puppet 6.29.0 → 7.0.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (811) hide show
  1. checksums.yaml +4 -4
  2. data/CODEOWNERS +16 -2
  3. data/CONTRIBUTING.md +5 -5
  4. data/Gemfile +5 -7
  5. data/Gemfile.lock +52 -143
  6. data/README.md +5 -5
  7. data/conf/fileserver.conf +5 -10
  8. data/ext/README.environment +8 -0
  9. data/ext/build_defaults.yaml +1 -1
  10. data/ext/dbfix.sql +132 -0
  11. data/ext/debian/README.Debian +8 -0
  12. data/ext/debian/README.source +2 -0
  13. data/ext/debian/TODO.Debian +1 -0
  14. data/ext/debian/changelog.erb +1122 -0
  15. data/ext/debian/compat +1 -0
  16. data/ext/debian/control +144 -0
  17. data/ext/debian/copyright +339 -0
  18. data/ext/debian/docs +1 -0
  19. data/ext/debian/fileserver.conf +41 -0
  20. data/ext/debian/puppet-common.dirs +13 -0
  21. data/ext/debian/puppet-common.install +3 -0
  22. data/ext/debian/puppet-common.lintian-overrides +5 -0
  23. data/ext/debian/puppet-common.manpages +28 -0
  24. data/ext/debian/puppet-common.postinst +35 -0
  25. data/ext/debian/puppet-common.postrm +33 -0
  26. data/ext/debian/puppet-el.dirs +1 -0
  27. data/ext/debian/puppet-el.emacsen-install +25 -0
  28. data/ext/debian/puppet-el.emacsen-remove +11 -0
  29. data/ext/debian/puppet-el.emacsen-startup +9 -0
  30. data/ext/debian/puppet-el.install +1 -0
  31. data/ext/debian/puppet-testsuite.install +2 -0
  32. data/ext/debian/puppet-testsuite.lintian-overrides +4 -0
  33. data/ext/debian/puppet.lintian-overrides +3 -0
  34. data/ext/debian/puppet.logrotate +20 -0
  35. data/ext/debian/puppet.postinst +20 -0
  36. data/ext/debian/puppet.postrm +20 -0
  37. data/ext/debian/puppet.preinst +20 -0
  38. data/ext/debian/puppetmaster-common.install +2 -0
  39. data/ext/debian/puppetmaster-common.manpages +2 -0
  40. data/ext/debian/puppetmaster-common.postinst +6 -0
  41. data/ext/debian/puppetmaster-passenger.dirs +4 -0
  42. data/ext/debian/puppetmaster-passenger.postinst +162 -0
  43. data/ext/debian/puppetmaster-passenger.postrm +61 -0
  44. data/ext/debian/puppetmaster.README.debian +17 -0
  45. data/ext/debian/puppetmaster.default +14 -0
  46. data/ext/debian/puppetmaster.init +137 -0
  47. data/ext/debian/puppetmaster.lintian-overrides +3 -0
  48. data/ext/debian/puppetmaster.postinst +20 -0
  49. data/ext/debian/puppetmaster.postrm +5 -0
  50. data/ext/debian/puppetmaster.preinst +22 -0
  51. data/ext/debian/rules +132 -0
  52. data/ext/debian/source/format +1 -0
  53. data/ext/debian/source/options +1 -0
  54. data/ext/debian/vim-puppet.README.Debian +13 -0
  55. data/ext/debian/vim-puppet.dirs +5 -0
  56. data/ext/debian/vim-puppet.yaml +7 -0
  57. data/ext/debian/watch +2 -0
  58. data/ext/freebsd/puppetd +26 -0
  59. data/ext/freebsd/puppetmasterd +26 -0
  60. data/ext/gentoo/conf.d/puppet +5 -0
  61. data/ext/gentoo/conf.d/puppetmaster +12 -0
  62. data/ext/gentoo/init.d/puppet +38 -0
  63. data/ext/gentoo/init.d/puppetmaster +51 -0
  64. data/ext/gentoo/puppet/fileserver.conf +41 -0
  65. data/ext/ips/puppet-agent +44 -0
  66. data/ext/ips/puppet-master +44 -0
  67. data/ext/ips/puppet.p5m.erb +12 -0
  68. data/ext/ips/puppetagent.xml +42 -0
  69. data/ext/ips/puppetmaster.xml +42 -0
  70. data/ext/ips/rules +19 -0
  71. data/ext/ips/transforms +34 -0
  72. data/ext/ldap/puppet.schema +24 -0
  73. data/ext/logcheck/puppet +23 -0
  74. data/{examples → ext}/nagios/check_puppet.rb +2 -2
  75. data/ext/osx/file_mapping.yaml +28 -0
  76. data/ext/osx/postflight.erb +109 -0
  77. data/ext/osx/preflight.erb +52 -0
  78. data/ext/osx/prototype.plist.erb +38 -0
  79. data/ext/osx/puppet.plist +0 -2
  80. data/ext/project_data.yaml +2 -16
  81. data/ext/redhat/fileserver.conf +41 -0
  82. data/ext/redhat/logrotate +21 -0
  83. data/ext/redhat/puppet.spec.erb +841 -0
  84. data/ext/redhat/server.init +128 -0
  85. data/ext/redhat/server.sysconfig +13 -0
  86. data/{examples/enc → ext}/regexp_nodes/classes/databases +0 -0
  87. data/{examples/enc → ext}/regexp_nodes/classes/webservers +0 -0
  88. data/{examples/enc → ext}/regexp_nodes/environment/development +0 -0
  89. data/{examples/enc → ext}/regexp_nodes/parameters/service/prod +0 -0
  90. data/{examples/enc → ext}/regexp_nodes/parameters/service/qa +0 -0
  91. data/{examples/enc → ext}/regexp_nodes/parameters/service/sandbox +0 -0
  92. data/{examples/enc → ext}/regexp_nodes/regexp_nodes.rb +0 -0
  93. data/ext/solaris/pkginfo +6 -0
  94. data/ext/solaris/smf/puppetd.xml +77 -0
  95. data/ext/solaris/smf/puppetmasterd.xml +77 -0
  96. data/ext/solaris/smf/svc-puppetd +71 -0
  97. data/ext/solaris/smf/svc-puppetmasterd +67 -0
  98. data/ext/suse/puppet.spec +310 -0
  99. data/ext/suse/server.init +173 -0
  100. data/ext/windows/service/daemon.rb +6 -5
  101. data/ext/yaml_nodes.rb +105 -0
  102. data/install.rb +21 -17
  103. data/lib/puppet/agent.rb +11 -47
  104. data/lib/puppet/application/agent.rb +16 -18
  105. data/lib/puppet/application/apply.rb +4 -24
  106. data/lib/puppet/application/device.rb +100 -106
  107. data/lib/puppet/application/filebucket.rb +13 -10
  108. data/lib/puppet/application/lookup.rb +24 -74
  109. data/lib/puppet/application/resource.rb +16 -32
  110. data/lib/puppet/application/script.rb +0 -2
  111. data/lib/puppet/application/ssl.rb +1 -13
  112. data/lib/puppet/application.rb +178 -108
  113. data/lib/puppet/application_support.rb +0 -7
  114. data/lib/puppet/concurrent/thread_local_singleton.rb +3 -6
  115. data/lib/puppet/configurer/downloader.rb +1 -2
  116. data/lib/puppet/configurer/plugin_handler.rb +21 -19
  117. data/lib/puppet/configurer.rb +86 -183
  118. data/lib/puppet/confine/variable.rb +1 -1
  119. data/lib/puppet/defaults.rb +130 -244
  120. data/lib/puppet/environments.rb +82 -146
  121. data/lib/puppet/face/facts.rb +5 -103
  122. data/lib/puppet/face/generate.rb +0 -2
  123. data/lib/puppet/face/help/action.erb +0 -1
  124. data/lib/puppet/face/help/face.erb +0 -1
  125. data/lib/puppet/face/help.rb +1 -1
  126. data/lib/puppet/face/node/clean.rb +0 -11
  127. data/lib/puppet/face/plugin.rb +5 -8
  128. data/lib/puppet/ffi/windows/api_types.rb +311 -0
  129. data/lib/puppet/ffi/windows/constants.rb +404 -0
  130. data/lib/puppet/ffi/windows/functions.rb +628 -0
  131. data/lib/puppet/ffi/windows/structs.rb +338 -0
  132. data/lib/puppet/ffi/windows.rb +12 -0
  133. data/lib/puppet/file_serving/configuration/parser.rb +3 -34
  134. data/lib/puppet/file_serving/configuration.rb +0 -8
  135. data/lib/puppet/file_serving/fileset.rb +2 -14
  136. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  137. data/lib/puppet/file_serving/metadata.rb +0 -3
  138. data/lib/puppet/file_serving/mount/file.rb +4 -4
  139. data/lib/puppet/file_serving/mount.rb +1 -2
  140. data/lib/puppet/file_system/file_impl.rb +8 -10
  141. data/lib/puppet/file_system/jruby.rb +1 -1
  142. data/lib/puppet/file_system/memory_file.rb +1 -8
  143. data/lib/puppet/file_system/windows.rb +6 -8
  144. data/lib/puppet/file_system.rb +1 -1
  145. data/lib/puppet/forge/repository.rb +0 -1
  146. data/lib/puppet/forge.rb +4 -4
  147. data/lib/puppet/functions/all.rb +1 -1
  148. data/lib/puppet/functions/camelcase.rb +1 -1
  149. data/lib/puppet/functions/capitalize.rb +2 -2
  150. data/lib/puppet/functions/downcase.rb +2 -2
  151. data/lib/puppet/functions/empty.rb +0 -8
  152. data/lib/puppet/functions/find_template.rb +2 -2
  153. data/lib/puppet/functions/get.rb +5 -5
  154. data/lib/puppet/functions/group_by.rb +5 -13
  155. data/lib/puppet/functions/lest.rb +1 -1
  156. data/lib/puppet/functions/new.rb +100 -100
  157. data/lib/puppet/functions/next.rb +1 -18
  158. data/lib/puppet/functions/partition.rb +4 -12
  159. data/lib/puppet/functions/require.rb +5 -5
  160. data/lib/puppet/functions/sort.rb +3 -3
  161. data/lib/puppet/functions/strftime.rb +0 -1
  162. data/lib/puppet/functions/tree_each.rb +10 -7
  163. data/lib/puppet/functions/type.rb +4 -4
  164. data/lib/puppet/functions/unwrap.rb +2 -17
  165. data/lib/puppet/functions/upcase.rb +2 -2
  166. data/lib/puppet/functions/versioncmp.rb +2 -6
  167. data/lib/puppet/generate/models/type/type.rb +4 -1
  168. data/lib/puppet/generate/type.rb +0 -9
  169. data/lib/puppet/http/client.rb +167 -137
  170. data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
  171. data/lib/puppet/http/errors.rb +16 -0
  172. data/lib/puppet/http/external_client.rb +5 -7
  173. data/lib/puppet/{network/http → http}/factory.rb +8 -15
  174. data/lib/puppet/{network/http → http}/pool.rb +61 -26
  175. data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
  176. data/lib/puppet/http/proxy.rb +137 -0
  177. data/lib/puppet/http/redirector.rb +4 -17
  178. data/lib/puppet/http/resolver/server_list.rb +10 -25
  179. data/lib/puppet/http/resolver/settings.rb +4 -7
  180. data/lib/puppet/http/resolver/srv.rb +7 -11
  181. data/lib/puppet/http/resolver.rb +5 -15
  182. data/lib/puppet/http/response.rb +36 -54
  183. data/lib/puppet/http/response_converter.rb +24 -0
  184. data/lib/puppet/http/response_net_http.rb +42 -0
  185. data/lib/puppet/http/retry_after_handler.rb +4 -13
  186. data/lib/puppet/http/service/ca.rb +11 -22
  187. data/lib/puppet/http/service/compiler.rb +23 -144
  188. data/lib/puppet/http/service/file_server.rb +19 -29
  189. data/lib/puppet/http/service/puppetserver.rb +26 -12
  190. data/lib/puppet/http/service/report.rb +8 -10
  191. data/lib/puppet/http/service.rb +12 -26
  192. data/lib/puppet/http/session.rb +11 -20
  193. data/lib/puppet/{network/http → http}/site.rb +1 -2
  194. data/lib/puppet/http.rb +22 -13
  195. data/lib/puppet/indirector/catalog/compiler.rb +6 -25
  196. data/lib/puppet/indirector/catalog/rest.rb +2 -5
  197. data/lib/puppet/indirector/facts/facter.rb +6 -6
  198. data/lib/puppet/indirector/facts/rest.rb +3 -22
  199. data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
  200. data/lib/puppet/indirector/file_content/rest.rb +2 -6
  201. data/lib/puppet/indirector/file_metadata/rest.rb +3 -10
  202. data/lib/puppet/indirector/file_server.rb +1 -8
  203. data/lib/puppet/indirector/generic_http.rb +0 -11
  204. data/lib/puppet/indirector/indirection.rb +1 -1
  205. data/lib/puppet/indirector/node/rest.rb +2 -4
  206. data/lib/puppet/indirector/report/rest.rb +3 -8
  207. data/lib/puppet/indirector/request.rb +0 -101
  208. data/lib/puppet/indirector/resource/ral.rb +1 -6
  209. data/lib/puppet/indirector/rest.rb +12 -263
  210. data/lib/puppet/indirector/terminus.rb +0 -4
  211. data/lib/puppet/interface/documentation.rb +0 -1
  212. data/lib/puppet/module/plan.rb +1 -0
  213. data/lib/puppet/module/task.rb +1 -1
  214. data/lib/puppet/module.rb +0 -1
  215. data/lib/puppet/module_tool/applications/installer.rb +2 -56
  216. data/lib/puppet/module_tool/applications/uninstaller.rb +1 -1
  217. data/lib/puppet/module_tool/applications/upgrader.rb +1 -1
  218. data/lib/puppet/module_tool/applications.rb +0 -1
  219. data/lib/puppet/module_tool/errors/shared.rb +2 -34
  220. data/lib/puppet/network/authconfig.rb +2 -96
  221. data/lib/puppet/network/authorization.rb +13 -35
  222. data/lib/puppet/network/formats.rb +0 -67
  223. data/lib/puppet/network/http/api/indirected_routes.rb +3 -21
  224. data/lib/puppet/network/http/api/master/v3.rb +11 -13
  225. data/lib/puppet/network/http/connection.rb +247 -316
  226. data/lib/puppet/network/http/handler.rb +0 -1
  227. data/lib/puppet/network/http.rb +3 -3
  228. data/lib/puppet/network/http_pool.rb +16 -34
  229. data/lib/puppet/node/environment.rb +11 -10
  230. data/lib/puppet/node.rb +2 -31
  231. data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
  232. data/lib/puppet/pal/pal_impl.rb +4 -2
  233. data/lib/puppet/parser/ast/leaf.rb +2 -3
  234. data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
  235. data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
  236. data/lib/puppet/parser/compiler.rb +0 -198
  237. data/lib/puppet/parser/functions/fqdn_rand.rb +6 -14
  238. data/lib/puppet/parser/resource.rb +1 -70
  239. data/lib/puppet/parser/scope.rb +0 -1
  240. data/lib/puppet/parser/templatewrapper.rb +1 -2
  241. data/lib/puppet/pops/evaluator/closure.rb +5 -7
  242. data/lib/puppet/pops/evaluator/deferred_resolver.rb +3 -5
  243. data/lib/puppet/pops/evaluator/evaluator_impl.rb +0 -5
  244. data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -4
  245. data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
  246. data/lib/puppet/pops/issues.rb +0 -5
  247. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
  248. data/lib/puppet/pops/lookup/lookup_adapter.rb +2 -3
  249. data/lib/puppet/pops/model/ast.pp +0 -42
  250. data/lib/puppet/pops/model/ast.rb +0 -291
  251. data/lib/puppet/pops/model/ast_transformer.rb +1 -1
  252. data/lib/puppet/pops/model/factory.rb +1 -47
  253. data/lib/puppet/pops/model/model_label_provider.rb +0 -5
  254. data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
  255. data/lib/puppet/pops/model/pn_transformer.rb +0 -16
  256. data/lib/puppet/pops/parser/code_merger.rb +4 -4
  257. data/lib/puppet/pops/parser/egrammar.ra +0 -58
  258. data/lib/puppet/pops/parser/eparser.rb +1685 -1896
  259. data/lib/puppet/pops/parser/lexer2.rb +91 -92
  260. data/lib/puppet/pops/parser/parser_support.rb +0 -5
  261. data/lib/puppet/pops/parser/slurp_support.rb +0 -1
  262. data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
  263. data/lib/puppet/pops/serialization/to_stringified_converter.rb +1 -1
  264. data/lib/puppet/pops/types/p_sem_ver_type.rb +2 -8
  265. data/lib/puppet/pops/types/p_sensitive_type.rb +0 -10
  266. data/lib/puppet/pops/types/type_calculator.rb +0 -7
  267. data/lib/puppet/pops/types/type_formatter.rb +3 -4
  268. data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
  269. data/lib/puppet/pops/types/type_parser.rb +0 -4
  270. data/lib/puppet/pops/types/types.rb +1 -2
  271. data/lib/puppet/pops/validation/checker4_0.rb +9 -37
  272. data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
  273. data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
  274. data/lib/puppet/property/list.rb +1 -1
  275. data/lib/puppet/provider/aix_object.rb +1 -1
  276. data/lib/puppet/provider/exec/posix.rb +4 -16
  277. data/lib/puppet/provider/group/groupadd.rb +10 -18
  278. data/lib/puppet/provider/nameservice.rb +0 -18
  279. data/lib/puppet/provider/package/apt.rb +2 -34
  280. data/lib/puppet/provider/package/aptitude.rb +0 -6
  281. data/lib/puppet/provider/package/dnfmodule.rb +1 -1
  282. data/lib/puppet/provider/package/dpkg.rb +0 -10
  283. data/lib/puppet/provider/package/gem.rb +23 -3
  284. data/lib/puppet/provider/package/nim.rb +6 -11
  285. data/lib/puppet/provider/package/pip.rb +3 -16
  286. data/lib/puppet/provider/package/pkg.rb +2 -23
  287. data/lib/puppet/provider/package/portage.rb +1 -1
  288. data/lib/puppet/provider/package/puppet_gem.rb +1 -4
  289. data/lib/puppet/provider/package/puppetserver_gem.rb +17 -8
  290. data/lib/puppet/provider/package/windows/exe_package.rb +1 -30
  291. data/lib/puppet/provider/package/windows/package.rb +1 -2
  292. data/lib/puppet/provider/package/windows.rb +1 -14
  293. data/lib/puppet/provider/package/yum.rb +1 -1
  294. data/lib/puppet/provider/parsedfile.rb +0 -3
  295. data/lib/puppet/provider/service/base.rb +1 -1
  296. data/lib/puppet/provider/service/debian.rb +0 -2
  297. data/lib/puppet/provider/service/init.rb +9 -10
  298. data/lib/puppet/provider/service/launchd.rb +2 -2
  299. data/lib/puppet/provider/service/redhat.rb +1 -1
  300. data/lib/puppet/provider/service/smf.rb +194 -76
  301. data/lib/puppet/provider/service/systemd.rb +6 -16
  302. data/lib/puppet/provider/service/upstart.rb +5 -5
  303. data/lib/puppet/provider/service/windows.rb +0 -38
  304. data/lib/puppet/provider/user/aix.rb +3 -46
  305. data/lib/puppet/provider/user/directoryservice.rb +11 -39
  306. data/lib/puppet/provider/user/useradd.rb +24 -134
  307. data/lib/puppet/provider.rb +1 -14
  308. data/lib/puppet/reference/configuration.rb +8 -7
  309. data/lib/puppet/reference/indirection.rb +1 -1
  310. data/lib/puppet/reference/providers.rb +2 -2
  311. data/lib/puppet/resource/catalog.rb +2 -15
  312. data/lib/puppet/resource/type.rb +3 -119
  313. data/lib/puppet/resource/type_collection.rb +3 -49
  314. data/lib/puppet/resource.rb +6 -127
  315. data/lib/puppet/runtime.rb +2 -13
  316. data/lib/puppet/settings/environment_conf.rb +0 -1
  317. data/lib/puppet/settings/integer_setting.rb +17 -0
  318. data/lib/puppet/settings/port_setting.rb +15 -0
  319. data/lib/puppet/settings/priority_setting.rb +5 -4
  320. data/lib/puppet/settings.rb +82 -98
  321. data/lib/puppet/ssl/base.rb +3 -5
  322. data/lib/puppet/ssl/certificate.rb +0 -6
  323. data/lib/puppet/ssl/certificate_request.rb +1 -12
  324. data/lib/puppet/ssl/certificate_signer.rb +6 -0
  325. data/lib/puppet/ssl/oids.rb +3 -1
  326. data/lib/puppet/ssl/ssl_provider.rb +36 -75
  327. data/lib/puppet/ssl/state_machine.rb +20 -14
  328. data/lib/puppet/ssl/verifier.rb +2 -6
  329. data/lib/puppet/ssl.rb +10 -6
  330. data/lib/puppet/test/test_helper.rb +2 -7
  331. data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
  332. data/lib/puppet/transaction/persistence.rb +1 -21
  333. data/lib/puppet/transaction/report.rb +3 -19
  334. data/lib/puppet/transaction.rb +1 -7
  335. data/lib/puppet/type/exec.rb +6 -36
  336. data/lib/puppet/type/file/checksum.rb +1 -1
  337. data/lib/puppet/type/file/data_sync.rb +1 -1
  338. data/lib/puppet/type/file/mode.rb +0 -6
  339. data/lib/puppet/type/file/selcontext.rb +1 -1
  340. data/lib/puppet/type/file/source.rb +1 -1
  341. data/lib/puppet/type/file.rb +12 -32
  342. data/lib/puppet/type/filebucket.rb +4 -4
  343. data/lib/puppet/type/group.rb +1 -0
  344. data/lib/puppet/type/package.rb +8 -16
  345. data/lib/puppet/type/resources.rb +1 -1
  346. data/lib/puppet/type/service.rb +41 -26
  347. data/lib/puppet/type/tidy.rb +3 -22
  348. data/lib/puppet/type/user.rb +13 -35
  349. data/lib/puppet/type.rb +1 -77
  350. data/lib/puppet/util/autoload.rb +8 -1
  351. data/lib/puppet/util/command_line.rb +1 -1
  352. data/lib/puppet/util/execution.rb +0 -11
  353. data/lib/puppet/util/filetype.rb +2 -2
  354. data/lib/puppet/util/http_proxy.rb +2 -215
  355. data/lib/puppet/util/json.rb +0 -20
  356. data/lib/puppet/util/log.rb +4 -8
  357. data/lib/puppet/util/logging.rb +25 -1
  358. data/lib/puppet/util/monkey_patches.rb +2 -59
  359. data/lib/puppet/util/package.rb +16 -25
  360. data/lib/puppet/util/pidlock.rb +1 -1
  361. data/lib/puppet/util/posix.rb +5 -54
  362. data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +1 -1
  363. data/lib/puppet/util/rdoc.rb +0 -7
  364. data/lib/puppet/util/retry_action.rb +1 -1
  365. data/lib/puppet/util/run_mode.rb +9 -1
  366. data/lib/puppet/util/selinux.rb +4 -30
  367. data/lib/puppet/util/suidmanager.rb +2 -1
  368. data/lib/puppet/util/symbolic_file_mode.rb +17 -29
  369. data/lib/puppet/util/tagging.rb +0 -1
  370. data/lib/puppet/util/windows/adsi.rb +0 -46
  371. data/lib/puppet/util/windows/daemon.rb +360 -0
  372. data/lib/puppet/util/windows/error.rb +1 -0
  373. data/lib/puppet/util/windows/eventlog.rb +4 -9
  374. data/lib/puppet/util/windows/file.rb +8 -242
  375. data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
  376. data/lib/puppet/util/windows/principal.rb +2 -9
  377. data/lib/puppet/util/windows/process.rb +4 -226
  378. data/lib/puppet/util/windows/service.rb +11 -457
  379. data/lib/puppet/util/windows/sid.rb +2 -6
  380. data/lib/puppet/util/windows/string.rb +12 -13
  381. data/lib/puppet/util/windows/user.rb +2 -0
  382. data/lib/puppet/util/windows.rb +3 -11
  383. data/lib/puppet/util/yaml.rb +1 -42
  384. data/lib/puppet/util.rb +5 -5
  385. data/lib/puppet/vendor/require_vendored.rb +0 -1
  386. data/lib/puppet/version.rb +1 -1
  387. data/lib/puppet/x509/cert_provider.rb +29 -1
  388. data/lib/puppet/x509.rb +5 -1
  389. data/lib/puppet.rb +34 -27
  390. data/locales/puppet.pot +9633 -5
  391. data/man/man5/puppet.conf.5 +286 -401
  392. data/man/man8/puppet-agent.8 +2 -5
  393. data/man/man8/puppet-apply.8 +2 -2
  394. data/man/man8/puppet-catalog.8 +9 -9
  395. data/man/man8/puppet-config.8 +1 -1
  396. data/man/man8/puppet-describe.8 +1 -1
  397. data/man/man8/puppet-device.8 +2 -2
  398. data/man/man8/puppet-doc.8 +1 -1
  399. data/man/man8/puppet-epp.8 +1 -1
  400. data/man/man8/puppet-facts.8 +8 -51
  401. data/man/man8/puppet-filebucket.8 +4 -4
  402. data/man/man8/puppet-generate.8 +1 -1
  403. data/man/man8/puppet-help.8 +1 -1
  404. data/man/man8/puppet-lookup.8 +6 -9
  405. data/man/man8/puppet-module.8 +3 -60
  406. data/man/man8/puppet-node.8 +5 -5
  407. data/man/man8/puppet-parser.8 +1 -1
  408. data/man/man8/puppet-plugin.8 +1 -1
  409. data/man/man8/puppet-report.8 +5 -5
  410. data/man/man8/puppet-resource.8 +1 -1
  411. data/man/man8/puppet-script.8 +2 -2
  412. data/man/man8/puppet-ssl.8 +1 -5
  413. data/man/man8/puppet.8 +2 -2
  414. data/spec/fixtures/ssl/127.0.0.1-key.pem +57 -107
  415. data/spec/fixtures/ssl/127.0.0.1.pem +31 -52
  416. data/spec/fixtures/ssl/bad-basic-constraints.pem +35 -57
  417. data/spec/fixtures/ssl/bad-int-basic-constraints.pem +35 -57
  418. data/spec/fixtures/ssl/ca.pem +35 -57
  419. data/spec/fixtures/ssl/crl.pem +18 -28
  420. data/spec/fixtures/ssl/ec-key.pem +11 -11
  421. data/spec/fixtures/ssl/ec.pem +24 -33
  422. data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
  423. data/spec/fixtures/ssl/encrypted-key.pem +58 -108
  424. data/spec/fixtures/ssl/intermediate-agent-crl.pem +19 -28
  425. data/spec/fixtures/ssl/intermediate-agent.pem +36 -57
  426. data/spec/fixtures/ssl/intermediate-crl.pem +21 -31
  427. data/spec/fixtures/ssl/intermediate.pem +36 -57
  428. data/spec/fixtures/ssl/pluto-key.pem +57 -107
  429. data/spec/fixtures/ssl/pluto.pem +30 -52
  430. data/spec/fixtures/ssl/request-key.pem +57 -107
  431. data/spec/fixtures/ssl/request.pem +26 -47
  432. data/spec/fixtures/ssl/revoked-key.pem +57 -107
  433. data/spec/fixtures/ssl/revoked.pem +30 -52
  434. data/spec/fixtures/ssl/signed-key.pem +57 -107
  435. data/spec/fixtures/ssl/signed.pem +30 -52
  436. data/spec/fixtures/ssl/tampered-cert.pem +30 -52
  437. data/spec/fixtures/ssl/tampered-csr.pem +26 -47
  438. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +57 -107
  439. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +29 -50
  440. data/spec/fixtures/ssl/unknown-ca-key.pem +57 -107
  441. data/spec/fixtures/ssl/unknown-ca.pem +33 -55
  442. data/spec/fixtures/unit/forge/bacula.json +1 -1
  443. data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
  444. data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +0 -4
  445. data/spec/integration/application/agent_spec.rb +50 -406
  446. data/spec/integration/application/apply_spec.rb +1 -20
  447. data/spec/integration/application/filebucket_spec.rb +16 -32
  448. data/spec/integration/application/help_spec.rb +2 -0
  449. data/spec/integration/application/lookup_spec.rb +50 -81
  450. data/spec/integration/application/module_spec.rb +0 -21
  451. data/spec/integration/application/plugin_spec.rb +24 -2
  452. data/spec/integration/configurer_spec.rb +2 -18
  453. data/spec/integration/defaults_spec.rb +14 -3
  454. data/spec/integration/environments/settings_interpolation_spec.rb +4 -0
  455. data/spec/integration/http/client_spec.rb +4 -63
  456. data/spec/integration/indirector/direct_file_server_spec.rb +3 -1
  457. data/spec/integration/indirector/facts/facter_spec.rb +39 -93
  458. data/spec/integration/network/http_pool_spec.rb +3 -21
  459. data/spec/integration/parser/catalog_spec.rb +0 -38
  460. data/spec/integration/parser/node_spec.rb +0 -9
  461. data/spec/integration/parser/pcore_resource_spec.rb +0 -47
  462. data/spec/integration/resource/type_collection_spec.rb +6 -2
  463. data/spec/integration/transaction/report_spec.rb +1 -1
  464. data/spec/integration/transaction_spec.rb +9 -4
  465. data/spec/integration/type/exec_spec.rb +45 -70
  466. data/spec/integration/type/file_spec.rb +7 -6
  467. data/spec/integration/type/package_spec.rb +6 -6
  468. data/spec/integration/util/rdoc/parser_spec.rb +1 -1
  469. data/spec/integration/util/windows/adsi_spec.rb +1 -21
  470. data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
  471. data/spec/integration/util/windows/principal_spec.rb +0 -21
  472. data/spec/integration/util/windows/process_spec.rb +9 -1
  473. data/spec/integration/util/windows/registry_spec.rb +10 -6
  474. data/spec/integration/util/windows/security_spec.rb +1 -1
  475. data/spec/lib/matchers/include.rb +27 -0
  476. data/spec/lib/matchers/include_spec.rb +32 -0
  477. data/spec/lib/puppet/test_ca.rb +2 -7
  478. data/spec/lib/puppet_spec/https.rb +1 -1
  479. data/spec/lib/puppet_spec/modules.rb +2 -13
  480. data/spec/lib/puppet_spec/puppetserver.rb +3 -55
  481. data/spec/lib/puppet_spec/settings.rb +1 -1
  482. data/spec/shared_behaviours/documentation_on_faces.rb +2 -0
  483. data/spec/spec_helper.rb +17 -13
  484. data/spec/unit/agent_spec.rb +8 -38
  485. data/spec/unit/application/agent_spec.rb +19 -33
  486. data/spec/unit/application/apply_spec.rb +56 -76
  487. data/spec/unit/application/facts_spec.rb +12 -456
  488. data/spec/unit/application/filebucket_spec.rb +43 -39
  489. data/spec/unit/application/lookup_spec.rb +10 -131
  490. data/spec/unit/application/resource_spec.rb +0 -29
  491. data/spec/unit/application/ssl_spec.rb +2 -25
  492. data/spec/unit/application_spec.rb +9 -51
  493. data/spec/unit/certificate_factory_spec.rb +1 -1
  494. data/spec/unit/configurer/downloader_spec.rb +6 -8
  495. data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
  496. data/spec/unit/configurer_spec.rb +68 -327
  497. data/spec/unit/confine/feature_spec.rb +1 -1
  498. data/spec/unit/confine_spec.rb +2 -8
  499. data/spec/unit/context/trusted_information_spec.rb +2 -6
  500. data/spec/unit/daemon_spec.rb +11 -2
  501. data/spec/unit/defaults_spec.rb +68 -55
  502. data/spec/unit/environments_spec.rb +68 -408
  503. data/spec/unit/face/generate_spec.rb +0 -64
  504. data/spec/unit/face/node_spec.rb +11 -0
  505. data/spec/unit/face/plugin_spec.rb +73 -33
  506. data/spec/unit/file_bucket/dipper_spec.rb +2 -2
  507. data/spec/unit/file_bucket/file_spec.rb +1 -1
  508. data/spec/unit/file_serving/configuration/parser_spec.rb +15 -41
  509. data/spec/unit/file_serving/configuration_spec.rb +10 -26
  510. data/spec/unit/file_serving/fileset_spec.rb +0 -60
  511. data/spec/unit/file_serving/metadata_spec.rb +3 -3
  512. data/spec/unit/file_serving/terminus_helper_spec.rb +4 -11
  513. data/spec/unit/file_system_spec.rb +4 -56
  514. data/spec/unit/forge/module_release_spec.rb +10 -5
  515. data/spec/unit/functions/assert_type_spec.rb +1 -1
  516. data/spec/unit/functions/camelcase_spec.rb +1 -1
  517. data/spec/unit/functions/capitalize_spec.rb +1 -1
  518. data/spec/unit/functions/downcase_spec.rb +1 -1
  519. data/spec/unit/functions/empty_spec.rb +0 -10
  520. data/spec/unit/functions/logging_spec.rb +0 -1
  521. data/spec/unit/functions/lookup_spec.rb +0 -64
  522. data/spec/unit/functions/unwrap_spec.rb +0 -8
  523. data/spec/unit/functions/upcase_spec.rb +1 -1
  524. data/spec/unit/functions/versioncmp_spec.rb +4 -40
  525. data/spec/unit/functions4_spec.rb +2 -2
  526. data/spec/unit/gettext/config_spec.rb +0 -12
  527. data/spec/unit/http/client_spec.rb +8 -84
  528. data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
  529. data/spec/unit/http/external_client_spec.rb +4 -4
  530. data/spec/unit/{network/http → http}/factory_spec.rb +5 -30
  531. data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
  532. data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
  533. data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
  534. data/spec/unit/http/resolver_spec.rb +13 -13
  535. data/spec/unit/http/service/compiler_spec.rb +0 -193
  536. data/spec/unit/http/service/file_server_spec.rb +3 -3
  537. data/spec/unit/http/service/puppetserver_spec.rb +34 -4
  538. data/spec/unit/http/service_spec.rb +0 -1
  539. data/spec/unit/http/session_spec.rb +16 -14
  540. data/spec/unit/{network/http → http}/site_spec.rb +3 -3
  541. data/spec/unit/indirector/catalog/compiler_spec.rb +10 -101
  542. data/spec/unit/indirector/catalog/rest_spec.rb +0 -8
  543. data/spec/unit/indirector/face_spec.rb +1 -0
  544. data/spec/unit/indirector/facts/facter_spec.rb +3 -0
  545. data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
  546. data/spec/unit/indirector/file_bucket_file/selector_spec.rb +8 -26
  547. data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
  548. data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
  549. data/spec/unit/indirector/file_server_spec.rb +1 -15
  550. data/spec/unit/indirector/indirection_spec.rb +15 -18
  551. data/spec/unit/indirector/report/rest_spec.rb +2 -17
  552. data/spec/unit/indirector/request_spec.rb +0 -264
  553. data/spec/unit/indirector/resource/ral_spec.rb +75 -40
  554. data/spec/unit/indirector/rest_spec.rb +98 -752
  555. data/spec/unit/indirector/store_configs_spec.rb +7 -0
  556. data/spec/unit/indirector_spec.rb +2 -2
  557. data/spec/unit/interface/action_spec.rb +9 -0
  558. data/spec/unit/module_spec.rb +1 -15
  559. data/spec/unit/module_tool/applications/installer_spec.rb +0 -105
  560. data/spec/unit/network/authconfig_spec.rb +2 -129
  561. data/spec/unit/network/authorization_spec.rb +2 -55
  562. data/spec/unit/network/formats_spec.rb +4 -51
  563. data/spec/unit/network/http/api/indirected_routes_spec.rb +5 -92
  564. data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
  565. data/spec/unit/network/http/api_spec.rb +10 -0
  566. data/spec/unit/network/http/connection_spec.rb +19 -41
  567. data/spec/unit/network/http/handler_spec.rb +0 -1
  568. data/spec/unit/network/http_pool_spec.rb +0 -4
  569. data/spec/unit/node/environment_spec.rb +33 -21
  570. data/spec/unit/node_spec.rb +2 -60
  571. data/spec/unit/parser/compiler_spec.rb +19 -3
  572. data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
  573. data/spec/unit/parser/functions/fqdn_rand_spec.rb +1 -15
  574. data/spec/unit/parser/resource_spec.rb +8 -14
  575. data/spec/unit/parser/templatewrapper_spec.rb +5 -16
  576. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
  577. data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
  578. data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
  579. data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
  580. data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
  581. data/spec/unit/pops/parser/parse_containers_spec.rb +13 -2
  582. data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
  583. data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
  584. data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
  585. data/spec/unit/pops/serialization/to_stringified_spec.rb +0 -5
  586. data/spec/unit/pops/types/p_sem_ver_type_spec.rb +0 -18
  587. data/spec/unit/pops/types/p_sensitive_type_spec.rb +0 -18
  588. data/spec/unit/pops/types/type_calculator_spec.rb +6 -12
  589. data/spec/unit/pops/types/type_factory_spec.rb +1 -1
  590. data/spec/unit/pops/validator/validator_spec.rb +61 -51
  591. data/spec/unit/pops/visitor_spec.rb +1 -1
  592. data/spec/unit/property_spec.rb +0 -1
  593. data/spec/unit/provider/group/groupadd_spec.rb +2 -5
  594. data/spec/unit/provider/nameservice_spec.rb +64 -122
  595. data/spec/unit/provider/package/apt_spec.rb +23 -28
  596. data/spec/unit/provider/package/aptitude_spec.rb +1 -1
  597. data/spec/unit/provider/package/base_spec.rb +5 -6
  598. data/spec/unit/provider/package/dnfmodule_spec.rb +1 -10
  599. data/spec/unit/provider/package/dpkg_spec.rb +0 -48
  600. data/spec/unit/provider/package/gem_spec.rb +33 -1
  601. data/spec/unit/provider/package/nim_spec.rb +0 -42
  602. data/spec/unit/provider/package/pacman_spec.rb +12 -18
  603. data/spec/unit/provider/package/pip2_spec.rb +1 -1
  604. data/spec/unit/provider/package/pip3_spec.rb +1 -1
  605. data/spec/unit/provider/package/pip_spec.rb +12 -44
  606. data/spec/unit/provider/package/pkg_spec.rb +4 -29
  607. data/spec/unit/provider/package/pkgdmg_spec.rb +4 -0
  608. data/spec/unit/provider/package/puppet_gem_spec.rb +4 -3
  609. data/spec/unit/provider/package/puppetserver_gem_spec.rb +3 -3
  610. data/spec/unit/provider/package/windows/exe_package_spec.rb +0 -17
  611. data/spec/unit/provider/parsedfile_spec.rb +0 -10
  612. data/spec/unit/provider/service/gentoo_spec.rb +5 -6
  613. data/spec/unit/provider/service/init_spec.rb +9 -16
  614. data/spec/unit/provider/service/launchd_spec.rb +0 -11
  615. data/spec/unit/provider/service/openwrt_spec.rb +29 -23
  616. data/spec/unit/provider/service/redhat_spec.rb +2 -3
  617. data/spec/unit/provider/service/smf_spec.rb +401 -165
  618. data/spec/unit/provider/service/systemd_spec.rb +9 -54
  619. data/spec/unit/provider/service/windows_spec.rb +0 -203
  620. data/spec/unit/provider/user/aix_spec.rb +0 -105
  621. data/spec/unit/provider/user/directoryservice_spec.rb +36 -68
  622. data/spec/unit/provider/user/hpux_spec.rb +1 -1
  623. data/spec/unit/provider/user/pw_spec.rb +0 -2
  624. data/spec/unit/provider/user/useradd_spec.rb +5 -114
  625. data/spec/unit/provider_spec.rb +12 -22
  626. data/spec/unit/puppet_spec.rb +4 -12
  627. data/spec/unit/resource/catalog_spec.rb +2 -15
  628. data/spec/unit/resource/type_collection_spec.rb +2 -22
  629. data/spec/unit/resource/type_spec.rb +1 -1
  630. data/spec/unit/resource_spec.rb +12 -125
  631. data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
  632. data/spec/unit/settings/integer_setting_spec.rb +42 -0
  633. data/spec/unit/settings/port_setting_spec.rb +31 -0
  634. data/spec/unit/settings/priority_setting_spec.rb +4 -4
  635. data/spec/unit/settings_spec.rb +79 -110
  636. data/spec/unit/ssl/base_spec.rb +37 -3
  637. data/spec/unit/ssl/certificate_request_spec.rb +21 -45
  638. data/spec/unit/ssl/certificate_spec.rb +2 -11
  639. data/spec/unit/ssl/ssl_provider_spec.rb +3 -80
  640. data/spec/unit/ssl/state_machine_spec.rb +5 -21
  641. data/spec/unit/ssl/verifier_spec.rb +0 -21
  642. data/spec/unit/transaction/additional_resource_generator_spec.rb +9 -3
  643. data/spec/unit/transaction/event_manager_spec.rb +11 -14
  644. data/spec/unit/transaction/persistence_spec.rb +0 -51
  645. data/spec/unit/transaction/report_spec.rb +0 -2
  646. data/spec/unit/transaction/resource_harness_spec.rb +2 -2
  647. data/spec/unit/transaction_spec.rb +55 -96
  648. data/spec/unit/type/exec_spec.rb +29 -76
  649. data/spec/unit/type/file/checksum_spec.rb +6 -6
  650. data/spec/unit/type/file/content_spec.rb +2 -1
  651. data/spec/unit/type/file/ensure_spec.rb +1 -1
  652. data/spec/unit/type/file/mode_spec.rb +1 -1
  653. data/spec/unit/type/file/selinux_spec.rb +5 -3
  654. data/spec/unit/type/file/source_spec.rb +4 -5
  655. data/spec/unit/type/file_spec.rb +18 -6
  656. data/spec/unit/type/group_spec.rb +6 -13
  657. data/spec/unit/type/package_spec.rb +1 -1
  658. data/spec/unit/type/resources_spec.rb +7 -7
  659. data/spec/unit/type/service_spec.rb +189 -87
  660. data/spec/unit/type/tidy_spec.rb +8 -24
  661. data/spec/unit/type_spec.rb +24 -4
  662. data/spec/unit/util/at_fork_spec.rb +2 -2
  663. data/spec/unit/util/autoload_spec.rb +1 -5
  664. data/spec/unit/util/backups_spec.rb +2 -3
  665. data/spec/unit/util/execution_spec.rb +11 -44
  666. data/spec/unit/util/inifile_spec.rb +14 -6
  667. data/spec/unit/util/log_spec.rb +7 -8
  668. data/spec/unit/util/logging_spec.rb +3 -5
  669. data/spec/unit/util/monkey_patches_spec.rb +0 -6
  670. data/spec/unit/util/posix_spec.rb +15 -363
  671. data/spec/unit/util/run_mode_spec.rb +21 -121
  672. data/spec/unit/util/selinux_spec.rb +68 -163
  673. data/spec/unit/util/storage_spec.rb +1 -3
  674. data/spec/unit/util/suidmanager_spec.rb +41 -44
  675. data/spec/unit/util/windows/sid_spec.rb +0 -41
  676. data/spec/unit/util/windows/string_spec.rb +1 -3
  677. data/spec/unit/util/yaml_spec.rb +13 -92
  678. data/spec/unit/util_spec.rb +6 -31
  679. data/tasks/generate_cert_fixtures.rake +7 -17
  680. data/tasks/parallel.rake +3 -3
  681. metadata +138 -239
  682. data/conf/auth.conf +0 -150
  683. data/ext/README.md +0 -13
  684. data/lib/puppet/application/cert.rb +0 -76
  685. data/lib/puppet/application/key.rb +0 -4
  686. data/lib/puppet/application/man.rb +0 -4
  687. data/lib/puppet/application/status.rb +0 -4
  688. data/lib/puppet/face/key.rb +0 -16
  689. data/lib/puppet/face/man.rb +0 -145
  690. data/lib/puppet/face/module/build.rb +0 -14
  691. data/lib/puppet/face/module/generate.rb +0 -14
  692. data/lib/puppet/face/module/search.rb +0 -103
  693. data/lib/puppet/face/status.rb +0 -51
  694. data/lib/puppet/facter_impl.rb +0 -96
  695. data/lib/puppet/ffi/posix/constants.rb +0 -14
  696. data/lib/puppet/ffi/posix/functions.rb +0 -24
  697. data/lib/puppet/ffi/posix.rb +0 -10
  698. data/lib/puppet/file_serving/mount/scripts.rb +0 -24
  699. data/lib/puppet/indirector/certificate/file.rb +0 -9
  700. data/lib/puppet/indirector/certificate/rest.rb +0 -18
  701. data/lib/puppet/indirector/certificate_request/file.rb +0 -9
  702. data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
  703. data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
  704. data/lib/puppet/indirector/file_content/http.rb +0 -22
  705. data/lib/puppet/indirector/key/file.rb +0 -46
  706. data/lib/puppet/indirector/key/memory.rb +0 -7
  707. data/lib/puppet/indirector/ssl_file.rb +0 -162
  708. data/lib/puppet/indirector/status/local.rb +0 -12
  709. data/lib/puppet/indirector/status/rest.rb +0 -27
  710. data/lib/puppet/indirector/status.rb +0 -3
  711. data/lib/puppet/module_tool/applications/searcher.rb +0 -29
  712. data/lib/puppet/network/auth_config_parser.rb +0 -90
  713. data/lib/puppet/network/authstore.rb +0 -283
  714. data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
  715. data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
  716. data/lib/puppet/network/http/base_pool.rb +0 -36
  717. data/lib/puppet/network/http/compression.rb +0 -127
  718. data/lib/puppet/network/http/connection_adapter.rb +0 -184
  719. data/lib/puppet/network/http/nocache_pool.rb +0 -28
  720. data/lib/puppet/network/rest_controller.rb +0 -2
  721. data/lib/puppet/network/rights.rb +0 -210
  722. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
  723. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
  724. data/lib/puppet/parser/environment_compiler.rb +0 -202
  725. data/lib/puppet/pops/types/enumeration.rb +0 -16
  726. data/lib/puppet/resource/capability_finder.rb +0 -154
  727. data/lib/puppet/rest/errors.rb +0 -15
  728. data/lib/puppet/rest/response.rb +0 -35
  729. data/lib/puppet/rest/route.rb +0 -85
  730. data/lib/puppet/rest/routes.rb +0 -135
  731. data/lib/puppet/settings/alias_setting.rb +0 -37
  732. data/lib/puppet/ssl/host.rb +0 -505
  733. data/lib/puppet/ssl/key.rb +0 -61
  734. data/lib/puppet/ssl/validator/default_validator.rb +0 -209
  735. data/lib/puppet/ssl/validator/no_validator.rb +0 -22
  736. data/lib/puppet/ssl/validator.rb +0 -61
  737. data/lib/puppet/ssl/verifier_adapter.rb +0 -58
  738. data/lib/puppet/status.rb +0 -40
  739. data/lib/puppet/util/connection.rb +0 -88
  740. data/lib/puppet/util/fact_dif.rb +0 -81
  741. data/lib/puppet/util/ssl.rb +0 -83
  742. data/lib/puppet/util/windows/api_types.rb +0 -309
  743. data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
  744. data/lib/puppet/vendor/load_pathspec.rb +0 -1
  745. data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
  746. data/lib/puppet/vendor/pathspec/LICENSE +0 -201
  747. data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
  748. data/lib/puppet/vendor/pathspec/README.md +0 -53
  749. data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
  750. data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
  751. data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
  752. data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
  753. data/man/man8/puppet-key.8 +0 -126
  754. data/man/man8/puppet-man.8 +0 -76
  755. data/man/man8/puppet-status.8 +0 -108
  756. data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +0 -92
  757. data/spec/fixtures/integration/application/agent/lib/facter/agent_spec_role.rb +0 -3
  758. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Gemfile +0 -4
  759. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Rakefile +0 -3
  760. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/lib/puppet/functions/l10n.rb +0 -8
  761. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/config.yaml +0 -25
  762. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/ja/puppet-l10n.po +0 -19
  763. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/puppet-l10n.pot +0 -20
  764. data/spec/fixtures/integration/l10n/envs/prod/modules/demo/metadata.json +0 -8
  765. data/spec/fixtures/ssl/oid-key.pem +0 -117
  766. data/spec/fixtures/ssl/oid.pem +0 -69
  767. data/spec/fixtures/ssl/trusted_oid_mapping.yaml +0 -5
  768. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +0 -9
  769. data/spec/integration/application/resource_spec.rb +0 -68
  770. data/spec/integration/application/ssl_spec.rb +0 -20
  771. data/spec/integration/l10n/compiler_spec.rb +0 -37
  772. data/spec/integration/network/authconfig_spec.rb +0 -256
  773. data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
  774. data/spec/shared_contexts/l10n.rb +0 -32
  775. data/spec/unit/application/man_spec.rb +0 -52
  776. data/spec/unit/capability_spec.rb +0 -414
  777. data/spec/unit/concurrent/thread_local_singleton_spec.rb +0 -39
  778. data/spec/unit/face/key_spec.rb +0 -9
  779. data/spec/unit/face/module/search_spec.rb +0 -231
  780. data/spec/unit/face/status_spec.rb +0 -9
  781. data/spec/unit/facter_impl_spec.rb +0 -31
  782. data/spec/unit/file_serving/mount/scripts_spec.rb +0 -69
  783. data/spec/unit/indirector/certificate/file_spec.rb +0 -14
  784. data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
  785. data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
  786. data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
  787. data/spec/unit/indirector/key/file_spec.rb +0 -78
  788. data/spec/unit/indirector/ssl_file_spec.rb +0 -305
  789. data/spec/unit/indirector/status/local_spec.rb +0 -10
  790. data/spec/unit/indirector/status/rest_spec.rb +0 -50
  791. data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
  792. data/spec/unit/network/auth_config_parser_spec.rb +0 -115
  793. data/spec/unit/network/authstore_spec.rb +0 -407
  794. data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
  795. data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
  796. data/spec/unit/network/http/compression_spec.rb +0 -240
  797. data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
  798. data/spec/unit/network/http_spec.rb +0 -9
  799. data/spec/unit/network/rights_spec.rb +0 -439
  800. data/spec/unit/parser/environment_compiler_spec.rb +0 -730
  801. data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +0 -20
  802. data/spec/unit/pops/types/enumeration_spec.rb +0 -51
  803. data/spec/unit/resource/capability_finder_spec.rb +0 -148
  804. data/spec/unit/rest/route_spec.rb +0 -132
  805. data/spec/unit/ssl/host_spec.rb +0 -645
  806. data/spec/unit/ssl/key_spec.rb +0 -173
  807. data/spec/unit/ssl/validator_spec.rb +0 -278
  808. data/spec/unit/status_spec.rb +0 -45
  809. data/spec/unit/util/json_spec.rb +0 -126
  810. data/spec/unit/util/ssl_spec.rb +0 -91
  811. data/spec/unit/util/windows_spec.rb +0 -23
@@ -1,209 +0,0 @@
1
- require 'puppet/ssl/openssl_loader'
2
- require 'puppet/ssl'
3
-
4
- # Perform peer certificate verification against the known CA.
5
- # If there is no CA information known, then no verification is performed
6
- #
7
- # @deprecated
8
- # @api private
9
- #
10
- class Puppet::SSL::Validator::DefaultValidator #< class Puppet::SSL::Validator
11
- attr_reader :peer_certs
12
- attr_reader :verify_errors
13
- attr_reader :last_error
14
-
15
- FIVE_MINUTES_AS_SECONDS = 5 * 60
16
-
17
- # Creates a new DefaultValidator, optionally with an SSL Configuration and SSL Host.
18
- #
19
- # @param ca_path [String] Filepath for the cacert
20
- #
21
- # @api private
22
- #
23
- def initialize(
24
- ca_path = Puppet[:ssl_client_ca_auth] || Puppet[:localcacert])
25
-
26
- reset!
27
- @ca_path = ca_path
28
- end
29
-
30
-
31
- # Resets this validator to its initial validation state. The ssl configuration is not changed.
32
- #
33
- # @api private
34
- #
35
- def reset!
36
- @peer_certs = []
37
- @verify_errors = []
38
- @hostname = nil
39
- @last_error = nil
40
- end
41
-
42
- # Performs verification of the SSL connection and collection of the
43
- # certificates for use in constructing the error message if the verification
44
- # failed. This callback will be executed once for each certificate in a
45
- # chain being verified.
46
- #
47
- # From the [OpenSSL
48
- # documentation](https://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html):
49
- # The `verify_callback` function is used to control the behaviour when the
50
- # SSL_VERIFY_PEER flag is set. It must be supplied by the application and
51
- # receives two arguments: preverify_ok indicates, whether the verification of
52
- # the certificate in question was passed (preverify_ok=1) or not
53
- # (preverify_ok=0). x509_store_ctx is a pointer to the complete context used for
54
- # the certificate chain verification.
55
- #
56
- # See {Puppet::Network::HTTP::Connection} for more information and where this
57
- # class is intended to be used.
58
- #
59
- # @param [Boolean] preverify_ok indicates whether the verification of the
60
- # certificate in question was passed (preverify_ok=true)
61
- # @param [OpenSSL::X509::StoreContext] store_context holds the X509 store context
62
- # for the chain being verified.
63
- #
64
- # @return [Boolean] false if the peer is invalid, true otherwise.
65
- #
66
- # @api private
67
- #
68
- def call(preverify_ok, store_context)
69
- current_cert = store_context.current_cert
70
- @peer_certs << current_cert
71
-
72
- # We must make a copy since the scope of the store_context will be lost
73
- # across invocations of this method.
74
- if preverify_ok
75
- # If we've copied all of the certs in the chain out of the SSL library
76
- if @peer_certs.length == store_context.chain.length
77
- # (#20027) The peer cert must be issued by a specific authority
78
- preverify_ok = valid_peer?
79
- end
80
- else
81
- error = store_context.error || 0
82
- error_string = store_context.error_string || "OpenSSL error #{error}"
83
-
84
- case error
85
- when OpenSSL::X509::V_OK
86
- if @hostname
87
- # chain is from leaf to root, opposite of the order that `call` is invoked
88
- chain_cert = store_context.chain.first
89
-
90
- # ruby 2.4 doesn't compare certs based on value, so force to DER byte array
91
- if current_cert && chain_cert && current_cert.to_der == chain_cert.to_der && !OpenSSL::SSL.verify_certificate_identity(current_cert, @hostname)
92
- @last_error = Puppet::SSL::CertMismatchError.new(current_cert, @hostname)
93
- return false
94
- else
95
- @verify_errors << "#{error_string} for #{current_cert.subject.to_utf8}"
96
- end
97
- else
98
- @verify_errors << "#{error_string} for #{current_cert.subject.to_utf8}"
99
- end
100
-
101
- when OpenSSL::X509::V_ERR_CRL_NOT_YET_VALID
102
- # current_crl can be nil
103
- # https://github.com/ruby/ruby/blob/ruby_1_9_3/ext/openssl/ossl_x509store.c#L501-L510
104
- crl = store_context.current_crl
105
- if crl
106
- if crl.last_update && crl.last_update < Time.now + FIVE_MINUTES_AS_SECONDS
107
- Puppet.debug { "Ignoring CRL not yet valid, current time #{Time.now.utc}, CRL last updated #{crl.last_update.utc}" }
108
- preverify_ok = true
109
- else
110
- @verify_errors << "#{error_string} for #{crl.issuer.to_utf8}"
111
- end
112
- else
113
- @verify_errors << error_string
114
- end
115
- else
116
- @verify_errors << "#{error_string} for #{current_cert.subject.to_utf8}"
117
- end
118
- end
119
- preverify_ok
120
- rescue => ex
121
- @verify_errors << ex.message
122
- false
123
- end
124
-
125
- # Registers the instance's call method with the connection.
126
- #
127
- # @param [Net::HTTP] connection The connection to validate
128
- #
129
- # @param [Puppet::SSL::Host] host The host object containing SSL data
130
- # @return [void]
131
- #
132
- # @api private
133
- #
134
- def setup_connection(connection, ssl_host = Puppet.lookup(:ssl_host))
135
- @hostname = connection.address
136
-
137
- if ssl_certificates_are_present?
138
- connection.cert_store = ssl_host.ssl_store
139
- connection.ca_file = @ca_path
140
- connection.cert = ssl_host.certificate.content
141
- connection.key = ssl_host.key.content
142
- connection.verify_mode = OpenSSL::SSL::VERIFY_PEER
143
- connection.verify_callback = self
144
- else
145
- connection.verify_mode = OpenSSL::SSL::VERIFY_NONE
146
- end
147
- end
148
-
149
- ##
150
- # Decode a string of concatenated certificates
151
- #
152
- # @return [Array<OpenSSL::X509::Certificate>]
153
- def decode_cert_bundle(bundle_str)
154
- re = /-----BEGIN CERTIFICATE-----.*?-----END CERTIFICATE-----/m
155
- pem_ary = bundle_str.scan(re)
156
- pem_ary.map do |pem_str|
157
- OpenSSL::X509::Certificate.new(pem_str)
158
- end
159
- end
160
-
161
- # read_file makes testing easier.
162
- def read_file(path)
163
- # https://www.ietf.org/rfc/rfc2459.txt defines the x509 V3 certificate format
164
- # CA bundles are concatenated X509 certificates, but may also include
165
- # comments, which could have UTF-8 characters
166
- Puppet::FileSystem.read(path, :encoding => Encoding::UTF_8)
167
- end
168
-
169
- # Validates the peer certificates against the authorized certificates.
170
- #
171
- # @api private
172
- #
173
- def valid_peer?
174
- descending_cert_chain = @peer_certs.reverse
175
- authz_ca_certs = decode_cert_bundle(read_file(@ca_path))
176
-
177
- if not has_authz_peer_cert(descending_cert_chain, authz_ca_certs)
178
- msg = "The server presented a SSL certificate chain which does not include a " <<
179
- "CA listed in the ssl_client_ca_auth file. "
180
- msg << "Authorized Issuers: #{authz_ca_certs.collect {|c| c.subject.to_utf8}.join(', ')} " <<
181
- "Peer Chain: #{descending_cert_chain.collect {|c| c.subject.to_utf8}.join(' => ')}"
182
- @verify_errors << msg
183
- false
184
- else
185
- true
186
- end
187
- end
188
-
189
- # Checks if the set of peer_certs contains at least one certificate issued
190
- # by a certificate listed in authz_certs
191
- #
192
- # @return [Boolean]
193
- #
194
- # @api private
195
- #
196
- def has_authz_peer_cert(peer_certs, authz_certs)
197
- peer_certs.any? do |peer_cert|
198
- authz_certs.any? do |authz_cert|
199
- peer_cert.verify(authz_cert.public_key)
200
- end
201
- end
202
- end
203
-
204
- # @api private
205
- #
206
- def ssl_certificates_are_present?
207
- Puppet::FileSystem.exist?(Puppet[:hostcert]) && Puppet::FileSystem.exist?(@ca_path)
208
- end
209
- end
@@ -1,22 +0,0 @@
1
- require 'puppet/ssl/openssl_loader'
2
- require 'puppet/ssl'
3
-
4
- # Performs no SSL verification
5
- #
6
- # @deprecated
7
- # @api private
8
- #
9
- class Puppet::SSL::Validator::NoValidator < Puppet::SSL::Validator
10
-
11
- def setup_connection(connection)
12
- connection.verify_mode = OpenSSL::SSL::VERIFY_NONE
13
- end
14
-
15
- def peer_certs
16
- []
17
- end
18
-
19
- def verify_errors
20
- []
21
- end
22
- end
@@ -1,61 +0,0 @@
1
- require 'puppet/ssl/openssl_loader'
2
-
3
- # API for certificate verification
4
- #
5
- # @deprecated
6
- # @api public
7
- class Puppet::SSL::Validator
8
-
9
- # Factory method for creating an instance of a null/no validator.
10
- # This method does not have to be implemented by concrete implementations of this API.
11
- #
12
- # @return [Puppet::SSL::Validator] produces a validator that performs no validation
13
- #
14
- # @api public
15
- #
16
- def self.no_validator()
17
- @@no_validator_cache ||= Puppet::SSL::Validator::NoValidator.new()
18
- end
19
-
20
- # Factory method for creating an instance of the default Puppet validator.
21
- # This method does not have to be implemented by concrete implementations of this API.
22
- #
23
- # @return [Puppet::SSL::Validator] produces a validator that performs no validation
24
- #
25
- # @api public
26
- #
27
- def self.default_validator()
28
- Puppet::SSL::Validator::DefaultValidator.new()
29
- end
30
-
31
- # Array of peer certificates
32
- # @return [Array<Puppet::SSL::Certificate>] peer certificates
33
- #
34
- # @api public
35
- #
36
- def peer_certs
37
- raise NotImplementedError, "Concrete class should have implemented this method"
38
- end
39
-
40
- # Contains the result of validation
41
- # @return [Array<String>, nil] nil, empty Array, or Array with messages
42
- #
43
- # @api public
44
- #
45
- def verify_errors
46
- raise NotImplementedError, "Concrete class should have implemented this method"
47
- end
48
-
49
- # Registers the connection to validate.
50
- #
51
- # @param [Net::HTTP] connection The connection to validate
52
- #
53
- # @return [void]
54
- #
55
- # @api public
56
- #
57
- def setup_connection(connection)
58
- raise NotImplementedError, "Concrete class should have implemented this method"
59
- end
60
- end
61
-
@@ -1,58 +0,0 @@
1
- # Allows a `Puppet::SSL::Validator` to be used in situations where a
2
- # `Verifier` is required, while preserving the legacy validator behavior of:
3
- #
4
- # * Loading CA certs from `ssl_client_ca_auth` or `localcacert`
5
- # * Verifying each cert in the peer's chain is contained in the file
6
- # loaded above.
7
- #
8
- class Puppet::SSL::VerifierAdapter
9
- attr_reader :validator, :ssl_context
10
-
11
- def initialize(validator)
12
- @validator = validator
13
-
14
- if validator.is_a?(Puppet::SSL::Validator::NoValidator)
15
- ssl = Puppet::SSL::SSLProvider.new
16
- @ssl_context = ssl.create_insecure_context
17
- else
18
- # nil means use the default SSLContext
19
- @ssl_context = nil
20
- end
21
- end
22
-
23
- # Return true if `self` is reusable with `verifier` meaning they
24
- # are both using the same class of `Puppet::SSL::Validator`. In this
25
- # case we only care the Validator class is the same. We can't require
26
- # the same instances, because a new instance is created each time
27
- # HttpPool.http_instance is called.
28
- #
29
- # @param verifier [Puppet::SSL::Verifier] the verifier to compare against
30
- # @return [Boolean] return true if a cached connection can be used, false otherwise
31
- def reusable?(verifier)
32
- verifier.instance_of?(self.class) &&
33
- verifier.validator.instance_of?(@validator.class)
34
- end
35
-
36
- # Configure the `http` connection based on the current `ssl_context`.
37
- #
38
- # @param http [Net::HTTP] connection
39
- # @api private
40
- def setup_connection(http)
41
- @validator.setup_connection(http)
42
- end
43
-
44
- # Handle an SSL connection error.
45
- #
46
- # @param http [Net::HTTP] connection
47
- # @param error [OpenSSL::SSL::SSLError] connection error
48
- # @return (see Puppet::SSL::Verifier#handle_connection_error)
49
- # @raise [Puppet::SSL::CertVerifyError] SSL connection failed due to a
50
- # verification error with the server's certificate or chain
51
- # @raise [Puppet::Error] server hostname does not match certificate
52
- # @raise [OpenSSL::SSL::SSLError] low-level SSL connection failure
53
- def handle_connection_error(http, error)
54
- raise @validator.last_error if @validator.respond_to?(:last_error) && @validator.last_error
55
-
56
- Puppet::Util::SSL.handle_connection_error(error, @validator, http.address)
57
- end
58
- end
data/lib/puppet/status.rb DELETED
@@ -1,40 +0,0 @@
1
- require 'puppet/indirector'
2
-
3
- class Puppet::Status
4
- extend Puppet::Indirector
5
- indirects :status, :terminus_class => :local
6
-
7
- attr_accessor :status
8
-
9
- def initialize( status = nil )
10
- @status = status || {"is_alive" => true}
11
- end
12
-
13
- def to_data_hash
14
- @status
15
- end
16
-
17
- def self.from_data_hash(data)
18
- if data.include?('status')
19
- self.new(data['status'])
20
- else
21
- self.new(data)
22
- end
23
- end
24
-
25
- def name
26
- "status"
27
- end
28
-
29
- def name=(name)
30
- # NOOP
31
- end
32
-
33
- def version
34
- @status['version']
35
- end
36
-
37
- def version=(version)
38
- @status['version'] = version
39
- end
40
- end
@@ -1,88 +0,0 @@
1
- require 'puppet'
2
- require 'puppet/util/warnings'
3
-
4
- module Puppet::Util
5
- module Connection
6
- extend Puppet::Util::Warnings
7
-
8
- # The logic for server and port is kind of gross. In summary:
9
- # IF an endpoint-specific setting is requested AND that setting has been set by the user
10
- # Use that setting.
11
- # The defaults for these settings are the "normal" server/serverport settings, so
12
- # when they are unset we instead want to "fall back" to the failover-selected
13
- # host/port pair.
14
- # ELSE IF we have a failover-selected host/port
15
- # Use what the failover logic came up with
16
- # ELSE IF the server_list setting is in use
17
- # Use the first entry - failover hasn't happened yet, but that
18
- # setting is still authoritative
19
- # ELSE
20
- # Go for the legacy server/serverport settings, and hope for the best
21
-
22
- # Determines which server to use based on the specified setting, taking into
23
- # account HA fallback from server_list.
24
- # @param [Symbol] setting The preferred server setting to use
25
- # @return [String] the name of the server for use in the request
26
- def self.determine_server(setting)
27
- if setting && setting != :server && Puppet.settings.set_by_config?(setting)
28
- debug_once _("Selected server from the %{setting} setting: %{server}") % {setting: setting, server: Puppet.settings[setting]}
29
- Puppet[setting]
30
- else
31
- server = Puppet.lookup(:server) do
32
- primary_server = Puppet.settings[:server_list][0]
33
- if primary_server
34
- #TRANSLATORS 'server_list' is the name of a setting and should not be translated
35
- debug_once _("Dynamically-bound server lookup failed; using first entry from the `server_list` setting: %{server}") % {server: primary_server[0]}
36
- primary_server[0]
37
- else
38
- setting ||= :server
39
- debug_once _("Dynamically-bound server lookup failed, falling back to %{setting} setting: %{server}") % {setting: setting, server: Puppet.settings[setting]}
40
- Puppet.settings[setting]
41
- end
42
- end
43
- server
44
- end
45
- end
46
-
47
- # Determines which port to use based on the specified setting, taking into
48
- # account HA fallback from server_list.
49
- # For port there's a little bit of an extra snag: setting a specific
50
- # server setting and relying on the default port for that server is
51
- # common, so we also want to check if the assocaited SERVER setting
52
- # has been set by the user. If either of those are set we ignore the
53
- # failover-selected port.
54
- # @param [Symbol] port_setting The preferred port setting to use
55
- # @param [Symbol] server_setting The server setting assoicated with this route.
56
- # @return [Integer] the port to use for use in the request
57
- def self.determine_port(port_setting, server_setting)
58
- if (port_setting && port_setting != :serverport && Puppet.settings.set_by_config?(port_setting)) ||
59
- (server_setting && server_setting != :server && Puppet.settings.set_by_config?(server_setting))
60
- debug_once _("Selected port from the %{setting} setting: %{port}") % {setting: port_setting, port: Puppet.settings[port_setting].to_i}
61
- Puppet.settings[port_setting].to_i
62
- else
63
- port = Puppet.lookup(:serverport) do
64
- primary_server = Puppet.settings[:server_list][0]
65
- if primary_server
66
- # Port might not be set, so we want to fallback in that
67
- # case. We know we don't need to use `setting` here, since
68
- # the default value of every port setting is `serverport`
69
- if primary_server[1]
70
- #TRANSLATORS 'server_list' is the name of a setting and should not be translated
71
- debug_once _("Dynamically-bound port lookup failed; using first entry from the `server_list` setting: %{port}") % {port: primary_server[1]}
72
- primary_server[1]
73
- else
74
- #TRANSLATORS 'serverport' is the name of a setting and should not be translated
75
- debug_once _("Dynamically-bound port lookup failed; falling back to `serverport` setting: %{port}") % {port: Puppet.settings[:serverport]}
76
- Puppet.settings[:serverport]
77
- end
78
- else
79
- port_setting ||= :serverport
80
- debug_once _("Dynamically-bound port lookup failed; falling back to %{setting} setting: %{port}") % {setting: port_setting, port: Puppet.settings[port_setting]}
81
- Puppet.settings[port_setting]
82
- end
83
- end
84
- port.to_i
85
- end
86
- end
87
- end
88
- end
@@ -1,81 +0,0 @@
1
- require 'json'
2
-
3
- class FactDif
4
- def initialize(old_output, new_output, exclude_list, save_structured)
5
- @c_facter = JSON.parse(old_output)
6
- @next_facter = JSON.parse(new_output)
7
- @exclude_list = exclude_list
8
- @save_structured = save_structured
9
- @flat_diff = []
10
- @diff = {}
11
- end
12
-
13
- def difs
14
- search_hash(((@c_facter.to_a - @next_facter.to_a) | (@next_facter.to_a - @c_facter.to_a)).to_h)
15
-
16
- @flat_diff.sort_by { |a| a[0] }.each do |pair|
17
- fact_path = pair[0]
18
- value = pair[1]
19
- compare(fact_path, value, @c_facter)
20
- compare(fact_path, value, @next_facter)
21
- end
22
-
23
- @diff
24
- end
25
-
26
- private
27
-
28
- def search_hash(sh, path = [])
29
- if sh.is_a?(Hash)
30
- sh.each do |k, v|
31
- search_hash(v, path.push(k))
32
- path.pop
33
- end
34
- elsif sh.is_a?(Array)
35
- sh.each_with_index do |v, index|
36
- search_hash(v, path.push(index))
37
- path.pop
38
- end
39
- else
40
- @flat_diff.push([path.dup, sh])
41
- end
42
- end
43
-
44
- def compare(fact_path, given_value, compared_hash)
45
- compared_value = compared_hash.dig(*fact_path)
46
- if different?(compared_value, given_value) && !excluded?(fact_path.join('.'))
47
- fact_path = fact_path.map{|f| f.to_s.include?('.') ? "\"#{f}\"" : f}.join('.') unless @save_structured
48
- if compared_hash == @c_facter
49
- bury(*fact_path, { :new_value => given_value, :old_value => compared_value }, @diff)
50
- else
51
- bury(*fact_path, { :new_value => compared_value, :old_value => given_value }, @diff)
52
- end
53
- end
54
- end
55
-
56
- def bury(*paths, value, hash)
57
- if paths.count > 1
58
- path = paths.shift
59
- hash[path] = Hash.new unless hash.key?(path)
60
- bury(*paths, value, hash[path])
61
- else
62
- hash[*paths] = value
63
- end
64
- end
65
-
66
- def different?(new, old)
67
- if old.is_a?(String) && new.is_a?(String) && (old.include?(',') || new.include?(','))
68
- old_values = old.split(',')
69
- new_values = new.split(',')
70
-
71
- diff = (old_values - new_values) | (new_values - old_values)
72
- return diff.size.positive?
73
- end
74
-
75
- old != new
76
- end
77
-
78
- def excluded?(fact_name)
79
- @exclude_list.any? {|excluded_fact| fact_name =~ /#{excluded_fact}/}
80
- end
81
- end
@@ -1,83 +0,0 @@
1
- require 'puppet/ssl/openssl_loader'
2
-
3
- ##
4
- # SSL is a private module with class methods that help work with x.509
5
- # subjects and errors.
6
- #
7
- # @api private
8
- module Puppet::Util::SSL
9
-
10
- @@dn_parsers = nil
11
- @@no_name = nil
12
-
13
- # Given a DN string, parse it into an OpenSSL certificate subject. This
14
- # method will flexibly handle both OpenSSL and RFC2253 formats, as given by
15
- # nginx and Apache, respectively.
16
- #
17
- # @param [String] dn the x.509 Distinguished Name (DN) string.
18
- #
19
- # @return [OpenSSL::X509::Name] the certificate subject
20
- def self.subject_from_dn(dn)
21
- if is_possibly_valid_dn?(dn)
22
- parsers = @@dn_parsers ||= [
23
- OpenSSL::X509::Name.method(:parse_rfc2253),
24
- OpenSSL::X509::Name.method(:parse_openssl)
25
- ]
26
- parsers.each do |parser|
27
- begin
28
- return parser.call(dn)
29
- rescue OpenSSL::X509::NameError
30
- end
31
- end
32
- end
33
-
34
- @@no_name ||= OpenSSL::X509::Name.new
35
- end
36
-
37
- ##
38
- # cn_from_subject extracts the CN from the given OpenSSL certificate
39
- # subject.
40
- #
41
- # @api private
42
- #
43
- # @param [OpenSSL::X509::Name] subject the subject to extract the CN field from
44
- #
45
- # @return [String, nil] the CN, or nil if not found
46
- def self.cn_from_subject(subject)
47
- if subject.respond_to? :to_a
48
- (subject.to_a.assoc('CN') || [])[1]
49
- end
50
- end
51
-
52
- def self.is_possibly_valid_dn?(dn)
53
- dn =~ /=/
54
- end
55
-
56
- ##
57
- # Extract and format meaningful error messages from OpenSSL::OpenSSLErrors
58
- # and a Validator. Re-raises the error if unknown.
59
- #
60
- # @api private
61
- #
62
- # @param [OpenSSL::OpenSSLError] error An error thrown during creating a
63
- # connection
64
- # @param [Puppet::SSL::DefaultValidator] verifier A Validator who may have
65
- # invalidated the connection
66
- # @param [String] host The DNS name of the other end of the SSL connection
67
- #
68
- # @raises [Puppet::Error, OpenSSL::OpenSSLError]
69
- def self.handle_connection_error(error, verifier, host)
70
- # can be nil
71
- peer_cert = verifier.peer_certs.last
72
-
73
- if error.message.include? "certificate verify failed"
74
- msg = error.message
75
- msg << ": [" + verifier.verify_errors.join('; ') + "]"
76
- raise Puppet::Error, msg, error.backtrace
77
- elsif peer_cert && !OpenSSL::SSL.verify_certificate_identity(peer_cert, host)
78
- raise Puppet::SSL::CertMismatchError.new(peer_cert, host)
79
- else
80
- raise error
81
- end
82
- end
83
- end