scripts etc and tests for native-tls
This commit is contained in:
parent
3c543e762b
commit
9525de22e5
40
Cargo.lock
generated
40
Cargo.lock
generated
@ -6,7 +6,7 @@ dependencies = [
|
||||
"chrono 0.2.25 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"docopt 0.6.86 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"error-chain 0.1.12 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"futures 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"lazy_static 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"openssl 0.9.10 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
@ -73,7 +73,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
|
||||
[[package]]
|
||||
name = "bytes"
|
||||
version = "0.4.1"
|
||||
version = "0.4.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
dependencies = [
|
||||
"byteorder 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
@ -160,7 +160,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
|
||||
[[package]]
|
||||
name = "futures"
|
||||
version = "0.1.11"
|
||||
version = "0.1.13"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
|
||||
[[package]]
|
||||
@ -519,8 +519,8 @@ name = "tokio-core"
|
||||
version = "0.1.6"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
dependencies = [
|
||||
"bytes 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"bytes 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"futures 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"iovec 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"mio 0.6.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
@ -534,8 +534,8 @@ name = "tokio-io"
|
||||
version = "0.1.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
dependencies = [
|
||||
"bytes 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"bytes 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"futures 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
]
|
||||
|
||||
@ -544,7 +544,7 @@ name = "tokio-openssl"
|
||||
version = "0.1.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
dependencies = [
|
||||
"futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"futures 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"openssl 0.9.10 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"tokio-core 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"tokio-io 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
@ -555,7 +555,7 @@ name = "tokio-tls"
|
||||
version = "0.1.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
dependencies = [
|
||||
"futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"futures 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"native-tls 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"tokio-core 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"tokio-io 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
@ -577,23 +577,33 @@ dependencies = [
|
||||
"chrono 0.2.25 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"data-encoding 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"error-chain 0.1.12 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"futures 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"lazy_static 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"log 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"native-tls 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"openssl 0.9.10 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"rand 0.3.15 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"ring 0.6.3 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"rustc-serialize 0.3.23 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"security-framework 0.1.14 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"time 0.1.36 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"tokio-core 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"tokio-io 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"tokio-openssl 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"tokio-tls 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"untrusted 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "trust-dns-native-tls"
|
||||
version = "0.1.0"
|
||||
dependencies = [
|
||||
"futures 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"native-tls 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"openssl 0.9.10 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"security-framework 0.1.14 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"tokio-core 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"tokio-tls 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"trust-dns 0.10.0",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "untrusted"
|
||||
version = "0.3.2"
|
||||
@ -639,7 +649,7 @@ dependencies = [
|
||||
"checksum backtrace-sys 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)" = "d192fd129132fbc97497c1f2ec2c2c5174e376b95f535199ef4fe0a293d33842"
|
||||
"checksum bitflags 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "aad18937a628ec6abcd26d1489012cc0e18c21798210f491af69ded9b881106d"
|
||||
"checksum byteorder 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "c40977b0ee6b9885c9013cd41d9feffdd22deb3bb4dc3a71d901cc7a77de18c8"
|
||||
"checksum bytes 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)" = "46112a0060ae15e3a3f9a445428a53e082b91215b744fa27a1948842f4a64b96"
|
||||
"checksum bytes 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)" = "3941933da81d8717b427c2ddc2d73567cd15adb6c57514a2726d9ee598a5439a"
|
||||
"checksum cfg-if 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "de1e760d7b6535af4241fca8bd8adf68e2e7edacc6b29f5d399050c5e48cf88c"
|
||||
"checksum chrono 0.2.25 (registry+https://github.com/rust-lang/crates.io-index)" = "9213f7cd7c27e95c2b57c49f0e69b1ea65b27138da84a170133fd21b07659c00"
|
||||
"checksum core-foundation 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "25bfd746d203017f7d5cbd31ee5d8e17f94b6521c7af77ece6c9e4b2d4b16c67"
|
||||
@ -650,7 +660,7 @@ dependencies = [
|
||||
"checksum docopt 0.6.86 (registry+https://github.com/rust-lang/crates.io-index)" = "4a7ef30445607f6fc8720f0a0a2c7442284b629cf0d049286860fae23e71c4d9"
|
||||
"checksum error-chain 0.1.12 (registry+https://github.com/rust-lang/crates.io-index)" = "faa976b4fd2e4c2b2f3f486874b19e61944d3de3de8b61c9fcf835d583871bcc"
|
||||
"checksum foreign-types 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "3e4056b9bd47f8ac5ba12be771f77a0dae796d1bbaaf5fd0b9c2d38b69b8a29d"
|
||||
"checksum futures 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)" = "8e51e7f9c150ba7fd4cee9df8bf6ea3dea5b63b68955ddad19ccd35b71dcfb4d"
|
||||
"checksum futures 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)" = "55f0008e13fc853f79ea8fc86e931486860d4c4c156cdffb59fa5f7fa833660a"
|
||||
"checksum gcc 0.3.45 (registry+https://github.com/rust-lang/crates.io-index)" = "40899336fb50db0c78710f53e87afc54d8c7266fb76262fecc78ca1a7f09deae"
|
||||
"checksum gdi32-sys 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "0912515a8ff24ba900422ecda800b52f4016a56251922d397c576bf92c690518"
|
||||
"checksum iovec 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "29d062ee61fccdf25be172e70f34c9f6efc597e1fb8f6526e8437b2046ab26be"
|
||||
|
@ -1,5 +1,5 @@
|
||||
[workspace]
|
||||
members = ["client", "server"]
|
||||
members = ["client", "native-tls", "server"]
|
||||
|
||||
[replace]
|
||||
#"openssl:0.9.8" = { git = "https://github.com/sfackler/rust-openssl.git", features = ["v102", "v110"] }
|
||||
|
@ -43,7 +43,6 @@ travis-ci = { repository = "bluejekyll/trust-dns" }
|
||||
[features]
|
||||
default = ["openssl", "tls"]
|
||||
tls = ["openssl", "tokio-openssl"]
|
||||
tls-native = ["native-tls", "tokio-tls", "security-framework"]
|
||||
|
||||
# WARNING: there is a bug in the mutual tls auth code at the moment see issue #100
|
||||
# mtls = ["tls"]
|
||||
@ -60,7 +59,6 @@ error-chain = "0.1.12"
|
||||
futures = "^0.1.6"
|
||||
lazy_static = "^0.2.1"
|
||||
log = "^0.3.5"
|
||||
native-tls = { version = "^0.1", optional = true }
|
||||
openssl = { version = "^0.9.8", features = ["v102", "v110"], optional = true }
|
||||
rand = "^0.3"
|
||||
ring = { version = "^0.6", optional = true }
|
||||
@ -68,15 +66,8 @@ rustc-serialize = "^0.3.18"
|
||||
time = "^0.1"
|
||||
tokio-core = "^0.1"
|
||||
tokio-io = "^0.1"
|
||||
tokio-tls = { version = "^0.1", optional = true }
|
||||
tokio-openssl = { version = "^0.1", optional = true }
|
||||
untrusted = "^0.3"
|
||||
|
||||
[dev-dependencies]
|
||||
openssl = { version = "^0.9.8", features = ["v102", "v110"], optional = false }
|
||||
|
||||
[target.'cfg(target_os = "macos")'.dependencies]
|
||||
security-framework = { version = "^0.1.10", optional = true }
|
||||
|
||||
[target.'cfg(target_os = "macos")'.dev-dependencies]
|
||||
security-framework = "^0.1.10"
|
||||
|
@ -64,13 +64,8 @@ pub mod logger;
|
||||
pub mod op;
|
||||
pub mod rr;
|
||||
pub mod tcp;
|
||||
#[cfg(feature = "native-tls")]
|
||||
pub mod tls_native;
|
||||
#[doc(hidden)]
|
||||
#[cfg(feature = "native-tls")]
|
||||
pub use tls_native as tls;
|
||||
#[cfg(all(feature = "tls", feature = "openssl", not(feature="native-tls")))]
|
||||
pub mod tls_openssl;
|
||||
#[cfg(all(feature = "tls", feature = "openssl"))]
|
||||
pub mod tls;
|
||||
pub mod udp;
|
||||
pub mod serialize;
|
||||
|
||||
@ -103,11 +98,21 @@ pub struct BufClientStreamHandle {
|
||||
sender: BufStreamHandle,
|
||||
}
|
||||
|
||||
impl BufClientStreamHandle {
|
||||
pub fn new(name_server: SocketAddr, sender: BufStreamHandle) -> Self {
|
||||
BufClientStreamHandle {
|
||||
name_server: name_server,
|
||||
sender: sender,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl ClientStreamHandle for BufClientStreamHandle {
|
||||
fn send(&mut self, buffer: Vec<u8>) -> io::Result<()> {
|
||||
let name_server: SocketAddr = self.name_server;
|
||||
let sender: &mut _ = &mut self.sender;
|
||||
sender.send((buffer, name_server))
|
||||
sender
|
||||
.send((buffer, name_server))
|
||||
.map_err(|_| io::Error::new(io::ErrorKind::Other, "unknown"))
|
||||
}
|
||||
}
|
||||
|
@ -23,7 +23,7 @@ use openssl::x509::*;
|
||||
use openssl::x509::store::X509StoreBuilder;
|
||||
use tokio_core::reactor::Core;
|
||||
|
||||
use tls_openssl::{TlsStream, TlsStreamBuilder};
|
||||
use tls::{TlsStream, TlsStreamBuilder};
|
||||
|
||||
use tests::tls::{root_ca, cert};
|
||||
|
@ -23,7 +23,7 @@ use tokio_core::reactor::Core;
|
||||
|
||||
use error::*;
|
||||
use client::{ClientConnection, ClientStreamHandle};
|
||||
use tls_openssl::{TlsClientStream, TlsClientStreamBuilder};
|
||||
use tls::{TlsClientStream, TlsClientStreamBuilder};
|
||||
|
||||
/// Tls client connection
|
||||
///
|
@ -10,7 +10,7 @@ use std::io;
|
||||
|
||||
use futures::Future;
|
||||
#[cfg(feature = "mtls")]
|
||||
use native_tls::Pkcs12;
|
||||
use openssl::pkcs12::Pkcs12;
|
||||
use openssl::x509::X509 as OpensslX509;
|
||||
use tokio_core::net::TcpStream as TokioTcpStream;
|
||||
use tokio_core::reactor::Handle;
|
||||
@ -18,7 +18,7 @@ use tokio_openssl::SslStream as TokioTlsStream;
|
||||
|
||||
use BufClientStreamHandle;
|
||||
use tcp::TcpClientStream;
|
||||
use tls_openssl::{TlsStream, TlsStreamBuilder};
|
||||
use tls::{TlsStream, TlsStreamBuilder};
|
||||
use client::ClientStreamHandle;
|
||||
|
||||
pub type TlsClientStream = TcpClientStream<TokioTlsStream<TokioTcpStream>>;
|
59
native-tls/Cargo.toml
Normal file
59
native-tls/Cargo.toml
Normal file
@ -0,0 +1,59 @@
|
||||
[package]
|
||||
name = "trust-dns-native-tls"
|
||||
version = "0.1.0"
|
||||
authors = ["Benjamin Fry <benjaminfry@me.com>"]
|
||||
|
||||
# A short blurb about the package. This is not rendered in any format when
|
||||
# uploaded to crates.io (aka this is not markdown)
|
||||
description = """
|
||||
An extension for the TRust-DNS client. To use, disable the tls feature on TRust-DNS.
|
||||
"""
|
||||
|
||||
# These URLs point to more information about the repository
|
||||
documentation = "https://docs.rs/trust-dns"
|
||||
homepage = "http://www.trust-dns.org/index.html"
|
||||
repository = "https://github.com/bluejekyll/trust-dns"
|
||||
|
||||
# This points to a file in the repository (relative to this Cargo.toml). The
|
||||
# contents of this file are stored and indexed in the registry.
|
||||
readme = "../README.md"
|
||||
|
||||
# This is a small list of keywords used to categorize and search for this
|
||||
# package.
|
||||
keywords = ["DNS", "BIND", "dig", "named", "dnssec"]
|
||||
categories = ["network-programming"]
|
||||
|
||||
# This is a string description of the license for this package. Currently
|
||||
# crates.io will validate the license provided against a whitelist of known
|
||||
# license identifiers from http://spdx.org/licenses/. Multiple licenses can
|
||||
# be separated with a `/`
|
||||
license = "MIT/Apache-2.0"
|
||||
|
||||
# custom build steps
|
||||
# build = "build.rs"
|
||||
|
||||
[badges]
|
||||
travis-ci = { repository = "bluejekyll/trust-dns" }
|
||||
|
||||
[features]
|
||||
|
||||
# WARNING: there is a bug in the mutual tls auth code at the moment see issue #100
|
||||
# mtls = ["tls"]
|
||||
|
||||
[lib]
|
||||
name = "trust_dns_native_tls"
|
||||
path = "src/lib.rs"
|
||||
|
||||
[dependencies]
|
||||
futures = "^0.1.6"
|
||||
native-tls = "^0.1"
|
||||
tokio-core = "^0.1"
|
||||
tokio-tls = "^0.1"
|
||||
# disables default features, i.e. openssl...
|
||||
trust-dns = { version = "^0.10", path = "../client", default-features = false }
|
||||
|
||||
[target.'cfg(target_os = "linux")'.dependencies]
|
||||
openssl = { version = "^0.9.8", features = ["v102", "v110"] }
|
||||
|
||||
[target.'cfg(target_os = "macos")'.dependencies]
|
||||
security-framework = "^0.1.10"
|
@ -16,6 +16,15 @@
|
||||
|
||||
//! TLS protocol related components for DNS over TLS
|
||||
|
||||
extern crate futures;
|
||||
extern crate native_tls;
|
||||
#[cfg(target_os = "linux")]
|
||||
extern crate openssl;
|
||||
extern crate security_framework;
|
||||
extern crate tokio_core;
|
||||
extern crate tokio_tls;
|
||||
extern crate trust_dns;
|
||||
|
||||
mod tls_client_connection;
|
||||
mod tls_client_stream;
|
||||
mod tls_stream;
|
||||
@ -25,5 +34,4 @@ pub use self::tls_client_stream::{TlsClientStream, TlsClientStreamBuilder};
|
||||
pub use self::tls_stream::{TlsStream, TlsStreamBuilder};
|
||||
|
||||
#[cfg(test)]
|
||||
#[cfg(feature = "openssl")] // FIXME: openssl is required for tests at the moment
|
||||
mod tests;
|
@ -7,6 +7,7 @@
|
||||
|
||||
use std;
|
||||
use std::{thread, time};
|
||||
use std::fs::File;
|
||||
use std::net::SocketAddr;
|
||||
use std::net::{IpAddr, Ipv4Addr};
|
||||
#[cfg(not(target_os = "linux"))]
|
||||
@ -22,26 +23,23 @@ use native_tls::backend::openssl::*;
|
||||
use native_tls::TlsAcceptor;
|
||||
#[cfg(target_os = "linux")]
|
||||
use openssl;
|
||||
use openssl::pkey::*;
|
||||
#[cfg(target_os = "linux")]
|
||||
use openssl::ssl::{SSL_VERIFY_PEER, SSL_VERIFY_NONE, SSL_VERIFY_FAIL_IF_NO_PEER_CERT};
|
||||
use openssl::x509::*;
|
||||
#[cfg(target_os = "linux")]
|
||||
use openssl::x509::store::X509StoreBuilder;
|
||||
#[cfg(target_os = "linux")]
|
||||
use openssl::x509::X509;
|
||||
#[cfg(target_os = "macos")]
|
||||
use security_framework::certificate::SecCertificate;
|
||||
use tokio_core::reactor::Core;
|
||||
|
||||
use tls_native::{TlsStream, TlsStreamBuilder};
|
||||
|
||||
use tests::tls::{root_ca, cert};
|
||||
use {TlsStream, TlsStreamBuilder};
|
||||
|
||||
// this fails on linux for some reason. It appears that a buffer somewhere is dirty
|
||||
// and subsequent reads of a mesage buffer reads the wrong length. It works for 2 iterations
|
||||
// but not 3?
|
||||
// #[cfg(not(target_os = "linux"))]
|
||||
#[test]
|
||||
#[cfg(feature = "tls")]
|
||||
fn test_tls_client_stream_ipv4() {
|
||||
tls_client_stream_test(IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)), false)
|
||||
}
|
||||
@ -49,14 +47,12 @@ fn test_tls_client_stream_ipv4() {
|
||||
// FIXME: mtls is disabled at the moment, it causes a hang on Linux, and is currently not supported on macOS
|
||||
#[cfg(feature = "mtls")]
|
||||
#[test]
|
||||
#[cfg(feature = "tls")]
|
||||
#[cfg(not(target_os = "macos"))] // ignored until Travis-CI fixes IPv6
|
||||
fn test_tls_client_stream_ipv4_mtls() {
|
||||
tls_client_stream_test(IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)), true)
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[cfg(feature = "tls")]
|
||||
#[cfg(not(target_os = "linux"))] // ignored until Travis-CI fixes IPv6
|
||||
fn test_tls_client_stream_ipv6() {
|
||||
tls_client_stream_test(IpAddr::V6(Ipv6Addr::new(0, 0, 0, 0, 0, 0, 0, 1)), false)
|
||||
@ -65,8 +61,16 @@ fn test_tls_client_stream_ipv6() {
|
||||
const TEST_BYTES: &'static [u8; 8] = b"DEADBEEF";
|
||||
const TEST_BYTES_LEN: usize = 8;
|
||||
|
||||
fn read_file(path: &str) -> Vec<u8> {
|
||||
let mut bytes = vec![];
|
||||
|
||||
let mut file = File::open(path).expect(&format!("failed to open file: {}", path));
|
||||
file.read_to_end(&mut bytes)
|
||||
.expect(&format!("failed to read file: {}", path));
|
||||
bytes
|
||||
}
|
||||
|
||||
#[allow(unused_mut)]
|
||||
#[cfg(feature = "tls")]
|
||||
fn tls_client_stream_test(server_addr: IpAddr, mtls: bool) {
|
||||
let succeeded = Arc::new(atomic::AtomicBool::new(false));
|
||||
let succeeded_clone = succeeded.clone();
|
||||
@ -85,15 +89,11 @@ fn tls_client_stream_test(server_addr: IpAddr, mtls: bool) {
|
||||
})
|
||||
.unwrap();
|
||||
|
||||
let (root_pkey, root_name, root_cert) = root_ca();
|
||||
let root_cert_der = root_cert.to_der().unwrap();
|
||||
let root_cert_der = read_file("../tests/ca.pem");
|
||||
|
||||
// Generate X509 certificate
|
||||
let subject_name = "ns.example.com";
|
||||
let (_ /*server_pkey*/, _ /*server_cert*/, pkcs12) =
|
||||
cert(subject_name, &root_pkey, &root_name, &root_cert);
|
||||
|
||||
let server_pkcs12_der = pkcs12.to_der().unwrap();
|
||||
let server_pkcs12_der = read_file("../tests/cert.p12");
|
||||
|
||||
// TODO: need a timeout on listen
|
||||
let server = std::net::TcpListener::bind(SocketAddr::new(server_addr, 0)).unwrap();
|
||||
@ -181,23 +181,31 @@ fn tls_client_stream_test(server_addr: IpAddr, mtls: bool) {
|
||||
|
||||
|
||||
// barrier.wait();
|
||||
let mut builder = TlsStream::builder();
|
||||
let mut builder = ::tls_stream::tls_builder();
|
||||
builder.add_ca(trust_chain);
|
||||
|
||||
if mtls {
|
||||
config_mtls(&root_pkey, &root_name, &root_cert, &mut builder);
|
||||
}
|
||||
// fix MTLS
|
||||
// if mtls {
|
||||
// config_mtls(&root_pkey, &root_name, &root_cert, &mut builder);
|
||||
// }
|
||||
|
||||
let (stream, sender) = builder.build(server_addr, subject_name.to_string(), io_loop.handle());
|
||||
|
||||
// TODO: there is a race failure here... a race with the server thread most likely...
|
||||
let mut stream = io_loop.run(stream).ok().expect("run failed to get stream");
|
||||
let mut stream = io_loop
|
||||
.run(stream)
|
||||
.ok()
|
||||
.expect("run failed to get stream");
|
||||
|
||||
for _ in 0..send_recv_times {
|
||||
// test once
|
||||
sender.send((TEST_BYTES.to_vec(), server_addr)).expect("send failed");
|
||||
let (buffer, stream_tmp) =
|
||||
io_loop.run(stream.into_future()).ok().expect("future iteration run failed");
|
||||
sender
|
||||
.send((TEST_BYTES.to_vec(), server_addr))
|
||||
.expect("send failed");
|
||||
let (buffer, stream_tmp) = io_loop
|
||||
.run(stream.into_future())
|
||||
.ok()
|
||||
.expect("future iteration run failed");
|
||||
stream = stream_tmp;
|
||||
let (buffer, _) = buffer.expect("no buffer received");
|
||||
assert_eq!(&buffer, TEST_BYTES);
|
||||
@ -207,19 +215,19 @@ fn tls_client_stream_test(server_addr: IpAddr, mtls: bool) {
|
||||
server_handle.join().expect("server thread failed");
|
||||
}
|
||||
|
||||
#[allow(unused_variables)]
|
||||
#[cfg(feature = "tls")]
|
||||
fn config_mtls(root_pkey: &PKey,
|
||||
root_name: &X509Name,
|
||||
root_cert: &X509,
|
||||
builder: &mut TlsStreamBuilder) {
|
||||
// signed by the same root cert
|
||||
let client_name = "resolv.example.com";
|
||||
let (_ /*client_pkey*/, _ /*client_cert*/, client_identity) =
|
||||
cert(client_name, root_pkey, root_name, root_cert);
|
||||
let client_identity =
|
||||
native_tls::Pkcs12::from_der(&client_identity.to_der().unwrap(), "mypass").unwrap();
|
||||
// TODO: fix MTLS
|
||||
// #[allow(unused_variables)]
|
||||
// fn config_mtls(root_pkey: &PKey,
|
||||
// root_name: &X509Name,
|
||||
// root_cert: &X509,
|
||||
// builder: &mut TlsStreamBuilder) {
|
||||
// // signed by the same root cert
|
||||
// let client_name = "resolv.example.com";
|
||||
// let (_ /*client_pkey*/, _ /*client_cert*/, client_identity) =
|
||||
// cert(client_name, root_pkey, root_name, root_cert);
|
||||
// let client_identity =
|
||||
// native_tls::Pkcs12::from_der(&client_identity.to_der().unwrap(), "mypass").unwrap();
|
||||
|
||||
#[cfg(feature = "mtls")]
|
||||
builder.identity(client_identity);
|
||||
}
|
||||
// #[cfg(feature = "mtls")]
|
||||
// builder.identity(client_identity);
|
||||
// }
|
@ -26,9 +26,9 @@ use openssl::x509::X509 as OpensslX509;
|
||||
use security_framework::certificate::SecCertificate;
|
||||
use tokio_core::reactor::Core;
|
||||
|
||||
use error::*;
|
||||
use client::{ClientConnection, ClientStreamHandle};
|
||||
use tls::{TlsClientStream, TlsClientStreamBuilder};
|
||||
use trust_dns::error::*;
|
||||
use trust_dns::client::{ClientConnection, ClientStreamHandle};
|
||||
use {TlsClientStream, TlsClientStreamBuilder};
|
||||
|
||||
/// Tls client connection
|
||||
///
|
||||
@ -41,7 +41,7 @@ pub struct TlsClientConnection {
|
||||
|
||||
impl TlsClientConnection {
|
||||
pub fn builder() -> TlsClientConnectionBuilder {
|
||||
TlsClientConnectionBuilder(TlsClientStream::builder())
|
||||
TlsClientConnectionBuilder(TlsClientStreamBuilder::new())
|
||||
}
|
||||
}
|
||||
|
@ -19,22 +19,21 @@ use tokio_core::net::TcpStream as TokioTcpStream;
|
||||
use tokio_core::reactor::Handle;
|
||||
use tokio_tls::TlsStream as TokioTlsStream;
|
||||
|
||||
use BufClientStreamHandle;
|
||||
use tcp::TcpClientStream;
|
||||
use tls::{TlsStream, TlsStreamBuilder};
|
||||
use client::ClientStreamHandle;
|
||||
use trust_dns::BufClientStreamHandle;
|
||||
use trust_dns::tcp::TcpClientStream;
|
||||
use trust_dns::client::ClientStreamHandle;
|
||||
|
||||
use {TlsStream, TlsStreamBuilder};
|
||||
|
||||
pub type TlsClientStream = TcpClientStream<TokioTlsStream<TokioTcpStream>>;
|
||||
|
||||
impl TlsClientStream {
|
||||
pub fn builder() -> TlsClientStreamBuilder {
|
||||
TlsClientStreamBuilder(TlsStream::builder())
|
||||
}
|
||||
}
|
||||
|
||||
pub struct TlsClientStreamBuilder(TlsStreamBuilder);
|
||||
|
||||
impl TlsClientStreamBuilder {
|
||||
pub fn new() -> TlsClientStreamBuilder {
|
||||
TlsClientStreamBuilder(::tls_stream::tls_builder())
|
||||
}
|
||||
|
||||
/// Add a custom trusted peer certificate or certificate auhtority.
|
||||
///
|
||||
/// If this is the 'client' then the 'server' must have it associated as it's `identity`, or have had the `identity` signed by this certificate.
|
||||
@ -75,10 +74,7 @@ impl TlsClientStreamBuilder {
|
||||
let new_future: Box<Future<Item = TlsClientStream, Error = io::Error>> =
|
||||
Box::new(stream_future.map(move |tls_stream| TcpClientStream::from_stream(tls_stream)));
|
||||
|
||||
let sender = Box::new(BufClientStreamHandle {
|
||||
name_server: name_server,
|
||||
sender: sender,
|
||||
});
|
||||
let sender = Box::new(BufClientStreamHandle::new(name_server, sender));
|
||||
|
||||
(new_future, sender)
|
||||
}
|
@ -27,105 +27,118 @@ use tokio_core::net::TcpStream as TokioTcpStream;
|
||||
use tokio_core::reactor::Handle;
|
||||
use tokio_tls::{TlsConnectorExt, TlsStream as TokioTlsStream};
|
||||
|
||||
use BufStreamHandle;
|
||||
use tcp::TcpStream;
|
||||
use trust_dns::BufStreamHandle;
|
||||
use trust_dns::tcp::TcpStream;
|
||||
|
||||
pub type TlsStream = TcpStream<TokioTlsStream<TokioTcpStream>>;
|
||||
|
||||
impl TlsStream {
|
||||
/// A builder for associating trust information to the `TlsStream`.
|
||||
pub fn builder() -> TlsStreamBuilder {
|
||||
TlsStreamBuilder {
|
||||
ca_chain: vec![],
|
||||
identity: None,
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(target_os = "linux")]
|
||||
fn new(certs: Vec<X509>, pkcs12: Option<Pkcs12>) -> io::Result<TlsConnector> {
|
||||
let mut tls = try!(TlsConnector::builder().map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
try!(tls.supported_protocols(&[Tlsv12]).map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
|
||||
{
|
||||
// mutable reference block
|
||||
let mut openssl_builder = tls.builder_mut();
|
||||
let mut openssl_ctx_builder = openssl_builder.builder_mut();
|
||||
|
||||
let mut store = try!(X509StoreBuilder::new().map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
|
||||
for cert in certs {
|
||||
try!(store.add_cert(cert).map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
}
|
||||
|
||||
try!(openssl_ctx_builder.set_verify_cert_store(store.build()).map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
}
|
||||
|
||||
// if there was a pkcs12 associated, we'll add it to the identity
|
||||
if let Some(pkcs12) = pkcs12 {
|
||||
try!(tls.identity(pkcs12).map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
}
|
||||
tls.build().map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
})
|
||||
}
|
||||
|
||||
#[cfg(target_os = "macos")]
|
||||
fn new(certs: Vec<SecCertificate>, pkcs12: Option<Pkcs12>) -> io::Result<TlsConnector> {
|
||||
let mut builder = try!(TlsConnector::builder().map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
try!(builder.supported_protocols(&[Tlsv12]).map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
builder.anchor_certificates(&certs);
|
||||
|
||||
if let Some(pkcs12) = pkcs12 {
|
||||
try!(builder.identity(pkcs12).map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
}
|
||||
builder.build().map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
})
|
||||
}
|
||||
|
||||
/// Initializes a TlsStream with an existing tokio_tls::TlsStream.
|
||||
///
|
||||
/// This is intended for use with a TlsListener and Incoming connections
|
||||
pub fn from_tls_stream(stream: TokioTlsStream<TokioTcpStream>,
|
||||
peer_addr: SocketAddr)
|
||||
-> (Self, BufStreamHandle) {
|
||||
let (message_sender, outbound_messages) = unbounded();
|
||||
|
||||
let stream = TcpStream::from_stream_with_receiver(stream, peer_addr, outbound_messages);
|
||||
|
||||
(stream, message_sender)
|
||||
// impl TlsStream {
|
||||
/// A builder for associating trust information to the `TlsStream`.
|
||||
pub fn tls_builder() -> TlsStreamBuilder {
|
||||
TlsStreamBuilder {
|
||||
ca_chain: vec![],
|
||||
identity: None,
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(target_os = "linux")]
|
||||
fn tls_new(certs: Vec<X509>, pkcs12: Option<Pkcs12>) -> io::Result<TlsConnector> {
|
||||
let mut tls = try!(TlsConnector::builder().map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
try!(tls.supported_protocols(&[Tlsv12])
|
||||
.map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
|
||||
{
|
||||
// mutable reference block
|
||||
let mut openssl_builder = tls.builder_mut();
|
||||
let mut openssl_ctx_builder = openssl_builder.builder_mut();
|
||||
|
||||
let mut store = try!(X509StoreBuilder::new().map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
|
||||
for cert in certs {
|
||||
try!(store
|
||||
.add_cert(cert)
|
||||
.map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
}
|
||||
|
||||
try!(openssl_ctx_builder
|
||||
.set_verify_cert_store(store.build())
|
||||
.map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
}
|
||||
|
||||
// if there was a pkcs12 associated, we'll add it to the identity
|
||||
if let Some(pkcs12) = pkcs12 {
|
||||
try!(tls.identity(pkcs12)
|
||||
.map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
}
|
||||
tls.build()
|
||||
.map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
})
|
||||
}
|
||||
|
||||
#[cfg(target_os = "macos")]
|
||||
fn tls_new(certs: Vec<SecCertificate>, pkcs12: Option<Pkcs12>) -> io::Result<TlsConnector> {
|
||||
let mut builder = try!(TlsConnector::builder().map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
try!(builder
|
||||
.supported_protocols(&[Tlsv12])
|
||||
.map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
builder.anchor_certificates(&certs);
|
||||
|
||||
if let Some(pkcs12) = pkcs12 {
|
||||
try!(builder
|
||||
.identity(pkcs12)
|
||||
.map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
}));
|
||||
}
|
||||
builder
|
||||
.build()
|
||||
.map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
})
|
||||
}
|
||||
|
||||
/// Initializes a TlsStream with an existing tokio_tls::TlsStream.
|
||||
///
|
||||
/// This is intended for use with a TlsListener and Incoming connections
|
||||
pub fn tls_from_stream(stream: TokioTlsStream<TokioTcpStream>,
|
||||
peer_addr: SocketAddr)
|
||||
-> (TlsStream, BufStreamHandle) {
|
||||
let (message_sender, outbound_messages) = unbounded();
|
||||
|
||||
let stream = TcpStream::from_stream_with_receiver(stream, peer_addr, outbound_messages);
|
||||
|
||||
(stream, message_sender)
|
||||
}
|
||||
//}
|
||||
|
||||
pub struct TlsStreamBuilder {
|
||||
#[cfg(target_os = "macos")]
|
||||
ca_chain: Vec<SecCertificate>,
|
||||
@ -190,16 +203,17 @@ impl TlsStreamBuilder {
|
||||
loop_handle: Handle)
|
||||
-> (Box<Future<Item = TlsStream, Error = io::Error>>, BufStreamHandle) {
|
||||
let (message_sender, outbound_messages) = unbounded();
|
||||
let tls_connector = match TlsStream::new(self.ca_chain, self.identity) {
|
||||
Ok(c) => c,
|
||||
Err(e) => {
|
||||
let tls_connector =
|
||||
match ::tls_stream::tls_new(self.ca_chain, self.identity) {
|
||||
Ok(c) => c,
|
||||
Err(e) => {
|
||||
return (Box::new(future::err(e).into_future().map_err(|e| {
|
||||
io::Error::new(io::ErrorKind::ConnectionRefused,
|
||||
format!("tls error: {}", e))
|
||||
})),
|
||||
message_sender)
|
||||
}
|
||||
};
|
||||
};
|
||||
|
||||
let tcp = TokioTcpStream::connect(&name_server, &loop_handle);
|
||||
|
||||
@ -207,7 +221,8 @@ impl TlsStreamBuilder {
|
||||
// sending and receiving tcp packets.
|
||||
let stream: Box<Future<Item = TlsStream, Error = io::Error>> =
|
||||
Box::new(tcp.and_then(move |tcp_stream| {
|
||||
tls_connector.connect_async(&subject_name, tcp_stream)
|
||||
tls_connector
|
||||
.connect_async(&subject_name, tcp_stream)
|
||||
.map(move |s| {
|
||||
TcpStream::from_stream_with_receiver(s,
|
||||
name_server,
|
@ -3,6 +3,6 @@
|
||||
trust_dns_dir=$(dirname $0)/..
|
||||
|
||||
pushd ${trust_dns_dir}
|
||||
docker run -a STDERR -a STDOUT --rm -v ${PWD}/../:/src bfry/rust:stable bash -c "cd trust-dns && scripts/run_tests.sh \"\$@\"" | tee target/linux_output.txt
|
||||
docker run -a STDERR -a STDOUT --rm -v ${PWD}/../:/src bfry/rust:stable bash -c "cd trust-dns && scripts/run_tests.sh $@" | tee target/linux_output.txt
|
||||
|
||||
popd
|
||||
|
84
scripts/gen_certs.sh
Executable file
84
scripts/gen_certs.sh
Executable file
@ -0,0 +1,84 @@
|
||||
# !/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
OPENSSL=/usr/local/opt/openssl/bin/openssl
|
||||
|
||||
trust_dns_dir=$(dirname $0)/..
|
||||
|
||||
pushd $trust_dns_dir/tests
|
||||
|
||||
for i in ca.key ca.pem cert.key cert.csr cert.pem cert.p12 ; do
|
||||
[ -f $i ] && echo "$i exists" && exit 1;
|
||||
done
|
||||
|
||||
echo
|
||||
|
||||
cat <<-EOF > /tmp/ca.conf
|
||||
[req]
|
||||
prompt = no
|
||||
req_extensions = req_ext
|
||||
distinguished_name = dn
|
||||
|
||||
[dn]
|
||||
|
||||
C = US
|
||||
ST = California
|
||||
L = San Francisco
|
||||
O = TRust-DNS
|
||||
CN = root.example.com
|
||||
|
||||
[req_ext]
|
||||
#basicConstraints = CA:TRUE
|
||||
subjectAltName = @alt_names
|
||||
|
||||
[alt_names]
|
||||
DNS.1 = root.example.com
|
||||
EOF
|
||||
|
||||
# CA
|
||||
echo "----> Generating CA <----"
|
||||
${OPENSSL:?} genrsa -out ca.key 4096
|
||||
${OPENSSL:?} req -x509 -new -nodes -key ca.key -days 365 -out ca.pem \
|
||||
-verify \
|
||||
-config /tmp/ca.conf
|
||||
|
||||
|
||||
cat <<-EOF > /tmp/cert.conf
|
||||
[req]
|
||||
prompt = no
|
||||
req_extensions = req_ext
|
||||
distinguished_name = dn
|
||||
|
||||
[dn]
|
||||
|
||||
C = US
|
||||
ST = California
|
||||
L = San Francisco
|
||||
O = TRust-DNS
|
||||
CN = ns.example.com
|
||||
|
||||
[req_ext]
|
||||
|
||||
basicConstraints = CA:FALSE
|
||||
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||
subjectAltName = @alt_names
|
||||
|
||||
[alt_names]
|
||||
DNS.1 = ns.example.com
|
||||
EOF
|
||||
|
||||
# Cert
|
||||
echo "----> Generating CERT <----"
|
||||
${OPENSSL:?} genrsa -out cert.key 4096
|
||||
${OPENSSL:?} req -new -nodes -key cert.key -out cert.csr \
|
||||
-verify \
|
||||
-config /tmp/cert.conf
|
||||
|
||||
echo "----> Signing Cert <----"
|
||||
${OPENSSL:?} x509 -req -days 365 -in cert.csr -CA ca.pem -CAkey ca.key -set_serial 0x8771f7bdee982fa6 -out cert.pem -extfile /tmp/cert.conf -extensions req_ext
|
||||
|
||||
echo "----> Createing PCKS12 <----"
|
||||
${OPENSSL:?} pkcs12 -export -inkey cert.key -in cert.pem -out cert.p12 -passout pass:mypass -name ns.example.com -chain -CAfile ca.pem
|
||||
|
||||
popd
|
@ -11,8 +11,8 @@ for i in ${MODULES:?}; do
|
||||
pushd $i
|
||||
opts=${OPTIONS}
|
||||
if [ $i == "client" ] ; then opts="${OPTIONS} ${CLIENT_OPTIONS}" ; fi
|
||||
|
||||
echo "executing cargo on $i"
|
||||
cargo test ${opts}
|
||||
|
||||
echo "executing $i: cargo test ${opts} $@"
|
||||
cargo test ${opts} $@
|
||||
popd
|
||||
done
|
||||
|
@ -42,7 +42,8 @@ build = "build.rs"
|
||||
travis-ci = { repository = "bluejekyll/trust-dns" }
|
||||
|
||||
[features]
|
||||
default = ["trust-dns/tls"]
|
||||
default = ["tls"]
|
||||
tls = ["trust-dns/tls"]
|
||||
ring = ["trust-dns/ring"]
|
||||
|
||||
# WARNING: there is a bug in the mutual tls auth code at the moment see issue #100
|
||||
|
51
tests/ca.key
Normal file
51
tests/ca.key
Normal file
@ -0,0 +1,51 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIJKAIBAAKCAgEAsE54PORQNrd1XUo5mE3/hZUxGFpsce77R1NS98iQo/OUAMHU
|
||||
MYu54Rhei6VzeRCyvElvpWiwq5blVHModTX98nzIB+YqHUje+j3LnmMRY/ObYO+3
|
||||
qxdYIX77GvHquRYDB1p9d/a+jrp9Z7OaaKBVaqloLFNHl6ZeqGlmS5/hHloHp330
|
||||
TjQlCIQyzdHy0ct9Fa+EZXtcEZ0W3RtqpKHNoGdI/FXhu4cUaNHdmdvEiegdjsxz
|
||||
frHFACtGFyIbwponDITEooK32HZ9vAr5689ebSMI6ZHTmMT+lkJxdL5y7tzFGAiP
|
||||
jqQgegadjWYuaHI178Yn8Hy6SvJiL4S09TecNyL+hOjvt+OGuwWMscKZCcYu3yn4
|
||||
ypytaeLtQnTdt39EBPK5Q//O24jm72AEI/jmuqBE1tLoxpe/mBePExT7HuggGxWV
|
||||
9uS9S+vPCjWYZ/rPcu3ly2CtSAZ9Swe+D1p30ras4V0TF0b/Ox5flYVd8KHpHG3M
|
||||
YCb6QEx3bkpXYq9V6SftPcDT0DLvEioaSi7mWnHIhazZGFMTTKiE2Ia5QPGikFi0
|
||||
y/pzsqE3JsVlYTSbnz5LTsdSw8OnaADzKT/X9iRpzIB7CUsYTFhzRbdW/cRXPoBq
|
||||
xVOQMlbUFvDLDN8xJbfYnJPUR94dbZcVgRFrwVCTJgpF/cOGmf/v+cSJmk0CAwEA
|
||||
AQKCAgBfgyNAWa/a9KhwUbXB/P9gruJZ/yKg1obqrQlVkyJIr7yObHM4JCoe98TA
|
||||
gnF8NL+foWkKgxyy2JyEk55nYUiiBVeYb+iA1Ol3R+L3e1QAggi7CyLFXXAxNUlz
|
||||
33r5qiMZ6LvwMYwqZn1poLMV20Zq8jutR7CRR2AgfHkenw6mEr/yzRl9BGLLqlKb
|
||||
jhGt9j9dcCiZkarfH+sy/ZdYeQ+cxleT3DLeFN/JqWgT4isnSsg4hCpNiKDg5pCi
|
||||
F6hSVJCzB3o/T/GpIwgaxxd92GmfVkuNvaKUMKR7YqN0S3iYTqG302tyKxgtA0h3
|
||||
QdQCYV02+HLKpceGsqjedVZTQj0t+1hul67vYnWIJi4Io8GkRJPaPZa8ewiCIOjC
|
||||
jABUWxXKeg0HbTQneAqNQW448kD8Jm31yM1rhei9NDtVlWE0Td/lRcqFS5Ukh0IR
|
||||
ljFFsr9eBYn0tx7gDlbwMcMSFU5so/Qb+2Qsz8xX3gPX4IBlsYoNro4fTEfdPEY6
|
||||
QRgNvLpwVzO6ooWNSW1uzPf4VaoKb/NSj38nXT1Q5jp1ct7F4OTcx0Tt8fIiSB7R
|
||||
UnK682fT5/ezQqyAR04vcxMWDcOhA20rTVh2cQfYUjCd0ALhcjD7ot33Rd9HOVrB
|
||||
bVQvpBSszv/Lx8iioEi024Mp4o+QzhBdr5+yu88SI5GBU+9WAQKCAQEA2Ua5CmQM
|
||||
Rtzn1vlzW96t0l/QBttA5E4CiE7oS9H7rAswGkdJtLN+nATy+Cr0fSDbra+ivUl9
|
||||
m0x7c3iCCkZNHwigejh215HcAykEdSOsDv1Z/mmegvkfekFhd9/ZXO9h2G7mE8Us
|
||||
WkWG2Gj05n5OZpSs2YRd5sqMMu6fz44zaT8tY6bkK/GRJaFaLCyU7VZSszsekpVG
|
||||
sfMh8s2YGkTCOxh8aK+1QkS9hProEtbzLZQpLWXdOKT8NA5FyjUOSWhGH9H7tzyW
|
||||
5/eNUIxqPJgC+1iCqcYa9KCE61tbKJaUZ67xy9F7eGsvyiE4HefS8KPeoWb9BiTZ
|
||||
aSbWfbfnbMJb5QKCAQEAz7p+V3fkP0u5Xt6WTFmfoM0bPYcGw/0hmq8rv5RTc2Tc
|
||||
k4RPedzM2+jBIsam4pvjgkHvge3RrB+QQsWfkqznmLj4bn0lcbHW16RX8vdcBaBe
|
||||
WelaqLlp3aIF4S2r1dfMru+lzYOeo2azKQmBUyIKZPqvi8Y8b6qARR5GhjDK/DHd
|
||||
rD/CwGA6j1xPn/iDqkyKJxddKSKLKn6M+il/FlxR8/Pi7zMytEKnn/oSRZ7UqPwa
|
||||
PDDQFW31y7cyIBzBi/9xqzJNMQwej+ccSmd96X5dCp8cJHJoWmPCAiCD4tB4D6Wd
|
||||
Oc9URoarG2cAfUYZYNtbuL1Sqe5dB9+a/uegFw1uSQKCAQBEut1vzwQfKmPgGdqG
|
||||
9iKwCITqllKppY+hhKxwx4TAAG3/8gr7sUfcnKgrHpNmPY2gHI3zKJsmFAR9G2Kv
|
||||
U1uz9GunHdNiD460JTZ2w4j62OOt2cU9kwaFCseFPvcoMcUWzMXU/SsxhwrHzDOj
|
||||
8dJlGqSuzfNSPUIqHlfJNSdIJKb7/d/xkqGicK7wiE234fWZIptiLPxG8C0N/EEg
|
||||
Fh4GyZEZIHPK+amltiTRSNN12IdKCA35jB8HbHhhJXVWfTipeigQ54ao7CL0luZI
|
||||
MqHG1lHG2JbQSTKirKxiY3egcLOmEKbpCab9XpK8ywdr/bo//i8N0XxAifuRmyoG
|
||||
uliNAoIBAAIWuvyALSBhz4xfqp077Xn9df+pYu0Hl5XpmwQDJs+rPPiSxQXRrZGs
|
||||
hnymCLmQnboKlbD1xjz32EiDmjYsXOvROFZMFdtN0X47ndLIn/lCgpBe41V8/86F
|
||||
uY9pGSg+UkWUDVPCtg6okraf7Nf8KKSZTLiYFrV8vmtzgXwJ85CTo8n+niO3E/+r
|
||||
CvXt1s0Yle8Mshgey81yllJRpoCADybn1elX13Ouk+bs6dAfZ74HQvBGAWGlyGny
|
||||
/qMKBvw0Zl01VUdf+tKxnTw2TDLT3XWk4fCP4fK+vA2vbAQU2pA1tx4EsrE+22uc
|
||||
Hooj8U9jBUoXRUSGLBNPMUzM4XQ541kCggEBAKACuol+17l4hLA77FBVUioXO7tM
|
||||
aeb7fZw3xTVq/CkIpVa8Q8ZMey6WmdvuoYw0juOJGS+S5wr2dFR7lDpAoodWKp0q
|
||||
C+2RFfd4D44HbqQDOzTjf74CLGDuHFaAAKMbvDXCL6FmVrDP+t1UgnFlC5zCvUVX
|
||||
iN7zfZFgGZZeslXacRGPDX+jtjnrdIHHqbWFEmvg7n+Umvy1Vy+IkJrsTayohF6c
|
||||
SRcRQ/a3fN2toS8ZwnzBBx74HYDKl3HPnCTWK+fZYCr9TQpP7u01bRjRXU5cS4Xo
|
||||
YGq/d3Yct9PnNZvczpoEJYCcWz16KfpGB6SKXFJ9Wpe9RheIG14P49iM+Ik=
|
||||
-----END RSA PRIVATE KEY-----
|
31
tests/ca.pem
Normal file
31
tests/ca.pem
Normal file
@ -0,0 +1,31 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFTjCCAzYCCQCvf4GmlxfptDANBgkqhkiG9w0BAQsFADBpMQswCQYDVQQGEwJV
|
||||
UzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzES
|
||||
MBAGA1UECgwJVFJ1c3QtRE5TMRkwFwYDVQQDDBByb290LmV4YW1wbGUuY29tMB4X
|
||||
DTE3MDQwNjA3MDUwMFoXDTE4MDQwNjA3MDUwMFowaTELMAkGA1UEBhMCVVMxEzAR
|
||||
BgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xEjAQBgNV
|
||||
BAoMCVRSdXN0LUROUzEZMBcGA1UEAwwQcm9vdC5leGFtcGxlLmNvbTCCAiIwDQYJ
|
||||
KoZIhvcNAQEBBQADggIPADCCAgoCggIBALBOeDzkUDa3dV1KOZhN/4WVMRhabHHu
|
||||
+0dTUvfIkKPzlADB1DGLueEYXoulc3kQsrxJb6VosKuW5VRzKHU1/fJ8yAfmKh1I
|
||||
3vo9y55jEWPzm2Dvt6sXWCF++xrx6rkWAwdafXf2vo66fWezmmigVWqpaCxTR5em
|
||||
XqhpZkuf4R5aB6d99E40JQiEMs3R8tHLfRWvhGV7XBGdFt0baqShzaBnSPxV4buH
|
||||
FGjR3ZnbxInoHY7Mc36xxQArRhciG8KaJwyExKKCt9h2fbwK+evPXm0jCOmR05jE
|
||||
/pZCcXS+cu7cxRgIj46kIHoGnY1mLmhyNe/GJ/B8ukryYi+EtPU3nDci/oTo77fj
|
||||
hrsFjLHCmQnGLt8p+MqcrWni7UJ03bd/RATyuUP/ztuI5u9gBCP45rqgRNbS6MaX
|
||||
v5gXjxMU+x7oIBsVlfbkvUvrzwo1mGf6z3Lt5ctgrUgGfUsHvg9ad9K2rOFdExdG
|
||||
/zseX5WFXfCh6RxtzGAm+kBMd25KV2KvVekn7T3A09Ay7xIqGkou5lpxyIWs2RhT
|
||||
E0yohNiGuUDxopBYtMv6c7KhNybFZWE0m58+S07HUsPDp2gA8yk/1/YkacyAewlL
|
||||
GExYc0W3Vv3EVz6AasVTkDJW1BbwywzfMSW32JyT1EfeHW2XFYERa8FQkyYKRf3D
|
||||
hpn/7/nEiZpNAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAIcAwR2KEyRCe1D4mb9I
|
||||
svuBKU5H6h9Tu2OyVfp/WrPVv7ooAAdjC1czzniwCdg04LbmvySWzijPCi7dNFLp
|
||||
huJIyvPdjPVRPXU7MqJR2djEgp7ppV4lIr8i3uPDhLLEZXbQmLWTacoZC+pFbUNq
|
||||
r6NBIA9I6uC67ibhY2fK3IURrBuaM6SWtrxPlDDUs2UODWnW8laI1hA+S4+DSUAv
|
||||
By7e5yJWBkf4xDAqiXaVIkj0GRPDOluNwNntkG9nUw6Lbb4ueioVCEu6+sIwctTc
|
||||
uZxsmPbq7EJrGNB5euPpPKF14QDjh9uK8m0dxHqEF7pIek8Szgna97+p6xrOE2Ty
|
||||
Xhmz7afHZmQ9bsrwReMCc7obuQgYcJimQfgXpFvYNRHfJX6OUhfocBFmxJNMSkM3
|
||||
XY2Hpf8ej5MftIpnmG7/5l+LmDgedi/iXfG3Zlo1Myq3PAInASkhzXJufL6zAcxm
|
||||
e8JL0Ogp0duPq1jn33vPsTN990z3ZU0AfC6qDSfyRfy2CQqZqkckgNYNVuIr8QMT
|
||||
PBa35hihM3EiRhf9l6m8uGib6sqIlCPWYf+rmcVmQaUTjxzwl3MPYSKcY2hPoIV7
|
||||
tJQITLS/Gzeef+cVHdpKxQQ10q2ud/wJWp+qSgzZSjnkoZkLk00GHUZleLnhRVdb
|
||||
WBZ38W160BdgsHNX4f9lDRFz
|
||||
-----END CERTIFICATE-----
|
29
tests/cert.csr
Normal file
29
tests/cert.csr
Normal file
@ -0,0 +1,29 @@
|
||||
-----BEGIN CERTIFICATE REQUEST-----
|
||||
MIIE8DCCAtgCAQAwZzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWEx
|
||||
FjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xEjAQBgNVBAoMCVRSdXN0LUROUzEXMBUG
|
||||
A1UEAwwObnMuZXhhbXBsZS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
|
||||
AoICAQC0zVIHrIiGj5sxLogT/T44Jv26Z67YT37QQnJU8Rn4zIBAuktqRah0Mbdm
|
||||
ZxVSsd/OXJrif8BjkDrozMz0o/RmM6XgncJc7Ek2wjrQJJU1nA0j6j3TDtqxcWtu
|
||||
J6wrIMS47gDtaY38yIFmfupykKTIFlUJO9xF7c2X6sMUpUauAfA63ymrTL0CeJkJ
|
||||
SyutboYQ6gWnhtIPWOSAA+8pW7/7hgSe4dfLVMB3mvj2KRBPngA1mYwMQzJ9SjMx
|
||||
tuQ37162GyEZput3mzjp1bzyz3psKsgF8V+bBGxfmGenRVYJmVjqaqYnLx7kY3V7
|
||||
fnmQf1kAtyaC2nInnTr3D8IAto9NThND19JEb/nQ8zz6OUA0DbdOYbvnrCkdNSwP
|
||||
T4OzwXmC21tiGtsH+6RMHCj1K/COPfej4XmYfkajo9mcRqRiU7yPCaAC9jOTIsBj
|
||||
6lqVx5f+YgS+6O13Xpj2ZVXUicWoZ5KjJueUmcX0uS0y3kWRl8NPIAwuyIa8Ni2B
|
||||
x9iOyYDheIC3XruC7sXWgBi9WofEvwhYDvErVXRAaU7NtyCZN/usStQZinkZ/jeX
|
||||
zm4rVASFs2/m7MnV8MmR3BHeDYcT1Rqv0AQNuvXhvdD1ps9eiXTC27qE6ZZz2IrA
|
||||
7mhamM/fc6DNb1w4DVBLM2JVA0ztneGeyzFoJZH03Nlvu+/0KQIDAQABoEQwQgYJ
|
||||
KoZIhvcNAQkOMTUwMzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAZBgNVHREEEjAQ
|
||||
gg5ucy5leGFtcGxlLmNvbTANBgkqhkiG9w0BAQsFAAOCAgEApmN9F5dp62RxKJRH
|
||||
VcoXbHLY8zthGGf59Bb1a4LEZ1zcUflj5qWhwxM7ejplfmvwqGFlaTZJCEhVG7U1
|
||||
t76kWFKVyMVxEBBhhQNhxmPEwINwMsjokC6j+8L2mGGn9ehkdZ3Gl6Q/Wa9SWTJJ
|
||||
nbD82VRqe8sEH6xQ4xCEHx9BUqNhL7OlehYCzVVQJNmT6Yje4UoSefO6FMK3iGnT
|
||||
qeTCL4b8C8ENhkeRPS4vC6sPIDOZtnr5HARd01P4mov1bdxgewsq1kX2tUjVPccL
|
||||
929xCFDcnFxUiXlgsuUul0l0qtKNsvLlBH99kgqxrHsLg3ci1FbWtl+ySo99lxyC
|
||||
UPrkE1eGbZEElaG1BVq5mPO/QNDtVjImTagrCdLuxaQWev3ZK4PmxdbZrFyKN4y4
|
||||
IOenALSvFEKuen3scqZrDnecdk2IQq3ZlcGDG2ECWQpHAOt8ct3Mb9/GsrrGm/U/
|
||||
+IG+TvDG+w0aTxlFPAhOwPY9Xil8OTHsUlGMznrDrS9b1mZP4EHRmeaAMHFucTYe
|
||||
CBp8/muJtPbB97w8co07SrRPFJx64onZ/u1vQadcZmcHwHvozQx2mZ9ygnReHkwy
|
||||
Mo5Cgc5dx3SP6VLQ4fKeWmlddAGd5t0JlYUipTaz/IiD9MME0dskVoAERHfsk8Qb
|
||||
rdHVdQw0bbMGpltYfXxprVbPl/0=
|
||||
-----END CERTIFICATE REQUEST-----
|
51
tests/cert.key
Normal file
51
tests/cert.key
Normal file
@ -0,0 +1,51 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIJKAIBAAKCAgEAtM1SB6yIho+bMS6IE/0+OCb9umeu2E9+0EJyVPEZ+MyAQLpL
|
||||
akWodDG3ZmcVUrHfzlya4n/AY5A66MzM9KP0ZjOl4J3CXOxJNsI60CSVNZwNI+o9
|
||||
0w7asXFrbiesKyDEuO4A7WmN/MiBZn7qcpCkyBZVCTvcRe3Nl+rDFKVGrgHwOt8p
|
||||
q0y9AniZCUsrrW6GEOoFp4bSD1jkgAPvKVu/+4YEnuHXy1TAd5r49ikQT54ANZmM
|
||||
DEMyfUozMbbkN+9ethshGabrd5s46dW88s96bCrIBfFfmwRsX5hnp0VWCZlY6mqm
|
||||
Jy8e5GN1e355kH9ZALcmgtpyJ5069w/CALaPTU4TQ9fSRG/50PM8+jlANA23TmG7
|
||||
56wpHTUsD0+Ds8F5gttbYhrbB/ukTBwo9Svwjj33o+F5mH5Go6PZnEakYlO8jwmg
|
||||
AvYzkyLAY+palceX/mIEvujtd16Y9mVV1InFqGeSoybnlJnF9LktMt5FkZfDTyAM
|
||||
LsiGvDYtgcfYjsmA4XiAt167gu7F1oAYvVqHxL8IWA7xK1V0QGlOzbcgmTf7rErU
|
||||
GYp5Gf43l85uK1QEhbNv5uzJ1fDJkdwR3g2HE9Uar9AEDbr14b3Q9abPXol0wtu6
|
||||
hOmWc9iKwO5oWpjP33OgzW9cOA1QSzNiVQNM7Z3hnssxaCWR9NzZb7vv9CkCAwEA
|
||||
AQKCAgEAorcp/RgMorV5YPDUrNC7/0MwFGOdmrUolvtF9CYsTpqVTiubFaBtM21O
|
||||
9g0NxqeomQsEpZV9qt0x9zPhvMYVfSk8PwMb2g8Y8PwqfAqAcofn14vHajwzG4DM
|
||||
w41WyFWsVhZ0pTXbAEXfF0RfcQ22DxDyJOZHnnOfFPrF6L25935tGj6fPLhKXn/0
|
||||
ksWhIGuYon5K6nNOd1t0AbYItnsJM69wVyE/2ZGDyeCh8MASGuVCoPp4bMzJErMF
|
||||
kddcWu7FmTSfPHvZ7IG43dFrREbvkYuLCrYpadS4R+xcVND01py4xfeHYzpoHflY
|
||||
0PSJKT9C9X7fXOKF3BsH5zO6UHP8UH0YU2GC1lc6+bcl/ySgxc5DbzqJOKZ+E/le
|
||||
npywIeI82EPBJ8JWQ4otXOI0vjgW9xa5HysWsNf+wpUtTi1nNvUaniRDCm9BPWes
|
||||
JIaojEvixYRYmLnvphQC03VEDiOoMJzsaFIm/4zUjErvzwyDYmgEsYpC1EA0CqLK
|
||||
+JYkMmr3KqjCY6+V8P2pUs3/ZzF0og5SobfuK4n2ae1jfhU3k1YTSDPmD6x1Hm+h
|
||||
W0bC0HHw4II46mxY/LoTv06skDwBS/L0fE4TC8acprfKFTRmuy5QaPnWkU2FYU+O
|
||||
uq1NsFChCx05Ltcik62RsLcJslc7qGmg87VNZPIrNA3bbqHnKqUCggEBAOcaYYMl
|
||||
9Lg9lOJPeLQRFtJ+c7JbPFWb2FVJs3ycuLDnnCH6UQ35TVWxq1K2x+6LfoInxOPS
|
||||
BkyURGtPzE1sX4R+HclhcQCQ/wsgyO3YqxgQsGrVGy6POPpQxAPov+CTmR/MN3aT
|
||||
FNmtYV0slUjm4SqUXKCVS3vtNzkReFZB7uO4fe+aSrkwiLWALnp3HBfwVNTaAGmR
|
||||
5chSIq3609SHfvRIerK5j7b/a6PDdG+Oxqh4WUqZ9Y/N2EvSzxL6EJxti9ePL5SE
|
||||
RuKDouSEb3bcuuo+qsSkpmnlhnk5bl5Mu/fnaYKxXJBUlmm9hC0LIlXqU1nrEtdx
|
||||
K61RkakPRpwpHkcCggEBAMhHroDDAOi8oCD0JTyYi2PZ8gGNVdjLeS20ZOXy75z6
|
||||
Y7CVb3bokfAZaLuVnlDvMpjQiR2Qz3bcybmzKn9tDrsvPKnWHsXwpoAOE2/npZOD
|
||||
8pvVZxloZ4x3Ns/LoB5c2a9SzgxOQkPptkV0JL7xyzACdvDDnE7MipapLzaU83z/
|
||||
xPR2lFx6gND5yNIj+Z4soZYWZpDWmqTWFyuB+BXMdb1Pd8pUU/xZfkaplOj8zGXI
|
||||
gLiSLZFHoVrGrBDuYfVe2yEakUHeiV2QW43fZfmomk2Mfy6MEw93tW8MClNpERQj
|
||||
ps7vkiJvIgf4FuFZoH5aUX9suaEUSV8Jn7ulVbCQYg8CggEAJJ/HqFMRj0kjGSJj
|
||||
DJZQuZcUmsVesGp8RDfj2/GyS0bJNZFH2yERIm1/qyIQWTt+Fv5ac4hLO0Ob/C2v
|
||||
QO3VzVd3PPzWPbK82HSfoyHdK3kpnCSdpClKbFD0X3I5Rkvdzm48s+vnOAAEGBIC
|
||||
roT4Vhkg/MnsJn2XbNHZ8kGMrEYGnzwib2rDn4/qzbmmmBycNQc/XXujoLVzjYLc
|
||||
oye99NSvrTc/EU81LcTB5RQJY5V/ARWZFusWRh3odyduDnxF1yl37t9vpGIcJH7g
|
||||
c0PT01+PDI7TWKDpSLjTRtp+R3FDBVU6SB0/oQ5JriG/lUIHZ46bc80ZkOQGY3Zq
|
||||
SEEz7QKCAQANROKE2WaYBNc/F63X4+toRCpKfAiyAlkW9BqzOXMynUw5iM0HvcTd
|
||||
eXF87B6/EfnyMe7DrLJyF5Kt4Pbx1lHhiPGl9u+3AYimd0hGY7yOl3FdbbgU8Nvb
|
||||
bJKPFdiX6mLpwLyyCAVP5o4S7+z3UaG6no8uyGb0uYx9Ctx760Zug6uS3sBZmCws
|
||||
rD/n3EZPenmCLh3BftZkEWMbmNLM7uzmC/vNxeSClZNOLzIUdZs9KxmMIPMv6uT/
|
||||
1KXVwVVwIka2XMI+8PV843GNZr2k2szOUn6ioNkqby3wG4YbnJxrDymgEDNIYMCK
|
||||
cp9hcsS1WlqH7LYnu+ZYi5Svo/aXahl1AoIBAHn+m+hiuwvDnSWGW6ynBNcc/mPj
|
||||
rq/+KJEm7CTVkSmWZvxgV2knw2/3hMQspX/adJVgGnjpK556QhufxJ7M8g+DtMJg
|
||||
6h/wY+yxmdDezSRFBEnt20VzuK4EF1R7Cavst3wkimg9iHjJd90ZkZVBrZOFPbKP
|
||||
3dZWC9FPdbc+soqPaoaVI5AJde0zZFbRuk8HTbefWH9SQNhXqCfPibY63eSlEFWm
|
||||
K8qYhB7bNNQZV+J+yTWVhRVjRdDaQvqgdik05Kd/DILjbPy+cul/mTtgFBlFjScE
|
||||
unHE6zIn23GeBP3d9NmwQgPKm+it9lfXiLqTxJL+xFaUsEuryXkTJcsLHVA=
|
||||
-----END RSA PRIVATE KEY-----
|
BIN
tests/cert.p12
Normal file
BIN
tests/cert.p12
Normal file
Binary file not shown.
32
tests/cert.pem
Normal file
32
tests/cert.pem
Normal file
@ -0,0 +1,32 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFiDCCA3CgAwIBAgIJAIdx973umC+mMA0GCSqGSIb3DQEBCwUAMGkxCzAJBgNV
|
||||
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNp
|
||||
c2NvMRIwEAYDVQQKDAlUUnVzdC1ETlMxGTAXBgNVBAMMEHJvb3QuZXhhbXBsZS5j
|
||||
b20wHhcNMTcwNDA2MDcwNTAwWhcNMTgwNDA2MDcwNTAwWjBnMQswCQYDVQQGEwJV
|
||||
UzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzES
|
||||
MBAGA1UECgwJVFJ1c3QtRE5TMRcwFQYDVQQDDA5ucy5leGFtcGxlLmNvbTCCAiIw
|
||||
DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALTNUgesiIaPmzEuiBP9Pjgm/bpn
|
||||
rthPftBCclTxGfjMgEC6S2pFqHQxt2ZnFVKx385cmuJ/wGOQOujMzPSj9GYzpeCd
|
||||
wlzsSTbCOtAklTWcDSPqPdMO2rFxa24nrCsgxLjuAO1pjfzIgWZ+6nKQpMgWVQk7
|
||||
3EXtzZfqwxSlRq4B8DrfKatMvQJ4mQlLK61uhhDqBaeG0g9Y5IAD7ylbv/uGBJ7h
|
||||
18tUwHea+PYpEE+eADWZjAxDMn1KMzG25DfvXrYbIRmm63ebOOnVvPLPemwqyAXx
|
||||
X5sEbF+YZ6dFVgmZWOpqpicvHuRjdXt+eZB/WQC3JoLaciedOvcPwgC2j01OE0PX
|
||||
0kRv+dDzPPo5QDQNt05hu+esKR01LA9Pg7PBeYLbW2Ia2wf7pEwcKPUr8I4996Ph
|
||||
eZh+RqOj2ZxGpGJTvI8JoAL2M5MiwGPqWpXHl/5iBL7o7XdemPZlVdSJxahnkqMm
|
||||
55SZxfS5LTLeRZGXw08gDC7Ihrw2LYHH2I7JgOF4gLdeu4LuxdaAGL1ah8S/CFgO
|
||||
8StVdEBpTs23IJk3+6xK1BmKeRn+N5fObitUBIWzb+bsydXwyZHcEd4NhxPVGq/Q
|
||||
BA269eG90PWmz16JdMLbuoTplnPYisDuaFqYz99zoM1vXDgNUEszYlUDTO2d4Z7L
|
||||
MWglkfTc2W+77/QpAgMBAAGjNTAzMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMBkG
|
||||
A1UdEQQSMBCCDm5zLmV4YW1wbGUuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQBMTEnd
|
||||
Q1tsD7gsAzDkFdL8ALZ1Dt4acDgcm3lpaWYUPIMeGPHYpYwjBt9WsT9KX45vW16b
|
||||
qv7DG4i1cRPaJF9HZuycA3axw12MzeNcqNe1bs5NgtJ2mXC+WibCCz8CrfYrKzlx
|
||||
YOqCbco5PbnCmtcsosawtQo251X+kwuTueFVXLurvmD0FZsmCzTxiM9e0XgYZ5J5
|
||||
jFvWV2z3M12fq2Zw6RIrWKijQOumQDBTYaOzONtmUtesBPgT9LK44muy+aXQErkz
|
||||
7tdkqqUCXywh1trIt4M+WJGZNhZfSMqyF+KivY0jQr6jfAkwgl8ZoriCdzIqeLZY
|
||||
PntpD88Zf5PfSpPJulTGe+GkLphBHS/g3vfmwc5tJHYd/f2X4AMXf/1Ofiq2yci5
|
||||
ILJTKrCh1eJEae07UUP9HQFSzrIyiD801ujHInYdKhZxbsFCm49D5C+BPmKD/3iW
|
||||
4yb+kxNhuulI54kKQr/K0bSLyNqr9Ks9UZqUxLnvUiaeWUMwIVQUXrw4XQUlBX5q
|
||||
OtunQDRUTfQ+89kftrQb7comuSN/+NaY7KbCEsBrWqf9LhXUOwb5J9ZooYm0r2h6
|
||||
jzekPplgCdy2qCAo1YcFBqD3rAHdFr5330NRDGrdBqm6Ee/JKxtIlyd8A+v7QoRk
|
||||
prjSS8T1B6qwbHdC4rgBRf+4YLrnzBBk42w1AQ==
|
||||
-----END CERTIFICATE-----
|
Loading…
Reference in New Issue
Block a user