RubyGems - localhost - Versions diffs - 1.1.5 → 1.1.9 - Mend

localhost 1.1.5 → 1.1.9

Files changed (19) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8a1b3eb6d424eeebb97617e67e4024201dc4b212a2dc9127c7858b1f6637c0ed
-  data.tar.gz: da7d5bcad68fd00a7291039b5d325d3268abf8068af6948f69b6267c0a0980fc
+  metadata.gz: 5c6fcac1295924f18159bdfbf56da57dc568c01dfe16fe030ca4efa03a51f77d
+  data.tar.gz: e781042e92c7456d0e99ca8373c22433e193e4ac2dbea36829484a0fa121f77a
 SHA512:
-  metadata.gz: 6d636c0a1ed83c769a1d3b58a8a4fc2392c064ddc6357f7ae6da4f71037a1912296af6107c6fbff021f9997e5c075b6445d6e24e4ca09692ec4f1b6bb0b845d5
-  data.tar.gz: 133e22ea3545a383d2f111dd053bfb070b274ebe247be9956bfbce07e2be07ec4fea7779ca21fe26c1f90e2e1fbcacf891ef1ba41c8637d79199e16a3289930b
+  metadata.gz: 03f3a2b111cfdc84199224ac5ab66c842d03f79d7514354ba06086d057769d3b31fc7606333696f342d2e9d0d438c89a19a470f2e38f0f64a77c200d9897a724
+  data.tar.gz: b696353ce1f45d8dbd863cf33b677a5d25ff83b2703585eb1a9b42faf7efe83a0b6bc5105f7c558e36c8542c01da8649eb21804dba415c52a7772e9db292ff85

checksums.yaml.gz.sig ADDED Viewed

Binary file

data/lib/localhost/authority.rb CHANGED Viewed

@@ -22,25 +22,44 @@ require 'yaml'
 require 'openssl'
 module Localhost
+	# Represents a single public/private key pair for a given hostname.
 	class Authority
 		def self.path
 			File.expand_path("~/.localhost")
 		end
-		def self.fetch(*args)
-			authority = self.new(*args)
-			path = self.path
+		# List all certificate authorities in the given directory:
+		def self.list(root = self.path)
+			return to_enum(:list) unless block_given?
-			unless authority.load(path)
-				Dir.mkdir(path, 0700) unless File.directory?(path)
+			Dir.glob("*.crt", base: root) do |path|
+				name = File.basename(path, ".crt")
-				authority.save(path)
+				authority = self.new(name, root: root)
+				if authority.load
+					yield authority
+				end
+			end
+		end
+		# Fetch (load or create) a certificate with the given hostname.
+		# See {#initialize} for the format of the arguments.
+		def self.fetch(*arguments, **options)
+			authority = self.new(*arguments, **options)
+			unless authority.load
+				authority.save
 			end
 			return authority
 		end
-		def initialize(hostname = "localhost")
+		# Create an authority forn the given hostname.
+		# @parameter hostname [String] The common name to use for the certificate.
+		# @parameter root [String] The root path for loading and saving the certificate.
+		def initialize(hostname = "localhost", root: self.class.path)
+			@root = root
 			@hostname = hostname
 			@key = nil
@@ -49,6 +68,9 @@ module Localhost
 			@store = nil
 		end
+		# The hostname of the certificate authority.
+		attr :hostname
 		BITS = 1024*2
 		def ecdh_key
@@ -59,6 +81,17 @@ module Localhost
 			@dh_key ||= OpenSSL::PKey::DH.new(BITS)
 		end
+		# The private key path.
+		def key_path
+			File.join(@root, "#{@hostname}.key")
+		end
+		# The public certificate path.
+		def certificate_path
+			File.join(@root, "#{@hostname}.crt")
+		end
+		# The private key.
 		def key
 			@key ||= OpenSSL::PKey::RSA.new(BITS)
 		end
@@ -67,14 +100,17 @@ module Localhost
 			@key = key
 		end
+		# The certificate name.
 		def name
-			@name ||= OpenSSL::X509::Name.parse("O=Development/CN=#{@hostname}")
+			@name ||= OpenSSL::X509::Name.parse("/O=Development/CN=#{@hostname}")
 		end
 		def name= name
 			@name = name
 		end
+		# The public certificate.
+		# @returns [OpenSSL::X509::Certificate] A self-signed certificate.
 		def certificate
 			@certificate ||= OpenSSL::X509::Certificate.new.tap do |certificate|
 				certificate.subject = self.name
@@ -105,7 +141,7 @@ module Localhost
 			end
 		end
-		# The certificate store which is used for validating the server certificate:
+		# The certificate store which is used for validating the server certificate.
 		def store
 			@store ||= OpenSSL::X509::Store.new.tap do |store|
 				store.add_cert(self.certificate)
@@ -114,8 +150,9 @@ module Localhost
 		SERVER_CIPHERS = "EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5".freeze
-		def server_context(*args)
-			OpenSSL::SSL::SSLContext.new(*args).tap do |context|
+		# @returns [OpenSSL::SSL::SSLContext] An context suitable for implementing a secure server.
+		def server_context(*arguments)
+			OpenSSL::SSL::SSLContext.new(*arguments).tap do |context|
 				context.key = self.key
 				context.cert = self.certificate
@@ -126,7 +163,7 @@ module Localhost
 				end
 				if context.respond_to? :ecdh_curves=
-					context.ecdh_curves = 'P-256:P-384:P-224:P-521'
+					context.ecdh_curves = 'P-256:P-384:P-521'
 				elsif context.respond_to? :tmp_ecdh_callback=
 					context.tmp_ecdh_callback = proc {self.ecdh_key}
 				end
@@ -138,6 +175,7 @@ module Localhost
 			end
 		end
+		# @returns [OpenSSL::SSL::SSLContext] An context suitable for connecting to a secure server using this authority.
 		def client_context(*args)
 			OpenSSL::SSL::SSLContext.new(*args).tap do |context|
 				context.cert_store = self.store
@@ -148,8 +186,8 @@ module Localhost
 			end
 		end
-		def load(path)
-			if File.directory? path
+		def load(path = @root)
+			if File.directory?(path)
 				certificate_path = File.join(path, "#{@hostname}.crt")
 				key_path = File.join(path, "#{@hostname}.key")
@@ -168,16 +206,24 @@ module Localhost
 			end
 		end
-		def save(path)
-			File.write(
-				File.join(path, "#{@hostname}.crt"),
-				self.certificate.to_pem
-			)
+		def save(path = @root)
+			Dir.mkdir(path, 0700) unless File.directory?(path)
-			File.write(
-				File.join(path, "#{@hostname}.key"),
-				self.key.to_pem
-			)
+			lockfile_path = File.join(path, "#{@hostname}.lock")
+			File.open(lockfile_path, File::RDWR|File::CREAT, 0644) do |lockfile|
+				lockfile.flock(File::LOCK_EX)
+				File.write(
+					File.join(path, "#{@hostname}.crt"),
+					self.certificate.to_pem
+				)
+				File.write(
+					File.join(path, "#{@hostname}.key"),
+					self.key.to_pem
+				)
+			end
 		end
 	end
 end

data/lib/localhost/version.rb CHANGED Viewed

@@ -19,5 +19,5 @@
 # THE SOFTWARE.
 module Localhost
-	VERSION = "1.1.5"
+	VERSION = "1.1.9"
 end

data/lib/localhost.rb CHANGED Viewed

@@ -18,4 +18,5 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
-require "localhost/version"
+require_relative 'localhost/version'
+require_relative 'localhost/authority'

data.tar.gz.sig ADDED Viewed

Binary file

metadata CHANGED Viewed

@@ -1,17 +1,45 @@
 --- !ruby/object:Gem::Specification
 name: localhost
 version: !ruby/object:Gem::Version
-  version: 1.1.5
+  version: 1.1.9
 platform: ruby
 authors:
 - Samuel Williams
-autorequire:
+autorequire:
 bindir: bin
-cert_chain: []
-date: 2019-04-07 00:00:00.000000000 Z
+cert_chain:
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIEhDCCAuygAwIBAgIBATANBgkqhkiG9w0BAQsFADA3MTUwMwYDVQQDDCxzYW11
+  ZWwud2lsbGlhbXMvREM9b3Jpb250cmFuc2Zlci9EQz1jby9EQz1uejAeFw0yMTA4
+  MTYwNjMzNDRaFw0yMjA4MTYwNjMzNDRaMDcxNTAzBgNVBAMMLHNhbXVlbC53aWxs
+  aWFtcy9EQz1vcmlvbnRyYW5zZmVyL0RDPWNvL0RDPW56MIIBojANBgkqhkiG9w0B
+  AQEFAAOCAY8AMIIBigKCAYEAyXLSS/cw+fXJ5e7hi+U/TeChPWeYdwJojDsFY1xr
+  xvtqbTTL8gbLHz5LW3QD2nfwCv3qTlw0qI3Ie7a9VMJMbSvgVEGEfQirqIgJXWMj
+  eNMDgKsMJtC7u/43abRKx7TCURW3iWyR19NRngsJJmaR51yGGGm2Kfsr+JtKKLtL
+  L188Wm3f13KAx7QJU8qyuBnj1/gWem076hzdA7xi1DbrZrch9GCRz62xymJlrJHn
+  9iZEZ7AxrS7vokhMlzSr/XMUihx/8aFKtk+tMLClqxZSmBWIErWdicCGTULXCBNb
+  E/mljo4zEVKhlTWpJklMIhr55ZRrSarKFuW7en0+tpJrfsYiAmXMJNi4XAYJH7uL
+  rgJuJwSaa/dMz+VmUoo7VKtSfCoOI+6v5/z0sK3oT6sG6ZwyI47DBq2XqNC6tnAj
+  w+XmCywiTQrFzMMAvcA7rPI4F0nU1rZId51rOvvfxaONp+wgTi4P8owZLw0/j0m4
+  8C20DYi6EYx4AHDXiLpElWh3AgMBAAGjgZowgZcwCQYDVR0TBAIwADALBgNVHQ8E
+  BAMCBLAwHQYDVR0OBBYEFB6ZaeWKxQjGTI+pmz7cKRmMIywwMC4GA1UdEQQnMCWB
+  I3NhbXVlbC53aWxsaWFtc0BvcmlvbnRyYW5zZmVyLmNvLm56MC4GA1UdEgQnMCWB
+  I3NhbXVlbC53aWxsaWFtc0BvcmlvbnRyYW5zZmVyLmNvLm56MA0GCSqGSIb3DQEB
+  CwUAA4IBgQBVoM+pu3dpdUhZM1w051iw5GfiqclAr1Psypf16Tiod/ho//4oAu6T
+  9fj3DPX/acWV9P/FScvqo4Qgv6g4VWO5ZU7z2JmPoTXZtYMunRAmQPFL/gSUc6aK
+  vszMHIyhtyzRc6DnfW2AiVOjMBjaYv8xXZc9bduniRVPrLR4J7ozmGLh4o4uJp7w
+  x9KCFaR8Lvn/r0oJWJOqb/DMAYI83YeN2Dlt3jpwrsmsONrtC5S3gOUle5afSGos
+  bYt5ocnEpKSomR9ZtnCGljds/aeO1Xgpn2r9HHcjwnH346iNrnHmMlC7BtHUFPDg
+  Ts92S47PTOXzwPBDsrFiq3VLbRjHSwf8rpqybQBH9MfzxGGxTaETQYOd6b4e4Ag6
+  y92abGna0bmIEb4+Tx9rQ10Uijh1POzvr/VTH4bbIPy9FbKrRsIQ24qDbNJRtOpE
+  RAOsIl+HOBTb252nx1kIRN5hqQx272AJCbCjKx8egcUQKffFVVCI0nye09v5CK+a
+  HiLJ8VOFx6w=
+  -----END CERTIFICATE-----
+date: 2021-09-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: covered
+  name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -25,33 +53,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.16'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.16'
-- !ruby/object:Gem::Dependency
-  name: rake
+  name: covered
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -66,31 +80,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.0'
-description:
+description:
 email:
-- samuel.williams@oriontransfer.co.nz
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".editorconfig"
-- ".gitignore"
-- ".rspec"
-- ".travis.yml"
-- Gemfile
-- README.md
-- Rakefile
-- examples/https.rb
 - lib/localhost.rb
 - lib/localhost/authority.rb
 - lib/localhost/version.rb
-- localhost.gemspec
-- media/chrome.png
-- media/safari.png
 homepage: https://github.com/socketry/localhost
-licenses: []
+licenses:
+- MIT
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -105,8 +108,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key:
+rubygems_version: 3.1.6
+signing_key:
 specification_version: 4
 summary: Manage a local certificate authority for self-signed localhost development
   servers.

metadata.gz.sig ADDED Viewed

Binary file

data/.editorconfig DELETED Viewed

@@ -1,6 +0,0 @@
-root = true
-[*]
-indent_style = tab
-indent_size = 2

data/.gitignore DELETED Viewed

@@ -1,13 +0,0 @@
-/.bundle/
-/.yardoc
-/_yardoc/
-/coverage/
-/doc/
-/pkg/
-/spec/reports/
-/tmp/
-# rspec failure tracking
-.rspec_status
-/ssl/

data/.rspec DELETED Viewed

@@ -1,3 +0,0 @@
---format documentation
---color
---require spec_helper

data/.travis.yml DELETED Viewed

@@ -1,22 +0,0 @@
-language: ruby
-dist: xenial
-cache: bundler
-matrix:
-  include:
-    - rvm: 2.3
-    - rvm: 2.4
-    - rvm: 2.5
-    - rvm: 2.6
-    - rvm: 2.6
-      os: osx
-    - rvm: 2.6
-      env: COVERAGE=BriefSummary,Coveralls
-    - rvm: truffleruby
-    - rvm: jruby-head
-      env: JRUBY_OPTS="--debug -X+O"
-    - rvm: ruby-head
-  allow_failures:
-    - rvm: truffleruby
-    - rvm: ruby-head
-    - rvm: jruby-head

data/Gemfile DELETED Viewed

@@ -1,13 +0,0 @@
-source "https://rubygems.org"
-git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
-# Specify your gem's dependencies in localhost.gemspec
-gemspec
-group :development do
-	gem 'async-io'
-	gem 'async-rspec'
-	gem 'async-process'
-end

data/README.md DELETED Viewed

@@ -1,132 +0,0 @@
-# Localhost [![Build Status](https://travis-ci.com/socketry/localhost.svg)](https://travis-ci.com/socketry/localhost)
-This gem provides a convenient API for generating per-user self-signed root certificates.
-## Motivation
-HTTP/2 requires SSL in web browsers. If you want to use HTTP/2 for development (and you should), you need to start using URLs like `https://localhost:8080`. In most cases, this requires adding a self-signed certificate to your certificate store (e.g. Keychain on macOS), and storing the private key for the web-server to use.
-I wanted to provide a server-agnostic way of doing this, primarily because I think it makes sense to minimise the amount of junky self-signed keys you add to your certificate store for `localhost`.
-## Installation
-Add this line to your application's Gemfile:
-```ruby
-gem 'localhost'
-```
-And then execute:
-	$ bundle
-Or install it yourself as:
-	$ gem install localhost
-## Usage
-This example shows how to generate a certificate for an SSL secured server:
-```ruby
-require 'socket'
-require 'thread'
-require 'localhost/authority'
-# Get the self-signed authority for localhost:
-authority = Localhost::Authority.fetch
-ready = Thread::Queue.new
-# Start a server thread:
-server_thread = Thread.new do
-	server = OpenSSL::SSL::SSLServer.new(TCPServer.new("localhost", 4050), authority.server_context)
-	server.listen
-	ready << true
-	peer = server.accept
-	peer.puts "Hello World!"
-	peer.flush
-	peer.close
-end
-ready.pop
-client = OpenSSL::SSL::SSLSocket.new(TCPSocket.new("localhost", 4050), authority.client_context)
-# Initialize SSL connection:
-client.connect
-# Read the encrypted message:
-puts client.read(12)
-client.close
-server_thread.join
-```
-If you use Safari to access such a server, it will allow you to add the certificate to your keychain without much work. Once you've done this, you won't need to do it again for any other site when running such a development environment from the same user account.
-For an example of how to make your own HTTPS web server, see [examples/https.rb](examples/https.rb).
-### Safari
-If you use this with a web server, when you open the site in Safari:
-![Safari](media/safari.png)
-- Click "View the certificate" to check that it is the correct certificate.
-- Click "visit this website" which will prompt you to add the certificate to your keychain. Once you've done this, it should work for a long time.
-### Chrome
-If you use this with a web server, when you open the site in Chrome:
-![Chrome](media/chrome.png)
-- Click "ADVANCED" to see additional details, including...
-- Click "Proceed to localhost (unsafe)" which will allow you to use the site for the current browser session.
-### Files
-The certificate and private key are stored in `~/.localhost/`. You can delete them and they will be regenerated. If you added the certificate to your keychain, you'll probably want to delete that too.
-## Contributing
-1. Fork it
-2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Add some feature'`)
-4. Push to the branch (`git push origin my-new-feature`)
-5. Create new Pull Request
-## See Also
-- [falcon](https://github.com/socketry/falcon) — Uses this `Localhost::Authority` to provide HTTP/2 with minimal configuration for `localhost`.
-## License
-Released under the MIT license.
-Copyright, 2018, by [Samuel G. D. Williams](http://www.codeotaku.com/samuel-williams).
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.

data/Rakefile DELETED Viewed

@@ -1,6 +0,0 @@
-require "bundler/gem_tasks"
-require "rspec/core/rake_task"
-RSpec::Core::RakeTask.new(:spec)
-task :default => :spec

data/examples/https.rb DELETED Viewed

@@ -1,43 +0,0 @@
-#!/usr/bin/env ruby
-require 'async'
-require 'async/io/host_endpoint'
-require 'async/io/ssl_endpoint'
-require 'async/http/server'
-require 'async/http/client'
-require 'localhost/authority'
-# The (self-signed) authority to use:
-hostname = "localhost"
-authority = Localhost::Authority.fetch(hostname)
-# The server app:
-app = lambda do |request|
-	Async::HTTP::Response[200, {}, ["Hello World!"]]
-end
-# Bind to the specified host:
-endpoint = Async::IO::Endpoint.tcp(hostname, "8080")
-# Prepare the server, endpoint will be used for `bind`:
-server_endpoint = Async::IO::SSLEndpoint.new(endpoint, ssl_context: authority.server_context)
-server = Async::HTTP::Server.new(app, server_endpoint, Async::HTTP::Protocol::HTTP1)
-# Prepare the client, endpoint will be used for `connect`:
-client_endpoint = Async::IO::SSLEndpoint.new(endpoint, ssl_context: authority.client_context)
-client = Async::HTTP::Client.new(client_endpoint, Async::HTTP::Protocol::HTTP1)
-# Run the reactor:
-Async::Reactor.run do |task|
-	# Start the server task:
-	server_task = task.async do
-		server.run
-	end
-	# Connect to the server:
-	response = client.get("/")
-	puts "Status: #{response.status}\n#{response.read}"
-	# Stop the server:
-	server_task.stop
-end

data/localhost.gemspec DELETED Viewed

@@ -1,23 +0,0 @@
-require_relative "lib/localhost/version"
-Gem::Specification.new do |spec|
-	spec.name          = "localhost"
-	spec.version       = Localhost::VERSION
-	spec.authors       = ["Samuel Williams"]
-	spec.email         = ["samuel.williams@oriontransfer.co.nz"]
-	spec.summary       = "Manage a local certificate authority for self-signed localhost development servers."
-	spec.homepage      = "https://github.com/socketry/localhost"
-	spec.files         = `git ls-files -z`.split("\x0").reject do |f|
-		f.match(%r{^(test|spec|features)/})
-	end
-	spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
-	spec.require_paths = ["lib"]
-	spec.add_development_dependency "covered"
-	spec.add_development_dependency "bundler", "~> 1.16"
-	spec.add_development_dependency "rake", "~> 10.0"
-	spec.add_development_dependency "rspec", "~> 3.0"
-end

data/media/chrome.png DELETED Viewed

Binary file

data/media/safari.png DELETED Viewed

Binary file