puppet 7.4.1-x64-mingw32 → 7.5.0-x64-mingw32
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile.lock +19 -13
- data/lib/puppet/application/ssl.rb +11 -0
- data/lib/puppet/defaults.rb +8 -0
- data/lib/puppet/environments.rb +16 -1
- data/lib/puppet/ffi/windows/api_types.rb +1 -1
- data/lib/puppet/file_system/memory_file.rb +8 -1
- data/lib/puppet/file_system/windows.rb +2 -0
- data/lib/puppet/http/factory.rb +4 -0
- data/lib/puppet/network/http.rb +5 -2
- data/lib/puppet/network/http/api.rb +10 -6
- data/lib/puppet/network/http/api/master.rb +3 -2
- data/lib/puppet/network/http/api/master/v3.rb +2 -25
- data/lib/puppet/network/http/api/master/v3/environments.rb +2 -33
- data/lib/puppet/network/http/api/server.rb +10 -0
- data/lib/puppet/network/http/api/server/v3.rb +39 -0
- data/lib/puppet/network/http/api/server/v3/environments.rb +48 -0
- data/lib/puppet/pops/parser/lexer2.rb +0 -4
- data/lib/puppet/pops/validation/checker4_0.rb +0 -1
- data/lib/puppet/settings/environment_conf.rb +1 -0
- data/lib/puppet/util/monkey_patches.rb +7 -0
- data/lib/puppet/util/windows/adsi.rb +46 -0
- data/lib/puppet/util/windows/principal.rb +9 -2
- data/lib/puppet/util/windows/sid.rb +4 -2
- data/lib/puppet/version.rb +1 -1
- data/man/man5/puppet.conf.5 +10 -2
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +1 -1
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +5 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/integration/application/plugin_spec.rb +1 -1
- data/spec/integration/http/client_spec.rb +12 -0
- data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
- data/spec/integration/parser/collection_spec.rb +10 -0
- data/spec/integration/util/windows/adsi_spec.rb +18 -0
- data/spec/integration/util/windows/principal_spec.rb +21 -0
- data/spec/integration/util/windows/registry_spec.rb +6 -0
- data/spec/unit/application/facts_spec.rb +5 -5
- data/spec/unit/application/ssl_spec.rb +23 -0
- data/spec/unit/environments_spec.rb +164 -88
- data/spec/unit/file_system_spec.rb +9 -0
- data/spec/unit/http/factory_spec.rb +19 -0
- data/spec/unit/network/http/api/master_spec.rb +38 -0
- data/spec/unit/network/http/api/{master → server}/v3/environments_spec.rb +2 -2
- data/spec/unit/network/http/api/{master → server}/v3_spec.rb +19 -19
- data/spec/unit/network/http/api_spec.rb +11 -11
- data/spec/unit/pops/parser/lexer2_spec.rb +0 -4
- data/spec/unit/pops/validator/validator_spec.rb +20 -43
- data/spec/unit/util/windows/sid_spec.rb +6 -0
- metadata +11 -16
- data/spec/lib/matchers/include.rb +0 -27
- data/spec/lib/matchers/include_spec.rb +0 -32
- data/spec/unit/pops/parser/parse_application_spec.rb +0 -13
- data/spec/unit/pops/parser/parse_capabilities_spec.rb +0 -23
- data/spec/unit/pops/parser/parse_site_spec.rb +0 -43
@@ -134,10 +134,6 @@ class Lexer2
|
|
134
134
|
'type' => [:TYPE, 'type', 4],
|
135
135
|
'attr' => [:ATTR, 'attr', 4],
|
136
136
|
'private' => [:PRIVATE, 'private', 7],
|
137
|
-
'application' => [:APPLICATION, 'application', 11], # reserved
|
138
|
-
'consumes' => [:CONSUMES, 'consumes', 8], # reserved
|
139
|
-
'produces' => [:PRODUCES, 'produces', 8], # reserved
|
140
|
-
'site' => [:SITE, 'site', 4], # reserved
|
141
137
|
}
|
142
138
|
|
143
139
|
KEYWORDS.each {|k,v| v[1].freeze; v.freeze }
|
@@ -236,7 +236,6 @@ class Checker4_0 < Evaluator::LiteralEvaluator
|
|
236
236
|
case p
|
237
237
|
when Model::AbstractResource
|
238
238
|
when Model::CollectExpression
|
239
|
-
acceptor.accept(Issues::UNSUPPORTED_OPERATOR_IN_CONTEXT, p, :operator=>'* =>')
|
240
239
|
else
|
241
240
|
# protect against just testing a snippet that has no parent, error message will be a bit strange
|
242
241
|
# but it is not for a real program.
|
@@ -29,6 +29,7 @@ class Puppet::Settings::EnvironmentConf
|
|
29
29
|
section = config.sections[:main]
|
30
30
|
rescue Errno::ENOENT
|
31
31
|
# environment.conf is an optional file
|
32
|
+
Puppet.debug { "Path to #{path_to_env} does not exist, using default environment.conf" }
|
32
33
|
end
|
33
34
|
|
34
35
|
new(path_to_env, section, global_module_path)
|
@@ -32,6 +32,13 @@ end
|
|
32
32
|
# (#19151) Reject all SSLv2 ciphers and handshakes
|
33
33
|
require 'puppet/ssl/openssl_loader'
|
34
34
|
unless Puppet::Util::Platform.jruby_fips?
|
35
|
+
unless defined?(OpenSSL::SSL::TLS1_VERSION)
|
36
|
+
module OpenSSL::SSL
|
37
|
+
# see https://github.com/ruby/ruby/commit/609103dbb5fb182eec12f052226c43e39b907682#diff-09f822c26289f5347111795ca22ed7ed1cfadd6ebd28f987991d1d414eef565aR2755-R2759
|
38
|
+
OpenSSL::SSL::TLS1_VERSION = 0x301
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
35
42
|
class OpenSSL::SSL::SSLContext
|
36
43
|
if DEFAULT_PARAMS[:options]
|
37
44
|
DEFAULT_PARAMS[:options] |= OpenSSL::SSL::OP_NO_SSLv2 | OpenSSL::SSL::OP_NO_SSLv3
|
@@ -504,6 +504,43 @@ module Puppet::Util::Windows::ADSI
|
|
504
504
|
user_name
|
505
505
|
end
|
506
506
|
|
507
|
+
# https://docs.microsoft.com/en-us/windows/win32/api/secext/ne-secext-extended_name_format
|
508
|
+
NameUnknown = 0
|
509
|
+
NameFullyQualifiedDN = 1
|
510
|
+
NameSamCompatible = 2
|
511
|
+
NameDisplay = 3
|
512
|
+
NameUniqueId = 6
|
513
|
+
NameCanonical = 7
|
514
|
+
NameUserPrincipal = 8
|
515
|
+
NameCanonicalEx = 9
|
516
|
+
NameServicePrincipal = 10
|
517
|
+
NameDnsDomain = 12
|
518
|
+
NameGivenName = 13
|
519
|
+
NameSurname = 14
|
520
|
+
|
521
|
+
def self.current_user_name_with_format(format)
|
522
|
+
user_name = ''
|
523
|
+
max_length = 1024
|
524
|
+
|
525
|
+
FFI::MemoryPointer.new(:lpwstr, max_length * 2 + 1) do |buffer|
|
526
|
+
FFI::MemoryPointer.new(:dword, 1) do |buffer_size|
|
527
|
+
buffer_size.write_dword(max_length + 1)
|
528
|
+
|
529
|
+
if GetUserNameExW(format.to_i, buffer, buffer_size) == FFI::WIN32_FALSE
|
530
|
+
raise Puppet::Util::Windows::Error.new(_("Failed to get user name"), FFI.errno)
|
531
|
+
end
|
532
|
+
|
533
|
+
user_name = buffer.read_wide_string(buffer_size.read_dword).chomp
|
534
|
+
end
|
535
|
+
end
|
536
|
+
|
537
|
+
user_name
|
538
|
+
end
|
539
|
+
|
540
|
+
def self.current_sam_compatible_user_name
|
541
|
+
current_user_name_with_format(NameSamCompatible)
|
542
|
+
end
|
543
|
+
|
507
544
|
def self.current_user_sid
|
508
545
|
Puppet::Util::Windows::SID.name_to_principal(current_user_name)
|
509
546
|
end
|
@@ -518,6 +555,15 @@ module Puppet::Util::Windows::ADSI
|
|
518
555
|
ffi_lib :advapi32
|
519
556
|
attach_function_private :GetUserNameW,
|
520
557
|
[:lpwstr, :lpdword], :win32_bool
|
558
|
+
|
559
|
+
# https://docs.microsoft.com/en-us/windows/win32/api/secext/nf-secext-getusernameexa
|
560
|
+
# BOOLEAN SEC_ENTRY GetUserNameExA(
|
561
|
+
# EXTENDED_NAME_FORMAT NameFormat,
|
562
|
+
# LPSTR lpNameBuffer,
|
563
|
+
# PULONG nSize
|
564
|
+
# );type
|
565
|
+
ffi_lib :secur32
|
566
|
+
attach_function_private :GetUserNameExW, [:uint16, :lpwstr, :pointer], :win32_bool
|
521
567
|
end
|
522
568
|
|
523
569
|
class UserProfile
|
@@ -44,7 +44,8 @@ module Puppet::Util::Windows::SID
|
|
44
44
|
ERROR_INVALID_PARAMETER = 87
|
45
45
|
ERROR_INSUFFICIENT_BUFFER = 122
|
46
46
|
|
47
|
-
def self.lookup_account_name(system_name = nil, account_name)
|
47
|
+
def self.lookup_account_name(system_name = nil, sanitize = true, account_name)
|
48
|
+
account_name = sanitize_account_name(account_name) if sanitize
|
48
49
|
system_name_ptr = FFI::Pointer::NULL
|
49
50
|
begin
|
50
51
|
if system_name
|
@@ -146,6 +147,13 @@ module Puppet::Util::Windows::SID
|
|
146
147
|
end
|
147
148
|
end
|
148
149
|
|
150
|
+
# Sanitize the given account name for lookup to avoid known issues
|
151
|
+
def self.sanitize_account_name(account_name)
|
152
|
+
return account_name unless account_name.start_with?('APPLICATION PACKAGE AUTHORITY\\')
|
153
|
+
account_name.split('\\').last
|
154
|
+
end
|
155
|
+
private_class_method :sanitize_account_name
|
156
|
+
|
149
157
|
ffi_convention :stdcall
|
150
158
|
|
151
159
|
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa379601(v=vs.85).aspx
|
@@ -191,4 +199,3 @@ module Puppet::Util::Windows::SID
|
|
191
199
|
[:lpcwstr, :pointer, :lpwstr, :lpdword, :lpwstr, :lpdword, :pointer], :win32_bool
|
192
200
|
end
|
193
201
|
end
|
194
|
-
|
@@ -74,11 +74,13 @@ module Puppet::Util::Windows
|
|
74
74
|
string_to_sid_ptr(name) do |sid_ptr|
|
75
75
|
raw_sid_bytes = sid_ptr.read_array_of_uchar(get_length_sid(sid_ptr))
|
76
76
|
end
|
77
|
-
rescue
|
77
|
+
rescue => e
|
78
|
+
Puppet.debug("Could not retrieve raw SID bytes from '#{name}': #{e.message}")
|
78
79
|
end
|
79
80
|
|
80
81
|
raw_sid_bytes ? Principal.lookup_account_sid(raw_sid_bytes) : Principal.lookup_account_name(name)
|
81
|
-
rescue
|
82
|
+
rescue => e
|
83
|
+
Puppet.debug("#{e.message}")
|
82
84
|
(allow_unresolved && raw_sid_bytes) ? unresolved_principal(name, raw_sid_bytes) : nil
|
83
85
|
end
|
84
86
|
module_function :name_to_principal
|
data/lib/puppet/version.rb
CHANGED
data/man/man5/puppet.conf.5
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPETCONF" "5" "
|
4
|
+
.TH "PUPPETCONF" "5" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
\fBThis page is autogenerated; any changes will get overwritten\fR
|
6
6
|
.
|
7
7
|
.SH "Configuration settings"
|
@@ -288,6 +288,14 @@ Defaults to the node\'s fully qualified domain name\.
|
|
288
288
|
.
|
289
289
|
.IP "" 0
|
290
290
|
.
|
291
|
+
.SS "ciphers"
|
292
|
+
The list of ciphersuites for TLS connections initiated by puppet\. The default value is chosen to support TLS 1\.0 and up, but can be made more restrictive if needed\. The ciphersuites must be specified in OpenSSL format, not IANA\.
|
293
|
+
.
|
294
|
+
.IP "\(bu" 4
|
295
|
+
\fIDefault\fR: ECDHE\-ECDSA\-AES128\-GCM\-SHA256:ECDHE\-RSA\-AES128\-GCM\-SHA256:ECDHE\-ECDSA\-AES256\-GCM\-SHA384:ECDHE\-RSA\-AES256\-GCM\-SHA384:ECDHE\-ECDSA\-CHACHA20\-POLY1305:ECDHE\-RSA\-CHACHA20\-POLY1305:DHE\-RSA\-AES128\-GCM\-SHA256:DHE\-RSA\-AES256\-GCM\-SHA384:DHE\-RSA\-CHACHA20\-POLY1305:ECDHE\-ECDSA\-AES128\-SHA256:ECDHE\-RSA\-AES128\-SHA256:ECDHE\-ECDSA\-AES128\-SHA:ECDHE\-RSA\-AES128\-SHA:ECDHE\-ECDSA\-AES256\-SHA384:ECDHE\-RSA\-AES256\-SHA384:ECDHE\-ECDSA\-AES256\-SHA:ECDHE\-RSA\-AES256\-SHA:DHE\-RSA\-AES128\-SHA256:DHE\-RSA\-AES256\-SHA256:AES128\-GCM\-SHA256:AES256\-GCM\-SHA384:AES128\-SHA256:AES256\-SHA256
|
296
|
+
.
|
297
|
+
.IP "" 0
|
298
|
+
.
|
291
299
|
.SS "classfile"
|
292
300
|
The file in which puppet agent stores a list of the classes associated with the retrieved configuration\. Can be loaded in the separate \fBpuppet\fR executable using the \fB\-\-loadclasses\fR option\.
|
293
301
|
.
|
@@ -899,7 +907,7 @@ The time to wait for data to be read from an HTTP connection\. If nothing is rea
|
|
899
907
|
The HTTP User\-Agent string to send when making network requests\.
|
900
908
|
.
|
901
909
|
.IP "\(bu" 4
|
902
|
-
\fIDefault\fR: Puppet/7\.
|
910
|
+
\fIDefault\fR: Puppet/7\.5\.0 Ruby/2\.5\.1\-p57 (x86_64\-linux)
|
903
911
|
.
|
904
912
|
.IP "" 0
|
905
913
|
.
|
data/man/man8/puppet-agent.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-AGENT" "8" "
|
4
|
+
.TH "PUPPET\-AGENT" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-agent\fR \- The puppet agent daemon
|
data/man/man8/puppet-apply.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-APPLY" "8" "
|
4
|
+
.TH "PUPPET\-APPLY" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-apply\fR \- Apply Puppet manifests locally
|
data/man/man8/puppet-catalog.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-CATALOG" "8" "
|
4
|
+
.TH "PUPPET\-CATALOG" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-catalog\fR \- Compile, save, view, and convert catalogs\.
|
data/man/man8/puppet-config.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-CONFIG" "8" "
|
4
|
+
.TH "PUPPET\-CONFIG" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-config\fR \- Interact with Puppet\'s settings\.
|
data/man/man8/puppet-describe.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-DESCRIBE" "8" "
|
4
|
+
.TH "PUPPET\-DESCRIBE" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-describe\fR \- Display help about resource types
|
data/man/man8/puppet-device.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-DEVICE" "8" "
|
4
|
+
.TH "PUPPET\-DEVICE" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-device\fR \- Manage remote network devices
|
data/man/man8/puppet-doc.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-DOC" "8" "
|
4
|
+
.TH "PUPPET\-DOC" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-doc\fR \- Generate Puppet references
|
data/man/man8/puppet-epp.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-EPP" "8" "
|
4
|
+
.TH "PUPPET\-EPP" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-epp\fR \- Interact directly with the EPP template parser/renderer\.
|
data/man/man8/puppet-facts.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-FACTS" "8" "
|
4
|
+
.TH "PUPPET\-FACTS" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-facts\fR \- Retrieve and store facts\.
|
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-FILEBUCKET" "8" "
|
4
|
+
.TH "PUPPET\-FILEBUCKET" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-filebucket\fR \- Store and retrieve files in a filebucket
|
data/man/man8/puppet-generate.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-GENERATE" "8" "
|
4
|
+
.TH "PUPPET\-GENERATE" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-generate\fR \- Generates Puppet code from Ruby definitions\.
|
data/man/man8/puppet-help.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-HELP" "8" "
|
4
|
+
.TH "PUPPET\-HELP" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-help\fR \- Display Puppet help\.
|
data/man/man8/puppet-lookup.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-LOOKUP" "8" "
|
4
|
+
.TH "PUPPET\-LOOKUP" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-lookup\fR \- Interactive Hiera lookup
|
data/man/man8/puppet-module.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-MODULE" "8" "
|
4
|
+
.TH "PUPPET\-MODULE" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-module\fR \- Creates, installs and searches for modules on the Puppet Forge\.
|
data/man/man8/puppet-node.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-NODE" "8" "
|
4
|
+
.TH "PUPPET\-NODE" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-node\fR \- View and manage node definitions\.
|
data/man/man8/puppet-parser.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-PARSER" "8" "
|
4
|
+
.TH "PUPPET\-PARSER" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-parser\fR \- Interact directly with the parser\.
|
data/man/man8/puppet-plugin.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-PLUGIN" "8" "
|
4
|
+
.TH "PUPPET\-PLUGIN" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-plugin\fR \- Interact with the Puppet plugin system\.
|
data/man/man8/puppet-report.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-REPORT" "8" "
|
4
|
+
.TH "PUPPET\-REPORT" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-report\fR \- Create, display, and submit reports\.
|
data/man/man8/puppet-resource.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-RESOURCE" "8" "
|
4
|
+
.TH "PUPPET\-RESOURCE" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-resource\fR \- The resource abstraction layer shell
|
data/man/man8/puppet-script.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-SCRIPT" "8" "
|
4
|
+
.TH "PUPPET\-SCRIPT" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-script\fR \- Run a puppet manifests as a script without compiling a catalog
|
data/man/man8/puppet-ssl.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET\-SSL" "8" "
|
4
|
+
.TH "PUPPET\-SSL" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\-ssl\fR \- Manage SSL keys and certificates for puppet SSL clients
|
@@ -52,4 +52,8 @@ Verify the private key and certificate are present and match, verify the certifi
|
|
52
52
|
.TP
|
53
53
|
clean
|
54
54
|
Remove the private key and certificate related files for this host\. If \fB\-\-localca\fR is specified, then also remove this host\'s local copy of the CA certificate(s) and CRL bundle\. if \fB\-\-target CERTNAME\fR is specified, then remove the files for the specified device on this host instead of this host\.
|
55
|
+
.
|
56
|
+
.TP
|
57
|
+
show
|
58
|
+
Print the full\-text version of this host\'s certificate\.
|
55
59
|
|
data/man/man8/puppet.8
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPET" "8" "
|
4
|
+
.TH "PUPPET" "8" "March 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBpuppet\fR
|
@@ -25,4 +25,4 @@ Specialized:
|
|
25
25
|
catalog Compile, save, view, and convert catalogs\. describe Display help about resource types device Manage remote network devices doc Generate Puppet references epp Interact directly with the EPP template parser/renderer\. facts Retrieve and store facts\. filebucket Store and retrieve files in a filebucket generate Generates Puppet code from Ruby definitions\. node View and manage node definitions\. parser Interact directly with the parser\. plugin Interact with the Puppet plugin system\. script Run a puppet manifests as a script without compiling a catalog ssl Manage SSL keys and certificates for puppet SSL clients
|
26
26
|
.
|
27
27
|
.P
|
28
|
-
See \'puppet help \fIsubcommand\fR \fIaction\fR\' for help on a specific subcommand action\. See \'puppet help \fIsubcommand\fR\' for help on a specific subcommand\. Puppet v7\.
|
28
|
+
See \'puppet help \fIsubcommand\fR \fIaction\fR\' for help on a specific subcommand action\. See \'puppet help \fIsubcommand\fR\' for help on a specific subcommand\. Puppet v7\.5\.0
|
@@ -151,4 +151,16 @@ describe Puppet::HTTP::Client, unless: Puppet::Util::Platform.jruby? do
|
|
151
151
|
end
|
152
152
|
end
|
153
153
|
end
|
154
|
+
|
155
|
+
context 'ciphersuites' do
|
156
|
+
it "does not connect when using an SSLv3 ciphersuite" do
|
157
|
+
Puppet[:ciphers] = "DES-CBC3-SHA"
|
158
|
+
|
159
|
+
https_server.start_server do |port|
|
160
|
+
expect {
|
161
|
+
client.get(URI("https://127.0.0.1:#{port}"), options: {ssl_context: root_context})
|
162
|
+
}.to raise_error(Puppet::HTTP::ConnectionError, /no cipher match|sslv3 alert handshake failure/)
|
163
|
+
end
|
164
|
+
end
|
165
|
+
end
|
154
166
|
end
|