fqdn_rotate: Don't use the value itself as part of the random seed

Previously, the random number generator was seeded with the array or
string to be rotated in addition to any values specifically provided for
seeding. This behavior is potentially insecure in that it allows an
attacker who can modify the source data to choose the post-shuffle
order.

diff --git a/lib/puppet/parser/functions/fqdn_rotate.rb b/lib/puppet/parser/functions/fqdn_rotate.rb
index d9741a02fee4fb877fc335e50296319b6fe20d90..e1a50e6e1c78493ea36bffafce2c30baf2d09138 100644 (file)
--- a/lib/puppet/parser/functions/fqdn_rotate.rb
+++ b/lib/puppet/parser/functions/fqdn_rotate.rb
@@ -11,7 +11,7 @@ Rotates an array a random number of times based on a nodes fqdn.
     raise(Puppet::ParseError, "fqdn_rotate(): Wrong number of arguments " +
       "given (#{arguments.size} for 1)") if arguments.size < 1
 
-    value = arguments[0]
+    value = arguments.shift
     require 'digest/md5'
 
     unless value.is_a?(Array) || value.is_a?(String)

diff --git a/spec/acceptance/fqdn_rotate_spec.rb b/spec/acceptance/fqdn_rotate_spec.rb
index 753068bfe91e3e0fa7c159492d649eb427b2d47d..366d0273ee1fa8c79d367833d55a5c3ce16f65c4 100755 (executable)
--- a/spec/acceptance/fqdn_rotate_spec.rb
+++ b/spec/acceptance/fqdn_rotate_spec.rb
@@ -36,7 +36,7 @@ describe 'fqdn_rotate function', :unless => UNSUPPORTED_PLATFORMS.include?(fact(
       EOS
 
       apply_manifest(pp, :catch_failures => true) do |r|
-        expect(r.stdout).to match(/fqdn_rotate is \["c", "d", "a", "b"\]/)
+        expect(r.stdout).to match(/fqdn_rotate is \["d", "a", "b", "c"\]/)
       end
     end
   end

diff --git a/spec/functions/fqdn_rotate_spec.rb b/spec/functions/fqdn_rotate_spec.rb
index fe54490ef6539b18e2b9665938ff129461b74f5d..6c76781e162adeb2b47b291fb8ca4c23bbbb7c8a 100755 (executable)
--- a/spec/functions/fqdn_rotate_spec.rb
+++ b/spec/functions/fqdn_rotate_spec.rb
@@ -5,10 +5,6 @@ describe 'fqdn_rotate' do
   it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) }
   it { is_expected.to run.with_params(0).and_raise_error(Puppet::ParseError, /Requires either array or string to work with/) }
   it { is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError, /Requires either array or string to work with/) }
-  it {
-    pending("Current implementation ignores parameters after the first.")
-    is_expected.to run.with_params("one", "two").and_raise_error(Puppet::ParseError)
-  }
   it { is_expected.to run.with_params('').and_return('') }
   it { is_expected.to run.with_params('a').and_return('a') }
 
@@ -38,7 +34,7 @@ describe 'fqdn_rotate' do
 
   it "should use the Puppet::Util.deterministic_rand function" do
     if Puppet::Util.respond_to?(:deterministic_rand)
-      Puppet::Util.expects(:deterministic_rand).with(113646079810780526294648115052177588845,4)
+      Puppet::Util.expects(:deterministic_rand).with(44489829212339698569024999901561968770,4)
       fqdn_rotate("asdf")
     else
       skip 'Puppet::Util#deterministic_rand not available'