This is an automated email from the ASF dual-hosted git repository. bbender pushed a commit to branch feature/asio in repository https://gitbox.apache.org/repos/asf/geode-native.git
commit 369f0edbfa36538b5434a5a725c8c9b7c342fa6b Author: Blake Bender <[email protected]> AuthorDate: Wed Jul 22 16:30:46 2020 -0700 WIP: Experimenting with getting keys right for SNI tests --- cppcache/integration/test/SNITest.cpp | 7 ++- cppcache/src/TcpSslConn.cpp | 2 + ssl_keys/client_keys/truststore_sni.pem | 68 +++++++++++++++++++++ ssl_keys/server_keys/locator-maeve-keystore.jks | Bin 0 -> 2048 bytes .../server_keys/server-clementine-keystore.jks | Bin 0 -> 2059 bytes ssl_keys/server_keys/server-dolores-keystore.jks | Bin 0 -> 2050 bytes ssl_keys/server_keys/truststore.jks | Bin 0 -> 8095 bytes 7 files changed, 74 insertions(+), 3 deletions(-) diff --git a/cppcache/integration/test/SNITest.cpp b/cppcache/integration/test/SNITest.cpp index 7e70619..41afabd 100644 --- a/cppcache/integration/test/SNITest.cpp +++ b/cppcache/integration/test/SNITest.cpp @@ -111,10 +111,11 @@ class SNITest : public ::testing::Test { boost::filesystem::path currentWorkingDirectory; }; -TEST_F(SNITest, DISABLED_connectViaProxyTest) { +TEST_F(SNITest, connectViaProxyTest) { + auto clientSslKeysDir = boost::filesystem::path( + getFrameworkString(FrameworkVariable::TestClientSslKeysDir)); const auto clientTruststore = - (currentWorkingDirectory / - boost::filesystem::path("sni-test-config/geode-config/truststore.jks")); + (clientSslKeysDir / boost::filesystem::path("truststore_sni.pem")); auto cache = CacheFactory() .set("log-level", "DEBUG") diff --git a/cppcache/src/TcpSslConn.cpp b/cppcache/src/TcpSslConn.cpp index 2e1d035..5158487 100644 --- a/cppcache/src/TcpSslConn.cpp +++ b/cppcache/src/TcpSslConn.cpp @@ -74,6 +74,8 @@ TcpSslConn::TcpSslConn(const std::string hostname, uint16_t port, auto stream = std::unique_ptr<ssl_stream_type>( new ssl_stream_type{socket_, ssl_context_}); + SSL_set_tlsext_host_name(stream->native_handle(), "localhost"); + stream->handshake(ssl_stream_type::client); std::stringstream ss; diff --git a/ssl_keys/client_keys/truststore_sni.pem b/ssl_keys/client_keys/truststore_sni.pem new file mode 100644 index 0000000..1857ce6 --- /dev/null +++ b/ssl_keys/client_keys/truststore_sni.pem @@ -0,0 +1,68 @@ +-----BEGIN CERTIFICATE----- +MIICrDCCAZSgAwIBAgIEXozDxjANBgkqhkiG9w0BAQsFADAYMRYwFAYDVQQDDA1s +b2NhdG9yLW1hZXZlMB4XDTIwMDQwNzE4MTc0MloXDTI1MDQwNzE4MTc0MlowGDEW +MBQGA1UEAwwNbG9jYXRvci1tYWV2ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBAOJ3jM2Rb50L+1fXyhZbaOHMuVUVGJ5jQV9wH3ijjeCEckaF29LbEtG8 +swMaxSoi4Sp/A4dp/7VI9CFZJKOX3zooZcuHyR7GSta4wH3oO55w0AfyTGeG6KF2 +Ekzj8pDPHyn/141rFAUPmMDnCfbF69Uixfi2XPxEJZw2GDN/YIHndY+X1pJ4ZuXS +SmrORSEOSmrN9X7pqbL5D2cy15cmTK5449ZqLEfZS72Mv3gve1Ax2JMWCBEwLdob +xW5utgmEe1/WhlhPzFr5C92znF/5Eucil/Rr+yynp31X+/QYBemYwOxbeZotHBZJ +tMLMzaInydrZ04wgHRftNeN0TIZkPmcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEA +Jj1OSCWoILzWLBU1cAiQK8Gt0DVkqcpO4/vc3CoiU2T/em74cBzTwqmgrBvykWgq +f05jWQcod2yNg8trHrgx8F9CfyyvTXRIxttyfmbD7DAQk+qn9QBSbRJFfzo8VfNp +dGcT7KV9UDVyzltiTorqQJHUx3acUgtLYS2XUVlbGclhnNafRO44uobOsteAG01v +YqFa8ZaZM7qcZ88mbbKLXn6lo203JguM+TM0P7wHnzcww9sLmsP8W2cvsvefwCl4 +O7OYcjhcbEph+mIC3/zN8vF6d8xtLiMSGk6BNCHd003MBEhZHizyquGtAFLaEafX +V6sLm65i8uF2glnQfwS5JQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrDCCAZSgAwIBAgIEXozDxjANBgkqhkiG9w0BAQsFADAYMRYwFAYDVQQDDA1s +b2NhdG9yLW1hZXZlMB4XDTIwMDQwNzE4MTc0MloXDTI1MDQwNzE4MTc0MlowGDEW +MBQGA1UEAwwNbG9jYXRvci1tYWV2ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBAOJ3jM2Rb50L+1fXyhZbaOHMuVUVGJ5jQV9wH3ijjeCEckaF29LbEtG8 +swMaxSoi4Sp/A4dp/7VI9CFZJKOX3zooZcuHyR7GSta4wH3oO55w0AfyTGeG6KF2 +Ekzj8pDPHyn/141rFAUPmMDnCfbF69Uixfi2XPxEJZw2GDN/YIHndY+X1pJ4ZuXS +SmrORSEOSmrN9X7pqbL5D2cy15cmTK5449ZqLEfZS72Mv3gve1Ax2JMWCBEwLdob +xW5utgmEe1/WhlhPzFr5C92znF/5Eucil/Rr+yynp31X+/QYBemYwOxbeZotHBZJ +tMLMzaInydrZ04wgHRftNeN0TIZkPmcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEA +Jj1OSCWoILzWLBU1cAiQK8Gt0DVkqcpO4/vc3CoiU2T/em74cBzTwqmgrBvykWgq +f05jWQcod2yNg8trHrgx8F9CfyyvTXRIxttyfmbD7DAQk+qn9QBSbRJFfzo8VfNp +dGcT7KV9UDVyzltiTorqQJHUx3acUgtLYS2XUVlbGclhnNafRO44uobOsteAG01v +YqFa8ZaZM7qcZ88mbbKLXn6lo203JguM+TM0P7wHnzcww9sLmsP8W2cvsvefwCl4 +O7OYcjhcbEph+mIC3/zN8vF6d8xtLiMSGk6BNCHd003MBEhZHizyquGtAFLaEafX +V6sLm65i8uF2glnQfwS5JQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICtDCCAZygAwIBAgIEXozGnzANBgkqhkiG9w0BAQsFADAcMRowGAYDVQQDDBFz +ZXJ2ZXItY2xlbWVudGluZTAeFw0yMDA0MDcxODI5NTFaFw0yNTA0MDcxODI5NTFa +MBwxGjAYBgNVBAMMEXNlcnZlci1jbGVtZW50aW5lMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEA6IzshjujS5c58AH8nJHBhlqjfNpacoNxhxykeCVsExa9 +vi0l8ezi35pte06j7gpMWhDYHokrHaw6ymp9iTi7D91yIPGeMMNUli8DnzgAzpeY +V8SGgkrVBalkVe0GimAHXMrzeZF+8D2BEdvDAsIUbrZRACElPlLUoiO93xZZ8ad+ +fAfLVetH4lDJ54FT7ia+St6L0QxSrDLvrqmc/58ZunkQBnQcd4tMjCD1kX4l+5Q1 +eF+Rc/SbY+/8HfyCZcA98voC3dKF13U+0YAf/0ahin+8Ckm6BL/StUxFNftTtJ7l +iKf56Y3FbSQ84Q9Te8feb05XidkF74Gifa4Q7gOzjwIDAQABMA0GCSqGSIb3DQEB +CwUAA4IBAQDKvYcnVFryhupo156bB33BU14KN8b5joVyQLeGb2Tx+icZd/jFhqSQ +c3f8VV+aG9+CtRi/6wesdzf9/CVF+J4ARJ7j3i60NlJi4vQJlZnou+JSBgbBiDkW +p12ITsw7l1k2zxH8hoMPNbMK1EC/+uwVRJt92L52uShLw9zKtE4MLZxZVa7Amkf4 +zRc78fHwwPXoMjLcQxw+8JRjlciWr/hZccuppXI4qb17l6HAMvW4vCslao0c9pSp +Opg5Q0PwVXFROIvCANdxNI9ptSrH78Thxh4rggnHs+OZF02D22oTkjquU4Xrar3u +FXlIS8UmdkqAXGIJf0pqa48aXcqeipRe +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrjCCAZagAwIBAgIEXozE5DANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDDA5z +ZXJ2ZXItZG9sb3JlczAeFw0yMDA0MDcxODIyMjhaFw0yNTA0MDcxODIyMjhaMBkx +FzAVBgNVBAMMDnNlcnZlci1kb2xvcmVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAyRTzsWsih9Boz2/aRFJsgJNDn8/C207kpvJ9lj0uBWNdZGJ86T4i +CwvIyMFvxeYQB0qO0AHf6FvJfMgunRlCj3fD01s7AHj8kCFoM/akgo04M7iJfSkU +dDCVuRbrFtz31akNckyxRw/oORiQ6NYGxnuAvtFdjE8jFc77WVXVU5QuqVEueJXs +HM+t6VGEn+7GwPsSJMIuEERd+05ZlghB1HoQD4Wu4+b/CXU+8aFRad0HRXHInBl0 +0QABETcMtpe3xIotC7H1nsAMipb0jyl3p+1a49FbrAktsiko8Y2iRVv3kZ58xfx9 +2Unmw+ViEb5bVRFytqb5AIgARI/+XX1zBwIDAQABMA0GCSqGSIb3DQEBCwUAA4IB +AQB39QXR3HLEju8B1oNCH1UciZetMxvORC2fwgXhqjbJ2YkHlykaLAAKv6DOSyc2 +HE40F2Q/Y0p0NC41+4YIiujgzKWaDI1Gw22PlceE2B49dO8evmldN2NixkirJbtm +bEtjINAxHXbhXn8GgUKJxSqtFPTX/fG7OCYvkvGItQAhSrGo9r5ACuDYkTZsBAZp +9jHc50TZsQ7od4jsPXrtZ6S2doOA0TdQ/+XzNyoadbG0YZbRtUVmhJN7gQfkBcjH +/AnYeYJL1kg39AuO3PsFhgWCsR2eNizGCh7CnHx7xpJnLYAw/01TGidsku/oYFiI +5SthBjGC992gTekW54hYtMBU +-----END CERTIFICATE----- diff --git a/ssl_keys/server_keys/locator-maeve-keystore.jks b/ssl_keys/server_keys/locator-maeve-keystore.jks new file mode 100644 index 0000000..a29cf0f Binary files /dev/null and b/ssl_keys/server_keys/locator-maeve-keystore.jks differ diff --git a/ssl_keys/server_keys/server-clementine-keystore.jks b/ssl_keys/server_keys/server-clementine-keystore.jks new file mode 100644 index 0000000..380de6c Binary files /dev/null and b/ssl_keys/server_keys/server-clementine-keystore.jks differ diff --git a/ssl_keys/server_keys/server-dolores-keystore.jks b/ssl_keys/server_keys/server-dolores-keystore.jks new file mode 100644 index 0000000..cb2c4c5 Binary files /dev/null and b/ssl_keys/server_keys/server-dolores-keystore.jks differ diff --git a/ssl_keys/server_keys/truststore.jks b/ssl_keys/server_keys/truststore.jks new file mode 100644 index 0000000..ffcdaf3 Binary files /dev/null and b/ssl_keys/server_keys/truststore.jks differ
