Correct wazuh#879: stdlib deprecated validate_legacy()

cusae · Mar 13, 2024 · e1d1c60 · e1d1c60
1 parent 4acc52e
commit e1d1c60
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 44 deletions.
diff --git a/manifests/agent.pp b/manifests/agent.pp
@@ -7,8 +7,8 @@
 
   $agent_package_version             = $wazuh::params_agent::agent_package_version,
   $agent_package_revision            = $wazuh::params_agent::agent_package_revision,
-  $agent_package_name                = $wazuh::params_agent::agent_package_name,
-  $agent_service_name                = $wazuh::params_agent::agent_service_name,
+  String $agent_package_name         = $wazuh::params_agent::agent_package_name,
+  String $agent_service_name         = $wazuh::params_agent::agent_service_name,
   $agent_service_ensure              = $wazuh::params_agent::agent_service_ensure,
   $agent_msi_download_location       = $wazuh::params_agent::agent_msi_download_location,
 
@@ -18,15 +18,15 @@
 
   # Authd registration options
   $manage_client_keys                = $wazuh::params_agent::manage_client_keys,
-  $agent_name                        = $wazuh::params_agent::agent_name,
-  $agent_group                       = $wazuh::params_agent::agent_group,
+  String agent_name                  = $wazuh::params_agent::agent_name,
+  String $agent_group                = $wazuh::params_agent::agent_group,
   $agent_address                     = $wazuh::params_agent::agent_address,
-  $wazuh_agent_cert                  = $wazuh::params_agent::wazuh_agent_cert,
-  $wazuh_agent_key                   = $wazuh::params_agent::wazuh_agent_key,
-  $wazuh_agent_cert_path             = $wazuh::params_agent::wazuh_agent_cert_path,
-  $wazuh_agent_key_path              = $wazuh::params_agent::wazuh_agent_key_path,
+  String $wazuh_agent_cert           = $wazuh::params_agent::wazuh_agent_cert,
+  String $wazuh_agent_key            = $wazuh::params_agent::wazuh_agent_key,
+  String $wazuh_agent_cert_path      = $wazuh::params_agent::wazuh_agent_cert_path,
+  String $wazuh_agent_key_path       = $wazuh::params_agent::wazuh_agent_key_path,
   $agent_auth_password               = $wazuh::params_agent::agent_auth_password,
-  $wazuh_manager_root_ca_pem         = $wazuh::params_agent::wazuh_manager_root_ca_pem,
+  String $wazuh_manager_root_ca_pem  = $wazuh::params_agent::wazuh_manager_root_ca_pem,
   $wazuh_manager_root_ca_pem_path    = $wazuh::params_agent::wazuh_manager_root_ca_pem_path,
 
   ## ossec.conf generation parameters
@@ -253,8 +253,6 @@
   # )
   # This allows arrays of integers, sadly
   # (commented due to stdlib version requirement)
-  validate_legacy(String, 'validate_string', $agent_package_name)
-  validate_legacy(String, 'validate_string', $agent_service_name)
 
   if (( $ossec_syscheck_whodata_directories_1 == 'yes' ) or ( $ossec_syscheck_whodata_directories_2 == 'yes' )) {
     class { 'wazuh::audit':
@@ -492,14 +490,12 @@
   # Agent registration and service setup
   if ($manage_client_keys == 'yes') {
     if $agent_name {
-      validate_legacy(String, 'validate_string', $agent_name)
       $agent_auth_option_name = "-A \"${agent_name}\""
     } else {
       $agent_auth_option_name = ''
     }
 
     if $agent_group {
-      validate_legacy(String, 'validate_string', $agent_group)
       $agent_auth_option_group = "-G \"${agent_group}\""
     } else {
       $agent_auth_option_group = ''
@@ -530,7 +526,6 @@
 
         # https://documentation.wazuh.com/4.0/user-manual/registering/manager-verification/manager-verification-registration.html
         if $wazuh_manager_root_ca_pem != undef {
-          validate_legacy(String, 'validate_string', $wazuh_manager_root_ca_pem)
           file { '/var/ossec/etc/rootCA.pem':
             owner   => $wazuh::params_agent::keys_owner,
             group   => $wazuh::params_agent::keys_group,
@@ -540,16 +535,13 @@
           }
           $agent_auth_option_manager = '-v /var/ossec/etc/rootCA.pem'
         } elsif $wazuh_manager_root_ca_pem_path != undef {
-          validate_legacy(String, 'validate_string', $wazuh_manager_root_ca_pem)
           $agent_auth_option_manager = "-v ${wazuh_manager_root_ca_pem_path}"
         } else {
           $agent_auth_option_manager = ''  # Avoid errors when compounding final command
         }
 
         # https://documentation.wazuh.com/4.0/user-manual/registering/manager-verification/agent-verification-registration.html
         if ($wazuh_agent_cert != undef) and ($wazuh_agent_key != undef) {
-          validate_legacy(String, 'validate_string', $wazuh_agent_cert)
-          validate_legacy(String, 'validate_string', $wazuh_agent_key)
           file { '/var/ossec/etc/sslagent.cert':
             owner   => $wazuh::params_agent::keys_owner,
             group   => $wazuh::params_agent::keys_group,
@@ -567,8 +559,6 @@
 
           $agent_auth_option_agent = '-x /var/ossec/etc/sslagent.cert -k /var/ossec/etc/sslagent.key'
         } elsif ($wazuh_agent_cert_path != undef) and ($wazuh_agent_key_path != undef) {
-          validate_legacy(String, 'validate_string', $wazuh_agent_cert_path)
-          validate_legacy(String, 'validate_string', $wazuh_agent_key_path)
           $agent_auth_option_agent = "-x ${wazuh_agent_cert_path} -k ${wazuh_agent_key_path}"
         } else {
           $agent_auth_option_agent = ''

diff --git a/manifests/manager.pp b/manifests/manager.pp
@@ -15,10 +15,10 @@
 
       $ossec_logall                     = $wazuh::params_manager::ossec_logall,
       $ossec_logall_json                = $wazuh::params_manager::ossec_logall_json,
-      $ossec_emailnotification          = $wazuh::params_manager::ossec_emailnotification,
-      $ossec_emailto                    = $wazuh::params_manager::ossec_emailto,
-      $ossec_smtp_server                = $wazuh::params_manager::ossec_smtp_server,
-      $ossec_emailfrom                  = $wazuh::params_manager::ossec_emailfrom,
+      Boolean $ossec_emailnotification  = $wazuh::params_manager::ossec_emailnotification,
+      Array $ossec_emailto              = $wazuh::params_manager::ossec_emailto,
+      String $ossec_smtp_server         = $wazuh::params_manager::ossec_smtp_server,
+      String $ossec_emailfrom           = $wazuh::params_manager::ossec_emailfrom,
       $ossec_email_maxperhour           = $wazuh::params_manager::ossec_email_maxperhour,
       $ossec_email_log_source           = $wazuh::params_manager::ossec_email_log_source,
       $ossec_email_idsname              = $wazuh::params_manager::ossec_email_idsname,
@@ -211,7 +211,7 @@
       $vulnerability_detector_provider_almalinux_update_interval    = $wazuh::params_manager::vulnerability_detector_provider_almalinux_update_interval,
 
       # syslog
-      $syslog_output                        = $wazuh::params_manager::syslog_output,
+      Boolean $syslog_output                = $wazuh::params_manager::syslog_output,
       $syslog_output_level                  = $wazuh::params_manager::syslog_output_level,
       $syslog_output_port                   = $wazuh::params_manager::syslog_output_port,
       $syslog_output_server                 = $wazuh::params_manager::syslog_output_server,
@@ -287,14 +287,14 @@
       $ar_repeated_offenders                = $wazuh::params_manager::ar_repeated_offenders,
 
       $local_decoder_template               = $wazuh::params_manager::local_decoder_template,
-      $decoder_exclude                      = $wazuh::params_manager::decoder_exclude,
+      Array $decoder_exclude                = $wazuh::params_manager::decoder_exclude,
       $local_rules_template                 = $wazuh::params_manager::local_rules_template,
-      $rule_exclude                         = $wazuh::params_manager::rule_exclude,
+      Array $rule_exclude                   = $wazuh::params_manager::rule_exclude,
       $shared_agent_template                = $wazuh::params_manager::shared_agent_template,
 
-      $wazuh_manager_verify_manager_ssl     = $wazuh::params_manager::wazuh_manager_verify_manager_ssl,
-      $wazuh_manager_server_crt             = $wazuh::params_manager::wazuh_manager_server_crt,
-      $wazuh_manager_server_key             = $wazuh::params_manager::wazuh_manager_server_key,
+      Boolean $wazuh_manager_verify_manager_ssl = $wazuh::params_manager::wazuh_manager_verify_manager_ssl,
+      String $wazuh_manager_server_crt          = $wazuh::params_manager::wazuh_manager_server_crt,
+      String $wazuh_manager_server_key          = $wazuh::params_manager::wazuh_manager_server_key,
 
       $ossec_local_files                    = $::wazuh::params_manager::default_local_files,
 
@@ -345,13 +345,6 @@
 
 
 ) inherits wazuh::params_manager {
-  validate_legacy(
-    Boolean, 'validate_bool', $manage_repos, $syslog_output,$wazuh_manager_verify_manager_ssl
-  )
-  validate_legacy(
-    Array, 'validate_array', $decoder_exclude, $rule_exclude
-  )
-
   ## Determine which kernel and family puppet is running on. Will be used on _localfile, _rootcheck, _syscheck & _sca
 
   if ($::kernel == 'windows') {
@@ -388,14 +381,10 @@
 
   # This allows arrays of integers, sadly
   # (commented due to stdlib version requirement)
-  validate_legacy(Boolean, 'validate_bool', $ossec_emailnotification)
   if ($ossec_emailnotification) {
     if $ossec_smtp_server == undef {
       fail('$ossec_emailnotification is enabled but $smtp_server was not set')
     }
-    validate_legacy(String, 'validate_string', $ossec_smtp_server)
-    validate_legacy(String, 'validate_string', $ossec_emailfrom)
-    validate_legacy(Array, 'validate_array', $ossec_emailto)
   }
 
   if $::osfamily == 'windows' {
@@ -664,10 +653,6 @@
   if $wazuh_manager_verify_manager_ssl {
 
     if ($wazuh_manager_server_crt != undef) and ($wazuh_manager_server_key != undef) {
-      validate_legacy(
-        String, 'validate_string', $wazuh_manager_server_crt, $wazuh_manager_server_key
-      )
-
       file { '/var/ossec/etc/sslmanager.key':
         content => $wazuh_manager_server_key,
         owner   => 'root',