localhost 1.2.0 → 1.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 647476f190a1dbfe917956c6cb23717528e94b905ff47906bee0a287fa83639e
-  data.tar.gz: 035e92adad13af22294589079c5d8a8780497a1f6f392a03d382a166f85323ea
+  metadata.gz: 35cad25f5ec79874e21312d5b70e4ffbf8ed616f3b8140a0f22dd6d0e1aa292b
+  data.tar.gz: 0e34a06090414bdd734c7b5ef094fab8a10a6c3286f0bf737e7a9f93a5d0b87a
 SHA512:
-  metadata.gz: cc47079bea9080adf043cb4cbef2e4e352797557ad2da46be3026e27971216479904afb4d9bbc8ad8183ae409575be74bd0d5c47f9006335bfa7f4d7472d5c26
-  data.tar.gz: 5b27695d5ca8290ce1d7a10afef2e73587c5db2395b05170463a54d52a80f13617b6145b3d1c157d7627cdcc07660d053aa7183f3615871ad69a017547328219
+  metadata.gz: d6d2aa039d439e2e4e38f506335b5d72b80ffcf316886d85c86ecd1780547b156c97ddc060c93c0a9f67543bceb2d28535dde9ed955f28664a95508297433c19
+  data.tar.gz: 0142e748e4d118144d455bef736c2c545f18275f7c4503d118a58d239b20c13ba1c0aa3f0339d244eebd3ce30f42565f1d02246c5dc4f73f6698188c2cc1427a

data/lib/localhost/authority.rb

@@ -1,25 +1,48 @@
 # frozen_string_literal: true
 
 # Released under the MIT License.
-# Copyright, 2018-2023, by Samuel Williams.
+# Copyright, 2018-2024, by Samuel Williams.
 # Copyright, 2019, by Richard S. Leung.
 # Copyright, 2021, by Akshay Birajdar.
 # Copyright, 2021, by Ye Lin Aung.
 # Copyright, 2023, by Antonio Terceiro.
 # Copyright, 2023, by Yuuji Yaginuma.
+# Copyright, 2024, by Colin Shea.
 
+require 'fileutils'
 require 'openssl'
 
 module Localhost
 	# Represents a single public/private key pair for a given hostname.
 	class Authority
-		def self.path
-			File.expand_path("~/.localhost")
+		# Where to store the key pair on the filesystem. This is a subdirectory
+		# of $XDG_STATE_HOME, or ~/.local/state/ when that's not defined.
+		#
+		# Ensures that the directory to store the certificate exists. If the legacy
+		# directory (~/.localhost/) exists, it is moved into the new XDG Basedir
+		# compliant directory.
+		#
+		# After May 2025, the old_root option may be removed.
+		def self.path(env = ENV, old_root: nil)
+			path = File.expand_path("localhost.rb", env.fetch("XDG_STATE_HOME", "~/.local/state"))
+			
+			unless File.directory?(path)
+				FileUtils.mkdir_p(path, mode: 0700)
+			end
+			
+			# Migrates the legacy dir ~/.localhost/ to the XDG compliant directory
+			old_root ||= File.expand_path("~/.localhost")
+			if File.directory?(old_root)
+				FileUtils.mv(Dir.glob(File.join(old_root, "*")), path, force: true)
+				FileUtils.rmdir(old_root)
+			end
+			
+			return path
 		end
 		
 		# List all certificate authorities in the given directory:
 		def self.list(root = self.path)
-			return to_enum(:list) unless block_given?
+			return to_enum(:list, root) unless block_given?
 			
 			Dir.glob("*.crt", base: root) do |path|
 				name = File.basename(path, ".crt")
@@ -62,10 +85,6 @@ module Localhost
 		
 		BITS = 1024*2
 		
-		def ecdh_key
-			@ecdh_key ||= OpenSSL::PKey::EC.new "prime256v1"
-		end
-		
 		def dh_key
 			@dh_key ||= OpenSSL::PKey::DH.new(BITS)
 		end
@@ -153,8 +172,6 @@ module Localhost
 				
 				if context.respond_to? :ecdh_curves=
 					context.ecdh_curves = 'P-256:P-384:P-521'
-				elsif context.respond_to? :tmp_ecdh_callback=
-					context.tmp_ecdh_callback = proc {self.ecdh_key}
 				end
 				
 				context.set_params(
@@ -176,28 +193,24 @@ module Localhost
 		end
 		
 		def load(path = @root)
-			if File.directory?(path)
-				certificate_path = File.join(path, "#{@hostname}.crt")
-				key_path = File.join(path, "#{@hostname}.key")
-				
-				return false unless File.exist?(certificate_path) and File.exist?(key_path)
-				
-				certificate = OpenSSL::X509::Certificate.new(File.read(certificate_path))
-				key = OpenSSL::PKey::RSA.new(File.read(key_path))
-				
-				# Certificates with old version need to be regenerated.
-				return false if certificate.version < 2
-				
-				@certificate = certificate
-				@key = key
-				
-				return true
-			end
+			certificate_path = File.join(path, "#{@hostname}.crt")
+			key_path = File.join(path, "#{@hostname}.key")
+			
+			return false unless File.exist?(certificate_path) and File.exist?(key_path)
+			
+			certificate = OpenSSL::X509::Certificate.new(File.read(certificate_path))
+			key = OpenSSL::PKey::RSA.new(File.read(key_path))
+			
+			# Certificates with old version need to be regenerated.
+			return false if certificate.version < 2
+			
+			@certificate = certificate
+			@key = key
+			
+			return true
 		end
 		
 		def save(path = @root)
-			Dir.mkdir(path, 0700) unless File.directory?(path)
-			
 			lockfile_path = File.join(path, "#{@hostname}.lock")
 			
 			File.open(lockfile_path, File::RDWR|File::CREAT, 0644) do |lockfile|

data/lib/localhost/version.rb

@@ -1,8 +1,8 @@
 # frozen_string_literal: true
 
 # Released under the MIT License.
-# Copyright, 2018-2023, by Samuel Williams.
+# Copyright, 2018-2024, by Samuel Williams.
 
 module Localhost
-	VERSION = "1.2.0"
+	VERSION = "1.3.1"
 end

data/license.md

@@ -9,6 +9,7 @@ Copyright, 2021, by Ye Lin Aung.
 Copyright, 2022, by Juri Hahn.  
 Copyright, 2023, by Antonio Terceiro.  
 Copyright, 2023, by Yuuji Yaginuma.  
+Copyright, 2024, by Colin Shea.  
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/readme.md

@@ -12,7 +12,13 @@ I wanted to provide a server-agnostic way of doing this, primarily because I thi
 
 ## Usage
 
-Please see the [project documentation](https://socketry.github.io/localhost/).
+Please see the [project documentation](https://socketry.github.io/localhost/) for more details.
+
+  - [Getting Started](https://socketry.github.io/localhost/guides/getting-started/index) - This guide explains how to use `localhost` for provisioning local TLS certificates for development.
+
+  - [Browser Configuration](https://socketry.github.io/localhost/guides/browser-configuration/index) - This guide explains how to configure your local browser in order to avoid warnings about insecure self-signed certificates.
+
+  - [Example Server](https://socketry.github.io/localhost/guides/example-server/index) - This guide demonstrates how to use <code class="language-ruby">Localhost::Authority</code> to implement a simple HTTPS client & server.
 
 ## Contributing
 

data.tar.gz.sig

@@ -1,3 +1,3 @@
-��Z�n��%Nf]�<7UG%cQM�!:r�W/u��1@���S��,wڦ���\�W����)�RY��04�!v�Ƥ�T��6H�jax�Ļ?v�
-��n�ar�4���$�E������h��V���K��.E�~?=���X��-�Ucw�= }<f�3~������P�z�
gr��?F
-�D�ߗ�Ŧ�٨���0��V�M�H����T)��[�P�g���
+m��t�5{�����k$�KYa�k���G�yq7{DU�� �3����S
zc�W}�Ц�����a��y�a�1��s��1f3���Qr�]��ꞏz�������)ͮuF�o*� �i�@�Vv^֯jI�wڢ|�8�PNԃ�)��Q��ݏR���(ř̩pEo�Ll��	��FðK�Ɵ��҉:��^��;nk*��'�	g\��|z�
+��l�F����c륐�8P����/S$�y�'��x���:�Cġk�MR��	��a����g�U�$ i���QA�oR^X�i�yyF��Z�q�KY�ba-w�L�@�'��-�K�E�T\�� Tܾ�}�M���Y(�t�X
+�j'Y���b�4�[~�6�

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: localhost
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 1.3.1
 platform: ruby
 authors:
 - Samuel Williams
@@ -9,6 +9,7 @@ authors:
 - Ye Lin Aung
 - Akshay Birajdar
 - Antonio Terceiro
+- Colin Shea
 - Gabriel Sobrinho
 - Juri Hahn
 - Richard S. Leung
@@ -45,7 +46,7 @@ cert_chain:
   Q2K9NVun/S785AP05vKkXZEFYxqG6EW012U4oLcFl5MySFajYXRYbuUpH6AY+HP8
   voD0MPg1DssDLKwXyt1eKD/+Fq0bFWhwVM/1XiAXL7lyYUyOq24KHgQ2Csg=
   -----END CERTIFICATE-----
-date: 2024-02-01 00:00:00.000000000 Z
+date: 2024-04-16 00:00:00.000000000 Z
 dependencies: []
 description:
 email:
@@ -61,7 +62,9 @@ files:
 homepage: https://github.com/socketry/localhost
 licenses:
 - MIT
-metadata: {}
+metadata:
+  documentation_uri: https://socketry.github.io/localhost/
+  source_code_uri: https://github.com/socketry/localhost.git
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -70,7 +73,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '3.0'
+      version: '3.1'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="