puppet 6.22.1-universal-darwin → 6.23.0-universal-darwin
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile.lock +14 -14
- data/ext/osx/puppet.plist +2 -0
- data/lib/puppet/application/agent.rb +12 -5
- data/lib/puppet/application/apply.rb +2 -1
- data/lib/puppet/application/device.rb +2 -1
- data/lib/puppet/application/resource.rb +2 -1
- data/lib/puppet/application/script.rb +2 -1
- data/lib/puppet/configurer/downloader.rb +2 -1
- data/lib/puppet/defaults.rb +5 -3
- data/lib/puppet/file_serving/fileset.rb +14 -2
- data/lib/puppet/functions/all.rb +1 -1
- data/lib/puppet/functions/camelcase.rb +1 -1
- data/lib/puppet/functions/capitalize.rb +2 -2
- data/lib/puppet/functions/downcase.rb +2 -2
- data/lib/puppet/functions/get.rb +5 -5
- data/lib/puppet/functions/group_by.rb +13 -5
- data/lib/puppet/functions/lest.rb +1 -1
- data/lib/puppet/functions/new.rb +100 -100
- data/lib/puppet/functions/partition.rb +4 -4
- data/lib/puppet/functions/require.rb +5 -5
- data/lib/puppet/functions/sort.rb +3 -3
- data/lib/puppet/functions/tree_each.rb +7 -9
- data/lib/puppet/functions/type.rb +4 -4
- data/lib/puppet/functions/upcase.rb +2 -2
- data/lib/puppet/http/resolver/server_list.rb +15 -4
- data/lib/puppet/http/service/compiler.rb +69 -0
- data/lib/puppet/http/service/file_server.rb +2 -1
- data/lib/puppet/indirector/catalog/compiler.rb +1 -0
- data/lib/puppet/indirector/file_metadata/rest.rb +1 -0
- data/lib/puppet/parser/functions/fqdn_rand.rb +14 -6
- data/lib/puppet/pops/types/p_sem_ver_type.rb +8 -2
- data/lib/puppet/pops/types/p_sensitive_type.rb +10 -0
- data/lib/puppet/provider/package/nim.rb +11 -6
- data/lib/puppet/provider/service/systemd.rb +13 -3
- data/lib/puppet/provider/service/windows.rb +38 -0
- data/lib/puppet/provider/user/directoryservice.rb +25 -12
- data/lib/puppet/reference/configuration.rb +1 -1
- data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
- data/lib/puppet/type/file/selcontext.rb +1 -1
- data/lib/puppet/type/file.rb +19 -1
- data/lib/puppet/type/service.rb +18 -38
- data/lib/puppet/type/tidy.rb +21 -2
- data/lib/puppet/type/user.rb +38 -20
- data/lib/puppet/util/selinux.rb +30 -4
- data/lib/puppet/version.rb +1 -1
- data/locales/puppet.pot +109 -101
- data/man/man5/puppet.conf.5 +272 -252
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet-status.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/ssl/127.0.0.1-key.pem +107 -57
- data/spec/fixtures/ssl/127.0.0.1.pem +52 -31
- data/spec/fixtures/ssl/bad-basic-constraints.pem +57 -35
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +57 -35
- data/spec/fixtures/ssl/ca.pem +57 -35
- data/spec/fixtures/ssl/crl.pem +28 -18
- data/spec/fixtures/ssl/ec-key.pem +11 -11
- data/spec/fixtures/ssl/ec.pem +33 -24
- data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
- data/spec/fixtures/ssl/encrypted-key.pem +108 -58
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +28 -19
- data/spec/fixtures/ssl/intermediate-agent.pem +57 -36
- data/spec/fixtures/ssl/intermediate-crl.pem +31 -21
- data/spec/fixtures/ssl/intermediate.pem +57 -36
- data/spec/fixtures/ssl/pluto-key.pem +107 -57
- data/spec/fixtures/ssl/pluto.pem +52 -30
- data/spec/fixtures/ssl/request-key.pem +107 -57
- data/spec/fixtures/ssl/request.pem +47 -26
- data/spec/fixtures/ssl/revoked-key.pem +107 -57
- data/spec/fixtures/ssl/revoked.pem +52 -30
- data/spec/fixtures/ssl/signed-key.pem +107 -57
- data/spec/fixtures/ssl/signed.pem +52 -30
- data/spec/fixtures/ssl/tampered-cert.pem +52 -30
- data/spec/fixtures/ssl/tampered-csr.pem +47 -26
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +107 -57
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +50 -29
- data/spec/fixtures/ssl/unknown-ca-key.pem +107 -57
- data/spec/fixtures/ssl/unknown-ca.pem +55 -33
- data/spec/integration/application/resource_spec.rb +30 -0
- data/spec/lib/puppet/test_ca.rb +2 -2
- data/spec/unit/application/agent_spec.rb +7 -2
- data/spec/unit/configurer/downloader_spec.rb +6 -0
- data/spec/unit/configurer_spec.rb +23 -0
- data/spec/unit/file_serving/fileset_spec.rb +60 -0
- data/spec/unit/gettext/config_spec.rb +12 -0
- data/spec/unit/http/service/compiler_spec.rb +123 -0
- data/spec/unit/indirector/catalog/compiler_spec.rb +14 -10
- data/spec/unit/parser/functions/fqdn_rand_spec.rb +15 -1
- data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
- data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
- data/spec/unit/provider/package/nim_spec.rb +42 -0
- data/spec/unit/provider/service/init_spec.rb +1 -0
- data/spec/unit/provider/service/openwrt_spec.rb +3 -1
- data/spec/unit/provider/service/systemd_spec.rb +42 -8
- data/spec/unit/provider/service/windows_spec.rb +202 -0
- data/spec/unit/provider/user/directoryservice_spec.rb +67 -35
- data/spec/unit/ssl/state_machine_spec.rb +19 -5
- data/spec/unit/transaction/additional_resource_generator_spec.rb +0 -2
- data/spec/unit/transaction_spec.rb +18 -20
- data/spec/unit/type/file/selinux_spec.rb +3 -3
- data/spec/unit/type/service_spec.rb +59 -188
- data/spec/unit/type/tidy_spec.rb +17 -7
- data/spec/unit/type/user_spec.rb +45 -0
- data/spec/unit/util/selinux_spec.rb +87 -16
- data/tasks/generate_cert_fixtures.rake +2 -2
- metadata +4 -2
@@ -1,67 +1,117 @@
|
|
1
|
-
RSA Private-Key: (
|
1
|
+
RSA Private-Key: (2048 bit, 2 primes)
|
2
2
|
modulus:
|
3
|
-
00:
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
3
|
+
00:ea:16:4c:26:71:56:ac:35:bb:2b:f6:1b:18:58:
|
4
|
+
16:0f:1c:39:3f:4d:02:e4:b2:a7:8b:bd:fe:99:57:
|
5
|
+
f2:a5:a8:15:01:79:0d:1d:f6:d9:12:db:d5:26:a2:
|
6
|
+
f6:58:af:4b:2c:aa:46:7a:53:63:9f:1f:1a:9e:1c:
|
7
|
+
fc:9a:8e:20:c8:c8:c8:db:4d:50:8d:4e:19:83:a1:
|
8
|
+
9d:54:49:26:7b:3a:e0:77:1d:7d:88:01:80:46:32:
|
9
|
+
70:47:16:08:71:de:12:94:67:fd:71:1f:41:56:93:
|
10
|
+
15:91:68:bd:05:3b:67:96:1f:7a:4d:d5:1e:b6:ac:
|
11
|
+
41:1f:f0:ce:d3:2d:96:d9:7c:ad:cd:be:b3:32:66:
|
12
|
+
18:03:2c:83:98:f1:e8:96:6f:85:0f:e1:1f:93:d0:
|
13
|
+
f9:09:43:8c:b1:ea:43:26:32:a5:c6:d2:32:75:2d:
|
14
|
+
ed:72:9d:bf:3a:bb:f3:4e:d0:0c:ac:ba:6b:fd:7f:
|
15
|
+
66:d8:12:40:4e:49:e7:d4:ec:70:03:71:37:cb:5e:
|
16
|
+
cc:d3:4f:f3:d2:cc:e2:39:eb:79:6c:71:e5:d1:0e:
|
17
|
+
45:4c:7a:3d:6f:39:e8:16:e7:de:60:eb:01:e7:80:
|
18
|
+
4e:42:1d:1c:33:0a:eb:f9:10:2c:5c:ed:0c:58:0b:
|
19
|
+
8c:fd:6d:f4:19:49:8a:a2:81:ab:04:b0:cb:7a:61:
|
20
|
+
1f:d3
|
12
21
|
publicExponent: 65537 (0x10001)
|
13
22
|
privateExponent:
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
+
00:b5:87:11:0a:86:bd:d5:d1:dd:12:1c:49:aa:b9:
|
24
|
+
34:72:07:4b:05:a1:ac:ea:b8:f8:60:cf:b7:8e:26:
|
25
|
+
bb:8e:67:27:d2:fa:92:87:78:13:a2:22:43:cb:30:
|
26
|
+
78:a5:11:5a:d4:8a:3f:19:41:6d:71:c9:e7:14:52:
|
27
|
+
1a:39:a8:9a:17:da:4c:98:73:fe:51:76:0d:27:1c:
|
28
|
+
bf:2a:cb:87:41:ec:c8:80:d6:a7:b0:3e:a9:c0:c6:
|
29
|
+
00:77:bf:c8:50:b5:0b:e7:76:34:fd:f2:64:f2:c4:
|
30
|
+
20:e7:a0:37:64:c5:4a:71:0a:7c:07:bb:8b:93:d1:
|
31
|
+
44:b7:86:40:7d:57:4f:31:db:98:22:21:d5:f3:b0:
|
32
|
+
57:4e:f6:c9:a4:08:43:3d:d8:ce:59:aa:a7:1f:da:
|
33
|
+
93:40:11:cf:8c:14:9d:f3:10:9f:cf:0a:d0:cf:2b:
|
34
|
+
b6:ea:e5:3c:92:9f:c2:6f:24:86:71:15:61:49:7b:
|
35
|
+
77:48:c1:d2:13:67:1a:f7:c0:89:3d:3d:87:cf:6e:
|
36
|
+
5c:e4:46:28:fe:33:89:3c:09:fc:50:3c:b7:a9:25:
|
37
|
+
3c:f2:a5:a0:e1:e0:9c:d1:4a:3e:11:5b:10:1a:33:
|
38
|
+
29:c7:ca:0b:ac:bf:c2:be:90:27:1f:ef:d7:d2:ca:
|
39
|
+
5f:37:b3:b3:b9:3a:35:87:be:ca:c3:f7:59:03:f7:
|
40
|
+
7e:f1
|
23
41
|
prime1:
|
24
|
-
00:
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
42
|
+
00:f7:83:23:4b:6f:82:af:b6:7a:0f:1f:1a:05:21:
|
43
|
+
d1:a1:84:d1:07:24:db:dd:64:9f:16:84:eb:c4:bf:
|
44
|
+
ec:cf:2f:69:92:21:b8:88:05:24:8c:bc:c1:db:d0:
|
45
|
+
38:53:bf:43:dc:5b:5e:42:7b:ad:de:d6:3a:04:9e:
|
46
|
+
a5:a7:f0:0b:2e:4e:2a:20:6f:95:7d:f0:be:ff:12:
|
47
|
+
c6:f4:d2:ca:39:e1:a5:c9:34:58:3b:3d:40:c1:88:
|
48
|
+
63:c3:cc:87:02:25:70:88:58:df:ec:b6:d6:0c:9e:
|
49
|
+
15:2d:57:e1:34:e9:2e:ac:51:cf:c4:83:dd:b6:11:
|
50
|
+
44:23:b8:95:50:6c:40:ae:ed
|
29
51
|
prime2:
|
30
|
-
00:
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
52
|
+
00:f2:1d:4d:7f:ee:9e:a5:0f:c9:73:a5:4d:fe:7c:
|
53
|
+
0a:94:8e:c6:77:c8:ec:53:e0:03:f5:65:42:39:40:
|
54
|
+
26:02:46:8f:05:3d:b9:ba:f2:29:8a:b4:3c:60:37:
|
55
|
+
85:ee:e0:ba:e2:35:69:be:84:95:53:f3:fd:b8:b9:
|
56
|
+
5b:51:76:10:2a:f8:b2:54:58:ab:e5:89:18:46:df:
|
57
|
+
08:c0:4f:57:56:cc:1c:f2:53:e6:b6:91:c0:bd:9c:
|
58
|
+
c6:a8:8c:bf:a0:d4:b6:86:37:50:f9:69:78:95:bd:
|
59
|
+
83:6f:5e:64:1a:b7:75:31:2c:a2:c5:c9:b7:b7:80:
|
60
|
+
c4:61:ac:fd:f7:c7:88:71:bf
|
35
61
|
exponent1:
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
62
|
+
3c:63:9c:9a:ed:2c:1f:9f:10:0c:dc:73:c6:c8:c7:
|
63
|
+
92:f7:0a:e1:09:57:33:9f:37:49:91:48:cd:0a:5e:
|
64
|
+
c6:f6:34:75:d9:10:62:ef:8e:49:60:4c:94:4b:2b:
|
65
|
+
53:13:99:85:0c:2d:e5:5e:b3:bf:68:d9:63:03:2a:
|
66
|
+
3b:dd:4f:7d:0e:c9:2c:7c:cd:26:9b:34:9e:9b:80:
|
67
|
+
3b:7f:aa:a3:90:b0:98:74:d3:0a:31:19:b9:9e:83:
|
68
|
+
68:e4:60:14:5f:fa:22:ea:3c:48:4f:1b:ce:9c:4b:
|
69
|
+
62:72:cc:99:d2:42:f6:fc:47:0b:15:79:64:d0:b5:
|
70
|
+
a5:59:85:e4:c7:64:c8:c9
|
41
71
|
exponent2:
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
72
|
+
00:d5:ba:32:58:d5:cf:6c:0c:94:9c:26:f7:c3:c7:
|
73
|
+
c2:1b:44:32:45:39:b4:0d:92:ba:4b:dd:38:69:8b:
|
74
|
+
8c:42:04:01:6a:f2:03:4b:d9:4b:fc:aa:80:85:bb:
|
75
|
+
5d:da:f2:bd:66:c5:19:f4:d9:db:6c:81:fd:9f:1c:
|
76
|
+
d9:54:fe:f0:e4:ce:27:b6:37:94:7f:0a:d7:c8:70:
|
77
|
+
48:ac:63:1d:c9:7c:63:ad:33:8d:7d:eb:0a:87:17:
|
78
|
+
a7:72:d0:d4:b4:e8:31:bc:27:86:ae:b5:81:82:46:
|
79
|
+
0a:89:bc:7c:87:ed:1d:61:ec:72:40:41:82:91:55:
|
80
|
+
f5:85:f8:0d:35:b7:09:66:c7
|
47
81
|
coefficient:
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
82
|
+
3d:9b:b0:01:4b:43:c3:bf:50:86:d8:c8:52:d4:4d:
|
83
|
+
7a:05:40:2d:20:50:d4:4a:a9:33:a3:b8:d1:fc:6b:
|
84
|
+
eb:be:c9:df:44:f7:70:51:05:d8:58:d2:a0:d8:e0:
|
85
|
+
36:fc:56:43:25:0f:2a:b6:41:a2:25:99:01:8b:d5:
|
86
|
+
93:f4:d6:04:ae:4f:40:44:f6:f2:85:a8:9f:35:99:
|
87
|
+
63:9d:ef:f9:f5:3e:5d:07:3c:96:23:a6:26:8c:28:
|
88
|
+
d1:60:cd:13:18:3b:41:e9:30:31:83:50:73:91:ba:
|
89
|
+
5a:a3:69:d1:6e:a8:40:f2:72:df:e8:88:73:9c:a7:
|
90
|
+
ce:e7:9f:11:97:e5:04:6d
|
53
91
|
-----BEGIN RSA PRIVATE KEY-----
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
92
|
+
MIIEpAIBAAKCAQEA6hZMJnFWrDW7K/YbGFgWDxw5P00C5LKni73+mVfypagVAXkN
|
93
|
+
HfbZEtvVJqL2WK9LLKpGelNjnx8anhz8mo4gyMjI201QjU4Zg6GdVEkmezrgdx19
|
94
|
+
iAGARjJwRxYIcd4SlGf9cR9BVpMVkWi9BTtnlh96TdUetqxBH/DO0y2W2Xytzb6z
|
95
|
+
MmYYAyyDmPHolm+FD+Efk9D5CUOMsepDJjKlxtIydS3tcp2/OrvzTtAMrLpr/X9m
|
96
|
+
2BJATknn1OxwA3E3y17M00/z0sziOet5bHHl0Q5FTHo9bznoFufeYOsB54BOQh0c
|
97
|
+
Mwrr+RAsXO0MWAuM/W30GUmKooGrBLDLemEf0wIDAQABAoIBAQC1hxEKhr3V0d0S
|
98
|
+
HEmquTRyB0sFoazquPhgz7eOJruOZyfS+pKHeBOiIkPLMHilEVrUij8ZQW1xyecU
|
99
|
+
Uho5qJoX2kyYc/5Rdg0nHL8qy4dB7MiA1qewPqnAxgB3v8hQtQvndjT98mTyxCDn
|
100
|
+
oDdkxUpxCnwHu4uT0US3hkB9V08x25giIdXzsFdO9smkCEM92M5Zqqcf2pNAEc+M
|
101
|
+
FJ3zEJ/PCtDPK7bq5TySn8JvJIZxFWFJe3dIwdITZxr3wIk9PYfPblzkRij+M4k8
|
102
|
+
CfxQPLepJTzypaDh4JzRSj4RWxAaMynHygusv8K+kCcf79fSyl83s7O5OjWHvsrD
|
103
|
+
91kD937xAoGBAPeDI0tvgq+2eg8fGgUh0aGE0Qck291knxaE68S/7M8vaZIhuIgF
|
104
|
+
JIy8wdvQOFO/Q9xbXkJ7rd7WOgSepafwCy5OKiBvlX3wvv8SxvTSyjnhpck0WDs9
|
105
|
+
QMGIY8PMhwIlcIhY3+y21gyeFS1X4TTpLqxRz8SD3bYRRCO4lVBsQK7tAoGBAPId
|
106
|
+
TX/unqUPyXOlTf58CpSOxnfI7FPgA/VlQjlAJgJGjwU9ubryKYq0PGA3he7guuI1
|
107
|
+
ab6ElVPz/bi5W1F2ECr4slRYq+WJGEbfCMBPV1bMHPJT5raRwL2cxqiMv6DUtoY3
|
108
|
+
UPlpeJW9g29eZBq3dTEsosXJt7eAxGGs/ffHiHG/AoGAPGOcmu0sH58QDNxzxsjH
|
109
|
+
kvcK4QlXM583SZFIzQpexvY0ddkQYu+OSWBMlEsrUxOZhQwt5V6zv2jZYwMqO91P
|
110
|
+
fQ7JLHzNJps0npuAO3+qo5CwmHTTCjEZuZ6DaORgFF/6Iuo8SE8bzpxLYnLMmdJC
|
111
|
+
9vxHCxV5ZNC1pVmF5MdkyMkCgYEA1boyWNXPbAyUnCb3w8fCG0QyRTm0DZK6S904
|
112
|
+
aYuMQgQBavIDS9lL/KqAhbtd2vK9ZsUZ9NnbbIH9nxzZVP7w5M4ntjeUfwrXyHBI
|
113
|
+
rGMdyXxjrTONfesKhxenctDUtOgxvCeGrrWBgkYKibx8h+0dYexyQEGCkVX1hfgN
|
114
|
+
NbcJZscCgYA9m7ABS0PDv1CG2MhS1E16BUAtIFDUSqkzo7jR/GvrvsnfRPdwUQXY
|
115
|
+
WNKg2OA2/FZDJQ8qtkGiJZkBi9WT9NYErk9ARPbyhaifNZljne/59T5dBzyWI6Ym
|
116
|
+
jCjRYM0TGDtB6TAxg1Bzkbpao2nRbqhA8nLf6IhznKfO558Rl+UEbQ==
|
67
117
|
-----END RSA PRIVATE KEY-----
|
@@ -6,21 +6,30 @@ Certificate:
|
|
6
6
|
Issuer: CN=Unknown CA
|
7
7
|
Validity
|
8
8
|
Not Before: Jan 1 00:00:00 1970 GMT
|
9
|
-
Not After :
|
9
|
+
Not After : Apr 18 18:46:23 2031 GMT
|
10
10
|
Subject: CN=Unknown CA
|
11
11
|
Subject Public Key Info:
|
12
12
|
Public Key Algorithm: rsaEncryption
|
13
|
-
RSA Public-Key: (
|
13
|
+
RSA Public-Key: (2048 bit)
|
14
14
|
Modulus:
|
15
|
-
00:
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
15
|
+
00:ea:16:4c:26:71:56:ac:35:bb:2b:f6:1b:18:58:
|
16
|
+
16:0f:1c:39:3f:4d:02:e4:b2:a7:8b:bd:fe:99:57:
|
17
|
+
f2:a5:a8:15:01:79:0d:1d:f6:d9:12:db:d5:26:a2:
|
18
|
+
f6:58:af:4b:2c:aa:46:7a:53:63:9f:1f:1a:9e:1c:
|
19
|
+
fc:9a:8e:20:c8:c8:c8:db:4d:50:8d:4e:19:83:a1:
|
20
|
+
9d:54:49:26:7b:3a:e0:77:1d:7d:88:01:80:46:32:
|
21
|
+
70:47:16:08:71:de:12:94:67:fd:71:1f:41:56:93:
|
22
|
+
15:91:68:bd:05:3b:67:96:1f:7a:4d:d5:1e:b6:ac:
|
23
|
+
41:1f:f0:ce:d3:2d:96:d9:7c:ad:cd:be:b3:32:66:
|
24
|
+
18:03:2c:83:98:f1:e8:96:6f:85:0f:e1:1f:93:d0:
|
25
|
+
f9:09:43:8c:b1:ea:43:26:32:a5:c6:d2:32:75:2d:
|
26
|
+
ed:72:9d:bf:3a:bb:f3:4e:d0:0c:ac:ba:6b:fd:7f:
|
27
|
+
66:d8:12:40:4e:49:e7:d4:ec:70:03:71:37:cb:5e:
|
28
|
+
cc:d3:4f:f3:d2:cc:e2:39:eb:79:6c:71:e5:d1:0e:
|
29
|
+
45:4c:7a:3d:6f:39:e8:16:e7:de:60:eb:01:e7:80:
|
30
|
+
4e:42:1d:1c:33:0a:eb:f9:10:2c:5c:ed:0c:58:0b:
|
31
|
+
8c:fd:6d:f4:19:49:8a:a2:81:ab:04:b0:cb:7a:61:
|
32
|
+
1f:d3
|
24
33
|
Exponent: 65537 (0x10001)
|
25
34
|
X509v3 extensions:
|
26
35
|
X509v3 Basic Constraints: critical
|
@@ -28,32 +37,45 @@ Certificate:
|
|
28
37
|
X509v3 Key Usage: critical
|
29
38
|
Certificate Sign, CRL Sign
|
30
39
|
X509v3 Subject Key Identifier:
|
31
|
-
|
40
|
+
16:C5:98:B8:84:0B:0A:43:CB:5A:D2:E0:55:C0:64:AB:89:F8:50:FD
|
32
41
|
Netscape Comment:
|
33
42
|
Puppet Server Internal Certificate
|
34
43
|
X509v3 Authority Key Identifier:
|
35
|
-
keyid:
|
44
|
+
keyid:16:C5:98:B8:84:0B:0A:43:CB:5A:D2:E0:55:C0:64:AB:89:F8:50:FD
|
36
45
|
|
37
46
|
Signature Algorithm: sha256WithRSAEncryption
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
47
|
+
7d:0b:a0:2e:d4:fb:6b:29:04:d6:86:4e:89:94:4c:b5:d4:f7:
|
48
|
+
79:5a:38:95:51:9a:80:03:82:93:c8:a7:4e:93:4a:4b:41:1a:
|
49
|
+
85:f3:46:57:e1:70:50:ad:bb:4e:b9:d6:0c:00:e5:9e:4c:f7:
|
50
|
+
26:3b:88:61:27:ad:fa:39:a7:36:e1:62:87:7a:dc:7d:f9:f6:
|
51
|
+
c1:ee:bc:db:f7:65:a1:b0:2a:06:ae:4b:cb:99:82:f5:8e:38:
|
52
|
+
51:ac:c9:92:33:b9:7b:50:8b:c6:72:36:d3:f2:73:7d:58:13:
|
53
|
+
00:21:4d:c6:70:9d:eb:70:58:bf:dc:34:94:7e:bc:ef:17:2d:
|
54
|
+
9d:00:bd:55:f9:48:11:c0:8f:88:ea:a8:7c:5d:fb:88:fd:8c:
|
55
|
+
b4:00:1d:61:a7:4b:2a:90:ef:96:c1:28:2a:a0:95:ad:bb:b3:
|
56
|
+
af:3a:d5:93:1c:54:d7:c5:5b:26:a3:24:87:df:bd:68:74:fa:
|
57
|
+
e6:07:4e:13:b9:5f:54:19:ae:da:00:8c:ca:d6:ff:b7:94:6b:
|
58
|
+
4f:ff:71:ca:2b:7d:ee:7e:32:ff:03:3e:60:a4:30:d4:7d:9c:
|
59
|
+
ab:97:0e:f7:80:ee:69:c0:28:a8:ec:6b:89:05:38:64:34:e8:
|
60
|
+
b2:e9:f3:a1:85:e7:3d:e1:64:3c:86:e4:fd:44:4f:3b:2a:f8:
|
61
|
+
d2:b4:93:22
|
46
62
|
-----BEGIN CERTIFICATE-----
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
63
|
+
MIIDPTCCAiWgAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApVbmtu
|
64
|
+
b3duIENBMB4XDTcwMDEwMTAwMDAwMFoXDTMxMDQxODE4NDYyM1owFTETMBEGA1UE
|
65
|
+
AwwKVW5rbm93biBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOoW
|
66
|
+
TCZxVqw1uyv2GxhYFg8cOT9NAuSyp4u9/plX8qWoFQF5DR322RLb1Sai9livSyyq
|
67
|
+
RnpTY58fGp4c/JqOIMjIyNtNUI1OGYOhnVRJJns64HcdfYgBgEYycEcWCHHeEpRn
|
68
|
+
/XEfQVaTFZFovQU7Z5Yfek3VHrasQR/wztMtltl8rc2+szJmGAMsg5jx6JZvhQ/h
|
69
|
+
H5PQ+QlDjLHqQyYypcbSMnUt7XKdvzq7807QDKy6a/1/ZtgSQE5J59TscANxN8te
|
70
|
+
zNNP89LM4jnreWxx5dEORUx6PW856Bbn3mDrAeeATkIdHDMK6/kQLFztDFgLjP1t
|
71
|
+
9BlJiqKBqwSwy3phH9MCAwEAAaOBlzCBlDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
|
72
|
+
DwEB/wQEAwIBBjAdBgNVHQ4EFgQUFsWYuIQLCkPLWtLgVcBkq4n4UP0wMQYJYIZI
|
73
|
+
AYb4QgENBCQWIlB1cHBldCBTZXJ2ZXIgSW50ZXJuYWwgQ2VydGlmaWNhdGUwHwYD
|
74
|
+
VR0jBBgwFoAUFsWYuIQLCkPLWtLgVcBkq4n4UP0wDQYJKoZIhvcNAQELBQADggEB
|
75
|
+
AH0LoC7U+2spBNaGTomUTLXU93laOJVRmoADgpPIp06TSktBGoXzRlfhcFCtu065
|
76
|
+
1gwA5Z5M9yY7iGEnrfo5pzbhYod63H359sHuvNv3ZaGwKgauS8uZgvWOOFGsyZIz
|
77
|
+
uXtQi8ZyNtPyc31YEwAhTcZwnetwWL/cNJR+vO8XLZ0AvVX5SBHAj4jqqHxd+4j9
|
78
|
+
jLQAHWGnSyqQ75bBKCqgla27s6861ZMcVNfFWyajJIffvWh0+uYHThO5X1QZrtoA
|
79
|
+
jMrW/7eUa0//ccorfe5+Mv8DPmCkMNR9nKuXDveA7mnAKKjsa4kFOGQ06LLp86GF
|
80
|
+
5z3hZDyG5P1ETzsq+NK0kyI=
|
59
81
|
-----END CERTIFICATE-----
|
@@ -0,0 +1,30 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'puppet_spec/files'
|
3
|
+
|
4
|
+
describe "puppet resource", unless: Puppet::Util::Platform.jruby? do
|
5
|
+
include PuppetSpec::Files
|
6
|
+
|
7
|
+
let(:resource) { Puppet::Application[:resource] }
|
8
|
+
|
9
|
+
describe "when handling file and tidy types" do
|
10
|
+
let!(:dir) { dir_containing('testdir', 'testfile' => 'contents') }
|
11
|
+
|
12
|
+
it 'does not raise when generating file resources' do
|
13
|
+
resource.command_line.args = ['file', dir, 'ensure=directory', 'recurse=true']
|
14
|
+
|
15
|
+
expect {
|
16
|
+
resource.run
|
17
|
+
}.to output(/ensure.+=> 'directory'/).to_stdout
|
18
|
+
end
|
19
|
+
|
20
|
+
it 'correctly cleans up a given path' do
|
21
|
+
resource.command_line.args = ['tidy', dir, 'rmdirs=true', 'recurse=true']
|
22
|
+
|
23
|
+
expect {
|
24
|
+
resource.run
|
25
|
+
}.to output(/Notice: \/File\[#{dir}\]\/ensure: removed/).to_stdout
|
26
|
+
|
27
|
+
expect(Puppet::FileSystem.exist?(dir)).to be false
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
data/spec/lib/puppet/test_ca.rb
CHANGED
@@ -30,7 +30,7 @@ module Puppet
|
|
30
30
|
end
|
31
31
|
|
32
32
|
def create_request(name)
|
33
|
-
key = OpenSSL::PKey::RSA.new(
|
33
|
+
key = OpenSSL::PKey::RSA.new(2048)
|
34
34
|
csr = OpenSSL::X509::Request.new
|
35
35
|
csr.public_key = key.public_key
|
36
36
|
csr.subject = OpenSSL::X509::Name.new([["CN", name]])
|
@@ -127,7 +127,7 @@ module Puppet
|
|
127
127
|
key = if opts[:key_type] == :ec
|
128
128
|
key = OpenSSL::PKey::EC.generate('prime256v1')
|
129
129
|
else
|
130
|
-
key = OpenSSL::PKey::RSA.new(
|
130
|
+
key = OpenSSL::PKey::RSA.new(2048)
|
131
131
|
end
|
132
132
|
cert = OpenSSL::X509::Certificate.new
|
133
133
|
cert.public_key = if key.is_a?(OpenSSL::PKey::EC)
|
@@ -546,11 +546,16 @@ describe Puppet::Application::Agent do
|
|
546
546
|
@puppetd.options[:digest] = :MD5
|
547
547
|
end
|
548
548
|
|
549
|
+
def expected_fingerprint(name, x509)
|
550
|
+
digest = OpenSSL::Digest.new(name).hexdigest(x509.to_der)
|
551
|
+
digest.scan(/../).join(':').upcase
|
552
|
+
end
|
553
|
+
|
549
554
|
it "should fingerprint the certificate if it exists" do
|
550
555
|
cert = cert_fixture('signed.pem')
|
551
556
|
allow_any_instance_of(Puppet::X509::CertProvider).to receive(:load_client_cert).and_return(cert)
|
552
557
|
|
553
|
-
expect(@puppetd).to receive(:puts).with(
|
558
|
+
expect(@puppetd).to receive(:puts).with("(MD5) #{expected_fingerprint('md5', cert)}")
|
554
559
|
|
555
560
|
@puppetd.fingerprint
|
556
561
|
end
|
@@ -560,7 +565,7 @@ describe Puppet::Application::Agent do
|
|
560
565
|
allow_any_instance_of(Puppet::X509::CertProvider).to receive(:load_client_cert).and_return(nil)
|
561
566
|
allow_any_instance_of(Puppet::X509::CertProvider).to receive(:load_request).and_return(request)
|
562
567
|
|
563
|
-
expect(@puppetd).to receive(:puts).with(
|
568
|
+
expect(@puppetd).to receive(:puts).with("(MD5) #{expected_fingerprint('md5', request)}")
|
564
569
|
|
565
570
|
@puppetd.fingerprint
|
566
571
|
end
|
@@ -81,6 +81,12 @@ describe Puppet::Configurer::Downloader do
|
|
81
81
|
expect(file[:source_permissions]).to eq(:ignore)
|
82
82
|
end
|
83
83
|
|
84
|
+
it "should ignore the max file limit" do
|
85
|
+
file = generate_file_resource
|
86
|
+
|
87
|
+
expect(file[:max_files]).to eq(-1)
|
88
|
+
end
|
89
|
+
|
84
90
|
describe "on POSIX", :if => Puppet.features.posix? do
|
85
91
|
it "should allow source_permissions to be overridden" do
|
86
92
|
file = generate_file_resource(:source_permissions => :use)
|
@@ -1072,6 +1072,29 @@ describe Puppet::Configurer do
|
|
1072
1072
|
}.to raise_error(Puppet::Error, /Could not select a functional puppet server from server_list: 'myserver:123,someotherservername'/)
|
1073
1073
|
end
|
1074
1074
|
|
1075
|
+
it "should warn when servers in 'server_list' are unreachable" do
|
1076
|
+
Puppet.settings[:server_list] = "mybadserver1:123,mybadserver2:123,mygoodserver"
|
1077
|
+
Puppet[:usecacheonfailure] = false
|
1078
|
+
|
1079
|
+
stub_request(:get, 'https://mybadserver1:123/status/v1/simple/master').and_raise(Puppet::HTTP::HTTPError)
|
1080
|
+
stub_request(:get, 'https://mybadserver2:123/status/v1/simple/master').and_raise(Puppet::HTTP::HTTPError)
|
1081
|
+
stub_request(:get, 'https://mygoodserver:8140/status/v1/simple/master').to_return(status: 200)
|
1082
|
+
|
1083
|
+
expect(Puppet).to receive(:warning).with(/^Unable to connect to server from server_list setting:.*Trying with next server from server_list.$/).twice
|
1084
|
+
configurer.run
|
1085
|
+
end
|
1086
|
+
|
1087
|
+
it "should warn when servers in 'server_list' respond with error" do
|
1088
|
+
Puppet.settings[:server_list] = "mybadserver:123,someotherservername"
|
1089
|
+
Puppet[:usecacheonfailure] = false
|
1090
|
+
|
1091
|
+
stub_request(:get, 'https://mybadserver:123/status/v1/simple/master').to_return(status: 400)
|
1092
|
+
stub_request(:get, 'https://someotherservername:8140/status/v1/simple/master').to_return(status: 200)
|
1093
|
+
|
1094
|
+
expect(Puppet).to receive(:warning).with(/^Puppet server mybadserver:123 is unavailable: 400 Trying with next server from server_list.$/)
|
1095
|
+
configurer.run
|
1096
|
+
end
|
1097
|
+
|
1075
1098
|
it "should not error when usecacheonfailure is true and no servers in 'server_list' are reachable" do
|
1076
1099
|
Puppet.settings[:server_list] = "myserver:123,someotherservername"
|
1077
1100
|
Puppet[:usecacheonfailure] = true
|
@@ -46,6 +46,13 @@ describe Puppet::FileServing::Fileset do
|
|
46
46
|
expect(set.recurselimit).to eq(3)
|
47
47
|
end
|
48
48
|
|
49
|
+
it "accepts a 'max_files' option" do
|
50
|
+
expect(Puppet::FileSystem).to receive(:lstat).with(somefile).and_return(double('stat'))
|
51
|
+
set = Puppet::FileServing::Fileset.new(somefile, :recurselimit => 3, :max_files => 100)
|
52
|
+
expect(set.recurselimit).to eq(3)
|
53
|
+
expect(set.max_files).to eq(100)
|
54
|
+
end
|
55
|
+
|
49
56
|
it "accepts an 'ignore' option" do
|
50
57
|
expect(Puppet::FileSystem).to receive(:lstat).with(somefile).and_return(double('stat'))
|
51
58
|
set = Puppet::FileServing::Fileset.new(somefile, :ignore => ".svn")
|
@@ -160,6 +167,29 @@ describe Puppet::FileServing::Fileset do
|
|
160
167
|
end
|
161
168
|
end
|
162
169
|
|
170
|
+
def mock_big_dir_structure(path, stat_method = :lstat)
|
171
|
+
allow(Puppet::FileSystem).to receive(stat_method).with(path).and_return(@dirstat)
|
172
|
+
|
173
|
+
# Keep track of the files we're stubbing.
|
174
|
+
@files = %w{.}
|
175
|
+
|
176
|
+
top_names = (1..10).map {|i| "dir_#{i}" }
|
177
|
+
sub_names = (1..100).map {|i| "file__#{i}" }
|
178
|
+
|
179
|
+
allow(Dir).to receive(:entries).with(path, encoding: Encoding::UTF_8).and_return(top_names)
|
180
|
+
top_names.each do |subdir|
|
181
|
+
@files << subdir # relative path
|
182
|
+
subpath = File.join(path, subdir)
|
183
|
+
allow(Puppet::FileSystem).to receive(stat_method).with(subpath).and_return(@dirstat)
|
184
|
+
allow(Dir).to receive(:entries).with(subpath, encoding: Encoding::UTF_8).and_return(sub_names)
|
185
|
+
sub_names.each do |file|
|
186
|
+
@files << File.join(subdir, file) # relative path
|
187
|
+
subfile_path = File.join(subpath, file)
|
188
|
+
allow(Puppet::FileSystem).to receive(stat_method).with(subfile_path).and_return(@filestat)
|
189
|
+
end
|
190
|
+
end
|
191
|
+
end
|
192
|
+
|
163
193
|
def setup_mocks_for_dir(mock_dir, base_path)
|
164
194
|
path = File.join(base_path, mock_dir.name)
|
165
195
|
allow(Puppet::FileSystem).to receive(:lstat).with(path).and_return(MockStat.new(path, true))
|
@@ -258,6 +288,36 @@ describe Puppet::FileServing::Fileset do
|
|
258
288
|
expect(@fileset.files.find { |file| file.include?("0") }).to be_nil
|
259
289
|
end
|
260
290
|
|
291
|
+
it "raises exception if number of files is greater than :max_files" do
|
292
|
+
mock_dir_structure(@path)
|
293
|
+
@fileset.recurse = true
|
294
|
+
@fileset.max_files = 22
|
295
|
+
expect { @fileset.files }.to raise_error(Puppet::Error, "The directory '#{@path}' contains 28 entries, which exceeds the limit of 22 specified by the max_files parameter for this resource. The limit may be increased, but be aware that large number of file resources can result in excessive resource consumption and degraded performance. Consider using an alternate method to manage large directory trees")
|
296
|
+
end
|
297
|
+
|
298
|
+
it "logs a warning if number of files is greater than soft max_files limit of 1000" do
|
299
|
+
mock_big_dir_structure(@path)
|
300
|
+
@fileset.recurse = true
|
301
|
+
expect(Puppet).to receive(:warning).with("The directory '#{@path}' contains 1010 entries, which exceeds the default soft limit 1000 and may cause excessive resource consumption and degraded performance. To remove this warning set a value for `max_files` parameter or consider using an alternate method to manage large directory trees")
|
302
|
+
expect { @fileset.files }.to_not raise_error
|
303
|
+
end
|
304
|
+
|
305
|
+
it "does not emit a warning if max_files is -1" do
|
306
|
+
mock_big_dir_structure(@path)
|
307
|
+
@fileset.recurse = true
|
308
|
+
@fileset.max_files = -1
|
309
|
+
expect(Puppet).to receive(:warning).never
|
310
|
+
@fileset.files
|
311
|
+
end
|
312
|
+
|
313
|
+
it "does not emit a warning if max_files is `-1`(string)" do
|
314
|
+
mock_big_dir_structure(@path)
|
315
|
+
@fileset.recurse = true
|
316
|
+
@fileset.max_files = '-1'
|
317
|
+
expect(Puppet).to receive(:warning).never
|
318
|
+
@fileset.files
|
319
|
+
end
|
320
|
+
|
261
321
|
it "ignores files that match a pattern given as a boolean" do
|
262
322
|
mock_dir_structure(@path)
|
263
323
|
@fileset.recurse = true
|
@@ -27,6 +27,18 @@ describe Puppet::GettextConfig do
|
|
27
27
|
Puppet::GettextConfig.delete_all_text_domains
|
28
28
|
end
|
29
29
|
|
30
|
+
# These tests assume gettext is enabled, but it will be disabled when the
|
31
|
+
# first time the `Puppet[:disable_i18n]` setting is resolved
|
32
|
+
around(:each) do |example|
|
33
|
+
disabled = Puppet::GettextConfig.instance_variable_get(:@gettext_disabled)
|
34
|
+
Puppet::GettextConfig.instance_variable_set(:@gettext_disabled, false)
|
35
|
+
begin
|
36
|
+
example.run
|
37
|
+
ensure
|
38
|
+
Puppet::GettextConfig.instance_variable_set(:@gettext_disabled, disabled)
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
30
42
|
describe 'setting and getting the locale' do
|
31
43
|
it 'should return "en" when gettext is unavailable' do
|
32
44
|
allow(Puppet::GettextConfig).to receive(:gettext_loaded?).and_return(false)
|