The TrustDir manages the trusted certificates for gem signature verification.
Represents an installed gem. This is used for dependency resolution.
AbstractServlet allows HTTP server modules to be reused across multiple servers and allows encapsulation of functionality.
By default a servlet will respond to GET, HEAD (through an alias to GET) and OPTIONS requests.
By default a new servlet is initialized for every request. A servlet instance can be reused by overriding ::get_instance in the AbstractServlet subclass.
class Simple < WEBrick::HTTPServlet::AbstractServlet def do_GET request, response status, content_type, body = do_stuff_with request response.status = status response['Content-Type'] = content_type response.body = body end def do_stuff_with request return 200, 'text/plain', 'you got a page' end end
This servlet can be mounted on a server at a given path:
server.mount '/simple', Simple
Servlets can be configured via initialize. The first argument is the HTTP server the servlet is being initialized for.
class Configurable < Simple
def initialize server, color, size
super server
@color = color
@size = size
end
def do_stuff_with request
content = "<p " \
%q{style="color: #{@color}; font-size: #{@size}"} \
">Hello, World!"
return 200, "text/html", content
end
end
This servlet must be provided two arguments at mount time:
server.mount '/configurable', Configurable, 'red', '2em'
The TextConstruct module is used to define a Text construct Atom element, which is used to store small quantities of human-readable text.
The TextConstruct has a type attribute, e.g. text, html, xhtml
Reference: validator.w3.org/feed/docs/rfc4287.html#text.constructs
The PersonConstruct module is used to define a person Atom element that can be used to describe a person, corporation or similar entity.
The PersonConstruct has a Name, Uri and Email child elements.
Reference: validator.w3.org/feed/docs/rfc4287.html#atomPersonConstruct
Element used to describe an Atom date and time in the ISO 8601 format
Examples:
2013-03-04T15:30:02Z
2013-03-04T10:30:02-05:00
A StoreContext is used while validating a single certificate and holds the status involved.
The parent class for all primitive encodings. Attributes are the same as for ASN1Data, with the addition of tagging. Primitive values can never be encoded with indefinite length form, thus it is not possible to set the indefinite_length attribute for Primitive and its sub-classes.
Primitive sub-classes and their mapping to Ruby classes OpenSSL::ASN1::EndOfContent <=> value is always nil
OpenSSL::ASN1::Boolean <=> value is true or false
OpenSSL::ASN1::Integer <=> value is an OpenSSL::BN
OpenSSL::ASN1::BitString <=> value is a String
OpenSSL::ASN1::OctetString <=> value is a String
OpenSSL::ASN1::Null <=> value is always nil
OpenSSL::ASN1::Object <=> value is a String
OpenSSL::ASN1::Enumerated <=> value is an OpenSSL::BN
OpenSSL::ASN1::UTF8String <=> value is a String
OpenSSL::ASN1::NumericString <=> value is a String
OpenSSL::ASN1::PrintableString <=> value is a String
OpenSSL::ASN1::T61String <=> value is a String
OpenSSL::ASN1::VideotexString <=> value is a String
OpenSSL::ASN1::IA5String <=> value is a String
OpenSSL::ASN1::UTCTime <=> value is a Time
OpenSSL::ASN1::GeneralizedTime <=> value is a Time
OpenSSL::ASN1::GraphicString <=> value is a String
OpenSSL::ASN1::ISO64String <=> value is a String
OpenSSL::ASN1::GeneralString <=> value is a String
OpenSSL::ASN1::UniversalString <=> value is a String
OpenSSL::ASN1::BMPString <=> value is a String
unused_bits: if the underlying BIT STRING’s length is a multiple of 8 then unused_bits is 0. Otherwise unused_bits indicates the number of bits that are to be ignored in the final octet of the BitString’s value.
OpenSSL::ASN1::ObjectId NOTE: While OpenSSL::ASN1::ObjectId.new will allocate a new ObjectId, it is not typically allocated this way, but rather that are received from parsed ASN1 encodings.
sn: the short name as defined in <openssl/objects.h>.
ln: the long name as defined in <openssl/objects.h>.
oid: the object identifier as a String, e.g. “1.2.3.4.5”
short_name: alias for sn.
long_name: alias for ln.
With the Exception of OpenSSL::ASN1::EndOfContent, each Primitive class constructor takes at least one parameter, the value.
eoc = OpenSSL::ASN1::EndOfContent.new
Primitive prim = <class>.new(value) # <class> being one of the sub-classes except EndOfContent prim_zero_tagged_implicit = <class>.new(value, 0, :IMPLICIT) prim_zero_tagged_explicit = <class>.new(value, 0, :EXPLICIT)
An OpenSSL::OCSP::Request contains the certificate information for determining if a certificate has been revoked or not. A Request can be created for a certificate or from a DER-encoded request created elsewhere.
The X509 certificate store holds trusted CA certificates used to verify peer certificates.
The easiest way to create a useful certificate store is:
cert_store = OpenSSL::X509::Store.new cert_store.set_default_paths
This will use your system’s built-in certificates.
If your system does not have a default set of certificates you can obtain a set extracted from Mozilla CA certificate store by cURL maintainers here: curl.haxx.se/docs/caextract.html (You may wish to use the firefox-db2pem.sh script to extract the certificates from a local install to avoid man-in-the-middle attacks.)
After downloading or generating a cacert.pem from the above link you can create a certificate store from the pem file like this:
cert_store = OpenSSL::X509::Store.new cert_store.add_file 'cacert.pem'
The certificate store can be used with an SSLSocket like this:
ssl_context = OpenSSL::SSL::SSLContext.new ssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEER ssl_context.cert_store = cert_store tcp_socket = TCPSocket.open 'example.com', 443 ssl_socket = OpenSSL::SSL::SSLSocket.new tcp_socket, ssl_context
Psych::JSON::TreeBuilder is an event based AST builder. Events are sent to an instance of Psych::JSON::TreeBuilder and a JSON AST is constructed.