Merge pull request #1018 from chef/chris-rock/winrm-v2

use winrm v2

Gemfile

@@ -29,7 +29,8 @@ group :integration do
   gem 'berkshelf', '~> 4.3'
   gem 'test-kitchen', '~> 1.6'
   gem 'kitchen-vagrant'
-  gem 'kitchen-inspec', '0.12.5'
+  # we need winrm v2 support >= 0.15.1
+  gem 'kitchen-inspec', '>= 0.15.1'
   gem 'kitchen-ec2'
   gem 'kitchen-dokken'
 end

inspec.gemspec

@@ -24,7 +24,7 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ['lib']
 
-  spec.add_dependency 'train', '>=0.16.0', '<1.0'
+  spec.add_dependency 'train', '>=0.19.0', '<1.0'
   spec.add_dependency 'thor', '~> 0.19'
   spec.add_dependency 'json', '>= 1.8', '< 3.0'
   spec.add_dependency 'rainbow', '~> 2'

lib/resources/powershell.rb

@@ -22,13 +22,9 @@ module Inspec::Resources
       unless inspec.os.windows?
         return skip_resource 'The `script` resource is not supported on your OS yet.'
       end
-
+      # since WinRM 2.0 and the default use of powershell for local execution in
-      # encodes a script as base64 to run as powershell encodedCommand
+      # train, we do not need to wrap the script here anymore
-      # this comes with performance issues: @see https://gist.github.com/fnichol/7b20596b950e65fb96f9
+      super(script)
-      require 'winrm'
-      script = WinRM::PowershellScript.new(script)
-      cmd = "powershell -encodedCommand #{script.encoded}"
-      super(cmd)
     end
 
     # we cannot determine if a command exists, because that does not work for scripts

lib/resources/vbscript.rb

@@ -2,6 +2,8 @@
 # author: Christoph Hartmann
 # author: Dominik Richter
 
+require 'securerandom'
+
 module Inspec::Resources
   # This resource allows users to run vbscript on windows machines. We decided
   # not to use scriptcontrol, due to the fact that it works on 32 bit systems only:
@@ -34,10 +36,11 @@ module Inspec::Resources
 
     def initialize(vbscript)
       return skip_resource 'The `vbscript` resource is not supported on your OS yet.' unless inspec.os.windows?
-
+      @seperator = SecureRandom.uuid
       cmd = <<-EOH
 $vbscript = @"
 #{vbscript}
+Wscript.Stdout.Write "#{@seperator}"
 "@
 $filename = [System.IO.Path]::GetTempFileName() + ".vbs"
 New-Item $filename -type file -force -value $vbscript | Out-Null
@@ -47,8 +50,21 @@ EOH
       super(cmd)
     end
 
+    def result
+      @result ||= parse_stdout
+    end
+
     def to_s
       'Windows VBScript'
     end
+
+    private
+
+    def parse_stdout
+      res = inspec.backend.run_command(@command)
+      parsed_result = res.stdout.gsub(/#{@seperator}\r\n$/, '')
+      res.stdout = parsed_result
+      res
+    end
   end
 end

test/helper.rb

@@ -146,9 +146,9 @@ class MockLoader
       'Remove-Item win_secpol.cfg' => cmd.call('success'),
       'env' => cmd.call('env'),
       '${Env:PATH}'  => cmd.call('$env-PATH'),
-      # registry key test (winrm 1.6.0, 1.6.1)
+      # registry key test using winrm 2.0
-      'dd429dd12596fa193ba4111469b4417ecbd78a1d7ba4317c334c9111644bae44' => cmd.call('reg_schedule'),
+      '2376c7b3d81de9382303356e1efdea99385effb84788562c3e697032d51bf942' => cmd.call('reg_schedule'),
-      'Fdd429dd12596fa193ba4111469b4417ecbd78a1d7ba4317c334c9111644bae44' => cmd.call('reg_schedule'),
+      'F2376c7b3d81de9382303356e1efdea99385effb84788562c3e697032d51bf942' => cmd.call('reg_schedule'),
       'Auditpol /get /subcategory:\'User Account Management\' /r' => cmd.call('auditpol'),
       '/sbin/auditctl -l' => cmd.call('auditctl'),
       '/sbin/auditctl -s' => cmd.call('auditctl-s'),
@@ -210,8 +210,7 @@ class MockLoader
       # user info for freebsd
       'pw usershow root -7' => cmd.call('pw-usershow-root-7'),
       # user info for windows (winrm 1.6.0, 1.6.1)
-      '650b6b72a66316418b25421a54afe21a230704558082914c54711904bb10e370' => cmd.call('GetUserAccount'),
+      '1f2dd0691487fe7ca8169dfd764e0197e6303f17de416e7c1b7439aedef87ae7' => cmd.call('GetUserAccount'),
-      '174686f0441b8dd387b35cf1cbeed3f98441544351de5d8fb7b54f655e75583f' => cmd.call('GetUserAccount'),
       # group info for windows
       'Get-WmiObject Win32_Group | Select-Object -Property Caption, Domain, Name, SID, LocalAccount | ConvertTo-Json' => cmd.call('GetWin32Group'),
       # network interface
@@ -248,7 +247,7 @@ class MockLoader
       # xinetd configuration
       'find /etc/xinetd.d -type f' => cmd.call('find-xinetd.d'),
       # wmi test
-      "4762fab9e8180997634ae70aae6d5f59e641084111fb9f5e5bf2848a583aa5f5" => cmd.call('get-wmiobject'),
+      "2979ebeb80a475107d85411f109209a580ccf569071b3dc7acff030b8635c6b9" => cmd.call('get-wmiobject'),
       #user info on hpux
       "logins -x -l root" => cmd.call('logins-x'),
       #packages on hpux

test/integration/default/vbscript_spec.rb

@@ -2,18 +2,23 @@
 
 return unless os.windows?
 
-# script that may have multiple lines
+describe vbscript("WScript.Echo \"hello\"") do
-vbscript = <<-EOH
-  WScript.Echo "hello"
-EOH
-
-describe vbscript(vbscript) do
   its('stdout') { should eq "hello\r\n" }
 end
 
-# remove whitespace \r\n from stdout
+# script that may have multiple lines
+vbscript = <<-EOH
+  WScript.Echo "hello"
+  Wscript.Stdout.Write "end"
+EOH
+
 describe vbscript(vbscript) do
-  its('strip') { should eq "hello" }
+  its('stdout') { should eq "hello\r\nend" }
+end
+
+# remove whitespace from stdout
+describe vbscript("WScript.Echo \"hello\"") do
+  its('strip') { should eq 'hello' }
 end
 
 # ensure that we do not require a newline

test/unit/resources/powershell_test.rb

@@ -14,19 +14,13 @@ describe 'Inspec::Resources::Powershell' do
 
   it 'check if `powershell` for windows is properly generated ' do
     resource = MockLoader.new(:windows).load_resource('powershell', ps1_script)
-    if Gem.loaded_specs['winrm'].version < Gem::Version.new('1.6.1')
+    # string should be the same
-      _(resource.command).must_equal 'powershell -encodedCommand IAAgACAAIAAjACAAYwBhAGwAbAAgAGgAZQBsAHAAIABmAG8AcgAgAGcAZQB0ACAAYwBvAG0AbQBhAG4AZAAKACAAIAAgACAARwBlAHQALQBIAGUAbABwACAARwBlAHQALQBDAG8AbQBtAGEAbgBkAAoA'
+    _(resource.command.to_s).must_equal ps1_script
-    else
-      _(resource.command).must_equal 'powershell -encodedCommand JABQAHIAbwBnAHIAZQBzAHMAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACcAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAnADsAIAAgACAAIAAjACAAYwBhAGwAbAAgAGgAZQBsAHAAIABmAG8AcgAgAGcAZQB0ACAAYwBvAG0AbQBhAG4AZAAKACAAIAAgACAARwBlAHQALQBIAGUAbABwACAARwBlAHQALQBDAG8AbQBtAGEAbgBkAAoA'
-    end
   end
 
   it 'check if legacy `script` for windows is properly generated ' do
     resource = MockLoader.new(:windows).load_resource('script', ps1_script)
-    if Gem.loaded_specs['winrm'].version < Gem::Version.new('1.6.1')
+    # string should be the same
-      _(resource.command).must_equal 'powershell -encodedCommand IAAgACAAIAAjACAAYwBhAGwAbAAgAGgAZQBsAHAAIABmAG8AcgAgAGcAZQB0ACAAYwBvAG0AbQBhAG4AZAAKACAAIAAgACAARwBlAHQALQBIAGUAbABwACAARwBlAHQALQBDAG8AbQBtAGEAbgBkAAoA'
+    _(resource.command.to_s).must_equal ps1_script
-    else
-      _(resource.command).must_equal 'powershell -encodedCommand JABQAHIAbwBnAHIAZQBzAHMAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACcAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAnADsAIAAgACAAIAAjACAAYwBhAGwAbAAgAGgAZQBsAHAAIABmAG8AcgAgAGcAZQB0ACAAYwBvAG0AbQBhAG4AZAAKACAAIAAgACAARwBlAHQALQBIAGUAbABwACAARwBlAHQALQBDAG8AbQBtAGEAbgBkAAoA'
-    end
   end
 end

test/unit/resources/vbscript_test.rb

@@ -13,6 +13,6 @@ describe 'Inspec::Resources::VbScript' do
 
   it 'check if `vbscript` for windows is properly generated ' do
     resource = MockLoader.new(:windows).load_resource('vbscript', vb_script)
-    _(resource.command).must_equal 'powershell -encodedCommand JABQAHIAbwBnAHIAZQBzAHMAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACcAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAnADsAJAB2AGIAcwBjAHIAaQBwAHQAIAA9ACAAQAAiAAoAIAAgACAAIABXAFMAYwByAGkAcAB0AC4ARQBjAGgAbwAgACIAaABlAGwAbABvACAAdgBiAHMAYwByAGkAcAB0ACIACgAKACIAQAAKACQAZgBpAGwAZQBuAGEAbQBlACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBQAGEAdABoAF0AOgA6AEcAZQB0AFQAZQBtAHAARgBpAGwAZQBOAGEAbQBlACgAKQAgACsAIAAiAC4AdgBiAHMAIgAKAE4AZQB3AC0ASQB0AGUAbQAgACQAZgBpAGwAZQBuAGEAbQBlACAALQB0AHkAcABlACAAZgBpAGwAZQAgAC0AZgBvAHIAYwBlACAALQB2AGEAbAB1AGUAIAAkAHYAYgBzAGMAcgBpAHAAdAAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgBjAHMAYwByAGkAcAB0AC4AZQB4AGUAIAAvAG4AbwBsAG8AZwBvACAAJABmAGkAbABlAG4AYQBtAGUACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAkAGYAaQBsAGUAbgBhAG0AZQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgA='
+    _(resource.command.to_s).must_include vb_script
   end
 end