anchor-pki 0.6.1 → 0.6.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +29 -3
- data/Gemfile.lock +2 -2
- data/lib/anchor/auto_cert/configuration.rb +1 -10
- data/lib/anchor/auto_cert/railtie.rb +10 -6
- data/lib/anchor/version.rb +1 -1
- data/lib/puma/plugin/auto_cert.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 72bacc57511a5e60ad14e2820a55f19149a2a705fbaa7c80af60484486f0a47d
|
|
4
|
+
data.tar.gz: 3eb671fa661b08f028062b8ee9733ec3831fd2c5acde15875d24f92fcb6c19bf
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 266f699b84d1b6b03ef6c5273109b209dd13fa2cbae54eb7260d85edd0f9b4f3295b6dedf20bf8e2dedaa1fdad7e734784b0d6dfdbc276c15912cb76d4b9ff90
|
|
7
|
+
data.tar.gz: bc78aa5f6692a2ae80cf53c8ea38c3ee5a4d32ca4232bf74fbaf6c8784ce84d899ede38854c8b429e4fb22d2583f5278f470c0cb75c662babc3650c3c26b277e
|
data/CHANGELOG.md
CHANGED
|
@@ -1,9 +1,34 @@
|
|
|
1
1
|
## [Unreleased]
|
|
2
2
|
|
|
3
|
+
## [0.6.3] - 2024-01-10
|
|
4
|
+
|
|
5
|
+
- fixed release (0.6.2 didn't contain the expected changes)
|
|
6
|
+
|
|
7
|
+
## [0.6.2] - 2023-12-20
|
|
8
|
+
|
|
9
|
+
- make terms of service an optional parameter
|
|
10
|
+
- change default autocert key from rails to anchor
|
|
11
|
+
|
|
12
|
+
## [0.6.1] - 2023-12-11
|
|
13
|
+
|
|
14
|
+
- improve support for ENV based configuration
|
|
15
|
+
- improve error logging for Puma plugin
|
|
16
|
+
|
|
17
|
+
## [0.6.0] - 2023-11-29
|
|
18
|
+
|
|
19
|
+
- changes for feature parity and consistency across anchor language packages
|
|
20
|
+
|
|
21
|
+
## [0.5.0] - 2023-09-18
|
|
22
|
+
|
|
23
|
+
- automatic renewal for expired, cached certificates
|
|
24
|
+
- log whole URL at startup, not just identifier
|
|
25
|
+
- add support for Anchor Certificate Extension
|
|
26
|
+
- update tests and test data recordings
|
|
27
|
+
|
|
3
28
|
## [0.4.0] - 2023-06-06
|
|
4
29
|
|
|
5
|
-
- add a puma plugin and configuration
|
|
6
|
-
- auto restart
|
|
30
|
+
- add a puma plugin and configuration DSL for better integration
|
|
31
|
+
- auto restart puma when certificates renew
|
|
7
32
|
- improve tests
|
|
8
33
|
- internal refactor to support the puma plugin
|
|
9
34
|
|
|
@@ -15,7 +40,8 @@
|
|
|
15
40
|
|
|
16
41
|
## [0.2.0] - 2023-04-18
|
|
17
42
|
|
|
18
|
-
-
|
|
43
|
+
- add autocert client for automatic certificate provisioning
|
|
44
|
+
- don't contact ACME server when cache hits
|
|
19
45
|
|
|
20
46
|
## [0.1.0] - 2021-11-05
|
|
21
47
|
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
anchor-pki (0.6.
|
|
4
|
+
anchor-pki (0.6.3)
|
|
5
5
|
acme-client (~> 2.0.13)
|
|
6
6
|
pstore (~> 0.1)
|
|
7
7
|
|
|
@@ -19,7 +19,7 @@ GEM
|
|
|
19
19
|
rexml
|
|
20
20
|
diff-lcs (1.5.0)
|
|
21
21
|
docile (1.4.0)
|
|
22
|
-
faraday (2.
|
|
22
|
+
faraday (2.8.1)
|
|
23
23
|
base64
|
|
24
24
|
faraday-net_http (>= 2.0, < 3.1)
|
|
25
25
|
ruby2_keywords (>= 0.0.4)
|
|
@@ -202,16 +202,7 @@ module Anchor
|
|
|
202
202
|
end
|
|
203
203
|
|
|
204
204
|
def prepare_tos_acceptors(tos_acceptors)
|
|
205
|
-
|
|
206
|
-
|
|
207
|
-
if tos_acceptors.empty? || tos_acceptors.any? { |tos| !tos.respond_to?(:accept?) }
|
|
208
|
-
raise ConfigurationError,
|
|
209
|
-
"The '#{name}' #{self.class} instance has a misconfigured " \
|
|
210
|
-
'`tos_acceptors` value. It must be set to an object ' \
|
|
211
|
-
'or an array of objects that respond to `accept?`.'
|
|
212
|
-
end
|
|
213
|
-
|
|
214
|
-
tos_acceptors
|
|
205
|
+
Array(tos_acceptors)
|
|
215
206
|
end
|
|
216
207
|
|
|
217
208
|
def prepare_directory(dir:, property:)
|
|
@@ -4,9 +4,11 @@ module Anchor
|
|
|
4
4
|
module AutoCert
|
|
5
5
|
# AutoCert Railtie
|
|
6
6
|
class Railtie < Rails::Railtie
|
|
7
|
+
name = ENV.fetch('AUTO_CERT_NAME', 'anchor')
|
|
8
|
+
|
|
7
9
|
# Initialize the configuration with a blank configuration, ensuring
|
|
8
10
|
# the configuration exists, even if it is not used.
|
|
9
|
-
config.auto_cert = ::Anchor::AutoCert::Configuration.new(name:
|
|
11
|
+
config.auto_cert = ::Anchor::AutoCert::Configuration.new(name: name)
|
|
10
12
|
|
|
11
13
|
# Make sure the auto cert configuration is valid before the app boots
|
|
12
14
|
# This will run after every code reload in development and after boot in
|
|
@@ -56,10 +58,11 @@ module Anchor
|
|
|
56
58
|
def self.determine_configuration(app)
|
|
57
59
|
auto_cert_config = app.config.auto_cert
|
|
58
60
|
|
|
59
|
-
# If no configuration is set, then try to lookup one under the :
|
|
61
|
+
# If no configuration is set, then try to lookup one under the :anchor
|
|
60
62
|
# key or create a default one.
|
|
61
63
|
begin
|
|
62
|
-
|
|
64
|
+
name = ENV.fetch('AUTO_CERT_NAME', 'anchor')
|
|
65
|
+
auto_cert_config ||= ::Anchor::AutoCert::Registry.fetch(name)
|
|
63
66
|
rescue KeyError
|
|
64
67
|
auto_cert_config = Railtie.try_to_create_default_configuration
|
|
65
68
|
end
|
|
@@ -77,12 +80,13 @@ module Anchor
|
|
|
77
80
|
end
|
|
78
81
|
|
|
79
82
|
def self.try_to_create_default_configuration
|
|
83
|
+
name = ENV.fetch('AUTO_CERT_NAME', 'anchor')
|
|
80
84
|
# If it doesn't exist, create a new one - now this may raise an error
|
|
81
85
|
# if the configuration is not setup correctly
|
|
82
|
-
::Anchor::AutoCert::Configuration.new(name:
|
|
86
|
+
::Anchor::AutoCert::Configuration.new(name: name)
|
|
83
87
|
rescue ConfigurationError => e
|
|
84
|
-
# its fine to not have a
|
|
85
|
-
msg = "[AutoCert] Unable to create the
|
|
88
|
+
# its fine to not have a configuration, just log the error and move on
|
|
89
|
+
msg = "[AutoCert] Unable to create the '#{name}' configuration : #{e.message}"
|
|
86
90
|
Rails.logger.error(msg)
|
|
87
91
|
nil
|
|
88
92
|
end
|
data/lib/anchor/version.rb
CHANGED
|
@@ -26,7 +26,7 @@ module Puma
|
|
|
26
26
|
|
|
27
27
|
def config(dsl)
|
|
28
28
|
@port = dsl.auto_cert_port || ENV.fetch('HTTPS_PORT', nil)
|
|
29
|
-
name = dsl.auto_cert_name || ENV.fetch('AUTO_CERT_NAME', '
|
|
29
|
+
name = dsl.auto_cert_name || ENV.fetch('AUTO_CERT_NAME', 'anchor')
|
|
30
30
|
configuration = ::Anchor::AutoCert::Registry.fetch(name)
|
|
31
31
|
identifiers = configuration.allow_identifiers
|
|
32
32
|
@manager = ::Anchor::AutoCert::Manager.new(configuration: configuration)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: anchor-pki
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.6.
|
|
4
|
+
version: 0.6.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Anchor Security, Inc
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2024-01-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: acme-client
|
|
@@ -207,7 +207,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
207
207
|
- !ruby/object:Gem::Version
|
|
208
208
|
version: '0'
|
|
209
209
|
requirements: []
|
|
210
|
-
rubygems_version: 3.
|
|
210
|
+
rubygems_version: 3.5.4
|
|
211
211
|
signing_key:
|
|
212
212
|
specification_version: 4
|
|
213
213
|
summary: Ruby client for Anchor PKI. See https://anchor.dev/ for details.
|