puppet 6.26.0-x64-mingw32 → 7.0.0-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (802) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +16 -2
  3. data/CONTRIBUTING.md +5 -5
  4. data/Gemfile +5 -7
  5. data/Gemfile.lock +43 -62
  6. data/README.md +5 -5
  7. data/conf/fileserver.conf +5 -10
  8. data/ext/README.environment +8 -0
  9. data/ext/build_defaults.yaml +1 -1
  10. data/ext/dbfix.sql +132 -0
  11. data/ext/debian/README.Debian +8 -0
  12. data/ext/debian/README.source +2 -0
  13. data/ext/debian/TODO.Debian +1 -0
  14. data/ext/debian/changelog.erb +1122 -0
  15. data/ext/debian/compat +1 -0
  16. data/ext/debian/control +144 -0
  17. data/ext/debian/copyright +339 -0
  18. data/ext/debian/docs +1 -0
  19. data/ext/debian/fileserver.conf +41 -0
  20. data/ext/debian/puppet-common.dirs +13 -0
  21. data/ext/debian/puppet-common.install +3 -0
  22. data/ext/debian/puppet-common.lintian-overrides +5 -0
  23. data/ext/debian/puppet-common.manpages +28 -0
  24. data/ext/debian/puppet-common.postinst +35 -0
  25. data/ext/debian/puppet-common.postrm +33 -0
  26. data/ext/debian/puppet-el.dirs +1 -0
  27. data/ext/debian/puppet-el.emacsen-install +25 -0
  28. data/ext/debian/puppet-el.emacsen-remove +11 -0
  29. data/ext/debian/puppet-el.emacsen-startup +9 -0
  30. data/ext/debian/puppet-el.install +1 -0
  31. data/ext/debian/puppet-testsuite.install +2 -0
  32. data/ext/debian/puppet-testsuite.lintian-overrides +4 -0
  33. data/ext/debian/puppet.lintian-overrides +3 -0
  34. data/ext/debian/puppet.logrotate +20 -0
  35. data/ext/debian/puppet.postinst +20 -0
  36. data/ext/debian/puppet.postrm +20 -0
  37. data/ext/debian/puppet.preinst +20 -0
  38. data/ext/debian/puppetmaster-common.install +2 -0
  39. data/ext/debian/puppetmaster-common.manpages +2 -0
  40. data/ext/debian/puppetmaster-common.postinst +6 -0
  41. data/ext/debian/puppetmaster-passenger.dirs +4 -0
  42. data/ext/debian/puppetmaster-passenger.postinst +162 -0
  43. data/ext/debian/puppetmaster-passenger.postrm +61 -0
  44. data/ext/debian/puppetmaster.README.debian +17 -0
  45. data/ext/debian/puppetmaster.default +14 -0
  46. data/ext/debian/puppetmaster.init +137 -0
  47. data/ext/debian/puppetmaster.lintian-overrides +3 -0
  48. data/ext/debian/puppetmaster.postinst +20 -0
  49. data/ext/debian/puppetmaster.postrm +5 -0
  50. data/ext/debian/puppetmaster.preinst +22 -0
  51. data/ext/debian/rules +132 -0
  52. data/ext/debian/source/format +1 -0
  53. data/ext/debian/source/options +1 -0
  54. data/ext/debian/vim-puppet.README.Debian +13 -0
  55. data/ext/debian/vim-puppet.dirs +5 -0
  56. data/ext/debian/vim-puppet.yaml +7 -0
  57. data/ext/debian/watch +2 -0
  58. data/ext/freebsd/puppetd +26 -0
  59. data/ext/freebsd/puppetmasterd +26 -0
  60. data/ext/gentoo/conf.d/puppet +5 -0
  61. data/ext/gentoo/conf.d/puppetmaster +12 -0
  62. data/ext/gentoo/init.d/puppet +38 -0
  63. data/ext/gentoo/init.d/puppetmaster +51 -0
  64. data/ext/gentoo/puppet/fileserver.conf +41 -0
  65. data/ext/ips/puppet-agent +44 -0
  66. data/ext/ips/puppet-master +44 -0
  67. data/ext/ips/puppet.p5m.erb +12 -0
  68. data/ext/ips/puppetagent.xml +42 -0
  69. data/ext/ips/puppetmaster.xml +42 -0
  70. data/ext/ips/rules +19 -0
  71. data/ext/ips/transforms +34 -0
  72. data/ext/ldap/puppet.schema +24 -0
  73. data/ext/logcheck/puppet +23 -0
  74. data/{examples → ext}/nagios/check_puppet.rb +2 -2
  75. data/ext/osx/file_mapping.yaml +28 -0
  76. data/ext/osx/postflight.erb +109 -0
  77. data/ext/osx/preflight.erb +52 -0
  78. data/ext/osx/prototype.plist.erb +38 -0
  79. data/ext/osx/puppet.plist +0 -2
  80. data/ext/project_data.yaml +1 -15
  81. data/ext/redhat/fileserver.conf +41 -0
  82. data/ext/redhat/logrotate +21 -0
  83. data/ext/redhat/puppet.spec.erb +841 -0
  84. data/ext/redhat/server.init +128 -0
  85. data/ext/redhat/server.sysconfig +13 -0
  86. data/{examples/enc → ext}/regexp_nodes/classes/databases +0 -0
  87. data/{examples/enc → ext}/regexp_nodes/classes/webservers +0 -0
  88. data/{examples/enc → ext}/regexp_nodes/environment/development +0 -0
  89. data/{examples/enc → ext}/regexp_nodes/parameters/service/prod +0 -0
  90. data/{examples/enc → ext}/regexp_nodes/parameters/service/qa +0 -0
  91. data/{examples/enc → ext}/regexp_nodes/parameters/service/sandbox +0 -0
  92. data/{examples/enc → ext}/regexp_nodes/regexp_nodes.rb +0 -0
  93. data/ext/solaris/pkginfo +6 -0
  94. data/ext/solaris/smf/puppetd.xml +77 -0
  95. data/ext/solaris/smf/puppetmasterd.xml +77 -0
  96. data/ext/solaris/smf/svc-puppetd +71 -0
  97. data/ext/solaris/smf/svc-puppetmasterd +67 -0
  98. data/ext/suse/puppet.spec +310 -0
  99. data/ext/suse/server.init +173 -0
  100. data/ext/windows/service/daemon.rb +6 -5
  101. data/ext/yaml_nodes.rb +105 -0
  102. data/install.rb +21 -17
  103. data/lib/puppet/application/agent.rb +4 -16
  104. data/lib/puppet/application/apply.rb +4 -24
  105. data/lib/puppet/application/device.rb +100 -106
  106. data/lib/puppet/application/filebucket.rb +13 -10
  107. data/lib/puppet/application/lookup.rb +24 -78
  108. data/lib/puppet/application/resource.rb +16 -32
  109. data/lib/puppet/application/script.rb +0 -2
  110. data/lib/puppet/application/ssl.rb +1 -13
  111. data/lib/puppet/application.rb +178 -108
  112. data/lib/puppet/application_support.rb +0 -7
  113. data/lib/puppet/concurrent/thread_local_singleton.rb +3 -6
  114. data/lib/puppet/configurer/downloader.rb +1 -2
  115. data/lib/puppet/configurer/plugin_handler.rb +21 -19
  116. data/lib/puppet/configurer.rb +86 -179
  117. data/lib/puppet/confine/variable.rb +1 -1
  118. data/lib/puppet/defaults.rb +130 -245
  119. data/lib/puppet/environments.rb +82 -146
  120. data/lib/puppet/face/facts.rb +5 -103
  121. data/lib/puppet/face/generate.rb +0 -2
  122. data/lib/puppet/face/help/action.erb +0 -1
  123. data/lib/puppet/face/help/face.erb +0 -1
  124. data/lib/puppet/face/help.rb +1 -1
  125. data/lib/puppet/face/node/clean.rb +0 -11
  126. data/lib/puppet/face/plugin.rb +5 -8
  127. data/lib/puppet/ffi/windows/api_types.rb +311 -0
  128. data/lib/puppet/ffi/windows/constants.rb +404 -0
  129. data/lib/puppet/ffi/windows/functions.rb +628 -0
  130. data/lib/puppet/ffi/windows/structs.rb +338 -0
  131. data/lib/puppet/ffi/windows.rb +12 -0
  132. data/lib/puppet/file_serving/configuration/parser.rb +3 -34
  133. data/lib/puppet/file_serving/configuration.rb +0 -8
  134. data/lib/puppet/file_serving/fileset.rb +2 -14
  135. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  136. data/lib/puppet/file_serving/metadata.rb +0 -3
  137. data/lib/puppet/file_serving/mount/file.rb +4 -4
  138. data/lib/puppet/file_serving/mount.rb +1 -2
  139. data/lib/puppet/file_system/file_impl.rb +8 -10
  140. data/lib/puppet/file_system/jruby.rb +1 -1
  141. data/lib/puppet/file_system/memory_file.rb +1 -8
  142. data/lib/puppet/file_system/windows.rb +6 -8
  143. data/lib/puppet/file_system.rb +1 -1
  144. data/lib/puppet/forge/repository.rb +0 -1
  145. data/lib/puppet/forge.rb +4 -4
  146. data/lib/puppet/functions/all.rb +1 -1
  147. data/lib/puppet/functions/camelcase.rb +1 -1
  148. data/lib/puppet/functions/capitalize.rb +2 -2
  149. data/lib/puppet/functions/downcase.rb +2 -2
  150. data/lib/puppet/functions/empty.rb +0 -8
  151. data/lib/puppet/functions/find_template.rb +2 -2
  152. data/lib/puppet/functions/get.rb +5 -5
  153. data/lib/puppet/functions/group_by.rb +5 -13
  154. data/lib/puppet/functions/lest.rb +1 -1
  155. data/lib/puppet/functions/new.rb +100 -100
  156. data/lib/puppet/functions/partition.rb +4 -12
  157. data/lib/puppet/functions/require.rb +5 -5
  158. data/lib/puppet/functions/sort.rb +3 -3
  159. data/lib/puppet/functions/strftime.rb +0 -1
  160. data/lib/puppet/functions/tree_each.rb +9 -7
  161. data/lib/puppet/functions/type.rb +4 -4
  162. data/lib/puppet/functions/unwrap.rb +2 -17
  163. data/lib/puppet/functions/upcase.rb +2 -2
  164. data/lib/puppet/functions/versioncmp.rb +2 -6
  165. data/lib/puppet/generate/models/type/type.rb +4 -1
  166. data/lib/puppet/generate/type.rb +0 -9
  167. data/lib/puppet/http/client.rb +165 -115
  168. data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
  169. data/lib/puppet/http/errors.rb +16 -0
  170. data/lib/puppet/http/external_client.rb +5 -7
  171. data/lib/puppet/{network/http → http}/factory.rb +8 -15
  172. data/lib/puppet/{network/http → http}/pool.rb +61 -26
  173. data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
  174. data/lib/puppet/http/proxy.rb +137 -0
  175. data/lib/puppet/http/redirector.rb +4 -17
  176. data/lib/puppet/http/resolver/server_list.rb +10 -25
  177. data/lib/puppet/http/resolver/settings.rb +4 -7
  178. data/lib/puppet/http/resolver/srv.rb +7 -11
  179. data/lib/puppet/http/resolver.rb +5 -15
  180. data/lib/puppet/http/response.rb +36 -54
  181. data/lib/puppet/http/response_converter.rb +24 -0
  182. data/lib/puppet/http/response_net_http.rb +42 -0
  183. data/lib/puppet/http/retry_after_handler.rb +4 -13
  184. data/lib/puppet/http/service/ca.rb +11 -22
  185. data/lib/puppet/http/service/compiler.rb +23 -144
  186. data/lib/puppet/http/service/file_server.rb +19 -29
  187. data/lib/puppet/http/service/puppetserver.rb +26 -12
  188. data/lib/puppet/http/service/report.rb +8 -10
  189. data/lib/puppet/http/service.rb +12 -26
  190. data/lib/puppet/http/session.rb +11 -20
  191. data/lib/puppet/{network/http → http}/site.rb +1 -2
  192. data/lib/puppet/http.rb +22 -13
  193. data/lib/puppet/indirector/catalog/compiler.rb +6 -25
  194. data/lib/puppet/indirector/catalog/rest.rb +2 -5
  195. data/lib/puppet/indirector/facts/facter.rb +6 -6
  196. data/lib/puppet/indirector/facts/rest.rb +3 -22
  197. data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
  198. data/lib/puppet/indirector/file_content/rest.rb +2 -6
  199. data/lib/puppet/indirector/file_metadata/rest.rb +3 -10
  200. data/lib/puppet/indirector/file_server.rb +1 -8
  201. data/lib/puppet/indirector/generic_http.rb +0 -11
  202. data/lib/puppet/indirector/indirection.rb +1 -1
  203. data/lib/puppet/indirector/node/rest.rb +2 -4
  204. data/lib/puppet/indirector/report/rest.rb +3 -8
  205. data/lib/puppet/indirector/request.rb +0 -101
  206. data/lib/puppet/indirector/resource/ral.rb +1 -6
  207. data/lib/puppet/indirector/rest.rb +12 -263
  208. data/lib/puppet/indirector/terminus.rb +0 -4
  209. data/lib/puppet/interface/documentation.rb +0 -1
  210. data/lib/puppet/module/plan.rb +1 -0
  211. data/lib/puppet/module/task.rb +1 -1
  212. data/lib/puppet/module.rb +0 -1
  213. data/lib/puppet/module_tool/applications/installer.rb +2 -56
  214. data/lib/puppet/module_tool/applications/uninstaller.rb +1 -1
  215. data/lib/puppet/module_tool/applications/upgrader.rb +1 -1
  216. data/lib/puppet/module_tool/applications.rb +0 -1
  217. data/lib/puppet/module_tool/errors/shared.rb +2 -34
  218. data/lib/puppet/network/authconfig.rb +2 -96
  219. data/lib/puppet/network/authorization.rb +13 -35
  220. data/lib/puppet/network/formats.rb +0 -67
  221. data/lib/puppet/network/http/api/indirected_routes.rb +3 -21
  222. data/lib/puppet/network/http/api/master/v3.rb +11 -13
  223. data/lib/puppet/network/http/connection.rb +247 -316
  224. data/lib/puppet/network/http/handler.rb +0 -1
  225. data/lib/puppet/network/http.rb +3 -3
  226. data/lib/puppet/network/http_pool.rb +16 -34
  227. data/lib/puppet/node/environment.rb +11 -10
  228. data/lib/puppet/node.rb +2 -31
  229. data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
  230. data/lib/puppet/pal/pal_impl.rb +4 -2
  231. data/lib/puppet/parser/ast/leaf.rb +2 -3
  232. data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
  233. data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
  234. data/lib/puppet/parser/compiler.rb +0 -198
  235. data/lib/puppet/parser/functions/fqdn_rand.rb +6 -14
  236. data/lib/puppet/parser/resource.rb +1 -70
  237. data/lib/puppet/parser/scope.rb +0 -1
  238. data/lib/puppet/parser/templatewrapper.rb +1 -2
  239. data/lib/puppet/pops/evaluator/closure.rb +5 -7
  240. data/lib/puppet/pops/evaluator/deferred_resolver.rb +3 -5
  241. data/lib/puppet/pops/evaluator/evaluator_impl.rb +0 -5
  242. data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -4
  243. data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
  244. data/lib/puppet/pops/issues.rb +0 -5
  245. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
  246. data/lib/puppet/pops/lookup/lookup_adapter.rb +2 -3
  247. data/lib/puppet/pops/model/ast.pp +0 -42
  248. data/lib/puppet/pops/model/ast.rb +0 -291
  249. data/lib/puppet/pops/model/ast_transformer.rb +1 -1
  250. data/lib/puppet/pops/model/factory.rb +1 -47
  251. data/lib/puppet/pops/model/model_label_provider.rb +0 -5
  252. data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
  253. data/lib/puppet/pops/model/pn_transformer.rb +0 -16
  254. data/lib/puppet/pops/parser/code_merger.rb +4 -4
  255. data/lib/puppet/pops/parser/egrammar.ra +0 -58
  256. data/lib/puppet/pops/parser/eparser.rb +1685 -1896
  257. data/lib/puppet/pops/parser/lexer2.rb +91 -92
  258. data/lib/puppet/pops/parser/parser_support.rb +0 -5
  259. data/lib/puppet/pops/parser/slurp_support.rb +0 -1
  260. data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
  261. data/lib/puppet/pops/serialization/to_stringified_converter.rb +1 -1
  262. data/lib/puppet/pops/types/p_sem_ver_type.rb +2 -8
  263. data/lib/puppet/pops/types/p_sensitive_type.rb +0 -10
  264. data/lib/puppet/pops/types/type_calculator.rb +0 -7
  265. data/lib/puppet/pops/types/type_formatter.rb +3 -4
  266. data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
  267. data/lib/puppet/pops/types/type_parser.rb +0 -4
  268. data/lib/puppet/pops/types/types.rb +1 -2
  269. data/lib/puppet/pops/validation/checker4_0.rb +9 -37
  270. data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
  271. data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
  272. data/lib/puppet/property/list.rb +1 -1
  273. data/lib/puppet/provider/aix_object.rb +1 -1
  274. data/lib/puppet/provider/exec/posix.rb +4 -16
  275. data/lib/puppet/provider/group/groupadd.rb +10 -18
  276. data/lib/puppet/provider/nameservice.rb +0 -18
  277. data/lib/puppet/provider/package/apt.rb +2 -34
  278. data/lib/puppet/provider/package/aptitude.rb +0 -6
  279. data/lib/puppet/provider/package/dnfmodule.rb +1 -1
  280. data/lib/puppet/provider/package/dpkg.rb +0 -10
  281. data/lib/puppet/provider/package/gem.rb +23 -3
  282. data/lib/puppet/provider/package/nim.rb +6 -11
  283. data/lib/puppet/provider/package/pip.rb +3 -16
  284. data/lib/puppet/provider/package/pkg.rb +2 -23
  285. data/lib/puppet/provider/package/portage.rb +1 -1
  286. data/lib/puppet/provider/package/puppet_gem.rb +1 -4
  287. data/lib/puppet/provider/package/puppetserver_gem.rb +1 -1
  288. data/lib/puppet/provider/package/yum.rb +1 -1
  289. data/lib/puppet/provider/parsedfile.rb +0 -3
  290. data/lib/puppet/provider/service/base.rb +1 -1
  291. data/lib/puppet/provider/service/debian.rb +0 -2
  292. data/lib/puppet/provider/service/init.rb +9 -10
  293. data/lib/puppet/provider/service/launchd.rb +2 -2
  294. data/lib/puppet/provider/service/redhat.rb +1 -1
  295. data/lib/puppet/provider/service/smf.rb +194 -76
  296. data/lib/puppet/provider/service/systemd.rb +6 -16
  297. data/lib/puppet/provider/service/upstart.rb +5 -5
  298. data/lib/puppet/provider/service/windows.rb +0 -38
  299. data/lib/puppet/provider/user/aix.rb +3 -46
  300. data/lib/puppet/provider/user/directoryservice.rb +11 -34
  301. data/lib/puppet/provider/user/useradd.rb +24 -134
  302. data/lib/puppet/provider.rb +1 -14
  303. data/lib/puppet/reference/configuration.rb +8 -7
  304. data/lib/puppet/reference/indirection.rb +1 -1
  305. data/lib/puppet/reference/providers.rb +2 -2
  306. data/lib/puppet/resource/catalog.rb +2 -15
  307. data/lib/puppet/resource/type.rb +3 -119
  308. data/lib/puppet/resource/type_collection.rb +3 -49
  309. data/lib/puppet/resource.rb +6 -127
  310. data/lib/puppet/runtime.rb +2 -13
  311. data/lib/puppet/settings/environment_conf.rb +0 -1
  312. data/lib/puppet/settings/integer_setting.rb +17 -0
  313. data/lib/puppet/settings/port_setting.rb +15 -0
  314. data/lib/puppet/settings/priority_setting.rb +5 -4
  315. data/lib/puppet/settings.rb +82 -98
  316. data/lib/puppet/ssl/base.rb +3 -5
  317. data/lib/puppet/ssl/certificate.rb +0 -6
  318. data/lib/puppet/ssl/certificate_request.rb +1 -12
  319. data/lib/puppet/ssl/certificate_signer.rb +6 -0
  320. data/lib/puppet/ssl/oids.rb +3 -1
  321. data/lib/puppet/ssl/ssl_provider.rb +17 -0
  322. data/lib/puppet/ssl/state_machine.rb +3 -1
  323. data/lib/puppet/ssl/verifier.rb +2 -6
  324. data/lib/puppet/ssl.rb +10 -6
  325. data/lib/puppet/test/test_helper.rb +2 -7
  326. data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
  327. data/lib/puppet/transaction/persistence.rb +1 -21
  328. data/lib/puppet/transaction/report.rb +3 -19
  329. data/lib/puppet/transaction.rb +1 -7
  330. data/lib/puppet/type/exec.rb +5 -35
  331. data/lib/puppet/type/file/checksum.rb +1 -1
  332. data/lib/puppet/type/file/data_sync.rb +1 -1
  333. data/lib/puppet/type/file/mode.rb +0 -6
  334. data/lib/puppet/type/file/selcontext.rb +1 -1
  335. data/lib/puppet/type/file/source.rb +1 -1
  336. data/lib/puppet/type/file.rb +12 -32
  337. data/lib/puppet/type/filebucket.rb +4 -4
  338. data/lib/puppet/type/group.rb +1 -0
  339. data/lib/puppet/type/package.rb +8 -16
  340. data/lib/puppet/type/resources.rb +1 -1
  341. data/lib/puppet/type/service.rb +41 -26
  342. data/lib/puppet/type/tidy.rb +3 -22
  343. data/lib/puppet/type/user.rb +13 -32
  344. data/lib/puppet/type.rb +1 -77
  345. data/lib/puppet/util/autoload.rb +8 -1
  346. data/lib/puppet/util/command_line.rb +1 -1
  347. data/lib/puppet/util/execution.rb +0 -11
  348. data/lib/puppet/util/filetype.rb +2 -2
  349. data/lib/puppet/util/http_proxy.rb +2 -215
  350. data/lib/puppet/util/json.rb +0 -20
  351. data/lib/puppet/util/log.rb +4 -8
  352. data/lib/puppet/util/logging.rb +25 -1
  353. data/lib/puppet/util/monkey_patches.rb +0 -59
  354. data/lib/puppet/util/package.rb +16 -25
  355. data/lib/puppet/util/pidlock.rb +1 -1
  356. data/lib/puppet/util/posix.rb +5 -54
  357. data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +1 -1
  358. data/lib/puppet/util/rdoc.rb +0 -7
  359. data/lib/puppet/util/retry_action.rb +1 -1
  360. data/lib/puppet/util/run_mode.rb +9 -1
  361. data/lib/puppet/util/selinux.rb +4 -30
  362. data/lib/puppet/util/suidmanager.rb +2 -1
  363. data/lib/puppet/util/symbolic_file_mode.rb +17 -29
  364. data/lib/puppet/util/tagging.rb +0 -1
  365. data/lib/puppet/util/windows/adsi.rb +0 -46
  366. data/lib/puppet/util/windows/daemon.rb +360 -0
  367. data/lib/puppet/util/windows/error.rb +1 -0
  368. data/lib/puppet/util/windows/eventlog.rb +4 -9
  369. data/lib/puppet/util/windows/file.rb +8 -242
  370. data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
  371. data/lib/puppet/util/windows/principal.rb +2 -9
  372. data/lib/puppet/util/windows/process.rb +4 -226
  373. data/lib/puppet/util/windows/service.rb +11 -457
  374. data/lib/puppet/util/windows/sid.rb +2 -6
  375. data/lib/puppet/util/windows/string.rb +12 -13
  376. data/lib/puppet/util/windows/user.rb +2 -0
  377. data/lib/puppet/util/windows.rb +3 -11
  378. data/lib/puppet/util/yaml.rb +1 -42
  379. data/lib/puppet/util.rb +3 -4
  380. data/lib/puppet/vendor/require_vendored.rb +0 -1
  381. data/lib/puppet/version.rb +1 -1
  382. data/lib/puppet/x509/cert_provider.rb +29 -1
  383. data/lib/puppet/x509.rb +5 -1
  384. data/lib/puppet.rb +20 -26
  385. data/locales/puppet.pot +9633 -5
  386. data/man/man5/puppet.conf.5 +286 -401
  387. data/man/man8/puppet-agent.8 +2 -5
  388. data/man/man8/puppet-apply.8 +2 -2
  389. data/man/man8/puppet-catalog.8 +9 -9
  390. data/man/man8/puppet-config.8 +1 -1
  391. data/man/man8/puppet-describe.8 +1 -1
  392. data/man/man8/puppet-device.8 +2 -2
  393. data/man/man8/puppet-doc.8 +1 -1
  394. data/man/man8/puppet-epp.8 +1 -1
  395. data/man/man8/puppet-facts.8 +8 -51
  396. data/man/man8/puppet-filebucket.8 +4 -4
  397. data/man/man8/puppet-generate.8 +1 -1
  398. data/man/man8/puppet-help.8 +1 -1
  399. data/man/man8/puppet-lookup.8 +6 -9
  400. data/man/man8/puppet-module.8 +3 -60
  401. data/man/man8/puppet-node.8 +5 -5
  402. data/man/man8/puppet-parser.8 +1 -1
  403. data/man/man8/puppet-plugin.8 +1 -1
  404. data/man/man8/puppet-report.8 +5 -5
  405. data/man/man8/puppet-resource.8 +1 -1
  406. data/man/man8/puppet-script.8 +2 -2
  407. data/man/man8/puppet-ssl.8 +1 -5
  408. data/man/man8/puppet.8 +2 -2
  409. data/spec/fixtures/ssl/127.0.0.1-key.pem +57 -107
  410. data/spec/fixtures/ssl/127.0.0.1.pem +31 -52
  411. data/spec/fixtures/ssl/bad-basic-constraints.pem +35 -57
  412. data/spec/fixtures/ssl/bad-int-basic-constraints.pem +35 -57
  413. data/spec/fixtures/ssl/ca.pem +35 -57
  414. data/spec/fixtures/ssl/crl.pem +18 -28
  415. data/spec/fixtures/ssl/ec-key.pem +11 -11
  416. data/spec/fixtures/ssl/ec.pem +24 -33
  417. data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
  418. data/spec/fixtures/ssl/encrypted-key.pem +58 -108
  419. data/spec/fixtures/ssl/intermediate-agent-crl.pem +19 -28
  420. data/spec/fixtures/ssl/intermediate-agent.pem +36 -57
  421. data/spec/fixtures/ssl/intermediate-crl.pem +21 -31
  422. data/spec/fixtures/ssl/intermediate.pem +36 -57
  423. data/spec/fixtures/ssl/pluto-key.pem +57 -107
  424. data/spec/fixtures/ssl/pluto.pem +30 -52
  425. data/spec/fixtures/ssl/request-key.pem +57 -107
  426. data/spec/fixtures/ssl/request.pem +26 -47
  427. data/spec/fixtures/ssl/revoked-key.pem +57 -107
  428. data/spec/fixtures/ssl/revoked.pem +30 -52
  429. data/spec/fixtures/ssl/signed-key.pem +57 -107
  430. data/spec/fixtures/ssl/signed.pem +30 -52
  431. data/spec/fixtures/ssl/tampered-cert.pem +30 -52
  432. data/spec/fixtures/ssl/tampered-csr.pem +26 -47
  433. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +57 -107
  434. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +29 -50
  435. data/spec/fixtures/ssl/unknown-ca-key.pem +57 -107
  436. data/spec/fixtures/ssl/unknown-ca.pem +33 -55
  437. data/spec/fixtures/unit/forge/bacula.json +1 -1
  438. data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
  439. data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +0 -4
  440. data/spec/integration/application/agent_spec.rb +51 -299
  441. data/spec/integration/application/apply_spec.rb +1 -20
  442. data/spec/integration/application/filebucket_spec.rb +16 -32
  443. data/spec/integration/application/help_spec.rb +2 -0
  444. data/spec/integration/application/lookup_spec.rb +6 -32
  445. data/spec/integration/application/module_spec.rb +0 -21
  446. data/spec/integration/application/plugin_spec.rb +24 -2
  447. data/spec/integration/configurer_spec.rb +2 -18
  448. data/spec/integration/defaults_spec.rb +14 -3
  449. data/spec/integration/environments/settings_interpolation_spec.rb +4 -0
  450. data/spec/integration/http/client_spec.rb +0 -12
  451. data/spec/integration/indirector/direct_file_server_spec.rb +3 -1
  452. data/spec/integration/indirector/facts/facter_spec.rb +39 -93
  453. data/spec/integration/network/http_pool_spec.rb +3 -21
  454. data/spec/integration/parser/catalog_spec.rb +0 -38
  455. data/spec/integration/parser/node_spec.rb +0 -9
  456. data/spec/integration/parser/pcore_resource_spec.rb +0 -47
  457. data/spec/integration/resource/type_collection_spec.rb +6 -2
  458. data/spec/integration/transaction/report_spec.rb +1 -1
  459. data/spec/integration/transaction_spec.rb +9 -4
  460. data/spec/integration/type/exec_spec.rb +45 -70
  461. data/spec/integration/type/file_spec.rb +7 -6
  462. data/spec/integration/type/package_spec.rb +6 -6
  463. data/spec/integration/util/rdoc/parser_spec.rb +1 -1
  464. data/spec/integration/util/windows/adsi_spec.rb +1 -21
  465. data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
  466. data/spec/integration/util/windows/principal_spec.rb +0 -21
  467. data/spec/integration/util/windows/process_spec.rb +9 -1
  468. data/spec/integration/util/windows/registry_spec.rb +10 -6
  469. data/spec/integration/util/windows/security_spec.rb +1 -1
  470. data/spec/lib/matchers/include.rb +27 -0
  471. data/spec/lib/matchers/include_spec.rb +32 -0
  472. data/spec/lib/puppet/test_ca.rb +2 -7
  473. data/spec/lib/puppet_spec/modules.rb +2 -13
  474. data/spec/lib/puppet_spec/puppetserver.rb +1 -16
  475. data/spec/lib/puppet_spec/settings.rb +1 -1
  476. data/spec/shared_behaviours/documentation_on_faces.rb +2 -0
  477. data/spec/spec_helper.rb +17 -13
  478. data/spec/unit/agent_spec.rb +6 -10
  479. data/spec/unit/application/agent_spec.rb +3 -7
  480. data/spec/unit/application/apply_spec.rb +56 -76
  481. data/spec/unit/application/facts_spec.rb +12 -456
  482. data/spec/unit/application/filebucket_spec.rb +43 -39
  483. data/spec/unit/application/lookup_spec.rb +10 -131
  484. data/spec/unit/application/resource_spec.rb +0 -29
  485. data/spec/unit/application/ssl_spec.rb +2 -25
  486. data/spec/unit/application_spec.rb +9 -51
  487. data/spec/unit/certificate_factory_spec.rb +1 -1
  488. data/spec/unit/configurer/downloader_spec.rb +6 -8
  489. data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
  490. data/spec/unit/configurer_spec.rb +68 -296
  491. data/spec/unit/confine/feature_spec.rb +1 -1
  492. data/spec/unit/confine_spec.rb +2 -8
  493. data/spec/unit/context/trusted_information_spec.rb +2 -6
  494. data/spec/unit/defaults_spec.rb +68 -55
  495. data/spec/unit/environments_spec.rb +68 -408
  496. data/spec/unit/face/generate_spec.rb +0 -64
  497. data/spec/unit/face/node_spec.rb +11 -0
  498. data/spec/unit/face/plugin_spec.rb +73 -33
  499. data/spec/unit/file_bucket/dipper_spec.rb +2 -2
  500. data/spec/unit/file_bucket/file_spec.rb +1 -1
  501. data/spec/unit/file_serving/configuration/parser_spec.rb +15 -41
  502. data/spec/unit/file_serving/configuration_spec.rb +10 -26
  503. data/spec/unit/file_serving/fileset_spec.rb +0 -60
  504. data/spec/unit/file_serving/metadata_spec.rb +3 -3
  505. data/spec/unit/file_serving/terminus_helper_spec.rb +4 -11
  506. data/spec/unit/file_system_spec.rb +4 -56
  507. data/spec/unit/forge/module_release_spec.rb +10 -5
  508. data/spec/unit/functions/assert_type_spec.rb +1 -1
  509. data/spec/unit/functions/camelcase_spec.rb +1 -1
  510. data/spec/unit/functions/capitalize_spec.rb +1 -1
  511. data/spec/unit/functions/downcase_spec.rb +1 -1
  512. data/spec/unit/functions/empty_spec.rb +0 -10
  513. data/spec/unit/functions/logging_spec.rb +0 -1
  514. data/spec/unit/functions/lookup_spec.rb +0 -64
  515. data/spec/unit/functions/unwrap_spec.rb +0 -8
  516. data/spec/unit/functions/upcase_spec.rb +1 -1
  517. data/spec/unit/functions/versioncmp_spec.rb +4 -40
  518. data/spec/unit/functions4_spec.rb +2 -2
  519. data/spec/unit/gettext/config_spec.rb +0 -12
  520. data/spec/unit/http/client_spec.rb +8 -66
  521. data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
  522. data/spec/unit/http/external_client_spec.rb +4 -4
  523. data/spec/unit/{network/http → http}/factory_spec.rb +5 -30
  524. data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
  525. data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
  526. data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
  527. data/spec/unit/http/resolver_spec.rb +13 -13
  528. data/spec/unit/http/service/compiler_spec.rb +0 -193
  529. data/spec/unit/http/service/file_server_spec.rb +3 -3
  530. data/spec/unit/http/service/puppetserver_spec.rb +34 -4
  531. data/spec/unit/http/service_spec.rb +0 -1
  532. data/spec/unit/http/session_spec.rb +16 -14
  533. data/spec/unit/{network/http → http}/site_spec.rb +3 -3
  534. data/spec/unit/indirector/catalog/compiler_spec.rb +10 -101
  535. data/spec/unit/indirector/catalog/rest_spec.rb +0 -8
  536. data/spec/unit/indirector/face_spec.rb +1 -0
  537. data/spec/unit/indirector/facts/facter_spec.rb +3 -0
  538. data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
  539. data/spec/unit/indirector/file_bucket_file/selector_spec.rb +8 -26
  540. data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
  541. data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
  542. data/spec/unit/indirector/file_server_spec.rb +1 -15
  543. data/spec/unit/indirector/indirection_spec.rb +15 -18
  544. data/spec/unit/indirector/report/rest_spec.rb +2 -17
  545. data/spec/unit/indirector/request_spec.rb +0 -264
  546. data/spec/unit/indirector/resource/ral_spec.rb +75 -40
  547. data/spec/unit/indirector/rest_spec.rb +98 -752
  548. data/spec/unit/indirector/store_configs_spec.rb +7 -0
  549. data/spec/unit/indirector_spec.rb +2 -2
  550. data/spec/unit/interface/action_spec.rb +9 -0
  551. data/spec/unit/module_spec.rb +1 -15
  552. data/spec/unit/module_tool/applications/installer_spec.rb +0 -105
  553. data/spec/unit/network/authconfig_spec.rb +2 -129
  554. data/spec/unit/network/authorization_spec.rb +2 -55
  555. data/spec/unit/network/formats_spec.rb +4 -51
  556. data/spec/unit/network/http/api/indirected_routes_spec.rb +5 -92
  557. data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
  558. data/spec/unit/network/http/api_spec.rb +10 -0
  559. data/spec/unit/network/http/connection_spec.rb +19 -41
  560. data/spec/unit/network/http/handler_spec.rb +0 -1
  561. data/spec/unit/network/http_pool_spec.rb +0 -4
  562. data/spec/unit/node/environment_spec.rb +33 -21
  563. data/spec/unit/node_spec.rb +2 -60
  564. data/spec/unit/parser/compiler_spec.rb +19 -3
  565. data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
  566. data/spec/unit/parser/functions/fqdn_rand_spec.rb +1 -15
  567. data/spec/unit/parser/resource_spec.rb +8 -14
  568. data/spec/unit/parser/templatewrapper_spec.rb +5 -16
  569. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
  570. data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
  571. data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
  572. data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
  573. data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
  574. data/spec/unit/pops/parser/parse_containers_spec.rb +13 -2
  575. data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
  576. data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
  577. data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
  578. data/spec/unit/pops/serialization/to_stringified_spec.rb +0 -5
  579. data/spec/unit/pops/types/p_sem_ver_type_spec.rb +0 -18
  580. data/spec/unit/pops/types/p_sensitive_type_spec.rb +0 -18
  581. data/spec/unit/pops/types/type_calculator_spec.rb +6 -12
  582. data/spec/unit/pops/types/type_factory_spec.rb +1 -1
  583. data/spec/unit/pops/validator/validator_spec.rb +61 -51
  584. data/spec/unit/pops/visitor_spec.rb +1 -1
  585. data/spec/unit/property_spec.rb +0 -1
  586. data/spec/unit/provider/group/groupadd_spec.rb +2 -5
  587. data/spec/unit/provider/nameservice_spec.rb +64 -122
  588. data/spec/unit/provider/package/apt_spec.rb +23 -28
  589. data/spec/unit/provider/package/aptitude_spec.rb +1 -1
  590. data/spec/unit/provider/package/base_spec.rb +5 -6
  591. data/spec/unit/provider/package/dnfmodule_spec.rb +1 -10
  592. data/spec/unit/provider/package/dpkg_spec.rb +0 -48
  593. data/spec/unit/provider/package/gem_spec.rb +33 -1
  594. data/spec/unit/provider/package/nim_spec.rb +0 -42
  595. data/spec/unit/provider/package/pacman_spec.rb +12 -18
  596. data/spec/unit/provider/package/pip2_spec.rb +1 -1
  597. data/spec/unit/provider/package/pip3_spec.rb +1 -1
  598. data/spec/unit/provider/package/pip_spec.rb +12 -44
  599. data/spec/unit/provider/package/pkg_spec.rb +4 -29
  600. data/spec/unit/provider/package/pkgdmg_spec.rb +4 -0
  601. data/spec/unit/provider/package/puppet_gem_spec.rb +4 -3
  602. data/spec/unit/provider/package/puppetserver_gem_spec.rb +1 -1
  603. data/spec/unit/provider/parsedfile_spec.rb +0 -10
  604. data/spec/unit/provider/service/gentoo_spec.rb +5 -6
  605. data/spec/unit/provider/service/init_spec.rb +9 -16
  606. data/spec/unit/provider/service/launchd_spec.rb +0 -11
  607. data/spec/unit/provider/service/openwrt_spec.rb +29 -23
  608. data/spec/unit/provider/service/redhat_spec.rb +2 -3
  609. data/spec/unit/provider/service/smf_spec.rb +401 -165
  610. data/spec/unit/provider/service/systemd_spec.rb +9 -54
  611. data/spec/unit/provider/service/windows_spec.rb +0 -203
  612. data/spec/unit/provider/user/aix_spec.rb +0 -105
  613. data/spec/unit/provider/user/directoryservice_spec.rb +36 -68
  614. data/spec/unit/provider/user/hpux_spec.rb +1 -1
  615. data/spec/unit/provider/user/pw_spec.rb +0 -2
  616. data/spec/unit/provider/user/useradd_spec.rb +5 -114
  617. data/spec/unit/provider_spec.rb +12 -22
  618. data/spec/unit/puppet_spec.rb +4 -12
  619. data/spec/unit/resource/catalog_spec.rb +2 -15
  620. data/spec/unit/resource/type_collection_spec.rb +2 -22
  621. data/spec/unit/resource/type_spec.rb +1 -1
  622. data/spec/unit/resource_spec.rb +12 -125
  623. data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
  624. data/spec/unit/settings/integer_setting_spec.rb +42 -0
  625. data/spec/unit/settings/port_setting_spec.rb +31 -0
  626. data/spec/unit/settings/priority_setting_spec.rb +4 -4
  627. data/spec/unit/settings_spec.rb +79 -110
  628. data/spec/unit/ssl/base_spec.rb +37 -3
  629. data/spec/unit/ssl/certificate_request_spec.rb +21 -45
  630. data/spec/unit/ssl/certificate_spec.rb +2 -11
  631. data/spec/unit/ssl/ssl_provider_spec.rb +2 -5
  632. data/spec/unit/ssl/state_machine_spec.rb +5 -20
  633. data/spec/unit/ssl/verifier_spec.rb +0 -21
  634. data/spec/unit/transaction/additional_resource_generator_spec.rb +9 -3
  635. data/spec/unit/transaction/event_manager_spec.rb +11 -14
  636. data/spec/unit/transaction/persistence_spec.rb +0 -51
  637. data/spec/unit/transaction/report_spec.rb +0 -2
  638. data/spec/unit/transaction/resource_harness_spec.rb +2 -2
  639. data/spec/unit/transaction_spec.rb +55 -96
  640. data/spec/unit/type/exec_spec.rb +29 -76
  641. data/spec/unit/type/file/checksum_spec.rb +6 -6
  642. data/spec/unit/type/file/content_spec.rb +2 -1
  643. data/spec/unit/type/file/ensure_spec.rb +1 -1
  644. data/spec/unit/type/file/mode_spec.rb +1 -1
  645. data/spec/unit/type/file/selinux_spec.rb +5 -3
  646. data/spec/unit/type/file/source_spec.rb +4 -5
  647. data/spec/unit/type/file_spec.rb +18 -6
  648. data/spec/unit/type/group_spec.rb +6 -13
  649. data/spec/unit/type/package_spec.rb +1 -1
  650. data/spec/unit/type/resources_spec.rb +7 -7
  651. data/spec/unit/type/service_spec.rb +189 -87
  652. data/spec/unit/type/tidy_spec.rb +8 -24
  653. data/spec/unit/type_spec.rb +24 -4
  654. data/spec/unit/util/at_fork_spec.rb +2 -2
  655. data/spec/unit/util/autoload_spec.rb +1 -5
  656. data/spec/unit/util/backups_spec.rb +2 -3
  657. data/spec/unit/util/execution_spec.rb +11 -44
  658. data/spec/unit/util/inifile_spec.rb +14 -6
  659. data/spec/unit/util/log_spec.rb +7 -8
  660. data/spec/unit/util/logging_spec.rb +3 -5
  661. data/spec/unit/util/monkey_patches_spec.rb +0 -6
  662. data/spec/unit/util/posix_spec.rb +15 -363
  663. data/spec/unit/util/run_mode_spec.rb +21 -121
  664. data/spec/unit/util/selinux_spec.rb +68 -163
  665. data/spec/unit/util/storage_spec.rb +1 -3
  666. data/spec/unit/util/suidmanager_spec.rb +41 -44
  667. data/spec/unit/util/windows/sid_spec.rb +0 -41
  668. data/spec/unit/util/windows/string_spec.rb +1 -3
  669. data/spec/unit/util/yaml_spec.rb +13 -92
  670. data/spec/unit/util_spec.rb +6 -31
  671. data/tasks/generate_cert_fixtures.rake +3 -12
  672. data/tasks/parallel.rake +3 -3
  673. metadata +138 -293
  674. data/conf/auth.conf +0 -150
  675. data/ext/README.md +0 -13
  676. data/lib/puppet/application/cert.rb +0 -76
  677. data/lib/puppet/application/key.rb +0 -4
  678. data/lib/puppet/application/man.rb +0 -4
  679. data/lib/puppet/application/status.rb +0 -4
  680. data/lib/puppet/face/key.rb +0 -16
  681. data/lib/puppet/face/man.rb +0 -145
  682. data/lib/puppet/face/module/build.rb +0 -14
  683. data/lib/puppet/face/module/generate.rb +0 -14
  684. data/lib/puppet/face/module/search.rb +0 -103
  685. data/lib/puppet/face/status.rb +0 -51
  686. data/lib/puppet/facter_impl.rb +0 -96
  687. data/lib/puppet/ffi/posix/constants.rb +0 -14
  688. data/lib/puppet/ffi/posix/functions.rb +0 -24
  689. data/lib/puppet/ffi/posix.rb +0 -10
  690. data/lib/puppet/file_serving/mount/scripts.rb +0 -24
  691. data/lib/puppet/indirector/certificate/file.rb +0 -9
  692. data/lib/puppet/indirector/certificate/rest.rb +0 -18
  693. data/lib/puppet/indirector/certificate_request/file.rb +0 -9
  694. data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
  695. data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
  696. data/lib/puppet/indirector/file_content/http.rb +0 -22
  697. data/lib/puppet/indirector/key/file.rb +0 -46
  698. data/lib/puppet/indirector/key/memory.rb +0 -7
  699. data/lib/puppet/indirector/ssl_file.rb +0 -162
  700. data/lib/puppet/indirector/status/local.rb +0 -12
  701. data/lib/puppet/indirector/status/rest.rb +0 -27
  702. data/lib/puppet/indirector/status.rb +0 -3
  703. data/lib/puppet/module_tool/applications/searcher.rb +0 -29
  704. data/lib/puppet/network/auth_config_parser.rb +0 -90
  705. data/lib/puppet/network/authstore.rb +0 -283
  706. data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
  707. data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
  708. data/lib/puppet/network/http/base_pool.rb +0 -36
  709. data/lib/puppet/network/http/compression.rb +0 -127
  710. data/lib/puppet/network/http/connection_adapter.rb +0 -184
  711. data/lib/puppet/network/http/nocache_pool.rb +0 -28
  712. data/lib/puppet/network/rest_controller.rb +0 -2
  713. data/lib/puppet/network/rights.rb +0 -210
  714. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
  715. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
  716. data/lib/puppet/parser/environment_compiler.rb +0 -202
  717. data/lib/puppet/pops/types/enumeration.rb +0 -16
  718. data/lib/puppet/resource/capability_finder.rb +0 -154
  719. data/lib/puppet/rest/errors.rb +0 -15
  720. data/lib/puppet/rest/response.rb +0 -35
  721. data/lib/puppet/rest/route.rb +0 -85
  722. data/lib/puppet/rest/routes.rb +0 -135
  723. data/lib/puppet/settings/alias_setting.rb +0 -37
  724. data/lib/puppet/ssl/host.rb +0 -505
  725. data/lib/puppet/ssl/key.rb +0 -61
  726. data/lib/puppet/ssl/validator/default_validator.rb +0 -209
  727. data/lib/puppet/ssl/validator/no_validator.rb +0 -22
  728. data/lib/puppet/ssl/validator.rb +0 -61
  729. data/lib/puppet/ssl/verifier_adapter.rb +0 -58
  730. data/lib/puppet/status.rb +0 -40
  731. data/lib/puppet/util/connection.rb +0 -88
  732. data/lib/puppet/util/fact_dif.rb +0 -81
  733. data/lib/puppet/util/ssl.rb +0 -83
  734. data/lib/puppet/util/windows/api_types.rb +0 -309
  735. data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
  736. data/lib/puppet/vendor/load_pathspec.rb +0 -1
  737. data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
  738. data/lib/puppet/vendor/pathspec/LICENSE +0 -201
  739. data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
  740. data/lib/puppet/vendor/pathspec/README.md +0 -53
  741. data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
  742. data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
  743. data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
  744. data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
  745. data/man/man8/puppet-key.8 +0 -126
  746. data/man/man8/puppet-man.8 +0 -76
  747. data/man/man8/puppet-status.8 +0 -108
  748. data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +0 -92
  749. data/spec/fixtures/integration/application/agent/lib/facter/agent_spec_role.rb +0 -3
  750. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Gemfile +0 -4
  751. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Rakefile +0 -3
  752. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/lib/puppet/functions/l10n.rb +0 -8
  753. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/config.yaml +0 -25
  754. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/ja/puppet-l10n.po +0 -19
  755. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/puppet-l10n.pot +0 -20
  756. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/metadata.json +0 -8
  757. data/spec/fixtures/ssl/oid-key.pem +0 -117
  758. data/spec/fixtures/ssl/oid.pem +0 -69
  759. data/spec/fixtures/ssl/trusted_oid_mapping.yaml +0 -5
  760. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +0 -9
  761. data/spec/integration/application/resource_spec.rb +0 -64
  762. data/spec/integration/application/ssl_spec.rb +0 -20
  763. data/spec/integration/l10n/compiler_spec.rb +0 -37
  764. data/spec/integration/network/authconfig_spec.rb +0 -256
  765. data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
  766. data/spec/shared_contexts/l10n.rb +0 -32
  767. data/spec/unit/application/man_spec.rb +0 -52
  768. data/spec/unit/capability_spec.rb +0 -414
  769. data/spec/unit/concurrent/thread_local_singleton_spec.rb +0 -39
  770. data/spec/unit/face/key_spec.rb +0 -9
  771. data/spec/unit/face/module/search_spec.rb +0 -231
  772. data/spec/unit/face/status_spec.rb +0 -9
  773. data/spec/unit/facter_impl_spec.rb +0 -31
  774. data/spec/unit/file_serving/mount/scripts_spec.rb +0 -69
  775. data/spec/unit/indirector/certificate/file_spec.rb +0 -14
  776. data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
  777. data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
  778. data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
  779. data/spec/unit/indirector/key/file_spec.rb +0 -78
  780. data/spec/unit/indirector/ssl_file_spec.rb +0 -305
  781. data/spec/unit/indirector/status/local_spec.rb +0 -10
  782. data/spec/unit/indirector/status/rest_spec.rb +0 -50
  783. data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
  784. data/spec/unit/network/auth_config_parser_spec.rb +0 -115
  785. data/spec/unit/network/authstore_spec.rb +0 -407
  786. data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
  787. data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
  788. data/spec/unit/network/http/compression_spec.rb +0 -240
  789. data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
  790. data/spec/unit/network/http_spec.rb +0 -9
  791. data/spec/unit/network/rights_spec.rb +0 -439
  792. data/spec/unit/parser/environment_compiler_spec.rb +0 -730
  793. data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +0 -20
  794. data/spec/unit/pops/types/enumeration_spec.rb +0 -51
  795. data/spec/unit/resource/capability_finder_spec.rb +0 -148
  796. data/spec/unit/rest/route_spec.rb +0 -132
  797. data/spec/unit/ssl/host_spec.rb +0 -645
  798. data/spec/unit/ssl/key_spec.rb +0 -173
  799. data/spec/unit/ssl/validator_spec.rb +0 -278
  800. data/spec/unit/status_spec.rb +0 -45
  801. data/spec/unit/util/json_spec.rb +0 -126
  802. data/spec/unit/util/ssl_spec.rb +0 -91
@@ -21,6 +21,8 @@ class Puppet::Settings
21
21
  require 'puppet/settings/file_or_directory_setting'
22
22
  require 'puppet/settings/path_setting'
23
23
  require 'puppet/settings/boolean_setting'
24
+ require 'puppet/settings/integer_setting'
25
+ require 'puppet/settings/port_setting'
24
26
  require 'puppet/settings/terminus_setting'
25
27
  require 'puppet/settings/duration_setting'
26
28
  require 'puppet/settings/ttl_setting'
@@ -32,7 +34,6 @@ class Puppet::Settings
32
34
  require 'puppet/settings/server_list_setting'
33
35
  require 'puppet/settings/http_extra_headers_setting'
34
36
  require 'puppet/settings/certificate_revocation_setting'
35
- require 'puppet/settings/alias_setting'
36
37
 
37
38
  # local reference for convenience
38
39
  PuppetOptionParser = Puppet::Util::CommandLine::PuppetOptionParser
@@ -53,13 +54,14 @@ class Puppet::Settings
53
54
  # returns reasonable application default settings values for a given run_mode.
54
55
  def self.app_defaults_for_run_mode(run_mode)
55
56
  {
56
- :name => run_mode.to_s,
57
- :run_mode => run_mode.name,
58
- :confdir => run_mode.conf_dir,
59
- :codedir => run_mode.code_dir,
60
- :vardir => run_mode.var_dir,
61
- :rundir => run_mode.run_dir,
62
- :logdir => run_mode.log_dir,
57
+ :name => run_mode.to_s,
58
+ :run_mode => run_mode.name,
59
+ :confdir => run_mode.conf_dir,
60
+ :codedir => run_mode.code_dir,
61
+ :vardir => run_mode.var_dir,
62
+ :publicdir => run_mode.public_dir,
63
+ :rundir => run_mode.run_dir,
64
+ :logdir => run_mode.log_dir,
63
65
  }
64
66
  end
65
67
 
@@ -75,11 +77,11 @@ class Puppet::Settings
75
77
  end
76
78
 
77
79
  def self.hostname_fact()
78
- Puppet.runtime[:facter].value :hostname
80
+ Facter.value :hostname
79
81
  end
80
82
 
81
83
  def self.domain_fact()
82
- Puppet.runtime[:facter].value :domain
84
+ Facter.value :domain
83
85
  end
84
86
 
85
87
  def self.default_config_file_name
@@ -386,6 +388,19 @@ class Puppet::Settings
386
388
  call_hooks_deferred_to_application_initialization
387
389
  issue_deprecations
388
390
 
391
+ run_mode = Puppet::Util::RunMode[self.preferred_run_mode]
392
+ if run_mode.agent? || run_mode.server?
393
+ if self.set_in_section?(:masterport, run_mode.name) && !self.set_in_section?(:serverport, run_mode.name)
394
+ self[:serverport] = self[:masterport]
395
+ elsif self.set_by_config?(:masterport) && !self.set_by_config?(:serverport)
396
+ self[:serverport] = self[:masterport]
397
+ elsif self.set_in_section?(:serverport, run_mode.name) && !self.set_in_section?(:masterport, run_mode.name)
398
+ self[:masterport] = self[:serverport]
399
+ elsif self.set_by_config?(:serverport) && !self.set_by_config?(:masterport)
400
+ self[:masterport] = self[:serverport]
401
+ end
402
+ end
403
+
389
404
  REQUIRED_APP_SETTINGS.each do |key|
390
405
  create_ancestors(Puppet[key])
391
406
  end
@@ -720,6 +735,8 @@ class Puppet::Settings
720
735
  :file_or_directory => FileOrDirectorySetting,
721
736
  :path => PathSetting,
722
737
  :boolean => BooleanSetting,
738
+ :integer => IntegerSetting,
739
+ :port => PortSetting,
723
740
  :terminus => TerminusSetting,
724
741
  :duration => DurationSetting,
725
742
  :ttl => TTLSetting,
@@ -730,8 +747,7 @@ class Puppet::Settings
730
747
  :autosign => AutosignSetting,
731
748
  :server_list => ServerListSetting,
732
749
  :http_extra_headers => HttpExtraHeadersSetting,
733
- :certificate_revocation => CertificateRevocationSetting,
734
- :alias => AliasSetting
750
+ :certificate_revocation => CertificateRevocationSetting
735
751
  }
736
752
 
737
753
  # Create a new setting. The value is passed in because it's used to determine
@@ -862,11 +878,7 @@ class Puppet::Settings
862
878
  if self[:user]
863
879
  user = Puppet::Type.type(:user).new :name => self[:user], :audit => :ensure
864
880
 
865
- if user.suitable?
866
- @service_user_available = user.exists?
867
- else
868
- raise Puppet::Error, (_("Cannot manage owner permissions, because the provider for '%{name}' is not functional") % { name: user })
869
- end
881
+ @service_user_available = user.exists?
870
882
  else
871
883
  @service_user_available = false
872
884
  end
@@ -878,11 +890,7 @@ class Puppet::Settings
878
890
  if self[:group]
879
891
  group = Puppet::Type.type(:group).new :name => self[:group], :audit => :ensure
880
892
 
881
- if group.suitable?
882
- @service_group_available = group.exists?
883
- else
884
- raise Puppet::Error, (_("Cannot manage group permissions, because the provider for '%{name}' is not functional") % { name: group })
885
- end
893
+ @service_group_available = group.exists?
886
894
  else
887
895
  @service_group_available = false
888
896
  end
@@ -891,16 +899,9 @@ class Puppet::Settings
891
899
  # Allow later inspection to determine if the setting was set on the
892
900
  # command line, or through some other code path. Used for the
893
901
  # `dns_alt_names` option during cert generate. --daniel 2011-10-18
894
- #
895
- # @param param [String, Symbol] the setting to look up
896
- # @return [Object, nil] the value of the setting or nil if unset
897
- def set_by_cli(param)
898
- param = param.to_sym
899
- @value_sets[:cli].lookup(param)
900
- end
901
-
902
902
  def set_by_cli?(param)
903
- !!set_by_cli(param)
903
+ param = param.to_sym
904
+ !@value_sets[:cli].lookup(param).nil?
904
905
  end
905
906
 
906
907
  # Get values from a search path entry.
@@ -933,13 +934,9 @@ class Puppet::Settings
933
934
  end
934
935
  end
935
936
 
936
- # Allow later inspection to determine if the setting was set in a specific
937
- # section
938
- #
939
- # @param param [String, Symbol] the setting to look up
940
- # @param section [Symbol] the section in which to look up the setting
941
- # @return [Object, nil] the value of the setting or nil if unset
942
- def set_in_section(param, section)
937
+ # Allow later inspection to determine if the setting was set by user
938
+ # config, rather than a default setting.
939
+ def set_in_section?(param, section)
943
940
  param = param.to_sym
944
941
  vals = searchpath_values(SearchPathElement.new(section, :section))
945
942
  if vals
@@ -947,10 +944,6 @@ class Puppet::Settings
947
944
  end
948
945
  end
949
946
 
950
- def set_in_section?(param, section)
951
- !!set_in_section(param, section)
952
- end
953
-
954
947
  # Patches the value for a param in a section.
955
948
  # This method is required to support the use case of unifying --dns-alt-names and
956
949
  # --dns_alt_names in the certificate face. Ideally this should be cleaned up.
@@ -1097,41 +1090,48 @@ Generated on #{Time.now}.
1097
1090
  # Create the necessary objects to use a section. This is idempotent;
1098
1091
  # you can 'use' a section as many times as you want.
1099
1092
  def use(*sections)
1100
- Puppet.warning(":master section deprecated in favor of :server section") if sections.include?(:master)
1093
+ if Puppet[:settings_catalog]
1094
+ sections = sections.collect { |s| s.to_sym }
1095
+ sections = sections.reject { |s| @used.include?(s) }
1101
1096
 
1102
- # add :server if sections include :master or :master if sections include :server
1103
- sections |= [:master, :server] if (sections & [:master, :server]).any?
1097
+ Puppet.warning(":master section deprecated in favor of :server section") if sections.include?(:master)
1104
1098
 
1105
- sections = sections.collect { |s| s.to_sym }
1106
- sections = sections.reject { |s| @used.include?(s) }
1099
+ # add :server if sections include :master or :master if sections include :server
1100
+ sections |= [:master, :server] if (sections & [:master, :server]).any?
1107
1101
 
1108
- return if sections.empty?
1102
+ sections = sections.collect { |s| s.to_sym }
1103
+ sections = sections.reject { |s| @used.include?(s) }
1109
1104
 
1110
- Puppet.debug { "Applying settings catalog for sections #{sections.join(', ')}" }
1105
+ return if sections.empty?
1111
1106
 
1112
- begin
1113
- catalog = to_catalog(*sections).to_ral
1114
- rescue => detail
1115
- Puppet.log_and_raise(detail, "Could not create resources for managing Puppet's files and directories in sections #{sections.inspect}: #{detail}")
1116
- end
1107
+ Puppet.debug { "Applying settings catalog for sections #{sections.join(', ')}" }
1117
1108
 
1118
- catalog.host_config = false
1119
- catalog.apply do |transaction|
1120
- if transaction.any_failed?
1121
- report = transaction.report
1122
- status_failures = report.resource_statuses.values.select { |r| r.failed? }
1123
- status_fail_msg = status_failures.
1124
- collect(&:events).
1125
- flatten.
1126
- select { |event| event.status == 'failure' }.
1127
- collect { |event| "#{event.resource}: #{event.message}" }.join("; ")
1109
+ begin
1110
+ catalog = to_catalog(*sections).to_ral
1111
+ rescue => detail
1112
+ Puppet.log_and_raise(detail, "Could not create resources for managing Puppet's files and directories in sections #{sections.inspect}: #{detail}")
1113
+ end
1128
1114
 
1129
- raise "Got #{status_failures.length} failure(s) while initializing: #{status_fail_msg}"
1115
+ catalog.host_config = false
1116
+ catalog.apply do |transaction|
1117
+ if transaction.any_failed?
1118
+ report = transaction.report
1119
+ status_failures = report.resource_statuses.values.select { |r| r.failed? }
1120
+ status_fail_msg = status_failures.
1121
+ collect(&:events).
1122
+ flatten.
1123
+ select { |event| event.status == 'failure' }.
1124
+ collect { |event| "#{event.resource}: #{event.message}" }.join("; ")
1125
+
1126
+ raise "Got #{status_failures.length} failure(s) while initializing: #{status_fail_msg}"
1127
+ end
1130
1128
  end
1131
- end
1132
1129
 
1133
- sections.each { |s| @used << s }
1134
- @used.uniq!
1130
+ sections.each { |s| @used << s }
1131
+ @used.uniq!
1132
+ else
1133
+ Puppet.debug("Skipping settings catalog for sections #{sections.join(', ')}")
1134
+ end
1135
1135
  end
1136
1136
 
1137
1137
  def valid?(param)
@@ -1285,37 +1285,27 @@ Generated on #{Time.now}.
1285
1285
  end
1286
1286
 
1287
1287
  def add_environment_resources(catalog, sections)
1288
+ path = self[:environmentpath]
1289
+ envdir = path.split(File::PATH_SEPARATOR).first if path
1288
1290
  configured_environment = self[:environment]
1289
-
1290
- if configured_environment == "production" && !production_environment_exists?
1291
- environment_path = self[:environmentpath]
1292
- first_environment_path = environment_path.split(File::PATH_SEPARATOR).first
1293
-
1294
- if Puppet::FileSystem.exist?(first_environment_path)
1295
- production_environment_path = File.join(first_environment_path, configured_environment)
1291
+ if configured_environment == "production" && envdir && Puppet::FileSystem.exist?(envdir)
1292
+ configured_environment_path = File.join(envdir, configured_environment)
1293
+ # If configured_environment_path is a symlink, assume the source path is being managed
1294
+ # elsewhere, so don't do any of this configuration
1295
+ if !Puppet::FileSystem.symlink?(configured_environment_path)
1296
1296
  parameters = { :ensure => 'directory' }
1297
- parameters[:mode] = '0750'
1298
- if Puppet.features.root?
1299
- parameters[:owner] = Puppet[:user] if service_user_available?
1300
- parameters[:group] = Puppet[:group] if service_group_available?
1297
+ unless Puppet::FileSystem.exist?(configured_environment_path)
1298
+ parameters[:mode] = '0750'
1299
+ if Puppet.features.root?
1300
+ parameters[:owner] = Puppet[:user] if service_user_available?
1301
+ parameters[:group] = Puppet[:group] if service_group_available?
1302
+ end
1301
1303
  end
1302
- catalog.add_resource(Puppet::Resource.new(:file, production_environment_path, :parameters => parameters))
1304
+ catalog.add_resource(Puppet::Resource.new(:file, configured_environment_path, :parameters => parameters))
1303
1305
  end
1304
1306
  end
1305
1307
  end
1306
1308
 
1307
- def production_environment_exists?
1308
- environment_path = self[:environmentpath]
1309
- paths = environment_path.split(File::PATH_SEPARATOR)
1310
-
1311
- paths.any? do |path|
1312
- # If expected_path is a symlink, assume the source path is being managed
1313
- # elsewhere, so accept it also as a valid production environment path
1314
- expected_path = File.join(path, 'production')
1315
- Puppet::FileSystem.directory?(expected_path) || Puppet::FileSystem.symlink?(expected_path)
1316
- end
1317
- end
1318
-
1319
1309
  def add_user_resources(catalog, sections)
1320
1310
  return unless Puppet.features.root?
1321
1311
  return if Puppet::Util::Platform.windows?
@@ -1416,12 +1406,6 @@ Generated on #{Time.now}.
1416
1406
  end
1417
1407
  end
1418
1408
 
1419
- setting = @defaults[name]
1420
- if setting.respond_to?(:alias_name)
1421
- val = lookup(setting.alias_name)
1422
- return val if val
1423
- end
1424
-
1425
1409
  @defaults[name].default
1426
1410
  end
1427
1411
 
@@ -1,7 +1,6 @@
1
1
  require 'puppet/ssl/openssl_loader'
2
2
  require 'puppet/ssl'
3
3
  require 'puppet/ssl/digest'
4
- require 'puppet/util/ssl'
5
4
 
6
5
  # The base class for wrapping SSL instances.
7
6
  class Puppet::SSL::Base
@@ -54,7 +53,9 @@ class Puppet::SSL::Base
54
53
  #
55
54
  # @return [String] the name (CN) extracted from the subject.
56
55
  def self.name_from_subject(subject)
57
- Puppet::Util::SSL.cn_from_subject(subject)
56
+ if subject.respond_to? :to_a
57
+ (subject.to_a.assoc('CN') || [])[1]
58
+ end
58
59
  end
59
60
 
60
61
  # Create an instance of our Puppet::SSL::* class using a given instance of the wrapped class
@@ -82,15 +83,12 @@ class Puppet::SSL::Base
82
83
  # Read content from disk appropriately.
83
84
  def read(path)
84
85
  # applies to Puppet::SSL::Certificate, Puppet::SSL::CertificateRequest
85
- # Puppet::SSL::Key uses this, but also provides its own override
86
86
  # nothing derives from Puppet::SSL::Certificate, but it is called by a number of other SSL Indirectors:
87
87
  # Puppet::Indirector::CertificateStatus::File (.indirection.find)
88
88
  # Puppet::Network::HTTP::WEBrick (.indirection.find)
89
89
  # Puppet::Network::HTTP::RackREST (.from_instance)
90
90
  # Puppet::Network::HTTP::WEBrickREST (.from_instance)
91
- # Puppet::SSL::Host (.indirection.find)
92
91
  # Puppet::SSL::Inventory (.indirection.search, implements its own add / rebuild / serials with encoding UTF8)
93
- # Puppet::SSL::Validator::DefaultValidator (.from_instance) / Puppet::SSL::Validator::NoValidator does nothing
94
92
  @content = wrapped_class.new(Puppet::FileSystem.read(path, :encoding => Encoding::ASCII))
95
93
  end
96
94
 
@@ -11,12 +11,6 @@ class Puppet::SSL::Certificate < Puppet::SSL::Base
11
11
  # This is defined from the base class
12
12
  wraps OpenSSL::X509::Certificate
13
13
 
14
- extend Puppet::Indirector
15
- indirects :certificate, :terminus_class => :file, :doc => <<DOC
16
- This indirection wraps an `OpenSSL::X509::Certificate` object, representing a certificate (signed public key).
17
- The indirection key is the certificate CN (generally a hostname).
18
- DOC
19
-
20
14
  # Because of how the format handler class is included, this
21
15
  # can't be in the base class.
22
16
  def self.supported_formats
@@ -28,13 +28,6 @@ require 'puppet/ssl/certificate_signer'
28
28
  class Puppet::SSL::CertificateRequest < Puppet::SSL::Base
29
29
  wraps OpenSSL::X509::Request
30
30
 
31
- extend Puppet::Indirector
32
-
33
- indirects :certificate_request, :terminus_class => :file, :doc => <<DOC
34
- This indirection wraps an `OpenSSL::X509::Request` object, representing a certificate signing request (CSR).
35
- The indirection key is the certificate CN (generally a hostname).
36
- DOC
37
-
38
31
  # Because of how the format handler class is included, this
39
32
  # can't be in the base class.
40
33
  def self.supported_formats
@@ -47,8 +40,7 @@ DOC
47
40
 
48
41
  # Create a certificate request with our system settings.
49
42
  #
50
- # @param key [OpenSSL::X509::Key, Puppet::SSL::Key] The key pair associated
51
- # with this CSR.
43
+ # @param key [OpenSSL::X509::Key] The private key associated with this CSR.
52
44
  # @param options [Hash]
53
45
  # @option options [String] :dns_alt_names A comma separated list of
54
46
  # Subject Alternative Names to include in the CSR extension request.
@@ -64,9 +56,6 @@ DOC
64
56
  def generate(key, options = {})
65
57
  Puppet.info _("Creating a new SSL certificate request for %{name}") % { name: name }
66
58
 
67
- # Support either an actual SSL key, or a Puppet key.
68
- key = key.content if key.is_a?(Puppet::SSL::Key)
69
-
70
59
  # If we're a CSR for the CA, then use the real ca_name, rather than the
71
60
  # fake 'ca' name. This is mostly for backward compatibility with 0.24.x,
72
61
  # but it's also just a good idea.
@@ -27,6 +27,12 @@ class Puppet::SSL::CertificateSigner
27
27
  @digest
28
28
  end
29
29
 
30
+ # Sign a certificate signing request (CSR) with a private key.
31
+ #
32
+ # @param [OpenSSL::X509::Request] content The CSR to sign
33
+ # @param [OpenSSL::X509::PKey] key The private key to sign with
34
+ #
35
+ # @api private
30
36
  def sign(content, key)
31
37
  content.sign(key, @digest.new)
32
38
  end
@@ -2,10 +2,11 @@ require 'puppet/ssl'
2
2
 
3
3
  # This module defines OIDs for use within Puppet.
4
4
  #
5
- # == ASN.1 Definition
5
+ # # ASN.1 Definition
6
6
  #
7
7
  # The following is the formal definition of OIDs specified in this file.
8
8
  #
9
+ # ```
9
10
  # puppetCertExtensions OBJECT IDENTIFIER ::= {iso(1) identified-organization(3)
10
11
  # dod(6) internet(1) private(4) enterprise(1) 34380 1}
11
12
  #
@@ -22,6 +23,7 @@ require 'puppet/ssl'
22
23
  # pp_instance_id OBJECT IDENTIFIER ::= { registeredExtensions 2 }
23
24
  # pp_image_name OBJECT IDENTIFIER ::= { registeredExtensions 3 }
24
25
  # pp_preshared_key OBJECT IDENTIFIER ::= { registeredExtensions 4 }
26
+ # ```
25
27
  #
26
28
  # @api private
27
29
  module Puppet::SSL::Oids
@@ -3,6 +3,23 @@ require 'puppet/ssl'
3
3
  # SSL Provider creates `SSLContext` objects that can be used to create
4
4
  # secure connections.
5
5
  #
6
+ # @example To load an SSLContext from an existing private key and related certs/crls:
7
+ # ssl_context = provider.load_context
8
+ #
9
+ # @example To load an SSLContext from an existing password-protected private key and related certs/crls:
10
+ # ssl_context = provider.load_context(password: 'opensesame')
11
+ #
12
+ # @example To create an SSLContext from in-memory certs and keys:
13
+ # cacerts = [<OpenSSL::X509::Certificate>]
14
+ # crls = [<OpenSSL::X509::CRL>]
15
+ # key = <OpenSSL::X509::PKey>
16
+ # cert = <OpenSSL::X509::Certificate>
17
+ # ssl_context = provider.create_context(cacerts: cacerts, crls: crls, private_key: key, client_cert: cert)
18
+ #
19
+ # @example To create an SSLContext to connect to non-puppet HTTPS servers:
20
+ # cacerts = [<OpenSSL::X509::Certificate>]
21
+ # ssl_context = provider.create_root_context(cacerts: cacerts)
22
+ #
6
23
  # @api private
7
24
  class Puppet::SSL::SSLProvider
8
25
  # Create an insecure `SSLContext`. Connections made from the returned context
@@ -10,7 +10,7 @@ require 'puppet/util/pidlock'
10
10
  # certs. This way we're sure about which SSLContext is being used during any
11
11
  # phase of the bootstrapping process.
12
12
  #
13
- # @private
13
+ # @api private
14
14
  class Puppet::SSL::StateMachine
15
15
  class SSLState
16
16
  attr_reader :ssl_context
@@ -405,6 +405,7 @@ class Puppet::SSL::StateMachine
405
405
  #
406
406
  # @return [Puppet::SSL::SSLContext] initialized SSLContext
407
407
  # @raise [Puppet::Error] If we fail to generate an SSLContext
408
+ # @api private
408
409
  def ensure_ca_certificates
409
410
  final_state = run_machine(NeedLock.new(self), NeedKey)
410
411
  final_state.ssl_context
@@ -414,6 +415,7 @@ class Puppet::SSL::StateMachine
414
415
  #
415
416
  # @return [Puppet::SSL::SSLContext] initialized SSLContext
416
417
  # @raise [Puppet::Error] If we fail to generate an SSLContext
418
+ # @api private
417
419
  def ensure_client_certificate
418
420
  final_state = run_machine(NeedLock.new(self), Done)
419
421
  ssl_context = final_state.ssl_context
@@ -14,6 +14,7 @@ class Puppet::SSL::Verifier
14
14
  # @param hostname [String] FQDN of the server we're attempting to connect to
15
15
  # @param ssl_context [Puppet::SSL::SSLContext] ssl_context containing CA certs,
16
16
  # CRLs, etc needed to verify the server's certificate chain
17
+ # @api private
17
18
  def initialize(hostname, ssl_context)
18
19
  @hostname = hostname
19
20
  @ssl_context = ssl_context
@@ -25,6 +26,7 @@ class Puppet::SSL::Verifier
25
26
  #
26
27
  # @param verifier [Puppet::SSL::Verifier] the verifier to compare against
27
28
  # @return [Boolean] return true if a cached connection can be used, false otherwise
29
+ # @api private
28
30
  def reusable?(verifier)
29
31
  verifier.instance_of?(self.class) &&
30
32
  verifier.ssl_context.object_id == @ssl_context.object_id
@@ -115,12 +117,6 @@ class Puppet::SSL::Verifier
115
117
  return false
116
118
  end
117
119
 
118
- # ruby-openssl#74ef8c0cc56b840b772240f2ee2b0fc0aafa2743 now sets the
119
- # store_context error when the cert is mismatched
120
- when OpenSSL::X509::V_ERR_HOSTNAME_MISMATCH
121
- @last_error = Puppet::SSL::CertMismatchError.new(peer_cert, @hostname)
122
- return false
123
-
124
120
  when OpenSSL::X509::V_ERR_CRL_NOT_YET_VALID
125
121
  crl = store_context.current_crl
126
122
  if crl && crl.last_update && crl.last_update < Time.now + FIVE_MINUTES_AS_SECONDS
data/lib/puppet/ssl.rb CHANGED
@@ -2,18 +2,22 @@
2
2
  require 'puppet'
3
3
  require 'puppet/ssl/openssl_loader'
4
4
 
5
+ # Responsible for bootstrapping an agent's certificate and private key, generating
6
+ # SSLContexts for use in making HTTPS connections, and handling CSR attributes and
7
+ # certificate extensions.
8
+ #
9
+ # @see Puppet::SSL::SSLProvider
5
10
  # @api private
6
- module Puppet::SSL # :nodoc:
11
+ module Puppet::SSL
7
12
  CA_NAME = "ca".freeze
8
- require 'puppet/ssl/host'
13
+
9
14
  require 'puppet/ssl/oids'
10
- require 'puppet/ssl/validator'
11
- require 'puppet/ssl/validator/no_validator'
12
- require 'puppet/ssl/validator/default_validator'
13
15
  require 'puppet/ssl/error'
14
16
  require 'puppet/ssl/ssl_context'
15
17
  require 'puppet/ssl/verifier'
16
- require 'puppet/ssl/verifier_adapter'
17
18
  require 'puppet/ssl/ssl_provider'
18
19
  require 'puppet/ssl/state_machine'
20
+ require 'puppet/ssl/certificate'
21
+ require 'puppet/ssl/certificate_request'
22
+ require 'puppet/ssl/certificate_request_attributes'
19
23
  end
@@ -142,16 +142,11 @@ module Puppet::Test
142
142
  },
143
143
  "Context for specs")
144
144
 
145
- # trigger `require 'facter'`
146
- Puppet.runtime[:facter]
147
-
145
+ Puppet.runtime.clear
148
146
  Puppet::Parser::Functions.reset
149
147
  Puppet::Application.clear!
150
148
  Puppet::Util::Profiler.clear
151
149
 
152
- Puppet::SSL::Host.reset
153
- Puppet::Rest::Routes.clear
154
-
155
150
  Puppet::Node::Facts.indirection.terminus_class = :memory
156
151
  facts = Puppet::Node::Facts.new(Puppet[:node_name_value])
157
152
  Puppet::Node::Facts.indirection.save(facts)
@@ -171,7 +166,6 @@ module Puppet::Test
171
166
 
172
167
  Puppet::Util::Storage.clear
173
168
  Puppet::Util::ExecutionStub.reset
174
- Puppet.runtime.clear
175
169
 
176
170
  Puppet.clear_deprecation_warnings
177
171
 
@@ -226,6 +220,7 @@ module Puppet::Test
226
220
  {
227
221
  :logdir => "/dev/null",
228
222
  :confdir => "/dev/null",
223
+ :publicdir => "/dev/null",
229
224
  :codedir => "/dev/null",
230
225
  :vardir => "/dev/null",
231
226
  :rundir => "/dev/null",
@@ -137,7 +137,7 @@ class Puppet::Transaction::AdditionalResourceGenerator
137
137
  else
138
138
  @catalog.add_resource_after(parent_resource, res)
139
139
  end
140
- @catalog.add_edge(@catalog.container_of(parent_resource), res) if @catalog.container_of(parent_resource)
140
+ @catalog.add_edge(@catalog.container_of(parent_resource), res)
141
141
  if @relationship_graph && priority
142
142
  # If we have a relationship_graph we should add the resource
143
143
  # to it (this is an eval_generate). If we don't, then the
@@ -6,26 +6,6 @@ require 'puppet/util/yaml'
6
6
  # as calculating corrective_change).
7
7
  # @api private
8
8
  class Puppet::Transaction::Persistence
9
-
10
- def self.allowed_classes
11
- @allowed_classes ||= [
12
- Symbol,
13
- Time,
14
- Regexp,
15
- # URI is excluded, because it serializes all instance variables including the
16
- # URI parser. Better to serialize the URL encoded representation.
17
- SemanticPuppet::Version,
18
- # SemanticPuppet::VersionRange has many nested classes and is unlikely to be
19
- # used directly, so ignore it
20
- Puppet::Pops::Time::Timestamp,
21
- Puppet::Pops::Time::TimeData,
22
- Puppet::Pops::Time::Timespan,
23
- Puppet::Pops::Types::PBinaryType::Binary,
24
- # Puppet::Pops::Types::PSensitiveType::Sensitive values are excluded from
25
- # the persistence store, ignore it.
26
- ].freeze
27
- end
28
-
29
9
  def initialize
30
10
  @old_data = {}
31
11
  @new_data = {"resources" => {}}
@@ -82,7 +62,7 @@ class Puppet::Transaction::Persistence
82
62
  result = nil
83
63
  Puppet::Util.benchmark(:debug, _("Loaded transaction store file in %{seconds} seconds")) do
84
64
  begin
85
- result = Puppet::Util::Yaml.safe_load_file(filename, self.class.allowed_classes)
65
+ result = Puppet::Util::Yaml.safe_load_file(filename, [Symbol, Time])
86
66
  rescue Puppet::Util::Yaml::YamlLoadError => detail
87
67
  Puppet.log_exception(detail, _("Transaction store file %{filename} is corrupt (%{detail}); replacing") % { filename: filename, detail: detail })
88
68
 
@@ -66,8 +66,6 @@ class Puppet::Transaction::Report
66
66
  # Contains the name and port of the server that was successfully contacted
67
67
  # @return [String] a string of the format 'servername:port'
68
68
  attr_accessor :server_used
69
- alias :master_used :server_used
70
- alias :master_used= :server_used=
71
69
 
72
70
  # The host name for which the report is generated
73
71
  # @return [String] the host name
@@ -77,10 +75,6 @@ class Puppet::Transaction::Report
77
75
  # @return [String] the environment name
78
76
  attr_accessor :environment
79
77
 
80
- # The name of the environment the agent initially started in
81
- # @return [String] the environment name
82
- attr_accessor :initial_environment
83
-
84
78
  # Whether there are changes that we decided not to apply because of noop
85
79
  # @return [Boolean]
86
80
  #
@@ -230,7 +224,7 @@ class Puppet::Transaction::Report
230
224
  @external_times ||= {}
231
225
  @host = Puppet[:node_name_value]
232
226
  @time = start_time
233
- @report_format = 11
227
+ @report_format = 12
234
228
  @puppet_version = Puppet.version
235
229
  @configuration_version = configuration_version
236
230
  @transaction_uuid = transaction_uuid
@@ -330,7 +324,7 @@ class Puppet::Transaction::Report
330
324
  }
331
325
 
332
326
  # The following is include only when set
333
- hash['master_used'] = hash['server_used'] = @server_used unless @server_used.nil?
327
+ hash['server_used'] = @server_used unless @server_used.nil?
334
328
  hash['catalog_uuid'] = @catalog_uuid unless @catalog_uuid.nil?
335
329
  hash['code_id'] = @code_id unless @code_id.nil?
336
330
  hash['job_id'] = @job_id unless @job_id.nil?
@@ -381,17 +375,7 @@ class Puppet::Transaction::Report
381
375
  # @api public
382
376
  #
383
377
  def raw_summary
384
- report = {
385
- "version" => {
386
- "config" => configuration_version,
387
- "puppet" => Puppet.version
388
- },
389
- "application" => {
390
- "run_mode" => Puppet.run_mode.name.to_s,
391
- "initial_environment" => initial_environment,
392
- "converged_environment" => environment
393
- }
394
- }
378
+ report = { "version" => { "config" => configuration_version, "puppet" => Puppet.version } }
395
379
 
396
380
  @metrics.each do |name, metric|
397
381
  key = metric.name.to_s