localhost 1.1.8 → 1.1.10

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7a8bb85b8e82b1ceaec73363ba246313ee46da6d47c948ed2b57bfa1f931b51a
-  data.tar.gz: 8953521fbcd8eb215ddfaaa59a65b96715c8e69dfb925b0794d1e5e41c204613
+  metadata.gz: a395225f2917aaac6c5334ec82ade0ff869f7987993b6394e9b7c95920a668c2
+  data.tar.gz: f14685f7e6a7967234438d55f63185ef5676781a638faf82eb958fec91f50c01
 SHA512:
-  metadata.gz: 16e6781fb5b9caf6180ae68579066d2ab0006fbbb5107d81a6ed475dabeb37a0362ecb67a4e19a7f4d527794e56848c9c367286a1a6424494e0f3bc81cfc9704
-  data.tar.gz: 93a1b52e82b6abf55413b9af17f3769bc659cfcc857da9e6a0c9860120137247490abd11d9261d17539f1ef9ef234db29827c3ce07745ac89a0dd1ebad28b2fb
+  metadata.gz: 532fac64fd1f75d2f56607647703c47c5d27896a29e5625c55bed64dec0a099b78f619c31b6a6c9cb3120482eeae226f0d24faf9880e0890074efe247f34b559
+  data.tar.gz: 3b4fab6a9028615436bf87162e029ce26334e6e2b4cd6cf6ef981a980404c7a1a8eabbe7cd4d3a7b9fe66d8f3acec7b9a5573737fec335c2039e51758be5adea

data/lib/localhost/authority.rb

@@ -1,46 +1,54 @@
-# Copyright, 2018, by Samuel G. D. Williams. <http://www.codeotaku.com>
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
+# frozen_string_literal: true
+
+# Released under the MIT License.
+# Copyright, 2018-2023, by Samuel Williams.
+# Copyright, 2019, by Richard S. Leung.
+# Copyright, 2021, by Akshay Birajdar.
+# Copyright, 2021, by Ye Lin Aung.
+# Copyright, 2023, by Antonio Terceiro.
+# Copyright, 2023, by Yuuji Yaginuma.
 
-require 'yaml'
 require 'openssl'
 
 module Localhost
+	# Represents a single public/private key pair for a given hostname.
 	class Authority
 		def self.path
 			File.expand_path("~/.localhost")
 		end
 		
-		def self.fetch(*args)
-			authority = self.new(*args)
-			path = self.path
+		# List all certificate authorities in the given directory:
+		def self.list(root = self.path)
+			return to_enum(:list) unless block_given?
 			
-			unless authority.load(path)
-				Dir.mkdir(path, 0700) unless File.directory?(path)
+			Dir.glob("*.crt", base: root) do |path|
+				name = File.basename(path, ".crt")
+				
+				authority = self.new(name, root: root)
 				
-				authority.save(path)
+				if authority.load
+					yield authority
+				end
+			end
+		end
+		
+		# Fetch (load or create) a certificate with the given hostname.
+		# See {#initialize} for the format of the arguments.
+		def self.fetch(*arguments, **options)
+			authority = self.new(*arguments, **options)
+			
+			unless authority.load
+				authority.save
 			end
 			
 			return authority
 		end
 		
-		def initialize(hostname = "localhost")
+		# Create an authority forn the given hostname.
+		# @parameter hostname [String] The common name to use for the certificate.
+		# @parameter root [String] The root path for loading and saving the certificate.
+		def initialize(hostname = "localhost", root: self.class.path)
+			@root = root
 			@hostname = hostname
 			
 			@key = nil
@@ -49,6 +57,9 @@ module Localhost
 			@store = nil
 		end
 		
+		# The hostname of the certificate authority.
+		attr :hostname
+		
 		BITS = 1024*2
 		
 		def ecdh_key
@@ -59,6 +70,17 @@ module Localhost
 			@dh_key ||= OpenSSL::PKey::DH.new(BITS)
 		end
 		
+		# The private key path.
+		def key_path
+			File.join(@root, "#{@hostname}.key")
+		end
+		
+		# The public certificate path.
+		def certificate_path
+			File.join(@root, "#{@hostname}.crt")
+		end
+		
+		# The private key.
 		def key
 			@key ||= OpenSSL::PKey::RSA.new(BITS)
 		end
@@ -67,6 +89,7 @@ module Localhost
 			@key = key
 		end
 		
+		# The certificate name.
 		def name
 			@name ||= OpenSSL::X509::Name.parse("/O=Development/CN=#{@hostname}")
 		end
@@ -75,6 +98,8 @@ module Localhost
 			@name = name
 		end
 		
+		# The public certificate.
+		# @returns [OpenSSL::X509::Certificate] A self-signed certificate.
 		def certificate
 			@certificate ||= OpenSSL::X509::Certificate.new.tap do |certificate|
 				certificate.subject = self.name
@@ -83,7 +108,7 @@ module Localhost
 				
 				certificate.public_key = self.key.public_key
 				
-				certificate.serial = 1
+				certificate.serial = Time.now.to_i
 				certificate.version = 2
 				
 				certificate.not_before = Time.now
@@ -105,7 +130,7 @@ module Localhost
 			end
 		end
 		
-		# The certificate store which is used for validating the server certificate:
+		# The certificate store which is used for validating the server certificate.
 		def store
 			@store ||= OpenSSL::X509::Store.new.tap do |store|
 				store.add_cert(self.certificate)
@@ -114,8 +139,9 @@ module Localhost
 		
 		SERVER_CIPHERS = "EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5".freeze
 		
-		def server_context(*args)
-			OpenSSL::SSL::SSLContext.new(*args).tap do |context|
+		# @returns [OpenSSL::SSL::SSLContext] An context suitable for implementing a secure server.
+		def server_context(*arguments)
+			OpenSSL::SSL::SSLContext.new(*arguments).tap do |context|
 				context.key = self.key
 				context.cert = self.certificate
 				
@@ -138,6 +164,7 @@ module Localhost
 			end
 		end
 		
+		# @returns [OpenSSL::SSL::SSLContext] An context suitable for connecting to a secure server using this authority.
 		def client_context(*args)
 			OpenSSL::SSL::SSLContext.new(*args).tap do |context|
 				context.cert_store = self.store
@@ -148,8 +175,8 @@ module Localhost
 			end
 		end
 		
-		def load(path)
-			if File.directory? path
+		def load(path = @root)
+			if File.directory?(path)
 				certificate_path = File.join(path, "#{@hostname}.crt")
 				key_path = File.join(path, "#{@hostname}.key")
 				
@@ -168,7 +195,9 @@ module Localhost
 			end
 		end
 		
-		def save(path)
+		def save(path = @root)
+			Dir.mkdir(path, 0700) unless File.directory?(path)
+			
 			lockfile_path = File.join(path, "#{@hostname}.lock")
 			
 			File.open(lockfile_path, File::RDWR|File::CREAT, 0644) do |lockfile|

data/lib/localhost/version.rb

@@ -1,23 +1,8 @@
-# Copyright, 2018, by Samuel G. D. Williams. <http://www.codeotaku.com>
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
+# frozen_string_literal: true
+
+# Released under the MIT License.
+# Copyright, 2018-2023, by Samuel Williams.
 
 module Localhost
-	VERSION = "1.1.8"
+	VERSION = "1.1.10"
 end

data/lib/localhost.rb

@@ -1,21 +1,7 @@
-# Copyright, 2018, by Samuel G. D. Williams. <http://www.codeotaku.com>
-# 
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-# 
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-# 
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
+# frozen_string_literal: true
 
-require "localhost/version"
+# Released under the MIT License.
+# Copyright, 2018-2023, by Samuel Williams.
+
+require_relative 'localhost/version'
+require_relative 'localhost/authority'

data/license.md

@@ -0,0 +1,29 @@
+# MIT License
+
+Copyright, 2018-2023, by Samuel Williams.  
+Copyright, 2018, by Gabriel Sobrinho.  
+Copyright, 2019, by Richard S. Leung.  
+Copyright, 2020-2021, by Olle Jonsson.  
+Copyright, 2021, by Akshay Birajdar.  
+Copyright, 2021, by Ye Lin Aung.  
+Copyright, 2022, by Juri Hahn.  
+Copyright, 2023, by Antonio Terceiro.  
+Copyright, 2023, by Yuuji Yaginuma.  
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/readme.md

@@ -0,0 +1,30 @@
+# Localhost
+
+This gem provides a convenient API for generating per-user self-signed root certificates.
+
+[![Development Status](https://github.com/socketry/localhost/workflows/Test/badge.svg)](https://github.com/socketry/localhost/actions?workflow=Test)
+
+## Motivation
+
+HTTP/2 requires SSL in web browsers. If you want to use HTTP/2 for development (and you should), you need to start using URLs like `https://localhost:8080`. In most cases, this requires adding a self-signed certificate to your certificate store (e.g. Keychain on macOS), and storing the private key for the web-server to use.
+
+I wanted to provide a server-agnostic way of doing this, primarily because I think it makes sense to minimise the amount of junky self-signed keys you add to your certificate store for `localhost`.
+
+## Usage
+
+Please see the [project documentation](https://socketry.github.io/localhost/).
+
+## Contributing
+
+We welcome contributions to this project.
+
+1.  Fork it.
+2.  Create your feature branch (`git checkout -b my-new-feature`).
+3.  Commit your changes (`git commit -am 'Add some feature'`).
+4.  Push to the branch (`git push origin my-new-feature`).
+5.  Create new Pull Request.
+
+## See Also
+
+  - [Falcon](https://github.com/socketry/falcon) — Uses `Localhost::Authority` to provide HTTP/2 with minimal configuration.
+  - [Puma](https://github.com/puma/puma) — Supports `Localhost::Authority` to provide self-signed HTTP for local development.

metadata

@@ -1,14 +1,51 @@
 --- !ruby/object:Gem::Specification
 name: localhost
 version: !ruby/object:Gem::Version
-  version: 1.1.8
+  version: 1.1.10
 platform: ruby
 authors:
 - Samuel Williams
+- Olle Jonsson
+- Ye Lin Aung
+- Akshay Birajdar
+- Antonio Terceiro
+- Gabriel Sobrinho
+- Juri Hahn
+- Richard S. Leung
+- Yuuji Yaginuma
 autorequire:
 bindir: bin
-cert_chain: []
-date: 2021-04-24 00:00:00.000000000 Z
+cert_chain:
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIE2DCCA0CgAwIBAgIBATANBgkqhkiG9w0BAQsFADBhMRgwFgYDVQQDDA9zYW11
+  ZWwud2lsbGlhbXMxHTAbBgoJkiaJk/IsZAEZFg1vcmlvbnRyYW5zZmVyMRIwEAYK
+  CZImiZPyLGQBGRYCY28xEjAQBgoJkiaJk/IsZAEZFgJuejAeFw0yMjA4MDYwNDUz
+  MjRaFw0zMjA4MDMwNDUzMjRaMGExGDAWBgNVBAMMD3NhbXVlbC53aWxsaWFtczEd
+  MBsGCgmSJomT8ixkARkWDW9yaW9udHJhbnNmZXIxEjAQBgoJkiaJk/IsZAEZFgJj
+  bzESMBAGCgmSJomT8ixkARkWAm56MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIB
+  igKCAYEAomvSopQXQ24+9DBB6I6jxRI2auu3VVb4nOjmmHq7XWM4u3HL+pni63X2
+  9qZdoq9xt7H+RPbwL28LDpDNflYQXoOhoVhQ37Pjn9YDjl8/4/9xa9+NUpl9XDIW
+  sGkaOY0eqsQm1pEWkHJr3zn/fxoKPZPfaJOglovdxf7dgsHz67Xgd/ka+Wo1YqoE
+  e5AUKRwUuvaUaumAKgPH+4E4oiLXI4T1Ff5Q7xxv6yXvHuYtlMHhYfgNn8iiW8WN
+  XibYXPNP7NtieSQqwR/xM6IRSoyXKuS+ZNGDPUUGk8RoiV/xvVN4LrVm9upSc0ss
+  RZ6qwOQmXCo/lLcDUxJAgG95cPw//sI00tZan75VgsGzSWAOdjQpFM0l4dxvKwHn
+  tUeT3ZsAgt0JnGqNm2Bkz81kG4A2hSyFZTFA8vZGhp+hz+8Q573tAR89y9YJBdYM
+  zp0FM4zwMNEUwgfRzv1tEVVUEXmoFCyhzonUUw4nE4CFu/sE3ffhjKcXcY//qiSW
+  xm4erY3XAgMBAAGjgZowgZcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0O
+  BBYEFO9t7XWuFf2SKLmuijgqR4sGDlRsMC4GA1UdEQQnMCWBI3NhbXVlbC53aWxs
+  aWFtc0BvcmlvbnRyYW5zZmVyLmNvLm56MC4GA1UdEgQnMCWBI3NhbXVlbC53aWxs
+  aWFtc0BvcmlvbnRyYW5zZmVyLmNvLm56MA0GCSqGSIb3DQEBCwUAA4IBgQB5sxkE
+  cBsSYwK6fYpM+hA5B5yZY2+L0Z+27jF1pWGgbhPH8/FjjBLVn+VFok3CDpRqwXCl
+  xCO40JEkKdznNy2avOMra6PFiQyOE74kCtv7P+Fdc+FhgqI5lMon6tt9rNeXmnW/
+  c1NaMRdxy999hmRGzUSFjozcCwxpy/LwabxtdXwXgSay4mQ32EDjqR1TixS1+smp
+  8C/NCWgpIfzpHGJsjvmH2wAfKtTTqB9CVKLCWEnCHyCaRVuKkrKjqhYCdmMBqCws
+  JkxfQWC+jBVeG9ZtPhQgZpfhvh+6hMhraUYRQ6XGyvBqEUe+yo6DKIT3MtGE2+CP
+  eX9i9ZWBydWb8/rvmwmX2kkcBbX0hZS1rcR593hGc61JR6lvkGYQ2MYskBveyaxt
+  Q2K9NVun/S785AP05vKkXZEFYxqG6EW012U4oLcFl5MySFajYXRYbuUpH6AY+HP8
+  voD0MPg1DssDLKwXyt1eKD/+Fq0bFWhwVM/1XiAXL7lyYUyOq24KHgQ2Csg=
+  -----END CERTIFICATE-----
+date: 2023-02-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -39,33 +76,33 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: sus
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0.16'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0.16'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: sus-fixtures-async
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '0'
 description:
 email:
 executables: []
@@ -75,6 +112,8 @@ files:
 - lib/localhost.rb
 - lib/localhost/authority.rb
 - lib/localhost/version.rb
+- license.md
+- readme.md
 homepage: https://github.com/socketry/localhost
 licenses:
 - MIT
@@ -94,7 +133,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.3
+rubygems_version: 3.4.1
 signing_key:
 specification_version: 4
 summary: Manage a local certificate authority for self-signed localhost development