bullion 0.6.1 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +46 -43
- data/lib/bullion/challenge_client.rb +4 -0
- data/lib/bullion/models/challenge.rb +8 -1
- data/lib/bullion/services/ca.rb +2 -0
- data/lib/bullion/version.rb +2 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 36ed2c3c1d482d903b483d03c4295a9ad784763f34becf488e55775b2d248594
|
|
4
|
+
data.tar.gz: dea3a389dd9aa344d8f2e570af7913e00be67d5ec47bc5e6eb6f31f5dce4e356
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ced33b6e567f3e9fd3529e08172b7f7e40a64042868f75589cbeda8db5a20067ff8e7851be257e2d1b9c8ae9ffd6c017a4e275671a8b50fc52732e5c0e1493d9
|
|
7
|
+
data.tar.gz: e6c3371fbb984eccb6e32ccc5d719372f3faf313ac0ed3f938eb7d6f339b2a88d8fa2a4be8231a820f24c61dcfb4ef3dcf3c877c53805e29ace1fa69b30d766f
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
bullion (0.
|
|
4
|
+
bullion (0.7.0)
|
|
5
5
|
dry-configurable (~> 1.1)
|
|
6
6
|
httparty (~> 0.21)
|
|
7
7
|
json (~> 2.6)
|
|
@@ -18,16 +18,16 @@ PATH
|
|
|
18
18
|
GEM
|
|
19
19
|
remote: https://rubygems.org/
|
|
20
20
|
specs:
|
|
21
|
-
acme-client (2.0.
|
|
21
|
+
acme-client (2.0.16)
|
|
22
22
|
faraday (>= 1.0, < 3.0.0)
|
|
23
23
|
faraday-retry (>= 1.0, < 3.0.0)
|
|
24
|
-
activemodel (7.1.
|
|
25
|
-
activesupport (= 7.1.
|
|
26
|
-
activerecord (7.1.
|
|
27
|
-
activemodel (= 7.1.
|
|
28
|
-
activesupport (= 7.1.
|
|
24
|
+
activemodel (7.1.3)
|
|
25
|
+
activesupport (= 7.1.3)
|
|
26
|
+
activerecord (7.1.3)
|
|
27
|
+
activemodel (= 7.1.3)
|
|
28
|
+
activesupport (= 7.1.3)
|
|
29
29
|
timeout (>= 0.4.0)
|
|
30
|
-
activesupport (7.1.
|
|
30
|
+
activesupport (7.1.3)
|
|
31
31
|
base64
|
|
32
32
|
bigdecimal
|
|
33
33
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
|
@@ -41,9 +41,9 @@ GEM
|
|
|
41
41
|
backport (1.2.0)
|
|
42
42
|
base64 (0.2.0)
|
|
43
43
|
benchmark (0.3.0)
|
|
44
|
-
bigdecimal (3.1.
|
|
44
|
+
bigdecimal (3.1.6)
|
|
45
45
|
byebug (11.1.3)
|
|
46
|
-
concurrent-ruby (1.2.
|
|
46
|
+
concurrent-ruby (1.2.3)
|
|
47
47
|
connection_pool (2.4.1)
|
|
48
48
|
diff-lcs (1.5.0)
|
|
49
49
|
docile (1.4.0)
|
|
@@ -56,11 +56,10 @@ GEM
|
|
|
56
56
|
concurrent-ruby (~> 1.0)
|
|
57
57
|
zeitwerk (~> 2.6)
|
|
58
58
|
e2mmap (0.1.0)
|
|
59
|
-
faraday (2.
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
faraday-net_http (3.0.2)
|
|
59
|
+
faraday (2.9.0)
|
|
60
|
+
faraday-net_http (>= 2.0, < 3.2)
|
|
61
|
+
faraday-net_http (3.1.0)
|
|
62
|
+
net-http
|
|
64
63
|
faraday-retry (2.2.0)
|
|
65
64
|
faraday (~> 2.0)
|
|
66
65
|
httparty (0.21.0)
|
|
@@ -69,7 +68,7 @@ GEM
|
|
|
69
68
|
i18n (1.14.1)
|
|
70
69
|
concurrent-ruby (~> 1.0)
|
|
71
70
|
jaro_winkler (1.5.6)
|
|
72
|
-
json (2.
|
|
71
|
+
json (2.7.1)
|
|
73
72
|
jwt (2.7.1)
|
|
74
73
|
kramdown (2.4.0)
|
|
75
74
|
rexml
|
|
@@ -78,39 +77,42 @@ GEM
|
|
|
78
77
|
language_server-protocol (3.17.0.3)
|
|
79
78
|
mini_mime (1.1.5)
|
|
80
79
|
mini_portile2 (2.8.5)
|
|
81
|
-
minitest (5.
|
|
80
|
+
minitest (5.21.2)
|
|
82
81
|
multi_json (1.15.0)
|
|
83
82
|
multi_xml (0.6.0)
|
|
84
83
|
mustermann (3.0.0)
|
|
85
84
|
ruby2_keywords (~> 0.0.1)
|
|
86
85
|
mutex_m (0.2.0)
|
|
87
86
|
mysql2 (0.5.5)
|
|
88
|
-
|
|
89
|
-
|
|
87
|
+
net-http (0.4.1)
|
|
88
|
+
uri
|
|
89
|
+
nio4r (2.7.0)
|
|
90
|
+
nokogiri (1.16.0)
|
|
90
91
|
mini_portile2 (~> 2.8.2)
|
|
91
92
|
racc (~> 1.4)
|
|
92
|
-
nokogiri (1.
|
|
93
|
+
nokogiri (1.16.0-arm64-darwin)
|
|
93
94
|
racc (~> 1.4)
|
|
94
|
-
nokogiri (1.
|
|
95
|
+
nokogiri (1.16.0-x86_64-linux)
|
|
95
96
|
racc (~> 1.4)
|
|
96
97
|
openssl (3.2.0)
|
|
97
|
-
parallel (1.
|
|
98
|
-
parser (3.
|
|
98
|
+
parallel (1.24.0)
|
|
99
|
+
parser (3.3.0.5)
|
|
99
100
|
ast (~> 2.4.1)
|
|
100
101
|
racc
|
|
101
102
|
prometheus-client (4.2.2)
|
|
102
|
-
puma (6.4.
|
|
103
|
+
puma (6.4.2)
|
|
103
104
|
nio4r (~> 2.0)
|
|
104
105
|
racc (1.7.3)
|
|
105
106
|
rack (2.2.8)
|
|
106
|
-
rack-protection (3.
|
|
107
|
+
rack-protection (3.2.0)
|
|
108
|
+
base64 (>= 0.1.0)
|
|
107
109
|
rack (~> 2.2, >= 2.2.4)
|
|
108
110
|
rack-test (2.1.0)
|
|
109
111
|
rack (>= 1.3)
|
|
110
112
|
rainbow (3.1.1)
|
|
111
113
|
rake (13.1.0)
|
|
112
114
|
rbs (2.8.4)
|
|
113
|
-
regexp_parser (2.
|
|
115
|
+
regexp_parser (2.9.0)
|
|
114
116
|
reverse_markdown (2.1.1)
|
|
115
117
|
nokogiri
|
|
116
118
|
rexml (3.2.6)
|
|
@@ -127,26 +129,26 @@ GEM
|
|
|
127
129
|
diff-lcs (>= 1.2.0, < 2.0)
|
|
128
130
|
rspec-support (~> 3.12.0)
|
|
129
131
|
rspec-support (3.12.1)
|
|
130
|
-
rubocop (1.
|
|
132
|
+
rubocop (1.60.2)
|
|
131
133
|
json (~> 2.3)
|
|
132
134
|
language_server-protocol (>= 3.17.0)
|
|
133
135
|
parallel (~> 1.10)
|
|
134
|
-
parser (>= 3.
|
|
136
|
+
parser (>= 3.3.0.2)
|
|
135
137
|
rainbow (>= 2.2.2, < 4.0)
|
|
136
138
|
regexp_parser (>= 1.8, < 3.0)
|
|
137
139
|
rexml (>= 3.2.5, < 4.0)
|
|
138
|
-
rubocop-ast (>= 1.
|
|
140
|
+
rubocop-ast (>= 1.30.0, < 2.0)
|
|
139
141
|
ruby-progressbar (~> 1.7)
|
|
140
142
|
unicode-display_width (>= 2.4.0, < 3.0)
|
|
141
143
|
rubocop-ast (1.30.0)
|
|
142
144
|
parser (>= 3.2.1.0)
|
|
143
|
-
rubocop-capybara (2.
|
|
145
|
+
rubocop-capybara (2.20.0)
|
|
146
|
+
rubocop (~> 1.41)
|
|
147
|
+
rubocop-factory_bot (2.25.1)
|
|
144
148
|
rubocop (~> 1.41)
|
|
145
|
-
rubocop-factory_bot (2.24.0)
|
|
146
|
-
rubocop (~> 1.33)
|
|
147
149
|
rubocop-rake (0.6.0)
|
|
148
150
|
rubocop (~> 1.0)
|
|
149
|
-
rubocop-rspec (2.
|
|
151
|
+
rubocop-rspec (2.26.1)
|
|
150
152
|
rubocop (~> 1.40)
|
|
151
153
|
rubocop-capybara (~> 2.17)
|
|
152
154
|
rubocop-factory_bot (~> 2.22)
|
|
@@ -161,21 +163,21 @@ GEM
|
|
|
161
163
|
simplecov (~> 0.19)
|
|
162
164
|
simplecov-html (0.12.3)
|
|
163
165
|
simplecov_json_formatter (0.1.4)
|
|
164
|
-
sinatra (3.
|
|
166
|
+
sinatra (3.2.0)
|
|
165
167
|
mustermann (~> 3.0)
|
|
166
168
|
rack (~> 2.2, >= 2.2.4)
|
|
167
|
-
rack-protection (= 3.
|
|
169
|
+
rack-protection (= 3.2.0)
|
|
168
170
|
tilt (~> 2.0)
|
|
169
171
|
sinatra-activerecord (2.0.27)
|
|
170
172
|
activerecord (>= 4.1)
|
|
171
173
|
sinatra (>= 1.0)
|
|
172
|
-
sinatra-contrib (3.
|
|
173
|
-
multi_json
|
|
174
|
+
sinatra-contrib (3.2.0)
|
|
175
|
+
multi_json (>= 0.0.2)
|
|
174
176
|
mustermann (~> 3.0)
|
|
175
|
-
rack-protection (= 3.
|
|
176
|
-
sinatra (= 3.
|
|
177
|
+
rack-protection (= 3.2.0)
|
|
178
|
+
sinatra (= 3.2.0)
|
|
177
179
|
tilt (~> 2.0)
|
|
178
|
-
solargraph (0.
|
|
180
|
+
solargraph (0.50.0)
|
|
179
181
|
backport (~> 1.2)
|
|
180
182
|
benchmark
|
|
181
183
|
bundler (~> 2.0)
|
|
@@ -191,16 +193,17 @@ GEM
|
|
|
191
193
|
thor (~> 1.0)
|
|
192
194
|
tilt (~> 2.0)
|
|
193
195
|
yard (~> 0.9, >= 0.9.24)
|
|
194
|
-
sqlite3 (1.
|
|
196
|
+
sqlite3 (1.7.1)
|
|
195
197
|
mini_portile2 (~> 2.8.0)
|
|
196
|
-
sqlite3 (1.
|
|
197
|
-
sqlite3 (1.
|
|
198
|
+
sqlite3 (1.7.1-arm64-darwin)
|
|
199
|
+
sqlite3 (1.7.1-x86_64-linux)
|
|
198
200
|
thor (1.3.0)
|
|
199
201
|
tilt (2.3.0)
|
|
200
202
|
timeout (0.4.1)
|
|
201
203
|
tzinfo (2.0.6)
|
|
202
204
|
concurrent-ruby (~> 1.0)
|
|
203
205
|
unicode-display_width (2.5.0)
|
|
206
|
+
uri (0.13.0)
|
|
204
207
|
yard (0.9.34)
|
|
205
208
|
zeitwerk (2.6.12)
|
|
206
209
|
|
|
@@ -22,6 +22,8 @@ module Bullion
|
|
|
22
22
|
tries = 0
|
|
23
23
|
success = false
|
|
24
24
|
|
|
25
|
+
challenge.update!(status: "processing")
|
|
26
|
+
|
|
25
27
|
benchtime = Benchmark.realtime do
|
|
26
28
|
until success || tries >= retries
|
|
27
29
|
tries += 1
|
|
@@ -39,6 +41,8 @@ module Bullion
|
|
|
39
41
|
unless success
|
|
40
42
|
LOGGER.info "Failed to validate #{type} #{identifier}"
|
|
41
43
|
challenge.status = "invalid"
|
|
44
|
+
challenge.authorization.update!(status: "invalid")
|
|
45
|
+
challenge.authorization.order.update!(status: "invalid")
|
|
42
46
|
end
|
|
43
47
|
|
|
44
48
|
challenge.save
|
|
@@ -24,7 +24,7 @@ module Bullion
|
|
|
24
24
|
|
|
25
25
|
def thumbprint
|
|
26
26
|
cipher = OpenSSL::Digest.new("SHA256")
|
|
27
|
-
digest = cipher.digest(
|
|
27
|
+
digest = cipher.digest(lexicographically_ordered_public_key.to_json)
|
|
28
28
|
Base64.urlsafe_encode64(digest).sub(/[\s=]*\z/, "")
|
|
29
29
|
end
|
|
30
30
|
|
|
@@ -38,6 +38,13 @@ module Bullion
|
|
|
38
38
|
|
|
39
39
|
challenge_class.new(self)
|
|
40
40
|
end
|
|
41
|
+
|
|
42
|
+
private
|
|
43
|
+
|
|
44
|
+
def lexicographically_ordered_public_key
|
|
45
|
+
jwk = authorization.order.account.public_key
|
|
46
|
+
[["e", jwk["e"]], ["kty", jwk["kty"]], ["n", jwk["n"]]].to_h
|
|
47
|
+
end
|
|
41
48
|
end
|
|
42
49
|
end
|
|
43
50
|
end
|
data/lib/bullion/services/ca.rb
CHANGED
|
@@ -345,6 +345,8 @@ module Bullion
|
|
|
345
345
|
# Oddly enough, cert-manager uses a GET request for retrieving Challenge info
|
|
346
346
|
challenge.client.attempt unless @json_body && @json_body[:payload] == ""
|
|
347
347
|
|
|
348
|
+
challenge.reload
|
|
349
|
+
|
|
348
350
|
data = {
|
|
349
351
|
type: challenge.acme_type,
|
|
350
352
|
status: challenge.status,
|
data/lib/bullion/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bullion
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jonathan Gnagy
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-01-
|
|
11
|
+
date: 2024-01-30 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dry-configurable
|