puppet 6.19.1-x64-mingw32 → 7.0.0-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (440) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +1 -1
  3. data/Gemfile.lock +19 -20
  4. data/README.md +1 -1
  5. data/conf/fileserver.conf +5 -10
  6. data/ext/build_defaults.yaml +1 -1
  7. data/ext/osx/file_mapping.yaml +0 -5
  8. data/ext/project_data.yaml +1 -14
  9. data/ext/redhat/puppet.spec.erb +0 -1
  10. data/ext/windows/service/daemon.rb +6 -5
  11. data/install.rb +21 -17
  12. data/lib/puppet.rb +11 -20
  13. data/lib/puppet/application.rb +172 -98
  14. data/lib/puppet/application/device.rb +100 -104
  15. data/lib/puppet/application/filebucket.rb +15 -11
  16. data/lib/puppet/application/ssl.rb +1 -1
  17. data/lib/puppet/configurer.rb +28 -33
  18. data/lib/puppet/configurer/plugin_handler.rb +21 -19
  19. data/lib/puppet/defaults.rb +95 -159
  20. data/lib/puppet/environments.rb +10 -25
  21. data/lib/puppet/face/config.rb +10 -0
  22. data/lib/puppet/face/epp.rb +12 -2
  23. data/lib/puppet/face/facts.rb +66 -6
  24. data/lib/puppet/face/help.rb +1 -1
  25. data/lib/puppet/face/plugin.rb +5 -8
  26. data/lib/puppet/ffi/windows.rb +12 -0
  27. data/lib/puppet/ffi/windows/api_types.rb +311 -0
  28. data/lib/puppet/ffi/windows/constants.rb +404 -0
  29. data/lib/puppet/ffi/windows/functions.rb +628 -0
  30. data/lib/puppet/ffi/windows/structs.rb +338 -0
  31. data/lib/puppet/file_serving/configuration.rb +0 -5
  32. data/lib/puppet/file_serving/configuration/parser.rb +3 -32
  33. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  34. data/lib/puppet/file_serving/mount.rb +1 -2
  35. data/lib/puppet/forge/repository.rb +0 -1
  36. data/lib/puppet/functions/epp.rb +1 -0
  37. data/lib/puppet/functions/inline_epp.rb +1 -0
  38. data/lib/puppet/generate/models/type/type.rb +4 -1
  39. data/lib/puppet/http.rb +22 -13
  40. data/lib/puppet/http/client.rb +164 -114
  41. data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
  42. data/lib/puppet/http/errors.rb +16 -0
  43. data/lib/puppet/http/external_client.rb +5 -7
  44. data/lib/puppet/{network/http → http}/factory.rb +8 -11
  45. data/lib/puppet/{network/http → http}/pool.rb +61 -26
  46. data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
  47. data/lib/puppet/http/proxy.rb +137 -0
  48. data/lib/puppet/http/redirector.rb +4 -12
  49. data/lib/puppet/http/resolver.rb +5 -15
  50. data/lib/puppet/http/resolver/server_list.rb +6 -10
  51. data/lib/puppet/http/resolver/settings.rb +4 -7
  52. data/lib/puppet/http/resolver/srv.rb +7 -11
  53. data/lib/puppet/http/response.rb +36 -54
  54. data/lib/puppet/http/response_converter.rb +24 -0
  55. data/lib/puppet/http/response_net_http.rb +42 -0
  56. data/lib/puppet/http/retry_after_handler.rb +4 -13
  57. data/lib/puppet/http/service.rb +12 -26
  58. data/lib/puppet/http/service/ca.rb +11 -22
  59. data/lib/puppet/http/service/compiler.rb +22 -69
  60. data/lib/puppet/http/service/file_server.rb +18 -27
  61. data/lib/puppet/http/service/puppetserver.rb +26 -12
  62. data/lib/puppet/http/service/report.rb +8 -10
  63. data/lib/puppet/http/session.rb +11 -20
  64. data/lib/puppet/{network/http → http}/site.rb +1 -2
  65. data/lib/puppet/indirector/catalog/rest.rb +2 -4
  66. data/lib/puppet/indirector/fact_search.rb +60 -0
  67. data/lib/puppet/indirector/facts/facter.rb +24 -3
  68. data/lib/puppet/indirector/facts/json.rb +27 -0
  69. data/lib/puppet/indirector/facts/rest.rb +3 -22
  70. data/lib/puppet/indirector/facts/yaml.rb +3 -58
  71. data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
  72. data/lib/puppet/indirector/file_content/rest.rb +2 -6
  73. data/lib/puppet/indirector/file_metadata/rest.rb +3 -9
  74. data/lib/puppet/indirector/file_server.rb +1 -8
  75. data/lib/puppet/indirector/generic_http.rb +0 -11
  76. data/lib/puppet/indirector/json.rb +5 -1
  77. data/lib/puppet/indirector/node/json.rb +8 -0
  78. data/lib/puppet/indirector/node/rest.rb +2 -4
  79. data/lib/puppet/indirector/report/json.rb +34 -0
  80. data/lib/puppet/indirector/report/rest.rb +3 -8
  81. data/lib/puppet/indirector/request.rb +0 -101
  82. data/lib/puppet/indirector/rest.rb +12 -263
  83. data/lib/puppet/module_tool/applications.rb +0 -1
  84. data/lib/puppet/network/authconfig.rb +2 -96
  85. data/lib/puppet/network/authorization.rb +13 -35
  86. data/lib/puppet/network/formats.rb +2 -1
  87. data/lib/puppet/network/http.rb +3 -3
  88. data/lib/puppet/network/http/api/indirected_routes.rb +2 -20
  89. data/lib/puppet/network/http/api/master/v3.rb +11 -13
  90. data/lib/puppet/network/http/connection.rb +247 -316
  91. data/lib/puppet/network/http/handler.rb +0 -1
  92. data/lib/puppet/network/http_pool.rb +16 -34
  93. data/lib/puppet/node.rb +1 -30
  94. data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
  95. data/lib/puppet/pal/pal_impl.rb +73 -18
  96. data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
  97. data/lib/puppet/parser/compiler.rb +0 -198
  98. data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
  99. data/lib/puppet/parser/resource.rb +0 -69
  100. data/lib/puppet/pops/evaluator/evaluator_impl.rb +22 -8
  101. data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
  102. data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
  103. data/lib/puppet/pops/issues.rb +0 -5
  104. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
  105. data/lib/puppet/pops/model/ast.pp +0 -42
  106. data/lib/puppet/pops/model/ast.rb +0 -290
  107. data/lib/puppet/pops/model/factory.rb +0 -45
  108. data/lib/puppet/pops/model/model_label_provider.rb +0 -5
  109. data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
  110. data/lib/puppet/pops/model/pn_transformer.rb +0 -16
  111. data/lib/puppet/pops/parser/egrammar.ra +0 -56
  112. data/lib/puppet/pops/parser/eparser.rb +1520 -1712
  113. data/lib/puppet/pops/parser/lexer2.rb +4 -4
  114. data/lib/puppet/pops/parser/parser_support.rb +0 -5
  115. data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
  116. data/lib/puppet/pops/types/type_calculator.rb +0 -7
  117. data/lib/puppet/pops/types/type_parser.rb +0 -4
  118. data/lib/puppet/pops/types/types.rb +0 -1
  119. data/lib/puppet/pops/validation/checker4_0.rb +9 -37
  120. data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
  121. data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
  122. data/lib/puppet/provider.rb +0 -13
  123. data/lib/puppet/provider/nameservice.rb +0 -18
  124. data/lib/puppet/provider/package/dpkg.rb +0 -10
  125. data/lib/puppet/provider/package/gem.rb +23 -3
  126. data/lib/puppet/provider/package/pip.rb +0 -1
  127. data/lib/puppet/provider/package/pkg.rb +0 -4
  128. data/lib/puppet/provider/package/portage.rb +1 -1
  129. data/lib/puppet/provider/package/puppet_gem.rb +1 -4
  130. data/lib/puppet/provider/service/smf.rb +191 -73
  131. data/lib/puppet/provider/user/directoryservice.rb +0 -10
  132. data/lib/puppet/reference/configuration.rb +2 -0
  133. data/lib/puppet/reference/indirection.rb +1 -1
  134. data/lib/puppet/resource.rb +1 -89
  135. data/lib/puppet/resource/catalog.rb +1 -14
  136. data/lib/puppet/resource/type.rb +3 -119
  137. data/lib/puppet/resource/type_collection.rb +3 -48
  138. data/lib/puppet/runtime.rb +1 -2
  139. data/lib/puppet/settings.rb +45 -33
  140. data/lib/puppet/settings/base_setting.rb +26 -2
  141. data/lib/puppet/settings/integer_setting.rb +17 -0
  142. data/lib/puppet/settings/port_setting.rb +15 -0
  143. data/lib/puppet/settings/priority_setting.rb +5 -4
  144. data/lib/puppet/ssl.rb +10 -6
  145. data/lib/puppet/ssl/base.rb +3 -5
  146. data/lib/puppet/ssl/certificate.rb +0 -6
  147. data/lib/puppet/ssl/certificate_request.rb +1 -12
  148. data/lib/puppet/ssl/certificate_signer.rb +6 -0
  149. data/lib/puppet/ssl/oids.rb +3 -1
  150. data/lib/puppet/ssl/ssl_provider.rb +17 -0
  151. data/lib/puppet/ssl/state_machine.rb +3 -1
  152. data/lib/puppet/ssl/verifier.rb +2 -0
  153. data/lib/puppet/test/test_helper.rb +1 -3
  154. data/lib/puppet/transaction.rb +1 -7
  155. data/lib/puppet/transaction/report.rb +2 -4
  156. data/lib/puppet/type.rb +0 -76
  157. data/lib/puppet/type/file.rb +5 -7
  158. data/lib/puppet/type/file/checksum.rb +1 -1
  159. data/lib/puppet/type/file/source.rb +1 -1
  160. data/lib/puppet/type/filebucket.rb +3 -3
  161. data/lib/puppet/type/package.rb +5 -13
  162. data/lib/puppet/util/execution.rb +0 -11
  163. data/lib/puppet/util/http_proxy.rb +2 -215
  164. data/lib/puppet/util/monkey_patches.rb +0 -46
  165. data/lib/puppet/util/rdoc.rb +0 -7
  166. data/lib/puppet/util/retry_action.rb +1 -1
  167. data/lib/puppet/util/rubygems.rb +5 -1
  168. data/lib/puppet/util/run_mode.rb +9 -1
  169. data/lib/puppet/util/windows.rb +3 -8
  170. data/lib/puppet/util/windows/daemon.rb +360 -0
  171. data/lib/puppet/util/windows/error.rb +1 -0
  172. data/lib/puppet/util/windows/eventlog.rb +4 -9
  173. data/lib/puppet/util/windows/file.rb +8 -242
  174. data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
  175. data/lib/puppet/util/windows/process.rb +4 -226
  176. data/lib/puppet/util/windows/service.rb +9 -460
  177. data/lib/puppet/util/windows/string.rb +12 -13
  178. data/lib/puppet/util/yaml.rb +0 -22
  179. data/lib/puppet/vendor/require_vendored.rb +0 -1
  180. data/lib/puppet/version.rb +1 -1
  181. data/lib/puppet/x509.rb +5 -1
  182. data/lib/puppet/x509/cert_provider.rb +29 -1
  183. data/locales/puppet.pot +531 -1232
  184. data/man/man5/puppet.conf.5 +37 -97
  185. data/man/man8/puppet-agent.8 +1 -1
  186. data/man/man8/puppet-apply.8 +1 -1
  187. data/man/man8/puppet-catalog.8 +1 -1
  188. data/man/man8/puppet-config.8 +1 -1
  189. data/man/man8/puppet-describe.8 +1 -1
  190. data/man/man8/puppet-device.8 +1 -1
  191. data/man/man8/puppet-doc.8 +1 -1
  192. data/man/man8/puppet-epp.8 +1 -1
  193. data/man/man8/puppet-facts.8 +55 -9
  194. data/man/man8/puppet-filebucket.8 +6 -6
  195. data/man/man8/puppet-generate.8 +1 -1
  196. data/man/man8/puppet-help.8 +1 -1
  197. data/man/man8/puppet-lookup.8 +1 -1
  198. data/man/man8/puppet-module.8 +1 -58
  199. data/man/man8/puppet-node.8 +4 -1
  200. data/man/man8/puppet-parser.8 +1 -1
  201. data/man/man8/puppet-plugin.8 +1 -1
  202. data/man/man8/puppet-report.8 +4 -1
  203. data/man/man8/puppet-resource.8 +1 -1
  204. data/man/man8/puppet-script.8 +1 -1
  205. data/man/man8/puppet-ssl.8 +1 -1
  206. data/man/man8/puppet.8 +2 -2
  207. data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
  208. data/spec/integration/application/agent_spec.rb +24 -11
  209. data/spec/integration/application/apply_spec.rb +1 -1
  210. data/spec/integration/application/filebucket_spec.rb +16 -16
  211. data/spec/integration/application/help_spec.rb +2 -0
  212. data/spec/integration/application/plugin_spec.rb +23 -1
  213. data/spec/integration/defaults_spec.rb +7 -3
  214. data/spec/integration/environments/setting_hooks_spec.rb +1 -1
  215. data/spec/integration/network/http_pool_spec.rb +3 -21
  216. data/spec/integration/parser/catalog_spec.rb +0 -38
  217. data/spec/integration/parser/node_spec.rb +0 -9
  218. data/spec/integration/parser/pcore_resource_spec.rb +0 -37
  219. data/spec/integration/type/file_spec.rb +5 -4
  220. data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
  221. data/spec/integration/util/windows/security_spec.rb +1 -1
  222. data/spec/lib/puppet_spec/puppetserver.rb +1 -1
  223. data/spec/lib/puppet_spec/settings.rb +7 -1
  224. data/spec/spec_helper.rb +2 -0
  225. data/spec/unit/agent_spec.rb +0 -2
  226. data/spec/unit/application/config_spec.rb +224 -4
  227. data/spec/unit/application/facts_spec.rb +35 -0
  228. data/spec/unit/application/filebucket_spec.rb +41 -39
  229. data/spec/unit/application/ssl_spec.rb +2 -2
  230. data/spec/unit/certificate_factory_spec.rb +1 -1
  231. data/spec/unit/configurer/downloader_spec.rb +6 -2
  232. data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
  233. data/spec/unit/configurer_spec.rb +12 -9
  234. data/spec/unit/context/trusted_information_spec.rb +2 -6
  235. data/spec/unit/defaults_spec.rb +77 -28
  236. data/spec/unit/environments_spec.rb +0 -3
  237. data/spec/unit/face/config_spec.rb +27 -32
  238. data/spec/unit/face/facts_spec.rb +4 -0
  239. data/spec/unit/face/plugin_spec.rb +73 -33
  240. data/spec/unit/file_bucket/file_spec.rb +1 -1
  241. data/spec/unit/file_serving/configuration/parser_spec.rb +14 -18
  242. data/spec/unit/file_serving/configuration_spec.rb +6 -12
  243. data/spec/unit/functions/camelcase_spec.rb +1 -1
  244. data/spec/unit/functions/capitalize_spec.rb +1 -1
  245. data/spec/unit/functions/downcase_spec.rb +1 -1
  246. data/spec/unit/functions/inline_epp_spec.rb +26 -1
  247. data/spec/unit/functions/upcase_spec.rb +1 -1
  248. data/spec/unit/http/client_spec.rb +7 -8
  249. data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
  250. data/spec/unit/http/external_client_spec.rb +4 -4
  251. data/spec/unit/{network/http → http}/factory_spec.rb +5 -11
  252. data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
  253. data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
  254. data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
  255. data/spec/unit/http/resolver_spec.rb +13 -13
  256. data/spec/unit/http/service/compiler_spec.rb +49 -62
  257. data/spec/unit/http/service/file_server_spec.rb +3 -3
  258. data/spec/unit/http/service/puppetserver_spec.rb +34 -4
  259. data/spec/unit/http/service_spec.rb +1 -2
  260. data/spec/unit/http/session_spec.rb +16 -14
  261. data/spec/unit/{network/http → http}/site_spec.rb +3 -3
  262. data/spec/unit/indirector/facts/facter_spec.rb +97 -0
  263. data/spec/unit/indirector/facts/json_spec.rb +255 -0
  264. data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
  265. data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
  266. data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
  267. data/spec/unit/indirector/file_server_spec.rb +1 -15
  268. data/spec/unit/indirector/node/json_spec.rb +33 -0
  269. data/spec/{integration/indirector/report/yaml.rb → unit/indirector/report/json_spec.rb} +13 -24
  270. data/spec/unit/indirector/report/rest_spec.rb +2 -17
  271. data/spec/unit/indirector/report/yaml_spec.rb +72 -8
  272. data/spec/unit/indirector/request_spec.rb +0 -264
  273. data/spec/unit/indirector/rest_spec.rb +98 -752
  274. data/spec/unit/network/authconfig_spec.rb +2 -132
  275. data/spec/unit/network/authorization_spec.rb +2 -55
  276. data/spec/unit/network/formats_spec.rb +4 -4
  277. data/spec/unit/network/http/api/indirected_routes_spec.rb +1 -97
  278. data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
  279. data/spec/unit/network/http/api_spec.rb +10 -0
  280. data/spec/unit/network/http/connection_spec.rb +19 -41
  281. data/spec/unit/network/http/handler_spec.rb +0 -6
  282. data/spec/unit/network/http_pool_spec.rb +0 -4
  283. data/spec/unit/node/environment_spec.rb +33 -21
  284. data/spec/unit/node_spec.rb +2 -54
  285. data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
  286. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
  287. data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
  288. data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
  289. data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
  290. data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
  291. data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
  292. data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
  293. data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
  294. data/spec/unit/pops/types/type_calculator_spec.rb +6 -6
  295. data/spec/unit/pops/types/type_factory_spec.rb +1 -1
  296. data/spec/unit/pops/validator/validator_spec.rb +61 -46
  297. data/spec/unit/pops/visitor_spec.rb +1 -1
  298. data/spec/unit/provider/nameservice_spec.rb +0 -57
  299. data/spec/unit/provider/package/dpkg_spec.rb +0 -48
  300. data/spec/unit/provider/package/gem_spec.rb +32 -0
  301. data/spec/unit/provider/package/puppet_gem_spec.rb +3 -2
  302. data/spec/unit/provider/service/smf_spec.rb +401 -165
  303. data/spec/unit/provider/service/windows_spec.rb +0 -1
  304. data/spec/unit/provider_spec.rb +0 -12
  305. data/spec/unit/puppet_pal_catalog_spec.rb +45 -0
  306. data/spec/unit/resource/type_collection_spec.rb +2 -22
  307. data/spec/unit/resource_spec.rb +0 -56
  308. data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
  309. data/spec/unit/settings/integer_setting_spec.rb +42 -0
  310. data/spec/unit/settings/port_setting_spec.rb +31 -0
  311. data/spec/unit/settings/priority_setting_spec.rb +4 -4
  312. data/spec/unit/settings_spec.rb +423 -236
  313. data/spec/unit/ssl/base_spec.rb +36 -3
  314. data/spec/unit/ssl/certificate_request_spec.rb +15 -45
  315. data/spec/unit/ssl/certificate_spec.rb +2 -11
  316. data/spec/unit/ssl/ssl_provider_spec.rb +11 -8
  317. data/spec/unit/ssl/state_machine_spec.rb +0 -1
  318. data/spec/unit/ssl/verifier_spec.rb +0 -21
  319. data/spec/unit/transaction/report_spec.rb +0 -2
  320. data/spec/unit/transaction/resource_harness_spec.rb +2 -2
  321. data/spec/unit/transaction_spec.rb +45 -79
  322. data/spec/unit/type/file/checksum_spec.rb +6 -6
  323. data/spec/unit/type/file/content_spec.rb +1 -1
  324. data/spec/unit/type/file/ensure_spec.rb +1 -1
  325. data/spec/unit/type/file/mode_spec.rb +1 -1
  326. data/spec/unit/type/file/source_spec.rb +0 -1
  327. data/spec/unit/type/file_spec.rb +12 -6
  328. data/spec/unit/type/package_spec.rb +1 -1
  329. data/spec/unit/type_spec.rb +20 -0
  330. data/spec/unit/util/backups_spec.rb +0 -2
  331. data/spec/unit/util/execution_spec.rb +0 -29
  332. data/spec/unit/util/monkey_patches_spec.rb +0 -6
  333. data/spec/unit/util/rubygems_spec.rb +2 -2
  334. data/spec/unit/util/run_mode_spec.rb +21 -121
  335. data/spec/unit/util/windows/string_spec.rb +1 -3
  336. data/spec/unit/util/yaml_spec.rb +0 -54
  337. data/spec/unit/util_spec.rb +0 -18
  338. metadata +50 -232
  339. data/conf/auth.conf +0 -150
  340. data/lib/puppet/application/cert.rb +0 -76
  341. data/lib/puppet/application/key.rb +0 -4
  342. data/lib/puppet/application/man.rb +0 -4
  343. data/lib/puppet/application/status.rb +0 -4
  344. data/lib/puppet/face/key.rb +0 -16
  345. data/lib/puppet/face/man.rb +0 -145
  346. data/lib/puppet/face/module/build.rb +0 -14
  347. data/lib/puppet/face/module/generate.rb +0 -14
  348. data/lib/puppet/face/module/search.rb +0 -103
  349. data/lib/puppet/face/status.rb +0 -51
  350. data/lib/puppet/indirector/certificate/file.rb +0 -9
  351. data/lib/puppet/indirector/certificate/rest.rb +0 -18
  352. data/lib/puppet/indirector/certificate_request/file.rb +0 -9
  353. data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
  354. data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
  355. data/lib/puppet/indirector/file_content/http.rb +0 -22
  356. data/lib/puppet/indirector/key/file.rb +0 -46
  357. data/lib/puppet/indirector/key/memory.rb +0 -7
  358. data/lib/puppet/indirector/ssl_file.rb +0 -162
  359. data/lib/puppet/indirector/status.rb +0 -3
  360. data/lib/puppet/indirector/status/local.rb +0 -12
  361. data/lib/puppet/indirector/status/rest.rb +0 -27
  362. data/lib/puppet/module_tool/applications/searcher.rb +0 -29
  363. data/lib/puppet/network/auth_config_parser.rb +0 -90
  364. data/lib/puppet/network/authstore.rb +0 -283
  365. data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
  366. data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
  367. data/lib/puppet/network/http/base_pool.rb +0 -36
  368. data/lib/puppet/network/http/compression.rb +0 -127
  369. data/lib/puppet/network/http/connection_adapter.rb +0 -184
  370. data/lib/puppet/network/http/nocache_pool.rb +0 -28
  371. data/lib/puppet/network/rest_controller.rb +0 -2
  372. data/lib/puppet/network/rights.rb +0 -210
  373. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
  374. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
  375. data/lib/puppet/parser/environment_compiler.rb +0 -202
  376. data/lib/puppet/pops/types/enumeration.rb +0 -16
  377. data/lib/puppet/resource/capability_finder.rb +0 -154
  378. data/lib/puppet/rest/errors.rb +0 -15
  379. data/lib/puppet/rest/response.rb +0 -35
  380. data/lib/puppet/rest/route.rb +0 -85
  381. data/lib/puppet/rest/routes.rb +0 -135
  382. data/lib/puppet/ssl/host.rb +0 -505
  383. data/lib/puppet/ssl/key.rb +0 -61
  384. data/lib/puppet/ssl/validator.rb +0 -61
  385. data/lib/puppet/ssl/validator/default_validator.rb +0 -209
  386. data/lib/puppet/ssl/validator/no_validator.rb +0 -22
  387. data/lib/puppet/ssl/verifier_adapter.rb +0 -58
  388. data/lib/puppet/status.rb +0 -40
  389. data/lib/puppet/util/connection.rb +0 -88
  390. data/lib/puppet/util/ssl.rb +0 -83
  391. data/lib/puppet/util/windows/api_types.rb +0 -309
  392. data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
  393. data/lib/puppet/vendor/load_pathspec.rb +0 -1
  394. data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
  395. data/lib/puppet/vendor/pathspec/LICENSE +0 -201
  396. data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
  397. data/lib/puppet/vendor/pathspec/README.md +0 -53
  398. data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
  399. data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
  400. data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
  401. data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
  402. data/man/man8/puppet-key.8 +0 -126
  403. data/man/man8/puppet-man.8 +0 -76
  404. data/man/man8/puppet-status.8 +0 -108
  405. data/spec/integration/application/config_spec.rb +0 -74
  406. data/spec/integration/network/authconfig_spec.rb +0 -256
  407. data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
  408. data/spec/unit/application/man_spec.rb +0 -52
  409. data/spec/unit/capability_spec.rb +0 -414
  410. data/spec/unit/face/catalog_spec.rb +0 -6
  411. data/spec/unit/face/key_spec.rb +0 -9
  412. data/spec/unit/face/module/search_spec.rb +0 -231
  413. data/spec/unit/face/module_spec.rb +0 -3
  414. data/spec/unit/face/status_spec.rb +0 -9
  415. data/spec/unit/indirector/certificate/file_spec.rb +0 -14
  416. data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
  417. data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
  418. data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
  419. data/spec/unit/indirector/key/file_spec.rb +0 -79
  420. data/spec/unit/indirector/ssl_file_spec.rb +0 -305
  421. data/spec/unit/indirector/status/local_spec.rb +0 -10
  422. data/spec/unit/indirector/status/rest_spec.rb +0 -50
  423. data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
  424. data/spec/unit/network/auth_config_parser_spec.rb +0 -115
  425. data/spec/unit/network/authstore_spec.rb +0 -422
  426. data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
  427. data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
  428. data/spec/unit/network/http/compression_spec.rb +0 -240
  429. data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
  430. data/spec/unit/network/http_spec.rb +0 -9
  431. data/spec/unit/network/rights_spec.rb +0 -439
  432. data/spec/unit/parser/environment_compiler_spec.rb +0 -730
  433. data/spec/unit/pops/types/enumeration_spec.rb +0 -51
  434. data/spec/unit/resource/capability_finder_spec.rb +0 -143
  435. data/spec/unit/rest/route_spec.rb +0 -132
  436. data/spec/unit/ssl/host_spec.rb +0 -650
  437. data/spec/unit/ssl/key_spec.rb +0 -173
  438. data/spec/unit/ssl/validator_spec.rb +0 -278
  439. data/spec/unit/status_spec.rb +0 -45
  440. data/spec/unit/util/ssl_spec.rb +0 -91
@@ -1,138 +1,8 @@
1
1
  require 'spec_helper'
2
-
3
2
  require 'puppet/network/authconfig'
4
3
 
5
- describe Puppet::Network::DefaultAuthProvider do
6
- before :each do
7
- allow(Puppet::FileSystem).to receive(:stat).and_return(double('stat', :ctime => :now))
8
- allow(Time).to receive(:now).and_return(Time.now)
9
-
10
- allow_any_instance_of(Puppet::Network::DefaultAuthProvider).to receive(:exists?).and_return(true)
11
- # FIXME @authprovider = Puppet::Network::DefaultAuthProvider.new("dummy")
12
- end
13
-
14
- describe "when initializing" do
15
- it "inserts default ACLs after setting initial rights" do
16
- expect_any_instance_of(Puppet::Network::DefaultAuthProvider).to receive(:insert_default_acl)
17
- Puppet::Network::DefaultAuthProvider.new
18
- end
19
- end
20
-
21
- describe "when defining an acl with mk_acl" do
22
- before :each do
23
- allow_any_instance_of(Puppet::Network::DefaultAuthProvider).to receive(:insert_default_acl)
24
- @authprovider = Puppet::Network::DefaultAuthProvider.new
25
- end
26
-
27
- it "should create a new right for each default acl" do
28
- @authprovider.mk_acl(:acl => '/')
29
- expect(@authprovider.rights['/']).to be
30
- end
31
-
32
- it "allows everyone for each default right" do
33
- @authprovider.mk_acl(:acl => '/')
34
- expect(@authprovider.rights['/']).to be_globalallow
35
- end
36
-
37
- it "accepts an argument to restrict the method" do
38
- @authprovider.mk_acl(:acl => '/', :method => :find)
39
- expect(@authprovider.rights['/'].methods).to eq([:find])
40
- end
41
-
42
- it "creates rights with authentication set to true by default" do
43
- @authprovider.mk_acl(:acl => '/')
44
- expect(@authprovider.rights['/'].authentication).to be_truthy
45
- end
46
-
47
- it "accepts an argument to set the authentication requirement" do
48
- @authprovider.mk_acl(:acl => '/', :authenticated => :any)
49
- expect(@authprovider.rights['/'].authentication).to be_falsey
50
- end
51
- end
52
-
53
- describe "when adding default ACLs" do
54
- before :each do
55
- allow_any_instance_of(Puppet::Network::DefaultAuthProvider).to receive(:insert_default_acl)
56
- @authprovider = Puppet::Network::DefaultAuthProvider.new
57
- allow_any_instance_of(Puppet::Network::DefaultAuthProvider).to receive(:insert_default_acl).and_call_original
58
- end
59
-
60
- Puppet::Network::DefaultAuthProvider::default_acl.each do |acl|
61
- it "should create a default right for #{acl[:acl]}" do
62
- allow(@authprovider).to receive(:mk_acl)
63
- expect(@authprovider).to receive(:mk_acl).with(acl)
64
- @authprovider.insert_default_acl
65
- end
66
- end
67
-
68
- it "should log at info loglevel" do
69
- expect(Puppet).to receive(:info).at_least(:once)
70
- @authprovider.insert_default_acl
71
- end
72
-
73
- it "creates an empty catch-all rule for '/' for any authentication request state" do
74
- allow(@authprovider).to receive(:mk_acl)
75
-
76
- @authprovider.insert_default_acl
77
- expect(@authprovider.rights['/']).to be_empty
78
- expect(@authprovider.rights['/'].authentication).to be_falsey
79
- end
80
-
81
- it '(CVE-2013-2275) allows report submission only for the node matching the certname by default' do
82
- acl = {
83
- :acl => "~ ^#{Puppet::Network::HTTP::MASTER_URL_PREFIX}\/v3\/report\/([^\/]+)$",
84
- :method => :save,
85
- :allow => '$1',
86
- :authenticated => true
87
- }
88
- allow(@authprovider).to receive(:mk_acl)
89
- expect(@authprovider).to receive(:mk_acl).with(acl)
90
- @authprovider.insert_default_acl
91
- end
92
- end
93
-
94
- describe "when checking authorization" do
95
- it "should ask for authorization to the ACL subsystem" do
96
- params = {
97
- :ip => "127.0.0.1",
98
- :node => "me",
99
- :environment => :env,
100
- :authenticated => true
101
- }
102
-
103
- expect_any_instance_of(Puppet::Network::Rights).to receive(:is_request_forbidden_and_why?).with(:save, "/path/to/resource", params)
104
-
105
- described_class.new.check_authorization(:save, "/path/to/resource", params)
106
- end
107
- end
108
- end
109
-
110
4
  describe Puppet::Network::AuthConfig do
111
- after :each do
112
- Puppet::Network::AuthConfig.authprovider_class = nil
113
- end
114
-
115
- class TestAuthProvider
116
- def initialize(rights=nil); end
117
- def check_authorization(method, path, params); end
118
- end
119
-
120
- it "instantiates authprovider_class with rights" do
121
- Puppet::Network::AuthConfig.authprovider_class = TestAuthProvider
122
- rights = Puppet::Network::Rights.new
123
- expect(TestAuthProvider).to receive(:new).with(rights)
124
- described_class.new(rights)
125
- end
126
-
127
- it "delegates authorization check to authprovider_class" do
128
- Puppet::Network::AuthConfig.authprovider_class = TestAuthProvider
129
- expect_any_instance_of(TestAuthProvider).to receive(:check_authorization).with(:save, '/path/to/resource', {})
130
- described_class.new.check_authorization(:save, '/path/to/resource', {})
131
- end
132
-
133
- it "uses DefaultAuthProvider by default" do
134
- Puppet::Network::AuthConfig.authprovider_class = nil
135
- expect_any_instance_of(Puppet::Network::DefaultAuthProvider).to receive(:check_authorization).with(:save, '/path/to/resource', {})
136
- described_class.new.check_authorization(:save, '/path/to/resource', {})
5
+ it "accepts an auth provider class" do
6
+ Puppet::Network::AuthConfig.authprovider_class = Object
137
7
  end
138
8
  end
@@ -1,61 +1,8 @@
1
1
  require 'spec_helper'
2
- require 'puppet/network/http'
3
- require 'puppet/network/http/api/indirected_routes'
4
2
  require 'puppet/network/authorization'
5
3
 
6
4
  describe Puppet::Network::Authorization do
7
- class AuthTest
8
- include Puppet::Network::Authorization
9
- end
10
-
11
- subject { AuthTest.new }
12
-
13
- context "when creating an authconfig object" do
14
- before :each do
15
- # Other tests may have created an authconfig, so we have to undo that.
16
- @orig_auth_config = Puppet::Network::AuthConfigLoader.instance_variable_get(:@auth_config)
17
- @orig_auth_config_file = Puppet::Network::AuthConfigLoader.instance_variable_get(:@auth_config_file)
18
-
19
- Puppet::Network::AuthConfigLoader.instance_variable_set(:@auth_config, nil)
20
- Puppet::Network::AuthConfigLoader.instance_variable_set(:@auth_config_file, nil)
21
- end
22
-
23
- after :each do
24
- Puppet::Network::AuthConfigLoader.instance_variable_set(:@auth_config, @orig_auth_config)
25
- Puppet::Network::AuthConfigLoader.instance_variable_set(:@auth_config_file, @orig_auth_config_file)
26
- end
27
-
28
- it "creates default ACL entries if no file has been read" do
29
- expect(Puppet::Network::AuthConfigParser).to receive(:new_from_file).and_raise(Errno::ENOENT)
30
- expect_any_instance_of(Puppet::Network::DefaultAuthProvider).to receive(:insert_default_acl)
31
-
32
- subject.authconfig
33
- end
34
- end
35
-
36
- class TestAuthConfig
37
- def check_authorization(method, path, params); end
38
- end
39
-
40
- class TestAuthConfigLoader
41
- def self.authconfig
42
- TestAuthConfig.new
43
- end
44
- end
45
-
46
- context "when checking authorization" do
47
- after :each do
48
- Puppet::Network::Authorization.authconfigloader_class = nil
49
- end
50
-
51
- it "delegates to the authconfig object" do
52
- Puppet::Network::Authorization.authconfigloader_class =
53
- TestAuthConfigLoader
54
- expect_any_instance_of(TestAuthConfig).to receive(:check_authorization).with(
55
- :save, '/mypath', {:param1 => "value1"}).and_return("yay, it worked!")
56
- expect(subject.check_authorization(
57
- :save, '/mypath',
58
- {:param1 => "value1"})).to eq("yay, it worked!")
59
- end
5
+ it "accepts an auth config loader class" do
6
+ Puppet::Network::Authorization.authconfigloader_class = Object
60
7
  end
61
8
  end
@@ -161,19 +161,19 @@ describe "Puppet Network Format" do
161
161
  end
162
162
 
163
163
  it 'raises when interning an instance of an unacceptable indirected type' do
164
- obj = Puppet::SSL::Key.new('foo')
164
+ obj = :something
165
165
 
166
166
  expect {
167
167
  yaml.intern(obj.class, YAML.dump(obj))
168
- }.to raise_error(Puppet::Network::FormatHandler::FormatError, /Tried to load unspecified class: Puppet::SSL::Key/)
168
+ }.to raise_error(Puppet::Network::FormatHandler::FormatError, /Tried to load unspecified class: Symbol/)
169
169
  end
170
170
 
171
171
  it 'raises when interning multple instances of an unacceptable indirected type' do
172
- obj = Puppet::SSL::Key.new('foo')
172
+ obj = :something
173
173
 
174
174
  expect {
175
175
  yaml.intern_multiple(obj.class, YAML.dump([obj]))
176
- }.to raise_error(Puppet::Network::FormatHandler::FormatError, /Tried to load unspecified class: Puppet::SSL::Key/)
176
+ }.to raise_error(Puppet::Network::FormatHandler::FormatError, /Tried to load unspecified class: Symbol/)
177
177
  end
178
178
  end
179
179
 
@@ -17,7 +17,6 @@ describe Puppet::Network::HTTP::API::IndirectedRoutes do
17
17
  before do
18
18
  Puppet::IndirectorTesting.indirection.terminus_class = :memory
19
19
  Puppet::IndirectorTesting.indirection.terminus.clear
20
- allow(handler).to receive(:warn_if_near_expiration)
21
20
  end
22
21
 
23
22
  describe "when converting a URI into a request" do
@@ -63,7 +62,7 @@ describe Puppet::Network::HTTP::API::IndirectedRoutes do
63
62
  }.to raise_error(bad_request_error)
64
63
  end
65
64
 
66
- it "should not pass a buck_path parameter through (See Bugs #13553, #13518, #13511)" do
65
+ it "should not pass a bucket_path parameter through (See Bugs #13553, #13518, #13511)" do
67
66
  expect(handler.uri2indirection("GET", "#{master_url_prefix}/node/bar",
68
67
  { :environment => "env",
69
68
  :bucket_path => "/malicious/path" })[3]).not_to include({ :bucket_path => "/malicious/path" })
@@ -123,10 +122,6 @@ describe Puppet::Network::HTTP::API::IndirectedRoutes do
123
122
  expect(handler.uri2indirection("PUT", "#{master_url_prefix}/facts/puppet.node.test", params)[0].name).to eq(:facts)
124
123
  end
125
124
 
126
- it "should change indirection name to 'status' if the http method is a GET and the indirection name is statuses" do
127
- expect(handler.uri2indirection("GET", "#{master_url_prefix}/statuses/bar", params)[0].name).to eq(:status)
128
- end
129
-
130
125
  it "should change indirection name to 'node' if the http method is a GET and the indirection name is nodes" do
131
126
  expect(handler.uri2indirection("GET", "#{master_url_prefix}/nodes/bar", params)[0].name).to eq(:node)
132
127
  end
@@ -150,100 +145,9 @@ describe Puppet::Network::HTTP::API::IndirectedRoutes do
150
145
  _, _, key, _ = handler.uri2indirection("GET", "#{master_url_prefix}/node/#{escaped}", params)
151
146
  expect(key).to eq(escaped)
152
147
  end
153
-
154
- it "should not unescape the URI passed through in a call to check_authorization" do
155
- key_escaped = Puppet::Util.uri_encode("foo bar")
156
- uri_escaped = "#{master_url_prefix}/node/#{key_escaped}"
157
- expect(handler).to receive(:check_authorization).with(anything, uri_escaped, anything)
158
- handler.uri2indirection("GET", uri_escaped, params)
159
- end
160
-
161
- it "when the environment is unknown should remove :environment from params passed to check_authorization and therefore fail" do
162
- expect(handler).to receive(:check_authorization).with(anything,
163
- anything,
164
- excluding(:environment))
165
- expect { handler.uri2indirection("GET",
166
- "#{master_url_prefix}/node/bar",
167
- {:environment => 'bogus'})
168
- }.to raise_error(not_found_error)
169
- end
170
-
171
- it "should not URI unescape the indirection key as passed through to a call to check_authorization" do
172
- expect(handler).to receive(:check_authorization).with(anything, anything, hash_including(environment: be_a(Puppet::Node::Environment).and(have_attributes(name: :env))))
173
-
174
- handler.uri2indirection("GET", "#{master_url_prefix}/node/bar", params)
175
- end
176
-
177
- end
178
-
179
- describe "when converting a request into a URI" do
180
- let(:environment) { Puppet::Node::Environment.create(:myenv, []) }
181
- let(:request) { Puppet::Indirector::Request.new(:foo, :find, "with spaces", nil, :foo => :bar, :environment => environment) }
182
-
183
- before do
184
- allow(handler).to receive(:handler).and_return("foo")
185
- end
186
-
187
- it "should include the environment in the query string of the URI" do
188
- expect(handler.class.request_to_uri(request)).to eq("#{master_url_prefix}/foo/with%20spaces?environment=myenv&foo=bar")
189
- end
190
-
191
- it "should include the correct url prefix if it is a ca request" do
192
- allow(request).to receive(:indirection_name).and_return("certificate")
193
- expect(handler.class.request_to_uri(request)).to eq("#{ca_url_prefix}/certificate/with%20spaces?environment=myenv&foo=bar")
194
- end
195
-
196
- it "should pluralize the indirection name if the method is 'search'" do
197
- allow(request).to receive(:method).and_return(:search)
198
- expect(handler.class.request_to_uri(request).split("/")[3]).to eq("foos")
199
- end
200
-
201
- it "should add the query string to the URI" do
202
- expect(request).to receive(:query_string).and_return("query")
203
- expect(handler.class.request_to_uri(request)).to match(/\&query$/)
204
- end
205
- end
206
-
207
- describe "when converting a request into a URI with body" do
208
- let(:environment) { Puppet::Node::Environment.create(:myenv, []) }
209
- let(:request) { Puppet::Indirector::Request.new(:foo, :find, "with spaces", nil, :foo => :bar, :environment => environment) }
210
-
211
- it "should use the indirection as the first field of the URI" do
212
- expect(handler.class.request_to_uri_and_body(request).first.split("/")[3]).to eq("foo")
213
- end
214
-
215
- it "should use the escaped key as the remainder of the URI" do
216
- escaped = Puppet::Util.uri_encode("with spaces")
217
- expect(handler.class.request_to_uri_and_body(request).first.split("/")[4].sub(/\?.+/, '')).to eq(escaped)
218
- end
219
-
220
- it "should include the correct url prefix if it is a master request" do
221
- expect(handler.class.request_to_uri_and_body(request).first).to eq("#{master_url_prefix}/foo/with%20spaces")
222
- end
223
-
224
- it "should include the correct url prefix if it is a ca request" do
225
- allow(request).to receive(:indirection_name).and_return("certificate")
226
- expect(handler.class.request_to_uri_and_body(request).first).to eq("#{ca_url_prefix}/certificate/with%20spaces")
227
- end
228
-
229
- it "should return the URI and body separately" do
230
- expect(handler.class.request_to_uri_and_body(request)).to eq(["#{master_url_prefix}/foo/with%20spaces", "environment=myenv&foo=bar"])
231
- end
232
148
  end
233
149
 
234
150
  describe "when processing a request" do
235
- it "should raise not_authorized_error when authorization fails" do
236
- data = Puppet::IndirectorTesting.new("my data")
237
- indirection.save(data, "my data")
238
- request = a_request_that_heads(data)
239
-
240
- expect(handler).to receive(:check_authorization).and_raise(Puppet::Network::AuthorizationError.new("forbidden"))
241
-
242
- expect {
243
- handler.call(request, response)
244
- }.to raise_error(not_authorized_error)
245
- end
246
-
247
151
  it "should raise not_found_error if the indirection does not support remote requests" do
248
152
  request = a_request_that_heads(Puppet::IndirectorTesting.new("my data"))
249
153
 
@@ -15,15 +15,18 @@ describe Puppet::Network::HTTP::API::Master::V3 do
15
15
  chain(Puppet::Network::HTTP::API::Master::V3.routes)
16
16
  }
17
17
 
18
- it "mounts the environments endpoint" do
19
- request = Puppet::Network::HTTP::Request.from_hash(:path => "#{master_url_prefix}/environments")
20
- master_routes.process(request, response)
21
-
22
- expect(response.code).to eq(200)
18
+ # simulate puppetserver registering its authconfigloader class
19
+ around :each do |example|
20
+ Puppet::Network::Authorization.authconfigloader_class = Object
21
+ begin
22
+ example.run
23
+ ensure
24
+ Puppet::Network::Authorization.authconfigloader_class = nil
25
+ end
23
26
  end
24
27
 
25
- it "mounts the environment endpoint" do
26
- request = Puppet::Network::HTTP::Request.from_hash(:path => "#{master_url_prefix}/environment/production")
28
+ it "mounts the environments endpoint" do
29
+ request = Puppet::Network::HTTP::Request.from_hash(:path => "#{master_url_prefix}/environments")
27
30
  master_routes.process(request, response)
28
31
 
29
32
  expect(response.code).to eq(200)
@@ -54,4 +57,22 @@ describe Puppet::Network::HTTP::API::Master::V3 do
54
57
  master_routes.process(request, response)
55
58
  }.to raise_error(not_found_error)
56
59
  end
60
+
61
+ it "checks authorization for indirected routes" do
62
+ Puppet::Network::Authorization.authconfigloader_class = nil
63
+
64
+ request = Puppet::Network::HTTP::Request.from_hash(:path => "#{master_url_prefix}/catalog/foo")
65
+ expect {
66
+ master_routes.process(request, response)
67
+ }.to raise_error(Puppet::Network::HTTP::Error::HTTPNotAuthorizedError, %r{Not Authorized: Forbidden request: /puppet/v3/catalog/foo \(method GET\)})
68
+ end
69
+
70
+ it "checks authorization for environments" do
71
+ Puppet::Network::Authorization.authconfigloader_class = nil
72
+
73
+ request = Puppet::Network::HTTP::Request.from_hash(:path => "#{master_url_prefix}/environments")
74
+ expect {
75
+ master_routes.process(request, response)
76
+ }.to raise_error(Puppet::Network::HTTP::Error::HTTPNotAuthorizedError, %r{Not Authorized: Forbidden request: /puppet/v3/environments \(method GET\)})
77
+ end
57
78
  end
@@ -70,6 +70,16 @@ describe Puppet::Network::HTTP::API do
70
70
  end
71
71
 
72
72
  describe "when processing master routes" do
73
+ # simulate puppetserver registering its authconfigloader class
74
+ around :each do |example|
75
+ Puppet::Network::Authorization.authconfigloader_class = Object
76
+ begin
77
+ example.run
78
+ ensure
79
+ Puppet::Network::Authorization.authconfigloader_class = nil
80
+ end
81
+ end
82
+
73
83
  it "responds to v3 indirector requests" do
74
84
  req = Puppet::Network::HTTP::Request.from_hash(:path => "#{master_prefix}/v3/node/foo",
75
85
  :params => {:environment => "production"},
@@ -1,6 +1,5 @@
1
1
  require 'spec_helper'
2
2
  require 'puppet/network/http/connection'
3
- require 'puppet/network/http/connection_adapter'
4
3
  require 'puppet/test_ca'
5
4
 
6
5
  describe Puppet::Network::HTTP::Connection do
@@ -10,21 +9,23 @@ describe Puppet::Network::HTTP::Connection do
10
9
  let(:url) { "https://#{host}:#{port}#{path}" }
11
10
  let(:params) { { 'key' => 'a value' } }
12
11
  let(:encoded_url_with_params) { "#{url}?%7B%22key%22:%22a%20value%22%7D" }
12
+ let(:ssl_context) { Puppet::SSL::SSLProvider.new.create_system_context(cacerts: []) }
13
+ let(:verifier) { Puppet::SSL::Verifier.new(host, ssl_context) }
13
14
 
14
- shared_examples_for "an HTTP connection" do |klass, legacy_api|
15
- subject { klass.new(host, port, :verify => Puppet::SSL::Validator.no_validator) }
15
+ shared_examples_for "an HTTP connection" do |klass|
16
+ subject { klass.new(host, port, :verifier => verifier) }
16
17
 
17
18
  context "when providing HTTP connections" do
18
19
  context "when initializing http instances" do
19
20
  it "should return an http instance created with the passed host and port" do
20
- conn = klass.new(host, port, :verify => Puppet::SSL::Validator.no_validator)
21
+ conn = klass.new(host, port, :verifier => verifier)
21
22
 
22
23
  expect(conn.address).to eq(host)
23
24
  expect(conn.port).to eq(port)
24
25
  end
25
26
 
26
27
  it "should enable ssl on the http instance by default" do
27
- conn = klass.new(host, port, :verify => Puppet::SSL::Validator.no_validator)
28
+ conn = klass.new(host, port, :verifier => verifier)
28
29
 
29
30
  expect(conn).to be_use_ssl
30
31
  end
@@ -36,21 +37,21 @@ describe Puppet::Network::HTTP::Connection do
36
37
  end
37
38
 
38
39
  it "can enable ssl using an option" do
39
- conn = klass.new(host, port, :use_ssl => true, :verify => Puppet::SSL::Validator.no_validator)
40
+ conn = klass.new(host, port, :use_ssl => true, :verifier => verifier)
40
41
 
41
42
  expect(conn).to be_use_ssl
42
43
  end
43
44
 
44
45
  it "ignores the ':verify' option when ssl is disabled" do
45
- conn = klass.new(host, port, :use_ssl => false, :verify => Puppet::SSL::Validator.no_validator)
46
+ conn = klass.new(host, port, :use_ssl => false, :verifier => verifier)
46
47
 
47
48
  expect(conn.verifier).to be_nil
48
49
  end
49
50
 
50
51
  it "wraps the validator in an adapter" do
51
- conn = klass.new(host, port, :verify => Puppet::SSL::Validator.no_validator)
52
+ conn = klass.new(host, port, :verifier => verifier)
52
53
 
53
- expect(conn.verifier).to be_a_kind_of(Puppet::SSL::VerifierAdapter)
54
+ expect(conn.verifier).to be_a(Puppet::SSL::Verifier)
54
55
  end
55
56
 
56
57
  it "should raise Puppet::Error when invalid options are specified" do
@@ -66,9 +67,9 @@ describe Puppet::Network::HTTP::Connection do
66
67
 
67
68
  it "raises if the wrong verifier class is specified" do
68
69
  expect {
69
- klass.new(host, port, :verifier => Puppet::SSL::Validator.default_validator)
70
+ klass.new(host, port, :verifier => Object.new)
70
71
  }.to raise_error(ArgumentError,
71
- "Expected an instance of Puppet::SSL::Verifier but was passed a Puppet::SSL::Validator::DefaultValidator")
72
+ "Expected an instance of Puppet::SSL::Verifier but was passed a Object")
72
73
  end
73
74
  end
74
75
  end
@@ -306,8 +307,6 @@ describe Puppet::Network::HTTP::Connection do
306
307
  end
307
308
 
308
309
  it 'defaults content-type to application/x-www-form-urlencoded' do
309
- skip("Net::HTTP sends a default content-type header, but it's not visible to webmock") if legacy_api
310
-
311
310
  stub_request(:put, url).with(headers: {'Content-Type' => 'application/x-www-form-urlencoded'})
312
311
 
313
312
  subject.put(path, '')
@@ -362,8 +361,6 @@ describe Puppet::Network::HTTP::Connection do
362
361
  end
363
362
 
364
363
  it 'defaults content-type to application/x-www-form-urlencoded' do
365
- skip("Net::HTTP sends a default content-type header, but it's not visible to webmock") if legacy_api
366
-
367
364
  stub_request(:post, url).with(headers: {'Content-Type' => 'application/x-www-form-urlencoded'})
368
365
 
369
366
  subject.post(path, "")
@@ -425,7 +422,7 @@ describe Puppet::Network::HTTP::Connection do
425
422
 
426
423
  def create_connection(options = {})
427
424
  options[:use_ssl] = false
428
- options[:verify] = Puppet::SSL::Validator.no_validator
425
+ options[:verifier] = verifier
429
426
  subject.new(host, port, options)
430
427
  end
431
428
 
@@ -474,15 +471,9 @@ describe Puppet::Network::HTTP::Connection do
474
471
  it 'raises an exception when the location header is missing' do
475
472
  stub_request(:get, "http://me.example.com:8140/").to_return(status: 302)
476
473
 
477
- if legacy_api
478
- expect {
479
- create_connection.get('/')
480
- }.to raise_error(URI::InvalidURIError, /bad URI/)
481
- else
482
- expect {
474
+ expect {
483
475
  create_connection.get('/')
484
476
  }.to raise_error(Puppet::HTTP::ProtocolError, /Location response header is missing/)
485
- end
486
477
  end
487
478
  end
488
479
 
@@ -503,14 +494,9 @@ describe Puppet::Network::HTTP::Connection do
503
494
  it "should return a 503 response if Retry-After is not convertible to an Integer or RFC 2822 Date" do
504
495
  retry_after('foo')
505
496
 
506
- if legacy_api
507
- result = subject.get('/foo')
508
- expect(result.code).to eq("503")
509
- else
510
- expect {
511
- subject.get('/foo')
512
- }.to raise_error(Puppet::HTTP::ProtocolError, /Failed to parse Retry-After header 'foo'/)
513
- end
497
+ expect {
498
+ subject.get('/foo')
499
+ }.to raise_error(Puppet::HTTP::ProtocolError, /Failed to parse Retry-After header 'foo'/)
514
500
  end
515
501
 
516
502
  it "should close the connection before sleeping" do
@@ -525,11 +511,7 @@ describe Puppet::Network::HTTP::Connection do
525
511
  allow(http1).to receive(:started?).and_return(true)
526
512
 
527
513
  # The "with_connection" method is required to yield started connections
528
- pool = if legacy_api
529
- Puppet.lookup(:http_pool)
530
- else
531
- Puppet.runtime[:http].pool
532
- end
514
+ pool = Puppet.runtime[:http].pool
533
515
 
534
516
  allow(pool).to receive(:with_connection).and_yield(http1).and_yield(http2)
535
517
 
@@ -649,10 +631,6 @@ describe Puppet::Network::HTTP::Connection do
649
631
  end
650
632
 
651
633
  describe Puppet::Network::HTTP::Connection do
652
- it_behaves_like "an HTTP connection", described_class, true
653
- end
654
-
655
- describe Puppet::Network::HTTP::ConnectionAdapter do
656
- it_behaves_like "an HTTP connection", described_class, false
634
+ it_behaves_like "an HTTP connection", described_class
657
635
  end
658
636
  end