RubyGems - puppet - Versions diffs - 8.1.0-x86-mingw32 → 8.3.1-x86-mingw32 - Mend

puppet 8.1.0-x86-mingw32 → 8.3.1-x86-mingw32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (149) hide show

checksums.yaml +4 -4
data/Gemfile +1 -1
data/Gemfile.lock +39 -45
data/ext/project_data.yaml +2 -2
data/lib/puppet/application/doc.rb +1 -1
data/lib/puppet/application/ssl.rb +42 -7
data/lib/puppet/application.rb +5 -1
data/lib/puppet/defaults.rb +17 -5
data/lib/puppet/face/config.rb +1 -1
data/lib/puppet/face/epp.rb +2 -2
data/lib/puppet/face/module/list.rb +2 -2
data/lib/puppet/face/parser.rb +1 -1
data/lib/puppet/functions/split.rb +28 -1
data/lib/puppet/http/client.rb +12 -5
data/lib/puppet/http/service/ca.rb +25 -0
data/lib/puppet/indirector/facts/facter.rb +1 -1
data/lib/puppet/indirector/file_bucket_file/file.rb +1 -1
data/lib/puppet/indirector/indirection.rb +1 -1
data/lib/puppet/info_service/task_information_service.rb +1 -1
data/lib/puppet/module_tool.rb +1 -1
data/lib/puppet/network/formats.rb +3 -3
data/lib/puppet/network/http/memory_response.rb +1 -1
data/lib/puppet/node/environment.rb +6 -4
data/lib/puppet/parameter/value_collection.rb +1 -1
data/lib/puppet/parser/files.rb +4 -3
data/lib/puppet/parser/functions.rb +1 -1
data/lib/puppet/pops/evaluator/deferred_resolver.rb +20 -3
data/lib/puppet/pops/loader/loader_paths.rb +4 -4
data/lib/puppet/pops/lookup/explainer.rb +1 -1
data/lib/puppet/pops/lookup/hiera_config.rb +1 -1
data/lib/puppet/pops/model/factory.rb +1 -1
data/lib/puppet/pops/model/tree_dumper.rb +1 -1
data/lib/puppet/pops/parser/epp_support.rb +1 -1
data/lib/puppet/pops/parser/evaluating_parser.rb +1 -1
data/lib/puppet/pops/parser/pn_parser.rb +1 -1
data/lib/puppet/pops/pn.rb +1 -1
data/lib/puppet/pops/serialization/json_path.rb +1 -1
data/lib/puppet/pops/time/timespan.rb +4 -4
data/lib/puppet/pops/types/ruby_generator.rb +2 -2
data/lib/puppet/pops/types/string_converter.rb +6 -6
data/lib/puppet/pops/types/type_formatter.rb +2 -2
data/lib/puppet/pops/types/types.rb +1 -1
data/lib/puppet/provider/nameservice/directoryservice.rb +2 -2
data/lib/puppet/provider/package/apt.rb +1 -1
data/lib/puppet/provider/package/dnf.rb +1 -1
data/lib/puppet/provider/package/yum.rb +1 -1
data/lib/puppet/provider/user/directoryservice.rb +1 -1
data/lib/puppet/reference/configuration.rb +1 -1
data/lib/puppet/reference/indirection.rb +1 -1
data/lib/puppet/reports.rb +1 -1
data/lib/puppet/ssl/oids.rb +2 -0
data/lib/puppet/ssl/ssl_provider.rb +1 -1
data/lib/puppet/ssl/state_machine.rb +60 -9
data/lib/puppet/transaction/report.rb +1 -1
data/lib/puppet/type/filebucket.rb +1 -1
data/lib/puppet/util/diff.rb +1 -1
data/lib/puppet/util/execution.rb +9 -4
data/lib/puppet/util/inifile.rb +2 -2
data/lib/puppet/util/monkey_patches.rb +18 -0
data/lib/puppet/util/package/version/rpm.rb +1 -1
data/lib/puppet/util/provider_features.rb +1 -1
data/lib/puppet/util/selinux.rb +1 -1
data/lib/puppet/util/windows/access_control_entry.rb +1 -1
data/lib/puppet/util/windows/access_control_list.rb +1 -1
data/lib/puppet/util/windows/adsi.rb +9 -2
data/lib/puppet/util/windows/error.rb +1 -1
data/lib/puppet/util/windows/file.rb +2 -2
data/lib/puppet/util/windows/process.rb +1 -1
data/lib/puppet/util/windows/sid.rb +4 -2
data/lib/puppet/util.rb +2 -3
data/lib/puppet/version.rb +1 -1
data/lib/puppet/x509/cert_provider.rb +13 -2
data/locales/puppet.pot +106 -74
data/man/man5/puppet.conf.5 +16 -2
data/man/man8/puppet-agent.8 +1 -1
data/man/man8/puppet-apply.8 +1 -1
data/man/man8/puppet-catalog.8 +1 -1
data/man/man8/puppet-config.8 +1 -1
data/man/man8/puppet-describe.8 +1 -1
data/man/man8/puppet-device.8 +1 -1
data/man/man8/puppet-doc.8 +1 -1
data/man/man8/puppet-epp.8 +1 -1
data/man/man8/puppet-facts.8 +1 -1
data/man/man8/puppet-filebucket.8 +1 -1
data/man/man8/puppet-generate.8 +1 -1
data/man/man8/puppet-help.8 +1 -1
data/man/man8/puppet-lookup.8 +1 -1
data/man/man8/puppet-module.8 +1 -1
data/man/man8/puppet-node.8 +1 -1
data/man/man8/puppet-parser.8 +1 -1
data/man/man8/puppet-plugin.8 +1 -1
data/man/man8/puppet-report.8 +1 -1
data/man/man8/puppet-resource.8 +1 -1
data/man/man8/puppet-script.8 +1 -1
data/man/man8/puppet-ssl.8 +5 -1
data/man/man8/puppet.8 +2 -2
data/spec/fixtures/ssl/127.0.0.1-key.pem +107 -107
data/spec/fixtures/ssl/127.0.0.1.pem +52 -51
data/spec/fixtures/ssl/bad-basic-constraints.pem +56 -56
data/spec/fixtures/ssl/bad-int-basic-constraints.pem +53 -53
data/spec/fixtures/ssl/ca.pem +54 -54
data/spec/fixtures/ssl/crl.pem +26 -26
data/spec/fixtures/ssl/ec-key.pem +11 -11
data/spec/fixtures/ssl/ec.pem +33 -32
data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
data/spec/fixtures/ssl/encrypted-key.pem +108 -108
data/spec/fixtures/ssl/intermediate-agent-crl.pem +26 -26
data/spec/fixtures/ssl/intermediate-agent.pem +56 -56
data/spec/fixtures/ssl/intermediate-crl.pem +29 -29
data/spec/fixtures/ssl/intermediate.pem +53 -53
data/spec/fixtures/ssl/oid-key.pem +107 -107
data/spec/fixtures/ssl/oid.pem +51 -50
data/spec/fixtures/ssl/pluto-key.pem +107 -107
data/spec/fixtures/ssl/pluto.pem +52 -51
data/spec/fixtures/ssl/renewed.pem +67 -0
data/spec/fixtures/ssl/request-key.pem +107 -107
data/spec/fixtures/ssl/request.pem +50 -48
data/spec/fixtures/ssl/revoked-key.pem +107 -107
data/spec/fixtures/ssl/revoked.pem +51 -50
data/spec/fixtures/ssl/signed-key.pem +107 -107
data/spec/fixtures/ssl/signed.pem +49 -48
data/spec/fixtures/ssl/tampered-cert.pem +51 -50
data/spec/fixtures/ssl/tampered-csr.pem +50 -48
data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +107 -107
data/spec/fixtures/ssl/unknown-127.0.0.1.pem +50 -49
data/spec/fixtures/ssl/unknown-ca-key.pem +107 -107
data/spec/fixtures/ssl/unknown-ca.pem +54 -54
data/spec/integration/application/agent_spec.rb +27 -27
data/spec/integration/application/apply_spec.rb +14 -0
data/spec/integration/http/client_spec.rb +16 -0
data/spec/integration/type/exec_spec.rb +13 -0
data/spec/lib/puppet/test_ca.rb +3 -10
data/spec/lib/puppet_spec/verbose.rb +10 -1
data/spec/unit/agent_spec.rb +2 -9
data/spec/unit/application/ssl_spec.rb +49 -0
data/spec/unit/defaults_spec.rb +2 -40
data/spec/unit/file_system/path_pattern_spec.rb +15 -0
data/spec/unit/functions/split_spec.rb +6 -0
data/spec/unit/http/service/ca_spec.rb +71 -0
data/spec/unit/info_service_spec.rb +1 -1
data/spec/unit/ssl/certificate_signer_spec.rb +17 -0
data/spec/unit/ssl/ssl_provider_spec.rb +21 -1
data/spec/unit/ssl/state_machine_spec.rb +75 -3
data/spec/unit/util/execution_spec.rb +1 -0
data/spec/unit/util/monkey_patches_spec.rb +42 -0
data/spec/unit/util/windows/adsi_spec.rb +25 -0
data/spec/unit/x509/cert_provider_spec.rb +23 -0
data/tasks/generate_cert_fixtures.rake +4 -0
metadata +11 -13

data/lib/puppet/util/inifile.rb CHANGED Viewed

@@ -79,7 +79,7 @@ module Puppet::Util::IniConfig
     # written to file
     def format
       if @destroy
-        text = String.new
+        text = ''.dup
       else
         text = "[#{name}]\n"
         @entries.each do |entry|
@@ -208,7 +208,7 @@ module Puppet::Util::IniConfig
     end
     def format
-      text = String.new
+      text = ''.dup
       @contents.each do |content|
         if content.is_a? Section

data/lib/puppet/util/monkey_patches.rb CHANGED Viewed

@@ -30,6 +30,24 @@ class Object
   end
 end
+unless Dir.singleton_methods.include?(:exists?)
+  class Dir
+    def self.exists?(file_name)
+      warn("Dir.exists?('#{file_name}') is deprecated, use Dir.exist? instead") if $VERBOSE
+      Dir.exist?(file_name)
+    end
+  end
+end
+unless File.singleton_methods.include?(:exists?)
+  class File
+    def self.exists?(file_name)
+      warn("File.exists?('#{file_name}') is deprecated, use File.exist? instead") if $VERBOSE
+      File.exist?(file_name)
+    end
+  end
+end
 require_relative '../../puppet/ssl/openssl_loader'
 unless Puppet::Util::Platform.jruby_fips?
   class OpenSSL::SSL::SSLContext

data/lib/puppet/util/package/version/rpm.rb CHANGED Viewed

@@ -19,7 +19,7 @@ module Puppet::Util::Package::Version
     end
     def to_s
-      version_found = String.new
+      version_found = ''.dup
       version_found += "#{@epoch}:"   if @epoch
       version_found += @version
       version_found += "-#{@release}" if @release

data/lib/puppet/util/provider_features.rb CHANGED Viewed

@@ -76,7 +76,7 @@ module Puppet::Util::ProviderFeatures
   # @return [String] Returns a string with documentation covering all features.
   def featuredocs
-    str = String.new
+    str = ''.dup
     @features ||= {}
     return nil if @features.empty?
     names = @features.keys.sort_by(&:to_s)

data/lib/puppet/util/selinux.rb CHANGED Viewed

@@ -227,7 +227,7 @@ module Puppet::Util::SELinux
   # Internal helper function to read and parse /proc/mounts
   def read_mounts
-    mounts = String.new
+    mounts = ''.dup
     begin
       if File.method_defined? "read_nonblock"
         # If possible we use read_nonblock in a loop rather than read to work-

data/lib/puppet/util/windows/access_control_entry.rb CHANGED Viewed

@@ -61,7 +61,7 @@ class Puppet::Util::Windows::AccessControlEntry
   end
   def inspect
-    inheritance = String.new
+    inheritance = ''.dup
     inheritance << '(I)' if inherited?
     inheritance << '(OI)' if object_inherit?
     inheritance << '(CI)' if container_inherit?

data/lib/puppet/util/windows/access_control_list.rb CHANGED Viewed

@@ -98,7 +98,7 @@ class Puppet::Util::Windows::AccessControlList
   end
   def inspect
-    str = String.new
+    str = ''.dup
     @aces.each do |ace|
       str << "  #{ace.inspect}\n"
     end

data/lib/puppet/util/windows/adsi.rb CHANGED Viewed

@@ -176,6 +176,13 @@ module Puppet::Util::Windows::ADSI
         sids = []
         adsi_child_collection.each do |m|
           sids << Puppet::Util::Windows::SID.ads_to_principal(m)
+        rescue Puppet::Util::Windows::Error => e
+          case e.code
+          when Puppet::Util::Windows::SID::ERROR_TRUSTED_RELATIONSHIP_FAILURE, Puppet::Util::Windows::SID::ERROR_TRUSTED_DOMAIN_FAILURE
+            sids << Puppet::Util::Windows::SID.unresolved_principal(m.name, m.sid)
+          else
+            raise e
+          end
         end
         sids
@@ -488,7 +495,7 @@ module Puppet::Util::Windows::ADSI
     # UNLEN from lmcons.h - https://stackoverflow.com/a/2155176
     MAX_USERNAME_LENGTH = 256
     def self.current_user_name
-      user_name = String.new
+      user_name = ''.dup
       max_length = MAX_USERNAME_LENGTH + 1 # NULL terminated
       FFI::MemoryPointer.new(max_length * 2) do |buffer| # wide string
         FFI::MemoryPointer.new(:dword, 1) do |buffer_size|
@@ -520,7 +527,7 @@ module Puppet::Util::Windows::ADSI
     NameSurname           = 14
     def self.current_user_name_with_format(format)
-      user_name = String.new
+      user_name = ''.dup
       max_length = 1024
       FFI::MemoryPointer.new(:lpwstr, max_length * 2 + 1) do |buffer|

data/lib/puppet/util/windows/error.rb CHANGED Viewed

@@ -32,7 +32,7 @@ class Puppet::Util::Windows::Error < Puppet::Error
             FORMAT_MESSAGE_ARGUMENT_ARRAY |
             FORMAT_MESSAGE_IGNORE_INSERTS |
             FORMAT_MESSAGE_MAX_WIDTH_MASK
-    error_string = String.new
+    error_string = ''.dup
     # this pointer actually points to a :lpwstr (pointer) since we're letting Windows allocate for us
     FFI::MemoryPointer.new(:pointer, 1) do |buffer_ptr|

data/lib/puppet/util/windows/file.rb CHANGED Viewed

@@ -245,7 +245,7 @@ module Puppet::Util::Windows::File
   module_function :readlink
   def get_long_pathname(path)
-    converted = String.new
+    converted = ''.dup
     FFI::Pointer.from_string_to_wide_string(path) do |path_ptr|
       # includes terminating NULL
       buffer_size = GetLongPathNameW(path_ptr, FFI::Pointer::NULL, 0)
@@ -263,7 +263,7 @@ module Puppet::Util::Windows::File
   module_function :get_long_pathname
   def get_short_pathname(path)
-    converted = String.new
+    converted = ''.dup
     FFI::Pointer.from_string_to_wide_string(path) do |path_ptr|
       # includes terminating NULL
       buffer_size = GetShortPathNameW(path_ptr, FFI::Pointer::NULL, 0)

data/lib/puppet/util/windows/process.rb CHANGED Viewed

@@ -121,7 +121,7 @@ module Puppet::Util::Windows::Process
   module_function :with_process_token
   def get_process_image_name_by_pid(pid)
-    image_name = String.new
+    image_name = ''.dup
     Puppet::Util::Windows::Security.with_privilege(Puppet::Util::Windows::Security::SE_DEBUG_NAME) do
       open_process(PROCESS_QUERY_INFORMATION, false, pid) do |phandle|

data/lib/puppet/util/windows/sid.rb CHANGED Viewed

@@ -7,8 +7,10 @@ module Puppet::Util::Windows
     extend FFI::Library
     # missing from Windows::Error
-    ERROR_NONE_MAPPED           = 1332
-    ERROR_INVALID_SID_STRUCTURE = 1337
+    ERROR_NONE_MAPPED                  = 1332
+    ERROR_INVALID_SID_STRUCTURE        = 1337
+    ERROR_TRUSTED_DOMAIN_FAILURE       = 1788
+    ERROR_TRUSTED_RELATIONSHIP_FAILURE = 1789
     # Well Known SIDs
     Null                        = 'S-1-0'

data/lib/puppet/util.rb CHANGED Viewed

@@ -409,8 +409,7 @@ module Util
   def uri_encode(path, opts = { :allow_fragment => false })
     raise ArgumentError.new(_('path may not be nil')) if path.nil?
-    # ensure string starts as UTF-8 for the sake of Ruby 1.9.3
-    encoded = String.new.encode!(Encoding::UTF_8)
+    encoded = ''.dup
     # parse uri into named matches, then reassemble properly encoded
     parts = path.match(RFC_3986_URI_REGEX)
@@ -454,7 +453,7 @@ module Util
   def rfc2396_escape(str)
     str.gsub(UNSAFE) do |match|
-      tmp = String.new
+      tmp = ''.dup
       match.each_byte do |uc|
         tmp << sprintf('%%%02X', uc)
       end

data/lib/puppet/version.rb CHANGED Viewed

@@ -7,7 +7,7 @@
 # Raketasks and such to set the version based on the output of `git describe`
 module Puppet
-  PUPPETVERSION = '8.1.0'
+  PUPPETVERSION = '8.3.1'
   ##
   # version is a public API method intended to always provide a fast and

data/lib/puppet/x509/cert_provider.rb CHANGED Viewed

@@ -311,6 +311,13 @@ class Puppet::X509::CertProvider
       options[:extension_requests] = csr_attributes.extension_requests
     end
+    # Adds auto-renew attribute to CSR if the agent supports auto-renewal of
+    # certificates
+    if Puppet[:hostcert_renewal_interval] && Puppet[:hostcert_renewal_interval] > 0
+      options[:csr_attributes] ||= {}
+      options[:csr_attributes].merge!({'1.3.6.1.4.1.34380.1.3.2' => 'true'})
+    end
     csr = Puppet::SSL::CertificateRequest.new(name)
     csr.generate(private_key, options)
   end
@@ -369,13 +376,17 @@ class Puppet::X509::CertProvider
     OpenSSL::X509::Request.new(pem)
   end
-  private
+  # Return the path to the cert related object (key, CSR, cert, etc).
+  #
+  # @param base [String] base directory
+  # @param name [String] the name associated with the cert related object
   def to_path(base, name)
     raise _("Certname %{name} must not contain unprintable or non-ASCII characters") % { name: name.inspect } unless name =~ VALID_CERTNAME
     File.join(base, "#{name.downcase}.pem")
   end
+  private
   def permissions_for_setting(name)
     setting = Puppet.settings.setting(name)
     perm = { mode: setting.mode.to_i(8) }