puppet 6.23.0-universal-darwin → 6.24.0-universal-darwin

data/spec/unit/provider/package/pip_spec.rb

@@ -266,6 +266,43 @@ describe Puppet::Type.type(:package).provider(:pip) do
       let(:pip_version) { '1.5.4' }
       let(:pip_path) { '/fake/bin/pip' }
 
+      context "with pip version >= 20.3 and < 21.1" do
+        let(:pip_version) { '20.3.1' }
+        let(:pip_path) { '/fake/bin/pip' }
+
+        it "should use legacy-resolver argument" do
+          p = StringIO.new(
+            <<-EOS
+            Collecting real-package==versionplease
+              Could not find a version that satisfies the requirement real-package==versionplease (from versions: 1.1.3, 1.0, 1.9b1)
+            No matching distribution found for real-package==versionplease
+            EOS
+          )
+          expect(Puppet::Util::Execution).to receive(:execpipe).with(["/fake/bin/pip", "install", "real_package==versionplease",
+            "--use-deprecated=legacy-resolver"]).and_yield(p).once
+          @resource[:name] = "real_package"
+          @provider.latest
+        end
+      end
+
+      context "with pip version >= 21.1" do
+        let(:pip_version) { '21.1' }
+        let(:pip_path) { '/fake/bin/pip' }
+
+        it "should not use legacy-resolver argument" do
+          p = StringIO.new(
+            <<-EOS
+            Collecting real-package==versionplease
+              Could not find a version that satisfies the requirement real-package==versionplease (from versions: 1.1.3, 1.0, 1.9b1)
+            No matching distribution found for real-package==versionplease
+            EOS
+          )
+          expect(Puppet::Util::Execution).to receive(:execpipe).with(["/fake/bin/pip", "install", "real_package==versionplease"]).and_yield(p).once
+          @resource[:name] = "real_package"
+          @provider.latest
+        end
+      end
+
       it "should find a version number for real_package" do
         p = StringIO.new(
           <<-EOS

data/spec/unit/provider/parsedfile_spec.rb

@@ -79,6 +79,16 @@ describe Puppet::Provider::ParsedFile do
 
       provider.instances
     end
+
+    it "should raise if parsing returns nil" do
+      expect(provider).to receive(:targets).and_return(%w{/one})
+      expect_any_instance_of(Puppet::Util::FileType::FileTypeFlat).to receive(:read).and_return('a=b')
+      expect(provider).to receive(:parse).and_return(nil)
+
+      expect {
+        provider.instances
+      }.to raise_error(Puppet::DevError, %r{Prefetching /one for provider parsedfile_provider returned nil})
+    end
   end
 
   describe "when matching resources to existing records" do

data/spec/unit/settings_spec.rb

@@ -29,6 +29,17 @@ describe Puppet::Settings do
     end
   end
 
+  def stub_config_with(content)
+    allow(Puppet.features).to receive(:root?).and_return(false)
+    expect(Puppet::FileSystem).to receive(:exist?).
+      with(user_config_file_default_location).
+      and_return(true).ordered
+    expect(@settings).to receive(:read_file).
+      with(user_config_file_default_location).
+      and_return(content).ordered
+    @settings.send(:parse_config_files)
+  end
+
   describe "when specifying defaults" do
     before do
       @settings = Puppet::Settings.new
@@ -264,23 +275,31 @@ describe Puppet::Settings do
       expect(@settings[:myval]).to eq("")
     end
 
-    it "should flag string settings from the CLI" do
+    it "should retrieve numeric settings from the CLI" do
       @settings.handlearg("--myval", "12")
-      expect(@settings.set_by_cli?(:myval)).to be_truthy
+      expect(@settings.set_by_cli(:myval)).to eq(12)
+      expect(@settings.set_by_cli?(:myval)).to be true
     end
 
-    it "should flag bool settings from the CLI" do
+    it "should retrieve string settings from the CLI" do
+      @settings.handlearg("--myval", "something")
+      expect(@settings.set_by_cli(:myval)).to eq("something")
+      expect(@settings.set_by_cli?(:myval)).to be true
+    end
+
+    it "should retrieve bool settings from the CLI" do
       @settings.handlearg("--bool")
-      expect(@settings.set_by_cli?(:bool)).to be_truthy
+      expect(@settings.set_by_cli(:bool)).to be true
+      expect(@settings.set_by_cli?(:bool)).to be true
     end
 
-    it "should not flag settings memory as from CLI" do
+    it "should not retrieve settings set in memory as from CLI" do
       @settings[:myval] = "12"
-      expect(@settings.set_by_cli?(:myval)).to be_falsey
+      expect(@settings.set_by_cli?(:myval)).to be false
     end
 
     it "should find no configured settings by default" do
-      expect(@settings.set_by_config?(:myval)).to be_falsey
+      expect(@settings.set_by_config?(:myval)).to be false
     end
 
     it "should identify configured settings in memory" do
@@ -304,64 +323,66 @@ describe Puppet::Settings do
       expect(@settings.set_by_config?(:manifest, Puppet[:environment])).to be_truthy
     end
 
-    it "should identify configured settings from the preferred run mode" do
-      user_config_text = "[#{@settings.preferred_run_mode}]\nmyval = foo"
+    context "when handling puppet.conf" do
+      describe "#set_by_config?" do
+        it "should identify configured settings from the preferred run mode" do
+          stub_config_with(<<~CONFIG)
+          [#{@settings.preferred_run_mode}]
+          myval = foo
+          CONFIG
 
-      allow(Puppet.features).to receive(:root?).and_return(false)
-      expect(Puppet::FileSystem).to receive(:exist?).
-        with(user_config_file_default_location).
-        and_return(true).ordered
-      expect(@settings).to receive(:read_file).
-        with(user_config_file_default_location).
-        and_return(user_config_text).ordered
+          expect(@settings.set_by_config?(:myval)).to be_truthy
+        end
 
-      @settings.send(:parse_config_files)
-      expect(@settings.set_by_config?(:myval)).to be_truthy
-    end
+        it "should identify configured settings from the specified run mode" do
+          stub_config_with(<<~CONFIG)
+          [server]
+          myval = foo
+          CONFIG
 
-    it "should identify configured settings from the specified run mode" do
-      user_config_text = "[server]\nmyval = foo"
+          expect(@settings.set_by_config?(:myval, nil, :server)).to be_truthy
+        end
 
-      allow(Puppet.features).to receive(:root?).and_return(false)
-      expect(Puppet::FileSystem).to receive(:exist?).
-        with(user_config_file_default_location).
-        and_return(true).ordered
-      expect(@settings).to receive(:read_file).
-        with(user_config_file_default_location).
-        and_return(user_config_text).ordered
+        it "should not identify configured settings from an unspecified run mode" do
+          stub_config_with(<<~CONFIG)
+          [zaz]
+          myval = foo
+          CONFIG
 
-      @settings.send(:parse_config_files)
-      expect(@settings.set_by_config?(:myval, nil, :server)).to be_truthy
-    end
+          expect(@settings.set_by_config?(:myval)).to be_falsey
+        end
 
-    it "should not identify configured settings from an unspecified run mode" do
-      user_config_text = "[zaz]\nmyval = foo"
+        it "should identify configured settings from the main section" do
+          stub_config_with(<<~CONFIG)
+          [main]
+          myval = foo
+          CONFIG
 
-      allow(Puppet.features).to receive(:root?).and_return(false)
-      expect(Puppet::FileSystem).to receive(:exist?).
-        with(user_config_file_default_location).
-        and_return(true).ordered
-      expect(@settings).to receive(:read_file).
-        with(user_config_file_default_location).
-        and_return(user_config_text).ordered
+          expect(@settings.set_by_config?(:myval)).to be_truthy
+        end
+      end
 
-      @settings.send(:parse_config_files)
-      expect(@settings.set_by_config?(:myval)).to be_falsey
-    end
+      describe "#set_in_section" do
+        it "should retrieve configured settings from the specified section" do
+          stub_config_with(<<~CONFIG)
+          [agent]
+          myval = foo
+          CONFIG
 
-    it "should identify configured settings from the main section" do
-      user_config_text = "[main]\nmyval = foo"
+          expect(@settings.set_in_section(:myval, :agent)).to eq("foo")
+          expect(@settings.set_in_section?(:myval, :agent)).to be true
+        end
 
-      allow(Puppet.features).to receive(:root?).and_return(false)
-      expect(Puppet::FileSystem).to receive(:exist?).
-        with(user_config_file_default_location).
-        and_return(true).ordered
-      expect(@settings).to receive(:read_file).
-        with(user_config_file_default_location).
-        and_return(user_config_text).ordered
+        it "should not retrieve configured settings from a different section" do
+          stub_config_with(<<~CONFIG)
+          [main]
+          myval = foo
+          CONFIG
 
-      @settings.send(:parse_config_files)
-      expect(@settings.set_by_config?(:myval)).to be_truthy
+          expect(@settings.set_in_section(:myval, :agent)).to be nil
+          expect(@settings.set_in_section?(:myval, :agent)).to be false
+        end
+      end
     end
 
     it "should clear the cache when setting getopt-specific values" do
@@ -2120,7 +2141,7 @@ describe Puppet::Settings do
     end
 
     def a_user_type_for(username)
-      user = double('user')
+      user = double('user', 'suitable?': true, to_s: "User[#{username}]")
       expect(Puppet::Type.type(:user)).to receive(:new).with(hash_including(name: username)).and_return(user)
       user
     end
@@ -2153,6 +2174,16 @@ describe Puppet::Settings do
 
       expect(settings).to be_service_user_available
     end
+
+    it "raises if the user is not suitable" do
+      settings[:user] = "foo"
+
+      expect(a_user_type_for("foo")).to receive(:suitable?).and_return(false)
+
+      expect {
+        settings.service_user_available?
+      }.to raise_error(Puppet::Error, /Cannot manage owner permissions, because the provider for 'User\[foo\]' is not functional/)
+    end
   end
 
   describe "when determining if the service group is available" do
@@ -2163,7 +2194,7 @@ describe Puppet::Settings do
     end
 
     def a_group_type_for(groupname)
-      group = double('group')
+      group = double('group', 'suitable?': true, to_s: "Group[#{groupname}]")
       expect(Puppet::Type.type(:group)).to receive(:new).with(hash_including(name: groupname)).and_return(group)
       group
     end
@@ -2196,6 +2227,16 @@ describe Puppet::Settings do
 
       expect(settings).to be_service_group_available
     end
+
+    it "raises if the group is not suitable" do
+      settings[:group] = "foo"
+
+      expect(a_group_type_for("foo")).to receive(:suitable?).and_return(false)
+
+      expect {
+        settings.service_group_available?
+      }.to raise_error(Puppet::Error, /Cannot manage group permissions, because the provider for 'Group\[foo\]' is not functional/)
+    end
   end
 
   describe "when dealing with command-line options" do

data/spec/unit/type/exec_spec.rb

@@ -239,6 +239,19 @@ RSpec.describe Puppet::Type.type(:exec) do
     expect(dependencies.collect(&:to_s)).to eq([Puppet::Relationship.new(tmp, execer).to_s])
   end
 
+  it "should be able to autorequire files mentioned in the array command" do
+    foo = make_absolute('/bin/foo')
+    catalog = Puppet::Resource::Catalog.new
+    tmp = Puppet::Type.type(:file).new(:name => foo)
+    execer = Puppet::Type.type(:exec).new(:name => 'test array', :command => [foo, 'bar'])
+
+    catalog.add_resource tmp
+    catalog.add_resource execer
+    dependencies = execer.autorequire(catalog)
+
+    expect(dependencies.collect(&:to_s)).to eq([Puppet::Relationship.new(tmp, execer).to_s])
+  end
+
   describe "when handling the path parameter" do
     expect = %w{one two three four}
     { "an array"                                      => expect,
@@ -346,7 +359,13 @@ RSpec.describe Puppet::Type.type(:exec) do
   end
 
   shared_examples_for "all exec command parameters" do |param|
-    { "relative" => "example", "absolute" => "/bin/example" }.sort.each do |name, command|
+    array_cmd = ["/bin/example", "*"]
+    array_cmd = [["/bin/example", "*"]] if [:onlyif, :unless].include?(param)
+
+    commands = { "relative" => "example", "absolute" => "/bin/example" }
+    commands["array"] = array_cmd
+
+    commands.sort.each do |name, command|
       describe "if command is #{name}" do
         before :each do
           @param = param
@@ -379,45 +398,44 @@ RSpec.describe Puppet::Type.type(:exec) do
   end
 
   shared_examples_for "all exec command parameters that take arrays" do |param|
-    describe "when given an array of inputs" do
-      before :each do
-        @test = Puppet::Type.type(:exec).new(:name => @executable)
-      end
+    [
+      %w{one two three},
+      [%w{one -a}, %w{two, -b}, 'three']
+    ].each do |input|
+      context "when given #{input.inspect} as input" do
+        let(:resource) { Puppet::Type.type(:exec).new(:name => @executable) }
 
-      it "should accept the array when all commands return valid" do
-        input = %w{one two three}
-        expect(@test.provider).to receive(:validatecmd).exactly(input.length).times.and_return(true)
-        @test[param] = input
-        expect(@test[param]).to eq(input)
-      end
+        it "accepts the array when all commands return valid" do
+          input = %w{one two three}
+          allow(resource.provider).to receive(:validatecmd).exactly(input.length).times.and_return(true)
+          resource[param] = input
+          expect(resource[param]).to eq(input)
+        end
 
-      it "should reject the array when any commands return invalid" do
-        input = %w{one two three}
-        expect(@test.provider).to receive(:validatecmd).with(input.first).and_return(false)
-        input[1..-1].each do |cmd|
-          expect(@test.provider).to receive(:validatecmd).with(cmd).and_return(true)
+        it "rejects the array when any commands return invalid" do
+          input = %w{one two three}
+          allow(resource.provider).to receive(:validatecmd).with(input[0]).and_return(true)
+          allow(resource.provider).to receive(:validatecmd).with(input[1]).and_raise(Puppet::Error)
+
+          expect { resource[param] = input }.to raise_error(Puppet::ResourceError, /Parameter #{param} failed/)
         end
-        @test[param] = input
-        expect(@test[param]).to eq(input)
-      end
 
-      it "should reject the array when all commands return invalid" do
-        input = %w{one two three}
-        expect(@test.provider).to receive(:validatecmd).exactly(input.length).times.and_return(false)
-        @test[param] = input
-        expect(@test[param]).to eq(input)
+        it "stops at the first invalid command" do
+          input = %w{one two three}
+          allow(resource.provider).to receive(:validatecmd).with(input[0]).and_raise(Puppet::Error)
+
+          expect(resource.provider).not_to receive(:validatecmd).with(input[1])
+          expect(resource.provider).not_to receive(:validatecmd).with(input[2])
+          expect { resource[param] = input }.to raise_error(Puppet::ResourceError, /Parameter #{param} failed/)
+        end
       end
     end
   end
 
   describe "when setting command" do
     subject { described_class.new(:name => @command) }
-    it "fails when passed an Array" do
-      expect { subject[:command] = [] }.to raise_error Puppet::Error, /Command must be a String/
-    end
-
     it "fails when passed a Hash" do
-      expect { subject[:command] = {} }.to raise_error Puppet::Error, /Command must be a String/
+      expect { subject[:command] = {} }.to raise_error Puppet::Error, /Command must be a String or Array<String>/
     end
   end
 
@@ -759,6 +777,35 @@ RSpec.describe Puppet::Type.type(:exec) do
           end
         end
 
+        context 'with an array of arrays with multiple items' do
+          before do
+            [true, false].each do |check|
+              allow(@test.provider).to receive(:run).with([@pass, '--flag'], check).
+                and_return(['test output', @pass_status])
+              allow(@test.provider).to receive(:run).with([@fail, '--flag'], check).
+                and_return(['test output', @fail_status])
+              allow(@test.provider).to receive(:run).with([@pass], check).
+                and_return(['test output', @pass_status])
+              allow(@test.provider).to receive(:run).with([@fail], check).
+                and_return(['test output', @fail_status])
+            end
+          end
+          it "runs if all the commands exits non-zero" do
+            @test[param] = [[@fail, '--flag'], [@fail], [@fail, '--flag']]
+            expect(@test.check_all_attributes).to eq(true)
+          end
+
+          it "does not run if one command exits zero" do
+            @test[param] = [[@pass, '--flag'], [@pass], [@fail, '--flag']]
+            expect(@test.check_all_attributes).to eq(false)
+          end
+
+          it "does not run if all command exits zero" do
+            @test[param] = [[@pass, '--flag'], [@pass], [@pass, '--flag']]
+            expect(@test.check_all_attributes).to eq(false)
+          end
+        end
+
         it "should emit output to debug" do
           Puppet::Util::Log.level = :debug
           @test[param] = @fail

data/spec/unit/type/file/source_spec.rb

@@ -264,7 +264,7 @@ describe Puppet::Type.type(:file).attrclass(:source), :uses_checksums => true do
 
           expect(@resource[:owner]).to eq(100)
           expect(@resource[:group]).to eq(200)
-          expect(@resource[:mode]).to eq("173")
+          expect(@resource[:mode]).to eq("0173")
 
           # Metadata calls it checksum and checksum_type, we call it content and checksum.
           expect(@resource[:content]).to eq(@metadata.checksum)
@@ -281,7 +281,7 @@ describe Puppet::Type.type(:file).attrclass(:source), :uses_checksums => true do
 
           expect(@resource[:owner]).to eq(1)
           expect(@resource[:group]).to eq(2)
-          expect(@resource[:mode]).to eq('173')
+          expect(@resource[:mode]).to eq('0173')
           expect(@resource[:content]).not_to eq(@metadata.checksum)
           expect(@resource[:checksum]).not_to eq(@metadata.checksum_type.to_sym)
         end
@@ -318,7 +318,7 @@ describe Puppet::Type.type(:file).attrclass(:source), :uses_checksums => true do
 
             expect(@resource[:owner]).to eq(100)
             expect(@resource[:group]).to eq(200)
-            expect(@resource[:mode]).to eq("173")
+            expect(@resource[:mode]).to eq("0173")
           end
 
           it "copies the remote owner" do
@@ -336,7 +336,7 @@ describe Puppet::Type.type(:file).attrclass(:source), :uses_checksums => true do
           it "copies the remote mode" do
             @source.copy_source_values
 
-            expect(@resource[:mode]).to eq("173")
+            expect(@resource[:mode]).to eq("0173")
           end
         end
 

data/spec/unit/type/tidy_spec.rb

@@ -280,6 +280,13 @@ describe tidy do
         @ager.tidy?(@basepath, @stat)
       end
 
+      it "should return true if the specified age is 0" do
+        @tidy[:age] = "0"
+        expect(@stat).to receive(:mtime).and_return(Time.now)
+
+        expect(@ager).to be_tidy(@basepath, @stat)
+      end
+
       it "should return false if the file is more recent than the specified age" do
         expect(@stat).to receive(:mtime).and_return(Time.now)
 

data/spec/unit/util/windows/sid_spec.rb

@@ -131,38 +131,73 @@ describe "Puppet::Util::Windows::SID", :if => Puppet::Util::Platform.windows? do
       expect(subject.name_to_principal(unknown_name)).to be_nil
     end
 
+    it "should print a debug message if the account does not exist" do
+      expect(Puppet).to receive(:debug).with(/No mapping between account names and security IDs was done/)
+      subject.name_to_principal(unknown_name)
+    end
+
     it "should return a Puppet::Util::Windows::SID::Principal instance for any valid sid" do
       expect(subject.name_to_principal(sid)).to be_an_instance_of(Puppet::Util::Windows::SID::Principal)
     end
 
+    it "should not print debug messages for valid sid" do
+      expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
+      expect(Puppet).not_to receive(:debug).with(/No mapping between account names and security IDs was done/)
+      subject.name_to_principal(sid)
+    end
+
+    it "should print a debug message for invalid sid" do
+      expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
+      expect(Puppet).to receive(:debug).with(/No mapping between account names and security IDs was done/)
+      subject.name_to_principal('S-1-5-21-INVALID-SID')
+    end
+
     it "should accept unqualified account name" do
       # NOTE: lookup by name works in localized environments only for a few instances
       # this works in French Windows, even though the account is really Syst\u00E8me
       expect(subject.name_to_principal('SYSTEM').sid).to eq(sid)
     end
 
+    it "should not print debug messages for unqualified account name" do
+      expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
+      expect(Puppet).not_to receive(:debug).with(/No mapping between account names and security IDs was done/)
+      subject.name_to_principal('SYSTEM')
+    end
+
     it "should be case-insensitive" do
       # NOTE: lookup by name works in localized environments only for a few instances
       # this works in French Windows, even though the account is really Syst\u00E8me
       expect(subject.name_to_principal('SYSTEM')).to eq(subject.name_to_principal('system'))
     end
 
+    it "should not print debug messages for wrongly cased account name" do
+      expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
+      expect(Puppet).not_to receive(:debug).with(/No mapping between account names and security IDs was done/)
+      subject.name_to_principal('system')
+    end
+
     it "should be leading and trailing whitespace-insensitive" do
       # NOTE: lookup by name works in localized environments only for a few instances
       # this works in French Windows, even though the account is really Syst\u00E8me
       expect(subject.name_to_principal('SYSTEM')).to eq(subject.name_to_principal(' SYSTEM '))
     end
 
+    it "should not print debug messages for account name with leading and trailing whitespace" do
+      expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
+      expect(Puppet).not_to receive(:debug).with(/No mapping between account names and security IDs was done/)
+      subject.name_to_principal(' SYSTEM ')
+    end
+
     it "should accept domain qualified account names" do
       # NOTE: lookup by name works in localized environments only for a few instances
       # this works in French Windows, even though the account is really AUTORITE NT\\Syst\u00E8me
       expect(subject.name_to_principal('NT AUTHORITY\SYSTEM').sid).to eq(sid)
     end
 
-    it "should print a debug message on failures" do
-      expect(Puppet).to receive(:debug).with(/Could not retrieve raw SID bytes from 'NonExistingUser'/)
-      expect(Puppet).to receive(:debug).with(/No mapping between account names and security IDs was done/)
-      subject.name_to_principal('NonExistingUser')
+    it "should not print debug messages for domain qualified account names" do
+      expect(Puppet).not_to receive(:debug).with(/Could not retrieve raw SID bytes from/)
+      expect(Puppet).not_to receive(:debug).with(/No mapping between account names and security IDs was done/)
+      subject.name_to_principal('NT AUTHORITY\SYSTEM')
     end
   end
 

data/tasks/generate_cert_fixtures.rake

@@ -40,6 +40,7 @@ task(:gen_cert_fixtures) do
   # 127.0.0.1.pem                     |   +- /CN=127.0.0.1 (with dns alt names)
   # tampered-cert.pem                 |   +- /CN=signed (with different public key)
   # ec.pem                            |   +- /CN=ec (with EC private key)
+  # oid.pem                           |   +- /CN=oid (with custom oid)
   #                                   |
   #                                   + /CN=Test CA Agent Subauthority
   #                                   |  |
@@ -49,7 +50,7 @@ task(:gen_cert_fixtures) do
   #
   # bad-basic-constraints.pem        /CN=Test CA (bad isCA constraint)
   #
-  # unknown-ca.pemm                  /CN=Unknown CA
+  # unknown-ca.pem                   /CN=Unknown CA
   #                                   |
   # unknown-127.0.0.1.pem             +- /CN=127.0.0.1
   #
@@ -103,6 +104,14 @@ task(:gen_cert_fixtures) do
   save(dir, '127.0.0.1.pem', signed[:cert])
   save(dir, '127.0.0.1-key.pem', signed[:private_key])
 
+  # Create an SSL cert with extensions containing custom oids
+  extensions = [
+    ['1.3.6.1.4.1.34380.1.2.1.1', OpenSSL::ASN1::UTF8String.new('somevalue'), false],
+  ]
+  oid = ca.create_cert('oid', inter[:cert], inter[:private_key], extensions: extensions)
+  save(dir, 'oid.pem', oid[:cert])
+  save(dir, 'oid-key.pem', oid[:private_key])
+
   # Create a leaf/entity key and cert for host "revoked", issued by "Test CA Subauthority"
   # and revoke the cert
   revoked = ca.create_cert('revoked', inter[:cert], inter[:private_key])

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: puppet
 version: !ruby/object:Gem::Version
-  version: 6.23.0
+  version: 6.24.0
 platform: universal-darwin
 authors:
 - Puppet Labs
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-06-11 00:00:00.000000000 Z
+date: 2021-07-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: facter
@@ -1472,6 +1472,8 @@ files:
 - spec/fixtures/ssl/intermediate-crl.pem
 - spec/fixtures/ssl/intermediate.pem
 - spec/fixtures/ssl/netlock-arany-utf8.pem
+- spec/fixtures/ssl/oid-key.pem
+- spec/fixtures/ssl/oid.pem
 - spec/fixtures/ssl/pluto-key.pem
 - spec/fixtures/ssl/pluto.pem
 - spec/fixtures/ssl/request-key.pem
@@ -1482,6 +1484,7 @@ files:
 - spec/fixtures/ssl/signed.pem
 - spec/fixtures/ssl/tampered-cert.pem
 - spec/fixtures/ssl/tampered-csr.pem
+- spec/fixtures/ssl/trusted_oid_mapping.yaml
 - spec/fixtures/ssl/unknown-127.0.0.1-key.pem
 - spec/fixtures/ssl/unknown-127.0.0.1.pem
 - spec/fixtures/ssl/unknown-ca-key.pem
@@ -1832,6 +1835,7 @@ files:
 - spec/integration/application/module_spec.rb
 - spec/integration/application/plugin_spec.rb
 - spec/integration/application/resource_spec.rb
+- spec/integration/application/ssl_spec.rb
 - spec/integration/configurer_spec.rb
 - spec/integration/data_binding_spec.rb
 - spec/integration/defaults_spec.rb
@@ -2665,7 +2669,8 @@ files:
 - tasks/parser.rake
 - tasks/yard.rake
 homepage: https://github.com/puppetlabs/puppet
-licenses: []
+licenses:
+- Apache-2.0
 metadata: {}
 post_install_message: 
 rdoc_options:
@@ -2742,6 +2747,8 @@ test_files:
 - spec/fixtures/ssl/intermediate-crl.pem
 - spec/fixtures/ssl/intermediate.pem
 - spec/fixtures/ssl/netlock-arany-utf8.pem
+- spec/fixtures/ssl/oid-key.pem
+- spec/fixtures/ssl/oid.pem
 - spec/fixtures/ssl/pluto-key.pem
 - spec/fixtures/ssl/pluto.pem
 - spec/fixtures/ssl/request-key.pem
@@ -2752,6 +2759,7 @@ test_files:
 - spec/fixtures/ssl/signed.pem
 - spec/fixtures/ssl/tampered-cert.pem
 - spec/fixtures/ssl/tampered-csr.pem
+- spec/fixtures/ssl/trusted_oid_mapping.yaml
 - spec/fixtures/ssl/unknown-127.0.0.1-key.pem
 - spec/fixtures/ssl/unknown-127.0.0.1.pem
 - spec/fixtures/ssl/unknown-ca-key.pem
@@ -3102,6 +3110,7 @@ test_files:
 - spec/integration/application/module_spec.rb
 - spec/integration/application/plugin_spec.rb
 - spec/integration/application/resource_spec.rb
+- spec/integration/application/ssl_spec.rb
 - spec/integration/configurer_spec.rb
 - spec/integration/data_binding_spec.rb
 - spec/integration/defaults_spec.rb