Author: kgiusti
Date: Mon Oct 8 18:51:19 2012
New Revision: 1395720
URL: http://svn.apache.org/viewvc?rev=1395720&view=rev
Log:
PROTON-53: add infrastructure for SSL unit tests
Added:
qpid/proton/trunk/tests/proton_tests/ssl.py (with props)
qpid/proton/trunk/tests/proton_tests/ssl_db/
qpid/proton/trunk/tests/proton_tests/ssl_db/README.txt (with props)
qpid/proton/trunk/tests/proton_tests/ssl_db/ca-certificate.pem
qpid/proton/trunk/tests/proton_tests/ssl_db/client-certificate.pem
qpid/proton/trunk/tests/proton_tests/ssl_db/client-private-key.pem
qpid/proton/trunk/tests/proton_tests/ssl_db/server-certificate.pem
qpid/proton/trunk/tests/proton_tests/ssl_db/server-private-key.pem
Modified:
qpid/proton/trunk/proton-c/bindings/python/proton.py
qpid/proton/trunk/proton-c/src/ssl/openssl.c
qpid/proton/trunk/tests/proton_tests/__init__.py
Modified: qpid/proton/trunk/proton-c/bindings/python/proton.py
URL:
http://svn.apache.org/viewvc/qpid/proton/trunk/proton-c/bindings/python/proton.py?rev=1395720&r1=1395719&r2=1395720&view=diff
==============================================================================
--- qpid/proton/trunk/proton-c/bindings/python/proton.py (original)
+++ qpid/proton/trunk/proton-c/bindings/python/proton.py Mon Oct 8 18:51:19
2012
@@ -1659,11 +1659,49 @@ class SASL(object):
def done(self, outcome):
pn_sasl_done(self._sasl, outcome)
+class SSLException(TransportException):
+ pass
+
class SSL(object):
+ def _check(self, err):
+ if err < 0:
+ exc = EXCEPTIONS.get(err, SSLException)
+ raise exc("SSL failure.")
+ else:
+ return err
+
def __init__(self, transport):
self._ssl = pn_ssl(transport._trans)
+ MODE_CLIENT = PN_SSL_MODE_CLIENT
+ MODE_SERVER = PN_SSL_MODE_SERVER
+
+ def init(self, mode):
+ return self._check( pn_ssl_init(self._ssl, mode) )
+
+ def set_credentials(self, cert_file, key_file, password):
+ return self._check( pn_ssl_set_credentials(self._ssl, cert_file, key_file,
+ password) )
+
+ def set_trusted_ca_db(self, certificate_db):
+ return self._check( pn_ssl_set_trusted_ca_db(self._ssl, certificate_db) )
+
+ def allow_unsecured_client(self):
+ return self._check( pn_ssl_allow_unsecured_client(self._ssl) )
+
+ VERIFY_PEER = PN_SSL_VERIFY_PEER
+ NO_VERIFY_PEER = PN_SSL_NO_VERIFY_PEER
+
+ def set_peer_authentication(self, verify_mode, trusted_CAs=None):
+ return self._check( pn_ssl_set_peer_authentication(self._ssl, verify_mode,
+ trusted_CAs) )
+
+ def peer_authentication(self):
+ # @TODO: fix up buffer return value...
+ pass
+
+
__all__ = ["Messenger", "Message", "ProtonException", "MessengerException",
"MessageException", "Timeout", "Data", "Endpoint", "Connection",
"Session", "Link", "Sender", "Receiver", "Delivery", "Transport",
Modified: qpid/proton/trunk/proton-c/src/ssl/openssl.c
URL:
http://svn.apache.org/viewvc/qpid/proton/trunk/proton-c/src/ssl/openssl.c?rev=1395720&r1=1395719&r2=1395720&view=diff
==============================================================================
--- qpid/proton/trunk/proton-c/src/ssl/openssl.c (original)
+++ qpid/proton/trunk/proton-c/src/ssl/openssl.c Mon Oct 8 18:51:19 2012
@@ -121,7 +121,7 @@ static void _log_ssl_error(pn_ssl_t *ssl
unsigned long err = ERR_get_error();
while (err) {
ERR_error_string_n(err, buf, sizeof(buf));
- _log(ssl, "%s\n", buf);
+ _log_error("%s\n", buf);
err = ERR_get_error();
}
}
@@ -204,6 +204,7 @@ int pn_ssl_set_credentials( pn_ssl_t *ss
if (SSL_CTX_use_certificate_chain_file(ssl->ctx, certificate_file) != 1) {
_log_error("SSL_CTX_use_certificate_chain_file( %s ) failed\n",
certificate_file);
+ _log_ssl_error(ssl);
return -3;
}
@@ -215,12 +216,14 @@ int pn_ssl_set_credentials( pn_ssl_t *ss
if (SSL_CTX_use_PrivateKey_file(ssl->ctx, private_key_file,
SSL_FILETYPE_PEM) != 1) {
_log_error("SSL_CTX_use_PrivateKey_file( %s ) failed\n", private_key_file);
+ _log_ssl_error(ssl);
return -4;
}
if (SSL_CTX_check_private_key(ssl->ctx) != 1) {
_log_error("The key file %s is not consistent with the certificate %s\n",
private_key_file, certificate_file);
+ _log_ssl_error(ssl);
return -5;
}
@@ -509,38 +512,41 @@ static ssize_t process_input_ssl( pn_tra
_log( ssl, "process_input_ssl( data size=%d )\n",available );
ssize_t consumed = 0;
+ bool work_pending;
+ bool shutdown_input = (available == 0); // caller is closed
- // Write to network bio as much as possible, consuming bytes/available
+ do {
+ work_pending = false;
- if (available > 0) {
- int written = BIO_write( ssl->bio_net_io, input_data, available );
- if (written > 0) {
- input_data += written;
- available -= written;
- consumed += written;
- ssl->read_blocked = false;
- _log( ssl, "Wrote %d bytes to BIO Layer, %d left over\n", written,
available );
- }
- } else if (available == 0) {
- // lower layer (caller) has closed. Close the WRITE side of the BIO.
This will cause
- // an EOF to be passed to SSL once all pending inbound data has been
consumed.
- _log( ssl, "Lower layer closed - shutting down BIO write side\n");
- (void)BIO_shutdown_wr( ssl->bio_net_io );
- }
-
- // Read all available data from the SSL socket
-
- if (!ssl->ssl_closed) {
- //int pending = BIO_pending(ssl->bio_ssl);
- //int available = pn_min( (APP_BUF_SIZE - ssl->in_count), pending );
- int available = APP_BUF_SIZE - ssl->in_count;
- while (available > 0) {
- int written = BIO_read( ssl->bio_ssl, &ssl->inbuf[ssl->in_count],
available );
+ // Write to network bio as much as possible, consuming bytes/available
+
+ if (available > 0) {
+ int written = BIO_write( ssl->bio_net_io, input_data, available );
if (written > 0) {
- _log( ssl, "Read %d bytes from SSL socket for app\n", written );
- _log_clear_data( ssl, &ssl->inbuf[ssl->in_count], written );
- ssl->in_count += written;
+ input_data += written;
available -= written;
+ consumed += written;
+ ssl->read_blocked = false;
+ work_pending = (available > 0);
+ _log( ssl, "Wrote %d bytes to BIO Layer, %d left over\n", written,
available );
+ }
+ } else if (shutdown_input) {
+ // lower layer (caller) has closed. Close the WRITE side of the BIO.
This will cause
+ // an EOF to be passed to SSL once all pending inbound data has been
consumed.
+ _log( ssl, "Lower layer closed - shutting down BIO write side\n");
+ (void)BIO_shutdown_wr( ssl->bio_net_io );
+ shutdown_input = false;
+ }
+
+ // Read all available data from the SSL socket
+
+ if (!ssl->ssl_closed && ssl->in_count < APP_BUF_SIZE) {
+ int read = BIO_read( ssl->bio_ssl, &ssl->inbuf[ssl->in_count],
APP_BUF_SIZE - ssl->in_count );
+ if (read > 0) {
+ _log( ssl, "Read %d bytes from SSL socket for app\n", read );
+ _log_clear_data( ssl, &ssl->inbuf[ssl->in_count], read );
+ ssl->in_count += read;
+ work_pending = work_pending || ssl->in_count < APP_BUF_SIZE;
} else {
if (!BIO_should_retry(ssl->bio_ssl)) {
_log(ssl, "Read from SSL socket failed - SSL connection closed!!\n");
@@ -557,47 +563,47 @@ static ssize_t process_input_ssl( pn_tra
_log(ssl, "Detected read-blocked\n");
}
}
- break;
}
}
- }
- // write incoming data to app layer
+ // write incoming data to app layer
- if (!ssl->app_input_closed) {
- char *data = ssl->inbuf;
- while (ssl->in_count > 0 || ssl->ssl_closed) { /* if ssl_closed, send 0
count */
- ssize_t consumed = transport->process_input(transport, data,
ssl->in_count);
- if (consumed > 0) {
- ssl->in_count -= consumed;
- data += consumed;
- _log( ssl, "Application consumed %d bytes from peer\n", (int) consumed
);
- } else {
- if (consumed < 0) {
- _log(ssl, "Application layer closed its input, error=%d (discarding
%d bytes)\n",
- (int) consumed, (int)ssl->in_count);
- ssl->in_count = 0; // discard any pending input
- ssl->app_input_closed = consumed;
- if (ssl->app_output_closed && ssl->out_count) {
- // both sides of app closed, and no more app output pending:
- start_ssl_shutdown(ssl);
- }
- /* @todo: fix this - duplicate code - transport does the same */
- if (consumed == PN_EOS) {
- if (transport->disp->trace & (PN_TRACE_RAW | PN_TRACE_FRM))
- pn_dispatcher_trace(transport->disp, 0, "<- EOS\n");
- } else {
- pn_dispatcher_trace(transport->disp, 0, "ERROR[%i] %s\n",
- pn_error_code(transport->error),
- pn_error_text(transport->error));
+ if (!ssl->app_input_closed) {
+ char *data = ssl->inbuf;
+ if (ssl->in_count > 0 || ssl->ssl_closed) { /* if ssl_closed, send 0
count */
+ ssize_t consumed = transport->process_input(transport, data,
ssl->in_count);
+ if (consumed > 0) {
+ ssl->in_count -= consumed;
+ data += consumed;
+ work_pending = work_pending || ssl->in_count > 0;
+ _log( ssl, "Application consumed %d bytes from peer\n", (int)
consumed );
+ } else {
+ if (consumed < 0) {
+ _log(ssl, "Application layer closed its input, error=%d
(discarding %d bytes)\n",
+ (int) consumed, (int)ssl->in_count);
+ ssl->in_count = 0; // discard any pending input
+ ssl->app_input_closed = consumed;
+ if (ssl->app_output_closed && ssl->out_count) {
+ // both sides of app closed, and no more app output pending:
+ start_ssl_shutdown(ssl);
+ }
+ /* @todo: fix this - duplicate code - transport does the same */
+ if (consumed == PN_EOS) {
+ if (transport->disp->trace & (PN_TRACE_RAW | PN_TRACE_FRM))
+ pn_dispatcher_trace(transport->disp, 0, "<- EOS\n");
+ } else {
+ pn_dispatcher_trace(transport->disp, 0, "ERROR[%i] %s\n",
+ pn_error_code(transport->error),
+ pn_error_text(transport->error));
+ }
}
}
- break;
}
+ if (ssl->in_count > 0 && data != ssl->inbuf)
+ memmove( ssl->inbuf, data, ssl->in_count );
}
- if (ssl->in_count > 0 && data != ssl->inbuf)
- memmove( ssl->inbuf, data, ssl->in_count );
- }
+
+ } while (work_pending);
//_log(ssl, "ssl_closed=%d in_count=%d app_input_closed=%d
app_output_closed=%d\n",
// ssl->ssl_closed, ssl->in_count, ssl->app_input_closed,
ssl->app_output_closed );
@@ -619,14 +625,17 @@ static ssize_t process_output_ssl( pn_tr
if (ssl->ssl == NULL && init_ssl_socket(ssl)) return PN_ERR;
ssize_t written = 0;
+ bool work_pending;
- // first, get any pending application output, if possible
+ do {
+ work_pending = false;
+ // first, get any pending application output, if possible
- if (!ssl->app_output_closed) {
- while (ssl->out_count < APP_BUF_SIZE) {
+ if (!ssl->app_output_closed && ssl->out_count < APP_BUF_SIZE) {
ssize_t app_bytes = transport->process_output(transport,
&ssl->outbuf[ssl->out_count], APP_BUF_SIZE - ssl->out_count);
if (app_bytes > 0) {
ssl->out_count += app_bytes;
+ work_pending = ssl->out_count < APP_BUF_SIZE;
_log( ssl, "Gathered %d bytes from app to send to peer\n", app_bytes );
} else {
if (app_bytes < 0) {
@@ -642,64 +651,65 @@ static ssize_t process_output_ssl( pn_tr
pn_error_text(transport->error));
}
}
- break;
}
}
- }
- // now push any pending app data into the socket
+ // now push any pending app data into the socket
- if (!ssl->ssl_closed) {
- char *data = ssl->outbuf;
- while (ssl->out_count > 0) {
- int written = BIO_write( ssl->bio_ssl, data, ssl->out_count );
- if (written > 0) {
- data += written;
- ssl->out_count -= written;
- _log( ssl, "Wrote %d bytes from app to socket\n", written );
- } else {
- if (!BIO_should_retry(ssl->bio_ssl)) {
- _log(ssl, "Write to SSL socket failed - SSL connection closed!!\n");
- _log_ssl_error(ssl);
- start_ssl_shutdown(ssl); // KAG: not sure - this may be
necessary
- ssl->out_count = 0; // can no longer write to socket, so erase
app output data
- ssl->ssl_closed = true;
+ if (!ssl->ssl_closed) {
+ char *data = ssl->outbuf;
+ if (ssl->out_count > 0) {
+ int wrote = BIO_write( ssl->bio_ssl, data, ssl->out_count );
+ if (wrote > 0) {
+ data += wrote;
+ ssl->out_count -= wrote;
+ work_pending = work_pending || ssl->out_count > 0;
+ _log( ssl, "Wrote %d bytes from app to socket\n", wrote );
} else {
- if (BIO_should_read( ssl->bio_ssl )) {
- ssl->read_blocked = true;
- _log(ssl, "Detected read-blocked\n");
- }
- if (BIO_should_write( ssl->bio_ssl )) {
- ssl->write_blocked = true;
- _log(ssl, "Detected write-blocked\n");
+ if (!BIO_should_retry(ssl->bio_ssl)) {
+ _log(ssl, "Write to SSL socket failed - SSL connection
closed!!\n");
+ _log_ssl_error(ssl);
+ start_ssl_shutdown(ssl); // KAG: not sure - this may be
necessary
+ ssl->out_count = 0; // can no longer write to socket, so
erase app output data
+ ssl->ssl_closed = true;
+ } else {
+ if (BIO_should_read( ssl->bio_ssl )) {
+ ssl->read_blocked = true;
+ _log(ssl, "Detected read-blocked\n");
+ }
+ if (BIO_should_write( ssl->bio_ssl )) {
+ ssl->write_blocked = true;
+ _log(ssl, "Detected write-blocked\n");
+ }
}
}
- break;
}
- }
- if (ssl->out_count == 0) {
- if (ssl->app_input_closed && ssl->app_output_closed) {
- // application is done sending/receiving data, and all buffered output
data has
- // been written to the SSL socket
- start_ssl_shutdown(ssl);
+ if (ssl->out_count == 0) {
+ if (ssl->app_input_closed && ssl->app_output_closed) {
+ // application is done sending/receiving data, and all buffered
output data has
+ // been written to the SSL socket
+ start_ssl_shutdown(ssl);
+ }
+ } else if (data != ssl->outbuf) {
+ memmove( ssl->outbuf, data, ssl->out_count );
}
- } else if (data != ssl->outbuf) {
- memmove( ssl->outbuf, data, ssl->out_count );
}
- }
- // read from the network bio as much as possible, filling the buffer
- if (max_len) {
- int available = BIO_read( ssl->bio_net_io, buffer, max_len );
- if (available > 0) {
- max_len -= available;
- buffer += available;
- written += available;
- ssl->write_blocked = false;
- _log( ssl, "Read %d bytes from BIO Layer\n", available );
+ // read from the network bio as much as possible, filling the buffer
+ if (max_len) {
+ int available = BIO_read( ssl->bio_net_io, buffer, max_len );
+ if (available > 0) {
+ max_len -= available;
+ buffer += available;
+ written += available;
+ ssl->write_blocked = false;
+ work_pending = work_pending || max_len > 0;
+ _log( ssl, "Read %d bytes from BIO Layer\n", available );
+ }
}
- }
+
+ } while (work_pending);
//_log(ssl, "written=%d ssl_closed=%d in_count=%d app_input_closed=%d
app_output_closed=%d bio_pend=%d\n",
// written, ssl->ssl_closed, ssl->in_count, ssl->app_input_closed,
ssl->app_output_closed, BIO_pending(ssl->bio_net_io) );
Modified: qpid/proton/trunk/tests/proton_tests/__init__.py
URL:
http://svn.apache.org/viewvc/qpid/proton/trunk/tests/proton_tests/__init__.py?rev=1395720&r1=1395719&r2=1395720&view=diff
==============================================================================
--- qpid/proton/trunk/tests/proton_tests/__init__.py (original)
+++ qpid/proton/trunk/tests/proton_tests/__init__.py Mon Oct 8 18:51:19 2012
@@ -23,3 +23,5 @@ import proton_tests.message
import proton_tests.messenger
import proton_tests.sasl
import proton_tests.transport
+import proton_tests.ssl
+
Added: qpid/proton/trunk/tests/proton_tests/ssl.py
URL:
http://svn.apache.org/viewvc/qpid/proton/trunk/tests/proton_tests/ssl.py?rev=1395720&view=auto
==============================================================================
--- qpid/proton/trunk/tests/proton_tests/ssl.py (added)
+++ qpid/proton/trunk/tests/proton_tests/ssl.py Mon Oct 8 18:51:19 2012
@@ -0,0 +1,99 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+import os, common
+import subprocess
+from proton import *
+
+
+class SslTest(common.Test):
+
+ def __init__(self, *args):
+ common.Test.__init__(self, *args)
+
+ def setup(self):
+ self.t_server = Transport()
+ self.server = SSL(self.t_server)
+ self.server.init(SSL.MODE_SERVER)
+ self.t_client = Transport()
+ self.client = SSL(self.t_client)
+ self.client.init(SSL.MODE_CLIENT)
+
+ def teardown(self):
+ self.t_client = None
+ self.t_server = None
+
+ def _pump(self):
+ while True:
+ out_client = self.t_client.output(1024)
+ out_server = self.t_server.output(1024)
+ if out_client: self.t_server.input(out_client)
+ if out_server: self.t_client.input(out_server)
+ if not out_client and not out_server: break
+
+ def _testpath(self, file):
+ """ Set the full path to the certificate,keyfile, etc. for the test.
+ """
+ return os.path.join(os.path.dirname(__file__),
+ "ssl_db/%s" % file)
+
+ def test_server_authentication(self):
+ """ Simple SSL connection with authentication of the server
+ """
+ self.server.set_credentials(self._testpath("server-certificate.pem"),
+ self._testpath("server-private-key.pem"),
+ "server-password")
+ self.client.set_trusted_ca_db(self._testpath("ca-certificate.pem"))
+
+ client_conn = Connection()
+ self.t_client.bind(client_conn)
+ server_conn = Connection()
+ self.t_server.bind(server_conn)
+ client_conn.open()
+ server_conn.open()
+ self._pump()
+ client_conn.close()
+ server_conn.close()
+ self._pump()
+
+
+ def test_client_authentication(self):
+ """ @TODO: fix
+ """
+ self.server.set_credentials(self._testpath("server-certificate.pem"),
+ self._testpath("server-private-key.pem"),
+ "server-password")
+ self.server.set_trusted_ca_db(self._testpath("ca-certificate.pem"))
+ self.client.set_credentials(self._testpath("client-certificate.pem"),
+ self._testpath("client-private-key.pem"),
+ "client-password")
+ self.client.set_trusted_ca_db(self._testpath("ca-certificate.pem"))
+
+ client_conn = Connection()
+ self.t_client.bind(client_conn)
+ server_conn = Connection()
+ self.t_server.bind(server_conn)
+ client_conn.open()
+ server_conn.open()
+ self._pump()
+ client_conn.close()
+ server_conn.close()
+ self._pump()
+
+
Propchange: qpid/proton/trunk/tests/proton_tests/ssl.py
------------------------------------------------------------------------------
svn:eol-style = native
Added: qpid/proton/trunk/tests/proton_tests/ssl_db/README.txt
URL:
http://svn.apache.org/viewvc/qpid/proton/trunk/tests/proton_tests/ssl_db/README.txt?rev=1395720&view=auto
==============================================================================
--- qpid/proton/trunk/tests/proton_tests/ssl_db/README.txt (added)
+++ qpid/proton/trunk/tests/proton_tests/ssl_db/README.txt Mon Oct 8 18:51:19
2012
@@ -0,0 +1,35 @@
+The following certificate files are used by the SSL unit tests (ssl.py):
+
+ca-certificate.pem - contains the public certificate identifying a "trusted"
Certificate
+Authority. This certificate is used to sign the certificates that identify
the SSL
+servers and clients run by the tests.
+
+client-certificate.pem - the public certificate used to identify the client.
Signed by
+the CA.
+
+client-private-key.pem - encrypted key used to create client-certificate.pem.
Password is
+"client-password"
+
+server-certificate.pem - the public certificate used to identify the server.
Signed by
+the CA.
+
+server-private-key.pem - encrypted key used to create server-certificate.pem.
Password is
+"server-password"
+
+
+These certificates have been created using the OpenSSL tool.
+
+The following commands were used to create these certificates:
+
+# Create a self-signed certificate for the CA, and a private key to sign
certificate requests:
+ openssl req -x509 -newkey rsa:2048 -keyout ca-private-key.pem -passout
pass:ca-password -out ca-certificate.pem -days 99999 -subj "/O=Trust Me,
Inc/CN=127.0.0.1"
+
+# Create a certificate request for the server certificate. Use the CA's
certificate to sign it:
+ openssl req -newkey rsa:2048 -keyout server-private-key.pem -passout
pass:server-password -out server-request.pem -subj "/O=Server/CN=127.0.0.1"
+ openssl x509 -req -in server-request.pem -CA ca-certificate.pem -CAkey
ca-private-key.pem -CAcreateserial -passin pass:ca-password -days 99999 -out
server-certificate.pem
+
+# Create a certificate request for the client certificate. Use the CA's
certificate to sign it:
+ openssl req -newkey rsa:2048 -keyout client-private-key.pem -passout
pass:client-password -out client-request.pem -subj "/O=Client/CN=127.0.0.1"
+ openssl x509 -req -in client-request.pem -CA ca-certificate.pem -CAkey
ca-private-key.pem -CAcreateserial -passin pass:ca-password -days 99999 -out
client-certificate.pem
+
+
Propchange: qpid/proton/trunk/tests/proton_tests/ssl_db/README.txt
------------------------------------------------------------------------------
svn:eol-style = native
Added: qpid/proton/trunk/tests/proton_tests/ssl_db/ca-certificate.pem
URL:
http://svn.apache.org/viewvc/qpid/proton/trunk/tests/proton_tests/ssl_db/ca-certificate.pem?rev=1395720&view=auto
==============================================================================
--- qpid/proton/trunk/tests/proton_tests/ssl_db/ca-certificate.pem (added)
+++ qpid/proton/trunk/tests/proton_tests/ssl_db/ca-certificate.pem Mon Oct 8
18:51:19 2012
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDLTCCAhWgAwIBAgIJAJde1oDZXs6MMA0GCSqGSIb3DQEBBQUAMCwxFjAUBgNV
+BAoMDVRydXN0IE1lLCBJbmMxEjAQBgNVBAMMCTEyNy4wLjAuMTAgFw0xMjEwMDgx
+ODE3NDVaGA8yMjg2MDcyMzE4MTc0NVowLDEWMBQGA1UECgwNVHJ1c3QgTWUsIElu
+YzESMBAGA1UEAwwJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAuxhqdM4r/N6cfR4UJuWCmuey5ukyHu5+j+bEv7pvE+sZhND9/gNvlFUa
+jS214kK2qq2Z7YUYo9+NLu4zq7i0oRviozIHT+SWeF1fK78ENMiOI3TjDzIxspwG
+P6oQqt3cHCx+eB1UPkFDQNcY8RBznizveDvteJW7MHvB9XPacJtKPIQawcLc/u4D
+E3v3lkCygiOte2UC61mRQMFuhehZHjGzxaD9OgL7O73H86sUWNedLkhFtIxmjhwV
+yjp9Q8rSXzohEgtbD5o39Vg++wcz4SD9EMfPtPDfbqfbih3hIV1jrsDjQfUR+9ki
+5y9OATK0QOct97pakcU3Mc3jvij4rwIDAQABo1AwTjAdBgNVHQ4EFgQUnbPv4TOU
+pq87b3KOMPDjyU3dLLswHwYDVR0jBBgwFoAUnbPv4TOUpq87b3KOMPDjyU3dLLsw
+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEALChGqkryDLDRx2ZcB1fD
+h0qtsOSyiQl3OEDLfFjvmgn3vCWtc2d74RaZELdcHHSxyPsBuS6BBDEzouPh3xgR
+RM559WEcvpgLHgJuBJ8OVvNomt6ZWXnhqpelFs0aE28dFqRqDw0cCZQN0TiXeFqV
+IVvnMoqQy2sEBHk9BSTjFTbKO8oTPDjoG1lpjUwnWsl3CK+7msGhWX1pB9Uos1v5
+csKq1UH5D9StDquMAG6Xr6wbBk1dcWOO0Pgm0HI4ggf8uilHEOjCM6TmbAj82zFJ
+kYA8iInxvLRcqdC/a9fjzUUbvghNg1QTlYPjzKFGxY8qlyOIM/wuxV9O0pcG+2js
+xA==
+-----END CERTIFICATE-----
Added: qpid/proton/trunk/tests/proton_tests/ssl_db/client-certificate.pem
URL:
http://svn.apache.org/viewvc/qpid/proton/trunk/tests/proton_tests/ssl_db/client-certificate.pem?rev=1395720&view=auto
==============================================================================
--- qpid/proton/trunk/tests/proton_tests/ssl_db/client-certificate.pem (added)
+++ qpid/proton/trunk/tests/proton_tests/ssl_db/client-certificate.pem Mon Oct
8 18:51:19 2012
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIICzzCCAbcCCQDmi9rco1HVJjANBgkqhkiG9w0BAQUFADAsMRYwFAYDVQQKDA1U
+cnVzdCBNZSwgSW5jMRIwEAYDVQQDDAkxMjcuMC4wLjEwIBcNMTIxMDA4MTgxOTAz
+WhgPMjI4NjA3MjMxODE5MDNaMCUxDzANBgNVBAoMBkNsaWVudDESMBAGA1UEAwwJ
+MTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnDezsFX
+yi6P/bBR+KfPnosVjbV4NrkUwZMuy3ZyEj2jkcoE4ShtZhk/d4ZbG1wUTYYU15kJ
+KfBm1/58oe0qNm4D17Y+hvpSPndz5//YvCtgbLX1BCJKHZkK8Oifk5OAfi0CwRBV
+HrRXbazF3uDo4L2dAt0RAqWtgkbMMBE3o8syK+mk1Ip9QerEd0wJreH5OqqpK3Xh
+Qflz1DiWvUeQb5E9Tc0rBcZlEd0hSlRXnsQdu1cC0rmEF48uf9hTRTwIvqwl3ash
+QHHpgRjmS7g4F4GfOewK1spxxJeZuy7sjLogSZR3NFPD1kmUYwNmfRi9OM6MaDtz
+JGNcpCHc5P17lQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQBF6L4pLOXxHAB5xmMF
+JFmKOXqd602wKU5a1RrXoRudJVruHp3ZPO7g/mEKcziRbciQDo0IUwCjMiByAAbD
+AriYrSl+eEnJGhDbN35LxjkMpuO0hbTeYJKn33jdq8nsmrLfxcQC/itvvnr4VDw+
+crNvDsESEDKcGR1PWhaFs+/7NfxkG+bvDJZPvmB/G5+RKQKdZM127mfjAeZ0CVnh
+d5zc0q60+TJoRAOu4BGNK5wrBWz7uQ7mKPKxJoWCeUG7wkk/4RT3Hndn82RsACkU
+OXcdRePxSJIQAmIuoMHwNwpTw1g3K1P6yTHqh+/DRdM0dJMOV1tQXCmeJ4FIsBUD
+kW0I
+-----END CERTIFICATE-----
Added: qpid/proton/trunk/tests/proton_tests/ssl_db/client-private-key.pem
URL:
http://svn.apache.org/viewvc/qpid/proton/trunk/tests/proton_tests/ssl_db/client-private-key.pem?rev=1395720&view=auto
==============================================================================
--- qpid/proton/trunk/tests/proton_tests/ssl_db/client-private-key.pem (added)
+++ qpid/proton/trunk/tests/proton_tests/ssl_db/client-private-key.pem Mon Oct
8 18:51:19 2012
@@ -0,0 +1,30 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIUWSp/twvXiECAggA
+MBQGCCqGSIb3DQMHBAh47wRU8PebagSCBMg3be4KI+3fp5UYQtZEFpq/MzfeFg9O
+22xk0DsSik8BgNM+LoaUJbMUS8yc/OO2j/MXnPU6uNudCxPdew0uZO5lt1Pgx0hY
+Kr83rb1rHZx6zA4yQ6topI6bSd2q5puqwInMU1GSLMIvn459k8O9GkV3IfOIJ0NQ
+SbPfPmloi2COT9lWjcp/MVrKy8/WqghjFARE0O7qgZMcViJwyA6fY9SH6acTFVvm
+7AD48qiet7iXH7ZqzEvhbSJLnk5YCWnfNzQ+syMrClTd/HDVLDdI0M42OoUrNbFJ
+gWthJPa1JGuq2lUePsAfDxCvU7E1ORmpN/KNlf5Nbyu8fydnM7eVRy/yUm/vV1pl
+DCrR1JJ6UDftO4Jdp7hg2pUT4GbiftosJbcbCf4M4bXB7bAc634j2jiNym/kiMfW
+zGZmiiOgU6J931/qK+nGkoeLi7HDFiTABybwddmR94UjFn4ya1dEeUDpjPBNmtWg
+q963JidWkvf2f7SXxosoY/Aadq2boZjYKiJ1QOTFbBeGnmmjk3Tk+AVzf1ZuvRKq
+n7JJNClD2rfy81NMTpos65praXzq8J/ICT0s28ksefHFhsacqvQEvnivMMEwVtgB
+NnSygkjR694MINtlGpvt78JKz78CArnBlhoXiYSFKHwvpt4GlyzG2cyaWrLRyDXB
+A+CeJGH5o1hAM/i2XeOeo+ytWgqEZIAPyqTb4SDsLfyJk7Hc0mkpAjzBnv1XfraB
+7HdcDWJZzTVyXveJlb5kTmzUOWlsovK5QiQCgTCf32LXf8ncmN3rSJHgPstRU/Gj
+A4XNGZdC3NJeFyVMEEKDZtzEu9CMBY/vMMZn/Uj26T6vZ8uvTo1zSMLtdQvqb30n
+l+ergmXAGjFRb35+2F5bs0LLfmmqNqM2uom5RIj0r7CmPwmT8SyKY7oubSwn7evn
+VQlcnXy8jgkricH4LHKuKkH9HP9FWM/AgPgYFAZlFJ4W+KQxQfJlIpPI7BzSz2uO
+oF81H0O2g8ZmNbNXph6v4HrSGvavirOwmxX3bUl+vZTbJK8N3dciF5FlmVGzZxJ1
+kpVKqIlmqS0EKQgB3s/n4sv6xukAz+2AZCvl0ZCI9DIWtIDRvSYRJ1BhuaR0piWO
+M+pY2CIKgpms4u7rBm7vgNlnPwijawc+eDh5jNivRjlpHbTWCphxk6rCPDmFdhEI
+/FdWtbJlaQw3BbpdzeP1HX0gSYVyOBZ8JnCVZiuXBH+3K6OWWgvs9nNY0nkojwBq
+XHLH1PdPe9OrVUxGukL2CMsDuyqy0XZYajXJZUhILWNQ8AHPibr2VwF2yCcub2zN
+Zn6M2wO+BM2W94HQqzswMpQZbrqw2aa4hngTZ8k0hyYzGJrFyMYXoCPaH2mg3Q0Z
+FGo6qteQ6nr58816WHI7Tb9Ot2MSgwHVhWTEHh8ufT92DWJh0gN1C8scwOrw+320
+4Qc51d8ntEsuETRFJYOmny9ef+fpLc+DNsPTrwJ+WWkisLrIEUnf3CV9HcqXfRMx
+n2TtWx4v8Qa0uYjTQHpbnESSKxOYugUPocsm0DY0lkyS92RSsfWD74dL/HjDTGOu
+XvvA8kERXyrkdXc1F+jSIXVX+ZoZOE1o2F4YcDqWtqdjfq8RNoBS6n81Uu9YMjUB
++aY=
+-----END ENCRYPTED PRIVATE KEY-----
Added: qpid/proton/trunk/tests/proton_tests/ssl_db/server-certificate.pem
URL:
http://svn.apache.org/viewvc/qpid/proton/trunk/tests/proton_tests/ssl_db/server-certificate.pem?rev=1395720&view=auto
==============================================================================
--- qpid/proton/trunk/tests/proton_tests/ssl_db/server-certificate.pem (added)
+++ qpid/proton/trunk/tests/proton_tests/ssl_db/server-certificate.pem Mon Oct
8 18:51:19 2012
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIICzzCCAbcCCQDmi9rco1HVJTANBgkqhkiG9w0BAQUFADAsMRYwFAYDVQQKDA1U
+cnVzdCBNZSwgSW5jMRIwEAYDVQQDDAkxMjcuMC4wLjEwIBcNMTIxMDA4MTgxODI1
+WhgPMjI4NjA3MjMxODE4MjVaMCUxDzANBgNVBAoMBlNlcnZlcjESMBAGA1UEAwwJ
+MTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNAx6WCK
+HowDAMNhDeP3RX2I3I/ffUj10fDEZcyaWC+nbDcCxdI7ahRZ1yAzYMZ+WYq+J4W5
+rPpPyXjPdm3RGHXMju+9D4gLQRQutQQuqB0TUJ8CZbbU7RXLFBKvU3Qu+EvwCB6d
+N3nf5Jvp67tRXyvKJ8Thv6yYHrXj0ASjpMYYxEQNnTXxjxeqTKBwKQUH/yp4+ypT
+P3TFm7X6qwNJmilpvb/UqXmle2aG+dTCjFuQJZMReU61AquejwKMY2vxvxQZeOG6
+8YNdGLqMXpQhm5NWNcX6SFPeqVn6gtje/pxIfsIgZ7u9fhKEFe5tpb3gWQkyC2DL
+24l7br81ECCAMwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQCj21mSdzCfDyRK0kLN
+kgAZ3zLMBkCyh2AgdhqWymU3wJp438HNn6SWhB2hZM8A421wmV1mZOl8cN5NFXZv
+9UofoVRunVU0w+AKI++LaEUTS5nrSx9p/8pw0J/thWs372+zSt9QlBPL9735mQ1f
+owUZgHdfpXJVgfImz6BrWg1tq07iNpWByL5bnyBmqmEzfCGUB7Q3Hye1G9PoG6V3
+jBiTyMCXOR9+T9zaCzpMyO9tvcuc9P/SkZAWb97zciTfmOQ8uJwSoM+cf+xk2ja1
+hWb9UhWb+STaAhI76wifw3R3tmo3qsb8u6xzcXSLuSqxLEB8/HyWhmouyXiTVkbz
+oSvO
+-----END CERTIFICATE-----
Added: qpid/proton/trunk/tests/proton_tests/ssl_db/server-private-key.pem
URL:
http://svn.apache.org/viewvc/qpid/proton/trunk/tests/proton_tests/ssl_db/server-private-key.pem?rev=1395720&view=auto
==============================================================================
--- qpid/proton/trunk/tests/proton_tests/ssl_db/server-private-key.pem (added)
+++ qpid/proton/trunk/tests/proton_tests/ssl_db/server-private-key.pem Mon Oct
8 18:51:19 2012
@@ -0,0 +1,30 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIW5BfnJy9jxoCAggA
+MBQGCCqGSIb3DQMHBAicwXAkfsyDhASCBMjWD3uSrvyIhh6sKWj/poHy2zDXA5Fg
+FmjOZ5AbUp5JaGo2vNcayFToZ40Rl7Dtzpirq+veh7ESNnRE7JLlY2NxHgvLPpQq
+jaBuDN4GTTiibxOdRiHc8t90GDRN/xcYQK01EHBgC1qGjM4lM+NXY7NUZDcIiBrP
+Fb3qP+uAlkJHMMUn3gpr7N1pC3cOOhJ40VjAXZ6d0zmoCst5gTQxKSYPT/aSoJG1
+mdAB+RF4T0yZOYDcYZZLgRhGH1Ax3upEw513KaJti7B1fr6OCnv2otYuH6PPVn7K
+Td4I28Jevp7MVRbTyMiFVfjEHb1IL26MLC0iKcYcT25wXUcAI/iYa5drzAJuLRZD
+DX74I2+hzAqu+xH7+J/ehnl+CrWuue7C94fWtWidPIROJQhVCG5dXo0pi24+Qzlc
+tZB9ID0Oxq12EbCZrKQTKmeETOamVKtS7PQ/xIia7QlSjY1WTLxKC2Yfn6qoCCLy
+NjvQnxpIirfqh8gA9al1V9qZ3hFmuxICWyf+W2yO8b5DQdl5/kCBSxg/xxBZmffO
+D4aUrmQoNp6/k1s6HftljuIcb7JYUFEqEdBk0xAl1jsq1TwoaK0XYCrAInXkJ40s
+3HdRWgyKdOz7Lv+nyMxROECihEWR6ipN4/6KLqvt696tfNNgkTKHzHKHH26ijuzm
+jlQNzsBrou2Rhel2ubcHLcs7HhYlXD5Rt601yx/zWksrfy2lQvPV3MaCSAE2XL9r
+Tt98mf/E3cXPiPrMEs8x9eghXdckigscP4fAas2LYCiwhXOKCTnik+vFqeiRH2M7
+kQJKtGzVKqcPs4LVU67H6DxYRTyffOBjdaoRu1+2sOnYVZRqWJG9VhpYQWzL/7wj
+Ux9uUb1Fgu8Q9BMtrdHi9D3ZhcvZF6yP2ormlkjD+PnZvBSIWc+Y4TCdDUBpOPt5
+CSKSIClBO2Q7/UetVOWh1GFwOUKy3/0mVMKAGOX0I5kUE38A2ZhMD19zQEy/u0/v
+H4F/wZ91yyvMR29T2KShDXjWcmDlcjtNA4ddsUDWw3Rliex284biT1FY4nqZkglt
+xeAPUqe+kNrkuWU8idulsEkmooRV5y2PqhTYs5P7HF7+FMg4uUNmiSRqJ7F05fLD
+dWVaJ2AdlMP5Lkl4R7j3iT63Nlsv5sTp0gaHFWjG/3l8ze3YzSHHqB52GL0kzF1F
++/xh19Y2dFaJu1mceBrTYLTviRG0SdRXll6TsBOqfUnIo4QbxC+sqVacq8Z9AoDI
+2/vw9N80KW/rRYGDM4g5nLr9nHNXAzWiaxk6mvon2zvYIObzd5tpNVfQDnjooGj+
+Z9nWLOWc75ElUkaF6Qd4ZlWQz8N8WYU+0JRs3MIhIqvdgyupUNsXH+YrSuKYEQsN
+oT9LDYlHH72xk2HJLZeCTpZlW7aMWkI0ybSKsWOzDPLvMYENzKjKyZi9uysbgaiJ
+M2QFA0EtixQbSc1RySDiX60neM4hQxV/55AOVk1mUGJLH3NbDrO39PqPrUHgY5Wa
+aQeNOk6HbcymOmv7urqmnGDmR5m8qv0UWjvklNHUCS0pzAXZQaYBcJOWrx8O33Kc
+5sQTdiLA0G8+hMgF4xotqkm1wBNSQcRl5wGnEj92ZjPN2TfnpyOjiJl9rnhMeDCS
+IXQ=
+-----END ENCRYPTED PRIVATE KEY-----
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
