commit f03e8e8596302c8bedbf20c36a7ef4d86455a3ea parent 635f7bc1e7c9164c20e6410e79a60b8169954697 Author: Johann150 <johann.galle@protonmail.com> Date: Wed, 3 Mar 2021 18:57:41 +0100 add test for multicert Diffstat:
| A | tests/data/cert_missing/key.rsa | | | 52 | ++++++++++++++++++++++++++++++++++++++++++++++++++++ |
| A | tests/data/key_missing/cert.pem | | | 29 | +++++++++++++++++++++++++++++ |
| A | tests/data/multicert/ca_cert.pem | | | 29 | +++++++++++++++++++++++++++++ |
| A | tests/data/multicert/ca_key.rsa | | | 52 | ++++++++++++++++++++++++++++++++++++++++++++++++++++ |
| A | tests/data/multicert/create_certs.sh | | | 38 | ++++++++++++++++++++++++++++++++++++++ |
| A | tests/data/multicert/example.com/cert.pem | | | 30 | ++++++++++++++++++++++++++++++ |
| A | tests/data/multicert/example.com/key.rsa | | | 52 | ++++++++++++++++++++++++++++++++++++++++++++++++++++ |
| A | tests/data/multicert/example.org/cert.pem | | | 30 | ++++++++++++++++++++++++++++++ |
| A | tests/data/multicert/example.org/key.rsa | | | 52 | ++++++++++++++++++++++++++++++++++++++++++++++++++++ |
| M | tests/tests.rs | | | 248 | ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------------------- |
10 files changed, 546 insertions(+), 66 deletions(-)
diff --git a/tests/data/cert_missing/key.rsa b/tests/data/cert_missing/key.rsa @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQD7f6oYIWWsoyrI +KXu47tAn4gtnH3izCVzFo7VWjamVq7+ssWSw1Ob0R5PmR+i+ATxQhfK7BBZk6jE6 +i5pffS3dJS3WqEza0nD5uSA34zTYtJeLrsBuOoldZ4mz7JAvrhFV0zdzXdCjDoQG +qQ49JWIhI22nT0Yq58qB49bqm1vx+TajXIDuKdCJwJfthF/9sXirmqM4GsOOzAMf +xbU3lWfxdU1rXJ0tBlZSH/b31ZnuNCAuAgWIn1Ev2qG2X0WVK83fJ5GefLcBfhuT +4jrrq+aV6oAHznv1AJPvBwYhVq09fvVvTFnFrIJkc3NxZMjidkjYI7lvhPzwX2rO +0zw3MEL8680pU8CJOsXAyeXGDeipt70S+p6nZS3+floqOSB5YMdQjntWgBYkR89Y +8q4mEg+eaiR/lFHOOoZreKe+K+djMPYmdrRExQ18DcKNWl239zj/n2QpTdnzjy7N +kuvDZyZf4pmm/0u4Kd9So6cSybCGjGtlpmpvzC4Xuebto/A7zlJeIghl2mmbo3VM +hlM44nQekO61mIqz2dkqgGgf7kqQKSvvo/Rj5u8D4N3FnRXQm/JqvlCyQlpzeFuk +7vFJz1yA1fK3CxfuK6xuclMhjo2vgNCwaiBFjb/eAnrM+/btUfKTGXIx4nedErls +TuTqukJRCOulVdv0ZVsVnW6/0t4h+QIDAQABAoICAF7c+LvBXSiRI0H8474N1lY0 +3Tg4lr5xeZzS80OCi8T404PAJcrNg5AAr7jcxt1keeulmrkQAaJu88Kxhbke7n3L +2E5vjQ288wA+4/gwq25SMBdwAwWQ7t9cfoRvZrOVZNSKpw/NAzV99C7O9Z/6ydjW +FDZXoI/ufmQgHKDBmRzcc8+KxNcQzqgnDSd6FvsKRgn0ejxfXAQwz7zcRk6A/IQH +SvyEIoUpLsYraGxzFWzUHI8+E/hEn8r9HKI9rXFm5HCX7EVrpVvaxWwymSbr4D4M +Bd7r87WmUiaG77kDiLT5fnpMwk/dkhFxusm6ykshcriUQQ3fi8jfNNpusvfeLGWa +4IcwkWPGd5EWNjM1eqeCfh79FAdJe8sEYf2pAkT8LVNT23J/jsL5dsLy3VFQ6svV +NReDnaWBxw92Xh/zqmo7L7/zGaLKXJPSQYHlnDUuYBOxoKhnzDY7P1XWk3STKDan +1rwSelBb/9Z/KGgeg92YlHrYOspw7JaCaYbzpsi8vCS+ZrTrbQ0UoHUAVKgRkTsG +pgUvlbX+RL1+nweGmjenDYEGn5MsPhoKgJFhJLgqqdo3ZTruEazU9Q5xLZDhWz82 +hxJKm3WFAqIL8Q5Wd22z7+DjS9YLuHYB+o9dSbqR0UOiyvYb+eL8gkvPtlvnE0yC +iWl1SDg25iWmbQz1X7EBAoIBAQD+AImpGYgRhIglB2MSz9LPLEC9lGZX6ZznfS91 +1tc5iPcqqKQ3VBCJWnCNOTh5RXlau0s/+vE6zKytSiWrzgkTBMkd18xPTy6c5O4J +XUCArZHx+GoXooOkSPxcLM1IGElTpHT/4Ua4KrGzMpdI8khHLDfiXeUL9mlgYrho +rLjArOo/1pBURYfNSay+bmTB/CzoS+0EXYc6fCNhNvE8fOkCCdPiwrpUjuZyYzmR +pkU1XVOzgqLEqBadywXfp6NeyRBVWO9OxWcJ63smwWCJz/KcTYhBAG5TH/959O6z +115Q7tst+amhBZLgOvHnYJ1S/dK1fU4PDRAm6dEW7kqeFd11AoIBAQD9ehX2SVdo +RHT69H4ItMpYWiBUtAwOEE5d5RPVrjtFtSh/V1pZ+jjGTyqTL5+885o1A6q2Nkrc +d8kYG5VVaGkjJEibCk6px0TWN2Lt73Q0ixNbBmcjxsjRp4EfHvMR/5IqvSZNuUjy +8j3dFHgeB6/PFY283Z9XbMrcFZeEsL4rljF+/XCX2ZeMIUBU93cbZr80o1LgcwpI +Qw61g6Kfjwm6jJEws3doxcmAGSkbR4PzZyRI8lLlIEWWccRG1k34J7s2eDfk8O6F +awv/pgcyFQQwl3zMXmCDNvdHkHV7EDu0gZc8WEuKBTA9tOfokkQmp4rbvMGqtJJm +OfYFZZR/YU31AoIBAHUulFPiRocmaJUEum1kWbJgjSGpRCoMyel2NJ4d1r9hc/5H +PTOVYeesRL6yhl5Uce8s90N2JzJkWMm9qnF/pWoTzCErfMOeGTgi2bqSPf7flLRY +UcHDpQ326g4wUSiQo8ul1KB0MucmM0Mj9O2fcT78pG+Xt+Lz9JuWD9Oi0714SL3Y +5E8soMFR2xMj5PIlwCYPWTKpX4jY2o2wBk1Mp0bcd9dm1QXLw39ETbvnRIihHMt1 +Wlh137E+h+At+83v3swxMn5Zzfain/c6QapyuE/p6RFr/Hn3Cisel716f7XA7Hdi +diKmaqNuLkn7pbkzBrHaNFf3Q9tgBamZl+0k0z0CggEAAuOgWnVNjL+zAaVFxn2h +DM7CLZT7yjE/Y2yYBEh/HnVJJ+JsAjiK6x+94X2aeYHhURdgm8EUq1ymKyMtWZLe +F+ty9Glyqha+Xx60fvfKwEqRhukUxeCfK1yYaS1mId9i4B/Vzu78uOAv+lQgZl86 +Dsc1HWD9TvbLfSS13GpTUJXerI7g+KofQxah8BX+Ao7yQPxXln1ZMaeqBEGi2eS8 +fKbbhM2W39fZSx9+S3ROObkEPdydO0VZ5bQYQ6JvsxNo298U7AQfA+BLe7d9v4Fj +0dX4MzAkM3qt6N/ppuRxecY8XhC3k7Qpb5qfRhRcuIASYhzNrE9wl7+zYS5eOfF2 +/QKCAQEAyOKjglWIpOul3EIOF2D0O6fkulxLfUya6URok00p3CxFXlFdDXwTzC9R +TNYMVE0WrxnXk1KT7ave4PJRFKMNk/PxbMQbtji9m3mWlZsM2vNNQ9nuWnrfOAha +plI7XBPJ4NNapl/RAFVhu3WVHG4CaYiqWPR3dMBi1/2Uk7EhZjhuJ8/AsJz5v7iO +Nv0ydQX7ZisNwf1eksL7odZjGcm/PNOxdAnFI67DuXo4YvyMjzovhTgm0s4yrecC +OMkrvwvefnzUQKV8m9na8pPG+ZJd518oK8nuk9UMgwsJnCWEVgzVjzRIxv7AElrO +tPwNvAOh6tUMmDlbRt+xdpFmU238jA== +-----END PRIVATE KEY----- diff --git a/tests/data/key_missing/cert.pem b/tests/data/key_missing/cert.pem @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIFCTCCAvGgAwIBAgIUP60wPmdZzVFdc9c1ReFbzcWk9CwwDQYJKoZIhvcNAQEL +BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIwMTEwODE0MzE1NloXDTMwMTEw +NjE0MzE1NlowFDESMBAGA1UEAwwJbG9jYWxob3N0MIICIjANBgkqhkiG9w0BAQEF +AAOCAg8AMIICCgKCAgEA+3+qGCFlrKMqyCl7uO7QJ+ILZx94swlcxaO1Vo2plau/ +rLFksNTm9EeT5kfovgE8UIXyuwQWZOoxOouaX30t3SUt1qhM2tJw+bkgN+M02LSX +i67AbjqJXWeJs+yQL64RVdM3c13Qow6EBqkOPSViISNtp09GKufKgePW6ptb8fk2 +o1yA7inQicCX7YRf/bF4q5qjOBrDjswDH8W1N5Vn8XVNa1ydLQZWUh/299WZ7jQg +LgIFiJ9RL9qhtl9FlSvN3yeRnny3AX4bk+I666vmleqAB8579QCT7wcGIVatPX71 +b0xZxayCZHNzcWTI4nZI2CO5b4T88F9qztM8NzBC/OvNKVPAiTrFwMnlxg3oqbe9 +Evqep2Ut/n5aKjkgeWDHUI57VoAWJEfPWPKuJhIPnmokf5RRzjqGa3invivnYzD2 +Jna0RMUNfA3CjVpdt/c4/59kKU3Z848uzZLrw2cmX+KZpv9LuCnfUqOnEsmwhoxr +ZaZqb8wuF7nm7aPwO85SXiIIZdppm6N1TIZTOOJ0HpDutZiKs9nZKoBoH+5KkCkr +76P0Y+bvA+DdxZ0V0Jvyar5QskJac3hbpO7xSc9cgNXytwsX7iusbnJTIY6Nr4DQ +sGogRY2/3gJ6zPv27VHykxlyMeJ3nRK5bE7k6rpCUQjrpVXb9GVbFZ1uv9LeIfkC +AwEAAaNTMFEwHQYDVR0OBBYEFI7IjwaA0gwpeZXl5x7Knw8i4STDMB8GA1UdIwQY +MBaAFI7IjwaA0gwpeZXl5x7Knw8i4STDMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggIBANQJ+WuQ8UZsk86t7jTS9K2Igit22ImXhdddDHHbBrbdLXoN +g4IXij8mEJqfPyqZhT49S23booihvJOyhT/RgRB6LI/hBuV1vTwARmIRU4WhZAh0 +xIwVCqniDp6Rgf6OEOYgLGk11CEv7vMfPZYbLddDY1HvmSl8l087CLEQ37WRb51M +5Quhsrny441s6aTn8I7c9WY2H/CUmlF8byoLuIl2MpR5bQN17binfsJZPYkKaMyJ +5URM0nCVUEr+o/1znYsQJYa+GSVEsJJ6OyS7TMSoFJlVFslOxbdPzNkdcL6jxpXN +B0rCrC1gTaQynxTOoQ56N8Z74V9xoXNd0ZwaSgEWfeM++YOyk3qgfvhobd0F8rTD +8+dvMN7eI+N8P+S+VCnX9YzrQIZyTwEhHK9fXLlcqoiAhpizgGhlGctiZ1MmpzT2 +aqFmLOCKpcQLyofsSLSFbhV2/w8rJbS1kTlrzwQLzaJvtLVy+ZZdQFP49Vj8Lb7n +3Oos/YeNoGhJoTWX7S2nQBChYMsSUA15+IS7RN0b+cJroHESsqCkbp07M20zhztz +fDWdYFh+o4V2lF9ecnqV7MwTvz9WxpchcUfQgENrJ3dgTn35hsZOMM2anwFWrmG+ +KVyFMhWNnZB1E530Nsu9cNHntqc3sFBdJebrFED9gOFErt5Vou8btjIqPm/Y +-----END CERTIFICATE----- diff --git a/tests/data/multicert/ca_cert.pem b/tests/data/multicert/ca_cert.pem @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIFCzCCAvOgAwIBAgIUIBGuqsV2UiwpjgNTBhsCWSEofMEwDQYJKoZIhvcNAQEL +BQAwFTETMBEGA1UEAwwKZXhhbXBsZSBDQTAeFw0yMTAzMDMxNzI1MjFaFw0zMTAz +MDExNzI1MjFaMBUxEzARBgNVBAMMCmV4YW1wbGUgQ0EwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQDAYjrXvFY9MpJ0Cy9Jte42u9peeUQ+4isGIDmnSAmA +hngVqoDlqvr6mXXU+N0c7jDkLEcs7EySORP/k1rRrAtQPSZeMSVQ47aJirmIlcnb +P9/ivyYv8lyndZCZikOAOz7D1beRV66MX2q1/plnW1QuWHbk83IqNniZcL8QRTWw +EYy8CxNd9UO9TlzF/kuIadNlFEywiQ6pbZiIhPChCtg2vKx/abQukYSGDoQxTIEp +T6uqoHevAMZFMhwhURG5kUX65xQcIDSobvxyziSc3fKW/fxzu/ORkLHBB5T3jcQJ ++BL4pb+hZl7Xe/r4TvfhSpdzu5hoLFAqLWhQUHymMG8kmqJ6Q9lfuQO4A/HuqCQN +cYtEce88uOaF/TPt99qhvg/7V1LXxZ9UNnyc2cQUroT8jx+5NtWBPQvekKSoufxX +4Kv4kdtaPyGRVZcshLQKog6kD49nzlCJhYV9UUiGQMUrzb7H5n+Y2puN87B5oUVY +djNJ65h7y27fKeXfrpvTJ+kqi9A6hrwNR6INTkRJ+l6mnpX0tnTmGmSiChsW+xCF +R2bIl04y4efqYToG3fQk0vzn+rGx57DqnpgDavIYJxsNWzJ4qWWxdN08QV8OsmEo +0u6Ks9+EVv6sHmY+WWsOB+8Jgwa0p2HcQ2nu0KrIDNVxUS29jPA/Iw7g/w95az/X +2wIDAQABo1MwUTAdBgNVHQ4EFgQUtyhzhR/wxqDZlRxR4odCXFhSwtEwHwYDVR0j +BBgwFoAUtyhzhR/wxqDZlRxR4odCXFhSwtEwDwYDVR0TAQH/BAUwAwEB/zANBgkq +hkiG9w0BAQsFAAOCAgEAZYiHTpAsWvOdqsMa9KhiWgOYAtJ/vERaTkWowxfqpBrx +nC9k5PAU4r5mAa38RX9hbRWEpXA2oEET/txg4a9oHkYPCk8+Nq/K7JwoY32gdsuC +EeAFIFhsfV5aDnoMxEfjOo7erFa89UBLup9bw3VupQ6+9B7UJP5Q1g8aapdcw2Io +nFiof56TNBUNSSJc0ErfBInCQ+T2yIbbyXvsNhbENidlP8nDv9cwHEQewUPbH9/y +k4MqsZVsdrm00m0ZWgdQfZnTgM5/TBp+tTyHJOQqfekPiqob7lPGgakMhkpGHJvu +EnkQJecgHA1/k2ETM4Ja162kbshN8LjLLrXi9aEwDYTW1xFbvK9MrHKcSOTq+FJs +WV3RK1J56pqq3iNJLXkXjSuo6bNIA4fjxJk8scRdsANAYfV9I3pJUY1EB/LvycSo +zCUgpp+tnqT+lgvCZ3aFi/Iajb0TgoNb/xgHo2MJmRNLj6RQlJkLDEYBQTE1iiru +bWZW2jf7LEBM9MwT2+I2AbmCLyPoA04ZT7GH2yeugU1YrxO5Erj6m3JBdwuKIU7g +DJH2DttPIm1ay00tFBapYoODfXwqqIPtYRSAhSxxuWRV1fl5kVgyT2TjEvv9b/8j +SMRrGvo4Ws2H8W8Fcf0EVIywkVxpE2YlzztEWhVJEmltM74slX82QZ2ppWCmepg= +-----END CERTIFICATE----- diff --git a/tests/data/multicert/ca_key.rsa b/tests/data/multicert/ca_key.rsa @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDAYjrXvFY9MpJ0 +Cy9Jte42u9peeUQ+4isGIDmnSAmAhngVqoDlqvr6mXXU+N0c7jDkLEcs7EySORP/ +k1rRrAtQPSZeMSVQ47aJirmIlcnbP9/ivyYv8lyndZCZikOAOz7D1beRV66MX2q1 +/plnW1QuWHbk83IqNniZcL8QRTWwEYy8CxNd9UO9TlzF/kuIadNlFEywiQ6pbZiI +hPChCtg2vKx/abQukYSGDoQxTIEpT6uqoHevAMZFMhwhURG5kUX65xQcIDSobvxy +ziSc3fKW/fxzu/ORkLHBB5T3jcQJ+BL4pb+hZl7Xe/r4TvfhSpdzu5hoLFAqLWhQ +UHymMG8kmqJ6Q9lfuQO4A/HuqCQNcYtEce88uOaF/TPt99qhvg/7V1LXxZ9UNnyc +2cQUroT8jx+5NtWBPQvekKSoufxX4Kv4kdtaPyGRVZcshLQKog6kD49nzlCJhYV9 +UUiGQMUrzb7H5n+Y2puN87B5oUVYdjNJ65h7y27fKeXfrpvTJ+kqi9A6hrwNR6IN +TkRJ+l6mnpX0tnTmGmSiChsW+xCFR2bIl04y4efqYToG3fQk0vzn+rGx57DqnpgD +avIYJxsNWzJ4qWWxdN08QV8OsmEo0u6Ks9+EVv6sHmY+WWsOB+8Jgwa0p2HcQ2nu +0KrIDNVxUS29jPA/Iw7g/w95az/X2wIDAQABAoICAQCSyuEHN+e9rlbdQKOGZNEs +5k2LBJC0QrJ9bB1RrL/DV9dNANp1Y+85Q9sK9BETQBQCJl7wwiTy9aZyvqbvkYzY +XrBl8q38eKQRcs56j4CEUMquIxgqQY29IRGCdmNm9s2/c9Uri3HeHfg4gdnfaWpk +KpAdxjv4RbPjsIm5CnYasGloGjNe4AQd8CsN0CkmH0lzuPeDRDDxynQ2xuksmC++ +JFyio68eUV6DQ5ROYYe0U9wyx1pLKBYhOkkIiukxZM220pcflttXIchyeSSqpRez +an00edcx3Owk03oxIfTRfn5LR31e09POLAWlbevp9ZZ2ck+qPRW1+Qu9LIzP6ekC ++9vTOA9Q9B8b/Yw8Mmi7J8ACLUFi5+B/cDUSYg2TJbpiIfFukFeXQpOzQBSOjdki +tKY0RgxftFZaKhu3dyhyucQHde+iUnSNfoK746fnIPTFPF/fb7Ot54xX/PuUvrBR +6RFi5Bj8aU8XqpOks6rFKNgyY/uJgPklPAR/z9wEDVRbwT2BbEUvu5A26T15/1lO +Z2tKMH+VsSClJmuJxB3pl/aoZiYG7bwrTn0AUAHPAizYZtit+8O/Z5e0SukBprKK +RmqUySo5Em7GWuJdizzsMq8Yf6IWk7lxHhOGAGCLfNTBGtw24zchuKdz6rO2nedV +haBmpghW7seHKe/WLTvREQKCAQEA6t+gWSA68nyl+ylqk40VAycT6uZNeMYOXdL5 +OSgeow5XaQvf5myzlTj3eXTXUYAbxqicrNiYC9z0MOsJKwG12tBizexazlAFUw9y +i8f/PBY6oh+ramkLVcE9BAvKWEND5mGvvweWRk1vJsPgdOgBHOtok1Ek5ae8yQx7 +NaUoA/6/YgS0LlWuPRdizdBIvOjgbuMPQUyb0rlYHhkXldyPf/47QBqzyY3D5wwM +6WdcdB/wjFnVCnLYABu6HZ519ZyoDGayow6miv9KlAMgozC56u99vDtS7trbaeNQ +AGNm/1mpkMvV0GerMJrDNE/SeNt8P0AT2UlI3XxAcsM1l6SHLwKCAQEA0bAzb1++ +ZqGG4DSzOgc1x4tsxrOqTm72EVqn+qVBy8K+iieNmDYpcIXUjr5L4T5/wFdd1zH4 +MDM2lseSFw2A6NuRiXRQxuwQyoNABC+OEkTX4KMvyyqzxSDneTxGUIclIn8D/yYt +4KiA0WRQUVbq0dsY46YxrVFlyNCmQTl8uJc+VwigWlo1I+niWMlButj9N0wsOAh3 +kpg+Q8ViFq74XBg05NzUejqrxcAZm7+aTnDfdBJGm6TfzrRVfkgnLQ8ynFmtP4yR +2NH4jJTDXZ2kkdSVnDoED2u9Ahj61u7qklhNBEYvg5J6d1E4ZfApgtOi8z5AOD/c +5PUVXWtxATsPFQKCAQBy27M9go5xINXGkoVk7LxW01hhKgi+xBQoe9CWy/DXil7i +pwTyWTwlADu9cI8PcxeiObiMqksImh/sgDP2jRqSjA+VZj0t4WIJMWexxbciejho +KhaYrg/1+s7M2Ls2GIbu9dyNDbfGX324tldgtEg/DTwRtr/VcwbWRr1GCaMc+Qo8 +c9JtSkcv5uzRe0bm4vdGItHF/CHDlhHqfhjTl42xaPEusyAys5oWtgTmaz6CJ1Bq +Qk/1kR3iR6znaSOEXfysO9il9rcpCBk/cpwWUfDJXB7f2x7+YZalHJ114yZuPzm1 +7oh8JwZHeZd2UIa7xZHoGHzcaIMylN2rgZ0GsFXPAoIBAAOS6j2Ctz8Oj7rwiwF5 +L/x3ruHwG/38PCttjSFjgayUZCT8qZgnjCtDzKymJ6ruIsVHd+z8CAviQ5LsUdwc +uc6+N0vNdLb/PQYGmKe5m8VJ8Rf+EAl5b9jzR560XUpwEzz0R0ApCW0j0hY/jHLm +dVggUNtIcN5QXdi/XaYM8cg/o6teFUWU9gTnrpjuzTT/D8nKfZJy6n7QI3eKPLLA +RrFjJDumW+S9bUIQlR8nc9zUZaqXySZL+BiQ0Eg3uJs3ABjUGnTT04SLh531xyKo +Vi66Hdas0nbk0jLf9B6Hse3OnXluLM8kRvwToU9zeXGmY8ebjwKmbABnAPc3ppRr +ykUCggEAK4a/LUhibMxyid61Y6AQe7DQZZv7n3FfK70/fgD2OYdhZzWvaZPf7fef +95vBwXdxnOZMOC/7iP0vaYB2Qij4r+m9XPWQ/R5UGMBEQuI3zn1jey00ItK49HDi +jq4xRltBFI3y5mvw8u5v2uoWvjNcpTFDam1f/hAB0wsMrcccXklzsiE8SEc0QWme +VVhppfd4WJG1/P7juyn3yvPOGrwQ73P6ZTigL6qfEJ94AH4dHnCiOqgHZ7rHQlpa +g+AxEsZ4BHt49gxtabg6sHue5Di9NCvA/MaGr+d9yaSyaAz/k7qsFJL0TVuBJE2h +uabNtK2No3EmpBOK31TRSIKWx7bFnw== +-----END PRIVATE KEY----- diff --git a/tests/data/multicert/create_certs.sh b/tests/data/multicert/create_certs.sh @@ -0,0 +1,38 @@ +#!/bin/bash + +mkdir -p example.com example.org + +# create our own CA so we can use rustls without it complaining about using a +# CA cert as end cert +openssl req -x509 -newkey rsa:4096 -keyout ca_key.rsa -out ca_cert.pem -days 3650 -nodes -subj "/CN=example CA" + +for domain in "example.com" "example.org" +do +openssl genpkey -out $domain/key.rsa -algorithm RSA -pkeyopt rsa_keygen_bits:4096 + +cat >openssl.conf <<EOT +[req] +default_bits = 4096 +distinguished_name = req_distinguished_name +req_extensions = req_ext +prompt = no + +[req_distinguished_name] +countryName = US +stateOrProvinceName = CA +localityName = Playa Vista +organizationName = IANA +commonName = $domain + +[req_ext] +subjectAltName = DNS:$domain +EOT + +openssl req -new -sha256 -out request.csr -key $domain/key.rsa -config openssl.conf + +openssl x509 -req -sha256 -days 3650 -in request.csr -CA ca_cert.pem -CAkey ca_key.rsa \ + -CAcreateserial -out $domain/cert.pem -extensions req_ext -extfile openssl.conf +done + +# clean up +rm openssl.conf request.csr ca_cert.srl diff --git a/tests/data/multicert/example.com/cert.pem b/tests/data/multicert/example.com/cert.pem @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFEjCCAvqgAwIBAgIUfZVNYuF33/AJqeSsnS5rRwozd5QwDQYJKoZIhvcNAQEL +BQAwFTETMBEGA1UEAwwKZXhhbXBsZSBDQTAeFw0yMTAzMDMxNzI1MjNaFw0zMTAz +MDExNzI1MjNaMFUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEUMBIGA1UEBwwL +UGxheWEgVmlzdGExDTALBgNVBAoMBElBTkExFDASBgNVBAMMC2V4YW1wbGUuY29t +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAou96HEovfkmfMU75y78Z +bEMItLDFG/3xHKbVHYCyt4DyOpXj6rztg94aDkE/LsIK8g4M52x5i4CVgX5/5+QZ +2ZX1rlbhGBpMi82JeArW3qZE+o+Ygu/7Kta2WfnZExcwcXHAsNHVJM3o1qOLo0fR +0MqR3zyN2gD8/JPRXnHQx9HIE06P1dMfHE1GEOrP7Fivb9I50hzEUrwAVig0GvYF +azlEBzw2CNmBCaa3t69t/PS+xT4u+G3B/RxjIJIwD0Krm2Q07eLDwU9EWwjWjzCP +FADCuT2rOiCfDgZzDXO/EbCSvWYI1ZBhej9aYV2YdU4kWu00ITK/Gyt2ksJNl9OG +0B+1ZSirgHkSjrptaD9X6iSULRUdwAitwyJ+dhvkBXVeEGt2no8Z4Q1B93OvNwZi +Q7VJlP2qYEYwgoeUMX8jx9WRPlO58VctUUDG6CjVcoDPnHeM3/DnF6NC7FTxhEPQ +23fOBMOgrlR/a6q4EYdjUlfzEo9Pfhiz2Yetet4LApzjZRQKYhnf/InDN+v9w/5z +FkHd7atHW2HeuNgJ3hgcc4vBeWZIae8gd+J1Yp4MjVkjqRr0cuUZ49gpXNDk/w4v +MmSuwJ1PSbV7sw6PHAxT+NGxidETUE3CvWxi2jLF37eSUW3oYjFsqYpHxdzSniaS +WPacD7l35wqKULt+wql9PvkCAwEAAaMaMBgwFgYDVR0RBA8wDYILZXhhbXBsZS5j +b20wDQYJKoZIhvcNAQELBQADggIBAEa4xORywXbIN+sLHVocO8pSVAdzd2dS0aME +cPtLNc+W7eNE2NcTm8Tr4+qSWXwOxqa1Ax/UBaVOOvfmARNG3SEBE5POC0WCCKde +samGCuRtVjIxvmgHAwKvJoe8CtiWuOxeXfuqSRN5ej6ViMIz67Y2c1hJuzXnTjK1 +6cyMBVNN0tw7tyO6EuOpsp6daua2jQMO9lxR6m8Vtrk02Ze1YtGlLfC1flGuj/qe +HB6LHEA9fvgnjFpls1Dlxy4LWFMH5ggiMeAFaCz4+2I1gbZJjqJfYwIQk2ksePv+ +IAhaAfhaWANyGrd4I5STQCWcfypTsHdMsU+XsWr4/aPrw4s1aTvPezUS97YVyXyO +H4sQ70I1QR6Ln73ZTCNL8io25cVSMh5NVfvBXu2zkeOq0wm2Yxiks+lIJFYZRusn +KL4Spwcc0dxD4kcy3w2MZtvvPtqmteWkei+6v00SU5uCFUIqYBPZh6SPi45+XkSy +hxz2bxFKEvjPfDasd9t2MxGV4NVxix0IXpKs8LxJ54utnCvE5DeQU+VuB92WUzvd +SROSk+lWeBao9CdLpJ9bXF8MQHhzgfyzTrfCyexPPxk5CSzO5vcOhCCWdWhzr60Q +HXq3kDzGIwb0sN6b9OWZGTi0D4GG6CfysyX+UP8dzzxAv2+xKFpTbzfUNCqdlDZd +BxvkUq5c +-----END CERTIFICATE----- diff --git a/tests/data/multicert/example.com/key.rsa b/tests/data/multicert/example.com/key.rsa @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQCi73ocSi9+SZ8x +TvnLvxlsQwi0sMUb/fEcptUdgLK3gPI6lePqvO2D3hoOQT8uwgryDgznbHmLgJWB +fn/n5BnZlfWuVuEYGkyLzYl4CtbepkT6j5iC7/sq1rZZ+dkTFzBxccCw0dUkzejW +o4ujR9HQypHfPI3aAPz8k9FecdDH0cgTTo/V0x8cTUYQ6s/sWK9v0jnSHMRSvABW +KDQa9gVrOUQHPDYI2YEJpre3r2389L7FPi74bcH9HGMgkjAPQqubZDTt4sPBT0Rb +CNaPMI8UAMK5Pas6IJ8OBnMNc78RsJK9ZgjVkGF6P1phXZh1TiRa7TQhMr8bK3aS +wk2X04bQH7VlKKuAeRKOum1oP1fqJJQtFR3ACK3DIn52G+QFdV4Qa3aejxnhDUH3 +c683BmJDtUmU/apgRjCCh5QxfyPH1ZE+U7nxVy1RQMboKNVygM+cd4zf8OcXo0Ls +VPGEQ9Dbd84Ew6CuVH9rqrgRh2NSV/MSj09+GLPZh6163gsCnONlFApiGd/8icM3 +6/3D/nMWQd3tq0dbYd642AneGBxzi8F5Zkhp7yB34nVingyNWSOpGvRy5Rnj2Clc +0OT/Di8yZK7AnU9JtXuzDo8cDFP40bGJ0RNQTcK9bGLaMsXft5JRbehiMWypikfF +3NKeJpJY9pwPuXfnCopQu37CqX0++QIDAQABAoICAF/RDLJOPhe6G8/XbbaPrten +pBr+SSvo7j23LmSnJnIbdldVhi6o49REbHYtkIZiviUSdiwx8lhDSahZR8aKsVjv +gwb/OGgALzuXp1vco/dTOAVRJJL7pWzPz3SiJTHA1VAhYPuaqgl2vZJbouZmedCb +D6WD6rdlFWFDXEB6FhksGMihzpwkB4uRNb8FFzkZ/jF4I2CYYit1O41vHxUr0Iv5 +pTPMCMqzfdq7HBb9J2U2WGmN4/lcMlQyuWiSD4kp39kF2Mp8LDol70DJtcOG/tz4 +hYqB5YvNWzvYNxiWFKrGd8TBmDhfK7PERdY0QE/boC2IiLttKE1GBfjQIulCD2is +x0DmcU4bry/k92itU47DOpDONqVkMNvVj0pwzJve0yJOdvWrw5SbIBg7UDsgZiZJ +7uiWxBpLGXHolGOYxOQyq73Bm8h7/5lQgy1Kx0Iy2NJZsXi6G4I4uDJlphPB6zkP +AC2X4GyoHLpbZDwkmF1J8G2SLv/uzEHTwMaT2p6xNopPtoKKFz7jvO06c7F0tXhd +MiC2blxulKF/WuRDT9kxVOyk8WIYjqFhHiwbgY4WT76pyxqpX/B20VoFAThgksla +dF4Hy/fX6yRdvbj6gf8OHifLPSH4DeXhCKGSOS7hXibNqvGOVdcjeWI19ahkmhKj +x/hjq+IG3iQbLHnwK1dxAoIBAQDMsROJ/o2OFoXXXTgUdGNaBoGyvLTFVOSzx0NM +1cRQa3c5os2sHlUKOqcnKNM7VM5MTmgMDs0bBy2cXZUxknae6MyxHXWjkdwfPclv +UgsIa3UxsoSSv5hBUVbqI2f7vAGYUF3H0az5ulv9iPgkG6H/gYPfZP8MUPn/E2Y8 +2+sXdaWqu4Xhi2EHXlQuKJxnem+c5sW9yjk2lzz2FpZAWPbjWYjSDeH/fWtpXycx +F+gjeuQJ2CS/D6Y2f33/G3f5Y857TDjbYspvH8owHSdBEVZmLqzFKp+ls747RZsD +xvZk3L6CFKWntoaoT3CtNMzKz5kthtgcar4X5IzbzvlPe3W3AoIBAQDLxu5zOCT4 +BYysEYF3WudvAvmS88qnLnabtD/NBCB+ai56zmUTLAH9hiK1hpYPHazH7wQzfwgp +JNWwbPigFxb5tQ/L1l1p2VRzDGp9HdJEUihfQT7jRHTcBA43wupNxi9Ht0c5yFUt +wFeMCMMVZozpotj8TOWRvSBqvygTFKoia+QW20RDbMC9iikekTCRUa3hV5CpgLpa +x2q+xPIIyL6R1Y26GowfCFi0EyRTRza06ppwTGTBnY7dFo/WoMKqVbn2hod20wTl +JZldwPTs4L2uCK7OSZUEGOUASfJMVkrKbQmHrIZM7Hz/q+7zJP1DaAt/QTBqWruD +4H2/Uh7gH3DPAoIBAQC9p/i1rHEWTRIX+RyD/08q08qKhMRt7nm1hZR69bpe1SPz ++D/fEX+z6aKE6xPE7o/zLdbEDVbHi0AcmK0q8E0Och9uoCAmvXgaTlJ83aSxWXeN +451opzN4mdgRO1sWaR2FNjmeck12WdDwOl/IfP390tAQRfD3RXRNfnkFPLM32l70 +samb0FvHywPufNxmGJCf7Ucc0elvBnSKg2UWHBgtkQDvt8NFybyjNnIGz+LcNPpj +kKyDhwl3h2uD2rywC2T+4yHvTDrK+caKDAkaBelq5iZYzWR80O0a2CSIPGqCC/JM +brsKiVl9S5XYNormA7Im98D3m4OkebR12fEwTvFDAoIBAQCGonTBI4Mpa2E5/obv +eNwX+Hs0oGZwdr5euYS9y9A8NaNn+B3HwPe/rXQZQ0a5zf1uS3kXHQMjS/bzjcvm +2dqQORSqtIMbgD/Pk5B4Ac/+29lYth76wSwEgZlzNhDgOeTbGTix8K52f/JXzyI1 +bYAEjVeXuqai17YnUQ0FLk4KWAZnI4/CjIP7tuDcFUllefXMQLKPi0GU4NSiHjVb +oGZorBPrtcaGallRAKSrcQ2wEqDfOVoIojTV1iZKxARZzjIDs3alB17glyrxSp+I +MiSga5QzL2KJRnlm63RvA0R+4fO99Dr3b/hWZB6H/xRmCMQv275FRpVF2Hi8g2Fq +6tr5AoIBAQDH31/WmdsBsKvpdjLBQcjIcbv/aYgQgEIhSoUkfPK/Hq2GW2vJutOJ +V0IUWZKGwk/NZfB2Wi6lajqJBiDFdN8c3HNznj4WlOyOD2Z3LpVmfc8vJyaPeV/d +rCc3UsFRDp+Fu3QeTyzlIieOT5N7KYI31U/iSiV27+zBcHuigZvTmNd6QaRYiygd +J3f/NghVcNPOLhwykhf8m3emlYcWAzyU2eprYGhkpkSM/+o38qRG3AZGWTZV1T1d +hZP5ts6s3H2rqwM8ljco0YFAcbGSTutrXXD0jxzqcRTgI4nhUDy82A0tg4BLrGuV +InJUrZvi2SewLbqRM6VqYRNUJFIdHkUM +-----END PRIVATE KEY----- diff --git a/tests/data/multicert/example.org/cert.pem b/tests/data/multicert/example.org/cert.pem @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFEjCCAvqgAwIBAgIUfZVNYuF33/AJqeSsnS5rRwozd5UwDQYJKoZIhvcNAQEL +BQAwFTETMBEGA1UEAwwKZXhhbXBsZSBDQTAeFw0yMTAzMDMxNzI1MjRaFw0zMTAz +MDExNzI1MjRaMFUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEUMBIGA1UEBwwL +UGxheWEgVmlzdGExDTALBgNVBAoMBElBTkExFDASBgNVBAMMC2V4YW1wbGUub3Jn +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA06+1Ae1TNlSNsh+UIyzb +3I4d6RAzNbk0H6xpyvYkj7xq/RvyeTjCJRqPIdbQcG5xbWdTYxLUUCcVAbti6Pmc +SGE7PbBBZshNNNvfUG1umApxMKCF61xVU4m9zUJ/znAfoRzvYbIz6XOkRedBl79r +kiMfX6AWCdyS5LDBBCKDzTCxDQIjUTzbX41LmHs32+pKXxyfQAkn7p9YJkCWnEyg +CaMh+fpdQ2SfIRgozn2Qs2egfWtz7IkWTKfCV5b6LKuNFf9Umn/BIqKbKJoto7KZ +ufD6XUygri5xhpgr2NNvkkV2DX4JZ4L0PgSemUkboWs72+uuhL9qEQXfX3esUcQm +jUMPkCA1kg2ZPSACtUOWlYrkzTTQSex+XYhSjdlcmcthwGS7SZCerllQ/tEhZhed +aQ1VYnXkYn1/WUivj/DIsGrXbf4PerSsbEBVf7B5Keg4e6rA8ULx9ZkT5Z85ensS +KX/cz/Orf/Al4ehKyDqRucpWkQPnRxT+wM/hgNXH/s1ufDuiTqVJoJt0rtuCWxjz +0l+KbQkOt9tjfTrIF/LQADkoUUt/PvRX12AVH9Zndffh3mlQwM6tFuisAg0XIjSH +AlB7hIawywCo36dAZjzq4IRieFVYSyXLE1aTm9glZSKM0KSUVfpIeCgKYUjlCayP +fiQhqWmIA7qxpqeM5WJBt9sCAwEAAaMaMBgwFgYDVR0RBA8wDYILZXhhbXBsZS5v +cmcwDQYJKoZIhvcNAQELBQADggIBAExu3Kgf8bmNO706rq8Efubre8KBxx4rvUu3 +nPsfqPZFCIsupYZdZRWOinSP1LmdkOYhN0LCSZ+YvEqU1WCfM8kdGzBqCdq+mDu9 +OC7jfI//MlRbUUcnGnujI+6bNWhV+aT/Hplg4bBJAgyTszd4aWTWQgTXUaBkJFSb +pIMUvBJH4k0VHON4JexaE93e6TQXh1f3sMU7ypEx7Ub5T3WLh94b6NHm9eNR9FkL +pGmBlKwML0YJzzRg9sE/vz4PWqoMa673dnnauj/mugTO96GW4paUBgJsvoUM2jZu +FOzRYVXQbfTK7GM+pc1dxUTg3GzHT/UTCXazXZUJyL+NEP0+RFNp5eU/3l4Ra0gf +fOV+WrKp+RqL5hIrNp/b9f95pQlkNIfi/iosG7sqGHkLp4REm934wsvMjN2DFE1l +jG5W0AgAT8y9dA8Neb9B5jYVuuo5u2jdQLFowQqgpvR2MNcqkdhroepJf1pALWoY +1OYOmV1QRLh/LjQ1v75e3aHIcUYbm3AkVbliyLCpVB1ijWhIP5qOb1I2Gc9LPnLN +ovneqby+tntKA4WJuUTyi8/OVJbZ6/QvGYJ7JvycUYi6JQb3+gzsVzPN+/oU0lRe +dCSzZXsOdh5tkg4m2FWm9gi/xz3lNNTeFldW+ZLsT+MvX27MNrCShMsoP7J9uRU3 +x2Ehf7/D +-----END CERTIFICATE----- diff --git a/tests/data/multicert/example.org/key.rsa b/tests/data/multicert/example.org/key.rsa @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDTr7UB7VM2VI2y +H5QjLNvcjh3pEDM1uTQfrGnK9iSPvGr9G/J5OMIlGo8h1tBwbnFtZ1NjEtRQJxUB +u2Lo+ZxIYTs9sEFmyE00299QbW6YCnEwoIXrXFVTib3NQn/OcB+hHO9hsjPpc6RF +50GXv2uSIx9foBYJ3JLksMEEIoPNMLENAiNRPNtfjUuYezfb6kpfHJ9ACSfun1gm +QJacTKAJoyH5+l1DZJ8hGCjOfZCzZ6B9a3PsiRZMp8JXlvosq40V/1Saf8Eiopso +mi2jspm58PpdTKCuLnGGmCvY02+SRXYNfglngvQ+BJ6ZSRuhazvb666Ev2oRBd9f +d6xRxCaNQw+QIDWSDZk9IAK1Q5aViuTNNNBJ7H5diFKN2VyZy2HAZLtJkJ6uWVD+ +0SFmF51pDVVideRifX9ZSK+P8Miwatdt/g96tKxsQFV/sHkp6Dh7qsDxQvH1mRPl +nzl6exIpf9zP86t/8CXh6ErIOpG5ylaRA+dHFP7Az+GA1cf+zW58O6JOpUmgm3Su +24JbGPPSX4ptCQ6322N9OsgX8tAAOShRS38+9FfXYBUf1md19+HeaVDAzq0W6KwC +DRciNIcCUHuEhrDLAKjfp0BmPOrghGJ4VVhLJcsTVpOb2CVlIozQpJRV+kh4KAph +SOUJrI9+JCGpaYgDurGmp4zlYkG32wIDAQABAoICAAIjZjqswQhtdjj0ZLSuQVJL +BTZTeZDzW/lt7mukbN4e0x3XaG2dCykAya1X1Cculmq6fncju41Lt8SatfcQfmmk +wcpvu1lkcJM2HV1cnZ9fi6EoHfIwrpP3cjlekJfvPgKMnkZoXGnhRymFmn4D6vxA +6pI2tcJHvhwdRPXbu2UZNtCg0uaBLN4cOUVDCV9pUHMBgQJOlV6tsWBBisPtajhu +s2spAkQqAgl9ivv6/LkzNMXPjg43nEgN8cKcvc4xtW0hdSNSYwsMhXC1jfx3U2Iz +cvP6UC0yPudTJi48hIX/uZ+NRF8NTZZKyadWu7a3tJUWHl8s589gNc9rEAyLZLBH +5oHo+/+Fcn2+e6KDq23RzcMvcL9WlSbi9EOkTMZadLD2cC0dPQtvfxTo4iP2KMBS +S4z0fesxQ34gXlu53wwp7gR7cw0rjnF6W1Jzr6V7AT9Cohztldn67TBfL6p3PAZx +yjMx0v1QhPrz4u/W6t9KJ+z8ppvCzfUcFUXqxEB61SA7Hrwbw7tx3aYac7Y7x7ma +JZpoxW2bn1CDUkaa0pPNKhtQCETA+nUWMPUyE+TQ/i7tKzPkifg3ROUEiYNQeB37 +fljsWOeXjP2J4nnwJpuE8vUbIXGXFnDHLIbK6uQDqQdCuNiXLa2oEXF5cAs0Ccvu +9/B3P3QugHGlxEYH0j6hAoIBAQDwoOZK44oTTkUqoCjcCqC2hxa6cHKo3ZVD7nwi ++Rro3SHPvBxXWjKrM/VnArY0m7l4YRMeagiMHBTJt0eL6Rg0kxBRiSZiFzbDEfHX +0hfVel0TDnvqNXqCnHMnkahftwu7+N/ghRE2qw8XUSoRmJ0ilK9r8WN8yUoRq3nD +RwIJyBQj0WCxeUcgw2IMdaVEOlwwNXsa85N6ifPRGcur8J/7D5BvEr0pryK62NIU +EBirr8w7S8gk6KgegrzXqQSi8bdfYQXUW7GoUIGdDx+bPrA0sS/u+IJlJ3dmcBWy +6fItkLN0q3i9gApSdC0P9rTPIfmluklc+fVOf3LQvEGqi/MzAoIBAQDhNYEJ8rSp +2lzmKCghMB4eAIVJrOGT36JUMAUeo2+2zYuVVGzet3YOlxRBfwl8o+q65q2uiSsU +sypA6MclJ4ItsHwLD8HpjE0n4QSP6egOmB6jimkWsdIuw4NWYlkbKoPtZ8+VAzBE +lIzftm/PwViVf7L3PzRBsgRDFxdMcc98pf7QSeFieUJuqx/pas061MUfZb69cZ4r +5qHqiTPgUyWQHTWXwIFPN8MW6QMcaM6lhmeBf4ieOCcoFpj1CBURapSREpl/WolQ +YsYcv6cQ1U6lW2mfZOtZw178yEYqxMGh04pVxAGUEyCXSdAcgEJFc7c+QnhW1W5X +2G3DgppmZSi5AoIBAQC6kEV9MsXPChReZCbJ1AOfAUYB70U23/Xm4XSluPXALhMU ++QgQQgKe8n4GC/gw+bvnNXyZTCSsXOlRLCTwuRznRk6UqP11eAIhZDxZ1K5d+a1I +JSa2BBikQ6CUwT4GV+llKCSL8x/RfvcIYQl48xaBxT3tNw6npXkkEgsp+FgANXxH ++QI7F4iqQlI2ztAAAi+PwSddUhS6IVNEf/eFq96dzQdy1tiLBRqsO4dFvuUh1/9E +yhC3bRtL7Jl1q7nIjBhcfuECMMWhdinIF/2tZAFCGU7MvSh8PQk6BxULzo7R/Srl +/jxy0F8wZpq5kdHF9tWURMa0q6gh4HaomA1hqXg5AoIBAFHPPNvfRc+52itlhQZh +U190svaLjbpI79ADTajOmCNg0Ybij1XscT9llF8ihdC4Pum8KHWRsIupdfz0Untl +ub1dMgJWrAtqAxEshZq9zqWWjvK7secjm4WPUmOMAHCE5j3UiyzHZr5S9EXEISPo +SYStSdbVJ+eBgljYx4bmhQfzyPfjDrPV9tL66PHC8WCgsCbyr/JjlqC9/C2Vv7mK +mseaRMCmlpKvX/gvlwi37fFlPK5nJLrNDTRb2R6R3A1imSuGBSqlOeJwryT8XfUY +d6RL67eSUoheF2BeZFbe+LQPg14agLRIqnsqviXMVcai/XrpbIumppnUrjLqe6oc +r0kCggEAGHcAznWzia75hu6LYD+dxqeMxCkBYiaO4p4sJPKkJ6v9ydEFFBC8YakT +rbHrrRRdLCh4m0lRNb0pNmgRVwFr6Qklivn2s0IgqwlGuTKWJZX9DE+XbpvgUkJg +L6ykeUVmg5xIqvqMnDI2sEOiqMqNi/Jcjo4SIOmCkkY9JClIB0wnJQKwb4NIAzhX +KlJKFVpi5319/hqK42U73uNLx82ovUf3vOLMg7hq38mMBQ/zY3XNbafHTnGba6k4 +CX3+tamjFXYa764LFfRGDMEfObj//xNc8mzgeriHvnXq2wKiUQFhL2eWctzoCc0U +qfiBmJzFlawFcVPsqJ+vKe8KGEXNQw== +-----END PRIVATE KEY----- diff --git a/tests/tests.rs b/tests/tests.rs @@ -1,3 +1,4 @@ +use anyhow::anyhow; use gemini_fetch::{Header, Page, Status}; use std::io::Read; use std::net::{SocketAddr, ToSocketAddrs}; @@ -19,6 +20,8 @@ fn addr(port: u16) -> SocketAddr { struct Server { server: std::process::Child, buf: u8, + // is set when output is collected by stop() + output: Option<Result<(), String>>, } impl Server { @@ -44,17 +47,20 @@ impl Server { Self { server, buf: buffer[0], + output: None, } } -} -impl Drop for Server { - fn drop(&mut self) { - // try to stop the server again - match self.server.try_wait() { - Err(e) => panic!("cannot access orchestrated program: {:?}", e), + pub fn stop(&mut self) -> Result<(), String> { + // try to stop the server + if let Some(output) = self.output.clone() { + return output; + } + + self.output = Some(match self.server.try_wait() { + Err(e) => Err(format!("cannot access orchestrated program: {:?}", e)), // everything fine, still running as expected, kill it now - Ok(None) => self.server.kill().unwrap(), + Ok(None) => Ok(self.server.kill().unwrap()), Ok(Some(_)) => { // forward stderr so we have a chance to understand the problem let buffer = std::iter::once(Ok(self.buf)) @@ -62,23 +68,37 @@ impl Drop for Server { .collect::<Result<Vec<u8>, _>>() .unwrap(); - eprintln!("{}", String::from_utf8_lossy(&buffer)); - // make the test fail - panic!("program had crashed"); + Err(String::from_utf8_lossy(&buffer).into_owned()) } + }); + return self.output.clone().unwrap(); + } +} + +impl Drop for Server { + fn drop(&mut self) { + if self.output.is_none() && !std::thread::panicking() { + // a potential error message was not yet handled + self.stop().unwrap(); + } else if self.output.is_some() { + // error was already handled, ignore it + self.stop().unwrap_or(()); + } else { + // we are panicking and a potential error was not handled + self.stop().unwrap_or_else(|e| eprintln!("{:?}", e)); } } } fn get(args: &[&str], addr: SocketAddr, url: &str) -> Result<Page, anyhow::Error> { - let _server = Server::new(args); + let mut server = Server::new(args); // actually perform the request let page = tokio::runtime::Runtime::new() .unwrap() .block_on(async { Page::fetch_from(&Url::parse(url).unwrap(), addr, None).await }); - page + server.stop().map_err(|e| anyhow!(e)).and(page) } #[test] @@ -298,65 +318,161 @@ fn explicit_tls_version() { tls.read(&mut buf).unwrap(); } -#[test] -/// - simple vhosts are enabled when multiple hostnames are supplied -/// - the vhosts access the correct files -fn vhosts_example_com() { - let page = get( - &[ - "--addr", - "[::]:1977", - "--hostname", - "example.com", - "--hostname", - "example.org", - ], - addr(1977), - "gemini://example.com/", - ) - .expect("could not get page"); - - assert_eq!(page.header.status, Status::Success); +mod vhosts { + use super::*; + + #[test] + /// - simple vhosts are enabled when multiple hostnames are supplied + /// - the vhosts access the correct files + fn example_com() { + let page = get( + &[ + "--addr", + "[::]:1977", + "--hostname", + "example.com", + "--hostname", + "example.org", + ], + addr(1977), + "gemini://example.com/", + ) + .expect("could not get page"); + + assert_eq!(page.header.status, Status::Success); + + assert_eq!( + page.body, + Some( + std::fs::read_to_string(concat!( + env!("CARGO_MANIFEST_DIR"), + "/tests/data/content/example.com/index.gmi" + )) + .unwrap() + ) + ); + } - assert_eq!( - page.body, - Some( - std::fs::read_to_string(concat!( - env!("CARGO_MANIFEST_DIR"), - "/tests/data/content/example.com/index.gmi" - )) - .unwrap() + #[test] + /// - the vhosts access the correct files + fn example_org() { + let page = get( + &[ + "--addr", + "[::]:1978", + "--hostname", + "example.com", + "--hostname", + "example.org", + ], + addr(1978), + "gemini://example.org/", ) - ); + .expect("could not get page"); + + assert_eq!(page.header.status, Status::Success); + + assert_eq!( + page.body, + Some( + std::fs::read_to_string(concat!( + env!("CARGO_MANIFEST_DIR"), + "/tests/data/content/example.org/index.gmi" + )) + .unwrap() + ) + ); + } } -#[test] -/// - the vhosts access the correct files -fn vhosts_example_org() { - let page = get( - &[ - "--addr", - "[::]:1978", - "--hostname", - "example.com", - "--hostname", - "example.org", - ], - addr(1978), - "gemini://example.org/", - ) - .expect("could not get page"); +mod multicert { + use super::*; - assert_eq!(page.header.status, Status::Success); + #[test] + fn cert_missing() { + let mut server = Server::new(&["--addr", "[::]:1979", "--certs", "cert_missing"]); - assert_eq!( - page.body, - Some( - std::fs::read_to_string(concat!( + // wait for the server to stop, it should crash + let _ = server.server.wait(); + + assert!(server + .stop() + .unwrap_err() + .to_string() + .contains("certificate file for fallback is missing")); + } + + #[test] + fn key_missing() { + let mut server = Server::new(&["--addr", "[::]:1980", "--certs", "key_missing"]); + + // wait for the server to stop, it should crash + let _ = server.server.wait(); + + assert!(server + .stop() + .unwrap_err() + .to_string() + .contains("key file for fallback is missing")); + } + + #[test] + fn example_com() { + use rustls::ClientSession; + use std::io::{Cursor, Write}; + use std::net::TcpStream; + + let mut server = Server::new(&["--addr", "[::]:1981", "--certs", "multicert"]); + + let mut config = rustls::ClientConfig::new(); + config + .root_store + .add_pem_file(&mut Cursor::new(include_bytes!(concat!( env!("CARGO_MANIFEST_DIR"), - "/tests/data/content/example.org/index.gmi" - )) - .unwrap() - ) - ); + "/tests/data/multicert/ca_cert.pem" + )))) + .unwrap(); + + let dns_name = webpki::DNSNameRef::try_from_ascii_str("example.com").unwrap(); + let mut session = ClientSession::new(&std::sync::Arc::new(config), dns_name); + let mut tcp = TcpStream::connect(addr(1981)).unwrap(); + let mut tls = rustls::Stream::new(&mut session, &mut tcp); + + write!(tls, "gemini://example.com/\r\n").unwrap(); + + let mut buf = [0; 10]; + tls.read(&mut buf).unwrap(); + + server.stop().unwrap() + } + + #[test] + fn example_org() { + use rustls::ClientSession; + use std::io::{Cursor, Write}; + use std::net::TcpStream; + + let mut server = Server::new(&["--addr", "[::]:1982", "--certs", "multicert"]); + + let mut config = rustls::ClientConfig::new(); + config + .root_store + .add_pem_file(&mut Cursor::new(include_bytes!(concat!( + env!("CARGO_MANIFEST_DIR"), + "/tests/data/multicert/ca_cert.pem" + )))) + .unwrap(); + + let dns_name = webpki::DNSNameRef::try_from_ascii_str("example.org").unwrap(); + let mut session = ClientSession::new(&std::sync::Arc::new(config), dns_name); + let mut tcp = TcpStream::connect(addr(1982)).unwrap(); + let mut tls = rustls::Stream::new(&mut session, &mut tcp); + + write!(tls, "gemini://example.org/\r\n").unwrap(); + + let mut buf = [0; 10]; + tls.read(&mut buf).unwrap(); + + server.stop().unwrap() + } }