bullion 0.10.1 → 0.10.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/.release-please-manifest.json +1 -1
  3. data/.rubocop.yml +1 -1
  4. data/CHANGELOG.md +7 -0
  5. data/Gemfile.lock +7 -7
  6. data/lib/bullion/acme/error.rb +12 -21
  7. data/lib/bullion/helpers/ssl.rb +1 -1
  8. data/lib/bullion/services/ca.rb +9 -8
  9. data/lib/bullion/version.rb +1 -1
  10. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bad95f78797ed3e0f6c4cd9dd1861c868f26a09726d95472ad2c8617ad587baf
4
- data.tar.gz: af63bf9331d4953bd95768b92446b5fd2aeecd73ef779fe7f58e420171275e2a
3
+ metadata.gz: 9b418034aabf17318c2f100d13bedd6e24338241d175a8a745aa59adc63b88c3
4
+ data.tar.gz: 55de2bbebec20c8a485baa9d7f3e1b4f50fdc0b3d79e1124ed1dbb67c25ef759
5
5
  SHA512:
6
- metadata.gz: 76d58792e34491d2d62da8f7aaf8cb196185963c3bfad703eb58890439d22b10586555ea70aa9846e9fff58142561be852fa713ad77fc7fed22070db4d4ac973
7
- data.tar.gz: 732aae73c0e5aaf7f6181694218fa257f5f965a35bc4c8d44aedb336b97029064e8985c0d1983b1617d5ff80891af5252c35bd8a16d9e52ba7a52e466750fbb5
6
+ metadata.gz: 955267201ea388e0676962863224b79883a239830347a5d372415b45b71b52a334116ec58aac187dec20c7f5992ad7bc3422809da85a5dbbdbce53c062081ab3
7
+ data.tar.gz: 781b2d68d4808a3ff1ae72c5d252c75a3220aa1d23be6d456a9b15bc5c87f970f8b6cd0397888d19167d35b22b1830bfcd1f583827302b33b2cdd324810c22ae
data/.release-please-manifest.json CHANGED
@@ -1,3 +1,3 @@
1
1
  {
2
- ".": "0.10.1"
2
+ ".": "0.10.2"
3
3
  }
data/.rubocop.yml CHANGED
@@ -73,7 +73,7 @@ RSpec/MultipleExpectations:
73
73
  Max: 13
74
74
 
75
75
  RSpec/ExampleLength:
76
- Max: 34
76
+ Max: 40
77
77
 
78
78
  Gemspec/DevelopmentDependencies:
79
79
  Enabled: false
data/CHANGELOG.md CHANGED
@@ -1,5 +1,12 @@
1
1
  # Changelog
2
2
 
3
+ ## [0.10.2](https://github.com/jgnagy/bullion/compare/bullion/v0.10.1...bullion/v0.10.2) (2025-08-20)
4
+
5
+
6
+ ### Bug Fixes
7
+
8
+ * correct x509 certificate version to ensure x509v3 compliance ([0e8f6d7](https://github.com/jgnagy/bullion/commit/0e8f6d7bb6fc9b6913cff84390b1a5c436b53d2c))
9
+
3
10
  ## [0.10.1](https://github.com/jgnagy/bullion/compare/bullion/v0.10.0...bullion/v0.10.1) (2025-07-06)
4
11
 
5
12
 
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- bullion (0.10.1)
4
+ bullion (0.10.2)
5
5
  benchmark (~> 0.4)
6
6
  dry-configurable (~> 1.1)
7
7
  httparty (~> 0.21)
@@ -23,13 +23,13 @@ GEM
23
23
  base64 (~> 0.2)
24
24
  faraday (>= 1.0, < 3.0.0)
25
25
  faraday-retry (>= 1.0, < 3.0.0)
26
- activemodel (8.0.2)
27
- activesupport (= 8.0.2)
28
- activerecord (8.0.2)
29
- activemodel (= 8.0.2)
30
- activesupport (= 8.0.2)
26
+ activemodel (8.0.2.1)
27
+ activesupport (= 8.0.2.1)
28
+ activerecord (8.0.2.1)
29
+ activemodel (= 8.0.2.1)
30
+ activesupport (= 8.0.2.1)
31
31
  timeout (>= 0.4.0)
32
- activesupport (8.0.2)
32
+ activesupport (8.0.2.1)
33
33
  base64
34
34
  benchmark (>= 0.3)
35
35
  bigdecimal
data/lib/bullion/acme/error.rb CHANGED
@@ -19,53 +19,44 @@ module Bullion
19
19
  end
20
20
 
21
21
  module Errors
22
+ # ACME exception for nonexistent accounts
23
+ class AccountDoesNotExist < Bullion::Acme::Error
24
+ def acme_type = "accountDoesNotExist"
25
+ end
26
+
22
27
  # ACME exception for bad CSRs
23
28
  class BadCsr < Bullion::Acme::Error
24
- def acme_type
25
- "badCSR"
26
- end
29
+ def acme_type = "badCSR"
27
30
  end
28
31
 
29
32
  # ACME exception for bad Nonces
30
33
  class BadNonce < Bullion::Acme::Error
31
- def acme_type
32
- "badNonce"
33
- end
34
+ def acme_type = "badNonce"
34
35
  end
35
36
 
36
37
  # ACME exception for invalid contacts in accounts
37
38
  class InvalidContact < Bullion::Acme::Error
38
- def acme_type
39
- "invalidContact"
40
- end
39
+ def acme_type = "invalidContact"
41
40
  end
42
41
 
43
42
  # ACME exception for invalid orders
44
43
  class InvalidOrder < Bullion::Acme::Error
45
- def acme_type
46
- "invalidOrder"
47
- end
44
+ def acme_type = "invalidOrder"
48
45
  end
49
46
 
50
47
  # ACME exception for malformed requests
51
48
  class Malformed < Bullion::Acme::Error
52
- def acme_type
53
- "malformed"
54
- end
49
+ def acme_type = "malformed"
55
50
  end
56
51
 
57
52
  # ACME exception for unsupported contacts in accounts
58
53
  class UnsupportedContact < Bullion::Acme::Error
59
- def acme_type
60
- "unsupportedContact"
61
- end
54
+ def acme_type = "unsupportedContact"
62
55
  end
63
56
 
64
57
  # Non-standard exception for unsupported challenge types
65
58
  class UnsupportedChallengeType < Bullion::Acme::Error
66
- def acme_error
67
- "urn:ietf:params:bullion:error:unsupportedChallengeType"
68
- end
59
+ def acme_error = "urn:ietf:params:bullion:error:unsupportedChallengeType"
69
60
  end
70
61
  end
71
62
  end
data/lib/bullion/helpers/ssl.rb CHANGED
@@ -200,7 +200,7 @@ module Bullion
200
200
  # Create a OpenSSL cert using select info from the CSR
201
201
  csr_cert = OpenSSL::X509::Certificate.new
202
202
  csr_cert.serial = cert.serial
203
- csr_cert.version = 3
203
+ csr_cert.version = 2 # OpenSSL uses zero-indexed versions: 2 = x509v3
204
204
  csr_cert.not_before = Time.now
205
205
  # only 90 days for ACMEv2
206
206
  csr_cert.not_after = csr_cert.not_before + (3 * 30 * 24 * 60 * 60)
data/lib/bullion/services/ca.rb CHANGED
@@ -118,14 +118,9 @@ module Bullion
118
118
  # @see https://tools.ietf.org/html/rfc8555#section-7.3
119
119
  post "/accounts" do
120
120
  header_data = JSON.parse(Base64.decode64(@json_body[:protected]))
121
- begin
122
- parse_acme_jwt(header_data["jwk"], validate_nonce: false)
121
+ parse_acme_jwt(header_data["jwk"], validate_nonce: false)
123
122
 
124
- account_data_valid?(@payload_data)
125
- rescue Bullion::Acme::Error => e
126
- content_type "application/problem+json"
127
- halt 400, { type: e.acme_error, detail: e.message }.to_json
128
- end
123
+ account_data_valid?(@payload_data)
129
124
 
130
125
  user = Models::Account.where(
131
126
  public_key: header_data["jwk"]
@@ -133,7 +128,10 @@ module Bullion
133
128
 
134
129
  if @payload_data["onlyReturnExisting"]
135
130
  content_type "application/problem+json"
136
- halt 400, { type: "urn:ietf:params:acme:error:accountDoesNotExist" }.to_json unless user
131
+ unless user
132
+ raise Bullion::Acme::Error::AccountDoesNotExist,
133
+ "onlyReturnExisting requested and account does not exist"
134
+ end
137
135
  end
138
136
 
139
137
  user ||= Models::Account.new(public_key: header_data["jwk"])
@@ -149,6 +147,9 @@ module Bullion
149
147
  contact: user.contacts,
150
148
  orders: uri("/accounts/#{user.id}/orders")
151
149
  }.to_json
150
+ rescue Bullion::Acme::Error => e
151
+ content_type "application/problem+json"
152
+ halt 400, { type: e.acme_error, detail: e.message }.to_json
152
153
  end
153
154
 
154
155
  # Endpoint for updating accounts
data/lib/bullion/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Bullion
4
- VERSION = "0.10.1"
4
+ VERSION = "0.10.2"
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bullion
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.10.1
4
+ version: 0.10.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jonathan Gnagy