r509-ocsp-responder 0.3.1 → 0.3.2

Sign up to get free protection for your applications and to get access to all the features.
data/README.md CHANGED
@@ -3,15 +3,112 @@ r509-ocsp-responder is an OCSP responder written using [r509](https://github.com
3
3
 
4
4
  ##Requirements
5
5
 
6
- r509-ocsp-responder depends on [r509](https://github.com/reaperhulk/r509), [redis](http://redis.io), [r509-validity-redis](https://github.com/sirsean/r509-validity-redis) (or another library that implements R509::Validity), [sinatra](http://sinatrarb.com), [r509-ocsp-stats](https://github.com/sirsean/r509-ocsp-stats), and [dependo](https://github.com/sirsean/dependo). These must be installed as gems.
6
+ r509-ocsp-responder depends on [r509](https://github.com/reaperhulk/r509), [redis](http://redis.io), [r509-validity-redis](https://github.com/sirsean/r509-validity-redis) (or another library that implements R509::Validity), [sinatra](http://sinatrarb.com), and [dependo](https://github.com/sirsean/dependo). Optionally, you can install [r509-ocsp-stats](https://github.com/sirsean/r509-ocsp-stats) for stats collection. These must be installed as gems.
7
7
 
8
8
  ##Basic Usage
9
9
 
10
- 1. Build the gem. If you have cloned the repo you can build the gem with ```rake gem:build```. You will need
11
- 2. Install the gem. ```rake gem:install```
12
- 3. Set up your config.ru and config.yaml. At this time you'll need to copy the config.ru from the gem install to another dir with your config.yaml. You should also copy (and modify) the config.yaml.example file from the gem. You'll need to alter the config.ru's require line from ```require './lib/r509/ocsp/responder/server'``` to ```require 'r509/ocsp/responder/server'``` if you have it installed as a gem.
10
+ ###Build/Install
11
+ If you have cloned the repo you can build the gem with ```rake gem:build``` and install with ```rake gem:install``` . Alternately you can use a prebuilt gem by typing ```gem install r509-ocsp-responder``` .
13
12
 
14
- Once you've done that you can set up your rack server. The example below is an example yaml config for thin. You will want to have as many servers as you have cores.
13
+ ###Set Up config.ru
14
+ Save the below into a config.ru (or rackup) file
15
+
16
+ ```ruby
17
+ require "r509"
18
+ require "dependo"
19
+ require 'r509/ocsp/responder/server'
20
+
21
+ Dependo::Registry[:log] = Logger.new(STDOUT)
22
+
23
+ require "r509/validity/redis"
24
+ require 'redis'
25
+ begin
26
+ gem "hiredis"
27
+ Dependo::Registry[:log].warn "Loading redis with hiredis driver"
28
+ redis = Redis.new(:driver => :hiredis)
29
+ rescue Gem::LoadError
30
+ Dependo::Registry[:log].warn "Loading redis with standard ruby driver"
31
+ redis = Redis.new
32
+ end
33
+ Dependo::Registry[:validity_checker] = R509::Validity::Redis::Checker.new(redis)
34
+
35
+
36
+ R509::OCSP::Responder::OCSPConfig.load_config
37
+
38
+ R509::OCSP::Responder::OCSPConfig.print_config
39
+
40
+ # Uncomment the next two lines if you want to collect stats via r509-ocsp-stats
41
+ # require "r509/ocsp/stats/redis"
42
+ # Dependo::Registry[:stats] = R509::OCSP::Stats::Redis.new
43
+
44
+ responder = R509::OCSP::Responder::Server
45
+ run responder
46
+ ```
47
+
48
+
49
+ ###Configure config.yaml
50
+ The config.yaml contains certificate authority nodes as well as options like copy_nonce (documented below). Each CA node has an arbitrary name like test_ca and contains a ca_cert and (optional) ocsp_cert node. If you want to sign OCSP responses directly from your root you'll set your config up like this:
51
+
52
+ ```yaml
53
+ copy_nonce: true
54
+ cache_headers: true
55
+ max_cache_age: 60
56
+ certificate_authorities: {
57
+ second_ca: {
58
+ ca_cert: {
59
+ cert: "spec/fixtures/second_ca.cer",
60
+ key: "spec/fixtures/second_ca.key"
61
+ }
62
+ }
63
+ }
64
+ ```
65
+
66
+ If you want to use an OCSP delegate
67
+
68
+ ```yaml
69
+ copy_nonce: true
70
+ cache_headers: true
71
+ max_cache_age: 60
72
+ certificate_authorities: {
73
+ test_ca: {
74
+ ca_cert: {
75
+ cert: "spec/fixtures/test_ca.cer"
76
+ },
77
+ ocsp_cert: {
78
+ cert: "spec/fixtures/test_ca_ocsp.cer",
79
+ key: "spec/fixtures/test_ca_ocsp.key"
80
+ }
81
+ }
82
+ }
83
+ ```
84
+
85
+ Finally, if you're responding for multiple roots you specify them like so:
86
+
87
+ ```yaml
88
+ copy_nonce: true
89
+ cache_headers: true
90
+ max_cache_age: 60
91
+ certificate_authorities: {
92
+ test_ca: {
93
+ ca_cert: {
94
+ cert: "spec/fixtures/test_ca.cer"
95
+ },
96
+ ocsp_cert: {
97
+ cert: "spec/fixtures/test_ca_ocsp.cer",
98
+ key: "spec/fixtures/test_ca_ocsp.key"
99
+ }
100
+ },
101
+ second_ca: {
102
+ ca_cert: {
103
+ cert: "spec/fixtures/second_ca.cer",
104
+ key: "spec/fixtures/second_ca.key"
105
+ }
106
+ }
107
+ }
108
+ ```
109
+
110
+ ###Configure Thin & nginx
111
+ The example below is an example yaml config for thin. You will want to have as many servers as you have cores.
15
112
 
16
113
  ```yaml
17
114
  chdir: /var/www/r509-ocsp-responder
@@ -30,18 +127,18 @@ proxy_cache_path /var/www/cache levels=1:2 keys_zone=ocsp:8m max_size=16m inact
30
127
  proxy_temp_path /var/www/cache/tmp;
31
128
 
32
129
  upstream thin_ocsp_responder{
33
- server unix:/var/run/r509-ocsp-responder.0.sock fail_timeout=0;
34
- server unix:/var/run/r509-ocsp-responder.1.sock fail_timeout=0;
130
+ server unix:/var/run/r509-ocsp-responder.0.sock fail_timeout=0;
131
+ server unix:/var/run/r509-ocsp-responder.1.sock fail_timeout=0;
35
132
  }
36
133
  server {
37
- listen 80;
38
- server_name ocsp.r509.org;
39
-
40
- location / {
41
- proxy_pass http://thin_ocsp_responder;
42
- proxy_cache ocsp;
43
- proxy_cache_use_stale updating;
44
- }
134
+ listen 80;
135
+ server_name ocsp.r509.org;
136
+
137
+ location / {
138
+ proxy_pass http://thin_ocsp_responder;
139
+ proxy_cache ocsp;
140
+ proxy_cache_use_stale updating;
141
+ }
45
142
  }
46
143
  ```
47
144
 
@@ -65,8 +162,6 @@ This OCSP responder supports several optional flags (in addition to supporting a
65
162
 
66
163
  * __max\_cache\_age__ - (integer) Sets the maximum age in __seconds__ a response can be cached. At this time r509-ocsp-responder does not support cache invalidation so it is recommended to set this to a low value to reduce the time you may serve stale responses in the event of a revocation.
67
164
 
68
- See the config.yaml.example for an example configuration.
69
-
70
165
  ##Signals
71
166
  You can send a kill -USR2 signal to any running r509-ocsp-responder process to cause it to reload and print its config to the logs (provided your app server isn't trapping USR2 first).
72
167
 
data/doc/R509.html CHANGED
@@ -6,13 +6,13 @@
6
6
  <title>
7
7
  Module: R509
8
8
 
9
- &mdash; Documentation by YARD 0.8.2.1
9
+ &mdash; Documentation by YARD 0.8.6.1
10
10
 
11
11
  </title>
12
12
 
13
- <link rel="stylesheet" href="css/style.css" type="text/css" media="screen" charset="utf-8" />
13
+ <link rel="stylesheet" href="css/style.css" type="text/css" charset="utf-8" />
14
14
 
15
- <link rel="stylesheet" href="css/common.css" type="text/css" media="screen" charset="utf-8" />
15
+ <link rel="stylesheet" href="css/common.css" type="text/css" charset="utf-8" />
16
16
 
17
17
  <script type="text/javascript" charset="utf-8">
18
18
  hasFrames = window.top.frames.main ? true : false;
@@ -88,7 +88,7 @@
88
88
  <p class="children">
89
89
 
90
90
 
91
- <strong class="modules">Modules:</strong> <span class='object_link'><a href="R509/Ocsp.html" title="R509::Ocsp (module)">Ocsp</a></span>
91
+ <strong class="modules">Modules:</strong> <span class='object_link'><a href="R509/OCSP.html" title="R509::OCSP (module)">OCSP</a></span>
92
92
 
93
93
 
94
94
 
@@ -106,9 +106,9 @@
106
106
  </div>
107
107
 
108
108
  <div id="footer">
109
- Generated on Thu Nov 8 14:33:52 2012 by
109
+ Generated on Tue Apr 16 13:57:16 2013 by
110
110
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
111
- 0.8.2.1 (ruby-1.9.3).
111
+ 0.8.6.1 (ruby-1.9.3).
112
112
  </div>
113
113
 
114
114
  </body>
data/doc/R509/Ocsp.html CHANGED
@@ -4,15 +4,15 @@
4
4
  <head>
5
5
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
6
6
  <title>
7
- Module: R509::Ocsp
7
+ Module: R509::OCSP
8
8
 
9
- &mdash; Documentation by YARD 0.8.2.1
9
+ &mdash; Documentation by YARD 0.8.6.1
10
10
 
11
11
  </title>
12
12
 
13
- <link rel="stylesheet" href="../css/style.css" type="text/css" media="screen" charset="utf-8" />
13
+ <link rel="stylesheet" href="../css/style.css" type="text/css" charset="utf-8" />
14
14
 
15
- <link rel="stylesheet" href="../css/common.css" type="text/css" media="screen" charset="utf-8" />
15
+ <link rel="stylesheet" href="../css/common.css" type="text/css" charset="utf-8" />
16
16
 
17
17
  <script type="text/javascript" charset="utf-8">
18
18
  hasFrames = window.top.frames.main ? true : false;
@@ -34,7 +34,7 @@
34
34
  <a href="../_index.html">Index (O)</a> &raquo;
35
35
  <span class='title'><span class='object_link'><a href="../R509.html" title="R509 (module)">R509</a></span></span>
36
36
  &raquo;
37
- <span class="title">Ocsp</span>
37
+ <span class="title">OCSP</span>
38
38
 
39
39
 
40
40
  <div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
@@ -63,7 +63,7 @@
63
63
 
64
64
  <iframe id="search_frame"></iframe>
65
65
 
66
- <div id="content"><h1>Module: R509::Ocsp
66
+ <div id="content"><h1>Module: R509::OCSP
67
67
 
68
68
 
69
69
 
@@ -101,11 +101,11 @@
101
101
  <p class="children">
102
102
 
103
103
 
104
- <strong class="modules">Modules:</strong> <span class='object_link'><a href="Ocsp/Helper.html" title="R509::Ocsp::Helper (module)">Helper</a></span>, <span class='object_link'><a href="Ocsp/Responder.html" title="R509::Ocsp::Responder (module)">Responder</a></span>
104
+ <strong class="modules">Modules:</strong> <span class='object_link'><a href="OCSP/Helper.html" title="R509::OCSP::Helper (module)">Helper</a></span>, <span class='object_link'><a href="OCSP/Responder.html" title="R509::OCSP::Responder (module)">Responder</a></span>
105
105
 
106
106
 
107
107
 
108
- <strong class="classes">Classes:</strong> <span class='object_link'><a href="Ocsp/Signer.html" title="R509::Ocsp::Signer (class)">Signer</a></span>
108
+ <strong class="classes">Classes:</strong> <span class='object_link'><a href="OCSP/Signer.html" title="R509::OCSP::Signer (class)">Signer</a></span>
109
109
 
110
110
 
111
111
  </p>
@@ -121,9 +121,9 @@
121
121
  </div>
122
122
 
123
123
  <div id="footer">
124
- Generated on Thu Nov 8 14:33:52 2012 by
124
+ Generated on Tue Apr 16 13:57:16 2013 by
125
125
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
126
- 0.8.2.1 (ruby-1.9.3).
126
+ 0.8.6.1 (ruby-1.9.3).
127
127
  </div>
128
128
 
129
129
  </body>
@@ -4,15 +4,15 @@
4
4
  <head>
5
5
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
6
6
  <title>
7
- Module: R509::Ocsp::Helper
7
+ Module: R509::OCSP::Helper
8
8
 
9
- &mdash; Documentation by YARD 0.8.2.1
9
+ &mdash; Documentation by YARD 0.8.6.1
10
10
 
11
11
  </title>
12
12
 
13
- <link rel="stylesheet" href="../../css/style.css" type="text/css" media="screen" charset="utf-8" />
13
+ <link rel="stylesheet" href="../../css/style.css" type="text/css" charset="utf-8" />
14
14
 
15
- <link rel="stylesheet" href="../../css/common.css" type="text/css" media="screen" charset="utf-8" />
15
+ <link rel="stylesheet" href="../../css/common.css" type="text/css" charset="utf-8" />
16
16
 
17
17
  <script type="text/javascript" charset="utf-8">
18
18
  hasFrames = window.top.frames.main ? true : false;
@@ -32,7 +32,7 @@
32
32
  <div id="menu">
33
33
 
34
34
  <a href="../../_index.html">Index (H)</a> &raquo;
35
- <span class='title'><span class='object_link'><a href="../../R509.html" title="R509 (module)">R509</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../Ocsp.html" title="R509::Ocsp (module)">Ocsp</a></span></span>
35
+ <span class='title'><span class='object_link'><a href="../../R509.html" title="R509 (module)">R509</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../OCSP.html" title="R509::OCSP (module)">OCSP</a></span></span>
36
36
  &raquo;
37
37
  <span class="title">Helper</span>
38
38
 
@@ -63,7 +63,7 @@
63
63
 
64
64
  <iframe id="search_frame"></iframe>
65
65
 
66
- <div id="content"><h1>Module: R509::Ocsp::Helper
66
+ <div id="content"><h1>Module: R509::OCSP::Helper
67
67
 
68
68
 
69
69
 
@@ -101,7 +101,7 @@
101
101
 
102
102
 
103
103
 
104
- <strong class="classes">Classes:</strong> <span class='object_link'><a href="Helper/RequestChecker.html" title="R509::Ocsp::Helper::RequestChecker (class)">RequestChecker</a></span>, <span class='object_link'><a href="Helper/ResponseSigner.html" title="R509::Ocsp::Helper::ResponseSigner (class)">ResponseSigner</a></span>
104
+ <strong class="classes">Classes:</strong> <span class='object_link'><a href="Helper/RequestChecker.html" title="R509::OCSP::Helper::RequestChecker (class)">RequestChecker</a></span>, <span class='object_link'><a href="Helper/ResponseSigner.html" title="R509::OCSP::Helper::ResponseSigner (class)">ResponseSigner</a></span>
105
105
 
106
106
 
107
107
  </p>
@@ -117,9 +117,9 @@
117
117
  </div>
118
118
 
119
119
  <div id="footer">
120
- Generated on Thu Nov 8 14:33:52 2012 by
120
+ Generated on Tue Apr 16 13:57:16 2013 by
121
121
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
122
- 0.8.2.1 (ruby-1.9.3).
122
+ 0.8.6.1 (ruby-1.9.3).
123
123
  </div>
124
124
 
125
125
  </body>
@@ -4,15 +4,15 @@
4
4
  <head>
5
5
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
6
6
  <title>
7
- Class: R509::Ocsp::Helper::RequestChecker
7
+ Class: R509::OCSP::Helper::RequestChecker
8
8
 
9
- &mdash; Documentation by YARD 0.8.2.1
9
+ &mdash; Documentation by YARD 0.8.6.1
10
10
 
11
11
  </title>
12
12
 
13
- <link rel="stylesheet" href="../../../css/style.css" type="text/css" media="screen" charset="utf-8" />
13
+ <link rel="stylesheet" href="../../../css/style.css" type="text/css" charset="utf-8" />
14
14
 
15
- <link rel="stylesheet" href="../../../css/common.css" type="text/css" media="screen" charset="utf-8" />
15
+ <link rel="stylesheet" href="../../../css/common.css" type="text/css" charset="utf-8" />
16
16
 
17
17
  <script type="text/javascript" charset="utf-8">
18
18
  hasFrames = window.top.frames.main ? true : false;
@@ -32,7 +32,7 @@
32
32
  <div id="menu">
33
33
 
34
34
  <a href="../../../_index.html">Index (R)</a> &raquo;
35
- <span class='title'><span class='object_link'><a href="../../../R509.html" title="R509 (module)">R509</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../Ocsp.html" title="R509::Ocsp (module)">Ocsp</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../Helper.html" title="R509::Ocsp::Helper (module)">Helper</a></span></span>
35
+ <span class='title'><span class='object_link'><a href="../../../R509.html" title="R509 (module)">R509</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../OCSP.html" title="R509::OCSP (module)">OCSP</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../Helper.html" title="R509::OCSP::Helper (module)">Helper</a></span></span>
36
36
  &raquo;
37
37
  <span class="title">RequestChecker</span>
38
38
 
@@ -63,7 +63,7 @@
63
63
 
64
64
  <iframe id="search_frame"></iframe>
65
65
 
66
- <div id="content"><h1>Class: R509::Ocsp::Helper::RequestChecker
66
+ <div id="content"><h1>Class: R509::OCSP::Helper::RequestChecker
67
67
 
68
68
 
69
69
 
@@ -78,7 +78,7 @@
78
78
  <ul class="fullTree">
79
79
  <li>Object</li>
80
80
 
81
- <li class="next">R509::Ocsp::Helper::RequestChecker</li>
81
+ <li class="next">R509::OCSP::Helper::RequestChecker</li>
82
82
 
83
83
  </ul>
84
84
  <a href="#" class="inheritanceTree">show all</a>
@@ -276,7 +276,7 @@
276
276
  <div class="method_details first">
277
277
  <h3 class="signature first" id="initialize-instance_method">
278
278
 
279
- - (<tt><span class='object_link'><a href="" title="R509::Ocsp::Helper::RequestChecker (class)">RequestChecker</a></span></tt>) <strong>initialize</strong>(configs, validity_checker)
279
+ - (<tt><span class='object_link'><a href="" title="R509::OCSP::Helper::RequestChecker (class)">RequestChecker</a></span></tt>) <strong>initialize</strong>(configs, validity_checker)
280
280
 
281
281
 
282
282
 
@@ -299,13 +299,13 @@
299
299
  <span class='name'>configs</span>
300
300
 
301
301
 
302
- <span class='type'>(<tt>R509::Config::CaConfigPool</tt>)</span>
302
+ <span class='type'>(<tt>R509::Config::CAConfigPool</tt>)</span>
303
303
 
304
304
 
305
305
 
306
306
  &mdash;
307
307
  <div class='inline'>
308
- <p>CaConfigPool object</p>
308
+ <p>CAConfigPool object</p>
309
309
  </div>
310
310
 
311
311
  </li>
@@ -370,34 +370,34 @@
370
370
  <pre class="code"><span class="info file"># File 'lib/r509/ocsp/signer.rb', line 62</span>
371
371
 
372
372
  <span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_configs'>configs</span><span class='comma'>,</span> <span class='id identifier rubyid_validity_checker'>validity_checker</span><span class='rparen'>)</span>
373
- <span class='kw'>unless</span> <span class='id identifier rubyid_configs'>configs</span><span class='period'>.</span><span class='id identifier rubyid_kind_of?'>kind_of?</span><span class='lparen'>(</span><span class='const'>R509</span><span class='op'>::</span><span class='const'>Config</span><span class='op'>::</span><span class='const'>CaConfigPool</span><span class='rparen'>)</span>
374
- <span class='id identifier rubyid_raise'>raise</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>R509Error</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Must pass R509::Config::CaConfigPool object</span><span class='tstring_end'>&quot;</span></span>
375
- <span class='kw'>end</span>
376
- <span class='kw'>if</span> <span class='id identifier rubyid_configs'>configs</span><span class='period'>.</span><span class='id identifier rubyid_all'>all</span><span class='period'>.</span><span class='id identifier rubyid_empty?'>empty?</span>
377
- <span class='id identifier rubyid_raise'>raise</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>R509Error</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Must be at least one R509::Config object</span><span class='tstring_end'>&quot;</span></span>
378
- <span class='kw'>end</span>
379
- <span class='ivar'>@configs</span> <span class='op'>=</span> <span class='id identifier rubyid_configs'>configs</span><span class='period'>.</span><span class='id identifier rubyid_all'>all</span>
380
- <span class='id identifier rubyid_test_cid'>test_cid</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>OCSP</span><span class='op'>::</span><span class='const'>CertificateId</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Certificate</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='comma'>,</span><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Certificate</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='rparen'>)</span>
381
- <span class='kw'>if</span> <span class='id identifier rubyid_test_cid'>test_cid</span><span class='period'>.</span><span class='id identifier rubyid_respond_to?'>respond_to?</span><span class='lparen'>(</span><span class='symbol'>:issuer_key_hash</span><span class='rparen'>)</span>
382
- <span class='ivar'>@configs_hash</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span>
383
- <span class='ivar'>@configs</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_config'>config</span><span class='op'>|</span>
384
- <span class='id identifier rubyid_ee_cert'>ee_cert</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Certificate</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
385
- <span class='id identifier rubyid_ee_cert'>ee_cert</span><span class='period'>.</span><span class='id identifier rubyid_issuer'>issuer</span> <span class='op'>=</span> <span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_cert'>cert</span><span class='period'>.</span><span class='id identifier rubyid_subject'>subject</span>
386
- <span class='comment'># per RFC 5019
387
- </span> <span class='comment'># Clients MUST use SHA1 as the hashing algorithm for the
388
- </span> <span class='comment'># CertID.issuerNameHash and the CertID.issuerKeyHash values.
389
- </span> <span class='comment'># so we can safely assume that our inbound hashes will be SHA1
390
- </span> <span class='id identifier rubyid_issuer_certid'>issuer_certid</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>OCSP</span><span class='op'>::</span><span class='const'>CertificateId</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='id identifier rubyid_ee_cert'>ee_cert</span><span class='comma'>,</span><span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_cert'>cert</span><span class='comma'>,</span><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>Digest</span><span class='op'>::</span><span class='const'>SHA1</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='rparen'>)</span>
391
- <span class='ivar'>@configs_hash</span><span class='lbracket'>[</span><span class='id identifier rubyid_issuer_certid'>issuer_certid</span><span class='period'>.</span><span class='id identifier rubyid_issuer_key_hash'>issuer_key_hash</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_config'>config</span>
392
- <span class='kw'>end</span>
393
- <span class='kw'>end</span>
394
- <span class='ivar'>@validity_checker</span> <span class='op'>=</span> <span class='id identifier rubyid_validity_checker'>validity_checker</span>
395
- <span class='kw'>if</span> <span class='ivar'>@validity_checker</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
396
- <span class='id identifier rubyid_raise'>raise</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>R509Error</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Must supply a R509::Validity::Checker</span><span class='tstring_end'>&quot;</span></span>
397
- <span class='kw'>end</span>
398
- <span class='kw'>if</span> <span class='kw'>not</span> <span class='ivar'>@validity_checker</span><span class='period'>.</span><span class='id identifier rubyid_respond_to?'>respond_to?</span><span class='lparen'>(</span><span class='symbol'>:check</span><span class='rparen'>)</span>
399
- <span class='id identifier rubyid_raise'>raise</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>R509Error</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>The validity checker must have a check method</span><span class='tstring_end'>&quot;</span></span>
373
+ <span class='kw'>unless</span> <span class='id identifier rubyid_configs'>configs</span><span class='period'>.</span><span class='id identifier rubyid_kind_of?'>kind_of?</span><span class='lparen'>(</span><span class='const'>R509</span><span class='op'>::</span><span class='const'>Config</span><span class='op'>::</span><span class='const'>CAConfigPool</span><span class='rparen'>)</span>
374
+ <span class='id identifier rubyid_raise'>raise</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>R509Error</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Must pass R509::Config::CAConfigPool object</span><span class='tstring_end'>&quot;</span></span>
375
+ <span class='kw'>end</span>
376
+ <span class='kw'>if</span> <span class='id identifier rubyid_configs'>configs</span><span class='period'>.</span><span class='id identifier rubyid_all'>all</span><span class='period'>.</span><span class='id identifier rubyid_empty?'>empty?</span>
377
+ <span class='id identifier rubyid_raise'>raise</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>R509Error</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Must be at least one R509::Config object</span><span class='tstring_end'>&quot;</span></span>
378
+ <span class='kw'>end</span>
379
+ <span class='ivar'>@configs</span> <span class='op'>=</span> <span class='id identifier rubyid_configs'>configs</span><span class='period'>.</span><span class='id identifier rubyid_all'>all</span>
380
+ <span class='id identifier rubyid_test_cid'>test_cid</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>OCSP</span><span class='op'>::</span><span class='const'>CertificateId</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Certificate</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='comma'>,</span><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Certificate</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='rparen'>)</span>
381
+ <span class='kw'>if</span> <span class='id identifier rubyid_test_cid'>test_cid</span><span class='period'>.</span><span class='id identifier rubyid_respond_to?'>respond_to?</span><span class='lparen'>(</span><span class='symbol'>:issuer_key_hash</span><span class='rparen'>)</span>
382
+ <span class='ivar'>@configs_hash</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span>
383
+ <span class='ivar'>@configs</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_config'>config</span><span class='op'>|</span>
384
+ <span class='id identifier rubyid_ee_cert'>ee_cert</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Certificate</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
385
+ <span class='id identifier rubyid_ee_cert'>ee_cert</span><span class='period'>.</span><span class='id identifier rubyid_issuer'>issuer</span> <span class='op'>=</span> <span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_cert'>cert</span><span class='period'>.</span><span class='id identifier rubyid_subject'>subject</span><span class='period'>.</span><span class='id identifier rubyid_name'>name</span>
386
+ <span class='comment'># per RFC 5019
387
+ </span> <span class='comment'># Clients MUST use SHA1 as the hashing algorithm for the
388
+ </span> <span class='comment'># CertID.issuerNameHash and the CertID.issuerKeyHash values.
389
+ </span> <span class='comment'># so we can safely assume that our inbound hashes will be SHA1
390
+ </span> <span class='id identifier rubyid_issuer_certid'>issuer_certid</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>OCSP</span><span class='op'>::</span><span class='const'>CertificateId</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='id identifier rubyid_ee_cert'>ee_cert</span><span class='comma'>,</span><span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_cert'>cert</span><span class='comma'>,</span><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>Digest</span><span class='op'>::</span><span class='const'>SHA1</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='rparen'>)</span>
391
+ <span class='ivar'>@configs_hash</span><span class='lbracket'>[</span><span class='id identifier rubyid_issuer_certid'>issuer_certid</span><span class='period'>.</span><span class='id identifier rubyid_issuer_key_hash'>issuer_key_hash</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_config'>config</span>
400
392
  <span class='kw'>end</span>
393
+ <span class='kw'>end</span>
394
+ <span class='ivar'>@validity_checker</span> <span class='op'>=</span> <span class='id identifier rubyid_validity_checker'>validity_checker</span>
395
+ <span class='kw'>if</span> <span class='ivar'>@validity_checker</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
396
+ <span class='id identifier rubyid_raise'>raise</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>R509Error</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Must supply a R509::Validity::Checker</span><span class='tstring_end'>&quot;</span></span>
397
+ <span class='kw'>end</span>
398
+ <span class='kw'>if</span> <span class='kw'>not</span> <span class='ivar'>@validity_checker</span><span class='period'>.</span><span class='id identifier rubyid_respond_to?'>respond_to?</span><span class='lparen'>(</span><span class='symbol'>:check</span><span class='rparen'>)</span>
399
+ <span class='id identifier rubyid_raise'>raise</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>R509Error</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>The validity checker must have a check method</span><span class='tstring_end'>&quot;</span></span>
400
+ <span class='kw'>end</span>
401
401
  <span class='kw'>end</span></pre>
402
402
  </td>
403
403
  </tr>
@@ -593,26 +593,26 @@
593
593
  <pre class="code"><span class="info file"># File 'lib/r509/ocsp/signer.rb', line 97</span>
594
594
 
595
595
  <span class='kw'>def</span> <span class='id identifier rubyid_check_statuses'>check_statuses</span><span class='lparen'>(</span><span class='id identifier rubyid_request'>request</span><span class='rparen'>)</span>
596
- <span class='id identifier rubyid_request'>request</span><span class='period'>.</span><span class='id identifier rubyid_certid'>certid</span><span class='period'>.</span><span class='id identifier rubyid_map'>map</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_certid'>certid</span><span class='op'>|</span>
597
- <span class='kw'>if</span> <span class='id identifier rubyid_certid'>certid</span><span class='period'>.</span><span class='id identifier rubyid_respond_to?'>respond_to?</span><span class='lparen'>(</span><span class='symbol'>:issuer_key_hash</span><span class='rparen'>)</span>
598
- <span class='id identifier rubyid_validated_config'>validated_config</span> <span class='op'>=</span> <span class='ivar'>@configs_hash</span><span class='lbracket'>[</span><span class='id identifier rubyid_certid'>certid</span><span class='period'>.</span><span class='id identifier rubyid_issuer_key_hash'>issuer_key_hash</span><span class='rbracket'>]</span>
599
- <span class='kw'>else</span>
600
- <span class='id identifier rubyid_validated_config'>validated_config</span> <span class='op'>=</span> <span class='ivar'>@configs</span><span class='period'>.</span><span class='id identifier rubyid_find'>find</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_config'>config</span><span class='op'>|</span>
601
- <span class='comment'>#we need to create an OCSP::CertificateId object that has the right
602
- </span> <span class='comment'>#issuer so we can pass it to #cmp_issuer. This is annoying because
603
- </span> <span class='comment'>#CertificateId wants a cert and its issuer, but we don't want to
604
- </span> <span class='comment'>#force users to provide an end entity cert just to make this comparison
605
- </span> <span class='comment'>#work. So, we create a fake new cert and pass it in.
606
- </span> <span class='id identifier rubyid_ee_cert'>ee_cert</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Certificate</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
607
- <span class='id identifier rubyid_ee_cert'>ee_cert</span><span class='period'>.</span><span class='id identifier rubyid_issuer'>issuer</span> <span class='op'>=</span> <span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_cert'>cert</span><span class='period'>.</span><span class='id identifier rubyid_subject'>subject</span>
608
- <span class='id identifier rubyid_issuer_certid'>issuer_certid</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>OCSP</span><span class='op'>::</span><span class='const'>CertificateId</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='id identifier rubyid_ee_cert'>ee_cert</span><span class='comma'>,</span><span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_cert'>cert</span><span class='rparen'>)</span>
609
- <span class='id identifier rubyid_certid'>certid</span><span class='period'>.</span><span class='id identifier rubyid_cmp_issuer'>cmp_issuer</span><span class='lparen'>(</span><span class='id identifier rubyid_issuer_certid'>issuer_certid</span><span class='rparen'>)</span>
610
- <span class='kw'>end</span>
611
- <span class='kw'>end</span>
612
-
613
- <span class='id identifier rubyid_log'>log</span><span class='period'>.</span><span class='id identifier rubyid_info'>info</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_validated_config'>validated_config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_subject'>subject</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='rbrace'>}</span><span class='tstring_content'> found for issuer</span><span class='tstring_end'>&quot;</span></span> <span class='kw'>if</span> <span class='id identifier rubyid_validated_config'>validated_config</span>
614
- <span class='id identifier rubyid_check_status'>check_status</span><span class='lparen'>(</span><span class='id identifier rubyid_certid'>certid</span><span class='comma'>,</span> <span class='id identifier rubyid_validated_config'>validated_config</span><span class='rparen'>)</span>
615
- <span class='rbrace'>}</span>
596
+ <span class='id identifier rubyid_request'>request</span><span class='period'>.</span><span class='id identifier rubyid_certid'>certid</span><span class='period'>.</span><span class='id identifier rubyid_map'>map</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_certid'>certid</span><span class='op'>|</span>
597
+ <span class='kw'>if</span> <span class='id identifier rubyid_certid'>certid</span><span class='period'>.</span><span class='id identifier rubyid_respond_to?'>respond_to?</span><span class='lparen'>(</span><span class='symbol'>:issuer_key_hash</span><span class='rparen'>)</span>
598
+ <span class='id identifier rubyid_validated_config'>validated_config</span> <span class='op'>=</span> <span class='ivar'>@configs_hash</span><span class='lbracket'>[</span><span class='id identifier rubyid_certid'>certid</span><span class='period'>.</span><span class='id identifier rubyid_issuer_key_hash'>issuer_key_hash</span><span class='rbracket'>]</span>
599
+ <span class='kw'>else</span>
600
+ <span class='id identifier rubyid_validated_config'>validated_config</span> <span class='op'>=</span> <span class='ivar'>@configs</span><span class='period'>.</span><span class='id identifier rubyid_find'>find</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_config'>config</span><span class='op'>|</span>
601
+ <span class='comment'>#we need to create an OCSP::CertificateId object that has the right
602
+ </span> <span class='comment'>#issuer so we can pass it to #cmp_issuer. This is annoying because
603
+ </span> <span class='comment'>#CertificateId wants a cert and its issuer, but we don't want to
604
+ </span> <span class='comment'>#force users to provide an end entity cert just to make this comparison
605
+ </span> <span class='comment'>#work. So, we create a fake new cert and pass it in.
606
+ </span> <span class='id identifier rubyid_ee_cert'>ee_cert</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Certificate</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
607
+ <span class='id identifier rubyid_ee_cert'>ee_cert</span><span class='period'>.</span><span class='id identifier rubyid_issuer'>issuer</span> <span class='op'>=</span> <span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_cert'>cert</span><span class='period'>.</span><span class='id identifier rubyid_subject'>subject</span>
608
+ <span class='id identifier rubyid_issuer_certid'>issuer_certid</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>OCSP</span><span class='op'>::</span><span class='const'>CertificateId</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='id identifier rubyid_ee_cert'>ee_cert</span><span class='comma'>,</span><span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_cert'>cert</span><span class='rparen'>)</span>
609
+ <span class='id identifier rubyid_certid'>certid</span><span class='period'>.</span><span class='id identifier rubyid_cmp_issuer'>cmp_issuer</span><span class='lparen'>(</span><span class='id identifier rubyid_issuer_certid'>issuer_certid</span><span class='rparen'>)</span>
610
+ <span class='kw'>end</span>
611
+ <span class='kw'>end</span>
612
+
613
+ <span class='id identifier rubyid_log'>log</span><span class='period'>.</span><span class='id identifier rubyid_info'>info</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_validated_config'>validated_config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_subject'>subject</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='rbrace'>}</span><span class='tstring_content'> found for issuer</span><span class='tstring_end'>&quot;</span></span> <span class='kw'>if</span> <span class='id identifier rubyid_validated_config'>validated_config</span>
614
+ <span class='id identifier rubyid_check_status'>check_status</span><span class='lparen'>(</span><span class='id identifier rubyid_certid'>certid</span><span class='comma'>,</span> <span class='id identifier rubyid_validated_config'>validated_config</span><span class='rparen'>)</span>
615
+ <span class='rbrace'>}</span>
616
616
  <span class='kw'>end</span></pre>
617
617
  </td>
618
618
  </tr>
@@ -703,22 +703,22 @@ requests from two different CAs in there. Both are invalid.</p>
703
703
  <pre class="code"><span class="info file"># File 'lib/r509/ocsp/signer.rb', line 126</span>
704
704
 
705
705
  <span class='kw'>def</span> <span class='id identifier rubyid_validate_statuses'>validate_statuses</span><span class='lparen'>(</span><span class='id identifier rubyid_statuses'>statuses</span><span class='rparen'>)</span>
706
- <span class='id identifier rubyid_validity'>validity</span> <span class='op'>=</span> <span class='kw'>true</span>
707
- <span class='id identifier rubyid_config'>config</span> <span class='op'>=</span> <span class='kw'>nil</span>
708
-
709
- <span class='id identifier rubyid_statuses'>statuses</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_status'>status</span><span class='op'>|</span>
710
- <span class='kw'>if</span> <span class='id identifier rubyid_status'>status</span><span class='lbracket'>[</span><span class='symbol'>:config</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
711
- <span class='id identifier rubyid_validity'>validity</span> <span class='op'>=</span> <span class='kw'>false</span>
712
- <span class='kw'>end</span>
713
- <span class='kw'>if</span> <span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
714
- <span class='id identifier rubyid_config'>config</span> <span class='op'>=</span> <span class='id identifier rubyid_status'>status</span><span class='lbracket'>[</span><span class='symbol'>:config</span><span class='rbracket'>]</span>
715
- <span class='kw'>end</span>
716
- <span class='kw'>if</span> <span class='id identifier rubyid_config'>config</span> <span class='op'>!=</span> <span class='id identifier rubyid_status'>status</span><span class='lbracket'>[</span><span class='symbol'>:config</span><span class='rbracket'>]</span>
717
- <span class='id identifier rubyid_validity'>validity</span> <span class='op'>=</span> <span class='kw'>false</span>
718
- <span class='kw'>end</span>
706
+ <span class='id identifier rubyid_validity'>validity</span> <span class='op'>=</span> <span class='kw'>true</span>
707
+ <span class='id identifier rubyid_config'>config</span> <span class='op'>=</span> <span class='kw'>nil</span>
708
+
709
+ <span class='id identifier rubyid_statuses'>statuses</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_status'>status</span><span class='op'>|</span>
710
+ <span class='kw'>if</span> <span class='id identifier rubyid_status'>status</span><span class='lbracket'>[</span><span class='symbol'>:config</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
711
+ <span class='id identifier rubyid_validity'>validity</span> <span class='op'>=</span> <span class='kw'>false</span>
712
+ <span class='kw'>end</span>
713
+ <span class='kw'>if</span> <span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
714
+ <span class='id identifier rubyid_config'>config</span> <span class='op'>=</span> <span class='id identifier rubyid_status'>status</span><span class='lbracket'>[</span><span class='symbol'>:config</span><span class='rbracket'>]</span>
715
+ <span class='kw'>end</span>
716
+ <span class='kw'>if</span> <span class='id identifier rubyid_config'>config</span> <span class='op'>!=</span> <span class='id identifier rubyid_status'>status</span><span class='lbracket'>[</span><span class='symbol'>:config</span><span class='rbracket'>]</span>
717
+ <span class='id identifier rubyid_validity'>validity</span> <span class='op'>=</span> <span class='kw'>false</span>
719
718
  <span class='kw'>end</span>
719
+ <span class='kw'>end</span>
720
720
 
721
- <span class='id identifier rubyid_validity'>validity</span>
721
+ <span class='id identifier rubyid_validity'>validity</span>
722
722
  <span class='kw'>end</span></pre>
723
723
  </td>
724
724
  </tr>
@@ -730,9 +730,9 @@ requests from two different CAs in there. Both are invalid.</p>
730
730
  </div>
731
731
 
732
732
  <div id="footer">
733
- Generated on Thu Nov 8 14:33:52 2012 by
733
+ Generated on Tue Apr 16 13:57:17 2013 by
734
734
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
735
- 0.8.2.1 (ruby-1.9.3).
735
+ 0.8.6.1 (ruby-1.9.3).
736
736
  </div>
737
737
 
738
738
  </body>