puppet 6.22.1-universal-darwin → 6.23.0-universal-darwin
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile.lock +14 -14
- data/ext/osx/puppet.plist +2 -0
- data/lib/puppet/application/agent.rb +12 -5
- data/lib/puppet/application/apply.rb +2 -1
- data/lib/puppet/application/device.rb +2 -1
- data/lib/puppet/application/resource.rb +2 -1
- data/lib/puppet/application/script.rb +2 -1
- data/lib/puppet/configurer/downloader.rb +2 -1
- data/lib/puppet/defaults.rb +5 -3
- data/lib/puppet/file_serving/fileset.rb +14 -2
- data/lib/puppet/functions/all.rb +1 -1
- data/lib/puppet/functions/camelcase.rb +1 -1
- data/lib/puppet/functions/capitalize.rb +2 -2
- data/lib/puppet/functions/downcase.rb +2 -2
- data/lib/puppet/functions/get.rb +5 -5
- data/lib/puppet/functions/group_by.rb +13 -5
- data/lib/puppet/functions/lest.rb +1 -1
- data/lib/puppet/functions/new.rb +100 -100
- data/lib/puppet/functions/partition.rb +4 -4
- data/lib/puppet/functions/require.rb +5 -5
- data/lib/puppet/functions/sort.rb +3 -3
- data/lib/puppet/functions/tree_each.rb +7 -9
- data/lib/puppet/functions/type.rb +4 -4
- data/lib/puppet/functions/upcase.rb +2 -2
- data/lib/puppet/http/resolver/server_list.rb +15 -4
- data/lib/puppet/http/service/compiler.rb +69 -0
- data/lib/puppet/http/service/file_server.rb +2 -1
- data/lib/puppet/indirector/catalog/compiler.rb +1 -0
- data/lib/puppet/indirector/file_metadata/rest.rb +1 -0
- data/lib/puppet/parser/functions/fqdn_rand.rb +14 -6
- data/lib/puppet/pops/types/p_sem_ver_type.rb +8 -2
- data/lib/puppet/pops/types/p_sensitive_type.rb +10 -0
- data/lib/puppet/provider/package/nim.rb +11 -6
- data/lib/puppet/provider/service/systemd.rb +13 -3
- data/lib/puppet/provider/service/windows.rb +38 -0
- data/lib/puppet/provider/user/directoryservice.rb +25 -12
- data/lib/puppet/reference/configuration.rb +1 -1
- data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
- data/lib/puppet/type/file/selcontext.rb +1 -1
- data/lib/puppet/type/file.rb +19 -1
- data/lib/puppet/type/service.rb +18 -38
- data/lib/puppet/type/tidy.rb +21 -2
- data/lib/puppet/type/user.rb +38 -20
- data/lib/puppet/util/selinux.rb +30 -4
- data/lib/puppet/version.rb +1 -1
- data/locales/puppet.pot +109 -101
- data/man/man5/puppet.conf.5 +272 -252
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-key.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-man.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet-status.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/ssl/127.0.0.1-key.pem +107 -57
- data/spec/fixtures/ssl/127.0.0.1.pem +52 -31
- data/spec/fixtures/ssl/bad-basic-constraints.pem +57 -35
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +57 -35
- data/spec/fixtures/ssl/ca.pem +57 -35
- data/spec/fixtures/ssl/crl.pem +28 -18
- data/spec/fixtures/ssl/ec-key.pem +11 -11
- data/spec/fixtures/ssl/ec.pem +33 -24
- data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
- data/spec/fixtures/ssl/encrypted-key.pem +108 -58
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +28 -19
- data/spec/fixtures/ssl/intermediate-agent.pem +57 -36
- data/spec/fixtures/ssl/intermediate-crl.pem +31 -21
- data/spec/fixtures/ssl/intermediate.pem +57 -36
- data/spec/fixtures/ssl/pluto-key.pem +107 -57
- data/spec/fixtures/ssl/pluto.pem +52 -30
- data/spec/fixtures/ssl/request-key.pem +107 -57
- data/spec/fixtures/ssl/request.pem +47 -26
- data/spec/fixtures/ssl/revoked-key.pem +107 -57
- data/spec/fixtures/ssl/revoked.pem +52 -30
- data/spec/fixtures/ssl/signed-key.pem +107 -57
- data/spec/fixtures/ssl/signed.pem +52 -30
- data/spec/fixtures/ssl/tampered-cert.pem +52 -30
- data/spec/fixtures/ssl/tampered-csr.pem +47 -26
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +107 -57
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +50 -29
- data/spec/fixtures/ssl/unknown-ca-key.pem +107 -57
- data/spec/fixtures/ssl/unknown-ca.pem +55 -33
- data/spec/integration/application/resource_spec.rb +30 -0
- data/spec/lib/puppet/test_ca.rb +2 -2
- data/spec/unit/application/agent_spec.rb +7 -2
- data/spec/unit/configurer/downloader_spec.rb +6 -0
- data/spec/unit/configurer_spec.rb +23 -0
- data/spec/unit/file_serving/fileset_spec.rb +60 -0
- data/spec/unit/gettext/config_spec.rb +12 -0
- data/spec/unit/http/service/compiler_spec.rb +123 -0
- data/spec/unit/indirector/catalog/compiler_spec.rb +14 -10
- data/spec/unit/parser/functions/fqdn_rand_spec.rb +15 -1
- data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
- data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
- data/spec/unit/provider/package/nim_spec.rb +42 -0
- data/spec/unit/provider/service/init_spec.rb +1 -0
- data/spec/unit/provider/service/openwrt_spec.rb +3 -1
- data/spec/unit/provider/service/systemd_spec.rb +42 -8
- data/spec/unit/provider/service/windows_spec.rb +202 -0
- data/spec/unit/provider/user/directoryservice_spec.rb +67 -35
- data/spec/unit/ssl/state_machine_spec.rb +19 -5
- data/spec/unit/transaction/additional_resource_generator_spec.rb +0 -2
- data/spec/unit/transaction_spec.rb +18 -20
- data/spec/unit/type/file/selinux_spec.rb +3 -3
- data/spec/unit/type/service_spec.rb +59 -188
- data/spec/unit/type/tidy_spec.rb +17 -7
- data/spec/unit/type/user_spec.rb +45 -0
- data/spec/unit/util/selinux_spec.rb +87 -16
- data/tasks/generate_cert_fixtures.rake +2 -2
- metadata +4 -2
data/spec/unit/type/tidy_spec.rb
CHANGED
@@ -195,17 +195,27 @@ describe tidy do
|
|
195
195
|
allow(Puppet::FileServing::Fileset).to receive(:new).and_return(@fileset)
|
196
196
|
end
|
197
197
|
|
198
|
-
it "should use a Fileset for infinite recursion" do
|
199
|
-
expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true).and_return(@fileset)
|
198
|
+
it "should use a Fileset with default max_files for infinite recursion" do
|
199
|
+
expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :max_files=>0).and_return(@fileset)
|
200
200
|
expect(@fileset).to receive(:files).and_return(%w{. one two})
|
201
201
|
allow(@tidy).to receive(:tidy?).and_return(false)
|
202
202
|
|
203
203
|
@tidy.generate
|
204
204
|
end
|
205
205
|
|
206
|
-
it "should use a Fileset for limited recursion" do
|
206
|
+
it "should use a Fileset with default max_files for limited recursion" do
|
207
207
|
@tidy[:recurse] = 42
|
208
|
-
expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :recurselimit => 42).and_return(@fileset)
|
208
|
+
expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :recurselimit => 42, :max_files=>0).and_return(@fileset)
|
209
|
+
expect(@fileset).to receive(:files).and_return(%w{. one two})
|
210
|
+
allow(@tidy).to receive(:tidy?).and_return(false)
|
211
|
+
|
212
|
+
@tidy.generate
|
213
|
+
end
|
214
|
+
|
215
|
+
it "should use a Fileset with max_files for limited recursion" do
|
216
|
+
@tidy[:recurse] = 42
|
217
|
+
@tidy[:max_files] = 9876
|
218
|
+
expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :recurselimit => 42, :max_files=>9876).and_return(@fileset)
|
209
219
|
expect(@fileset).to receive(:files).and_return(%w{. one two})
|
210
220
|
allow(@tidy).to receive(:tidy?).and_return(false)
|
211
221
|
|
@@ -411,7 +421,7 @@ describe tidy do
|
|
411
421
|
@tidy[:recurse] = true
|
412
422
|
@tidy[:rmdirs] = true
|
413
423
|
fileset = double('fileset')
|
414
|
-
expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true).and_return(fileset)
|
424
|
+
expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :max_files=>0).and_return(fileset)
|
415
425
|
expect(fileset).to receive(:files).and_return(%w{. one two one/subone two/subtwo one/subone/ssone})
|
416
426
|
allow(@tidy).to receive(:tidy?).and_return(true)
|
417
427
|
|
@@ -433,7 +443,7 @@ describe tidy do
|
|
433
443
|
@tidy[:recurse] = true
|
434
444
|
@tidy[:rmdirs] = true
|
435
445
|
fileset = double('fileset')
|
436
|
-
expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true).and_return(fileset)
|
446
|
+
expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :max_files=>0).and_return(fileset)
|
437
447
|
expect(fileset).to receive(:files).and_return(%w{. a a/2 a/1 a/3})
|
438
448
|
allow(@tidy).to receive(:tidy?).and_return(true)
|
439
449
|
|
@@ -446,7 +456,7 @@ describe tidy do
|
|
446
456
|
@tidy[:noop] = true
|
447
457
|
|
448
458
|
fileset = double('fileset')
|
449
|
-
expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true).and_return(fileset)
|
459
|
+
expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :max_files=>0).and_return(fileset)
|
450
460
|
expect(fileset).to receive(:files).and_return(%w{. a a/2 a/1 a/3})
|
451
461
|
allow(@tidy).to receive(:tidy?).and_return(true)
|
452
462
|
|
data/spec/unit/type/user_spec.rb
CHANGED
@@ -174,6 +174,51 @@ describe Puppet::Type.type(:user) do
|
|
174
174
|
end
|
175
175
|
end
|
176
176
|
|
177
|
+
describe "when managing the purge_ssh_keys property" do
|
178
|
+
context "with valid input" do
|
179
|
+
it "should support a :true value" do
|
180
|
+
expect { described_class.new(:name => 'foo', :purge_ssh_keys => :true) }.to_not raise_error
|
181
|
+
end
|
182
|
+
|
183
|
+
it "should support a :false value" do
|
184
|
+
expect { described_class.new(:name => 'foo', :purge_ssh_keys => :false) }.to_not raise_error
|
185
|
+
end
|
186
|
+
|
187
|
+
it "should support a String value" do
|
188
|
+
expect { described_class.new(:name => 'foo', :purge_ssh_keys => File.expand_path('home/foo/.ssh/authorized_keys')) }.to_not raise_error
|
189
|
+
end
|
190
|
+
|
191
|
+
it "should support an Array value" do
|
192
|
+
expect { described_class.new(:name => 'foo', :purge_ssh_keys => [File.expand_path('home/foo/.ssh/authorized_keys'),
|
193
|
+
File.expand_path('custom/authorized_keys')]) }.to_not raise_error
|
194
|
+
end
|
195
|
+
end
|
196
|
+
|
197
|
+
context "with faulty input" do
|
198
|
+
it "should raise error for relative path" do
|
199
|
+
expect { described_class.new(:name => 'foo', :purge_ssh_keys => 'home/foo/.ssh/authorized_keys') }.to raise_error(Puppet::ResourceError,
|
200
|
+
/Paths to keyfiles must be absolute/ )
|
201
|
+
end
|
202
|
+
|
203
|
+
it "should raise error for invalid type" do
|
204
|
+
expect { described_class.new(:name => 'foo', :purge_ssh_keys => :invalid) }.to raise_error(Puppet::ResourceError,
|
205
|
+
/purge_ssh_keys must be true, false, or an array of file names/ )
|
206
|
+
end
|
207
|
+
|
208
|
+
it "should raise error for array with relative path" do
|
209
|
+
expect { described_class.new(:name => 'foo', :purge_ssh_keys => ['home/foo/.ssh/authorized_keys',
|
210
|
+
File.expand_path('custom/authorized_keys')]) }.to raise_error(Puppet::ResourceError,
|
211
|
+
/Paths to keyfiles must be absolute/ )
|
212
|
+
end
|
213
|
+
|
214
|
+
it "should raise error for array with invalid type" do
|
215
|
+
expect { described_class.new(:name => 'foo', :purge_ssh_keys => [:invalid,
|
216
|
+
File.expand_path('custom/authorized_keys')]) }.to raise_error(Puppet::ResourceError,
|
217
|
+
/Each entry for purge_ssh_keys must be a string/ )
|
218
|
+
end
|
219
|
+
end
|
220
|
+
end
|
221
|
+
|
177
222
|
describe "when managing the uid property" do
|
178
223
|
it "should convert number-looking strings into actual numbers" do
|
179
224
|
expect(described_class.new(:name => 'foo', :uid => '50')[:uid]).to eq(50)
|
@@ -3,26 +3,29 @@ require 'spec_helper'
|
|
3
3
|
require 'pathname'
|
4
4
|
require 'puppet/util/selinux'
|
5
5
|
|
6
|
-
unless defined?(Selinux)
|
7
|
-
module Selinux
|
8
|
-
def self.is_selinux_enabled
|
9
|
-
false
|
10
|
-
end
|
11
|
-
end
|
12
|
-
end
|
13
|
-
|
14
6
|
describe Puppet::Util::SELinux do
|
15
7
|
include Puppet::Util::SELinux
|
16
8
|
|
9
|
+
let(:selinux) { double('selinux', is_selinux_enabled: false) }
|
10
|
+
|
11
|
+
before :each do
|
12
|
+
stub_const('Selinux', selinux)
|
13
|
+
end
|
14
|
+
|
17
15
|
describe "selinux_support?" do
|
18
|
-
it "should return
|
16
|
+
it "should return true if this system has SELinux enabled" do
|
19
17
|
expect(Selinux).to receive(:is_selinux_enabled).and_return(1)
|
20
|
-
expect(selinux_support?).to
|
18
|
+
expect(selinux_support?).to eq(true)
|
21
19
|
end
|
22
20
|
|
23
|
-
it "should return
|
21
|
+
it "should return false if this system has SELinux disabled" do
|
24
22
|
expect(Selinux).to receive(:is_selinux_enabled).and_return(0)
|
25
|
-
expect(selinux_support?).to
|
23
|
+
expect(selinux_support?).to eq(false)
|
24
|
+
end
|
25
|
+
|
26
|
+
it "should return false if this system lacks SELinux" do
|
27
|
+
hide_const('Selinux')
|
28
|
+
expect(selinux_support?).to eq(false)
|
26
29
|
end
|
27
30
|
|
28
31
|
it "should return nil if /proc/mounts does not exist" do
|
@@ -156,7 +159,7 @@ describe Puppet::Util::SELinux do
|
|
156
159
|
end
|
157
160
|
end
|
158
161
|
|
159
|
-
it "handles no such file or directory errors by issuing a warning" do
|
162
|
+
it "backward compatibly handles no such file or directory errors by issuing a warning when resource_ensure not set" do
|
160
163
|
without_partial_double_verification do
|
161
164
|
allow(self).to receive(:selinux_support?).and_return(true)
|
162
165
|
allow(self).to receive(:selinux_label_support?).and_return(true)
|
@@ -167,6 +170,51 @@ describe Puppet::Util::SELinux do
|
|
167
170
|
end
|
168
171
|
end
|
169
172
|
|
173
|
+
it "should determine mode based on resource ensure when set to file" do
|
174
|
+
without_partial_double_verification do
|
175
|
+
allow(self).to receive(:selinux_support?).and_return(true)
|
176
|
+
allow(self).to receive(:selinux_label_support?).and_return(true)
|
177
|
+
allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 32768).and_return(-1)
|
178
|
+
allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::ENOENT, "/root/chuj")
|
179
|
+
|
180
|
+
expect(get_selinux_default_context("/root/chuj", :present)).to be_nil
|
181
|
+
expect(get_selinux_default_context("/root/chuj", :file)).to be_nil
|
182
|
+
end
|
183
|
+
end
|
184
|
+
|
185
|
+
it "should determine mode based on resource ensure when set to dir" do
|
186
|
+
without_partial_double_verification do
|
187
|
+
allow(self).to receive(:selinux_support?).and_return(true)
|
188
|
+
allow(self).to receive(:selinux_label_support?).and_return(true)
|
189
|
+
allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 16384).and_return(-1)
|
190
|
+
allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::ENOENT, "/root/chuj")
|
191
|
+
|
192
|
+
expect(get_selinux_default_context("/root/chuj", :directory)).to be_nil
|
193
|
+
end
|
194
|
+
end
|
195
|
+
|
196
|
+
it "should determine mode based on resource ensure when set to link" do
|
197
|
+
without_partial_double_verification do
|
198
|
+
allow(self).to receive(:selinux_support?).and_return(true)
|
199
|
+
allow(self).to receive(:selinux_label_support?).and_return(true)
|
200
|
+
allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 40960).and_return(-1)
|
201
|
+
allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::ENOENT, "/root/chuj")
|
202
|
+
|
203
|
+
expect(get_selinux_default_context("/root/chuj", :link)).to be_nil
|
204
|
+
end
|
205
|
+
end
|
206
|
+
|
207
|
+
it "should determine mode based on resource ensure when set to unknown" do
|
208
|
+
without_partial_double_verification do
|
209
|
+
allow(self).to receive(:selinux_support?).and_return(true)
|
210
|
+
allow(self).to receive(:selinux_label_support?).and_return(true)
|
211
|
+
allow(Selinux).to receive(:matchpathcon).with("/root/chuj", 0).and_return(-1)
|
212
|
+
allow(self).to receive(:file_lstat).with("/root/chuj").and_raise(Errno::ENOENT, "/root/chuj")
|
213
|
+
|
214
|
+
expect(get_selinux_default_context("/root/chuj", "unknown")).to be_nil
|
215
|
+
end
|
216
|
+
end
|
217
|
+
|
170
218
|
it "should return nil if matchpathcon returns failure" do
|
171
219
|
without_partial_double_verification do
|
172
220
|
expect(self).to receive(:selinux_support?).and_return(true)
|
@@ -326,21 +374,44 @@ describe Puppet::Util::SELinux do
|
|
326
374
|
end
|
327
375
|
|
328
376
|
it "should return nil if no default context exists" do
|
329
|
-
expect(self).to receive(:get_selinux_default_context).with("/foo").and_return(nil)
|
377
|
+
expect(self).to receive(:get_selinux_default_context).with("/foo", nil).and_return(nil)
|
330
378
|
expect(set_selinux_default_context("/foo")).to be_nil
|
331
379
|
end
|
332
380
|
|
333
381
|
it "should do nothing and return nil if the current context matches the default context" do
|
334
|
-
expect(self).to receive(:get_selinux_default_context).with("/foo").and_return("user_u:role_r:type_t")
|
382
|
+
expect(self).to receive(:get_selinux_default_context).with("/foo", nil).and_return("user_u:role_r:type_t")
|
335
383
|
expect(self).to receive(:get_selinux_current_context).with("/foo").and_return("user_u:role_r:type_t")
|
336
384
|
expect(set_selinux_default_context("/foo")).to be_nil
|
337
385
|
end
|
338
386
|
|
339
387
|
it "should set and return the default context if current and default do not match" do
|
340
|
-
expect(self).to receive(:get_selinux_default_context).with("/foo").and_return("user_u:role_r:type_t")
|
388
|
+
expect(self).to receive(:get_selinux_default_context).with("/foo", nil).and_return("user_u:role_r:type_t")
|
341
389
|
expect(self).to receive(:get_selinux_current_context).with("/foo").and_return("olduser_u:role_r:type_t")
|
342
390
|
expect(self).to receive(:set_selinux_context).with("/foo", "user_u:role_r:type_t").and_return(true)
|
343
391
|
expect(set_selinux_default_context("/foo")).to eq("user_u:role_r:type_t")
|
344
392
|
end
|
345
393
|
end
|
394
|
+
|
395
|
+
describe "get_create_mode" do
|
396
|
+
it "should return 0 if the resource is absent" do
|
397
|
+
expect(get_create_mode(:absent)).to eq(0)
|
398
|
+
end
|
399
|
+
|
400
|
+
it "should return mode with file type set to S_IFREG when resource is file" do
|
401
|
+
expect(get_create_mode(:present)).to eq(32768)
|
402
|
+
expect(get_create_mode(:file)).to eq(32768)
|
403
|
+
end
|
404
|
+
|
405
|
+
it "should return mode with file type set to S_IFDIR when resource is dir" do
|
406
|
+
expect(get_create_mode(:directory)).to eq(16384)
|
407
|
+
end
|
408
|
+
|
409
|
+
it "should return mode with file type set to S_IFLNK when resource is link" do
|
410
|
+
expect(get_create_mode(:link)).to eq(40960)
|
411
|
+
end
|
412
|
+
|
413
|
+
it "should return 0 for everything else" do
|
414
|
+
expect(get_create_mode("unknown")).to eq(0)
|
415
|
+
end
|
416
|
+
end
|
346
417
|
end
|
@@ -173,12 +173,12 @@ task(:gen_cert_fixtures) do
|
|
173
173
|
|
174
174
|
# Create a request, but replace its public key after it's signed
|
175
175
|
tampered_csr = ca.create_request('signed')[:csr]
|
176
|
-
tampered_csr.public_key = OpenSSL::PKey::RSA.new(
|
176
|
+
tampered_csr.public_key = OpenSSL::PKey::RSA.new(2048).public_key
|
177
177
|
save(dir, 'tampered-csr.pem', tampered_csr)
|
178
178
|
|
179
179
|
# Create a cert issued from the real intermediate CA, but replace its
|
180
180
|
# public key
|
181
181
|
tampered_cert = ca.create_cert('signed', inter[:cert], inter[:private_key])[:cert]
|
182
|
-
tampered_cert.public_key = OpenSSL::PKey::RSA.new(
|
182
|
+
tampered_cert.public_key = OpenSSL::PKey::RSA.new(2048).public_key
|
183
183
|
save(dir, 'tampered-cert.pem', tampered_cert)
|
184
184
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: puppet
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 6.
|
4
|
+
version: 6.23.0
|
5
5
|
platform: universal-darwin
|
6
6
|
authors:
|
7
7
|
- Puppet Labs
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-06-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: facter
|
@@ -1831,6 +1831,7 @@ files:
|
|
1831
1831
|
- spec/integration/application/lookup_spec.rb
|
1832
1832
|
- spec/integration/application/module_spec.rb
|
1833
1833
|
- spec/integration/application/plugin_spec.rb
|
1834
|
+
- spec/integration/application/resource_spec.rb
|
1834
1835
|
- spec/integration/configurer_spec.rb
|
1835
1836
|
- spec/integration/data_binding_spec.rb
|
1836
1837
|
- spec/integration/defaults_spec.rb
|
@@ -3100,6 +3101,7 @@ test_files:
|
|
3100
3101
|
- spec/integration/application/lookup_spec.rb
|
3101
3102
|
- spec/integration/application/module_spec.rb
|
3102
3103
|
- spec/integration/application/plugin_spec.rb
|
3104
|
+
- spec/integration/application/resource_spec.rb
|
3103
3105
|
- spec/integration/configurer_spec.rb
|
3104
3106
|
- spec/integration/data_binding_spec.rb
|
3105
3107
|
- spec/integration/defaults_spec.rb
|