RubyGems - puppet - Versions diffs - 6.4.5-x64-mingw32 → 6.5.0-x64-mingw32 - Mend

puppet 6.4.5-x64-mingw32 → 6.5.0-x64-mingw32

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (329) hide show

checksums.yaml +4 -4
data/CODEOWNERS +10 -10
data/Gemfile +6 -6
data/Gemfile.lock +46 -52
data/ext/build_defaults.yaml +0 -1
data/ext/project_data.yaml +3 -3
data/ext/regexp_nodes/regexp_nodes.rb +4 -4
data/ext/solaris/smf/puppet.xml +0 -2
data/ext/windows/eventlog/Rakefile +32 -0
data/ext/windows/eventlog/puppetres.dll +0 -0
data/ext/windows/eventlog/puppetres.mc +18 -0
data/ext/windows/service/daemon.rb +8 -38
data/install.rb +24 -6
data/lib/puppet.rb +3 -1
data/lib/puppet/application.rb +1 -1
data/lib/puppet/application/agent.rb +11 -34
data/lib/puppet/application/apply.rb +6 -6
data/lib/puppet/application/describe.rb +9 -3
data/lib/puppet/application/device.rb +4 -14
data/lib/puppet/application/doc.rb +1 -1
data/lib/puppet/application/lookup.rb +2 -2
data/lib/puppet/application/resource.rb +4 -4
data/lib/puppet/application/script.rb +2 -2
data/lib/puppet/application/ssl.rb +10 -9
data/lib/puppet/configurer.rb +30 -86
data/lib/puppet/configurer/downloader.rb +6 -2
data/lib/puppet/defaults.rb +50 -44
data/lib/puppet/error.rb +14 -9
data/lib/puppet/face/catalog.rb +20 -1
data/lib/puppet/face/config.rb +48 -10
data/lib/puppet/face/facts.rb +1 -1
data/lib/puppet/face/help.rb +1 -1
data/lib/puppet/face/module/list.rb +5 -5
data/lib/puppet/face/module/search.rb +1 -1
data/lib/puppet/face/module/uninstall.rb +1 -1
data/lib/puppet/face/module/upgrade.rb +1 -1
data/lib/puppet/face/parser.rb +48 -9
data/lib/puppet/face/plugin.rb +2 -9
data/lib/puppet/file_serving/http_metadata.rb +1 -1
data/lib/puppet/file_system.rb +12 -2
data/lib/puppet/file_system/file_impl.rb +6 -3
data/lib/puppet/file_system/memory_file.rb +1 -1
data/lib/puppet/file_system/posix.rb +2 -3
data/lib/puppet/forge.rb +3 -3
data/lib/puppet/functions.rb +2 -1
data/lib/puppet/functions/camelcase.rb +2 -2
data/lib/puppet/functions/epp.rb +4 -4
data/lib/puppet/functions/find_file.rb +9 -9
data/lib/puppet/functions/inline_epp.rb +5 -5
data/lib/puppet/functions/regsubst.rb +6 -8
data/lib/puppet/gettext/module_translations.rb +1 -1
data/lib/puppet/graph/rb_tree_map.rb +2 -2
data/lib/puppet/graph/simple_graph.rb +3 -4
data/lib/puppet/indirector/catalog/compiler.rb +5 -11
data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
data/lib/puppet/indirector/hiera.rb +0 -2
data/lib/puppet/indirector/resource/ral.rb +3 -1
data/lib/puppet/indirector/resource/validator.rb +1 -1
data/lib/puppet/interface.rb +1 -2
data/lib/puppet/loaders.rb +1 -0
data/lib/puppet/metatype/manager.rb +1 -1
data/lib/puppet/module.rb +1 -1
data/lib/puppet/module/task.rb +4 -20
data/lib/puppet/module_tool/applications/installer.rb +1 -1
data/lib/puppet/module_tool/applications/uninstaller.rb +3 -3
data/lib/puppet/module_tool/metadata.rb +1 -1
data/lib/puppet/module_tool/shared_behaviors.rb +4 -4
data/lib/puppet/module_tool/tar/mini.rb +2 -12
data/lib/puppet/network/http/api/indirected_routes.rb +11 -12
data/lib/puppet/network/http/connection.rb +12 -10
data/lib/puppet/network/http/factory.rb +11 -1
data/lib/puppet/network/http/pool.rb +0 -2
data/lib/puppet/network/http/site.rb +1 -1
data/lib/puppet/network/resolver.rb +2 -2
data/lib/puppet/node/environment.rb +2 -4
data/lib/puppet/pal/pal_impl.rb +2 -2
data/lib/puppet/parser/ast.rb +1 -1
data/lib/puppet/parser/ast/resourceparam.rb +1 -1
data/lib/puppet/parser/functions.rb +1 -1
data/lib/puppet/parser/functions/epp.rb +3 -3
data/lib/puppet/parser/functions/fail.rb +8 -1
data/lib/puppet/parser/functions/inline_epp.rb +5 -5
data/lib/puppet/parser/scope.rb +7 -8
data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +1 -1
data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +1 -1
data/lib/puppet/pops/evaluator/external_syntax_support.rb +2 -3
data/lib/puppet/pops/evaluator/runtime3_support.rb +4 -4
data/lib/puppet/pops/loader/null_loader.rb +60 -0
data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -4
data/lib/puppet/pops/loader/task_instantiator.rb +0 -4
data/lib/puppet/pops/loaders.rb +1 -1
data/lib/puppet/pops/lookup/hiera_config.rb +0 -1
data/lib/puppet/pops/lookup/sub_lookup.rb +1 -1
data/lib/puppet/pops/merge_strategy.rb +18 -22
data/lib/puppet/pops/parser/heredoc_support.rb +1 -1
data/lib/puppet/pops/parser/interpolation_support.rb +4 -4
data/lib/puppet/pops/parser/locator.rb +1 -1
data/lib/puppet/pops/parser/pn_parser.rb +16 -17
data/lib/puppet/pops/puppet_stack.rb +49 -51
data/lib/puppet/pops/types/p_sensitive_type.rb +1 -1
data/lib/puppet/pops/types/string_converter.rb +10 -10
data/lib/puppet/pops/types/types.rb +6 -5
data/lib/puppet/property.rb +1 -1
data/lib/puppet/property/ensure.rb +1 -1
data/lib/puppet/provider/exec.rb +2 -6
data/lib/puppet/provider/file/posix.rb +0 -5
data/lib/puppet/provider/nameservice.rb +3 -10
data/lib/puppet/provider/nameservice/directoryservice.rb +1 -1
data/lib/puppet/provider/nameservice/pw.rb +2 -2
data/lib/puppet/provider/package.rb +0 -2
data/lib/puppet/provider/package/apt.rb +1 -5
data/lib/puppet/provider/package/dnf.rb +1 -1
data/lib/puppet/provider/package/dpkg.rb +18 -34
data/lib/puppet/provider/package/openbsd.rb +1 -1
data/lib/puppet/provider/package/pip.rb +13 -37
data/lib/puppet/provider/package/portage.rb +4 -4
data/lib/puppet/provider/package/puppet_gem.rb +1 -1
data/lib/puppet/provider/package/rpm.rb +18 -56
data/lib/puppet/provider/package/windows/package.rb +1 -1
data/lib/puppet/provider/package/yum.rb +5 -9
data/lib/puppet/provider/package_targetable.rb +4 -7
data/lib/puppet/provider/parsedfile.rb +1 -1
data/lib/puppet/provider/service/daemontools.rb +9 -9
data/lib/puppet/provider/service/launchd.rb +5 -20
data/lib/puppet/provider/service/openbsd.rb +1 -1
data/lib/puppet/provider/service/rcng.rb +2 -2
data/lib/puppet/provider/service/runit.rb +8 -2
data/lib/puppet/provider/service/systemd.rb +19 -14
data/lib/puppet/provider/service/windows.rb +0 -8
data/lib/puppet/provider/user/directoryservice.rb +1 -1
data/lib/puppet/provider/user/hpux.rb +1 -1
data/lib/puppet/provider/user/pw.rb +3 -12
data/lib/puppet/provider/user/user_role_add.rb +1 -5
data/lib/puppet/provider/user/useradd.rb +20 -45
data/lib/puppet/provider/user/windows_adsi.rb +5 -4
data/lib/puppet/reference/configuration.rb +3 -3
data/lib/puppet/reference/indirection.rb +2 -2
data/lib/puppet/reference/metaparameter.rb +3 -1
data/lib/puppet/reference/providers.rb +3 -1
data/lib/puppet/reference/type.rb +9 -3
data/lib/puppet/reports.rb +1 -1
data/lib/puppet/resource.rb +1 -18
data/lib/puppet/resource/catalog.rb +1 -1
data/lib/puppet/rest/routes.rb +30 -17
data/lib/puppet/settings.rb +3 -43
data/lib/puppet/settings/environment_conf.rb +0 -1
data/lib/puppet/ssl/certificate_request.rb +12 -2
data/lib/puppet/ssl/host.rb +2 -2
data/lib/puppet/ssl/oids.rb +1 -1
data/lib/puppet/ssl/ssl_provider.rb +11 -5
data/lib/puppet/ssl/state_machine.rb +102 -98
data/lib/puppet/test/test_helper.rb +1 -0
data/lib/puppet/transaction.rb +11 -33
data/lib/puppet/transaction/report.rb +1 -1
data/lib/puppet/type.rb +4 -2
data/lib/puppet/type/exec.rb +17 -23
data/lib/puppet/type/file.rb +39 -11
data/lib/puppet/type/file/data_sync.rb +1 -5
data/lib/puppet/type/group.rb +2 -4
data/lib/puppet/type/notify.rb +3 -4
data/lib/puppet/type/package.rb +3 -20
data/lib/puppet/type/schedule.rb +1 -1
data/lib/puppet/type/service.rb +3 -8
data/lib/puppet/type/user.rb +2 -4
data/lib/puppet/util.rb +29 -39
data/lib/puppet/util/command_line/trollop.rb +1 -1
data/lib/puppet/util/execution.rb +3 -4
data/lib/puppet/util/http_proxy.rb +19 -27
data/lib/puppet/util/log.rb +2 -2
data/lib/puppet/util/log/destinations.rb +2 -2
data/lib/puppet/util/logging.rb +20 -32
data/lib/puppet/util/metric.rb +2 -2
data/lib/puppet/util/monkey_patches.rb +33 -0
data/lib/puppet/util/pidlock.rb +2 -3
data/lib/puppet/util/provider_features.rb +4 -2
data/lib/puppet/util/rdoc.rb +1 -1
data/lib/puppet/util/reference.rb +1 -1
data/lib/puppet/util/resource_template.rb +1 -1
data/lib/puppet/util/selinux.rb +2 -8
data/lib/puppet/util/skip_tags.rb +4 -0
data/lib/puppet/util/windows/adsi.rb +18 -48
data/lib/puppet/util/windows/process.rb +8 -8
data/lib/puppet/util/windows/registry.rb +5 -7
data/lib/puppet/util/windows/security.rb +0 -2
data/lib/puppet/util/windows/service.rb +4 -149
data/lib/puppet/util/windows/sid.rb +0 -1
data/lib/puppet/vendor.rb +1 -1
data/lib/puppet/version.rb +1 -1
data/lib/puppet/x509/cert_provider.rb +81 -24
data/locales/puppet.pot +462 -482
data/man/man5/puppet.conf.5 +43 -44
data/man/man8/puppet-agent.8 +1 -1
data/man/man8/puppet-apply.8 +3 -3
data/man/man8/puppet-catalog.8 +31 -3
data/man/man8/puppet-config.8 +1 -1
data/man/man8/puppet-describe.8 +1 -1
data/man/man8/puppet-device.8 +1 -1
data/man/man8/puppet-doc.8 +1 -1
data/man/man8/puppet-epp.8 +1 -1
data/man/man8/puppet-facts.8 +1 -1
data/man/man8/puppet-filebucket.8 +1 -1
data/man/man8/puppet-generate.8 +1 -1
data/man/man8/puppet-help.8 +1 -1
data/man/man8/puppet-key.8 +1 -1
data/man/man8/puppet-lookup.8 +1 -1
data/man/man8/puppet-man.8 +1 -1
data/man/man8/puppet-module.8 +1 -1
data/man/man8/puppet-node.8 +1 -1
data/man/man8/puppet-parser.8 +1 -1
data/man/man8/puppet-plugin.8 +1 -1
data/man/man8/puppet-report.8 +1 -1
data/man/man8/puppet-resource.8 +1 -1
data/man/man8/puppet-script.8 +1 -1
data/man/man8/puppet-ssl.8 +1 -1
data/man/man8/puppet-status.8 +1 -1
data/man/man8/puppet.8 +3 -3
data/spec/fixtures/ssl/127.0.0.1-key.pem +56 -56
data/spec/fixtures/ssl/127.0.0.1.pem +27 -27
data/spec/fixtures/ssl/bad-basic-constraints.pem +32 -32
data/spec/fixtures/ssl/bad-int-basic-constraints.pem +30 -30
data/spec/fixtures/ssl/ca.pem +30 -30
data/spec/fixtures/ssl/crl.pem +15 -15
data/spec/fixtures/ssl/ec-key.pem +18 -0
data/spec/fixtures/ssl/ec.pem +40 -0
data/spec/fixtures/ssl/encrypted-ec-key.pem +21 -0
data/spec/fixtures/ssl/encrypted-key.pem +57 -57
data/spec/fixtures/ssl/intermediate-agent-crl.pem +16 -16
data/spec/fixtures/ssl/intermediate-agent.pem +33 -33
data/spec/fixtures/ssl/intermediate-crl.pem +17 -17
data/spec/fixtures/ssl/intermediate.pem +31 -31
data/spec/fixtures/ssl/pluto-key.pem +56 -56
data/spec/fixtures/ssl/pluto.pem +28 -28
data/spec/fixtures/ssl/request-key.pem +56 -56
data/spec/fixtures/ssl/request.pem +24 -24
data/spec/fixtures/ssl/revoked-key.pem +56 -56
data/spec/fixtures/ssl/revoked.pem +25 -25
data/spec/fixtures/ssl/signed-key.pem +56 -56
data/spec/fixtures/ssl/signed.pem +25 -25
data/spec/fixtures/ssl/tampered-cert.pem +27 -27
data/spec/fixtures/ssl/tampered-csr.pem +24 -24
data/spec/fixtures/unit/pops/loaders/loaders/mix_4x_and_3x_functions/usee/lib/puppet/parser/functions/func_with_syntax_error.rb +9 -0
data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_get/should_yield_to_the_block.yml +24 -0
data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_head/should_yield_to_the_block.yml +24 -0
data/spec/fixtures/vcr/cassettes/Puppet_Network_HTTP_Connection/when_handling_requests/_request_post/should_yield_to_the_block.yml +24 -0
data/spec/integration/configurer_spec.rb +0 -52
data/spec/integration/provider/service/init_spec.rb +1 -0
data/spec/integration/provider/service/systemd_spec.rb +5 -8
data/spec/integration/type/file_spec.rb +38 -28
data/spec/integration/util/execution_spec.rb +0 -27
data/spec/lib/puppet/certificate_factory.rb +2 -2
data/spec/lib/puppet/test_ca.rb +17 -4
data/spec/lib/puppet_spec/fixtures.rb +4 -0
data/spec/spec_helper.rb +0 -28
data/spec/unit/application/agent_spec.rb +34 -67
data/spec/unit/application/device_spec.rb +1 -27
data/spec/unit/application/ssl_spec.rb +60 -35
data/spec/unit/configurer_spec.rb +399 -395
data/spec/unit/defaults_spec.rb +4 -4
data/spec/unit/face/facts_spec.rb +0 -9
data/spec/unit/face/parser_spec.rb +69 -22
data/spec/unit/face/plugin_spec.rb +0 -8
data/spec/unit/file_system_spec.rb +30 -1
data/spec/unit/forge/forge_spec.rb +3 -1
data/spec/unit/forge/repository_spec.rb +3 -1
data/spec/unit/indirector/catalog/compiler_spec.rb +5 -62
data/spec/unit/indirector/resource/ral_spec.rb +4 -4
data/spec/unit/module_tool/tar/mini_spec.rb +1 -1
data/spec/unit/network/http/api/indirected_routes_spec.rb +10 -25
data/spec/unit/network/http/connection_spec.rb +145 -119
data/spec/unit/network/http/factory_spec.rb +5 -27
data/spec/unit/parser/scope_spec.rb +0 -10
data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +3 -8
data/spec/unit/pops/loaders/loaders_spec.rb +4 -0
data/spec/unit/pops/loaders/module_loaders_spec.rb +0 -37
data/spec/unit/pops/types/types_spec.rb +27 -0
data/spec/unit/provider/exec_spec.rb +0 -209
data/spec/unit/provider/package/aptrpm_spec.rb +1 -1
data/spec/unit/provider/package/dnf_spec.rb +0 -7
data/spec/unit/provider/package/dpkg_spec.rb +80 -240
data/spec/unit/provider/package/pip_spec.rb +8 -61
data/spec/unit/provider/package/portage_spec.rb +4 -4
data/spec/unit/provider/package/rpm_spec.rb +16 -150
data/spec/unit/provider/package/yum_spec.rb +0 -7
data/spec/unit/provider/service/daemontools_spec.rb +0 -24
data/spec/unit/provider/service/launchd_spec.rb +0 -28
data/spec/unit/provider/service/runit_spec.rb +0 -24
data/spec/unit/provider/service/systemd_spec.rb +25 -39
data/spec/unit/provider/service/windows_spec.rb +0 -20
data/spec/unit/provider/user/hpux_spec.rb +2 -2
data/spec/unit/provider/user/pw_spec.rb +0 -37
data/spec/unit/provider/user/useradd_spec.rb +0 -88
data/spec/unit/resource_spec.rb +1 -26
data/spec/unit/ssl/host_spec.rb +5 -0
data/spec/unit/ssl/ssl_provider_spec.rb +36 -11
data/spec/unit/ssl/state_machine_spec.rb +233 -158
data/spec/unit/transaction_spec.rb +0 -64
data/spec/unit/type/exec_spec.rb +12 -15
data/spec/unit/type/file/content_spec.rb +3 -9
data/spec/unit/type/file/source_spec.rb +4 -4
data/spec/unit/type/file_spec.rb +15 -11
data/spec/unit/type/package_spec.rb +0 -5
data/spec/unit/type/schedule_spec.rb +1 -3
data/spec/unit/type/service_spec.rb +0 -16
data/spec/unit/util/execution_spec.rb +0 -16
data/spec/unit/util/http_proxy_spec.rb +21 -151
data/spec/unit/util/ldap/manager_spec.rb +0 -15
data/spec/unit/util/log/destinations_spec.rb +3 -7
data/spec/unit/util/log_spec.rb +138 -0
data/spec/unit/util/logging_spec.rb +0 -200
data/spec/unit/util/pidlock_spec.rb +0 -26
data/spec/unit/util/skip_tags_spec.rb +14 -0
data/spec/unit/util/windows/adsi_spec.rb +0 -51
data/spec/unit/util/windows/service_spec.rb +0 -9
data/spec/unit/util_spec.rb +10 -0
data/spec/unit/x509/cert_provider_spec.rb +82 -43
data/tasks/generate_cert_fixtures.rake +13 -1
data/tasks/manpages.rake +0 -1
metadata +28 -22
data/ext/cert_inspector +0 -140
data/ext/envpuppet +0 -139
data/ext/envpuppet.bat +0 -14
data/ext/puppet-test +0 -476
data/ext/pure_ruby_dsl/dsl_test.rb +0 -7
data/ext/upload_facts.rb +0 -119
data/lib/puppet/provider/package/dnfmodule.rb +0 -87
data/spec/fixtures/unit/provider/package/dnfmodule/dnf-module-list-installed.txt +0 -11
data/spec/integration/type/notify_spec.rb +0 -46
data/spec/unit/provider/package/dnfmodule_spec.rb +0 -186
data/spec/unit/provider/package_targetable_spec.rb +0 -60

data/lib/puppet/util/command_line/trollop.rb CHANGED

@@ -215,7 +215,7 @@ class Parser
     opts[:type] = opts[:type] || type_from_default || :flag
     ## fill in :long
-    opts[:long] = opts[:long] ? opts[:long].to_s : name.to_s.tr("_", "-")
+    opts[:long] = opts[:long] ? opts[:long].to_s : name.to_s.gsub("_", "-")
     opts[:long] =
       case opts[:long]
       when /^--([^-].*)$/

data/lib/puppet/util/execution.rb CHANGED

@@ -162,16 +162,15 @@ module Puppet::Util::Execution
     options = default_options.merge(options)
-    if command.is_a?(Array)
+    if options[:sensitive]
+      command_str = '[redacted]'
+    elsif command.is_a?(Array)
       command = command.flatten.map(&:to_s)
       command_str = command.join(" ")
     elsif command.is_a?(String)
       command_str = command
     end
-    # do this after processing 'command' array or string
-    command_str = '[redacted]' if options[:sensitive]
     user_log_s = ''
     if options[:uid]
       user_log_s << " uid=#{options[:uid]}"

data/lib/puppet/util/http_proxy.rb CHANGED

@@ -4,15 +4,13 @@ require 'puppet/network/http'
 module Puppet::Util::HttpProxy
   def self.proxy(uri)
-    if http_proxy_host && !no_proxy?(uri)
-      Net::HTTP.new(uri.host, uri.port, self.http_proxy_host, self.http_proxy_port, self.http_proxy_user, self.http_proxy_password)
+    if self.no_proxy?(uri)
+      proxy_class = Net::HTTP::Proxy(nil)
     else
-      http = Net::HTTP.new(uri.host, uri.port, nil, nil, nil, nil)
-      # Net::HTTP defaults the proxy port even though we said not to
-      # use one. Set it to nil so caller is not surprised
-      http.proxy_port = nil if http.respond_to?(:proxy_port=)
-      http
+      proxy_class = Net::HTTP::Proxy(self.http_proxy_host, self.http_proxy_port, self.http_proxy_user, self.http_proxy_password)
     end
+    return proxy_class.new(uri.host, uri.port)
   end
   def self.http_proxy_env
@@ -35,7 +33,7 @@ module Puppet::Util::HttpProxy
   #   .example.com
   # We'll accommodate both here.
   def self.no_proxy?(dest)
-    unless no_proxy = self.no_proxy
+    unless no_proxy_env = ENV["no_proxy"] || ENV["NO_PROXY"]
       return false
     end
@@ -47,10 +45,18 @@ module Puppet::Util::HttpProxy
       end
     end
-    no_proxy.split(/\s*,\s*/).each do |d|
+    no_proxy_env.split(/\s*,\s*/).each do |d|
       host, port = d.split(':')
       host = Regexp.escape(host).gsub('\*', '.*')
+      #If the host of this no_proxy value starts with '.', this entry is
+      #a domain level entry. Don't pin the regex to the beginning of the entry.
+      #If it does not start with a '.' then it is a host specific entry and
+      #should be matched to the destination starting at the beginning.
+      unless host =~ /^\\\./
+        host = "^#{host}"
+      end
       #If this no_proxy entry specifies a port, we want to match it against
       #the destination port.  Otherwise just match hosts.
       if port
@@ -121,20 +127,6 @@ module Puppet::Util::HttpProxy
     return Puppet.settings[:http_proxy_password]
   end
-  def self.no_proxy
-    no_proxy_env = ENV["no_proxy"] || ENV["NO_PROXY"]
-    if no_proxy_env
-      return no_proxy_env
-    end
-    if Puppet.settings[:no_proxy] == 'none'
-      return nil
-    end
-    return Puppet.settings[:no_proxy]
-  end
   # Return a Net::HTTP::Proxy object.
   #
   # This method optionally configures SSL correctly if the URI scheme is
@@ -186,10 +178,10 @@ module Puppet::Util::HttpProxy
       headers = { 'Accept' => '*/*', 'User-Agent' => Puppet[:http_user_agent] }
       if Puppet.features.zlib?
-        headers["Accept-Encoding"] = Puppet::Network::HTTP::Compression::ACCEPT_ENCODING
+        headers.merge!({"Accept-Encoding" => Puppet::Network::HTTP::Compression::ACCEPT_ENCODING})
       end
-      response = proxy.send(:head, current_uri, headers)
+      response = proxy.send(:head, current_uri.path, headers)
       Puppet.debug("HTTP HEAD request to #{current_uri} returned #{response.code} #{response.message}")
       if [301, 302, 307].include?(response.code.to_i)
@@ -200,9 +192,9 @@ module Puppet::Util::HttpProxy
       if method != :head
         if block_given?
-          response = proxy.send("request_#{method}".to_sym, current_uri, headers, &block)
+          response = proxy.send("request_#{method}".to_sym, current_uri.path, headers, &block)
         else
-          response = proxy.send(method, current_uri, headers)
+          response = proxy.send(method, current_uri.path, headers)
         end
         Puppet.debug("HTTP #{method.to_s.upcase} request to #{current_uri} returned #{response.code} #{response.message}")

data/lib/puppet/util/log.rb CHANGED

@@ -175,7 +175,7 @@ class Puppet::Util::Log
     # We only select the last 10 callers in the stack to avoid being spammy
     message = _("Received a Log attribute with invalid encoding:%{log_message}") %
         { log_message: Puppet::Util::CharacterEncoding.convert_to_utf_8(str.dump)}
-    message += '\n' + _("Backtrace:\n%{backtrace}") % { backtrace: caller(1, 10).join("\n") }
+    message += '\n' + _("Backtrace:\n%{backtrace}") % { backtrace: caller[0..10].join("\n") }
     message
   end
   private_class_method :coerce_string
@@ -392,7 +392,7 @@ class Puppet::Util::Log
   end
   def to_report
-    "#{time} #{source} (#{level}): #{self}"
+    "#{time} #{source} (#{level}): #{to_s}"
   end
   def to_s

data/lib/puppet/util/log/destinations.rb CHANGED

@@ -34,7 +34,7 @@ Puppet::Util::Log.newdesttype :syslog do
       end
     else
       msg.to_s.split("\n").each do |line|
-        @syslog.send(msg.level, "(%s) %s" % [msg.source.to_s.delete("%"),
+        @syslog.send(msg.level, "(%s) %s" % [msg.source.to_s.gsub("%", ""),
             line.gsub("%", '%%')
           ]
         )
@@ -78,7 +78,7 @@ Puppet::Util::Log.newdesttype :file do
     # create the log file, if it doesn't already exist
     need_array_start = false
-    file_exists = Puppet::FileSystem.exist?(path)
+    file_exists = File.exists?(path)
     if @json == 1
       need_array_start = true
       if file_exists

data/lib/puppet/util/logging.rb CHANGED

@@ -48,13 +48,12 @@ module Logging
   #    wish to log a message at all; in this case it is likely that you are only calling this method in order
   #    to take advantage of the backtrace logging.
   def log_exception(exception, message = :default, options = {})
+    trace = Puppet[:trace] || options[:trace]
     level = options[:level] || :err
-    combined_trace = Puppet[:trace] || options[:trace]
-    puppet_trace = Puppet[:puppet_trace] || options[:puppet_trace]
     if message == :default && exception.is_a?(Puppet::ParseErrorWithIssue)
       # Retain all detailed info and keep plain message and stacktrace separate
-      backtrace = build_exception_trace(exception, combined_trace, puppet_trace)
+      backtrace = []
+      build_exception_trace(backtrace, exception, trace)
       Puppet::Util::Log.create({
           :level => level,
           :source => log_source,
@@ -68,27 +67,28 @@ module Logging
           :node => exception.node
         }.merge(log_metadata))
     else
-      send_log(level, format_exception(exception, message, combined_trace, puppet_trace))
+      send_log(level, format_exception(exception, message, trace))
     end
   end
-  def build_exception_trace(exception, combined_trace = true, puppet_trace = false)
-    built_trace = format_backtrace(exception, combined_trace, puppet_trace)
+  def build_exception_trace(arr, exception, trace = true)
+    if trace and exception.backtrace
+      exception.backtrace.each do |line|
+        arr << line =~ /^(.+):(\d+.*)$/ ? ("#{Pathname($1).realpath}:#{$2}" rescue line) : line
+      end
+    end
     if exception.respond_to?(:original)
       original =  exception.original
       unless original.nil?
-        built_trace << _('Wrapped exception:')
-        built_trace << original.message
-        built_trace += build_exception_trace(original, combined_trace, puppet_trace)
+        arr << _('Wrapped exception:')
+        arr << original.message
+        build_exception_trace(arr, original, trace)
       end
     end
-    built_trace
   end
   private :build_exception_trace
-  def format_exception(exception, message = :default, combined_trace = true, puppet_trace = false)
+  def format_exception(exception, message = :default, trace = true)
     arr = []
     case message
     when :default
@@ -99,28 +99,16 @@ module Logging
       arr << message
     end
-    arr += format_backtrace(exception, combined_trace, puppet_trace)
+    if trace and exception.backtrace
+      arr << Puppet::Util.pretty_backtrace(exception.backtrace)
+    end
     if exception.respond_to?(:original) and exception.original
       arr << _("Wrapped exception:")
-      arr << format_exception(exception.original, :default, combined_trace, puppet_trace)
+      arr << format_exception(exception.original, :default, trace)
     end
     arr.flatten.join("\n")
   end
-  def format_backtrace(exception, combined_trace, puppet_trace)
-    puppetstack = exception.respond_to?(:puppetstack) ? exception.puppetstack : []
-    if combined_trace and exception.backtrace
-      Puppet::Util.format_backtrace_array(exception.backtrace, puppetstack)
-    elsif puppet_trace && !puppetstack.empty?
-      Puppet::Util.format_backtrace_array(puppetstack)
-    else
-      []
-    end
-  end
   def log_and_raise(exception, message)
     log_exception(exception, message)
     raise exception, message + "\n" + exception.to_s, exception.backtrace
@@ -206,9 +194,9 @@ module Logging
     # let's find the offending line;  we need to jump back up the stack a few steps to find the method that called
     #  the deprecated method
     if Puppet[:trace]
-      caller(3)
+      caller()[2..-1]
     else
-      [caller(3, 1).first]
+      [caller()[2]]
     end
   end

data/lib/puppet/util/metric.rb CHANGED

@@ -54,11 +54,11 @@ class Puppet::Util::Metric
   end
   def values
-    @values.sort_by { |a| a[1] }
+    @values.sort { |a, b| a[1] <=> b[1] }
   end
   # Convert a name into a label.
   def self.labelize(name)
-    name.to_s.capitalize.tr("_", " ")
+    name.to_s.capitalize.gsub("_", " ")
   end
 end

data/lib/puppet/util/monkey_patches.rb CHANGED

@@ -99,6 +99,39 @@ unless OpenSSL::X509::Name.instance_methods.include?(:to_utf8)
   end
 end
+if RUBY_VERSION =~ /^2\.3/
+  module OpenSSL::PKey
+    alias __original_read read
+    def read(*args)
+      __original_read(*args)
+    rescue ArgumentError => e
+      # ruby <= 2.3 raises ArgumentError if it can't decrypt
+      # passphrase protected private keys, fixed in 2.4.0
+      # see https://bugs.ruby-lang.org/issues/11774
+      raise OpenSSL::PKey::PKeyError, e.message
+    end
+    module_function :read
+    module_function :__original_read
+  end
+end
+unless OpenSSL::PKey::EC.instance_methods.include?(:private?)
+  class OpenSSL::PKey::EC
+    # Added in ruby 2.4.0 in https://github.com/ruby/ruby/commit/7c971e61f04
+    alias :private? :private_key?
+  end
+end
+unless OpenSSL::PKey::EC.singleton_methods.include?(:generate)
+  class OpenSSL::PKey::EC
+    # Added in ruby 2.4.0 in https://github.com/ruby/ruby/commit/85500b66342
+    def self.generate(string)
+      ec = OpenSSL::PKey::EC.new(string)
+      ec.generate_key
+    end
+  end
+end
 # The Enumerable#uniq method was added in Ruby 2.4.0 (https://bugs.ruby-lang.org/issues/11090)
 # This is a backport to earlier Ruby versions.
 #

data/lib/puppet/util/pidlock.rb CHANGED

@@ -62,13 +62,12 @@ class Puppet::Util::Pidlock
     # POSIX and Windows platforms (PUP-9247).
     if Puppet.features.posix?
       procname = Puppet::Util::Execution.execute(["ps", "-p", lock_pid, "-o", "comm="]).strip
-      args     = Puppet::Util::Execution.execute(["ps", "-p", lock_pid, "-o", "args="]).strip
-      @lockfile.unlock unless procname =~ /ruby/ && args =~ /puppet/ || procname =~ /puppet(-.*)?$/
+      @lockfile.unlock unless procname =~ /puppet(-.*)?$/
     elsif Puppet.features.microsoft_windows?
       # On Windows, we're checking if the filesystem path name of the running
       # process is our vendored ruby:
       exe_path = Puppet::Util::Windows::Process::get_process_image_name_by_pid(lock_pid)
-      @lockfile.unlock unless exe_path =~ /\\bin\\ruby.exe$/
+      @lockfile.unlock unless exe_path =~ /Puppet\\puppet\\bin\\ruby.exe/
     end
   end
   private :clear_if_stale

data/lib/puppet/util/provider_features.rb CHANGED

@@ -78,7 +78,7 @@ module Puppet::Util::ProviderFeatures
     str = ""
     @features ||= {}
     return nil if @features.empty?
-    names = @features.keys.sort_by(&:to_s)
+    names = @features.keys.sort { |a,b| a.to_s <=> b.to_s }
     names.each do |name|
       doc = @features[name].docs.gsub(/\n\s+/, " ")
       str << "- *#{name}*: #{doc}\n"
@@ -127,7 +127,9 @@ module Puppet::Util::ProviderFeatures
       # Create a method that will list all functional features.
       @feature_module.send(:define_method, :features) do
         return false unless defined?(features)
-        features.keys.find_all { |n| feature?(n) }.sort_by(&:to_s)
+        features.keys.find_all { |n| feature?(n) }.sort { |a,b|
+          a.to_s <=> b.to_s
+        }
       end
       # Create a method that will determine if a provided list of

data/lib/puppet/util/rdoc.rb CHANGED

@@ -31,7 +31,7 @@ module Puppet::Util::RDoc
     # uses relative_path_from that will generate errors when the slashes don't
     # properly match.  This is a workaround for that issue.
     if Puppet::Util::Platform.windows? && RDoc::VERSION !~ /^[0-3]\./
-      options += [ "--root", Dir.pwd.tr('\\', '/')]
+      options += [ "--root", Dir.pwd.gsub(/\\/, '/')]
     end
     options += files

data/lib/puppet/util/reference.rb CHANGED

@@ -58,7 +58,7 @@ class Puppet::Util::Reference
   def self.references(environment)
     instance_loader(:reference).loadall(environment)
-    loaded_instances(:reference).sort_by(&:to_s)
+    loaded_instances(:reference).sort { |a,b| a.to_s <=> b.to_s }
   end
   attr_accessor :page, :depth, :header, :title, :dynamic

data/lib/puppet/util/resource_template.rb CHANGED

@@ -53,7 +53,7 @@ class Puppet::Util::ResourceTemplate
   def set_resource_variables
     @resource.to_hash.each do |param, value|
-      var = "@#{param}"
+      var = "@#{param.to_s}"
       instance_variable_set(var, value)
     end
   end

data/lib/puppet/util/selinux.rb CHANGED

@@ -13,7 +13,7 @@ require 'pathname'
 module Puppet::Util::SELinux
-  def self.selinux_support?
+  def selinux_support?
     return false unless defined?(Selinux)
     if Selinux.is_selinux_enabled == 1
       return true
@@ -21,10 +21,6 @@ module Puppet::Util::SELinux
     false
   end
-  def selinux_support?
-    Puppet::Util::SELinux.selinux_support?
-  end
   # Retrieve and return the full context of the file.  If we don't have
   # SELinux support or if the SELinux call fails then return nil.
   def get_selinux_current_context(file)
@@ -206,9 +202,7 @@ module Puppet::Util::SELinux
         # If possible we use read_nonblock in a loop rather than read to work-
         # a linux kernel bug.  See ticket #1963 for details.
         mountfh = File.open("/proc/mounts")
-        loop do
-          mounts += mountfh.read_nonblock(1024)
-        end
+        mounts += mountfh.read_nonblock(1024) while true
       else
         # Otherwise we shell out and let cat do it for us
         mountfh = IO.popen("/bin/cat /proc/mounts")

data/lib/puppet/util/skip_tags.rb CHANGED

@@ -6,4 +6,8 @@ class Puppet::Util::SkipTags
   def initialize(stags)
     self.tags = stags unless defined?(@tags)
   end
+  def split_qualified_tags?
+    false
+  end
 end

data/lib/puppet/util/windows/adsi.rb CHANGED

@@ -1,23 +1,6 @@
 module Puppet::Util::Windows::ADSI
   require 'ffi'
-  # https://docs.microsoft.com/en-us/windows/win32/api/dsrole/ne-dsrole-dsrole_machine_role
-  STANDALONE_WORKSTATION = 0
-  MEMBER_WORKSTATION = 1
-  STANDALONE_SERVER = 2
-  MEMBER_SERVER = 3
-  BACKUP_DOMAIN_CONTROLLER = 4
-  PRIMARY_DOMAIN_CONTROLLER = 5
-  DOMAIN_ROLES = {
-    STANDALONE_WORKSTATION => :STANDALONE_WORKSTATION,
-    MEMBER_WORKSTATION => :MEMBER_WORKSTATION,
-    STANDALONE_SERVER => :STANDALONE_SERVER,
-    MEMBER_SERVER => :MEMBER_SERVER,
-    BACKUP_DOMAIN_CONTROLLER => :BACKUP_DOMAIN_CONTROLLER,
-    PRIMARY_DOMAIN_CONTROLLER => :PRIMARY_DOMAIN_CONTROLLER,
-  }
   class << self
     extend FFI::Library
@@ -111,14 +94,6 @@ module Puppet::Util::Windows::ADSI
       wmi_connection.execquery(query)
     end
-    def domain_role
-      unless @domain_role
-        query_result = Puppet::Util::Windows::ADSI.execquery('select DomainRole from Win32_ComputerSystem').to_enum.first
-        @domain_role = DOMAIN_ROLES[query_result.DomainRole] if query_result
-      end
-      @domain_role
-    end
     ffi_convention :stdcall
     # https://msdn.microsoft.com/en-us/library/windows/desktop/ms724295(v=vs.85).aspx
@@ -201,12 +176,7 @@ module Puppet::Util::Windows::ADSI
         well_known = false
         if (sid = Puppet::Util::Windows::SID.name_to_principal(name_or_sid))
           # Examples of SidType include SidTypeUser, SidTypeGroup
-          if sid.account_type == "SidType#{@object_class.capitalize}".to_sym
-            # Check if we're getting back a local user when domain-joined
-            return true unless [:MEMBER_WORKSTATION, :MEMBER_SERVER].include?(Puppet::Util::Windows::ADSI.domain_role)
-            # The resource domain and the computer name are not always case-matching
-            return sid.domain.casecmp(Puppet::Util::Windows::ADSI.computer_name) == 0
-          end
+          return true if sid.account_type == "SidType#{@object_class.capitalize}".to_sym
           # 'well known group' is special as it can be a group like Everyone OR a user like SYSTEM
           # so try to resolve it
@@ -416,23 +386,23 @@ module Puppet::Util::Windows::ADSI
       ADS_UF_SCRIPT:                                 0x0001,
       ADS_UF_ACCOUNTDISABLE:                         0x0002,
       ADS_UF_HOMEDIR_REQUIRED:                       0x0008,
-      ADS_UF_LOCKOUT:                                0x0010,
-      ADS_UF_PASSWD_NOTREQD:                         0x0020,
-      ADS_UF_PASSWD_CANT_CHANGE:                     0x0040,
-      ADS_UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED:        0x0080,
-      ADS_UF_TEMP_DUPLICATE_ACCOUNT:                 0x0100,
-      ADS_UF_NORMAL_ACCOUNT:                         0x0200,
-      ADS_UF_INTERDOMAIN_TRUST_ACCOUNT:              0x0800,
-      ADS_UF_WORKSTATION_TRUST_ACCOUNT:              0x1000,
-      ADS_UF_SERVER_TRUST_ACCOUNT:                   0x2000,
-      ADS_UF_DONT_EXPIRE_PASSWD:                     0x10000,
-      ADS_UF_MNS_LOGON_ACCOUNT:                      0x20000,
-      ADS_UF_SMARTCARD_REQUIRED:                     0x40000,
-      ADS_UF_TRUSTED_FOR_DELEGATION:                 0x80000,
-      ADS_UF_NOT_DELEGATED:                          0x100000,
-      ADS_UF_USE_DES_KEY_ONLY:                       0x200000,
-      ADS_UF_DONT_REQUIRE_PREAUTH:                   0x400000,
-      ADS_UF_PASSWORD_EXPIRED:                       0x800000,
+      ADS_UF_LOCKOUT:                                0x0010,
+      ADS_UF_PASSWD_NOTREQD:                         0x0020,
+      ADS_UF_PASSWD_CANT_CHANGE:                     0x0040,
+      ADS_UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED:        0x0080,
+      ADS_UF_TEMP_DUPLICATE_ACCOUNT:                 0x0100,
+      ADS_UF_NORMAL_ACCOUNT:                         0x0200,
+      ADS_UF_INTERDOMAIN_TRUST_ACCOUNT:              0x0800,
+      ADS_UF_WORKSTATION_TRUST_ACCOUNT:              0x1000,
+      ADS_UF_SERVER_TRUST_ACCOUNT:                   0x2000,
+      ADS_UF_DONT_EXPIRE_PASSWD:                     0x10000,
+      ADS_UF_MNS_LOGON_ACCOUNT:                      0x20000,
+      ADS_UF_SMARTCARD_REQUIRED:                     0x40000,
+      ADS_UF_TRUSTED_FOR_DELEGATION:                 0x80000,
+      ADS_UF_NOT_DELEGATED:                          0x100000,
+      ADS_UF_USE_DES_KEY_ONLY:                       0x200000,
+      ADS_UF_DONT_REQUIRE_PREAUTH:                   0x400000,
+      ADS_UF_PASSWORD_EXPIRED:                       0x800000,
       ADS_UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION: 0x1000000
     }