/puppet/http/response_converter.rb +24 -0
  87. data/lib/puppet/http/response_net_http.rb +42 -0
  88. data/lib/puppet/http/retry_after_handler.rb +4 -13
  89. data/lib/puppet/http/service.rb +15 -27
  90. data/lib/puppet/http/service/ca.rb +11 -22
  91. data/lib/puppet/http/service/compiler.rb +23 -70
  92. data/lib/puppet/http/service/file_server.rb +19 -28
  93. data/lib/puppet/http/service/puppetserver.rb +53 -0
  94. data/lib/puppet/http/service/report.rb +8 -10
  95. data/lib/puppet/http/session.rb +16 -24
  96. data/lib/puppet/{network/http → http}/site.rb +1 -2
  97. data/lib/puppet/indirector.rb +1 -1
  98. data/lib/puppet/indirector/catalog/compiler.rb +1 -1
  99. data/lib/puppet/indirector/catalog/rest.rb +2 -4
  100. data/lib/puppet/indirector/exec.rb +1 -1
  101. data/lib/puppet/indirector/fact_search.rb +60 -0
  102. data/lib/puppet/indirector/facts/facter.rb +27 -6
  103. data/lib/puppet/indirector/facts/json.rb +27 -0
  104. data/lib/puppet/indirector/facts/rest.rb +3 -22
  105. data/lib/puppet/indirector/facts/yaml.rb +4 -59
  106. data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
  107. data/lib/puppet/indirector/file_content/rest.rb +3 -7
  108. data/lib/puppet/indirector/file_metadata/http.rb +25 -5
  109. data/lib/puppet/indirector/file_metadata/rest.rb +5 -11
  110. data/lib/puppet/indirector/file_server.rb +1 -8
  111. data/lib/puppet/indirector/generic_http.rb +0 -11
  112. data/lib/puppet/indirector/hiera.rb +4 -0
  113. data/lib/puppet/indirector/indirection.rb +1 -1
  114. data/lib/puppet/indirector/json.rb +5 -1
  115. data/lib/puppet/indirector/msgpack.rb +1 -1
  116. data/lib/puppet/indirector/node/json.rb +8 -0
  117. data/lib/puppet/indirector/node/rest.rb +2 -4
  118. data/lib/puppet/indirector/report/json.rb +34 -0
  119. data/lib/puppet/indirector/report/processor.rb +2 -2
  120. data/lib/puppet/indirector/report/rest.rb +3 -8
  121. data/lib/puppet/indirector/request.rb +2 -103
  122. data/lib/puppet/indirector/rest.rb +12 -263
  123. data/lib/puppet/indirector/yaml.rb +1 -1
  124. data/lib/puppet/module.rb +1 -2
  125. data/lib/puppet/module_tool/applications.rb +0 -1
  126. data/lib/puppet/network/authconfig.rb +2 -96
  127. data/lib/puppet/network/authorization.rb +13 -35
  128. data/lib/puppet/network/format_support.rb +2 -2
  129. data/lib/puppet/network/formats.rb +2 -1
  130. data/lib/puppet/network/http.rb +3 -3
  131. data/lib/puppet/network/http/api/indirected_routes.rb +3 -21
  132. data/lib/puppet/network/http/api/master/v3.rb +11 -13
  133. data/lib/puppet/network/http/api/master/v3/environments.rb +0 -1
  134. data/lib/puppet/network/http/connection.rb +247 -316
  135. data/lib/puppet/network/http/handler.rb +0 -1
  136. data/lib/puppet/network/http/route.rb +2 -2
  137. data/lib/puppet/network/http_pool.rb +16 -34
  138. data/lib/puppet/node.rb +1 -30
  139. data/lib/puppet/node/environment.rb +12 -5
  140. data/lib/puppet/node/facts.rb +17 -0
  141. data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
  142. data/lib/puppet/pal/pal_impl.rb +93 -14
  143. data/lib/puppet/parameter.rb +1 -1
  144. data/lib/puppet/parser/ast/leaf.rb +5 -5
  145. data/lib/puppet/parser/ast/pops_bridge.rb +0 -42
  146. data/lib/puppet/parser/compiler.rb +1 -199
  147. data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
  148. data/lib/puppet/parser/functions.rb +21 -17
  149. data/lib/puppet/parser/functions/create_resources.rb +11 -7
  150. data/lib/puppet/parser/resource.rb +3 -71
  151. data/lib/puppet/parser/resource/param.rb +6 -0
  152. data/lib/puppet/parser/type_loader.rb +2 -2
  153. data/lib/puppet/pops/adaptable.rb +7 -13
  154. data/lib/puppet/pops/adapters.rb +8 -4
  155. data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +1 -3
  156. data/lib/puppet/pops/evaluator/evaluator_impl.rb +27 -13
  157. data/lib/puppet/pops/evaluator/runtime3_converter.rb +2 -2
  158. data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
  159. data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
  160. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
  161. data/lib/puppet/pops/loader/runtime3_type_loader.rb +4 -2
  162. data/lib/puppet/pops/loaders.rb +18 -11
  163. data/lib/puppet/pops/lookup/context.rb +1 -1
  164. data/lib/puppet/pops/lookup/hiera_config.rb +14 -1
  165. data/lib/puppet/pops/model/ast.pp +0 -42
  166. data/lib/puppet/pops/model/ast.rb +0 -290
  167. data/lib/puppet/pops/model/factory.rb +0 -45
  168. data/lib/puppet/pops/model/model_label_provider.rb +0 -5
  169. data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
  170. data/lib/puppet/pops/model/pn_transformer.rb +0 -16
  171. data/lib/puppet/pops/parser/egrammar.ra +0 -56
  172. data/lib/puppet/pops/parser/eparser.rb +1520 -1712
  173. data/lib/puppet/pops/parser/lexer2.rb +4 -4
  174. data/lib/puppet/pops/parser/parser_support.rb +0 -5
  175. data/lib/puppet/pops/resource/resource_type_impl.rb +2 -22
  176. data/lib/puppet/pops/types/iterable.rb +34 -8
  177. data/lib/puppet/pops/types/p_meta_type.rb +1 -1
  178. data/lib/puppet/pops/types/p_type_set_type.rb +4 -0
  179. data/lib/puppet/pops/types/type_calculator.rb +0 -7
  180. data/lib/puppet/pops/types/type_parser.rb +0 -4
  181. data/lib/puppet/pops/types/types.rb +0 -1
  182. data/lib/puppet/pops/validation/checker4_0.rb +28 -42
  183. data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
  184. data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -1
  185. data/lib/puppet/provider.rb +0 -13
  186. data/lib/puppet/provider/file/windows.rb +1 -1
  187. data/lib/puppet/provider/nameservice.rb +0 -18
  188. data/lib/puppet/provider/package/apt.rb +34 -0
  189. data/lib/puppet/provider/package/aptitude.rb +1 -1
  190. data/lib/puppet/provider/package/dpkg.rb +1 -11
  191. data/lib/puppet/provider/package/gem.rb +27 -5
  192. data/lib/puppet/provider/package/pip.rb +0 -1
  193. data/lib/puppet/provider/package/pip2.rb +17 -0
  194. data/lib/puppet/provider/package/pkg.rb +0 -4
  195. data/lib/puppet/provider/package/portage.rb +1 -1
  196. data/lib/puppet/provider/package/puppet_gem.rb +6 -4
  197. data/lib/puppet/provider/package/puppetserver_gem.rb +180 -0
  198. data/lib/puppet/provider/package/yum.rb +2 -1
  199. data/lib/puppet/provider/package/zypper.rb +3 -0
  200. data/lib/puppet/provider/service/smf.rb +191 -73
  201. data/lib/puppet/provider/service/windows.rb +23 -7
  202. data/lib/puppet/provider/user/aix.rb +1 -1
  203. data/lib/puppet/provider/user/directoryservice.rb +0 -10
  204. data/lib/puppet/provider/user/user_role_add.rb +1 -1
  205. data/lib/puppet/provider/user/useradd.rb +11 -4
  206. data/lib/puppet/provider/user/windows_adsi.rb +18 -1
  207. data/lib/puppet/reference/configuration.rb +2 -0
  208. data/lib/puppet/reference/indirection.rb +1 -1
  209. data/lib/puppet/reports/http.rb +2 -0
  210. data/lib/puppet/resource.rb +3 -90
  211. data/lib/puppet/resource/catalog.rb +1 -14
  212. data/lib/puppet/resource/type.rb +5 -112
  213. data/lib/puppet/resource/type_collection.rb +3 -48
  214. data/lib/puppet/runtime.rb +1 -2
  215. data/lib/puppet/settings.rb +84 -35
  216. data/lib/puppet/settings/base_setting.rb +26 -2
  217. data/lib/puppet/settings/integer_setting.rb +17 -0
  218. data/lib/puppet/settings/port_setting.rb +15 -0
  219. data/lib/puppet/settings/priority_setting.rb +5 -4
  220. data/lib/puppet/ssl.rb +10 -6
  221. data/lib/puppet/ssl/base.rb +3 -5
  222. data/lib/puppet/ssl/certificate.rb +0 -6
  223. data/lib/puppet/ssl/certificate_request.rb +1 -12
  224. data/lib/puppet/ssl/certificate_signer.rb +6 -0
  225. data/lib/puppet/ssl/oids.rb +3 -1
  226. data/lib/puppet/ssl/ssl_context.rb +2 -2
  227. data/lib/puppet/ssl/ssl_provider.rb +37 -1
  228. data/lib/puppet/ssl/state_machine.rb +3 -1
  229. data/lib/puppet/ssl/verifier.rb +2 -0
  230. data/lib/puppet/test/test_helper.rb +19 -16
  231. data/lib/puppet/transaction.rb +3 -9
  232. data/lib/puppet/transaction/persistence.rb +1 -1
  233. data/lib/puppet/transaction/report.rb +10 -8
  234. data/lib/puppet/trusted_external.rb +29 -1
  235. data/lib/puppet/type.rb +9 -77
  236. data/lib/puppet/type/file.rb +45 -22
  237. data/lib/puppet/type/file/checksum.rb +5 -5
  238. data/lib/puppet/type/file/source.rb +33 -13
  239. data/lib/puppet/type/filebucket.rb +4 -4
  240. data/lib/puppet/type/notify.rb +2 -2
  241. data/lib/puppet/type/package.rb +5 -13
  242. data/lib/puppet/type/service.rb +53 -0
  243. data/lib/puppet/type/user.rb +18 -3
  244. data/lib/puppet/util.rb +41 -3
  245. data/lib/puppet/util/autoload.rb +9 -7
  246. data/lib/puppet/util/character_encoding.rb +9 -5
  247. data/lib/puppet/util/checksums.rb +19 -4
  248. data/lib/puppet/util/execution.rb +2 -13
  249. data/lib/puppet/util/fileparsing.rb +2 -2
  250. data/lib/puppet/util/http_proxy.rb +2 -215
  251. data/lib/puppet/util/monkey_patches.rb +0 -46
  252. data/lib/puppet/util/provider_features.rb +1 -1
  253. data/lib/puppet/util/rdoc.rb +0 -7
  254. data/lib/puppet/util/reference.rb +1 -1
  255. data/lib/puppet/util/retry_action.rb +1 -1
  256. data/lib/puppet/util/rubygems.rb +5 -1
  257. data/lib/puppet/util/run_mode.rb +14 -2
  258. data/lib/puppet/util/windows.rb +3 -7
  259. data/lib/puppet/util/windows/daemon.rb +360 -0
  260. data/lib/puppet/util/windows/error.rb +1 -0
  261. data/lib/puppet/util/windows/eventlog.rb +5 -15
  262. data/lib/puppet/util/windows/file.rb +8 -242
  263. data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
  264. data/lib/puppet/util/windows/principal.rb +8 -6
  265. data/lib/puppet/util/windows/process.rb +4 -226
  266. data/lib/puppet/util/windows/registry.rb +11 -11
  267. data/lib/puppet/util/windows/security.rb +4 -4
  268. data/lib/puppet/util/windows/service.rb +52 -486
  269. data/lib/puppet/util/windows/string.rb +12 -13
  270. data/lib/puppet/util/windows/user.rb +242 -8
  271. data/lib/puppet/util/yaml.rb +0 -22
  272. data/lib/puppet/vendor/require_vendored.rb +0 -1
  273. data/lib/puppet/version.rb +1 -1
  274. data/lib/puppet/x509.rb +5 -1
  275. data/lib/puppet/x509/cert_provider.rb +29 -1
  276. data/locales/puppet.pot +713 -1380
  277. data/man/man5/puppet.conf.5 +84 -98
  278. data/man/man8/puppet-agent.8 +7 -4
  279. data/man/man8/puppet-apply.8 +1 -1
  280. data/man/man8/puppet-catalog.8 +1 -1
  281. data/man/man8/puppet-config.8 +6 -6
  282. data/man/man8/puppet-describe.8 +1 -1
  283. data/man/man8/puppet-device.8 +1 -1
  284. data/man/man8/puppet-doc.8 +1 -1
  285. data/man/man8/puppet-epp.8 +1 -1
  286. data/man/man8/puppet-facts.8 +55 -9
  287. data/man/man8/puppet-filebucket.8 +6 -6
  288. data/man/man8/puppet-generate.8 +1 -1
  289. data/man/man8/puppet-help.8 +1 -1
  290. data/man/man8/puppet-lookup.8 +2 -2
  291. data/man/man8/puppet-module.8 +1 -58
  292. data/man/man8/puppet-node.8 +7 -4
  293. data/man/man8/puppet-parser.8 +1 -1
  294. data/man/man8/puppet-plugin.8 +1 -1
  295. data/man/man8/puppet-report.8 +4 -1
  296. data/man/man8/puppet-resource.8 +1 -1
  297. data/man/man8/puppet-script.8 +1 -1
  298. data/man/man8/puppet-ssl.8 +1 -1
  299. data/man/man8/puppet.8 +2 -2
  300. data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/provider/applytest/applytest.rb +2 -0
  301. data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/type/applytest.rb +25 -0
  302. data/spec/fixtures/unit/forge/bacula-releases.json +128 -0
  303. data/spec/fixtures/unit/forge/bacula.tar.gz +0 -0
  304. data/spec/fixtures/unit/provider/package/puppetserver_gem/gem-list-local-packages +30 -0
  305. data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
  306. data/spec/integration/application/agent_spec.rb +157 -59
  307. data/spec/integration/application/apply_spec.rb +150 -150
  308. data/spec/integration/application/doc_spec.rb +16 -6
  309. data/spec/integration/application/filebucket_spec.rb +78 -29
  310. data/spec/integration/application/help_spec.rb +44 -0
  311. data/spec/integration/application/lookup_spec.rb +13 -0
  312. data/spec/integration/application/module_spec.rb +68 -0
  313. data/spec/integration/application/plugin_spec.rb +76 -4
  314. data/spec/integration/configurer_spec.rb +14 -0
  315. data/spec/integration/data_binding_spec.rb +82 -0
  316. data/spec/integration/defaults_spec.rb +33 -5
  317. data/spec/integration/directory_environments_spec.rb +17 -17
  318. data/spec/integration/environments/setting_hooks_spec.rb +1 -1
  319. data/spec/integration/indirector/facts/facter_spec.rb +8 -6
  320. data/spec/integration/network/http_pool_spec.rb +29 -30
  321. data/spec/integration/node/environment_spec.rb +1 -1
  322. data/spec/integration/parser/catalog_spec.rb +0 -38
  323. data/spec/integration/parser/compiler_spec.rb +11 -0
  324. data/spec/integration/parser/node_spec.rb +0 -9
  325. data/spec/integration/parser/pcore_resource_spec.rb +0 -37
  326. data/spec/integration/type/file_spec.rb +6 -5
  327. data/spec/integration/util/execution_spec.rb +22 -0
  328. data/spec/integration/util/windows/adsi_spec.rb +2 -2
  329. data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
  330. data/spec/integration/util/windows/process_spec.rb +26 -32
  331. data/spec/integration/util/windows/registry_spec.rb +7 -7
  332. data/spec/integration/util/windows/security_spec.rb +1 -1
  333. data/spec/integration/util/windows/user_spec.rb +47 -5
  334. data/spec/integration/util_spec.rb +7 -33
  335. data/spec/lib/puppet_spec/matchers.rb +0 -80
  336. data/spec/lib/puppet_spec/puppetserver.rb +9 -1
  337. data/spec/lib/puppet_spec/settings.rb +7 -1
  338. data/spec/shared_contexts/types_setup.rb +2 -0
  339. data/spec/spec_helper.rb +2 -0
  340. data/spec/unit/agent_spec.rb +0 -2
  341. data/spec/unit/application/agent_spec.rb +3 -4
  342. data/spec/unit/application/config_spec.rb +224 -4
  343. data/spec/unit/application/doc_spec.rb +2 -2
  344. data/spec/unit/application/face_base_spec.rb +6 -4
  345. data/spec/unit/application/facts_spec.rb +74 -8
  346. data/spec/unit/application/filebucket_spec.rb +41 -39
  347. data/spec/unit/application/resource_spec.rb +3 -1
  348. data/spec/unit/application/ssl_spec.rb +17 -4
  349. data/spec/unit/application_spec.rb +9 -4
  350. data/spec/unit/certificate_factory_spec.rb +1 -1
  351. data/spec/unit/configurer/downloader_spec.rb +14 -0
  352. data/spec/unit/configurer/fact_handler_spec.rb +4 -4
  353. data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
  354. data/spec/unit/configurer_spec.rb +96 -44
  355. data/spec/unit/confine_spec.rb +2 -1
  356. data/spec/unit/context/trusted_information_spec.rb +12 -10
  357. data/spec/unit/defaults_spec.rb +77 -28
  358. data/spec/unit/environments_spec.rb +96 -32
  359. data/spec/unit/face/config_spec.rb +65 -12
  360. data/spec/unit/face/facts_spec.rb +4 -0
  361. data/spec/unit/face/node_spec.rb +2 -2
  362. data/spec/unit/face/plugin_spec.rb +73 -33
  363. data/spec/unit/file_bucket/file_spec.rb +1 -1
  364. data/spec/unit/file_serving/configuration/parser_spec.rb +14 -18
  365. data/spec/unit/file_serving/configuration_spec.rb +6 -12
  366. data/spec/unit/file_serving/http_metadata_spec.rb +37 -14
  367. data/spec/unit/file_serving/mount/locales_spec.rb +2 -2
  368. data/spec/unit/file_serving/mount/pluginfacts_spec.rb +2 -2
  369. data/spec/unit/file_serving/mount/plugins_spec.rb +2 -2
  370. data/spec/unit/file_serving/terminus_selector_spec.rb +45 -26
  371. data/spec/unit/file_system/uniquefile_spec.rb +18 -0
  372. data/spec/unit/file_system_spec.rb +1 -2
  373. data/spec/unit/functions/camelcase_spec.rb +1 -1
  374. data/spec/unit/functions/capitalize_spec.rb +1 -1
  375. data/spec/unit/functions/downcase_spec.rb +1 -1
  376. data/spec/unit/functions/inline_epp_spec.rb +26 -1
  377. data/spec/unit/functions/upcase_spec.rb +1 -1
  378. data/spec/unit/http/client_spec.rb +71 -17
  379. data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
  380. data/spec/unit/http/external_client_spec.rb +4 -4
  381. data/spec/unit/{network/http → http}/factory_spec.rb +5 -11
  382. data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
  383. data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
  384. data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
  385. data/spec/unit/http/resolver_spec.rb +34 -15
  386. data/spec/unit/http/response_spec.rb +6 -0
  387. data/spec/unit/http/service/ca_spec.rb +2 -3
  388. data/spec/unit/http/service/compiler_spec.rb +51 -65
  389. data/spec/unit/http/service/file_server_spec.rb +5 -6
  390. data/spec/unit/http/service/puppetserver_spec.rb +112 -0
  391. data/spec/unit/http/service/report_spec.rb +2 -3
  392. data/spec/unit/http/service_spec.rb +1 -3
  393. data/spec/unit/http/session_spec.rb +24 -35
  394. data/spec/unit/{network/http → http}/site_spec.rb +3 -3
  395. data/spec/unit/indirector/catalog/json_spec.rb +1 -1
  396. data/spec/unit/indirector/catalog/rest_spec.rb +1 -1
  397. data/spec/unit/indirector/facts/facter_spec.rb +97 -0
  398. data/spec/unit/indirector/facts/json_spec.rb +255 -0
  399. data/spec/unit/indirector/facts/rest_spec.rb +1 -1
  400. data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
  401. data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
  402. data/spec/unit/indirector/file_metadata/http_spec.rb +27 -0
  403. data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
  404. data/spec/unit/indirector/file_server_spec.rb +1 -15
  405. data/spec/unit/indirector/json_spec.rb +8 -8
  406. data/spec/unit/indirector/msgpack_spec.rb +8 -8
  407. data/spec/unit/indirector/node/json_spec.rb +33 -0
  408. data/spec/unit/indirector/node/rest_spec.rb +1 -1
  409. data/spec/{integration/indirector/report/yaml.rb → unit/indirector/report/json_spec.rb} +13 -24
  410. data/spec/unit/indirector/report/rest_spec.rb +2 -17
  411. data/spec/unit/indirector/report/yaml_spec.rb +72 -8
  412. data/spec/unit/indirector/request_spec.rb +3 -267
  413. data/spec/unit/indirector/rest_spec.rb +98 -752
  414. data/spec/unit/indirector/yaml_spec.rb +7 -7
  415. data/spec/unit/interface_spec.rb +3 -3
  416. data/spec/unit/module_tool/tar/mini_spec.rb +20 -0
  417. data/spec/unit/network/authconfig_spec.rb +2 -132
  418. data/spec/unit/network/authorization_spec.rb +2 -55
  419. data/spec/unit/network/format_support_spec.rb +3 -2
  420. data/spec/unit/network/formats_spec.rb +4 -4
  421. data/spec/unit/network/http/api/indirected_routes_spec.rb +3 -98
  422. data/spec/unit/network/http/api/master/v3/environments_spec.rb +12 -23
  423. data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
  424. data/spec/unit/network/http/api_spec.rb +10 -0
  425. data/spec/unit/network/http/connection_spec.rb +61 -73
  426. data/spec/unit/network/http/handler_spec.rb +0 -6
  427. data/spec/unit/network/http_pool_spec.rb +0 -4
  428. data/spec/unit/node/environment_spec.rb +51 -22
  429. data/spec/unit/node_spec.rb +2 -54
  430. data/spec/unit/parser/ast/block_expression_spec.rb +1 -1
  431. data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
  432. data/spec/unit/parser/scope_spec.rb +1 -1
  433. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +19 -8
  434. data/spec/unit/pops/loaders/loaders_spec.rb +77 -22
  435. data/spec/unit/pops/lookup/lookup_spec.rb +25 -0
  436. data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
  437. data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
  438. data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
  439. data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
  440. data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
  441. data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
  442. data/spec/unit/pops/types/type_calculator_spec.rb +7 -17
  443. data/spec/unit/pops/types/type_factory_spec.rb +1 -1
  444. data/spec/unit/pops/validator/validator_spec.rb +61 -46
  445. data/spec/unit/pops/visitor_spec.rb +1 -1
  446. data/spec/unit/provider/exec_spec.rb +4 -3
  447. data/spec/unit/provider/nameservice_spec.rb +0 -57
  448. data/spec/unit/provider/package/apt_spec.rb +77 -0
  449. data/spec/unit/provider/package/aptitude_spec.rb +1 -0
  450. data/spec/unit/provider/package/dpkg_spec.rb +22 -55
  451. data/spec/unit/provider/package/gem_spec.rb +32 -0
  452. data/spec/unit/provider/package/openbsd_spec.rb +2 -0
  453. data/spec/unit/provider/package/pip2_spec.rb +36 -0
  454. data/spec/unit/provider/package/puppet_gem_spec.rb +6 -2
  455. data/spec/unit/provider/package/puppetserver_gem_spec.rb +137 -0
  456. data/spec/unit/provider/package/yum_spec.rb +31 -0
  457. data/spec/unit/provider/package/zypper_spec.rb +14 -0
  458. data/spec/unit/provider/service/base_spec.rb +2 -4
  459. data/spec/unit/provider/service/bsd_spec.rb +5 -1
  460. data/spec/unit/provider/service/daemontools_spec.rb +1 -1
  461. data/spec/unit/provider/service/debian_spec.rb +3 -5
  462. data/spec/unit/provider/service/freebsd_spec.rb +1 -1
  463. data/spec/unit/provider/service/gentoo_spec.rb +4 -5
  464. data/spec/unit/provider/service/init_spec.rb +45 -5
  465. data/spec/unit/provider/service/launchd_spec.rb +5 -6
  466. data/spec/unit/provider/service/openrc_spec.rb +4 -5
  467. data/spec/unit/provider/service/openwrt_spec.rb +1 -1
  468. data/spec/unit/provider/service/redhat_spec.rb +1 -1
  469. data/spec/unit/provider/service/runit_spec.rb +2 -1
  470. data/spec/unit/provider/service/smf_spec.rb +402 -166
  471. data/spec/unit/provider/service/src_spec.rb +3 -5
  472. data/spec/unit/provider/service/systemd_spec.rb +3 -6
  473. data/spec/unit/provider/service/upstart_spec.rb +4 -5
  474. data/spec/unit/provider/service/windows_spec.rb +50 -15
  475. data/spec/unit/provider/user/openbsd_spec.rb +1 -0
  476. data/spec/unit/provider/user/useradd_spec.rb +22 -16
  477. data/spec/unit/provider/user/windows_adsi_spec.rb +82 -0
  478. data/spec/unit/provider_spec.rb +0 -12
  479. data/spec/unit/puppet_pal_2pec.rb +40 -0
  480. data/spec/unit/puppet_pal_catalog_spec.rb +45 -0
  481. data/spec/unit/reports/store_spec.rb +17 -13
  482. data/spec/unit/resource/type_collection_spec.rb +2 -22
  483. data/spec/unit/resource_spec.rb +3 -59
  484. data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
  485. data/spec/unit/settings/integer_setting_spec.rb +42 -0
  486. data/spec/unit/settings/port_setting_spec.rb +31 -0
  487. data/spec/unit/settings/priority_setting_spec.rb +4 -4
  488. data/spec/unit/settings_spec.rb +586 -239
  489. data/spec/unit/ssl/base_spec.rb +36 -3
  490. data/spec/unit/ssl/certificate_request_spec.rb +15 -45
  491. data/spec/unit/ssl/certificate_spec.rb +2 -11
  492. data/spec/unit/ssl/ssl_provider_spec.rb +78 -49
  493. data/spec/unit/ssl/state_machine_spec.rb +0 -1
  494. data/spec/unit/ssl/verifier_spec.rb +0 -21
  495. data/spec/unit/test/test_helper_spec.rb +17 -0
  496. data/spec/unit/transaction/persistence_spec.rb +15 -0
  497. data/spec/unit/transaction/report_spec.rb +3 -3
  498. data/spec/unit/transaction/resource_harness_spec.rb +2 -2
  499. data/spec/unit/transaction_spec.rb +45 -79
  500. data/spec/unit/type/file/checksum_spec.rb +6 -6
  501. data/spec/unit/type/file/content_spec.rb +1 -1
  502. data/spec/unit/type/file/ensure_spec.rb +1 -1
  503. data/spec/unit/type/file/mode_spec.rb +1 -1
  504. data/spec/unit/type/file/source_spec.rb +4 -5
  505. data/spec/unit/type/file_spec.rb +134 -102
  506. data/spec/unit/type/filebucket_spec.rb +1 -1
  507. data/spec/unit/type/package_spec.rb +1 -1
  508. data/spec/unit/type/service_spec.rb +209 -0
  509. data/spec/unit/type/user_spec.rb +31 -2
  510. data/spec/unit/type_spec.rb +70 -0
  511. data/spec/unit/util/backups_spec.rb +0 -2
  512. data/spec/unit/util/character_encoding_spec.rb +4 -4
  513. data/spec/unit/util/checksums_spec.rb +16 -0
  514. data/spec/unit/util/command_line_spec.rb +11 -6
  515. data/spec/unit/util/execution_spec.rb +0 -29
  516. data/spec/unit/util/monkey_patches_spec.rb +0 -6
  517. data/spec/unit/util/rubygems_spec.rb +2 -2
  518. data/spec/unit/util/run_mode_spec.rb +27 -127
  519. data/spec/unit/util/windows/api_types_spec.rb +104 -40
  520. data/spec/unit/util/windows/service_spec.rb +4 -4
  521. data/spec/unit/util/windows/string_spec.rb +1 -3
  522. data/spec/unit/util/yaml_spec.rb +0 -54
  523. data/spec/unit/util_spec.rb +3 -21
  524. data/spec/unit/x509/cert_provider_spec.rb +1 -1
  525. metadata +76 -270
  526. data/conf/auth.conf +0 -150
  527. data/lib/puppet/application/cert.rb +0 -76
  528. data/lib/puppet/application/key.rb +0 -4
  529. data/lib/puppet/application/man.rb +0 -4
  530. data/lib/puppet/application/status.rb +0 -4
  531. data/lib/puppet/face/key.rb +0 -16
  532. data/lib/puppet/face/man.rb +0 -145
  533. data/lib/puppet/face/module/build.rb +0 -14
  534. data/lib/puppet/face/module/generate.rb +0 -14
  535. data/lib/puppet/face/module/search.rb +0 -103
  536. data/lib/puppet/face/status.rb +0 -51
  537. data/lib/puppet/indirector/certificate/file.rb +0 -9
  538. data/lib/puppet/indirector/certificate/rest.rb +0 -18
  539. data/lib/puppet/indirector/certificate_request/file.rb +0 -9
  540. data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
  541. data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
  542. data/lib/puppet/indirector/file_content/http.rb +0 -22
  543. data/lib/puppet/indirector/key/file.rb +0 -46
  544. data/lib/puppet/indirector/key/memory.rb +0 -7
  545. data/lib/puppet/indirector/ssl_file.rb +0 -162
  546. data/lib/puppet/indirector/status.rb +0 -3
  547. data/lib/puppet/indirector/status/local.rb +0 -12
  548. data/lib/puppet/indirector/status/rest.rb +0 -27
  549. data/lib/puppet/module_tool/applications/searcher.rb +0 -29
  550. data/lib/puppet/network/auth_config_parser.rb +0 -90
  551. data/lib/puppet/network/authstore.rb +0 -283
  552. data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
  553. data/lib/puppet/network/http/api/master/v3/environment.rb +0 -85
  554. data/lib/puppet/network/http/base_pool.rb +0 -36
  555. data/lib/puppet/network/http/compression.rb +0 -127
  556. data/lib/puppet/network/http/connection_adapter.rb +0 -182
  557. data/lib/puppet/network/http/nocache_pool.rb +0 -28
  558. data/lib/puppet/network/rest_controller.rb +0 -2
  559. data/lib/puppet/network/rights.rb +0 -210
  560. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -64
  561. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -20
  562. data/lib/puppet/parser/environment_compiler.rb +0 -199
  563. data/lib/puppet/pops/types/enumeration.rb +0 -16
  564. data/lib/puppet/resource/capability_finder.rb +0 -154
  565. data/lib/puppet/rest/errors.rb +0 -15
  566. data/lib/puppet/rest/response.rb +0 -35
  567. data/lib/puppet/rest/route.rb +0 -85
  568. data/lib/puppet/rest/routes.rb +0 -135
  569. data/lib/puppet/ssl/host.rb +0 -505
  570. data/lib/puppet/ssl/key.rb +0 -61
  571. data/lib/puppet/ssl/validator.rb +0 -61
  572. data/lib/puppet/ssl/validator/default_validator.rb +0 -209
  573. data/lib/puppet/ssl/validator/no_validator.rb +0 -22
  574. data/lib/puppet/ssl/verifier_adapter.rb +0 -58
  575. data/lib/puppet/status.rb +0 -40
  576. data/lib/puppet/util/connection.rb +0 -88
  577. data/lib/puppet/util/ssl.rb +0 -83
  578. data/lib/puppet/util/windows/api_types.rb +0 -282
  579. data/lib/puppet/vendor/load_pathspec.rb +0 -1
  580. data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
  581. data/lib/puppet/vendor/pathspec/LICENSE +0 -201
  582. data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
  583. data/lib/puppet/vendor/pathspec/README.md +0 -53
  584. data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
  585. data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
  586. data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
  587. data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
  588. data/man/man8/puppet-key.8 +0 -126
  589. data/man/man8/puppet-man.8 +0 -76
  590. data/man/man8/puppet-status.8 +0 -108
  591. data/spec/integration/faces/config_spec.rb +0 -91
  592. data/spec/integration/faces/documentation_spec.rb +0 -57
  593. data/spec/integration/file_bucket/file_spec.rb +0 -50
  594. data/spec/integration/file_serving/content_spec.rb +0 -7
  595. data/spec/integration/file_serving/fileset_spec.rb +0 -12
  596. data/spec/integration/file_serving/metadata_spec.rb +0 -8
  597. data/spec/integration/file_serving/terminus_helper_spec.rb +0 -20
  598. data/spec/integration/file_system/uniquefile_spec.rb +0 -26
  599. data/spec/integration/module_tool/forge_spec.rb +0 -51
  600. data/spec/integration/module_tool/tar/mini_spec.rb +0 -28
  601. data/spec/integration/network/authconfig_spec.rb +0 -256
  602. data/spec/integration/provider/service/init_spec.rb +0 -48
  603. data/spec/integration/provider/service/systemd_spec.rb +0 -25
  604. data/spec/integration/provider/service/windows_spec.rb +0 -50
  605. data/spec/integration/reference/providers_spec.rb +0 -21
  606. data/spec/integration/reports_spec.rb +0 -13
  607. data/spec/integration/ssl/certificate_request_spec.rb +0 -44
  608. data/spec/integration/ssl/host_spec.rb +0 -72
  609. data/spec/integration/ssl/key_spec.rb +0 -99
  610. data/spec/integration/test/test_helper_spec.rb +0 -31
  611. data/spec/shared_behaviours/file_serving_model.rb +0 -51
  612. data/spec/unit/capability_spec.rb +0 -414
  613. data/spec/unit/face/catalog_spec.rb +0 -6
  614. data/spec/unit/face/key_spec.rb +0 -9
  615. data/spec/unit/face/man_spec.rb +0 -25
  616. data/spec/unit/face/module/search_spec.rb +0 -231
  617. data/spec/unit/face/module_spec.rb +0 -3
  618. data/spec/unit/face/status_spec.rb +0 -9
  619. data/spec/unit/indirector/certificate/file_spec.rb +0 -14
  620. data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
  621. data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
  622. data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
  623. data/spec/unit/indirector/key/file_spec.rb +0 -79
  624. data/spec/unit/indirector/ssl_file_spec.rb +0 -305
  625. data/spec/unit/indirector/status/local_spec.rb +0 -10
  626. data/spec/unit/indirector/status/rest_spec.rb +0 -50
  627. data/spec/unit/man_spec.rb +0 -31
  628. data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
  629. data/spec/unit/network/auth_config_parser_spec.rb +0 -115
  630. data/spec/unit/network/authstore_spec.rb +0 -422
  631. data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
  632. data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
  633. data/spec/unit/network/http/compression_spec.rb +0 -240
  634. data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
  635. data/spec/unit/network/http_spec.rb +0 -9
  636. data/spec/unit/network/rights_spec.rb +0 -439
  637. data/spec/unit/parser/environment_compiler_spec.rb +0 -723
  638. data/spec/unit/pops/types/enumeration_spec.rb +0 -51
  639. data/spec/unit/resource/capability_finder_spec.rb +0 -143
  640. data/spec/unit/rest/route_spec.rb +0 -132
  641. data/spec/unit/ssl/host_spec.rb +0 -650
  642. data/spec/unit/ssl/key_spec.rb +0 -173
  643. data/spec/unit/ssl/validator_spec.rb +0 -278
  644. data/spec/unit/status_spec.rb +0 -45
  645. data/spec/unit/util/ssl_spec.rb +0 -91
@@ -1,283 +0,0 @@
1
- # standard module for determining whether a given hostname or IP has access to
2
- # the requested resource
3
-
4
- require 'ipaddr'
5
- require 'puppet/util/logging'
6
-
7
- module Puppet
8
- class AuthStoreError < Puppet::Error; end
9
- class AuthorizationError < Puppet::Error; end
10
-
11
- class Network::AuthStore
12
- include Puppet::Util::Logging
13
-
14
- # Is a given combination of name and ip address allowed? If either input
15
- # is non-nil, then both inputs must be provided. If neither input
16
- # is provided, then the authstore is considered local and defaults to "true".
17
- def allowed?(name, ip)
18
- if name or ip
19
- # This is probably unnecessary, and can cause some weirdness in
20
- # cases where we're operating over localhost but don't have a real
21
- # IP defined.
22
- raise Puppet::DevError, _("Name and IP must be passed to 'allowed?'") unless name and ip
23
- # else, we're networked and such
24
- else
25
- # we're local
26
- return true
27
- end
28
-
29
- # yay insecure overrides
30
- return true if globalallow?
31
-
32
- decl = declarations.find { |d| d.match?(name, ip) }
33
- if decl
34
- return decl.result
35
- end
36
-
37
- info _("defaulting to no access for %{name}") % { name: name }
38
- false
39
- end
40
-
41
- # Mark a given pattern as allowed.
42
- def allow(pattern)
43
- # a simple way to allow anyone at all to connect
44
- if pattern == "*"
45
- @globalallow = true
46
- else
47
- store(:allow, pattern)
48
- end
49
-
50
- nil
51
- end
52
-
53
- def allow_ip(pattern)
54
- store(:allow_ip, pattern)
55
- end
56
-
57
- # Deny a given pattern.
58
- def deny(pattern)
59
- store(:deny, pattern)
60
- end
61
-
62
- def deny_ip(pattern)
63
- store(:deny_ip, pattern)
64
- end
65
-
66
- # Is global allow enabled?
67
- def globalallow?
68
- @globalallow
69
- end
70
-
71
- # does this auth store has any rules?
72
- def empty?
73
- @globalallow.nil? && @declarations.size == 0
74
- end
75
-
76
- def initialize
77
- @globalallow = nil
78
- @declarations = []
79
- end
80
-
81
- def to_s
82
- "authstore"
83
- end
84
-
85
- def interpolate(match)
86
- @modified_declarations = @declarations.collect { |ace| ace.interpolate(match) }.sort
87
- end
88
-
89
- def reset_interpolation
90
- @modified_declarations = nil
91
- end
92
-
93
- private
94
-
95
- # Returns our ACEs list, but if we have a modification of it, let's return
96
- # it. This is used if we want to override the this purely immutable list
97
- # by a modified version.
98
- def declarations
99
- @modified_declarations || @declarations
100
- end
101
-
102
- # Store the results of a pattern into our hash. Basically just
103
- # converts the pattern and sticks it into the hash.
104
- def store(type, pattern)
105
- @declarations << Declaration.new(type, pattern)
106
- @declarations.sort!
107
-
108
- nil
109
- end
110
-
111
- # A single declaration. Stores the info for a given declaration,
112
- # provides the methods for determining whether a declaration matches,
113
- # and handles sorting the declarations appropriately.
114
- class Declaration
115
- include Puppet::Util
116
- include Comparable
117
-
118
- # The type of declaration: either :allow or :deny
119
- attr_reader :type
120
- VALID_TYPES = [ :allow, :deny, :allow_ip, :deny_ip ]
121
-
122
- attr_accessor :name
123
-
124
- # The pattern we're matching against. Can be an IPAddr instance,
125
- # or an array of strings, resulting from reversing a hostname
126
- # or domain name.
127
- attr_reader :pattern
128
-
129
- # The length. Only used for iprange and domain.
130
- attr_accessor :length
131
-
132
- # Sort the declarations most specific first.
133
- def <=>(other)
134
- compare(exact?, other.exact?) ||
135
- compare(ip?, other.ip?) ||
136
- ((length != other.length) && (other.length <=> length)) ||
137
- compare(deny?, other.deny?) ||
138
- ( ip? ? pattern.to_s <=> other.pattern.to_s : pattern <=> other.pattern)
139
- end
140
-
141
- def deny?
142
- type == :deny
143
- end
144
-
145
- def exact?
146
- @exact == :exact
147
- end
148
-
149
- def initialize(type, pattern)
150
- self.type = type
151
- self.pattern = pattern
152
- end
153
-
154
- # Are we an IP type?
155
- def ip?
156
- name == :ip
157
- end
158
-
159
- # Does this declaration match the name/ip combo?
160
- def match?(name, ip)
161
- if ip?
162
- pattern.include?(IPAddr.new(ip))
163
- else
164
- matchname?(name)
165
- end
166
- end
167
-
168
- # Set the pattern appropriately. Also sets the name and length.
169
- def pattern=(pattern)
170
- if [:allow_ip, :deny_ip].include?(self.type)
171
- parse_ip(pattern)
172
- else
173
- parse(pattern)
174
- end
175
- @orig = pattern
176
- end
177
-
178
- # Mapping a type of statement into a return value.
179
- def result
180
- [:allow, :allow_ip].include?(type)
181
- end
182
-
183
- def to_s
184
- "#{type}: #{pattern}"
185
- end
186
-
187
- # Set the declaration type. Either :allow or :deny.
188
- def type=(type)
189
- type = type.intern
190
- raise ArgumentError, _("Invalid declaration type %{type}") % { type: type } unless VALID_TYPES.include?(type)
191
- @type = type
192
- end
193
-
194
- # interpolate a pattern to replace any
195
- # backreferences by the given match
196
- # for instance if our pattern is $1.reductivelabs.com
197
- # and we're called with a MatchData whose capture 1 is puppet
198
- # we'll return a pattern of puppet.reductivelabs.com
199
- def interpolate(match)
200
- clone = dup
201
- if @name == :dynamic
202
- clone.pattern = clone.pattern.reverse.collect do |p|
203
- p.gsub(/\$(\d)/) { |m| match[$1.to_i] }
204
- end.join(".")
205
- end
206
- clone
207
- end
208
-
209
- private
210
-
211
- # Returns nil if both values are true or both are false, returns
212
- # -1 if the first is true, and 1 if the second is true. Used
213
- # in the <=> operator.
214
- def compare(me, them)
215
- (me and them) ? nil : me ? -1 : them ? 1 : nil
216
- end
217
-
218
- # Does the name match our pattern?
219
- def matchname?(name)
220
- case @name
221
- when :domain, :dynamic, :opaque
222
- name = munge_name(name)
223
- (pattern == name) or (not exact? and pattern.zip(name).all? { |p,n| p == n })
224
- when :regex
225
- Regexp.new(pattern.slice(1..-2)).match(name)
226
- end
227
- end
228
-
229
- # Convert the name to a common pattern.
230
- def munge_name(name)
231
- # Change to name.downcase.split(".",-1).reverse for FQDN support
232
- name.downcase.split(".").reverse
233
- end
234
-
235
- # Parse our input pattern and figure out what kind of allowable
236
- # statement it is. The output of this is used for later matching.
237
- Octet = '(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])'
238
- IPv4 = "#{Octet}\.#{Octet}\.#{Octet}\.#{Octet}"
239
- IPv6_full = "_:_:_:_:_:_:_:_|_:_:_:_:_:_::_?|_:_:_:_:_::((_:)?_)?|_:_:_:_::((_:){0,2}_)?|_:_:_::((_:){0,3}_)?|_:_::((_:){0,4}_)?|_::((_:){0,5}_)?|::((_:){0,6}_)?"
240
- IPv6_partial = "_:_:_:_:_:_:|_:_:_:_::(_:)?|_:_::(_:){0,2}|_::(_:){0,3}"
241
- # It should be:
242
- # IP = "#{IPv4}|#{IPv6_full}|(#{IPv6_partial}#{IPv4})".gsub(/_/,'([0-9a-fA-F]{1,4})').gsub(/\(/,'(?:')
243
- # but ruby's ipaddr lib doesn't support the hybrid format
244
- IP = "#{IPv4}|#{IPv6_full}".gsub(/_/,'([0-9a-fA-F]{1,4})').gsub(/\(/,'(?:')
245
-
246
- def parse_ip(value)
247
- @name = :ip
248
- @exact, @length, @pattern = *case value
249
- when /^(?:#{IP})\/(\d+)$/ # 12.34.56.78/24, a001:b002::efff/120, c444:1000:2000::9:192.168.0.1/112
250
- [:inexact, $1.to_i, IPAddr.new(value)]
251
- when /^(#{IP})$/ # 10.20.30.40,
252
- [:exact, nil, IPAddr.new(value)]
253
- when /^(#{Octet}\.){1,3}\*$/ # an ip address with a '*' at the end
254
- segments = value.split(".")[0..-2]
255
- bits = 8*segments.length
256
- [:inexact, bits, IPAddr.new((segments+[0,0,0])[0,4].join(".") + "/#{bits}")]
257
- else
258
- raise AuthStoreError, _("Invalid IP pattern %{value}") % { value: value }
259
- end
260
- end
261
-
262
- def parse(value)
263
- @name,@exact,@length,@pattern = *case value
264
- when /^(\w[-\w]*\.)+[-\w]+$/ # a full hostname
265
- # Change to /^(\w[-\w]*\.)+[-\w]+\.?$/ for FQDN support
266
- [:domain,:exact,nil,munge_name(value)]
267
- when /^\*(\.(\w[-\w]*)){1,}$/ # *.domain.com
268
- host_sans_star = munge_name(value)[0..-2]
269
- [:domain,:inexact,host_sans_star.length,host_sans_star]
270
- when /\$\d+/ # a backreference pattern ala $1.reductivelabs.com or 192.168.0.$1 or $1.$2
271
- [:dynamic,:exact,nil,munge_name(value)]
272
- when /^\w[-.@\w]*$/ # ? Just like a host name but allow '@'s and ending '.'s
273
- [:opaque,:exact,nil,[value]]
274
- when /^\/.*\/$/ # a regular expression
275
- [:regex,:inexact,nil,value]
276
- else
277
- raise AuthStoreError, "Invalid pattern #{value}"
278
- end
279
- end
280
- end
281
- end
282
- end
283
-
@@ -1,18 +0,0 @@
1
- require 'puppet/network/authorization'
2
-
3
- class Puppet::Network::HTTP::API::Master::V3::Authorization
4
- include Puppet::Network::Authorization
5
-
6
- def wrap(&block)
7
- lambda do |request, response|
8
- begin
9
- authconfig.check_authorization(:find, request.path, request.params)
10
- rescue Puppet::Network::AuthorizationError => e
11
- raise Puppet::Network::HTTP::Error::HTTPNotAuthorizedError.new(e.message, Puppet::Network::HTTP::Issues::FAILED_AUTHORIZATION)
12
- end
13
-
14
- block.call.call(request, response)
15
- end
16
- end
17
-
18
- end
@@ -1,85 +0,0 @@
1
- require 'puppet/util/json'
2
- require 'puppet/parser/environment_compiler'
3
-
4
- class Puppet::Network::HTTP::API::Master::V3::Environment
5
- def call(request, response)
6
- env_name = request.routing_path.split('/').last
7
- env = Puppet.lookup(:environments).get(env_name)
8
- code_id = request.params[:code_id]
9
-
10
- if env.nil?
11
- raise Puppet::Network::HTTP::Error::HTTPNotFoundError.new(_("%{env_name} is not a known environment") % { env_name: env_name }, Puppet::Network::HTTP::Issues::RESOURCE_NOT_FOUND)
12
- end
13
-
14
- catalog = Puppet::Parser::EnvironmentCompiler.compile(env, code_id).to_resource
15
-
16
- env_graph = build_environment_graph(catalog)
17
-
18
- response.respond_with(200, "application/json", Puppet::Util::Json.dump(env_graph))
19
- end
20
-
21
- def build_environment_graph(catalog)
22
- # This reads catalog and code_id off the catalog rather than using the one
23
- # from the request. There shouldn't really be a case where the two differ,
24
- # but if they do, the one from the catalog itself is authoritative.
25
- env_graph = {:environment => catalog.environment, :applications => {}, :code_id => catalog.code_id}
26
- applications = catalog.resources.select do |res|
27
- type = res.resource_type
28
- type.is_a?(Puppet::Resource::Type) && type.application?
29
- end
30
- applications.each do |app|
31
- file, line = app.file, app.line
32
- nodes = app['nodes']
33
-
34
- required_components = catalog.direct_dependents_of(app).map {|comp| comp.ref}
35
- mapped_components = nodes.values.flatten.map {|comp| comp.ref}
36
-
37
- nonexistent_components = mapped_components - required_components
38
- if nonexistent_components.any?
39
- raise Puppet::ParseError.new(
40
- _("Application %{application} assigns nodes to non-existent components: %{component_list}") %
41
- { application: app, component_list: nonexistent_components.join(', ') }, file, line)
42
- end
43
-
44
- missing_components = required_components - mapped_components
45
- if missing_components.any?
46
- raise Puppet::ParseError.new(_("Application %{application} has components without assigned nodes: %{component_list}") %
47
- { application: app, component_list: missing_components.join(', ') }, file, line)
48
- end
49
-
50
- # Turn the 'nodes' hash into a map component ref => node name
51
- node_mapping = {}
52
- nodes.each do |node, comps|
53
- comps = [comps] unless comps.is_a?(Array)
54
- comps.each do |comp|
55
- raise Puppet::ParseError.new(_("Application %{app} assigns multiple nodes to component %{comp}") % { app: app, comp: comp }, file, line) if node_mapping.include?(comp.ref)
56
- node_mapping[comp.ref] = node.title
57
- end
58
- end
59
-
60
- app_components = {}
61
- catalog.direct_dependents_of(app).each do |comp|
62
- app_components[comp.ref] = {
63
- :produces => comp.export.map(&:ref),
64
- :consumes => prerequisites(comp).map(&:ref),
65
- :node => node_mapping[comp.ref]
66
- }
67
- end
68
- env_graph[:applications][app.ref] = app_components
69
- end
70
-
71
- env_graph
72
- end
73
-
74
- private
75
-
76
- # Finds all the prerequisites of component +comp+. They are all the
77
- # capability resources that +comp+ depends on; this includes resources
78
- # that +comp+ consumes but also resources it merely requires
79
- def prerequisites(comp)
80
- params = Puppet::Type.relationship_params.select { |p| p.direction == :in }.map(&:name)
81
- params.map { |rel| comp[rel] }.flatten.compact.select do |rel|
82
- rel.resource_type && rel.resource_type.is_capability?
83
- end
84
- end
85
- end
@@ -1,36 +0,0 @@
1
- # Base pool for HTTP connections.
2
- #
3
- # @api private
4
- class Puppet::Network::HTTP::BasePool
5
- def start(site, verifier, http)
6
- Puppet.debug("Starting connection for #{site}")
7
- if site.use_ssl?
8
- verifier.setup_connection(http)
9
- begin
10
- http.start
11
- print_ssl_info(http) if Puppet::Util::Log.sendlevel?(:debug)
12
- rescue OpenSSL::SSL::SSLError => error
13
- verifier.handle_connection_error(http, error)
14
- end
15
- else
16
- http.start
17
- end
18
- end
19
-
20
- private
21
-
22
- def print_ssl_info(http)
23
- buffered_io = http.instance_variable_get(:@socket)
24
- return unless buffered_io
25
-
26
- socket = buffered_io.io
27
- return unless socket
28
-
29
- cipher = if Puppet::Util::Platform.jruby?
30
- socket.cipher
31
- else
32
- socket.cipher.first
33
- end
34
- Puppet.debug("Using #{socket.ssl_version} with cipher #{cipher}")
35
- end
36
- end
@@ -1,127 +0,0 @@
1
- require 'puppet/network/http'
2
-
3
- module Puppet::Network::HTTP::Compression
4
- # from https://github.com/ruby/ruby/blob/v2_1_3/lib/net/http/generic_request.rb#L40
5
- ACCEPT_ENCODING = "gzip;q=1.0,deflate;q=0.6,identity;q=0.3"
6
-
7
- # this module function allows to use the right underlying
8
- # methods depending on zlib presence
9
- def module
10
- return(Puppet.features.zlib? ? Active : None)
11
- end
12
- module_function :module
13
-
14
- module Active
15
- require 'zlib'
16
- require 'stringio'
17
-
18
- # return an uncompressed body if the response has been
19
- # compressed
20
- def uncompress_body(response)
21
- case response['content-encoding']
22
- when 'gzip'
23
- Puppet.deprecation_warning(_('Puppet::Network::HTTP::Compression::Active#uncompress_body is deprecated.'))
24
- # ZLib::GzipReader has an associated encoding, by default Encoding.default_external
25
- return Zlib::GzipReader.new(StringIO.new(response.body), :encoding => Encoding::BINARY).read
26
- when 'deflate'
27
- Puppet.deprecation_warning(_('Puppet::Network::HTTP::Compression::Active#uncompress_body is deprecated.'))
28
- return Zlib::Inflate.new.inflate(response.body)
29
- when nil, 'identity'
30
- return response.body
31
- else
32
- raise Net::HTTPError.new(_("Unknown content encoding - %{encoding}") % { encoding: response['content-encoding'] }, response)
33
- end
34
- end
35
-
36
- def uncompress(response)
37
- Puppet.deprecation_warning(_('Puppet::Network::HTTP::Compression::Active#uncompress is deprecated.'))
38
- raise Net::HTTPError.new("No block passed", response) unless block_given?
39
-
40
- case response['content-encoding']
41
- when 'gzip','deflate'
42
- uncompressor = ZlibAdapter.new
43
- when nil, 'identity'
44
- uncompressor = IdentityAdapter.new
45
- else
46
- raise Net::HTTPError.new(_("Unknown content encoding - %{encoding}") % { encoding: response['content-encoding'] }, response)
47
- end
48
-
49
- begin
50
- yield uncompressor
51
- ensure
52
- uncompressor.close
53
- end
54
- end
55
-
56
- def add_accept_encoding(headers={})
57
- headers['accept-encoding'] = Puppet::Network::HTTP::Compression::ACCEPT_ENCODING
58
- headers
59
- end
60
-
61
- # This adapters knows how to uncompress both 'zlib' stream (the deflate algorithm from Content-Encoding)
62
- # and GZip streams.
63
- class ZlibAdapter
64
- def initialize(uncompressor = Zlib::Inflate.new(15 + 32))
65
- # Create an inflater that knows to parse GZip streams and zlib streams.
66
- # This uses a property of the C Zlib library, documented as follow:
67
- # windowBits can also be greater than 15 for optional gzip decoding. Add
68
- # 32 to windowBits to enable zlib and gzip decoding with automatic header
69
- # detection, or add 16 to decode only the gzip format (the zlib format will
70
- # return a Z_DATA_ERROR). If a gzip stream is being decoded, strm->adler is
71
- # a crc32 instead of an adler32.
72
- @uncompressor = uncompressor
73
- @first = true
74
- end
75
-
76
- def uncompress(chunk)
77
- Puppet.deprecation_warning(_('Puppet::Network::HTTP::Compression::ZlibAdapter#uncompress is deprecated.'))
78
- out = @uncompressor.inflate(chunk)
79
- @first = false
80
- return out
81
- rescue Zlib::DataError
82
- # it can happen that we receive a raw deflate stream
83
- # which might make our inflate throw a data error.
84
- # in this case, we try with a verbatim (no header)
85
- # deflater.
86
- @uncompressor = Zlib::Inflate.new
87
- if @first then
88
- @first = false
89
- retry
90
- end
91
- raise
92
- end
93
-
94
- def close
95
- @uncompressor.finish
96
- ensure
97
- @uncompressor.close
98
- end
99
- end
100
- end
101
-
102
- module None
103
- def uncompress_body(response)
104
- Puppet.deprecation_warning(_('Puppet::Network::HTTP::Compression::None#uncompress_body is deprecated.'))
105
- response.body
106
- end
107
-
108
- def add_accept_encoding(headers)
109
- headers
110
- end
111
-
112
- def uncompress(response)
113
- Puppet.deprecation_warning(_('Puppet::Network::HTTP::Compression::None#uncompress is deprecated.'))
114
- yield IdentityAdapter.new
115
- end
116
- end
117
-
118
- class IdentityAdapter
119
- def uncompress(chunk)
120
- Puppet.deprecation_warning(_('Puppet::Network::HTTP::Compression::IdentityAdapter#uncompress is deprecated.'))
121
- chunk
122
- end
123
-
124
- def close
125
- end
126
- end
127
- end