puppet 6.28.0-universal-darwin → 7.0.0-universal-darwin
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CODEOWNERS +16 -2
- data/CONTRIBUTING.md +5 -5
- data/Gemfile +5 -7
- data/Gemfile.lock +52 -131
- data/README.md +5 -5
- data/conf/fileserver.conf +5 -10
- data/ext/README.environment +8 -0
- data/ext/build_defaults.yaml +1 -1
- data/ext/dbfix.sql +132 -0
- data/ext/debian/README.Debian +8 -0
- data/ext/debian/README.source +2 -0
- data/ext/debian/TODO.Debian +1 -0
- data/ext/debian/changelog.erb +1122 -0
- data/ext/debian/compat +1 -0
- data/ext/debian/control +144 -0
- data/ext/debian/copyright +339 -0
- data/ext/debian/docs +1 -0
- data/ext/debian/fileserver.conf +41 -0
- data/ext/debian/puppet-common.dirs +13 -0
- data/ext/debian/puppet-common.install +3 -0
- data/ext/debian/puppet-common.lintian-overrides +5 -0
- data/ext/debian/puppet-common.manpages +28 -0
- data/ext/debian/puppet-common.postinst +35 -0
- data/ext/debian/puppet-common.postrm +33 -0
- data/ext/debian/puppet-el.dirs +1 -0
- data/ext/debian/puppet-el.emacsen-install +25 -0
- data/ext/debian/puppet-el.emacsen-remove +11 -0
- data/ext/debian/puppet-el.emacsen-startup +9 -0
- data/ext/debian/puppet-el.install +1 -0
- data/ext/debian/puppet-testsuite.install +2 -0
- data/ext/debian/puppet-testsuite.lintian-overrides +4 -0
- data/ext/debian/puppet.lintian-overrides +3 -0
- data/ext/debian/puppet.logrotate +20 -0
- data/ext/debian/puppet.postinst +20 -0
- data/ext/debian/puppet.postrm +20 -0
- data/ext/debian/puppet.preinst +20 -0
- data/ext/debian/puppetmaster-common.install +2 -0
- data/ext/debian/puppetmaster-common.manpages +2 -0
- data/ext/debian/puppetmaster-common.postinst +6 -0
- data/ext/debian/puppetmaster-passenger.dirs +4 -0
- data/ext/debian/puppetmaster-passenger.postinst +162 -0
- data/ext/debian/puppetmaster-passenger.postrm +61 -0
- data/ext/debian/puppetmaster.README.debian +17 -0
- data/ext/debian/puppetmaster.default +14 -0
- data/ext/debian/puppetmaster.init +137 -0
- data/ext/debian/puppetmaster.lintian-overrides +3 -0
- data/ext/debian/puppetmaster.postinst +20 -0
- data/ext/debian/puppetmaster.postrm +5 -0
- data/ext/debian/puppetmaster.preinst +22 -0
- data/ext/debian/rules +132 -0
- data/ext/debian/source/format +1 -0
- data/ext/debian/source/options +1 -0
- data/ext/debian/vim-puppet.README.Debian +13 -0
- data/ext/debian/vim-puppet.dirs +5 -0
- data/ext/debian/vim-puppet.yaml +7 -0
- data/ext/debian/watch +2 -0
- data/ext/freebsd/puppetd +26 -0
- data/ext/freebsd/puppetmasterd +26 -0
- data/ext/gentoo/conf.d/puppet +5 -0
- data/ext/gentoo/conf.d/puppetmaster +12 -0
- data/ext/gentoo/init.d/puppet +38 -0
- data/ext/gentoo/init.d/puppetmaster +51 -0
- data/ext/gentoo/puppet/fileserver.conf +41 -0
- data/ext/ips/puppet-agent +44 -0
- data/ext/ips/puppet-master +44 -0
- data/ext/ips/puppet.p5m.erb +12 -0
- data/ext/ips/puppetagent.xml +42 -0
- data/ext/ips/puppetmaster.xml +42 -0
- data/ext/ips/rules +19 -0
- data/ext/ips/transforms +34 -0
- data/ext/ldap/puppet.schema +24 -0
- data/ext/logcheck/puppet +23 -0
- data/{examples → ext}/nagios/check_puppet.rb +2 -2
- data/ext/osx/file_mapping.yaml +28 -0
- data/ext/osx/postflight.erb +109 -0
- data/ext/osx/preflight.erb +52 -0
- data/ext/osx/prototype.plist.erb +38 -0
- data/ext/osx/puppet.plist +0 -2
- data/ext/project_data.yaml +1 -15
- data/ext/redhat/fileserver.conf +41 -0
- data/ext/redhat/logrotate +21 -0
- data/ext/redhat/puppet.spec.erb +841 -0
- data/ext/redhat/server.init +128 -0
- data/ext/redhat/server.sysconfig +13 -0
- data/{examples/enc → ext}/regexp_nodes/classes/databases +0 -0
- data/{examples/enc → ext}/regexp_nodes/classes/webservers +0 -0
- data/{examples/enc → ext}/regexp_nodes/environment/development +0 -0
- data/{examples/enc → ext}/regexp_nodes/parameters/service/prod +0 -0
- data/{examples/enc → ext}/regexp_nodes/parameters/service/qa +0 -0
- data/{examples/enc → ext}/regexp_nodes/parameters/service/sandbox +0 -0
- data/{examples/enc → ext}/regexp_nodes/regexp_nodes.rb +0 -0
- data/ext/solaris/pkginfo +6 -0
- data/ext/solaris/smf/puppetd.xml +77 -0
- data/ext/solaris/smf/puppetmasterd.xml +77 -0
- data/ext/solaris/smf/svc-puppetd +71 -0
- data/ext/solaris/smf/svc-puppetmasterd +67 -0
- data/ext/suse/puppet.spec +310 -0
- data/ext/suse/server.init +173 -0
- data/ext/windows/service/daemon.rb +6 -5
- data/ext/yaml_nodes.rb +105 -0
- data/install.rb +21 -17
- data/lib/puppet/agent.rb +11 -47
- data/lib/puppet/application/agent.rb +16 -18
- data/lib/puppet/application/apply.rb +4 -24
- data/lib/puppet/application/device.rb +100 -106
- data/lib/puppet/application/filebucket.rb +13 -10
- data/lib/puppet/application/lookup.rb +24 -74
- data/lib/puppet/application/resource.rb +16 -32
- data/lib/puppet/application/script.rb +0 -2
- data/lib/puppet/application/ssl.rb +1 -13
- data/lib/puppet/application.rb +178 -108
- data/lib/puppet/application_support.rb +0 -7
- data/lib/puppet/concurrent/thread_local_singleton.rb +3 -6
- data/lib/puppet/configurer/downloader.rb +1 -2
- data/lib/puppet/configurer/plugin_handler.rb +21 -19
- data/lib/puppet/configurer.rb +86 -183
- data/lib/puppet/confine/variable.rb +1 -1
- data/lib/puppet/defaults.rb +130 -244
- data/lib/puppet/environments.rb +82 -146
- data/lib/puppet/face/facts.rb +5 -103
- data/lib/puppet/face/generate.rb +0 -2
- data/lib/puppet/face/help/action.erb +0 -1
- data/lib/puppet/face/help/face.erb +0 -1
- data/lib/puppet/face/help.rb +1 -1
- data/lib/puppet/face/node/clean.rb +0 -11
- data/lib/puppet/face/plugin.rb +5 -8
- data/lib/puppet/ffi/windows/api_types.rb +311 -0
- data/lib/puppet/ffi/windows/constants.rb +404 -0
- data/lib/puppet/ffi/windows/functions.rb +628 -0
- data/lib/puppet/ffi/windows/structs.rb +338 -0
- data/lib/puppet/ffi/windows.rb +12 -0
- data/lib/puppet/file_serving/configuration/parser.rb +3 -34
- data/lib/puppet/file_serving/configuration.rb +0 -8
- data/lib/puppet/file_serving/fileset.rb +2 -14
- data/lib/puppet/file_serving/http_metadata.rb +1 -1
- data/lib/puppet/file_serving/metadata.rb +0 -3
- data/lib/puppet/file_serving/mount/file.rb +4 -4
- data/lib/puppet/file_serving/mount.rb +1 -2
- data/lib/puppet/file_system/file_impl.rb +8 -10
- data/lib/puppet/file_system/jruby.rb +1 -1
- data/lib/puppet/file_system/memory_file.rb +1 -8
- data/lib/puppet/file_system/windows.rb +6 -8
- data/lib/puppet/file_system.rb +1 -1
- data/lib/puppet/forge/repository.rb +0 -1
- data/lib/puppet/forge.rb +4 -4
- data/lib/puppet/functions/all.rb +1 -1
- data/lib/puppet/functions/camelcase.rb +1 -1
- data/lib/puppet/functions/capitalize.rb +2 -2
- data/lib/puppet/functions/downcase.rb +2 -2
- data/lib/puppet/functions/empty.rb +0 -8
- data/lib/puppet/functions/find_template.rb +2 -2
- data/lib/puppet/functions/get.rb +5 -5
- data/lib/puppet/functions/group_by.rb +5 -13
- data/lib/puppet/functions/lest.rb +1 -1
- data/lib/puppet/functions/new.rb +100 -100
- data/lib/puppet/functions/next.rb +1 -18
- data/lib/puppet/functions/partition.rb +4 -12
- data/lib/puppet/functions/require.rb +5 -5
- data/lib/puppet/functions/sort.rb +3 -3
- data/lib/puppet/functions/strftime.rb +0 -1
- data/lib/puppet/functions/tree_each.rb +10 -7
- data/lib/puppet/functions/type.rb +4 -4
- data/lib/puppet/functions/unwrap.rb +2 -17
- data/lib/puppet/functions/upcase.rb +2 -2
- data/lib/puppet/functions/versioncmp.rb +2 -6
- data/lib/puppet/generate/models/type/type.rb +4 -1
- data/lib/puppet/generate/type.rb +0 -9
- data/lib/puppet/http/client.rb +167 -137
- data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
- data/lib/puppet/http/errors.rb +16 -0
- data/lib/puppet/http/external_client.rb +5 -7
- data/lib/puppet/{network/http → http}/factory.rb +8 -15
- data/lib/puppet/{network/http → http}/pool.rb +61 -26
- data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
- data/lib/puppet/http/proxy.rb +137 -0
- data/lib/puppet/http/redirector.rb +4 -17
- data/lib/puppet/http/resolver/server_list.rb +10 -25
- data/lib/puppet/http/resolver/settings.rb +4 -7
- data/lib/puppet/http/resolver/srv.rb +7 -11
- data/lib/puppet/http/resolver.rb +5 -15
- data/lib/puppet/http/response.rb +36 -54
- data/lib/puppet/http/response_converter.rb +24 -0
- data/lib/puppet/http/response_net_http.rb +42 -0
- data/lib/puppet/http/retry_after_handler.rb +4 -13
- data/lib/puppet/http/service/ca.rb +11 -22
- data/lib/puppet/http/service/compiler.rb +23 -144
- data/lib/puppet/http/service/file_server.rb +19 -29
- data/lib/puppet/http/service/puppetserver.rb +26 -12
- data/lib/puppet/http/service/report.rb +8 -10
- data/lib/puppet/http/service.rb +12 -26
- data/lib/puppet/http/session.rb +11 -20
- data/lib/puppet/{network/http → http}/site.rb +1 -2
- data/lib/puppet/http.rb +22 -13
- data/lib/puppet/indirector/catalog/compiler.rb +6 -25
- data/lib/puppet/indirector/catalog/rest.rb +2 -5
- data/lib/puppet/indirector/facts/facter.rb +6 -6
- data/lib/puppet/indirector/facts/rest.rb +3 -22
- data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
- data/lib/puppet/indirector/file_content/rest.rb +2 -6
- data/lib/puppet/indirector/file_metadata/rest.rb +3 -10
- data/lib/puppet/indirector/file_server.rb +1 -8
- data/lib/puppet/indirector/generic_http.rb +0 -11
- data/lib/puppet/indirector/indirection.rb +1 -1
- data/lib/puppet/indirector/node/rest.rb +2 -4
- data/lib/puppet/indirector/report/rest.rb +3 -8
- data/lib/puppet/indirector/request.rb +0 -101
- data/lib/puppet/indirector/resource/ral.rb +1 -6
- data/lib/puppet/indirector/rest.rb +12 -263
- data/lib/puppet/indirector/terminus.rb +0 -4
- data/lib/puppet/interface/documentation.rb +0 -1
- data/lib/puppet/module/plan.rb +1 -0
- data/lib/puppet/module/task.rb +1 -1
- data/lib/puppet/module.rb +0 -1
- data/lib/puppet/module_tool/applications/installer.rb +2 -56
- data/lib/puppet/module_tool/applications/uninstaller.rb +1 -1
- data/lib/puppet/module_tool/applications/upgrader.rb +1 -1
- data/lib/puppet/module_tool/applications.rb +0 -1
- data/lib/puppet/module_tool/errors/shared.rb +2 -34
- data/lib/puppet/network/authconfig.rb +2 -96
- data/lib/puppet/network/authorization.rb +13 -35
- data/lib/puppet/network/formats.rb +0 -67
- data/lib/puppet/network/http/api/indirected_routes.rb +3 -21
- data/lib/puppet/network/http/api/master/v3.rb +11 -13
- data/lib/puppet/network/http/connection.rb +247 -316
- data/lib/puppet/network/http/handler.rb +0 -1
- data/lib/puppet/network/http.rb +3 -3
- data/lib/puppet/network/http_pool.rb +16 -34
- data/lib/puppet/node/environment.rb +11 -10
- data/lib/puppet/node.rb +2 -31
- data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
- data/lib/puppet/pal/pal_impl.rb +4 -2
- data/lib/puppet/parser/ast/leaf.rb +2 -3
- data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
- data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
- data/lib/puppet/parser/compiler.rb +0 -198
- data/lib/puppet/parser/functions/fqdn_rand.rb +6 -14
- data/lib/puppet/parser/resource.rb +1 -70
- data/lib/puppet/parser/scope.rb +0 -1
- data/lib/puppet/parser/templatewrapper.rb +1 -2
- data/lib/puppet/pops/evaluator/closure.rb +5 -7
- data/lib/puppet/pops/evaluator/deferred_resolver.rb +3 -5
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +0 -5
- data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -4
- data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
- data/lib/puppet/pops/issues.rb +0 -5
- data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
- data/lib/puppet/pops/lookup/lookup_adapter.rb +2 -3
- data/lib/puppet/pops/model/ast.pp +0 -42
- data/lib/puppet/pops/model/ast.rb +0 -291
- data/lib/puppet/pops/model/ast_transformer.rb +1 -1
- data/lib/puppet/pops/model/factory.rb +1 -47
- data/lib/puppet/pops/model/model_label_provider.rb +0 -5
- data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
- data/lib/puppet/pops/model/pn_transformer.rb +0 -16
- data/lib/puppet/pops/parser/code_merger.rb +4 -4
- data/lib/puppet/pops/parser/egrammar.ra +0 -58
- data/lib/puppet/pops/parser/eparser.rb +1685 -1896
- data/lib/puppet/pops/parser/lexer2.rb +91 -92
- data/lib/puppet/pops/parser/parser_support.rb +0 -5
- data/lib/puppet/pops/parser/slurp_support.rb +0 -1
- data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
- data/lib/puppet/pops/serialization/to_stringified_converter.rb +1 -1
- data/lib/puppet/pops/types/p_sem_ver_type.rb +2 -8
- data/lib/puppet/pops/types/p_sensitive_type.rb +0 -10
- data/lib/puppet/pops/types/type_calculator.rb +0 -7
- data/lib/puppet/pops/types/type_formatter.rb +3 -4
- data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
- data/lib/puppet/pops/types/type_parser.rb +0 -4
- data/lib/puppet/pops/types/types.rb +1 -2
- data/lib/puppet/pops/validation/checker4_0.rb +9 -37
- data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
- data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
- data/lib/puppet/property/list.rb +1 -1
- data/lib/puppet/provider/aix_object.rb +1 -1
- data/lib/puppet/provider/exec/posix.rb +4 -16
- data/lib/puppet/provider/group/groupadd.rb +10 -18
- data/lib/puppet/provider/nameservice.rb +0 -18
- data/lib/puppet/provider/package/apt.rb +2 -34
- data/lib/puppet/provider/package/aptitude.rb +0 -6
- data/lib/puppet/provider/package/dnfmodule.rb +1 -1
- data/lib/puppet/provider/package/dpkg.rb +0 -10
- data/lib/puppet/provider/package/gem.rb +23 -3
- data/lib/puppet/provider/package/nim.rb +6 -11
- data/lib/puppet/provider/package/pip.rb +3 -16
- data/lib/puppet/provider/package/pkg.rb +2 -23
- data/lib/puppet/provider/package/portage.rb +1 -1
- data/lib/puppet/provider/package/puppet_gem.rb +1 -4
- data/lib/puppet/provider/package/puppetserver_gem.rb +17 -8
- data/lib/puppet/provider/package/windows/exe_package.rb +1 -30
- data/lib/puppet/provider/package/windows/package.rb +1 -2
- data/lib/puppet/provider/package/windows.rb +1 -14
- data/lib/puppet/provider/package/yum.rb +1 -1
- data/lib/puppet/provider/parsedfile.rb +0 -3
- data/lib/puppet/provider/service/base.rb +1 -1
- data/lib/puppet/provider/service/debian.rb +0 -2
- data/lib/puppet/provider/service/init.rb +9 -10
- data/lib/puppet/provider/service/launchd.rb +2 -2
- data/lib/puppet/provider/service/redhat.rb +1 -1
- data/lib/puppet/provider/service/smf.rb +194 -76
- data/lib/puppet/provider/service/systemd.rb +6 -16
- data/lib/puppet/provider/service/upstart.rb +5 -5
- data/lib/puppet/provider/service/windows.rb +0 -38
- data/lib/puppet/provider/user/aix.rb +3 -46
- data/lib/puppet/provider/user/directoryservice.rb +11 -39
- data/lib/puppet/provider/user/useradd.rb +24 -134
- data/lib/puppet/provider.rb +1 -14
- data/lib/puppet/reference/configuration.rb +8 -7
- data/lib/puppet/reference/indirection.rb +1 -1
- data/lib/puppet/reference/providers.rb +2 -2
- data/lib/puppet/resource/catalog.rb +2 -15
- data/lib/puppet/resource/type.rb +3 -119
- data/lib/puppet/resource/type_collection.rb +3 -49
- data/lib/puppet/resource.rb +6 -127
- data/lib/puppet/runtime.rb +2 -13
- data/lib/puppet/settings/environment_conf.rb +0 -1
- data/lib/puppet/settings/integer_setting.rb +17 -0
- data/lib/puppet/settings/port_setting.rb +15 -0
- data/lib/puppet/settings/priority_setting.rb +5 -4
- data/lib/puppet/settings.rb +82 -98
- data/lib/puppet/ssl/base.rb +3 -5
- data/lib/puppet/ssl/certificate.rb +0 -6
- data/lib/puppet/ssl/certificate_request.rb +1 -12
- data/lib/puppet/ssl/certificate_signer.rb +6 -0
- data/lib/puppet/ssl/oids.rb +3 -1
- data/lib/puppet/ssl/ssl_provider.rb +36 -75
- data/lib/puppet/ssl/state_machine.rb +20 -14
- data/lib/puppet/ssl/verifier.rb +2 -6
- data/lib/puppet/ssl.rb +10 -6
- data/lib/puppet/test/test_helper.rb +2 -7
- data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
- data/lib/puppet/transaction/persistence.rb +1 -21
- data/lib/puppet/transaction/report.rb +3 -19
- data/lib/puppet/transaction.rb +1 -7
- data/lib/puppet/type/exec.rb +6 -36
- data/lib/puppet/type/file/checksum.rb +1 -1
- data/lib/puppet/type/file/data_sync.rb +1 -1
- data/lib/puppet/type/file/mode.rb +0 -6
- data/lib/puppet/type/file/selcontext.rb +1 -1
- data/lib/puppet/type/file/source.rb +1 -1
- data/lib/puppet/type/file.rb +12 -32
- data/lib/puppet/type/filebucket.rb +4 -4
- data/lib/puppet/type/group.rb +1 -0
- data/lib/puppet/type/package.rb +8 -16
- data/lib/puppet/type/resources.rb +1 -1
- data/lib/puppet/type/service.rb +41 -26
- data/lib/puppet/type/tidy.rb +3 -22
- data/lib/puppet/type/user.rb +13 -35
- data/lib/puppet/type.rb +1 -77
- data/lib/puppet/util/autoload.rb +8 -1
- data/lib/puppet/util/command_line.rb +1 -1
- data/lib/puppet/util/execution.rb +0 -11
- data/lib/puppet/util/filetype.rb +2 -2
- data/lib/puppet/util/http_proxy.rb +2 -215
- data/lib/puppet/util/json.rb +0 -20
- data/lib/puppet/util/log.rb +4 -8
- data/lib/puppet/util/logging.rb +25 -1
- data/lib/puppet/util/monkey_patches.rb +2 -59
- data/lib/puppet/util/package.rb +16 -25
- data/lib/puppet/util/pidlock.rb +1 -1
- data/lib/puppet/util/posix.rb +5 -54
- data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +1 -1
- data/lib/puppet/util/rdoc.rb +0 -7
- data/lib/puppet/util/retry_action.rb +1 -1
- data/lib/puppet/util/run_mode.rb +9 -1
- data/lib/puppet/util/selinux.rb +4 -30
- data/lib/puppet/util/suidmanager.rb +2 -1
- data/lib/puppet/util/symbolic_file_mode.rb +17 -29
- data/lib/puppet/util/tagging.rb +0 -1
- data/lib/puppet/util/windows/adsi.rb +0 -46
- data/lib/puppet/util/windows/daemon.rb +360 -0
- data/lib/puppet/util/windows/error.rb +1 -0
- data/lib/puppet/util/windows/eventlog.rb +4 -9
- data/lib/puppet/util/windows/file.rb +8 -242
- data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
- data/lib/puppet/util/windows/principal.rb +2 -9
- data/lib/puppet/util/windows/process.rb +4 -226
- data/lib/puppet/util/windows/service.rb +11 -457
- data/lib/puppet/util/windows/sid.rb +2 -6
- data/lib/puppet/util/windows/string.rb +12 -13
- data/lib/puppet/util/windows/user.rb +2 -0
- data/lib/puppet/util/windows.rb +3 -11
- data/lib/puppet/util/yaml.rb +1 -42
- data/lib/puppet/util.rb +5 -5
- data/lib/puppet/vendor/require_vendored.rb +0 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet/x509/cert_provider.rb +29 -1
- data/lib/puppet/x509.rb +5 -1
- data/lib/puppet.rb +34 -27
- data/locales/puppet.pot +9633 -5
- data/man/man5/puppet.conf.5 +286 -401
- data/man/man8/puppet-agent.8 +2 -5
- data/man/man8/puppet-apply.8 +2 -2
- data/man/man8/puppet-catalog.8 +9 -9
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +2 -2
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +8 -51
- data/man/man8/puppet-filebucket.8 +4 -4
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +6 -9
- data/man/man8/puppet-module.8 +3 -60
- data/man/man8/puppet-node.8 +5 -5
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +5 -5
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +2 -2
- data/man/man8/puppet-ssl.8 +1 -5
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/ssl/127.0.0.1-key.pem +57 -107
- data/spec/fixtures/ssl/127.0.0.1.pem +31 -52
- data/spec/fixtures/ssl/bad-basic-constraints.pem +35 -57
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +35 -57
- data/spec/fixtures/ssl/ca.pem +35 -57
- data/spec/fixtures/ssl/crl.pem +18 -28
- data/spec/fixtures/ssl/ec-key.pem +11 -11
- data/spec/fixtures/ssl/ec.pem +24 -33
- data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
- data/spec/fixtures/ssl/encrypted-key.pem +58 -108
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +19 -28
- data/spec/fixtures/ssl/intermediate-agent.pem +36 -57
- data/spec/fixtures/ssl/intermediate-crl.pem +21 -31
- data/spec/fixtures/ssl/intermediate.pem +36 -57
- data/spec/fixtures/ssl/pluto-key.pem +57 -107
- data/spec/fixtures/ssl/pluto.pem +30 -52
- data/spec/fixtures/ssl/request-key.pem +57 -107
- data/spec/fixtures/ssl/request.pem +26 -47
- data/spec/fixtures/ssl/revoked-key.pem +57 -107
- data/spec/fixtures/ssl/revoked.pem +30 -52
- data/spec/fixtures/ssl/signed-key.pem +57 -107
- data/spec/fixtures/ssl/signed.pem +30 -52
- data/spec/fixtures/ssl/tampered-cert.pem +30 -52
- data/spec/fixtures/ssl/tampered-csr.pem +26 -47
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +57 -107
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +29 -50
- data/spec/fixtures/ssl/unknown-ca-key.pem +57 -107
- data/spec/fixtures/ssl/unknown-ca.pem +33 -55
- data/spec/fixtures/unit/forge/bacula.json +1 -1
- data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
- data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +0 -4
- data/spec/integration/application/agent_spec.rb +50 -406
- data/spec/integration/application/apply_spec.rb +1 -20
- data/spec/integration/application/filebucket_spec.rb +16 -32
- data/spec/integration/application/help_spec.rb +2 -0
- data/spec/integration/application/lookup_spec.rb +50 -81
- data/spec/integration/application/module_spec.rb +0 -21
- data/spec/integration/application/plugin_spec.rb +24 -2
- data/spec/integration/configurer_spec.rb +2 -18
- data/spec/integration/defaults_spec.rb +14 -3
- data/spec/integration/environments/settings_interpolation_spec.rb +4 -0
- data/spec/integration/http/client_spec.rb +4 -63
- data/spec/integration/indirector/direct_file_server_spec.rb +3 -1
- data/spec/integration/indirector/facts/facter_spec.rb +39 -93
- data/spec/integration/network/http_pool_spec.rb +3 -21
- data/spec/integration/parser/catalog_spec.rb +0 -38
- data/spec/integration/parser/node_spec.rb +0 -9
- data/spec/integration/parser/pcore_resource_spec.rb +0 -47
- data/spec/integration/resource/type_collection_spec.rb +6 -2
- data/spec/integration/transaction/report_spec.rb +1 -1
- data/spec/integration/transaction_spec.rb +9 -4
- data/spec/integration/type/exec_spec.rb +45 -70
- data/spec/integration/type/file_spec.rb +7 -6
- data/spec/integration/type/package_spec.rb +6 -6
- data/spec/integration/util/rdoc/parser_spec.rb +1 -1
- data/spec/integration/util/windows/adsi_spec.rb +1 -21
- data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
- data/spec/integration/util/windows/principal_spec.rb +0 -21
- data/spec/integration/util/windows/process_spec.rb +9 -1
- data/spec/integration/util/windows/registry_spec.rb +10 -6
- data/spec/integration/util/windows/security_spec.rb +1 -1
- data/spec/lib/matchers/include.rb +27 -0
- data/spec/lib/matchers/include_spec.rb +32 -0
- data/spec/lib/puppet/test_ca.rb +2 -7
- data/spec/lib/puppet_spec/https.rb +1 -1
- data/spec/lib/puppet_spec/modules.rb +2 -13
- data/spec/lib/puppet_spec/puppetserver.rb +3 -55
- data/spec/lib/puppet_spec/settings.rb +1 -1
- data/spec/shared_behaviours/documentation_on_faces.rb +2 -0
- data/spec/spec_helper.rb +17 -13
- data/spec/unit/agent_spec.rb +8 -38
- data/spec/unit/application/agent_spec.rb +19 -33
- data/spec/unit/application/apply_spec.rb +56 -76
- data/spec/unit/application/facts_spec.rb +12 -456
- data/spec/unit/application/filebucket_spec.rb +43 -39
- data/spec/unit/application/lookup_spec.rb +10 -131
- data/spec/unit/application/resource_spec.rb +0 -29
- data/spec/unit/application/ssl_spec.rb +2 -25
- data/spec/unit/application_spec.rb +9 -51
- data/spec/unit/certificate_factory_spec.rb +1 -1
- data/spec/unit/configurer/downloader_spec.rb +6 -8
- data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
- data/spec/unit/configurer_spec.rb +68 -327
- data/spec/unit/confine/feature_spec.rb +1 -1
- data/spec/unit/confine_spec.rb +2 -8
- data/spec/unit/context/trusted_information_spec.rb +2 -6
- data/spec/unit/daemon_spec.rb +11 -2
- data/spec/unit/defaults_spec.rb +68 -55
- data/spec/unit/environments_spec.rb +68 -408
- data/spec/unit/face/generate_spec.rb +0 -64
- data/spec/unit/face/node_spec.rb +11 -0
- data/spec/unit/face/plugin_spec.rb +73 -33
- data/spec/unit/file_bucket/dipper_spec.rb +2 -2
- data/spec/unit/file_bucket/file_spec.rb +1 -1
- data/spec/unit/file_serving/configuration/parser_spec.rb +15 -41
- data/spec/unit/file_serving/configuration_spec.rb +10 -26
- data/spec/unit/file_serving/fileset_spec.rb +0 -60
- data/spec/unit/file_serving/metadata_spec.rb +3 -3
- data/spec/unit/file_serving/terminus_helper_spec.rb +4 -11
- data/spec/unit/file_system_spec.rb +4 -56
- data/spec/unit/forge/module_release_spec.rb +10 -5
- data/spec/unit/functions/assert_type_spec.rb +1 -1
- data/spec/unit/functions/camelcase_spec.rb +1 -1
- data/spec/unit/functions/capitalize_spec.rb +1 -1
- data/spec/unit/functions/downcase_spec.rb +1 -1
- data/spec/unit/functions/empty_spec.rb +0 -10
- data/spec/unit/functions/logging_spec.rb +0 -1
- data/spec/unit/functions/lookup_spec.rb +0 -64
- data/spec/unit/functions/unwrap_spec.rb +0 -8
- data/spec/unit/functions/upcase_spec.rb +1 -1
- data/spec/unit/functions/versioncmp_spec.rb +4 -40
- data/spec/unit/functions4_spec.rb +2 -2
- data/spec/unit/gettext/config_spec.rb +0 -12
- data/spec/unit/http/client_spec.rb +8 -84
- data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
- data/spec/unit/http/external_client_spec.rb +4 -4
- data/spec/unit/{network/http → http}/factory_spec.rb +5 -30
- data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
- data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
- data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
- data/spec/unit/http/resolver_spec.rb +13 -13
- data/spec/unit/http/service/compiler_spec.rb +0 -193
- data/spec/unit/http/service/file_server_spec.rb +3 -3
- data/spec/unit/http/service/puppetserver_spec.rb +34 -4
- data/spec/unit/http/service_spec.rb +0 -1
- data/spec/unit/http/session_spec.rb +16 -14
- data/spec/unit/{network/http → http}/site_spec.rb +3 -3
- data/spec/unit/indirector/catalog/compiler_spec.rb +10 -101
- data/spec/unit/indirector/catalog/rest_spec.rb +0 -8
- data/spec/unit/indirector/face_spec.rb +1 -0
- data/spec/unit/indirector/facts/facter_spec.rb +3 -0
- data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
- data/spec/unit/indirector/file_bucket_file/selector_spec.rb +8 -26
- data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
- data/spec/unit/indirector/file_server_spec.rb +1 -15
- data/spec/unit/indirector/indirection_spec.rb +15 -18
- data/spec/unit/indirector/report/rest_spec.rb +2 -17
- data/spec/unit/indirector/request_spec.rb +0 -264
- data/spec/unit/indirector/resource/ral_spec.rb +75 -40
- data/spec/unit/indirector/rest_spec.rb +98 -752
- data/spec/unit/indirector/store_configs_spec.rb +7 -0
- data/spec/unit/indirector_spec.rb +2 -2
- data/spec/unit/interface/action_spec.rb +9 -0
- data/spec/unit/module_spec.rb +1 -15
- data/spec/unit/module_tool/applications/installer_spec.rb +0 -105
- data/spec/unit/network/authconfig_spec.rb +2 -129
- data/spec/unit/network/authorization_spec.rb +2 -55
- data/spec/unit/network/formats_spec.rb +4 -51
- data/spec/unit/network/http/api/indirected_routes_spec.rb +5 -92
- data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
- data/spec/unit/network/http/api_spec.rb +10 -0
- data/spec/unit/network/http/connection_spec.rb +19 -41
- data/spec/unit/network/http/handler_spec.rb +0 -1
- data/spec/unit/network/http_pool_spec.rb +0 -4
- data/spec/unit/node/environment_spec.rb +33 -21
- data/spec/unit/node_spec.rb +2 -60
- data/spec/unit/parser/compiler_spec.rb +19 -3
- data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
- data/spec/unit/parser/functions/fqdn_rand_spec.rb +1 -15
- data/spec/unit/parser/resource_spec.rb +8 -14
- data/spec/unit/parser/templatewrapper_spec.rb +5 -16
- data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
- data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
- data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
- data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
- data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
- data/spec/unit/pops/parser/parse_containers_spec.rb +13 -2
- data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
- data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
- data/spec/unit/pops/serialization/to_stringified_spec.rb +0 -5
- data/spec/unit/pops/types/p_sem_ver_type_spec.rb +0 -18
- data/spec/unit/pops/types/p_sensitive_type_spec.rb +0 -18
- data/spec/unit/pops/types/type_calculator_spec.rb +6 -12
- data/spec/unit/pops/types/type_factory_spec.rb +1 -1
- data/spec/unit/pops/validator/validator_spec.rb +61 -51
- data/spec/unit/pops/visitor_spec.rb +1 -1
- data/spec/unit/property_spec.rb +0 -1
- data/spec/unit/provider/group/groupadd_spec.rb +2 -5
- data/spec/unit/provider/nameservice_spec.rb +64 -122
- data/spec/unit/provider/package/apt_spec.rb +23 -28
- data/spec/unit/provider/package/aptitude_spec.rb +1 -1
- data/spec/unit/provider/package/base_spec.rb +5 -6
- data/spec/unit/provider/package/dnfmodule_spec.rb +1 -10
- data/spec/unit/provider/package/dpkg_spec.rb +0 -48
- data/spec/unit/provider/package/gem_spec.rb +33 -1
- data/spec/unit/provider/package/nim_spec.rb +0 -42
- data/spec/unit/provider/package/pacman_spec.rb +12 -18
- data/spec/unit/provider/package/pip2_spec.rb +1 -1
- data/spec/unit/provider/package/pip3_spec.rb +1 -1
- data/spec/unit/provider/package/pip_spec.rb +12 -44
- data/spec/unit/provider/package/pkg_spec.rb +4 -29
- data/spec/unit/provider/package/pkgdmg_spec.rb +4 -0
- data/spec/unit/provider/package/puppet_gem_spec.rb +4 -3
- data/spec/unit/provider/package/puppetserver_gem_spec.rb +3 -3
- data/spec/unit/provider/package/windows/exe_package_spec.rb +0 -17
- data/spec/unit/provider/parsedfile_spec.rb +0 -10
- data/spec/unit/provider/service/gentoo_spec.rb +5 -6
- data/spec/unit/provider/service/init_spec.rb +9 -16
- data/spec/unit/provider/service/launchd_spec.rb +0 -11
- data/spec/unit/provider/service/openwrt_spec.rb +29 -23
- data/spec/unit/provider/service/redhat_spec.rb +2 -3
- data/spec/unit/provider/service/smf_spec.rb +401 -165
- data/spec/unit/provider/service/systemd_spec.rb +9 -54
- data/spec/unit/provider/service/windows_spec.rb +0 -203
- data/spec/unit/provider/user/aix_spec.rb +0 -105
- data/spec/unit/provider/user/directoryservice_spec.rb +36 -68
- data/spec/unit/provider/user/hpux_spec.rb +1 -1
- data/spec/unit/provider/user/pw_spec.rb +0 -2
- data/spec/unit/provider/user/useradd_spec.rb +5 -114
- data/spec/unit/provider_spec.rb +12 -22
- data/spec/unit/puppet_spec.rb +4 -12
- data/spec/unit/resource/catalog_spec.rb +2 -15
- data/spec/unit/resource/type_collection_spec.rb +2 -22
- data/spec/unit/resource/type_spec.rb +1 -1
- data/spec/unit/resource_spec.rb +12 -125
- data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
- data/spec/unit/settings/integer_setting_spec.rb +42 -0
- data/spec/unit/settings/port_setting_spec.rb +31 -0
- data/spec/unit/settings/priority_setting_spec.rb +4 -4
- data/spec/unit/settings_spec.rb +79 -110
- data/spec/unit/ssl/base_spec.rb +37 -3
- data/spec/unit/ssl/certificate_request_spec.rb +21 -45
- data/spec/unit/ssl/certificate_spec.rb +2 -11
- data/spec/unit/ssl/ssl_provider_spec.rb +3 -80
- data/spec/unit/ssl/state_machine_spec.rb +5 -21
- data/spec/unit/ssl/verifier_spec.rb +0 -21
- data/spec/unit/transaction/additional_resource_generator_spec.rb +9 -3
- data/spec/unit/transaction/event_manager_spec.rb +11 -14
- data/spec/unit/transaction/persistence_spec.rb +0 -51
- data/spec/unit/transaction/report_spec.rb +0 -2
- data/spec/unit/transaction/resource_harness_spec.rb +2 -2
- data/spec/unit/transaction_spec.rb +55 -96
- data/spec/unit/type/exec_spec.rb +29 -76
- data/spec/unit/type/file/checksum_spec.rb +6 -6
- data/spec/unit/type/file/content_spec.rb +2 -1
- data/spec/unit/type/file/ensure_spec.rb +1 -1
- data/spec/unit/type/file/mode_spec.rb +1 -1
- data/spec/unit/type/file/selinux_spec.rb +5 -3
- data/spec/unit/type/file/source_spec.rb +4 -5
- data/spec/unit/type/file_spec.rb +18 -6
- data/spec/unit/type/group_spec.rb +6 -13
- data/spec/unit/type/package_spec.rb +1 -1
- data/spec/unit/type/resources_spec.rb +7 -7
- data/spec/unit/type/service_spec.rb +189 -87
- data/spec/unit/type/tidy_spec.rb +8 -24
- data/spec/unit/type_spec.rb +24 -4
- data/spec/unit/util/at_fork_spec.rb +2 -2
- data/spec/unit/util/autoload_spec.rb +1 -5
- data/spec/unit/util/backups_spec.rb +2 -3
- data/spec/unit/util/execution_spec.rb +11 -44
- data/spec/unit/util/inifile_spec.rb +14 -6
- data/spec/unit/util/log_spec.rb +7 -8
- data/spec/unit/util/logging_spec.rb +3 -5
- data/spec/unit/util/monkey_patches_spec.rb +0 -6
- data/spec/unit/util/posix_spec.rb +15 -363
- data/spec/unit/util/run_mode_spec.rb +21 -121
- data/spec/unit/util/selinux_spec.rb +68 -163
- data/spec/unit/util/storage_spec.rb +1 -3
- data/spec/unit/util/suidmanager_spec.rb +41 -44
- data/spec/unit/util/windows/sid_spec.rb +0 -41
- data/spec/unit/util/windows/string_spec.rb +1 -3
- data/spec/unit/util/yaml_spec.rb +13 -92
- data/spec/unit/util_spec.rb +6 -31
- data/tasks/generate_cert_fixtures.rake +7 -17
- data/tasks/parallel.rake +3 -3
- metadata +138 -233
- data/conf/auth.conf +0 -150
- data/ext/README.md +0 -13
- data/lib/puppet/application/cert.rb +0 -76
- data/lib/puppet/application/key.rb +0 -4
- data/lib/puppet/application/man.rb +0 -4
- data/lib/puppet/application/status.rb +0 -4
- data/lib/puppet/face/key.rb +0 -16
- data/lib/puppet/face/man.rb +0 -145
- data/lib/puppet/face/module/build.rb +0 -14
- data/lib/puppet/face/module/generate.rb +0 -14
- data/lib/puppet/face/module/search.rb +0 -103
- data/lib/puppet/face/status.rb +0 -51
- data/lib/puppet/facter_impl.rb +0 -96
- data/lib/puppet/ffi/posix/constants.rb +0 -14
- data/lib/puppet/ffi/posix/functions.rb +0 -24
- data/lib/puppet/ffi/posix.rb +0 -10
- data/lib/puppet/file_serving/mount/scripts.rb +0 -24
- data/lib/puppet/indirector/certificate/file.rb +0 -9
- data/lib/puppet/indirector/certificate/rest.rb +0 -18
- data/lib/puppet/indirector/certificate_request/file.rb +0 -9
- data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
- data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
- data/lib/puppet/indirector/file_content/http.rb +0 -22
- data/lib/puppet/indirector/key/file.rb +0 -46
- data/lib/puppet/indirector/key/memory.rb +0 -7
- data/lib/puppet/indirector/ssl_file.rb +0 -162
- data/lib/puppet/indirector/status/local.rb +0 -12
- data/lib/puppet/indirector/status/rest.rb +0 -27
- data/lib/puppet/indirector/status.rb +0 -3
- data/lib/puppet/module_tool/applications/searcher.rb +0 -29
- data/lib/puppet/network/auth_config_parser.rb +0 -90
- data/lib/puppet/network/authstore.rb +0 -283
- data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
- data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
- data/lib/puppet/network/http/base_pool.rb +0 -36
- data/lib/puppet/network/http/compression.rb +0 -127
- data/lib/puppet/network/http/connection_adapter.rb +0 -184
- data/lib/puppet/network/http/nocache_pool.rb +0 -28
- data/lib/puppet/network/rest_controller.rb +0 -2
- data/lib/puppet/network/rights.rb +0 -210
- data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
- data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
- data/lib/puppet/parser/environment_compiler.rb +0 -202
- data/lib/puppet/pops/types/enumeration.rb +0 -16
- data/lib/puppet/resource/capability_finder.rb +0 -154
- data/lib/puppet/rest/errors.rb +0 -15
- data/lib/puppet/rest/response.rb +0 -35
- data/lib/puppet/rest/route.rb +0 -85
- data/lib/puppet/rest/routes.rb +0 -135
- data/lib/puppet/settings/alias_setting.rb +0 -37
- data/lib/puppet/ssl/host.rb +0 -505
- data/lib/puppet/ssl/key.rb +0 -61
- data/lib/puppet/ssl/validator/default_validator.rb +0 -209
- data/lib/puppet/ssl/validator/no_validator.rb +0 -22
- data/lib/puppet/ssl/validator.rb +0 -61
- data/lib/puppet/ssl/verifier_adapter.rb +0 -58
- data/lib/puppet/status.rb +0 -40
- data/lib/puppet/util/connection.rb +0 -88
- data/lib/puppet/util/fact_dif.rb +0 -81
- data/lib/puppet/util/ssl.rb +0 -83
- data/lib/puppet/util/windows/api_types.rb +0 -309
- data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
- data/lib/puppet/vendor/load_pathspec.rb +0 -1
- data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
- data/lib/puppet/vendor/pathspec/LICENSE +0 -201
- data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
- data/lib/puppet/vendor/pathspec/README.md +0 -53
- data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
- data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
- data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
- data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
- data/man/man8/puppet-key.8 +0 -126
- data/man/man8/puppet-man.8 +0 -76
- data/man/man8/puppet-status.8 +0 -108
- data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +0 -92
- data/spec/fixtures/integration/application/agent/lib/facter/agent_spec_role.rb +0 -3
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Gemfile +0 -4
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Rakefile +0 -3
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/lib/puppet/functions/l10n.rb +0 -8
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/config.yaml +0 -25
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/ja/puppet-l10n.po +0 -19
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/puppet-l10n.pot +0 -20
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/metadata.json +0 -8
- data/spec/fixtures/ssl/oid-key.pem +0 -117
- data/spec/fixtures/ssl/oid.pem +0 -69
- data/spec/fixtures/ssl/trusted_oid_mapping.yaml +0 -5
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +0 -9
- data/spec/integration/application/resource_spec.rb +0 -68
- data/spec/integration/application/ssl_spec.rb +0 -20
- data/spec/integration/l10n/compiler_spec.rb +0 -37
- data/spec/integration/network/authconfig_spec.rb +0 -256
- data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
- data/spec/shared_contexts/l10n.rb +0 -32
- data/spec/unit/application/man_spec.rb +0 -52
- data/spec/unit/capability_spec.rb +0 -414
- data/spec/unit/concurrent/thread_local_singleton_spec.rb +0 -39
- data/spec/unit/face/key_spec.rb +0 -9
- data/spec/unit/face/module/search_spec.rb +0 -231
- data/spec/unit/face/status_spec.rb +0 -9
- data/spec/unit/facter_impl_spec.rb +0 -31
- data/spec/unit/file_serving/mount/scripts_spec.rb +0 -69
- data/spec/unit/indirector/certificate/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
- data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
- data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
- data/spec/unit/indirector/key/file_spec.rb +0 -78
- data/spec/unit/indirector/ssl_file_spec.rb +0 -305
- data/spec/unit/indirector/status/local_spec.rb +0 -10
- data/spec/unit/indirector/status/rest_spec.rb +0 -50
- data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
- data/spec/unit/network/auth_config_parser_spec.rb +0 -115
- data/spec/unit/network/authstore_spec.rb +0 -407
- data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
- data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
- data/spec/unit/network/http/compression_spec.rb +0 -240
- data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
- data/spec/unit/network/http_spec.rb +0 -9
- data/spec/unit/network/rights_spec.rb +0 -439
- data/spec/unit/parser/environment_compiler_spec.rb +0 -730
- data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +0 -20
- data/spec/unit/pops/types/enumeration_spec.rb +0 -51
- data/spec/unit/resource/capability_finder_spec.rb +0 -148
- data/spec/unit/rest/route_spec.rb +0 -132
- data/spec/unit/ssl/host_spec.rb +0 -645
- data/spec/unit/ssl/key_spec.rb +0 -173
- data/spec/unit/ssl/validator_spec.rb +0 -278
- data/spec/unit/status_spec.rb +0 -45
- data/spec/unit/util/json_spec.rb +0 -126
- data/spec/unit/util/ssl_spec.rb +0 -91
- data/spec/unit/util/windows_spec.rb +0 -23
@@ -1,355 +1,286 @@
|
|
1
|
-
require 'puppet/
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
1
|
+
require 'puppet/http'
|
2
|
+
|
3
|
+
# This will be raised if too many redirects happen for a given HTTP request
|
4
|
+
class Puppet::Network::HTTP::RedirectionLimitExceededException < Puppet::Error ; end
|
5
|
+
|
6
|
+
# This class provides simple methods for issuing various types of HTTP
|
7
|
+
# requests. It's interface is intended to mirror Ruby's Net::HTTP
|
8
|
+
# object, but it provides a few important bits of additional
|
9
|
+
# functionality. Notably:
|
10
|
+
#
|
11
|
+
# * Any HTTPS requests made using this class will use Puppet's SSL
|
12
|
+
# certificate configuration for their authentication, and
|
13
|
+
# * Provides some useful error handling for any SSL errors that occur
|
14
|
+
# during a request.
|
15
|
+
#
|
16
|
+
# @deprecated Use {Puppet.runtime[:http]}
|
17
|
+
# @api public
|
18
|
+
class Puppet::Network::HTTP::Connection
|
19
|
+
include Puppet::HTTP::ResponseConverter
|
20
|
+
|
21
|
+
OPTION_DEFAULTS = {
|
22
|
+
:use_ssl => true,
|
23
|
+
:verifier => nil,
|
24
|
+
:redirect_limit => 10,
|
25
|
+
}
|
26
|
+
|
27
|
+
# Creates a new HTTP client connection to `host`:`port`.
|
28
|
+
# @param host [String] the host to which this client will connect to
|
29
|
+
# @param port [Integer] the port to which this client will connect to
|
30
|
+
# @param options [Hash] options influencing the properties of the created
|
31
|
+
# connection,
|
32
|
+
# @option options [Boolean] :use_ssl true to connect with SSL, false
|
33
|
+
# otherwise, defaults to true
|
34
|
+
# @option options [Puppet::SSL::Verifier] :verifier An object that will configure
|
35
|
+
# any verification to do on the connection
|
36
|
+
# @option options [Integer] :redirect_limit the number of allowed
|
37
|
+
# redirections, defaults to 10 passing any other option in the options
|
38
|
+
# hash results in a Puppet::Error exception
|
18
39
|
#
|
19
|
-
#
|
20
|
-
#
|
21
|
-
#
|
22
|
-
#
|
23
|
-
# @api
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
# Creates a new HTTP client connection to `host`:`port`.
|
34
|
-
# @param host [String] the host to which this client will connect to
|
35
|
-
# @param port [Integer] the port to which this client will connect to
|
36
|
-
# @param options [Hash] options influencing the properties of the created
|
37
|
-
# connection,
|
38
|
-
# @option options [Boolean] :use_ssl true to connect with SSL, false
|
39
|
-
# otherwise, defaults to true
|
40
|
-
# @option options [#setup_connection] :verify An object that will configure
|
41
|
-
# any verification to do on the connection
|
42
|
-
# @option options [Integer] :redirect_limit the number of allowed
|
43
|
-
# redirections, defaults to 10 passing any other option in the options
|
44
|
-
# hash results in a Puppet::Error exception
|
45
|
-
#
|
46
|
-
# @note the HTTP connection itself happens lazily only when {#request}, or
|
47
|
-
# one of the {#get}, {#post}, {#delete}, {#head} or {#put} is called
|
48
|
-
# @note The correct way to obtain a connection is to use one of the factory
|
49
|
-
# methods on {Puppet::Network::HttpPool}
|
50
|
-
# @api private
|
51
|
-
def initialize(host, port, options = {})
|
52
|
-
@host = host
|
53
|
-
@port = port
|
54
|
-
|
55
|
-
unknown_options = options.keys - OPTION_DEFAULTS.keys
|
56
|
-
raise Puppet::Error, _("Unrecognized option(s): %{opts}") % { opts: unknown_options.map(&:inspect).sort.join(', ') } unless unknown_options.empty?
|
57
|
-
|
58
|
-
options = OPTION_DEFAULTS.merge(options)
|
59
|
-
@use_ssl = options[:use_ssl]
|
60
|
-
if @use_ssl
|
61
|
-
if options[:verifier]
|
62
|
-
unless options[:verifier].is_a?(Puppet::SSL::Verifier)
|
63
|
-
raise ArgumentError, _("Expected an instance of Puppet::SSL::Verifier but was passed a %{klass}") % { klass: options[:verifier].class }
|
64
|
-
end
|
65
|
-
|
66
|
-
@verifier = options[:verifier]
|
67
|
-
else
|
68
|
-
@verifier = Puppet::SSL::VerifierAdapter.new(options[:verify])
|
69
|
-
end
|
40
|
+
# @note the HTTP connection itself happens lazily only when {#request}, or
|
41
|
+
# one of the {#get}, {#post}, {#delete}, {#head} or {#put} is called
|
42
|
+
# @note The correct way to obtain a connection is to use one of the factory
|
43
|
+
# methods on {Puppet::Network::HttpPool}
|
44
|
+
# @api private
|
45
|
+
def initialize(host, port, options = {})
|
46
|
+
unknown_options = options.keys - OPTION_DEFAULTS.keys
|
47
|
+
raise Puppet::Error, _("Unrecognized option(s): %{opts}") % { opts: unknown_options.map(&:inspect).sort.join(', ') } unless unknown_options.empty?
|
48
|
+
|
49
|
+
options = OPTION_DEFAULTS.merge(options)
|
50
|
+
@use_ssl = options[:use_ssl]
|
51
|
+
if @use_ssl
|
52
|
+
unless options[:verifier].is_a?(Puppet::SSL::Verifier)
|
53
|
+
raise ArgumentError, _("Expected an instance of Puppet::SSL::Verifier but was passed a %{klass}") % { klass: options[:verifier].class }
|
70
54
|
end
|
71
|
-
@redirect_limit = options[:redirect_limit]
|
72
|
-
@site = Puppet::Network::HTTP::Site.new(@use_ssl ? 'https' : 'http', host, port)
|
73
|
-
@pool = Puppet.lookup(:http_pool)
|
74
|
-
end
|
75
55
|
|
76
|
-
|
77
|
-
# @param options [Hash] options influencing the request made. Any
|
78
|
-
# options not recognized by this class will be ignored - no error will
|
79
|
-
# be thrown.
|
80
|
-
# @option options [Hash{Symbol => String}] :basic_auth The basic auth
|
81
|
-
# :username and :password to use for the request, :metric_id Ignored
|
82
|
-
# by this class - used by Puppet Server only. The metric id by which
|
83
|
-
# to track metrics on requests.
|
84
|
-
|
85
|
-
# @param path [String]
|
86
|
-
# @param headers [Hash{String => String}]
|
87
|
-
# @!macro common_options
|
88
|
-
# @api public
|
89
|
-
def get(path, headers = {}, options = {})
|
90
|
-
do_request(Net::HTTP::Get.new(path, headers), options)
|
56
|
+
@verifier = options[:verifier]
|
91
57
|
end
|
58
|
+
@redirect_limit = options[:redirect_limit]
|
59
|
+
@site = Puppet::HTTP::Site.new(@use_ssl ? 'https' : 'http', host, port)
|
60
|
+
@client = Puppet.runtime[:http]
|
61
|
+
end
|
92
62
|
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
# @api public
|
98
|
-
def post(path, data, headers = nil, options = {})
|
99
|
-
request = Net::HTTP::Post.new(path, headers)
|
100
|
-
request.body = data
|
101
|
-
do_request(request, options)
|
102
|
-
end
|
63
|
+
# The address to connect to.
|
64
|
+
def address
|
65
|
+
@site.host
|
66
|
+
end
|
103
67
|
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
def head(path, headers = {}, options = {})
|
109
|
-
do_request(Net::HTTP::Head.new(path, headers), options)
|
110
|
-
end
|
68
|
+
# The port to connect to.
|
69
|
+
def port
|
70
|
+
@site.port
|
71
|
+
end
|
111
72
|
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
def delete(path, headers = {'Depth' => 'Infinity'}, options = {})
|
117
|
-
do_request(Net::HTTP::Delete.new(path, headers), options)
|
118
|
-
end
|
73
|
+
# Whether to use ssl
|
74
|
+
def use_ssl?
|
75
|
+
@site.use_ssl?
|
76
|
+
end
|
119
77
|
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
# @api public
|
125
|
-
def put(path, data, headers = nil, options = {})
|
126
|
-
request = Net::HTTP::Put.new(path, headers)
|
127
|
-
request.body = data
|
128
|
-
do_request(request, options)
|
129
|
-
end
|
78
|
+
# @api private
|
79
|
+
def verifier
|
80
|
+
@verifier
|
81
|
+
end
|
130
82
|
|
131
|
-
|
132
|
-
|
133
|
-
|
83
|
+
# @!macro [new] common_options
|
84
|
+
# @param options [Hash] options influencing the request made. Any
|
85
|
+
# options not recognized by this class will be ignored - no error will
|
86
|
+
# be thrown.
|
87
|
+
# @option options [Hash{Symbol => String}] :basic_auth The basic auth
|
88
|
+
# :username and :password to use for the request, :metric_id Ignored
|
89
|
+
# by this class - used by Puppet Server only. The metric id by which
|
90
|
+
# to track metrics on requests.
|
91
|
+
|
92
|
+
# @param path [String]
|
93
|
+
# @param headers [Hash{String => String}]
|
94
|
+
# @!macro common_options
|
95
|
+
# @api public
|
96
|
+
def get(path, headers = {}, options = {})
|
97
|
+
headers ||= {}
|
98
|
+
options[:ssl_context] ||= resolve_ssl_context
|
99
|
+
options[:redirect_limit] ||= @redirect_limit
|
134
100
|
|
135
|
-
|
136
|
-
|
137
|
-
# but they are able to accept a code block and will yield to it, which is
|
138
|
-
# necessary to stream responses, e.g. file content. For now
|
139
|
-
# we're not funneling these proxy implementations through our #request
|
140
|
-
# method above, so they will not inherit the same error handling. In the
|
141
|
-
# future we may want to refactor these so that they are funneled through
|
142
|
-
# that method and do inherit the error handling.
|
143
|
-
def request_get(*args, &block)
|
144
|
-
with_connection(@site) do |http|
|
145
|
-
resp = http.request_get(*args, &block)
|
146
|
-
Puppet.debug("HTTP GET #{@site}#{args.first.split('?').first} returned #{resp.code} #{resp.message}")
|
147
|
-
resp
|
148
|
-
end
|
101
|
+
with_error_handling do
|
102
|
+
to_ruby_response(@client.get(to_url(path), headers: headers, options: options))
|
149
103
|
end
|
104
|
+
end
|
150
105
|
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
106
|
+
# @param path [String]
|
107
|
+
# @param data [String]
|
108
|
+
# @param headers [Hash{String => String}]
|
109
|
+
# @!macro common_options
|
110
|
+
# @api public
|
111
|
+
def post(path, data, headers = nil, options = {})
|
112
|
+
headers ||= {}
|
113
|
+
headers['Content-Type'] ||= "application/x-www-form-urlencoded"
|
114
|
+
data ||= ''
|
115
|
+
options[:ssl_context] ||= resolve_ssl_context
|
116
|
+
options[:redirect_limit] ||= @redirect_limit
|
117
|
+
|
118
|
+
with_error_handling do
|
119
|
+
to_ruby_response(@client.post(to_url(path), data, headers: headers, options: options))
|
157
120
|
end
|
121
|
+
end
|
158
122
|
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
|
123
|
+
# @param path [String]
|
124
|
+
# @param headers [Hash{String => String}]
|
125
|
+
# @!macro common_options
|
126
|
+
# @api public
|
127
|
+
def head(path, headers = {}, options = {})
|
128
|
+
headers ||= {}
|
129
|
+
options[:ssl_context] ||= resolve_ssl_context
|
130
|
+
options[:redirect_limit] ||= @redirect_limit
|
167
131
|
|
168
|
-
|
169
|
-
|
170
|
-
@site.host
|
132
|
+
with_error_handling do
|
133
|
+
to_ruby_response(@client.head(to_url(path), headers: headers, options: options))
|
171
134
|
end
|
135
|
+
end
|
172
136
|
|
173
|
-
|
174
|
-
|
175
|
-
|
176
|
-
|
137
|
+
# @param path [String]
|
138
|
+
# @param headers [Hash{String => String}]
|
139
|
+
# @!macro common_options
|
140
|
+
# @api public
|
141
|
+
def delete(path, headers = {'Depth' => 'Infinity'}, options = {})
|
142
|
+
headers ||= {}
|
143
|
+
options[:ssl_context] ||= resolve_ssl_context
|
144
|
+
options[:redirect_limit] ||= @redirect_limit
|
177
145
|
|
178
|
-
|
179
|
-
|
180
|
-
@site.use_ssl?
|
146
|
+
with_error_handling do
|
147
|
+
to_ruby_response(@client.delete(to_url(path), headers: headers, options: options))
|
181
148
|
end
|
149
|
+
end
|
182
150
|
|
183
|
-
|
184
|
-
|
185
|
-
|
151
|
+
# @param path [String]
|
152
|
+
# @param data [String]
|
153
|
+
# @param headers [Hash{String => String}]
|
154
|
+
# @!macro common_options
|
155
|
+
# @api public
|
156
|
+
def put(path, data, headers = nil, options = {})
|
157
|
+
headers ||= {}
|
158
|
+
headers['Content-Type'] ||= "application/x-www-form-urlencoded"
|
159
|
+
data ||= ''
|
160
|
+
options[:ssl_context] ||= resolve_ssl_context
|
161
|
+
options[:redirect_limit] ||= @redirect_limit
|
162
|
+
|
163
|
+
with_error_handling do
|
164
|
+
to_ruby_response(@client.put(to_url(path), data, headers: headers, options: options))
|
186
165
|
end
|
166
|
+
end
|
187
167
|
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
0.upto(@redirect_limit) do |redirection|
|
196
|
-
return response if response
|
197
|
-
|
198
|
-
with_connection(current_site) do |connection|
|
199
|
-
apply_options_to(current_request, options)
|
200
|
-
|
201
|
-
current_response = execute_request(connection, current_request)
|
202
|
-
|
203
|
-
case current_response.code.to_i
|
204
|
-
when 301, 302, 307
|
205
|
-
# handle redirection
|
206
|
-
location = URI.parse(current_response['location'])
|
207
|
-
current_site = current_site.move_to(location)
|
208
|
-
|
209
|
-
# update to the current request path
|
210
|
-
current_request = current_request.class.new(location.path)
|
211
|
-
current_request.body = request.body
|
212
|
-
request.each do |header, value|
|
213
|
-
current_request[header] = value
|
214
|
-
end
|
215
|
-
when 429, 503
|
216
|
-
if connection.started?
|
217
|
-
Puppet.debug("Closing connection for #{current_site}")
|
218
|
-
connection.finish
|
219
|
-
end
|
220
|
-
response = handle_retry_after(current_response)
|
221
|
-
else
|
222
|
-
response = current_response
|
223
|
-
end
|
224
|
-
end
|
225
|
-
|
226
|
-
# and try again...
|
227
|
-
end
|
168
|
+
def request_get(*args, &block)
|
169
|
+
path, headers = *args
|
170
|
+
headers ||= {}
|
171
|
+
options = {
|
172
|
+
ssl_context: resolve_ssl_context,
|
173
|
+
redirect_limit: @redirect_limit
|
174
|
+
}
|
228
175
|
|
229
|
-
|
176
|
+
ruby_response = nil
|
177
|
+
@client.get(to_url(path), headers: headers, options: options) do |response|
|
178
|
+
ruby_response = to_ruby_response(response)
|
179
|
+
yield ruby_response if block_given?
|
230
180
|
end
|
181
|
+
ruby_response
|
182
|
+
end
|
231
183
|
|
232
|
-
|
233
|
-
|
234
|
-
|
235
|
-
|
236
|
-
|
237
|
-
|
238
|
-
|
239
|
-
# HTTP client.
|
240
|
-
#
|
241
|
-
# @return [nil] Sleeps and returns nil if the response contained a
|
242
|
-
# Retry-After header that indicated the request should be retried.
|
243
|
-
# @return [Net::HTTPResponse] Returns the `response` unmodified if
|
244
|
-
# no Retry-After header was present or the Retry-After header could
|
245
|
-
# not be parsed as an integer or RFC 2822 date.
|
246
|
-
def handle_retry_after(response)
|
247
|
-
retry_after = response['Retry-After']
|
248
|
-
return response if retry_after.nil?
|
249
|
-
|
250
|
-
retry_sleep = parse_retry_after_header(retry_after)
|
251
|
-
# Recover remote hostname if Net::HTTPResponse was generated by a
|
252
|
-
# method that fills in the uri attribute.
|
253
|
-
#
|
254
|
-
server_hostname = if response.uri.is_a?(URI)
|
255
|
-
response.uri.host
|
256
|
-
else
|
257
|
-
# TRANSLATORS: Used in the phrase:
|
258
|
-
# "Received a response from the remote server."
|
259
|
-
_('the remote server')
|
260
|
-
end
|
261
|
-
|
262
|
-
if retry_sleep.nil?
|
263
|
-
Puppet.err(_('Received a %{status_code} response from %{server_hostname}, but the Retry-After header value of "%{retry_after}" could not be converted to an integer or RFC 2822 date.') %
|
264
|
-
{status_code: response.code,
|
265
|
-
server_hostname: server_hostname,
|
266
|
-
retry_after: retry_after.inspect})
|
267
|
-
|
268
|
-
return response
|
269
|
-
end
|
270
|
-
|
271
|
-
# Cap maximum sleep at the run interval of the Puppet agent.
|
272
|
-
retry_sleep = [retry_sleep, Puppet[:runinterval]].min
|
184
|
+
def request_head(*args, &block)
|
185
|
+
path, headers = *args
|
186
|
+
headers ||= {}
|
187
|
+
options = {
|
188
|
+
ssl_context: resolve_ssl_context,
|
189
|
+
redirect_limit: @redirect_limit
|
190
|
+
}
|
273
191
|
|
274
|
-
|
275
|
-
|
276
|
-
|
277
|
-
|
192
|
+
response = @client.head(to_url(path), headers: headers, options: options)
|
193
|
+
ruby_response = to_ruby_response(response)
|
194
|
+
yield ruby_response if block_given?
|
195
|
+
ruby_response
|
196
|
+
end
|
278
197
|
|
279
|
-
|
198
|
+
def request_post(*args, &block)
|
199
|
+
path, data, headers = *args
|
200
|
+
headers ||= {}
|
201
|
+
headers['Content-Type'] ||= "application/x-www-form-urlencoded"
|
202
|
+
options = {
|
203
|
+
ssl_context: resolve_ssl_context,
|
204
|
+
redirect_limit: @redirect_limit
|
205
|
+
}
|
280
206
|
|
281
|
-
|
207
|
+
ruby_response = nil
|
208
|
+
@client.post(to_url(path), data, headers: headers, options: options) do |response|
|
209
|
+
ruby_response = to_ruby_response(response)
|
210
|
+
yield ruby_response if block_given?
|
282
211
|
end
|
212
|
+
ruby_response
|
213
|
+
end
|
283
214
|
|
284
|
-
|
285
|
-
|
286
|
-
|
287
|
-
|
288
|
-
|
289
|
-
|
290
|
-
|
291
|
-
#
|
292
|
-
|
293
|
-
|
294
|
-
#
|
295
|
-
|
296
|
-
|
297
|
-
|
298
|
-
|
299
|
-
|
300
|
-
|
301
|
-
|
302
|
-
|
303
|
-
|
304
|
-
|
305
|
-
|
306
|
-
|
307
|
-
|
308
|
-
|
309
|
-
|
310
|
-
|
311
|
-
sleep = (retry_after.to_time - DateTime.now.to_time).to_i
|
312
|
-
(sleep > 0) ? sleep : 0
|
313
|
-
end
|
215
|
+
private
|
216
|
+
|
217
|
+
# Resolve the ssl_context based on the verifier associated with this
|
218
|
+
# connection or load the available set of certs and key on disk.
|
219
|
+
# Don't try to bootstrap the agent, as we only want that to be triggered
|
220
|
+
# when running `puppet ssl` or `puppet agent`.
|
221
|
+
def resolve_ssl_context
|
222
|
+
# don't need an ssl context for http connections
|
223
|
+
return nil unless @site.use_ssl?
|
224
|
+
|
225
|
+
# if our verifier has an ssl_context, use that
|
226
|
+
ctx = @verifier.ssl_context
|
227
|
+
return ctx if ctx
|
228
|
+
|
229
|
+
# load available certs
|
230
|
+
cert = Puppet::X509::CertProvider.new
|
231
|
+
ssl = Puppet::SSL::SSLProvider.new
|
232
|
+
begin
|
233
|
+
password = cert.load_private_key_password
|
234
|
+
ssl.load_context(certname: Puppet[:certname], password: password)
|
235
|
+
rescue Puppet::SSL::SSLError => e
|
236
|
+
Puppet.log_exception(e)
|
237
|
+
|
238
|
+
# if we don't have cacerts, then create a root context that doesn't
|
239
|
+
# trust anything. The old code used to fallback to VERIFY_NONE,
|
240
|
+
# which we don't want to emulate.
|
241
|
+
ssl.create_root_context(cacerts: [])
|
314
242
|
end
|
243
|
+
end
|
315
244
|
|
316
|
-
|
317
|
-
|
318
|
-
|
319
|
-
|
320
|
-
|
321
|
-
|
245
|
+
def to_url(path)
|
246
|
+
if path =~ /^https?:\/\//
|
247
|
+
# The old Connection class accepts a URL as the request path, and sends
|
248
|
+
# it in "absolute-form" in the request line, e.g. GET https://puppet:8140/.
|
249
|
+
# See https://httpwg.org/specs/rfc7230.html#absolute-form. It just so happens
|
250
|
+
# to work because HTTP 1.1 servers are required to accept absolute-form even
|
251
|
+
# though clients are only supposed to send them to proxies, so the proxy knows
|
252
|
+
# what upstream server to CONNECT to. This method creates a URL using the
|
253
|
+
# scheme/host/port that the connection was created with, and appends the path
|
254
|
+
# and query portions of the absolute-form. The resulting request will use "origin-form"
|
255
|
+
# as it should have done all along.
|
256
|
+
abs_form = URI(path)
|
257
|
+
url = URI("#{@site.addr}/#{normalize_path(abs_form.path)}")
|
258
|
+
url.query = abs_form.query if abs_form.query
|
259
|
+
url
|
260
|
+
else
|
261
|
+
URI("#{@site.addr}/#{normalize_path(path)}")
|
322
262
|
end
|
263
|
+
end
|
323
264
|
|
324
|
-
|
325
|
-
|
326
|
-
|
327
|
-
|
328
|
-
|
329
|
-
rescue => exception
|
330
|
-
elapsed = (Time.now - start).to_f.round(3)
|
331
|
-
uri = [@site.addr, request.path.split('?')[0]].join('/')
|
332
|
-
|
333
|
-
case exception
|
334
|
-
when EOFError
|
335
|
-
Puppet.log_exception(exception, _('request %{uri} interrupted after %{elapsed} seconds') % {uri: uri, elapsed: elapsed})
|
336
|
-
when Timeout::Error
|
337
|
-
Puppet.log_exception(exception, _('request %{uri} timed out after %{elapsed} seconds') % {uri: uri, elapsed: elapsed})
|
338
|
-
else
|
339
|
-
Puppet.log_exception(exception, _('request %{uri} failed: %{msg}') % {uri: uri, msg: exception.message})
|
340
|
-
end
|
341
|
-
|
342
|
-
raise exception
|
265
|
+
def normalize_path(path)
|
266
|
+
if path[0] == '/'
|
267
|
+
path[1..-1]
|
268
|
+
else
|
269
|
+
path
|
343
270
|
end
|
271
|
+
end
|
344
272
|
|
345
|
-
|
346
|
-
|
347
|
-
|
348
|
-
|
349
|
-
|
350
|
-
|
351
|
-
|
352
|
-
|
273
|
+
def with_error_handling(&block)
|
274
|
+
yield
|
275
|
+
rescue Puppet::HTTP::TooManyRedirects => e
|
276
|
+
raise Puppet::Network::HTTP::RedirectionLimitExceededException.new(_("Too many HTTP redirections for %{host}:%{port}") % { host: @host, port: @port }, e)
|
277
|
+
rescue Puppet::HTTP::HTTPError => e
|
278
|
+
Puppet.log_exception(e, e.message)
|
279
|
+
case e.cause
|
280
|
+
when Net::OpenTimeout, Net::ReadTimeout, Net::HTTPError, EOFError
|
281
|
+
raise e.cause
|
282
|
+
else
|
283
|
+
raise e
|
353
284
|
end
|
354
285
|
end
|
355
286
|
end
|
data/lib/puppet/network/http.rb
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
# This module is used to handle puppet REST requests in puppetserver.
|
1
2
|
module Puppet::Network::HTTP
|
2
3
|
HEADER_ENABLE_PROFILING = "X-Puppet-Profiling"
|
3
4
|
HEADER_PUPPET_VERSION = "X-Puppet-Version"
|
@@ -8,7 +9,9 @@ module Puppet::Network::HTTP
|
|
8
9
|
CA_URL_PREFIX = "/puppet-ca"
|
9
10
|
CA_URL_VERSIONS = "v1"
|
10
11
|
|
12
|
+
require 'puppet/network/authconfig'
|
11
13
|
require 'puppet/network/authorization'
|
14
|
+
|
12
15
|
require 'puppet/network/http/issues'
|
13
16
|
require 'puppet/network/http/error'
|
14
17
|
require 'puppet/network/http/route'
|
@@ -19,7 +22,4 @@ module Puppet::Network::HTTP
|
|
19
22
|
require 'puppet/network/http/response'
|
20
23
|
require 'puppet/network/http/request'
|
21
24
|
require 'puppet/network/http/memory_response'
|
22
|
-
require 'puppet/network/http/compression'
|
23
|
-
|
24
|
-
require 'puppet/http'
|
25
25
|
end
|