ssltool 0.0.8 → 0.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.md +2 -0
- data/bin/bootstrap-detect-intermediates +3 -4
- data/lib/ssltool/certificate_store.rb +5 -7
- metadata +2 -2
data/README.md
CHANGED
|
@@ -6,7 +6,9 @@ require_relative "../lib/ssltool/certificate_store"
|
|
|
6
6
|
|
|
7
7
|
(puts DATA.read.gsub("$0", File.basename($0)); exit 1) if ARGV.empty? && STDIN.tty?
|
|
8
8
|
|
|
9
|
-
|
|
9
|
+
store = SSLTool::CertificateStore.new("file://#{File.dirname(__FILE__)}/../var/pools")
|
|
10
|
+
|
|
11
|
+
store.on_circular_chain_detection do |circular_chains|
|
|
10
12
|
$stderr.puts "The following circular chains were detected:"
|
|
11
13
|
$stderr.puts
|
|
12
14
|
$stderr.puts "Resolve this manually and exclude the necessary certs to break the cycle by putting them your exclude pool; rerun this script."
|
|
@@ -30,10 +32,7 @@ def notify_circular_chains_detected(circular_chains)
|
|
|
30
32
|
$stderr.puts cert.to_s
|
|
31
33
|
end
|
|
32
34
|
end
|
|
33
|
-
public :notify_circular_chains_detected
|
|
34
35
|
|
|
35
|
-
store = SSLTool::CertificateStore.new("file://#{File.dirname(__FILE__)}/../var/pools")
|
|
36
|
-
store.register_for_circular_chain_detection_notification(self)
|
|
37
36
|
store.detect_and_merge_intermediates!(SSLTool::Certificate.scan(ARGF.read), false)
|
|
38
37
|
|
|
39
38
|
__END__
|
|
@@ -12,7 +12,7 @@ module SSLTool
|
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
def initialize(store_url)
|
|
15
|
-
@
|
|
15
|
+
@circular_chain_notification_callbacks = Set[]
|
|
16
16
|
@adapter = create_adapter(store_url)
|
|
17
17
|
@trusted_pool = @adapter.load_pool(:trusted)
|
|
18
18
|
@intermediate_pool = @adapter.load_pool(:intermediate)
|
|
@@ -65,15 +65,13 @@ module SSLTool
|
|
|
65
65
|
.each { |chain| chain.shift until chain[1..-1].to_a.any? { |other_cert| chain.first.signs?(other_cert) } || chain.empty? }
|
|
66
66
|
.reject { |chain| chain.length <= 1 }
|
|
67
67
|
.map(&:to_set).uniq.map(&:to_a)
|
|
68
|
-
@
|
|
68
|
+
@circular_chain_notification_callbacks.each { |proc| proc.call(circular_chains) } unless circular_chains.empty?
|
|
69
69
|
circular_chains
|
|
70
70
|
end
|
|
71
71
|
|
|
72
|
-
def
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
listener.nil? || listener.respond_to?(:notify_circular_chains_detected) or raise NoMethodError, "Listener does not define notify_circular_chains_detected(…)"
|
|
76
|
-
@circular_chain_notification_listeners << listener || listener_block
|
|
72
|
+
def on_circular_chain_detection(&block)
|
|
73
|
+
raise ArgumentError, "Missing block" unless block_given?
|
|
74
|
+
@circular_chain_notification_callbacks << block
|
|
77
75
|
end
|
|
78
76
|
|
|
79
77
|
### chains
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ssltool
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.9
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2012-09-
|
|
12
|
+
date: 2012-09-20 00:00:00.000000000 Z
|
|
13
13
|
dependencies: []
|
|
14
14
|
description: Orders and completes SSL certificate trust chains, maintains an up-to-date
|
|
15
15
|
pool of viable intermediates and trusted roots, and provides other tooling for dealing
|