diff --git a/certs/.rnd b/certs/.rnd deleted file mode 100644 index 41d1fed..0000000 Binary files a/certs/.rnd and /dev/null differ diff --git a/certs/all.bat b/certs/all.bat index 15531b3..533da2a 100644 --- a/certs/all.bat +++ b/certs/all.bat @@ -1,14 +1,8 @@ REM make sure the 'openssl.exe' commandline tool is in your path before starting! REM set the path below; set opensslpath=C:\OpenSSL-Win32\bin - - - setlocal set path=%opensslpath%;%path% call roota.bat -call rootb.bat call servera.bat -call serverb.bat call clienta.bat -call clientb.bat diff --git a/certs/clientA.pem b/certs/clientA.pem deleted file mode 100644 index 8a20277..0000000 --- a/certs/clientA.pem +++ /dev/null @@ -1,44 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDNTCCAp6gAwIBAgIJANp+V2miEyyZMA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw -JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT -BlJvb3QgQTAeFw0xNzA2MjgxODExMzJaFw0xODA2MjgxODExMzJaMIGdMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG -A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMREwDwYDVQQDEwhD -bGllbnQgQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyF0ZcB+on+ir7Ac+ -hX6AvL5GFv362QNU4Yjoh5Lrd10PfexwvcAk1nW9tQ1ZBZ2Q9qbm6xLixM2rtgIR -qyU0OJBiwe1ya13cyIY4MsXSnBu4i/oytUA72tIlIg1f1lZu9ueKhFNRHfV0TtPb -2P0lOgkTBIgDh4RRETZo4yHDoiUCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgB -hvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYE -FAKFT1hs8t+xbQSDi+PfxK/1GGQDMB8GA1UdIwQYMBaAFC+73xiwIpAjd/vo/319 -oUWzE+X9MA0GCSqGSIb3DQEBBQUAA4GBAGFwzagTAQkArthKGESnw+EbFOd9qnF8 -FYEyhS2iDIgQnPq4fDGbpSELpcxeOLQndH7g0GiCTqjHnhhpmFnXsriA2ia+RgMy -PYCE2dyeCEFYCb9TSUBIdPr9OQPGop/TRY83eGQVxUcRjhGndDCcvN6N4MMeZQpC -UiHF9G3mj7nC ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDwjCCAyugAwIBAgIJAJSqyJBOJrGkMA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw -JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT -BlJvb3QgQTAeFw0xNzA2MjgxODExMzJaFw0xODA2MjgxODExMzJaMIGdMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw -JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT -BlJvb3QgQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAs3B138Uul360K3QZ -11FnFdFhQ2yW7hN4+20RZ8BQ+SGn7ej1uld/zSHeYxYYlWpSkMryWmOPhBSkGd43 -zZxxvuo9+jh4ahqhmWoovRSilWBoZznQwLBUv35N7XCa+L9KJL+RBKYzsMi6K7Ai -jZgR3yRtSiqcOjT7VigHYW15dKMCAwEAAaOCAQYwggECMB0GA1UdDgQWBBQvu98Y -sCKQI3f76P99faFFsxPl/TCB0gYDVR0jBIHKMIHHgBQvu98YsCKQI3f76P99faFF -sxPl/aGBo6SBoDCBnTELMAkGA1UEBhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNh -bnRvMR8wHQYDVQQHExZTYW50byBBbnRvbmlvIGRvIENhbmFhMRowGAYDVQQKExFT -YW50byBUb25pY28gTHRkYTEnMCUGA1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRl -ciBTY2llbmNlMQ8wDQYDVQQDEwZSb290IEGCCQCUqsiQTiaxpDAMBgNVHRMEBTAD -AQH/MA0GCSqGSIb3DQEBBQUAA4GBACFWgpF/q1nJDY9UT2R/8aXf08KUZSu6L5Oi -3niZsPRyHBRJkysw1PHwktF69fU8bL2p84Atni+w5Pp24PexDUStNyer2riUGzKg -Y4D7wMVGSgzryGgNLqCe0rsm3zcWEqEFSUsZRtWSda12vAZsUX4VmmR72rMXEU4X -a9sWuhH8 ------END CERTIFICATE----- - \ No newline at end of file diff --git a/certs/clientAcert.pem b/certs/clientAcert.pem deleted file mode 100644 index 9bbc704..0000000 --- a/certs/clientAcert.pem +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDNTCCAp6gAwIBAgIJANp+V2miEyyZMA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw -JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT -BlJvb3QgQTAeFw0xNzA2MjgxODExMzJaFw0xODA2MjgxODExMzJaMIGdMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG -A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMREwDwYDVQQDEwhD -bGllbnQgQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyF0ZcB+on+ir7Ac+ -hX6AvL5GFv362QNU4Yjoh5Lrd10PfexwvcAk1nW9tQ1ZBZ2Q9qbm6xLixM2rtgIR -qyU0OJBiwe1ya13cyIY4MsXSnBu4i/oytUA72tIlIg1f1lZu9ueKhFNRHfV0TtPb -2P0lOgkTBIgDh4RRETZo4yHDoiUCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgB -hvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYE -FAKFT1hs8t+xbQSDi+PfxK/1GGQDMB8GA1UdIwQYMBaAFC+73xiwIpAjd/vo/319 -oUWzE+X9MA0GCSqGSIb3DQEBBQUAA4GBAGFwzagTAQkArthKGESnw+EbFOd9qnF8 -FYEyhS2iDIgQnPq4fDGbpSELpcxeOLQndH7g0GiCTqjHnhhpmFnXsriA2ia+RgMy -PYCE2dyeCEFYCb9TSUBIdPr9OQPGop/TRY83eGQVxUcRjhGndDCcvN6N4MMeZQpC -UiHF9G3mj7nC ------END CERTIFICATE----- diff --git a/certs/clientAkey.pem b/certs/clientAkey.pem deleted file mode 100644 index d06b02a..0000000 --- a/certs/clientAkey.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMhdGXAfqJ/oq+wH -PoV+gLy+Rhb9+tkDVOGI6IeS63ddD33scL3AJNZ1vbUNWQWdkPam5usS4sTNq7YC -EaslNDiQYsHtcmtd3MiGODLF0pwbuIv6MrVAO9rSJSINX9ZWbvbnioRTUR31dE7T -29j9JToJEwSIA4eEURE2aOMhw6IlAgMBAAECgYB6UJte33TJafjKNgHs7LUag+21 -y4Z/RJFkvXd2jDJCxATZEqYgsFPMuEP/aw6VZwNAD9OYXgchrYzNp6WxnRyq9rS7 -ClTwFkxn9mJvAKXc2P0sKDVrKbhbwc64//bRDMz22mlR02w7ZUQ1D09nl9wRepVD -1sgH++rgGOXle4+QAQJBAOKJz5Ab3OvfODg1TkDwKzQmq1iy0yGaLX9ryJlQgunf -yuRLc5y6/p+gCu9BsyVJqBfg05xePPgT4fmXutNcM6UCQQDia9mlXLwjFAwQT/Mw -2dtwFHsWTfOhzvHnT+Fr+RpgIgMQmxPOMoPCjwqxBoYIkSGxEDYQlHUp4pqpJbu5 -NGyBAkAqlDh9H5+Qfe41Ml+4+OtF7Ba8ny/r2uy+TGXx2x4gEz4xVrUuOj9thUlI -2xJu6b88bbeYZmYTQrlwjkJBQ805AkEAvnTH/BAYdU1MpIAL6aCntAyWSPnDIO2p -j9Aipyc/p3OUrmgz7bOSH5sg/C2nmxcxhvZC9Alc0KG7ROLnmG9fgQJBAKJtTtx4 -C6zJ/CPVKqaxJEa1ftObWXUHjS838l2PDNLd7Xg4ZW+Rr6/yMXJrkc1mLApZoaIX -mWGR9+d+z0zOCMI= ------END PRIVATE KEY----- diff --git a/certs/clientAreq.pem b/certs/clientAreq.pem deleted file mode 100644 index 6101036..0000000 --- a/certs/clientAreq.pem +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIB3jCCAUcCAQAwgZ0xCzAJBgNVBAYTAkJSMRcwFQYDVQQIEw5Fc3Bpcml0byBT -YW50bzEfMB0GA1UEBxMWU2FudG8gQW50b25pbyBkbyBDYW5hYTEYMBYGA1UEChMP -U2FvIFRvbmljbyBMdGRhMScwJQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVy -IFNjaWVuY2UxETAPBgNVBAMTCENsaWVudCBBMIGfMA0GCSqGSIb3DQEBAQUAA4GN -ADCBiQKBgQDIXRlwH6if6KvsBz6FfoC8vkYW/frZA1ThiOiHkut3XQ997HC9wCTW -db21DVkFnZD2pubrEuLEzau2AhGrJTQ4kGLB7XJrXdzIhjgyxdKcG7iL+jK1QDva -0iUiDV/WVm7254qEU1Ed9XRO09vY/SU6CRMEiAOHhFERNmjjIcOiJQIDAQABoAAw -DQYJKoZIhvcNAQEFBQADgYEAWuMMubz+6Gh/A9ZVmJIyRgcMLyrklB3jyu6oqZDW -1OnNkCBrfhKpvuyGe8JtTH1eoI9aWNSgGYyjNXooLsZOjnWLrIJEW/wzj9WIcWnR -rcCzkCZSt7FUC09CRAbvHndtpffZrZJLZ9Q4+uTkpCe2DfFIWYHdNMlJriQwnjyZ -6oY= ------END CERTIFICATE REQUEST----- diff --git a/certs/clientB.pem b/certs/clientB.pem deleted file mode 100644 index 66f4f9e..0000000 --- a/certs/clientB.pem +++ /dev/null @@ -1,43 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDMzCCApygAwIBAgIJAKYuEhfbhd4GMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG -A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMQ8wDQYDVQQDEwZS -b290IEIwHhcNMTcwNjI4MTgxMTMzWhcNMTgwNjI4MTgxMTMzWjCBnTELMAkGA1UE -BhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNhbnRvMR8wHQYDVQQHExZTYW50byBB -bnRvbmlvIGRvIENhbmFhMRgwFgYDVQQKEw9TYW8gVG9uaWNvIEx0ZGExJzAlBgNV -BAsTHkRlcGFydG1lbnQgb2YgQ29tcHV0ZXIgU2NpZW5jZTERMA8GA1UEAxMIQ2xp -ZW50IEIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMAU67v0VbRPsaB1PmcF -yHB+4MqlFCOsn3ovvsy+J3W9gWhjqSZoOd7gHWlPUCSQTTfxQevlOqitv0KEAm8b -WnZduslnOnHI8oaQL3j+Fps7WtE6H6QK69c7nvhTZ3osKrgzSo5XXMNKO0SCCAFi -YkP9DYaekckQ4ZGkwa/gu19VAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4 -QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRj -O+slbrPO0L3h75KLTdxA5dz0OzAfBgNVHSMEGDAWgBTIf2MLMKUZLIrr4i2kBFyr -9RRkdDANBgkqhkiG9w0BAQUFAAOBgQA0kyQ47ukI/59xruf+vnYzTv7aQWXfKvM7 -QYedTw7uFmBUmusd/593Ftv7MbyzCgJQX61ztGfYyET7DjjxwJ6Bfvbg6JPo+gTF -pgdY5fVn8nIdGJGYSsMQOp4MQlnzTM3CYZu772CBs5yW4OA6FzPJzWcVLeDbN6oL -Tk97P0CJog== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDvDCCAyWgAwIBAgIJAJ5E4CzplDDkMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG -A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMQ8wDQYDVQQDEwZS -b290IEIwHhcNMTcwNjI4MTgxMTMyWhcNMTgwNjI4MTgxMTMyWjCBmzELMAkGA1UE -BhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNhbnRvMR8wHQYDVQQHExZTYW50byBB -bnRvbmlvIGRvIENhbmFhMRgwFgYDVQQKEw9TYW8gVG9uaWNvIEx0ZGExJzAlBgNV -BAsTHkRlcGFydG1lbnQgb2YgQ29tcHV0ZXIgU2NpZW5jZTEPMA0GA1UEAxMGUm9v -dCBCMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMI9gMIAALR/EUHILUVjnj -bS0S+u5PjzqZ9Z573m0JyLLhy0hd+bJLo/f7iJ10KjOKQ3vvWZZYQkrtYxm0Q5LK -Z9thtVQ8ChvO2VBWwKwCd5HB5HbTW7IzigR9vatUzkjFGLeLB2TpqjU/GyPbeyzD -1AQQ96yftHZ1V2mUm6pPlQIDAQABo4IBBDCCAQAwHQYDVR0OBBYEFMh/YwswpRks -iuviLaQEXKv1FGR0MIHQBgNVHSMEgcgwgcWAFMh/YwswpRksiuviLaQEXKv1FGR0 -oYGhpIGeMIGbMQswCQYDVQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8x -HzAdBgNVBAcTFlNhbnRvIEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBU -b25pY28gTHRkYTEnMCUGA1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2ll -bmNlMQ8wDQYDVQQDEwZSb290IEKCCQCeROAs6ZQw5DAMBgNVHRMEBTADAQH/MA0G -CSqGSIb3DQEBBQUAA4GBABjxZmVXAYqXqHJVkI2Lq1RLg/Jrfmp0yE9Hq97I/gLA -lpCwzuq3cJsnrYYau2DuuY62f3rrgp87wZ42Sg0ViHg9cP43/W7MUXT3SJkdKKc1 -6rxyjwMvjVJyOXQnnLVwbyiPc7xi+S3HZ1hpruE2PUqaYnd7HsciMKm/Qc06LMlw ------END CERTIFICATE----- - \ No newline at end of file diff --git a/certs/clientBcert.pem b/certs/clientBcert.pem deleted file mode 100644 index 824c927..0000000 --- a/certs/clientBcert.pem +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDMzCCApygAwIBAgIJAKYuEhfbhd4GMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG -A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMQ8wDQYDVQQDEwZS -b290IEIwHhcNMTcwNjI4MTgxMTMzWhcNMTgwNjI4MTgxMTMzWjCBnTELMAkGA1UE -BhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNhbnRvMR8wHQYDVQQHExZTYW50byBB -bnRvbmlvIGRvIENhbmFhMRgwFgYDVQQKEw9TYW8gVG9uaWNvIEx0ZGExJzAlBgNV -BAsTHkRlcGFydG1lbnQgb2YgQ29tcHV0ZXIgU2NpZW5jZTERMA8GA1UEAxMIQ2xp -ZW50IEIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMAU67v0VbRPsaB1PmcF -yHB+4MqlFCOsn3ovvsy+J3W9gWhjqSZoOd7gHWlPUCSQTTfxQevlOqitv0KEAm8b -WnZduslnOnHI8oaQL3j+Fps7WtE6H6QK69c7nvhTZ3osKrgzSo5XXMNKO0SCCAFi -YkP9DYaekckQ4ZGkwa/gu19VAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4 -QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRj -O+slbrPO0L3h75KLTdxA5dz0OzAfBgNVHSMEGDAWgBTIf2MLMKUZLIrr4i2kBFyr -9RRkdDANBgkqhkiG9w0BAQUFAAOBgQA0kyQ47ukI/59xruf+vnYzTv7aQWXfKvM7 -QYedTw7uFmBUmusd/593Ftv7MbyzCgJQX61ztGfYyET7DjjxwJ6Bfvbg6JPo+gTF -pgdY5fVn8nIdGJGYSsMQOp4MQlnzTM3CYZu772CBs5yW4OA6FzPJzWcVLeDbN6oL -Tk97P0CJog== ------END CERTIFICATE----- diff --git a/certs/clientBkey.pem b/certs/clientBkey.pem deleted file mode 100644 index f15ea91..0000000 --- a/certs/clientBkey.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMAU67v0VbRPsaB1 -PmcFyHB+4MqlFCOsn3ovvsy+J3W9gWhjqSZoOd7gHWlPUCSQTTfxQevlOqitv0KE -Am8bWnZduslnOnHI8oaQL3j+Fps7WtE6H6QK69c7nvhTZ3osKrgzSo5XXMNKO0SC -CAFiYkP9DYaekckQ4ZGkwa/gu19VAgMBAAECgYBDEgsOYk7a20kG4mmbx6UpwuPz -Xpkdq9Uz8SAKlgtpTXa2YLZbtuEeNduPPiaZ3dlYw2FlYXGOHL1AGKBQ85guSYJV -C6LUba4MO3uVHmb8QAT5Hq0S1gGd8oS76327gbAMmwnPODoe4pKYpxpjN2L3JOiu -bekFZ5G4usiEAPArMQJBAOs/x2HhxHvAbq3ntc+4vKUbG1LR1Get9Jiim8KAmbWI -VSTl4gA216C9ZXSFYFxLDh0eND/S76TO+eVnGbKdbGsCQQDRBl4WzJ3nGV8PV9Hs -8d1BcFaYbzhySHI6yKaqTMckkpDA6JA3XMpzpNrfTALd1pySTM54b8nMd+XIBVs7 -RVM/AkBwTZQrIBIiWaz8jB75OOGlmBklIlJZ5Gtd6lKdObMnPBwZbzzCiWvKql+i -joF/zbzBHcgnp9ULQlt9rghQgmJdAkAJSM4fFyGgZTkatlzluGyKfpHqHW6VbPBd -+hGlGNnznur9FpdpTh7T+iuapYavEdxMh0rYgKanBWBYfRxrSo4DAkEAskJpTosI -07hKlLcjyzNkTfB9VQtdAFAJspWuba7n1K3nKalbA6sSEWpcOqCYyTZxMRhEjGJ0 -5gYrtiVmfpoipw== ------END PRIVATE KEY----- diff --git a/certs/clientBreq.pem b/certs/clientBreq.pem deleted file mode 100644 index 06328df..0000000 --- a/certs/clientBreq.pem +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIB3jCCAUcCAQAwgZ0xCzAJBgNVBAYTAkJSMRcwFQYDVQQIEw5Fc3Bpcml0byBT -YW50bzEfMB0GA1UEBxMWU2FudG8gQW50b25pbyBkbyBDYW5hYTEYMBYGA1UEChMP -U2FvIFRvbmljbyBMdGRhMScwJQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVy -IFNjaWVuY2UxETAPBgNVBAMTCENsaWVudCBCMIGfMA0GCSqGSIb3DQEBAQUAA4GN -ADCBiQKBgQDAFOu79FW0T7GgdT5nBchwfuDKpRQjrJ96L77Mvid1vYFoY6kmaDne -4B1pT1AkkE038UHr5Tqorb9ChAJvG1p2XbrJZzpxyPKGkC94/habO1rROh+kCuvX -O574U2d6LCq4M0qOV1zDSjtEgggBYmJD/Q2GnpHJEOGRpMGv4LtfVQIDAQABoAAw -DQYJKoZIhvcNAQEFBQADgYEAFNu7lmh26FukN3yc1gxW6YNYqMr9iPil+2+FiqM2 -wJEzvmZ6tC/5Z9+9D6LEO7nca/rXAGls3ilZQH2Dd6GaTnGvy6mz3V3WWVBpxZ2f -tjm18Hdu5r046cKLsQaPyaBVlfRnBFX/0pc8w40jwTHNJFwSB2PLIIQLzATTJ9UD -QjY= ------END CERTIFICATE REQUEST----- diff --git a/certs/rootA.pem b/certs/rootA.pem deleted file mode 100644 index b79ac2a..0000000 --- a/certs/rootA.pem +++ /dev/null @@ -1,23 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDwjCCAyugAwIBAgIJAJSqyJBOJrGkMA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw -JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT -BlJvb3QgQTAeFw0xNzA2MjgxODExMzJaFw0xODA2MjgxODExMzJaMIGdMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw -JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT -BlJvb3QgQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAs3B138Uul360K3QZ -11FnFdFhQ2yW7hN4+20RZ8BQ+SGn7ej1uld/zSHeYxYYlWpSkMryWmOPhBSkGd43 -zZxxvuo9+jh4ahqhmWoovRSilWBoZznQwLBUv35N7XCa+L9KJL+RBKYzsMi6K7Ai -jZgR3yRtSiqcOjT7VigHYW15dKMCAwEAAaOCAQYwggECMB0GA1UdDgQWBBQvu98Y -sCKQI3f76P99faFFsxPl/TCB0gYDVR0jBIHKMIHHgBQvu98YsCKQI3f76P99faFF -sxPl/aGBo6SBoDCBnTELMAkGA1UEBhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNh -bnRvMR8wHQYDVQQHExZTYW50byBBbnRvbmlvIGRvIENhbmFhMRowGAYDVQQKExFT -YW50byBUb25pY28gTHRkYTEnMCUGA1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRl -ciBTY2llbmNlMQ8wDQYDVQQDEwZSb290IEGCCQCUqsiQTiaxpDAMBgNVHRMEBTAD -AQH/MA0GCSqGSIb3DQEBBQUAA4GBACFWgpF/q1nJDY9UT2R/8aXf08KUZSu6L5Oi -3niZsPRyHBRJkysw1PHwktF69fU8bL2p84Atni+w5Pp24PexDUStNyer2riUGzKg -Y4D7wMVGSgzryGgNLqCe0rsm3zcWEqEFSUsZRtWSda12vAZsUX4VmmR72rMXEU4X -a9sWuhH8 ------END CERTIFICATE----- diff --git a/certs/rootA.srl b/certs/rootA.srl index d7c64a2..ad4327f 100644 --- a/certs/rootA.srl +++ b/certs/rootA.srl @@ -1 +1 @@ -DA7E5769A2132C99 +DA7E5769A2132CA1 diff --git a/certs/rootAkey.pem b/certs/rootAkey.pem deleted file mode 100644 index 33759c2..0000000 --- a/certs/rootAkey.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALNwdd/FLpd+tCt0 -GddRZxXRYUNslu4TePttEWfAUPkhp+3o9bpXf80h3mMWGJVqUpDK8lpjj4QUpBne -N82ccb7qPfo4eGoaoZlqKL0UopVgaGc50MCwVL9+Te1wmvi/SiS/kQSmM7DIuiuw -Io2YEd8kbUoqnDo0+1YoB2FteXSjAgMBAAECgYBl7gBHeM8ap5LZDD6RnWAdeK7z -if/ChbU3vaEhepGEs6Wc87SCganLcO3PA4I7fgYg0egRiHTB5qfBOgYg+jlx8kND -Ilsj1LXvJg4kIdiIWtNzWmIhOrwOvTPxK/b+SI5ZgiBB/BxhgGQqzQfA5Cukrpry -7fvNotAipqkRInGagQJBANhcdML+sEyYL7czrXY9WASjObOTEhwtOMWm9ArQ0k1c -e/jCgu5LELm+hIAKsVIAmoxNTLPkPR1FOUBdfJsliXECQQDUUFWIMQoYrSh7Ysut -tjrxPXmQ/FR2aU+XGpD8HBpmgknZeKG0noMzAS/3xT8FerF5ycZx6fFGRGRt5U7/ -sbVTAkEApJN3cZgADNM6gHV7vdQdrrFmQ9VcUjiH1bkQK2X6gkQWPPvgUlihKVjl -OuxnQ0QYSx7FeJTlc+1jBjXWgcFE0QJAflGNkgobR7M+cqrFJAVX7E/3FBwM5Kaj -g/N6b4UI8BR0e78Z9qyYwq/iKjhg1pG5Jgy21O+rbXMjjX7xEZBZoQJAGKCZCOZX -NgcFpRJcdokmPlb4Hdn8BHX/lF6i0/rc8591vjXtD3MHi6KqBjmCISGNrquRmy7o -A8xT68ZroszZvg== ------END PRIVATE KEY----- diff --git a/certs/rootAreq.pem b/certs/rootAreq.pem deleted file mode 100644 index 211815c..0000000 --- a/certs/rootAreq.pem +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIB3jCCAUcCAQAwgZ0xCzAJBgNVBAYTAkJSMRcwFQYDVQQIEw5Fc3Bpcml0byBT -YW50bzEfMB0GA1UEBxMWU2FudG8gQW50b25pbyBkbyBDYW5hYTEaMBgGA1UEChMR -U2FudG8gVG9uaWNvIEx0ZGExJzAlBgNVBAsTHkRlcGFydG1lbnQgb2YgQ29tcHV0 -ZXIgU2NpZW5jZTEPMA0GA1UEAxMGUm9vdCBBMIGfMA0GCSqGSIb3DQEBAQUAA4GN -ADCBiQKBgQCzcHXfxS6XfrQrdBnXUWcV0WFDbJbuE3j7bRFnwFD5Iaft6PW6V3/N -Id5jFhiValKQyvJaY4+EFKQZ3jfNnHG+6j36OHhqGqGZaii9FKKVYGhnOdDAsFS/ -fk3tcJr4v0okv5EEpjOwyLorsCKNmBHfJG1KKpw6NPtWKAdhbXl0owIDAQABoAAw -DQYJKoZIhvcNAQEFBQADgYEADD6aj8GgK7GqLVvDowCjMcgtVgRwg9F5F3dhqzkK -l0XzYLPbPu/+t7Xt8I19fjvtHVFjFerv/7JNlJffmfJ5Nsk5MLEKTADl98ad4tGa -6Dpml75bUqkv62C7N/pMiEeQt8W10wQ9KPwqAX8AGcHpoRju7WuyZ7DFRWbJaHVL -hNI= ------END CERTIFICATE REQUEST----- diff --git a/certs/rootB.pem b/certs/rootB.pem deleted file mode 100644 index 4acf168..0000000 --- a/certs/rootB.pem +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDvDCCAyWgAwIBAgIJAJ5E4CzplDDkMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG -A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMQ8wDQYDVQQDEwZS -b290IEIwHhcNMTcwNjI4MTgxMTMyWhcNMTgwNjI4MTgxMTMyWjCBmzELMAkGA1UE -BhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNhbnRvMR8wHQYDVQQHExZTYW50byBB -bnRvbmlvIGRvIENhbmFhMRgwFgYDVQQKEw9TYW8gVG9uaWNvIEx0ZGExJzAlBgNV -BAsTHkRlcGFydG1lbnQgb2YgQ29tcHV0ZXIgU2NpZW5jZTEPMA0GA1UEAxMGUm9v -dCBCMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMI9gMIAALR/EUHILUVjnj -bS0S+u5PjzqZ9Z573m0JyLLhy0hd+bJLo/f7iJ10KjOKQ3vvWZZYQkrtYxm0Q5LK -Z9thtVQ8ChvO2VBWwKwCd5HB5HbTW7IzigR9vatUzkjFGLeLB2TpqjU/GyPbeyzD -1AQQ96yftHZ1V2mUm6pPlQIDAQABo4IBBDCCAQAwHQYDVR0OBBYEFMh/YwswpRks -iuviLaQEXKv1FGR0MIHQBgNVHSMEgcgwgcWAFMh/YwswpRksiuviLaQEXKv1FGR0 -oYGhpIGeMIGbMQswCQYDVQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8x -HzAdBgNVBAcTFlNhbnRvIEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBU -b25pY28gTHRkYTEnMCUGA1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2ll -bmNlMQ8wDQYDVQQDEwZSb290IEKCCQCeROAs6ZQw5DAMBgNVHRMEBTADAQH/MA0G -CSqGSIb3DQEBBQUAA4GBABjxZmVXAYqXqHJVkI2Lq1RLg/Jrfmp0yE9Hq97I/gLA -lpCwzuq3cJsnrYYau2DuuY62f3rrgp87wZ42Sg0ViHg9cP43/W7MUXT3SJkdKKc1 -6rxyjwMvjVJyOXQnnLVwbyiPc7xi+S3HZ1hpruE2PUqaYnd7HsciMKm/Qc06LMlw ------END CERTIFICATE----- diff --git a/certs/rootB.srl b/certs/rootB.srl deleted file mode 100644 index 0c3471d..0000000 --- a/certs/rootB.srl +++ /dev/null @@ -1 +0,0 @@ -A62E1217DB85DE06 diff --git a/certs/rootBkey.pem b/certs/rootBkey.pem deleted file mode 100644 index 64d3a6f..0000000 --- a/certs/rootBkey.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMwj2AwgAAtH8RQc -gtRWOeNtLRL67k+POpn1nnvebQnIsuHLSF35skuj9/uInXQqM4pDe+9ZllhCSu1j -GbRDkspn22G1VDwKG87ZUFbArAJ3kcHkdtNbsjOKBH29q1TOSMUYt4sHZOmqNT8b -I9t7LMPUBBD3rJ+0dnVXaZSbqk+VAgMBAAECgYEAqgNsKmT4RGztDbfVCeyqF4vU -j0sm8GG0B4c1L6qGGzDoMf6wTXvojvCHVhhoMdf3xr3/WM6+1NCZQG1ZefURKT01 -NfoDiizcV34hbg1plH6HXf3yW1leetGSkeilYt/PhHU6D0S6kV7sQ6RukCR+KwNI -DW5UZlFh8OZ4J/20Wn0CQQD3NdaLAkYpsRJQHZ/qqmgn/Wdx7Irzdk9AVBb2ujAk -BAVhncpEedN9s/xGj1vVohqNOhhNt8+BYHIuDPSNTK5HAkEA02X4gjkQRrzS9Adm -DSbNQsVg2lWYd3813Zcmxcg2oygAPGLu28I/dvliwi8QYjYVc3HcdGwaTWDi+GPv -aVw1QwJBAJLEfvyGvBsyipnQDMpoo2/ijZDgi9phikm54uxWvBAV5w/+e0DOR1bh -DcziffZGyJbCP/2cPHEmToOyo1pkhS8CQBzE+OAIEg3+bpslUp8hk7etkvPDyF8i -4drJUk6CY+UqcXXGZQllUyvG3sjcjNdA0wSGD2GMwLudHuZ8+z0Ufm8CQB1OLP/v -IcaNLpZYIFsqzoI7unryrLepwLU+DZkZwa0BXvDRhtYspWxaq5kTPLPJ1Q+paOPr -EKz5L1JqEEoEftI= ------END PRIVATE KEY----- diff --git a/certs/rootBreq.pem b/certs/rootBreq.pem deleted file mode 100644 index 2205a8f..0000000 --- a/certs/rootBreq.pem +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIB3DCCAUUCAQAwgZsxCzAJBgNVBAYTAkJSMRcwFQYDVQQIEw5Fc3Bpcml0byBT -YW50bzEfMB0GA1UEBxMWU2FudG8gQW50b25pbyBkbyBDYW5hYTEYMBYGA1UEChMP -U2FvIFRvbmljbyBMdGRhMScwJQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVy -IFNjaWVuY2UxDzANBgNVBAMTBlJvb3QgQjCBnzANBgkqhkiG9w0BAQEFAAOBjQAw -gYkCgYEAzCPYDCAAC0fxFByC1FY5420tEvruT486mfWee95tCciy4ctIXfmyS6P3 -+4iddCozikN771mWWEJK7WMZtEOSymfbYbVUPAobztlQVsCsAneRweR201uyM4oE -fb2rVM5IxRi3iwdk6ao1Pxsj23ssw9QEEPesn7R2dVdplJuqT5UCAwEAAaAAMA0G -CSqGSIb3DQEBBQUAA4GBAKOYhSVzigjxisN/Sbi+hobJ4HhqtvOuYTyKAea4TQX2 -hROgHsG0hXRCpg2N2QCXu+8PxdSaATCzuOLo+4ctj2O8iTpalm8fKzeHGDDqR5k6 -T2qCyUMpBSpdyd6X8zdsVLCeWWElBIMFMtJdTP+ukWLMIiyFNs9yjP5/9oHZSZ/n ------END CERTIFICATE REQUEST----- diff --git a/certs/serverA.pem b/certs/serverA.pem deleted file mode 100644 index f746917..0000000 --- a/certs/serverA.pem +++ /dev/null @@ -1,44 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDSjCCArOgAwIBAgIJANp+V2miEyyYMA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw -JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT -BlJvb3QgQTAeFw0xNzA2MjgxODExMzJaFw0xODA2MjgxODExMzJaMIGdMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG -A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMREwDwYDVQQDEwhT -ZXJ2ZXIgQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxD+XXrf9xo9YGyPL -Go6fYHmxeDjMKBU7XAqFxks0NZ1wZ8gBFGRL2CrE+mvZFopVx77mR5GkFIEbjgZt -JLKTckCS8GOKkqBIGgaTVOq5cRubUPhgZTPkW52xTfJOgbVJqvrWNuJJ3rmVFjKw -Cs5iGzjlVk364KI7MN6jqtlxymkCAwEAAaOBjzCBjDAJBgNVHRMEAjAAMBEGCWCG -SAGG+EIBAQQEAwIGQDAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg -Q2VydGlmaWNhdGUwHQYDVR0OBBYEFGSVbUIaTZGnYzGtMuoyz72uogNpMB8GA1Ud -IwQYMBaAFC+73xiwIpAjd/vo/319oUWzE+X9MA0GCSqGSIb3DQEBBQUAA4GBAHKA -vgbrp9hqdk2ClsJhlrxLEK/F+XvdjPbH6/c1oEYMDOZVV6tnvpg60HVaz5bKcO+F -1fW5f3B2b3muHoxRGKFDl2RBjQrFllZvY4vwaoare8IQ6ykyHTuVLczzAVrGtoVf -UchSPFcSrIcDBHHZb0fSUrNvHGHJH1qFDiAAP6h5 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDwjCCAyugAwIBAgIJAJSqyJBOJrGkMA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw -JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT -BlJvb3QgQTAeFw0xNzA2MjgxODExMzJaFw0xODA2MjgxODExMzJaMIGdMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw -JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT -BlJvb3QgQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAs3B138Uul360K3QZ -11FnFdFhQ2yW7hN4+20RZ8BQ+SGn7ej1uld/zSHeYxYYlWpSkMryWmOPhBSkGd43 -zZxxvuo9+jh4ahqhmWoovRSilWBoZznQwLBUv35N7XCa+L9KJL+RBKYzsMi6K7Ai -jZgR3yRtSiqcOjT7VigHYW15dKMCAwEAAaOCAQYwggECMB0GA1UdDgQWBBQvu98Y -sCKQI3f76P99faFFsxPl/TCB0gYDVR0jBIHKMIHHgBQvu98YsCKQI3f76P99faFF -sxPl/aGBo6SBoDCBnTELMAkGA1UEBhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNh -bnRvMR8wHQYDVQQHExZTYW50byBBbnRvbmlvIGRvIENhbmFhMRowGAYDVQQKExFT -YW50byBUb25pY28gTHRkYTEnMCUGA1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRl -ciBTY2llbmNlMQ8wDQYDVQQDEwZSb290IEGCCQCUqsiQTiaxpDAMBgNVHRMEBTAD -AQH/MA0GCSqGSIb3DQEBBQUAA4GBACFWgpF/q1nJDY9UT2R/8aXf08KUZSu6L5Oi -3niZsPRyHBRJkysw1PHwktF69fU8bL2p84Atni+w5Pp24PexDUStNyer2riUGzKg -Y4D7wMVGSgzryGgNLqCe0rsm3zcWEqEFSUsZRtWSda12vAZsUX4VmmR72rMXEU4X -a9sWuhH8 ------END CERTIFICATE----- - \ No newline at end of file diff --git a/certs/serverAcert.pem b/certs/serverAcert.pem deleted file mode 100644 index d952582..0000000 --- a/certs/serverAcert.pem +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDSjCCArOgAwIBAgIJANp+V2miEyyYMA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw -JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT -BlJvb3QgQTAeFw0xNzA2MjgxODExMzJaFw0xODA2MjgxODExMzJaMIGdMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG -A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMREwDwYDVQQDEwhT -ZXJ2ZXIgQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxD+XXrf9xo9YGyPL -Go6fYHmxeDjMKBU7XAqFxks0NZ1wZ8gBFGRL2CrE+mvZFopVx77mR5GkFIEbjgZt -JLKTckCS8GOKkqBIGgaTVOq5cRubUPhgZTPkW52xTfJOgbVJqvrWNuJJ3rmVFjKw -Cs5iGzjlVk364KI7MN6jqtlxymkCAwEAAaOBjzCBjDAJBgNVHRMEAjAAMBEGCWCG -SAGG+EIBAQQEAwIGQDAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg -Q2VydGlmaWNhdGUwHQYDVR0OBBYEFGSVbUIaTZGnYzGtMuoyz72uogNpMB8GA1Ud -IwQYMBaAFC+73xiwIpAjd/vo/319oUWzE+X9MA0GCSqGSIb3DQEBBQUAA4GBAHKA -vgbrp9hqdk2ClsJhlrxLEK/F+XvdjPbH6/c1oEYMDOZVV6tnvpg60HVaz5bKcO+F -1fW5f3B2b3muHoxRGKFDl2RBjQrFllZvY4vwaoare8IQ6ykyHTuVLczzAVrGtoVf -UchSPFcSrIcDBHHZb0fSUrNvHGHJH1qFDiAAP6h5 ------END CERTIFICATE----- diff --git a/certs/serverAkey.pem b/certs/serverAkey.pem deleted file mode 100644 index c0f1c59..0000000 --- a/certs/serverAkey.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMQ/l163/caPWBsj -yxqOn2B5sXg4zCgVO1wKhcZLNDWdcGfIARRkS9gqxPpr2RaKVce+5keRpBSBG44G -bSSyk3JAkvBjipKgSBoGk1TquXEbm1D4YGUz5FudsU3yToG1Sar61jbiSd65lRYy -sArOYhs45VZN+uCiOzDeo6rZccppAgMBAAECgYAl//I9gv7+va7fwnSHdepice3t -S4IsmL/fuKHinZlEcHHdhpq+6hTNjKqLmup0NOEbRlmsrgTJe55sR85GdtWZyRXa -8gmCvL1mvRjhIT2rlxITRE47XpfRhKQqLlnQFip/ol0TD4g7gcoLZwNhBwmwcz5x -+0OPc2CpXjlHVadnSQJBAOYjRzCGRKWaGOtSvIzJAMLjHVBoq+PWulpr0dgaIOZd -3RRDVrbn/sA3xQAbEb0F2CcpOYFXAfvF8GgZAytB9/sCQQDaTV2XeJF5Z+69Fzw2 -bHKr9irkqMWaEMZVB8ctXpJvaJnLsEJ7ccp4BZ6kWAxtA4JvZuAfrtRiG79qlgBX -/cXrAkBZ/M1nYfkRr/GygoWLn0UW72uU93jO/DWeCa7iC0V2DpnVxIbxukFYs/Xq -FquW9+QPXAVKV9VEt59LdQxSK9dlAkEAkUKzyWvwGUIgaXDBn1FQiL64Ugk/28HX -x5LyZW0tsbZ/yDsUMgJJAM50ftUcB5ozPB/PeSWjq1jdaXZA6kwyWwJBAI3IW36h -3gN+QYDxO6cExY9xgPMkMapVa01v3Kdxus9tpyMDrcrRLBDRq+NIaTTtJwjBKcaw -rxtGLx7O9PLPhOU= ------END PRIVATE KEY----- diff --git a/certs/serverAreq.pem b/certs/serverAreq.pem deleted file mode 100644 index c4ad6e7..0000000 --- a/certs/serverAreq.pem +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIB3jCCAUcCAQAwgZ0xCzAJBgNVBAYTAkJSMRcwFQYDVQQIEw5Fc3Bpcml0byBT -YW50bzEfMB0GA1UEBxMWU2FudG8gQW50b25pbyBkbyBDYW5hYTEYMBYGA1UEChMP -U2FvIFRvbmljbyBMdGRhMScwJQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVy -IFNjaWVuY2UxETAPBgNVBAMTCFNlcnZlciBBMIGfMA0GCSqGSIb3DQEBAQUAA4GN -ADCBiQKBgQDEP5det/3Gj1gbI8sajp9gebF4OMwoFTtcCoXGSzQ1nXBnyAEUZEvY -KsT6a9kWilXHvuZHkaQUgRuOBm0kspNyQJLwY4qSoEgaBpNU6rlxG5tQ+GBlM+Rb -nbFN8k6BtUmq+tY24kneuZUWMrAKzmIbOOVWTfrgojsw3qOq2XHKaQIDAQABoAAw -DQYJKoZIhvcNAQELBQADgYEAKOBEQ1TO0J00j2gnHaEXaEIDCJMq958/mU5UFEmz -RAX70mURou0KYI5pFez9oMnYseBjcAYW6Nvi+jqB5lCHwHLkd92hyIa1T7jhK496 -2DP5lKC1Cn5NaQkzBVpFWF+vA22Vkx8eS8o2T4OB5LIP+QH/PSHsWUoOZVoX4gXk -EvA= ------END CERTIFICATE REQUEST----- diff --git a/certs/serverB.pem b/certs/serverB.pem deleted file mode 100644 index 5bb4d32..0000000 --- a/certs/serverB.pem +++ /dev/null @@ -1,43 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDSDCCArGgAwIBAgIJAKYuEhfbhd4FMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG -A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMQ8wDQYDVQQDEwZS -b290IEIwHhcNMTcwNjI4MTgxMTMyWhcNMTgwNjI4MTgxMTMyWjCBnTELMAkGA1UE -BhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNhbnRvMR8wHQYDVQQHExZTYW50byBB -bnRvbmlvIGRvIENhbmFhMRgwFgYDVQQKEw9TYW8gVG9uaWNvIEx0ZGExJzAlBgNV -BAsTHkRlcGFydG1lbnQgb2YgQ29tcHV0ZXIgU2NpZW5jZTERMA8GA1UEAxMIU2Vy -dmVyIEIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALzZ9KKC6Nbzh+RLDL7v -BI7LsAlpkWBOLI/h5B0FOsuKsFYG90zEY89gz9n+mlteoyADq+T0SPNm1y+TYSUh -h4niFfz6m9MuPGZ88TpOj/Z08mreyEJUsiHEza9cvIUWe8gN0Nkdc06tCDx9SWCB -dDFarawcgdPOEsZuthY88CcrAgMBAAGjgY8wgYwwCQYDVR0TBAIwADARBglghkgB -hvhCAQEEBAMCBkAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENl -cnRpZmljYXRlMB0GA1UdDgQWBBTD5/Jo/xF49qwUbxiowFOIjFeZQzAfBgNVHSME -GDAWgBTIf2MLMKUZLIrr4i2kBFyr9RRkdDANBgkqhkiG9w0BAQUFAAOBgQBDb8Uo -vLRX+45NwVbOs9cUiyXxHvL8jdA84deQ9XBDrENZ12lCsW3Y/YlHwboynAO/fwHY -F54BV8QWSfSoTYSWUh41/NYkeLoTwNvppvEe5Fv3mjVyhgMQ5dQApTGw2tURv7pL -Uy/h+tEKpJUKon8N0pJhhhNSWeK35lmo0kJacQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDvDCCAyWgAwIBAgIJAJ5E4CzplDDkMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG -A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMQ8wDQYDVQQDEwZS -b290IEIwHhcNMTcwNjI4MTgxMTMyWhcNMTgwNjI4MTgxMTMyWjCBmzELMAkGA1UE -BhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNhbnRvMR8wHQYDVQQHExZTYW50byBB -bnRvbmlvIGRvIENhbmFhMRgwFgYDVQQKEw9TYW8gVG9uaWNvIEx0ZGExJzAlBgNV -BAsTHkRlcGFydG1lbnQgb2YgQ29tcHV0ZXIgU2NpZW5jZTEPMA0GA1UEAxMGUm9v -dCBCMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMI9gMIAALR/EUHILUVjnj -bS0S+u5PjzqZ9Z573m0JyLLhy0hd+bJLo/f7iJ10KjOKQ3vvWZZYQkrtYxm0Q5LK -Z9thtVQ8ChvO2VBWwKwCd5HB5HbTW7IzigR9vatUzkjFGLeLB2TpqjU/GyPbeyzD -1AQQ96yftHZ1V2mUm6pPlQIDAQABo4IBBDCCAQAwHQYDVR0OBBYEFMh/YwswpRks -iuviLaQEXKv1FGR0MIHQBgNVHSMEgcgwgcWAFMh/YwswpRksiuviLaQEXKv1FGR0 -oYGhpIGeMIGbMQswCQYDVQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8x -HzAdBgNVBAcTFlNhbnRvIEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBU -b25pY28gTHRkYTEnMCUGA1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2ll -bmNlMQ8wDQYDVQQDEwZSb290IEKCCQCeROAs6ZQw5DAMBgNVHRMEBTADAQH/MA0G -CSqGSIb3DQEBBQUAA4GBABjxZmVXAYqXqHJVkI2Lq1RLg/Jrfmp0yE9Hq97I/gLA -lpCwzuq3cJsnrYYau2DuuY62f3rrgp87wZ42Sg0ViHg9cP43/W7MUXT3SJkdKKc1 -6rxyjwMvjVJyOXQnnLVwbyiPc7xi+S3HZ1hpruE2PUqaYnd7HsciMKm/Qc06LMlw ------END CERTIFICATE----- - \ No newline at end of file diff --git a/certs/serverBcert.pem b/certs/serverBcert.pem deleted file mode 100644 index 4e2298c..0000000 --- a/certs/serverBcert.pem +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDSDCCArGgAwIBAgIJAKYuEhfbhd4FMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD -VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv -IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG -A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMQ8wDQYDVQQDEwZS -b290IEIwHhcNMTcwNjI4MTgxMTMyWhcNMTgwNjI4MTgxMTMyWjCBnTELMAkGA1UE -BhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNhbnRvMR8wHQYDVQQHExZTYW50byBB -bnRvbmlvIGRvIENhbmFhMRgwFgYDVQQKEw9TYW8gVG9uaWNvIEx0ZGExJzAlBgNV -BAsTHkRlcGFydG1lbnQgb2YgQ29tcHV0ZXIgU2NpZW5jZTERMA8GA1UEAxMIU2Vy -dmVyIEIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALzZ9KKC6Nbzh+RLDL7v -BI7LsAlpkWBOLI/h5B0FOsuKsFYG90zEY89gz9n+mlteoyADq+T0SPNm1y+TYSUh -h4niFfz6m9MuPGZ88TpOj/Z08mreyEJUsiHEza9cvIUWe8gN0Nkdc06tCDx9SWCB -dDFarawcgdPOEsZuthY88CcrAgMBAAGjgY8wgYwwCQYDVR0TBAIwADARBglghkgB -hvhCAQEEBAMCBkAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENl -cnRpZmljYXRlMB0GA1UdDgQWBBTD5/Jo/xF49qwUbxiowFOIjFeZQzAfBgNVHSME -GDAWgBTIf2MLMKUZLIrr4i2kBFyr9RRkdDANBgkqhkiG9w0BAQUFAAOBgQBDb8Uo -vLRX+45NwVbOs9cUiyXxHvL8jdA84deQ9XBDrENZ12lCsW3Y/YlHwboynAO/fwHY -F54BV8QWSfSoTYSWUh41/NYkeLoTwNvppvEe5Fv3mjVyhgMQ5dQApTGw2tURv7pL -Uy/h+tEKpJUKon8N0pJhhhNSWeK35lmo0kJacQ== ------END CERTIFICATE----- diff --git a/certs/serverBkey.pem b/certs/serverBkey.pem deleted file mode 100644 index 43f07c0..0000000 --- a/certs/serverBkey.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBALzZ9KKC6Nbzh+RL -DL7vBI7LsAlpkWBOLI/h5B0FOsuKsFYG90zEY89gz9n+mlteoyADq+T0SPNm1y+T -YSUhh4niFfz6m9MuPGZ88TpOj/Z08mreyEJUsiHEza9cvIUWe8gN0Nkdc06tCDx9 -SWCBdDFarawcgdPOEsZuthY88CcrAgMBAAECgYEAqju+bY+b28eCw6NzRdmnPiEV -+iYTScCuIrT5L7+7FCdcdO+qlKSjZBhcxKDg+2P/n6gvlx8tc1tMtjIf65yh03h0 -Klp5p5hmbz5F6xkvrfwlSmEC0CTN2qADghSlmqDhJMYfXxe/4rv302YyTJXkzv/+ -f/g9YA7hBHuEBmnEmAECQQDc4LDnDwxyFQGRfxD6V2GJAqdDnFfG1xPrLu16SMLA -nMzcVTNEL9wsYr6RNMgDEsE4lwrflpfcJpu76bv15dcBAkEA2uGQTqy/cipOzIj7 -3eg6CtQE9hBVXY476iocR1XK3sFnJnDcb56cfDKtRNI2l7dfyLonvB/XIbTkh5nI -O+8KKwJBALh5sUZJ+0sM4FJ0nel4Ma4M2UZOvcEEwU4b05veSUo1q6QaRMcecfVg -Q2lje+mVMGvjOuGjFRJ57Hf1r1agsAECQCgAOwg1x9MMalQ04JrAWwMpljKF76Pm -X4q+4WYkBqxI+hnrXE3F1eFYvZOrOzDk4Utkweg+hWlyjqU9dHuHhvsCQGr9no88 -axjoTD3VcgppGTeuCVsuaqOy/fpF2aqDWsTTfKvsyYdD1MZjTJp8ZlXwq6FdTXet -0t0kRdaNYx2dgcY= ------END PRIVATE KEY----- diff --git a/certs/serverBreq.pem b/certs/serverBreq.pem deleted file mode 100644 index 6f18c07..0000000 --- a/certs/serverBreq.pem +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIB3jCCAUcCAQAwgZ0xCzAJBgNVBAYTAkJSMRcwFQYDVQQIEw5Fc3Bpcml0byBT -YW50bzEfMB0GA1UEBxMWU2FudG8gQW50b25pbyBkbyBDYW5hYTEYMBYGA1UEChMP -U2FvIFRvbmljbyBMdGRhMScwJQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVy -IFNjaWVuY2UxETAPBgNVBAMTCFNlcnZlciBCMIGfMA0GCSqGSIb3DQEBAQUAA4GN -ADCBiQKBgQC82fSigujW84fkSwy+7wSOy7AJaZFgTiyP4eQdBTrLirBWBvdMxGPP -YM/Z/ppbXqMgA6vk9EjzZtcvk2ElIYeJ4hX8+pvTLjxmfPE6To/2dPJq3shCVLIh -xM2vXLyFFnvIDdDZHXNOrQg8fUlggXQxWq2sHIHTzhLGbrYWPPAnKwIDAQABoAAw -DQYJKoZIhvcNAQELBQADgYEAOD/nlvv7K8EOA+JPWlTPm5toDdfIqXnS13PrJ9e7 -IYbe57137W9lovSP9zUIWoMlkPlbSyG9Z6ZQMGXu++eMHGeKab5JkzbKtp6OzDX4 -BRBsY+jM8WpDuiL4JtSBy9CaPeNrcYY0mqiFblOM8HnH22W+DcQX5SO+32lPIVV0 -lNw= ------END CERTIFICATE REQUEST----- diff --git a/client.lua b/client.lua new file mode 100644 index 0000000..f21af24 --- /dev/null +++ b/client.lua @@ -0,0 +1,10 @@ +package.path="?/init.lua;"..package.path +require("multi") +require("net") +client = net:newUDPClient("localhost",12345) +client.OnDataRecieved(function(self,data) + print(data) +end) +client.OnClientReady:holdUT() -- waots until the client is ready... You can also connect to this event as well and have code do stuff too +client:send("Hello Server!") +multi:mainloop() diff --git a/genCerts.bat b/genCerts.bat new file mode 100644 index 0000000..e69de29 diff --git a/net/audp.lua b/net/audp.lua index d310477..a52a8ce 100644 --- a/net/audp.lua +++ b/net/audp.lua @@ -1,273 +1,93 @@ -function net:newAUDPServer(port,servercode) +require("net") +function net:newUDPServer(port,servercode) local c={} - c.udp=assert(socket.udp()) - c.udp:settimeout(0) - c.udp:setsockname("*", port) - c.ips={} - c.Type="udp" + c.hostip=net.getLocalIP() c.port=port - c.ids={} - c.servercode=servercode - c.bannedIPs={} c.bannedCIDs={} - c.autoNormalization=false + c.bannedIPs={} function c:setUpdateRate(n) - print("Not needed in a audp server!") + self.updater:setSkip(n or 0) end function c:banCID(cid) - table.insert(self.bannedCIDs,cid) + -- end function c:banIP(ip) - table.insert(self.bannedIPs,cid) + -- + end + function c:broadcast(name) + -- end function c:send(ip,data,port,cid) - if self.autoNormalization then - data=net.normalize(data) - end - if self.servercode then - cid=cid or self:CIDFrom(ip,port) - if not self.ips[cid] then - print("Can't determine cid from client... sending the client a new one!") - local cid=net.resolveID(self) - print("Sending unique cid to client: "..cid) - self.ips[cid]={ip,port,0,self.servercode==nil} - print(ip) - self.udp:sendto("I!"..cid,ip,port) - if self.servercode then - self.udp:sendto("S!",ip,port) - end - return - end - if net.inList(self.bannedIPs,ip) or net.inList(self.bannedCIDs,cid) then - self.udp:sendto("BANNED CLIENT", ip, port or self.port) - elseif self.ips[cid][4] then - self.udp:sendto(data, ip, port or self.port) - elseif self.ips[cid][4]==false then - self.udp:sendto("Make sure your server code is correct!", ip, port) - end - else - self.udp:sendto(data, ip, port or self.port) - end + -- end function c:pollClientModules(ip,port) - self:send(ip,"L!",port) + -- end function c:CIDFrom(ip,port) - for i,v in pairs(self.ips) do - if(ip==v[1] and v[2]==port) then - return i - end - end + -- end function c:sendAll(data) - for i,v in pairs(self.ips) do - self:send(v[1],data,v[2],i) - end + -- end function c:sendAllBut(data,cid) - for i,v in pairs(self.ips) do - if i~=cid then - self:send(v[1],data,v[2],i) - end - end + -- end function c:clientRegistered(cid) - return self.ips[cid] + -- end function c:clientLoggedIn(cid) - if not self.clientRegistered(cid) then - return nil - end - return self.ips[cid][4] + -- end function c:update() - local data,ip,port=self.udp:receivefrom() - if net.inList(self.bannedIPs,ip) or net.inList(self.bannedCIDs,cid) then - print("We will ingore data from a banned client!") - return - end - if data then - if self.autoNormalization then - data=net.denormalize(data) - end - if data:sub(1,4)=="pong" then - self.ips[data:sub(5,-1)][3]=os.clock() - elseif data:sub(1,2)=="S!" then - local cid=self:CIDFrom(ip,port) - if data:sub(3,-1)==self.servercode then - print("Servercode Accepted: "..self.servercode) - if self.ips[cid] then - self.ips[cid][4]=true - else - print("Server can't keep up! CID: "..cid.." has been skipped! Sending new CID to the client!") - local cid=net.resolveID(self) - print("Sending unique cid to client: "..cid) - self.ips[cid]={ip,port,0,self.servercode==nil} - print(ip) - self.udp:sendto("I!"..cid,ip,port) - if self.servercode then - self.udp:sendto("S!",ip,port) - end - end - else - self.udp:sendto("Make sure your server code is correct!", ip, port) - end - elseif data:sub(1,2)=="C!" then - local hook=(data:sub(11,-1)):match("!(.-)!") - self.OnDataRecieved:getConnection(hook):Fire(self,data:sub(11,-1),data:sub(3,10),ip,port) - elseif data:sub(1,2)=="E!" then - self.ips[data:sub(3,10)]=nil - obj.ids[data:sub(3,10)]=false - self.OnClientClosed:Fire(self,"Client Closed Connection!",data:sub(3,10),ip,port) - elseif data=="I!" then - local cid=net.resolveID(self) - print("Sending unique cid to client: "..cid) - self.ips[cid]={ip,port,os.clock(),self.servercode==nil} - print(ip) - self.udp:sendto("I!"..cid,ip,port) - if self.servercode then - self.udp:sendto("S!",ip,port) - end - self.OnClientConnected:Fire(self,cid,ip,port) - elseif data:sub(1,2)=="L!" then - cid,cList=data:sub(3,10),data:sub(11,-1) - local list={} - for m,v in cList:gmatch("(%S-):(%S-)|") do - list[m]=v - end - self.OnClientsModulesList:Fire(list,cid,ip,port) - end - end - for cid,dat in pairs(self.ips) do - if not((os.clock()-dat[3])<65) then - self.ips[cid]=nil - self.OnClientClosed:Fire(self,"Client lost Connection: ping timeout",cid,ip,port) - end - end + -- end - c.OnClientsModulesList=multi:newConnection() - c.OnDataRecieved=multi:newConnection() - c.OnClientClosed=multi:newConnection() - c.OnClientConnected=multi:newConnection() - c.connectiontest=multi:newAlarm(30) - c.connectiontest.link=c - c.connectiontest:OnRing(function(alarm) - --print("pinging clients!") - alarm.link:sendAll("ping") - alarm:Reset() + c.Updater=multi:newUpdater(0) + c.Updater.link=c + c.updater:OnUpdate(function(self) + self.link:update() end) - multi:newLoop(function() - c:update() - end) - net.OnServerCreated:Fire(c) - return c + c.OnClientsModulesList=multi:newConnection(false) + c.OnDataRecieved=multi:newConnection(false) + c.OnClientClosed=multi:newConnection(false) + c.OnClientConnected=multi:newConnection(false) end - -function net:newAUDPClient(host,port,servercode,nonluaServer) +function net:newUDPClient(host,port,servercode) local c={} - c.ip=assert(socket.dns.toip(host)) - c.udp=assert(socket.udp()) - c.udp:settimeout(0) - c.cid="NIL" - c.lastPing=0 - c.Type="udp" - c.servercode=servercode - c.autoReconnect=true - c.autoNormalization=false - function c:pollPing(n) - return not((os.clock()-self.lastPing)<(n or 60)) + c.host=host + c.port=port + function c:setUpdateRate(n) + self.updater:setSkip(n or 0) end function c:send(data) - if self.autoNormalization then - data=net.normalize(data) - end - self.udp:send("C!"..self.cid..data) + -- end function c:sendRaw(data) - if self.autoNormalization then - data=net.normalize(data) - end - self.udp:send(data) - end - function c:getCID() - if self:IDAssigned() then - return self.cid - end + -- end function c:close() - self:send("E!") + -- end - function c:IDAssigned() - return self.cid~="NIL" + function c:getCID() + -- end function c:update() - local data=self.udp:receive() - if data then - if self.autoNormalization then - data=net.denormalize(data) - end - if data:sub(1,2)=="I!" then - self.cid=data:sub(3,-1) - self.OnClientReady:Fire(self) - elseif data=="S!" then - self.udp:send("S!"..(self.servercode or "")) - elseif data=="L!" then - local mods="" - local m="" - for i=1,#net.loadedModules do - m=net.loadedModules[i] - mods=mods..m..":"..net.getModuleVersion(m).."|" - end - self.udp:send("L!"..self.cid..mods) - elseif data=="ping" then - self.lastPing=os.clock() - self.OnPingRecieved:Fire(self) - self.udp:send("pong"..self.cid) - else - local hook=data:match("!(.-)!") - self.OnDataRecieved:getConnection(hook):Fire(self,data) - end - end + -- end function c:reconnect() - if not nonluaServer then - self.cid="NIL" - c.udp:send("I!") - end - self.OnConnectionRegained:Fire(self) + -- end - c.pingEvent=multi:newEvent(function(self) return self.link:pollPing() end) - c.pingEvent:OnEvent(function(self) - if self.link.autoReconnect then - self.link.OnServerNotAvailable:Fire("Connection to server lost: ping timeout! Attempting to reconnect...") - self.link.OnClientDisconnected:Fire(self,"closed") - self.link:reconnect() - else - self.link.OnServerNotAvailable:Fire("Connection to server lost: ping timeout!") - self.link.OnClientDisconnected:Fire(self,"closed") - end - end) - c.pingEvent.link=c - c.OnPingRecieved=multi:newConnection() - c.OnDataRecieved=multi:newConnection() - c.OnServerNotAvailable=multi:newConnection() - c.OnClientReady=multi:newConnection() - c.OnClientDisconnected=multi:newConnection() - c.OnConnectionRegained=multi:newConnection() - c.notConnected=multi:newFunction(function(self) - self:hold(3) - if self.link:IDAssigned()==false then - self.link.OnServerNotAvailable:Fire("Can't connect to the server: no response from server") - end - end) - c.notConnected.link=c - if not nonluaServer then - c.udp:send("I!") + function c:IDAssigned() + -- end - multi:newLoop(function() - c:update() + c.Updater=multi:newUpdater(0) + c.Updater.link=c + c.updater:OnUpdate(function(self) + self.link:update() end) - multi:newJob(function() c.notConnected() end) - net.OnClientCreated:Fire(c) - return c + c.OnDataRecieved=multi:newConnection(false) + c.OnClientReady=multi:newConnection(false) + c.OnClientDisconnected=multi:newConnection(false) + c.OnConnectionRegained=multi:newConnection(false) + c.OnPingRecieved=multi:newConnection(false) + c.OnServerNotAvailable=multi:newConnection(false) end diff --git a/net/init.lua b/net/init.lua index 05ed88d..29828ac 100644 --- a/net/init.lua +++ b/net/init.lua @@ -27,16 +27,48 @@ function string.trim(s) local from = s:match"^%s*()" return from > #s and "" or s:match(".*%S", from) end -socket=require("socket") -http=require("socket.http") -mime=require("mime") -net={} +local guid = {} +local char = {} +for i = 48,57 do + char[#char+1]=string.char(i) +end +for i = 65,90 do + char[#char+1]=string.char(i) +end +for i = 97,122 do + char[#char+1]=string.char(i) +end +local isHyphen = {[9]=1,[14]=1,[19]=1,[24]=1} +math.randomseed(os.time()) +local socket=require("socket") +local http=require("socket.http") +local mime=require("mime") +--ssl=require("ssl") +--https=require("ssl.https") +local net={} net.Version={2,0,1} -- This will probably stay this version for quite a while... The modules on the otherhand will be more inconsistant net._VERSION="2.0.1" net.OnServerCreated=multi:newConnection() net.OnClientCreated=multi:newConnection() net.loadedModules={} net.autoInit=true +net.generateGUID = function(t) + local pass = {} + local a=0 + local x="" + for z = 1,36 do + if isHyphen[z] then + x='-' + else + a = math.random(1,#char) + x = char[a] + end + table.insert(pass, x) + if t == z then break end + end + z = nil + return tostring(table.concat(pass)) +end function net.normalize(input) local enc=mime.b64(input) return enc @@ -55,8 +87,8 @@ function net.getLocalIP() return dat end function net.getExternalIP() - local data=http.request("http://whatismyip.org/") - return data:match("600;\">(%d-.%d-.%d-.%d-)") + local data=http.request("http://whatismyip.host") + return data:match("(%d+.%d+.%d+.%d+)") end function net:registerModule(mod,version) if net[mod] then @@ -124,7 +156,7 @@ function net:newCastedClient(name) -- connects to the broadcasted server end end -- UDP Stuff -function net:newServer(port,servercode) +function net:newUDPServer(port,servercode,nonluaServer) local c={} c.udp=assert(socket.udp()) c.udp:settimeout(0) @@ -299,7 +331,7 @@ function net:newServer(port,servercode) return c end -function net:newClient(host,port,servercode,nonluaServer) +function net:newUDPClient(host,port,servercode,nonluaServer) local c={} c.ip=assert(socket.dns.toip(host)) c.udp=assert(socket.udp()) @@ -538,7 +570,7 @@ function net:newTCPServer(port) end end end) - updater:setSkip(self.updaterRate) + updater:SetSkip(self.updaterRate) updater.client=client updater.Link=self function updater:setReceiveMode(mode) @@ -662,3 +694,4 @@ function net:newTCPClient(host,port) net.OnClientCreated:Fire(c) return c end +return net diff --git a/net/Documentation.txt b/netold/Documentation.txt similarity index 100% rename from net/Documentation.txt rename to netold/Documentation.txt diff --git a/net/admin.lua b/netold/admin.lua similarity index 100% rename from net/admin.lua rename to netold/admin.lua diff --git a/net/aft.lua b/netold/aft.lua similarity index 100% rename from net/aft.lua rename to netold/aft.lua diff --git a/netold/audp.lua b/netold/audp.lua new file mode 100644 index 0000000..d310477 --- /dev/null +++ b/netold/audp.lua @@ -0,0 +1,273 @@ +function net:newAUDPServer(port,servercode) + local c={} + c.udp=assert(socket.udp()) + c.udp:settimeout(0) + c.udp:setsockname("*", port) + c.ips={} + c.Type="udp" + c.port=port + c.ids={} + c.servercode=servercode + c.bannedIPs={} + c.bannedCIDs={} + c.autoNormalization=false + function c:setUpdateRate(n) + print("Not needed in a audp server!") + end + function c:banCID(cid) + table.insert(self.bannedCIDs,cid) + end + function c:banIP(ip) + table.insert(self.bannedIPs,cid) + end + function c:send(ip,data,port,cid) + if self.autoNormalization then + data=net.normalize(data) + end + if self.servercode then + cid=cid or self:CIDFrom(ip,port) + if not self.ips[cid] then + print("Can't determine cid from client... sending the client a new one!") + local cid=net.resolveID(self) + print("Sending unique cid to client: "..cid) + self.ips[cid]={ip,port,0,self.servercode==nil} + print(ip) + self.udp:sendto("I!"..cid,ip,port) + if self.servercode then + self.udp:sendto("S!",ip,port) + end + return + end + if net.inList(self.bannedIPs,ip) or net.inList(self.bannedCIDs,cid) then + self.udp:sendto("BANNED CLIENT", ip, port or self.port) + elseif self.ips[cid][4] then + self.udp:sendto(data, ip, port or self.port) + elseif self.ips[cid][4]==false then + self.udp:sendto("Make sure your server code is correct!", ip, port) + end + else + self.udp:sendto(data, ip, port or self.port) + end + end + function c:pollClientModules(ip,port) + self:send(ip,"L!",port) + end + function c:CIDFrom(ip,port) + for i,v in pairs(self.ips) do + if(ip==v[1] and v[2]==port) then + return i + end + end + end + function c:sendAll(data) + for i,v in pairs(self.ips) do + self:send(v[1],data,v[2],i) + end + end + function c:sendAllBut(data,cid) + for i,v in pairs(self.ips) do + if i~=cid then + self:send(v[1],data,v[2],i) + end + end + end + function c:clientRegistered(cid) + return self.ips[cid] + end + function c:clientLoggedIn(cid) + if not self.clientRegistered(cid) then + return nil + end + return self.ips[cid][4] + end + function c:update() + local data,ip,port=self.udp:receivefrom() + if net.inList(self.bannedIPs,ip) or net.inList(self.bannedCIDs,cid) then + print("We will ingore data from a banned client!") + return + end + if data then + if self.autoNormalization then + data=net.denormalize(data) + end + if data:sub(1,4)=="pong" then + self.ips[data:sub(5,-1)][3]=os.clock() + elseif data:sub(1,2)=="S!" then + local cid=self:CIDFrom(ip,port) + if data:sub(3,-1)==self.servercode then + print("Servercode Accepted: "..self.servercode) + if self.ips[cid] then + self.ips[cid][4]=true + else + print("Server can't keep up! CID: "..cid.." has been skipped! Sending new CID to the client!") + local cid=net.resolveID(self) + print("Sending unique cid to client: "..cid) + self.ips[cid]={ip,port,0,self.servercode==nil} + print(ip) + self.udp:sendto("I!"..cid,ip,port) + if self.servercode then + self.udp:sendto("S!",ip,port) + end + end + else + self.udp:sendto("Make sure your server code is correct!", ip, port) + end + elseif data:sub(1,2)=="C!" then + local hook=(data:sub(11,-1)):match("!(.-)!") + self.OnDataRecieved:getConnection(hook):Fire(self,data:sub(11,-1),data:sub(3,10),ip,port) + elseif data:sub(1,2)=="E!" then + self.ips[data:sub(3,10)]=nil + obj.ids[data:sub(3,10)]=false + self.OnClientClosed:Fire(self,"Client Closed Connection!",data:sub(3,10),ip,port) + elseif data=="I!" then + local cid=net.resolveID(self) + print("Sending unique cid to client: "..cid) + self.ips[cid]={ip,port,os.clock(),self.servercode==nil} + print(ip) + self.udp:sendto("I!"..cid,ip,port) + if self.servercode then + self.udp:sendto("S!",ip,port) + end + self.OnClientConnected:Fire(self,cid,ip,port) + elseif data:sub(1,2)=="L!" then + cid,cList=data:sub(3,10),data:sub(11,-1) + local list={} + for m,v in cList:gmatch("(%S-):(%S-)|") do + list[m]=v + end + self.OnClientsModulesList:Fire(list,cid,ip,port) + end + end + for cid,dat in pairs(self.ips) do + if not((os.clock()-dat[3])<65) then + self.ips[cid]=nil + self.OnClientClosed:Fire(self,"Client lost Connection: ping timeout",cid,ip,port) + end + end + end + c.OnClientsModulesList=multi:newConnection() + c.OnDataRecieved=multi:newConnection() + c.OnClientClosed=multi:newConnection() + c.OnClientConnected=multi:newConnection() + c.connectiontest=multi:newAlarm(30) + c.connectiontest.link=c + c.connectiontest:OnRing(function(alarm) + --print("pinging clients!") + alarm.link:sendAll("ping") + alarm:Reset() + end) + multi:newLoop(function() + c:update() + end) + net.OnServerCreated:Fire(c) + return c +end + +function net:newAUDPClient(host,port,servercode,nonluaServer) + local c={} + c.ip=assert(socket.dns.toip(host)) + c.udp=assert(socket.udp()) + c.udp:settimeout(0) + c.cid="NIL" + c.lastPing=0 + c.Type="udp" + c.servercode=servercode + c.autoReconnect=true + c.autoNormalization=false + function c:pollPing(n) + return not((os.clock()-self.lastPing)<(n or 60)) + end + function c:send(data) + if self.autoNormalization then + data=net.normalize(data) + end + self.udp:send("C!"..self.cid..data) + end + function c:sendRaw(data) + if self.autoNormalization then + data=net.normalize(data) + end + self.udp:send(data) + end + function c:getCID() + if self:IDAssigned() then + return self.cid + end + end + function c:close() + self:send("E!") + end + function c:IDAssigned() + return self.cid~="NIL" + end + function c:update() + local data=self.udp:receive() + if data then + if self.autoNormalization then + data=net.denormalize(data) + end + if data:sub(1,2)=="I!" then + self.cid=data:sub(3,-1) + self.OnClientReady:Fire(self) + elseif data=="S!" then + self.udp:send("S!"..(self.servercode or "")) + elseif data=="L!" then + local mods="" + local m="" + for i=1,#net.loadedModules do + m=net.loadedModules[i] + mods=mods..m..":"..net.getModuleVersion(m).."|" + end + self.udp:send("L!"..self.cid..mods) + elseif data=="ping" then + self.lastPing=os.clock() + self.OnPingRecieved:Fire(self) + self.udp:send("pong"..self.cid) + else + local hook=data:match("!(.-)!") + self.OnDataRecieved:getConnection(hook):Fire(self,data) + end + end + end + function c:reconnect() + if not nonluaServer then + self.cid="NIL" + c.udp:send("I!") + end + self.OnConnectionRegained:Fire(self) + end + c.pingEvent=multi:newEvent(function(self) return self.link:pollPing() end) + c.pingEvent:OnEvent(function(self) + if self.link.autoReconnect then + self.link.OnServerNotAvailable:Fire("Connection to server lost: ping timeout! Attempting to reconnect...") + self.link.OnClientDisconnected:Fire(self,"closed") + self.link:reconnect() + else + self.link.OnServerNotAvailable:Fire("Connection to server lost: ping timeout!") + self.link.OnClientDisconnected:Fire(self,"closed") + end + end) + c.pingEvent.link=c + c.OnPingRecieved=multi:newConnection() + c.OnDataRecieved=multi:newConnection() + c.OnServerNotAvailable=multi:newConnection() + c.OnClientReady=multi:newConnection() + c.OnClientDisconnected=multi:newConnection() + c.OnConnectionRegained=multi:newConnection() + c.notConnected=multi:newFunction(function(self) + self:hold(3) + if self.link:IDAssigned()==false then + self.link.OnServerNotAvailable:Fire("Can't connect to the server: no response from server") + end + end) + c.notConnected.link=c + if not nonluaServer then + c.udp:send("I!") + end + multi:newLoop(function() + c:update() + end) + multi:newJob(function() c.notConnected() end) + net.OnClientCreated:Fire(c) + return c +end diff --git a/net/chatting.lua b/netold/chatting.lua similarity index 100% rename from net/chatting.lua rename to netold/chatting.lua diff --git a/net/db.lua b/netold/db.lua similarity index 100% rename from net/db.lua rename to netold/db.lua diff --git a/net/eft.lua b/netold/eft.lua similarity index 100% rename from net/eft.lua rename to netold/eft.lua diff --git a/net/email.lua b/netold/email.lua similarity index 100% rename from net/email.lua rename to netold/email.lua diff --git a/net/identity.lua b/netold/identity.lua similarity index 100% rename from net/identity.lua rename to netold/identity.lua diff --git a/net/inbox.lua b/netold/inbox.lua similarity index 100% rename from net/inbox.lua rename to netold/inbox.lua diff --git a/netold/init.lua b/netold/init.lua new file mode 100644 index 0000000..302e397 --- /dev/null +++ b/netold/init.lua @@ -0,0 +1,666 @@ +--[[ + UPCOMMING ADDITIONS + AUDP - advance udp. Ensures packets arrive and handles late packets. + P2P - peer to peer (Server to set up initial connection) + Relay - offput server load (locally) + Threading - Simple threading ~~(UDP/AUDP Only)~~ Thanks to an updated multi library we can thread with ease + Priority handling +]] +--[[ + TODO: Finish stuff for Priority handling +]] +function table.merge(t1, t2) + for k,v in pairs(t2) do + if type(v) == 'table' then + if type(t1[k] or false) == 'table' then + table.merge(t1[k] or {}, t2[k] or {}) + else + t1[k] = v + end + else + t1[k] = v + end + end + return t1 +end +function string.trim(s) + local from = s:match"^%s*()" + return from > #s and "" or s:match(".*%S", from) +end +socket=require("socket") +http=require("socket.http") +mime=require("mime") +ssl=require("ssl") +https=require("ssl.https") +net={} +net.Version={2,0,1} -- This will probably stay this version for quite a while... The modules on the otherhand will be more inconsistant +net._VERSION="2.0.1" +net.OnServerCreated=multi:newConnection() +net.OnClientCreated=multi:newConnection() +net.loadedModules={} +net.autoInit=true +function net.normalize(input) + local enc=mime.b64(input) + return enc +end +function net.denormalize(input) + local unenc=mime.unb64(input) + return unenc +end +function net.getLocalIP() + local someRandomIP = "192.168.1.122" + local someRandomPort = "3102" + local mySocket = socket.udp() + mySocket:setpeername(someRandomIP,someRandomPort) + local dat = (mySocket:getsockname()) + mySocket:close() + return dat +end +function net.getExternalIP() + local data=http.request("http://whatismyip.org/") + return data:match("600;\">(%d-.%d-.%d-.%d-)") +end +function net:registerModule(mod,version) + if net[mod] then + error("Module by the name: "..mod.." has already been registered! Remember some modules are internal and use certain names!") + end + table.insert(self.loadedModules,mod) + net[mod]={} + if version then + net[mod].Version=version + net[mod]._VERSION=version[1].."."..version[2].."."..version[3] + else + net[mod].Version={1,0,0} + net[mod]._VERSION={1,0,0} + end + return {Version=version,_VERSION=version[1].."."..version[2].."."..version[3]} +end +function net.getModuleVersion(ext) + if not ext then + return string.format("%d.%d.%d",net.Version[1],net.Version[2],net.Version[3]) + end + return string.format("%d.%d.%d",net[ext].Version[1],net[ext].Version[2],net[ext].Version[3]) +end +function net.resolveID(obj) + local num=math.random(10000000,99999999) + if obj[tostring(num)] then + return net.resolveID(obj) + end + obj.ids[tostring(num)]=true + return tostring(num) +end +function net.inList(list,dat) + for i,v in pairs(list) do + if v==dat then + return true + end + end + return false +end +function net.setTrigger(funcW,funcE) + multi:newTrigger(func) +end +net:registerModule("net",net.Version) +-- Client broadcast +function net:newCastedClient(name) -- connects to the broadcasted server + local listen = socket.udp() -- make a new socket + listen:setsockname(net.getLocalIP(), 11111) + listen:settimeout(0) + local timer=multi:newTimer() + while true do + local data, ip, port = listen:receivefrom() + if timer:Get()>3 then + error("Timeout! Server by the name: "..name.." has not been found!") + end + if data then + local n,tp,ip,port=data:match("(%S-)|(%S-)|(%S-):(%d+)") + if n:match(name) then + print("Found Server!",n,tp,ip,port) + if tp=="tcp" then + return net:newTCPClient(ip,tonumber(port)) + else + return net:newClient(ip,tonumber(port)) + end + end + end + end +end +-- UDP Stuff +function net:newServer(port,servercode) + local c={} + c.udp=assert(socket.udp()) + c.udp:settimeout(0) + c.udp:setsockname("*", port) + c.ips={} + c.Type="udp" + c.port=port + c.ids={} + c.servercode=servercode + c.bannedIPs={} + c.bannedCIDs={} + c.autoNormalization=false + function c:setUpdateRate(n) + print("Not needed in a udp server!") + end + function c:banCID(cid) + table.insert(self.bannedCIDs,cid) + end + function c:banIP(ip) + table.insert(self.bannedIPs,cid) + end + c.broad=socket.udp() + c.hostip=net.getLocalIP() + function c:broadcast(name) + local loop=multi:newTLoop(function(loop,dt) + self.broad:setoption('broadcast',true) + self.broad:sendto(name.."|"..self.Type.."|"..self.hostip..":"..self.port, "255.255.255.255", 11111) + self.broad:setoption('broadcast',false) + end,1) + end + function c:send(ip,data,port,cid) + if self.autoNormalization then + data=net.normalize(data) + end + if self.servercode then + cid=cid or self:CIDFrom(ip,port) + if not self.ips[cid] then + print("Can't determine cid from client... sending the client a new one!") + local cid=net.resolveID(self) + print("Sending unique cid to client: "..cid) + self.ips[cid]={ip,port,0,self.servercode==nil} + print(ip) + self.udp:sendto("I!"..cid,ip,port) + if self.servercode then + self.udp:sendto("S!",ip,port) + end + return + end + if net.inList(self.bannedIPs,ip) or net.inList(self.bannedCIDs,cid) then + self.udp:sendto("BANNED CLIENT", ip, port or self.port) + elseif self.ips[cid][4] then + self.udp:sendto(data, ip, port or self.port) + elseif self.ips[cid][4]==false then + self.udp:sendto("Make sure your server code is correct!", ip, port) + end + else + self.udp:sendto(data, ip, port or self.port) + end + end + function c:pollClientModules(ip,port) + self:send(ip,"L!",port) + end + function c:CIDFrom(ip,port) + for i,v in pairs(self.ips) do + if(ip==v[1] and v[2]==port) then + return i + end + end + end + function c:sendAll(data) + for i,v in pairs(self.ips) do + self:send(v[1],data,v[2],i) + end + end + function c:sendAllBut(data,cid) + for i,v in pairs(self.ips) do + if i~=cid then + self:send(v[1],data,v[2],i) + end + end + end + function c:clientRegistered(cid) + return self.ips[cid] + end + function c:clientLoggedIn(cid) + if not self.clientRegistered(cid) then + return nil + end + return self.ips[cid][4] + end + function c:update() + local data,ip,port=self.udp:receivefrom() + if net.inList(self.bannedIPs,ip) or net.inList(self.bannedCIDs,cid) then + print("We will ingore data from a banned client!") + return + end + if data then + if self.autoNormalization then + data=net.denormalize(data) + end + if data:sub(1,4)=="pong" then + --print("Recieved pong from: "..data:sub(5,-1)) + self.ips[data:sub(5,-1)][3]=os.clock() + elseif data:sub(1,2)=="S!" then + local cid=self:CIDFrom(ip,port) + if data:sub(3,-1)==self.servercode then + print("Servercode Accepted: "..self.servercode) + if self.ips[cid] then + self.ips[cid][4]=true + else + print("Server can't keep up! CID: "..cid.." has been skipped! Sending new CID to the client!") + local cid=net.resolveID(self) + print("Sending unique cid to client: "..cid) + self.ips[cid]={ip,port,0,self.servercode==nil} + print(ip) + self.udp:sendto("I!"..cid,ip,port) + if self.servercode then + self.udp:sendto("S!",ip,port) + end + end + else + self.udp:sendto("Make sure your server code is correct!", ip, port) + end + elseif data:sub(1,2)=="C!" then + local hook=(data:sub(11,-1)):match("!(.-)!") + self.OnDataRecieved:getConnection(hook):Fire(self,data:sub(11,-1),data:sub(3,10),ip,port) + elseif data:sub(1,2)=="E!" then + self.ips[data:sub(3,10)]=nil + obj.ids[data:sub(3,10)]=false + self.OnClientClosed:Fire(self,"Client Closed Connection!",data:sub(3,10),ip,port) + elseif data=="I!" then + local cid=net.resolveID(self) + print("Sending unique cid to client: "..cid) + self.ips[cid]={ip,port,os.clock(),self.servercode==nil} + print(ip) + self.udp:sendto("I!"..cid,ip,port) + if self.servercode then + self.udp:sendto("S!",ip,port) + end + self.OnClientConnected:Fire(self,cid,ip,port) + elseif data:sub(1,2)=="L!" then + cid,cList=data:sub(3,10),data:sub(11,-1) + local list={} + for m,v in cList:gmatch("(%S-):(%S-)|") do + list[m]=v + end + self.OnClientsModulesList:Fire(list,cid,ip,port) + end + end + for cid,dat in pairs(self.ips) do + if not((os.clock()-dat[3])<65) then + self.ips[cid]=nil + self.OnClientClosed:Fire(self,"Client lost Connection: ping timeout",cid,ip,port) + end + end + end + c.OnClientsModulesList=multi:newConnection() + c.OnDataRecieved=multi:newConnection() + c.OnClientClosed=multi:newConnection() + c.OnClientConnected=multi:newConnection() + c.connectiontest=multi:newAlarm(30) + c.connectiontest.link=c + c.connectiontest:OnRing(function(alarm) + --print("pinging clients!") + alarm.link:sendAll("ping") + alarm:Reset() + end) + multi:newLoop(function() + c:update() + end) + net.OnServerCreated:Fire(c) + return c +end + +function net:newClient(host,port,servercode,nonluaServer) + local c={} + c.ip=assert(socket.dns.toip(host)) + c.udp=assert(socket.udp()) + c.udp:settimeout(0) + c.udp:setpeername(c.ip, port) + c.cid="NIL" + c.lastPing=0 + c.Type="udp" + c.servercode=servercode + c.autoReconnect=true + c.autoNormalization=false + function c:pollPing(n) + return not((os.clock()-self.lastPing)<(n or 60)) + end + function c:send(data) + if self.autoNormalization then + data=net.normalize(data) + end + self.udp:send("C!"..self.cid..data) + end + function c:sendRaw(data) + if self.autoNormalization then + data=net.normalize(data) + end + self.udp:send(data) + end + function c:getCID() + if self:IDAssigned() then + return self.cid + end + end + function c:close() + self:send("E!") + end + function c:IDAssigned() + return self.cid~="NIL" + end + function c:update() + local data=self.udp:receive() + if data then + if self.autoNormalization then + data=net.denormalize(data) + end + if data:sub(1,2)=="I!" then + self.cid=data:sub(3,-1) + self.OnClientReady:Fire(self) + elseif data=="S!" then + self.udp:send("S!"..(self.servercode or "")) + elseif data=="L!" then + local mods="" + local m="" + for i=1,#net.loadedModules do + m=net.loadedModules[i] + mods=mods..m..":"..net.getModuleVersion(m).."|" + end + self.udp:send("L!"..self.cid..mods) + elseif data=="ping" then + self.lastPing=os.clock() + self.OnPingRecieved:Fire(self) + self.udp:send("pong"..self.cid) + else + local hook=data:match("!(.-)!") + self.OnDataRecieved:getConnection(hook):Fire(self,data) + end + end + end + function c:reconnect() + if not nonluaServer then + self.cid="NIL" + c.udp:send("I!") + end + self.OnConnectionRegained:Fire(self) + end + c.pingEvent=multi:newEvent(function(self) return self.link:pollPing() end) + c.pingEvent:OnEvent(function(self) + if self.link.autoReconnect then + self.link.OnServerNotAvailable:Fire("Connection to server lost: ping timeout! Attempting to reconnect...") + self.link.OnClientDisconnected:Fire(self,"closed") + self.link:reconnect() + else + self.link.OnServerNotAvailable:Fire("Connection to server lost: ping timeout!") + self.link.OnClientDisconnected:Fire(self,"closed") + end + end) + c.pingEvent.link=c + c.OnPingRecieved=multi:newConnection() + c.OnDataRecieved=multi:newConnection() + c.OnServerNotAvailable=multi:newConnection() + c.OnClientReady=multi:newConnection() + c.OnClientDisconnected=multi:newConnection() + c.OnConnectionRegained=multi:newConnection() + c.notConnected=multi:newFunction(function(self) + self:hold(3) + if self.link:IDAssigned()==false then + self.link.OnServerNotAvailable:Fire("Can't connect to the server: no response from server") + end + end) + c.notConnected.link=c + if not nonluaServer then + c.udp:send("I!") + end + multi:newLoop(function() + c:update() + end) + multi:newJob(function() c.notConnected() end) + net.OnClientCreated:Fire(c) + return c +end +--TCP Stuff +function net:newTCPServer(port) + local c={} + c.tcp=assert(socket.bind("*", port)) + c.tcp:settimeout(0) + c.ip,c.port=c.tcp:getsockname() + c.ips={} + c.port=port + c.ids={} + c.bannedIPs={} + c.Type="tcp" + c.rMode="*l" + c.sMode="*l" + c.updaterRate=1 + c.autoNormalization=false + c.updates={} + c.links={} + c.broad=socket.udp() + c.hostip=net.getLocalIP() + function c:broadcast(name) + local loop=multi:newTLoop(function(loop,dt) + self.broad:setoption('broadcast',true) + self.broad:sendto(name.."|"..self.Type.."|"..self.hostip..":"..self.port, "255.255.255.255", 11111) + self.broad:setoption('broadcast',false) + end,1) + end + function c:setUpdateRate(n) + self.updaterRate=n + end + function c:setReceiveMode(mode) + self.rMode=mode + end + function c:setSendMode(mode) + self.rMode=mode + end + function c:banCID(cid) + print("Function not supported on a tcp server!") + end + function c:banIP(ip) + table.insert(self.bannedIPs,cid) + end + function c:send(handle,data) + if self.autoNormalization then + data=net.normalize(data) + end + if self.sMode=="*l" then + handle:send(data.."\n") + else + handle:send(data) + end + end + function c:sendAllData(handle,data) + if self.autoNormalization then + data=net.normalize(data) + end + handle:send(data) + end + function c:pollClientModules(ip,port) + self:send(ip,"L!",port) + end + function c:CIDFrom(ip,port) + print("Method not supported when using a TCP Server!") + return "CIDs in TCP work differently!" + end + function c:sendAll(data) + for i,v in pairs(self.ips) do + self:send(v,data) + end + end + function c:sendAllBut(data,cid) + for i,v in pairs(self.ips) do + if not(cid==i) then + self:send(v,data) + end + end + end + function c:clientRegistered(cid) + return self.ips[cid] + end + function c:clientLoggedIn(cid) + return self.ips[cid] + end + function c:getUpdater(cid) + return self.updates[cid] + end + function c:update() + local client = self.tcp:accept(self.rMode) + if not client then return end + table.insert(self.ips,client) + client:settimeout(0) + --client:setoption('tcp-nodelay', true) + client:setoption('keepalive', true) + ip,port=client:getpeername() + if ip and port then + print("Got connection from: ",ip,port) + local updater=multi:newUpdater(skip) + self.updates[client]=updater + self.OnClientConnected:Fire(self,self.client,self.client,ip) + updater:OnUpdate(function(self) + local data, err = self.client:receive(self.rMode or self.Link.rMode) + if err=="closed" then + for i=1,#self.Link.ips do + if self.Link.ips[i]==self.client then + table.remove(self.Link.ips,i) + end + end + self.Link.OnClientClosed:Fire(self.Link,"Client Closed Connection!",self.client,self.client,ip) + self.Link.links[self.client]=nil -- lets clean up + self:Destroy() + end + if data then + if self.autoNormalization then + data=net.denormalize(data) + end + if net.inList(self.Link.bannedIPs,ip) then + print("We will ingore data from a banned client!") + return + end + local hook=data:match("!(.-)!") + self.Link.OnDataRecieved:getConnection(hook):Fire(self.Link,data,self.client,self.client,ip,self) + if data:sub(1,2)=="L!" then + cList=data + local list={} + for m,v in cList:gmatch("(%S-):(%S-)|") do + list[m]=v + end + self.Link.OnClientsModulesList:Fire(list,self.client,self.client,ip) + end + end + end) + updater:setSkip(self.updaterRate) + updater.client=client + updater.Link=self + function updater:setReceiveMode(mode) + self.rMode=mode + end + self.links[client]=updater + end + end + c.OnClientsModulesList=multi:newConnection() + c.OnDataRecieved=multi:newConnection() + c.OnClientClosed=multi:newConnection() + c.OnClientConnected=multi:newConnection() + multi:newLoop(function() + c:update() + end) + net.OnServerCreated:Fire(c) + return c +end +function net:newTCPClient(host,port) + local c={} + c.ip=assert(socket.dns.toip(host)) + c.port=port + c.tcp=socket.connect(c.ip,port) + if not c.tcp then + print("Can't connect to the server: no response from server") + return false + end + c.tcp:settimeout(0) + --c.tcp:setoption('tcp-nodelay', true) + c.tcp:setoption('keepalive', true) + c.Type="tcp" + c.autoReconnect=true + c.rMode="*l" + c.sMode="*l" + c.autoNormalization=false + function c:setReceiveMode(mode) + self.rMode=mode + end + function c:setSendMode(mode) + self.sMode=mode + end + function c:send(data) + if self.autoNormalization then + data=net.normalize(data) + end + if self.sMode=="*l" then + ind,err=self.tcp:send(data.."\n") + else + ind,err=self.tcp:send(data) + end + if err=="closed" then + self.OnClientDisconnected:Fire(self,err) + elseif err=="timeout" then + self.OnClientDisconnected:Fire(self,err) + elseif err then + print(err) + end + end + function c:sendRaw(data) + if self.autoNormalization then + data=net.normalize(data) + end + self.tcp:send(data) + end + function c:getCID() + return "No Cid on a tcp client!" + end + function c:close() + self.tcp:close() + end + function c:IDAssigned() + return true + end + function c:update() + if not self.tcp then return end + local data,err=self.tcp:receive() + if err=="closed" then + self.OnClientDisconnected:Fire(self,err) + elseif err=="timeout" then + self.OnClientDisconnected:Fire(self,err) + elseif err then + print(err) + end + if data then + if self.autoNormalization then + data=net.denormalize(data) + end + local hook=data:match("!(.-)!") + self.OnDataRecieved:getConnection(hook):Fire(self,data) + end + end + function c:reconnect() + multi:newFunction(function(func) + self.tcp=socket.connect(self.ip,self.port) + if self.tcp==nil then + print("Can't connect to the server: No response from server!") + func:hold(3) + self:reconnect() + return + end + self.OnConnectionRegained:Fire(self) + self.tcp:settimeout(0) + --self.tcp:setoption('tcp-nodelay', true) + self.tcp:setoption('keepalive', true) + end) + end + c.event=multi:newEvent(function(event) + return event.link:IDAssigned() + end) + c.event:OnEvent(function(event) + event.link.OnClientReady:Fire(event.link) + end) + c.event.link=c + c.OnClientReady=multi:newConnection() + c.OnClientDisconnected=multi:newConnection() + c.OnDataRecieved=multi:newConnection() + c.OnConnectionRegained=multi:newConnection() + multi:newLoop(function() + c:update() + end) + net.OnClientCreated:Fire(c) + return c +end diff --git a/net/logging.lua b/netold/logging.lua similarity index 100% rename from net/logging.lua rename to netold/logging.lua diff --git a/net/p2p.lua b/netold/p2p.lua similarity index 100% rename from net/p2p.lua rename to netold/p2p.lua diff --git a/net/relay.lua b/netold/relay.lua similarity index 100% rename from net/relay.lua rename to netold/relay.lua diff --git a/net/settings.lua b/netold/settings.lua similarity index 100% rename from net/settings.lua rename to netold/settings.lua diff --git a/net/sft.lua b/netold/sft.lua similarity index 100% rename from net/sft.lua rename to netold/sft.lua diff --git a/net/status.lua b/netold/status.lua similarity index 100% rename from net/status.lua rename to netold/status.lua diff --git a/net/testinit.lua b/netold/testinit.lua similarity index 100% rename from net/testinit.lua rename to netold/testinit.lua diff --git a/net/threading.lua b/netold/threading.lua similarity index 100% rename from net/threading.lua rename to netold/threading.lua diff --git a/net/users.lua b/netold/users.lua similarity index 100% rename from net/users.lua rename to netold/users.lua diff --git a/net/version.lua b/netold/version.lua similarity index 100% rename from net/version.lua rename to netold/version.lua diff --git a/server.lua b/server.lua new file mode 100644 index 0000000..b8e945a --- /dev/null +++ b/server.lua @@ -0,0 +1,10 @@ +package.path="?/init.lua;"..package.path +require("multi") +require("net") +server = net:newUDPServer(12345) +print("Server hosted on "..net.getExternalIP().." listening on port: 12345") +server.OnDataRecieved(function(self,data,cid,ip,port) + print(data) + self:send(ip,"Hello Client! "..net.generateGUID(),port,cid) +end) +multi:mainloop() diff --git a/servertest.lua b/servertest.lua new file mode 100644 index 0000000..747fb26 --- /dev/null +++ b/servertest.lua @@ -0,0 +1,15 @@ +package.path="?/init.lua;"..package.path +require("multi") +require("net") +port=12344 +udp=assert(socket.udp()) +udp:settimeout(0) +udp:setsockname("*", port) +multi:newLoop(function() + local data,ip,port=udp:receivefrom() + if data then + print(data) + udp:sendto("Hey Client!\n", ip, port) + end +end) +multi:mainloop() diff --git a/servertests/certs/.rnd b/servertests/certs/.rnd new file mode 100644 index 0000000..31dac67 --- /dev/null +++ b/servertests/certs/.rnd @@ -0,0 +1,8 @@ +Dù(K†D€ô 3Vh®.%pÉÖ ÿ³»ãTTò1[dG+°•\“=B8„²ôí@ñ ÈΧB5K‚>Ì´$è«™úF©3%ð…“nJ;¼/µ:ª³ñp? H¦ɯ>¹15 ðê¾Hb›B‚ÂY¨J«ô¦®lgfËáfîuÎñM;øÀºÆãÓämíE7Zx+'\Œ²Ÿ—°ÑÌ8ù ]ÝlÀ![·q;O5SúÐþvb#žh/·Êc«•ªÓª¡­LeòÒ놚5ÿ3d=WöëžWPŒÒÐsÆb +45¶gd²H• þ2µ#öRHý)/tôÚ§¸‹{«mÒÙ‡îïR«Ûò|×ï¤H{€Jܶx‡p>ÍO![Ù-n~ð̓%ô–c •ð]B—Ö™Ý\  p£Î\Å·‹xI¿ ŽSÒ‹s2ùj‘¢oåƒ dé³øüñÚ“Ë~Œfÿ·…¤²¡…~‰mí AOÌ#g Iv1k­;ul„‹‘‰ÄC£PK?ÑVUâV_^åþžzí¬ ¾ ù®„Eôl`¨è‰ô.àgÀ¡Nx„ðÚ‰ T¾Ÿ¦X&dn™ï¬òdSÅ ÚœO6qHšýVV¦ÊHÇ©ïÓªÎÁÐS·1(„^:dð?Ú_,#´V8J +wç»t²ŸFÏÆ•˜d8w¡ÄR¡‰$–ÎÓ§ÕË<7 +ÊPoΊ‡z*é" AâZ,¹PA:{O¥]³õkàÔdåw*~¦%À +„.")x×vA´ãGºL zVbÖ·«,Ó,5Ú$Ñgða¼Ë°œ)f¸œhØ„ëñ)þþwl3)žLêi¦\‘•…úù@Õ`h¡ÑÑL‡eó$:V›±ê¤ÂsbŠ†&¯|«—½|„îALYÉŸXk»`tW[(ú•á½Õýá' \ No newline at end of file diff --git a/servertests/certs/all.bat b/servertests/certs/all.bat new file mode 100644 index 0000000..15531b3 --- /dev/null +++ b/servertests/certs/all.bat @@ -0,0 +1,14 @@ +REM make sure the 'openssl.exe' commandline tool is in your path before starting! +REM set the path below; +set opensslpath=C:\OpenSSL-Win32\bin + + + +setlocal +set path=%opensslpath%;%path% +call roota.bat +call rootb.bat +call servera.bat +call serverb.bat +call clienta.bat +call clientb.bat diff --git a/servertests/certs/ca.pem b/servertests/certs/ca.pem new file mode 100644 index 0000000..a0a4020 --- /dev/null +++ b/servertests/certs/ca.pem @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIID8DCCAtigAwIBAgIJAKdQLITRsi/hMA0GCSqGSIb3DQEBCwUAMIGMMQswCQYD +VQQGEwJVUzERMA8GA1UECAwITmV3IFlvcmsxEDAOBgNVBAcMB0JhbGR3aW4xEjAQ +BgNVBAoMCVJ5YW4gSU5DLjEMMAoGA1UECwwDbWVoMRIwEAYDVQQDDAlSeWFuIFdh +cmQxIjAgBgkqhkiG9w0BCQEWE3JheWFtYW45OUBnbWFpbC5jb20wHhcNMTcxMTIw +MTUyMzQ5WhcNMTcxMjIwMTUyMzQ5WjCBjDELMAkGA1UEBhMCVVMxETAPBgNVBAgM +CE5ldyBZb3JrMRAwDgYDVQQHDAdCYWxkd2luMRIwEAYDVQQKDAlSeWFuIElOQy4x +DDAKBgNVBAsMA21laDESMBAGA1UEAwwJUnlhbiBXYXJkMSIwIAYJKoZIhvcNAQkB +FhNyYXlhbWFuOTlAZ21haWwuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEAty9HB2AC7gCs9tttEuGWS3TtF6BGSLomCLAWE1bLO6lkFS725F4uRn9N +drbYgey8tz9/qjSIsVXL8U6aDtyqlFioA3Y2NBT9wSxuEYpkssaZ9zZ5LhVzbgpY +gNKpSuo+JGsWOQPrY33VIsInJDSvt0Q9UfzvLnGZf5XA4wc5E0a/TNuTuRkLpDVm +AvFEqUKgiZ103ZXnxhViDQFhsmitFEcCi1dGhI8VhGOCprhOWN5ZwlACjUHGQIJS +0JXsqC4xxrSpiV20+YpnNU0S/pFeUzvqzDpT0s7oW+5HMdJDkyyJbbFzMKQ2OXyI +NsKv8Bd8s+bnxws8QtZsRZt56cmkAwIDAQABo1MwUTAdBgNVHQ4EFgQU/7MbOpPb +E2nEbpg10rMsotuq8xUwHwYDVR0jBBgwFoAU/7MbOpPbE2nEbpg10rMsotuq8xUw +DwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAd1ymGZJiQMjxn7Vp ++rjlz5Nhfb1UwgyobapHqpfsBrpiqoUj6FXNvxzBvXEnpMCH1iQVPFwXRv5iiT5E +NbVujkLUJtUN5XofUGnfAc3dxR03ZhWDORNZIKSm33GjCs6Xw+qQRLpMfbuTEBVF +8av10D/iKEsmElIgK1bRAydj3+4vvVWptNjHUv1fxZvRTtqW+mzvdvgoekfjIE7i +Uk0bXatyalpLiOE9iDuT1uybH01FJqdC6b5eHzLwsZiq8NltfEeC6y8CV4/BeOSo +/PSsXZqg6p4fF7FcnY57hBduJQ2twpSPCTymSg+W/hSzyMmT35ec4sKeSA36uHpn +qsxDiQ== +-----END CERTIFICATE----- diff --git a/servertests/certs/clientA.bat b/servertests/certs/clientA.bat new file mode 100644 index 0000000..112cdef --- /dev/null +++ b/servertests/certs/clientA.bat @@ -0,0 +1,9 @@ +rem #!/bin/sh + +openssl req -newkey rsa:1024 -sha1 -keyout clientAkey.pem -out clientAreq.pem -nodes -config ./clientA.cnf -days 365 -batch + +openssl x509 -req -in clientAreq.pem -sha1 -extfile ./clientA.cnf -extensions usr_cert -CA rootA.pem -CAkey rootAkey.pem -CAcreateserial -out clientAcert.pem -days 365 + +copy clientAcert.pem + rootA.pem clientA.pem + +openssl x509 -subject -issuer -noout -in clientA.pem diff --git a/servertests/certs/clientA.cnf b/servertests/certs/clientA.cnf new file mode 100644 index 0000000..0fea787 --- /dev/null +++ b/servertests/certs/clientA.cnf @@ -0,0 +1,316 @@ +# +# OpenSSL example configuration file. +# This is mostly being used for generation of certificate requests. +# + +# This definition stops the following lines choking if HOME isn't +# defined. +HOME = . +RANDFILE = $ENV::HOME/.rnd + +# Extra OBJECT IDENTIFIER info: +#oid_file = $ENV::HOME/.oid +oid_section = new_oids + +# To use this configuration file with the "-extfile" option of the +# "openssl x509" utility, name here the section containing the +# X.509v3 extensions to use: +# extensions = +# (Alternatively, use a configuration file that has only +# X.509v3 extensions in its main [= default] section.) + +[ new_oids ] + +# We can add new OIDs in here for use by 'ca' and 'req'. +# Add a simple OID like this: +# testoid1=1.2.3.4 +# Or use config file substitution like this: +# testoid2=${testoid1}.5.6 + +#################################################################### +[ ca ] +default_ca = CA_default # The default ca section + +#################################################################### +[ CA_default ] + +dir = ./demoCA # Where everything is kept +certs = $dir/certs # Where the issued certs are kept +crl_dir = $dir/crl # Where the issued crl are kept +database = $dir/index.txt # database index file. +#unique_subject = no # Set to 'no' to allow creation of + # several ctificates with same subject. +new_certs_dir = $dir/newcerts # default place for new certs. + +certificate = $dir/cacert.pem # The CA certificate +serial = $dir/serial # The current serial number +crlnumber = $dir/crlnumber # the current crl number + # must be commented out to leave a V1 CRL +crl = $dir/crl.pem # The current CRL +private_key = $dir/private/cakey.pem # The private key +RANDFILE = $dir/private/.rand # private random number file + +x509_extensions = usr_cert # The extensions to add to the cert + +# Comment out the following two lines for the "traditional" +# (and highly broken) format. +name_opt = ca_default # Subject Name options +cert_opt = ca_default # Certificate field options + +# Extension copying option: use with caution. +# copy_extensions = copy + +# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs +# so this is commented out by default to leave a V1 CRL. +# crlnumber must also be commented out to leave a V1 CRL. +# crl_extensions = crl_ext + +default_days = 365 # how long to certify for +default_crl_days= 30 # how long before next CRL +default_md = sha1 # which md to use. +preserve = no # keep passed DN ordering + +# A few difference way of specifying how similar the request should look +# For type CA, the listed attributes must be the same, and the optional +# and supplied fields are just that :-) +policy = policy_match + +# For the CA policy +[ policy_match ] +countryName = match +stateOrProvinceName = match +organizationName = match +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +# For the 'anything' policy +# At this point in time, you must list all acceptable 'object' +# types. +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +#################################################################### +[ req ] +default_bits = 1024 +default_keyfile = privkey.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +x509_extensions = v3_ca # The extensions to add to the self signed cert + +# Passwords for private keys if not present they will be prompted for +# input_password = secret +# output_password = secret + +# This sets a mask for permitted string types. There are several options. +# default: PrintableString, T61String, BMPString. +# pkix : PrintableString, BMPString. +# utf8only: only UTF8Strings. +# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings). +# MASK:XXXX a literal mask value. +# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings +# so use this option with caution! +string_mask = nombstr + +# req_extensions = v3_req # The extensions to add to a certificate request + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = BR +countryName_min = 2 +countryName_max = 2 + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = Some-State +stateOrProvinceName_default = Espirito Santo + +localityName = Locality Name (eg, city) +localityName_default = Santo Antonio do Canaa + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = Sao Tonico Ltda + +# we can do this but it is not needed normally :-) +#1.organizationName = Second Organization Name (eg, company) +#1.organizationName_default = World Wide Web Pty Ltd + +organizationalUnitName = Organizational Unit Name (eg, section) +organizationalUnitName_default = Department of Computer Science + +commonName = Common Name (eg, YOUR name) +commonName_default = Client A +commonName_max = 64 + +emailAddress = Email Address +emailAddress_max = 64 + +# SET-ex3 = SET extension number 3 + +[ req_attributes ] +challengePassword = A challenge password +challengePassword_min = 4 +challengePassword_max = 20 + +unstructuredName = An optional company name + +[ usr_cert ] + +# These extensions are added when 'ca' signs a request. + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# Here are some examples of the usage of nsCertType. If it is omitted +# the certificate can be used for anything *except* object signing. + +# This is OK for an SSL server. +# nsCertType = server + +# For an object signing certificate this would be used. +# nsCertType = objsign + +# For normal client use this is typical +# nsCertType = client, email + +# and for everything including object signing: +# nsCertType = client, email, objsign + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem +#nsBaseUrl +#nsRevocationUrl +#nsRenewalUrl +#nsCaPolicyUrl +#nsSslServerName + +[ v3_req ] + +# Extensions to add to a certificate request + +basicConstraints = CA:FALSE +keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +[ v3_ca ] + + +# Extensions for a typical CA + + +# PKIX recommendation. + +subjectKeyIdentifier=hash + +authorityKeyIdentifier=keyid:always,issuer:always + +# This is what PKIX recommends but some broken software chokes on critical +# extensions. +#basicConstraints = critical,CA:true +# So we do this instead. +basicConstraints = CA:true + +# Key usage: this is typical for a CA certificate. However since it will +# prevent it being used as an test self-signed certificate it is best +# left out by default. +# keyUsage = cRLSign, keyCertSign + +# Some might want this also +# nsCertType = sslCA, emailCA + +# Include email address in subject alt name: another PKIX recommendation +# subjectAltName=email:copy +# Copy issuer details +# issuerAltName=issuer:copy + +# DER hex encoding of an extension: beware experts only! +# obj=DER:02:03 +# Where 'obj' is a standard or added object +# You can even override a supported extension: +# basicConstraints= critical, DER:30:03:01:01:FF + +[ crl_ext ] + +# CRL extensions. +# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. + +# issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always,issuer:always + +[ proxy_cert_ext ] +# These extensions should be added when creating a proxy certificate + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# Here are some examples of the usage of nsCertType. If it is omitted +# the certificate can be used for anything *except* object signing. + +# This is OK for an SSL server. +# nsCertType = server + +# For an object signing certificate this would be used. +# nsCertType = objsign + +# For normal client use this is typical +# nsCertType = client, email + +# and for everything including object signing: +# nsCertType = client, email, objsign + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer:always + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem +#nsBaseUrl +#nsRevocationUrl +#nsRenewalUrl +#nsCaPolicyUrl +#nsSslServerName + +# This really needs to be in place for it to be a proxy certificate. +proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo diff --git a/servertests/certs/clientA.pem b/servertests/certs/clientA.pem new file mode 100644 index 0000000..c329bb0 --- /dev/null +++ b/servertests/certs/clientA.pem @@ -0,0 +1,44 @@ +-----BEGIN CERTIFICATE----- +MIIDNTCCAp6gAwIBAgIJANp+V2miEyydMA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw +JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT +BlJvb3QgQTAeFw0xNzExMjAxNTMzMTFaFw0xODExMjAxNTMzMTFaMIGdMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG +A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMREwDwYDVQQDEwhD +bGllbnQgQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxFsGqkE5OkbhtGgS +7jGbJUpJffPmNnn6rLZjI9xlm+t+ZB+aTGucZBaom2ZQfhgw72w/z+3ridwxhRMN +ksPKxDbUHeu+K08Nr99wJ5YqNo4MkRtjexBcub4kqyCwZ75hiSYu/Udk2Xbal6fO +WqWQMT23gUDJ5ddOTgO9bpoUwAcCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgB +hvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYE +FKMDL2ykc1mGtO+Qzwwmqw3wcywaMB8GA1UdIwQYMBaAFCiO5WTUv7L5UyU2lK3j +pwLaI57gMA0GCSqGSIb3DQEBBQUAA4GBAF6558hieqU8chgnnGX0mHUsvwMlBFUw +z8IrlCmDEwLxOW3/zZ2NX/qMgpPgVm4j1sz9fdje+aSj9lhA8mowhPtUGRtt0YLh +WnTuD15e7aUFWDp/HBDhYfgky5YWvCYfprH9VFK1mmPsh+3o62ptZppB6uPiDftt +XOwN48VL1bfb +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDwjCCAyugAwIBAgIJAN38lHt98qNDMA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw +JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT +BlJvb3QgQTAeFw0xNzExMjAxNTMzMTBaFw0xODExMjAxNTMzMTBaMIGdMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw +JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT +BlJvb3QgQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1iZtHryHBn/K1LAd +9I4V4XKOfmBF7cOV3vL0FMtuZdWxWlH2kRdIcT2eGnuR6/XJU2JWQD+ZMGuEMY/A +HD+pY/2F/DI1pZlWtVjPHsYs7RouhiQA1Hxt0770krxOPr8UMlAnmfHoGDta+33F +h10ZuYnRt0Epu704Qyl8/AS6dMMCAwEAAaOCAQYwggECMB0GA1UdDgQWBBQojuVk +1L+y+VMlNpSt46cC2iOe4DCB0gYDVR0jBIHKMIHHgBQojuVk1L+y+VMlNpSt46cC +2iOe4KGBo6SBoDCBnTELMAkGA1UEBhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNh +bnRvMR8wHQYDVQQHExZTYW50byBBbnRvbmlvIGRvIENhbmFhMRowGAYDVQQKExFT +YW50byBUb25pY28gTHRkYTEnMCUGA1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRl +ciBTY2llbmNlMQ8wDQYDVQQDEwZSb290IEGCCQDd/JR7ffKjQzAMBgNVHRMEBTAD +AQH/MA0GCSqGSIb3DQEBBQUAA4GBADY2DUpWSZ6goKO6TFyg8ot30JG8Tr+5Qi95 +NfpjGl0ZrJLVanHURWAJ1BF9BS3LGlaIo8pd6l2uo2/Ql/SHNQHgJ+buq1BedAuO +g57Q/NzKTj0SDKmDAmZDrR05oNmzwku21kBAE+aFPeKw2TSiAXktMqXIyTzX31xv +UlmzIBGO +-----END CERTIFICATE----- + \ No newline at end of file diff --git a/servertests/certs/clientA.sh b/servertests/certs/clientA.sh new file mode 100644 index 0000000..0350ede --- /dev/null +++ b/servertests/certs/clientA.sh @@ -0,0 +1,12 @@ +#!/bin/sh + +openssl req -newkey rsa:1024 -sha1 -keyout clientAkey.pem -out clientAreq.pem \ + -nodes -config ./clientA.cnf -days 365 -batch + +openssl x509 -req -in clientAreq.pem -sha1 -extfile ./clientA.cnf \ + -extensions usr_cert -CA rootA.pem -CAkey rootAkey.pem -CAcreateserial \ + -out clientAcert.pem -days 365 + +cat clientAcert.pem rootA.pem > clientA.pem + +openssl x509 -subject -issuer -noout -in clientA.pem diff --git a/servertests/certs/clientAcert.pem b/servertests/certs/clientAcert.pem new file mode 100644 index 0000000..b01b8bc --- /dev/null +++ b/servertests/certs/clientAcert.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNTCCAp6gAwIBAgIJANp+V2miEyydMA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw +JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT +BlJvb3QgQTAeFw0xNzExMjAxNTMzMTFaFw0xODExMjAxNTMzMTFaMIGdMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG +A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMREwDwYDVQQDEwhD +bGllbnQgQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxFsGqkE5OkbhtGgS +7jGbJUpJffPmNnn6rLZjI9xlm+t+ZB+aTGucZBaom2ZQfhgw72w/z+3ridwxhRMN +ksPKxDbUHeu+K08Nr99wJ5YqNo4MkRtjexBcub4kqyCwZ75hiSYu/Udk2Xbal6fO +WqWQMT23gUDJ5ddOTgO9bpoUwAcCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgB +hvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYE +FKMDL2ykc1mGtO+Qzwwmqw3wcywaMB8GA1UdIwQYMBaAFCiO5WTUv7L5UyU2lK3j +pwLaI57gMA0GCSqGSIb3DQEBBQUAA4GBAF6558hieqU8chgnnGX0mHUsvwMlBFUw +z8IrlCmDEwLxOW3/zZ2NX/qMgpPgVm4j1sz9fdje+aSj9lhA8mowhPtUGRtt0YLh +WnTuD15e7aUFWDp/HBDhYfgky5YWvCYfprH9VFK1mmPsh+3o62ptZppB6uPiDftt +XOwN48VL1bfb +-----END CERTIFICATE----- diff --git a/servertests/certs/clientAkey.pem b/servertests/certs/clientAkey.pem new file mode 100644 index 0000000..7f2aece --- /dev/null +++ b/servertests/certs/clientAkey.pem @@ -0,0 +1,16 @@ +-----BEGIN PRIVATE KEY----- +MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMRbBqpBOTpG4bRo +Eu4xmyVKSX3z5jZ5+qy2YyPcZZvrfmQfmkxrnGQWqJtmUH4YMO9sP8/t64ncMYUT +DZLDysQ21B3rvitPDa/fcCeWKjaODJEbY3sQXLm+JKsgsGe+YYkmLv1HZNl22pen +zlqlkDE9t4FAyeXXTk4DvW6aFMAHAgMBAAECgYBpSHV2bKqGuOLknLkpxqdtgzuM +sW5K33Stjs3xuIcy5z5J6TgOqdSdRhj52g5mzgnPFrfQgb29mbdjpyer/heF1WX5 +aadO4KQQYK4Yj7FhCadcgmtT4yk02+GNnxkWGcny6K0QkUl53ikNmuz/I4dj5dTq +06LLx5fUrS5ub16v4QJBAOcCFhrrSYbc0YIaxu1fFAcqxiyn1551zVjqsYkWt4TP +oDHBv2jilGNbMHl+d6kI0DyWDjBwuOTiXL8ihw625HMCQQDZmTcOKNBMSvidZUd/ +fLZVv4HzmcKi6JWT5GDNqmCQDxBN+dX+uTS7H0Udn+u5i5vFphe0QJXOdwsFWO7Y +duUdAkEAig+1JmF4kCFpFVjrivJIBgCKcCXft9Sv5XRepo/tHnL4SsSAoS7JgJf/ +YJ005tFdotgLoue7mQ+wXotELIciAQJADSy5qKHP+s6PPvhi29UxNP/jXlxw7Gwo +okuxkMJAFnjTA+Wcj0+nYa0DAkgsfY92XwEvbjp614VdpXU9AN4yAQJBAJZ7mBIv +Y0X6wwEQKsTGAUFNUB4VkGnwgXxnS06B9d4vJ+2usYVqY0aMBg6EwoPEU30fSGBZ +RswmJkf5taU6vRM= +-----END PRIVATE KEY----- diff --git a/servertests/certs/clientAreq.pem b/servertests/certs/clientAreq.pem new file mode 100644 index 0000000..ed19ffd --- /dev/null +++ b/servertests/certs/clientAreq.pem @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIB3jCCAUcCAQAwgZ0xCzAJBgNVBAYTAkJSMRcwFQYDVQQIEw5Fc3Bpcml0byBT +YW50bzEfMB0GA1UEBxMWU2FudG8gQW50b25pbyBkbyBDYW5hYTEYMBYGA1UEChMP +U2FvIFRvbmljbyBMdGRhMScwJQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVy +IFNjaWVuY2UxETAPBgNVBAMTCENsaWVudCBBMIGfMA0GCSqGSIb3DQEBAQUAA4GN +ADCBiQKBgQDEWwaqQTk6RuG0aBLuMZslSkl98+Y2efqstmMj3GWb635kH5pMa5xk +FqibZlB+GDDvbD/P7euJ3DGFEw2Sw8rENtQd674rTw2v33Anlio2jgyRG2N7EFy5 +viSrILBnvmGJJi79R2TZdtqXp85apZAxPbeBQMnl105OA71umhTABwIDAQABoAAw +DQYJKoZIhvcNAQEFBQADgYEAnb2VB0BgHF69eGeu1ykSEj5i6TyuPje69EicOORE +wuUqPJV/PxgujbfX29lpawWcQnUNx79oRyb25sFtzCmr6++wuqfqMtA0Zy+XB4Qj +FlEBD93iZYs8qIHlE7XZ6zjfFfJhCypgIsZjeWE6NNB5gIzOmBOZk1WcuyV8LeCD +2rE= +-----END CERTIFICATE REQUEST----- diff --git a/certs/clientB.bat b/servertests/certs/clientB.bat similarity index 100% rename from certs/clientB.bat rename to servertests/certs/clientB.bat diff --git a/certs/clientB.cnf b/servertests/certs/clientB.cnf similarity index 100% rename from certs/clientB.cnf rename to servertests/certs/clientB.cnf diff --git a/servertests/certs/clientB.pem b/servertests/certs/clientB.pem new file mode 100644 index 0000000..8c136eb --- /dev/null +++ b/servertests/certs/clientB.pem @@ -0,0 +1,43 @@ +-----BEGIN CERTIFICATE----- +MIIDMzCCApygAwIBAgIJAKYuEhfbhd4KMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG +A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMQ8wDQYDVQQDEwZS +b290IEIwHhcNMTcxMTIwMTUzMzExWhcNMTgxMTIwMTUzMzExWjCBnTELMAkGA1UE +BhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNhbnRvMR8wHQYDVQQHExZTYW50byBB +bnRvbmlvIGRvIENhbmFhMRgwFgYDVQQKEw9TYW8gVG9uaWNvIEx0ZGExJzAlBgNV +BAsTHkRlcGFydG1lbnQgb2YgQ29tcHV0ZXIgU2NpZW5jZTERMA8GA1UEAxMIQ2xp +ZW50IEIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALb/ECrFMXQeIVyiblnG +P1lgS2PDiRayc5eCZ8co6XQUz2JNkwzhy3jCIlcNmOGzl3uFrn8VoK8WskmdlZxB +MIUCihOW8tPLNw3XLm4U8xHdet0mz4LRb2iraDrv+lFDN+w6o274bwCTHhg9s6X6 +MFvmB44cmcurYMZkTJSC9mOfAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4 +QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBR/ +tiVSXfZJz/Bw3IbmGgOMQoryETAfBgNVHSMEGDAWgBT8HCJ3qikqe2qGcCgw1uqw +t6bhMDANBgkqhkiG9w0BAQUFAAOBgQBptAqmv200QhxXA60kKppnFFhla04OnNPv +JMZBCi221mLJfx9uOsoMoIbqsYl+qCWRZiVV7qahSwhcse7J6Oo6WJdjC5URMziS +axn998Yywu9E7RhCLeu9gaCOnvHbrxAejNArFQRaF9ENBJAXA57TbviC7L/EXLG2 +SJqXruLy3w== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDvDCCAyWgAwIBAgIJAMDsLG/8dCM5MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG +A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMQ8wDQYDVQQDEwZS +b290IEIwHhcNMTcxMTIwMTUzMzEwWhcNMTgxMTIwMTUzMzEwWjCBmzELMAkGA1UE +BhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNhbnRvMR8wHQYDVQQHExZTYW50byBB +bnRvbmlvIGRvIENhbmFhMRgwFgYDVQQKEw9TYW8gVG9uaWNvIEx0ZGExJzAlBgNV +BAsTHkRlcGFydG1lbnQgb2YgQ29tcHV0ZXIgU2NpZW5jZTEPMA0GA1UEAxMGUm9v +dCBCMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJR+bXQaHSvKW6AJjqBwfB +e8XKNtAivk9xv15ipBz98vUIzZIcQw/rWQBUxyMAaxJBugPGF26TVribxrMrxxP4 +I4yJieccw9o/re/4KLZxxs16KVfRSb8TBIflXsstWs5sAza7gSj8enVWZ059C9jw +C/hdyb7JVgUd1NwN2utP8wIDAQABo4IBBDCCAQAwHQYDVR0OBBYEFPwcIneqKSp7 +aoZwKDDW6rC3puEwMIHQBgNVHSMEgcgwgcWAFPwcIneqKSp7aoZwKDDW6rC3puEw +oYGhpIGeMIGbMQswCQYDVQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8x +HzAdBgNVBAcTFlNhbnRvIEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBU +b25pY28gTHRkYTEnMCUGA1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2ll +bmNlMQ8wDQYDVQQDEwZSb290IEKCCQDA7Cxv/HQjOTAMBgNVHRMEBTADAQH/MA0G +CSqGSIb3DQEBBQUAA4GBACvCHViEZ0wG07A3ZTgg/4aDeHz2QTU4Z3X8784JyNKV +l7CwXICusfYp8udl3bgYuSH5wtHGyBNxa2lQtNKtl8UCwe2ROZAuZIG7y8/FFoqu +vZRba33pNE2WRxR4OrTJnrFGBwpzxr+sbiUimOq7UUCoEcnZnVnGm10qrSJTxVtm +-----END CERTIFICATE----- + \ No newline at end of file diff --git a/certs/clientB.sh b/servertests/certs/clientB.sh similarity index 100% rename from certs/clientB.sh rename to servertests/certs/clientB.sh diff --git a/servertests/certs/clientBcert.pem b/servertests/certs/clientBcert.pem new file mode 100644 index 0000000..57790fc --- /dev/null +++ b/servertests/certs/clientBcert.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDMzCCApygAwIBAgIJAKYuEhfbhd4KMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG +A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMQ8wDQYDVQQDEwZS +b290IEIwHhcNMTcxMTIwMTUzMzExWhcNMTgxMTIwMTUzMzExWjCBnTELMAkGA1UE +BhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNhbnRvMR8wHQYDVQQHExZTYW50byBB +bnRvbmlvIGRvIENhbmFhMRgwFgYDVQQKEw9TYW8gVG9uaWNvIEx0ZGExJzAlBgNV +BAsTHkRlcGFydG1lbnQgb2YgQ29tcHV0ZXIgU2NpZW5jZTERMA8GA1UEAxMIQ2xp +ZW50IEIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALb/ECrFMXQeIVyiblnG +P1lgS2PDiRayc5eCZ8co6XQUz2JNkwzhy3jCIlcNmOGzl3uFrn8VoK8WskmdlZxB +MIUCihOW8tPLNw3XLm4U8xHdet0mz4LRb2iraDrv+lFDN+w6o274bwCTHhg9s6X6 +MFvmB44cmcurYMZkTJSC9mOfAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4 +QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBR/ +tiVSXfZJz/Bw3IbmGgOMQoryETAfBgNVHSMEGDAWgBT8HCJ3qikqe2qGcCgw1uqw +t6bhMDANBgkqhkiG9w0BAQUFAAOBgQBptAqmv200QhxXA60kKppnFFhla04OnNPv +JMZBCi221mLJfx9uOsoMoIbqsYl+qCWRZiVV7qahSwhcse7J6Oo6WJdjC5URMziS +axn998Yywu9E7RhCLeu9gaCOnvHbrxAejNArFQRaF9ENBJAXA57TbviC7L/EXLG2 +SJqXruLy3w== +-----END CERTIFICATE----- diff --git a/servertests/certs/clientBkey.pem b/servertests/certs/clientBkey.pem new file mode 100644 index 0000000..9e4a675 --- /dev/null +++ b/servertests/certs/clientBkey.pem @@ -0,0 +1,16 @@ +-----BEGIN PRIVATE KEY----- +MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALb/ECrFMXQeIVyi +blnGP1lgS2PDiRayc5eCZ8co6XQUz2JNkwzhy3jCIlcNmOGzl3uFrn8VoK8Wskmd +lZxBMIUCihOW8tPLNw3XLm4U8xHdet0mz4LRb2iraDrv+lFDN+w6o274bwCTHhg9 +s6X6MFvmB44cmcurYMZkTJSC9mOfAgMBAAECgYEAsKTZ2E9tg2cqUR9CYkpqED5R +x8WSaWRtDE2HG8q0P6du4Ld9QSwcmz7aoymu7//KNCRA4s/fweOoykLhjmmnCLo3 +rfeSCN0Wut9e2psyOJmeCkx+ZvRcP5PNIBGhRZkTcdw/PFOSyn61N8nkYKXwumsq +TQAljYVMknLJ0wEl2KECQQDuOQjFtjx2cJVo9MgBFYNrpfGLeXdXaYW5J0rWjp8l +d2BdMznWjh11USZWKkYH3fhy3Yv2sgGtFGuFywVKctRJAkEAxKb+HSTcGHk6VpHL +Em35fNYHivPPbd67MySi1EpIE3gp+Ch1OFlfS1nZBWRpDvE+KhIC0WirI12FnNPg +pM6opwJATrfaBjspz5l0RbJdRL5vJus23ffNT702yvAI8s0+GYtQ9Hsw6Y0cft/J +4z8k1QSsTIiY73PyydatkRB9NxSqwQJAVrZT4sH4EwqRgM60vqGjmzo9BTZQxt+p +p/mFmxpOAdfAmd4tIfW2oWEy4r/N23rgsGhUucXvgJ6iZe6/ZayCjQJAVNuU3dLT +Jv50v6i2D+j52Ko6Th7R+67Y6UCA8mdbOZD9fIVnJBmM68TmJxA8yD0QcPpJ6a1e +N8ZNbBUsObgq2Q== +-----END PRIVATE KEY----- diff --git a/servertests/certs/clientBreq.pem b/servertests/certs/clientBreq.pem new file mode 100644 index 0000000..cfc6895 --- /dev/null +++ b/servertests/certs/clientBreq.pem @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIB3jCCAUcCAQAwgZ0xCzAJBgNVBAYTAkJSMRcwFQYDVQQIEw5Fc3Bpcml0byBT +YW50bzEfMB0GA1UEBxMWU2FudG8gQW50b25pbyBkbyBDYW5hYTEYMBYGA1UEChMP +U2FvIFRvbmljbyBMdGRhMScwJQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVy +IFNjaWVuY2UxETAPBgNVBAMTCENsaWVudCBCMIGfMA0GCSqGSIb3DQEBAQUAA4GN +ADCBiQKBgQC2/xAqxTF0HiFcom5Zxj9ZYEtjw4kWsnOXgmfHKOl0FM9iTZMM4ct4 +wiJXDZjhs5d7ha5/FaCvFrJJnZWcQTCFAooTlvLTyzcN1y5uFPMR3XrdJs+C0W9o +q2g67/pRQzfsOqNu+G8Akx4YPbOl+jBb5geOHJnLq2DGZEyUgvZjnwIDAQABoAAw +DQYJKoZIhvcNAQEFBQADgYEACJ8lPl/xGFlucXlffjcUZBf8FG/wgoaMmpZKmDIX +u6QbxyPKWpJ8rs0+8zqZfyYy5BFpsAybQxKaJ3GR58qrlA0ZpC7CqA/uBJ0AN6o5 ++8rthTCRIpgWfVXCmEcdOCd/w8WIFzVS7wDh9E+jWXld5MD0ADYM2oRA0eAZlYNp +WVQ= +-----END CERTIFICATE REQUEST----- diff --git a/servertests/certs/privkey.pem b/servertests/certs/privkey.pem new file mode 100644 index 0000000..342c600 --- /dev/null +++ b/servertests/certs/privkey.pem @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQISjYc9r266iMCAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECN82uFIzmv/IBIIEyGtkRZ5TDq65 +PbtWeMMXWS4AwWv7BHwcyFklcmkhamm5lZSskzTzRwiYh1wvxvW1nA1kAOxMfgT3 +sz6gEaptct0TJyjGyrWg2aOEWxM5zDQdcxwa8vY3tZNqWdq49YlWOAq2DElyu1J7 +SO9X0Hb+0K0dWPG9LG229S7NTQUnSNcfSwb5012VOnr2iQPIqlSqi6HJP7xdBEbO +uHpWTn+yh1DEaylObpBM1cn8wNIHDpWo1xij3CeGAImLR4Jb8Vwv4KXePuGP/EjJ +CssvrfOJUvi/npYzWmwv5+YjN9GOgF2dyf/BU/SM5XtA9GTL/xnraT2wtTJ7+yji +RT0lvA0K6hCRlmlhvZ76Yo3rTiHi5wE7XPd4Th65me7sPbsDsm3Dcw0zokM2owsO +UY1p63bGXmYVOECnGDAZ1ZYh6xETC7EbGB8WmFbbevPTVXfMZC+huRCT6jVvTxjz +3wcTcRGHtdpozCoCnFebZOfmtP5kZW5cpTSbKbTWYAKVYjqEu7k/iITyvP8Z8lxM +eJ6huwHHy7EOHnEaOvdkN9BH5b6kJvF2q/tD2FvTfgY/pTKNs3j7AyJT8qCYoE+L +telmdGBKbMmBagHujmO95q/qvPZg5pUiryEu+9RSkPZzW3HoKscCRGHAvLygm120 +HfYtQpPMfBiWCQxRkiTGaliSy2vxaulWig5b79sz9ZP1NNJbuDFwfD1KU3zIPh2f +ljr1yjtk7aQyxtRiVODB5JJMk+3SPzCbjIQyek3bFZrRtJvxobAIVSzPmolEN+SY +F3v4odauFhyZmVdiI2tz6z7UGaWzR+cdb/KjiUQN2dfAqQ1XxcP2KEruZMhYkL12 +g6lp8WctD3MHcfx4ICJCsw3ssREeKSNrGxXksQkoDl2GrWdpiVfXPpCbz5N7nq7l +YmSTwy6j5a+wkqvt/PGmbb+Y3Em+EB7aVpumCCLx6+ViuyQIkVRwMycJlP4W2o/y +dqyKDfOz52yS0JSKkv4MR9neQ1+62oRqZ4ME3GFiarKMH/sRl1nt9jf1zyNTOLF6 +9V1tt6QNZZvCG4PZuZzk2r8MUaXX2EZCBKSydI5WWpGVkVO58CxFaU1lrT9v2Rfy +qirq1K1Qha+8v3ArntOPLH97X+I6XsQPl/WRyadrvuDVrWeiBROmC1ZX1qNn88Du +RAmLrlxXcWtKcMLotKifWf0QYTENDjqE+5y3aUVidu402a1HDUbOM+g8Hfjp1UgK +L0XKGujNi66nAHWHf4ziugcdArWUlK6HdAhszoNujgzph2RK2PFAWOfdzsC8fFWY +Snjz86BKrojSUU35WnuC05ZoZCXyy0fsNV1Tv+cASjkXKbG5SC6rOIpbXnYgK5XH +oDDWNGEUhiwQB9bSUuKEvkpQ3DpDu2xzDS63VE+/YuOyO5VGald2Tlr0JaWdfubg +BurPfpR2dYLkzICZNj3/BXEXTf4LSmT2G0MML0sDq65ra1JoxZavFaBDm0j9NPJC +5R6TkQ0ZAQqkZldTb8Ew2OiHCQmhGVB8YBkFq4rdenRvq4WaMwJdj9OmuBOgy3nl +KmWvV5SU/iuNjD0AIhutwuQmt35ovNDMuqdeY3oTulCYyVH5Gsd2kggl0ceKP1tP +b8CHqdOVkemADhCRxXsIwQ== +-----END ENCRYPTED PRIVATE KEY----- diff --git a/servertests/certs/rootA.bat b/servertests/certs/rootA.bat new file mode 100644 index 0000000..6449bfa --- /dev/null +++ b/servertests/certs/rootA.bat @@ -0,0 +1,7 @@ +REM #!/bin/sh + +openssl req -newkey rsa:1024 -sha1 -keyout rootAkey.pem -out rootAreq.pem -nodes -config ./rootA.cnf -days 365 -batch + +openssl x509 -req -in rootAreq.pem -sha1 -extfile ./rootA.cnf -extensions v3_ca -signkey rootAkey.pem -out rootA.pem -days 365 + +openssl x509 -subject -issuer -noout -in rootA.pem diff --git a/servertests/certs/rootA.cnf b/servertests/certs/rootA.cnf new file mode 100644 index 0000000..2dc39c8 --- /dev/null +++ b/servertests/certs/rootA.cnf @@ -0,0 +1,315 @@ +# +# OpenSSL example configuration file. +# This is mostly being used for generation of certificate requests. +# + +# This definition stops the following lines choking if HOME isn't +# defined. +HOME = . +RANDFILE = $ENV::HOME/.rnd + +# Extra OBJECT IDENTIFIER info: +#oid_file = $ENV::HOME/.oid +oid_section = new_oids + +# To use this configuration file with the "-extfile" option of the +# "openssl x509" utility, name here the section containing the +# X.509v3 extensions to use: +# extensions = +# (Alternatively, use a configuration file that has only +# X.509v3 extensions in its main [= default] section.) + +[ new_oids ] + +# We can add new OIDs in here for use by 'ca' and 'req'. +# Add a simple OID like this: +# testoid1=1.2.3.4 +# Or use config file substitution like this: +# testoid2=${testoid1}.5.6 + +#################################################################### +[ ca ] +default_ca = CA_default # The default ca section + +#################################################################### +[ CA_default ] + +dir = ./demoCA # Where everything is kept +certs = $dir/certs # Where the issued certs are kept +crl_dir = $dir/crl # Where the issued crl are kept +database = $dir/index.txt # database index file. +#unique_subject = no # Set to 'no' to allow creation of + # several ctificates with same subject. +new_certs_dir = $dir/newcerts # default place for new certs. + +certificate = $dir/cacert.pem # The CA certificate +serial = $dir/serial # The current serial number +crlnumber = $dir/crlnumber # the current crl number + # must be commented out to leave a V1 CRL +crl = $dir/crl.pem # The current CRL +private_key = $dir/private/cakey.pem # The private key +RANDFILE = $dir/private/.rand # private random number file + +x509_extensions = usr_cert # The extensions to add to the cert + +# Comment out the following two lines for the "traditional" +# (and highly broken) format. +name_opt = ca_default # Subject Name options +cert_opt = ca_default # Certificate field options + +# Extension copying option: use with caution. +# copy_extensions = copy + +# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs +# so this is commented out by default to leave a V1 CRL. +# crlnumber must also be commented out to leave a V1 CRL. +# crl_extensions = crl_ext + +default_days = 365 # how long to certify for +default_crl_days= 30 # how long before next CRL +default_md = sha1 # which md to use. +preserve = no # keep passed DN ordering + +# A few difference way of specifying how similar the request should look +# For type CA, the listed attributes must be the same, and the optional +# and supplied fields are just that :-) +policy = policy_match + +# For the CA policy +[ policy_match ] +countryName = match +stateOrProvinceName = match +organizationName = match +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +# For the 'anything' policy +# At this point in time, you must list all acceptable 'object' +# types. +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +#################################################################### +[ req ] +default_bits = 1024 +default_keyfile = privkey.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +x509_extensions = v3_ca # The extensions to add to the self signed cert + +# Passwords for private keys if not present they will be prompted for +# input_password = secret +# output_password = secret + +# This sets a mask for permitted string types. There are several options. +# default: PrintableString, T61String, BMPString. +# pkix : PrintableString, BMPString. +# utf8only: only UTF8Strings. +# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings). +# MASK:XXXX a literal mask value. +# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings +# so use this option with caution! +string_mask = nombstr + +# req_extensions = v3_req # The extensions to add to a certificate request + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = BR +countryName_min = 2 +countryName_max = 2 + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = Espirito Santo + +localityName = Locality Name (eg, city) +localityName_default = Santo Antonio do Canaa + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = Santo Tonico Ltda + +# we can do this but it is not needed normally :-) +#1.organizationName = Second Organization Name (eg, company) +#1.organizationName_default = World Wide Web Pty Ltd + +organizationalUnitName = Organizational Unit Name (eg, section) +organizationalUnitName_default = Department of Computer Science + +commonName = Common Name (eg, YOUR name) +commonName_max = 64 +commonName_default = Root A + +emailAddress = Email Address +emailAddress_max = 64 + +# SET-ex3 = SET extension number 3 + +[ req_attributes ] +challengePassword = A challenge password +challengePassword_min = 4 +challengePassword_max = 20 + +unstructuredName = An optional company name + +[ usr_cert ] + +# These extensions are added when 'ca' signs a request. + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# Here are some examples of the usage of nsCertType. If it is omitted +# the certificate can be used for anything *except* object signing. + +# This is OK for an SSL server. +# nsCertType = server + +# For an object signing certificate this would be used. +# nsCertType = objsign + +# For normal client use this is typical +# nsCertType = client, email + +# and for everything including object signing: +# nsCertType = client, email, objsign + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem +#nsBaseUrl +#nsRevocationUrl +#nsRenewalUrl +#nsCaPolicyUrl +#nsSslServerName + +[ v3_req ] + +# Extensions to add to a certificate request + +basicConstraints = CA:FALSE +keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +[ v3_ca ] + + +# Extensions for a typical CA + + +# PKIX recommendation. + +subjectKeyIdentifier=hash + +authorityKeyIdentifier=keyid:always,issuer:always + +# This is what PKIX recommends but some broken software chokes on critical +# extensions. +#basicConstraints = critical,CA:true +# So we do this instead. +basicConstraints = CA:true + +# Key usage: this is typical for a CA certificate. However since it will +# prevent it being used as an test self-signed certificate it is best +# left out by default. +# keyUsage = cRLSign, keyCertSign + +# Some might want this also +# nsCertType = sslCA, emailCA + +# Include email address in subject alt name: another PKIX recommendation +# subjectAltName=email:copy +# Copy issuer details +# issuerAltName=issuer:copy + +# DER hex encoding of an extension: beware experts only! +# obj=DER:02:03 +# Where 'obj' is a standard or added object +# You can even override a supported extension: +# basicConstraints= critical, DER:30:03:01:01:FF + +[ crl_ext ] + +# CRL extensions. +# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. + +# issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always,issuer:always + +[ proxy_cert_ext ] +# These extensions should be added when creating a proxy certificate + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# Here are some examples of the usage of nsCertType. If it is omitted +# the certificate can be used for anything *except* object signing. + +# This is OK for an SSL server. +# nsCertType = server + +# For an object signing certificate this would be used. +# nsCertType = objsign + +# For normal client use this is typical +# nsCertType = client, email + +# and for everything including object signing: +# nsCertType = client, email, objsign + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer:always + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem +#nsBaseUrl +#nsRevocationUrl +#nsRenewalUrl +#nsCaPolicyUrl +#nsSslServerName + +# This really needs to be in place for it to be a proxy certificate. +proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo diff --git a/servertests/certs/rootA.pem b/servertests/certs/rootA.pem new file mode 100644 index 0000000..f6626a5 --- /dev/null +++ b/servertests/certs/rootA.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIIDwjCCAyugAwIBAgIJAN38lHt98qNDMA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw +JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT +BlJvb3QgQTAeFw0xNzExMjAxNTMzMTBaFw0xODExMjAxNTMzMTBaMIGdMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw +JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT +BlJvb3QgQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1iZtHryHBn/K1LAd +9I4V4XKOfmBF7cOV3vL0FMtuZdWxWlH2kRdIcT2eGnuR6/XJU2JWQD+ZMGuEMY/A +HD+pY/2F/DI1pZlWtVjPHsYs7RouhiQA1Hxt0770krxOPr8UMlAnmfHoGDta+33F +h10ZuYnRt0Epu704Qyl8/AS6dMMCAwEAAaOCAQYwggECMB0GA1UdDgQWBBQojuVk +1L+y+VMlNpSt46cC2iOe4DCB0gYDVR0jBIHKMIHHgBQojuVk1L+y+VMlNpSt46cC +2iOe4KGBo6SBoDCBnTELMAkGA1UEBhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNh +bnRvMR8wHQYDVQQHExZTYW50byBBbnRvbmlvIGRvIENhbmFhMRowGAYDVQQKExFT +YW50byBUb25pY28gTHRkYTEnMCUGA1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRl +ciBTY2llbmNlMQ8wDQYDVQQDEwZSb290IEGCCQDd/JR7ffKjQzAMBgNVHRMEBTAD +AQH/MA0GCSqGSIb3DQEBBQUAA4GBADY2DUpWSZ6goKO6TFyg8ot30JG8Tr+5Qi95 +NfpjGl0ZrJLVanHURWAJ1BF9BS3LGlaIo8pd6l2uo2/Ql/SHNQHgJ+buq1BedAuO +g57Q/NzKTj0SDKmDAmZDrR05oNmzwku21kBAE+aFPeKw2TSiAXktMqXIyTzX31xv +UlmzIBGO +-----END CERTIFICATE----- diff --git a/servertests/certs/rootA.sh b/servertests/certs/rootA.sh new file mode 100644 index 0000000..7b588bf --- /dev/null +++ b/servertests/certs/rootA.sh @@ -0,0 +1,7 @@ +#!/bin/sh + +openssl req -newkey rsa:1024 -sha1 -keyout rootAkey.pem -out rootAreq.pem -nodes -config ./rootA.cnf -days 365 -batch + +openssl x509 -req -in rootAreq.pem -sha1 -extfile ./rootA.cnf -extensions v3_ca -signkey rootAkey.pem -out rootA.pem -days 365 + +openssl x509 -subject -issuer -noout -in rootA.pem diff --git a/servertests/certs/rootA.srl b/servertests/certs/rootA.srl new file mode 100644 index 0000000..cb7f533 --- /dev/null +++ b/servertests/certs/rootA.srl @@ -0,0 +1 @@ +DA7E5769A2132C9D diff --git a/servertests/certs/rootAkey.pem b/servertests/certs/rootAkey.pem new file mode 100644 index 0000000..9aa49d4 --- /dev/null +++ b/servertests/certs/rootAkey.pem @@ -0,0 +1,16 @@ +-----BEGIN PRIVATE KEY----- +MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANYmbR68hwZ/ytSw +HfSOFeFyjn5gRe3Dld7y9BTLbmXVsVpR9pEXSHE9nhp7kev1yVNiVkA/mTBrhDGP +wBw/qWP9hfwyNaWZVrVYzx7GLO0aLoYkANR8bdO+9JK8Tj6/FDJQJ5nx6Bg7Wvt9 +xYddGbmJ0bdBKbu9OEMpfPwEunTDAgMBAAECgYBQo2uXlVoq4lgYOrEs84vdtutd +PxdV7r4yk73BTtElW5BK+G4mOGQ48ADm6/0IoybKVU8xJkGi7/l5SC4I9RftNJ6+ +UV30kU5MTDQIX/ZPE7bAYyEokZPAnIQq6clhlLLgZn123g0+BbO0HNHm+6786RMB ++IR5y8sIg/vpG4KVYQJBAO5xucY2Jp+ChL/A0g+gNSX1vONlG8/4LVA8MLPOp9io +ePicaNq8jog11voLDwp6917h3y5fY8b74Of0Q3ZsLYsCQQDl6sv5jbK6JYs3b848 +8W+BI4TpiXI6ra+5duPOvC2LeyC2EckhlYORzqDuJAivq/fhszW15oPcNdMRn9Jv +BaypAkEAuv6tNmjZOVbeTJMnKeH2TGK/U4XDngF/Z+EMQLbcoujclfvzrzcYgHHY +uhdaIFn3DY4NvQxJ748w/jdtgL2tqQJAfAdvxc307oo2Uc+UuDeeaVHZ74nf/1uX +AjvqpKnLAAWKHe32TJG1ikCnfBAgR3RDopPkk54o3/CBTm6jPJUZEQJAJJXnKtQo +VpdNR/RUR/Fw3nAfIoi9KZ1p2iU8JZz646k/eRLRQZOv/ZCn0rvHyV80fpAPeVYd +7a+AjMrGAUm/yg== +-----END PRIVATE KEY----- diff --git a/servertests/certs/rootAreq.pem b/servertests/certs/rootAreq.pem new file mode 100644 index 0000000..6528254 --- /dev/null +++ b/servertests/certs/rootAreq.pem @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIB3jCCAUcCAQAwgZ0xCzAJBgNVBAYTAkJSMRcwFQYDVQQIEw5Fc3Bpcml0byBT +YW50bzEfMB0GA1UEBxMWU2FudG8gQW50b25pbyBkbyBDYW5hYTEaMBgGA1UEChMR +U2FudG8gVG9uaWNvIEx0ZGExJzAlBgNVBAsTHkRlcGFydG1lbnQgb2YgQ29tcHV0 +ZXIgU2NpZW5jZTEPMA0GA1UEAxMGUm9vdCBBMIGfMA0GCSqGSIb3DQEBAQUAA4GN +ADCBiQKBgQDWJm0evIcGf8rUsB30jhXhco5+YEXtw5Xe8vQUy25l1bFaUfaRF0hx +PZ4ae5Hr9clTYlZAP5kwa4Qxj8AcP6lj/YX8MjWlmVa1WM8exiztGi6GJADUfG3T +vvSSvE4+vxQyUCeZ8egYO1r7fcWHXRm5idG3QSm7vThDKXz8BLp0wwIDAQABoAAw +DQYJKoZIhvcNAQEFBQADgYEABydZSUP4MTEIg3WSOZaiUUAppGnMYCT/xxrgB1LA +8WW7iFjIgmmttltP0g3oBzNsZSKmLRfzOxJ0OK3eq23ZvdsUIBDc5HiLhk7Zurbj ++bxKUXtYq77+H2ikr/HDKmlmFd2tFqV48Iz/jolybOJ1YjBgRhdCkpSnTyLGNQHD +iv4= +-----END CERTIFICATE REQUEST----- diff --git a/certs/rootB.bat b/servertests/certs/rootB.bat similarity index 100% rename from certs/rootB.bat rename to servertests/certs/rootB.bat diff --git a/certs/rootB.cnf b/servertests/certs/rootB.cnf similarity index 100% rename from certs/rootB.cnf rename to servertests/certs/rootB.cnf diff --git a/servertests/certs/rootB.pem b/servertests/certs/rootB.pem new file mode 100644 index 0000000..637d6c5 --- /dev/null +++ b/servertests/certs/rootB.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDvDCCAyWgAwIBAgIJAMDsLG/8dCM5MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG +A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMQ8wDQYDVQQDEwZS +b290IEIwHhcNMTcxMTIwMTUzMzEwWhcNMTgxMTIwMTUzMzEwWjCBmzELMAkGA1UE +BhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNhbnRvMR8wHQYDVQQHExZTYW50byBB +bnRvbmlvIGRvIENhbmFhMRgwFgYDVQQKEw9TYW8gVG9uaWNvIEx0ZGExJzAlBgNV +BAsTHkRlcGFydG1lbnQgb2YgQ29tcHV0ZXIgU2NpZW5jZTEPMA0GA1UEAxMGUm9v +dCBCMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJR+bXQaHSvKW6AJjqBwfB +e8XKNtAivk9xv15ipBz98vUIzZIcQw/rWQBUxyMAaxJBugPGF26TVribxrMrxxP4 +I4yJieccw9o/re/4KLZxxs16KVfRSb8TBIflXsstWs5sAza7gSj8enVWZ059C9jw +C/hdyb7JVgUd1NwN2utP8wIDAQABo4IBBDCCAQAwHQYDVR0OBBYEFPwcIneqKSp7 +aoZwKDDW6rC3puEwMIHQBgNVHSMEgcgwgcWAFPwcIneqKSp7aoZwKDDW6rC3puEw +oYGhpIGeMIGbMQswCQYDVQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8x +HzAdBgNVBAcTFlNhbnRvIEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBU +b25pY28gTHRkYTEnMCUGA1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2ll +bmNlMQ8wDQYDVQQDEwZSb290IEKCCQDA7Cxv/HQjOTAMBgNVHRMEBTADAQH/MA0G +CSqGSIb3DQEBBQUAA4GBACvCHViEZ0wG07A3ZTgg/4aDeHz2QTU4Z3X8784JyNKV +l7CwXICusfYp8udl3bgYuSH5wtHGyBNxa2lQtNKtl8UCwe2ROZAuZIG7y8/FFoqu +vZRba33pNE2WRxR4OrTJnrFGBwpzxr+sbiUimOq7UUCoEcnZnVnGm10qrSJTxVtm +-----END CERTIFICATE----- diff --git a/certs/rootB.sh b/servertests/certs/rootB.sh similarity index 100% rename from certs/rootB.sh rename to servertests/certs/rootB.sh diff --git a/servertests/certs/rootB.srl b/servertests/certs/rootB.srl new file mode 100644 index 0000000..4b255f1 --- /dev/null +++ b/servertests/certs/rootB.srl @@ -0,0 +1 @@ +A62E1217DB85DE0A diff --git a/servertests/certs/rootBkey.pem b/servertests/certs/rootBkey.pem new file mode 100644 index 0000000..fc38832 --- /dev/null +++ b/servertests/certs/rootBkey.pem @@ -0,0 +1,16 @@ +-----BEGIN PRIVATE KEY----- +MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMlH5tdBodK8pboA +mOoHB8F7xco20CK+T3G/XmKkHP3y9QjNkhxDD+tZAFTHIwBrEkG6A8YXbpNWuJvG +syvHE/gjjImJ5xzD2j+t7/gotnHGzXopV9FJvxMEh+Veyy1azmwDNruBKPx6dVZn +Tn0L2PAL+F3JvslWBR3U3A3a60/zAgMBAAECgYA5ls/uYMHrKLyGFmup8e7/Jem2 +bK5qcmcKlYVs1aXR5vTC2wZl/a4NWT6mAv/5u6jSk2VHBSdHErXpJBXZfbExeNZO +rNcsuETF4isAE5/icQuGX6TDLJw/JporF7g0Yr3Wutev+XYboicSRIdxZ1GMmkH2 +SvkKuOdmXbKJzdlCSQJBAPJJhYSc4SDNpJANmX35ELZxigyfmC3ei4er+T4MWqOO +dUGEHx2eMiDdK3tQhdObJBIcsJ4LaM45og1c4I0IXMcCQQDUrD40v5xDlWAqZEHg +9GzxUEXcpWYMVav/MjYEcIKk3tG1MyqUJPDRyEYRlOVrgfAheGMer2iIF/K0r08o +TM91AkEA3J6N8b9YUCJxIqr/hXHyAe9JIU2BqOLoctXp0tI1BpGFu+6u1q1iQAKk +wVkFQzYVlliBiqgg+wgHw9s6rbFbqQJAYCHbnIxgXkxPQ9o9zSmvdQUMD0jUcA7p +yFkyAZ+57jyqHnYacQyhrrIQujHL4mTB3t9ELsKrRZlNpE76QQU3YQJBAKA2tF0g +h7XcsVcWzkUkrMU2ZczmxRYvqXnh5K7ZzC/L/BwK5MQ0Hy5Usw1R5tYZBnh9GsUX +Uj3SVOzdVdegwEk= +-----END PRIVATE KEY----- diff --git a/servertests/certs/rootBreq.pem b/servertests/certs/rootBreq.pem new file mode 100644 index 0000000..baf2890 --- /dev/null +++ b/servertests/certs/rootBreq.pem @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIB3DCCAUUCAQAwgZsxCzAJBgNVBAYTAkJSMRcwFQYDVQQIEw5Fc3Bpcml0byBT +YW50bzEfMB0GA1UEBxMWU2FudG8gQW50b25pbyBkbyBDYW5hYTEYMBYGA1UEChMP +U2FvIFRvbmljbyBMdGRhMScwJQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVy +IFNjaWVuY2UxDzANBgNVBAMTBlJvb3QgQjCBnzANBgkqhkiG9w0BAQEFAAOBjQAw +gYkCgYEAyUfm10Gh0rylugCY6gcHwXvFyjbQIr5Pcb9eYqQc/fL1CM2SHEMP61kA +VMcjAGsSQboDxhduk1a4m8azK8cT+COMiYnnHMPaP63v+Ci2ccbNeilX0Um/EwSH +5V7LLVrObAM2u4Eo/Hp1VmdOfQvY8Av4Xcm+yVYFHdTcDdrrT/MCAwEAAaAAMA0G +CSqGSIb3DQEBBQUAA4GBAMINTlldvYFzlBaDOtUDzD4e1g5/FlIHwZtCSAEJPxGa +4e5tltl+O1qbuhvgDb7fM5dn6EwqHax85Qc+dcFkkOqZcKmTDBftlidexcyQ4Tz/ +mwzwe0czKIbRamvwVgb4g+z5z9Fy8JROKgAGGuV5D5DtcjRy+b3a8HH8Ta1jPIk4 +-----END CERTIFICATE REQUEST----- diff --git a/servertests/certs/serverA.bat b/servertests/certs/serverA.bat new file mode 100644 index 0000000..78934d5 --- /dev/null +++ b/servertests/certs/serverA.bat @@ -0,0 +1,9 @@ +rem #!/bin/sh + +openssl req -newkey rsa:1024 -keyout serverAkey.pem -out serverAreq.pem -config ./serverA.cnf -nodes -days 365 -batch + +openssl x509 -req -in serverAreq.pem -sha1 -extfile ./serverA.cnf -extensions usr_cert -CA rootA.pem -CAkey rootAkey.pem -CAcreateserial -out serverAcert.pem -days 365 + +copy serverAcert.pem + rootA.pem serverA.pem + +openssl x509 -subject -issuer -noout -in serverA.pem diff --git a/servertests/certs/serverA.cnf b/servertests/certs/serverA.cnf new file mode 100644 index 0000000..b9c736f --- /dev/null +++ b/servertests/certs/serverA.cnf @@ -0,0 +1,316 @@ +# +# OpenSSL example configuration file. +# This is mostly being used for generation of certificate requests. +# + +# This definition stops the following lines choking if HOME isn't +# defined. +HOME = . +RANDFILE = $ENV::HOME/.rnd + +# Extra OBJECT IDENTIFIER info: +#oid_file = $ENV::HOME/.oid +oid_section = new_oids + +# To use this configuration file with the "-extfile" option of the +# "openssl x509" utility, name here the section containing the +# X.509v3 extensions to use: +# extensions = +# (Alternatively, use a configuration file that has only +# X.509v3 extensions in its main [= default] section.) + +[ new_oids ] + +# We can add new OIDs in here for use by 'ca' and 'req'. +# Add a simple OID like this: +# testoid1=1.2.3.4 +# Or use config file substitution like this: +# testoid2=${testoid1}.5.6 + +#################################################################### +[ ca ] +default_ca = CA_default # The default ca section + +#################################################################### +[ CA_default ] + +dir = ./demoCA # Where everything is kept +certs = $dir/certs # Where the issued certs are kept +crl_dir = $dir/crl # Where the issued crl are kept +database = $dir/index.txt # database index file. +#unique_subject = no # Set to 'no' to allow creation of + # several ctificates with same subject. +new_certs_dir = $dir/newcerts # default place for new certs. + +certificate = $dir/cacert.pem # The CA certificate +serial = $dir/serial # The current serial number +crlnumber = $dir/crlnumber # the current crl number + # must be commented out to leave a V1 CRL +crl = $dir/crl.pem # The current CRL +private_key = $dir/private/cakey.pem # The private key +RANDFILE = $dir/private/.rand # private random number file + +x509_extensions = usr_cert # The extensions to add to the cert + +# Comment out the following two lines for the "traditional" +# (and highly broken) format. +name_opt = ca_default # Subject Name options +cert_opt = ca_default # Certificate field options + +# Extension copying option: use with caution. +# copy_extensions = copy + +# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs +# so this is commented out by default to leave a V1 CRL. +# crlnumber must also be commented out to leave a V1 CRL. +# crl_extensions = crl_ext + +default_days = 365 # how long to certify for +default_crl_days= 30 # how long before next CRL +default_md = sha1 # which md to use. +preserve = no # keep passed DN ordering + +# A few difference way of specifying how similar the request should look +# For type CA, the listed attributes must be the same, and the optional +# and supplied fields are just that :-) +policy = policy_match + +# For the CA policy +[ policy_match ] +countryName = match +stateOrProvinceName = match +organizationName = match +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +# For the 'anything' policy +# At this point in time, you must list all acceptable 'object' +# types. +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +#################################################################### +[ req ] +default_bits = 1024 +default_keyfile = privkey.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +x509_extensions = v3_ca # The extensions to add to the self signed cert + +# Passwords for private keys if not present they will be prompted for +# input_password = secret +# output_password = secret + +# This sets a mask for permitted string types. There are several options. +# default: PrintableString, T61String, BMPString. +# pkix : PrintableString, BMPString. +# utf8only: only UTF8Strings. +# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings). +# MASK:XXXX a literal mask value. +# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings +# so use this option with caution! +string_mask = nombstr + +# req_extensions = v3_req # The extensions to add to a certificate request + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = BR +countryName_min = 2 +countryName_max = 2 + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = Some-State +stateOrProvinceName_default = Espirito Santo + +localityName = Locality Name (eg, city) +localityName_default = Santo Antonio do Canaa + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = Sao Tonico Ltda + +# we can do this but it is not needed normally :-) +#1.organizationName = Second Organization Name (eg, company) +#1.organizationName_default = World Wide Web Pty Ltd + +organizationalUnitName = Organizational Unit Name (eg, section) +organizationalUnitName_default = Department of Computer Science + +commonName = Common Name (eg, YOUR name) +commonName_default = Server A +commonName_max = 64 + +emailAddress = Email Address +emailAddress_max = 64 + +# SET-ex3 = SET extension number 3 + +[ req_attributes ] +challengePassword = A challenge password +challengePassword_min = 4 +challengePassword_max = 20 + +unstructuredName = An optional company name + +[ usr_cert ] + +# These extensions are added when 'ca' signs a request. + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# Here are some examples of the usage of nsCertType. If it is omitted +# the certificate can be used for anything *except* object signing. + +# This is OK for an SSL server. +nsCertType = server + +# For an object signing certificate this would be used. +# nsCertType = objsign + +# For normal client use this is typical +# nsCertType = client, email + +# and for everything including object signing: +# nsCertType = client, email, objsign + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem +#nsBaseUrl +#nsRevocationUrl +#nsRenewalUrl +#nsCaPolicyUrl +#nsSslServerName + +[ v3_req ] + +# Extensions to add to a certificate request + +basicConstraints = CA:FALSE +keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +[ v3_ca ] + + +# Extensions for a typical CA + + +# PKIX recommendation. + +subjectKeyIdentifier=hash + +authorityKeyIdentifier=keyid:always,issuer:always + +# This is what PKIX recommends but some broken software chokes on critical +# extensions. +#basicConstraints = critical,CA:true +# So we do this instead. +basicConstraints = CA:true + +# Key usage: this is typical for a CA certificate. However since it will +# prevent it being used as an test self-signed certificate it is best +# left out by default. +# keyUsage = cRLSign, keyCertSign + +# Some might want this also +# nsCertType = sslCA, emailCA + +# Include email address in subject alt name: another PKIX recommendation +# subjectAltName=email:copy +# Copy issuer details +# issuerAltName=issuer:copy + +# DER hex encoding of an extension: beware experts only! +# obj=DER:02:03 +# Where 'obj' is a standard or added object +# You can even override a supported extension: +# basicConstraints= critical, DER:30:03:01:01:FF + +[ crl_ext ] + +# CRL extensions. +# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. + +# issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always,issuer:always + +[ proxy_cert_ext ] +# These extensions should be added when creating a proxy certificate + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# Here are some examples of the usage of nsCertType. If it is omitted +# the certificate can be used for anything *except* object signing. + +# This is OK for an SSL server. +# nsCertType = server + +# For an object signing certificate this would be used. +# nsCertType = objsign + +# For normal client use this is typical +# nsCertType = client, email + +# and for everything including object signing: +# nsCertType = client, email, objsign + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer:always + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem +#nsBaseUrl +#nsRevocationUrl +#nsRenewalUrl +#nsCaPolicyUrl +#nsSslServerName + +# This really needs to be in place for it to be a proxy certificate. +proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo diff --git a/servertests/certs/serverA.pem b/servertests/certs/serverA.pem new file mode 100644 index 0000000..dc1f983 --- /dev/null +++ b/servertests/certs/serverA.pem @@ -0,0 +1,44 @@ +-----BEGIN CERTIFICATE----- +MIIDSjCCArOgAwIBAgIJANp+V2miEyycMA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw +JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT +BlJvb3QgQTAeFw0xNzExMjAxNTMzMTBaFw0xODExMjAxNTMzMTBaMIGdMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG +A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMREwDwYDVQQDEwhT +ZXJ2ZXIgQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsgdmW/SfzUE/7TNL +obuDAjdXy/28CehaIjRGrO9pyw6gPjsz/DbMdXm4sEQL2HN1LVubwQWKHnLAfpyw +Zw3C/x8I2pxAEEluGKXmXldpM+I0nj5DpnyLd9OP+06zLKq/xgKEWPImDdw9Qks1 +AkmwUUUq/FikJIbSIFSFbhEAGoUCAwEAAaOBjzCBjDAJBgNVHRMEAjAAMBEGCWCG +SAGG+EIBAQQEAwIGQDAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg +Q2VydGlmaWNhdGUwHQYDVR0OBBYEFEfjdOOLGs220aZWHVOwtsjgWgEWMB8GA1Ud +IwQYMBaAFCiO5WTUv7L5UyU2lK3jpwLaI57gMA0GCSqGSIb3DQEBBQUAA4GBABEE +iX3tYF/PX+xKdU+IdB4BTeUJ1sGzskrovXm7jKK693NejfgnULrvHhOppJ+F4bwk +DlxbztBwJ8H+HiDQ7Emg8e/ymAtauNcb4DEoTbe/U3cWwNQP2eNNDeo5U8YzeIlR +AO7j8Km4+GiwCTuigLhvld1erYaztqQkVDjNS23E +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDwjCCAyugAwIBAgIJAN38lHt98qNDMA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw +JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT +BlJvb3QgQTAeFw0xNzExMjAxNTMzMTBaFw0xODExMjAxNTMzMTBaMIGdMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw +JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT +BlJvb3QgQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1iZtHryHBn/K1LAd +9I4V4XKOfmBF7cOV3vL0FMtuZdWxWlH2kRdIcT2eGnuR6/XJU2JWQD+ZMGuEMY/A +HD+pY/2F/DI1pZlWtVjPHsYs7RouhiQA1Hxt0770krxOPr8UMlAnmfHoGDta+33F +h10ZuYnRt0Epu704Qyl8/AS6dMMCAwEAAaOCAQYwggECMB0GA1UdDgQWBBQojuVk +1L+y+VMlNpSt46cC2iOe4DCB0gYDVR0jBIHKMIHHgBQojuVk1L+y+VMlNpSt46cC +2iOe4KGBo6SBoDCBnTELMAkGA1UEBhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNh +bnRvMR8wHQYDVQQHExZTYW50byBBbnRvbmlvIGRvIENhbmFhMRowGAYDVQQKExFT +YW50byBUb25pY28gTHRkYTEnMCUGA1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRl +ciBTY2llbmNlMQ8wDQYDVQQDEwZSb290IEGCCQDd/JR7ffKjQzAMBgNVHRMEBTAD +AQH/MA0GCSqGSIb3DQEBBQUAA4GBADY2DUpWSZ6goKO6TFyg8ot30JG8Tr+5Qi95 +NfpjGl0ZrJLVanHURWAJ1BF9BS3LGlaIo8pd6l2uo2/Ql/SHNQHgJ+buq1BedAuO +g57Q/NzKTj0SDKmDAmZDrR05oNmzwku21kBAE+aFPeKw2TSiAXktMqXIyTzX31xv +UlmzIBGO +-----END CERTIFICATE----- + \ No newline at end of file diff --git a/servertests/certs/serverA.sh b/servertests/certs/serverA.sh new file mode 100644 index 0000000..7fa04e0 --- /dev/null +++ b/servertests/certs/serverA.sh @@ -0,0 +1,12 @@ +#!/bin/sh + +openssl req -newkey rsa:1024 -keyout serverAkey.pem -out serverAreq.pem \ + -config ./serverA.cnf -nodes -days 365 -batch + +openssl x509 -req -in serverAreq.pem -sha1 -extfile ./serverA.cnf \ + -extensions usr_cert -CA rootA.pem -CAkey rootAkey.pem -CAcreateserial \ + -out serverAcert.pem -days 365 + +cat serverAcert.pem rootA.pem > serverA.pem + +openssl x509 -subject -issuer -noout -in serverA.pem diff --git a/servertests/certs/serverAcert.pem b/servertests/certs/serverAcert.pem new file mode 100644 index 0000000..ca5a61e --- /dev/null +++ b/servertests/certs/serverAcert.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDSjCCArOgAwIBAgIJANp+V2miEyycMA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGjAYBgNVBAoTEVNhbnRvIFRvbmljbyBMdGRhMScw +JQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVyIFNjaWVuY2UxDzANBgNVBAMT +BlJvb3QgQTAeFw0xNzExMjAxNTMzMTBaFw0xODExMjAxNTMzMTBaMIGdMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG +A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMREwDwYDVQQDEwhT +ZXJ2ZXIgQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsgdmW/SfzUE/7TNL +obuDAjdXy/28CehaIjRGrO9pyw6gPjsz/DbMdXm4sEQL2HN1LVubwQWKHnLAfpyw +Zw3C/x8I2pxAEEluGKXmXldpM+I0nj5DpnyLd9OP+06zLKq/xgKEWPImDdw9Qks1 +AkmwUUUq/FikJIbSIFSFbhEAGoUCAwEAAaOBjzCBjDAJBgNVHRMEAjAAMBEGCWCG +SAGG+EIBAQQEAwIGQDAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQg +Q2VydGlmaWNhdGUwHQYDVR0OBBYEFEfjdOOLGs220aZWHVOwtsjgWgEWMB8GA1Ud +IwQYMBaAFCiO5WTUv7L5UyU2lK3jpwLaI57gMA0GCSqGSIb3DQEBBQUAA4GBABEE +iX3tYF/PX+xKdU+IdB4BTeUJ1sGzskrovXm7jKK693NejfgnULrvHhOppJ+F4bwk +DlxbztBwJ8H+HiDQ7Emg8e/ymAtauNcb4DEoTbe/U3cWwNQP2eNNDeo5U8YzeIlR +AO7j8Km4+GiwCTuigLhvld1erYaztqQkVDjNS23E +-----END CERTIFICATE----- diff --git a/servertests/certs/serverAkey.pem b/servertests/certs/serverAkey.pem new file mode 100644 index 0000000..f1b26f8 --- /dev/null +++ b/servertests/certs/serverAkey.pem @@ -0,0 +1,16 @@ +-----BEGIN PRIVATE KEY----- +MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBALIHZlv0n81BP+0z +S6G7gwI3V8v9vAnoWiI0RqzvacsOoD47M/w2zHV5uLBEC9hzdS1bm8EFih5ywH6c +sGcNwv8fCNqcQBBJbhil5l5XaTPiNJ4+Q6Z8i3fTj/tOsyyqv8YChFjyJg3cPUJL +NQJJsFFFKvxYpCSG0iBUhW4RABqFAgMBAAECgYAnAigTjg5V0y5Gsy6nSYbzPV0n +fXluUlMtm3bA/dSYgaPq/t3tLbSvKPSm6sINs37BaYk/Sg9xjINROtQMQJ+xGUtu +m3aD5EPKDKgyNVgPbmXqZbwK6U22TNOzTY1cTU20crwsd/R4+S0khXDb6sPckGKS +fGhY7zvfvstvXXw5AQJBAOKFMJzxjaZol/fR2y4O7cx98X1Pu7rEPeNoTCQbtJdg +uMm5Gy66zUrgFyuJkhnbgv3nlh3/0hjzPzK5uNB0CekCQQDJMqiXPx54GVtOV9k0 +Sza1otYwyx3clFGRRzNZ7dzb/+TaXpSLWmgdcuMyr0PElhDOMhdhGSyACkDsitl1 +9w49AkEAmk9LR47SBSu5YqwGGME4w5aEPO5lH5zx4Am73Nk20+yi1WCRIOtGUJyJ +jDIiYhUEjj0GKZeNI0wJoF+eg/qYiQJBALe2EuyvjKG6/X0mh8TRHK5zdkJtZOHh +aC1QJxppL+6N1Kh0DgzESycAnWXNVQKux7+PS3u0ocZ0Fl4mVnP5Vz0CQQDPozPv +CVRVxcm6BVjMnoAZDK8KSM/uQ3JRmc9PKWWyz51aW6VSc6YosHKlT2pzjZ2myMPT +zj1kLXRJDc6byYS6 +-----END PRIVATE KEY----- diff --git a/servertests/certs/serverAreq.pem b/servertests/certs/serverAreq.pem new file mode 100644 index 0000000..15eac30 --- /dev/null +++ b/servertests/certs/serverAreq.pem @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIB3jCCAUcCAQAwgZ0xCzAJBgNVBAYTAkJSMRcwFQYDVQQIEw5Fc3Bpcml0byBT +YW50bzEfMB0GA1UEBxMWU2FudG8gQW50b25pbyBkbyBDYW5hYTEYMBYGA1UEChMP +U2FvIFRvbmljbyBMdGRhMScwJQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVy +IFNjaWVuY2UxETAPBgNVBAMTCFNlcnZlciBBMIGfMA0GCSqGSIb3DQEBAQUAA4GN +ADCBiQKBgQCyB2Zb9J/NQT/tM0uhu4MCN1fL/bwJ6FoiNEas72nLDqA+OzP8Nsx1 +ebiwRAvYc3UtW5vBBYoecsB+nLBnDcL/HwjanEAQSW4YpeZeV2kz4jSePkOmfIt3 +04/7TrMsqr/GAoRY8iYN3D1CSzUCSbBRRSr8WKQkhtIgVIVuEQAahQIDAQABoAAw +DQYJKoZIhvcNAQELBQADgYEAfiS+4jD2NQSAIakgGl559fwa4xkNXGq0WG6RLjvK +X5bpSuFGsDyrqGs3c5H78Hq7Ga39W28rmfa14L02GYj3ravmQWVPuLCtzIZeSgSJ +0ZmrtxV8QCe0+pFOcOnqaSvj5mRhKFy4Ex8CHW43c3Drtv9tQRKj8kc9HYUhsq3i +JcU= +-----END CERTIFICATE REQUEST----- diff --git a/certs/serverB.bat b/servertests/certs/serverB.bat similarity index 100% rename from certs/serverB.bat rename to servertests/certs/serverB.bat diff --git a/certs/serverB.cnf b/servertests/certs/serverB.cnf similarity index 100% rename from certs/serverB.cnf rename to servertests/certs/serverB.cnf diff --git a/servertests/certs/serverB.pem b/servertests/certs/serverB.pem new file mode 100644 index 0000000..d08db13 --- /dev/null +++ b/servertests/certs/serverB.pem @@ -0,0 +1,43 @@ +-----BEGIN CERTIFICATE----- +MIIDSDCCArGgAwIBAgIJAKYuEhfbhd4JMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG +A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMQ8wDQYDVQQDEwZS +b290IEIwHhcNMTcxMTIwMTUzMzEwWhcNMTgxMTIwMTUzMzEwWjCBnTELMAkGA1UE +BhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNhbnRvMR8wHQYDVQQHExZTYW50byBB +bnRvbmlvIGRvIENhbmFhMRgwFgYDVQQKEw9TYW8gVG9uaWNvIEx0ZGExJzAlBgNV +BAsTHkRlcGFydG1lbnQgb2YgQ29tcHV0ZXIgU2NpZW5jZTERMA8GA1UEAxMIU2Vy +dmVyIEIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJmQHyI0EUKFANIuvkR3 +EhdALBI4RqkFYqN3GZf3Y91g77O+n2BHQ3LN86WqW0BI4EuVvqUqcZtvGHfFDEmw +So1B5JrUSoeHdzR+v7l3WLDJTlbBD5CnvazgaD8E41YwUaJfl41dfYBQ2rcjL5ix +Cktip+TFY++Enfi20dxZ2c1FAgMBAAGjgY8wgYwwCQYDVR0TBAIwADARBglghkgB +hvhCAQEEBAMCBkAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENl +cnRpZmljYXRlMB0GA1UdDgQWBBRzPitei+EH6/I3UHVU2ZtxB+4jnTAfBgNVHSME +GDAWgBT8HCJ3qikqe2qGcCgw1uqwt6bhMDANBgkqhkiG9w0BAQUFAAOBgQCZ0C9q +jsvH/EGIHy6JZwHfHE2ffSpMo/O3e4bSPnMTpMDu6/RSYc/H7hQo28bFsA1jD9Pa +TdN1YLtV25E0lv/b2/i9Y2YhBLIkO+9HM5cm1sTIrzf7tF0Iku6CJSKbk4+60CxL +CQChj7Sh7bwNID4ua82LMUo68aHWWHPGYXjsvg== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDvDCCAyWgAwIBAgIJAMDsLG/8dCM5MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG +A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMQ8wDQYDVQQDEwZS +b290IEIwHhcNMTcxMTIwMTUzMzEwWhcNMTgxMTIwMTUzMzEwWjCBmzELMAkGA1UE +BhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNhbnRvMR8wHQYDVQQHExZTYW50byBB +bnRvbmlvIGRvIENhbmFhMRgwFgYDVQQKEw9TYW8gVG9uaWNvIEx0ZGExJzAlBgNV +BAsTHkRlcGFydG1lbnQgb2YgQ29tcHV0ZXIgU2NpZW5jZTEPMA0GA1UEAxMGUm9v +dCBCMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJR+bXQaHSvKW6AJjqBwfB +e8XKNtAivk9xv15ipBz98vUIzZIcQw/rWQBUxyMAaxJBugPGF26TVribxrMrxxP4 +I4yJieccw9o/re/4KLZxxs16KVfRSb8TBIflXsstWs5sAza7gSj8enVWZ059C9jw +C/hdyb7JVgUd1NwN2utP8wIDAQABo4IBBDCCAQAwHQYDVR0OBBYEFPwcIneqKSp7 +aoZwKDDW6rC3puEwMIHQBgNVHSMEgcgwgcWAFPwcIneqKSp7aoZwKDDW6rC3puEw +oYGhpIGeMIGbMQswCQYDVQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8x +HzAdBgNVBAcTFlNhbnRvIEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBU +b25pY28gTHRkYTEnMCUGA1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2ll +bmNlMQ8wDQYDVQQDEwZSb290IEKCCQDA7Cxv/HQjOTAMBgNVHRMEBTADAQH/MA0G +CSqGSIb3DQEBBQUAA4GBACvCHViEZ0wG07A3ZTgg/4aDeHz2QTU4Z3X8784JyNKV +l7CwXICusfYp8udl3bgYuSH5wtHGyBNxa2lQtNKtl8UCwe2ROZAuZIG7y8/FFoqu +vZRba33pNE2WRxR4OrTJnrFGBwpzxr+sbiUimOq7UUCoEcnZnVnGm10qrSJTxVtm +-----END CERTIFICATE----- + \ No newline at end of file diff --git a/certs/serverB.sh b/servertests/certs/serverB.sh similarity index 100% rename from certs/serverB.sh rename to servertests/certs/serverB.sh diff --git a/servertests/certs/serverBcert.pem b/servertests/certs/serverBcert.pem new file mode 100644 index 0000000..2197506 --- /dev/null +++ b/servertests/certs/serverBcert.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDSDCCArGgAwIBAgIJAKYuEhfbhd4JMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD +VQQGEwJCUjEXMBUGA1UECBMORXNwaXJpdG8gU2FudG8xHzAdBgNVBAcTFlNhbnRv +IEFudG9uaW8gZG8gQ2FuYWExGDAWBgNVBAoTD1NhbyBUb25pY28gTHRkYTEnMCUG +A1UECxMeRGVwYXJ0bWVudCBvZiBDb21wdXRlciBTY2llbmNlMQ8wDQYDVQQDEwZS +b290IEIwHhcNMTcxMTIwMTUzMzEwWhcNMTgxMTIwMTUzMzEwWjCBnTELMAkGA1UE +BhMCQlIxFzAVBgNVBAgTDkVzcGlyaXRvIFNhbnRvMR8wHQYDVQQHExZTYW50byBB +bnRvbmlvIGRvIENhbmFhMRgwFgYDVQQKEw9TYW8gVG9uaWNvIEx0ZGExJzAlBgNV +BAsTHkRlcGFydG1lbnQgb2YgQ29tcHV0ZXIgU2NpZW5jZTERMA8GA1UEAxMIU2Vy +dmVyIEIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJmQHyI0EUKFANIuvkR3 +EhdALBI4RqkFYqN3GZf3Y91g77O+n2BHQ3LN86WqW0BI4EuVvqUqcZtvGHfFDEmw +So1B5JrUSoeHdzR+v7l3WLDJTlbBD5CnvazgaD8E41YwUaJfl41dfYBQ2rcjL5ix +Cktip+TFY++Enfi20dxZ2c1FAgMBAAGjgY8wgYwwCQYDVR0TBAIwADARBglghkgB +hvhCAQEEBAMCBkAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENl +cnRpZmljYXRlMB0GA1UdDgQWBBRzPitei+EH6/I3UHVU2ZtxB+4jnTAfBgNVHSME +GDAWgBT8HCJ3qikqe2qGcCgw1uqwt6bhMDANBgkqhkiG9w0BAQUFAAOBgQCZ0C9q +jsvH/EGIHy6JZwHfHE2ffSpMo/O3e4bSPnMTpMDu6/RSYc/H7hQo28bFsA1jD9Pa +TdN1YLtV25E0lv/b2/i9Y2YhBLIkO+9HM5cm1sTIrzf7tF0Iku6CJSKbk4+60CxL +CQChj7Sh7bwNID4ua82LMUo68aHWWHPGYXjsvg== +-----END CERTIFICATE----- diff --git a/servertests/certs/serverBkey.pem b/servertests/certs/serverBkey.pem new file mode 100644 index 0000000..3780b5c --- /dev/null +++ b/servertests/certs/serverBkey.pem @@ -0,0 +1,16 @@ +-----BEGIN PRIVATE KEY----- +MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAJmQHyI0EUKFANIu +vkR3EhdALBI4RqkFYqN3GZf3Y91g77O+n2BHQ3LN86WqW0BI4EuVvqUqcZtvGHfF +DEmwSo1B5JrUSoeHdzR+v7l3WLDJTlbBD5CnvazgaD8E41YwUaJfl41dfYBQ2rcj +L5ixCktip+TFY++Enfi20dxZ2c1FAgMBAAECgYAjvg3hEilqSDbWtRaILQbC7qbT +XtHjiWNaFOCaJHTUFDn2pknGSRAD6rfpOWuf3NaIAUSsgOKMgSE6z1x60lOnjP92 +H5RoH+3LqjIKnYK7JYEnrH6Ur2yHvS9eh/jwj4o47ssVsF+jBclfyqWEjrQKUUd7 +x1ObU9DL4eXjjW7kgQJBAMfYKWi/Cuw/7AFcPQTPWxgZUTy6QDJsDaXXfqtEy3cV +fE9rc46ZcnUX9AzvtZoe6y4WzIBSFjycFmEmdESKEJUCQQDEtrMFqpKnIgKBymH4 +39qsM2yZz4EpNOeIUR3wtD/dmzJdTeSEHpFowrO2vDmdxgA4kHkOvQTkUTyc3VxH +ni3xAkB6r+AsKCzigRO4ehIT4+D+2HwhFg7XZbKzP6rKJn/q6cvZThQxVU8JR91S +G8+XgKfNMb32gW6ZYxHyLpNuiHxJAkBEjkel2eRySvAEu7uZOKrFCMb4c9DXw5BN +ebetg6QeX1AWJGdXhC+5CuIG9WI/EhpRnEgUUtu5lnZBVQQsEXyBAkAWh65jDsSP +kJhsWLDfH81aa1Ikjl8iSx4dIrEzx7JX3qm3o+I21ZN8FImaMNP/lfoeWyxcI6/U +88ZMr8vwmJc5 +-----END PRIVATE KEY----- diff --git a/servertests/certs/serverBreq.pem b/servertests/certs/serverBreq.pem new file mode 100644 index 0000000..c7c64e0 --- /dev/null +++ b/servertests/certs/serverBreq.pem @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIB3jCCAUcCAQAwgZ0xCzAJBgNVBAYTAkJSMRcwFQYDVQQIEw5Fc3Bpcml0byBT +YW50bzEfMB0GA1UEBxMWU2FudG8gQW50b25pbyBkbyBDYW5hYTEYMBYGA1UEChMP +U2FvIFRvbmljbyBMdGRhMScwJQYDVQQLEx5EZXBhcnRtZW50IG9mIENvbXB1dGVy +IFNjaWVuY2UxETAPBgNVBAMTCFNlcnZlciBCMIGfMA0GCSqGSIb3DQEBAQUAA4GN +ADCBiQKBgQCZkB8iNBFChQDSLr5EdxIXQCwSOEapBWKjdxmX92PdYO+zvp9gR0Ny +zfOlqltASOBLlb6lKnGbbxh3xQxJsEqNQeSa1EqHh3c0fr+5d1iwyU5WwQ+Qp72s +4Gg/BONWMFGiX5eNXX2AUNq3Iy+YsQpLYqfkxWPvhJ34ttHcWdnNRQIDAQABoAAw +DQYJKoZIhvcNAQELBQADgYEAEDg4MRZWZB5QUNFg/pSwVat1kaM5bD2s5DSqA4bp +dor5EiXZ+dyT4P54kR97U8Krrb+2001NWSuejGc0+r5SPCTZ/wB9m5dUy6NSrd82 +w4KuzZZTTDw02UMaasXQNSEJ9wCa9hEzPRlhlQEIoSNjQGPx2wwhbk8No7oOSee2 +xr4= +-----END CERTIFICATE REQUEST----- diff --git a/servertests/client.lua b/servertests/client.lua new file mode 100644 index 0000000..d019d02 --- /dev/null +++ b/servertests/client.lua @@ -0,0 +1,23 @@ +require("socket") +ssl=require("ssl") + +-- TLS/SSL client parameters (omitted) +local params = { + mode = "client", + protocol = "tlsv1_2", + key = "certs/clientAkey.pem", + certificate = "certs/clientA.pem", + cafile = "certs/rootA.pem", + verify = "peer", + options = "all" +} + +local conn = socket.tcp() +conn:connect("127.0.0.1", 8888) + +-- TLS/SSL initialization +conn = ssl.wrap(conn, params) +print(conn:dohandshake()) +-- +print(conn:receive("*l")) +conn:close() diff --git a/servertests/rootA.bat b/servertests/rootA.bat new file mode 100644 index 0000000..6449bfa --- /dev/null +++ b/servertests/rootA.bat @@ -0,0 +1,7 @@ +REM #!/bin/sh + +openssl req -newkey rsa:1024 -sha1 -keyout rootAkey.pem -out rootAreq.pem -nodes -config ./rootA.cnf -days 365 -batch + +openssl x509 -req -in rootAreq.pem -sha1 -extfile ./rootA.cnf -extensions v3_ca -signkey rootAkey.pem -out rootA.pem -days 365 + +openssl x509 -subject -issuer -noout -in rootA.pem diff --git a/servertests/server.lua b/servertests/server.lua new file mode 100644 index 0000000..b2b6362 --- /dev/null +++ b/servertests/server.lua @@ -0,0 +1,25 @@ +require("socket") +ssl=require("ssl") + +-- TLS/SSL server parameters (omitted) +local params = { + mode = "server", + protocol = "tlsv1_2", + key = "certs/serverAkey.pem", + certificate = "certs/serverA.pem", + cafile = "certs/rootA.pem", + verify = "peer", + options = "all" +} + +local server = socket.tcp() +server:bind("127.0.0.1", 8888) +server:listen() +local conn = server:accept() + +-- TLS/SSL initialization +conn = ssl.wrap(conn, params) +print(conn:dohandshake()) +-- +conn:send("one line\n") +conn:close()