puppet 2.6.14 → 2.6.15

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

data/CHANGELOG CHANGED
@@ -1,6 +1,14 @@
1
+ 2.6.15
2
+ ===
3
+ f7829ec Stub mktmpdir and remove_entry_secure in os x package providers
4
+ 7ac1ec8 (#13260) Spec test to verify that mktmpdir is used
5
+ 0180200 Refactor pkgdmg specs
6
+ c51447d (#13260) Use mktmpdir when downloading packages
7
+ 568ded5 Fix for bucket_path security vulnerability
8
+ 6bef2e6 Removed text/marshal support
9
+
1
10
  2.6.14
2
11
  ===
3
- d48ad59 Revert "(#5246) Puppetd does not remove it's pidfile when it exits"
4
12
  ade5965 Remove unnecessary fallbacks in change_{user,group}
5
13
  0a09a64 Document uid/gid-related methods in Puppet::Util
6
14
  2599d56 Copy owner/group in replace_file
@@ -24,7 +24,7 @@ require 'puppet/util/run_mode'
24
24
  # it's also a place to find top-level commands like 'debug'
25
25
 
26
26
  module Puppet
27
- PUPPETVERSION = '2.6.14'
27
+ PUPPETVERSION = '2.6.15'
28
28
 
29
29
  def Puppet.version
30
30
  PUPPETVERSION
@@ -117,6 +117,8 @@ class Puppet::Application::Agent < Puppet::Application
117
117
  Puppet.err detail.to_s
118
118
  end
119
119
 
120
+ @daemon.stop(:exit => false)
121
+
120
122
  if not report
121
123
  exit(1)
122
124
  elsif options[:detailed_exitcodes] then
@@ -77,33 +77,6 @@ Puppet::Network::FormatHandler.create_serialized_formats(:b64_zlib_yaml) do
77
77
  end
78
78
  end
79
79
 
80
-
81
- Puppet::Network::FormatHandler.create(:marshal, :mime => "text/marshal") do
82
- # Marshal doesn't need the class name; it's serialized.
83
- def intern(klass, text)
84
- Marshal.load(text)
85
- end
86
-
87
- # Marshal doesn't need the class name; it's serialized.
88
- def intern_multiple(klass, text)
89
- Marshal.load(text)
90
- end
91
-
92
- def render(instance)
93
- Marshal.dump(instance)
94
- end
95
-
96
- # Marshal monkey-patches Array, so this works.
97
- def render_multiple(instances)
98
- Marshal.dump(instances)
99
- end
100
-
101
- # Everything's supported
102
- def supported?(klass)
103
- true
104
- end
105
- end
106
-
107
80
  Puppet::Network::FormatHandler.create(:s, :mime => "text/plain", :extension => "txt")
108
81
 
109
82
  # A very low-weight format so it'll never get chosen automatically.
@@ -28,6 +28,7 @@ module Puppet::Network::HTTP::API::V1
28
28
  method = indirection_method(http_method, indirection)
29
29
 
30
30
  params[:environment] = environment
31
+ params.delete(:bucket_path)
31
32
 
32
33
  raise ArgumentError, "No request key specified in #{uri}" if key == "" or key.nil?
33
34
 
@@ -50,23 +50,24 @@ Puppet::Type.type(:package).provide(:appdmg, :parent => Puppet::Provider::Packag
50
50
 
51
51
  def self.installpkgdmg(source, name)
52
52
  unless source =~ /\.dmg$/i
53
- self.fail "Mac OS X PKG DMG's must specificy a source string ending in .dmg"
53
+ self.fail "Mac OS X PKG DMG's must specify a source string ending in .dmg"
54
54
  end
55
55
  require 'open-uri'
56
56
  require 'facter/util/plist'
57
57
  cached_source = source
58
- if %r{\A[A-Za-z][A-Za-z0-9+\-\.]*://} =~ cached_source
59
- cached_source = "/tmp/#{name}"
60
- begin
61
- curl "-o", cached_source, "-C", "-", "-k", "-s", "--url", source
62
- Puppet.debug "Success: curl transfered [#{name}]"
63
- rescue Puppet::ExecutionFailure
64
- Puppet.debug "curl did not transfer [#{name}]. Falling back to slower open-uri transfer methods."
65
- cached_source = source
58
+ tmpdir = Dir.mktmpdir
59
+ begin
60
+ if %r{\A[A-Za-z][A-Za-z0-9+\-\.]*://} =~ cached_source
61
+ cached_source = File.join(tmpdir, name)
62
+ begin
63
+ curl "-o", cached_source, "-C", "-", "-k", "-L", "-s", "--url", source
64
+ Puppet.debug "Success: curl transfered [#{name}]"
65
+ rescue Puppet::ExecutionFailure
66
+ Puppet.debug "curl did not transfer [#{name}]. Falling back to slower open-uri transfer methods."
67
+ cached_source = source
68
+ end
66
69
  end
67
- end
68
70
 
69
- begin
70
71
  open(cached_source) do |dmg|
71
72
  xml_str = hdiutil "mount", "-plist", "-nobrowse", "-readonly", "-mountrandom", "/tmp", dmg.path
72
73
  ptable = Plist::parse_xml xml_str
@@ -87,8 +88,7 @@ Puppet::Type.type(:package).provide(:appdmg, :parent => Puppet::Provider::Packag
87
88
  end
88
89
  end
89
90
  ensure
90
- # JJM Remove the file if open-uri didn't already do so.
91
- File.unlink(cached_source) if File.exist?(cached_source)
91
+ FileUtils.remove_entry_secure(tmpdir, force=true)
92
92
  end
93
93
  end
94
94
 
@@ -50,14 +50,7 @@ Puppet::Type.type(:package).provide :pkgdmg, :parent => Puppet::Provider::Packag
50
50
 
51
51
  def self.instances
52
52
  instance_by_name.collect do |name|
53
-
54
- new(
55
-
56
- :name => name,
57
- :provider => :pkgdmg,
58
-
59
- :ensure => :installed
60
- )
53
+ new(:name => name, :provider => :pkgdmg, :ensure => :installed)
61
54
  end
62
55
  end
63
56
 
@@ -72,22 +65,23 @@ Puppet::Type.type(:package).provide :pkgdmg, :parent => Puppet::Provider::Packag
72
65
 
73
66
  def self.installpkgdmg(source, name)
74
67
  unless source =~ /\.dmg$/i || source =~ /\.pkg$/i
75
- raise Puppet::Error.new("Mac OS X PKG DMG's must specificy a source string ending in .dmg or flat .pkg file")
68
+ raise Puppet::Error.new("Mac OS X PKG DMG's must specify a source string ending in .dmg or flat .pkg file")
76
69
  end
77
70
  require 'open-uri'
78
71
  cached_source = source
79
- if %r{\A[A-Za-z][A-Za-z0-9+\-\.]*://} =~ cached_source
80
- cached_source = "/tmp/#{name}"
81
- begin
82
- curl "-o", cached_source, "-C", "-", "-k", "-s", "--url", source
83
- Puppet.debug "Success: curl transfered [#{name}]"
84
- rescue Puppet::ExecutionFailure
85
- Puppet.debug "curl did not transfer [#{name}]. Falling back to slower open-uri transfer methods."
86
- cached_source = source
72
+ tmpdir = Dir.mktmpdir
73
+ begin
74
+ if %r{\A[A-Za-z][A-Za-z0-9+\-\.]*://} =~ cached_source
75
+ cached_source = File.join(tmpdir, name)
76
+ begin
77
+ curl "-o", cached_source, "-C", "-", "-k", "-L", "-s", "--url", source
78
+ Puppet.debug "Success: curl transfered [#{name}]"
79
+ rescue Puppet::ExecutionFailure
80
+ Puppet.debug "curl did not transfer [#{name}]. Falling back to slower open-uri transfer methods."
81
+ cached_source = source
82
+ end
87
83
  end
88
- end
89
84
 
90
- begin
91
85
  if source =~ /\.dmg$/i
92
86
  File.open(cached_source) do |dmg|
93
87
  xml_str = hdiutil "mount", "-plist", "-nobrowse", "-readonly", "-noidme", "-mountrandom", "/tmp", dmg.path
@@ -110,14 +104,11 @@ Puppet::Type.type(:package).provide :pkgdmg, :parent => Puppet::Provider::Packag
110
104
  end
111
105
  end
112
106
  end
113
- elsif source =~ /\.pkg$/i
114
- installpkg(cached_source, name, source)
115
107
  else
116
- raise Puppet::Error.new("Mac OS X PKG DMG's must specificy a source string ending in .dmg or flat .pkg file")
108
+ installpkg(cached_source, name, source)
117
109
  end
118
110
  ensure
119
- # JJM Remove the file if open-uri didn't already do so.
120
- File.unlink(cached_source) if File.exist?(cached_source)
111
+ FileUtils.remove_entry_secure(tmpdir, force=true)
121
112
  end
122
113
  end
123
114
 
@@ -519,6 +519,12 @@ describe Puppet::Application::Agent do
519
519
  @puppetd.onetime
520
520
  end
521
521
 
522
+ it "should stop the daemon" do
523
+ @daemon.expects(:stop).with(:exit => false)
524
+
525
+ @puppetd.onetime
526
+ end
527
+
522
528
  describe "and --detailed-exitcodes" do
523
529
  before :each do
524
530
  @puppetd.options.stubs(:[]).with(:detailed_exitcodes).returns(true)
@@ -163,49 +163,6 @@ describe "Puppet Network Format" do
163
163
 
164
164
  end
165
165
 
166
- it "should include a marshal format" do
167
- Puppet::Network::FormatHandler.format(:marshal).should_not be_nil
168
- end
169
-
170
- describe "marshal" do
171
- before do
172
- @marshal = Puppet::Network::FormatHandler.format(:marshal)
173
- end
174
-
175
- it "should have its mime type set to text/marshal" do
176
- Puppet::Network::FormatHandler.format(:marshal).mime.should == "text/marshal"
177
- end
178
-
179
- it "should be supported on Strings" do
180
- @marshal.should be_supported(String)
181
- end
182
-
183
- it "should render by calling 'Marshal.dump' on the instance" do
184
- instance = mock 'instance'
185
- Marshal.expects(:dump).with(instance).returns "foo"
186
- @marshal.render(instance).should == "foo"
187
- end
188
-
189
- it "should render multiple instances by calling 'to_marshal' on the array" do
190
- instances = [mock('instance')]
191
-
192
- Marshal.expects(:dump).with(instances).returns "foo"
193
- @marshal.render_multiple(instances).should == "foo"
194
- end
195
-
196
- it "should intern by calling 'Marshal.load'" do
197
- text = "foo"
198
- Marshal.expects(:load).with("foo").returns "bar"
199
- @marshal.intern(String, text).should == "bar"
200
- end
201
-
202
- it "should intern multiples by calling 'Marshal.load'" do
203
- text = "foo"
204
- Marshal.expects(:load).with("foo").returns "bar"
205
- @marshal.intern_multiple(String, text).should == "bar"
206
- end
207
- end
208
-
209
166
  describe "plaintext" do
210
167
  before do
211
168
  @text = Puppet::Network::FormatHandler.format(:s)
@@ -43,6 +43,14 @@ describe Puppet::Network::HTTP::API::V1 do
43
43
  @tester.uri2indirection("GET", "/env/foo/bar", {:environment => "otherenv"}).environment.should == Puppet::Node::Environment.new("env")
44
44
  end
45
45
 
46
+ it "should not pass a buck_path parameter through (See Bugs #13553, #13518, #13511)" do
47
+ @tester.uri2indirection("GET", "/env/foo/bar", { :bucket_path => "/malicious/path" }).options.should_not include({ :bucket_path => "/malicious/path" })
48
+ end
49
+
50
+ it "should pass allowed parameters through" do
51
+ @tester.uri2indirection("GET", "/env/foo/bar", { :allowed_param => "value" }).options.should include({ :allowed_param => "value" })
52
+ end
53
+
46
54
  it "should use the second field of the URI as the indirection name" do
47
55
  @tester.uri2indirection("GET", "/env/foo/bar", {}).indirection_name.should == :foo
48
56
  end
@@ -0,0 +1,42 @@
1
+ #!/usr/bin/env rspec
2
+ require 'spec_helper'
3
+
4
+ describe Puppet::Type.type(:package).provider(:appdmg) do
5
+ let(:resource) { Puppet::Type.type(:package).new(:name => 'foo', :provider => :appdmg) }
6
+ let(:provider) { described_class.new(resource) }
7
+
8
+ describe "when installing an appdmg" do
9
+ let(:fake_mountpoint) { "/tmp/dmg.foo" }
10
+ let(:empty_hdiutil_plist) { Plist::Emit.dump({}) }
11
+ let(:fake_hdiutil_plist) { Plist::Emit.dump({"system-entities" => [{"mount-point" => fake_mountpoint}]}) }
12
+
13
+ before do
14
+ fh = mock 'filehandle'
15
+ fh.stubs(:path).yields "/tmp/foo"
16
+ resource[:source] = "foo.dmg"
17
+ described_class.stubs(:open).yields fh
18
+ Dir.stubs(:mktmpdir).returns "/tmp/testtmp123"
19
+ FileUtils.stubs(:remove_entry_secure)
20
+ end
21
+
22
+ describe "from a remote source" do
23
+ let(:tmpdir) { "/tmp/good123" }
24
+
25
+ before :each do
26
+ resource[:source] = "http://fake.puppetlabs.com/foo.dmg"
27
+ end
28
+
29
+ it "should call tmpdir and use the returned directory" do
30
+ Dir.expects(:mktmpdir).returns tmpdir
31
+ Dir.stubs(:entries).returns ["foo.app"]
32
+ described_class.expects(:curl).with do |*args|
33
+ args[0] == "-o" and args[1].include? tmpdir
34
+ end
35
+ described_class.stubs(:hdiutil).returns fake_hdiutil_plist
36
+ described_class.expects(:installapp)
37
+
38
+ provider.install
39
+ end
40
+ end
41
+ end
42
+ end
@@ -2,83 +2,89 @@
2
2
 
3
3
  Dir.chdir(File.dirname(__FILE__)) { (s = lambda { |f| File.exist?(f) ? require(f) : Dir.chdir("..") { s.call(f) } }).call("spec/spec_helper.rb") }
4
4
 
5
- provider = Puppet::Type.type(:package).provider(:pkgdmg)
5
+ describe Puppet::Type.type(:package).provider(:pkgdmg) do
6
+ let(:resource) { Puppet::Type.type(:package).new(:name => 'foo', :provider => :pkgdmg) }
7
+ let(:provider) { described_class.new(resource) }
6
8
 
7
- describe provider do
8
- before do
9
- @resource = stub 'resource', :[] => "dummypkgdmg"
10
- @provider = provider.new(@resource)
11
-
12
- @fakemountpoint = "/tmp/dmg.foo"
13
- @fakepkgfile = "/tmp/test.pkg"
14
- @fakehdiutilinfo = {"system-entities" => [{"mount-point" => @fakemountpoint}] }
15
- @fakehdiutilplist = Plist::Emit.dump(@fakehdiutilinfo)
16
-
17
- @hdiutilmountargs = ["mount", "-plist", "-nobrowse", "-readonly",
18
- "-noidme", "-mountrandom", "/tmp"]
19
- end
20
-
21
- it "should not be versionable" do
22
- provider.versionable?.should be_false
23
- end
24
-
25
- it "should not be uninstallable" do
26
- provider.uninstallable?.should be_false
27
- end
9
+ it { should_not be_versionable }
10
+ it { should_not be_uninstallable }
28
11
 
29
12
  describe "when installing it should fail when" do
30
- it "no source is specified" do
31
- @resource.stubs(:[]).with(:source).returns nil
32
- lambda { @provider.install }.should raise_error(Puppet::Error)
13
+ before :each do
14
+ Puppet::Util.expects(:execute).never
33
15
  end
34
16
 
35
- it "no name is specified" do
36
- @resource.stubs(:[]).with(:name).returns nil
37
- lambda { @provider.install }.should raise_error(Puppet::Error)
17
+ it "no source is specified" do
18
+ expect { provider.install }.should raise_error(Puppet::Error, /must specify a package source/)
38
19
  end
39
20
 
40
21
  it "the source does not end in .dmg or .pkg" do
41
- @resource.stubs(:[]).with(:source).returns "notendingindotdmgorpkg"
42
- lambda { @provider.install }.should raise_error(Puppet::Error)
43
- end
44
-
45
- it "a disk image with no system entities is mounted" do
46
- @provider.stubs(:[]).with(:hdiutil).returns ""
47
- lambda { @provider.install }.should raise_error(Puppet::Error)
22
+ resource[:source] = "bar"
23
+ expect { provider.install }.should raise_error(Puppet::Error, /must specify a source string ending in .*dmg.*pkg/)
48
24
  end
49
25
  end
50
26
 
51
27
  # These tests shouldn't be this messy. The pkgdmg provider needs work...
52
28
  describe "when installing a pkgdmg" do
29
+ let(:fake_mountpoint) { "/tmp/dmg.foo" }
30
+ let(:empty_hdiutil_plist) { Plist::Emit.dump({}) }
31
+ let(:fake_hdiutil_plist) { Plist::Emit.dump({"system-entities" => [{"mount-point" => fake_mountpoint}]}) }
32
+
53
33
  before do
54
34
  fh = mock 'filehandle'
55
35
  fh.stubs(:path).yields "/tmp/foo"
56
- @resource.stubs(:[]).with(:source).returns "foo.dmg"
36
+ resource[:source] = "foo.dmg"
57
37
  File.stubs(:open).yields fh
38
+ Dir.stubs(:mktmpdir).returns "/tmp/testtmp123"
39
+ FileUtils.stubs(:remove_entry_secure)
40
+ end
41
+
42
+ it "should fail when a disk image with no system entities is mounted" do
43
+ described_class.stubs(:hdiutil).returns(empty_hdiutil_plist)
44
+ expect { provider.install }.should raise_error(Puppet::Error, /No disk entities/)
58
45
  end
59
46
 
60
47
  it "should call hdiutil to mount and eject the disk image" do
61
48
  Dir.stubs(:entries).returns []
62
- @provider.class.expects(:hdiutil).with("eject", @fakemountpoint).returns 0
63
- @provider.class.expects(:hdiutil).with("mount", "-plist", "-nobrowse", "-readonly", "-noidme", "-mountrandom", "/tmp", nil).returns @fakehdiutilplist
64
- @provider.install
49
+ provider.class.expects(:hdiutil).with("eject", fake_mountpoint).returns 0
50
+ provider.class.expects(:hdiutil).with("mount", "-plist", "-nobrowse", "-readonly", "-noidme", "-mountrandom", "/tmp", nil).returns fake_hdiutil_plist
51
+ provider.install
65
52
  end
66
53
 
67
54
  it "should call installpkg if a pkg/mpkg is found on the dmg" do
68
55
  Dir.stubs(:entries).returns ["foo.pkg"]
69
- @provider.class.stubs(:hdiutil).returns @fakehdiutilplist
70
- @provider.class.expects(:installpkg).with("#{@fakemountpoint}/foo.pkg", @resource[:name], "foo.dmg").returns ""
71
- @provider.install
56
+ provider.class.stubs(:hdiutil).returns fake_hdiutil_plist
57
+ provider.class.expects(:installpkg).with("#{fake_mountpoint}/foo.pkg", resource[:name], "foo.dmg").returns ""
58
+ provider.install
59
+ end
60
+
61
+ describe "from a remote source" do
62
+ let(:tmpdir) { "/tmp/good123" }
63
+
64
+ before :each do
65
+ resource[:source] = "http://fake.puppetlabs.com/foo.dmg"
66
+ end
67
+
68
+ it "should call tmpdir and use the returned directory" do
69
+ Dir.expects(:mktmpdir).returns tmpdir
70
+ Dir.stubs(:entries).returns ["foo.pkg"]
71
+ described_class.expects(:curl).with do |*args|
72
+ args[0] == "-o" and args[1].include? tmpdir
73
+ end
74
+ described_class.stubs(:hdiutil).returns fake_hdiutil_plist
75
+ described_class.expects(:installpkg)
76
+
77
+ provider.install
78
+ end
72
79
  end
73
80
  end
74
81
 
75
82
  describe "when installing flat pkg file" do
76
83
  it "should call installpkg if a flat pkg file is found instead of a .dmg image" do
77
- @resource.stubs(:[]).with(:source).returns "/tmp/test.pkg"
78
- @resource.stubs(:[]).with(:name).returns "testpkg"
79
- @provider.class.expects(:installpkgdmg).with("#{@fakepkgfile}", "testpkg").returns ""
80
- @provider.install
81
- end
84
+ resource[:source] = "/tmp/test.pkg"
85
+ resource[:name] = "testpkg"
86
+ provider.class.expects(:installpkgdmg).with("/tmp/test.pkg", "testpkg").returns ""
87
+ provider.install
88
+ end
82
89
  end
83
-
84
90
  end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: puppet
3
3
  version: !ruby/object:Gem::Version
4
- hash: 11
4
+ hash: 9
5
5
  prerelease:
6
6
  segments:
7
7
  - 2
8
8
  - 6
9
- - 14
10
- version: 2.6.14
9
+ - 15
10
+ version: 2.6.15
11
11
  platform: ruby
12
12
  authors:
13
13
  - Puppet Labs
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2012-02-22 00:00:00 Z
18
+ date: 2012-04-10 00:00:00 Z
19
19
  dependencies:
20
20
  - !ruby/object:Gem::Dependency
21
21
  name: facter
@@ -1210,6 +1210,7 @@ files:
1210
1210
  - spec/unit/provider/naginator_spec.rb
1211
1211
  - spec/unit/provider/nameservice/directoryservice_spec.rb
1212
1212
  - spec/unit/provider/package/aix_spec.rb
1213
+ - spec/unit/provider/package/appdmg_spec.rb
1213
1214
  - spec/unit/provider/package/apt_spec.rb
1214
1215
  - spec/unit/provider/package/dpkg_spec.rb
1215
1216
  - spec/unit/provider/package/freebsd_spec.rb