puppet 7.4.0-universal-darwin → 7.8.0-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (685) hide show
  1. checksums.yaml +4 -4
  2. data/CONTRIBUTING.md +2 -2
  3. data/Gemfile +2 -1
  4. data/Gemfile.lock +30 -24
  5. data/ext/osx/puppet.plist +2 -0
  6. data/install.rb +11 -11
  7. data/lib/hiera_puppet.rb +1 -1
  8. data/lib/puppet.rb +37 -37
  9. data/lib/puppet/agent.rb +6 -6
  10. data/lib/puppet/agent/disabler.rb +1 -1
  11. data/lib/puppet/agent/locker.rb +2 -2
  12. data/lib/puppet/application.rb +6 -6
  13. data/lib/puppet/application/agent.rb +18 -11
  14. data/lib/puppet/application/apply.rb +6 -5
  15. data/lib/puppet/application/catalog.rb +1 -1
  16. data/lib/puppet/application/config.rb +1 -1
  17. data/lib/puppet/application/describe.rb +1 -1
  18. data/lib/puppet/application/device.rb +8 -7
  19. data/lib/puppet/application/doc.rb +7 -7
  20. data/lib/puppet/application/epp.rb +2 -2
  21. data/lib/puppet/application/face_base.rb +2 -2
  22. data/lib/puppet/application/facts.rb +1 -1
  23. data/lib/puppet/application/filebucket.rb +2 -2
  24. data/lib/puppet/application/generate.rb +1 -1
  25. data/lib/puppet/application/help.rb +1 -1
  26. data/lib/puppet/application/indirection_base.rb +1 -1
  27. data/lib/puppet/application/lookup.rb +6 -6
  28. data/lib/puppet/application/module.rb +1 -1
  29. data/lib/puppet/application/node.rb +1 -1
  30. data/lib/puppet/application/parser.rb +2 -2
  31. data/lib/puppet/application/plugin.rb +1 -1
  32. data/lib/puppet/application/report.rb +1 -1
  33. data/lib/puppet/application/resource.rb +3 -2
  34. data/lib/puppet/application/script.rb +6 -5
  35. data/lib/puppet/application/ssl.rb +13 -2
  36. data/lib/puppet/application_support.rb +4 -4
  37. data/lib/puppet/compilable_resource_type.rb +1 -1
  38. data/lib/puppet/concurrent/lock.rb +1 -1
  39. data/lib/puppet/configurer.rb +4 -4
  40. data/lib/puppet/configurer/downloader.rb +4 -3
  41. data/lib/puppet/configurer/fact_handler.rb +3 -3
  42. data/lib/puppet/configurer/plugin_handler.rb +1 -1
  43. data/lib/puppet/confine.rb +1 -1
  44. data/lib/puppet/confine/boolean.rb +1 -1
  45. data/lib/puppet/confine/exists.rb +1 -1
  46. data/lib/puppet/confine/false.rb +1 -1
  47. data/lib/puppet/confine/feature.rb +1 -1
  48. data/lib/puppet/confine/true.rb +1 -1
  49. data/lib/puppet/confine/variable.rb +1 -1
  50. data/lib/puppet/confine_collection.rb +1 -1
  51. data/lib/puppet/confiner.rb +1 -1
  52. data/lib/puppet/context.rb +2 -2
  53. data/lib/puppet/context/trusted_information.rb +1 -1
  54. data/lib/puppet/daemon.rb +2 -2
  55. data/lib/puppet/data_binding.rb +1 -1
  56. data/lib/puppet/datatypes/error.rb +1 -1
  57. data/lib/puppet/defaults.rb +18 -12
  58. data/lib/puppet/environments.rb +17 -2
  59. data/lib/puppet/etc.rb +1 -1
  60. data/lib/puppet/external/pson/common.rb +1 -1
  61. data/lib/puppet/external/pson/pure.rb +3 -3
  62. data/lib/puppet/face.rb +1 -1
  63. data/lib/puppet/face/catalog.rb +1 -1
  64. data/lib/puppet/face/config.rb +2 -2
  65. data/lib/puppet/face/epp.rb +6 -6
  66. data/lib/puppet/face/facts.rb +2 -2
  67. data/lib/puppet/face/generate.rb +2 -2
  68. data/lib/puppet/face/help.rb +3 -3
  69. data/lib/puppet/face/module.rb +3 -3
  70. data/lib/puppet/face/module/install.rb +2 -2
  71. data/lib/puppet/face/node.rb +1 -1
  72. data/lib/puppet/face/parser.rb +4 -4
  73. data/lib/puppet/face/plugin.rb +2 -2
  74. data/lib/puppet/face/report.rb +1 -1
  75. data/lib/puppet/face/resource.rb +1 -1
  76. data/lib/puppet/feature/base.rb +2 -2
  77. data/lib/puppet/feature/bolt.rb +1 -1
  78. data/lib/puppet/feature/cfpropertylist.rb +1 -1
  79. data/lib/puppet/feature/eventlog.rb +1 -1
  80. data/lib/puppet/feature/hiera_eyaml.rb +1 -1
  81. data/lib/puppet/feature/hocon.rb +1 -1
  82. data/lib/puppet/feature/libuser.rb +2 -2
  83. data/lib/puppet/feature/msgpack.rb +1 -1
  84. data/lib/puppet/feature/pe_license.rb +1 -1
  85. data/lib/puppet/feature/selinux.rb +1 -1
  86. data/lib/puppet/feature/ssh.rb +1 -1
  87. data/lib/puppet/feature/telnet.rb +1 -1
  88. data/lib/puppet/feature/zlib.rb +1 -1
  89. data/lib/puppet/ffi/posix.rb +2 -2
  90. data/lib/puppet/ffi/posix/constants.rb +1 -1
  91. data/lib/puppet/ffi/posix/functions.rb +1 -1
  92. data/lib/puppet/ffi/windows.rb +4 -4
  93. data/lib/puppet/ffi/windows/api_types.rb +3 -3
  94. data/lib/puppet/ffi/windows/constants.rb +1 -1
  95. data/lib/puppet/ffi/windows/functions.rb +1 -1
  96. data/lib/puppet/ffi/windows/structs.rb +1 -1
  97. data/lib/puppet/file_bucket/dipper.rb +4 -4
  98. data/lib/puppet/file_bucket/file.rb +3 -3
  99. data/lib/puppet/file_serving/base.rb +2 -2
  100. data/lib/puppet/file_serving/configuration.rb +10 -10
  101. data/lib/puppet/file_serving/configuration/parser.rb +2 -2
  102. data/lib/puppet/file_serving/content.rb +3 -3
  103. data/lib/puppet/file_serving/fileset.rb +16 -4
  104. data/lib/puppet/file_serving/http_metadata.rb +1 -1
  105. data/lib/puppet/file_serving/metadata.rb +6 -6
  106. data/lib/puppet/file_serving/mount.rb +4 -4
  107. data/lib/puppet/file_serving/mount/file.rb +1 -1
  108. data/lib/puppet/file_serving/mount/locales.rb +1 -1
  109. data/lib/puppet/file_serving/mount/modules.rb +1 -1
  110. data/lib/puppet/file_serving/mount/pluginfacts.rb +1 -1
  111. data/lib/puppet/file_serving/mount/plugins.rb +1 -1
  112. data/lib/puppet/file_serving/mount/tasks.rb +1 -1
  113. data/lib/puppet/file_serving/terminus_helper.rb +2 -2
  114. data/lib/puppet/file_serving/terminus_selector.rb +1 -1
  115. data/lib/puppet/file_system.rb +9 -9
  116. data/lib/puppet/file_system/jruby.rb +1 -1
  117. data/lib/puppet/file_system/memory_file.rb +8 -1
  118. data/lib/puppet/file_system/path_pattern.rb +1 -1
  119. data/lib/puppet/file_system/uniquefile.rb +1 -1
  120. data/lib/puppet/file_system/windows.rb +4 -2
  121. data/lib/puppet/forge.rb +5 -5
  122. data/lib/puppet/forge/cache.rb +1 -1
  123. data/lib/puppet/forge/errors.rb +3 -3
  124. data/lib/puppet/forge/repository.rb +4 -4
  125. data/lib/puppet/functions.rb +1 -1
  126. data/lib/puppet/functions/all.rb +1 -1
  127. data/lib/puppet/functions/camelcase.rb +1 -1
  128. data/lib/puppet/functions/capitalize.rb +2 -2
  129. data/lib/puppet/functions/downcase.rb +2 -2
  130. data/lib/puppet/functions/get.rb +5 -5
  131. data/lib/puppet/functions/group_by.rb +13 -5
  132. data/lib/puppet/functions/lest.rb +1 -1
  133. data/lib/puppet/functions/new.rb +100 -100
  134. data/lib/puppet/functions/partition.rb +12 -4
  135. data/lib/puppet/functions/require.rb +5 -5
  136. data/lib/puppet/functions/sort.rb +3 -3
  137. data/lib/puppet/functions/tree_each.rb +7 -9
  138. data/lib/puppet/functions/type.rb +4 -4
  139. data/lib/puppet/functions/upcase.rb +2 -2
  140. data/lib/puppet/functions/versioncmp.rb +1 -1
  141. data/lib/puppet/generate/models/type/type.rb +1 -1
  142. data/lib/puppet/generate/type.rb +2 -2
  143. data/lib/puppet/gettext/config.rb +3 -3
  144. data/lib/puppet/gettext/module_translations.rb +1 -1
  145. data/lib/puppet/graph.rb +6 -6
  146. data/lib/puppet/graph/simple_graph.rb +2 -2
  147. data/lib/puppet/http.rb +26 -26
  148. data/lib/puppet/http/factory.rb +6 -2
  149. data/lib/puppet/http/proxy.rb +1 -1
  150. data/lib/puppet/http/resolver/server_list.rb +15 -4
  151. data/lib/puppet/http/service/compiler.rb +73 -1
  152. data/lib/puppet/http/service/file_server.rb +3 -2
  153. data/lib/puppet/indirector.rb +5 -5
  154. data/lib/puppet/indirector/catalog/compiler.rb +7 -6
  155. data/lib/puppet/indirector/catalog/json.rb +2 -2
  156. data/lib/puppet/indirector/catalog/msgpack.rb +2 -2
  157. data/lib/puppet/indirector/catalog/rest.rb +2 -2
  158. data/lib/puppet/indirector/catalog/store_configs.rb +2 -2
  159. data/lib/puppet/indirector/catalog/yaml.rb +2 -2
  160. data/lib/puppet/indirector/code.rb +1 -1
  161. data/lib/puppet/indirector/data_binding/hiera.rb +1 -1
  162. data/lib/puppet/indirector/data_binding/none.rb +1 -1
  163. data/lib/puppet/indirector/direct_file_server.rb +2 -2
  164. data/lib/puppet/indirector/envelope.rb +1 -1
  165. data/lib/puppet/indirector/errors.rb +1 -1
  166. data/lib/puppet/indirector/exec.rb +2 -2
  167. data/lib/puppet/indirector/face.rb +1 -1
  168. data/lib/puppet/indirector/facts/facter.rb +2 -2
  169. data/lib/puppet/indirector/facts/json.rb +3 -3
  170. data/lib/puppet/indirector/facts/memory.rb +2 -2
  171. data/lib/puppet/indirector/facts/network_device.rb +2 -2
  172. data/lib/puppet/indirector/facts/rest.rb +2 -2
  173. data/lib/puppet/indirector/facts/store_configs.rb +2 -2
  174. data/lib/puppet/indirector/facts/yaml.rb +3 -3
  175. data/lib/puppet/indirector/file_bucket_file/file.rb +4 -4
  176. data/lib/puppet/indirector/file_bucket_file/rest.rb +2 -2
  177. data/lib/puppet/indirector/file_bucket_file/selector.rb +1 -1
  178. data/lib/puppet/indirector/file_content.rb +1 -1
  179. data/lib/puppet/indirector/file_content/file.rb +3 -3
  180. data/lib/puppet/indirector/file_content/file_server.rb +3 -3
  181. data/lib/puppet/indirector/file_content/rest.rb +3 -3
  182. data/lib/puppet/indirector/file_content/selector.rb +4 -4
  183. data/lib/puppet/indirector/file_metadata.rb +1 -1
  184. data/lib/puppet/indirector/file_metadata/file.rb +3 -3
  185. data/lib/puppet/indirector/file_metadata/file_server.rb +3 -3
  186. data/lib/puppet/indirector/file_metadata/http.rb +3 -3
  187. data/lib/puppet/indirector/file_metadata/rest.rb +4 -3
  188. data/lib/puppet/indirector/file_metadata/selector.rb +4 -4
  189. data/lib/puppet/indirector/file_server.rb +4 -4
  190. data/lib/puppet/indirector/generic_http.rb +1 -1
  191. data/lib/puppet/indirector/hiera.rb +1 -1
  192. data/lib/puppet/indirector/indirection.rb +5 -5
  193. data/lib/puppet/indirector/json.rb +2 -2
  194. data/lib/puppet/indirector/memory.rb +1 -1
  195. data/lib/puppet/indirector/msgpack.rb +2 -2
  196. data/lib/puppet/indirector/node/exec.rb +2 -2
  197. data/lib/puppet/indirector/node/json.rb +2 -2
  198. data/lib/puppet/indirector/node/memory.rb +2 -2
  199. data/lib/puppet/indirector/node/msgpack.rb +2 -2
  200. data/lib/puppet/indirector/node/plain.rb +2 -2
  201. data/lib/puppet/indirector/node/rest.rb +2 -2
  202. data/lib/puppet/indirector/node/store_configs.rb +2 -2
  203. data/lib/puppet/indirector/node/yaml.rb +2 -2
  204. data/lib/puppet/indirector/none.rb +1 -1
  205. data/lib/puppet/indirector/plain.rb +1 -1
  206. data/lib/puppet/indirector/report/json.rb +2 -2
  207. data/lib/puppet/indirector/report/msgpack.rb +2 -2
  208. data/lib/puppet/indirector/report/processor.rb +3 -3
  209. data/lib/puppet/indirector/report/rest.rb +1 -1
  210. data/lib/puppet/indirector/report/yaml.rb +2 -2
  211. data/lib/puppet/indirector/request.rb +3 -3
  212. data/lib/puppet/indirector/resource/ral.rb +1 -1
  213. data/lib/puppet/indirector/resource/store_configs.rb +2 -2
  214. data/lib/puppet/indirector/terminus.rb +5 -5
  215. data/lib/puppet/indirector/yaml.rb +2 -2
  216. data/lib/puppet/info_service.rb +3 -3
  217. data/lib/puppet/info_service/class_information_service.rb +3 -3
  218. data/lib/puppet/info_service/plan_information_service.rb +1 -1
  219. data/lib/puppet/info_service/task_information_service.rb +1 -1
  220. data/lib/puppet/interface.rb +10 -10
  221. data/lib/puppet/interface/documentation.rb +1 -1
  222. data/lib/puppet/loaders.rb +21 -25
  223. data/lib/puppet/metatype/manager.rb +3 -3
  224. data/lib/puppet/module.rb +5 -4
  225. data/lib/puppet/module/plan.rb +1 -1
  226. data/lib/puppet/module/task.rb +1 -1
  227. data/lib/puppet/module_tool.rb +10 -10
  228. data/lib/puppet/module_tool/applications.rb +7 -7
  229. data/lib/puppet/module_tool/applications/application.rb +2 -2
  230. data/lib/puppet/module_tool/applications/checksummer.rb +2 -2
  231. data/lib/puppet/module_tool/applications/installer.rb +7 -7
  232. data/lib/puppet/module_tool/applications/unpacker.rb +2 -2
  233. data/lib/puppet/module_tool/applications/upgrader.rb +5 -5
  234. data/lib/puppet/module_tool/checksums.rb +1 -1
  235. data/lib/puppet/module_tool/contents_description.rb +1 -1
  236. data/lib/puppet/module_tool/dependency.rb +2 -2
  237. data/lib/puppet/module_tool/errors.rb +6 -6
  238. data/lib/puppet/module_tool/install_directory.rb +2 -2
  239. data/lib/puppet/module_tool/installed_modules.rb +2 -2
  240. data/lib/puppet/module_tool/local_tarball.rb +2 -2
  241. data/lib/puppet/module_tool/metadata.rb +3 -3
  242. data/lib/puppet/module_tool/tar.rb +4 -4
  243. data/lib/puppet/network/format.rb +1 -1
  244. data/lib/puppet/network/format_handler.rb +3 -3
  245. data/lib/puppet/network/format_support.rb +1 -1
  246. data/lib/puppet/network/formats.rb +2 -2
  247. data/lib/puppet/network/http.rb +17 -14
  248. data/lib/puppet/network/http/api.rb +11 -7
  249. data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
  250. data/lib/puppet/network/http/api/master.rb +3 -2
  251. data/lib/puppet/network/http/api/master/v3.rb +2 -25
  252. data/lib/puppet/network/http/api/master/v3/environments.rb +2 -33
  253. data/lib/puppet/network/http/api/server.rb +10 -0
  254. data/lib/puppet/network/http/api/server/v3.rb +39 -0
  255. data/lib/puppet/network/http/api/server/v3/environments.rb +48 -0
  256. data/lib/puppet/network/http/connection.rb +1 -1
  257. data/lib/puppet/network/http/error.rb +1 -1
  258. data/lib/puppet/network/http/handler.rb +3 -3
  259. data/lib/puppet/network/http_pool.rb +1 -1
  260. data/lib/puppet/node.rb +3 -3
  261. data/lib/puppet/node/environment.rb +15 -8
  262. data/lib/puppet/node/facts.rb +3 -3
  263. data/lib/puppet/pal/pal_api.rb +10 -10
  264. data/lib/puppet/pal/pal_impl.rb +3 -3
  265. data/lib/puppet/parameter.rb +4 -4
  266. data/lib/puppet/parameter/boolean.rb +1 -1
  267. data/lib/puppet/parameter/package_options.rb +1 -1
  268. data/lib/puppet/parameter/path.rb +1 -1
  269. data/lib/puppet/parameter/value.rb +1 -1
  270. data/lib/puppet/parameter/value_collection.rb +1 -1
  271. data/lib/puppet/parser.rb +10 -10
  272. data/lib/puppet/parser/ast.rb +8 -8
  273. data/lib/puppet/parser/ast/hostclass.rb +1 -1
  274. data/lib/puppet/parser/ast/pops_bridge.rb +2 -2
  275. data/lib/puppet/parser/catalog_compiler.rb +2 -2
  276. data/lib/puppet/parser/compiler.rb +5 -5
  277. data/lib/puppet/parser/e4_parser_adapter.rb +1 -1
  278. data/lib/puppet/parser/functions.rb +4 -4
  279. data/lib/puppet/parser/functions/digest.rb +1 -1
  280. data/lib/puppet/parser/functions/file.rb +1 -1
  281. data/lib/puppet/parser/functions/fqdn_rand.rb +14 -6
  282. data/lib/puppet/parser/functions/versioncmp.rb +1 -1
  283. data/lib/puppet/parser/parser_factory.rb +2 -2
  284. data/lib/puppet/parser/resource.rb +3 -3
  285. data/lib/puppet/parser/scope.rb +3 -3
  286. data/lib/puppet/parser/script_compiler.rb +2 -2
  287. data/lib/puppet/parser/templatewrapper.rb +2 -2
  288. data/lib/puppet/parser/type_loader.rb +1 -1
  289. data/lib/puppet/plugins/configuration.rb +5 -5
  290. data/lib/puppet/pops.rb +57 -57
  291. data/lib/puppet/pops/evaluator/deferred_resolver.rb +1 -1
  292. data/lib/puppet/pops/evaluator/evaluator_impl.rb +7 -7
  293. data/lib/puppet/pops/evaluator/external_syntax_support.rb +1 -1
  294. data/lib/puppet/pops/loader/base_loader.rb +42 -32
  295. data/lib/puppet/pops/loader/dependency_loader.rb +2 -2
  296. data/lib/puppet/pops/loader/loader.rb +15 -5
  297. data/lib/puppet/pops/loader/module_loaders.rb +8 -8
  298. data/lib/puppet/pops/loader/predefined_loader.rb +4 -0
  299. data/lib/puppet/pops/loader/runtime3_type_loader.rb +1 -1
  300. data/lib/puppet/pops/loader/static_loader.rb +4 -0
  301. data/lib/puppet/pops/loader/task_instantiator.rb +1 -1
  302. data/lib/puppet/pops/loaders.rb +4 -4
  303. data/lib/puppet/pops/lookup/invocation.rb +1 -1
  304. data/lib/puppet/pops/model/ast_transformer.rb +1 -1
  305. data/lib/puppet/pops/model/pn_transformer.rb +1 -1
  306. data/lib/puppet/pops/parser/eparser.rb +2 -2
  307. data/lib/puppet/pops/parser/evaluating_parser.rb +1 -1
  308. data/lib/puppet/pops/parser/lexer2.rb +5 -9
  309. data/lib/puppet/pops/parser/lexer_support.rb +1 -1
  310. data/lib/puppet/pops/parser/parser_support.rb +4 -4
  311. data/lib/puppet/pops/puppet_stack.rb +1 -1
  312. data/lib/puppet/pops/serialization/json.rb +1 -1
  313. data/lib/puppet/pops/serialization/json_path.rb +1 -1
  314. data/lib/puppet/pops/time/timespan.rb +1 -1
  315. data/lib/puppet/pops/types/p_sem_ver_type.rb +8 -2
  316. data/lib/puppet/pops/types/p_sensitive_type.rb +10 -0
  317. data/lib/puppet/pops/types/p_type_set_type.rb +1 -1
  318. data/lib/puppet/pops/types/string_converter.rb +1 -1
  319. data/lib/puppet/pops/types/type_calculator.rb +1 -1
  320. data/lib/puppet/pops/types/type_formatter.rb +1 -1
  321. data/lib/puppet/pops/types/type_parser.rb +1 -1
  322. data/lib/puppet/pops/types/types.rb +1 -1
  323. data/lib/puppet/pops/validation/checker4_0.rb +1 -2
  324. data/lib/puppet/property.rb +3 -3
  325. data/lib/puppet/property/boolean.rb +1 -1
  326. data/lib/puppet/property/ensure.rb +1 -1
  327. data/lib/puppet/property/keyvalue.rb +1 -1
  328. data/lib/puppet/property/list.rb +1 -1
  329. data/lib/puppet/property/ordered_list.rb +1 -1
  330. data/lib/puppet/provider.rb +2 -2
  331. data/lib/puppet/provider/confine.rb +2 -2
  332. data/lib/puppet/provider/exec.rb +2 -2
  333. data/lib/puppet/provider/exec/posix.rb +1 -1
  334. data/lib/puppet/provider/exec/windows.rb +1 -1
  335. data/lib/puppet/provider/file/posix.rb +1 -1
  336. data/lib/puppet/provider/file/windows.rb +1 -1
  337. data/lib/puppet/provider/group/aix.rb +1 -1
  338. data/lib/puppet/provider/group/directoryservice.rb +1 -1
  339. data/lib/puppet/provider/group/groupadd.rb +2 -2
  340. data/lib/puppet/provider/group/ldap.rb +1 -1
  341. data/lib/puppet/provider/group/pw.rb +1 -1
  342. data/lib/puppet/provider/group/windows_adsi.rb +1 -1
  343. data/lib/puppet/provider/ldap.rb +2 -2
  344. data/lib/puppet/provider/nameservice.rb +1 -1
  345. data/lib/puppet/provider/nameservice/directoryservice.rb +3 -3
  346. data/lib/puppet/provider/nameservice/objectadd.rb +1 -1
  347. data/lib/puppet/provider/nameservice/pw.rb +1 -1
  348. data/lib/puppet/provider/package.rb +1 -1
  349. data/lib/puppet/provider/package/aix.rb +2 -2
  350. data/lib/puppet/provider/package/appdmg.rb +2 -2
  351. data/lib/puppet/provider/package/apple.rb +1 -1
  352. data/lib/puppet/provider/package/apt.rb +5 -5
  353. data/lib/puppet/provider/package/dnfmodule.rb +2 -2
  354. data/lib/puppet/provider/package/dpkg.rb +1 -1
  355. data/lib/puppet/provider/package/gem.rb +3 -3
  356. data/lib/puppet/provider/package/hpux.rb +1 -1
  357. data/lib/puppet/provider/package/macports.rb +2 -2
  358. data/lib/puppet/provider/package/nim.rb +13 -8
  359. data/lib/puppet/provider/package/openbsd.rb +1 -1
  360. data/lib/puppet/provider/package/opkg.rb +1 -1
  361. data/lib/puppet/provider/package/pacman.rb +1 -1
  362. data/lib/puppet/provider/package/pip.rb +3 -3
  363. data/lib/puppet/provider/package/pkg.rb +2 -2
  364. data/lib/puppet/provider/package/pkgdmg.rb +3 -3
  365. data/lib/puppet/provider/package/pkgin.rb +1 -1
  366. data/lib/puppet/provider/package/pkgng.rb +1 -1
  367. data/lib/puppet/provider/package/portage.rb +1 -1
  368. data/lib/puppet/provider/package/portupgrade.rb +1 -1
  369. data/lib/puppet/provider/package/puppet_gem.rb +12 -1
  370. data/lib/puppet/provider/package/puppetserver_gem.rb +0 -0
  371. data/lib/puppet/provider/package/rpm.rb +2 -2
  372. data/lib/puppet/provider/package/sun.rb +1 -1
  373. data/lib/puppet/provider/package/windows.rb +3 -3
  374. data/lib/puppet/provider/package/windows/exe_package.rb +1 -1
  375. data/lib/puppet/provider/package/windows/msi_package.rb +1 -1
  376. data/lib/puppet/provider/package/windows/package.rb +4 -4
  377. data/lib/puppet/provider/package/yum.rb +6 -6
  378. data/lib/puppet/provider/package/zypper.rb +3 -3
  379. data/lib/puppet/provider/package_targetable.rb +1 -1
  380. data/lib/puppet/provider/parsedfile.rb +3 -3
  381. data/lib/puppet/provider/service/base.rb +6 -4
  382. data/lib/puppet/provider/service/daemontools.rb +0 -1
  383. data/lib/puppet/provider/service/debian.rb +3 -5
  384. data/lib/puppet/provider/service/freebsd.rb +1 -1
  385. data/lib/puppet/provider/service/init.rb +1 -1
  386. data/lib/puppet/provider/service/launchd.rb +9 -3
  387. data/lib/puppet/provider/service/service.rb +28 -3
  388. data/lib/puppet/provider/service/smf.rb +0 -24
  389. data/lib/puppet/provider/service/src.rb +2 -2
  390. data/lib/puppet/provider/service/systemd.rb +18 -8
  391. data/lib/puppet/provider/service/windows.rb +38 -0
  392. data/lib/puppet/provider/user/aix.rb +2 -2
  393. data/lib/puppet/provider/user/directoryservice.rb +26 -13
  394. data/lib/puppet/provider/user/ldap.rb +1 -1
  395. data/lib/puppet/provider/user/openbsd.rb +1 -1
  396. data/lib/puppet/provider/user/pw.rb +1 -1
  397. data/lib/puppet/provider/user/user_role_add.rb +2 -2
  398. data/lib/puppet/provider/user/useradd.rb +12 -5
  399. data/lib/puppet/provider/user/windows_adsi.rb +1 -1
  400. data/lib/puppet/reference/configuration.rb +1 -1
  401. data/lib/puppet/reference/indirection.rb +4 -4
  402. data/lib/puppet/reference/report.rb +1 -1
  403. data/lib/puppet/reports.rb +1 -1
  404. data/lib/puppet/reports/http.rb +2 -2
  405. data/lib/puppet/reports/log.rb +1 -1
  406. data/lib/puppet/reports/store.rb +2 -2
  407. data/lib/puppet/resource.rb +4 -4
  408. data/lib/puppet/resource/catalog.rb +5 -5
  409. data/lib/puppet/resource/status.rb +2 -2
  410. data/lib/puppet/resource/type.rb +4 -4
  411. data/lib/puppet/resource/type_collection.rb +4 -4
  412. data/lib/puppet/runtime.rb +1 -1
  413. data/lib/puppet/scheduler.rb +4 -4
  414. data/lib/puppet/settings.rb +31 -30
  415. data/lib/puppet/settings/autosign_setting.rb +1 -1
  416. data/lib/puppet/settings/base_setting.rb +2 -2
  417. data/lib/puppet/settings/certificate_revocation_setting.rb +1 -1
  418. data/lib/puppet/settings/config_file.rb +1 -1
  419. data/lib/puppet/settings/environment_conf.rb +1 -0
  420. data/lib/puppet/settings/errors.rb +1 -1
  421. data/lib/puppet/settings/priority_setting.rb +3 -3
  422. data/lib/puppet/ssl.rb +11 -11
  423. data/lib/puppet/ssl/base.rb +3 -3
  424. data/lib/puppet/ssl/certificate.rb +1 -1
  425. data/lib/puppet/ssl/certificate_request.rb +2 -2
  426. data/lib/puppet/ssl/certificate_request_attributes.rb +2 -2
  427. data/lib/puppet/ssl/oids.rb +1 -1
  428. data/lib/puppet/ssl/openssl_loader.rb +1 -1
  429. data/lib/puppet/ssl/ssl_context.rb +1 -1
  430. data/lib/puppet/ssl/ssl_provider.rb +1 -1
  431. data/lib/puppet/ssl/state_machine.rb +2 -2
  432. data/lib/puppet/ssl/verifier.rb +5 -1
  433. data/lib/puppet/syntax_checkers/base64.rb +1 -1
  434. data/lib/puppet/syntax_checkers/epp.rb +1 -1
  435. data/lib/puppet/syntax_checkers/json.rb +1 -1
  436. data/lib/puppet/syntax_checkers/pp.rb +1 -1
  437. data/lib/puppet/transaction.rb +11 -11
  438. data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
  439. data/lib/puppet/transaction/event.rb +4 -4
  440. data/lib/puppet/transaction/event_manager.rb +1 -1
  441. data/lib/puppet/transaction/persistence.rb +1 -1
  442. data/lib/puppet/transaction/report.rb +2 -2
  443. data/lib/puppet/transaction/resource_harness.rb +1 -1
  444. data/lib/puppet/type.rb +14 -14
  445. data/lib/puppet/type/component.rb +3 -3
  446. data/lib/puppet/type/file.rb +37 -19
  447. data/lib/puppet/type/file/checksum.rb +1 -1
  448. data/lib/puppet/type/file/checksum_value.rb +2 -2
  449. data/lib/puppet/type/file/content.rb +2 -2
  450. data/lib/puppet/type/file/data_sync.rb +2 -2
  451. data/lib/puppet/type/file/ensure.rb +1 -1
  452. data/lib/puppet/type/file/group.rb +1 -1
  453. data/lib/puppet/type/file/mode.rb +1 -1
  454. data/lib/puppet/type/file/selcontext.rb +2 -2
  455. data/lib/puppet/type/file/source.rb +4 -4
  456. data/lib/puppet/type/filebucket.rb +1 -1
  457. data/lib/puppet/type/group.rb +2 -2
  458. data/lib/puppet/type/package.rb +2 -2
  459. data/lib/puppet/type/resources.rb +2 -2
  460. data/lib/puppet/type/service.rb +18 -38
  461. data/lib/puppet/type/tidy.rb +24 -5
  462. data/lib/puppet/type/user.rb +42 -24
  463. data/lib/puppet/util.rb +43 -34
  464. data/lib/puppet/util/at_fork.rb +3 -3
  465. data/lib/puppet/util/at_fork/solaris.rb +1 -1
  466. data/lib/puppet/util/autoload.rb +4 -4
  467. data/lib/puppet/util/checksums.rb +3 -3
  468. data/lib/puppet/util/colors.rb +1 -1
  469. data/lib/puppet/util/command_line.rb +6 -6
  470. data/lib/puppet/util/command_line/puppet_option_parser.rb +2 -2
  471. data/lib/puppet/util/execution.rb +2 -2
  472. data/lib/puppet/util/feature.rb +2 -2
  473. data/lib/puppet/util/filetype.rb +1 -1
  474. data/lib/puppet/util/http_proxy.rb +1 -1
  475. data/lib/puppet/util/inifile.rb +2 -2
  476. data/lib/puppet/util/instance_loader.rb +3 -3
  477. data/lib/puppet/util/json_lockfile.rb +1 -1
  478. data/lib/puppet/util/ldap/connection.rb +1 -1
  479. data/lib/puppet/util/ldap/generator.rb +1 -1
  480. data/lib/puppet/util/ldap/manager.rb +3 -3
  481. data/lib/puppet/util/limits.rb +1 -1
  482. data/lib/puppet/util/log.rb +6 -6
  483. data/lib/puppet/util/log/destinations.rb +1 -1
  484. data/lib/puppet/util/logging.rb +2 -2
  485. data/lib/puppet/util/metric.rb +2 -2
  486. data/lib/puppet/util/monkey_patches.rb +14 -3
  487. data/lib/puppet/util/network_device/base.rb +3 -3
  488. data/lib/puppet/util/network_device/config.rb +2 -2
  489. data/lib/puppet/util/network_device/transport.rb +1 -1
  490. data/lib/puppet/util/network_device/transport/base.rb +2 -2
  491. data/lib/puppet/util/package/version/range.rb +6 -6
  492. data/lib/puppet/util/package/version/range/eq.rb +1 -1
  493. data/lib/puppet/util/package/version/range/gt.rb +1 -1
  494. data/lib/puppet/util/package/version/range/gt_eq.rb +1 -1
  495. data/lib/puppet/util/package/version/range/lt.rb +1 -1
  496. data/lib/puppet/util/package/version/range/lt_eq.rb +1 -1
  497. data/lib/puppet/util/package/version/range/min_max.rb +1 -1
  498. data/lib/puppet/util/package/version/range/simple.rb +1 -1
  499. data/lib/puppet/util/package/version/rpm.rb +1 -1
  500. data/lib/puppet/util/pidlock.rb +1 -1
  501. data/lib/puppet/util/plist.rb +1 -1
  502. data/lib/puppet/util/posix.rb +1 -1
  503. data/lib/puppet/util/profiler.rb +3 -3
  504. data/lib/puppet/util/profiler/aggregate.rb +2 -2
  505. data/lib/puppet/util/profiler/object_counts.rb +1 -1
  506. data/lib/puppet/util/profiler/wall_clock.rb +1 -1
  507. data/lib/puppet/util/provider_features.rb +2 -2
  508. data/lib/puppet/util/rdoc.rb +2 -2
  509. data/lib/puppet/util/rdoc/generators/puppet_generator.rb +2 -2
  510. data/lib/puppet/util/rdoc/parser.rb +6 -6
  511. data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc2.rb +1 -1
  512. data/lib/puppet/util/reference.rb +1 -1
  513. data/lib/puppet/util/resource_template.rb +2 -2
  514. data/lib/puppet/util/rubygems.rb +1 -1
  515. data/lib/puppet/util/selinux.rb +30 -4
  516. data/lib/puppet/util/skip_tags.rb +1 -1
  517. data/lib/puppet/util/storage.rb +1 -1
  518. data/lib/puppet/util/suidmanager.rb +2 -2
  519. data/lib/puppet/util/symbolic_file_mode.rb +1 -1
  520. data/lib/puppet/util/tag_set.rb +1 -1
  521. data/lib/puppet/util/tagging.rb +1 -1
  522. data/lib/puppet/util/watched_file.rb +1 -1
  523. data/lib/puppet/util/watcher.rb +3 -3
  524. data/lib/puppet/util/windows.rb +20 -20
  525. data/lib/puppet/util/windows/access_control_entry.rb +1 -1
  526. data/lib/puppet/util/windows/adsi.rb +47 -1
  527. data/lib/puppet/util/windows/daemon.rb +1 -1
  528. data/lib/puppet/util/windows/error.rb +2 -2
  529. data/lib/puppet/util/windows/file.rb +1 -1
  530. data/lib/puppet/util/windows/monkey_patches/process.rb +2 -2
  531. data/lib/puppet/util/windows/principal.rb +10 -3
  532. data/lib/puppet/util/windows/process.rb +2 -2
  533. data/lib/puppet/util/windows/registry.rb +1 -1
  534. data/lib/puppet/util/windows/root_certs.rb +2 -2
  535. data/lib/puppet/util/windows/security.rb +1 -1
  536. data/lib/puppet/util/windows/security_descriptor.rb +1 -1
  537. data/lib/puppet/util/windows/service.rb +1 -1
  538. data/lib/puppet/util/windows/sid.rb +5 -3
  539. data/lib/puppet/util/windows/user.rb +1 -1
  540. data/lib/puppet/vendor.rb +1 -1
  541. data/lib/puppet/version.rb +1 -1
  542. data/lib/puppet/x509.rb +4 -4
  543. data/lib/puppet/x509/cert_provider.rb +1 -1
  544. data/lib/puppet/x509/pem_store.rb +1 -1
  545. data/lib/puppet_pal.rb +2 -2
  546. data/locales/puppet.pot +183 -175
  547. data/man/man5/puppet.conf.5 +266 -240
  548. data/man/man8/puppet-agent.8 +1 -1
  549. data/man/man8/puppet-apply.8 +1 -1
  550. data/man/man8/puppet-catalog.8 +1 -1
  551. data/man/man8/puppet-config.8 +1 -1
  552. data/man/man8/puppet-describe.8 +1 -1
  553. data/man/man8/puppet-device.8 +1 -1
  554. data/man/man8/puppet-doc.8 +1 -1
  555. data/man/man8/puppet-epp.8 +1 -1
  556. data/man/man8/puppet-facts.8 +1 -1
  557. data/man/man8/puppet-filebucket.8 +1 -1
  558. data/man/man8/puppet-generate.8 +1 -1
  559. data/man/man8/puppet-help.8 +1 -1
  560. data/man/man8/puppet-lookup.8 +1 -1
  561. data/man/man8/puppet-module.8 +1 -1
  562. data/man/man8/puppet-node.8 +1 -1
  563. data/man/man8/puppet-parser.8 +1 -1
  564. data/man/man8/puppet-plugin.8 +1 -1
  565. data/man/man8/puppet-report.8 +1 -1
  566. data/man/man8/puppet-resource.8 +1 -1
  567. data/man/man8/puppet-script.8 +1 -1
  568. data/man/man8/puppet-ssl.8 +5 -1
  569. data/man/man8/puppet.8 +2 -2
  570. data/spec/fixtures/ssl/127.0.0.1-key.pem +107 -57
  571. data/spec/fixtures/ssl/127.0.0.1.pem +52 -31
  572. data/spec/fixtures/ssl/bad-basic-constraints.pem +57 -35
  573. data/spec/fixtures/ssl/bad-int-basic-constraints.pem +57 -35
  574. data/spec/fixtures/ssl/ca.pem +57 -35
  575. data/spec/fixtures/ssl/crl.pem +28 -18
  576. data/spec/fixtures/ssl/ec-key.pem +11 -11
  577. data/spec/fixtures/ssl/ec.pem +33 -24
  578. data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
  579. data/spec/fixtures/ssl/encrypted-key.pem +108 -58
  580. data/spec/fixtures/ssl/intermediate-agent-crl.pem +28 -19
  581. data/spec/fixtures/ssl/intermediate-agent.pem +57 -36
  582. data/spec/fixtures/ssl/intermediate-crl.pem +31 -21
  583. data/spec/fixtures/ssl/intermediate.pem +57 -36
  584. data/spec/fixtures/ssl/pluto-key.pem +107 -57
  585. data/spec/fixtures/ssl/pluto.pem +52 -30
  586. data/spec/fixtures/ssl/request-key.pem +107 -57
  587. data/spec/fixtures/ssl/request.pem +47 -26
  588. data/spec/fixtures/ssl/revoked-key.pem +107 -57
  589. data/spec/fixtures/ssl/revoked.pem +52 -30
  590. data/spec/fixtures/ssl/signed-key.pem +107 -57
  591. data/spec/fixtures/ssl/signed.pem +52 -30
  592. data/spec/fixtures/ssl/tampered-cert.pem +52 -30
  593. data/spec/fixtures/ssl/tampered-csr.pem +47 -26
  594. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +107 -57
  595. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +50 -29
  596. data/spec/fixtures/ssl/unknown-ca-key.pem +107 -57
  597. data/spec/fixtures/ssl/unknown-ca.pem +55 -33
  598. data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +9 -0
  599. data/spec/integration/application/plugin_spec.rb +1 -1
  600. data/spec/integration/application/resource_spec.rb +30 -0
  601. data/spec/integration/http/client_spec.rb +12 -0
  602. data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
  603. data/spec/integration/parser/collection_spec.rb +10 -0
  604. data/spec/integration/type/file_spec.rb +5 -5
  605. data/spec/integration/util/windows/adsi_spec.rb +18 -0
  606. data/spec/integration/util/windows/principal_spec.rb +21 -0
  607. data/spec/integration/util/windows/registry_spec.rb +6 -0
  608. data/spec/lib/puppet/test_ca.rb +2 -2
  609. data/spec/lib/puppet_spec/files.rb +1 -1
  610. data/spec/shared_contexts/provider.rb +16 -0
  611. data/spec/spec_helper.rb +11 -1
  612. data/spec/unit/application/agent_spec.rb +7 -2
  613. data/spec/unit/application/facts_spec.rb +5 -5
  614. data/spec/unit/application/ssl_spec.rb +23 -0
  615. data/spec/unit/configurer/downloader_spec.rb +6 -0
  616. data/spec/unit/configurer_spec.rb +23 -0
  617. data/spec/unit/environments_spec.rb +164 -88
  618. data/spec/unit/file_bucket/dipper_spec.rb +1 -1
  619. data/spec/unit/file_serving/fileset_spec.rb +60 -0
  620. data/spec/unit/file_system_spec.rb +9 -0
  621. data/spec/unit/functions4_spec.rb +17 -8
  622. data/spec/unit/gettext/config_spec.rb +12 -0
  623. data/spec/unit/http/factory_spec.rb +19 -0
  624. data/spec/unit/http/service/compiler_spec.rb +123 -0
  625. data/spec/unit/indirector/catalog/compiler_spec.rb +14 -10
  626. data/spec/unit/module_spec.rb +1 -1
  627. data/spec/unit/network/http/api/master_spec.rb +38 -0
  628. data/spec/unit/network/http/api/{master → server}/v3/environments_spec.rb +2 -2
  629. data/spec/unit/network/http/api/{master → server}/v3_spec.rb +19 -19
  630. data/spec/unit/network/http/api_spec.rb +11 -11
  631. data/spec/unit/parser/functions/fqdn_rand_spec.rb +15 -1
  632. data/spec/unit/pops/loaders/dependency_loader_spec.rb +1 -1
  633. data/spec/unit/pops/lookup/context_spec.rb +1 -1
  634. data/spec/unit/pops/parser/lexer2_spec.rb +0 -4
  635. data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
  636. data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
  637. data/spec/unit/pops/types/type_parser_spec.rb +2 -1
  638. data/spec/unit/pops/validator/validator_spec.rb +20 -43
  639. data/spec/unit/provider/package/dnfmodule_spec.rb +13 -4
  640. data/spec/unit/provider/package/gem_spec.rb +3 -1
  641. data/spec/unit/provider/package/nim_spec.rb +42 -0
  642. data/spec/unit/provider/package/pip2_spec.rb +3 -1
  643. data/spec/unit/provider/package/pip3_spec.rb +3 -1
  644. data/spec/unit/provider/package/pip_spec.rb +3 -1
  645. data/spec/unit/provider/package/pkg_spec.rb +44 -44
  646. data/spec/unit/provider/package/puppet_gem_spec.rb +31 -1
  647. data/spec/unit/provider/package/puppetserver_gem_spec.rb +2 -0
  648. data/spec/unit/provider/service/base_spec.rb +8 -8
  649. data/spec/unit/provider/service/bsd_spec.rb +0 -4
  650. data/spec/unit/provider/service/daemontools_spec.rb +1 -1
  651. data/spec/unit/provider/service/debian_spec.rb +15 -17
  652. data/spec/unit/provider/service/freebsd_spec.rb +1 -1
  653. data/spec/unit/provider/service/gentoo_spec.rb +19 -14
  654. data/spec/unit/provider/service/init_spec.rb +29 -20
  655. data/spec/unit/provider/service/launchd_spec.rb +10 -12
  656. data/spec/unit/provider/service/openbsd_spec.rb +21 -35
  657. data/spec/unit/provider/service/openrc_spec.rb +15 -14
  658. data/spec/unit/provider/service/openwrt_spec.rb +3 -1
  659. data/spec/unit/provider/service/redhat_spec.rb +20 -19
  660. data/spec/unit/provider/service/smf_spec.rb +6 -5
  661. data/spec/unit/provider/service/src_spec.rb +5 -10
  662. data/spec/unit/provider/service/systemd_spec.rb +80 -29
  663. data/spec/unit/provider/service/upstart_spec.rb +25 -20
  664. data/spec/unit/provider/service/windows_spec.rb +202 -0
  665. data/spec/unit/provider/user/directoryservice_spec.rb +67 -35
  666. data/spec/unit/provider/user/useradd_spec.rb +21 -6
  667. data/spec/unit/resource/catalog_spec.rb +1 -1
  668. data/spec/unit/ssl/state_machine_spec.rb +19 -5
  669. data/spec/unit/transaction/additional_resource_generator_spec.rb +0 -2
  670. data/spec/unit/transaction_spec.rb +18 -20
  671. data/spec/unit/type/file/selinux_spec.rb +3 -3
  672. data/spec/unit/type/service_spec.rb +59 -188
  673. data/spec/unit/type/tidy_spec.rb +17 -7
  674. data/spec/unit/type/user_spec.rb +45 -0
  675. data/spec/unit/util/at_fork_spec.rb +9 -9
  676. data/spec/unit/util/posix_spec.rb +1 -1
  677. data/spec/unit/util/selinux_spec.rb +87 -16
  678. data/spec/unit/util/windows/sid_spec.rb +6 -0
  679. data/tasks/generate_cert_fixtures.rake +2 -2
  680. metadata +17 -16
  681. data/spec/lib/matchers/include.rb +0 -27
  682. data/spec/lib/matchers/include_spec.rb +0 -32
  683. data/spec/unit/pops/parser/parse_application_spec.rb +0 -13
  684. data/spec/unit/pops/parser/parse_capabilities_spec.rb +0 -23
  685. data/spec/unit/pops/parser/parse_site_spec.rb +0 -43
@@ -270,4 +270,206 @@ describe 'Puppet::Type::Service::Provider::Windows',
270
270
  }.to raise_error(Puppet::Error, /Cannot enable #{name}/)
271
271
  end
272
272
  end
273
+
274
+ describe "when managing logon credentials" do
275
+ before do
276
+ allow(Puppet::Util::Windows::ADSI).to receive(:computer_name).and_return(computer_name)
277
+ allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(principal)
278
+ allow(Puppet::Util::Windows::Service).to receive(:set_startup_configuration).and_return(nil)
279
+ end
280
+
281
+ let(:computer_name) { 'myPC' }
282
+
283
+ describe "#logonaccount=" do
284
+ before do
285
+ allow(Puppet::Util::Windows::User).to receive(:password_is?).and_return(true)
286
+ resource[:logonaccount] = user_input
287
+ provider.logonaccount_insync?(user_input)
288
+ end
289
+
290
+ let(:user_input) { principal.account }
291
+ let(:principal) do
292
+ Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, computer_name, :SidTypeUser)
293
+ end
294
+
295
+ context "when given user is 'myUser'" do
296
+ it "should fail when the `Log On As A Service` right is missing from given user" do
297
+ allow(Puppet::Util::Windows::User).to receive(:get_rights).with(principal.domain_account).and_return("")
298
+ expect { provider.logonaccount=(user_input) }.to raise_error(Puppet::Error, /".\\#{principal.account}" is missing the 'Log On As A Service' right./)
299
+ end
300
+
301
+ it "should fail when the `Log On As A Service` right is set to denied for given user" do
302
+ allow(Puppet::Util::Windows::User).to receive(:get_rights).with(principal.domain_account).and_return("SeDenyServiceLogonRight")
303
+ expect { provider.logonaccount=(user_input) }.to raise_error(Puppet::Error, /".\\#{principal.account}" has the 'Log On As A Service' right set to denied./)
304
+ end
305
+
306
+ it "should not fail when given user has the `Log On As A Service` right" do
307
+ allow(Puppet::Util::Windows::User).to receive(:get_rights).with(principal.domain_account).and_return("SeServiceLogonRight")
308
+ expect { provider.logonaccount=(user_input) }.not_to raise_error
309
+ end
310
+
311
+ ['myUser', 'myPC\\myUser', ".\\myUser", "MYPC\\mYuseR"].each do |user_input_variant|
312
+ let(:user_input) { user_input_variant }
313
+
314
+ it "should succesfully munge #{user_input_variant} to '.\\myUser'" do
315
+ allow(Puppet::Util::Windows::User).to receive(:get_rights).with(principal.domain_account).and_return("SeServiceLogonRight")
316
+ expect { provider.logonaccount=(user_input) }.not_to raise_error
317
+ expect(resource[:logonaccount]).to eq(".\\myUser")
318
+ end
319
+ end
320
+ end
321
+
322
+ context "when given user is a system account" do
323
+ before do
324
+ allow(Puppet::Util::Windows::User).to receive(:default_system_account?).and_return(true)
325
+ end
326
+
327
+ let(:user_input) { principal.account }
328
+ let(:principal) do
329
+ Puppet::Util::Windows::SID::Principal.new("LOCAL SERVICE", nil, nil, "NT AUTHORITY", :SidTypeUser)
330
+ end
331
+
332
+ it "should not fail when given user is a default system account even if the `Log On As A Service` right is missing" do
333
+ expect(Puppet::Util::Windows::User).not_to receive(:get_rights)
334
+ expect { provider.logonaccount=(user_input) }.not_to raise_error
335
+ end
336
+
337
+ ['LocalSystem', '.\LocalSystem', 'myPC\LocalSystem', 'lOcALsysTem'].each do |user_input_variant|
338
+ let(:user_input) { user_input_variant }
339
+
340
+ it "should succesfully munge #{user_input_variant} to 'LocalSystem'" do
341
+ expect { provider.logonaccount=(user_input) }.not_to raise_error
342
+ expect(resource[:logonaccount]).to eq('LocalSystem')
343
+ end
344
+ end
345
+ end
346
+
347
+ context "when domain is different from computer name" do
348
+ before do
349
+ allow(Puppet::Util::Windows::User).to receive(:get_rights).and_return("SeServiceLogonRight")
350
+ end
351
+
352
+ context "when given user is from AD" do
353
+ let(:user_input) { 'myRemoteUser' }
354
+ let(:principal) do
355
+ Puppet::Util::Windows::SID::Principal.new("myRemoteUser", nil, nil, "AD", :SidTypeUser)
356
+ end
357
+
358
+ it "should not raise any error" do
359
+ expect { provider.logonaccount=(user_input) }.not_to raise_error
360
+ end
361
+
362
+ it "should succesfully be munged" do
363
+ expect { provider.logonaccount=(user_input) }.not_to raise_error
364
+ expect(resource[:logonaccount]).to eq('AD\myRemoteUser')
365
+ end
366
+ end
367
+
368
+ context "when given user is LocalService" do
369
+ let(:user_input) { 'LocalService' }
370
+ let(:principal) do
371
+ Puppet::Util::Windows::SID::Principal.new("LOCAL SERVICE", nil, nil, "NT AUTHORITY", :SidTypeWellKnownGroup)
372
+ end
373
+
374
+ it "should succesfully munge well known user" do
375
+ expect { provider.logonaccount=(user_input) }.not_to raise_error
376
+ expect(resource[:logonaccount]).to eq('NT AUTHORITY\LOCAL SERVICE')
377
+ end
378
+ end
379
+
380
+ context "when given user is in SID form" do
381
+ let(:user_input) { 'S-1-5-20' }
382
+ let(:principal) do
383
+ Puppet::Util::Windows::SID::Principal.new("NETWORK SERVICE", nil, nil, "NT AUTHORITY", :SidTypeUser)
384
+ end
385
+
386
+ it "should succesfully munge" do
387
+ expect { provider.logonaccount=(user_input) }.not_to raise_error
388
+ expect(resource[:logonaccount]).to eq('NT AUTHORITY\NETWORK SERVICE')
389
+ end
390
+ end
391
+
392
+ context "when given user is actually a group" do
393
+ let(:principal) do
394
+ Puppet::Util::Windows::SID::Principal.new("Administrators", nil, nil, "BUILTIN", :SidTypeAlias)
395
+ end
396
+ let(:user_input) { 'Administrators' }
397
+
398
+ it "should fail when sid type is not user or well known user" do
399
+ expect { provider.logonaccount=(user_input) }.to raise_error(Puppet::Error, /"BUILTIN\\#{user_input}" is not a valid account/)
400
+ end
401
+ end
402
+ end
403
+ end
404
+
405
+ describe "#logonpassword=" do
406
+ before do
407
+ allow(Puppet::Util::Windows::User).to receive(:get_rights).and_return('SeServiceLogonRight')
408
+ resource[:logonaccount] = account
409
+ resource[:logonpassword] = user_input
410
+ provider.logonaccount_insync?(account)
411
+ end
412
+
413
+ let(:account) { 'LocalSystem' }
414
+
415
+ describe "when given logonaccount is a predefined_local_account" do
416
+ let(:user_input) { 'pass' }
417
+ let(:principal) { nil }
418
+
419
+ it "should pass validation when given account is 'LocalSystem'" do
420
+ allow(Puppet::Util::Windows::User).to receive(:localsystem?).with('LocalSystem').and_return(true)
421
+ allow(Puppet::Util::Windows::User).to receive(:default_system_account?).with('LocalSystem').and_return(true)
422
+
423
+ expect(Puppet::Util::Windows::User).not_to receive(:password_is?)
424
+ expect { provider.logonpassword=(user_input) }.not_to raise_error
425
+ end
426
+
427
+ ['LOCAL SERVICE', 'NETWORK SERVICE', 'SYSTEM'].each do |predefined_local_account|
428
+ describe "when given account is #{predefined_local_account}" do
429
+ let(:account) { 'predefined_local_account' }
430
+ let(:principal) do
431
+ Puppet::Util::Windows::SID::Principal.new(account, nil, nil, "NT AUTHORITY", :SidTypeUser)
432
+ end
433
+
434
+ it "should pass validation" do
435
+ allow(Puppet::Util::Windows::User).to receive(:localsystem?).with(principal.account).and_return(false)
436
+ allow(Puppet::Util::Windows::User).to receive(:localsystem?).with(principal.domain_account).and_return(false)
437
+ expect(Puppet::Util::Windows::User).to receive(:default_system_account?).with(principal.domain_account).and_return(true).twice
438
+
439
+ expect(Puppet::Util::Windows::User).not_to receive(:password_is?)
440
+ expect { provider.logonpassword=(user_input) }.not_to raise_error
441
+ end
442
+ end
443
+ end
444
+ end
445
+
446
+ describe "when given logonaccount is not a predefined local account" do
447
+ before do
448
+ allow(Puppet::Util::Windows::User).to receive(:localsystem?).with(".\\#{principal.account}").and_return(false)
449
+ allow(Puppet::Util::Windows::User).to receive(:default_system_account?).with(".\\#{principal.account}").and_return(false)
450
+ end
451
+
452
+ let(:account) { 'myUser' }
453
+ let(:principal) do
454
+ Puppet::Util::Windows::SID::Principal.new(account, nil, nil, computer_name, :SidTypeUser)
455
+ end
456
+
457
+ describe "when password is proven correct" do
458
+ let(:user_input) { 'myPass' }
459
+ it "should pass validation" do
460
+ allow(Puppet::Util::Windows::User).to receive(:password_is?).with('myUser', 'myPass', '.').and_return(true)
461
+ expect { provider.logonpassword=(user_input) }.not_to raise_error
462
+ end
463
+ end
464
+
465
+ describe "when password is not proven correct" do
466
+ let(:user_input) { 'myWrongPass' }
467
+ it "should not pass validation" do
468
+ allow(Puppet::Util::Windows::User).to receive(:password_is?).with('myUser', 'myWrongPass', '.').and_return(false)
469
+ expect { provider.logonpassword=(user_input) }.to raise_error(Puppet::Error, /The given password is invalid for user '.\\myUser'/)
470
+ end
471
+ end
472
+ end
473
+ end
474
+ end
273
475
  end
@@ -925,28 +925,75 @@ end
925
925
  }
926
926
  end
927
927
 
928
- it 'should call set_salted_sha512 on 10.7 when given a salted-SHA512 password hash' do
929
- expect(provider).to receive(:get_users_plist).and_return(sample_users_plist)
930
- expect(provider).to receive(:get_shadow_hash_data).with(sample_users_plist).and_return(sha512_shadowhashdata)
931
- expect(provider.class).to receive(:get_os_version).and_return('10.7')
932
- expect(provider).to receive(:set_salted_sha512).with(sample_users_plist, sha512_shadowhashdata, sha512_password_hash)
933
- provider.write_password_to_users_plist(sha512_password_hash)
928
+ before do
929
+ allow(provider).to receive(:merge_attribute_with_dscl).with('Users', username, 'AuthenticationAuthority', any_args)
934
930
  end
935
931
 
936
- it 'should call set_salted_pbkdf2 on 10.8 when given a PBKDF2 password hash' do
937
- expect(provider).to receive(:get_users_plist).and_return(sample_users_plist)
938
- expect(provider).to receive(:get_shadow_hash_data).with(sample_users_plist).and_return(pbkdf2_shadowhashdata)
939
- expect(provider.class).to receive(:get_os_version).and_return('10.8')
940
- expect(provider).to receive(:set_salted_pbkdf2).with(sample_users_plist, pbkdf2_shadowhashdata, 'entropy', pbkdf2_password_hash)
941
- provider.write_password_to_users_plist(pbkdf2_password_hash)
932
+ describe 'when on macOS 11 (Big Sur) or greater' do
933
+ before do
934
+ allow(provider.class).to receive(:get_os_version).and_return('11.0.0')
935
+ end
936
+
937
+ it 'should add salted_sha512_pbkdf2 AuthenticationAuthority key if missing' do
938
+ expect(provider).to receive(:get_users_plist).and_return(sample_users_plist)
939
+ expect(provider).to receive(:get_shadow_hash_data).with(sample_users_plist).and_return(pbkdf2_shadowhashdata)
940
+ expect(provider).to receive(:set_salted_pbkdf2).with(sample_users_plist, pbkdf2_shadowhashdata, 'entropy', pbkdf2_password_hash)
941
+ expect(provider).to receive(:needs_sha512_pbkdf2_authentication_authority_to_be_added?).and_return(true)
942
+
943
+ expect(Puppet).to receive(:debug).with("Adding 'SALTED-SHA512-PBKDF2' AuthenticationAuthority key for ShadowHash to user 'nonexistent_user'")
944
+ provider.write_password_to_users_plist(pbkdf2_password_hash)
945
+ end
946
+
947
+ it 'should not add salted_sha512_pbkdf2 AuthenticationAuthority key if not missing' do
948
+ expect(provider).to receive(:get_users_plist).and_return(sample_users_plist)
949
+ expect(provider).to receive(:get_shadow_hash_data).with(sample_users_plist).and_return(pbkdf2_shadowhashdata)
950
+ expect(provider).to receive(:set_salted_pbkdf2).with(sample_users_plist, pbkdf2_shadowhashdata, 'entropy', pbkdf2_password_hash)
951
+ expect(provider).to receive(:needs_sha512_pbkdf2_authentication_authority_to_be_added?).and_return(false)
952
+
953
+ expect(Puppet).not_to receive(:debug).with("Adding 'SALTED-SHA512-PBKDF2' AuthenticationAuthority key for ShadowHash to user 'nonexistent_user'")
954
+ provider.write_password_to_users_plist(pbkdf2_password_hash)
955
+ end
942
956
  end
943
957
 
944
- it "should delete the SALTED-SHA512 key in the shadow_hash_data hash if it exists on a 10.8 system and write_password_to_users_plist has been called to set the user's password" do
945
- expect(provider).to receive(:get_users_plist).and_return('users_plist')
946
- expect(provider).to receive(:get_shadow_hash_data).with('users_plist').and_return(sha512_shadowhashdata)
947
- expect(provider.class).to receive(:get_os_version).and_return('10.8')
948
- expect(provider).to receive(:set_salted_pbkdf2).with('users_plist', {}, 'entropy', pbkdf2_password_hash)
949
- provider.write_password_to_users_plist(pbkdf2_password_hash)
958
+ describe 'when on macOS version lower than 11' do
959
+ before do
960
+ allow(provider.class).to receive(:get_os_version)
961
+ allow(provider).to receive(:needs_sha512_pbkdf2_authentication_authority_to_be_added?).and_return(false)
962
+ end
963
+
964
+ it 'should not add salted_sha512_pbkdf2 AuthenticationAuthority' do
965
+ expect(provider).to receive(:get_users_plist).and_return(sample_users_plist)
966
+ expect(provider).to receive(:get_shadow_hash_data).with(sample_users_plist).and_return(pbkdf2_shadowhashdata)
967
+ expect(provider).to receive(:set_salted_pbkdf2).with(sample_users_plist, pbkdf2_shadowhashdata, 'entropy', pbkdf2_password_hash)
968
+ expect(provider).to receive(:needs_sha512_pbkdf2_authentication_authority_to_be_added?).and_return(false)
969
+
970
+ expect(Puppet).not_to receive(:debug).with("Adding 'SALTED-SHA512-PBKDF2' AuthenticationAuthority key for ShadowHash to user 'nonexistent_user'")
971
+ provider.write_password_to_users_plist(pbkdf2_password_hash)
972
+ end
973
+
974
+ it 'should call set_salted_sha512 on 10.7 when given a salted-SHA512 password hash' do
975
+ expect(provider).to receive(:get_users_plist).and_return(sample_users_plist)
976
+ expect(provider).to receive(:get_shadow_hash_data).with(sample_users_plist).and_return(sha512_shadowhashdata)
977
+ expect(provider.class).to receive(:get_os_version).and_return('10.7')
978
+ expect(provider).to receive(:set_salted_sha512).with(sample_users_plist, sha512_shadowhashdata, sha512_password_hash)
979
+ provider.write_password_to_users_plist(sha512_password_hash)
980
+ end
981
+
982
+ it 'should call set_salted_pbkdf2 on 10.8 when given a PBKDF2 password hash' do
983
+ expect(provider).to receive(:get_users_plist).and_return(sample_users_plist)
984
+ expect(provider).to receive(:get_shadow_hash_data).with(sample_users_plist).and_return(pbkdf2_shadowhashdata)
985
+ expect(provider.class).to receive(:get_os_version).and_return('10.8')
986
+ expect(provider).to receive(:set_salted_pbkdf2).with(sample_users_plist, pbkdf2_shadowhashdata, 'entropy', pbkdf2_password_hash)
987
+ provider.write_password_to_users_plist(pbkdf2_password_hash)
988
+ end
989
+
990
+ it "should delete the SALTED-SHA512 key in the shadow_hash_data hash if it exists on a 10.8 system and write_password_to_users_plist has been called to set the user's password" do
991
+ expect(provider).to receive(:get_users_plist).and_return('users_plist')
992
+ expect(provider).to receive(:get_shadow_hash_data).with('users_plist').and_return(sha512_shadowhashdata)
993
+ expect(provider.class).to receive(:get_os_version).and_return('10.8')
994
+ expect(provider).to receive(:set_salted_pbkdf2).with('users_plist', {}, 'entropy', pbkdf2_password_hash)
995
+ provider.write_password_to_users_plist(pbkdf2_password_hash)
996
+ end
950
997
  end
951
998
  end
952
999
 
@@ -974,16 +1021,7 @@ end
974
1021
  describe '#set_shadow_hash_data' do
975
1022
  let(:users_plist) { {'ShadowHashData' => ['string_data'] } }
976
1023
 
977
- it 'should flush the plist data to disk on OS X < 10.15' do
978
- allow(provider.class).to receive(:get_os_version).and_return('10.12')
979
-
980
- expect(provider).to receive(:write_users_plist_to_disk)
981
- provider.set_shadow_hash_data(users_plist, pbkdf2_embedded_plist)
982
- end
983
-
984
- it 'should flush the plist data a temporary file on OS X >= 10.15' do
985
- allow(provider.class).to receive(:get_os_version).and_return('10.15')
986
-
1024
+ it 'should flush the plist data to a temporary file' do
987
1025
  expect(provider).to receive(:write_and_import_shadow_hash_data)
988
1026
  provider.set_shadow_hash_data(users_plist, pbkdf2_embedded_plist)
989
1027
  end
@@ -1033,13 +1071,6 @@ end
1033
1071
  end
1034
1072
  end
1035
1073
 
1036
- describe '#write_users_plist_to_disk' do
1037
- it 'should save the passed plist to disk and convert it to a binary plist' do
1038
- expect(Puppet::Util::Plist).to receive(:write_plist_file).with(user_plist_xml, "#{users_plist_dir}/nonexistent_user.plist", :binary)
1039
- provider.write_users_plist_to_disk(user_plist_xml)
1040
- end
1041
- end
1042
-
1043
1074
  describe '#write_and_import_shadow_hash_data' do
1044
1075
  it 'should save the passed plist to a temporary file and import it' do
1045
1076
  tmpfile = double('tempfile', :path => "/tmp/dsimport_#{username}", :flush => nil)
@@ -1203,6 +1234,7 @@ end
1203
1234
  before :each do
1204
1235
  allow(provider.class).to receive(:get_all_users).and_return(all_users_hash)
1205
1236
  allow(provider.class).to receive(:get_list_of_groups).and_return(group_plist_hash_guid)
1237
+ allow(provider).to receive(:merge_attribute_with_dscl).with('Users', username, 'AuthenticationAuthority', any_args)
1206
1238
  provider.class.prefetch({})
1207
1239
  end
1208
1240
 
@@ -360,14 +360,14 @@ describe Puppet::Type.type(:user).provider(:useradd) do
360
360
  resource[:forcelocal] = true
361
361
  allow(Puppet::FileSystem).to receive(:exist?).with('/etc/passwd').and_return(true)
362
362
  allow(Puppet::FileSystem).to receive(:each_line).with('/etc/passwd').and_yield(content)
363
- expect(provider.gid).to eq('999')
363
+ expect(provider.gid).to eq(999)
364
364
  end
365
365
 
366
366
  it "should fall back to nameservice GID when forcelocal is false" do
367
367
  resource[:forcelocal] = false
368
- allow(provider).to receive(:get).with(:gid).and_return('1234')
368
+ allow(provider).to receive(:get).with(:gid).and_return(1234)
369
369
  expect(provider).not_to receive(:localgid)
370
- expect(provider.gid).to eq('1234')
370
+ expect(provider.gid).to eq(1234)
371
371
  end
372
372
  end
373
373
 
@@ -375,21 +375,36 @@ describe Puppet::Type.type(:user).provider(:useradd) do
375
375
  before { described_class.has_feature :manages_local_users_and_groups }
376
376
 
377
377
  let(:content) do
378
- <<~EOF
378
+ StringIO.new(<<~EOF)
379
379
  group1:x:0:myuser
380
380
  group2:x:999:
381
381
  group3:x:998:myuser
382
382
  EOF
383
383
  end
384
384
 
385
+ let(:content_with_empty_line) do
386
+ StringIO.new(<<~EOF)
387
+ group1:x:0:myuser
388
+ group2:x:999:
389
+ group3:x:998:myuser
390
+
391
+ EOF
392
+ end
393
+
385
394
  it "should return the local groups string when forcelocal is true" do
386
395
  resource[:forcelocal] = true
387
- group1, group2, group3 = content.split
388
396
  allow(Puppet::FileSystem).to receive(:exist?).with('/etc/group').and_return(true)
389
- allow(Puppet::FileSystem).to receive(:each_line).with('/etc/group').and_yield(group1).and_yield(group2).and_yield(group3)
397
+ allow(File).to receive(:open).with(Pathname.new('/etc/group')).and_yield(content)
390
398
  expect(provider.groups).to eq(['group1', 'group3'])
391
399
  end
392
400
 
401
+ it "does not raise when parsing empty lines in /etc/group" do
402
+ resource[:forcelocal] = true
403
+ allow(Puppet::FileSystem).to receive(:exist?).with('/etc/group').and_return(true)
404
+ allow(File).to receive(:open).with(Pathname.new('/etc/group')).and_yield(content_with_empty_line)
405
+ expect { provider.groups }.not_to raise_error
406
+ end
407
+
393
408
  it "should fall back to nameservice groups when forcelocal is false" do
394
409
  resource[:forcelocal] = false
395
410
  allow(Puppet::Util::POSIX).to receive(:groups_of).with('myuser').and_return(['remote groups'])
@@ -205,7 +205,7 @@ describe Puppet::Resource::Catalog, "when compiling" do
205
205
  end
206
206
 
207
207
  it "should set itself as the catalog for each converted resource" do
208
- @catalog.vertices.each { |v| expect(v.catalog.object_id).to equal(@catalog.object_id) }
208
+ @catalog.vertices.each { |v| expect(v.catalog.object_id).to eql(@catalog.object_id) }
209
209
  end
210
210
 
211
211
  # This tests #931.
@@ -31,6 +31,14 @@ describe Puppet::SSL::StateMachine, unless: Puppet::Util::Platform.jruby? do
31
31
  allow(Kernel).to receive(:sleep)
32
32
  end
33
33
 
34
+ def expected_digest(name, content)
35
+ OpenSSL::Digest.new(name).hexdigest(content)
36
+ end
37
+
38
+ def to_fingerprint(digest)
39
+ digest.scan(/../).join(':').upcase
40
+ end
41
+
34
42
  context 'when passing keyword arguments' do
35
43
  it "accepts digest" do
36
44
  expect(described_class.new(digest: 'SHA512').digest).to eq('SHA512')
@@ -395,29 +403,35 @@ describe Puppet::SSL::StateMachine, unless: Puppet::Util::Platform.jruby? do
395
403
 
396
404
  it 'verifies CA cert bundle if a ca_fingerprint is given case-insensitively' do
397
405
  Puppet[:log_level] = :info
398
- machine = described_class.new(digest: 'SHA256', ca_fingerprint: 'caacf69bbbcdad9dbcda92dd2da3608b639d1aea4c314d6cc6823cdb32d8e0f8')
406
+
407
+ digest = expected_digest('SHA256', cacert_pem)
408
+ fingerprint = to_fingerprint(digest)
409
+ machine = described_class.new(digest: 'SHA256', ca_fingerprint: digest.downcase)
399
410
  state = Puppet::SSL::StateMachine::NeedCACerts.new(machine)
400
411
  state.next_state
401
412
 
402
- expect(@logs).to include(an_object_having_attributes(message: "Verified CA bundle with digest (SHA256) CA:AC:F6:9B:BB:CD:AD:9D:BC:DA:92:DD:2D:A3:60:8B:63:9D:1A:EA:4C:31:4D:6C:C6:82:3C:DB:32:D8:E0:F8"))
413
+ expect(@logs).to include(an_object_having_attributes(message: "Verified CA bundle with digest (SHA256) #{fingerprint}"))
403
414
  end
404
415
 
405
416
  it 'verifies CA cert bundle using non-default fingerprint' do
406
417
  Puppet[:log_level] = :info
407
- machine = described_class.new(digest: 'SHA512', ca_fingerprint: '3c9d1482b878913ad95c9631feac5090cb05c6eab9496178d6fd5c14a023da3b1a8650a3cbaac516d9a48caf0b0742e1ed7eebf55105c024c74834a45056a9d9')
418
+
419
+ digest = expected_digest('SHA512', cacert_pem)
420
+ machine = described_class.new(digest: 'SHA512', ca_fingerprint: digest)
408
421
  state = Puppet::SSL::StateMachine::NeedCACerts.new(machine)
409
422
  state.next_state
410
423
 
411
- expect(@logs).to include(an_object_having_attributes(message: "Verified CA bundle with digest (SHA512) 3C:9D:14:82:B8:78:91:3A:D9:5C:96:31:FE:AC:50:90:CB:05:C6:EA:B9:49:61:78:D6:FD:5C:14:A0:23:DA:3B:1A:86:50:A3:CB:AA:C5:16:D9:A4:8C:AF:0B:07:42:E1:ED:7E:EB:F5:51:05:C0:24:C7:48:34:A4:50:56:A9:D9"))
424
+ expect(@logs).to include(an_object_having_attributes(message: "Verified CA bundle with digest (SHA512) #{to_fingerprint(digest)}"))
412
425
  end
413
426
 
414
427
  it 'returns an error if verification fails' do
415
428
  machine = described_class.new(digest: 'SHA256', ca_fingerprint: 'wrong!')
416
429
  state = Puppet::SSL::StateMachine::NeedCACerts.new(machine)
417
430
 
431
+ fingerprint = to_fingerprint(expected_digest('SHA256', cacert_pem))
418
432
  st = state.next_state
419
433
  expect(st).to be_an_instance_of(Puppet::SSL::StateMachine::Error)
420
- expect(st.message).to eq("CA bundle with digest (SHA256) CA:AC:F6:9B:BB:CD:AD:9D:BC:DA:92:DD:2D:A3:60:8B:63:9D:1A:EA:4C:31:4D:6C:C6:82:3C:DB:32:D8:E0:F8 did not match expected digest WR:ON:G!")
434
+ expect(st.message).to eq("CA bundle with digest (SHA256) #{fingerprint} did not match expected digest WR:ON:G!")
421
435
  end
422
436
  end
423
437
  end