http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/new_tsqa/tests/test_https.py ---------------------------------------------------------------------- diff --git a/ci/new_tsqa/tests/test_https.py b/ci/new_tsqa/tests/test_https.py deleted file mode 100644 index a8914e6..0000000 --- a/ci/new_tsqa/tests/test_https.py +++ /dev/null @@ -1,273 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import logging -from OpenSSL import SSL -import socket - -import helpers -import tsqa.utils - -# some ciphers to test with -CIPHER_MAP = { - 'rsa': 'ECDHE-RSA-AES256-GCM-SHA384', - 'ecdsa': 'ECDHE-ECDSA-AES256-GCM-SHA384', -} - - -class CertSelectionMixin(object): - def _get_cert(self, addr, sni_name=None, ciphers=None): - ''' - Return the certificate for addr. Optionally sending sni_name - ''' - ctx = SSL.Context(SSL.TLSv1_2_METHOD) - # Set up client - sock = SSL.Connection(ctx, socket.socket(socket.AF_INET, socket.SOCK_STREAM)) - sock.connect(addr) - if sni_name is not None: - sock.set_tlsext_host_name(sni_name) - if ciphers is not None: - ctx.set_cipher_list(ciphers) - sock.do_handshake() - return sock.get_peer_certificate() - - def _get_cert_chain(self, addr, sni_name=None, ciphers=None): - ''' - Return the certificate chain for addr. Optionally sending sni_name - ''' - ctx = SSL.Context(SSL.TLSv1_2_METHOD) - # Set up client - sock = SSL.Connection(ctx, socket.socket(socket.AF_INET, socket.SOCK_STREAM)) - sock.connect(addr) - if sni_name is not None: - sock.set_tlsext_host_name(sni_name) - if ciphers is not None: - ctx.set_cipher_list(ciphers) - sock.do_handshake() - return sock.get_peer_cert_chain() - - def test_star_ordering(self): - ''' - We should be served the first match, since we aren't sending SNI headers - ''' - addr = ('127.0.0.1', self.ssl_port) - cert = self._get_cert(addr) - self.assertEqual(cert.get_subject().commonName.decode(), 'www.example.com') - - def test_star_sni(self): - ''' - Make sure we get the certificate we asked for if we pass in SNI headers - ''' - addr = ('127.0.0.1', self.ssl_port) - cert = self._get_cert(addr, sni_name='www.test.com') - self.assertEqual(cert.get_subject().commonName.decode(), 'www.test.com') - - cert = self._get_cert(addr, sni_name='www.example.com') - self.assertEqual(cert.get_subject().commonName.decode(), 'www.example.com') - - def test_ip_ordering(self): - ''' - We should be served the first match, since we aren't sending SNI headers - ''' - addr = ('127.0.0.2', self.ssl_port) - cert = self._get_cert(addr) - self.assertEqual(cert.get_subject().commonName.decode(), 'www.example.com') - - def test_ip_sni(self): - ''' - Make sure we get the certificate we asked for if we pass in SNI headers - ''' - addr = ('127.0.0.2', self.ssl_port) - cert = self._get_cert(addr, sni_name='www.test.com') - self.assertEqual(cert.get_subject().commonName.decode(), 'www.test.com') - - cert = self._get_cert(addr, sni_name='www.example.com') - self.assertEqual(cert.get_subject().commonName.decode(), 'www.example.com') - - def _intermediate_ca_t(self, cipher): - ''' - Method for testing intermediate CAs. We assume that www.example.com should - return a certificate chaing of len 2 which includes intermediate. - We also assume that www.test.com returns a single cert in the chain which - is *not* intermediate - ''' - # send a request that *should* get an intermediate CA - addr = ('127.0.0.1', self.ssl_port) - cert_chain = self._get_cert_chain(addr, ciphers=CIPHER_MAP[cipher]) - self.assertEqual(len(cert_chain), 2) - self.assertEqual(cert_chain[0].get_subject().commonName.decode(), 'www.example.com') - self.assertEqual(cert_chain[1].get_subject().commonName.decode(), 'intermediate') - - # send a request that shouldn't get an intermediate CA - addr = ('127.0.0.1', self.ssl_port) - cert_chain = self._get_cert_chain(addr, ciphers=CIPHER_MAP[cipher], sni_name='www.test.com') - self.assertEqual(len(cert_chain), 1) - self.assertEqual(cert_chain[0].get_subject().commonName.decode(), 'www.test.com') - - -class TestRSA(helpers.EnvironmentCase, CertSelectionMixin): - ''' - Tests for https for ATS configured with RSA certificates - ''' - @classmethod - def setUpEnv(cls, env): - # add an SSL port to ATS - cls.ssl_port = tsqa.utils.bind_unused_port()[1] - cls.configs['records.config']['CONFIG']['proxy.config.http.server_ports'] += ' {0}:ssl'.format(cls.ssl_port) - cls.configs['records.config']['CONFIG'].update({ - 'proxy.config.diags.debug.enabled': 1, - 'proxy.config.diags.debug.tags': 'ssl', - 'proxy.config.ssl.server.cipher_suite': CIPHER_MAP['rsa'], - }) - - # configure SSL multicert - cls.configs['ssl_multicert.config'].add_line('dest_ip=127.0.0.2 ssl_cert_name={0} ssl_ca_name={1}'.format( - helpers.tests_file_path('rsa_keys/www.example.com.pem'), - helpers.tests_file_path('rsa_keys/intermediate.crt'), - )) - cls.configs['ssl_multicert.config'].add_line('dest_ip=127.0.0.2 ssl_cert_name={0}'.format( - helpers.tests_file_path('rsa_keys/www.test.com.pem'), - )) - - cls.configs['ssl_multicert.config'].add_line('dest_ip=* ssl_cert_name={0} ssl_ca_name={1}'.format( - helpers.tests_file_path('rsa_keys/www.example.com.pem'), - helpers.tests_file_path('rsa_keys/intermediate.crt'), - )) - cls.configs['ssl_multicert.config'].add_line('dest_ip=* ssl_cert_name={0}'.format( - helpers.tests_file_path('rsa_keys/www.test.com.pem'), - )) - - def test_rsa(self): - addr = ('127.0.0.1', self.ssl_port) - cert = self._get_cert(addr, ciphers=CIPHER_MAP['rsa']) - self.assertEqual(cert.get_subject().commonName.decode(), 'www.example.com') - - def test_ecdsa(self): - addr = ('127.0.0.1', self.ssl_port) - with self.assertRaises(Exception): - cert = self._get_cert(addr, ciphers=CIPHER_MAP['ecdsa']) - self.assertEqual(cert.get_subject().commonName.decode(), 'www.example.com') - - def test_intermediate_ca_rsa(self): - self._intermediate_ca_t('rsa') - - def test_intermediate_ca_ecdsa(self): - with self.assertRaises(Exception): - self._intermediate_ca_t('ecdsa') - -class TestECDSA(helpers.EnvironmentCase, CertSelectionMixin): - ''' - Tests for https for ATS configured with ECDSA certificates - ''' - @classmethod - def setUpEnv(cls, env): - # add an SSL port to ATS - cls.ssl_port = tsqa.utils.bind_unused_port()[1] - cls.configs['records.config']['CONFIG']['proxy.config.http.server_ports'] += ' {0}:ssl'.format(cls.ssl_port) - cls.configs['records.config']['CONFIG'].update({ - 'proxy.config.diags.debug.enabled': 1, - 'proxy.config.diags.debug.tags': 'ssl', - 'proxy.config.ssl.server.cipher_suite': CIPHER_MAP['ecdsa'], - }) - - # configure SSL multicert - cls.configs['ssl_multicert.config'].add_line('dest_ip=127.0.0.2 ssl_cert_name={0} ssl_ca_name={1}'.format( - helpers.tests_file_path('ec_keys/www.example.com.pem'), - helpers.tests_file_path('ec_keys/intermediate.crt'), - )) - cls.configs['ssl_multicert.config'].add_line('dest_ip=127.0.0.2 ssl_cert_name={0}'.format( - helpers.tests_file_path('ec_keys/www.test.com.pem'), - )) - - cls.configs['ssl_multicert.config'].add_line('dest_ip=* ssl_cert_name={0} ssl_ca_name={1}'.format( - helpers.tests_file_path('ec_keys/www.example.com.pem'), - helpers.tests_file_path('ec_keys/intermediate.crt'), - )) - cls.configs['ssl_multicert.config'].add_line('dest_ip=* ssl_cert_name={0}'.format( - helpers.tests_file_path('ec_keys/www.test.com.pem'), - )) - - def test_rsa(self): - addr = ('127.0.0.1', self.ssl_port) - with self.assertRaises(Exception): - cert = self._get_cert(addr, ciphers=CIPHER_MAP['rsa']) - self.assertEqual(cert.get_subject().commonName.decode(), 'www.example.com') - - def test_ecdsa(self): - addr = ('127.0.0.1', self.ssl_port) - cert = self._get_cert(addr, ciphers=CIPHER_MAP['ecdsa']) - self.assertEqual(cert.get_subject().commonName.decode(), 'www.example.com') - - def test_intermediate_ca_rsa(self): - with self.assertRaises(Exception): - self._intermediate_ca_t('rsa') - - def test_intermediate_ca_ecdsa(self): - self._intermediate_ca_t('ecdsa') - -class TestMix(helpers.EnvironmentCase, CertSelectionMixin): - ''' - Tests for https for ATS configured with both ECDSA and RSA certificates - ''' - @classmethod - def setUpEnv(cls, env): - # add an SSL port to ATS - cls.ssl_port = tsqa.utils.bind_unused_port()[1] - cls.configs['records.config']['CONFIG']['proxy.config.http.server_ports'] += ' {0}:ssl'.format(cls.ssl_port) - cls.configs['records.config']['CONFIG'].update({ - 'proxy.config.diags.debug.enabled': 1, - 'proxy.config.diags.debug.tags': 'ssl', - 'proxy.config.ssl.server.cipher_suite': '{0}:{1}'.format(CIPHER_MAP['ecdsa'], CIPHER_MAP['rsa']), - }) - - # configure SSL multicert - cls.configs['ssl_multicert.config'].add_line('dest_ip=127.0.0.2 ssl_cert_name={0},{1} ssl_ca_name={2},{3}'.format( - helpers.tests_file_path('rsa_keys/www.example.com.pem'), - helpers.tests_file_path('ec_keys/www.example.com.pem'), - helpers.tests_file_path('rsa_keys/intermediate.crt'), - helpers.tests_file_path('ec_keys/intermediate.crt'), - )) - cls.configs['ssl_multicert.config'].add_line('dest_ip=127.0.0.2 ssl_cert_name={0},{1}'.format( - helpers.tests_file_path('rsa_keys/www.test.com.pem'), - helpers.tests_file_path('ec_keys/www.test.com.pem'), - )) - - cls.configs['ssl_multicert.config'].add_line('dest_ip=* ssl_cert_name={0},{1} ssl_ca_name={2},{3}'.format( - helpers.tests_file_path('rsa_keys/www.example.com.pem'), - helpers.tests_file_path('ec_keys/www.example.com.pem'), - helpers.tests_file_path('rsa_keys/intermediate.crt'), - helpers.tests_file_path('ec_keys/intermediate.crt'), - )) - cls.configs['ssl_multicert.config'].add_line('dest_ip=* ssl_cert_name={0},{1}'.format( - helpers.tests_file_path('rsa_keys/www.test.com.pem'), - helpers.tests_file_path('ec_keys/www.test.com.pem'), - )) - - def test_rsa(self): - addr = ('127.0.0.1', self.ssl_port) - cert = self._get_cert(addr, ciphers=CIPHER_MAP['rsa']) - self.assertEqual(cert.get_subject().commonName.decode(), 'www.example.com') - - def test_ecdsa(self): - addr = ('127.0.0.1', self.ssl_port) - cert = self._get_cert(addr, ciphers=CIPHER_MAP['ecdsa']) - self.assertEqual(cert.get_subject().commonName.decode(), 'www.example.com') - - def test_intermediate_ca_rsa(self): - self._intermediate_ca_t('rsa') - - def test_intermediate_ca_ecdsa(self): - self._intermediate_ca_t('ecdsa')
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/new_tsqa/tests/test_keepalive.py ---------------------------------------------------------------------- diff --git a/ci/new_tsqa/tests/test_keepalive.py b/ci/new_tsqa/tests/test_keepalive.py deleted file mode 100644 index 0e501ce..0000000 --- a/ci/new_tsqa/tests/test_keepalive.py +++ /dev/null @@ -1,476 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import uuid -import requests -import time -import logging -import socket - -import helpers - -import tsqa.test_cases -import tsqa.utils -import tsqa.endpoint - -log = logging.getLogger(__name__) - -import SocketServer - - -class KeepaliveTCPHandler(SocketServer.BaseRequestHandler): - """ - A subclass of RequestHandler which will return a connection uuid - """ - - def handle(self): - # Receive the data in small chunks and retransmit it - start = time.time() - conn_id = uuid.uuid4().hex - while True: - now = time.time() - start - data = self.request.recv(4096).strip() - if data: - log.debug('Sending data back to the client: {uid}'.format(uid=conn_id)) - else: - log.debug('Client disconnected: {timeout}seconds'.format(timeout=now)) - break - body = conn_id - resp = ('HTTP/1.1 200 OK\r\n' - 'Content-Length: {content_length}\r\n' - 'Content-Type: text/html; charset=UTF-8\r\n' - 'Connection: keep-alive\r\n' - '\r\n' - '{body}'.format(content_length=len(body), body=body)) - self.request.sendall(resp) - - -class KeepAliveInMixin(object): - """Mixin for keep alive in. - - TODO: Allow protocol to be specified for ssl traffic - """ - def _get_socket(self): - s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - s.connect(('127.0.0.1', int(self.configs['records.config']['CONFIG']['proxy.config.http.server_ports']))) - return s - - def _headers_to_str(self, headers): - if headers is None: - headers = {} - request = '' - for k, v in headers.iteritems(): - request += '{0}: {1}\r\n'.format(k, v) - return request - - def _aux_KA_working_path_connid(self, protocol, headers=None): - # connect tcp - s = self._get_socket() - - request = ('GET / HTTP/1.1\r\n' - 'Host: foobar.com\r\n') - request += self._headers_to_str(headers) - request += '\r\n' - - for x in xrange(1, 10): - s.send(request) - response = s.recv(4096) - # cheat, since we know what the body should have - if '\r\n\r\n' not in response: - response += s.recv(4096) - self.assertIn('HTTP/1.1 200 OK', response) - self.assertIn('hello', response) - - def _aux_working_path(self, protocol, headers=None): - # connect tcp - s = self._get_socket() - - request = ('GET /exists/ HTTP/1.1\r\n' - 'Host: foobar.com\r\n') - request += self._headers_to_str(headers) - request += '\r\n' - - for x in xrange(1, 10): - s.send(request) - response = s.recv(4096) - # cheat, since we know what the body should have - if not response.endswith('hello'): - response += s.recv(4096) - self.assertIn('HTTP/1.1 200 OK', response) - self.assertIn('hello', response) - - def _aux_error_path(self, protocol, headers=None): - # connect tcp - s = self._get_socket() - - request = ('GET / HTTP/1.1\r\n' - 'Host: foobar.com\r\n') - request += self._headers_to_str(headers) - request += '\r\n' - for x in xrange(1, 10): - s.send(request) - response = s.recv(4096) - self.assertIn('HTTP/1.1 404 Not Found on Accelerator', response) - - def _aux_error_path_post(self, protocol, headers=None): - ''' - Ensure that sending a request with a body doesn't break the keepalive session - ''' - # connect tcp - s = self._get_socket() - - request = ('POST / HTTP/1.1\r\n' - 'Host: foobar.com\r\n' - 'Content-Length: 10\r\n') - request += self._headers_to_str(headers) - request += '\r\n' - request += '1234567890' - - for x in xrange(1, 10): - try: - s.send(request) - except IOError: - s = self._get_socket() - s.send(request) - - response = s.recv(4096) - # Check if client disconnected - if response: - self.assertIn('HTTP/1.1 404 Not Found on Accelerator', response) - - -class BasicTestsOutMixin(object): - - def _aux_KA_origin(self, protocol, headers=None): - ''' - Test that the origin does in fact support keepalive - ''' - conn_id = None - with requests.Session() as s: - url = '{0}://127.0.0.1:{1}/'.format(protocol, self.socket_server.port) - for x in xrange(1, 10): - ret = s.get(url, verify=False, headers=headers) - if not conn_id: - conn_id = ret.text.strip() - self.assertEqual(ret.status_code, 200) - self.assertEqual(ret.text.strip(), conn_id, "Client reports server closed connection") - - def _aux_KA_proxy(self, protocol, headers=None): - ''' - Test that keepalive works through ATS to that origin - ''' - url = '{0}://127.0.0.1:{1}'.format(protocol, - self.configs['records.config']['CONFIG']['proxy.config.http.server_ports']) - conn_id = None - for x in xrange(1, 10): - ret = requests.get(url, verify=False, headers=headers) - if not conn_id: - conn_id = ret.text.strip() - self.assertEqual(ret.status_code, 200) - self.assertEqual(ret.text.strip(), conn_id, "Client reports server closed connection") - -class TimeoutOutMixin(object): - - def _aux_KA_timeout_direct(self, protocol): - '''Tests that origin does not timeout using keepalive.''' - with requests.Session() as s: - url = '{0}://127.0.0.1:{1}/'.format(protocol, self.socket_server.port) - conn_id = None - for x in xrange(0, 3): - ret = s.get(url, verify=False) - if not conn_id: - conn_id = ret.text.strip() - self.assertEqual(ret.text.strip(), conn_id, "Client reports server closed connection") - time.sleep(3) - - def _aux_KA_timeout_proxy(self, protocol): - '''Tests that keepalive timeout is honored through ATS to origin.''' - url = '{0}://127.0.0.1:{1}'.format(protocol, - self.configs['records.config']['CONFIG']['proxy.config.http.server_ports']) - conn_id = None - for x in xrange(0, 3): - ret = requests.get(url, verify=False) - if not conn_id: - conn_id = ret.text.strip() - self.assertEqual(ret.text.strip(), conn_id, "Client reports server closed connection") - time.sleep(3) - - -class OriginMinMaxMixin(object): - - def _aux_KA_min_origin(self, protocol): - '''Tests that origin_min_keep_alive_connections is honored.''' - url = '{0}://127.0.0.1:{1}'.format(protocol, - self.configs['records.config']['CONFIG']['proxy.config.http.server_ports']) - ret = requests.get(url, verify=False) - conn_id = ret.text.strip() - time.sleep(3) - ret = requests.get(url, verify=False) - self.assertEqual(ret.text.strip(), conn_id, "Client reports server closed connection") - - -class TestKeepAliveInHTTP(tsqa.test_cases.DynamicHTTPEndpointCase, helpers.EnvironmentCase, KeepAliveInMixin): - @classmethod - def setUpEnv(cls, env): - - def hello(request): - return 'hello' - cls.http_endpoint.add_handler('/exists/', hello) - - cls.configs['remap.config'].add_line('map /exists/ http://127.0.0.1:{0}/exists/'.format(cls.http_endpoint.address[1])) - - # only add server headers when there weren't any - cls.configs['records.config']['CONFIG']['proxy.config.http.response_server_enabled'] = 2 - cls.configs['records.config']['CONFIG']['proxy.config.http.keep_alive_enabled_in'] = 1 - cls.configs['records.config']['CONFIG']['share_server_session'] = 2 - - # set only one ET_NET thread (so we don't have to worry about the per-thread pools causing issues) - cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.limit'] = 1 - cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.autoconfig'] = 0 - - def test_working_path(self): - self._aux_working_path("http") - - def test_error_path(self): - self._aux_error_path("http") - - def test_error_path_post(self): - ''' - Ensure that sending a request with a body doesn't break the keepalive session - ''' - self._aux_error_path_post("http") - -class TestKeepAliveOriginConnOutHTTP(helpers.EnvironmentCase, OriginMinMaxMixin): - @classmethod - def setUpEnv(cls, env): - ''' - This function is responsible for setting up the environment for this fixture - This includes everything pre-daemon start - ''' - # create a socket server - cls.socket_server = tsqa.endpoint.SocketServerDaemon(KeepaliveTCPHandler) - cls.socket_server.start() - cls.socket_server.ready.wait() - cls.configs['remap.config'].add_line('map / http://127.0.0.1:{0}/'.format(cls.socket_server.port)) - - # only add server headers when there weren't any - cls.configs['records.config']['CONFIG']['proxy.config.http.response_server_enabled'] = 2 - cls.configs['records.config']['CONFIG']['proxy.config.http.keep_alive_enabled_out'] = 1 - cls.configs['records.config']['CONFIG']['share_server_session'] = 2 - - # set only one ET_NET thread (so we don't have to worry about the per-thread pools causing issues) - cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.limit'] = 1 - cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.autoconfig'] = 0 - - # Timeouts - cls.configs['records.config']['CONFIG']['proxy.config.http.keep_alive_no_activity_timeout_out'] = 1 - cls.configs['records.config']['CONFIG']['proxy.config.http.transaction_no_activity_timeout_out'] = 1 - - cls.configs['records.config']['CONFIG']['proxy.config.http.origin_min_keep_alive_connections'] = 1 - - def test_KA_min_origin(self): - '''Tests that origin_min_keep_alive_connections is honored via http.''' - self._aux_KA_min_origin("http") - - -class TestKeepAliveOriginConnOutHTTPS(helpers.EnvironmentCase, OriginMinMaxMixin): - @classmethod - def setUpEnv(cls, env): - ''' - This function is responsible for setting up the environment for this fixture - This includes everything pre-daemon start - ''' - # create a socket server - cls.socket_server = tsqa.endpoint.SSLSocketServerDaemon(KeepaliveTCPHandler, - helpers.tests_file_path('cert.pem'), - helpers.tests_file_path('key.pem')) - cls.socket_server.start() - cls.socket_server.ready.wait() - cls.configs['remap.config'].add_line('map / https://127.0.0.1:{0}/\n'.format(cls.socket_server.port)) - - # only add server headers when there weren't any - cls.configs['records.config']['CONFIG']['proxy.config.http.response_server_enabled'] = 2 - cls.configs['records.config']['CONFIG']['proxy.config.http.keep_alive_enabled_out'] = 1 - cls.configs['records.config']['CONFIG']['share_server_session'] = 2 - - # set only one ET_NET thread (so we don't have to worry about the per-thread pools causing issues) - cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.limit'] = 1 - cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.autoconfig'] = 0 - cls.configs['records.config']['CONFIG']['proxy.config.ssl.number.threads'] = -1 - - # Timeouts - cls.configs['records.config']['CONFIG']['proxy.config.http.keep_alive_no_activity_timeout_out'] = 1 - cls.configs['records.config']['CONFIG']['proxy.config.http.transaction_no_activity_timeout_out'] = 1 - - cls.configs['records.config']['CONFIG']['proxy.config.http.origin_min_keep_alive_connections'] = 1 - - def test_KA_min_origin(self): - '''Tests that origin_min_keep_alive_connections is honored via https.''' - self._aux_KA_min_origin("http") - - -class TestKeepAliveOutHTTP(helpers.EnvironmentCase, BasicTestsOutMixin, TimeoutOutMixin): - @classmethod - def setUpEnv(cls, env): - ''' - This function is responsible for setting up the environment for this fixture - This includes everything pre-daemon start - ''' - # create a socket server - cls.socket_server = tsqa.endpoint.SocketServerDaemon(KeepaliveTCPHandler) - cls.socket_server.start() - cls.socket_server.ready.wait() - cls.configs['remap.config'].add_line('map / http://127.0.0.1:{0}/'.format(cls.socket_server.port)) - - # only add server headers when there weren't any - cls.configs['records.config']['CONFIG']['proxy.config.http.response_server_enabled'] = 2 - cls.configs['records.config']['CONFIG']['proxy.config.http.keep_alive_enabled_out'] = 1 - cls.configs['records.config']['CONFIG']['share_server_session'] = 2 - - # set only one ET_NET thread (so we don't have to worry about the per-thread pools causing issues) - cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.limit'] = 1 - cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.autoconfig'] = 0 - - # Timeouts - cls.configs['records.config']['CONFIG']['proxy.config.http.keep_alive_no_activity_timeout_out'] = 10 - cls.configs['records.config']['CONFIG']['proxy.config.http.transaction_no_activity_timeout_out'] = 2 - - def test_KA_origin(self): - '''Test that the origin does in fact support keepalive via http.''' - self._aux_KA_origin("http") - - def test_KA_proxy(self): - '''Tests that keepalive works through ATS to origin via http.''' - self._aux_KA_proxy("http") - - def test_KA_timeout_direct(self): - '''Tests that origin does not timeout using keepalive via http.''' - self._aux_KA_timeout_direct("http") - - def test_KA_timeout_proxy(self): - '''Tests that keepalive timeout is honored through ATS to origin via http.''' - self._aux_KA_timeout_proxy("http") - - -class TestKeepAliveOutHTTPS(helpers.EnvironmentCase, BasicTestsOutMixin, TimeoutOutMixin): - @classmethod - def setUpEnv(cls, env): - ''' - This function is responsible for setting up the environment for this fixture - This includes everything pre-daemon start - ''' - # create a socket server - cls.socket_server = tsqa.endpoint.SSLSocketServerDaemon(KeepaliveTCPHandler, - helpers.tests_file_path('cert.pem'), - helpers.tests_file_path('key.pem')) - cls.socket_server.start() - cls.socket_server.ready.wait() - cls.configs['remap.config'].add_line('map / https://127.0.0.1:{0}/\n'.format(cls.socket_server.port)) - - # only add server headers when there weren't any - cls.configs['records.config']['CONFIG']['proxy.config.http.response_server_enabled'] = 2 - cls.configs['records.config']['CONFIG']['proxy.config.http.keep_alive_enabled_out'] = 1 - cls.configs['records.config']['CONFIG']['share_server_session'] = 2 - - # set only one ET_NET thread (so we don't have to worry about the per-thread pools causing issues) - cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.limit'] = 1 - cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.autoconfig'] = 0 - cls.configs['records.config']['CONFIG']['proxy.config.ssl.number.threads'] = -1 - - # Timeouts - cls.configs['records.config']['CONFIG']['proxy.config.http.keep_alive_no_activity_timeout_out'] = 10 - cls.configs['records.config']['CONFIG']['proxy.config.http.transaction_no_activity_timeout_out'] = 2 - - def test_KA_origin(self): - '''Test that the origin does in fact support keepalive via https.''' - self._aux_KA_origin("https") - - def test_KA_proxy(self): - '''Tests that keepalive works through ATS to origin via https.''' - self._aux_KA_proxy("http") - - def test_KA_timeout_direct(self): - '''Tests that origin does not timeout using keepalive via https.''' - self._aux_KA_timeout_direct("https") - - def test_KA_timeout_proxy(self): - '''Tests that keepalive timeout is honored through ATS to origin via https.''' - self._aux_KA_timeout_proxy("http") - - - -# TODO: refactor these tests, these are *very* similar, we should paramatarize them -## Some basic tests for auth_sever_session_private -class TestKeepAlive_Authorization_private(helpers.EnvironmentCase, BasicTestsOutMixin, KeepAliveInMixin): - @classmethod - def setUpEnv(cls, env): - - cls.socket_server = tsqa.endpoint.SocketServerDaemon(KeepaliveTCPHandler) - cls.socket_server.start() - cls.socket_server.ready.wait() - cls.configs['remap.config'].add_line('map / http://127.0.0.1:{0}/exists/'.format(cls.socket_server.port)) - - # only add server headers when there weren't any - cls.configs['records.config']['CONFIG']['proxy.config.http.response_server_enabled'] = 2 - cls.configs['records.config']['CONFIG']['proxy.config.http.keep_alive_enabled_in'] = 1 - cls.configs['records.config']['CONFIG']['share_server_session'] = 2 - - # set only one ET_NET thread (so we don't have to worry about the per-thread pools causing issues) - cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.limit'] = 1 - cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.autoconfig'] = 0 - - # make auth sessions private - cls.configs['records.config']['CONFIG']['proxy.config.auth_server_session_private'] = 1 - - def test_KA_server(self): - '''Tests that keepalive works through ATS to origin via https.''' - with self.assertRaises(AssertionError): - self._aux_KA_proxy("http", headers={'Authorization': 'Foo'}) - - def test_KA_client(self): - '''Tests that keepalive works through ATS to origin via https.''' - with self.assertRaises(AssertionError): - self._aux_KA_working_path_connid("http", headers={'Authorization': 'Foo'}) - - -class TestKeepAlive_Authorization_no_private(helpers.EnvironmentCase, BasicTestsOutMixin, KeepAliveInMixin): - @classmethod - def setUpEnv(cls, env): - - cls.socket_server = tsqa.endpoint.SocketServerDaemon(KeepaliveTCPHandler) - cls.socket_server.start() - cls.socket_server.ready.wait() - cls.configs['remap.config'].add_line('map / http://127.0.0.1:{0}/exists/'.format(cls.socket_server.port)) - - # only add server headers when there weren't any - cls.configs['records.config']['CONFIG']['proxy.config.http.response_server_enabled'] = 2 - cls.configs['records.config']['CONFIG']['proxy.config.http.keep_alive_enabled_in'] = 1 - cls.configs['records.config']['CONFIG']['share_server_session'] = 2 - - # set only one ET_NET thread (so we don't have to worry about the per-thread pools causing issues) - cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.limit'] = 1 - cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.autoconfig'] = 0 - - # make auth sessions private - cls.configs['records.config']['CONFIG']['proxy.config.http.auth_server_session_private'] = 0 - - def test_KA_server(self): - '''Tests that keepalive works through ATS to origin via https.''' - self._aux_KA_proxy("http", headers={'Authorization': 'Foo'}) - - def test_KA_client(self): - '''Tests that keepalive works through ATS to origin via https.''' - self._aux_KA_working_path_connid("http", headers={'Authorization': 'Foo'}) http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/new_tsqa/tests/test_redirection.py ---------------------------------------------------------------------- diff --git a/ci/new_tsqa/tests/test_redirection.py b/ci/new_tsqa/tests/test_redirection.py deleted file mode 100644 index 1100dc1..0000000 --- a/ci/new_tsqa/tests/test_redirection.py +++ /dev/null @@ -1,41 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import requests -import helpers -import tsqa.test_cases -import tsqa.utils -import tsqa.endpoint - -class TestRedirection(helpers.EnvironmentCase, tsqa.test_cases.HTTPBinCase): - @classmethod - def setUpEnv(cls, env): - cls.configs['records.config']['CONFIG'].update({ - 'proxy.config.http.redirection_enabled': 1, - 'proxy.config.http.number_of_redirections': 10 - }) - cls.configs['remap.config'].add_line('map / http://127.0.0.1:{0}'.format(cls.http_endpoint.address[1])) - - def test_redirection(self): - server_ports = self.configs['records.config']['CONFIG']['proxy.config.http.server_ports'] - - # By default Requests will perform location redirection - # Disable redirection handling with the allow_redirects parameter - r = requests.get('http://127.0.0.1:{0}/redirect/9'.format(server_ports), allow_redirects=False) - self.assertEqual(r.status_code, 200) - - r = requests.get('http://127.0.0.1:{0}/redirect/10'.format(server_ports), allow_redirects=False) - self.assertEqual(r.status_code, 302) http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/new_tsqa/tests/test_regressions.py ---------------------------------------------------------------------- diff --git a/ci/new_tsqa/tests/test_regressions.py b/ci/new_tsqa/tests/test_regressions.py deleted file mode 100644 index 8fec2eb..0000000 --- a/ci/new_tsqa/tests/test_regressions.py +++ /dev/null @@ -1,82 +0,0 @@ -''' -Run the built-in regression tests with experimental build configurations. -''' - -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import os -import sys -import requests -import time -import subprocess -import logging - -import helpers -import tsqa.test_cases -import tsqa.utils - -log = logging.getLogger(__name__) - -class TestRegressions(helpers.EnvironmentCase): - ''' - Run the built-in traffic_server regression test suite. - ''' - - # NOTE: we need to stop the running Traffic Server in the environment so - # that we can start up our own. Make sure to restart it when we are done so - # that the EnvironmentCase doesn't get upset. - - @classmethod - def setUpClass(cls): - super(TestRegressions, cls).setUpClass() - cls.environment.stop() - - @classmethod - def tearDownClass(cls): - cls.environment.start() - super(TestRegressions, cls).tearDownClass() - - def test_regressions(self): - cmd = [os.path.join(self.environment.layout.bindir, 'traffic_server'), '-R', '1'] - tsqa.utils.run_sync_command(cmd, stdout=subprocess.PIPE, stderr=subprocess.STDOUT) - -class TestRegressionsReclaimableFreelist(TestRegressions): - ''' - Run the built-in traffic_server regression test suite with - --enable-reclaimable-freelist. - ''' - environment_factory = { - 'configure': { 'enable-reclaimable-freelist': None }, - } - -class TestRegressionsInterimCache(TestRegressions): - ''' - Run the built-in traffic_server regression test suite with - --enable-interim-cache. - ''' - environment_factory = { - 'configure': { 'enable-interim-cache': None }, - } - -class TestRegressionsLinuxNativeAIO(TestRegressions): - ''' - Run the built-in traffic_server regression test suite with - --enable-linux-native-aio. - ''' - environment_factory = { - 'configure': { 'enable-linux-native-aio': None }, - } http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/new_tsqa/tests/test_remap.py ---------------------------------------------------------------------- diff --git a/ci/new_tsqa/tests/test_remap.py b/ci/new_tsqa/tests/test_remap.py deleted file mode 100644 index aac6e8e..0000000 --- a/ci/new_tsqa/tests/test_remap.py +++ /dev/null @@ -1,125 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import os -import requests -import time -import logging - -import helpers - -import tsqa.test_cases -import tsqa.utils -import tsqa.endpoint - -log = logging.getLogger(__name__) - -class TestRemapHTTP(tsqa.test_cases.DynamicHTTPEndpointCase, helpers.EnvironmentCase): - @classmethod - def setUpEnv(cls, env): - cls.configs['records.config']['CONFIG'].update({ - 'proxy.config.diags.debug.enabled': 1, - 'proxy.config.diags.debug.tags': 'url.*', - }) - - cls.configs['remap.config'].add_line( - 'map http://www.example.com http://127.0.0.1:{0}'.format(cls.http_endpoint.address[1])); - cls.configs['remap.config'].add_line( - 'map http://www.example.com:8080 http://127.0.0.1:{0}'.format(cls.http_endpoint.address[1])); - - def hello(request): - return 'hello' - cls.http_endpoint.add_handler('/', hello) - - def test_remap_http(self): - s = requests.Session() - http_port = self.configs['records.config']['CONFIG']['proxy.config.http.server_ports'] - url = 'http://127.0.0.1:{0}/'.format(http_port) - - ret = s.get(url) - self.assertEqual(ret.status_code, 404) - - s.headers.update({'Host': 'www.example.com'}) - ret = s.get(url) - self.assertEqual(ret.status_code, 200) - - s.headers.update({'Host': 'www.example.com:80'}) - ret = s.get(url) - self.assertEqual(ret.status_code, 200) - - s.headers.update({'Host': 'www.example.com:8080'}) - ret = s.get(url) - self.assertEqual(ret.status_code, 200) - - s.headers.update({'Host': 'www.test.com'}) - ret = s.get(url) - self.assertEqual(ret.status_code, 404) - - s.headers.update({'Host': 'www.example.com:1234'}) - ret = s.get(url) - self.assertEqual(ret.status_code, 404) - -class TestRemapHTTPS(tsqa.test_cases.DynamicHTTPEndpointCase, helpers.EnvironmentCase): - @classmethod - def setUpEnv(cls, env): - # set an SSL port to ATS - cls.ssl_port = tsqa.utils.bind_unused_port()[1] - cls.configs['records.config']['CONFIG']['proxy.config.http.server_ports'] += ' {0}:ssl'.format(cls.ssl_port) - cls.configs['records.config']['CONFIG'].update({ - 'proxy.config.diags.debug.enabled': 1, - 'proxy.config.diags.debug.tags': 'url.*' - }) - - cls.configs['remap.config'].add_line( - 'map https://www.example.com http://127.0.0.1:{0}'.format(cls.http_endpoint.address[1])); - cls.configs['remap.config'].add_line( - 'map https://www.example.com:4443 http://127.0.0.1:{0}'.format(cls.http_endpoint.address[1])); - # configure SSL multicert - cls.configs['ssl_multicert.config'].add_line( - 'dest_ip=* ssl_cert_name={0}'.format(helpers.tests_file_path('rsa_keys/www.example.com.pem'))) - - def hello(request): - return 'hello' - cls.http_endpoint.add_handler('/', hello) - - def test_remap_https(self): - s = requests.Session() - url = 'https://127.0.0.1:{0}/'.format(self.ssl_port) - - # We lack of SNI support in requests module, so we do not verify SSL certificate here. - # ret = s.get(url, verify=(helpers.tests_file_path('certs/ca.crt'))) - ret = s.get(url, verify=False) - self.assertEqual(ret.status_code, 404) - - s.headers.update({'Host': 'www.example.com'}) - ret = s.get(url, verify=False) - self.assertEqual(ret.status_code, 200) - - s.headers.update({'Host': 'www.example.com:443'}) - ret = s.get(url) - self.assertEqual(ret.status_code, 200) - - s.headers.update({'Host': 'www.example.com:4443'}) - ret = s.get(url) - self.assertEqual(ret.status_code, 200) - - s.headers.update({'Host': 'www.test.com'}) - ret = s.get(url) - self.assertEqual(ret.status_code, 404) - - s.headers.update({'Host': 'www.example.com:1234'}) - ret = s.get(url) - self.assertEqual(ret.status_code, 404) http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/new_tsqa/tests/test_spdy_protocol_select.py ---------------------------------------------------------------------- diff --git a/ci/new_tsqa/tests/test_spdy_protocol_select.py b/ci/new_tsqa/tests/test_spdy_protocol_select.py deleted file mode 100644 index 50fabce..0000000 --- a/ci/new_tsqa/tests/test_spdy_protocol_select.py +++ /dev/null @@ -1,156 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import os -import requests -import time -import logging -import subprocess - -import helpers - -import tsqa.test_cases -import tsqa.utils -import tsqa.endpoint - -log = logging.getLogger(__name__) - -#helper function to get spdycat path -def which(program): - def is_exe(fpath): - return os.path.isfile(fpath) and os.access(fpath, os.X_OK) - fpath, fname = os.path.split(program) - if fpath: - if is_exe(program): - return program - else: - for path in os.environ["PATH"].split(os.pathsep): - path = path.strip('"') - exe_file = os.path.join(path, program) - if is_exe(exe_file): - return exe_file - return None - -class TestSPDY(helpers.EnvironmentCase): - environment_factory = { - 'configure': {'enable-spdy': None}, - 'env': {'PKG_CONFIG_PATH': os.getenv("SPDY_PKG_CONFIG_PATH", "/opt/spdylay/lib/pkgconfig/")}, - } - - @classmethod - def setUpEnv(cls, env): - ''' - This function is responsible for setting up the environment for this fixture - This includes everything pre-daemon start - ''' - # set up spdycat - cls.client = which('spdycat') - if cls.client is None: - build_dir = os.environ.get('top_builddir', '../..') - log.info('top build_dir = {0}'.format(build_dir)) - cls.client = '%s/spdylay/src/spdycat' % build_dir - if os.path.isfile(cls.client) is False: - raise helpers.unittest.SkipTest('Cannot find spdycat. skipping test.') - - log.info('spdycat path = {0}'.format(cls.client)) - - # get spdy server ports - cls.spdy_port = tsqa.utils.bind_unused_port()[1] - log.info('spdy server port = {0}'.format(cls.spdy_port)) - cls.http_port = tsqa.utils.bind_unused_port()[1] - log.info('http server port = {0}'.format(cls.http_port)) - - cls.configs['remap.config'].add_line('map / https://docs.trafficserver.apache.org/\n') - - # set only one ET_NET thread (so we don't have to worry about the per-thread pools causing issues) - cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.limit'] = 1 - cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.autoconfig'] = 0 - - # SPDY configs - cls.configs['records.config']['CONFIG']['proxy.config.http.server_ports'] += ' {0}:ssl {1}:proto=http:ssl'.format(cls.spdy_port, cls.http_port) - cls.configs['records.config']['CONFIG']['proxy.config.ssl.server.cert.path'] = helpers.tests_file_path('rsa_keys') - - # configure SSL multicert - cls.configs['ssl_multicert.config'].add_line('dest_ip=* ssl_cert_name={0}\n'.format(helpers.tests_file_path('rsa_keys/www.example.com.pem'))) - - @classmethod - def callSpdycat(self, port, path, args): - full_args = [self.client,'https://localhost:%d%s' % (port, path)] + args - self.log.info('full args = {0}'.format(full_args)) - p = subprocess.Popen(full_args, stdout=subprocess.PIPE, - stdin=subprocess.PIPE) - self.stdout, self.stderr = p.communicate() - return p.returncode - -""" -TODO: re-add spdy2 tests. looks like support here might be lacking some way. was not able to get ATS to advertise spdy/2 -even when it was explicitly set with proto=spdy/2 -""" -class TestSPDYv2(TestSPDY): - @classmethod - def setUpClass(cls): - ''' - Skip spdy2 tests for now - ''' - raise helpers.unittest.SkipTest('Skipping spdy/2 tests') - - @classmethod - def setUpEnv(cls, env): - ''' - This function is responsible for setting up the environment for this fixture - This includes everything pre-daemon start - ''' - super(TestSPDYv2, cls).setUpEnv(env) - - cls.spdy2_port = tsqa.utils.bind_unused_port()[1] - log.info('spdy2 server port = {0}'.format(cls.spdy2_port)) - # make sure we add port supports spdy2 - cls.configs['records.config']['CONFIG']['proxy.config.http.server_ports'] += ' {0}:proto=spdy/2:ssl'.format(cls.spdy2_port) - - def test_SPDY_v2(self): - ''' - Test that the origin does in fact support spdy 2 - ''' - self.assertEquals(0, self.callSpdycat(self.spdy2_port, '/', ['-nv', '--spdy2'])) #this isn't passing - self.assertIn('version=2', self.stdout) - -class TestSPDYv3(TestSPDY): - def test_SPDY_v3(self): - ''' - Test that the origin does in fact support spdy 3 - ''' - self.assertEquals(0, self.callSpdycat(self.spdy_port, '/', ['-nv', '--spdy3'])) - self.assertIn('NPN selected the protocol: spdy/3', self.stdout) - - def test_SPDY_v3_failed_request(self): - ''' - Test that non spdy port won't advertise spdy - ''' - self.assertEquals(1, self.callSpdycat(self.http_port, '/', ['-nv', '--spdy3'])) - -class TestSPDYv3_1(TestSPDY): - def test_SPDY_v3_1(self): - ''' - Test that the origin does in fact support spdy 3.1 - ''' - self.assertEquals(0, self.callSpdycat(self.spdy_port, '/', ['-nv', '--spdy3-1'])) - self.assertIn('NPN selected the protocol: spdy/3.1', self.stdout) - - def test_SPDY_v3_1_failed_request(self): - ''' - Test that non spdy port won't advertise spdy - ''' - self.assertEquals(1, self.callSpdycat(self.http_port, '/', ['-nv', '--spdy3-1'])) http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/Makefile ---------------------------------------------------------------------- diff --git a/ci/tsqa/Makefile b/ci/tsqa/Makefile new file mode 100644 index 0000000..a46a684 --- /dev/null +++ b/ci/tsqa/Makefile @@ -0,0 +1,43 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +.PHONY: test clean update + +VIRTUALENV_DIR = virtualenv + +# Run all tests. +test: $(VIRTUALENV_DIR) + @source $(VIRTUALENV_DIR)/bin/activate && $(VIRTUALENV_DIR)/bin/nosetests -sv --logging-level=INFO + +# Scan and list the tests. +list: $(VIRTUALENV_DIR) + @source $(VIRTUALENV_DIR)/bin/activate && $(VIRTUALENV_DIR)/bin/nosetests -v --collect-only + +# Construct the virtualenv. +$(VIRTUALENV_DIR): + @if [ ! -d $(VIRTUALENV_DIR) ]; then\ + virtualenv $(VIRTUALENV_DIR);\ + fi + @# Update the virtualenv with your dep libraries + source $(VIRTUALENV_DIR)/bin/activate && $(VIRTUALENV_DIR)/bin/pip install -r requirements.txt + @echo "Virtualenv ready!" + +# Update the virtualenv with the latest TSQA package and dependencies. +update: $(VIRTUALENV_DIR) + source $(VIRTUALENV_DIR)/bin/activate && $(VIRTUALENV_DIR)/bin/pip install --upgrade -r requirements.txt + +clean: + rm -rf virtualenv http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/TODO ---------------------------------------------------------------------- diff --git a/ci/tsqa/TODO b/ci/tsqa/TODO new file mode 100644 index 0000000..c01205b --- /dev/null +++ b/ci/tsqa/TODO @@ -0,0 +1,7 @@ +# TODO list for tsqa + +- runtests script + - run specific things within the virtualenv + - package up output from specific tests in a relocateable way +- Documentation/Examples of TSQA framework +- pylint for test cases http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/files/cert.pem ---------------------------------------------------------------------- diff --git a/ci/tsqa/files/cert.pem b/ci/tsqa/files/cert.pem new file mode 100644 index 0000000..fcac091 --- /dev/null +++ b/ci/tsqa/files/cert.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDVzCCAj+gAwIBAgIJAOY9Arrh4/IgMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNV +BAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQg +Q29tcGFueSBMdGQwHhcNMTUwMTIyMDE1MjU3WhcNMTUwMjIxMDE1MjU3WjBCMQsw +CQYDVQQGEwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZh +dWx0IENvbXBhbnkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +08GU61mR18JO9X20utgemoeeYyKx+LXZYQBc0cKwHzZIiYfokwCkCNekMjZ87DT2 ++++8lBf3PatSgtA8/xanr8+TTDbKPehqdItDAy9e/xYgPBz9RXHuBUeOw+CPxt2e +aGrGwy6ybW3jne/+vm73wn+ZzldpwGGXwIQAS9lFqtmisx/DftL8fhzpfp/uIU/K +Y33iMiPpEHi8CHrOsaREl787ipKoqfxs+d1JNTHu1I+wJKgppOrtyjF1AjYDmrRg +RO8rJqIaUKS+8teV2KazwfdPkgNyaoZO7NCPPEjWkbp2c+2AJQqCSyZmJ63idgkR +msaSjRx45vJPOU/KFVHLuQIDAQABo1AwTjAdBgNVHQ4EFgQUtL1CTVRABxDQVbZy +WwOZWMCs08QwHwYDVR0jBBgwFoAUtL1CTVRABxDQVbZyWwOZWMCs08QwDAYDVR0T +BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAComsgXv9V7utk6yY1XV+rtjZmyRV +758Jjzb2sqqVtw8jtEvdiO6rK+Chb49cAcBGJFHZL2/CJ6BWSOf79fLj/IGKC/nX +UBz0dxrlg9x/KR/Jtp0qqQXIw/HT/NvaytYxMIBKqkmjG+kWiPn61dvwFjIERPOb +xM4lHhaO/PKWDDVx6Sf7UzMalmwFjaGQFXCNM5dfqvdqDYYrbZwEWuqmxNy1sZBY +SfY7Tyz6OP9NnlgtWRAITPqBS2kx/MVCGd2TtzJcJDxKK67tr0QFenGtXSZy555Q +bNKjXKVWiHrVCEgttPri22o7Ax1Q6FpLHMXDIiveUl6aXq4ulNzRqXpmaw== +-----END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/files/ec_keys/README.rst ---------------------------------------------------------------------- diff --git a/ci/tsqa/files/ec_keys/README.rst b/ci/tsqa/files/ec_keys/README.rst new file mode 100644 index 0000000..c3dd1e1 --- /dev/null +++ b/ci/tsqa/files/ec_keys/README.rst @@ -0,0 +1,29 @@ +All of these certificates are self-signed and are *not* secure. They are intended +only for use in testing. + +Try to use existing certs if possible rather than generating your own. + +# generated using (make sure to set "hostname"): +openssl ecparam -name prime256v1 -genkey -out key.pem +openssl req -new -x509 -key key.pem -out cert.pem + + +## Since we want to verify all of the certificate verification, we need to generate +## our own CA and intermediate CA +# Create CA +openssl ecparam -name prime256v1 -genkey -out ca.key +openssl req -new -x509 -nodes -sha1 -days 1825 -key ca.key -out ca.crt + +# Create Intermediate +openssl ecparam -name prime256v1 -genkey -out intermediate.key +openssl req -new -sha1 -key intermediate.key -out intermediate.csr + +# CA signs Intermediate +openssl x509 -req -days 1825 -in intermediate.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out intermediate.crt + +# Create Server +openssl ecparam -name prime256v1 -genkey -out www.example.com.key +openssl req -new -key test.example.com.key -out test.example.com.csr + +# Intermediate signs Server +openssl x509 -req -days 1825 -in test.example.com.csr -CA intermediate.crt -CAkey intermediate.key -set_serial 01 -out test.example.com.crt http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/files/ec_keys/ca.crt ---------------------------------------------------------------------- diff --git a/ci/tsqa/files/ec_keys/ca.crt b/ci/tsqa/files/ec_keys/ca.crt new file mode 100644 index 0000000..a70f990 --- /dev/null +++ b/ci/tsqa/files/ec_keys/ca.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIByDCCAW6gAwIBAgIJAP0vC/lirtMJMAkGByqGSM49BAEwQTELMAkGA1UEBhMC +WFgxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEMMAoGA1UECgwDQVRTMQ0wCwYDVQQD +DARyb290MB4XDTE1MDQxMzIwMTEwMloXDTIwMDQxMTIwMTEwMlowQTELMAkGA1UE +BhMCWFgxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEMMAoGA1UECgwDQVRTMQ0wCwYD +VQQDDARyb290MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEVRCzxLeGp2zzqqz6 +YTHRJ+sTuEzrFNUUQX/sEb4s1uceiqtTgFJ8kglWGMk/3WIC09PF4aRvkXM+xVvx +U9EcaKNQME4wHQYDVR0OBBYEFF9E7e3RCj6b4rQeNVTnNHGgRhzvMB8GA1UdIwQY +MBaAFF9E7e3RCj6b4rQeNVTnNHGgRhzvMAwGA1UdEwQFMAMBAf8wCQYHKoZIzj0E +AQNJADBGAiEAtKiG3JParqhQz1N+QOGKJtbgFS/qwNpK9FanbC6MOLQCIQD+heQN +eow8AF4hAUZNYvxyhZDd5FKzF2kRdxJUGkZK8w== +-----END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/files/ec_keys/ca.key ---------------------------------------------------------------------- diff --git a/ci/tsqa/files/ec_keys/ca.key b/ci/tsqa/files/ec_keys/ca.key new file mode 100644 index 0000000..275e3e9 --- /dev/null +++ b/ci/tsqa/files/ec_keys/ca.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIKR1N01PYCnkwa07tTnZ3Ri6dsGxu/OlTmExDWS1JIt6oAoGCCqGSM49 +AwEHoUQDQgAEVRCzxLeGp2zzqqz6YTHRJ+sTuEzrFNUUQX/sEb4s1uceiqtTgFJ8 +kglWGMk/3WIC09PF4aRvkXM+xVvxU9EcaA== +-----END EC PRIVATE KEY----- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/files/ec_keys/intermediate.crt ---------------------------------------------------------------------- diff --git a/ci/tsqa/files/ec_keys/intermediate.crt b/ci/tsqa/files/ec_keys/intermediate.crt new file mode 100644 index 0000000..2a2fc1d --- /dev/null +++ b/ci/tsqa/files/ec_keys/intermediate.crt @@ -0,0 +1,10 @@ +-----BEGIN CERTIFICATE----- +MIIBcTCCARcCAQEwCQYHKoZIzj0EATBBMQswCQYDVQQGEwJYWDEVMBMGA1UEBwwM +RGVmYXVsdCBDaXR5MQwwCgYDVQQKDANBVFMxDTALBgNVBAMMBHJvb3QwHhcNMTUw +NDEzMjAxMTQ4WhcNMjAwNDExMjAxMTQ4WjBJMQswCQYDVQQGEwJYWDEVMBMGA1UE +BwwMRGVmYXVsdCBDaXR5MQwwCgYDVQQKDANBVFMxFTATBgNVBAMMDGludGVybWVk +aWF0ZTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCLloHhXc49EwEI94gb6186J +zp5mHmEBD49I3pFuQwkVLu249uCsyEnjhoAlMohC/Oc/ROtvZTnujcdBZ2OBh4cw +CQYHKoZIzj0EAQNJADBGAiEAzevMu2yohbN5dzRp5/TTxKSOrenLh56jtSJrtFai +/wUCIQDV40abfGSiioLyb5PoyJRPa6M+AhWbK9caa2SQei+KnQ== +-----END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/files/ec_keys/intermediate.key ---------------------------------------------------------------------- diff --git a/ci/tsqa/files/ec_keys/intermediate.key b/ci/tsqa/files/ec_keys/intermediate.key new file mode 100644 index 0000000..bb1cdc5 --- /dev/null +++ b/ci/tsqa/files/ec_keys/intermediate.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIMtffsDv9JDl4AFznb1ftzA8IqIVxA344PSpyZU6PfA/oAoGCCqGSM49 +AwEHoUQDQgAEIuWgeFdzj0TAQj3iBvrXzonOnmYeYQEPj0jekW5DCRUu7bj24KzI +SeOGgCUyiEL85z9E629lOe6Nx0FnY4GHhw== +-----END EC PRIVATE KEY----- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/files/ec_keys/www.example.com.pem ---------------------------------------------------------------------- diff --git a/ci/tsqa/files/ec_keys/www.example.com.pem b/ci/tsqa/files/ec_keys/www.example.com.pem new file mode 100644 index 0000000..ee31b56 --- /dev/null +++ b/ci/tsqa/files/ec_keys/www.example.com.pem @@ -0,0 +1,15 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIGCAR+s6Sno+AteQgnMBOsS7sD4EbSxGN7anPQaossvkoAoGCCqGSM49 +AwEHoUQDQgAEwNOf/ym+XidKYjQg2WDM3GPK2eMbRz2VmvdB4dbzBxQ4gMYCIl2l +2L7lLqGtmUcuUhDaOxf91hhXAfprU+qRvA== +-----END EC PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIBfDCCASICAQEwCQYHKoZIzj0EATBJMQswCQYDVQQGEwJYWDEVMBMGA1UEBwwM +RGVmYXVsdCBDaXR5MQwwCgYDVQQKDANBVFMxFTATBgNVBAMMDGludGVybWVkaWF0 +ZTAeFw0xNTA0MTMyMDEzMjlaFw0yMDA0MTEyMDEzMjlaMEwxCzAJBgNVBAYTAlhY +MRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxDDAKBgNVBAoMA0FUUzEYMBYGA1UEAwwP +d3d3LmV4YW1wbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEwNOf/ym+ +XidKYjQg2WDM3GPK2eMbRz2VmvdB4dbzBxQ4gMYCIl2l2L7lLqGtmUcuUhDaOxf9 +1hhXAfprU+qRvDAJBgcqhkjOPQQBA0kAMEYCIQCU7CxO/zdFc4BDUCHO07wVuFe7 +RyiVVJs4llEZTXoBiAIhAIwrXtE2psZBRx/TE7miPunqa+1E4IxrtWn2fkzJyJ57 +-----END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/files/ec_keys/www.test.com.pem ---------------------------------------------------------------------- diff --git a/ci/tsqa/files/ec_keys/www.test.com.pem b/ci/tsqa/files/ec_keys/www.test.com.pem new file mode 100644 index 0000000..e519276 --- /dev/null +++ b/ci/tsqa/files/ec_keys/www.test.com.pem @@ -0,0 +1,15 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEILVRI/Y9isXZJKXwb4srPN4hjx+ZUWGmSL3cn8AEhTVQoAoGCCqGSM49 +AwEHoUQDQgAEh4NjyzcxA2B/b281cUsRHaF+yAUV4CnIhUkPQigXw10GO9lQx69w +of7PjZkJRdeBlEMBVUcwTKEuENMZ7a3+Tw== +-----END EC PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIBdzCCAR8CAQEwCQYHKoZIzj0EATBJMQswCQYDVQQGEwJYWDEVMBMGA1UEBwwM +RGVmYXVsdCBDaXR5MQwwCgYDVQQKDANBVFMxFTATBgNVBAMMDGludGVybWVkaWF0 +ZTAeFw0xNTA0MTMyMDEzMzZaFw0yMDA0MTEyMDEzMzZaMEkxCzAJBgNVBAYTAlhY +MRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxDDAKBgNVBAoMA0FUUzEVMBMGA1UEAwwM +d3d3LnRlc3QuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEh4NjyzcxA2B/ +b281cUsRHaF+yAUV4CnIhUkPQigXw10GO9lQx69wof7PjZkJRdeBlEMBVUcwTKEu +ENMZ7a3+TzAJBgcqhkjOPQQBA0cAMEQCIH083uGRd7b1crw6TH8paBZNeliJTiFU +eg6lrnGEVIKpAiBtCERpWAlJhYBrR5ApPp6jSoM+Zk6YfswUSg2YR7c4Sg== +-----END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/files/key.pem ---------------------------------------------------------------------- diff --git a/ci/tsqa/files/key.pem b/ci/tsqa/files/key.pem new file mode 100644 index 0000000..fddcacb --- /dev/null +++ b/ci/tsqa/files/key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDTwZTrWZHXwk71 +fbS62B6ah55jIrH4tdlhAFzRwrAfNkiJh+iTAKQI16QyNnzsNPb777yUF/c9q1KC +0Dz/Fqevz5NMNso96Gp0i0MDL17/FiA8HP1Fce4FR47D4I/G3Z5oasbDLrJtbeOd +7/6+bvfCf5nOV2nAYZfAhABL2UWq2aKzH8N+0vx+HOl+n+4hT8pjfeIyI+kQeLwI +es6xpESXvzuKkqip/Gz53Uk1Me7Uj7AkqCmk6u3KMXUCNgOatGBE7ysmohpQpL7y +15XYprPB90+SA3Jqhk7s0I88SNaRunZz7YAlCoJLJmYnreJ2CRGaxpKNHHjm8k85 +T8oVUcu5AgMBAAECggEBANFqt8kNGtPDIW1c9Vh3FcUDbFtkW5e42BM7VZBItv8X +IyOIWjTPRGpOQN87zc2YD85WaCwZi3TcsswV/szTbeDMK0MLSHVzHZzGgO5scclZ +62Un0j5Uju1/uCv1MJueXuOq/YjX7LOWIq32Q/u3KKWcpdJP1pDgs0A8C0L3zBNK +PjxnCO0FvJdcpqajEhtepYyTQAtWm/igWbuFgUcfZ55HTOBfBiLdACh6anbCdDJ8 +f2COFRrKu9Gn9mVyRirbyCa4B3VSj4R+WlKsc3erR2vNiEdJLd9x5OK7ZvMFHTvG +V4BhWt3ffSBRIaVi0pIpYekWbnXjbqY6zjchiy3ruOUCgYEA6W4yBrbExJmelXCj +dPOp5Ds/uAYaq9TkRLWzX837swPNh1+XJ9xGNgn4d5DbikN1xSdsJO/1dpwk3Uxg +qE/tEvA2gip/DaxIcj3PfoPtFyebgZItvs5k97zGw9n0bgqoRAezzUl4Guz4AQVV +Xz+3gICN1lFhRqxKm7Pt8Kc3D5cCgYEA6DrpLJCzOEd8qlhm6w7UGruBRA+QLACu +zlqzkf4rw1vaXx4cP8ctoCiVWUIsPI0mD2sQvtXAPT8KzZqh3UCu1zyyochyCuVg +C3fBQiSDtUb2Uk6u7fNFrn36oN7W/Q+sarJvIIECR1PjEGuT3eJppQgJB/VGUZqa +OQJyTJPXaS8CgYEAskz8o0o51F3u1wEZqbxw+acUDbGD79qGncEYiUZiSqPN+uhW +IhlL+/zzsAiS2PKcY4KwRSqRGQ89zVeIwSeD06JuUFC7iaseDz0NX/rPP49+ZaNN +k+A9GUo1nOW/oco8KvKjMVw8BH0bFlSHmGCn/tyy+pBguEXkGzh9uANRuHMCgYAM +TZKs2b2k7aSdIbHSIib6g5SFlo18x0x7gjKhOWX4I5WeFGpKtrKkGYJQCEFvs8qg +ZnusoIZeuEhKPDb3EcYxgPW1vHjOOvirotyKNIUFxYynL6P01z6J0ALHIwcgwQPR +Y0Kf5jXIsZkF9a0PxD70j0hrM4NWL2qcOpTzmaF/4QKBgFYQVrrI6YBxexKQ4J/m +tG/OKlxef6mzrctu7RJGxzt9ag1IgOi10BMCIKCW7tfvhzzLuBiJ0imEGe+MYrau +yIWCOVpmwcSnww8bV/25oqRxduVwZzmtZdUJbNSdiZ7jq4tsV9a8TZXts45veSFQ +X+HWsoFkRoYLOx96mqN94/ZS +-----END PRIVATE KEY----- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/files/rsa_keys/README.rst ---------------------------------------------------------------------- diff --git a/ci/tsqa/files/rsa_keys/README.rst b/ci/tsqa/files/rsa_keys/README.rst new file mode 100644 index 0000000..9fb6a8d --- /dev/null +++ b/ci/tsqa/files/rsa_keys/README.rst @@ -0,0 +1,28 @@ +All of these certificates are self-signed and are *not* secure. They are intended +only for use in testing. + +Try to use existing certs if possible rather than generating your own. + +# generated using (make sure to set "hostname"): +openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -nodes && cat key.pem cert.pem > keypair.pem && rm key.pem cert.pem + + +## Since we want to verify all of the certificate verification, we need to generate +## our own CA and intermediate CA +# Create CA +openssl genrsa -out ca.key 4096 +openssl req -new -x509 -nodes -sha1 -days 1825 -key ca.key -out ca.crt + +# Create Intermediate +openssl genrsa -out intermediate.key 4096 +openssl req -new -sha1 -key intermediate.key -out intermediate.csr + +# CA signs Intermediate +openssl x509 -req -days 1825 -in intermediate.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out intermediate.crt + +# Create Server +openssl genrsa -out test.example.com.key 4096 +openssl req -new -key test.example.com.key -out test.example.com.csr + +# Intermediate signs Server +openssl x509 -req -days 1825 -in test.example.com.csr -CA intermediate.crt -CAkey intermediate.key -set_serial 01 -out test.example.com.crt http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/files/rsa_keys/ca.crt ---------------------------------------------------------------------- diff --git a/ci/tsqa/files/rsa_keys/ca.crt b/ci/tsqa/files/rsa_keys/ca.crt new file mode 100644 index 0000000..b0ce838 --- /dev/null +++ b/ci/tsqa/files/rsa_keys/ca.crt @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFNzCCAx+gAwIBAgIJAL8yIx0Q66ZXMA0GCSqGSIb3DQEBBQUAMDIxCzAJBgNV +BAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxDDAKBgNVBAoMA0FUUzAeFw0x +NTA0MTMxODQ5NTNaFw0yMDA0MTExODQ5NTNaMDIxCzAJBgNVBAYTAlhYMRUwEwYD +VQQHDAxEZWZhdWx0IENpdHkxDDAKBgNVBAoMA0FUUzCCAiIwDQYJKoZIhvcNAQEB +BQADggIPADCCAgoCggIBANYzN4s+B8KAbPxdpMzoVh+xsgPeauothjQq8tQmViT5 +3bnEf7zb+4Wy/7Y9CLj2CSnf6tv271OVwVQZWlDrmqr6greUePz28j3/sJ/lQ9bR +aZOWQI3d4rgCy6UdJ6rhD2BYrZVFnIZQ5zVZu3rbUBuPwBuRQdTLOWjzcSguyg2R +jiJ/W2/IToRjgX27cPPArhJQ2ibwsbtvqecj1lQfT5yg8WEDeeOyYwzfT4VEGm7f +8Q4qrBKxhdRTF6LhNkVKkOM6Jvvq7ULNpSAh1+zFAfzMpPUt1T+sjObQ0HHMeh0J +ghwOh8OAqFyMAsNdzFwjz4lSrliTMYoq6JdK0In5FUqlCt5RsKrfxsykhvUb66/R ++a9uGboEMlce/sZcxSpnDJYOmxrecQYmEaoKhbIcJBrRqYMgyQL9X+JJfsdyKR2V +CbSV0FjHeybpOwl76QGoZPhRy2e551uqKN0qdQMmfI3ZjZqmN1EuuOcRNKU8r0He +AOTRZ2BssDfvs/YWgZsKoHqoLIQCGgWw1ZhsK8bhFKKBtBqbyAu995XxhJezbSAg +57+1Icp8qmCWvCO0zxm5ckCRNICxGolT/0Mi5Cl8hmfbx9Gv4Na/KEcxpKLPy43t +UUqfCtvGOUE/S6TWleL5YII4mI86fIOHFkAozdeokcF54lhENpcLL3R5ggRiBJ83 +AgMBAAGjUDBOMB0GA1UdDgQWBBTMx2X9hPjXNTOKTSQELEBv4pEHADAfBgNVHSME +GDAWgBTMx2X9hPjXNTOKTSQELEBv4pEHADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3 +DQEBBQUAA4ICAQCZ+B8wevb1DsA0XsGkBIHrAK2zc4u54nIhVEw/6PnJBBpV5Eha +rKtamhyeBjKt1267SaoQIWy/os9QlEYmn2AKn7J0rxqokowr0r8jdh4nDDeCGGkb +g7ieinIpuUr5Unpp+J+9/FXtrX1m5sXuHlMao9eTK86NoXPJgt4z4HQd1ZaEJp5s +H60PVd93TwcIDQjbsGdpFS7LhtYSx5Np/LmrQj0tnt18AUh1SgVwvtAqiSsyhxFa +yPBZKIsdbNQkPoaIKQovCg0cRjlRr1XAk+cfRbf8OUmS1JMs1+/b0zX0kk9xynhj +4CUPxsVy4SnOeg95yPB8BEyvU1uxnflq3QTJsSxcePYte5ni1wx8Vbn7cJusJRYK +LNaEFq/nkFxAlP4PTkv9mGq7ZYLqwpE9s6rPmJZc37ti0OUmLiVpqk6DtN5x/TD2 +vKeZMupGCWF71kueR4QAClEnDHe6/lKqe7CH3OuY8bA+7N0RNrEqUBJ7qnD6Frcu +UfmrkZcIj6DWSnpfwL884WoSCkYuyYP/v+PhR5fSao3l7ZB9UQXdXYhx/Kyd3lPZ +DKSZjOthCm1dblzKLK4VHy0dmAQdIczIXY6ztIKUY8z0poMNiyJEGeYYPf5jjxU4 +Q2u9W/ReEaza6HshFnoka4IZqlfLinWRoAt92rA+nFIShaBBimvc32kHrQ== +-----END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/files/rsa_keys/ca.key ---------------------------------------------------------------------- diff --git a/ci/tsqa/files/rsa_keys/ca.key b/ci/tsqa/files/rsa_keys/ca.key new file mode 100644 index 0000000..d892296 --- /dev/null +++ b/ci/tsqa/files/rsa_keys/ca.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEA1jM3iz4HwoBs/F2kzOhWH7GyA95q6i2GNCry1CZWJPnducR/ +vNv7hbL/tj0IuPYJKd/q2/bvU5XBVBlaUOuaqvqCt5R4/PbyPf+wn+VD1tFpk5ZA +jd3iuALLpR0nquEPYFitlUWchlDnNVm7ettQG4/AG5FB1Ms5aPNxKC7KDZGOIn9b +b8hOhGOBfbtw88CuElDaJvCxu2+p5yPWVB9PnKDxYQN547JjDN9PhUQabt/xDiqs +ErGF1FMXouE2RUqQ4zom++rtQs2lICHX7MUB/Myk9S3VP6yM5tDQccx6HQmCHA6H +w4CoXIwCw13MXCPPiVKuWJMxiirol0rQifkVSqUK3lGwqt/GzKSG9Rvrr9H5r24Z +ugQyVx7+xlzFKmcMlg6bGt5xBiYRqgqFshwkGtGpgyDJAv1f4kl+x3IpHZUJtJXQ +WMd7Juk7CXvpAahk+FHLZ7nnW6oo3Sp1AyZ8jdmNmqY3US645xE0pTyvQd4A5NFn +YGywN++z9haBmwqgeqgshAIaBbDVmGwrxuEUooG0GpvIC733lfGEl7NtICDnv7Uh +ynyqYJa8I7TPGblyQJE0gLEaiVP/QyLkKXyGZ9vH0a/g1r8oRzGkos/Lje1RSp8K +28Y5QT9LpNaV4vlggjiYjzp8g4cWQCjN16iRwXniWEQ2lwsvdHmCBGIEnzcCAwEA +AQKCAgEA0Sxc3mYp77+4Lk5IRC3TBMpjW7HU2HCycLlMPu5dC2jSJLoGP+jW275s +Roudu/nQAwt+b2XaWtaQX88OSp15geR2yE1+RRHmh7LsyYh60gnYPt7olWGMKEPa +mJg7B30WpfCTOoUrEGNrFcdV9Oi8dt3PLVyRW/tFSf8JjsL6X3u3wGp8YVHLky8U +4jKsX+zWUF6SWpqMBc1KrsRpZebZuMvWS/W4DypB3e0o26wg4AtifIIhXXPsi+bE +2zNw6wOhL7S3IyVMowLtcM577OSKR1OU9zTV3YNkaXabR7X1vetuGnX6EGnQf+fe +PuiXS5dQ8PpD9Y1wQEwcrLnLoiESrvK8zYytZDR4KTlWP6eIhnn/6EyEV13pV7AH +LQ4ZarRq0A2i9HAPeZuUYZ8YxT5Yhl+CvyzsCwd08e9YGSLKTCmZKYwmVZVOcwsq +OOB6srHNwSH15lxwf1uHh1zn1QyG29tXlJeEKTqZ64VYxDAHiuXFBrEAFXmwvzw3 +YcuTRkDoxUFNuwdr35lXBpjtYuUDYprODEDnyJC2T+bDo1htczKNlSKLJNZJPsYS +47C7DFj1S2CGXGM3WuEPV76ge92F42U6F0cGvThnB02D09wUilSWiCeJmhUW9LRD +N5QofYra1DdJ4N5bBqMwoUafF7fH7qb1Dwq9tQo0qaIP2YR8JTECggEBAPsKRg+j +IKETzcxlwCIZvAeoMny3srMrRYbqA8UnBDvzd81fOXj/r1PSEfGFKeuRhOqANQ6o +mowIQibIKcUb6Lc51voWGb5VeRwfLLoMkHZLHcKysJtRwMP+ceRUZCTfxetvptsd +laalVLxfXzoy/UKrUPtz2V6LtCtB5u77Xucz9GQoqWdHAmFcjlUqFUEXU3wj/J7k +roS7n++pKfxeA0YhiQHjBj2i0d0W+rX1B78AeS7IbG0nUIxj2yb6OojxLTIhsRox +CYbmX+7UmLO79rdJ2YAKMWoEC3erHfyGduxWUWVEy0gw4Xgzd0VnbD78iAn8LVbd +D9dC2bHWmx11UVkCggEBANpunIAKxsU6U6rnMrRm/p3KxdOLPNksxmEg983SG1AW +sDH/ZSycNYphHB8vQmVsH0DDI//djRbdbx4gCSBInZm6x97nsSeq4zk8ymoHiL34 +KVZcCgDfW+n7cl1DVHCQAdqv295cn2NX4VPaGG0CFyMGU48C1Xo1GnAYAHJC4OiA +vn+OWMUoRjDNRNvl03zmWpXMcR0DMuKKlnYh/0sHuNtlKVHIVMpubk6xXYKF32Ku ++nxpYSTyVl/gZWNbxveDELCH9fatGcGidDytEMELvrYOPTAhwGLBfC8b5r1jNF9o +WRDOy3IV+vBM4m+IZQ6NBsjly7HII4SCvFBHHH9NUw8CggEAfC1uzplgsIz9Rdgn +HDcinZ8DqlGr4ZjMAZqMVt+f5o/eeQZbhZDkh0/odFHslIwc9WqJ1EBugkorfseQ +ceIGUWwY/Qgln9Lj35dEJpvEcd9iT0bYuVvNQKYCbHGaP+s5GebW4JhXyGEL80ox +7rX+NRZNLrT1lyD/9E3bD+fj3/YBM/IxKdckREjmVxZEATiqoUOj2G1CLoIo8QH6 +tM1ETVKVVQuZsK9zpCuTxKH6PO7dAtk9WRkTbP6QD03D2q2CL8QeuNf84G/gkGE1 +T+LwfWXYYs+n9cseaQmKAbn55ZolFTTcYU9cmHrMytYH43hDSr0lKEydY1u8F44S +mJXJsQKCAQAUjQ+gZGMrLz+r9rColIAkLG3MZ29EJ5hKjyWBceEr+dZ9/b9xIQlQ +ia5xqKqgjDmsiC+c5SVfH1pTBUSWiv549j/T0wyx5LwYKIYKz8anyO9qtqIiTuGA +9C1gZPNO292wy5buJtzAJgaHMx/VMbsninLWI7geFVz1auyv02cBuQszSRtFAXMJ +KGbwIYFyYOHo8iE6T5C8C7n4R16Tmphj2/K1RRnlKdqrALkBjMLlr/zVM7z2Eu7Z +em1PmdTweJ5bXY9gtAyWUUiKZOYMo6Q/0LslCiflorqiXAerjefhihnHIQ23ICZJ +8ZHkWHrZkZ8vy58MjP36e6poCyi9OXM1AoIBAQC01zUvApHgYUprHmnsO4ynazao +DYSLHTJq/VYjH/TjxuXML2xOF72IL/l/e9xN9OiWHAGIda63N7m7j5rnyWsMm8vR +nUeJlraFDBN4T96Xf3YaNvbZHfuLjBur2q+SIUMdvqZzllRghLaDAf3g9VHtXBWO +d70FveQS2dImpYp5XhhdOEVCOkMqUuOCu2Gfe8a8K+GoHMTrSD5z5amjzHx6t02d +4oU9Rr7TZnrkrxL0JapyqLsZr6ZafK26lqqRANNQIX5crUkprKp8HGv7fmqDsdGI +qTKbYliQ8KjyfSlfj5qBsqhic1RsonNmf/RL5dNevKxxVR7OCzTnN5lHM8Ln +-----END RSA PRIVATE KEY----- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/files/rsa_keys/intermediate.crt ---------------------------------------------------------------------- diff --git a/ci/tsqa/files/rsa_keys/intermediate.crt b/ci/tsqa/files/rsa_keys/intermediate.crt new file mode 100644 index 0000000..eacc2b9 --- /dev/null +++ b/ci/tsqa/files/rsa_keys/intermediate.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIE7zCCAtcCAQEwDQYJKoZIhvcNAQEFBQAwMjELMAkGA1UEBhMCWFgxFTATBgNV +BAcMDERlZmF1bHQgQ2l0eTEMMAoGA1UECgwDQVRTMB4XDTE1MDQxMzIwMDI0M1oX +DTIwMDQxMTIwMDI0M1owSTELMAkGA1UEBhMCWFgxFTATBgNVBAcMDERlZmF1bHQg +Q2l0eTEMMAoGA1UECgwDQVRTMRUwEwYDVQQDDAxpbnRlcm1lZGlhdGUwggIiMA0G +CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDe2tfo88v44Tl9TATixb5qmBobnAy/ +oYpaX2St28qNuAC47ftkFaE+4zZIN8IeOAKkMC29ZVxOhXoNWovu4aa9PXdnmatQ +M/vezta451JE7lVQK0q6dViGyeevBkumgQ2TD+Kj6R2uH5zHDSSVEWEJIb8rTb5i +1pA4pF4ZLMBLAoZwrQfH9xjNZWSi7UJ0g1eYwRh5ahjl2SBRxSrH6GEUBCuI7S1o +AvUvj0aDVXmPJEuyrkvw1u566g7DyQ242SnqdZnHVP17g1YmqCbq6qxipb6YKOke +LBOL1zMKjdVQ3QAbw7Y7RBFcVUdUvoh4uL+IoWr+A8s99OxUhz2kEXU+gjwJtOOR +keZGzMo9rA9cProwHC414Q++Ct0YhUAO2vTjEhnEvlJFv8cGRYT/Oifwrxny6KTA +kC+4gwgrJgWR9DHeL814aTnotRUGLLsZAeo+O0al3/0QlN09XDFstkmn/mgaCmbF +LN9dqwvg1gwS5Hbd+vdlguhcx5mlaI+jZp29CBwBdkkKVAns/3Tne+KpwJIsdRMp +es+ajkFEZoOc6GVBrW/BjxQ6JBgQA6R4//eWunbMYfhkNY5l9SS1qZak1j9+qWAX +JcSQVbUxgRSe01MzIqScc2btB8WJbi/IJp+hcdFLDzKYIolT7mRm8Xu6j3M6YF7E +UaOuyRqoRiIr/wIDAQABMA0GCSqGSIb3DQEBBQUAA4ICAQCk4HQOq4A9cwmrPVk6 +vqR8CmRYiStM76RmLqX3XeVx1GybfvZzK/WYLcwInmXD4iitQflB9S0Ut0ChuLKo +klj10wdAv6iNrRMUtmY9w8zV8GSLRHZrOo6Rd0affUNjBy79FaNypmdrydc8+M7L +pGWKVN4qN5cOs/XLFT2TFk8davnyFOucP7kxWeNiZ38Kh8cAYYkovMpfcEJSrMGS +musUqvAlPVZXDgBjblVHjZ2dvgRCdYFwrMxo14SALOmM1Hi7oWbX5A8uNdeoq8lB +mwdUBpdWDm6IgJ2aiufOqBV3Mv6AUysLE+qHdP/lTHIHNc0LinuJK10F/jqbf9uY +gzETU6HT1gQ3X3noDRB2vMMPJQOx8uQX04dfUx8WOmgwCx1X5Vc8gLhH+JbZz1PZ +GlWgX5VGiGgLkq+rgQBLOLIe/NAnUCXPG78DttQpWMs8JjxEcgnVjLNZNAaWymAl +U3JzmbX5UZePwEMjKSjKNDraU3Tuq+QTdPr+W2ilJEsLLPbsenc1QTNsPUv5aI8h +LaayTP7aWMVg0QFfV1O7+vVz5ej7CO7Be7w57VWGDwBBVm81vDbeFna4RJPk2qAw +K5wOYak0Z27v+0wBXHaceH0j45fn/lixt7FANv9NhB3krcjrUwUsooMAIsnCKAlK +nQD8ySYdm+OGchPeRVW+MH8FPw== +-----END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/files/rsa_keys/intermediate.key ---------------------------------------------------------------------- diff --git a/ci/tsqa/files/rsa_keys/intermediate.key b/ci/tsqa/files/rsa_keys/intermediate.key new file mode 100644 index 0000000..561765f --- /dev/null +++ b/ci/tsqa/files/rsa_keys/intermediate.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKgIBAAKCAgEA3trX6PPL+OE5fUwE4sW+apgaG5wMv6GKWl9krdvKjbgAuO37 +ZBWhPuM2SDfCHjgCpDAtvWVcToV6DVqL7uGmvT13Z5mrUDP73s7WuOdSRO5VUCtK +unVYhsnnrwZLpoENkw/io+kdrh+cxw0klRFhCSG/K02+YtaQOKReGSzASwKGcK0H +x/cYzWVkou1CdINXmMEYeWoY5dkgUcUqx+hhFAQriO0taAL1L49Gg1V5jyRLsq5L +8NbueuoOw8kNuNkp6nWZx1T9e4NWJqgm6uqsYqW+mCjpHiwTi9czCo3VUN0AG8O2 +O0QRXFVHVL6IeLi/iKFq/gPLPfTsVIc9pBF1PoI8CbTjkZHmRszKPawPXD66MBwu +NeEPvgrdGIVADtr04xIZxL5SRb/HBkWE/zon8K8Z8uikwJAvuIMIKyYFkfQx3i/N +eGk56LUVBiy7GQHqPjtGpd/9EJTdPVwxbLZJp/5oGgpmxSzfXasL4NYMEuR23fr3 +ZYLoXMeZpWiPo2advQgcAXZJClQJ7P9053viqcCSLHUTKXrPmo5BRGaDnOhlQa1v +wY8UOiQYEAOkeP/3lrp2zGH4ZDWOZfUktamWpNY/fqlgFyXEkFW1MYEUntNTMyKk +nHNm7QfFiW4vyCafoXHRSw8ymCKJU+5kZvF7uo9zOmBexFGjrskaqEYiK/8CAwEA +AQKCAgBagZZeTWTxVsb6U/1H+/cxY0R3IhErYnfF7Cf/U9wXYjso373RD9fEqpJJ +EhwMGcM42zg4SwoJ+btv4O4jvhDxmhz8PjSNBg+slWQvBAMta33KaUqYH0AsvaMS +OgRPQuo4Z6Mr3mjnZn9Nd9D7mWtHQiVZeOFxUqKP3nE42CvgSs4+xIb8dyXjhOIy +KRlsKEtTBljiNmyWLHArxV9ygLWsY2Uq3ugp7cmV3yJMBFKyB5OWpaLB1QhVcuk8 +KlMgV1HmnowtoB6yIszCNlhX36bTCW02bqb+Ufg+Os/H4YJYrOh2Xi2MNEC4twmZ +KShTnvRqkOPa9b99EhNI4QPvtgde8XzZ15etuLG5Jg1McjJi6EK5AQx6NAfKWSpd +lEryShnePd6Tx8taBsBG29ibPfAGuH/enhhgHjs2Tw4WY+fHq0laH3H0NI9EpV80 +ygAynoYfCeyUJiTpv9/dq49V+lJ+SJ5Wpc9kGRGxcMlIvCUETgiSHkz9TOmhb15H +qX63B+AfMDwLSFwhnWJydPslXNqNH+ACzRAr0vSFYtfAs1I537JGKAJT3eZOt3lg +lfXrEe5HKSxANx1qUvFIyRBFZYVWCb3gXvfU8fKGLM2xDuRBaNsEtlQzFuAN6lXd +iDe9+upHJHRiAKb3xtM7Gfjp9UzffXZjwxmg+p2w5wHQKVFbgQKCAQEA9hFafDVH +RwchKEAzGA+CxVIIA/1LIq0ZenOZJGX+px2nP5C0L0DV4L66c+r1b8zzt7+dooA/ +f0UQg++a/DzHCaM4SB0GAhzeHndq1P+1/9rFabOJmWpkeTCvkTW6Onq0yjOoYhnI +7DeoKrK8jxZGIRUV0bOLIKro3w764SnjAwNgdfi0MVDdEAgMn/ZM9ZetoEVeTY7K +saq/Gz/N/sTO/qv13ARqCxIzQr578pXP50Z0h9l9ln1DWaVoqa9IhpkMlPzrlmU8 +8ZVJIIofOUcvSq8366LmdFJ2ftIgFkYfAT5iVyoauikeGkWTWbKCxqrHz9R6HvLi +9LguykeBeoml2QKCAQEA59mgyivkaYBolozJkD2C4mJfnQZB6znMzDsccDxqBvDu +L6vAZYaIFsvW5df9G7uqKsQ4NTlfr1Ea2vdFHxs+nSO3v7cHdj0KFQBO2LkIr31z +lfvGm73+eK+7d0tmD2L9GZ0swCxDzt94iT9tUuiPj8f3CEOCuUbHdlszHE3Q8jFD +GSW688v9nxKTR0eQhYY248Var67puHF+CuzOjlgbr+W2+21h0wLAfu9Qqwp+2ry9 +8S1qJ8Mi2y7SGvjxMpWbMBA7O1/sCcrcuHpsata+RwowctyvqEEfaKyLmlfxJGCI +wPoTHwLuoIMjLQJ+OxAm5URnhbKhsAjcDgi2zveBlwKCAQEAxLaKx9Ev8jBY6Xyp +XArKWESD8+yCLG6Fd8cCHn8LXT3vfnmIEl6anNjc5d5n58DI9ZRRyJ8OJAhqc48R +L6TG2YWKcNwC+Z1qVKDS3wSt0qRqPV4yGltbhybMtCFnh2ihLySs7//9CBpWbgwF +gb4kwj3A+6u1BaCcGfY3ydlaigYhDy6LnwEuOKq2rQqR66QeQYozIX2NvQrrTDVt +0MY1VJLUMde1jrQ2Fp2BKSVq11ETx6avJ6dsODZrvXtLV47y6Ahprgmw9tCJbWH+ +JCQsQmBhLBdGdKeX4zrIPAZCsxPUOiqGw1wrnIUSjxqOQZQ1uIf8ONGjbk/v1/Xi +JLv1wQKCAQEAln5hLFoJTaIYQYDpZUNILgKE5bwmFbXTBc5oy0Gr4Q2Kzk7B+CS3 +OXTe7RqiJNpPvqrXgVTYk0gmEnPm3iYlIoMIxtzbbxh37uHgTDTvOlpIKNbhOD6/ +az9GhEzg1qP+fh3T6nnRGftcllohcGucpEu8QhTwSatz1ZOlPX4VXuAzGaOwEoga +/KJmDyKY4NMZ1gdIsjjrZNnmYtkLysHOVwLZH6MEmJ90q/BTgHKznPBeqqo7+ctk +WLmvj+p/RcJulWgzynqdEE4pr2Vn8oGpyRsID8bIDoMXDC7T/z+OO3qdygWJW9vf +YTk+H/06SsRVOwSH3fTxlv5pOILXhsiJyQKCAQEAvSS36aam59KHJP8MG0Xm1OId +cXSQqC1TUFt9mfIfiNdlmQWqlX/FWQSKo3B/ufJVChSu7Vy4pWd2FKfqhDsVrJ/W +6U1U7QJdqsYMN8yWGHEC9riBFl/Pu6vaCluWm/qANzoSMaLB1oMy4SCxGui+6yxN +YktI6E+fRTzPdj/1hznyqicnmOBarzUKItfkwyh6fyIgfaFD9N79CmjZWLpKf16Y +lp6hmCR6BAErj0jjKZjsC51DfAs5fnnA6csZxWtGF3HJnIqz/Fdjsb2R+RNlWQGX +2pZ8hMV0OvEajK66ApbqQMeJzQwGi91Xr6w1z+EvAr6H6jECE+daY2GDtJ7V5Q== +-----END RSA PRIVATE KEY----- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/files/rsa_keys/www.example.com.pem ---------------------------------------------------------------------- diff --git a/ci/tsqa/files/rsa_keys/www.example.com.pem b/ci/tsqa/files/rsa_keys/www.example.com.pem new file mode 100644 index 0000000..4bc273d --- /dev/null +++ b/ci/tsqa/files/rsa_keys/www.example.com.pem @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCrS3J3uL2MNr1Q +9zL7ODukw8UOHN4AwuWsNSDJzaswrgxtFO3VfJbCfo7CUtojoJY39783m3HnLhPA +cFxfsSgQ0Z8TdUZYtq2I1p/eEp/A6kdQffHS4To0ueYQ8r1I6pMJTniaDi8ICD0d +837WwbUUaxx8IhzaFNPrvSdhJb1LGPxj8YvfKvHF9rkwqpJSEAXFCKTa/H0i8wb8 +h3u4cXZmYN6aooai3SY1KGlWZtAfbgTlMMtvB3ZE3JsNNwbL4gfzxYsfXTW9QUZ2 +kT3irmB80koQjzDiW6MpxmLpvDD/NpQWSiR9TDZYCJtACwWyoxqo8gHZVqsF/rkK +yqkg2cbJAgMBAAECggEAf/ZGtsUdZGdoGdnxDda+R6GvzZEnDy6JYJH3womP/zem +NL7TxQ3jmbvtbaFzL/ZBAeJjyGipOGglfTby6tFu+tF9oo2TVaZyEK00lDMZgIYD +bFAJnN2AG+9bvQF5AcWqveMPGRbLb5aoAX3rHQdr/KrfhqP9JbU1cv/FMT9+H2B7 +Spty/WJYOL6AhzN4H4YHJzfhn2e0iMfA3usu1hha84FWWAR3+Z4sphSCtY+edumT +ygES/j5TAX7nu5Eyqe2L4natuDLXiLEbKEpqyfAg1SmTDqAiHrMtWkWv/e+tdTs8 ++DE+wPVhRCjVyjejjvsgDV/d9B805bbpq7M4eyIh+QKBgQDhHPcd+b5KZdXU/PiC +GQ/5C9elW35t7D8gaCzLAzoxW7B/PnTmVyK+QPBsxaUNg87BxB0TTssNUulSY2nk +TVemOe57xdJKiX7nOG+9vIZFGxlzqywMz0o6kZe3No8PAcp91K7Xr3RkXdHHwyZY ++NDiUIeMptEnoeEbFZcv+YQ+8wKBgQDCzB/5tD6D8uGKfsiakMs5HGEsYyJNP2b5 +UQ6e1spFg1noMfc5Vj+Av5lF0AE6tELEvJe0J8z2rA9zfHC6JkY/zOGMXrILF0S7 +KSTcxfBUqeE0OUJMkDNy61lRGs5ISul0qcGU473EsBEaxi999GcqzLrB5V4CHZlJ +EUam9SSqUwKBgQCVkcE/UWh11iO1WD9lcXGDb7LgU2I1dvqadZ0NZh+MG/exE7Zo +NQ0Ii+0y2D9KM4F0jPEkmv2e5K/R5eu9nQXXlDY4Vr/adnCzAHR+BHzR/adziw/B +kxkmwQWk3cM/nVkFMgLZm+IhrZRsveUEyI1BUXA+q7fcNVpzvGyvm4GasQKBgEW9 +XMlCLYuB3ht+ToV/xzIYJfYFO9eaFly2F1zomxwN7ZdCpDcD2NJYRiCHWplQxgK3 +Xjyiby/048c9ywHqCAZ5bFqb4HQ2DWZQUaE0wFkfRMA0q7bLfY/sEFsIFMgvAavB +xstuSZdsTYNfZstaP8FD8KzQWDq7rBBLvhax90F/AoGBANNhkbNxWiUJX/+6VtRj +u7msBgrUpYQtLkyY+13Ry8cdf+8w1die0LZ4unYjIcAS1ro+XGOc0GASc6pb5dYG +X+RxTyZzoNazbC6JEsFx9IJLn/L0/8jsg368m1f0Dkptd2LzrLsw2zuY6wm8DrLH +Re4GALck6zlT+rZNLuN13p5Z +-----END PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIECTCCAfECAQEwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UEBhMCWFgxFTATBgNV +BAcMDERlZmF1bHQgQ2l0eTEMMAoGA1UECgwDQVRTMRUwEwYDVQQDDAxpbnRlcm1l +ZGlhdGUwHhcNMTUwNDEzMjAwNDA3WhcNMjAwNDExMjAwNDA3WjBMMQswCQYDVQQG +EwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MQwwCgYDVQQKDANBVFMxGDAWBgNV +BAMMD3d3dy5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAKtLcne4vYw2vVD3Mvs4O6TDxQ4c3gDC5aw1IMnNqzCuDG0U7dV8lsJ+jsJS +2iOgljf3vzebcecuE8BwXF+xKBDRnxN1Rli2rYjWn94Sn8DqR1B98dLhOjS55hDy +vUjqkwlOeJoOLwgIPR3zftbBtRRrHHwiHNoU0+u9J2ElvUsY/GPxi98q8cX2uTCq +klIQBcUIpNr8fSLzBvyHe7hxdmZg3pqihqLdJjUoaVZm0B9uBOUwy28HdkTcmw03 +BsviB/PFix9dNb1BRnaRPeKuYHzSShCPMOJboynGYum8MP82lBZKJH1MNlgIm0AL +BbKjGqjyAdlWqwX+uQrKqSDZxskCAwEAATANBgkqhkiG9w0BAQUFAAOCAgEAGrOo +IRDUjxt65cBR9OZSXRdnL6szAMuNHWlK0MfVtTATWXDKU9S3KjK6seo+ebyaqt1J +nlyUZ79n6+vU5uSIDANpYQ5Z1DuV5NM2V9o2QiRqExwfgpGUcAXAi0lQ79eA2kzi +cDgDIpbEAJTFP5/uinaRA9H4KqqfMg5m34tu44A01brb2h/czPOWxD89mKKbtS9H +ODPkDkq3wTUG/F0RQvfFC6Na8IWkW0jijDBxuFeSbRV00GH3/wpMBcxDuIcKBJcy +tFrXjCFKzop7djU7OuxEnqQdlgiHgQsszjnLP0k5Lz9CrNG7W+zqmYsvO6s6a94Z +8lHuwl9GAS/IFQS+c+PsPT7uxgSfbdFHWlmOv1+p/PsPaAQ4Hu/ugga8AjMYoyHg +V6LBCTbUK7aA3lnu6+EW3qpGve6Z2H1D+B5V8ZXLuA6ooIS80CN9xw6jFcAXcUv8 +pNw/sJDnErzRbxsOPKeLl2EjJ/1/MsQf5DNp3xPFyhv5l3oOxodICEr4eeudGmAW +OGp21xqo7i3K8YQ6GDMPF6RVX4mOCxY5L9qf+VDLYx8AV9gFZ+VWG8we7jyruqxE +DwetsfCtwXo5gho9p+K8VHA7nWukydBNiekPFD6S6gBu0vMZxIfW/AKolWgxmyPz +zZhR8034yoSR6qxuh+as+JpXmw+3MypZ5G/1S54= +-----END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/51ea4aa9/ci/tsqa/files/rsa_keys/www.test.com.pem ---------------------------------------------------------------------- diff --git a/ci/tsqa/files/rsa_keys/www.test.com.pem b/ci/tsqa/files/rsa_keys/www.test.com.pem new file mode 100644 index 0000000..5a0cfa7 --- /dev/null +++ b/ci/tsqa/files/rsa_keys/www.test.com.pem @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDUiFw0p0JOfm/G +0YHivkd5v5Xu5tkBWETu9NgKLr7MkEBeqb1fjkm8Gd1IsndoYh0R/tkRzdE6O+lN +WjMgEuCtz+5zblBQ9xDMwAKI+1YhudqrwIxqXBzpyvAAZwU5EHftog/WiEDvJPM0 +XEQsx6142kgVR5NfNX6HWHOL8H86j7Yfbdd0Knu0Qv9tulC8aeBbZ+pKU0/cBCVi +ljr8OFdrCZu1EkKIat3oBjdbEF4boh4gNSsxbX+89uW4SZYR/G4xEX4VZJLMsloG +YOkcOLTV90+VDbbdrZsnmgQgpKBlp2NBdSx7MZQRU5De3PMBzo2uoIvmwXS9ZxtT +Lr+/dpxZAgMBAAECggEANh1uVN3NrUzWSypnRwOqEV7t30GaOZRvIOTo6VbTsCR+ +r1vK4zzIm4N+a5c9fi+VNVLNlJHyV0CP++keoWkNGlSaY3vQKX1vIqM1Qgm0+atn ++Vlyp1ZC6miIyaFxnAEMeE5OeBKDbiDbaBaiKUDCc8Yomnp6FMD7MZ0c9qHK027z +DL0kYjxjVgYiDnE1fJ1ZV466IcyDnGDky2ebjjvvTI7c55tbrEc+VRZdC5Cn5Yb/ +desjXGAb5snEbdAiNqCgIG9bLw3hHWsn0wCkUPRcEMoSZ73taak54vC7cPda7/D5 +aetzsNQWCMZC5NZ74JD5kyC3xBr7TAarQ5OXsJ0DMQKBgQD8GTQdc2MHvA+4nCpp +0Xy3J7gOCI63FWETZgw22sboqk1toF/LFQHYY40EdvEkFsqc6zTm09QK8y8G48sC +j8pvskhO2M9EgLegzPQv6NY0pTqltI0Ye7w9I3FTKNZIJW+XokDEFFqu+lXqf80i +BRmoUrltoS8L5XB/z5GoNMdk7QKBgQDX0mZSYdjPgTDWDSTCdEOcGB4bjAZzXDTu +ukYhri0vuStZ51giAWUlbBnN/hlvln5bULqZFnB5svFRujTIwwevxzhSl45aiNl1 +vE8zsRS0bNeNyjjF6HX0HOEuAQtre/k+WHvEH3mnFR1Zngwbrt4CJyuadlCmj7yw +jv/DVIyznQKBgAbmobiUqgdSLJP/ImIXK/TPj4hCz7VPToL7biYqQvunfcsccsLa +ZlyIDRosL1mvjghRn/cZoVpTYdwsbCg7y2zXUodmA/Z6F4y9T4noM8TpKPvUP3CG +IpcB215NZeA/thhOhrtXW0wi6isrKHBf913WNeE8Yk9PDo9RHUmfeD3ZAoGBAJGn +t9LFopN4t0LfH/30hWSlijxBJmFYy4iKQqacbHaW28ETNxHMKz00Vb4GTZhX0vNB +6o1C7anUsLTdnJ4ZsehZ5ZMoIbTMQycIbdOPIVAbXOaeoe4/UsvrabWoktJ5mt8O +zIiyTWIMCADhf353Z/HACdd3HjsrKsdl2wsy1rqpAoGBAOaNsxoyw/BIn/wvkQRs +YyYXLb8zECO17ad4M+aFsnf7yLY8i3k80JRfjqxis/yrePNuVKHiZYgEvLNBMdJi +j3YSMgXHYSgYti73+zBcy1uVVlUR5Q2HnihFX5Ho1IAQbC+TXzUCnLOEoR/IIHIz ++qWsoHgJD98ie3cjys0WujpH +-----END PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIEBjCCAe4CAQEwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UEBhMCWFgxFTATBgNV +BAcMDERlZmF1bHQgQ2l0eTEMMAoGA1UECgwDQVRTMRUwEwYDVQQDDAxpbnRlcm1l +ZGlhdGUwHhcNMTUwNDEzMjAwNDE0WhcNMjAwNDExMjAwNDE0WjBJMQswCQYDVQQG +EwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MQwwCgYDVQQKDANBVFMxFTATBgNV +BAMMDHd3dy50ZXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +ANSIXDSnQk5+b8bRgeK+R3m/le7m2QFYRO702AouvsyQQF6pvV+OSbwZ3Uiyd2hi +HRH+2RHN0To76U1aMyAS4K3P7nNuUFD3EMzAAoj7ViG52qvAjGpcHOnK8ABnBTkQ +d+2iD9aIQO8k8zRcRCzHrXjaSBVHk181fodYc4vwfzqPth9t13Qqe7RC/226ULxp +4Ftn6kpTT9wEJWKWOvw4V2sJm7USQohq3egGN1sQXhuiHiA1KzFtf7z25bhJlhH8 +bjERfhVkksyyWgZg6Rw4tNX3T5UNtt2tmyeaBCCkoGWnY0F1LHsxlBFTkN7c8wHO +ja6gi+bBdL1nG1Muv792nFkCAwEAATANBgkqhkiG9w0BAQUFAAOCAgEARQSyOqxM +ecr1SvIu65yZbOPq29343KewRs39ZbjsEbmm5SMdFs7asWHtbD6iiU3mPzqAG0Y3 +i+S98J7xwSvAnWERVNzWhymCu7MQ/mKM9WZWDRGUshFgaYpWDqjw2a/qVC54f/Ye +OaeDqzWc96Ib0khZdE+IyqpLdclxagVHv0cJOQwqhKOkIDQGEeBTc8AA/luOnC8d +tE9s8IwTmGpZPYY+kwGVbaLKPanONGDiZM5IyZbBgb9Dq3wL/5DXvQApid37BzHJ +ceT/gKDQljXOSWacxCPUSNb6aut5ivfbd9w7kXdTZL9UcS+FGPNXQ2z1yu3VaqJV +MTSfSW5KUHKVLwDsp9hvBpid8S3TpQLeGt68wXoHxvh5PMnsgdA4JxsOTTwKP/gE +rYhockBGuftKOaRqlRn4+n/nSfLogYoD+32S6ZMBJpPuMBXODiezsP+eAb+wqrV7 +4tiKJC70YNVL7XMdmsDtxj8lcY+aouREnd2+Iutr+YrCM5ZIOKAq57Ib4qTNV3Is +F0KDEHRBpiS9hcGYzhg39Dovc6RHc6QRqKVrfZfE3jKXfCtefcqceIsh3jH51ONI +sudX6SOv76PMjnAj0uqF8Kw6YVzLO/MGbAyGilIXYc18GdRWL4gqj9Z9BiLuNcZU +8AhkHaBWKOHEtVZ8ueEkRBS3I0JZZ8ZKlTM= +-----END CERTIFICATE-----
