This is an automated email from the ASF dual-hosted git repository. mmartell pushed a commit to branch GEODE-8398-sni-support-dotnet in repository https://gitbox.apache.org/repos/asf/geode-native.git
commit 4aee95701138805c6c0e704ceb103263a3865b0b Author: Mike Martell <[email protected]> AuthorDate: Tue Aug 4 15:00:02 2020 -0700 Move sni-test-config directory to the project root --- sni-test-config/docker-compose.yml | 43 +++++++++++++ sni-test-config/geode-config/gemfire.properties | 19 ++++++ sni-test-config/geode-config/gfsecurity.properties | 27 ++++++++ .../geode-config/locator-maeve-keystore.jks | Bin 0 -> 2048 bytes .../geode-config/server-clementine-keystore.jks | Bin 0 -> 2059 bytes .../geode-config/server-dolores-keystore.jks | Bin 0 -> 2050 bytes sni-test-config/geode-config/truststore.jks | Bin 0 -> 8095 bytes sni-test-config/geode-config/truststore.p12 | Bin 0 -> 8983 bytes sni-test-config/geode-config/truststore_sni.pem | 68 +++++++++++++++++++++ sni-test-config/haproxy.cfg | 44 +++++++++++++ sni-test-config/scripts/forever | 20 ++++++ sni-test-config/scripts/geode-starter-2.gfsh | 23 +++++++ sni-test-config/scripts/geode-starter.gfsh | 22 +++++++ 13 files changed, 266 insertions(+) diff --git a/sni-test-config/docker-compose.yml b/sni-test-config/docker-compose.yml new file mode 100644 index 0000000..b0a6100 --- /dev/null +++ b/sni-test-config/docker-compose.yml @@ -0,0 +1,43 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +version: '3' +services: + geode: + container_name: 'geode' + image: 'apachegeode/geode' + expose: + - '10334' + - '40404' + entrypoint: 'sh' + command: ["-c", "while true; do sleep 600; done"] + networks: + geode-sni-test: + volumes: + - ./geode-config:/geode/config:ro + - ./scripts:/geode/scripts + haproxy: + container_name: 'haproxy' + image: 'haproxy:2.1' + ports: + - "15443" + networks: + geode-sni-test: + volumes: + - ./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:ro +networks: + geode-sni-test: + diff --git a/sni-test-config/geode-config/gemfire.properties b/sni-test-config/geode-config/gemfire.properties new file mode 100644 index 0000000..1f13fb0 --- /dev/null +++ b/sni-test-config/geode-config/gemfire.properties @@ -0,0 +1,19 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +statistic-sampling-enabled=true +statistic-archive-file=statArchive.gfs diff --git a/sni-test-config/geode-config/gfsecurity.properties b/sni-test-config/geode-config/gfsecurity.properties new file mode 100644 index 0000000..813d260 --- /dev/null +++ b/sni-test-config/geode-config/gfsecurity.properties @@ -0,0 +1,27 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +security-log-level=info +security-peer-verifymember-timeout=1000 +ssl-keystore-password=geode +ssl-truststore=/geode/config/truststore.jks +ssl-truststore-password=geode +ssl-require-authentication=false +ssl-web-require-authentication=false +ssl-enabled-components=all +ssl-endpoint-identification-enabled=false + diff --git a/sni-test-config/geode-config/locator-maeve-keystore.jks b/sni-test-config/geode-config/locator-maeve-keystore.jks new file mode 100644 index 0000000..a29cf0f Binary files /dev/null and b/sni-test-config/geode-config/locator-maeve-keystore.jks differ diff --git a/sni-test-config/geode-config/server-clementine-keystore.jks b/sni-test-config/geode-config/server-clementine-keystore.jks new file mode 100644 index 0000000..380de6c Binary files /dev/null and b/sni-test-config/geode-config/server-clementine-keystore.jks differ diff --git a/sni-test-config/geode-config/server-dolores-keystore.jks b/sni-test-config/geode-config/server-dolores-keystore.jks new file mode 100644 index 0000000..cb2c4c5 Binary files /dev/null and b/sni-test-config/geode-config/server-dolores-keystore.jks differ diff --git a/sni-test-config/geode-config/truststore.jks b/sni-test-config/geode-config/truststore.jks new file mode 100644 index 0000000..ffcdaf3 Binary files /dev/null and b/sni-test-config/geode-config/truststore.jks differ diff --git a/sni-test-config/geode-config/truststore.p12 b/sni-test-config/geode-config/truststore.p12 new file mode 100644 index 0000000..339d775 Binary files /dev/null and b/sni-test-config/geode-config/truststore.p12 differ diff --git a/sni-test-config/geode-config/truststore_sni.pem b/sni-test-config/geode-config/truststore_sni.pem new file mode 100644 index 0000000..b4e8cda --- /dev/null +++ b/sni-test-config/geode-config/truststore_sni.pem @@ -0,0 +1,68 @@ +-----BEGIN CERTIFICATE----- +MIICrDCCAZSgAwIBAgIEXozDxjANBgkqhkiG9w0BAQsFADAYMRYwFAYDVQQDDA1s +b2NhdG9yLW1hZXZlMB4XDTIwMDQwNzE4MTc0MloXDTI1MDQwNzE4MTc0MlowGDEW +MBQGA1UEAwwNbG9jYXRvci1tYWV2ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBAOJ3jM2Rb50L+1fXyhZbaOHMuVUVGJ5jQV9wH3ijjeCEckaF29LbEtG8 +swMaxSoi4Sp/A4dp/7VI9CFZJKOX3zooZcuHyR7GSta4wH3oO55w0AfyTGeG6KF2 +Ekzj8pDPHyn/141rFAUPmMDnCfbF69Uixfi2XPxEJZw2GDN/YIHndY+X1pJ4ZuXS +SmrORSEOSmrN9X7pqbL5D2cy15cmTK5449ZqLEfZS72Mv3gve1Ax2JMWCBEwLdob +xW5utgmEe1/WhlhPzFr5C92znF/5Eucil/Rr+yynp31X+/QYBemYwOxbeZotHBZJ +tMLMzaInydrZ04wgHRftNeN0TIZkPmcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEA +Jj1OSCWoILzWLBU1cAiQK8Gt0DVkqcpO4/vc3CoiU2T/em74cBzTwqmgrBvykWgq +f05jWQcod2yNg8trHrgx8F9CfyyvTXRIxttyfmbD7DAQk+qn9QBSbRJFfzo8VfNp +dGcT7KV9UDVyzltiTorqQJHUx3acUgtLYS2XUVlbGclhnNafRO44uobOsteAG01v +YqFa8ZaZM7qcZ88mbbKLXn6lo203JguM+TM0P7wHnzcww9sLmsP8W2cvsvefwCl4 +O7OYcjhcbEph+mIC3/zN8vF6d8xtLiMSGk6BNCHd003MBEhZHizyquGtAFLaEafX +V6sLm65i8uF2glnQfwS5JQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrDCCAZSgAwIBAgIEXozDxjANBgkqhkiG9w0BAQsFADAYMRYwFAYDVQQDDA1s +b2NhdG9yLW1hZXZlMB4XDTIwMDQwNzE4MTc0MloXDTI1MDQwNzE4MTc0MlowGDEW +MBQGA1UEAwwNbG9jYXRvci1tYWV2ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBAOJ3jM2Rb50L+1fXyhZbaOHMuVUVGJ5jQV9wH3ijjeCEckaF29LbEtG8 +swMaxSoi4Sp/A4dp/7VI9CFZJKOX3zooZcuHyR7GSta4wH3oO55w0AfyTGeG6KF2 +Ekzj8pDPHyn/141rFAUPmMDnCfbF69Uixfi2XPxEJZw2GDN/YIHndY+X1pJ4ZuXS +SmrORSEOSmrN9X7pqbL5D2cy15cmTK5449ZqLEfZS72Mv3gve1Ax2JMWCBEwLdob +xW5utgmEe1/WhlhPzFr5C92znF/5Eucil/Rr+yynp31X+/QYBemYwOxbeZotHBZJ +tMLMzaInydrZ04wgHRftNeN0TIZkPmcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEA +Jj1OSCWoILzWLBU1cAiQK8Gt0DVkqcpO4/vc3CoiU2T/em74cBzTwqmgrBvykWgq +f05jWQcod2yNg8trHrgx8F9CfyyvTXRIxttyfmbD7DAQk+qn9QBSbRJFfzo8VfNp +dGcT7KV9UDVyzltiTorqQJHUx3acUgtLYS2XUVlbGclhnNafRO44uobOsteAG01v +YqFa8ZaZM7qcZ88mbbKLXn6lo203JguM+TM0P7wHnzcww9sLmsP8W2cvsvefwCl4 +O7OYcjhcbEph+mIC3/zN8vF6d8xtLiMSGk6BNCHd003MBEhZHizyquGtAFLaEafX +V6sLm65i8uF2glnQfwS5JQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICtDCCAZygAwIBAgIEXozGnzANBgkqhkiG9w0BAQsFADAcMRowGAYDVQQDDBFz +ZXJ2ZXItY2xlbWVudGluZTAeFw0yMDA0MDcxODI5NTFaFw0yNTA0MDcxODI5NTFa +MBwxGjAYBgNVBAMMEXNlcnZlci1jbGVtZW50aW5lMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEA6IzshjujS5c58AH8nJHBhlqjfNpacoNxhxykeCVsExa9 +vi0l8ezi35pte06j7gpMWhDYHokrHaw6ymp9iTi7D91yIPGeMMNUli8DnzgAzpeY +V8SGgkrVBalkVe0GimAHXMrzeZF+8D2BEdvDAsIUbrZRACElPlLUoiO93xZZ8ad+ +fAfLVetH4lDJ54FT7ia+St6L0QxSrDLvrqmc/58ZunkQBnQcd4tMjCD1kX4l+5Q1 +eF+Rc/SbY+/8HfyCZcA98voC3dKF13U+0YAf/0ahin+8Ckm6BL/StUxFNftTtJ7l +iKf56Y3FbSQ84Q9Te8feb05XidkF74Gifa4Q7gOzjwIDAQABMA0GCSqGSIb3DQEB +CwUAA4IBAQDKvYcnVFryhupo156bB33BU14KN8b5joVyQLeGb2Tx+icZd/jFhqSQ +c3f8VV+aG9+CtRi/6wesdzf9/CVF+J4ARJ7j3i60NlJi4vQJlZnou+JSBgbBiDkW +p12ITsw7l1k2zxH8hoMPNbMK1EC/+uwVRJt92L52uShLw9zKtE4MLZxZVa7Amkf4 +zRc78fHwwPXoMjLcQxw+8JRjlciWr/hZccuppXI4qb17l6HAMvW4vCslao0c9pSp +Opg5Q0PwVXFROIvCANdxNI9ptSrH78Thxh4rggnHs+OZF02D22oTkjquU4Xrar3u +FXlIS8UmdkqAXGIJf0pqa48aXcqeipRe +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrjCCAZagAwIBAgIEXozE5DANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDDA5z +ZXJ2ZXItZG9sb3JlczAeFw0yMDA0MDcxODIyMjhaFw0yNTA0MDcxODIyMjhaMBkx +FzAVBgNVBAMMDnNlcnZlci1kb2xvcmVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAyRTzsWsih9Boz2/aRFJsgJNDn8/C207kpvJ9lj0uBWNdZGJ86T4i +CwvIyMFvxeYQB0qO0AHf6FvJfMgunRlCj3fD01s7AHj8kCFoM/akgo04M7iJfSkU +dDCVuRbrFtz31akNckyxRw/oORiQ6NYGxnuAvtFdjE8jFc77WVXVU5QuqVEueJXs +HM+t6VGEn+7GwPsSJMIuEERd+05ZlghB1HoQD4Wu4+b/CXU+8aFRad0HRXHInBl0 +0QABETcMtpe3xIotC7H1nsAMipb0jyl3p+1a49FbrAktsiko8Y2iRVv3kZ58xfx9 +2Unmw+ViEb5bVRFytqb5AIgARI/+XX1zBwIDAQABMA0GCSqGSIb3DQEBCwUAA4IB +AQB39QXR3HLEju8B1oNCH1UciZetMxvORC2fwgXhqjbJ2YkHlykaLAAKv6DOSyc2 +HE40F2Q/Y0p0NC41+4YIiujgzKWaDI1Gw22PlceE2B49dO8evmldN2NixkirJbtm +bEtjINAxHXbhXn8GgUKJxSqtFPTX/fG7OCYvkvGItQAhSrGo9r5ACuDYkTZsBAZp +9jHc50TZsQ7od4jsPXrtZ6S2doOA0TdQ/+XzNyoadbG0YZbRtUVmhJN7gQfkBcjH +/AnYeYJL1kg39AuO3PsFhgWCsR2eNizGCh7CnHx7xpJnLYAw/01TGidsku/oYFiI +5SthBjGC992gTekW54hYtMBU +-----END CERTIFICATE----- diff --git a/sni-test-config/haproxy.cfg b/sni-test-config/haproxy.cfg new file mode 100644 index 0000000..c451ef6 --- /dev/null +++ b/sni-test-config/haproxy.cfg @@ -0,0 +1,44 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +defaults + timeout client 1000 + timeout connect 1000 + timeout server 1000 + +frontend sniproxy + bind *:15443 + mode tcp + tcp-request inspect-delay 5s + tcp-request content accept if { req_ssl_hello_type 1 } + use_backend locators-maeve if { req.ssl_sni -i locator-maeve } + use_backend servers-dolores if { req.ssl_sni -i server-dolores } + use_backend servers-clementine if { req.ssl_sni -i server-clementine } + default_backend locators-maeve + log stdout format raw local0 debug + +backend locators-maeve + mode tcp + server locator1 geode:10334 + +backend servers-dolores + mode tcp + server server1 geode:40404 + +backend servers-clementine + mode tcp + server server1 geode:40405 diff --git a/sni-test-config/scripts/forever b/sni-test-config/scripts/forever new file mode 100644 index 0000000..4fecfa8 --- /dev/null +++ b/sni-test-config/scripts/forever @@ -0,0 +1,20 @@ +#!/usr/bin/env sh + +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +while true; do sleep 600; done diff --git a/sni-test-config/scripts/geode-starter-2.gfsh b/sni-test-config/scripts/geode-starter-2.gfsh new file mode 100644 index 0000000..38600aa --- /dev/null +++ b/sni-test-config/scripts/geode-starter-2.gfsh @@ -0,0 +1,23 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +start locator --name=locator-maeve --hostname-for-clients=locator-maeve --properties-file=/geode/config/gemfire.properties --security-properties-file=/geode/config/gfsecurity.properties --J=-Dgemfire.ssl-keystore=/geode/config/locator-maeve-keystore.jks +start server --name=server-dolores --group=group-dolores --hostname-for-clients=server-dolores --locators=localhost[10334] --properties-file=/geode/config/gemfire.properties --security-properties-file=/geode/config/gfsecurity.properties --J=-Dgemfire.ssl-keystore=/geode/config/server-dolores-keystore.jks +start server --name=server-clementine --group=group-clementine --hostname-for-clients=server-clementine --server-port=40405 --locators=localhost[10334] --properties-file=/geode/config/gemfire.properties --security-properties-file=/geode/config/gfsecurity.properties --J=-Dgemfire.ssl-keystore=/geode/config/server-clementine-keystore.jks +connect --locator=localhost[10334] --use-ssl=true --security-properties-file=/geode/config/gfsecurity.properties +create region --name=region-dolores --group=group-dolores --type=REPLICATE +create region --name=region-clementine --group=group-clementine --type=REPLICATE diff --git a/sni-test-config/scripts/geode-starter.gfsh b/sni-test-config/scripts/geode-starter.gfsh new file mode 100644 index 0000000..9ceecad --- /dev/null +++ b/sni-test-config/scripts/geode-starter.gfsh @@ -0,0 +1,22 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +start locator --name=locator-maeve --hostname-for-clients=locator-maeve --properties-file=/geode/config/gemfire.properties --security-properties-file=/geode/config/gfsecurity.properties --J=-Dgemfire.ssl-keystore=/geode/config/locator-maeve-keystore.jks +start server --name=server-dolores --max-heap=256m --hostname-for-clients=server-dolores --locators=localhost[10334] --properties-file=/geode/config/gemfire.properties --security-properties-file=/geode/config/gfsecurity.properties --J=-Dgemfire.ssl-keystore=/geode/config/server-dolores-keystore.jks +connect --locator=localhost[10334] --use-ssl=true --security-properties-file=/geode/config/gfsecurity.properties +create region --name=jellyfish --type=REPLICATE +
