puppet 6.16.0-x86-mingw32 → 6.17.0-x86-mingw32

data/lib/puppet/util.rb

@@ -26,21 +26,20 @@ module Util
 
   extend Puppet::Util::SymbolicFileMode
 
-  def default_env
-    Puppet::Util::Platform.windows? ?
-      :windows :
-      :posix
-  end
-  module_function :default_env
+  DEFAULT_ENV = if Puppet::Util::Platform.windows?
+                  :windows
+                else
+                  :posix
+                end.freeze
 
   # @param name [String] The name of the environment variable to retrieve
   # @param mode [Symbol] Which operating system mode to use e.g. :posix or :windows.  Use nil to autodetect
   # @return [String] Value of the specified environment variable.  nil if it does not exist
   # @api private
-  def get_env(name, mode = default_env)
+  def get_env(name, mode = DEFAULT_ENV)
     if mode == :windows
-      Puppet::Util::Windows::Process.get_environment_strings.each do |key, value |
-        if name.casecmp(key) == 0 then
+      Puppet::Util::Windows::Process.get_environment_strings.find do |key, value|
+        if name.casecmp(key) == 0
           return value
         end
       end
@@ -54,7 +53,7 @@ module Util
   # @param mode [Symbol] Which operating system mode to use e.g. :posix or :windows.  Use nil to autodetect
   # @return [Hash] A hashtable of all environment variables
   # @api private
-  def get_environment(mode = default_env)
+  def get_environment(mode = DEFAULT_ENV)
     case mode
       when :posix
         ENV.to_hash
@@ -69,7 +68,7 @@ module Util
   # Removes all environment variables
   # @param mode [Symbol] Which operating system mode to use e.g. :posix or :windows.  Use nil to autodetect
   # @api private
-  def clear_environment(mode = default_env)
+  def clear_environment(mode = DEFAULT_ENV)
     case mode
       when :posix
         ENV.clear
@@ -87,7 +86,7 @@ module Util
   # @param value [String] The value to set the variable to.  nil deletes the environment variable
   # @param mode [Symbol] Which operating system mode to use e.g. :posix or :windows.  Use nil to autodetect
   # @api private
-  def set_env(name, value = nil, mode = default_env)
+  def set_env(name, value = nil, mode = DEFAULT_ENV)
     case mode
       when :posix
         ENV[name] = value
@@ -102,7 +101,7 @@ module Util
   # @param name [Hash] Environment variables to merge into the existing environment.  nil values will remove the variable
   # @param mode [Symbol] Which operating system mode to use e.g. :posix or :windows.  Use nil to autodetect
   # @api private
-  def merge_environment(env_hash, mode = default_env)
+  def merge_environment(env_hash, mode = DEFAULT_ENV)
     case mode
       when :posix
         env_hash.each { |name, val| ENV[name.to_s] = val }
@@ -296,6 +295,11 @@ module Util
   AbsolutePathWindows = %r!^(?:(?:[A-Z]:#{slash})|(?:#{slash}#{slash}#{label}#{slash}#{label})|(?:#{slash}#{slash}\?#{slash}#{label}))!io
   AbsolutePathPosix   = %r!^/!
   def absolute_path?(path, platform=nil)
+    unless path.is_a?(String)
+      Puppet.warning("Cannot check if #{path} is an absolute path because it is a '#{path.class}' and not a String'")
+      return false
+    end
+
     # Ruby only sets File::ALT_SEPARATOR on Windows and the Ruby standard
     # library uses that to test what platform it's on.  Normally in Puppet we
     # would use Puppet.features.microsoft_windows?, but this method needs to
@@ -356,7 +360,7 @@ module Util
 
     # CGI.unescape doesn't handle space rules properly in uri paths
     # URI.unescape does, but returns strings in their original encoding
-    path = URI.unescape(uri.path.encode(Encoding::UTF_8))
+    path = uri_unescape(uri.path.encode(Encoding::UTF_8))
 
     if Puppet::Util::Platform.windows? && uri.scheme == 'file'
       if uri.host && !uri.host.empty?
@@ -460,7 +464,18 @@ module Util
     # + should be left unencoded
     # URI::parse and URI::Generic.build don't like paths encoded with CGI.escape
     # URI.escape does not change / to %2F and : to %3A like CGI.escape
-    encoded += URI.escape(parts[:path]) unless parts[:path].nil?
+    #
+    # URI.escape is obsolete in Ruby 2.7. Ignore this error until we're able to
+    # switch to a different escape mechanism. If this is JRuby, we can't mask
+    # the error message, because this isn't thread safe. JRuby shouldn't be
+    # using Ruby 2.7 or raising the warning anyway.
+    orig_verbose = $VERBOSE
+    $VERBOSE = nil unless Puppet::Util::Platform.jruby?
+    begin
+      encoded += URI.escape(parts[:path]) unless parts[:path].nil?
+    ensure
+      $VERBOSE = orig_verbose unless Puppet::Util::Platform.jruby?
+    end
 
     # each query parameter
     if !parts[:query].nil?
@@ -479,6 +494,15 @@ module Util
   end
   module_function :uri_encode
 
+  def uri_unescape(path)
+    orig_verbose = $VERBOSE
+    $VERBOSE = nil unless Puppet::Util::Platform.jruby?
+    return URI.unescape(path)
+  ensure
+    $VERBOSE = orig_verbose unless Puppet::Util::Platform.jruby?
+  end
+  module_function :uri_unescape
+
   def safe_posix_fork(stdin=$stdin, stdout=$stdout, stderr=$stderr, &block)
     child_pid = Kernel.fork do
       STDIN.reopen(stdin)

data/lib/puppet/util/checksums.rb

@@ -7,11 +7,26 @@ require 'time'
 module Puppet::Util::Checksums
   module_function
 
+  KNOWN_CHECKSUMS = [
+    :sha256, :sha256lite,
+    :md5, :md5lite,
+    :sha1, :sha1lite,
+    :sha512,
+    :sha384,
+    :sha224,
+    :mtime, :ctime, :none
+  ].freeze
+
   # It's not a good idea to use some of these in some contexts: for example, I
   # wouldn't try bucketing a file using the :none checksum type.
   def known_checksum_types
-    [:sha256, :sha256lite, :md5, :md5lite, :sha1, :sha1lite, :sha512, :sha384, :sha224, 
-      :mtime, :ctime, :none]
+    KNOWN_CHECKSUMS
+  end
+
+  def valid_checksum?(type, value)
+    !!send("#{type}?", value)
+  rescue NoMethodError
+    false
   end
 
   class FakeChecksum
@@ -223,7 +238,7 @@ module Puppet::Util::Checksums
 
   # Return the :mtime timestamp of a file.
   def mtime_file(filename)
-    Puppet::FileSystem.stat(filename).send(:mtime)
+    Puppet::FileSystem.stat(filename).mtime
   end
 
   # by definition this doesn't exist
@@ -293,7 +308,7 @@ module Puppet::Util::Checksums
 
   # Return the :ctime of a file.
   def ctime_file(filename)
-    Puppet::FileSystem.stat(filename).send(:ctime)
+    Puppet::FileSystem.stat(filename).ctime
   end
 
   def ctime_stream(&block)

data/lib/puppet/util/fileparsing.rb

@@ -300,7 +300,7 @@ module Puppet::Util::FileParsing
   def record_line(name, options, &block)
     raise ArgumentError, _("Must include a list of fields") unless options.include?(:fields)
 
-    record = FileRecord.new(:record, options, &block)
+    record = FileRecord.new(:record, **options, &block)
     record.name = name.intern
 
     new_line_type(record)
@@ -315,7 +315,7 @@ module Puppet::Util::FileParsing
   def text_line(name, options, &block)
     raise ArgumentError, _("You must provide a :match regex for text lines") unless options.include?(:match)
 
-    record = FileRecord.new(:text, options, &block)
+    record = FileRecord.new(:text, **options, &block)
     record.name = name.intern
 
     new_line_type(record)

data/lib/puppet/util/provider_features.rb

@@ -62,7 +62,7 @@ module Puppet::Util::ProviderFeatures
     @features ||= {}
     raise Puppet::DevError, _("Feature %{name} is already defined") % { name: name } if @features.include?(name)
     begin
-      obj = ProviderFeature.new(name, docs, hash)
+      obj = ProviderFeature.new(name, docs, **hash)
       @features[obj.name] = obj
     rescue ArgumentError => detail
       error = ArgumentError.new(

data/lib/puppet/util/reference.rb

@@ -15,7 +15,7 @@ class Puppet::Util::Reference
   end
 
   def self.newreference(name, options = {}, &block)
-    ref = self.new(name, options, &block)
+    ref = self.new(name, **options, &block)
     instance_hash(:reference)[name.intern] = ref
 
     ref

data/lib/puppet/util/windows/api_types.rb

@@ -19,15 +19,11 @@ module Puppet::Util::Windows::APITypes
 
   class ::FFI::Pointer
     NULL_HANDLE = 0
+    WCHAR_NULL = "\0\0".encode('UTF-16LE').freeze
 
     def self.from_string_to_wide_string(str, &block)
       str = Puppet::Util::Windows::String.wide_string(str)
-      FFI::MemoryPointer.new(:byte, str.bytesize) do |ptr|
-        # uchar here is synonymous with byte
-        ptr.put_array_of_uchar(0, str.bytes.to_a)
-
-        yield ptr
-      end
+      FFI::MemoryPointer.from_wide_string(str, &block)
 
       # ptr has already had free called, so nothing to return
       nil
@@ -53,11 +49,17 @@ module Puppet::Util::Windows::APITypes
     alias_method :read_word,  :read_uint16
     alias_method :read_array_of_wchar, :read_array_of_uint16
 
-    def read_wide_string(char_length, dst_encoding = Encoding::UTF_8, encode_options = {})
+    def read_wide_string(char_length, dst_encoding = Encoding::UTF_8, strip = false, encode_options = {})
       # char_length is number of wide chars (typically excluding NULLs), *not* bytes
       str = get_bytes(0, char_length * 2).force_encoding('UTF-16LE')
+
+      if strip
+        i = str.index(WCHAR_NULL)
+        str = str[0, i] if i
+      end
+
       str.encode(dst_encoding, str.encoding, encode_options)
-    rescue Exception => e
+    rescue EncodingError => e
       Puppet.debug "Unable to convert value #{str.nil? ? 'nil' : str.dump} to encoding #{dst_encoding} due to #{e.inspect}"
       raise
     end
@@ -68,32 +70,31 @@ module Puppet::Util::Windows::APITypes
     #   null_terminator = :double_null, then the terminating sequence is four bytes of zero.  This is UNIT32 = 0
     # @param encode_options [Hash] Accepts the same option hash that may be passed to String#encode in Ruby
     def read_arbitrary_wide_string_up_to(max_char_length = 512, null_terminator = :single_null, encode_options = {})
-      if null_terminator != :single_null && null_terminator != :double_null
-        raise _("Unable to read wide strings with %{null_terminator} terminal nulls") % { null_terminator: null_terminator }
-      end
-
-      terminator_width = null_terminator == :single_null ? 1 : 2
-      reader_method = null_terminator == :single_null ? :get_uint16 : :get_uint32
-
-      # Look for a null terminating characters; if found, read up to that null (exclusive)
-      (0...max_char_length - terminator_width).each do |i|
-        return read_wide_string(i, Encoding::UTF_8, encode_options) if send(reader_method, (i * 2)) == 0
-      end
-
-      # String is longer than the max; read just to the max
-      read_wide_string(max_char_length, Encoding::UTF_8, encode_options)
+      idx = case null_terminator
+            when :single_null
+              # find index of wide null between 0 and max (exclusive)
+              (0...max_char_length).find do |i|
+                get_uint16(i * 2) == 0
+              end
+            when :double_null
+              # find index of double-wide null between 0 and max - 1 (exclusive)
+              (0...max_char_length - 1).find do |i|
+                get_uint32(i * 2) == 0
+              end
+            else
+              raise _("Unable to read wide strings with %{null_terminator} terminal nulls") % { null_terminator: null_terminator }
+            end
+
+      read_wide_string(idx || max_char_length, Encoding::UTF_8, false, encode_options)
     end
 
     def read_win32_local_pointer(&block)
-      ptr = nil
+      ptr = read_pointer
       begin
-        ptr = read_pointer
         yield ptr
       ensure
-        if ptr && ! ptr.null?
-          if FFI::WIN32::LocalFree(ptr.address) != FFI::Pointer::NULL_HANDLE
-            Puppet.debug "LocalFree memory leak"
-          end
+        if !ptr.null? && FFI::WIN32::LocalFree(ptr.address) != FFI::Pointer::NULL_HANDLE
+          Puppet.debug "LocalFree memory leak"
         end
       end
 
@@ -102,23 +103,35 @@ module Puppet::Util::Windows::APITypes
     end
 
     def read_com_memory_pointer(&block)
-      ptr = nil
+      ptr = read_pointer
       begin
-        ptr = read_pointer
         yield ptr
       ensure
-        FFI::WIN32::CoTaskMemFree(ptr) if ptr && ! ptr.null?
+        FFI::WIN32::CoTaskMemFree(ptr) unless ptr.null?
       end
 
       # ptr has already had CoTaskMemFree called, so nothing to return
       nil
     end
 
-
     alias_method :write_dword, :write_uint32
     alias_method :write_word, :write_uint16
   end
 
+  class FFI::MemoryPointer
+    # Return a MemoryPointer that points to wide string. This is analogous to the
+    # FFI::MemoryPointer.from_string method.
+    def self.from_wide_string(wstr)
+      ptr = FFI::MemoryPointer.new(:uchar, wstr.bytesize + 2)
+      ptr.put_array_of_uchar(0, wstr.bytes.to_a)
+      ptr.put_uint16(wstr.bytesize, 0)
+
+      yield ptr if block_given?
+
+      ptr
+    end
+  end
+
   # FFI Types
   # https://github.com/ffi/ffi/wiki/Types
 

data/lib/puppet/util/windows/eventlog.rb

@@ -140,12 +140,7 @@ class Puppet::Util::Windows::EventLog
   # @api private
   def from_string_to_wide_string(str, &block)
     str = wide_string(str)
-    FFI::MemoryPointer.new(:uchar, str.bytesize) do |ptr|
-      # uchar here is synonymous with byte
-      ptr.put_array_of_uchar(0, str.bytes.to_a)
-
-      yield ptr
-    end
+    FFI::MemoryPointer.from_wide_string(str) { |ptr| yield ptr }
 
     # ptr has already had free called, so nothing to return
     nil

data/lib/puppet/util/windows/principal.rb

@@ -41,6 +41,7 @@ module Puppet::Util::Windows::SID
     # = 8 + max sub identifiers (15) * 4
     MAXIMUM_SID_BYTE_LENGTH = 68
 
+    ERROR_INVALID_PARAMETER   = 87
     ERROR_INSUFFICIENT_BUFFER = 122
 
     def self.lookup_account_name(system_name = nil, account_name)
@@ -48,9 +49,7 @@ module Puppet::Util::Windows::SID
       begin
         if system_name
           system_name_wide = Puppet::Util::Windows::String.wide_string(system_name)
-          # uchar here is synonymous with byte
-          system_name_ptr = FFI::MemoryPointer.new(:byte, system_name_wide.bytesize)
-          system_name_ptr.put_array_of_uchar(0, system_name_wide.bytes.to_a)
+          system_name_ptr = FFI::MemoryPointer.from_wide_string(system_name_wide)
         end
 
         FFI::MemoryPointer.from_string_to_wide_string(account_name) do |account_name_ptr|
@@ -101,9 +100,7 @@ module Puppet::Util::Windows::SID
       begin
         if system_name
           system_name_wide = Puppet::Util::Windows::String.wide_string(system_name)
-          # uchar here is synonymous with byte
-          system_name_ptr = FFI::MemoryPointer.new(:byte, system_name_wide.bytesize)
-          system_name_ptr.put_array_of_uchar(0, system_name_wide.bytes.to_a)
+          system_name_ptr = FFI::MemoryPointer.from_wide_string(system_name_wide)
         end
 
         FFI::MemoryPointer.new(:byte, sid_bytes.length) do |sid_ptr|
@@ -112,6 +109,11 @@ module Puppet::Util::Windows::SID
               FFI::MemoryPointer.new(:uint32, 1) do |name_use_enum_ptr|
 
                 sid_ptr.write_array_of_uchar(sid_bytes)
+
+                if Puppet::Util::Windows::SID.IsValidSid(sid_ptr) == FFI::WIN32_FALSE
+                  raise Puppet::Util::Windows::Error.new(_('Byte array for lookup_account_sid is invalid: %{sid_bytes}') % { sid_bytes: sid_bytes }, ERROR_INVALID_PARAMETER)
+                end
+
                 success = LookupAccountSidW(system_name_ptr, sid_ptr, FFI::Pointer::NULL, name_length_ptr,
                   FFI::Pointer::NULL, domain_length_ptr, name_use_enum_ptr)
                 last_error = FFI.errno

data/lib/puppet/util/windows/registry.rb

@@ -110,13 +110,16 @@ module Puppet::Util::Windows
 
     private
 
-    def reg_enum_key(key, index, max_key_length = Win32::Registry::Constants::MAX_KEY_LENGTH)
+    # max number of wide characters including NULL terminator
+    MAX_KEY_CHAR_LENGTH = 255 + 1
+
+    def reg_enum_key(key, index, max_key_char_length = MAX_KEY_CHAR_LENGTH)
       subkey, filetime = nil, nil
 
       FFI::MemoryPointer.new(:dword) do |subkey_length_ptr|
         FFI::MemoryPointer.new(FFI::WIN32::FILETIME.size) do |filetime_ptr|
-          FFI::MemoryPointer.new(:wchar, max_key_length) do |subkey_ptr|
-            subkey_length_ptr.write_dword(max_key_length)
+          FFI::MemoryPointer.new(:wchar, max_key_char_length) do |subkey_ptr|
+            subkey_length_ptr.write_dword(max_key_char_length)
 
             # RegEnumKeyEx cannot be called twice to properly size the buffer
             result = RegEnumKeyExW(key.hkey, index,
@@ -141,7 +144,10 @@ module Puppet::Util::Windows
       [subkey, filetime]
     end
 
-    def reg_enum_value(key, index, max_value_length = Win32::Registry::Constants::MAX_VALUE_LENGTH)
+    # max number of wide characters including NULL terminator
+    MAX_VALUE_CHAR_LENGTH = 16383 + 1
+
+    def reg_enum_value(key, index, max_value_length = MAX_VALUE_CHAR_LENGTH)
       subkey, type, data = nil, nil, nil
 
       FFI::MemoryPointer.new(:dword) do |subkey_length_ptr|
@@ -234,7 +240,7 @@ module Puppet::Util::Windows
         begin
           case type
             when Win32::Registry::REG_SZ, Win32::Registry::REG_EXPAND_SZ
-              result = [ type, sanitize(data_ptr.read_wide_string(string_length)) ]
+              result = [ type, data_ptr.read_wide_string(string_length, Encoding::UTF_8, true) ]
             when Win32::Registry::REG_MULTI_SZ
               result = [ type, data_ptr.read_wide_string(string_length).split(/\0/) ]
             when Win32::Registry::REG_BINARY
@@ -314,12 +320,6 @@ module Puppet::Util::Windows
       result
     end
 
-    def sanitize(value)
-      # Replace null bytes with a space
-      value.tr!("\x00", ' ')
-      value
-    end
-
     ffi_convention :stdcall
 
     # https://msdn.microsoft.com/en-us/library/windows/desktop/ms724862(v=vs.85).aspx

data/lib/puppet/util/windows/service.rb

@@ -440,43 +440,60 @@ module Puppet::Util::Windows
     end
     module_function :service_start_type
 
-    # Change the startup mode of a windows service
+    # Query the configuration of a service using QueryServiceConfigW
+    # to find its current logon account
     #
-    # @param [String] service_name the name of the service to modify
-    # @param [Integer] startup_type a code corresponding to a start type for
-    #  windows service, see the "Service start type codes" section in the
-    #  Puppet::Util::Windows::Service file for the list of available codes
-    # @param [Bool] delayed whether the service should be started with a delay
-    def set_startup_mode(service_name, startup_type, delayed=false)
-      startup_code = SERVICE_START_TYPES.key(startup_type)
-      if startup_code.nil?
-        raise Puppet::Error.new(_("Unknown start type %{start_type}") % {startup_type: startup_type.to_s})
+    # @return [String] logon_account account currently set for the service's logon
+    #  in the format "DOMAIN\Account" or ".\Account" if it's a local account
+    def logon_account(service_name)
+      open_service(service_name, SC_MANAGER_CONNECT, SERVICE_QUERY_CONFIG) do |service|
+        query_config(service) do |config|
+          return config[:lpServiceStartName].read_arbitrary_wide_string_up_to(Puppet::Util::Windows::ADSI::User::MAX_USERNAME_LENGTH)
+        end
       end
+    end
+    module_function :logon_account
+
+    # Set the startup configuration of a windows service
+    #
+    # @param [String] service_name the name of the service to modify
+    # @param [Hash] options the configuration to be applied. Expected option keys:
+    #   - [Integer] startup_type a code corresponding to a start type for
+    #       windows service, see the "Service start type codes" section in the
+    #       Puppet::Util::Windows::Service file for the list of available codes
+    #   - [String] logon_account the account to be used by the service for logon
+    #   - [String] logon_password the provided logon_account's password to be used by the service for logon
+    #   - [Bool] delayed whether the service should be started with a delay
+    def set_startup_configuration(service_name, options: {})
+      options[:startup_type] = SERVICE_START_TYPES.key(options[:startup_type]) || SERVICE_NO_CHANGE
+      options[:logon_account] = wide_string(options[:logon_account]) || FFI::Pointer::NULL
+      options[:logon_password] = wide_string(options[:logon_password]) || FFI::Pointer::NULL
+
       open_service(service_name, SC_MANAGER_CONNECT, SERVICE_CHANGE_CONFIG) do |service|
-        # Currently the only thing puppet's API can really manage
-        # in this list is dwStartType (the third param). Thus no
-        # generic function was written to make use of all the params
-        # since the API as-is couldn't use them anyway
         success = ChangeServiceConfigW(
           service,
-          SERVICE_NO_CHANGE,  # dwServiceType
-          startup_code,       # dwStartType
-          SERVICE_NO_CHANGE,  # dwErrorControl
-          FFI::Pointer::NULL, # lpBinaryPathName
-          FFI::Pointer::NULL, # lpLoadOrderGroup
-          FFI::Pointer::NULL, # lpdwTagId
-          FFI::Pointer::NULL, # lpDependencies
-          FFI::Pointer::NULL, # lpServiceStartName
-          FFI::Pointer::NULL, # lpPassword
-          FFI::Pointer::NULL  # lpDisplayName
+          SERVICE_NO_CHANGE,        # dwServiceType
+          options[:startup_type],   # dwStartType
+          SERVICE_NO_CHANGE,        # dwErrorControl
+          FFI::Pointer::NULL,       # lpBinaryPathName
+          FFI::Pointer::NULL,       # lpLoadOrderGroup
+          FFI::Pointer::NULL,       # lpdwTagId
+          FFI::Pointer::NULL,       # lpDependencies
+          options[:logon_account],  # lpServiceStartName
+          options[:logon_password], # lpPassword
+          FFI::Pointer::NULL        # lpDisplayName
         )
         if success == FFI::WIN32_FALSE
           raise Puppet::Util::Windows::Error.new(_("Failed to update service configuration"))
         end
       end
-      set_startup_mode_delayed(service_name, delayed)
+
+      if options[:startup_type]
+        options[:delayed] ||= false
+        set_startup_mode_delayed(service_name, options[:delayed])
+      end
     end
-    module_function :set_startup_mode
+    module_function :set_startup_configuration
 
     # enumerate over all services in all states and return them as a hash
     #