puppet 6.16.0-x86-mingw32 → 6.17.0-x86-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (138) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +4 -2
  3. data/Gemfile.lock +10 -10
  4. data/README.md +2 -2
  5. data/lib/puppet/agent.rb +2 -2
  6. data/lib/puppet/application/agent.rb +14 -3
  7. data/lib/puppet/configurer.rb +20 -12
  8. data/lib/puppet/confine.rb +1 -1
  9. data/lib/puppet/defaults.rb +25 -8
  10. data/lib/puppet/file_serving/http_metadata.rb +13 -1
  11. data/lib/puppet/file_serving/metadata.rb +4 -1
  12. data/lib/puppet/file_serving/terminus_selector.rb +7 -8
  13. data/lib/puppet/file_system/file_impl.rb +1 -1
  14. data/lib/puppet/file_system/uniquefile.rb +8 -16
  15. data/lib/puppet/forge.rb +1 -1
  16. data/lib/puppet/forge/cache.rb +1 -1
  17. data/lib/puppet/forge/repository.rb +3 -7
  18. data/lib/puppet/http/client.rb +5 -0
  19. data/lib/puppet/http/redirector.rb +9 -7
  20. data/lib/puppet/http/response.rb +19 -0
  21. data/lib/puppet/indirector.rb +1 -1
  22. data/lib/puppet/indirector/file_content/rest.rb +1 -1
  23. data/lib/puppet/indirector/file_metadata/http.rb +24 -5
  24. data/lib/puppet/indirector/file_metadata/rest.rb +2 -2
  25. data/lib/puppet/indirector/request.rb +1 -1
  26. data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
  27. data/lib/puppet/network/http/api/master/v3/environment.rb +3 -0
  28. data/lib/puppet/network/http/connection_adapter.rb +6 -4
  29. data/lib/puppet/parser/ast/leaf.rb +5 -5
  30. data/lib/puppet/parser/ast/pops_bridge.rb +0 -4
  31. data/lib/puppet/parser/compiler.rb +1 -1
  32. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +2 -0
  33. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +2 -0
  34. data/lib/puppet/parser/environment_compiler.rb +4 -1
  35. data/lib/puppet/parser/resource.rb +3 -2
  36. data/lib/puppet/parser/resource/param.rb +6 -0
  37. data/lib/puppet/pops/evaluator/evaluator_impl.rb +5 -5
  38. data/lib/puppet/pops/issues.rb +5 -0
  39. data/lib/puppet/pops/resource/resource_type_impl.rb +2 -0
  40. data/lib/puppet/pops/validation/checker4_0.rb +10 -0
  41. data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -0
  42. data/lib/puppet/provider/package/aptitude.rb +1 -1
  43. data/lib/puppet/provider/package/yum.rb +1 -1
  44. data/lib/puppet/provider/service/windows.rb +23 -7
  45. data/lib/puppet/provider/user/useradd.rb +11 -4
  46. data/lib/puppet/reports/http.rb +2 -0
  47. data/lib/puppet/resource.rb +2 -1
  48. data/lib/puppet/resource/type.rb +8 -0
  49. data/lib/puppet/ssl/ssl_context.rb +2 -2
  50. data/lib/puppet/ssl/ssl_provider.rb +20 -1
  51. data/lib/puppet/test/test_helper.rb +8 -10
  52. data/lib/puppet/trusted_external.rb +29 -1
  53. data/lib/puppet/type.rb +12 -5
  54. data/lib/puppet/type/file.rb +38 -13
  55. data/lib/puppet/type/file/checksum.rb +4 -4
  56. data/lib/puppet/type/file/source.rb +4 -4
  57. data/lib/puppet/type/service.rb +49 -0
  58. data/lib/puppet/util.rb +39 -15
  59. data/lib/puppet/util/checksums.rb +19 -4
  60. data/lib/puppet/util/fileparsing.rb +2 -2
  61. data/lib/puppet/util/provider_features.rb +1 -1
  62. data/lib/puppet/util/reference.rb +1 -1
  63. data/lib/puppet/util/windows/api_types.rb +45 -32
  64. data/lib/puppet/util/windows/eventlog.rb +1 -6
  65. data/lib/puppet/util/windows/principal.rb +8 -6
  66. data/lib/puppet/util/windows/registry.rb +11 -11
  67. data/lib/puppet/util/windows/service.rb +43 -26
  68. data/lib/puppet/util/windows/user.rb +23 -8
  69. data/lib/puppet/version.rb +1 -1
  70. data/locales/puppet.pot +249 -221
  71. data/man/man5/puppet.conf.5 +19 -8
  72. data/man/man8/puppet-agent.8 +2 -2
  73. data/man/man8/puppet-apply.8 +1 -1
  74. data/man/man8/puppet-catalog.8 +1 -1
  75. data/man/man8/puppet-config.8 +1 -1
  76. data/man/man8/puppet-describe.8 +1 -1
  77. data/man/man8/puppet-device.8 +1 -1
  78. data/man/man8/puppet-doc.8 +1 -1
  79. data/man/man8/puppet-epp.8 +1 -1
  80. data/man/man8/puppet-facts.8 +1 -1
  81. data/man/man8/puppet-filebucket.8 +1 -1
  82. data/man/man8/puppet-generate.8 +1 -1
  83. data/man/man8/puppet-help.8 +1 -1
  84. data/man/man8/puppet-key.8 +1 -1
  85. data/man/man8/puppet-lookup.8 +1 -1
  86. data/man/man8/puppet-man.8 +1 -1
  87. data/man/man8/puppet-module.8 +1 -1
  88. data/man/man8/puppet-node.8 +1 -1
  89. data/man/man8/puppet-parser.8 +1 -1
  90. data/man/man8/puppet-plugin.8 +1 -1
  91. data/man/man8/puppet-report.8 +1 -1
  92. data/man/man8/puppet-resource.8 +1 -1
  93. data/man/man8/puppet-script.8 +1 -1
  94. data/man/man8/puppet-ssl.8 +1 -1
  95. data/man/man8/puppet-status.8 +1 -1
  96. data/man/man8/puppet.8 +2 -2
  97. data/spec/integration/application/agent_spec.rb +89 -0
  98. data/spec/integration/defaults_spec.rb +1 -2
  99. data/spec/integration/network/http_pool_spec.rb +26 -9
  100. data/spec/integration/parser/compiler_spec.rb +11 -0
  101. data/spec/integration/type/file_spec.rb +1 -1
  102. data/spec/integration/util/windows/registry_spec.rb +7 -7
  103. data/spec/integration/util/windows/user_spec.rb +40 -5
  104. data/spec/unit/configurer/fact_handler_spec.rb +4 -4
  105. data/spec/unit/context/trusted_information_spec.rb +10 -4
  106. data/spec/unit/file_serving/http_metadata_spec.rb +37 -14
  107. data/spec/unit/file_serving/terminus_selector_spec.rb +45 -26
  108. data/spec/unit/http/client_spec.rb +64 -8
  109. data/spec/unit/http/response_spec.rb +6 -0
  110. data/spec/unit/indirector/file_metadata/http_spec.rb +27 -0
  111. data/spec/unit/indirector/request_spec.rb +1 -1
  112. data/spec/unit/interface_spec.rb +3 -3
  113. data/spec/unit/network/http/api/indirected_routes_spec.rb +2 -1
  114. data/spec/unit/network/http/connection_spec.rb +42 -32
  115. data/spec/unit/parser/ast/block_expression_spec.rb +1 -1
  116. data/spec/unit/parser/environment_compiler_spec.rb +7 -0
  117. data/spec/unit/parser/scope_spec.rb +1 -1
  118. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +15 -1
  119. data/spec/unit/pops/loaders/loaders_spec.rb +1 -1
  120. data/spec/unit/pops/types/type_calculator_spec.rb +1 -11
  121. data/spec/unit/provider/service/windows_spec.rb +22 -14
  122. data/spec/unit/provider/user/openbsd_spec.rb +1 -0
  123. data/spec/unit/provider/user/useradd_spec.rb +22 -16
  124. data/spec/unit/resource_spec.rb +3 -3
  125. data/spec/unit/ssl/ssl_provider_spec.rb +69 -43
  126. data/spec/unit/test/test_helper_spec.rb +17 -0
  127. data/spec/unit/transaction/report_spec.rb +1 -1
  128. data/spec/unit/type/file/source_spec.rb +3 -3
  129. data/spec/unit/type/file_spec.rb +122 -96
  130. data/spec/unit/type/service_spec.rb +176 -0
  131. data/spec/unit/type_spec.rb +50 -0
  132. data/spec/unit/util/checksums_spec.rb +16 -0
  133. data/spec/unit/util/windows/api_types_spec.rb +104 -40
  134. data/spec/unit/util/windows/service_spec.rb +4 -4
  135. data/spec/unit/util_spec.rb +3 -3
  136. data/spec/unit/x509/cert_provider_spec.rb +1 -1
  137. metadata +5 -5
  138. data/spec/integration/test/test_helper_spec.rb +0 -31
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9738b35d5b422e210465c45a157cfa8a816ef02b2b8a85bd1bfbb9ae4cccde56
4
- data.tar.gz: 85b741c94991dc6ad88367c6d7f1011912d240e6b939217743a73b896e027e8a
3
+ metadata.gz: d52d1db06ce8c50d4493f92c8dc7dda5c666845346cf85841f775df462b08ee5
4
+ data.tar.gz: d19ccd894f7d02f7f2cdb6c36eb704c5a86546fdac9fefb153547c17bf65559e
5
5
  SHA512:
6
- metadata.gz: 682fae77937e8b507bc9862d468f75aa26733544b9060a7d1347e06b33af5e70b2e5c6a3d671977616600e78f4d25325059b364f09cb19b2efa130762b56874f
7
- data.tar.gz: 48ede8eb9380c2e52db28a69c72b8e574fc015cc673f2876316f6f201de3ad87912b66227fc94196ef1f520198ebd997b3b662f3ebee4a62fc4932c31eb6fa96
6
+ metadata.gz: 26e357432e8a69d54ed62c9a297f235bf0c847a3beaf37a79775a0a63a939db20be1decd6263f12e668c2bda549de73735bdea73cee91761a9828d7c80443ba4
7
+ data.tar.gz: 73ea6b179fff8355ab3e161288516cb7a58c28801d70cb335c45d2b53ef94d0440e5896deb2b3e80b0cda0e829ab4b655d51ea0032b132f9c217cb06d4b05091
data/Gemfile CHANGED
@@ -3,9 +3,9 @@ source ENV['GEM_SOURCE'] || "https://rubygems.org"
3
3
  gemspec
4
4
 
5
5
  def location_for(place, fake_version = nil)
6
- if place =~ /^(git[:@][^#]*)#(.*)/
6
+ if place.is_a?(String) && place =~ /^(git[:@][^#]*)#(.*)/
7
7
  [fake_version, { git: $1, branch: $2, require: false }].compact
8
- elsif place =~ /^file:\/\/(.*)/
8
+ elsif place.is_a?(String) && place =~ /^file:\/\/(.*)/
9
9
  ['>= 0', { path: File.expand_path($1), require: false }]
10
10
  else
11
11
  [place, { require: false }]
@@ -19,6 +19,8 @@ gem "hiera", *location_for(ENV['HIERA_LOCATION']) if ENV.has_key?('HIERA_LOCATIO
19
19
  gem "semantic_puppet", *location_for(ENV['SEMANTIC_PUPPET_LOCATION'] || ["~> 1.0"])
20
20
  gem "puppet-resource_api", *location_for(ENV['RESOURCE_API_LOCATION'] || ["~> 1.5"])
21
21
 
22
+ gem "scanf" if RUBY_VERSION.to_f >= 2.7
23
+
22
24
  group(:features) do
23
25
  gem 'diff-lcs', '~> 1.3', require: false
24
26
  gem 'hiera-eyaml', *location_for(ENV['HIERA_EYAML_LOCATION'])
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- puppet (6.16.0)
4
+ puppet (6.17.0)
5
5
  CFPropertyList (~> 2.2)
6
6
  concurrent-ruby (~> 1.0)
7
7
  deep_merge (~> 1.0)
@@ -20,16 +20,16 @@ GEM
20
20
  addressable (2.7.0)
21
21
  public_suffix (>= 2.0.2, < 5.0)
22
22
  artifactory (2.8.2)
23
- ast (2.4.0)
24
- coderay (1.1.2)
23
+ ast (2.4.1)
24
+ coderay (1.1.3)
25
25
  concurrent-ruby (1.1.6)
26
26
  crack (0.4.3)
27
27
  safe_yaml (~> 1.0.0)
28
28
  csv (3.1.5)
29
29
  deep_merge (1.2.1)
30
- diff-lcs (1.3)
30
+ diff-lcs (1.4.4)
31
31
  docopt (0.6.1)
32
- facter (4.0.25)
32
+ facter (4.0.29)
33
33
  hocon (~> 1.3)
34
34
  thor (>= 1.0.1, < 2.0)
35
35
  fast_gettext (1.1.2)
@@ -56,16 +56,16 @@ GEM
56
56
  method_source (1.0.0)
57
57
  minitar (0.9)
58
58
  msgpack (1.3.3)
59
- multi_json (1.14.1)
59
+ multi_json (1.15.0)
60
60
  mustache (1.1.1)
61
61
  optimist (3.0.1)
62
- packaging (0.99.61)
62
+ packaging (0.99.66)
63
63
  artifactory (~> 2)
64
64
  rake (>= 12.3)
65
65
  release-metrics
66
- parallel (1.19.1)
67
- parser (2.7.1.3)
68
- ast (~> 2.4.0)
66
+ parallel (1.19.2)
67
+ parser (2.7.1.4)
68
+ ast (~> 2.4.1)
69
69
  powerpack (0.1.2)
70
70
  pry (0.13.1)
71
71
  coderay (~> 1.1)
data/README.md CHANGED
@@ -25,10 +25,10 @@ which also includes orchestration features, a web console, and professional supp
25
25
  The PE documentation is [available here.](https://puppet.com/docs/pe/latest)
26
26
 
27
27
  To install an open source release of Puppet,
28
- [see the installation guide on the docs site.](https://puppet.com/docs/puppet/5.5/install_pre.html)
28
+ [see the installation guide on the docs site.](https://puppet.com/docs/puppet/latest/installing_and_upgrading.html)
29
29
 
30
30
  If you need to run Puppet from source as a tester or developer,
31
- see the [Running Puppet from Source](https://docs.puppet.com/puppet/3.8/from_source.html) guide on the docs site.
31
+ see the [Quick Start to Developing on Puppet](docs/quickstart.md) guide.
32
32
 
33
33
  ## Developing and Contributing
34
34
 
@@ -64,10 +64,10 @@ class Puppet::Agent
64
64
  now = Time.now.to_i
65
65
  wait_for_lock_deadline ||= now + Puppet[:maxwaitforlock]
66
66
 
67
- if Puppet[:waitforlock] < 1
67
+ if Puppet[:waitforlock] < 1
68
68
  Puppet.notice _("Run of %{client_class} already in progress; skipping (%{lockfile_path} exists)") % { client_class: client_class, lockfile_path: lockfile_path }
69
69
  nil
70
- elsif now > wait_for_lock_deadline
70
+ elsif now >= wait_for_lock_deadline
71
71
  Puppet.notice _("Exiting now because the maxwaitforlock timeout has been exceeded.")
72
72
  nil
73
73
  else
@@ -258,7 +258,9 @@ generated by running puppet agent with '--genconfig'.
258
258
 
259
259
  * --job-id:
260
260
  Attach the specified job id to the catalog request and the report used for
261
- this agent run. This option only works when '--onetime' is used.
261
+ this agent run. This option only works when '--onetime' is used. When using
262
+ Puppet Enterprise this flag should not be used as the orchestrator sets the
263
+ job-id for you and it must be unique.
262
264
 
263
265
  * --logdest:
264
266
  Where to send log messages. Choose between 'syslog' (the POSIX syslog
@@ -363,8 +365,17 @@ Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
363
365
  daemon.set_signal_traps
364
366
 
365
367
  log_config if Puppet[:daemonize]
366
-
367
- Puppet.override(ssl_context: wait_for_certificates) do
368
+
369
+ # run ssl state machine, waiting if needed
370
+ ssl_context = wait_for_certificates
371
+
372
+ # Each application is responsible for pushing loaders onto the context.
373
+ # Use the current environment that has already been established, though
374
+ # it may change later during the configurer run.
375
+ env = Puppet.lookup(:current_environment)
376
+ Puppet.override(ssl_context: ssl_context,
377
+ current_environment: env,
378
+ loaders: Puppet::Pops::Loaders.new(env, true)) do
368
379
  if Puppet[:onetime]
369
380
  onetime(daemon)
370
381
  else
@@ -303,6 +303,15 @@ class Puppet::Configurer
303
303
  report.environment = @environment
304
304
  query_options = nil
305
305
  facts = nil
306
+
307
+ new_env = Puppet::Node::Environment.remote(@environment)
308
+ Puppet.push_context(
309
+ {
310
+ current_environment: new_env,
311
+ loaders: Puppet::Pops::Loaders.new(new_env, true)
312
+ },
313
+ "Local node environment #{@environment} for configurer transaction"
314
+ )
306
315
  else
307
316
  Puppet.info _("Using configured environment '%{env}'") % { env: @environment }
308
317
  end
@@ -313,19 +322,18 @@ class Puppet::Configurer
313
322
  end
314
323
  end
315
324
 
316
- current_environment = Puppet.lookup(:current_environment)
317
- if current_environment.name == @environment.intern
318
- local_node_environment = current_environment
319
- else
320
- local_node_environment = Puppet::Node::Environment.create(@environment,
321
- current_environment.modulepath,
322
- current_environment.manifest,
323
- current_environment.config_version)
325
+ # This is to maintain compatibility with anyone using this class
326
+ # aside from agent, apply, device.
327
+ unless Puppet.lookup(:loaders) { nil }
328
+ new_env = Puppet::Node::Environment.remote(@environment)
329
+ Puppet.push_context(
330
+ {
331
+ current_environment: new_env,
332
+ loaders: Puppet::Pops::Loaders.new(new_env, true)
333
+ },
334
+ "Local node environment #{@environment} for configurer transaction"
335
+ )
324
336
  end
325
- Puppet.push_context({
326
- :current_environment => local_node_environment,
327
- :loaders => Puppet::Pops::Loaders.new(local_node_environment, true)
328
- }, "Local node environment for configurer transaction")
329
337
 
330
338
  query_options, facts = get_facts(options) unless query_options
331
339
  query_options[:configured_environment] = configured_environment
@@ -26,7 +26,7 @@ class Puppet::Confine
26
26
  require "puppet/confine/#{name}"
27
27
  rescue LoadError => detail
28
28
  unless detail.to_s =~ /No such file|cannot load such file/i
29
- warn "Could not load confine test '#{name}': #{detail}"
29
+ Puppet.warning("Could not load confine test '#{name}': #{detail}")
30
30
  end
31
31
  # Could not find file
32
32
  if !Puppet[:always_retry_plugins]
@@ -347,8 +347,7 @@ module Puppet
347
347
  :default => "ansi",
348
348
  :type => :string,
349
349
  :desc => "Whether to use colors when logging to the console. Valid values are
350
- `ansi` (equivalent to `true`), `html`, and `false`, which produces no color.
351
- Defaults to false on Windows, as its console does not support ansi colors.",
350
+ `ansi` (equivalent to `true`), `html`, and `false`, which produces no color."
352
351
  },
353
352
  :mkusers => {
354
353
  :default => false,
@@ -590,13 +589,22 @@ module Puppet
590
589
  },
591
590
  :trusted_external_command => {
592
591
  :default => nil,
593
- :desc => "The external trusted facts script to use.
592
+ :type => :file_or_directory,
593
+ :desc => "The external trusted facts script or directory to use.
594
594
  This setting's value can be set to the path to an executable command that
595
- can produce external trusted facts. The command must:
595
+ can produce external trusted facts or to a directory containing those
596
+ executable commands. The command(s) must:
596
597
 
597
598
  * Take the name of a node as a command-line argument.
598
599
  * Return a JSON hash with the external trusted facts for this node.
599
- * For unknown or invalid nodes, exit with a non-zero exit code.",
600
+ * For unknown or invalid nodes, exit with a non-zero exit code.
601
+
602
+ If the setting points to an executable command, then the external trusted
603
+ facts will be stored in the 'external' key of the trusted facts hash. Otherwise
604
+ for each executable file in the directory, the external trusted facts will be
605
+ stored in the `<basename>` key of the `trusted['external']` hash. For example,
606
+ if the files foo.rb and bar.sh are in the directory, then `trusted['external']`
607
+ will be the hash `{ 'foo' => <foo.rb output>, 'bar' => <bar.sh output> }`.",
600
608
  },
601
609
  :default_file_terminus => {
602
610
  :type => :terminus,
@@ -992,6 +1000,15 @@ EOT
992
1000
  and reject the CA certificate if the values do not match. This only applies
993
1001
  during the first download of the CA certificate."
994
1002
  },
1003
+ :ssl_trust_store => {
1004
+ :default => nil,
1005
+ :type => :file,
1006
+ :desc => "A file containing CA certificates in PEM format that puppet should trust
1007
+ when making HTTPS requests. This **only** applies to https requests to non-puppet
1008
+ infrastructure, such as retrieving file metadata and content from https file sources,
1009
+ puppet module tool and the 'http' report processor. This setting is ignored when
1010
+ making requests to puppet:// URLs such as catalog and report requests.",
1011
+ },
995
1012
  :ssl_client_ca_auth => {
996
1013
  :type => :file,
997
1014
  :mode => "0644",
@@ -1536,7 +1553,7 @@ EOT
1536
1553
  :statefile => {
1537
1554
  :default => "$statedir/state.yaml",
1538
1555
  :type => :file,
1539
- :mode => "0660",
1556
+ :mode => "0640",
1540
1557
  :desc => "Where puppet agent and puppet master store state associated
1541
1558
  with the running configuration. In the case of puppet master,
1542
1559
  this file reflects the state discovered through interacting
@@ -1558,7 +1575,7 @@ EOT
1558
1575
  :transactionstorefile => {
1559
1576
  :default => "$statedir/transactionstore.yaml",
1560
1577
  :type => :file,
1561
- :mode => "0660",
1578
+ :mode => "0640",
1562
1579
  :desc => "Transactional storage file for persisting data between
1563
1580
  transactions for the purposes of infering information (such as
1564
1581
  corrective_change) on new data received."
@@ -1890,7 +1907,7 @@ EOT
1890
1907
  already ongoing puppet agent instance.
1891
1908
 
1892
1909
  This argument is by default disabled (value set to 0). In this case puppet agent will
1893
- immediatly exit if it cannot run at that moment. When a value other than 0 is set, this
1910
+ immediately exit if it cannot run at that moment. When a value other than 0 is set, this
1894
1911
  can also be used in combination with the `maxwaitforlock` argument.
1895
1912
  #{AS_DURATION}",
1896
1913
  },
@@ -15,6 +15,7 @@ class Puppet::FileServing::HttpMetadata < Puppet::FileServing::Metadata
15
15
  # use a default mtime in case there is no usable HTTP header
16
16
  @checksums[:mtime] = "{mtime}#{Time.now}"
17
17
 
18
+ # RFC-1864, deprecated in HTTP/1.1 due to partial responses
18
19
  checksum = http_response['content-md5']
19
20
  if checksum
20
21
  # convert base64 digest to hex
@@ -22,6 +23,17 @@ class Puppet::FileServing::HttpMetadata < Puppet::FileServing::Metadata
22
23
  @checksums[:md5] = "{md5}#{checksum}"
23
24
  end
24
25
 
26
+ {
27
+ md5: 'X-Checksum-Md5',
28
+ sha1: 'X-Checksum-Sha1',
29
+ sha256: 'X-Checksum-Sha256'
30
+ }.each_pair do |checksum_type, header|
31
+ checksum = http_response[header]
32
+ if checksum
33
+ @checksums[checksum_type] = "{#{checksum_type}}#{checksum}"
34
+ end
35
+ end
36
+
25
37
  last_modified = http_response['last-modified']
26
38
  if last_modified
27
39
  mtime = DateTime.httpdate(last_modified).to_time
@@ -39,7 +51,7 @@ class Puppet::FileServing::HttpMetadata < Puppet::FileServing::Metadata
39
51
  def collect
40
52
  # Prefer the checksum_type from the indirector request options
41
53
  # but fall back to the alternative otherwise
42
- [ @checksum_type, :md5, :sha256, :sha384, :sha512, :sha224, :mtime ].each do |type|
54
+ [ @checksum_type, :md5, :sha256, :sha1, :mtime ].each do |type|
43
55
  @checksum_type = type
44
56
  @checksum = @checksums[type]
45
57
  break if @checksum
@@ -138,7 +138,10 @@ class Puppet::FileServing::Metadata < Puppet::FileServing::Base
138
138
  @source = data.delete('source')
139
139
  @content_uri = data.delete('content_uri')
140
140
 
141
- super(path, data.map { |k, v| [k.to_sym, v] }.to_h)
141
+ links = data.fetch('links', nil) || data.fetch(:links, nil)
142
+ relative_path = data.fetch('relative_path', nil) || data.fetch(:relative_path, nil)
143
+ source = @source || data.fetch(:source, nil)
144
+ super(path, links: links, relative_path: relative_path, source: source)
142
145
  end
143
146
 
144
147
  def to_data_hash
@@ -7,11 +7,6 @@ module Puppet::FileServing::TerminusSelector
7
7
  def select(request)
8
8
  # We rely on the request's parsing of the URI.
9
9
 
10
- # Short-circuit to :file if it's a fully-qualified path or specifies a 'file' protocol.
11
- if Puppet::Util.absolute_path?(request.key)
12
- return :file
13
- end
14
-
15
10
  case request.protocol
16
11
  when "file"
17
12
  :file
@@ -21,10 +16,14 @@ module Puppet::FileServing::TerminusSelector
21
16
  else
22
17
  Puppet[:default_file_terminus]
23
18
  end
24
- when "http","https"
25
- :http
19
+ when "http","https"
20
+ :http
26
21
  when nil
27
- :file_server
22
+ if Puppet::Util.absolute_path?(request.key)
23
+ :file
24
+ else
25
+ :file_server
26
+ end
28
27
  else
29
28
  raise ArgumentError, _("URI protocol '%{protocol}' is not currently supported for file serving") % { protocol: request.protocol }
30
29
  end
@@ -124,7 +124,7 @@ class Puppet::FileSystem::FileImpl
124
124
  end
125
125
 
126
126
  def symlink(path, dest, options = {})
127
- FileUtils.symlink(path, dest, options)
127
+ FileUtils.symlink(path, dest, **options)
128
128
  end
129
129
 
130
130
  def symlink?(path)
@@ -124,11 +124,7 @@ class Puppet::FileSystem::Uniquefile < DelegateClass(File)
124
124
  opts = []
125
125
  end
126
126
  tmpdir, = *rest
127
- if $SAFE > 0 and tmpdir.tainted?
128
- tmpdir = '/tmp'
129
- else
130
- tmpdir ||= tmpdir()
131
- end
127
+ tmpdir ||= tmpdir()
132
128
  n = nil
133
129
  begin
134
130
  path = File.expand_path(make_tmpname(basename, n), tmpdir)
@@ -154,18 +150,14 @@ class Puppet::FileSystem::Uniquefile < DelegateClass(File)
154
150
 
155
151
  def tmpdir
156
152
  tmp = '.'
157
- if $SAFE > 0
158
- @@systmpdir
159
- else
160
- for dir in [ Puppet::Util.get_env('TMPDIR'), Puppet::Util.get_env('TMP'), Puppet::Util.get_env('TEMP'), @@systmpdir, '/tmp']
161
- stat = File.stat(dir) if dir
162
- if stat && stat.directory? && stat.writable?
163
- tmp = dir
164
- break
165
- end rescue nil
166
- end
167
- File.expand_path(tmp)
153
+ for dir in [ Puppet::Util.get_env('TMPDIR'), Puppet::Util.get_env('TMP'), Puppet::Util.get_env('TEMP'), @@systmpdir, '/tmp']
154
+ stat = File.stat(dir) if dir
155
+ if stat && stat.directory? && stat.writable?
156
+ tmp = dir
157
+ break
158
+ end rescue nil
168
159
  end
160
+ File.expand_path(tmp)
169
161
  end
170
162
 
171
163
 
@@ -254,6 +254,6 @@ class Puppet::Forge < SemanticPuppet::Dependency::Source
254
254
  def decode_uri(uri)
255
255
  return if uri.nil?
256
256
 
257
- URI.decode(uri.tr('+', ' '))
257
+ Puppet::Util.uri_unescape(uri.tr('+', ' '))
258
258
  end
259
259
  end
@@ -25,7 +25,7 @@ class Puppet::Forge
25
25
  unless cached_file.file?
26
26
  if uri.scheme == 'file'
27
27
  # CGI.unescape butchers Uris that are escaped properly
28
- FileUtils.cp(URI.unescape(uri.path), cached_file)
28
+ FileUtils.cp(Puppet::Util.uri_unescape(uri.path), cached_file)
29
29
  else
30
30
  # TODO: Handle HTTPS; probably should use repository.contact
31
31
  data = read_retrieve(uri)
@@ -37,19 +37,15 @@ class Puppet::Forge
37
37
  uri = URI(str)
38
38
 
39
39
  headers = { "User-Agent" => user_agent }
40
- basic_auth = nil
41
40
 
42
41
  if forge_authorization
42
+ uri.user = nil
43
+ uri.password = nil
43
44
  headers["Authorization"] = forge_authorization
44
- elsif @uri.user && @uri.password
45
- basic_auth = {
46
- user: @uri.user,
47
- password: @uri.password
48
- }
49
45
  end
50
46
 
51
47
  http = Puppet.runtime[:http]
52
- response = http.get(uri, headers: headers, options: {basic_auth: basic_auth, ssl_context: @ssl_context})
48
+ response = http.get(uri, headers: headers, options: {ssl_context: @ssl_context})
53
49
  io.write(response.body) if io.respond_to?(:write)
54
50
  response
55
51
  rescue Puppet::SSL::CertVerifyError => e
@@ -290,6 +290,11 @@ class Puppet::HTTP::Client
290
290
  redirector = Puppet::HTTP::Redirector.new(options.fetch(:redirect_limit, @default_redirect_limit))
291
291
 
292
292
  basic_auth = options.fetch(:basic_auth, nil)
293
+ unless basic_auth
294
+ if request.uri.user && request.uri.password
295
+ basic_auth = { user: request.uri.user, password: request.uri.password }
296
+ end
297
+ end
293
298
 
294
299
  redirects = 0
295
300
  retries = 0