r509-validity-crl 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/LICENSE.md +13 -0
- data/README.md +17 -0
- data/Rakefile +30 -0
- data/doc/Kernel.html +174 -0
- data/doc/R509.html +115 -0
- data/doc/R509/Validity.html +115 -0
- data/doc/R509/Validity/CRL.html +140 -0
- data/doc/R509/Validity/CRL/Checker.html +575 -0
- data/doc/R509/Validity/Redis.html +129 -0
- data/doc/R509/Validity/Redis/Checker.html +409 -0
- data/doc/R509/Validity/Redis/Writer.html +556 -0
- data/doc/_index.html +160 -0
- data/doc/class_list.html +54 -0
- data/doc/css/common.css +1 -0
- data/doc/css/full_list.css +57 -0
- data/doc/css/style.css +338 -0
- data/doc/file.README.html +92 -0
- data/doc/file_list.html +56 -0
- data/doc/frames.html +26 -0
- data/doc/index.html +92 -0
- data/doc/js/app.js +219 -0
- data/doc/js/full_list.js +178 -0
- data/doc/js/jquery.js +4 -0
- data/doc/method_list.html +89 -0
- data/doc/top-level-namespace.html +112 -0
- data/lib/r509/validity/crl.rb +14 -0
- data/lib/r509/validity/crl/checker.rb +51 -0
- data/lib/r509/validity/crl/version.rb +7 -0
- data/spec/checker_spec.rb +41 -0
- data/spec/fixtures/digi.crl +0 -0
- data/spec/fixtures/tw.crl +0 -0
- data/spec/spec_helper.rb +13 -0
- metadata +169 -0
- metadata.gz.sig +0 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: cde9b898faf526f1f32afb7e12d86bef8fa3ae96
|
4
|
+
data.tar.gz: 9856c2bcd783f812b8fab554872d763987bb359f
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 6948cff0d61bf6426376c866a1c81853ea16667dc1886a07e9bc6e4d750c8283865b5c3c108fb41e533baba2962795be6b044cec1fd0eb2829b06640c731e9e9
|
7
|
+
data.tar.gz: 0ff16bc3d8ec3ef26e3751464498f9e71765eb841a884fbf89594b06241d87861059e446de0f6b505f3a74f0425e989061a82cc4fd454ca32168e2f93192ebc5
|
checksums.yaml.gz.sig
ADDED
Binary file
|
data.tar.gz.sig
ADDED
Binary file
|
data/LICENSE.md
ADDED
@@ -0,0 +1,13 @@
|
|
1
|
+
Copyright 2013 Paul Kehrer
|
2
|
+
|
3
|
+
Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
you may not use this file except in compliance with the License.
|
5
|
+
You may obtain a copy of the License at
|
6
|
+
|
7
|
+
http://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
|
9
|
+
Unless required by applicable law or agreed to in writing, software
|
10
|
+
distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
See the License for the specific language governing permissions and
|
13
|
+
limitations under the License.
|
data/README.md
ADDED
@@ -0,0 +1,17 @@
|
|
1
|
+
#r509-validity-crl [![Build Status](https://secure.travis-ci.org/r509/r509-validity-crl.png)](http://travis-ci.org/r509/r509-validity-crl) [![Coverage Status](https://coveralls.io/repos/r509/r509-validity-crl/badge.png?branch=master)](https://coveralls.io/r/r509/r509-validity-crl?branch=master)
|
2
|
+
|
3
|
+
This project is related to [r509](http://github.com/r509/r509) and [r509-ocsp-responder](http://github.com/r509/r509-ocsp-responder) projects. It allows certificate validity and revocation information to be read from a pre-generated CRL and used to populate OCSP responses.
|
4
|
+
|
5
|
+
##Usage
|
6
|
+
Remove the redis-related lines of the [config.ru](https://github.com/r509/r509-ocsp-responder#set-up-configru) for r509-ocsp-responder and replace them with this:
|
7
|
+
```ruby
|
8
|
+
require 'r509/validity/crl'
|
9
|
+
crl_paths = ['/path/to/crl','/path/to/crl2']
|
10
|
+
reload_interval = '60m'
|
11
|
+
Dependo::Registry[:validity_checker] = R509::Validity::CRL::Checker.new(crl_paths,reload_interval)
|
12
|
+
```
|
13
|
+
* Each element in crl\_paths is an absolute path to a CRL to load on the filesystem. You should load those via an external cronjob.
|
14
|
+
* The reload\_interval defines the interval at which the checker will reload the CRL from the filesystem. By default it is 60m.
|
15
|
+
|
16
|
+
##Limitations
|
17
|
+
Due to the way CRLs work the responder can only operate in "known bad" mode. That is, the OCSP responder will respond *VALID* to all queries for certificates that are not explicitly revoked. This is in contrast to "known good" mode enabled by tracking all issuances with a plugin like [r509-validity-redis](http://github.com/sirsean/r509-validity-redis), which allows for *VALID*, *REVOKED*, and *UNKNOWN* responses.
|
data/Rakefile
ADDED
@@ -0,0 +1,30 @@
|
|
1
|
+
require 'rubygems'
|
2
|
+
require 'rspec/core/rake_task'
|
3
|
+
require "#{File.dirname(__FILE__)}/lib/r509/validity/crl/version"
|
4
|
+
|
5
|
+
task :default => :spec
|
6
|
+
RSpec::Core::RakeTask.new(:spec)
|
7
|
+
|
8
|
+
namespace :gem do
|
9
|
+
desc 'Build the gem'
|
10
|
+
task :build do
|
11
|
+
puts `yard`
|
12
|
+
puts `gem build r509-validity-crl.gemspec`
|
13
|
+
end
|
14
|
+
|
15
|
+
desc 'Install gem'
|
16
|
+
task :install do
|
17
|
+
puts `gem install r509-validity-crl-#{R509::Validity::CRL::VERSION}.gem`
|
18
|
+
end
|
19
|
+
|
20
|
+
desc 'Uninstall gem'
|
21
|
+
task :uninstall do
|
22
|
+
puts `gem uninstall r509-validity-crl`
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
desc 'Build yard documentation'
|
27
|
+
task :yard do
|
28
|
+
puts `yard`
|
29
|
+
`open doc/index.html`
|
30
|
+
end
|
data/doc/Kernel.html
ADDED
@@ -0,0 +1,174 @@
|
|
1
|
+
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
2
|
+
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
3
|
+
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
4
|
+
<head>
|
5
|
+
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
6
|
+
<title>
|
7
|
+
Module: Kernel
|
8
|
+
|
9
|
+
— Documentation by YARD 0.8.7.3
|
10
|
+
|
11
|
+
</title>
|
12
|
+
|
13
|
+
<link rel="stylesheet" href="css/style.css" type="text/css" charset="utf-8" />
|
14
|
+
|
15
|
+
<link rel="stylesheet" href="css/common.css" type="text/css" charset="utf-8" />
|
16
|
+
|
17
|
+
<script type="text/javascript" charset="utf-8">
|
18
|
+
hasFrames = window.top.frames.main ? true : false;
|
19
|
+
relpath = '';
|
20
|
+
framesUrl = "frames.html#!" + escape(window.location.href);
|
21
|
+
</script>
|
22
|
+
|
23
|
+
|
24
|
+
<script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
|
25
|
+
|
26
|
+
<script type="text/javascript" charset="utf-8" src="js/app.js"></script>
|
27
|
+
|
28
|
+
|
29
|
+
</head>
|
30
|
+
<body>
|
31
|
+
<div id="header">
|
32
|
+
<div id="menu">
|
33
|
+
|
34
|
+
<a href="_index.html">Index (K)</a> »
|
35
|
+
|
36
|
+
|
37
|
+
<span class="title">Kernel</span>
|
38
|
+
|
39
|
+
|
40
|
+
<div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
|
41
|
+
</div>
|
42
|
+
|
43
|
+
<div id="search">
|
44
|
+
|
45
|
+
<a class="full_list_link" id="class_list_link"
|
46
|
+
href="class_list.html">
|
47
|
+
Class List
|
48
|
+
</a>
|
49
|
+
|
50
|
+
<a class="full_list_link" id="method_list_link"
|
51
|
+
href="method_list.html">
|
52
|
+
Method List
|
53
|
+
</a>
|
54
|
+
|
55
|
+
<a class="full_list_link" id="file_list_link"
|
56
|
+
href="file_list.html">
|
57
|
+
File List
|
58
|
+
</a>
|
59
|
+
|
60
|
+
</div>
|
61
|
+
<div class="clear"></div>
|
62
|
+
</div>
|
63
|
+
|
64
|
+
<iframe id="search_frame"></iframe>
|
65
|
+
|
66
|
+
<div id="content"><h1>Module: Kernel
|
67
|
+
|
68
|
+
|
69
|
+
|
70
|
+
</h1>
|
71
|
+
|
72
|
+
<dl class="box">
|
73
|
+
|
74
|
+
|
75
|
+
|
76
|
+
|
77
|
+
|
78
|
+
|
79
|
+
|
80
|
+
|
81
|
+
<dt class="r1 last">Defined in:</dt>
|
82
|
+
<dd class="r1 last">lib/r509/validity/crl.rb</dd>
|
83
|
+
|
84
|
+
</dl>
|
85
|
+
<div class="clear"></div>
|
86
|
+
|
87
|
+
|
88
|
+
|
89
|
+
|
90
|
+
|
91
|
+
|
92
|
+
|
93
|
+
|
94
|
+
|
95
|
+
<h2>
|
96
|
+
Instance Method Summary
|
97
|
+
<small>(<a href="#" class="summary_toggle">collapse</a>)</small>
|
98
|
+
</h2>
|
99
|
+
|
100
|
+
<ul class="summary">
|
101
|
+
|
102
|
+
<li class="public ">
|
103
|
+
<span class="summary_signature">
|
104
|
+
|
105
|
+
<a href="#require_relative-instance_method" title="#require_relative (instance method)">- (Object) <strong>require_relative</strong>(path) </a>
|
106
|
+
|
107
|
+
|
108
|
+
|
109
|
+
</span>
|
110
|
+
|
111
|
+
|
112
|
+
|
113
|
+
|
114
|
+
|
115
|
+
|
116
|
+
|
117
|
+
|
118
|
+
|
119
|
+
<span class="summary_desc"><div class='inline'></div></span>
|
120
|
+
|
121
|
+
</li>
|
122
|
+
|
123
|
+
|
124
|
+
</ul>
|
125
|
+
|
126
|
+
|
127
|
+
|
128
|
+
|
129
|
+
<div id="instance_method_details" class="method_details_list">
|
130
|
+
<h2>Instance Method Details</h2>
|
131
|
+
|
132
|
+
|
133
|
+
<div class="method_details first">
|
134
|
+
<h3 class="signature first" id="require_relative-instance_method">
|
135
|
+
|
136
|
+
- (<tt>Object</tt>) <strong>require_relative</strong>(path)
|
137
|
+
|
138
|
+
|
139
|
+
|
140
|
+
|
141
|
+
|
142
|
+
</h3><table class="source_code">
|
143
|
+
<tr>
|
144
|
+
<td>
|
145
|
+
<pre class="lines">
|
146
|
+
|
147
|
+
|
148
|
+
5
|
149
|
+
6
|
150
|
+
7</pre>
|
151
|
+
</td>
|
152
|
+
<td>
|
153
|
+
<pre class="code"><span class="info file"># File 'lib/r509/validity/crl.rb', line 5</span>
|
154
|
+
|
155
|
+
<span class='kw'>def</span> <span class='id identifier rubyid_require_relative'>require_relative</span><span class='lparen'>(</span><span class='id identifier rubyid_path'>path</span><span class='rparen'>)</span>
|
156
|
+
<span class='id identifier rubyid_require'>require</span> <span class='const'>File</span><span class='period'>.</span><span class='id identifier rubyid_join'>join</span><span class='lparen'>(</span><span class='const'>File</span><span class='period'>.</span><span class='id identifier rubyid_dirname'>dirname</span><span class='lparen'>(</span><span class='id identifier rubyid_caller'>caller</span><span class='lbracket'>[</span><span class='int'>0</span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span> <span class='id identifier rubyid_path'>path</span><span class='period'>.</span><span class='id identifier rubyid_to_str'>to_str</span><span class='rparen'>)</span>
|
157
|
+
<span class='kw'>end</span></pre>
|
158
|
+
</td>
|
159
|
+
</tr>
|
160
|
+
</table>
|
161
|
+
</div>
|
162
|
+
|
163
|
+
</div>
|
164
|
+
|
165
|
+
</div>
|
166
|
+
|
167
|
+
<div id="footer">
|
168
|
+
Generated on Tue Feb 11 13:45:27 2014 by
|
169
|
+
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
170
|
+
0.8.7.3 (ruby-2.0.0).
|
171
|
+
</div>
|
172
|
+
|
173
|
+
</body>
|
174
|
+
</html>
|
data/doc/R509.html
ADDED
@@ -0,0 +1,115 @@
|
|
1
|
+
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
2
|
+
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
3
|
+
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
4
|
+
<head>
|
5
|
+
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
6
|
+
<title>
|
7
|
+
Module: R509
|
8
|
+
|
9
|
+
— Documentation by YARD 0.8.7.3
|
10
|
+
|
11
|
+
</title>
|
12
|
+
|
13
|
+
<link rel="stylesheet" href="css/style.css" type="text/css" charset="utf-8" />
|
14
|
+
|
15
|
+
<link rel="stylesheet" href="css/common.css" type="text/css" charset="utf-8" />
|
16
|
+
|
17
|
+
<script type="text/javascript" charset="utf-8">
|
18
|
+
hasFrames = window.top.frames.main ? true : false;
|
19
|
+
relpath = '';
|
20
|
+
framesUrl = "frames.html#!" + escape(window.location.href);
|
21
|
+
</script>
|
22
|
+
|
23
|
+
|
24
|
+
<script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
|
25
|
+
|
26
|
+
<script type="text/javascript" charset="utf-8" src="js/app.js"></script>
|
27
|
+
|
28
|
+
|
29
|
+
</head>
|
30
|
+
<body>
|
31
|
+
<div id="header">
|
32
|
+
<div id="menu">
|
33
|
+
|
34
|
+
<a href="_index.html">Index (R)</a> »
|
35
|
+
|
36
|
+
|
37
|
+
<span class="title">R509</span>
|
38
|
+
|
39
|
+
|
40
|
+
<div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
|
41
|
+
</div>
|
42
|
+
|
43
|
+
<div id="search">
|
44
|
+
|
45
|
+
<a class="full_list_link" id="class_list_link"
|
46
|
+
href="class_list.html">
|
47
|
+
Class List
|
48
|
+
</a>
|
49
|
+
|
50
|
+
<a class="full_list_link" id="method_list_link"
|
51
|
+
href="method_list.html">
|
52
|
+
Method List
|
53
|
+
</a>
|
54
|
+
|
55
|
+
<a class="full_list_link" id="file_list_link"
|
56
|
+
href="file_list.html">
|
57
|
+
File List
|
58
|
+
</a>
|
59
|
+
|
60
|
+
</div>
|
61
|
+
<div class="clear"></div>
|
62
|
+
</div>
|
63
|
+
|
64
|
+
<iframe id="search_frame"></iframe>
|
65
|
+
|
66
|
+
<div id="content"><h1>Module: R509
|
67
|
+
|
68
|
+
|
69
|
+
|
70
|
+
</h1>
|
71
|
+
|
72
|
+
<dl class="box">
|
73
|
+
|
74
|
+
|
75
|
+
|
76
|
+
|
77
|
+
|
78
|
+
|
79
|
+
|
80
|
+
|
81
|
+
<dt class="r1 last">Defined in:</dt>
|
82
|
+
<dd class="r1 last">lib/r509/validity/crl/version.rb</dd>
|
83
|
+
|
84
|
+
</dl>
|
85
|
+
<div class="clear"></div>
|
86
|
+
|
87
|
+
<h2>Defined Under Namespace</h2>
|
88
|
+
<p class="children">
|
89
|
+
|
90
|
+
|
91
|
+
<strong class="modules">Modules:</strong> <span class='object_link'><a href="R509/Validity.html" title="R509::Validity (module)">Validity</a></span>
|
92
|
+
|
93
|
+
|
94
|
+
|
95
|
+
|
96
|
+
</p>
|
97
|
+
|
98
|
+
|
99
|
+
|
100
|
+
|
101
|
+
|
102
|
+
|
103
|
+
|
104
|
+
|
105
|
+
|
106
|
+
</div>
|
107
|
+
|
108
|
+
<div id="footer">
|
109
|
+
Generated on Tue Feb 11 13:45:27 2014 by
|
110
|
+
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
111
|
+
0.8.7.3 (ruby-2.0.0).
|
112
|
+
</div>
|
113
|
+
|
114
|
+
</body>
|
115
|
+
</html>
|
@@ -0,0 +1,115 @@
|
|
1
|
+
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
2
|
+
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
3
|
+
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
4
|
+
<head>
|
5
|
+
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
6
|
+
<title>
|
7
|
+
Module: R509::Validity
|
8
|
+
|
9
|
+
— Documentation by YARD 0.8.7.3
|
10
|
+
|
11
|
+
</title>
|
12
|
+
|
13
|
+
<link rel="stylesheet" href="../css/style.css" type="text/css" charset="utf-8" />
|
14
|
+
|
15
|
+
<link rel="stylesheet" href="../css/common.css" type="text/css" charset="utf-8" />
|
16
|
+
|
17
|
+
<script type="text/javascript" charset="utf-8">
|
18
|
+
hasFrames = window.top.frames.main ? true : false;
|
19
|
+
relpath = '../';
|
20
|
+
framesUrl = "../frames.html#!" + escape(window.location.href);
|
21
|
+
</script>
|
22
|
+
|
23
|
+
|
24
|
+
<script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
|
25
|
+
|
26
|
+
<script type="text/javascript" charset="utf-8" src="../js/app.js"></script>
|
27
|
+
|
28
|
+
|
29
|
+
</head>
|
30
|
+
<body>
|
31
|
+
<div id="header">
|
32
|
+
<div id="menu">
|
33
|
+
|
34
|
+
<a href="../_index.html">Index (V)</a> »
|
35
|
+
<span class='title'><span class='object_link'><a href="../R509.html" title="R509 (module)">R509</a></span></span>
|
36
|
+
»
|
37
|
+
<span class="title">Validity</span>
|
38
|
+
|
39
|
+
|
40
|
+
<div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
|
41
|
+
</div>
|
42
|
+
|
43
|
+
<div id="search">
|
44
|
+
|
45
|
+
<a class="full_list_link" id="class_list_link"
|
46
|
+
href="../class_list.html">
|
47
|
+
Class List
|
48
|
+
</a>
|
49
|
+
|
50
|
+
<a class="full_list_link" id="method_list_link"
|
51
|
+
href="../method_list.html">
|
52
|
+
Method List
|
53
|
+
</a>
|
54
|
+
|
55
|
+
<a class="full_list_link" id="file_list_link"
|
56
|
+
href="../file_list.html">
|
57
|
+
File List
|
58
|
+
</a>
|
59
|
+
|
60
|
+
</div>
|
61
|
+
<div class="clear"></div>
|
62
|
+
</div>
|
63
|
+
|
64
|
+
<iframe id="search_frame"></iframe>
|
65
|
+
|
66
|
+
<div id="content"><h1>Module: R509::Validity
|
67
|
+
|
68
|
+
|
69
|
+
|
70
|
+
</h1>
|
71
|
+
|
72
|
+
<dl class="box">
|
73
|
+
|
74
|
+
|
75
|
+
|
76
|
+
|
77
|
+
|
78
|
+
|
79
|
+
|
80
|
+
|
81
|
+
<dt class="r1 last">Defined in:</dt>
|
82
|
+
<dd class="r1 last">lib/r509/validity/crl/version.rb</dd>
|
83
|
+
|
84
|
+
</dl>
|
85
|
+
<div class="clear"></div>
|
86
|
+
|
87
|
+
<h2>Defined Under Namespace</h2>
|
88
|
+
<p class="children">
|
89
|
+
|
90
|
+
|
91
|
+
<strong class="modules">Modules:</strong> <span class='object_link'><a href="Validity/CRL.html" title="R509::Validity::CRL (module)">CRL</a></span>
|
92
|
+
|
93
|
+
|
94
|
+
|
95
|
+
|
96
|
+
</p>
|
97
|
+
|
98
|
+
|
99
|
+
|
100
|
+
|
101
|
+
|
102
|
+
|
103
|
+
|
104
|
+
|
105
|
+
|
106
|
+
</div>
|
107
|
+
|
108
|
+
<div id="footer">
|
109
|
+
Generated on Tue Feb 11 13:45:27 2014 by
|
110
|
+
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
111
|
+
0.8.7.3 (ruby-2.0.0).
|
112
|
+
</div>
|
113
|
+
|
114
|
+
</body>
|
115
|
+
</html>
|