acmesmith 0.11.0 → 0.11.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: bce001c8eca147fba2d1d2e0b43d30ebd175f096
4
- data.tar.gz: 65fb44fdf5367fa3e6c66ecb837fd3119f07db76
2
+ SHA256:
3
+ metadata.gz: 9103307f7ec55de437d48f87b97234fde521c25378ccf0d874a4dafee084bfa4
4
+ data.tar.gz: 3068795e54de705a900c98520c2568416ac38e63038313cee67ba43c3a6665ce
5
5
  SHA512:
6
- metadata.gz: a544bb8d9ee438806215471846bd71dd34fcd3dc0cdd38d15a130292d255c1f221492c1c129bcdb5906ac8afc5819b161296dd0b64607ad36149966f7cf23d7e
7
- data.tar.gz: ecc46f9cc09ec3630d14a3052b43b51659fdaba8716e43095bc578326e7e5fc99174da54b26d80abc1579b8bb7c35e991e405a5238a38fd7c805ca985b9fa630
6
+ metadata.gz: 8993dbe4814bf78af2cd5ecb03ca392fbbd1c00a8a770c596a917de37b5dca1e39568fb7b243b7223503c1378d9673f41ca91158a440fcb89f3eced562a2c6ca
7
+ data.tar.gz: aa3a6c64a357df063253b094f5ad85070932537e0baf8636f81d15530b080a2bd13885af4015e5e22d5f954a69f2d2143a49c631f2714bcc0ebdfd9dd03b86e8
data/acmesmith.gemspec CHANGED
@@ -21,8 +21,10 @@ Acmesmith is an [ACME (Automatic Certificate Management Environment)](https://gi
21
21
  spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
22
22
  spec.require_paths = ["lib"]
23
23
 
24
- spec.add_dependency "acme-client"
25
- spec.add_dependency "aws-sdk", "> 2"
24
+ spec.add_dependency "acme-client", '~> 1'
25
+ spec.add_dependency "aws-sdk-acm"
26
+ spec.add_dependency "aws-sdk-route53"
27
+ spec.add_dependency "aws-sdk-s3"
26
28
  spec.add_dependency "thor"
27
29
 
28
30
  spec.add_development_dependency "bundler"
@@ -0,0 +1,64 @@
1
+ require 'acme-client'
2
+
3
+ module Acmesmith
4
+ class AcmeClient
5
+ # @param account_key [Acmesmith::AccountKey]
6
+ # @param endpoint [String]
7
+ def initialize(account_key, endpoint)
8
+ @acme = Acme::Client.new(private_key: account_key.private_key, endpoint: endpoint)
9
+ end
10
+
11
+ # @param contact [String]
12
+ def register(contact)
13
+ retry_once_on_bad_nonce do
14
+ @acme.register(contact: contact)
15
+ end
16
+ end
17
+
18
+ # @param domain [String]
19
+ def authorize(domain)
20
+ retry_once_on_bad_nonce do
21
+ @acme.authorize(domain: domain)
22
+ end
23
+ end
24
+
25
+ # @param csr [Acme::Client::CertificateRequest]
26
+ def new_certificate(csr)
27
+ retry_once_on_bad_nonce do
28
+ @acme.new_certificate(csr)
29
+ end
30
+ end
31
+
32
+ # @param challenge [Acme::Client::Resources::Challenges::Base]
33
+ def request_verification(challenge)
34
+ retry_once_on_bad_nonce do
35
+ challenge.request_verification
36
+ end
37
+ end
38
+
39
+ # @param challenge [Acme::Client::Resources::Challenges::Base]
40
+ def verify_status(challenge)
41
+ retry_once_on_bad_nonce do
42
+ challenge.verify_status
43
+ end
44
+ end
45
+
46
+ private
47
+
48
+ def retry_once_on_bad_nonce(&block)
49
+ retried = false
50
+ begin
51
+ block.call
52
+ rescue Acme::Client::Error::BadNonce => e
53
+ # Let's Encrypt returns badNonce error when the client sends too-old
54
+ # nonce. So retry the request once.
55
+ if retried
56
+ raise e
57
+ else
58
+ retried = true
59
+ retry
60
+ end
61
+ end
62
+ end
63
+ end
64
+ end
@@ -1,6 +1,6 @@
1
1
  require 'acmesmith/challenge_responders/base'
2
2
 
3
- require 'aws-sdk'
3
+ require 'aws-sdk-route53'
4
4
 
5
5
  module Acmesmith
6
6
  module ChallengeResponders
@@ -1,10 +1,8 @@
1
1
  require 'acmesmith/account_key'
2
+ require 'acmesmith/acme_client'
2
3
  require 'acmesmith/certificate'
3
-
4
4
  require 'acmesmith/save_certificate_service'
5
5
 
6
- require 'acme-client'
7
-
8
6
  module Acmesmith
9
7
  class Client
10
8
  def initialize(config: nil)
@@ -13,8 +11,8 @@ module Acmesmith
13
11
 
14
12
  def register(contact)
15
13
  key = AccountKey.generate
16
- acme = Acme::Client.new(private_key: key.private_key, endpoint: config['endpoint'])
17
- registration = acme.register(contact: contact)
14
+ acme = AcmeClient.new(key, config['endpoint'])
15
+ registration = acme.register(contact)
18
16
  registration.agree_terms
19
17
 
20
18
  storage.put_account_key(key, account_key_passphrase)
@@ -24,7 +22,7 @@ module Acmesmith
24
22
 
25
23
  def authorize(*domains)
26
24
  targets = domains.map do |domain|
27
- authz = acme.authorize(domain: domain)
25
+ authz = acme.authorize(domain)
28
26
  challenges = [authz.http01, authz.dns01, authz.tls_sni01].compact
29
27
  challenge = nil
30
28
  responder = config.challenge_responders.find do |x|
@@ -40,14 +38,14 @@ module Acmesmith
40
38
 
41
39
  targets.each do |target|
42
40
  puts "=> Requesting verifications..."
43
- target[:challenge].request_verification
41
+ acme.request_verification(target[:challenge])
44
42
  end
45
43
  loop do
46
44
  all_valid = true
47
45
  targets.each do |target|
48
46
  next if target[:valid]
49
47
 
50
- status = target[:challenge].verify_status
48
+ status = acme.verify_status(target[:challenge])
51
49
  puts " * [#{target[:domain]}] verify_status: #{status}"
52
50
 
53
51
  if status == 'valid'
@@ -232,7 +230,7 @@ module Acmesmith
232
230
  end
233
231
 
234
232
  def acme
235
- @acme ||= Acme::Client.new(private_key: account_key.private_key, endpoint: config['endpoint'])
233
+ @acme ||= AcmeClient.new(account_key, config['endpoint'])
236
234
  end
237
235
 
238
236
  def certificate_key_passphrase
@@ -1,4 +1,4 @@
1
- require 'aws-sdk'
1
+ require 'aws-sdk-acm'
2
2
  require 'acmesmith/post_issuing_hooks/base'
3
3
 
4
4
  module Acmesmith
@@ -1,4 +1,4 @@
1
- require 'aws-sdk'
1
+ require 'aws-sdk-s3'
2
2
 
3
3
  require 'acmesmith/storages/base'
4
4
  require 'acmesmith/account_key'
@@ -1,3 +1,3 @@
1
1
  module Acmesmith
2
- VERSION = "0.11.0"
2
+ VERSION = "0.11.1"
3
3
  end
metadata CHANGED
@@ -1,17 +1,45 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: acmesmith
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.11.0
4
+ version: 0.11.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - sorah (Shota Fukumori)
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-08-02 00:00:00.000000000 Z
11
+ date: 2018-05-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: acme-client
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '1'
27
+ - !ruby/object:Gem::Dependency
28
+ name: aws-sdk-acm
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: aws-sdk-route53
15
43
  requirement: !ruby/object:Gem::Requirement
16
44
  requirements:
17
45
  - - ">="
@@ -25,19 +53,19 @@ dependencies:
25
53
  - !ruby/object:Gem::Version
26
54
  version: '0'
27
55
  - !ruby/object:Gem::Dependency
28
- name: aws-sdk
56
+ name: aws-sdk-s3
29
57
  requirement: !ruby/object:Gem::Requirement
30
58
  requirements:
31
- - - ">"
59
+ - - ">="
32
60
  - !ruby/object:Gem::Version
33
- version: '2'
61
+ version: '0'
34
62
  type: :runtime
35
63
  prerelease: false
36
64
  version_requirements: !ruby/object:Gem::Requirement
37
65
  requirements:
38
- - - ">"
66
+ - - ">="
39
67
  - !ruby/object:Gem::Version
40
- version: '2'
68
+ version: '0'
41
69
  - !ruby/object:Gem::Dependency
42
70
  name: thor
43
71
  requirement: !ruby/object:Gem::Requirement
@@ -120,6 +148,7 @@ files:
120
148
  - docs/vendor/aws.md
121
149
  - lib/acmesmith.rb
122
150
  - lib/acmesmith/account_key.rb
151
+ - lib/acmesmith/acme_client.rb
123
152
  - lib/acmesmith/certificate.rb
124
153
  - lib/acmesmith/challenge_responders.rb
125
154
  - lib/acmesmith/challenge_responders/base.rb
@@ -162,7 +191,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
162
191
  version: '0'
163
192
  requirements: []
164
193
  rubyforge_project:
165
- rubygems_version: 2.6.8
194
+ rubygems_version: 2.7.6
166
195
  signing_key:
167
196
  specification_version: 4
168
197
  summary: ACME client (Let's encrypt client) to manage certificate in multi server