puppet 7.4.1-universal-darwin → 7.5.0-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (73) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +19 -13
  3. data/lib/puppet/application/ssl.rb +11 -0
  4. data/lib/puppet/defaults.rb +8 -0
  5. data/lib/puppet/environments.rb +16 -1
  6. data/lib/puppet/ffi/windows/api_types.rb +1 -1
  7. data/lib/puppet/file_system/memory_file.rb +8 -1
  8. data/lib/puppet/file_system/windows.rb +2 -0
  9. data/lib/puppet/http/factory.rb +4 -0
  10. data/lib/puppet/network/http.rb +5 -2
  11. data/lib/puppet/network/http/api.rb +10 -6
  12. data/lib/puppet/network/http/api/master.rb +3 -2
  13. data/lib/puppet/network/http/api/master/v3.rb +2 -25
  14. data/lib/puppet/network/http/api/master/v3/environments.rb +2 -33
  15. data/lib/puppet/network/http/api/server.rb +10 -0
  16. data/lib/puppet/network/http/api/server/v3.rb +39 -0
  17. data/lib/puppet/network/http/api/server/v3/environments.rb +48 -0
  18. data/lib/puppet/pops/parser/lexer2.rb +0 -4
  19. data/lib/puppet/pops/validation/checker4_0.rb +0 -1
  20. data/lib/puppet/settings/environment_conf.rb +1 -0
  21. data/lib/puppet/util/monkey_patches.rb +7 -0
  22. data/lib/puppet/util/windows/adsi.rb +46 -0
  23. data/lib/puppet/util/windows/principal.rb +9 -2
  24. data/lib/puppet/util/windows/sid.rb +4 -2
  25. data/lib/puppet/version.rb +1 -1
  26. data/man/man5/puppet.conf.5 +10 -2
  27. data/man/man8/puppet-agent.8 +1 -1
  28. data/man/man8/puppet-apply.8 +1 -1
  29. data/man/man8/puppet-catalog.8 +1 -1
  30. data/man/man8/puppet-config.8 +1 -1
  31. data/man/man8/puppet-describe.8 +1 -1
  32. data/man/man8/puppet-device.8 +1 -1
  33. data/man/man8/puppet-doc.8 +1 -1
  34. data/man/man8/puppet-epp.8 +1 -1
  35. data/man/man8/puppet-facts.8 +1 -1
  36. data/man/man8/puppet-filebucket.8 +1 -1
  37. data/man/man8/puppet-generate.8 +1 -1
  38. data/man/man8/puppet-help.8 +1 -1
  39. data/man/man8/puppet-lookup.8 +1 -1
  40. data/man/man8/puppet-module.8 +1 -1
  41. data/man/man8/puppet-node.8 +1 -1
  42. data/man/man8/puppet-parser.8 +1 -1
  43. data/man/man8/puppet-plugin.8 +1 -1
  44. data/man/man8/puppet-report.8 +1 -1
  45. data/man/man8/puppet-resource.8 +1 -1
  46. data/man/man8/puppet-script.8 +1 -1
  47. data/man/man8/puppet-ssl.8 +5 -1
  48. data/man/man8/puppet.8 +2 -2
  49. data/spec/integration/application/plugin_spec.rb +1 -1
  50. data/spec/integration/http/client_spec.rb +12 -0
  51. data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
  52. data/spec/integration/parser/collection_spec.rb +10 -0
  53. data/spec/integration/util/windows/adsi_spec.rb +18 -0
  54. data/spec/integration/util/windows/principal_spec.rb +21 -0
  55. data/spec/integration/util/windows/registry_spec.rb +6 -0
  56. data/spec/unit/application/facts_spec.rb +5 -5
  57. data/spec/unit/application/ssl_spec.rb +23 -0
  58. data/spec/unit/environments_spec.rb +164 -88
  59. data/spec/unit/file_system_spec.rb +9 -0
  60. data/spec/unit/http/factory_spec.rb +19 -0
  61. data/spec/unit/network/http/api/master_spec.rb +38 -0
  62. data/spec/unit/network/http/api/{master → server}/v3/environments_spec.rb +2 -2
  63. data/spec/unit/network/http/api/{master → server}/v3_spec.rb +19 -19
  64. data/spec/unit/network/http/api_spec.rb +11 -11
  65. data/spec/unit/pops/parser/lexer2_spec.rb +0 -4
  66. data/spec/unit/pops/validator/validator_spec.rb +20 -43
  67. data/spec/unit/util/windows/sid_spec.rb +6 -0
  68. metadata +11 -16
  69. data/spec/lib/matchers/include.rb +0 -27
  70. data/spec/lib/matchers/include_spec.rb +0 -32
  71. data/spec/unit/pops/parser/parse_application_spec.rb +0 -13
  72. data/spec/unit/pops/parser/parse_capabilities_spec.rb +0 -23
  73. data/spec/unit/pops/parser/parse_site_spec.rb +0 -43
@@ -134,10 +134,6 @@ class Lexer2
134
134
  'type' => [:TYPE, 'type', 4],
135
135
  'attr' => [:ATTR, 'attr', 4],
136
136
  'private' => [:PRIVATE, 'private', 7],
137
- 'application' => [:APPLICATION, 'application', 11], # reserved
138
- 'consumes' => [:CONSUMES, 'consumes', 8], # reserved
139
- 'produces' => [:PRODUCES, 'produces', 8], # reserved
140
- 'site' => [:SITE, 'site', 4], # reserved
141
137
  }
142
138
 
143
139
  KEYWORDS.each {|k,v| v[1].freeze; v.freeze }
@@ -236,7 +236,6 @@ class Checker4_0 < Evaluator::LiteralEvaluator
236
236
  case p
237
237
  when Model::AbstractResource
238
238
  when Model::CollectExpression
239
- acceptor.accept(Issues::UNSUPPORTED_OPERATOR_IN_CONTEXT, p, :operator=>'* =>')
240
239
  else
241
240
  # protect against just testing a snippet that has no parent, error message will be a bit strange
242
241
  # but it is not for a real program.
@@ -29,6 +29,7 @@ class Puppet::Settings::EnvironmentConf
29
29
  section = config.sections[:main]
30
30
  rescue Errno::ENOENT
31
31
  # environment.conf is an optional file
32
+ Puppet.debug { "Path to #{path_to_env} does not exist, using default environment.conf" }
32
33
  end
33
34
 
34
35
  new(path_to_env, section, global_module_path)
@@ -32,6 +32,13 @@ end
32
32
  # (#19151) Reject all SSLv2 ciphers and handshakes
33
33
  require 'puppet/ssl/openssl_loader'
34
34
  unless Puppet::Util::Platform.jruby_fips?
35
+ unless defined?(OpenSSL::SSL::TLS1_VERSION)
36
+ module OpenSSL::SSL
37
+ # see https://github.com/ruby/ruby/commit/609103dbb5fb182eec12f052226c43e39b907682#diff-09f822c26289f5347111795ca22ed7ed1cfadd6ebd28f987991d1d414eef565aR2755-R2759
38
+ OpenSSL::SSL::TLS1_VERSION = 0x301
39
+ end
40
+ end
41
+
35
42
  class OpenSSL::SSL::SSLContext
36
43
  if DEFAULT_PARAMS[:options]
37
44
  DEFAULT_PARAMS[:options] |= OpenSSL::SSL::OP_NO_SSLv2 | OpenSSL::SSL::OP_NO_SSLv3
@@ -504,6 +504,43 @@ module Puppet::Util::Windows::ADSI
504
504
  user_name
505
505
  end
506
506
 
507
+ # https://docs.microsoft.com/en-us/windows/win32/api/secext/ne-secext-extended_name_format
508
+ NameUnknown = 0
509
+ NameFullyQualifiedDN = 1
510
+ NameSamCompatible = 2
511
+ NameDisplay = 3
512
+ NameUniqueId = 6
513
+ NameCanonical = 7
514
+ NameUserPrincipal = 8
515
+ NameCanonicalEx = 9
516
+ NameServicePrincipal = 10
517
+ NameDnsDomain = 12
518
+ NameGivenName = 13
519
+ NameSurname = 14
520
+
521
+ def self.current_user_name_with_format(format)
522
+ user_name = ''
523
+ max_length = 1024
524
+
525
+ FFI::MemoryPointer.new(:lpwstr, max_length * 2 + 1) do |buffer|
526
+ FFI::MemoryPointer.new(:dword, 1) do |buffer_size|
527
+ buffer_size.write_dword(max_length + 1)
528
+
529
+ if GetUserNameExW(format.to_i, buffer, buffer_size) == FFI::WIN32_FALSE
530
+ raise Puppet::Util::Windows::Error.new(_("Failed to get user name"), FFI.errno)
531
+ end
532
+
533
+ user_name = buffer.read_wide_string(buffer_size.read_dword).chomp
534
+ end
535
+ end
536
+
537
+ user_name
538
+ end
539
+
540
+ def self.current_sam_compatible_user_name
541
+ current_user_name_with_format(NameSamCompatible)
542
+ end
543
+
507
544
  def self.current_user_sid
508
545
  Puppet::Util::Windows::SID.name_to_principal(current_user_name)
509
546
  end
@@ -518,6 +555,15 @@ module Puppet::Util::Windows::ADSI
518
555
  ffi_lib :advapi32
519
556
  attach_function_private :GetUserNameW,
520
557
  [:lpwstr, :lpdword], :win32_bool
558
+
559
+ # https://docs.microsoft.com/en-us/windows/win32/api/secext/nf-secext-getusernameexa
560
+ # BOOLEAN SEC_ENTRY GetUserNameExA(
561
+ # EXTENDED_NAME_FORMAT NameFormat,
562
+ # LPSTR lpNameBuffer,
563
+ # PULONG nSize
564
+ # );type
565
+ ffi_lib :secur32
566
+ attach_function_private :GetUserNameExW, [:uint16, :lpwstr, :pointer], :win32_bool
521
567
  end
522
568
 
523
569
  class UserProfile
@@ -44,7 +44,8 @@ module Puppet::Util::Windows::SID
44
44
  ERROR_INVALID_PARAMETER = 87
45
45
  ERROR_INSUFFICIENT_BUFFER = 122
46
46
 
47
- def self.lookup_account_name(system_name = nil, account_name)
47
+ def self.lookup_account_name(system_name = nil, sanitize = true, account_name)
48
+ account_name = sanitize_account_name(account_name) if sanitize
48
49
  system_name_ptr = FFI::Pointer::NULL
49
50
  begin
50
51
  if system_name
@@ -146,6 +147,13 @@ module Puppet::Util::Windows::SID
146
147
  end
147
148
  end
148
149
 
150
+ # Sanitize the given account name for lookup to avoid known issues
151
+ def self.sanitize_account_name(account_name)
152
+ return account_name unless account_name.start_with?('APPLICATION PACKAGE AUTHORITY\\')
153
+ account_name.split('\\').last
154
+ end
155
+ private_class_method :sanitize_account_name
156
+
149
157
  ffi_convention :stdcall
150
158
 
151
159
  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa379601(v=vs.85).aspx
@@ -191,4 +199,3 @@ module Puppet::Util::Windows::SID
191
199
  [:lpcwstr, :pointer, :lpwstr, :lpdword, :lpwstr, :lpdword, :pointer], :win32_bool
192
200
  end
193
201
  end
194
-
@@ -74,11 +74,13 @@ module Puppet::Util::Windows
74
74
  string_to_sid_ptr(name) do |sid_ptr|
75
75
  raw_sid_bytes = sid_ptr.read_array_of_uchar(get_length_sid(sid_ptr))
76
76
  end
77
- rescue
77
+ rescue => e
78
+ Puppet.debug("Could not retrieve raw SID bytes from '#{name}': #{e.message}")
78
79
  end
79
80
 
80
81
  raw_sid_bytes ? Principal.lookup_account_sid(raw_sid_bytes) : Principal.lookup_account_name(name)
81
- rescue
82
+ rescue => e
83
+ Puppet.debug("#{e.message}")
82
84
  (allow_unresolved && raw_sid_bytes) ? unresolved_principal(name, raw_sid_bytes) : nil
83
85
  end
84
86
  module_function :name_to_principal
@@ -6,7 +6,7 @@
6
6
  # Raketasks and such to set the version based on the output of `git describe`
7
7
 
8
8
  module Puppet
9
- PUPPETVERSION = '7.4.1'
9
+ PUPPETVERSION = '7.5.0'
10
10
 
11
11
  ##
12
12
  # version is a public API method intended to always provide a fast and
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPETCONF" "5" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPETCONF" "5" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  \fBThis page is autogenerated; any changes will get overwritten\fR
6
6
  .
7
7
  .SH "Configuration settings"
@@ -288,6 +288,14 @@ Defaults to the node\'s fully qualified domain name\.
288
288
  .
289
289
  .IP "" 0
290
290
  .
291
+ .SS "ciphers"
292
+ The list of ciphersuites for TLS connections initiated by puppet\. The default value is chosen to support TLS 1\.0 and up, but can be made more restrictive if needed\. The ciphersuites must be specified in OpenSSL format, not IANA\.
293
+ .
294
+ .IP "\(bu" 4
295
+ \fIDefault\fR: ECDHE\-ECDSA\-AES128\-GCM\-SHA256:ECDHE\-RSA\-AES128\-GCM\-SHA256:ECDHE\-ECDSA\-AES256\-GCM\-SHA384:ECDHE\-RSA\-AES256\-GCM\-SHA384:ECDHE\-ECDSA\-CHACHA20\-POLY1305:ECDHE\-RSA\-CHACHA20\-POLY1305:DHE\-RSA\-AES128\-GCM\-SHA256:DHE\-RSA\-AES256\-GCM\-SHA384:DHE\-RSA\-CHACHA20\-POLY1305:ECDHE\-ECDSA\-AES128\-SHA256:ECDHE\-RSA\-AES128\-SHA256:ECDHE\-ECDSA\-AES128\-SHA:ECDHE\-RSA\-AES128\-SHA:ECDHE\-ECDSA\-AES256\-SHA384:ECDHE\-RSA\-AES256\-SHA384:ECDHE\-ECDSA\-AES256\-SHA:ECDHE\-RSA\-AES256\-SHA:DHE\-RSA\-AES128\-SHA256:DHE\-RSA\-AES256\-SHA256:AES128\-GCM\-SHA256:AES256\-GCM\-SHA384:AES128\-SHA256:AES256\-SHA256
296
+ .
297
+ .IP "" 0
298
+ .
291
299
  .SS "classfile"
292
300
  The file in which puppet agent stores a list of the classes associated with the retrieved configuration\. Can be loaded in the separate \fBpuppet\fR executable using the \fB\-\-loadclasses\fR option\.
293
301
  .
@@ -899,7 +907,7 @@ The time to wait for data to be read from an HTTP connection\. If nothing is rea
899
907
  The HTTP User\-Agent string to send when making network requests\.
900
908
  .
901
909
  .IP "\(bu" 4
902
- \fIDefault\fR: Puppet/7\.4\.0 Ruby/2\.5\.1\-p57 (x86_64\-linux)
910
+ \fIDefault\fR: Puppet/7\.5\.0 Ruby/2\.5\.1\-p57 (x86_64\-linux)
903
911
  .
904
912
  .IP "" 0
905
913
  .
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-AGENT" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-AGENT" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-agent\fR \- The puppet agent daemon
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-APPLY" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-APPLY" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-apply\fR \- Apply Puppet manifests locally
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-CATALOG" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-CATALOG" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-catalog\fR \- Compile, save, view, and convert catalogs\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-CONFIG" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-CONFIG" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-config\fR \- Interact with Puppet\'s settings\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-DESCRIBE" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-DESCRIBE" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-describe\fR \- Display help about resource types
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-DEVICE" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-DEVICE" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-device\fR \- Manage remote network devices
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-DOC" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-DOC" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-doc\fR \- Generate Puppet references
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-EPP" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-EPP" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-epp\fR \- Interact directly with the EPP template parser/renderer\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-FACTS" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-FACTS" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-facts\fR \- Retrieve and store facts\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-FILEBUCKET" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-FILEBUCKET" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-filebucket\fR \- Store and retrieve files in a filebucket
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-GENERATE" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-GENERATE" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-generate\fR \- Generates Puppet code from Ruby definitions\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-HELP" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-HELP" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-help\fR \- Display Puppet help\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-LOOKUP" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-LOOKUP" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-lookup\fR \- Interactive Hiera lookup
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-MODULE" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-MODULE" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-module\fR \- Creates, installs and searches for modules on the Puppet Forge\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-NODE" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-NODE" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-node\fR \- View and manage node definitions\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-PARSER" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-PARSER" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-parser\fR \- Interact directly with the parser\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-PLUGIN" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-PLUGIN" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-plugin\fR \- Interact with the Puppet plugin system\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-REPORT" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-REPORT" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-report\fR \- Create, display, and submit reports\.
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-RESOURCE" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-RESOURCE" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-resource\fR \- The resource abstraction layer shell
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-SCRIPT" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-SCRIPT" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-script\fR \- Run a puppet manifests as a script without compiling a catalog
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET\-SSL" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET\-SSL" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\-ssl\fR \- Manage SSL keys and certificates for puppet SSL clients
@@ -52,4 +52,8 @@ Verify the private key and certificate are present and match, verify the certifi
52
52
  .TP
53
53
  clean
54
54
  Remove the private key and certificate related files for this host\. If \fB\-\-localca\fR is specified, then also remove this host\'s local copy of the CA certificate(s) and CRL bundle\. if \fB\-\-target CERTNAME\fR is specified, then remove the files for the specified device on this host instead of this host\.
55
+ .
56
+ .TP
57
+ show
58
+ Print the full\-text version of this host\'s certificate\.
55
59
 
data/man/man8/puppet.8 CHANGED
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPET" "8" "February 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPET" "8" "March 2021" "Puppet, Inc." "Puppet manual"
5
5
  .
6
6
  .SH "NAME"
7
7
  \fBpuppet\fR
@@ -25,4 +25,4 @@ Specialized:
25
25
  catalog Compile, save, view, and convert catalogs\. describe Display help about resource types device Manage remote network devices doc Generate Puppet references epp Interact directly with the EPP template parser/renderer\. facts Retrieve and store facts\. filebucket Store and retrieve files in a filebucket generate Generates Puppet code from Ruby definitions\. node View and manage node definitions\. parser Interact directly with the parser\. plugin Interact with the Puppet plugin system\. script Run a puppet manifests as a script without compiling a catalog ssl Manage SSL keys and certificates for puppet SSL clients
26
26
  .
27
27
  .P
28
- See \'puppet help \fIsubcommand\fR \fIaction\fR\' for help on a specific subcommand action\. See \'puppet help \fIsubcommand\fR\' for help on a specific subcommand\. Puppet v7\.4\.0
28
+ See \'puppet help \fIsubcommand\fR \fIaction\fR\' for help on a specific subcommand action\. See \'puppet help \fIsubcommand\fR\' for help on a specific subcommand\. Puppet v7\.5\.0
@@ -2,7 +2,7 @@ require 'spec_helper'
2
2
  require 'puppet/face'
3
3
  require 'puppet_spec/puppetserver'
4
4
 
5
- describe "puppet plugin" do
5
+ describe "puppet plugin", unless: Puppet::Util::Platform.jruby? do
6
6
  include_context "https client"
7
7
 
8
8
  let(:server) { PuppetSpec::Puppetserver.new }
@@ -151,4 +151,16 @@ describe Puppet::HTTP::Client, unless: Puppet::Util::Platform.jruby? do
151
151
  end
152
152
  end
153
153
  end
154
+
155
+ context 'ciphersuites' do
156
+ it "does not connect when using an SSLv3 ciphersuite" do
157
+ Puppet[:ciphers] = "DES-CBC3-SHA"
158
+
159
+ https_server.start_server do |port|
160
+ expect {
161
+ client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: root_context})
162
+ }.to raise_error(Puppet::HTTP::ConnectionError, /no cipher match|sslv3 alert handshake failure/)
163
+ end
164
+ end
165
+ end
154
166
  end