Merge pull request #321 from PowerShell/dev

Release of version 1.19.0.0 of xWebAdministration

DSCResources/Helper.psm1

@@ -61,3 +61,152 @@ function Assert-Module
                              -ErrorCategory ObjectNotFound
     }
 }
+
+<#
+    .SYNOPSIS
+    Locates one or more certificates using the passed certificate selector parameters.
+
+    If more than one certificate is found matching the selector criteria, they will be
+    returned in order of descending expiration date.
+
+    .PARAMETER Thumbprint
+    The thumbprint of the certificate to find.
+
+    .PARAMETER FriendlyName
+    The friendly name of the certificate to find.
+
+    .PARAMETER Subject
+    The subject of the certificate to find.
+
+    .PARAMETER DNSName
+    The subject alternative name of the certificate to export must contain these values.
+
+    .PARAMETER Issuer
+    The issuer of the certiicate to find.
+
+    .PARAMETER KeyUsage
+    The key usage of the certificate to find must contain these values.
+
+    .PARAMETER EnhancedKeyUsage
+    The enhanced key usage of the certificate to find must contain these values.
+
+    .PARAMETER Store
+    The Windows Certificate Store Name to search for the certificate in.
+    Defaults to 'My'.
+
+    .PARAMETER AllowExpired
+    Allows expired certificates to be returned.
+
+#>
+function Find-Certificate
+{
+    [CmdletBinding()]
+    [OutputType([System.Security.Cryptography.X509Certificates.X509Certificate2[]])]
+    param
+    (
+        [Parameter()]
+        [String]
+        $Thumbprint,
+
+        [Parameter()]
+        [String]
+        $FriendlyName,
+
+        [Parameter()]
+        [String]
+        $Subject,
+
+        [Parameter()]
+        [String[]]
+        $DNSName,
+
+        [Parameter()]
+        [String]
+        $Issuer,
+
+        [Parameter()]
+        [String[]]
+        $KeyUsage,
+
+        [Parameter()]
+        [String[]]
+        $EnhancedKeyUsage,
+
+        [Parameter()]
+        [String]
+        $Store = 'My',
+
+        [Parameter()]
+        [Boolean]
+        $AllowExpired = $false
+    )
+
+    $certPath = Join-Path -Path 'Cert:\LocalMachine' -ChildPath $Store
+
+    if (-not (Test-Path -Path $certPath))
+    {
+        # The Certificte Path is not valid
+        New-InvalidArgumentError `
+            -ErrorId 'CannotFindCertificatePath' `
+            -ErrorMessage ($LocalizedData.CertificatePathError -f $certPath)
+    } # if
+
+    # Assemble the filter to use to select the certificate
+    $certFilters = @()
+    if ($PSBoundParameters.ContainsKey('Thumbprint'))
+    {
+        $certFilters += @('($_.Thumbprint -eq $Thumbprint)')
+    } # if
+
+    if ($PSBoundParameters.ContainsKey('FriendlyName'))
+    {
+        $certFilters += @('($_.FriendlyName -eq $FriendlyName)')
+    } # if
+
+    if ($PSBoundParameters.ContainsKey('Subject'))
+    {
+        $certFilters += @('($_.Subject -eq $Subject)')
+    } # if
+
+    if ($PSBoundParameters.ContainsKey('Issuer'))
+    {
+        $certFilters += @('($_.Issuer -eq $Issuer)')
+    } # if
+
+    if (-not $AllowExpired)
+    {
+        $certFilters += @('(((Get-Date) -le $_.NotAfter) -and ((Get-Date) -ge $_.NotBefore))')
+    } # if
+
+    if ($PSBoundParameters.ContainsKey('DNSName'))
+    {
+        $certFilters += @('(@(Compare-Object -ReferenceObject $_.DNSNameList.Unicode -DifferenceObject $DNSName | Where-Object -Property SideIndicator -eq "=>").Count -eq 0)')
+    } # if
+
+    if ($PSBoundParameters.ContainsKey('KeyUsage'))
+    {
+        $certFilters += @('(@(Compare-Object -ReferenceObject ($_.Extensions.KeyUsages -split ", ") -DifferenceObject $KeyUsage | Where-Object -Property SideIndicator -eq "=>").Count -eq 0)')
+    } # if
+
+    if ($PSBoundParameters.ContainsKey('EnhancedKeyUsage'))
+    {
+        $certFilters += @('(@(Compare-Object -ReferenceObject ($_.EnhancedKeyUsageList.FriendlyName) -DifferenceObject $EnhancedKeyUsage | Where-Object -Property SideIndicator -eq "=>").Count -eq 0)')
+    } # if
+
+    # Join all the filters together
+    $certFilterScript = '(' + ($certFilters -join ' -and ') + ')'
+
+    Write-Verbose -Message ($LocalizedData.SearchingForCertificateUsingFilters `
+        -f $store,$certFilterScript)
+
+    $certs = Get-ChildItem -Path $certPath |
+        Where-Object -FilterScript ([ScriptBlock]::Create($certFilterScript))
+
+    # Sort the certificates
+    if ($certs.count -gt 1)
+    {
+        $certs = $certs | Sort-Object -Descending -Property 'NotAfter'
+    } # if
+
+    return $certs
+} # end function Find-Certificate

DSCResources/MSFT_xWebAppPoolDefaults/MSFT_xWebAppPoolDefaults.psm1

@@ -24,22 +24,22 @@ function Get-TargetResource
     [OutputType([System.Collections.Hashtable])]
     param
     (
-        [Parameter(Mandatory)]
+        [Parameter(Mandatory = $true)]
         [ValidateSet('Machine')]
-        [String] $ApplyTo
+        [System.String]
+        $ApplyTo
     )
-    
+
     Assert-Module
 
     Write-Verbose -Message $LocalizedData.VerboseGetTargetResource
 
     return @{
         ManagedRuntimeVersion = (Get-Value -Path '' -Name 'managedRuntimeVersion')
-        IdentityType          = ( Get-Value -Path 'processModel' -Name 'identityType')
+        IdentityType          = (Get-Value -Path 'processModel' -Name 'identityType')
     }
 }
 
-
 function Set-TargetResource
 {
     <#
@@ -50,16 +50,21 @@ function Set-TargetResource
     [CmdletBinding()]
     [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSDSCUseVerboseMessageInDSCResource", "")]
     param
-    (    
-        [ValidateSet('Machine')]
+    (
         [Parameter(Mandatory = $true)]
-        [String] $ApplyTo,
+        [ValidateSet('Machine')]
+        [System.String]
+        $ApplyTo,
 
+        [Parameter()]
         [ValidateSet('','v2.0','v4.0')]
-        [String] $ManagedRuntimeVersion,
+        [System.String]
+        $ManagedRuntimeVersion,
 
+        [Parameter()]
         [ValidateSet('ApplicationPoolIdentity','LocalService','LocalSystem','NetworkService')]
-        [String] $IdentityType
+        [System.String]
+        $IdentityType
     )
 
     Assert-Module
@@ -81,15 +86,20 @@ function Test-TargetResource
     [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSDSCUseVerboseMessageInDSCResource", "")]
     param
     (
-        [ValidateSet('Machine')]
         [Parameter(Mandatory = $true)]
-        [String] $ApplyTo,
-
+        [ValidateSet('Machine')]
+        [System.String]
+        $ApplyTo,
+
+        [Parameter()]
         [ValidateSet('','v2.0','v4.0')]
-        [String] $ManagedRuntimeVersion,
-
+        [System.String]
+        $ManagedRuntimeVersion,
+
+        [Parameter()]
         [ValidateSet('ApplicationPoolIdentity','LocalService','LocalSystem','NetworkService')]
-        [String] $IdentityType
+        [System.String]
+        $IdentityType
     )
 
     Assert-Module
@@ -118,12 +128,19 @@ function Confirm-Value
     [CmdletBinding()]
     [OutputType([System.Boolean])]
     param
-    (  
-        [String] $Path,
+    (
+        [Parameter(Mandatory = $true)]
+        [AllowEmptyString()]
+        [System.String]
+        $Path,
 
-        [String] $Name,
+        [Parameter(Mandatory = $true)]
+        [System.String]
+        $Name,
 
-        [String] $NewValue
+        [Parameter()]
+        [System.String]
+        $NewValue
     )
 
     if (-not($NewValue))
@@ -149,12 +166,19 @@ function Set-Value
 {
     [CmdletBinding()]
     param
-    (  
-        [String] $Path,
-
-        [String] $Name,
-
-        [String] $NewValue
+    (
+        [Parameter(Mandatory = $true)]
+        [AllowEmptyString()]
+        [System.String]
+        $Path,
+
+        [Parameter(Mandatory = $true)]
+        [System.String]
+        $Name,
+
+        [Parameter()]
+        [System.String]
+        $NewValue
     )
 
     # if the variable doesn't exist, the user doesn't want to change this value
@@ -179,35 +203,40 @@ function Set-Value
 
         $relPath = $Path + '/' + $Name
         Write-Verbose($LocalizedData.SettingValue -f $relPath,$NewValue);
-
     }
-
 }
 
 function Get-Value
 {
-
     [CmdletBinding()]
     param
-    (  
-        [String] $Path,
-
-        [String] $Name
+    (
+        [Parameter(Mandatory = $true)]
+        [AllowEmptyString()]
+        [System.String]
+        $Path,
+
+        [Parameter(Mandatory = $true)]
+        [System.String]
+        $Name
     )
 
+    if ($Path -ne '')
     {
-        if ($Path -ne '')
-        {
-            $Path = '/' + $Path
-        }
+        $Path = '/' + $Path
+    }
 
-        return Get-WebConfigurationProperty `
+    $result = Get-WebConfigurationProperty `
                 -PSPath 'MACHINE/WEBROOT/APPHOST' `
                 -Filter "system.applicationHost/applicationPools/applicationPoolDefaults$Path" `
                 -Name $Name
-
-    }
 
+    if ($result -is [Microsoft.IIs.PowerShell.Framework.ConfigurationAttribute])
+    {
+        return $result.Value
+    } else {
+        return $result
+    }
 }
 
 #endregion

DSCResources/MSFT_xWebApplication/MSFT_xWebApplication.psm1

@@ -266,9 +266,9 @@ function Set-TargetResource
             {
                 Write-Verbose -Message ($LocalizedData.VerboseSetTargetEnabledProtocols -f $Name)
                 # Make input bindings which are an array, into a string
-                $stringafiedEnabledProtocols = $EnabledProtocols -join ' '
+                $stringafiedEnabledProtocols = $EnabledProtocols -join ','
                 Set-ItemProperty -Path "IIS:\Sites\$Website\$Name" `
-                                 -Name EnabledProtocols `
+                                 -Name 'enabledProtocols' `
                                  -Value $stringafiedEnabledProtocols `
                                  -ErrorAction Stop
             }
@@ -625,9 +625,9 @@ function Get-SslFlags
                  ForEach-Object { $_.sslFlags }
 
     if ($null -eq $SslFlags) 
-        { 
-            [String]::Empty
-        } 
+    {
+        return [String]::Empty
+    }
 
     return $SslFlags
 }