diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index f0228e9a..d08b5ae6 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -13,7 +13,7 @@ name: "CodeQL" on: push: - branches: [ master, fixes, develop, 1.6.x ] + branches: [ master, fixes, develop ] pull_request: # The branches below must be a subset of the branches above branches: [ master ] @@ -35,11 +35,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -64,4 +64,4 @@ jobs: - run: make binary - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/coverity-scan-develop.yml b/.github/workflows/coverity-scan-develop.yml index 0ef60c83..30b986b6 100644 --- a/.github/workflows/coverity-scan-develop.yml +++ b/.github/workflows/coverity-scan-develop.yml @@ -9,7 +9,7 @@ jobs: coverity: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: ref: develop diff --git a/.github/workflows/coverity-scan-fixes.yml b/.github/workflows/coverity-scan-fixes.yml index 2f11d013..6426862f 100644 --- a/.github/workflows/coverity-scan-fixes.yml +++ b/.github/workflows/coverity-scan-fixes.yml @@ -9,7 +9,7 @@ jobs: coverity: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: ref: fixes diff --git a/.github/workflows/lock.yml b/.github/workflows/lock.yml index 920a0259..533318a4 100644 --- a/.github/workflows/lock.yml +++ b/.github/workflows/lock.yml @@ -10,12 +10,12 @@ permissions: pull-requests: write concurrency: - group: lock + group: lock-threads jobs: action: runs-on: ubuntu-latest steps: - - uses: dessant/lock-threads@v3 + - uses: dessant/lock-threads@v5 with: issue-inactive-days: '90' diff --git a/.github/workflows/windows-x86.yml b/.github/workflows/windows-x86.yml new file mode 100644 index 00000000..18f1eb58 --- /dev/null +++ b/.github/workflows/windows-x86.yml @@ -0,0 +1,53 @@ +name: Windows x86 build + +on: + workflow_dispatch: + push: + branches: [ "master", "fixes", "develop" ] + tags: [ "v[0-9]+.*" ] + pull_request: + branches: [ "master", "fixes", "develop" ] + +env: + # Customize the CMake build type here (Release, Debug, RelWithDebInfo, etc.) + BUILD_TYPE: Release + +jobs: + mosquitto: + runs-on: windows-2022 + + steps: + - uses: actions/checkout@v4 + + + - name: vcpkg build + uses: johnwason/vcpkg-action@v6 + id: vcpkg + with: + manifest-dir: ${{ github.workspace }} + triplet: x86-windows + token: ${{ github.token }} + github-binarycache: true + + - name: Configure CMake + run: cmake -B ${{github.workspace}}/build -DCMAKE_BUILD_TYPE=${{env.BUILD_TYPE}} -DWITH_WEBSOCKETS=ON -DWITH_TESTS=OFF -DCMAKE_GENERATOR_PLATFORM=WIN32 -DCMAKE_TOOLCHAIN_FILE=${{ github.workspace }}/vcpkg/scripts/buildsystems/vcpkg.cmake -DVCPKG_TARGET_TRIPLET=x86-windows -DVCPKG_MANIFEST_MODE=ON + - name: Build + run: cmake --build ${{github.workspace}}/build --config ${{env.BUILD_TYPE}} + + - uses: suisei-cn/actions-download-file@v1.6.0 + id: vcredist + name: Download VC redistributable + with: + url: https://aka.ms/vs/17/release/vc_redist.x86.exe + target: ${{github.workspace}}/installer/ + + - name: Installer + uses: joncloud/makensis-action@v4 + with: + script-file: ${{github.workspace}}/installer/mosquitto.nsi + + - name: Upload installer to artifacts + uses: actions/upload-artifact@v4 + with: + name: installer + path: ${{ github.workspace }}/installer/mosquitto*.exe diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 9cca7108..77431901 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -30,7 +30,7 @@ jobs: github-binarycache: true - name: Configure CMake - run: cmake -B ${{github.workspace}}/build64 -DCMAKE_BUILD_TYPE=${{env.BUILD_TYPE}} -DWITH_LIBWEBSOCKETS=ON -DWITH_TESTS=OFF -DCMAKE_GENERATOR_PLATFORM=x64 -DCMAKE_TOOLCHAIN_FILE=${{ github.workspace }}/vcpkg/scripts/buildsystems/vcpkg.cmake -DVCPKG_TARGET_TRIPLET=x64-windows-release -DVCPKG_MANIFEST_MODE=ON + run: cmake -B ${{github.workspace}}/build64 -DCMAKE_BUILD_TYPE=${{env.BUILD_TYPE}} -DWITH_WEBSOCKETS=ON -DWITH_TESTS=OFF -DCMAKE_GENERATOR_PLATFORM=x64 -DCMAKE_TOOLCHAIN_FILE=${{ github.workspace }}/vcpkg/scripts/buildsystems/vcpkg.cmake -DVCPKG_TARGET_TRIPLET=x64-windows-release -DVCPKG_MANIFEST_MODE=ON - name: Build run: cmake --build ${{github.workspace}}/build64 --config ${{env.BUILD_TYPE}} diff --git a/CMakeLists.txt b/CMakeLists.txt index 83b63416..ac65bd74 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -4,11 +4,10 @@ # To configure the build options either use the CMake gui, or run the command # line utility including the "-i" option. -cmake_minimum_required(VERSION 3.5) -cmake_policy(SET CMP0042 NEW) +cmake_minimum_required(VERSION 3.18) project(mosquitto) -set (VERSION 2.0.20) +set (VERSION 2.0.21) list(APPEND CMAKE_MODULE_PATH "${PROJECT_SOURCE_DIR}/cmake/") diff --git a/ChangeLog.txt b/ChangeLog.txt index 0c724cb2..9c2e437e 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,39 @@ +2.0.21 - 2024-xx-xx +=================== + +Broker: +- Fix clients sending a RESERVED packet not being quickly disconnected. + Closes #2325. +- Fix `bind_interface` producing an error when used with an interface that has + an IPv6 link-local address and no other IPv6 addresses. Closes #2696. +- Fix mismatched wrapped/unwrapped memory alloc/free in properties. Closes #3192. +- Fix `allow_anonymous false` not being applied in local only mode. Closes #3198. +- Add `retain_expiry_interval` option to fix expired retained message not + being removed from memory if they are not subscribed to. Closes #3221. +- Produce an error if invalid combinations of cafile/capath/certfile/keyfile + are used. Closes #1836. Closes #3130. +- Backport keepalive checking from develop to fix problems in current + implementation. Closes #3138. + +Client library: +- Fix potential deadlock in mosquitto_sub if `-W` is used. Closes #3175. + +Apps: +- mosquitto_ctrl dynsec now also allows `-i` to specify a clientid as well as + `-c`. This matches the documentation which states `-i`. Closes #3219. +Client library: +- Fix threads linking on Windows for static libmosquitto library + Closes #3143 + +Build: +- Fix Windows builds not having websockets enabled. +- Add tzdata to docker images + +Tests: +- Fix 08-ssl-connect-cert-auth-expired and 08-ssl-connect-cert-auth-revoked + tests when under load. Closes #3208. + + 2.0.20 - 2024-10-16 =================== diff --git a/apps/db_dump/Makefile b/apps/db_dump/Makefile index 913dd12a..c14bbd3c 100644 --- a/apps/db_dump/Makefile +++ b/apps/db_dump/Makefile @@ -21,6 +21,10 @@ OBJS = \ util_topic.o \ utf8_mosq.o +ifeq ($(UNAME),Linux) + LIBS:=$(LIBS) -lrt +endif + .PHONY: all clean reallyclean all : mosquitto_db_dump diff --git a/apps/mosquitto_ctrl/client.c b/apps/mosquitto_ctrl/client.c index 4464ce16..37db14ff 100644 --- a/apps/mosquitto_ctrl/client.c +++ b/apps/mosquitto_ctrl/client.c @@ -127,7 +127,11 @@ int client_request_response(struct mosq_ctrl *ctrl) int rc; time_t start; - if(ctrl->cfg.cafile == NULL && ctrl->cfg.capath == NULL){ + if(ctrl->cfg.cafile == NULL && ctrl->cfg.capath == NULL && !ctrl->cfg.tls_use_os_certs && ctrl->cfg.port != 8883 +# ifdef FINAL_WITH_TLS_PSK + && !ctrl->cfg.psk +# endif + ){ fprintf(stderr, "Warning: You are running mosquitto_ctrl without encryption.\nThis means all of the configuration changes you are making are visible on the network, including passwords.\n\n"); } diff --git a/apps/mosquitto_ctrl/dynsec.c b/apps/mosquitto_ctrl/dynsec.c index 929217af..c544503f 100644 --- a/apps/mosquitto_ctrl/dynsec.c +++ b/apps/mosquitto_ctrl/dynsec.c @@ -49,7 +49,7 @@ void dynsec__print_usage(void) printf("Set group for anonymous clients: setAnonymousGroup \n"); printf("\nClients\n-------\n"); - printf("Create a new client: createClient [-c clientid] [-p password]\n"); + printf("Create a new client: createClient [-i clientid] [-p password]\n"); printf("Delete a client: deleteClient \n"); printf("Set a client password: setClientPassword [password]\n"); printf("Set a client id: setClientId [clientid]\n"); diff --git a/apps/mosquitto_ctrl/dynsec_client.c b/apps/mosquitto_ctrl/dynsec_client.c index ed900eff..757c4852 100644 --- a/apps/mosquitto_ctrl/dynsec_client.c +++ b/apps/mosquitto_ctrl/dynsec_client.c @@ -40,9 +40,9 @@ int dynsec_client__create(int argc, char *argv[], cJSON *j_command) username = argv[0]; for(i=1; iport = 8883; + cfg->tls_use_os_certs = true; } else { fprintf(stderr, "Error: unsupported URL scheme.\n\n"); return 1; @@ -388,6 +389,8 @@ static int client_config_line_proc(struct mosq_config *cfg, int *argc, char **ar } argv++; (*argc)--; + }else if(!strcmp(argv[0], "--tls-use-os-certs")){ + cfg->tls_use_os_certs = true; }else if(!strcmp(argv[0], "--tls-version")){ if((*argc) == 1){ fprintf(stderr, "Error: --tls-version argument given but no version specified.\n\n"); @@ -609,7 +612,21 @@ int client_opts_set(struct mosquitto *mosq, struct mosq_config *cfg) mosquitto_lib_cleanup(); return 1; } - } +# ifdef FINAL_WITH_TLS_PSK + }else if (cfg->psk){ + if(mosquitto_tls_psk_set(mosq, cfg->psk, cfg->psk_identity, NULL)){ + fprintf(stderr, "Error: Problem setting TLS-PSK options.\n"); + mosquitto_lib_cleanup(); + return 1; + } +# endif + }else if(cfg->port == 8883){ + mosquitto_int_option(mosq, MOSQ_OPT_TLS_USE_OS_CERTS, 1); + } + if(cfg->tls_use_os_certs){ + mosquitto_int_option(mosq, MOSQ_OPT_TLS_USE_OS_CERTS, 1); + } + if(cfg->insecure && mosquitto_tls_insecure_set(mosq, true)){ fprintf(stderr, "Error: Problem setting TLS insecure option.\n"); mosquitto_lib_cleanup(); @@ -630,13 +647,6 @@ int client_opts_set(struct mosquitto *mosq, struct mosq_config *cfg) mosquitto_lib_cleanup(); return 1; } -# ifdef FINAL_WITH_TLS_PSK - if(cfg->psk && mosquitto_tls_psk_set(mosq, cfg->psk, cfg->psk_identity, NULL)){ - fprintf(stderr, "Error: Problem setting TLS-PSK options.\n"); - mosquitto_lib_cleanup(); - return 1; - } -# endif if((cfg->tls_version || cfg->ciphers) && mosquitto_tls_opts_set(mosq, 1, cfg->tls_version, cfg->ciphers)){ fprintf(stderr, "Error: Problem setting TLS options, check the options are valid.\n"); mosquitto_lib_cleanup(); diff --git a/config.mk b/config.mk index 95503207..effc568b 100644 --- a/config.mk +++ b/config.mk @@ -120,6 +120,10 @@ WITH_JEMALLOC:=no # probably of no particular interest to end users. WITH_XTREPORT=no +# Use the old O(n) keepalive check routine, instead of the new O(1) keepalive +# check routine. See src/keepalive.c for notes on this. +WITH_OLD_KEEPALIVE=no + # Build using clang and with address sanitiser enabled WITH_ASAN=no @@ -130,7 +134,7 @@ WITH_ASAN=no # Also bump lib/mosquitto.h, CMakeLists.txt, # installer/mosquitto.nsi, installer/mosquitto64.nsi -VERSION=2.0.20 +VERSION=2.0.21 # Client library SO version. Bump if incompatible API/ABI changes are made. SOVERSION=1 @@ -388,6 +392,10 @@ ifeq ($(WITH_XTREPORT),yes) BROKER_CFLAGS:=$(BROKER_CFLAGS) -DWITH_XTREPORT endif +ifeq ($(WITH_OLD_KEEPALIVE),yes) + BROKER_CPPFLAGS:=$(BROKER_CPPFLAGS) -DWITH_OLD_KEEPALIVE +endif + BROKER_LDADD:=${BROKER_LDADD} ${LDADD} CLIENT_LDADD:=${CLIENT_LDADD} ${LDADD} PASSWD_LDADD:=${PASSWD_LDADD} ${LDADD} diff --git a/docker/1.5-openssl/Dockerfile b/docker/1.5-openssl/Dockerfile index afbaa745..7e0d42d9 100644 --- a/docker/1.5-openssl/Dockerfile +++ b/docker/1.5-openssl/Dockerfile @@ -82,7 +82,9 @@ RUN set -x && \ install -m644 /build/mosq/mosquitto.conf /mosquitto/config/mosquitto.conf && \ chown -R mosquitto:mosquitto /mosquitto && \ apk --no-cache add \ - ca-certificates libuuid && \ + ca-certificates \ + libuuid \ + tzdata && \ apk del build-deps && \ rm -rf /build diff --git a/docker/1.5/Dockerfile b/docker/1.5/Dockerfile index 45c3c162..b2e9bd9f 100644 --- a/docker/1.5/Dockerfile +++ b/docker/1.5/Dockerfile @@ -82,7 +82,8 @@ RUN set -x && \ apk --no-cache add \ ca-certificates \ libressl \ - libuuid && \ + libuuid \ + tzdata && \ apk del build-deps && \ rm -rf /build diff --git a/docker/1.6-openssl/Dockerfile b/docker/1.6-openssl/Dockerfile index 8c98d8ad..b3f0233b 100644 --- a/docker/1.6-openssl/Dockerfile +++ b/docker/1.6-openssl/Dockerfile @@ -86,7 +86,8 @@ RUN set -x && \ install -Dm644 /build/mosq/edl-v10 /usr/share/licenses/mosquitto/edl-v10 && \ chown -R mosquitto:mosquitto /mosquitto && \ apk --no-cache add \ - ca-certificates && \ + ca-certificates \ + tzdata && \ apk del build-deps && \ rm -rf /build diff --git a/docker/1.6/Dockerfile b/docker/1.6/Dockerfile index 75b8cf42..3708e015 100644 --- a/docker/1.6/Dockerfile +++ b/docker/1.6/Dockerfile @@ -88,7 +88,8 @@ RUN set -x && \ chown -R mosquitto:mosquitto /mosquitto && \ apk --no-cache add \ ca-certificates \ - libressl && \ + libressl \ + tzdata && \ apk del build-deps && \ rm -rf /build diff --git a/docker/2.0-openssl/Dockerfile b/docker/2.0-openssl/Dockerfile index 47b1cf63..652f6971 100644 --- a/docker/2.0-openssl/Dockerfile +++ b/docker/2.0-openssl/Dockerfile @@ -90,7 +90,8 @@ RUN set -x && \ chown -R mosquitto:mosquitto /mosquitto && \ apk --no-cache add \ ca-certificates \ - cjson && \ + cjson \ + tzdata && \ apk del build-deps && \ rm -rf /build diff --git a/docker/2.0-openssl/README.md b/docker/2.0-openssl/README.md index 8ec812ed..7d592936 100644 --- a/docker/2.0-openssl/README.md +++ b/docker/2.0-openssl/README.md @@ -71,6 +71,19 @@ to expose the ports that have been configured, for example: docker run -it -p 1883:1883 -p 8080:8080 -v :/mosquitto/config/mosquitto.conf eclipse-mosquitto: ``` +**Important**: The default configuration only listens on the loopback +interface. This means that there is no way to access Mosquitto in the docker +container without using a custom configuration containing at least a listener. +You also need to make a decision to allow anonymous connections or to set up a +different method of client authentication. + +i.e. to configure a Mosquitto docker container as if it was running locally, +add the following to `mosquitto.conf`: +``` +listener 1883 +allow_anonymous true +``` + Configuration can be changed to: * persist data to `/mosquitto/data` diff --git a/docker/2.0/Dockerfile b/docker/2.0/Dockerfile index 76a38aad..1e4ae6fd 100644 --- a/docker/2.0/Dockerfile +++ b/docker/2.0/Dockerfile @@ -92,7 +92,8 @@ RUN set -x && \ apk --no-cache add \ ca-certificates \ cjson \ - libressl && \ + libressl \ + tzdata && \ apk del build-deps && \ rm -rf /build diff --git a/docker/2.0/README.md b/docker/2.0/README.md index 8ec812ed..75d63b5c 100644 --- a/docker/2.0/README.md +++ b/docker/2.0/README.md @@ -71,6 +71,20 @@ to expose the ports that have been configured, for example: docker run -it -p 1883:1883 -p 8080:8080 -v :/mosquitto/config/mosquitto.conf eclipse-mosquitto: ``` + +**Important**: The default configuration only listens on the loopback +interface. This means that there is no way to access Mosquitto in the docker +container without using a custom configuration containing at least a listener. +You also need to make a decision to allow anonymous connections or to set up a +different method of client authentication. + +i.e. to configure a Mosquitto docker container as if it was running locally, +add the following to `mosquitto.conf`: +``` +listener 1883 +allow_anonymous true +``` + Configuration can be changed to: * persist data to `/mosquitto/data` diff --git a/docker/generic/Dockerfile b/docker/generic/Dockerfile index 3ea1f127..d94a2d21 100644 --- a/docker/generic/Dockerfile +++ b/docker/generic/Dockerfile @@ -118,7 +118,8 @@ RUN set -x && \ install -Dm644 /build/mosq/edl-v10 /usr/share/licenses/mosquitto/edl-v10 && \ chown -R mosquitto:mosquitto /mosquitto && \ apk --no-cache add \ - ca-certificates && \ + ca-certificates \ + tzdata && \ apk del build-deps && \ rm -rf /build diff --git a/docker/generic/README.md b/docker/generic/README.md index d2c20643..dd4e6de5 100644 --- a/docker/generic/README.md +++ b/docker/generic/README.md @@ -58,3 +58,16 @@ docker run -it -p 1883:1883 -v :/mosquitto/config/mo :boom: if the mosquitto configuration (mosquitto.conf) was modified to use non-default ports, the docker run command will need to be updated to expose the ports that have been configured. + +**Important**: The default configuration only listens on the +loopback interface. This means that there is no way to access Mosquitto in the +docker container without using a custom configuration containing at least +a listener. You also need to make a decision to allow anonymous connections or +to set up a different method of client authentication. + +i.e. to configure a Mosquitto docker container as if it was running locally, +add the following to `mosquitto.conf`: +``` +listener 1883 +allow_anonymous true +``` diff --git a/docker/local/Dockerfile b/docker/local/Dockerfile index 475ae687..667504e5 100644 --- a/docker/local/Dockerfile +++ b/docker/local/Dockerfile @@ -77,7 +77,8 @@ RUN set -x && \ install -Dm644 /build/mosq/edl-v10 /usr/share/licenses/mosquitto/edl-v10 && \ chown -R mosquitto:mosquitto /mosquitto && \ apk --no-cache add \ - ca-certificates && \ + ca-certificates \ + tzdata && \ apk del build-deps && \ rm -rf /build diff --git a/include/mosquitto.h b/include/mosquitto.h index 524bf349..447f31a8 100644 --- a/include/mosquitto.h +++ b/include/mosquitto.h @@ -66,7 +66,7 @@ extern "C" { #define LIBMOSQUITTO_MAJOR 2 #define LIBMOSQUITTO_MINOR 0 -#define LIBMOSQUITTO_REVISION 20 +#define LIBMOSQUITTO_REVISION 21 /* LIBMOSQUITTO_VERSION_NUMBER looks like 1002001 for e.g. version 1.2.1. */ #define LIBMOSQUITTO_VERSION_NUMBER (LIBMOSQUITTO_MAJOR*1000000+LIBMOSQUITTO_MINOR*1000+LIBMOSQUITTO_REVISION) @@ -399,8 +399,7 @@ libmosq_EXPORT int mosquitto_will_set(struct mosquitto *mosq, const char *topic, * before calling . * * If the mosquitto instance `mosq` is using MQTT v5, the `properties` argument - * will be applied to the Will. For MQTT v3.1.1 and below, the `properties` - * argument will be ignored. + * will be applied to the Will. * * Set your client to use MQTT v5 immediately after it is created: * @@ -431,6 +430,8 @@ libmosq_EXPORT int mosquitto_will_set(struct mosquitto *mosq, const char *topic, * using MQTT v5 * MOSQ_ERR_PROTOCOL - if a property is invalid for use with wills. * MOSQ_ERR_DUPLICATE_PROPERTY - if a property is duplicated where it is forbidden. + * MOSQ_ERR_NOT_SUPPORTED - if properties is not NULL and the client is not + * using MQTT v5. */ libmosq_EXPORT int mosquitto_will_set_v5(struct mosquitto *mosq, const char *topic, int payloadlen, const void *payload, int qos, bool retain, mosquitto_property *properties); @@ -562,8 +563,7 @@ libmosq_EXPORT int mosquitto_connect_bind(struct mosquitto *mosq, const char *ho * . * * If the mosquitto instance `mosq` is using MQTT v5, the `properties` argument - * will be applied to the CONNECT message. For MQTT v3.1.1 and below, the - * `properties` argument will be ignored. + * will be applied to the CONNECT message. * * Set your client to use MQTT v5 immediately after it is created: * @@ -594,6 +594,8 @@ libmosq_EXPORT int mosquitto_connect_bind(struct mosquitto *mosq, const char *ho * Windows. * MOSQ_ERR_DUPLICATE_PROPERTY - if a property is duplicated where it is forbidden. * MOSQ_ERR_PROTOCOL - if any property is invalid for use with CONNECT. + * MOSQ_ERR_NOT_SUPPORTED - if properties is not NULL and the client is not + * using MQTT v5. * * See Also: * , , @@ -795,8 +797,7 @@ libmosq_EXPORT int mosquitto_disconnect(struct mosquitto *mosq); * . * * If the mosquitto instance `mosq` is using MQTT v5, the `properties` argument - * will be applied to the DISCONNECT message. For MQTT v3.1.1 and below, the - * `properties` argument will be ignored. + * will be applied to the DISCONNECT message. * * Set your client to use MQTT v5 immediately after it is created: * @@ -813,6 +814,8 @@ libmosq_EXPORT int mosquitto_disconnect(struct mosquitto *mosq); * MOSQ_ERR_NO_CONN - if the client isn't connected to a broker. * MOSQ_ERR_DUPLICATE_PROPERTY - if a property is duplicated where it is forbidden. * MOSQ_ERR_PROTOCOL - if any property is invalid for use with DISCONNECT. + * MOSQ_ERR_NOT_SUPPORTED - if properties is not NULL and the client is not + * using MQTT v5. */ libmosq_EXPORT int mosquitto_disconnect_v5(struct mosquitto *mosq, int reason_code, const mosquitto_property *properties); @@ -879,8 +882,7 @@ libmosq_EXPORT int mosquitto_publish(struct mosquitto *mosq, int *mid, const cha * . * * If the mosquitto instance `mosq` is using MQTT v5, the `properties` argument - * will be applied to the PUBLISH message. For MQTT v3.1.1 and below, the - * `properties` argument will be ignored. + * will be applied to the PUBLISH message. * * Set your client to use MQTT v5 immediately after it is created: * @@ -920,6 +922,8 @@ libmosq_EXPORT int mosquitto_publish(struct mosquitto *mosq, int *mid, const cha * the broker. * MOSQ_ERR_OVERSIZE_PACKET - if the resulting packet would be larger than * supported by the broker. + * MOSQ_ERR_NOT_SUPPORTED - if properties is not NULL and the client is not + * using MQTT v5. */ libmosq_EXPORT int mosquitto_publish_v5( struct mosquitto *mosq, @@ -971,8 +975,7 @@ libmosq_EXPORT int mosquitto_subscribe(struct mosquitto *mosq, int *mid, const c * . * * If the mosquitto instance `mosq` is using MQTT v5, the `properties` argument - * will be applied to the PUBLISH message. For MQTT v3.1.1 and below, the - * `properties` argument will be ignored. + * will be applied to the PUBLISH message. * * Set your client to use MQTT v5 immediately after it is created: * @@ -1000,6 +1003,8 @@ libmosq_EXPORT int mosquitto_subscribe(struct mosquitto *mosq, int *mid, const c * MOSQ_ERR_PROTOCOL - if any property is invalid for use with SUBSCRIBE. * MOSQ_ERR_OVERSIZE_PACKET - if the resulting packet would be larger than * supported by the broker. + * MOSQ_ERR_NOT_SUPPORTED - if properties is not NULL and the client is not + * using MQTT v5. */ libmosq_EXPORT int mosquitto_subscribe_v5(struct mosquitto *mosq, int *mid, const char *sub, int qos, int options, const mosquitto_property *properties); @@ -1076,8 +1081,7 @@ libmosq_EXPORT int mosquitto_unsubscribe(struct mosquitto *mosq, int *mid, const * . * * If the mosquitto instance `mosq` is using MQTT v5, the `properties` argument - * will be applied to the PUBLISH message. For MQTT v3.1.1 and below, the - * `properties` argument will be ignored. + * will be applied to the PUBLISH message. * * Set your client to use MQTT v5 immediately after it is created: * @@ -1103,6 +1107,8 @@ libmosq_EXPORT int mosquitto_unsubscribe(struct mosquitto *mosq, int *mid, const * MOSQ_ERR_PROTOCOL - if any property is invalid for use with UNSUBSCRIBE. * MOSQ_ERR_OVERSIZE_PACKET - if the resulting packet would be larger than * supported by the broker. + * MOSQ_ERR_NOT_SUPPORTED - if properties is not NULL and the client is not + * using MQTT v5. */ libmosq_EXPORT int mosquitto_unsubscribe_v5(struct mosquitto *mosq, int *mid, const char *sub, const mosquitto_property *properties); diff --git a/include/mqtt_protocol.h b/include/mqtt_protocol.h index ac867877..ef05379d 100644 --- a/include/mqtt_protocol.h +++ b/include/mqtt_protocol.h @@ -34,6 +34,7 @@ Contributors: /* Message types */ +#define CMD_RESERVED 0x00U #define CMD_CONNECT 0x10U #define CMD_CONNACK 0x20U #define CMD_PUBLISH 0x30U diff --git a/installer/mosquitto.nsi b/installer/mosquitto.nsi index 76fba32d..55c4ac8b 100644 --- a/installer/mosquitto.nsi +++ b/installer/mosquitto.nsi @@ -9,7 +9,7 @@ !define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"' Name "Eclipse Mosquitto" -!define VERSION 2.0.20 +!define VERSION 2.0.21 OutFile "mosquitto-${VERSION}-install-windows-x86.exe" InstallDir "$PROGRAMFILES\mosquitto" @@ -47,8 +47,8 @@ Section "Files" SecInstall SetOutPath "$INSTDIR" File "..\logo\mosquitto.ico" File "..\build\src\Release\mosquitto.exe" - File "..\build\apps\mosquitto_passwd\Release\mosquitto_passwd.exe" File "..\build\apps\mosquitto_ctrl\Release\mosquitto_ctrl.exe" + File "..\build\apps\mosquitto_passwd\Release\mosquitto_passwd.exe" File "..\build\client\Release\mosquitto_pub.exe" File "..\build\client\Release\mosquitto_sub.exe" File "..\build\client\Release\mosquitto_rr.exe" @@ -63,12 +63,17 @@ Section "Files" SecInstall File "..\README.md" File "..\README-windows.txt" File "..\README-letsencrypt.md" - ;File "C:\pthreads\Pre-built.2\dll\x86\pthreadVC2.dll" - File "C:\OpenSSL-Win32\bin\libssl-1_1.dll" - File "C:\OpenSSL-Win32\bin\libcrypto-1_1.dll" + File "..\SECURITY.md" File "..\edl-v10" File "..\epl-v20" + File "..\build\vcpkg_installed\x86-windows\bin\cjson.dll" + File "..\build\vcpkg_installed\x86-windows\bin\libcrypto-3.dll" + File "..\build\vcpkg_installed\x86-windows\bin\libssl-3.dll" + File "..\build\vcpkg_installed\x86-windows\bin\pthreadVC3.dll" + File "..\build\vcpkg_installed\x86-windows\bin\uv.dll" + File "..\build\vcpkg_installed\x86-windows\bin\websockets.dll" + SetOutPath "$INSTDIR\devel" File "..\build\lib\Release\mosquitto.lib" File "..\build\lib\cpp\Release\mosquittopp.lib" @@ -93,6 +98,13 @@ Section "Files" SecInstall SendMessage ${HWND_BROADCAST} ${WM_WININICHANGE} 0 "STR:Environment" /TIMEOUT=5000 SectionEnd +Section "Visual Studio Runtime" + SetOutPath "$INSTDIR" + File "VC_redist.x86.exe" + ExecWait '"$INSTDIR\VC_redist.x86.exe" /quiet /norestart' + Delete "$INSTDIR\VC_redist.x86.exe" +SectionEnd + Section "Service" SecService ExecWait '"$INSTDIR\mosquitto.exe" install' ExecWait 'sc start mosquitto' @@ -104,36 +116,41 @@ Section "Uninstall" ExecWait '"$INSTDIR\mosquitto.exe" uninstall' Sleep 1000 + Delete "$INSTDIR\mosquitto.dll" Delete "$INSTDIR\mosquitto.exe" Delete "$INSTDIR\mosquitto_ctrl.exe" Delete "$INSTDIR\mosquitto_passwd.exe" Delete "$INSTDIR\mosquitto_pub.exe" - Delete "$INSTDIR\mosquitto_sub.exe" Delete "$INSTDIR\mosquitto_rr.exe" - Delete "$INSTDIR\mosquitto.dll" + Delete "$INSTDIR\mosquitto_sub.exe" Delete "$INSTDIR\mosquittopp.dll" Delete "$INSTDIR\mosquitto_dynamic_security.dll" Delete "$INSTDIR\aclfile.example" Delete "$INSTDIR\ChangeLog.txt" Delete "$INSTDIR\mosquitto.conf" Delete "$INSTDIR\pwfile.example" + Delete "$INSTDIR\NOTICE.md" Delete "$INSTDIR\README.md" Delete "$INSTDIR\README-windows.txt" Delete "$INSTDIR\README-letsencrypt.md" - ;Delete "$INSTDIR\pthreadVC2.dll" - Delete "$INSTDIR\libssl-1_1.dll" - Delete "$INSTDIR\libcrypto-1_1.dll" + Delete "$INSTDIR\SECURITY.md" Delete "$INSTDIR\edl-v10" Delete "$INSTDIR\epl-v20" Delete "$INSTDIR\mosquitto.ico" + Delete "$INSTDIR\cjson.dll" + Delete "$INSTDIR\libcrypto-3.dll" + Delete "$INSTDIR\libssl-3.dll" + Delete "$INSTDIR\pthreadVC3.dll" + Delete "$INSTDIR\uv.dll" + Delete "$INSTDIR\websockets.dll" + Delete "$INSTDIR\devel\mosquitto.h" - Delete "$INSTDIR\devel\mosquitto.lib" Delete "$INSTDIR\devel\mosquitto_broker.h" Delete "$INSTDIR\devel\mosquitto_plugin.h" Delete "$INSTDIR\devel\mosquittopp.h" - Delete "$INSTDIR\devel\mosquittopp.lib" Delete "$INSTDIR\devel\mqtt_protocol.h" + RMDir "$INSTDIR\devel\mosquitto" RMDir "$INSTDIR\devel" Delete "$INSTDIR\Uninstall.exe" @@ -151,4 +168,3 @@ LangString DESC_SecService ${LANG_ENGLISH} "Install mosquitto as a Windows servi !insertmacro MUI_DESCRIPTION_TEXT ${SecInstall} $(DESC_SecInstall) !insertmacro MUI_DESCRIPTION_TEXT ${SecService} $(DESC_SecService) !insertmacro MUI_FUNCTION_DESCRIPTION_END - diff --git a/installer/mosquitto64.nsi b/installer/mosquitto64.nsi index 3f98e4e6..22fb5e22 100644 --- a/installer/mosquitto64.nsi +++ b/installer/mosquitto64.nsi @@ -9,7 +9,7 @@ !define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"' Name "Eclipse Mosquitto" -!define VERSION 2.0.20 +!define VERSION 2.0.21 OutFile "mosquitto-${VERSION}-install-windows-x64.exe" !include "x64.nsh" diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt index fc06a999..646d0ea9 100644 --- a/lib/CMakeLists.txt +++ b/lib/CMakeLists.txt @@ -89,19 +89,19 @@ set_target_properties(libmosquitto PROPERTIES POSITION_INDEPENDENT_CODE 1 ) -target_link_libraries(libmosquitto PRIVATE ${LIBRARIES}) - if (WITH_THREADING) if(WIN32) - target_link_libraries(libmosquitto PRIVATE PThreads4W::PThreads4W) + set (LIBRARIES ${LIBRARIES} PThreads4W::PThreads4W) else() set(THREADS_PREFER_PTHREAD_FLAG ON) find_package(Threads REQUIRED) - target_link_libraries(libmosquitto PRIVATE Threads::Threads) + set (LIBRARIES ${LIBRARIES} Threads::Threads) endif() endif() +target_link_libraries(libmosquitto PRIVATE ${LIBRARIES}) + set_target_properties(libmosquitto PROPERTIES OUTPUT_NAME mosquitto VERSION ${VERSION} diff --git a/lib/actions.c b/lib/actions.c index 6ab8ac28..ac61331a 100644 --- a/lib/actions.c +++ b/lib/actions.c @@ -155,10 +155,10 @@ int mosquitto_publish_v5(struct mosquitto *mosq, int *mid, const char *topic, in message->dup = false; message->properties = properties_copy; - pthread_mutex_lock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_lock(&mosq->msgs_out.mutex); message->state = mosq_ms_invalid; rc = message__queue(mosq, message, mosq_md_out); - pthread_mutex_unlock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgs_out.mutex); return rc; } } diff --git a/lib/callbacks.c b/lib/callbacks.c index 2e4f6bcc..8b6da480 100644 --- a/lib/callbacks.c +++ b/lib/callbacks.c @@ -24,99 +24,99 @@ Contributors: void mosquitto_connect_callback_set(struct mosquitto *mosq, void (*on_connect)(struct mosquitto *, void *, int)) { - pthread_mutex_lock(&mosq->callback_mutex); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); mosq->on_connect = on_connect; - pthread_mutex_unlock(&mosq->callback_mutex); + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); } void mosquitto_connect_with_flags_callback_set(struct mosquitto *mosq, void (*on_connect)(struct mosquitto *, void *, int, int)) { - pthread_mutex_lock(&mosq->callback_mutex); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); mosq->on_connect_with_flags = on_connect; - pthread_mutex_unlock(&mosq->callback_mutex); + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); } void mosquitto_connect_v5_callback_set(struct mosquitto *mosq, void (*on_connect)(struct mosquitto *, void *, int, int, const mosquitto_property *)) { - pthread_mutex_lock(&mosq->callback_mutex); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); mosq->on_connect_v5 = on_connect; - pthread_mutex_unlock(&mosq->callback_mutex); + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); } void mosquitto_disconnect_callback_set(struct mosquitto *mosq, void (*on_disconnect)(struct mosquitto *, void *, int)) { - pthread_mutex_lock(&mosq->callback_mutex); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); mosq->on_disconnect = on_disconnect; - pthread_mutex_unlock(&mosq->callback_mutex); + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); } void mosquitto_disconnect_v5_callback_set(struct mosquitto *mosq, void (*on_disconnect)(struct mosquitto *, void *, int, const mosquitto_property *)) { - pthread_mutex_lock(&mosq->callback_mutex); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); mosq->on_disconnect_v5 = on_disconnect; - pthread_mutex_unlock(&mosq->callback_mutex); + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); } void mosquitto_publish_callback_set(struct mosquitto *mosq, void (*on_publish)(struct mosquitto *, void *, int)) { - pthread_mutex_lock(&mosq->callback_mutex); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); mosq->on_publish = on_publish; - pthread_mutex_unlock(&mosq->callback_mutex); + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); } void mosquitto_publish_v5_callback_set(struct mosquitto *mosq, void (*on_publish)(struct mosquitto *, void *, int, int, const mosquitto_property *props)) { - pthread_mutex_lock(&mosq->callback_mutex); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); mosq->on_publish_v5 = on_publish; - pthread_mutex_unlock(&mosq->callback_mutex); + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); } void mosquitto_message_callback_set(struct mosquitto *mosq, void (*on_message)(struct mosquitto *, void *, const struct mosquitto_message *)) { - pthread_mutex_lock(&mosq->callback_mutex); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); mosq->on_message = on_message; - pthread_mutex_unlock(&mosq->callback_mutex); + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); } void mosquitto_message_v5_callback_set(struct mosquitto *mosq, void (*on_message)(struct mosquitto *, void *, const struct mosquitto_message *, const mosquitto_property *props)) { - pthread_mutex_lock(&mosq->callback_mutex); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); mosq->on_message_v5 = on_message; - pthread_mutex_unlock(&mosq->callback_mutex); + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); } void mosquitto_subscribe_callback_set(struct mosquitto *mosq, void (*on_subscribe)(struct mosquitto *, void *, int, int, const int *)) { - pthread_mutex_lock(&mosq->callback_mutex); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); mosq->on_subscribe = on_subscribe; - pthread_mutex_unlock(&mosq->callback_mutex); + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); } void mosquitto_subscribe_v5_callback_set(struct mosquitto *mosq, void (*on_subscribe)(struct mosquitto *, void *, int, int, const int *, const mosquitto_property *props)) { - pthread_mutex_lock(&mosq->callback_mutex); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); mosq->on_subscribe_v5 = on_subscribe; - pthread_mutex_unlock(&mosq->callback_mutex); + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); } void mosquitto_unsubscribe_callback_set(struct mosquitto *mosq, void (*on_unsubscribe)(struct mosquitto *, void *, int)) { - pthread_mutex_lock(&mosq->callback_mutex); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); mosq->on_unsubscribe = on_unsubscribe; - pthread_mutex_unlock(&mosq->callback_mutex); + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); } void mosquitto_unsubscribe_v5_callback_set(struct mosquitto *mosq, void (*on_unsubscribe)(struct mosquitto *, void *, int, const mosquitto_property *props)) { - pthread_mutex_lock(&mosq->callback_mutex); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); mosq->on_unsubscribe_v5 = on_unsubscribe; - pthread_mutex_unlock(&mosq->callback_mutex); + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); } void mosquitto_log_callback_set(struct mosquitto *mosq, void (*on_log)(struct mosquitto *, void *, int, const char *)) { - pthread_mutex_lock(&mosq->log_callback_mutex); + COMPAT_pthread_mutex_lock(&mosq->log_callback_mutex); mosq->on_log = on_log; - pthread_mutex_unlock(&mosq->log_callback_mutex); + COMPAT_pthread_mutex_unlock(&mosq->log_callback_mutex); } diff --git a/lib/connect.c b/lib/connect.c index dfc57fa2..314d2c52 100644 --- a/lib/connect.c +++ b/lib/connect.c @@ -179,10 +179,10 @@ static int mosquitto__reconnect(struct mosquitto *mosq, bool blocking) if(rc) return rc; } - pthread_mutex_lock(&mosq->msgtime_mutex); + COMPAT_pthread_mutex_lock(&mosq->msgtime_mutex); mosq->last_msg_in = mosquitto_time(); mosq->next_msg_out = mosq->last_msg_in + mosq->keepalive; - pthread_mutex_unlock(&mosq->msgtime_mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgtime_mutex); mosq->ping_t = 0; @@ -267,11 +267,14 @@ int mosquitto_disconnect_v5(struct mosquitto *mosq, int reason_code, const mosqu void do_client_disconnect(struct mosquitto *mosq, int reason_code, const mosquitto_property *properties) { + void (*on_disconnect)(struct mosquitto *, void *userdata, int rc); + void (*on_disconnect_v5)(struct mosquitto *, void *userdata, int rc, const mosquitto_property *props); + mosquitto__set_state(mosq, mosq_cs_disconnected); net__socket_close(mosq); /* Free data and reset values */ - pthread_mutex_lock(&mosq->out_packet_mutex); + COMPAT_pthread_mutex_lock(&mosq->out_packet_mutex); mosq->current_out_packet = mosq->out_packet; if(mosq->out_packet){ mosq->out_packet = mosq->out_packet->next; @@ -280,24 +283,27 @@ void do_client_disconnect(struct mosquitto *mosq, int reason_code, const mosquit } mosq->out_packet_count--; } - pthread_mutex_unlock(&mosq->out_packet_mutex); + COMPAT_pthread_mutex_unlock(&mosq->out_packet_mutex); - pthread_mutex_lock(&mosq->msgtime_mutex); + COMPAT_pthread_mutex_lock(&mosq->msgtime_mutex); mosq->next_msg_out = mosquitto_time() + mosq->keepalive; - pthread_mutex_unlock(&mosq->msgtime_mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgtime_mutex); - pthread_mutex_lock(&mosq->callback_mutex); - if(mosq->on_disconnect){ + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); + on_disconnect = mosq->on_disconnect; + on_disconnect_v5 = mosq->on_disconnect_v5; + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); + + if(on_disconnect){ mosq->in_callback = true; - mosq->on_disconnect(mosq, mosq->userdata, reason_code); + on_disconnect(mosq, mosq->userdata, reason_code); mosq->in_callback = false; } - if(mosq->on_disconnect_v5){ + if(on_disconnect_v5){ mosq->in_callback = true; - mosq->on_disconnect_v5(mosq, mosq->userdata, reason_code, properties); + on_disconnect_v5(mosq, mosq->userdata, reason_code, properties); mosq->in_callback = false; } - pthread_mutex_unlock(&mosq->callback_mutex); - pthread_mutex_unlock(&mosq->current_out_packet_mutex); + COMPAT_pthread_mutex_unlock(&mosq->current_out_packet_mutex); } diff --git a/lib/handle_connack.c b/lib/handle_connack.c index 4c2ec00e..bae41b7b 100644 --- a/lib/handle_connack.c +++ b/lib/handle_connack.c @@ -32,27 +32,35 @@ Contributors: static void connack_callback(struct mosquitto *mosq, uint8_t reason_code, uint8_t connect_flags, const mosquitto_property *properties) { + void (*on_connect)(struct mosquitto *, void *userdata, int rc); + void (*on_connect_with_flags)(struct mosquitto *, void *userdata, int rc, int flags); + void (*on_connect_v5)(struct mosquitto *, void *userdata, int rc, int flags, const mosquitto_property *props); + log__printf(mosq, MOSQ_LOG_DEBUG, "Client %s received CONNACK (%d)", SAFE_PRINT(mosq->id), reason_code); if(reason_code == MQTT_RC_SUCCESS){ mosq->reconnects = 0; } - pthread_mutex_lock(&mosq->callback_mutex); - if(mosq->on_connect){ + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); + on_connect = mosq->on_connect; + on_connect_with_flags = mosq->on_connect_with_flags; + on_connect_v5 = mosq->on_connect_v5; + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); + + if(on_connect){ mosq->in_callback = true; - mosq->on_connect(mosq, mosq->userdata, reason_code); + on_connect(mosq, mosq->userdata, reason_code); mosq->in_callback = false; } - if(mosq->on_connect_with_flags){ + if(on_connect_with_flags){ mosq->in_callback = true; - mosq->on_connect_with_flags(mosq, mosq->userdata, reason_code, connect_flags); + on_connect_with_flags(mosq, mosq->userdata, reason_code, connect_flags); mosq->in_callback = false; } - if(mosq->on_connect_v5){ + if(on_connect_v5){ mosq->in_callback = true; - mosq->on_connect_v5(mosq, mosq->userdata, reason_code, connect_flags, properties); + on_connect_v5(mosq, mosq->userdata, reason_code, connect_flags, properties); mosq->in_callback = false; } - pthread_mutex_unlock(&mosq->callback_mutex); } @@ -117,11 +125,11 @@ int handle__connack(struct mosquitto *mosq) switch(reason_code){ case 0: - pthread_mutex_lock(&mosq->state_mutex); + COMPAT_pthread_mutex_lock(&mosq->state_mutex); if(mosq->state != mosq_cs_disconnecting){ mosq->state = mosq_cs_active; } - pthread_mutex_unlock(&mosq->state_mutex); + COMPAT_pthread_mutex_unlock(&mosq->state_mutex); message__retry_check(mosq); return MOSQ_ERR_SUCCESS; case 1: diff --git a/lib/handle_pubackcomp.c b/lib/handle_pubackcomp.c index d70d602d..30d91239 100644 --- a/lib/handle_pubackcomp.c +++ b/lib/handle_pubackcomp.c @@ -136,26 +136,32 @@ int handle__pubackcomp(struct mosquitto *mosq, const char *type) rc = message__delete(mosq, mid, mosq_md_out, qos); if(rc == MOSQ_ERR_SUCCESS){ + void (*on_publish)(struct mosquitto *, void *userdata, int mid); + void (*on_publish_v5)(struct mosquitto *, void *userdata, int mid, int reason_code, const mosquitto_property *props); + /* Only inform the client the message has been sent once. */ - pthread_mutex_lock(&mosq->callback_mutex); - if(mosq->on_publish){ + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); + on_publish = mosq->on_publish; + on_publish_v5 = mosq->on_publish_v5; + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); + + if(on_publish){ mosq->in_callback = true; - mosq->on_publish(mosq, mosq->userdata, mid); + on_publish(mosq, mosq->userdata, mid); mosq->in_callback = false; } - if(mosq->on_publish_v5){ + if(on_publish_v5){ mosq->in_callback = true; - mosq->on_publish_v5(mosq, mosq->userdata, mid, reason_code, properties); + on_publish_v5(mosq, mosq->userdata, mid, reason_code, properties); mosq->in_callback = false; } - pthread_mutex_unlock(&mosq->callback_mutex); mosquitto_property_free_all(&properties); }else if(rc != MOSQ_ERR_NOT_FOUND){ return rc; } - pthread_mutex_lock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_lock(&mosq->msgs_out.mutex); message__release_to_inflight(mosq, mosq_md_out); - pthread_mutex_unlock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgs_out.mutex); return MOSQ_ERR_SUCCESS; #endif diff --git a/lib/handle_publish.c b/lib/handle_publish.c index 7864b8af..98bd4240 100644 --- a/lib/handle_publish.c +++ b/lib/handle_publish.c @@ -120,38 +120,44 @@ int handle__publish(struct mosquitto *mosq) (long)message->msg.payloadlen); message->timestamp = mosquitto_time(); + void (*on_message)(struct mosquitto *, void *userdata, const struct mosquitto_message *message); + void (*on_message_v5)(struct mosquitto *, void *userdata, const struct mosquitto_message *message, const mosquitto_property *props); switch(message->msg.qos){ case 0: - pthread_mutex_lock(&mosq->callback_mutex); - if(mosq->on_message){ + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); + on_message = mosq->on_message; + on_message_v5 = mosq->on_message_v5; + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); + if(on_message){ mosq->in_callback = true; - mosq->on_message(mosq, mosq->userdata, &message->msg); + on_message(mosq, mosq->userdata, &message->msg); mosq->in_callback = false; } if(mosq->on_message_v5){ mosq->in_callback = true; - mosq->on_message_v5(mosq, mosq->userdata, &message->msg, properties); + on_message_v5(mosq, mosq->userdata, &message->msg, properties); mosq->in_callback = false; } - pthread_mutex_unlock(&mosq->callback_mutex); message__cleanup(&message); mosquitto_property_free_all(&properties); return MOSQ_ERR_SUCCESS; case 1: util__decrement_receive_quota(mosq); rc = send__puback(mosq, mid, 0, NULL); - pthread_mutex_lock(&mosq->callback_mutex); - if(mosq->on_message){ + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); + on_message = mosq->on_message; + on_message_v5 = mosq->on_message_v5; + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); + if(on_message){ mosq->in_callback = true; - mosq->on_message(mosq, mosq->userdata, &message->msg); + on_message(mosq, mosq->userdata, &message->msg); mosq->in_callback = false; } - if(mosq->on_message_v5){ + if(on_message_v5){ mosq->in_callback = true; - mosq->on_message_v5(mosq, mosq->userdata, &message->msg, properties); + on_message_v5(mosq, mosq->userdata, &message->msg, properties); mosq->in_callback = false; } - pthread_mutex_unlock(&mosq->callback_mutex); message__cleanup(&message); mosquitto_property_free_all(&properties); return rc; @@ -159,10 +165,10 @@ int handle__publish(struct mosquitto *mosq) message->properties = properties; util__decrement_receive_quota(mosq); rc = send__pubrec(mosq, mid, 0, NULL); - pthread_mutex_lock(&mosq->msgs_in.mutex); + COMPAT_pthread_mutex_lock(&mosq->msgs_in.mutex); message->state = mosq_ms_wait_for_pubrel; message__queue(mosq, message, mosq_md_in); - pthread_mutex_unlock(&mosq->msgs_in.mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgs_in.mutex); return rc; default: message__cleanup(&message); diff --git a/lib/handle_pubrec.c b/lib/handle_pubrec.c index 9818e1c0..13e78128 100644 --- a/lib/handle_pubrec.c +++ b/lib/handle_pubrec.c @@ -107,18 +107,21 @@ int handle__pubrec(struct mosquitto *mosq) }else{ if(!message__delete(mosq, mid, mosq_md_out, 2)){ /* Only inform the client the message has been sent once. */ - pthread_mutex_lock(&mosq->callback_mutex); - if(mosq->on_publish_v5){ + void (*on_publish_v5)(struct mosquitto *, void *userdata, int mid, int reason_code, const mosquitto_property *props); + + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); + on_publish_v5 = mosq->on_publish_v5; + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); + if(on_publish_v5){ mosq->in_callback = true; - mosq->on_publish_v5(mosq, mosq->userdata, mid, reason_code, properties); + on_publish_v5(mosq, mosq->userdata, mid, reason_code, properties); mosq->in_callback = false; } - pthread_mutex_unlock(&mosq->callback_mutex); } util__increment_send_quota(mosq); - pthread_mutex_lock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_lock(&mosq->msgs_out.mutex); message__release_to_inflight(mosq, mosq_md_out); - pthread_mutex_unlock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgs_out.mutex); return MOSQ_ERR_SUCCESS; } #endif diff --git a/lib/handle_pubrel.c b/lib/handle_pubrel.c index 010f970c..0e5251c6 100644 --- a/lib/handle_pubrel.c +++ b/lib/handle_pubrel.c @@ -116,18 +116,22 @@ int handle__pubrel(struct mosquitto *mosq) if(rc == MOSQ_ERR_SUCCESS){ /* Only pass the message on if we have removed it from the queue - this * prevents multiple callbacks for the same message. */ - pthread_mutex_lock(&mosq->callback_mutex); - if(mosq->on_message){ + void (*on_message)(struct mosquitto *, void *userdata, const struct mosquitto_message *message); + void (*on_message_v5)(struct mosquitto *, void *userdata, const struct mosquitto_message *message, const mosquitto_property *props); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); + on_message = mosq->on_message; + on_message_v5 = mosq->on_message_v5; + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); + if(on_message){ mosq->in_callback = true; - mosq->on_message(mosq, mosq->userdata, &message->msg); + on_message(mosq, mosq->userdata, &message->msg); mosq->in_callback = false; } - if(mosq->on_message_v5){ + if(on_message_v5){ mosq->in_callback = true; - mosq->on_message_v5(mosq, mosq->userdata, &message->msg, message->properties); + on_message_v5(mosq, mosq->userdata, &message->msg, message->properties); mosq->in_callback = false; } - pthread_mutex_unlock(&mosq->callback_mutex); mosquitto_property_free_all(&properties); message__cleanup(&message); }else if(rc == MOSQ_ERR_NOT_FOUND){ diff --git a/lib/handle_suback.c b/lib/handle_suback.c index 09f5d7c4..100177cc 100644 --- a/lib/handle_suback.c +++ b/lib/handle_suback.c @@ -97,18 +97,22 @@ int handle__suback(struct mosquitto *mosq) /* Immediately free, we don't do anything with Reason String or User Property at the moment */ mosquitto_property_free_all(&properties); #else - pthread_mutex_lock(&mosq->callback_mutex); - if(mosq->on_subscribe){ + void (*on_subscribe)(struct mosquitto *, void *userdata, int mid, int qos_count, const int *granted_qos); + void (*on_subscribe_v5)(struct mosquitto *, void *userdata, int mid, int qos_count, const int *granted_qos, const mosquitto_property *props); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); + on_subscribe = mosq->on_subscribe; + on_subscribe_v5 = mosq->on_subscribe_v5; + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); + if(on_subscribe){ mosq->in_callback = true; - mosq->on_subscribe(mosq, mosq->userdata, mid, qos_count, granted_qos); + on_subscribe(mosq, mosq->userdata, mid, qos_count, granted_qos); mosq->in_callback = false; } - if(mosq->on_subscribe_v5){ + if(on_subscribe_v5){ mosq->in_callback = true; - mosq->on_subscribe_v5(mosq, mosq->userdata, mid, qos_count, granted_qos, properties); + on_subscribe_v5(mosq, mosq->userdata, mid, qos_count, granted_qos, properties); mosq->in_callback = false; } - pthread_mutex_unlock(&mosq->callback_mutex); mosquitto_property_free_all(&properties); #endif mosquitto__free(granted_qos); diff --git a/lib/handle_unsuback.c b/lib/handle_unsuback.c index bc92cb04..94e45f48 100644 --- a/lib/handle_unsuback.c +++ b/lib/handle_unsuback.c @@ -76,18 +76,22 @@ int handle__unsuback(struct mosquitto *mosq) /* Immediately free, we don't do anything with Reason String or User Property at the moment */ mosquitto_property_free_all(&properties); #else - pthread_mutex_lock(&mosq->callback_mutex); - if(mosq->on_unsubscribe){ + void (*on_unsubscribe)(struct mosquitto *, void *userdata, int mid); + void (*on_unsubscribe_v5)(struct mosquitto *, void *userdata, int mid, const mosquitto_property *props); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); + on_unsubscribe = mosq->on_unsubscribe; + on_unsubscribe_v5 = mosq->on_unsubscribe_v5; + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); + if(on_unsubscribe){ mosq->in_callback = true; - mosq->on_unsubscribe(mosq, mosq->userdata, mid); + on_unsubscribe(mosq, mosq->userdata, mid); mosq->in_callback = false; } - if(mosq->on_unsubscribe_v5){ + if(on_unsubscribe_v5){ mosq->in_callback = true; - mosq->on_unsubscribe_v5(mosq, mosq->userdata, mid, properties); + on_unsubscribe_v5(mosq, mosq->userdata, mid, properties); mosq->in_callback = false; } - pthread_mutex_unlock(&mosq->callback_mutex); mosquitto_property_free_all(&properties); #endif diff --git a/lib/logging_mosq.c b/lib/logging_mosq.c index 348dba8a..3f6a0d95 100644 --- a/lib/logging_mosq.c +++ b/lib/logging_mosq.c @@ -33,16 +33,19 @@ int log__printf(struct mosquitto *mosq, unsigned int priority, const char *fmt, va_list va; char *s; size_t len; + void (*on_log)(struct mosquitto *, void *userdata, int level, const char *str); assert(mosq); assert(fmt); - pthread_mutex_lock(&mosq->log_callback_mutex); - if(mosq->on_log){ + COMPAT_pthread_mutex_lock(&mosq->log_callback_mutex); + on_log = mosq->on_log; + COMPAT_pthread_mutex_unlock(&mosq->log_callback_mutex); + + if(on_log){ len = strlen(fmt) + 500; s = mosquitto__malloc(len*sizeof(char)); if(!s){ - pthread_mutex_unlock(&mosq->log_callback_mutex); return MOSQ_ERR_NOMEM; } @@ -51,11 +54,10 @@ int log__printf(struct mosquitto *mosq, unsigned int priority, const char *fmt, va_end(va); s[len-1] = '\0'; /* Ensure string is null terminated. */ - mosq->on_log(mosq, mosq->userdata, (int)priority, s); + on_log(mosq, mosq->userdata, (int)priority, s); mosquitto__free(s); } - pthread_mutex_unlock(&mosq->log_callback_mutex); return MOSQ_ERR_SUCCESS; } diff --git a/lib/loop.c b/lib/loop.c index 0277a1d3..4905fd99 100644 --- a/lib/loop.c +++ b/lib/loop.c @@ -70,13 +70,13 @@ int mosquitto_loop(struct mosquitto *mosq, int timeout, int max_packets) if(mosq->ssl == NULL || SSL_is_init_finished(mosq->ssl)) #endif { - pthread_mutex_lock(&mosq->current_out_packet_mutex); - pthread_mutex_lock(&mosq->out_packet_mutex); + COMPAT_pthread_mutex_lock(&mosq->current_out_packet_mutex); + COMPAT_pthread_mutex_lock(&mosq->out_packet_mutex); if(mosq->out_packet || mosq->current_out_packet){ FD_SET(mosq->sock, &writefds); } - pthread_mutex_unlock(&mosq->out_packet_mutex); - pthread_mutex_unlock(&mosq->current_out_packet_mutex); + COMPAT_pthread_mutex_unlock(&mosq->out_packet_mutex); + COMPAT_pthread_mutex_unlock(&mosq->current_out_packet_mutex); } } }else{ @@ -110,11 +110,11 @@ int mosquitto_loop(struct mosquitto *mosq, int timeout, int max_packets) } now = mosquitto_time(); - pthread_mutex_lock(&mosq->msgtime_mutex); + COMPAT_pthread_mutex_lock(&mosq->msgtime_mutex); if(mosq->next_msg_out && now + timeout_ms/1000 > mosq->next_msg_out){ timeout_ms = (mosq->next_msg_out - now)*1000; } - pthread_mutex_unlock(&mosq->msgtime_mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgtime_mutex); if(timeout_ms < 0){ /* There has been a delay somewhere which means we should have already @@ -252,7 +252,7 @@ int mosquitto_loop_forever(struct mosquitto *mosq, int timeout, int max_packets) while(run){ do{ #ifdef HAVE_PTHREAD_CANCEL - pthread_testcancel(); + COMPAT_pthread_testcancel(); #endif rc = mosquitto_loop(mosq, timeout, max_packets); }while(run && rc == MOSQ_ERR_SUCCESS); @@ -279,7 +279,7 @@ int mosquitto_loop_forever(struct mosquitto *mosq, int timeout, int max_packets) } do{ #ifdef HAVE_PTHREAD_CANCEL - pthread_testcancel(); + COMPAT_pthread_testcancel(); #endif rc = MOSQ_ERR_SUCCESS; if(mosquitto__get_request_disconnect(mosq)){ @@ -335,18 +335,23 @@ static int mosquitto__loop_rc_handle(struct mosquitto *mosq, int rc) if(state == mosq_cs_disconnecting || state == mosq_cs_disconnected){ rc = MOSQ_ERR_SUCCESS; } - pthread_mutex_lock(&mosq->callback_mutex); - if(mosq->on_disconnect){ + + void (*on_disconnect)(struct mosquitto *, void *userdata, int rc); + void (*on_disconnect_v5)(struct mosquitto *, void *userdata, int rc, const mosquitto_property *props); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); + on_disconnect = mosq->on_disconnect; + on_disconnect_v5 = mosq->on_disconnect_v5; + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); + if(on_disconnect){ mosq->in_callback = true; - mosq->on_disconnect(mosq, mosq->userdata, rc); + on_disconnect(mosq, mosq->userdata, rc); mosq->in_callback = false; } - if(mosq->on_disconnect_v5){ + if(on_disconnect_v5){ mosq->in_callback = true; - mosq->on_disconnect_v5(mosq, mosq->userdata, rc, NULL); + on_disconnect_v5(mosq, mosq->userdata, rc, NULL); mosq->in_callback = false; } - pthread_mutex_unlock(&mosq->callback_mutex); } return rc; } @@ -358,13 +363,13 @@ int mosquitto_loop_read(struct mosquitto *mosq, int max_packets) int i; if(max_packets < 1) return MOSQ_ERR_INVAL; - pthread_mutex_lock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_lock(&mosq->msgs_out.mutex); max_packets = mosq->msgs_out.queue_len; - pthread_mutex_unlock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgs_out.mutex); - pthread_mutex_lock(&mosq->msgs_in.mutex); + COMPAT_pthread_mutex_lock(&mosq->msgs_in.mutex); max_packets += mosq->msgs_in.queue_len; - pthread_mutex_unlock(&mosq->msgs_in.mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgs_in.mutex); if(max_packets < 1) max_packets = 1; /* Queue len here tells us how many messages are awaiting processing and diff --git a/lib/messages_mosq.c b/lib/messages_mosq.c index 92c92ea1..b7739e3c 100644 --- a/lib/messages_mosq.c +++ b/lib/messages_mosq.c @@ -142,7 +142,7 @@ void message__reconnect_reset(struct mosquitto *mosq, bool update_quota_only) struct mosquitto_message_all *message, *tmp; assert(mosq); - pthread_mutex_lock(&mosq->msgs_in.mutex); + COMPAT_pthread_mutex_lock(&mosq->msgs_in.mutex); mosq->msgs_in.inflight_quota = mosq->msgs_in.inflight_maximum; mosq->msgs_in.queue_len = 0; DL_FOREACH_SAFE(mosq->msgs_in.inflight, message, tmp){ @@ -157,10 +157,10 @@ void message__reconnect_reset(struct mosquitto *mosq, bool update_quota_only) util__decrement_receive_quota(mosq); } } - pthread_mutex_unlock(&mosq->msgs_in.mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgs_in.mutex); - pthread_mutex_lock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_lock(&mosq->msgs_out.mutex); mosq->msgs_out.inflight_quota = mosq->msgs_out.inflight_maximum; mosq->msgs_out.queue_len = 0; DL_FOREACH_SAFE(mosq->msgs_out.inflight, message, tmp){ @@ -185,7 +185,7 @@ void message__reconnect_reset(struct mosquitto *mosq, bool update_quota_only) message->state = mosq_ms_invalid; } } - pthread_mutex_unlock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgs_out.mutex); } @@ -228,12 +228,12 @@ int message__remove(struct mosquitto *mosq, uint16_t mid, enum mosquitto_msg_dir assert(message); if(dir == mosq_md_out){ - pthread_mutex_lock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_lock(&mosq->msgs_out.mutex); DL_FOREACH_SAFE(mosq->msgs_out.inflight, cur, tmp){ if(found == false && cur->msg.mid == mid){ if(cur->msg.qos != qos){ - pthread_mutex_unlock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgs_out.mutex); return MOSQ_ERR_PROTOCOL; } DL_DELETE(mosq->msgs_out.inflight, cur); @@ -244,18 +244,18 @@ int message__remove(struct mosquitto *mosq, uint16_t mid, enum mosquitto_msg_dir break; } } - pthread_mutex_unlock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgs_out.mutex); if(found){ return MOSQ_ERR_SUCCESS; }else{ return MOSQ_ERR_NOT_FOUND; } }else{ - pthread_mutex_lock(&mosq->msgs_in.mutex); + COMPAT_pthread_mutex_lock(&mosq->msgs_in.mutex); DL_FOREACH_SAFE(mosq->msgs_in.inflight, cur, tmp){ if(cur->msg.mid == mid){ if(cur->msg.qos != qos){ - pthread_mutex_unlock(&mosq->msgs_in.mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgs_in.mutex); return MOSQ_ERR_PROTOCOL; } DL_DELETE(mosq->msgs_in.inflight, cur); @@ -266,7 +266,7 @@ int message__remove(struct mosquitto *mosq, uint16_t mid, enum mosquitto_msg_dir } } - pthread_mutex_unlock(&mosq->msgs_in.mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgs_in.mutex); if(found){ return MOSQ_ERR_SUCCESS; }else{ @@ -282,7 +282,7 @@ void message__retry_check(struct mosquitto *mosq) assert(mosq); #ifdef WITH_THREADING - pthread_mutex_lock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_lock(&mosq->msgs_out.mutex); #endif DL_FOREACH(mosq->msgs_out.inflight, msg){ @@ -309,7 +309,7 @@ void message__retry_check(struct mosquitto *mosq) } } #ifdef WITH_THREADING - pthread_mutex_unlock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgs_out.mutex); #endif } @@ -325,20 +325,20 @@ int message__out_update(struct mosquitto *mosq, uint16_t mid, enum mosquitto_msg struct mosquitto_message_all *message, *tmp; assert(mosq); - pthread_mutex_lock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_lock(&mosq->msgs_out.mutex); DL_FOREACH_SAFE(mosq->msgs_out.inflight, message, tmp){ if(message->msg.mid == mid){ if(message->msg.qos != qos){ - pthread_mutex_unlock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgs_out.mutex); return MOSQ_ERR_PROTOCOL; } message->state = state; message->timestamp = mosquitto_time(); - pthread_mutex_unlock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgs_out.mutex); return MOSQ_ERR_SUCCESS; } } - pthread_mutex_unlock(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_unlock(&mosq->msgs_out.mutex); return MOSQ_ERR_NOT_FOUND; } diff --git a/lib/mosquitto.c b/lib/mosquitto.c index 7043604b..82344aff 100644 --- a/lib/mosquitto.c +++ b/lib/mosquitto.c @@ -203,24 +203,27 @@ int mosquitto_reinitialise(struct mosquitto *mosq, const char *id, bool clean_st mosq->ssl = NULL; mosq->ssl_ctx = NULL; mosq->ssl_ctx_defaults = true; +#ifndef WITH_BROKER + mosq->user_ssl_ctx = NULL; +#endif mosq->tls_cert_reqs = SSL_VERIFY_PEER; mosq->tls_insecure = false; mosq->want_write = false; mosq->tls_ocsp_required = false; #endif #ifdef WITH_THREADING - pthread_mutex_init(&mosq->callback_mutex, NULL); - pthread_mutex_init(&mosq->log_callback_mutex, NULL); - pthread_mutex_init(&mosq->state_mutex, NULL); - pthread_mutex_init(&mosq->out_packet_mutex, NULL); - pthread_mutex_init(&mosq->current_out_packet_mutex, NULL); - pthread_mutex_init(&mosq->msgtime_mutex, NULL); - pthread_mutex_init(&mosq->msgs_in.mutex, NULL); - pthread_mutex_init(&mosq->msgs_out.mutex, NULL); - pthread_mutex_init(&mosq->mid_mutex, NULL); + COMPAT_pthread_mutex_init(&mosq->callback_mutex, NULL); + COMPAT_pthread_mutex_init(&mosq->log_callback_mutex, NULL); + COMPAT_pthread_mutex_init(&mosq->state_mutex, NULL); + COMPAT_pthread_mutex_init(&mosq->out_packet_mutex, NULL); + COMPAT_pthread_mutex_init(&mosq->current_out_packet_mutex, NULL); + COMPAT_pthread_mutex_init(&mosq->msgtime_mutex, NULL); + COMPAT_pthread_mutex_init(&mosq->msgs_in.mutex, NULL); + COMPAT_pthread_mutex_init(&mosq->msgs_out.mutex, NULL); + COMPAT_pthread_mutex_init(&mosq->mid_mutex, NULL); mosq->thread_id = pthread_self(); #endif - /* This must be after pthread_mutex_init(), otherwise the log mutex may be + /* This must be after COMPAT_pthread_mutex_init(), otherwise the log mutex may be * used before being initialised. */ if(net__socketpair(&mosq->sockpairR, &mosq->sockpairW)){ log__printf(mosq, MOSQ_LOG_WARNING, @@ -238,8 +241,8 @@ void mosquitto__destroy(struct mosquitto *mosq) #ifdef WITH_THREADING # ifdef HAVE_PTHREAD_CANCEL if(mosq->threaded == mosq_ts_self && !pthread_equal(mosq->thread_id, pthread_self())){ - pthread_cancel(mosq->thread_id); - pthread_join(mosq->thread_id, NULL); + COMPAT_pthread_cancel(mosq->thread_id); + COMPAT_pthread_join(mosq->thread_id, NULL); mosq->threaded = mosq_ts_none; } # endif @@ -248,15 +251,15 @@ void mosquitto__destroy(struct mosquitto *mosq) /* If mosq->id is not NULL then the client has already been initialised * and so the mutexes need destroying. If mosq->id is NULL, the mutexes * haven't been initialised. */ - pthread_mutex_destroy(&mosq->callback_mutex); - pthread_mutex_destroy(&mosq->log_callback_mutex); - pthread_mutex_destroy(&mosq->state_mutex); - pthread_mutex_destroy(&mosq->out_packet_mutex); - pthread_mutex_destroy(&mosq->current_out_packet_mutex); - pthread_mutex_destroy(&mosq->msgtime_mutex); - pthread_mutex_destroy(&mosq->msgs_in.mutex); - pthread_mutex_destroy(&mosq->msgs_out.mutex); - pthread_mutex_destroy(&mosq->mid_mutex); + COMPAT_pthread_mutex_destroy(&mosq->callback_mutex); + COMPAT_pthread_mutex_destroy(&mosq->log_callback_mutex); + COMPAT_pthread_mutex_destroy(&mosq->state_mutex); + COMPAT_pthread_mutex_destroy(&mosq->out_packet_mutex); + COMPAT_pthread_mutex_destroy(&mosq->current_out_packet_mutex); + COMPAT_pthread_mutex_destroy(&mosq->msgtime_mutex); + COMPAT_pthread_mutex_destroy(&mosq->msgs_in.mutex); + COMPAT_pthread_mutex_destroy(&mosq->msgs_out.mutex); + COMPAT_pthread_mutex_destroy(&mosq->mid_mutex); } #endif if(mosq->sock != INVALID_SOCKET){ @@ -268,9 +271,17 @@ void mosquitto__destroy(struct mosquitto *mosq) if(mosq->ssl){ SSL_free(mosq->ssl); } - if(mosq->ssl_ctx){ - SSL_CTX_free(mosq->ssl_ctx); - } +#ifndef WITH_BROKER + if(mosq->user_ssl_ctx){ + SSL_CTX_free(mosq->user_ssl_ctx); + }else if(mosq->ssl_ctx){ + SSL_CTX_free(mosq->ssl_ctx); + } +#else + if(mosq->ssl_ctx){ + SSL_CTX_free(mosq->ssl_ctx); + } +#endif mosquitto__free(mosq->tls_cafile); mosquitto__free(mosq->tls_capath); mosquitto__free(mosq->tls_certfile); @@ -281,6 +292,10 @@ void mosquitto__destroy(struct mosquitto *mosq) mosquitto__free(mosq->tls_psk); mosquitto__free(mosq->tls_psk_identity); mosquitto__free(mosq->tls_alpn); +#ifndef OPENSSL_NO_ENGINE + mosquitto__free(mosq->tls_engine); + mosq->tls_engine = NULL; +#endif #endif mosquitto__free(mosq->address); diff --git a/lib/mosquitto_internal.h b/lib/mosquitto_internal.h index 31120258..48c8c108 100644 --- a/lib/mosquitto_internal.h +++ b/lib/mosquitto_internal.h @@ -353,6 +353,10 @@ struct mosquitto { struct mosquitto *for_free_next; struct session_expiry_list *expiry_list_item; uint16_t remote_port; +# ifndef WITH_OLD_KEEPALIVE + struct mosquitto *keepalive_next; + struct mosquitto *keepalive_prev; +# endif #endif uint32_t events; }; diff --git a/lib/net_mosq.c b/lib/net_mosq.c index fb0c7ac8..18a9bcef 100644 --- a/lib/net_mosq.c +++ b/lib/net_mosq.c @@ -198,6 +198,15 @@ void net__init_tls(void) } #endif +bool net__is_connected(struct mosquitto *mosq) +{ +#if defined(WITH_BROKER) && defined(WITH_WEBSOCKETS) + return mosq->sock != INVALID_SOCKET || mosq->wsi != NULL; +#else + return mosq->sock != INVALID_SOCKET; +#endif +} + /* Close a socket associated with a context and set it to -1. * Returns 1 on failure (context is NULL) * Returns 0 on success. diff --git a/lib/net_mosq.h b/lib/net_mosq.h index ded98760..2e6155b3 100644 --- a/lib/net_mosq.h +++ b/lib/net_mosq.h @@ -75,6 +75,7 @@ int net__try_connect_step2(struct mosquitto *mosq, uint16_t port, mosq_sock_t *s int net__socket_connect_step3(struct mosquitto *mosq, const char *host); int net__socket_nonblock(mosq_sock_t *sock); int net__socketpair(mosq_sock_t *sp1, mosq_sock_t *sp2); +bool net__is_connected(struct mosquitto *mosq); ssize_t net__read(struct mosquitto *mosq, void *buf, size_t count); ssize_t net__write(struct mosquitto *mosq, const void *buf, size_t count); diff --git a/lib/packet_mosq.c b/lib/packet_mosq.c index b063eb71..4d2f4fe6 100644 --- a/lib/packet_mosq.c +++ b/lib/packet_mosq.c @@ -296,20 +296,24 @@ int packet__write(struct mosquitto *mosq) if(((packet->command)&0xF6) == CMD_PUBLISH){ G_PUB_MSGS_SENT_INC(1); #ifndef WITH_BROKER + void (*on_publish)(struct mosquitto *, void *userdata, int mid); + void (*on_publish_v5)(struct mosquitto *, void *userdata, int mid, int reason_code, const mosquitto_property *props); COMPAT_pthread_mutex_lock(&mosq->callback_mutex); - if(mosq->on_publish){ - /* This is a QoS=0 message */ - mosq->in_callback = true; - mosq->on_publish(mosq, mosq->userdata, packet->mid); - mosq->in_callback = false; - } - if(mosq->on_publish_v5){ - /* This is a QoS=0 message */ - mosq->in_callback = true; - mosq->on_publish_v5(mosq, mosq->userdata, packet->mid, 0, NULL); - mosq->in_callback = false; - } + on_publish = mosq->on_publish; + on_publish_v5 = mosq->on_publish_v5; COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); + if(on_publish){ + /* This is a QoS=0 message */ + mosq->in_callback = true; + on_publish(mosq, mosq->userdata, packet->mid); + mosq->in_callback = false; + } + if(on_publish_v5){ + /* This is a QoS=0 message */ + mosq->in_callback = true; + on_publish_v5(mosq, mosq->userdata, packet->mid, 0, NULL); + mosq->in_callback = false; + } }else if(((packet->command)&0xF0) == CMD_DISCONNECT){ do_client_disconnect(mosq, MOSQ_ERR_SUCCESS, NULL); packet__cleanup(packet); @@ -395,6 +399,11 @@ int packet__read(struct mosquitto *mosq) /* Clients must send CONNECT as their first command. */ if(!(mosq->bridge) && state == mosq_cs_new && (byte&0xF0) != CMD_CONNECT){ return MOSQ_ERR_PROTOCOL; + }else if((byte&0xF0) == CMD_RESERVED){ + if(mosq->protocol == mosq_p_mqtt5){ + send__disconnect(mosq, MQTT_RC_PROTOCOL_ERROR, NULL); + } + return MOSQ_ERR_PROTOCOL; } #endif }else{ diff --git a/lib/property_mosq.c b/lib/property_mosq.c index 4d76c487..ea8dd980 100644 --- a/lib/property_mosq.c +++ b/lib/property_mosq.c @@ -241,7 +241,7 @@ void property__free(mosquitto_property **property) break; } - free(*property); + mosquitto__free(*property); *property = NULL; } @@ -1120,7 +1120,7 @@ const mosquitto_property *mosquitto_property_read_binary(const mosquitto_propert if(value){ *len = p->value.bin.len; - *value = calloc(1, *len + 1U); + *value = mosquitto__calloc(1, *len + 1U); if(!(*value)) return NULL; memcpy(*value, p->value.bin.v, *len); @@ -1149,7 +1149,7 @@ const mosquitto_property *mosquitto_property_read_string(const mosquitto_propert } if(value){ - *value = calloc(1, (size_t)p->value.s.len+1); + *value = mosquitto__calloc(1, (size_t)p->value.s.len+1); if(!(*value)) return NULL; memcpy(*value, p->value.s.v, p->value.s.len); @@ -1172,16 +1172,16 @@ const mosquitto_property *mosquitto_property_read_string_pair(const mosquitto_pr if(p->identifier != MQTT_PROP_USER_PROPERTY) return NULL; if(name){ - *name = calloc(1, (size_t)p->name.len+1); + *name = mosquitto__calloc(1, (size_t)p->name.len+1); if(!(*name)) return NULL; memcpy(*name, p->name.v, p->name.len); } if(value){ - *value = calloc(1, (size_t)p->value.s.len+1); + *value = mosquitto__calloc(1, (size_t)p->value.s.len+1); if(!(*value)){ if(name){ - free(*name); + mosquitto__free(*name); *name = NULL; } return NULL; @@ -1203,7 +1203,7 @@ int mosquitto_property_copy_all(mosquitto_property **dest, const mosquitto_prope *dest = NULL; while(src){ - pnew = calloc(1, sizeof(mosquitto_property)); + pnew = mosquitto__calloc(1, sizeof(mosquitto_property)); if(!pnew){ mosquitto_property_free_all(dest); return MOSQ_ERR_NOMEM; @@ -1255,7 +1255,7 @@ int mosquitto_property_copy_all(mosquitto_property **dest, const mosquitto_prope case MQTT_PROP_SERVER_REFERENCE: case MQTT_PROP_REASON_STRING: pnew->value.s.len = src->value.s.len; - pnew->value.s.v = src->value.s.v ? strdup(src->value.s.v) : (char*)calloc(1,1); + pnew->value.s.v = src->value.s.v ? mosquitto__strdup(src->value.s.v) : (char*)mosquitto__calloc(1,1); if(!pnew->value.s.v){ mosquitto_property_free_all(dest); return MOSQ_ERR_NOMEM; @@ -1265,7 +1265,7 @@ int mosquitto_property_copy_all(mosquitto_property **dest, const mosquitto_prope case MQTT_PROP_AUTHENTICATION_DATA: case MQTT_PROP_CORRELATION_DATA: pnew->value.bin.len = src->value.bin.len; - pnew->value.bin.v = malloc(pnew->value.bin.len); + pnew->value.bin.v = mosquitto__malloc(pnew->value.bin.len); if(!pnew->value.bin.v){ mosquitto_property_free_all(dest); return MOSQ_ERR_NOMEM; @@ -1275,14 +1275,14 @@ int mosquitto_property_copy_all(mosquitto_property **dest, const mosquitto_prope case MQTT_PROP_USER_PROPERTY: pnew->value.s.len = src->value.s.len; - pnew->value.s.v = src->value.s.v ? strdup(src->value.s.v) : (char*)calloc(1,1); + pnew->value.s.v = src->value.s.v ? mosquitto__strdup(src->value.s.v) : (char*)mosquitto__calloc(1,1); if(!pnew->value.s.v){ mosquitto_property_free_all(dest); return MOSQ_ERR_NOMEM; } pnew->name.len = src->name.len; - pnew->name.v = src->name.v ? strdup(src->name.v) : (char*)calloc(1,1); + pnew->name.v = src->name.v ? mosquitto__strdup(src->name.v) : (char*)mosquitto__calloc(1,1); if(!pnew->name.v){ mosquitto_property_free_all(dest); return MOSQ_ERR_NOMEM; diff --git a/lib/pthread_compat.h b/lib/pthread_compat.h index ca1f27dc..10077914 100644 --- a/lib/pthread_compat.h +++ b/lib/pthread_compat.h @@ -10,7 +10,7 @@ # define COMPAT_pthread_testcancel() pthread_testcancel() # define COMPAT_pthread_mutex_init(A, B) pthread_mutex_init((A), (B)) -# define COMPAT_pthread_mutex_destroy(A) pthread_mutex_init((A)) +# define COMPAT_pthread_mutex_destroy(A) pthread_mutex_destroy((A)) # define COMPAT_pthread_mutex_lock(A) pthread_mutex_lock((A)) # define COMPAT_pthread_mutex_unlock(A) pthread_mutex_unlock((A)) #else diff --git a/lib/srv_mosq.c b/lib/srv_mosq.c index 55d58ff5..963cbd15 100644 --- a/lib/srv_mosq.c +++ b/lib/srv_mosq.c @@ -49,18 +49,22 @@ static void srv_callback(void *arg, int status, int timeouts, unsigned char *abu }else{ log__printf(mosq, MOSQ_LOG_ERR, "Error: SRV lookup failed (%d).", status); /* FIXME - calling on_disconnect here isn't correct. */ - pthread_mutex_lock(&mosq->callback_mutex); - if(mosq->on_disconnect){ + void (*on_disconnect)(struct mosquitto *, void *userdata, int rc); + void (*on_disconnect_v5)(struct mosquitto *, void *userdata, int rc, const mosquitto_property *props); + COMPAT_pthread_mutex_lock(&mosq->callback_mutex); + on_disconnect = mosq->on_disconnect; + on_disconnect_v5 = mosq->on_disconnect_v5; + COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); + if(on_disconnect){ mosq->in_callback = true; - mosq->on_disconnect(mosq, mosq->userdata, MOSQ_ERR_LOOKUP); + on_disconnect(mosq, mosq->userdata, MOSQ_ERR_LOOKUP); mosq->in_callback = false; } - if(mosq->on_disconnect_v5){ + if(on_disconnect_v5){ mosq->in_callback = true; - mosq->on_disconnect_v5(mosq, mosq->userdata, MOSQ_ERR_LOOKUP, NULL); + on_disconnect_v5(mosq, mosq->userdata, MOSQ_ERR_LOOKUP, NULL); mosq->in_callback = false; } - pthread_mutex_unlock(&mosq->callback_mutex); } } #endif diff --git a/lib/thread_mosq.c b/lib/thread_mosq.c index a792bc12..cd3a614a 100644 --- a/lib/thread_mosq.c +++ b/lib/thread_mosq.c @@ -42,7 +42,7 @@ int mosquitto_loop_start(struct mosquitto *mosq) if(!mosq || mosq->threaded != mosq_ts_none) return MOSQ_ERR_INVAL; mosq->threaded = mosq_ts_self; - if(!pthread_create(&mosq->thread_id, NULL, mosquitto__thread_main, mosq)){ + if(!COMPAT_pthread_create(&mosq->thread_id, NULL, mosquitto__thread_main, mosq)){ #if defined(__linux__) pthread_setname_np(mosq->thread_id, "mosquitto loop"); #elif defined(__NetBSD__) @@ -83,10 +83,10 @@ int mosquitto_loop_stop(struct mosquitto *mosq, bool force) #ifdef HAVE_PTHREAD_CANCEL if(force){ - pthread_cancel(mosq->thread_id); + COMPAT_pthread_cancel(mosq->thread_id); } #endif - pthread_join(mosq->thread_id, NULL); + COMPAT_pthread_join(mosq->thread_id, NULL); mosq->thread_id = pthread_self(); mosq->threaded = mosq_ts_none; diff --git a/lib/util_mosq.c b/lib/util_mosq.c index 4bebcbd0..134e78fd 100644 --- a/lib/util_mosq.c +++ b/lib/util_mosq.c @@ -118,18 +118,22 @@ int mosquitto__check_keepalive(struct mosquitto *mosq) }else{ rc = MOSQ_ERR_KEEPALIVE; } + void (*on_disconnect)(struct mosquitto *, void *userdata, int rc); + void (*on_disconnect_v5)(struct mosquitto *, void *userdata, int rc, const mosquitto_property *props); COMPAT_pthread_mutex_lock(&mosq->callback_mutex); - if(mosq->on_disconnect){ - mosq->in_callback = true; - mosq->on_disconnect(mosq, mosq->userdata, rc); - mosq->in_callback = false; - } - if(mosq->on_disconnect_v5){ - mosq->in_callback = true; - mosq->on_disconnect_v5(mosq, mosq->userdata, rc, NULL); - mosq->in_callback = false; - } + on_disconnect = mosq->on_disconnect; + on_disconnect_v5 = mosq->on_disconnect_v5; COMPAT_pthread_mutex_unlock(&mosq->callback_mutex); + if(on_disconnect){ + mosq->in_callback = true; + on_disconnect(mosq, mosq->userdata, rc); + mosq->in_callback = false; + } + if(on_disconnect_v5){ + mosq->in_callback = true; + on_disconnect_v5(mosq, mosq->userdata, rc, NULL); + mosq->in_callback = false; + } return rc; #endif diff --git a/lib/util_topic.c b/lib/util_topic.c index 658b2f9e..2b0a456f 100644 --- a/lib/util_topic.c +++ b/lib/util_topic.c @@ -70,7 +70,7 @@ int mosquitto_pub_topic_check(const char *str) len++; str = &str[1]; } - if(len > 65535) return MOSQ_ERR_INVAL; + if(len == 0 || len > 65535) return MOSQ_ERR_INVAL; #ifdef WITH_BROKER if(hier_count > TOPIC_HIERARCHY_LIMIT) return MOSQ_ERR_INVAL; #endif @@ -85,7 +85,7 @@ int mosquitto_pub_topic_check2(const char *str, size_t len) int hier_count = 0; #endif - if(str == NULL || len > 65535){ + if(str == NULL || len == 0 || len > 65535){ return MOSQ_ERR_INVAL; } @@ -144,7 +144,7 @@ int mosquitto_sub_topic_check(const char *str) c = str[0]; str = &str[1]; } - if(len > 65535) return MOSQ_ERR_INVAL; + if(len == 0 || len > 65535) return MOSQ_ERR_INVAL; #ifdef WITH_BROKER if(hier_count > TOPIC_HIERARCHY_LIMIT) return MOSQ_ERR_INVAL; #endif @@ -160,7 +160,7 @@ int mosquitto_sub_topic_check2(const char *str, size_t len) int hier_count = 0; #endif - if(str == NULL || len > 65535){ + if(str == NULL || len == 0 || len > 65535){ return MOSQ_ERR_INVAL; } diff --git a/man/mosquitto.conf.5.xml b/man/mosquitto.conf.5.xml index 90509fd4..16198949 100644 --- a/man/mosquitto.conf.5.xml +++ b/man/mosquitto.conf.5.xml @@ -987,6 +987,34 @@ log_timestamp_format %Y-%m-%dT%H:%M:%S Reloaded on reload signal. + + minutes + + + The default behaviour of mosquitto is to remove retained + messages that have reached their message-expiry-interval + property the next time that that message is accessed - + either by being replaced by a new message, or on the + next subscription that matches the message. If you have + a pattern of publishing many retained messages with a + message-expiry-interval, but that are not subscribed to, + then the expired retained messages will remain in + memory. This option configures the broker to + periodically check the retained tree for expired + messages. + + + + Defaults to off. Setting to a value greater than zero + means the broker will make a check at an interval of + that number of minutes. + + + This option applies globally. + + Reloaded on reload signal. + + [ true | false ] @@ -1326,6 +1354,7 @@ log_timestamp_format %Y-%m-%dT%H:%M:%S "openssl rehash <path to capath>" each time you add/remove a certificate. + is not supported for websockets. diff --git a/man/mosquitto_ctrl.1.xml b/man/mosquitto_ctrl.1.xml index a96d8143..4a7c6024 100644 --- a/man/mosquitto_ctrl.1.xml +++ b/man/mosquitto_ctrl.1.xml @@ -65,6 +65,7 @@ hex-key identity ciphers + version @@ -441,6 +442,20 @@ See also . + + + + + If used, this will load and trust the OS provided CA + certificates. This can be used in conjunction with + and + and can be used on its own to enable TLS mode. This + will be set by default if + is used, or if port is 8883 and no other certificate + options are used. + + + diff --git a/man/mosquitto_pub.1.xml b/man/mosquitto_pub.1.xml index 171fc515..24e48adf 100644 --- a/man/mosquitto_pub.1.xml +++ b/man/mosquitto_pub.1.xml @@ -191,7 +191,7 @@ Define the path to a file containing a PEM encoded certificate for this client, if required by the server. - See also . + See also and the Encrypted Connections section. @@ -322,7 +322,7 @@ Define the path to a file containing a PEM encoded private key for this client, if required by the server. - See also . + See also and the Encrypted Connections section. diff --git a/man/mosquitto_rr.1.xml b/man/mosquitto_rr.1.xml index 2563a73c..0b5a1c79 100644 --- a/man/mosquitto_rr.1.xml +++ b/man/mosquitto_rr.1.xml @@ -202,7 +202,7 @@ Define the path to a file containing a PEM encoded certificate for this client, if required by the server. - See also . + See also and the Encrypted Connections section. @@ -351,7 +351,7 @@ Define the path to a file containing a PEM encoded private key for this client, if required by the server. - See also . + See also and the Encrypted Connections section. diff --git a/man/mosquitto_sub.1.xml b/man/mosquitto_sub.1.xml index ee9274e4..ff55ac3a 100644 --- a/man/mosquitto_sub.1.xml +++ b/man/mosquitto_sub.1.xml @@ -204,7 +204,7 @@ Define the path to a file containing a PEM encoded certificate for this client, if required by the server. - See also . + See also and the Encrypted Connections section. @@ -365,7 +365,7 @@ Define the path to a file containing a PEM encoded private key for this client, if required by the server. - See also . + See also and the Encrypted Connections section. diff --git a/mosquitto.conf b/mosquitto.conf index 10b0406e..afaad5a2 100644 --- a/mosquitto.conf +++ b/mosquitto.conf @@ -359,6 +359,7 @@ # containing the CA certificates. For capath to work correctly, the # certificate files must have ".crt" as the file ending and you must run # "openssl rehash " each time you add/remove a certificate. +# capath is not supported for websockets. #cafile #capath diff --git a/set-version.sh b/set-version.sh index eee353c9..467b4c4a 100755 --- a/set-version.sh +++ b/set-version.sh @@ -2,7 +2,7 @@ MAJOR=2 MINOR=0 -REVISION=20 +REVISION=21 sed -i "s/^VERSION=.*/VERSION=${MAJOR}.${MINOR}.${REVISION}/" config.mk diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index ca0bca31..b6a2cae2 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -1,5 +1,5 @@ name: mosquitto -version: 2.0.20 +version: 2.0.21 summary: Eclipse Mosquitto MQTT broker description: This is a message broker that supports version 5.0, 3.1.1, and 3.1 of the MQTT protocol. MQTT provides a method of carrying out messaging using a publish/subscribe diff --git a/src/Makefile b/src/Makefile index d85d1fb0..dbe98190 100644 --- a/src/Makefile +++ b/src/Makefile @@ -313,10 +313,10 @@ xtreport.o : xtreport.c ${CROSS_COMPILE}${CC} $(BROKER_CPPFLAGS) $(BROKER_CFLAGS) -c $< -o $@ plugin_defer.so : plugin_defer.c ../include/mosquitto_plugin.h ../include/mosquitto_broker.h mosquitto_broker_internal.h - ${CROSS_COMPILE}${CC} -I. -I../lib -fPIC -shared $< -o $@ + ${CROSS_COMPILE}${CC} -I. -I../lib -I../include -fPIC -shared $< -o $@ -plugin_debug.so : plugin_debug.c ../include/mosquitto_plugin.../include/h mosquitto_broker.h mosquitto_broker_internal.h - ${CROSS_COMPILE}${CC} -I. -I../lib -fPIC -shared $< -o $@ +plugin_debug.so : plugin_debug.c ../include/mosquitto_plugin.h ../include/mosquitto_broker.h mosquitto_broker_internal.h + ${CROSS_COMPILE}${CC} -I. -I../lib -I../include -fPIC -shared $< -o $@ install : all $(INSTALL) -d "${DESTDIR}$(prefix)/sbin" diff --git a/src/bridge_topic.c b/src/bridge_topic.c index 2fee8c86..7012388a 100644 --- a/src/bridge_topic.c +++ b/src/bridge_topic.c @@ -59,9 +59,11 @@ static int bridge__create_prefix(char **full_prefix, const char *topic, const ch { size_t len; - if(mosquitto_pub_topic_check(prefix) != MOSQ_ERR_SUCCESS){ - log__printf(NULL, MOSQ_LOG_ERR, "Error: Invalid bridge topic local prefix '%s'.", prefix); - return MOSQ_ERR_INVAL; + if(!prefix || strlen(prefix) != 0){ + if(mosquitto_pub_topic_check(prefix) != MOSQ_ERR_SUCCESS){ + log__printf(NULL, MOSQ_LOG_ERR, "Error: Invalid bridge topic local prefix '%s'.", prefix); + return MOSQ_ERR_INVAL; + } } if(topic){ diff --git a/src/conf.c b/src/conf.c index 80c0cd82..74ca66fc 100644 --- a/src/conf.c +++ b/src/conf.c @@ -201,6 +201,7 @@ static void config__init_reload(struct mosquitto__config *config) config->persistent_client_expiration = 0; config->queue_qos0_messages = false; config->retain_available = true; + config->retain_expiry_interval = 0; config->set_tcp_nodelay = false; config->sys_interval = 10; config->upgrade_outgoing_qos = false; @@ -636,9 +637,7 @@ int config__read(struct mosquitto__config *config, bool reload) } /* If auth/access options are set and allow_anonymous not explicitly set, disallow anon. */ - if(config->local_only == true){ - config->security_options.allow_anonymous = true; - }else{ + if(config->local_only == false){ if(config->per_listener_settings){ for(i=0; ilistener_count; i++){ /* Default option if no security options set */ @@ -1919,6 +1918,9 @@ static int config__read_file_core(struct mosquitto__config *config, bool reload, #endif }else if(!strcmp(token, "retain_available")){ if(conf__parse_bool(&token, token, &config->retain_available, saveptr)) return MOSQ_ERR_INVAL; + }else if(!strcmp(token, "retain_expiry_interval")){ + if(conf__parse_int(&token, token, &config->retain_expiry_interval, saveptr)) return MOSQ_ERR_INVAL; + config->retain_expiry_interval *= 60; }else if(!strcmp(token, "retry_interval")){ log__printf(NULL, MOSQ_LOG_WARNING, "Warning: The retry_interval option is no longer available."); }else if(!strcmp(token, "round_robin")){ @@ -2241,17 +2243,14 @@ static int config__check(struct mosquitto__config *config) { /* Checks that are easy to make after the config has been loaded. */ - int i; - #ifdef WITH_BRIDGE - int j; struct mosquitto__bridge *bridge1, *bridge2; char hostname[256]; size_t len; /* Check for bridge duplicate local_clientid, need to generate missing IDs * first. */ - for(i=0; ibridge_count; i++){ + for(int i=0; ibridge_count; i++){ bridge1 = &config->bridges[i]; if(!bridge1->remote_clientid){ @@ -2278,9 +2277,9 @@ static int config__check(struct mosquitto__config *config) } } - for(i=0; ibridge_count; i++){ + for(int i=0; ibridge_count; i++){ bridge1 = &config->bridges[i]; - for(j=i+1; jbridge_count; j++){ + for(int j=i+1; jbridge_count; j++){ bridge2 = &config->bridges[j]; if(!strcmp(bridge1->local_clientid, bridge2->local_clientid)){ log__printf(NULL, MOSQ_LOG_ERR, "Error: Bridge local_clientid " @@ -2295,7 +2294,7 @@ static int config__check(struct mosquitto__config *config) /* Default to auto_id_prefix = 'auto-' if none set. */ if(config->per_listener_settings){ - for(i=0; ilistener_count; i++){ + for(int i=0; ilistener_count; i++){ if(!config->listeners[i].security_options.auto_id_prefix){ config->listeners[i].security_options.auto_id_prefix = mosquitto__strdup("auto-"); if(!config->listeners[i].security_options.auto_id_prefix){ @@ -2314,6 +2313,26 @@ static int config__check(struct mosquitto__config *config) } } + /* Check for missing TLS cafile/capath/certfile/keyfile */ + for(int i=0; ilistener_count; i++){ + bool cafile = !!config->listeners[i].cafile; + bool capath = !!config->listeners[i].capath; + bool certfile = !!config->listeners[i].certfile; + bool keyfile = !!config->listeners[i].keyfile; + + if((certfile && !keyfile) || (!certfile && keyfile)){ + log__printf(NULL, MOSQ_LOG_ERR, "Error: Both certfile and keyfile must be provided to enable a TLS listener."); + return MOSQ_ERR_INVAL; + } + if(cafile && !certfile){ + log__printf(NULL, MOSQ_LOG_ERR, "Error: cafile specified without certfile and keyfile."); + return MOSQ_ERR_INVAL; + } + if(capath && !certfile){ + log__printf(NULL, MOSQ_LOG_ERR, "Error: capath specified without certfile and keyfile."); + return MOSQ_ERR_INVAL; + } + } return MOSQ_ERR_SUCCESS; } diff --git a/src/context.c b/src/context.c index d838fc76..b2ea7408 100644 --- a/src/context.c +++ b/src/context.c @@ -139,6 +139,7 @@ void context__cleanup(struct mosquitto *context, bool force_free) #endif alias__free_all(context); + keepalive__remove(context); context__cleanup_out_packets(context); mosquitto__free(context->auth_method); diff --git a/src/handle_connect.c b/src/handle_connect.c index cb22e358..a441ba88 100644 --- a/src/handle_connect.c +++ b/src/handle_connect.c @@ -269,7 +269,9 @@ int connect__on_authorised(struct mosquitto *context, void *auth_data_out, uint1 if(db.config->max_keepalive && (context->keepalive > db.config->max_keepalive || context->keepalive == 0)){ + keepalive__remove(context); context->keepalive = db.config->max_keepalive; + keepalive__add(context); if(context->protocol == mosq_p_mqtt5){ if(mosquitto_property_add_int16(&connack_props, MQTT_PROP_SERVER_KEEP_ALIVE, context->keepalive)){ rc = MOSQ_ERR_NOMEM; @@ -312,8 +314,6 @@ int connect__on_authorised(struct mosquitto *context, void *auth_data_out, uint1 free(auth_data_out); auth_data_out = NULL; - keepalive__add(context); - mosquitto__set_state(context, mosq_cs_active); rc = send__connack(context, connect_ack, CONNACK_ACCEPTED, connack_props); mosquitto_property_free_all(&connack_props); @@ -577,10 +577,15 @@ int handle__connect(struct mosquitto *context) goto handle_connect_error; } + /* _remove here because net__socket_accept() uses _add and we must have the + * correct keepalive value */ + keepalive__remove(context); + if(packet__read_uint16(&context->in_packet, &(context->keepalive))){ rc = MOSQ_ERR_PROTOCOL; goto handle_connect_error; } + keepalive__add(context); if(protocol_version == PROTOCOL_VERSION_v5){ rc = property__read_all(CMD_CONNECT, &context->in_packet, &properties); diff --git a/src/handle_subscribe.c b/src/handle_subscribe.c index 57e653a3..ee17daab 100644 --- a/src/handle_subscribe.c +++ b/src/handle_subscribe.c @@ -100,136 +100,137 @@ int handle__subscribe(struct mosquitto *context) return MOSQ_ERR_MALFORMED_PACKET; } - if(sub){ - if(!slen){ - log__printf(NULL, MOSQ_LOG_INFO, - "Empty subscription string from %s, disconnecting.", - context->address); - mosquitto__free(sub); - mosquitto__free(payload); - return MOSQ_ERR_MALFORMED_PACKET; - } - if(mosquitto_sub_topic_check(sub)){ - log__printf(NULL, MOSQ_LOG_INFO, - "Invalid subscription string from %s, disconnecting.", - context->address); - mosquitto__free(sub); - mosquitto__free(payload); - return MOSQ_ERR_MALFORMED_PACKET; - } - - if(packet__read_byte(&context->in_packet, &subscription_options)){ - mosquitto__free(sub); - mosquitto__free(payload); - return MOSQ_ERR_MALFORMED_PACKET; - } - if(context->protocol == mosq_p_mqtt31 || context->protocol == mosq_p_mqtt311){ - qos = subscription_options; - if(context->is_bridge){ - subscription_options = MQTT_SUB_OPT_RETAIN_AS_PUBLISHED | MQTT_SUB_OPT_NO_LOCAL; - } - }else{ - qos = subscription_options & 0x03; - subscription_options &= 0xFC; - - if((subscription_options & MQTT_SUB_OPT_NO_LOCAL) && !strncmp(sub, "$share/", 7)){ - mosquitto__free(sub); - mosquitto__free(payload); - return MOSQ_ERR_PROTOCOL; - } - retain_handling = (subscription_options & 0x30); - if(retain_handling == 0x30 || (subscription_options & 0xC0) != 0){ - mosquitto__free(sub); - mosquitto__free(payload); - return MOSQ_ERR_MALFORMED_PACKET; - } - } - if(qos > 2){ - log__printf(NULL, MOSQ_LOG_INFO, - "Invalid QoS in subscription command from %s, disconnecting.", - context->address); - mosquitto__free(sub); - mosquitto__free(payload); - return MOSQ_ERR_MALFORMED_PACKET; - } - if(qos > context->max_qos){ - qos = context->max_qos; - } - - - if(context->listener && context->listener->mount_point){ - len = strlen(context->listener->mount_point) + slen + 1; - sub_mount = mosquitto__malloc(len+1); - if(!sub_mount){ - mosquitto__free(sub); - mosquitto__free(payload); - return MOSQ_ERR_NOMEM; - } - snprintf(sub_mount, len, "%s%s", context->listener->mount_point, sub); - sub_mount[len] = '\0'; - - mosquitto__free(sub); - sub = sub_mount; - - } - log__printf(NULL, MOSQ_LOG_DEBUG, "\t%s (QoS %d)", sub, qos); - - allowed = true; - rc2 = mosquitto_acl_check(context, sub, 0, NULL, qos, false, MOSQ_ACL_SUBSCRIBE); - switch(rc2){ - case MOSQ_ERR_SUCCESS: - break; - case MOSQ_ERR_ACL_DENIED: - allowed = false; - if(context->protocol == mosq_p_mqtt5){ - qos = MQTT_RC_NOT_AUTHORIZED; - }else if(context->protocol == mosq_p_mqtt311){ - qos = 0x80; - } - break; - default: - mosquitto__free(sub); - return rc2; - } - - if(allowed){ - rc2 = sub__add(context, sub, qos, subscription_identifier, subscription_options); - if(rc2 > 0){ - mosquitto__free(sub); - return rc2; - } - if(context->protocol == mosq_p_mqtt311 || context->protocol == mosq_p_mqtt31){ - if(rc2 == MOSQ_ERR_SUCCESS || rc2 == MOSQ_ERR_SUB_EXISTS){ - if(retain__queue(context, sub, qos, 0)) rc = 1; - } - }else{ - if((retain_handling == MQTT_SUB_OPT_SEND_RETAIN_ALWAYS) - || (rc2 == MOSQ_ERR_SUCCESS && retain_handling == MQTT_SUB_OPT_SEND_RETAIN_NEW)){ - - if(retain__queue(context, sub, qos, subscription_identifier)) rc = 1; - } - } - - log__printf(NULL, MOSQ_LOG_SUBSCRIBE, "%s %d %s", context->id, qos, sub); - } + if(!slen){ + log__printf(NULL, MOSQ_LOG_INFO, + "Empty subscription string from %s, disconnecting.", + context->address); mosquitto__free(sub); + mosquitto__free(payload); + return MOSQ_ERR_MALFORMED_PACKET; + } + if(mosquitto_sub_topic_check(sub)){ + log__printf(NULL, MOSQ_LOG_INFO, + "Invalid subscription string from %s, disconnecting.", + context->address); + mosquitto__free(sub); + mosquitto__free(payload); + return MOSQ_ERR_MALFORMED_PACKET; + } - tmp_payload = mosquitto__realloc(payload, payloadlen + 1); - if(tmp_payload){ - payload = tmp_payload; - payload[payloadlen] = qos; - payloadlen++; - }else{ + if(packet__read_byte(&context->in_packet, &subscription_options)){ + mosquitto__free(sub); + mosquitto__free(payload); + return MOSQ_ERR_MALFORMED_PACKET; + } + if(context->protocol == mosq_p_mqtt31 || context->protocol == mosq_p_mqtt311){ + qos = subscription_options; + if(context->is_bridge){ + subscription_options = MQTT_SUB_OPT_RETAIN_AS_PUBLISHED | MQTT_SUB_OPT_NO_LOCAL; + } + }else{ + qos = subscription_options & 0x03; + subscription_options &= 0xFC; + + if((subscription_options & MQTT_SUB_OPT_NO_LOCAL) && !strncmp(sub, "$share/", 7)){ + mosquitto__free(sub); mosquitto__free(payload); + return MOSQ_ERR_PROTOCOL; + } + retain_handling = (subscription_options & 0x30); + if(retain_handling == 0x30 || (subscription_options & 0xC0) != 0){ + mosquitto__free(sub); + mosquitto__free(payload); + return MOSQ_ERR_MALFORMED_PACKET; + } + } + if(qos > 2){ + log__printf(NULL, MOSQ_LOG_INFO, + "Invalid QoS in subscription command from %s, disconnecting.", + context->address); + mosquitto__free(sub); + mosquitto__free(payload); + return MOSQ_ERR_MALFORMED_PACKET; + } + if(qos > context->max_qos){ + qos = context->max_qos; + } + + if(context->listener && context->listener->mount_point){ + len = strlen(context->listener->mount_point) + slen + 1; + sub_mount = mosquitto__malloc(len+1); + if(!sub_mount){ + mosquitto__free(sub); + mosquitto__free(payload); return MOSQ_ERR_NOMEM; } + snprintf(sub_mount, len, "%s%s", context->listener->mount_point, sub); + sub_mount[len] = '\0'; + + mosquitto__free(sub); + sub = sub_mount; + + } + log__printf(NULL, MOSQ_LOG_DEBUG, "\t%s (QoS %d)", sub, qos); + + allowed = true; + rc2 = mosquitto_acl_check(context, sub, 0, NULL, qos, false, MOSQ_ACL_SUBSCRIBE); + switch(rc2){ + case MOSQ_ERR_SUCCESS: + break; + case MOSQ_ERR_ACL_DENIED: + allowed = false; + if(context->protocol == mosq_p_mqtt5){ + qos = MQTT_RC_NOT_AUTHORIZED; + }else if(context->protocol == mosq_p_mqtt311){ + qos = 0x80; + } + break; + default: + mosquitto__free(sub); + mosquitto__free(payload); + return rc2; + } + + if(allowed){ + rc2 = sub__add(context, sub, qos, subscription_identifier, subscription_options); + if(rc2 > 0){ + mosquitto__free(sub); + mosquitto__free(payload); + return rc2; + } + if(context->protocol == mosq_p_mqtt311 || context->protocol == mosq_p_mqtt31){ + if(rc2 == MOSQ_ERR_SUCCESS || rc2 == MOSQ_ERR_SUB_EXISTS){ + if(retain__queue(context, sub, qos, 0)) rc = 1; + } + }else{ + if((retain_handling == MQTT_SUB_OPT_SEND_RETAIN_ALWAYS) + || (rc2 == MOSQ_ERR_SUCCESS && retain_handling == MQTT_SUB_OPT_SEND_RETAIN_NEW)){ + + if(retain__queue(context, sub, qos, subscription_identifier)) rc = 1; + } + } + + log__printf(NULL, MOSQ_LOG_SUBSCRIBE, "%s %d %s", context->id, qos, sub); + } + mosquitto__free(sub); + + tmp_payload = mosquitto__realloc(payload, payloadlen + 1); + if(tmp_payload){ + payload = tmp_payload; + payload[payloadlen] = qos; + payloadlen++; + }else{ + mosquitto__free(payload); + + return MOSQ_ERR_NOMEM; } } if(context->protocol != mosq_p_mqtt31){ if(payloadlen == 0){ /* No subscriptions specified, protocol error. */ + fprintf(stderr, "no payload\n"); return MOSQ_ERR_MALFORMED_PACKET; } } diff --git a/src/keepalive.c b/src/keepalive.c index f9321854..03eace93 100644 --- a/src/keepalive.c +++ b/src/keepalive.c @@ -1,5 +1,5 @@ /* -Copyright (c) 2009-2020 Roger Light +Copyright (c) 2009-2021 Roger Light All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse Public License 2.0 @@ -19,30 +19,147 @@ Contributors: #include "config.h" #include #include "mosquitto_broker_internal.h" +#include +/* This contains code for checking whether clients have exceeded their keepalive timeouts. + * There are two versions. + * + * The old version can be used by compiling with `make WITH_OLD_KEEPALIVE=yes`. + * It will scan the entire list of connected clients every 5 seconds to see if + * they have expired. Hence it scales with O(n) and with e.g. 60000 clients can + * have a measurable effect on CPU usage in the low single digit percent range. + * + * The new version scales with O(1). It uses a ring buffer that contains + * max_keepalive*1.5+1 entries. The current time in integer seconds, modulus + * the number of entries, points to the head of the ring buffer. Any clients + * will appear after this point at the position indexed by the time at which + * they will expire if they do not send another message, assuming they do not + * have keepalive==0 - in which case they are not part of this check. So a + * client that connects with keepalive=60 will be added at `now + 60*1.5`. + * + * A client is added to an entry with a doubly linked list. When the client + * sends a new message, it is removed from the old position and added to the + * new. + * + * As time moves on, if the linked list at the current entry is not empty, all + * of the clients are expired. + * + * The ring buffer size is determined by max_keepalive. At the default, it is + * 65535*1.5+1=98303 entries long. On a 64-bit machine that is 786424 bytes. + * If this is too big a burden and you do not need many clients connected, then + * the old check is sufficient. You can reduce the number of entries by setting + * a lower max_keepalive value. A value as low as 600 still gives a 10 minute + * keepalive and reduces the memory for the ring buffer to 7208 bytes. + * + * *NOTE* It is likely that the old check routine will be removed in the + * future, and max_keepalive set to a sensible default value. If this is a + * problem for you please get in touch. + */ + static time_t last_keepalive_check = 0; +#ifndef WITH_OLD_KEEPALIVE +static int keepalive_list_max = 0; +static struct mosquitto **keepalive_list = NULL; +#endif -/* FIXME - this is the prototype for the future tree/trie based keepalive check implementation. */ +#ifndef WITH_OLD_KEEPALIVE +static int calc_index(struct mosquitto *context) +{ + return (int)(context->last_msg_in + context->keepalive*3/2) % keepalive_list_max; +} +#endif + +int keepalive__init(void) +{ +#ifndef WITH_OLD_KEEPALIVE + struct mosquitto *context, *ctxt_tmp; + + last_keepalive_check = db.now_s; + if(db.config->max_keepalive <= 0){ + keepalive_list_max = (UINT16_MAX * 3)/2 + 1; + }else{ + keepalive_list_max = (db.config->max_keepalive * 3)/2 + 1; + } + keepalive_list = mosquitto_calloc((size_t)keepalive_list_max, sizeof(struct mosquitto *)); + if(keepalive_list == NULL){ + log__printf(NULL, MOSQ_LOG_ERR, "Error: Out of memory."); + keepalive_list_max = 0; + return MOSQ_ERR_NOMEM; + } + + /* Add existing clients - should only be applicable on MOSQ_EVT_RELOAD */ + HASH_ITER(hh_sock, db.contexts_by_sock, context, ctxt_tmp){ + if(net__is_connected(context) && !context->bridge && context->keepalive > 0){ + keepalive__add(context); + } + } +#endif + return MOSQ_ERR_SUCCESS; +} + +void keepalive__cleanup(void) +{ +#ifndef WITH_OLD_KEEPALIVE + mosquitto_free(keepalive_list); + keepalive_list = NULL; + keepalive_list_max = 0; +#endif +} int keepalive__add(struct mosquitto *context) { - UNUSED(context); +#ifndef WITH_OLD_KEEPALIVE + if(context->keepalive <= 0 || !net__is_connected(context)) return MOSQ_ERR_SUCCESS; +#ifdef WITH_BRIDGE + if(context->bridge) return MOSQ_ERR_SUCCESS; +#endif + DL_APPEND2(keepalive_list[calc_index(context)], context, keepalive_prev, keepalive_next); +#else + UNUSED(context); +#endif return MOSQ_ERR_SUCCESS; } +#ifndef WITH_OLD_KEEPALIVE void keepalive__check(void) { struct mosquitto *context, *ctxt_tmp; - if(last_keepalive_check + 5 < db.now_s){ + for(time_t i=last_keepalive_check; isock != INVALID_SOCKET){ + if(net__is_connected(context)){ /* Local bridges never time out in this fashion. */ if(!(context->keepalive) || context->bridge @@ -56,23 +173,38 @@ void keepalive__check(void) } } } +#endif int keepalive__remove(struct mosquitto *context) { +#ifndef WITH_OLD_KEEPALIVE + int idx; + + if(context->keepalive <= 0 || context->keepalive_prev == NULL) return MOSQ_ERR_SUCCESS; + + idx = calc_index(context); + if(keepalive_list[idx]){ + DL_DELETE2(keepalive_list[idx], context, keepalive_prev, keepalive_next); + context->keepalive_next = NULL; + context->keepalive_prev = NULL; + } +#else UNUSED(context); - +#endif return MOSQ_ERR_SUCCESS; } -void keepalive__remove_all(void) -{ -} - - int keepalive__update(struct mosquitto *context) { +#ifndef WITH_OLD_KEEPALIVE + keepalive__remove(context); + /* coverity[missing_lock] - broker is single threaded, so no lock required */ context->last_msg_in = db.now_s; + keepalive__add(context); +#else + UNUSED(context); +#endif return MOSQ_ERR_SUCCESS; } diff --git a/src/loop.c b/src/loop.c index ec953398..084b2f3d 100644 --- a/src/loop.c +++ b/src/loop.c @@ -187,6 +187,7 @@ int mosquitto_main_loop(struct mosquitto__listener_sock *listensock, int listens #endif while(run){ + retain__expire(); queue_plugin_msgs(); context__free_disused(); #ifdef WITH_SYS_TREE @@ -237,6 +238,8 @@ int mosquitto_main_loop(struct mosquitto__listener_sock *listensock, int listens mosquitto_security_apply(); log__close(db.config); log__init(db.config); + keepalive__cleanup(); + keepalive__init(); flag_reload = false; } if(flag_tree_print){ diff --git a/src/mosquitto.c b/src/mosquitto.c index 6304c08c..de5d4c10 100644 --- a/src/mosquitto.c +++ b/src/mosquitto.c @@ -279,10 +279,17 @@ void listeners__add_websockets(struct lws_context *ws_context, mosq_sock_t fd) static int listeners__add_local(const char *host, uint16_t port) { struct mosquitto__listener *listeners; + bool allow_anonymous; + listeners = db.config->listeners; + if(db.config->security_options.allow_anonymous == -1){ + allow_anonymous = true; + }else{ + allow_anonymous = db.config->security_options.allow_anonymous; + } listener__set_defaults(&listeners[db.config->listener_count]); - listeners[db.config->listener_count].security_options.allow_anonymous = true; + listeners[db.config->listener_count].security_options.allow_anonymous = allow_anonymous; listeners[db.config->listener_count].port = port; listeners[db.config->listener_count].host = mosquitto__strdup(host); if(listeners[db.config->listener_count].host == NULL){ @@ -502,6 +509,11 @@ int main(int argc, char *argv[]) if(rc != MOSQ_ERR_SUCCESS) return rc; db.config = &config; + rc = keepalive__init(); + if(rc){ + return rc; + } + /* Drop privileges permanently immediately after the config is loaded. * This requires the user to ensure that all certificates, log locations, * etc. are accessible my the `mosquitto` or other unprivileged user. @@ -611,6 +623,7 @@ int main(int argc, char *argv[]) mosquitto__free(db.bridges); #endif context__free_disused(); + keepalive__cleanup(); db__close(); diff --git a/src/mosquitto_broker_internal.h b/src/mosquitto_broker_internal.h index aff6e948..7516f312 100644 --- a/src/mosquitto_broker_internal.h +++ b/src/mosquitto_broker_internal.h @@ -291,6 +291,7 @@ struct mosquitto__config { bool queue_qos0_messages; bool per_listener_settings; bool retain_available; + int retain_expiry_interval; bool set_tcp_nodelay; int sys_interval; bool upgrade_outgoing_qos; @@ -771,10 +772,11 @@ void plugin__handle_tick(void); /* ============================================================ * Property related functions * ============================================================ */ +int keepalive__init(void); +void keepalive__cleanup(void); int keepalive__add(struct mosquitto *context); void keepalive__check(void); int keepalive__remove(struct mosquitto *context); -void keepalive__remove_all(void); int keepalive__update(struct mosquitto *context); /* ============================================================ @@ -791,6 +793,7 @@ int retain__init(void); void retain__clean(struct mosquitto__retainhier **retainhier); int retain__queue(struct mosquitto *context, const char *sub, uint8_t sub_qos, uint32_t subscription_identifier); int retain__store(const char *topic, struct mosquitto_msg_store *stored, char **split_topics); +void retain__expire(void); /* ============================================================ * Security related functions diff --git a/src/net.c b/src/net.c index b66c03d9..a4efdb00 100644 --- a/src/net.c +++ b/src/net.c @@ -246,6 +246,8 @@ struct mosquitto *net__socket_accept(struct mosquitto__listener_sock *listensock new_context->address, new_context->remote_port, new_context->listener->port); } + keepalive__add(new_context); + return new_context; } @@ -672,6 +674,9 @@ static int net__bind_interface(struct mosquitto__listener *listener, struct addr memcpy(&((struct sockaddr_in6 *)rp->ai_addr)->sin6_addr, &((struct sockaddr_in6 *)ifa->ifa_addr)->sin6_addr, sizeof(struct in6_addr)); + + ((struct sockaddr_in6 *)rp->ai_addr)->sin6_scope_id = ((struct sockaddr_in6 *)ifa->ifa_addr)->sin6_scope_id; + freeifaddrs(ifaddr); return MOSQ_ERR_SUCCESS; } diff --git a/src/plugin_debug.c b/src/plugin_debug.c index 8a8d6c21..76eb5dc3 100644 --- a/src/plugin_debug.c +++ b/src/plugin_debug.c @@ -34,10 +34,10 @@ void print_col(struct mosquitto *client) { switch(mosquitto_client_protocol(client)){ case mp_mqtt: - printf("%s", ANSI_GREEN); + fprintf(stderr, "%s", ANSI_GREEN); break; case mp_websockets: - printf("%s", ANSI_MAGENTA); + fprintf(stderr, "%s", ANSI_MAGENTA); break; default: break; @@ -46,54 +46,58 @@ void print_col(struct mosquitto *client) int mosquitto_auth_plugin_version(void) { - printf(ANSI_BLUE "PLUGIN ::: mosquitto_auth_plugin_version()" ANSI_RESET "\n"); + fprintf(stderr, ANSI_BLUE "PLUGIN ::: mosquitto_auth_plugin_version()" ANSI_RESET "\n"); return 4; } int mosquitto_auth_plugin_init(void **user_data, struct mosquitto_opt *auth_opts, int auth_opt_count) { - printf(ANSI_BLUE "PLUGIN ::: mosquitto_auth_plugin_init(,,%d)" ANSI_RESET "\n", auth_opt_count); + fprintf(stderr, ANSI_BLUE "PLUGIN ::: mosquitto_auth_plugin_init(,,%d)" ANSI_RESET "\n", auth_opt_count); return MOSQ_ERR_SUCCESS; } int mosquitto_auth_plugin_cleanup(void *user_data, struct mosquitto_opt *auth_opts, int auth_opt_count) { - printf(ANSI_BLUE "PLUGIN ::: mosquitto_auth_plugin_cleanup(,,%d)" ANSI_RESET "\n", auth_opt_count); + fprintf(stderr, ANSI_BLUE "PLUGIN ::: mosquitto_auth_plugin_cleanup(,,%d)" ANSI_RESET "\n", auth_opt_count); return MOSQ_ERR_SUCCESS; } int mosquitto_auth_security_init(void *user_data, struct mosquitto_opt *auth_opts, int auth_opt_count, bool reload) { - printf(ANSI_BLUE "PLUGIN ::: mosquitto_auth_security_init(,,%d, %d)" ANSI_RESET "\n", auth_opt_count, reload); + fprintf(stderr, ANSI_BLUE "PLUGIN ::: mosquitto_auth_security_init(,,%d, %d)" ANSI_RESET "\n", auth_opt_count, reload); return MOSQ_ERR_SUCCESS; } int mosquitto_auth_security_cleanup(void *user_data, struct mosquitto_opt *auth_opts, int auth_opt_count, bool reload) { - printf(ANSI_BLUE "PLUGIN ::: mosquitto_auth_security_cleanup(,,%d, %d)" ANSI_RESET "\n", auth_opt_count, reload); + fprintf(stderr, ANSI_BLUE "PLUGIN ::: mosquitto_auth_security_cleanup(,,%d, %d)" ANSI_RESET "\n", auth_opt_count, reload); return MOSQ_ERR_SUCCESS; } int mosquitto_auth_acl_check(void *user_data, int access, struct mosquitto *client, const struct mosquitto_acl_msg *msg) { print_col(client); - printf("PLUGIN ::: mosquitto_auth_acl_check(%p, %d, %s, %s)" ANSI_RESET "\n", + fprintf(stderr, "PLUGIN ::: mosquitto_auth_acl_check(%p, %d, %s, %s)" ANSI_RESET "\n", user_data, access, mosquitto_client_username(client), msg->topic); return MOSQ_ERR_SUCCESS; } int mosquitto_auth_unpwd_check(void *user_data, struct mosquitto *client, const char *username, const char *password) { + const char *client_id = mosquitto_client_id(client); + const char *ip_address = mosquitto_client_address(client); + const void *cert = mosquitto_client_certificate(client); + print_col(client); - printf("PLUGIN ::: mosquitto_auth_unpwd_check(%p, %s, %s)" ANSI_RESET "\n", - user_data, mosquitto_client_username(client), username); + fprintf(stderr, "PLUGIN ::: mosquitto_auth_unpwd_check(%p, %s, %s, id=%s, ip=%s, cert=%p)" ANSI_RESET "\n", + user_data, mosquitto_client_username(client), username, client_id, ip_address, cert); return MOSQ_ERR_SUCCESS; } int mosquitto_auth_psk_key_get(void *user_data, struct mosquitto *client, const char *hint, const char *identity, char *key, int max_key_len) { print_col(client); - printf("PLUGIN ::: mosquitto_auth_psk_key_get(%p, %s, %s)" ANSI_RESET "\n", + fprintf(stderr, "PLUGIN ::: mosquitto_auth_psk_key_get(%p, %s, %s)" ANSI_RESET "\n", user_data, mosquitto_client_username(client), hint); return MOSQ_ERR_SUCCESS; } @@ -101,7 +105,7 @@ int mosquitto_auth_psk_key_get(void *user_data, struct mosquitto *client, const int mosquitto_auth_start(void *user_data, struct mosquitto *client, const char *method, bool reauth, const void *data_in, uint16_t data_in_len, void **data_out, uint16_t *data_out_len) { print_col(client); - printf("PLUGIN ::: mosquitto_auth_start(%p, %s, %s, %d, %d, %hn)" ANSI_RESET "\n", + fprintf(stderr, "PLUGIN ::: mosquitto_auth_start(%p, %s, %s, %d, %d, %hn)" ANSI_RESET "\n", user_data, mosquitto_client_username(client), method, reauth, data_in_len, data_out_len); return MOSQ_ERR_SUCCESS; } @@ -109,7 +113,7 @@ int mosquitto_auth_start(void *user_data, struct mosquitto *client, const char * int mosquitto_auth_continue(void *user_data, struct mosquitto *client, const char *method, const void *data_in, uint16_t data_in_len, void **data_out, uint16_t *data_out_len) { print_col(client); - printf("PLUGIN ::: mosquitto_auth_continue(%p, %s, %s, %d, %hn)" ANSI_RESET "\n", + fprintf(stderr, "PLUGIN ::: mosquitto_auth_continue(%p, %s, %s, %d, %hn)" ANSI_RESET "\n", user_data, mosquitto_client_username(client), method, data_in_len, data_out_len); return MOSQ_ERR_SUCCESS; } diff --git a/src/retain.c b/src/retain.c index 6c303c96..45765e80 100644 --- a/src/retain.c +++ b/src/retain.c @@ -29,6 +29,8 @@ Contributors: #include "utlist.h" +static time_t next_expire_check = 0; + static struct mosquitto__retainhier *retain__add_hier_entry(struct mosquitto__retainhier *parent, struct mosquitto__retainhier **sibling, const char *topic, uint16_t len) { struct mosquitto__retainhier *child; @@ -320,3 +322,32 @@ void retain__clean(struct mosquitto__retainhier **retainhier) } } +static void retain__expire_search(struct mosquitto__retainhier *retainhier) +{ + struct mosquitto__retainhier *branch, *branch_tmp; + + HASH_ITER(hh, retainhier->children, branch, branch_tmp){ + if(branch->children){ + retain__expire_search(branch); + } + if(branch->retained){ + if(branch->retained->message_expiry_time > 0 && db.now_real_s >= branch->retained->message_expiry_time){ + db__msg_store_ref_dec(&branch->retained); + branch->retained = NULL; +#ifdef WITH_SYS_TREE + db.retained_count--; +#endif + retain__clean_empty_hierarchy(retainhier); + } + } + } +} + + +void retain__expire(void) +{ + if(db.config->retain_expiry_interval > 0 && db.now_s > next_expire_check){ + retain__expire_search(db.retains); + next_expire_check = db.now_s + db.config->retain_expiry_interval; + } +} diff --git a/src/websockets.c b/src/websockets.c index 4d91579a..f8e62088 100644 --- a/src/websockets.c +++ b/src/websockets.c @@ -578,6 +578,10 @@ static int callback_http( return -1; } wlen = (size_t)rc; + /* while still active, extend timeout */ + if(wlen){ + lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT, 10); + } if(wlen < buflen){ if(fseek(u->fptr, (long)(buflen-wlen), SEEK_CUR) < 0){ fclose(u->fptr); @@ -698,7 +702,12 @@ void mosq_websockets_init(struct mosquitto__listener *listener, const struct mos info.gid = -1; info.uid = -1; #ifdef WITH_TLS - info.ssl_ca_filepath = listener->cafile; + if(listener->cafile){ + info.ssl_ca_filepath = listener->cafile; + } + else if(listener->capath){ + log__printf(NULL, MOSQ_LOG_WARNING, "Warning: CA path option is not supported for websockets"); + } info.ssl_cert_filepath = listener->certfile; info.ssl_private_key_filepath = listener->keyfile; info.ssl_cipher_list = listener->ciphers; diff --git a/test/broker/01-connect-allow-anonymous.py b/test/broker/01-connect-allow-anonymous.py index 985c0b80..5926cdde 100755 --- a/test/broker/01-connect-allow-anonymous.py +++ b/test/broker/01-connect-allow-anonymous.py @@ -26,6 +26,14 @@ def write_config5(filename, port): f.write("listener %d\n" % (port)) f.write("allow_anonymous true\n") +def write_config6(filename, port): + with open(filename, 'w') as f: + f.write("allow_anonymous false\n") + +def write_config7(filename, port): + with open(filename, 'w') as f: + f.write("allow_anonymous true\n") + def do_test(use_conf, write_config, expect_success): port = mosq_test.get_port() @@ -61,6 +69,7 @@ def do_test(use_conf, write_config, expect_success): finally: if write_config is not None: os.remove(conf_file) + pass broker.terminate() broker.wait() (stdo, stde) = broker.communicate() @@ -74,8 +83,7 @@ def do_test(use_conf, write_config, expect_success): do_test(use_conf=False, write_config=None, expect_success=True) # Config file but no listener - allow_anonymous should be true -# Not possible right now because the test doesn't allow us to use a config file and -p at the same time. -#do_test(use_conf=True, write_config=write_config1, expect_success=True) +do_test(use_conf=True, write_config=write_config1, expect_success=True) # Config file with "port" - allow_anonymous should be false do_test(use_conf=True, write_config=write_config2, expect_success=False) @@ -88,4 +96,10 @@ do_test(use_conf=True, write_config=write_config4, expect_success=True) # Config file with "listener" - allow_anonymous explicitly true do_test(use_conf=True, write_config=write_config5, expect_success=True) + +# Config file without "listener" - allow_anonymous explicitly false +do_test(use_conf=True, write_config=write_config6, expect_success=False) + +# Config file without "listener" - allow_anonymous explicitly true +do_test(use_conf=True, write_config=write_config7, expect_success=True) exit(0) diff --git a/test/broker/06-bridge-b2br-remapping.py b/test/broker/06-bridge-b2br-remapping.py index 7d17edb4..18ba4738 100755 --- a/test/broker/06-bridge-b2br-remapping.py +++ b/test/broker/06-bridge-b2br-remapping.py @@ -17,6 +17,9 @@ def write_config(filename, port1, port2, protocol_version): f.write("topic +/value in 0 local3/topic/ remote3/topic/\n") f.write("topic ic/+ in 0 local4/top remote4/tip\n") f.write("topic clients/total in 0 test/mosquitto/org $SYS/broker/\n") + f.write('topic rmapped in 0 "" remote/mapped/\n') + f.write('topic lmapped in 0 local/mapped/ ""\n') + f.write('topic "" in 0 local/single remote/single\n') f.write("notifications false\n") f.write("restart_timeout 5\n") f.write("bridge_protocol_version %s\n" % (protocol_version)) @@ -70,6 +73,9 @@ def inner_test(bridge, sock, proto_ver): ('local3/topic/something/value', 'remote3/topic/something/value'), ('local4/topic/something', 'remote4/tipic/something'), ('test/mosquitto/orgclients/total', '$SYS/broker/clients/total'), + ('local/mapped/lmapped', 'lmapped'), + ('rmapped', 'remote/mapped/rmapped'), + ('local/single', 'remote/single'), ] for (local_topic, remote_topic) in cases: diff --git a/test/broker/06-bridge-remap-receive-wildcard.py b/test/broker/06-bridge-remap-receive-wildcard.py index a836f83e..5b86563c 100755 --- a/test/broker/06-bridge-remap-receive-wildcard.py +++ b/test/broker/06-bridge-remap-receive-wildcard.py @@ -75,8 +75,11 @@ def do_test(proto_ver): bridge.send(bytes.fromhex("320c00062b2b2b2b2b2b00040033")) #bridge.send(bytes.fromhex("320c00062b2b2b2b2b2b00040033")) #bridge.send(bytes.fromhex("320c00062b2b2b2b2b2b00040033")) - mosq_test.do_ping(bridge) - except ConnectionResetError: + bridge.send(bytes.fromhex("C000")) # PING + d = bridge.recv(1) + if len(d) == 0: + rc = 0 + except (ConnectionResetError, BrokenPipeError, mosq_test.TestError): #expected behaviour rc = 0 diff --git a/test/broker/08-ssl-connect-cert-auth-expired.py b/test/broker/08-ssl-connect-cert-auth-expired.py index 41e66364..f4226d56 100755 --- a/test/broker/08-ssl-connect-cert-auth-expired.py +++ b/test/broker/08-ssl-connect-cert-auth-expired.py @@ -24,26 +24,33 @@ conf_file = os.path.basename(__file__).replace('.py', '.conf') write_config(conf_file, port1, port2) rc = 1 -keepalive = 10 -connect_packet = mosq_test.gen_connect("connect-success-test", keepalive=keepalive) +connect_packet = mosq_test.gen_connect("connect-success-test") broker = mosq_test.start_broker(filename=os.path.basename(__file__), port=port2, use_conf=True) +ssl_eof = False try: - sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH, cafile="../ssl/test-root-ca.crt") context.load_cert_chain(certfile="../ssl/client-expired.crt", keyfile="../ssl/client-expired.key") - ssock = context.wrap_socket(sock, server_hostname="localhost") - ssock.settimeout(20) - try: - ssock.connect(("localhost", port1)) - mosq_test.do_send_receive(ssock, connect_packet, "", "connack") - except ssl.SSLError as err: - if err.errno == 1: - rc = 0 - else: - broker.terminate() - raise ValueError(err.errno) + with socket.create_connection(("localhost", port1)) as sock: + ssock = context.wrap_socket(sock, server_hostname="localhost", suppress_ragged_eofs=True) + ssock.settimeout(None) + try: + mosq_test.do_send_receive(ssock, connect_packet, "", "connack") + except ssl.SSLEOFError: + # Under load, sometimes the broker closes the connection after the + # handshake has failed, but before we have chance to send our + # payload and so we get an EOF. + ssl_eof = True + except ssl.SSLError as err: + if err.reason == "SSLV3_ALERT_CERTIFICATE_EXPIRED": + rc = 0 + elif err.errno == 8 and "EOF occurred" in err.strerror: + rc = 0 + else: + broker.terminate() + print(err.strerror) + raise ValueError(err.errno) from err except mosq_test.TestError: pass finally: @@ -52,8 +59,11 @@ finally: broker.terminate() broker.wait() (stdo, stde) = broker.communicate() + + if ssl_eof: + if "certificate verify failed" in stde.decode('utf-8'): + rc = 0 if rc: print(stde.decode('utf-8')) exit(rc) - diff --git a/test/broker/08-ssl-connect-cert-auth-revoked.py b/test/broker/08-ssl-connect-cert-auth-revoked.py index 92734543..5d189af2 100755 --- a/test/broker/08-ssl-connect-cert-auth-revoked.py +++ b/test/broker/08-ssl-connect-cert-auth-revoked.py @@ -28,6 +28,7 @@ connect_packet = mosq_test.gen_connect("connect-revoked-test", keepalive=keepali broker = mosq_test.start_broker(filename=os.path.basename(__file__), port=port2, use_conf=True) +ssl_eof = False try: sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH, cafile="../ssl/test-root-ca.crt") @@ -36,7 +37,22 @@ try: ssock.settimeout(20) try: ssock.connect(("localhost", port1)) - mosq_test.do_send_receive(ssock, connect_packet, "", "connack") + try: + mosq_test.do_send_receive(ssock, connect_packet, "", "connack") + except ssl.SSLEOFError: + # Under load, sometimes the broker closes the connection after the + # handshake has failed, but before we have chance to send our + # payload and so we get an EOF. + ssl_eof = True + except ssl.SSLError as err: + if err.reason == "SSLV3_ALERT_CERTIFICATE_REVOKED": + rc = 0 + elif err.errno == 8 and "EOF occurred" in err.strerror: + rc = 0 + else: + broker.terminate() + print(err.strerror) + raise ValueError(err.errno) from err except ssl.SSLError as err: if err.errno == 1 and "certificate revoked" in err.strerror: rc = 0 @@ -53,6 +69,9 @@ finally: broker.terminate() broker.wait() (stdo, stde) = broker.communicate() + if ssl_eof: + if "certificate verify failed" in stde.decode('utf-8'): + rc = 0 if rc: print(stde.decode('utf-8')) diff --git a/test/broker/data/FORBIDDEN.json b/test/broker/data/FORBIDDEN.json index ceff5502..d02adf0c 100644 --- a/test/broker/data/FORBIDDEN.json +++ b/test/broker/data/FORBIDDEN.json @@ -12,7 +12,8 @@ { "name": "01", "ver":4, "msgs": [{"type":"send", "payload":"01 00"}]}, { "name": "02", "ver":4, "msgs": [{"type":"send", "payload":"02 00"}]}, { "name": "04", "ver":4, "msgs": [{"type":"send", "payload":"04 00"}]}, - { "name": "08", "ver":4, "msgs": [{"type":"send", "payload":"08 00"}]} + { "name": "08", "ver":4, "msgs": [{"type":"send", "payload":"08 00"}]}, + { "name": "0A with illegal length C0", "ver":4, "expect_disconnect":true, "msgs": [{"type":"send", "payload":"0A C0"}]} ] }, { @@ -46,7 +47,11 @@ { "name": "08", "ver":5, "msgs": [ {"type":"send", "payload":"08 00"}, {"type":"recv", "payload":"E0 01 82", "comment":"DISCONNECT protocol error"} - ]} + ]}, + { "name": "0A with illegal length C0", "ver":5, "expect_disconnect":true, "msgs": [ + {"type":"send", "payload":"0A C0"}, + {"type":"recv", "payload":"E0 01 82", "comment":"DISCONNECT protocol error"} + ]} ] } ] diff --git a/test/broker/data/PUBLISH.json b/test/broker/data/PUBLISH.json index abe7c7a0..624de3ab 100644 --- a/test/broker/data/PUBLISH.json +++ b/test/broker/data/PUBLISH.json @@ -41,7 +41,15 @@ { "name": "30 topic with U+FFFF", "ver":4, "msgs": [{"type":"send", "payload":"30 0E 0005 746FEDBFBF 7061796C6F6164"}]}, { "name": "30 topic with U+2A6D4 (section 1.5.3.1)", "ver":4, "expect_disconnect":false, "msgs": [{"type":"send", "payload":"30 0E 0005 41F0AA9B94 7061796C6F6164"}]}, { "name": "30 topic with + [MQTT-3.3.2-2]", "ver":4, "msgs": [{"type":"send", "payload":"30 0E 0005 2B6F706963 7061796C6F6164"}]}, - { "name": "30 topic with # [MQTT-3.3.2-2]", "ver":4, "msgs": [{"type":"send", "payload":"30 0E 0005 236F706963 7061796C6F6164"}]} + { "name": "30 topic with # [MQTT-3.3.2-2]", "ver":4, "msgs": [{"type":"send", "payload":"30 0E 0005 236F706963 7061796C6F6164"}]}, + { "name": "34 QoS 2 repeated with/without payload", "ver":4, "expect_disconnect":false, "msgs": [ + {"type":"send", "payload":"34 09 0005 746F706963 1234"}, + {"type":"recv", "payload":"50 02 1234"}, + {"type":"send", "payload":"34 0A 0005 746F706963 1234 70"}, + {"type":"recv", "payload":"50 02 1234"}, + {"type":"send", "payload":"34 09 0005 746F706963 1234"}, + {"type":"recv", "payload":"50 02 1234"} + ]} ] }, { diff --git a/test/broker/readme.txt b/test/broker/readme.txt index 37f062e1..e7dba30e 100644 --- a/test/broker/readme.txt +++ b/test/broker/readme.txt @@ -17,3 +17,5 @@ Numbering is as follows: 10: Listener tests 11: Persistence tests 12: Property tests +13: Malformed tests +14: Dynamic security tests diff --git a/test/mosq_test.py b/test/mosq_test.py index 98fd3ac9..3536d90d 100644 --- a/test/mosq_test.py +++ b/test/mosq_test.py @@ -30,6 +30,8 @@ def start_broker(filename, cmd=None, port=0, use_conf=False, expect_fail=False, if port == 0: port = 1888 + else: + cmd += ['-p', str(port)] else: if cmd is None and port != 0: cmd = ['../../src/mosquitto', '-v', '-p', str(port)] diff --git a/test/ssl/all-ca.crt b/test/ssl/all-ca.crt index ead288c9..1555cf34 100644 --- a/test/ssl/all-ca.crt +++ b/test/ssl/all-ca.crt @@ -5,100 +5,100 @@ Certificate: Signature Algorithm: sha256WithRSAEncryption Issuer: C=GB, ST=Derbyshire, L=Derby, O=Mosquitto Project, OU=Testing, CN=Root CA Validity - Not Before: Jan 15 05:59:52 2025 GMT - Not After : Jan 14 05:59:52 2030 GMT + Not Before: Feb 25 13:42:36 2025 GMT + Not After : Feb 24 13:42:36 2030 GMT Subject: C=GB, ST=Derbyshire, O=Mosquitto Project, OU=Testing, CN=Signing CA Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: - 00:da:66:c6:f0:fb:48:ef:2f:a7:df:22:2a:db:cc: - 8c:18:0d:99:18:b9:55:71:c0:90:0e:5a:c6:06:54: - d9:f2:ce:d5:55:05:52:be:b2:25:57:17:fc:35:03: - e8:0a:11:87:29:f0:47:e6:a7:4d:e4:b6:03:4a:e0: - 37:be:de:e4:80:a4:c9:54:07:d4:84:7d:81:e2:fd: - 50:77:ec:b1:e1:15:a6:24:bf:9a:76:63:cd:99:00: - dd:8b:42:0e:3b:92:7d:74:d4:35:12:79:15:07:c2: - 19:e5:fc:dc:64:74:bd:dd:71:56:98:d9:4e:65:d8: - 5c:86:43:e6:35:02:88:0e:a2:b0:e6:f8:2b:84:88: - 68:28:7f:a3:71:4a:ef:4f:a6:3f:2f:58:e2:c8:86: - 2e:07:bc:6a:3d:14:3e:ca:dc:6d:1b:6f:86:61:5b: - c0:bf:da:c9:45:1e:1a:a8:19:a1:66:9b:f8:4d:a2: - 23:77:ea:8a:ef:5d:0e:6a:71:f8:26:5e:0a:e1:2d: - 2b:1a:e8:4b:19:e2:65:7b:e8:eb:69:40:c4:e8:ea: - 31:d2:54:24:c0:a8:d5:1e:e7:c9:0f:2b:a2:69:9f: - 38:3c:02:37:a0:f2:ca:01:51:cf:1c:b5:21:0b:2a: - 5c:c4:93:bb:ac:59:ff:7e:67:c6:a1:e0:84:cd:a0: - e6:ad + 00:fc:78:66:8a:f8:af:87:3b:96:62:ea:85:fd:51: + f9:0f:e4:a6:c2:3d:2d:0d:f6:a2:ff:32:2c:b4:d9: + 31:4c:fa:e9:31:87:62:12:c1:67:99:1d:96:65:d6: + 70:cf:2e:b3:7f:fc:d6:90:8d:9f:eb:e6:a7:a3:4f: + 07:ab:be:90:37:6e:ee:26:47:e5:0f:0f:a2:41:56: + 2d:ff:45:45:87:7a:c4:90:f3:c6:73:af:83:a5:40: + 56:fe:24:28:71:c1:a3:03:74:7a:ce:2a:14:af:89: + 47:7c:0c:c3:ec:36:e3:ee:95:bd:0e:da:23:2b:52: + b4:c9:c1:84:eb:62:84:95:de:76:f3:be:68:dc:bd: + 82:73:b0:e5:08:51:6d:3e:97:4a:5d:b8:3d:05:ea: + da:ae:d3:d9:a4:58:f9:ef:c9:57:52:f5:38:1c:27: + 67:70:8d:4e:b2:46:c0:12:fe:b9:7d:1e:79:6c:d3: + c7:36:e2:e1:ce:35:8b:89:61:0f:35:ef:c1:76:3f: + c0:0f:e9:10:27:5a:71:ca:63:2b:6e:19:66:aa:74: + df:a0:1c:5a:73:e1:0b:ca:6e:67:09:fa:e2:0a:b4: + 29:63:b0:3b:7d:2f:82:b3:10:56:d9:1b:a1:77:60: + 2b:d7:8d:05:40:20:88:71:98:91:18:e4:ce:af:07: + 4b:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: - 53:48:5A:50:4D:78:80:6D:55:79:8A:FE:A9:A3:68:7A:04:9A:F0:87 + 32:41:09:D3:64:22:D3:E9:E0:07:DA:E3:D5:56:C8:44:61:46:DC:38 X509v3 Authority Key Identifier: - 0F:B8:7D:2E:0F:7C:9E:AA:4F:C6:6B:2B:AE:90:CF:CE:E8:2C:45:CC - X509v3 Basic Constraints: critical + A8:C7:9F:BC:59:76:70:BA:3E:11:6D:54:51:E3:25:CC:83:96:C9:B4 + X509v3 Basic Constraints: CA:TRUE X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption Signature Value: - 35:7d:11:3c:db:4d:b5:63:d3:c0:6d:61:fa:6c:e5:43:15:aa: - c6:c4:f7:20:5b:78:aa:95:b7:e4:cf:89:ca:c8:17:10:d0:f0: - 69:12:96:e4:f3:c5:58:ab:aa:e0:be:eb:5d:37:43:af:9e:3a: - 6f:f9:ef:cf:6f:f5:67:25:62:e4:70:8e:08:9a:fc:17:32:45: - b5:f1:c8:6c:ad:e8:4c:2f:14:67:24:e0:24:b6:84:22:34:26: - 8b:6d:ff:e1:5c:9d:c2:84:18:d7:9d:48:ad:a0:0b:9c:ed:cd: - 9e:d4:a8:20:7a:41:ea:c3:00:a3:3b:a5:ab:22:ad:41:45:5a: - 17:5f:e2:1a:8c:9f:ab:be:bc:7b:3d:a4:23:93:db:80:2c:1b: - 9b:50:cf:72:b9:ef:f5:54:76:63:47:a0:73:bd:57:37:51:47: - e6:0e:f6:b2:81:70:11:db:88:44:6d:82:96:6f:85:6d:67:25: - 1b:67:b3:ad:3c:59:17:96:6a:c0:9f:f4:d4:8a:5a:ee:81:8d: - 8f:18:2c:92:9c:ab:26:40:36:21:ba:1b:db:13:65:34:dd:bf: - 26:ad:12:1f:aa:97:55:c5:d4:60:e5:9e:75:37:3d:3c:3b:b2: - b0:97:15:6a:a9:1e:66:bf:a4:64:82:6b:8e:60:f4:26:a0:5c: - 81:f1:f4:64 + 4e:38:ce:97:e9:c4:d8:65:6a:d9:b0:57:6b:93:3d:0f:ef:fa: + 3d:ca:e1:33:c3:2f:5b:2b:2b:fe:f6:62:af:66:33:6f:f7:e4: + 0b:1d:c9:ef:fb:01:b0:8c:43:2f:f3:68:b4:f9:f9:10:e0:0b: + bc:f4:a2:c5:8c:95:45:e4:73:38:e7:3c:56:4a:2a:70:a5:3a: + 1f:ce:30:15:2f:06:ec:98:5e:9d:54:fb:9d:c8:d1:1e:55:94: + 06:9c:fd:40:6f:95:2a:8d:48:c5:9e:2c:15:49:f4:9a:dd:1f: + 14:02:7c:7d:3e:9e:71:f5:0d:80:22:e1:83:80:3f:23:0f:47: + 3f:ef:ad:73:bc:e3:83:5d:87:a4:b7:78:86:51:ac:66:66:d4: + 4e:3a:d7:24:1d:3d:61:ff:99:02:62:3f:3f:79:7a:3a:30:cb: + 78:84:3e:63:bd:6d:55:49:4b:34:c4:92:16:9f:c2:4c:20:a1: + 81:52:73:ab:7a:46:40:6c:ea:0a:bd:7e:fa:01:1c:3c:2e:fa: + 21:95:80:ac:3b:a7:98:c0:7a:33:64:1b:39:c1:bb:a8:d6:45: + 1a:f0:62:2f:f8:99:dc:dc:02:d7:bd:fe:b7:28:5d:05:60:68: + 47:ac:99:1f:ea:8f:01:5a:81:20:3d:52:15:3b:d7:43:bf:c8: + 78:68:8c:9a -----BEGIN CERTIFICATE----- MIIDsjCCApqgAwIBAgIBATANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjET MBEGA1UECAwKRGVyYnlzaGlyZTEOMAwGA1UEBwwFRGVyYnkxGjAYBgNVBAoMEU1v c3F1aXR0byBQcm9qZWN0MRAwDgYDVQQLDAdUZXN0aW5nMRAwDgYDVQQDDAdSb290 -IENBMB4XDTI1MDExNTA1NTk1MloXDTMwMDExNDA1NTk1MlowZTELMAkGA1UEBhMC +IENBMB4XDTI1MDIyNTEzNDIzNloXDTMwMDIyNDEzNDIzNlowZTELMAkGA1UEBhMC R0IxEzARBgNVBAgMCkRlcmJ5c2hpcmUxGjAYBgNVBAoMEU1vc3F1aXR0byBQcm9q ZWN0MRAwDgYDVQQLDAdUZXN0aW5nMRMwEQYDVQQDDApTaWduaW5nIENBMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mbG8PtI7y+n3yIq28yMGA2ZGLlV -ccCQDlrGBlTZ8s7VVQVSvrIlVxf8NQPoChGHKfBH5qdN5LYDSuA3vt7kgKTJVAfU -hH2B4v1Qd+yx4RWmJL+admPNmQDdi0IOO5J9dNQ1EnkVB8IZ5fzcZHS93XFWmNlO -ZdhchkPmNQKIDqKw5vgrhIhoKH+jcUrvT6Y/L1jiyIYuB7xqPRQ+ytxtG2+GYVvA -v9rJRR4aqBmhZpv4TaIjd+qK710OanH4Jl4K4S0rGuhLGeJle+jraUDE6Oox0lQk -wKjVHufJDyuiaZ84PAI3oPLKAVHPHLUhCypcxJO7rFn/fmfGoeCEzaDmrQIDAQAB -o2AwXjAdBgNVHQ4EFgQUU0haUE14gG1VeYr+qaNoegSa8IcwHwYDVR0jBBgwFoAU -D7h9Lg98nqpPxmsrrpDPzugsRcwwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMC -AQYwDQYJKoZIhvcNAQELBQADggEBADV9ETzbTbVj08BtYfps5UMVqsbE9yBbeKqV -t+TPicrIFxDQ8GkSluTzxVirquC+6103Q6+eOm/5789v9WclYuRwjgia/BcyRbXx -yGyt6EwvFGck4CS2hCI0Jott/+FcncKEGNedSK2gC5ztzZ7UqCB6QerDAKM7pasi -rUFFWhdf4hqMn6u+vHs9pCOT24AsG5tQz3K57/VUdmNHoHO9VzdRR+YO9rKBcBHb -iERtgpZvhW1nJRtns608WReWasCf9NSKWu6BjY8YLJKcqyZANiG6G9sTZTTdvyat -Eh+ql1XF1GDlnnU3PTw7srCXFWqpHma/pGSCa45g9CagXIHx9GQ= +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/HhmivivhzuWYuqF/VH5D+Smwj0t +Dfai/zIstNkxTPrpMYdiEsFnmR2WZdZwzy6zf/zWkI2f6+ano08Hq76QN27uJkfl +Dw+iQVYt/0VFh3rEkPPGc6+DpUBW/iQoccGjA3R6zioUr4lHfAzD7Dbj7pW9Dtoj +K1K0ycGE62KEld52875o3L2Cc7DlCFFtPpdKXbg9BerartPZpFj578lXUvU4HCdn +cI1OskbAEv65fR55bNPHNuLhzjWLiWEPNe/Bdj/AD+kQJ1pxymMrbhlmqnTfoBxa +c+ELym5nCfriCrQpY7A7fS+CsxBW2Ruhd2Ar140FQCCIcZiRGOTOrwdLpQIDAQAB +o1AwTjAdBgNVHQ4EFgQUMkEJ02Qi0+ngB9rj1VbIRGFG3DgwHwYDVR0jBBgwFoAU +qMefvFl2cLo+EW1UUeMlzIOWybQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsF +AAOCAQEATjjOl+nE2GVq2bBXa5M9D+/6PcrhM8MvWysr/vZir2Yzb/fkCx3J7/sB +sIxDL/NotPn5EOALvPSixYyVReRzOOc8VkoqcKU6H84wFS8G7JhenVT7ncjRHlWU +Bpz9QG+VKo1IxZ4sFUn0mt0fFAJ8fT6ecfUNgCLhg4A/Iw9HP++tc7zjg12HpLd4 +hlGsZmbUTjrXJB09Yf+ZAmI/P3l6OjDLeIQ+Y71tVUlLNMSSFp/CTCChgVJzq3pG +QGzqCr1++gEcPC76IZWArDunmMB6M2QbOcG7qNZFGvBiL/iZ3NwC173+tyhdBWBo +R6yZH+qPAVqBID1SFTvXQ7/IeGiMmg== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIID0jCCArqgAwIBAgIUW8+lC7lrC3H9c9s3xSbY7PqwZ0YwDQYJKoZIhvcNAQEL +MIIDwjCCAqqgAwIBAgIUDiOgy2+OZHYt79OQYMRk66SIxq8wDQYJKoZIhvcNAQEL BQAwcjELMAkGA1UEBhMCR0IxEzARBgNVBAgMCkRlcmJ5c2hpcmUxDjAMBgNVBAcM BURlcmJ5MRowGAYDVQQKDBFNb3NxdWl0dG8gUHJvamVjdDEQMA4GA1UECwwHVGVz -dGluZzEQMA4GA1UEAwwHUm9vdCBDQTAeFw0yNTAxMTUwNTU5NTFaFw0zNTAxMTMw -NTU5NTFaMHIxCzAJBgNVBAYTAkdCMRMwEQYDVQQIDApEZXJieXNoaXJlMQ4wDAYD +dGluZzEQMA4GA1UEAwwHUm9vdCBDQTAeFw0yNTAyMjUxMzQyMzZaFw0zNTAyMjMx +MzQyMzZaMHIxCzAJBgNVBAYTAkdCMRMwEQYDVQQIDApEZXJieXNoaXJlMQ4wDAYD VQQHDAVEZXJieTEaMBgGA1UECgwRTW9zcXVpdHRvIFByb2plY3QxEDAOBgNVBAsM B1Rlc3RpbmcxEDAOBgNVBAMMB1Jvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB -DwAwggEKAoIBAQDAK2HNO04pSn4OD45IA2nph6j9iiS5fg7ppJKV67dUvXFDjf/h -OKmP2dOgF2TyD0erKKB7MdCHJxEmt6yT873Js4Sdo6RioApUtcAzdlO7e7EYR8Y2 -HMh5dlwniOoRDeIHUeCcSdn+t+751vBusGbQVEFGJdmW9eo+gkNYa4C48kxF/ntL -drDNIUPL/WZmjE6lqeF4n5ShrRenkPduZ2Z+YOua6eKY22q5PaoULN6kSUcDw3iP -3j7WHt2yvf+Wl6G5Xb0gf+btEoX/FR5wwj0blbT3eSbjqqxuwp7M6v7TYPeptVfI -1PSd2e6AS5MPjOpe3PccCnUQFVhgZ/YQksz5AgMBAAGjYDBeMB0GA1UdDgQWBBQP -uH0uD3yeqk/GayuukM/O6CxFzDAfBgNVHSMEGDAWgBQPuH0uD3yeqk/GayuukM/O -6CxFzDAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQsF -AAOCAQEAHoScGN8Wpx3D6N5tZLzJ+3b5bbuUv+RYdcMvbQpfDtbpoqolPCHDa0AZ -vwkYL/X9VUIiyi9RoTz3jARqL8+cJPF9FwBtuEZcrrs4doLR4uFHpDFY/qFxsa3W -e7WOiUTRQUi4jzVoUqomJJ0tyAEBLea4Wjnr8v20ao56NC1bZk3jU4yn22NTlpS/ -gDFdSc0D1+VxgaOwZBPPT8yGcPe1JfyPzTII4m5B3LhTjOljtt4DygXEPC8D6yA/ -KPOiXBTSGRa2sqXVt2lHqKFloPMlipI6+raG40m9iILrmEfVWa7vr0n/oChPGYGD -hTtA/VDL/ziC40s7Mv0kyDIZhV+TlA== +DwAwggEKAoIBAQCWyHR/VLT7MC15Sg4tbkSn76iaEk7uLLH1TeoPmIvx9gOdRTOl +4dpmgHbHnxDTGJKN7s3AP2JabDlW2po9g5p8rQW4udFKU3AdA2WANEwxxiDOr4+P +R/NigojbuCjyYQq/mJVRfA9+dsusESSbPhdKCXim6RzW9kZv1iXtqcvSSdSCEqnm +t1ggM25FlayWKpdK4pxoNG6YHidPuXhTGGIzPAoAgYTKLwtE2r/skJaWOZDcaRuE +2IWcnVc1oA0QUF1cLGuzr0McoLenRGJY9FwJW/lRD2rptuTuhHt49Lp1ktssMYPS +kgPNGUzKSjl1UuT8vIos707D6hjLWBGZ2TcRAgMBAAGjUDBOMB0GA1UdDgQWBBSo +x5+8WXZwuj4RbVRR4yXMg5bJtDAfBgNVHSMEGDAWgBSox5+8WXZwuj4RbVRR4yXM +g5bJtDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCOU45Xzsv4KM2w +IZ8Zs5V0O9ymJFoNprsZNOSsHocYO++HvgNBeNttckj/SYUCrmjjgrl2FLfjylBR +LY8viHltUFvYSJbALaitOLeeyO/wxaOEHBCNoaXaUStBmkOEE47QdAbj12hvZNWT +i7oO4eGxHYLTcAx5ZB2yrmBtxtoPbLDAjv8WrjbCd+Ph47SVTj4bl3OOJd+EUgew +8KDkiujFA+iz/yXiE144uDKI+TXvjVacewJnimbtjhRvBbUXs7TkPLWZlgszM+M/ +/WudYPsCapM6fYb01Nvn8dLRRsIpqNUo/jghs96ss6c7MjBdToLCoM/SRzDiRWSH +uxQtAfaZ -----END CERTIFICATE----- diff --git a/test/ssl/client-encrypted.crt b/test/ssl/client-encrypted.crt index 4b3b6759..bfc6a681 100644 --- a/test/ssl/client-encrypted.crt +++ b/test/ssl/client-encrypted.crt @@ -5,31 +5,31 @@ Certificate: Signature Algorithm: sha256WithRSAEncryption Issuer: C=GB, ST=Derbyshire, O=Mosquitto Project, OU=Testing, CN=Signing CA Validity - Not Before: Jan 15 05:59:52 2025 GMT - Not After : Jan 14 05:59:52 2030 GMT + Not Before: Feb 25 13:42:37 2025 GMT + Not After : Feb 24 13:42:37 2030 GMT Subject: C=GB, ST=Nottinghamshire, L=Nottingham, O=Server, OU=Production, CN=test client encrypted Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: - 00:b8:a9:b5:94:9f:46:0d:0c:ad:0e:73:c9:18:bc: - 27:dc:67:6d:c9:02:b7:e2:0a:1b:31:c3:48:a7:5c: - d3:ae:69:b5:f5:ce:f3:53:33:13:a1:59:ff:da:30: - 0e:42:1d:14:e3:f5:55:e3:62:ee:82:bf:03:ab:71: - f4:ac:fa:99:56:fc:e5:65:e0:bd:c7:5b:54:b0:46: - 01:ee:2a:fc:c2:ab:82:c4:6b:3f:2f:3a:d7:11:90: - 2e:0b:a7:29:aa:01:ee:d8:b0:5b:de:65:9b:c1:d2: - 35:83:ce:b8:f8:57:a6:63:b3:6d:dd:1d:59:88:84: - 34:cf:c4:4c:b9:cd:82:08:91:4b:7d:20:c1:b0:8a: - 98:af:87:fb:15:8d:32:f9:e6:15:50:b8:f2:df:11: - 66:16:c5:c5:9e:73:70:28:68:ee:b5:58:d4:8b:07: - 6a:f2:e8:4b:08:98:38:71:44:7c:4e:9f:90:94:af: - 4b:82:8b:eb:a3:c8:90:0b:ae:cb:cd:4b:92:55:67: - c5:ec:15:a3:f3:7b:64:cb:9c:8f:6d:13:b3:99:b8: - 81:2a:fb:b2:ae:67:97:a9:6e:33:f3:cd:ca:ad:84: - 26:f1:42:ad:78:ea:bb:f0:ee:49:f1:7e:2b:7d:66: - 59:73:33:fb:9b:30:80:e8:15:22:9a:35:96:bf:05: - 83:25 + 00:c5:77:41:1d:66:05:4f:97:66:74:8b:ea:77:b6: + ee:1a:64:4c:b7:bf:48:7f:6f:3b:a8:b8:49:71:41: + 60:c6:08:72:42:ed:17:31:12:11:08:6d:56:35:56: + 6d:8a:6a:b3:5e:28:94:55:ea:8d:48:aa:e3:3f:fb: + ad:48:4b:08:84:6b:ba:da:5a:29:de:82:5f:7e:33: + 6a:83:c9:25:04:a8:5b:1d:65:9f:f6:d2:30:1a:69: + 39:39:cd:98:22:3c:ee:1d:01:0f:30:00:27:26:d1: + 6f:fa:0d:6e:65:65:c5:18:0f:54:96:85:8c:73:08: + e6:23:70:0a:07:1a:57:ac:bc:70:07:ac:67:14:91: + 69:eb:e4:15:c2:1d:4a:07:3e:83:c6:18:5b:e4:74: + f1:19:9d:e2:d5:bc:7f:a1:31:c0:aa:9d:03:52:16: + 1f:aa:30:7f:e2:f0:1e:b5:08:0c:66:5c:13:00:89: + 00:e6:4e:63:f4:97:35:32:cd:93:b2:6c:aa:b2:ec: + bd:ef:c4:cb:bd:22:2f:0b:3a:c9:91:31:9b:8a:0d: + e9:c6:4a:42:3d:89:14:38:71:f3:68:9e:d1:ef:67: + a2:9f:aa:77:5b:a1:a7:44:0c:c3:fc:da:e1:8d:f0: + 84:7f:f5:02:f0:17:bd:57:f3:97:a6:c3:ca:46:7d: + 37:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: @@ -37,46 +37,46 @@ Certificate: Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: - 77:81:C8:19:9C:C0:B2:F5:4B:90:F2:89:61:73:A6:50:A1:52:8F:C5 + EF:FF:62:D5:1A:6D:F3:F4:BE:88:D5:4B:00:93:10:42:56:98:B5:EF X509v3 Authority Key Identifier: - 53:48:5A:50:4D:78:80:6D:55:79:8A:FE:A9:A3:68:7A:04:9A:F0:87 + 32:41:09:D3:64:22:D3:E9:E0:07:DA:E3:D5:56:C8:44:61:46:DC:38 Signature Algorithm: sha256WithRSAEncryption Signature Value: - 12:37:82:5f:6a:5e:71:66:b1:c4:78:4c:15:72:b6:69:30:f8: - c7:a2:51:ba:9f:2c:ea:46:9b:ff:4c:cc:2c:62:a4:12:fb:d8: - b1:06:16:39:73:de:ea:13:2e:04:51:33:22:07:75:21:8d:7b: - 7a:89:db:40:3e:28:73:22:79:8f:12:3d:30:7c:40:15:8f:52: - e6:e0:9f:10:e6:ab:09:5c:b8:31:b7:c8:d5:b6:b3:8b:1d:e8: - e9:3c:0b:d4:b9:38:62:a9:89:c3:64:d0:b8:74:3a:80:4d:ec: - 75:6d:8d:c5:06:b4:b4:64:86:3e:06:ae:68:0d:be:73:46:e9: - 9b:1b:ab:bc:ae:b9:8d:a2:d1:cd:2f:d0:66:8a:0c:b5:d1:c1: - 6f:c0:c3:cc:60:83:91:ba:6a:70:ab:e6:ad:7c:43:38:d4:53: - d3:3f:20:b5:cb:a3:61:b3:2b:39:16:d1:14:59:fc:86:38:af: - b0:e6:25:14:0d:ca:81:cf:36:d8:5d:4c:36:65:22:41:ec:38: - fc:e1:a8:b3:ad:9a:d6:91:3a:2b:22:a0:bb:1b:aa:07:c0:64: - 52:67:5c:9c:ca:44:57:b3:02:54:26:1f:a4:30:5c:6a:be:2d: - 18:e8:77:5c:eb:d0:4e:fc:07:24:f4:ce:47:70:4b:8d:ef:52: - 23:36:e3:eb + 5c:89:f3:48:b0:74:ac:ed:ac:73:26:ed:72:11:bf:43:74:c6: + 6d:4b:6f:95:aa:9d:68:a3:ef:b0:8c:85:2f:b8:5d:d6:b7:1b: + e5:ee:33:02:5f:80:5d:ff:6d:4a:df:39:2f:4b:9e:40:36:6e: + 57:c6:07:fe:7f:3c:1d:fd:d6:9d:f0:e0:d6:0b:df:94:15:c0: + e5:fa:2e:b6:0f:58:b1:6e:8b:d1:4f:c3:6d:10:05:24:ec:af: + d9:af:d2:1a:b9:61:5a:fd:c6:a9:cd:84:68:5c:25:c2:5d:c0: + 73:cc:e9:d9:2c:97:ff:9f:33:56:d6:21:87:65:1d:cf:35:7b: + c5:a8:60:47:6a:ee:d7:f6:8f:b2:d5:7d:91:d1:1d:b9:c3:55: + 2f:f0:e9:50:3d:8a:9b:9b:7b:e0:3b:85:80:ab:db:d0:1a:ac: + 15:1e:4c:87:2d:89:fb:4d:e9:e5:f8:3a:fa:dd:84:61:0c:20: + 78:20:c8:58:f7:59:be:4f:b9:fd:2e:6d:5c:3a:ce:b1:85:cb: + 0a:c8:e7:73:77:7f:25:30:3f:64:fa:9f:38:64:c4:d1:84:9c: + 99:9a:94:d0:2f:f0:40:a9:a1:db:6a:97:99:ab:c2:68:ee:6e: + 79:e7:07:14:19:aa:76:2a:ae:46:36:89:cc:b2:a3:b9:ca:a0: + d3:e2:4e:76 -----BEGIN CERTIFICATE----- MIID3jCCAsagAwIBAgIBBjANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJHQjET MBEGA1UECAwKRGVyYnlzaGlyZTEaMBgGA1UECgwRTW9zcXVpdHRvIFByb2plY3Qx -EDAOBgNVBAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EwHhcNMjUwMTE1 -MDU1OTUyWhcNMzAwMTE0MDU1OTUyWjCBgjELMAkGA1UEBhMCR0IxGDAWBgNVBAgM +EDAOBgNVBAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EwHhcNMjUwMjI1 +MTM0MjM3WhcNMzAwMjI0MTM0MjM3WjCBgjELMAkGA1UEBhMCR0IxGDAWBgNVBAgM D05vdHRpbmdoYW1zaGlyZTETMBEGA1UEBwwKTm90dGluZ2hhbTEPMA0GA1UECgwG U2VydmVyMRMwEQYDVQQLDApQcm9kdWN0aW9uMR4wHAYDVQQDDBV0ZXN0IGNsaWVu -dCBlbmNyeXB0ZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4qbWU -n0YNDK0Oc8kYvCfcZ23JArfiChsxw0inXNOuabX1zvNTMxOhWf/aMA5CHRTj9VXj -Yu6CvwOrcfSs+plW/OVl4L3HW1SwRgHuKvzCq4LEaz8vOtcRkC4LpymqAe7YsFve -ZZvB0jWDzrj4V6Zjs23dHVmIhDTPxEy5zYIIkUt9IMGwipivh/sVjTL55hVQuPLf -EWYWxcWec3AoaO61WNSLB2ry6EsImDhxRHxOn5CUr0uCi+ujyJALrsvNS5JVZ8Xs -FaPze2TLnI9tE7OZuIEq+7KuZ5epbjPzzcqthCbxQq146rvw7knxfit9ZllzM/ub -MIDoFSKaNZa/BYMlAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8W -HU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBR3gcgZnMCy -9UuQ8olhc6ZQoVKPxTAfBgNVHSMEGDAWgBRTSFpQTXiAbVV5iv6po2h6BJrwhzAN -BgkqhkiG9w0BAQsFAAOCAQEAEjeCX2pecWaxxHhMFXK2aTD4x6JRup8s6kab/0zM -LGKkEvvYsQYWOXPe6hMuBFEzIgd1IY17eonbQD4ocyJ5jxI9MHxAFY9S5uCfEOar -CVy4MbfI1bazix3o6TwL1Lk4YqmJw2TQuHQ6gE3sdW2NxQa0tGSGPgauaA2+c0bp -mxurvK65jaLRzS/QZooMtdHBb8DDzGCDkbpqcKvmrXxDONRT0z8gtcujYbMrORbR -FFn8hjivsOYlFA3Kgc822F1MNmUiQew4/OGos62a1pE6KyKguxuqB8BkUmdcnMpE -V7MCVCYfpDBcar4tGOh3XOvQTvwHJPTOR3BLje9SIzbj6w== +dCBlbmNyeXB0ZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFd0Ed +ZgVPl2Z0i+p3tu4aZEy3v0h/bzuouElxQWDGCHJC7RcxEhEIbVY1Vm2KarNeKJRV +6o1IquM/+61ISwiEa7raWinegl9+M2qDySUEqFsdZZ/20jAaaTk5zZgiPO4dAQ8w +ACcm0W/6DW5lZcUYD1SWhYxzCOYjcAoHGlesvHAHrGcUkWnr5BXCHUoHPoPGGFvk +dPEZneLVvH+hMcCqnQNSFh+qMH/i8B61CAxmXBMAiQDmTmP0lzUyzZOybKqy7L3v +xMu9Ii8LOsmRMZuKDenGSkI9iRQ4cfNontHvZ6KfqndboadEDMP82uGN8IR/9QLw +F71X85emw8pGfTexAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8W +HU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBTv/2LVGm3z +9L6I1UsAkxBCVpi17zAfBgNVHSMEGDAWgBQyQQnTZCLT6eAH2uPVVshEYUbcODAN +BgkqhkiG9w0BAQsFAAOCAQEAXInzSLB0rO2scybtchG/Q3TGbUtvlaqdaKPvsIyF +L7hd1rcb5e4zAl+AXf9tSt85L0ueQDZuV8YH/n88Hf3WnfDg1gvflBXA5foutg9Y +sW6L0U/DbRAFJOyv2a/SGrlhWv3Gqc2EaFwlwl3Ac8zp2SyX/58zVtYhh2UdzzV7 +xahgR2ru1/aPstV9kdEducNVL/DpUD2Km5t74DuFgKvb0BqsFR5Mhy2J+03p5fg6 ++t2EYQwgeCDIWPdZvk+5/S5tXDrOsYXLCsjnc3d/JTA/ZPqfOGTE0YScmZqU0C/w +QKmh22qXmavCaO5ueecHFBmqdiquRjaJzLKjucqg0+JOdg== -----END CERTIFICATE----- diff --git a/test/ssl/client-encrypted.key b/test/ssl/client-encrypted.key index c1ffa0bb..8dbee2bf 100644 --- a/test/ssl/client-encrypted.key +++ b/test/ssl/client-encrypted.key @@ -1,30 +1,30 @@ -----BEGIN ENCRYPTED PRIVATE KEY----- -MIIFJDBWBgkqhkiG9w0BBQ0wSTAxBgkqhkiG9w0BBQwwJAQQ9EJo6ZUkUzZ4ehgD -P42UogICCAAwDAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQIU1fju+xtrswEggTI -1l65S1uOhg5BVi/zebf0DjLhXTEGBgWUYtqRG7w/EN0uI0wWMK+iKna2BNa3TiZV -jiNkH3p5khQtrkH3LDpLP82ryN9P4/oDVCcYXf9pZjpIFfh8DSH4KfnJxRHGjTRA -MIio2a8caquy2vTdPMDF2uVofueuM50MTBc02LYQcC5zn5KPx/QbK8wK5Yv0C4um -3DCVH8EudU99CJ0ULy5MlJlYPS4NRbUWAbDj8c9Q97wGDSUJvjOebB7JMrATFhdH -C8WPbpmTA5mpetE9KxHc4x3OTkWm7BMKiaMxJUZQIcko0D+Motll4JQa7hMfZXIt -WiGcp0LKBPCmOD0wtl3pKSDKwUD0ZvT/N5Hjjsa3MueSEaWpbVSdnfV3RNPrBJpV -UlpxT35TIeiMrEPDyTlEV5G7OvX1tK2gJN63KvDxRFLLN25DYGYdu1+4uOzfEfdQ -KCA9auSfkzPjUoCaBOH399YWKQ+tvCPvmsfKvYBp6b3/hfecTpHvpDrDspUpZnsq -iUSuT52YBLO55mW7G4MedmcrCAZwnz6jjJZXVRUKNuyrWF3/4cBasknHOQM7gpgL -c7wwHoBdMx3tD0FZb/hLlToYIokuDQvk9Gobrx8rkxWi3SpRLdUo46MT7tqhKQPa -3QvTIbIHRBipiBKMdGUWCYVW6LBjoWEKF4fl6Rs8QO/PyNiq5R+SVlcx3PI305Nj -GvEj1+XaCR2snlfHDzM6EJ8LAwaWNJg1bxePa5h3ul+J4xsY+aZSTaE9WwvlmOMc -ygBECgDR0vZTKPPwQ/Gd82JfL63Q+efJVwR38Lfhgr7lgm+rr6Y71WTjACFDkF1A -A/pa1JrPh91E8FaLuMAJS+M8RCxgiYTpPSyCXvaO2iQANnTf3XyXuXA2g2xjbboc -UEMfvAXUUDnh5WxGJ2GBVaLby0g8/b9dLhkVDjrhb0nXzrUR+xzsZheafC9LXrP/ -wzzAGB7Ftbggwoh5QxhIPYsN1sWCLadf+ZUZXRCT+Lnod480rzajru3wtK8BQuAX -dhWvH1nCpEkx6uYt9qiZK+n5Id4C2miFYPFYsKQtDqEYTICYoYL0ExniLtoX0Kc7 -bBx1qOF60+M3WnhKPAPzRBTWEY3+MPzwaGhmCMiS/yVKghE+DDFMIAzaYwBMqHM8 -TL92LWx1qR5k4NXgCKRyZR5SM0qcne//S2dmuB5VoZPVlc2hXWZFMIQ3LYPVYYHv -Dy74sZ/Q1yfFX9Z3d6sxEyCp1GUmxilWEg8fEn3195rsPJJMCaBx8DmASH8gyEY9 -R8dF78Y/IwLVtzip2X+B3SVCzXF5Ziga91uSPvh375z0PSXHNSA/zhIfuNTwM7Nc -srP6TTqw4mxgBhlRZyxIdGqWJZhCTk3PMapaxwRPwskRfQSiUbaUZ4N4hVwock52 -/2RID6MxKxfALhbiNeoWdqBpU6VYK5eGKZJugiVd7iOyPLZP8fr3BcONywKzdU8T -gvYWB4vMujeIUByWIN0Grevl92vkcUyQrijHwD29PjdTQjOhhzey54SOY4IRjxuq -Wkd5A4ZwzlVXpqKD6//JnG3OVo07qIUKUu1eXh9vcV45i1XdKr3Nxiu0gbE+qGq0 -uWrGrDlP3IbAeHb51wTBWJPs+GqpGpzm +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIzZRUMtGhrGwCAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECIACbIUZoRqwBIIEyP5H4S/aVseB +m4AiP2Mc/t2EGbfb4va/ZPIrii+iv5bLZLCFSIwesG5TRhljgoCCtwtsK4U8LsjW +l5boPWWXCKzwCU+yI74u6bk0z/3C0czHArHtxEbJNRn5OlCa9Dd6s8++whGsqbZe +ijykJIf66WZcy2VHGAUifdWNzMvD5NOpbHsQBjt0JY/g0/QiPUAAgoxZ4f52NIo1 +mKeOsSuc5f+/TG3Gm2SVeG758TJE3bF21589Mec10jda5SGq/gIUvE2bhejCITDH +FEujdQLuFtz1Sfzqbi4UP89eUe0FIOh1sdmMwZLu4bphfMZI/muRWIRGvvTZQsMe +DOSk0tDuIAED5LkroElSDaRVgQPEckmqJoTNIagFh770Op0hwVLGoGsjW9ryf6wi +Pe8+zAuGrGnl9hWZx4feA3wfkmyrr2G2ipBzRnCfshElDVrZsz4gNJACKTbLldL7 +OpML1tcrNK2PgsBmyPY0qO8H9RZJ+PDVn1vJ5d/j+Bd0z0zj5Z7knxEjwMtSllZw +RNuncXiS9/pysJwLs8JrnB+rrqpHk+ww3rxSlBLzhPcxZQKRSnoH7KxkxaBmVSXn +mzDH7xOG+0fF1ca2mC5WhlwJcI9y0qFROoOP+xcozQ/upMFNRwK2TVREO0bsc0Ql +/DAtWNi8iWPrEGX0tGLmw1PTZ58MHn/zylh8yd37kDMOEIBfyPywVtWYMpZWzmZ9 +6oVIfgdTkuXZo0lOFLFZbwHdrGE+yJyusuriJAqtJ7IByxomc8BMNbWCuj0fYyxP +j6Odp9G/ujTBtVnaDiu60X6NMxzy1XYq2dh8nYdCdT/ucr+HAsURlKy+onRUDmGs +oAd+0OKm53aeLJj3c2F28Vrv1WWKJTRRpBQ21ZBiaIOiax4QxFy6ZVPFN6Jxqo/3 +5LPWsLEnqXfqRGyk+CrRwsBgeJFWbZYgF74LpQsXG4oP0eeJfmeJTwrtSPxn9qHl +jP9u2haidOFntSaRQeD1NJRuUEMUi+mcyVj3zrCJLMg7Lv1wn5arwq+uSYzCz3zj +T4XGthYw7HN2ltP1hmdJ6tSc/AMESzjNlnJKa39s26WUkzvyriGl6JlgFBYoIZc+ +nb1ChtMV1Gf2dlRHwLdH3yYS7N3e4FGpUDfimvD1s1gLP/6CdfpPBYS4I4B/p4Ea +Cv5N3OPZVgTjpjctfuOKpaaOTFDzOx2msnREeThfvKxNIHHjslsbBBXL7smge25O +gmUL8X8bhTuUI3cxW4hcMe7MkK4nuF4d2pkAGeGN5GepIGBdEZKFv2LKXTt2CBib +KE+cP40BjrMBeF/FEq57oP8o28zmksuoiJIPxGoPqUhUCgpA51AIA+wT7NIaJ09m +MYhfP6Kbqd4VjMiEJAlkHE0KChy/5qDzgIOBKkB8tEd3wSuOsJllnUqEYrr7oJlD +aQlacWnlFKBMDj/IulVYi5W1gJE+crY1Vc5srkkdneLiWcGMxM4m1PftW5AJ6oRQ +ruLpul3DmfH+VhPY9GNxauciO2G2llbL9clfJ6ujE7NfDaQPQAqgpjvaTZmha1Id +ijnem7zn0LsQuOpNBMR6c2Ij4pVBtCIlM58WYAvcbv1jlafJxO8MP7qp/YI8KwlE +kIHUz0xm+OAU8IURgB7y/g== -----END ENCRYPTED PRIVATE KEY----- diff --git a/test/ssl/client-expired.crt b/test/ssl/client-expired.crt index f957e0f6..9ab89844 100644 --- a/test/ssl/client-expired.crt +++ b/test/ssl/client-expired.crt @@ -12,24 +12,24 @@ Certificate: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: - 00:92:ef:7b:91:12:00:63:97:41:d1:95:22:9a:64: - 06:78:7f:c2:71:15:f2:92:b1:32:9b:74:79:97:f4: - 70:80:ba:42:2e:65:af:30:3d:5d:ea:ed:2b:da:7a: - f9:f1:8b:2d:04:24:de:10:70:8c:d5:d8:02:c3:5f: - b2:04:56:68:c6:56:f6:22:00:1d:5b:f3:59:28:9c: - 57:72:ad:fe:44:49:4f:b9:86:76:c0:db:e7:43:d1: - fd:0b:28:ed:52:62:e7:95:5b:27:21:4c:57:c9:ec: - 58:8e:fc:1c:af:8d:9e:1c:85:78:06:4b:93:12:63: - a7:97:5e:62:ad:61:ac:97:ad:68:b3:7f:7c:c2:a3: - e9:5d:7f:aa:2e:50:a4:f9:d2:96:28:e2:e9:92:03: - 0b:b7:59:dd:63:4a:fc:00:94:b7:5c:d5:b2:fc:45: - 00:34:b5:ca:cc:25:8c:6c:d2:dd:e5:a2:5e:e8:44: - 16:fb:b9:e2:7f:09:cc:d2:44:2e:8f:3b:80:01:bc: - 35:70:62:be:8d:b0:a4:73:61:d7:1c:da:98:c7:cc: - ab:cd:32:96:d2:2e:26:3e:f8:d3:85:3e:ce:55:16: - 0d:1e:37:74:fa:d6:63:22:cd:73:e1:19:70:60:57: - f7:aa:67:4d:51:7a:87:51:44:cc:5d:b5:e7:18:91: - 89:33 + 00:a0:6c:92:98:08:5f:a0:f9:ec:17:5b:3b:9c:77: + 6c:d1:97:9b:5c:52:19:55:23:e0:5f:fd:3e:af:4c: + 08:c0:42:44:a0:50:e0:78:19:4d:6a:09:b0:06:13: + 6a:7e:93:c9:59:b2:49:f3:b3:1d:29:26:d2:19:0e: + c3:b1:99:29:6f:ed:60:c7:cf:98:3d:54:80:5b:bb: + 9a:ec:e9:60:11:bc:99:e1:92:ab:d9:4a:f8:c5:01: + 4b:bc:d8:6d:00:50:de:6e:88:6c:3d:07:c9:68:66: + 2c:05:b5:f8:f2:79:3f:ea:b8:ea:8b:f7:80:10:14: + 87:35:b3:8e:0e:41:3c:09:98:46:f6:08:51:21:11: + ea:8c:ed:a0:c0:a9:f6:a9:dc:27:13:52:a8:ff:4c: + 43:39:a1:51:ce:bb:b5:5a:19:4f:b4:2e:12:06:d6: + 06:0e:9b:1b:72:d3:f8:cd:25:c0:21:70:19:88:13: + 66:b0:91:c8:83:cc:b4:0d:75:80:86:1c:ff:c6:71: + 50:6f:12:d4:91:1d:33:1e:f4:df:ea:7c:b1:8e:13: + 46:55:d8:d6:99:ce:0d:1e:90:9b:77:21:c8:9e:21: + 4d:27:ef:de:60:66:44:12:8d:4c:ac:dd:d8:5d:52: + 9b:57:34:92:50:5c:56:ff:5c:4c:74:88:3c:f8:e3: + 76:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: @@ -37,26 +37,26 @@ Certificate: Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: - BD:E5:C3:D5:23:F1:66:3D:1A:57:4F:75:A3:12:C5:E9:AB:89:AF:CF + E7:E8:4C:32:22:16:87:05:09:F8:09:98:4A:D2:CA:B4:AA:B1:24:BA X509v3 Authority Key Identifier: - 53:48:5A:50:4D:78:80:6D:55:79:8A:FE:A9:A3:68:7A:04:9A:F0:87 + 32:41:09:D3:64:22:D3:E9:E0:07:DA:E3:D5:56:C8:44:61:46:DC:38 Signature Algorithm: sha256WithRSAEncryption Signature Value: - 34:60:9b:10:34:53:20:12:46:0c:ec:ea:ce:4c:e7:fa:68:e9: - 1c:88:27:b5:a0:be:36:d1:d5:e5:81:99:83:9d:48:8a:71:38: - 7a:3d:13:96:2c:78:24:33:7f:f3:45:8d:e2:8c:d4:3b:17:94: - 49:52:0f:20:ce:db:88:ba:91:f6:fe:34:18:f2:8a:08:84:4f: - 15:2d:0e:3f:4a:d7:79:b9:d3:fe:bf:07:0f:01:1e:c4:03:1e: - 36:b6:c4:d4:8e:fb:77:d9:51:44:69:c4:52:c4:92:ec:6b:76: - ed:d1:08:93:43:dc:de:88:4e:8f:cd:ab:6f:a8:44:53:00:5f: - bd:44:f3:e4:73:96:2b:f9:27:a5:18:27:bd:7e:ab:f6:ea:d9: - 04:ca:3b:78:01:d9:26:e8:b9:a9:29:4e:bc:7a:78:68:a0:ad: - c4:1c:8a:df:15:4e:65:26:e2:ee:0d:3f:d7:ac:46:53:0c:a2: - 9f:35:9c:54:03:78:07:68:e6:fd:3c:3f:20:c9:87:07:f6:d6: - 37:ed:cb:f3:7b:23:6a:13:5d:28:83:91:cd:0e:cd:13:d3:99: - d6:1a:03:6a:a1:95:ac:1f:1c:e9:5e:a0:17:9f:4b:1d:c7:f8: - 94:f6:30:86:6b:ba:54:d9:d9:93:81:65:61:70:b8:8f:0d:d2: - e9:25:f3:0f + 79:d6:48:b2:17:75:25:f4:11:46:d2:b7:44:6a:c1:d6:19:6e: + 5d:a2:dc:04:71:6a:61:7d:09:fd:cb:74:f2:b6:4d:0a:3c:72: + 31:f4:28:00:2f:f9:da:6b:f5:a2:f1:65:df:04:f9:26:f7:17: + f4:ef:2e:da:eb:13:72:f6:5e:e1:a6:d1:90:46:7d:a6:81:c6: + 5d:97:f3:11:cf:26:33:5b:4b:84:36:59:1b:5b:f1:76:27:bd: + 24:db:3a:cb:55:44:c9:d4:61:52:33:cd:f3:27:2e:00:da:c3: + 7b:00:06:b0:25:4f:c7:5c:d7:9f:d3:bb:6f:d0:c9:ba:1d:7e: + f4:27:ab:e6:18:f7:5e:32:ba:05:2c:8d:df:59:7e:5b:25:c4: + f7:8f:49:ec:d6:16:2d:13:30:57:6d:3f:1a:ed:a4:c4:11:f9: + f4:60:df:86:a6:22:16:44:01:31:ef:59:8d:4e:24:63:5e:f0: + 17:1c:9d:aa:c6:40:21:5e:bb:7c:05:57:a7:88:4b:cf:ee:25: + e6:b4:f3:87:56:f8:d3:aa:74:b5:af:15:e7:14:ce:6d:b2:cd: + 63:e5:04:a0:fc:9b:21:2f:f2:89:3e:97:f9:e9:3c:45:83:f2: + a1:3f:4d:b1:3f:2b:f9:a2:3a:62:65:28:1e:7d:b3:ec:2d:7c: + 69:78:39:fb -----BEGIN CERTIFICATE----- MIID3DCCAsSgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJHQjET MBEGA1UECAwKRGVyYnlzaGlyZTEaMBgGA1UECgwRTW9zcXVpdHRvIFByb2plY3Qx @@ -64,19 +64,19 @@ EDAOBgNVBAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EwHhcNMTIwODIw MDAwMDAwWhcNMTIwODIxMDAwMDAwWjCBgDELMAkGA1UEBhMCR0IxGDAWBgNVBAgM D05vdHRpbmdoYW1zaGlyZTETMBEGA1UEBwwKTm90dGluZ2hhbTEPMA0GA1UECgwG U2VydmVyMRMwEQYDVQQLDApQcm9kdWN0aW9uMRwwGgYDVQQDDBN0ZXN0IGNsaWVu -dCBleHBpcmVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAku97kRIA -Y5dB0ZUimmQGeH/CcRXykrEym3R5l/RwgLpCLmWvMD1d6u0r2nr58YstBCTeEHCM -1dgCw1+yBFZoxlb2IgAdW/NZKJxXcq3+RElPuYZ2wNvnQ9H9CyjtUmLnlVsnIUxX -yexYjvwcr42eHIV4BkuTEmOnl15irWGsl61os398wqPpXX+qLlCk+dKWKOLpkgML -t1ndY0r8AJS3XNWy/EUANLXKzCWMbNLd5aJe6EQW+7nifwnM0kQujzuAAbw1cGK+ -jbCkc2HXHNqYx8yrzTKW0i4mPvjThT7OVRYNHjd0+tZjIs1z4RlwYFf3qmdNUXqH -UUTMXbXnGJGJMwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1P -cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUveXD1SPxZj0a -V091oxLF6auJr88wHwYDVR0jBBgwFoAUU0haUE14gG1VeYr+qaNoegSa8IcwDQYJ -KoZIhvcNAQELBQADggEBADRgmxA0UyASRgzs6s5M5/po6RyIJ7WgvjbR1eWBmYOd -SIpxOHo9E5YseCQzf/NFjeKM1DsXlElSDyDO24i6kfb+NBjyigiETxUtDj9K13m5 -0/6/Bw8BHsQDHja2xNSO+3fZUURpxFLEkuxrdu3RCJND3N6ITo/Nq2+oRFMAX71E -8+Rzliv5J6UYJ71+q/bq2QTKO3gB2SbouakpTrx6eGigrcQcit8VTmUm4u4NP9es -RlMMop81nFQDeAdo5v08PyDJhwf21jfty/N7I2oTXSiDkc0OzRPTmdYaA2qhlawf -HOleoBefSx3H+JT2MIZrulTZ2ZOBZWFwuI8N0ukl8w8= +dCBleHBpcmVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGySmAhf +oPnsF1s7nHds0ZebXFIZVSPgX/0+r0wIwEJEoFDgeBlNagmwBhNqfpPJWbJJ87Md +KSbSGQ7DsZkpb+1gx8+YPVSAW7ua7OlgEbyZ4ZKr2Ur4xQFLvNhtAFDebohsPQfJ +aGYsBbX48nk/6rjqi/eAEBSHNbOODkE8CZhG9ghRIRHqjO2gwKn2qdwnE1Ko/0xD +OaFRzru1WhlPtC4SBtYGDpsbctP4zSXAIXAZiBNmsJHIg8y0DXWAhhz/xnFQbxLU +kR0zHvTf6nyxjhNGVdjWmc4NHpCbdyHIniFNJ+/eYGZEEo1MrN3YXVKbVzSSUFxW +/1xMdIg8+ON2MwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1P +cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU5+hMMiIWhwUJ ++AmYStLKtKqxJLowHwYDVR0jBBgwFoAUMkEJ02Qi0+ngB9rj1VbIRGFG3DgwDQYJ +KoZIhvcNAQELBQADggEBAHnWSLIXdSX0EUbSt0RqwdYZbl2i3ARxamF9Cf3LdPK2 +TQo8cjH0KAAv+dpr9aLxZd8E+Sb3F/TvLtrrE3L2XuGm0ZBGfaaBxl2X8xHPJjNb +S4Q2WRtb8XYnvSTbOstVRMnUYVIzzfMnLgDaw3sABrAlT8dc15/Tu2/QybodfvQn +q+YY914yugUsjd9ZflslxPePSezWFi0TMFdtPxrtpMQR+fRg34amIhZEATHvWY1O +JGNe8BccnarGQCFeu3wFV6eIS8/uJea084dW+NOqdLWvFecUzm2yzWPlBKD8myEv +8ok+l/npPEWD8qE/TbE/K/miOmJlKB59s+wtfGl4Ofs= -----END CERTIFICATE----- diff --git a/test/ssl/client-expired.key b/test/ssl/client-expired.key index a9b8e3dd..915e4338 100644 --- a/test/ssl/client-expired.key +++ b/test/ssl/client-expired.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCS73uREgBjl0HR -lSKaZAZ4f8JxFfKSsTKbdHmX9HCAukIuZa8wPV3q7Svaevnxiy0EJN4QcIzV2ALD -X7IEVmjGVvYiAB1b81konFdyrf5ESU+5hnbA2+dD0f0LKO1SYueVWychTFfJ7FiO -/ByvjZ4chXgGS5MSY6eXXmKtYayXrWizf3zCo+ldf6ouUKT50pYo4umSAwu3Wd1j -SvwAlLdc1bL8RQA0tcrMJYxs0t3lol7oRBb7ueJ/CczSRC6PO4ABvDVwYr6NsKRz -Ydcc2pjHzKvNMpbSLiY++NOFPs5VFg0eN3T61mMizXPhGXBgV/eqZ01ReodRRMxd -tecYkYkzAgMBAAECggEAEcruK6MCaQzn63kjt45lOjI+WXNO7HSIrEpubvgqp2vm -l7e4fx7vQIN3y/0YRyeTS+0q9tKqOzrtGrt70wqjpWDibTuWUowlP8Wu0TRAlgRK -oyylNLVsS8oh2jgahN91K6DeHCoid1EnaCkfUCLWAp4m6pw8Mv3eTXYgfN5XCAbI -rWqoxqu/N7KeA9ewqmO2OW6xff6wH6U8O7C7+1nP/Tc6S+bgj/uOqNCta/i/tXAX -SlnxKlagaOcwuUhRisFDJkzzHfhEViSlB6fEQ/ybgjC7NPIhAUlSvSuNibGy23Z+ -QBfykuolCEf0QEDe7j701t4XxEYm0fTpYw/1zCzoAQKBgQDEN71IRGHVoZStVQgP -CrJNc2lxMNwk0vUB1nheAZZa+vx3BWC+oArZxHffbCvF8vIGSVfqje5kDPPtVSdE -kn6V9z+dWkeZJ721GkKFnb9v3/G0sqVc2t/ENyJea9FTK+t+QebLOEGlAPpZrZSJ -BGK6mgnLaEzenfC3ilNMVRuatwKBgQC/s+i3B+stbexaD0sFWdLYSO3DUzXuK/aJ -+Mqgs/fNMBE//hRex1+hZ7Mm6sa3fYi1tAtJMawt8dccYG8lPjIkor3Ws6yevWa0 -HNas/QNvI1TbDLO+gENqFEepDyE0iu3bjSW9BcidianshGLdlMzhhW6VcoksDUXH -qk840tt5ZQKBgF70ZmophXrfldaHtr2ovH6Uoms/bNl5KU35XwiHFh7zJOfoN1go -lPerhyMc8tX5arw2FBCTHNFYH1c0BSu/BPlHzIY2YT2xqLGSgqysmS7nnc2HQlT8 -KpuG3t/4pzTrpSvVcn3XvJTAM2bghGgGMk0BLEo+MCzvG8WGcCcZbKFjAoGBAKQ/ -aflAAKDI2MOE7Nslzb/gJE7BQajR5AbssfekmoEkWPNCJ4PZQLdS2S1T5HScSwCb -xTuuIn6vAYZfnXsEYgP/p7WH9jN/xbo2JzzJ/yI+3Fpd9LcYwCnoPEm+G84f5pHA -yn+8r9lCdOOfvfFpp2zmXQwQuTSUHqBm7D+cccz9AoGBALBOb2ogM9oPfrHU7vlo -57EyHlwOpS2w2z3MdpkeUTv7lrIeoR+GVc6Nr4g7MclXjxEDagE9umLW9nDiEu+R -vxorBQIPSz/UWIae7QGc7ToqlijZg0AcGnyKUCSpHCdQryBEDBcHPCIlSB0Qe9Iw -Op/VjGVNwRe9NATmWHqRmHZu +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCgbJKYCF+g+ewX +Wzucd2zRl5tcUhlVI+Bf/T6vTAjAQkSgUOB4GU1qCbAGE2p+k8lZsknzsx0pJtIZ +DsOxmSlv7WDHz5g9VIBbu5rs6WARvJnhkqvZSvjFAUu82G0AUN5uiGw9B8loZiwF +tfjyeT/quOqL94AQFIc1s44OQTwJmEb2CFEhEeqM7aDAqfap3CcTUqj/TEM5oVHO +u7VaGU+0LhIG1gYOmxty0/jNJcAhcBmIE2awkciDzLQNdYCGHP/GcVBvEtSRHTMe +9N/qfLGOE0ZV2NaZzg0ekJt3IcieIU0n795gZkQSjUys3dhdUptXNJJQXFb/XEx0 +iDz443YzAgMBAAECggEABhF1Thjq/RzXCF8kFxwRWrBAaTKV0LmlsBvVNi5LGnKn +Q+UrSH+0hPFO3jv3yEfw0trCn1xEGx1jzxzW3C3t+lThV02L9a3vmQi0qId/Ycxf +ib/Rjkues10EL2WEYgGtGENCzOAxhyhuO90RSKK7fzZ1cMvw5SrRnn9nPTTMf5Ra +rUU/rW+ml8MV/X4iutl4H2JdiXssC2+AndGuNmaOdd+LJm9f1jucoItw3U4pkvze +ewuo5cD3V93T7I6mGmKeYgvf2ahVULaxbcfg30pSDi9HosKG71UyPvtQZbkVwDoz +hprL21dyw31OXKDNshJSG6CkiHcmwqD07hNcv+7RoQKBgQDOg6Mr8cawqUrGWsEf +iEG7PB6PwhtGxp7M4sIzY7csf/nSaLbfW3YI87VZADZw1Wv1thdVlOC2IT+/kTgE +TWkMA3Ko59Qle6Kl7mM+ucZRL62GnH++NQs94GuzItK1qezCelx5GEaMTBnBTRvN +Sl2s+ITF9aL56VuP065a6me8owKBgQDG3ZgqLJMzVznAn+7Oj8Td919gMxnnN3im +3RLOD+oNRFA7SFsEqX6enURGSzplyzImGdgiuWUpBI8/n87rvy+WVtjeg9FuBUPO +GJQ/RntgAbtgTQDvuH9Q7aQYCPojpqgFLFrcVblEBNFTnc39JVYwxrPpkWKYfMiA +a4jwe8jpMQKBgCIvtnZS2uJp1AAMDAZNRxxYsnJ33o4T2Tvvmdhp/Gu4b8G+Je/J +szt+JJosJ9b77ZhKYYiAUca0sFnlD1HfArHDbFq7renakq1HTlSW6laMPvyWsarq +GwdOPGX2MM1z6Ma0/NPrCdq1ylmuixir49/7b/dZV3ZphAfGMgnI3g1jAoGBAJ8D +ygzPH9VJxhBU0muxYkXq7ATMV8YfAQbMd6D18L0zBsSgkscjkO/b6SAcP1HuLOdy +evUpMc6eqrzBWIABnFemkjs7RFepNhKybLg776NRPzc926XT7VoU68WcSAgB1xBr +6yuMEFxnTcqCwJfPJyBRgsMdUa2E+f5V/mXtVTXBAoGBAIC+fhh+ZWATkfqFF8hg +8Qnx+hdPAAgBm4i2VhirOz6UZei2WcC+XRdLyLByU3n0o1VHT55K4escu450qoF5 +ayjR4QPzU4WHhItSBw3P33p/EoM1QZ/Dcb+ALpF816g7qs1WWwYaHOr4+q+J/419 +HTp3CEBSo0RKKXQfK/oBsKoR -----END PRIVATE KEY----- diff --git a/test/ssl/client-revoked.crt b/test/ssl/client-revoked.crt index 0b0263e1..8d77578d 100644 --- a/test/ssl/client-revoked.crt +++ b/test/ssl/client-revoked.crt @@ -5,31 +5,31 @@ Certificate: Signature Algorithm: sha256WithRSAEncryption Issuer: C=GB, ST=Derbyshire, O=Mosquitto Project, OU=Testing, CN=Signing CA Validity - Not Before: Jan 15 05:59:52 2025 GMT - Not After : Jan 14 05:59:52 2030 GMT + Not Before: Feb 25 13:42:37 2025 GMT + Not After : Feb 24 13:42:37 2030 GMT Subject: C=GB, ST=Nottinghamshire, L=Nottingham, O=Server, OU=Production, CN=test client revoked Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: - 00:99:58:9f:27:49:10:a8:f0:10:40:c5:2a:2e:e9: - a8:1d:08:a9:50:de:6f:57:94:cb:02:e6:f8:c4:40: - f8:ae:99:d6:7b:63:ca:d3:9a:ea:2e:79:5f:b6:90: - 74:aa:59:36:ee:f5:5c:ad:6d:1d:6f:a3:1a:03:1a: - 52:fa:67:14:61:ac:14:63:bb:e2:52:00:63:78:cd: - e3:bf:96:4e:a3:ed:14:57:2e:52:82:88:b9:5f:8f: - 30:42:a9:13:8f:db:ab:9f:24:db:6b:bc:4f:9c:f2: - e0:0a:db:4e:82:0e:18:50:fb:4a:c1:90:6e:f8:c3: - 8a:d3:ea:1d:ff:5f:ae:59:80:37:f6:6d:56:5b:4c: - 25:73:e9:49:db:d2:05:2f:eb:89:9d:db:67:7e:54: - 57:a8:97:f8:7b:4a:b3:69:f5:1f:cb:a1:00:ee:14: - 12:7c:a7:2a:ce:0e:67:85:67:49:22:43:78:d9:9f: - c9:ad:a2:82:e9:5b:1b:e8:05:31:d8:94:43:1a:46: - 6e:dd:52:7f:5e:35:61:47:3e:f7:5e:8c:b5:2d:4c: - f3:5b:57:46:6c:b3:fd:7d:c9:f2:ab:c1:1e:80:91: - a3:a2:e2:d3:70:e7:15:c9:ea:ec:0f:ee:67:6d:cc: - 4c:e3:96:4d:43:c7:85:3d:5d:66:fb:7b:4e:68:7b: - 1b:af + 00:ec:7f:3a:38:e8:e4:8c:90:d9:df:2a:59:ab:a8: + cb:74:4b:fe:17:c1:3c:e8:fd:ba:cf:47:93:2d:29: + 4b:2e:3b:40:dd:29:ae:70:d3:d7:67:20:01:da:a6: + eb:27:96:58:a1:f1:a4:a5:31:dc:77:70:97:99:ea: + ad:39:35:90:41:b2:8c:5a:16:b6:b1:75:c4:b5:bb: + ef:bd:e5:6b:a4:e1:4a:70:03:4e:59:57:a6:db:d2: + c2:a2:01:7d:30:3f:d9:16:60:27:fb:47:0f:0a:cb: + 4e:d6:4b:fd:b6:47:18:6c:31:ee:5f:fd:8e:a0:37: + 02:10:26:2a:34:ad:10:5c:a8:ee:a5:8d:73:6a:29: + f8:e6:88:24:15:63:c1:b6:93:12:0c:ed:9c:6d:7f: + b4:9b:2d:fd:21:c5:9e:7b:2f:d7:b4:bb:b9:45:c0: + 49:f5:7d:58:9d:cc:cc:34:1a:25:16:5a:17:18:c8: + 81:3b:66:a2:57:08:eb:bf:93:a6:a1:b6:7d:4a:49: + e5:f3:90:45:22:c9:e2:cf:38:a3:e5:b0:d9:09:b4: + 60:89:5e:ce:fd:5b:48:e7:65:55:09:6f:e9:8b:ab: + 7d:0f:95:d6:8b:1c:ff:fe:5a:9d:58:4a:d3:a4:e7: + c3:3d:2b:2f:b4:c5:e6:b7:f6:25:5c:ec:f4:ca:e3: + 66:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: @@ -37,46 +37,46 @@ Certificate: Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: - 75:6B:E0:DD:BC:BB:50:A9:B1:C4:D2:DD:4E:04:0A:22:97:99:F6:F6 + 2F:D9:19:74:8B:87:D5:1B:33:BD:59:A4:2D:90:79:77:9E:CB:B8:28 X509v3 Authority Key Identifier: - 53:48:5A:50:4D:78:80:6D:55:79:8A:FE:A9:A3:68:7A:04:9A:F0:87 + 32:41:09:D3:64:22:D3:E9:E0:07:DA:E3:D5:56:C8:44:61:46:DC:38 Signature Algorithm: sha256WithRSAEncryption Signature Value: - 99:97:90:7c:02:51:20:47:d4:1d:1a:e3:4a:97:9d:a5:bc:9c: - 0c:40:ae:8d:56:6a:2a:c5:32:0f:b8:91:1f:05:2d:3c:ca:69: - 6f:c6:a2:ef:10:c4:1c:dc:17:c4:e1:df:73:2f:49:b7:26:f5: - b0:06:ed:e1:93:f4:09:f1:62:b5:82:14:52:21:9b:e1:7a:78: - 45:d0:8a:14:42:08:f5:ae:7e:4d:ff:c1:cd:45:36:64:a0:35: - e6:de:3f:27:30:3b:50:78:37:b9:43:82:94:48:41:a2:a7:77: - 68:9c:f1:4c:c1:66:b3:bf:c0:73:d0:47:14:db:e5:ed:cd:0f: - 40:5a:d2:ca:35:dd:3a:9c:30:75:88:c6:fe:1b:98:ba:be:00: - 65:10:b5:52:87:ae:3f:a6:5f:ac:df:45:df:af:e8:9d:32:91: - 72:07:96:19:20:a2:70:39:79:23:f2:58:dc:e3:7d:ea:4a:aa: - 62:4e:31:64:04:b0:87:04:06:45:94:60:59:76:81:72:3b:66: - a1:94:fa:1c:af:ee:63:34:1a:f7:be:50:77:83:04:f0:33:3a: - 62:af:d8:b6:23:4b:4d:71:96:74:b9:6a:fd:44:60:94:18:94: - 6b:67:65:5f:73:52:02:ff:f1:f2:41:e3:2e:2a:5c:a5:38:fa: - a2:82:9a:25 + 14:4f:5a:7e:1a:ae:b1:be:44:19:59:6e:83:73:53:e1:7a:fc: + e3:9e:ac:e4:b7:0a:6c:8d:09:20:f7:c0:48:19:3c:96:f7:4e: + 62:e4:4e:4e:12:44:f8:37:63:39:df:2e:87:64:a7:d2:b5:a7: + a0:0e:70:1b:8d:0d:6f:eb:e6:f9:ee:98:67:d6:e1:5b:76:eb: + e6:e4:b9:d5:bf:45:2c:58:53:cb:5d:63:79:4e:6a:eb:13:3c: + cb:9f:cb:67:fd:68:9f:0d:9d:f9:5c:cd:e3:88:66:44:b7:f9: + f4:b2:7b:c8:4b:eb:0f:25:a8:dc:af:aa:86:e9:af:b8:84:0f: + 3c:43:45:d5:c6:b4:e6:5f:00:0d:53:58:3a:5e:a5:1b:e3:f6: + 29:dc:2e:b5:95:fa:e2:8c:7f:0e:5f:0d:7b:ea:70:75:6b:a4: + 08:55:19:da:f7:0b:25:29:c7:cb:c8:d1:93:40:85:10:39:d4: + 4a:8c:df:a0:cd:f5:7e:a3:9a:14:bb:5b:cd:23:81:2a:df:fa: + d0:39:12:e5:a1:97:06:af:a2:e8:3a:50:c8:4f:92:c2:a5:da: + ba:b6:d0:60:c0:a3:c2:6e:e1:bd:08:47:6f:53:e7:c6:b0:70: + 79:c3:a5:a6:bd:ae:99:67:6d:6a:b2:b2:62:13:a8:63:c1:53: + 51:42:68:a0 -----BEGIN CERTIFICATE----- MIID3DCCAsSgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJHQjET MBEGA1UECAwKRGVyYnlzaGlyZTEaMBgGA1UECgwRTW9zcXVpdHRvIFByb2plY3Qx -EDAOBgNVBAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EwHhcNMjUwMTE1 -MDU1OTUyWhcNMzAwMTE0MDU1OTUyWjCBgDELMAkGA1UEBhMCR0IxGDAWBgNVBAgM +EDAOBgNVBAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EwHhcNMjUwMjI1 +MTM0MjM3WhcNMzAwMjI0MTM0MjM3WjCBgDELMAkGA1UEBhMCR0IxGDAWBgNVBAgM D05vdHRpbmdoYW1zaGlyZTETMBEGA1UEBwwKTm90dGluZ2hhbTEPMA0GA1UECgwG U2VydmVyMRMwEQYDVQQLDApQcm9kdWN0aW9uMRwwGgYDVQQDDBN0ZXN0IGNsaWVu -dCByZXZva2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVifJ0kQ -qPAQQMUqLumoHQipUN5vV5TLAub4xED4rpnWe2PK05rqLnlftpB0qlk27vVcrW0d -b6MaAxpS+mcUYawUY7viUgBjeM3jv5ZOo+0UVy5Sgoi5X48wQqkTj9urnyTba7xP -nPLgCttOgg4YUPtKwZBu+MOK0+od/1+uWYA39m1WW0wlc+lJ29IFL+uJndtnflRX -qJf4e0qzafUfy6EA7hQSfKcqzg5nhWdJIkN42Z/JraKC6Vsb6AUx2JRDGkZu3VJ/ -XjVhRz73Xoy1LUzzW1dGbLP9fcnyq8EegJGjouLTcOcVyersD+5nbcxM45ZNQ8eF -PV1m+3tOaHsbrwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1P -cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUdWvg3by7UKmx -xNLdTgQKIpeZ9vYwHwYDVR0jBBgwFoAUU0haUE14gG1VeYr+qaNoegSa8IcwDQYJ -KoZIhvcNAQELBQADggEBAJmXkHwCUSBH1B0a40qXnaW8nAxAro1WairFMg+4kR8F -LTzKaW/Gou8QxBzcF8Th33MvSbcm9bAG7eGT9AnxYrWCFFIhm+F6eEXQihRCCPWu -fk3/wc1FNmSgNebePycwO1B4N7lDgpRIQaKnd2ic8UzBZrO/wHPQRxTb5e3ND0Ba -0so13TqcMHWIxv4bmLq+AGUQtVKHrj+mX6zfRd+v6J0ykXIHlhkgonA5eSPyWNzj -fepKqmJOMWQEsIcEBkWUYFl2gXI7ZqGU+hyv7mM0Gve+UHeDBPAzOmKv2LYjS01x -lnS5av1EYJQYlGtnZV9zUgL/8fJB4y4qXKU4+qKCmiU= +dCByZXZva2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7H86OOjk +jJDZ3ypZq6jLdEv+F8E86P26z0eTLSlLLjtA3SmucNPXZyAB2qbrJ5ZYofGkpTHc +d3CXmeqtOTWQQbKMWha2sXXEtbvvveVrpOFKcANOWVem29LCogF9MD/ZFmAn+0cP +CstO1kv9tkcYbDHuX/2OoDcCECYqNK0QXKjupY1zain45ogkFWPBtpMSDO2cbX+0 +my39IcWeey/XtLu5RcBJ9X1YnczMNBolFloXGMiBO2aiVwjrv5OmobZ9Sknl85BF +Isnizzij5bDZCbRgiV7O/VtI52VVCW/pi6t9D5XWixz//lqdWErTpOfDPSsvtMXm +t/YlXOz0yuNmyQIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1P +cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUL9kZdIuH1Rsz +vVmkLZB5d57LuCgwHwYDVR0jBBgwFoAUMkEJ02Qi0+ngB9rj1VbIRGFG3DgwDQYJ +KoZIhvcNAQELBQADggEBABRPWn4arrG+RBlZboNzU+F6/OOerOS3CmyNCSD3wEgZ +PJb3TmLkTk4SRPg3YznfLodkp9K1p6AOcBuNDW/r5vnumGfW4Vt26+bkudW/RSxY +U8tdY3lOausTPMufy2f9aJ8NnflczeOIZkS3+fSye8hL6w8lqNyvqobpr7iEDzxD +RdXGtOZfAA1TWDpepRvj9incLrWV+uKMfw5fDXvqcHVrpAhVGdr3CyUpx8vI0ZNA +hRA51EqM36DN9X6jmhS7W80jgSrf+tA5EuWhlwavoug6UMhPksKl2rq20GDAo8Ju +4b0IR29T58awcHnDpaa9rplnbWqysmITqGPBU1FCaKA= -----END CERTIFICATE----- diff --git a/test/ssl/client-revoked.key b/test/ssl/client-revoked.key index d20e0f6f..924bf67e 100644 --- a/test/ssl/client-revoked.key +++ b/test/ssl/client-revoked.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCZWJ8nSRCo8BBA -xSou6agdCKlQ3m9XlMsC5vjEQPiumdZ7Y8rTmuoueV+2kHSqWTbu9VytbR1voxoD -GlL6ZxRhrBRju+JSAGN4zeO/lk6j7RRXLlKCiLlfjzBCqROP26ufJNtrvE+c8uAK -206CDhhQ+0rBkG74w4rT6h3/X65ZgDf2bVZbTCVz6Unb0gUv64md22d+VFeol/h7 -SrNp9R/LoQDuFBJ8pyrODmeFZ0kiQ3jZn8mtooLpWxvoBTHYlEMaRm7dUn9eNWFH -PvdejLUtTPNbV0Zss/19yfKrwR6AkaOi4tNw5xXJ6uwP7mdtzEzjlk1Dx4U9XWb7 -e05oexuvAgMBAAECggEAAwpMwtH3W0IXMGbi+ox2DCKl02KgQSjutXSwLe6T1PJb -3D+9lQsXOtX73c9otg/lakDBwPZ5hO3DkELaA6OTizQxhfYC+1k39PyFWBZkzL81 -41yZv4NybsCUq7L/yPRep13AXpcchPdpFbivX8i5FrHvaNMHlYsFmkSj/5zSr2zh -fpIHPVfo9HuJCO9z7YR4+u/akJ/9RJV7Dda6bl+P+BFAXYegCPRwyfUsvjLVKLCC -ct186ivmYSiFaUMIRHtbAwdUJVbpaMeJZ24bEKqU1zBMM8I5JwLsTjhe+ohkwHfK -m8sSbWNEIrnkaw+qOKRx81UyBIVJFWCrFa7AstQVcQKBgQDGMDaKEaf0/UE59nUs -PjhiEh6L8sulJQZSfLfRsXd/gjRvF0iPrvogdvzkcghRpjxSz5awMmtswQCbOuN8 -8wwaVJnFtnUhms1eYM7wwPMPdOJUlbLpFNTWeyGaT1rSaU2LS8PB4XKX9LpQVXtg -KBfNrUUQdwIZKG/YhHKjkL1kpQKBgQDGE83jIokSkeFs7hEmxkaP0oCI9psbewPc -xRXqTdYWkwCD5LhJ0Jpwc5QRDnaa2JAvObpVT/jZh0XmYizVLEWqNP3dsPeetfQg -ACW3QoNqQ69vm0ODD1oZQZJvscTg3xKggAiyHDDPI7s4G+TrGlwdAa7i4alkM5TN -+A0O4dUKwwKBgQDEYH2KLZiJDnCVKHpODpD7zAxsi3Xx+0/aaC4UH47Sz4d5FE8X -4D+D76MCEWPg06EuRPeBO1RqfItHRQCojIPPi0ibOgGx/JvGCpLCx82P4TdqrLKM -ddG3fGZ9amgJ2cG2Zqpf8C4GF76NX0ZSryd261tlxyZTG1hH6GVXYVHo6QKBgQCf -1dNJ+dBKX9VcJS9J7q152Q9HdlfrcPTI7XClxXGAfdbol2PujJpTK7DLorQqd57B -vP+TYBkaz4GkSoyK6FK+6kwA3JC0TXdVa0kD/HQ3B69FjDCKTZUS1ErqPrT0EI3j -Xe2mbAEm5VpqCHhNDtRNw9Hv2tDpvoXRPtyqqalUKQKBgFC4FWxduhfjPzN7+CVX -71Vgfd6E9X1wosTbmnG6NWa8acA0lGGbV/wnN4SHKCKIJjcN0wC6lwLb1prUvOfY -MfN87dE6QssGGiZKC8GhVnWnlvE40zJOYfKrJiSLwJsElWN3nOHnyOUmF3qSNpN7 -V089eME3g1KxoxuVqusDkITa +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDsfzo46OSMkNnf +KlmrqMt0S/4XwTzo/brPR5MtKUsuO0DdKa5w09dnIAHapusnllih8aSlMdx3cJeZ +6q05NZBBsoxaFraxdcS1u++95Wuk4UpwA05ZV6bb0sKiAX0wP9kWYCf7Rw8Ky07W +S/22RxhsMe5f/Y6gNwIQJio0rRBcqO6ljXNqKfjmiCQVY8G2kxIM7Zxtf7SbLf0h +xZ57L9e0u7lFwEn1fVidzMw0GiUWWhcYyIE7ZqJXCOu/k6ahtn1KSeXzkEUiyeLP +OKPlsNkJtGCJXs79W0jnZVUJb+mLq30PldaLHP/+Wp1YStOk58M9Ky+0xea39iVc +7PTK42bJAgMBAAECggEAFgUKkL3uecAK6SJyUu9Wci+ZKvENEMx/FkmdxHixzU4r +DeyRl2PCDJIIWilsf7UZ74omQFNSKbTMCMK2+jqogdV0B/dRb1h9xkYHXnD8AtAP +NDq6ksr8eD85bAgjddicB99QGa9WETU40+8jYlNgTMKhZUKggv5cLNDA4UKz4UyT +iBeb1AWC4UB/A9qbOTLiKDX1QZoWLsNxsIXnp2AxmMb26yZcsUFPyGzQ/SjhGKlw +cu0fJsiTBkixqMMu376SLVHHLbHEFjGYeCKi8sh8yrtga5opIitxl0qxqV2eIaVF +fovi1XAvcvetgImTza/kkpGSf5OTdhCssiU8RyFyuQKBgQD6YRt4j/hHhoLHLgth +wPXimZ9qNOfbpFuP6Y3fLWEIbz2WAo3d1FOyeF+C10pMhYHb2cSD6ahwotmwU21D +6od66YVcpsI62UvVtDORiI3lfdBg4hHXZGSvFVN4IIfVVlqWwYt1SWMGWVivpRDD +s5U7hwCpi1lRmwBXPRZTlwoy5wKBgQDxzlciDWew7Gxjr3qlxzWA4MyVFPXVEZqc +CoFo/nA0rJc9Gdxspies9CX9gv69Ozy0j2qau4+iRVrzM4+0O/KZf7szpzeFNl/8 +FW+BD7bQK6RuygOEjBnviueeJRkaB1wt4pTvrNU1K4wFBGdGF+6rhT4HlP1cviPB +FZrJS3ASzwKBgQChC9kJoUEHcKOpzhoQFHeT+1AolkMUahFi7c0NYjjpnfO1C4uI +xcvYHckBdc0ajz1J1jaqyp5HZNg0rFS5vJ7MFmxrfe+svpwipzgMQhNTK6vexUrI +ipCgdU0tFW+Jb3PxSCiVllCVgt6ii7/OwTIaCeoJI9KdxN9hPa+gsKQkvQKBgQCS +gN0D8bFAXY4yO5CIvpCpHAp3zPJA/OB66FaN4ZLkJymeyHtnjKf/PxGBboue5TQb +hcUmKLuWqoS3UycfIS8UV3J5kjeuS0qOdgJP5NBzge2nflfxR90y6Cr7AykZPxpX +Zq+sI0AubcrxA0D7E+b0Hs99UoTLWxxYkRluGnm1uwKBgQDQyXnEMKaKCITVgn7E +0+HqhczKk4otlC8FmoMDwuchI9tIhuxnqycIxBOg31Vv/8cMCyr1g4zmRuweVoxG +P37qJT90ch1p4hPAgGHXBLM5dHzbiQflohraOGLBPEFOdDd5rs6P+nmrKj+IJDBh +KzTSA6L3If/yQBJxYVsidXffSQ== -----END PRIVATE KEY----- diff --git a/test/ssl/client.crt b/test/ssl/client.crt index c52a822a..6b216574 100644 --- a/test/ssl/client.crt +++ b/test/ssl/client.crt @@ -5,31 +5,31 @@ Certificate: Signature Algorithm: sha256WithRSAEncryption Issuer: C=GB, ST=Derbyshire, O=Mosquitto Project, OU=Testing, CN=Signing CA Validity - Not Before: Jan 15 05:59:52 2025 GMT - Not After : Jan 14 05:59:52 2030 GMT + Not Before: Feb 25 13:42:37 2025 GMT + Not After : Feb 24 13:42:37 2030 GMT Subject: C=GB, ST=Nottinghamshire, L=Nottingham, O=Server, OU=Production, CN=test client Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: - 00:d7:bd:6e:51:84:12:50:b4:f9:9c:13:8b:c2:2b: - a4:ee:5c:50:4f:1d:04:67:ad:e8:30:98:a6:fa:7d: - 66:e3:a9:a9:08:b0:61:f9:ce:3e:8c:52:f2:24:64: - 1c:9c:df:3f:7d:56:2e:3a:ed:e8:49:d2:61:6d:7f: - 49:64:56:36:68:65:c3:32:fb:2d:88:5a:94:6a:d8: - 6c:27:3b:c6:da:62:45:be:9e:a7:29:4c:0e:78:9b: - 2a:79:94:eb:c6:06:f3:ed:60:ee:79:81:38:10:8b: - e7:c9:21:08:b8:0d:32:88:6e:30:9f:82:c1:66:4d: - c5:ae:f8:5f:55:0a:0f:2a:36:a5:b1:84:ee:2a:f7: - 11:00:c0:b2:64:1d:f7:f9:02:1c:cd:d8:56:46:c6: - 9f:17:d6:f3:d3:b2:f2:20:98:39:ad:9b:ff:b1:9f: - a8:b3:6a:3e:e7:d8:51:25:15:58:36:ac:8e:a7:25: - cb:f9:79:12:98:0c:e0:63:d4:d8:72:c9:83:ac:e9: - 93:32:09:95:ed:f7:56:e5:44:b7:46:5e:6c:ca:58: - c7:80:5b:b5:67:2e:8d:5f:c6:91:50:cc:97:2f:3b: - ab:a6:5a:b5:18:e1:74:95:b9:ed:b4:e6:1c:7a:ab: - 5f:4a:14:2e:78:5c:be:90:78:61:09:76:c6:65:1e: - 3f:cb + 00:b3:2d:d8:67:09:2f:3d:99:40:e3:47:67:2e:26: + bd:bd:1f:d0:d4:64:12:18:9c:3e:e1:71:1b:58:82: + b1:5b:d5:a7:b3:b2:de:10:e7:48:91:e4:5b:97:89: + 57:5b:66:e2:2d:4f:eb:44:ba:96:b1:ac:61:19:73: + b3:00:80:8e:b8:34:15:50:14:30:31:18:30:fc:70: + 9f:eb:66:40:ed:16:45:46:6d:7d:5a:39:56:ba:ab: + ce:16:d0:21:98:d6:a5:bd:e5:c8:17:27:95:8f:1c: + 8e:ac:14:a4:00:7a:05:0a:85:d4:ab:94:30:2b:70: + 16:7b:fe:ad:c2:dd:93:34:69:bf:18:34:06:15:29: + da:6a:22:22:1c:84:a8:6b:18:46:db:3e:bc:3b:2d: + f0:4b:05:24:c7:48:f8:00:db:7e:e4:0b:a8:e6:e4: + 12:2b:6d:8b:33:52:02:5f:ec:2e:09:a7:55:69:be: + 40:bb:2e:5f:be:e1:47:cf:9f:dc:71:98:e5:b0:cb: + bc:da:c6:54:bd:7a:83:b6:8e:4e:e6:06:45:89:25: + 82:9b:8d:2b:92:6c:e0:2a:8e:31:82:f6:f2:0e:27: + 82:c8:6b:23:52:d1:c9:67:0f:0e:cf:17:4b:cc:a6: + 02:e7:8e:8f:2d:75:d6:8a:81:3f:64:7d:f0:f2:48: + c2:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: @@ -37,46 +37,46 @@ Certificate: Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: - 65:3E:01:5F:06:CF:CE:02:5B:42:F5:D4:E6:C6:92:A6:F6:CE:5C:BF + 16:AF:74:3C:9E:6E:D8:2E:B9:DB:B3:15:51:0B:F4:05:32:E3:62:78 X509v3 Authority Key Identifier: - 53:48:5A:50:4D:78:80:6D:55:79:8A:FE:A9:A3:68:7A:04:9A:F0:87 + 32:41:09:D3:64:22:D3:E9:E0:07:DA:E3:D5:56:C8:44:61:46:DC:38 Signature Algorithm: sha256WithRSAEncryption Signature Value: - 7a:aa:8a:0a:11:54:15:d1:c1:e0:a3:d5:7b:37:26:d3:a1:c8: - 5f:fe:0a:f6:34:c9:3d:0b:87:af:d7:7b:81:0f:cd:cd:f6:bc: - 18:b3:4a:1a:32:4d:38:86:30:b5:09:7f:b5:cc:50:be:e1:9b: - 80:50:41:10:2c:96:19:3c:5a:3f:e1:5d:a8:a1:ba:01:ec:f6: - ec:79:3a:22:43:19:f7:12:9d:9d:be:ef:35:10:7a:ab:77:80: - ae:75:a9:72:3e:5d:39:99:7c:0e:4b:f5:28:fd:3d:ba:11:1f: - dd:15:5b:0b:4f:9d:ae:bd:6a:69:ad:00:61:5d:1c:87:ab:17: - 03:b3:45:d2:20:97:3c:c2:6f:42:f8:de:53:3d:4b:ce:9d:be: - 94:0b:19:48:a3:fa:29:39:3b:14:f7:d7:cc:58:29:f9:ce:1c: - 25:7d:6a:c8:68:50:01:38:e8:b2:c2:89:22:b6:ac:d3:8b:ba: - 2f:71:5c:33:ac:cb:28:2c:1f:b8:58:9c:aa:73:47:d2:6b:66: - 9b:a5:2a:06:77:e5:53:63:0b:be:78:33:d7:bd:0e:3a:de:20: - 25:3d:3b:a3:aa:b1:0d:45:64:6a:70:07:4c:2e:41:64:22:f7: - 32:9c:08:80:6b:ca:44:53:f6:60:e3:ea:7c:de:87:d1:7e:75: - 73:47:9d:b2 + df:7b:2f:59:d9:e8:8e:0f:52:d8:0a:be:18:fb:a8:5a:3a:54: + 09:32:06:64:4b:29:14:5c:4b:7f:70:f9:38:bd:f9:d1:0d:16: + a6:64:dd:05:94:2e:c9:6c:1e:e7:44:7e:84:47:50:99:8c:48: + 7d:9d:1a:4d:fe:c3:af:86:fe:0c:08:b4:76:42:a1:86:da:c0: + 93:41:64:e9:b8:b7:50:c1:bb:79:f7:c0:da:13:d2:2f:22:56: + 53:d6:d6:80:f3:53:9b:02:be:e3:74:fa:45:0a:c9:10:2a:b9: + dc:6d:22:d2:32:c6:9b:cd:3e:61:2d:62:19:e6:e1:4e:11:e5: + 68:57:87:86:8f:e9:66:16:6c:94:01:70:a6:80:3f:fd:07:f3: + 0f:33:da:7b:40:7d:20:1d:55:db:10:5f:50:b4:28:4a:23:e1: + bc:69:99:da:45:ba:1d:36:b1:f5:67:9b:41:5b:cd:4f:9e:54: + cc:e4:4a:8c:47:c2:ef:55:16:01:78:6d:cc:3d:4c:a6:c8:18: + 6b:51:6c:da:63:e5:ce:c6:a6:c3:87:65:ec:c5:34:b6:55:71: + a1:8c:ff:0d:36:4e:89:00:2e:2c:90:e7:f4:36:73:ca:8f:16: + 49:1c:65:d8:eb:c6:2b:fb:06:01:63:18:d9:b5:38:41:e5:34: + bc:c1:62:e1 -----BEGIN CERTIFICATE----- MIID0zCCArugAwIBAgIBAzANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJHQjET MBEGA1UECAwKRGVyYnlzaGlyZTEaMBgGA1UECgwRTW9zcXVpdHRvIFByb2plY3Qx -EDAOBgNVBAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EwHhcNMjUwMTE1 -MDU1OTUyWhcNMzAwMTE0MDU1OTUyWjB4MQswCQYDVQQGEwJHQjEYMBYGA1UECAwP +EDAOBgNVBAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EwHhcNMjUwMjI1 +MTM0MjM3WhcNMzAwMjI0MTM0MjM3WjB4MQswCQYDVQQGEwJHQjEYMBYGA1UECAwP Tm90dGluZ2hhbXNoaXJlMRMwEQYDVQQHDApOb3R0aW5naGFtMQ8wDQYDVQQKDAZT ZXJ2ZXIxEzARBgNVBAsMClByb2R1Y3Rpb24xFDASBgNVBAMMC3Rlc3QgY2xpZW50 -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA171uUYQSULT5nBOLwiuk -7lxQTx0EZ63oMJim+n1m46mpCLBh+c4+jFLyJGQcnN8/fVYuOu3oSdJhbX9JZFY2 -aGXDMvstiFqUathsJzvG2mJFvp6nKUwOeJsqeZTrxgbz7WDueYE4EIvnySEIuA0y -iG4wn4LBZk3FrvhfVQoPKjalsYTuKvcRAMCyZB33+QIczdhWRsafF9bz07LyIJg5 -rZv/sZ+os2o+59hRJRVYNqyOpyXL+XkSmAzgY9TYcsmDrOmTMgmV7fdW5US3Rl5s -yljHgFu1Zy6NX8aRUMyXLzurplq1GOF0lbnttOYceqtfShQueFy+kHhhCXbGZR4/ +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy3YZwkvPZlA40dnLia9 +vR/Q1GQSGJw+4XEbWIKxW9Wns7LeEOdIkeRbl4lXW2biLU/rRLqWsaxhGXOzAICO +uDQVUBQwMRgw/HCf62ZA7RZFRm19WjlWuqvOFtAhmNalveXIFyeVjxyOrBSkAHoF +CoXUq5QwK3AWe/6twt2TNGm/GDQGFSnaaiIiHISoaxhG2z68Oy3wSwUkx0j4ANt+ +5Auo5uQSK22LM1ICX+wuCadVab5Auy5fvuFHz5/ccZjlsMu82sZUvXqDto5O5gZF +iSWCm40rkmzgKo4xgvbyDieCyGsjUtHJZw8OzxdLzKYC546PLXXWioE/ZH3w8kjC ywIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdl -bmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUZT4BXwbPzgJbQvXU5saSpvbO -XL8wHwYDVR0jBBgwFoAUU0haUE14gG1VeYr+qaNoegSa8IcwDQYJKoZIhvcNAQEL -BQADggEBAHqqigoRVBXRweCj1Xs3JtOhyF/+CvY0yT0Lh6/Xe4EPzc32vBizShoy -TTiGMLUJf7XMUL7hm4BQQRAslhk8Wj/hXaihugHs9ux5OiJDGfcSnZ2+7zUQeqt3 -gK51qXI+XTmZfA5L9Sj9PboRH90VWwtPna69ammtAGFdHIerFwOzRdIglzzCb0L4 -3lM9S86dvpQLGUij+ik5OxT318xYKfnOHCV9ashoUAE46LLCiSK2rNOLui9xXDOs -yygsH7hYnKpzR9JrZpulKgZ35VNjC754M9e9DjreICU9O6OqsQ1FZGpwB0wuQWQi -9zKcCIBrykRT9mDj6nzeh9F+dXNHnbI= +bmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUFq90PJ5u2C6527MVUQv0BTLj +YngwHwYDVR0jBBgwFoAUMkEJ02Qi0+ngB9rj1VbIRGFG3DgwDQYJKoZIhvcNAQEL +BQADggEBAN97L1nZ6I4PUtgKvhj7qFo6VAkyBmRLKRRcS39w+Ti9+dENFqZk3QWU +LslsHudEfoRHUJmMSH2dGk3+w6+G/gwItHZCoYbawJNBZOm4t1DBu3n3wNoT0i8i +VlPW1oDzU5sCvuN0+kUKyRAqudxtItIyxpvNPmEtYhnm4U4R5WhXh4aP6WYWbJQB +cKaAP/0H8w8z2ntAfSAdVdsQX1C0KEoj4bxpmdpFuh02sfVnm0FbzU+eVMzkSoxH +wu9VFgF4bcw9TKbIGGtRbNpj5c7GpsOHZezFNLZVcaGM/w02TokALiyQ5/Q2c8qP +FkkcZdjrxiv7BgFjGNm1OEHlNLzBYuE= -----END CERTIFICATE----- diff --git a/test/ssl/client.key b/test/ssl/client.key index df5c677e..d73ee775 100644 --- a/test/ssl/client.key +++ b/test/ssl/client.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDXvW5RhBJQtPmc -E4vCK6TuXFBPHQRnregwmKb6fWbjqakIsGH5zj6MUvIkZByc3z99Vi467ehJ0mFt -f0lkVjZoZcMy+y2IWpRq2GwnO8baYkW+nqcpTA54myp5lOvGBvPtYO55gTgQi+fJ -IQi4DTKIbjCfgsFmTcWu+F9VCg8qNqWxhO4q9xEAwLJkHff5AhzN2FZGxp8X1vPT -svIgmDmtm/+xn6izaj7n2FElFVg2rI6nJcv5eRKYDOBj1NhyyYOs6ZMyCZXt91bl -RLdGXmzKWMeAW7VnLo1fxpFQzJcvO6umWrUY4XSVue205hx6q19KFC54XL6QeGEJ -dsZlHj/LAgMBAAECggEAGgHrlScbQCB5ANA4Zml1ggid49OnLsp/tbAJXSQV7bcL -uhDtVrx+vNLY/vsUmfKtyDHF8/OvL4sNlLImClL8TxyJahFunUPyJWk+rIIfyD7V -kpO0qh1Rl0d5WNvTinVXHZQ0W3Bw7km3YP86+lkY8Op7sRcFsowImz203F8QkfF4 -yRAPG7+Z2YwSMexVLjdBtmM3B3qJyt5Suls5QBFxSsMrEBrCcheQyqDXKq/I/fCW -xZIvv3okrly10qX+3aO5LU8623OKQXgE3wDcWCiSRRnZR6BWOAPfycMwlxTmSkX4 -7IW9xlycBQR+TL3neNuf/NP6R+2/O8yobbhTemg0+QKBgQD5GCiNkyia0iJyvXFS -NqKFZBV98HLKixZD0shGoubZymoYTV/g/nAhnFYJvtDjfRL5g/MXuK1mgEbgW+wx -6BbGdbQwJ14mo3V0PuTiBQjQcAF3JjM3lWmYLkT+DLc2Dr5SWyorP8CPO2HQrpTk -gMszAmQa5gaFEa6COKg30rY5OQKBgQDduI3FKXeqwE3+ppvTtIXtMgfAtYqhlTjq -b8TaJFGxaCVSKrktJj3Kuc3yUxH3Xd1IJItMwKlR5h6NMv6WQUD+igBSUNugo/q4 -q8tZ5XVaESOJqGARUp3vSqbPo+IjYJtQsN1qRKEWCMkPW/OqCtoJoGRlS4kLIANl -AB+KtVjVIwKBgElKjWwSl4juOUqPaQ9qmekrqJM0s2HbCMMN+vWlqsz8HLln0sUt -uCp7iGk3pti4jWOzKkyZfxPAvJn5EgchJcphCZJ9kttFjyKT+t5x4sUJn7TCHaHG -KZqoSo6BiUqzjdZHkqHFEVBThZVUOOT+7Erm8jNj6RkwOauBJiW+rvUpAoGBAJgg -VnVevFKV223LlsMs628RkqwwY0v2fLStt10M6lhU4rZ7xc4qnN8JmTqYsI0PBBLJ -sCIbVpFw2Kl8wZ0KbLO4r/vKqsaPfClVBhNKEriXZdC/jBqWmvJiQA3bnf8z+5zj -nSeaqwPZR0qYhpi3FV7hg8DUkNTnRCz6ZqnfP3INAoGAajKfUcSfiWvZ6MaFlXf5 -tyXybzo3rWrdzz4nsd+/jl7gpH6S/F4XIGrk3r9ythqN2kN5LMzB+LaHqSatjvGl -92BuSSg+nMlePM7PXq8LS+vuQ2wgJolaxoUqKPw1hRVdtSZzxQqANDaX9ssiqTes -hFSekDqb53/OZDKgOY2MRjA= +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCzLdhnCS89mUDj +R2cuJr29H9DUZBIYnD7hcRtYgrFb1aezst4Q50iR5FuXiVdbZuItT+tEupaxrGEZ +c7MAgI64NBVQFDAxGDD8cJ/rZkDtFkVGbX1aOVa6q84W0CGY1qW95cgXJ5WPHI6s +FKQAegUKhdSrlDArcBZ7/q3C3ZM0ab8YNAYVKdpqIiIchKhrGEbbPrw7LfBLBSTH +SPgA237kC6jm5BIrbYszUgJf7C4Jp1VpvkC7Ll++4UfPn9xxmOWwy7zaxlS9eoO2 +jk7mBkWJJYKbjSuSbOAqjjGC9vIOJ4LIayNS0clnDw7PF0vMpgLnjo8tddaKgT9k +ffDySMLLAgMBAAECggEAEe5YFjOamSkBj90g68LvwQHylZawIutb9ZaqnGhz1FNk +1Xxkcb+biRIXwmn5pol8v/kb+8RKeVxdWT01YCr9XVzE9z8V9YvMty6UKmwQukk8 +xIgHf+R2E/dGiAzrF87/Rio9JGgPNQOwGXN1WCDd6UgsWMFbMrWkYmNBw1sGNLvn +hW02Sz/IXUyzsCCqtqUK4LGhQ2KMjj9twRzc5RWUCzLw0W7Byi1k0SIopaCI5Zz6 +5U5RQxEVtH9qPGDJ8NRwsT7ShaDier7DcOhvIbXaXCfcf02h+7kYt5HHkwFnmkkR +qbFDlzsxWB1aUbVrvuGWac1M3BvEp5e92rpF0ZkUEQKBgQDbQS5Mp5iCgRu0xGuh +rZt/ADmZltMN4JfOXFS2At8BTADe54/BweS3IzblZr0SScChNPY27YqDsw5+WTcM +B3P8UULSVFox6oADnwpMAmi7L65z5D6B3gqL5OHR2U7gIA1kVAGL0psDUnZks61s +gN8oxlsM3AZe7GUnc2HC1v6dmwKBgQDRNUdZqUkll9VN3tOwmdwKZet4+64MF3te +tfO7BFmKgMxkxPi7t6cKVnHkjx+Xer0sEPrCanZgCLwtdFb2pKPn1/i3c7CnoUKW +boaa/w5xCTk0BoUzZnhxo2R3/SZMr/RMNgpC6nOartQsYN0trsCTYtjPD6jHBE2S +AA4MWQtakQKBgDErP9/O4eO6YmU6e0ypqypi+YfZDAGbsU+E4zZiFHKtAbD7SwDP +o6PyULhHPvVf9sPwJZsR0DNSr1hkV3TqIvednZefdQ6moQiu3NdI3wXDXqL8t4vW +KJVQwdeWnRqj9XzfXe1mUH8BOi3BIY4opGL3gKm0mfUlnFWpiW3xWu4rAoGAViA8 +82iBuHw9UAV/2KA+ufkja3cRO+Ee5Oq7IC62PhKwEnwUehMtLVBRKurQ8qeQ4WdM +FGWHvhlafsv6USeOYo/C0KNMAnac1xlBSOXfqCFH72cPxw1UYFQHtG3/Kmr1g7pr +lwi19uQqbOqjo37hwMtcvkGQFf5rgMONBQBTcEECgYEAo8XPVDxumpD55sk5SOqN +sIxhnh8mOSD81IP3ts98yDvPC1fAvfz3QWOjl9wgZzIColiZP+scMZ/taexHKtVW +SC4xtNd+S5jdlWs5cWAd1pvZds/hbeGxwAocgGAYkYZbebUJSX9cvLOSQKrJd5HU +HnH7lWBy29m5tmGYigvaQMc= -----END PRIVATE KEY----- diff --git a/test/ssl/crl-empty.pem b/test/ssl/crl-empty.pem index 7bc5797d..53cb5057 100644 --- a/test/ssl/crl-empty.pem +++ b/test/ssl/crl-empty.pem @@ -1,12 +1,12 @@ -----BEGIN X509 CRL----- MIIBwDCBqQIBATANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJHQjETMBEGA1UE CAwKRGVyYnlzaGlyZTEaMBgGA1UECgwRTW9zcXVpdHRvIFByb2plY3QxEDAOBgNV -BAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EXDTI1MDExNTA1NTk1MloY -DzIxMDcwMzA3MDU1OTUyWqAOMAwwCgYDVR0UBAMCAQEwDQYJKoZIhvcNAQELBQAD -ggEBAGyKNNyfKO5MOBoTWjYkZcnYmPefImHi6IuQ50AyU/DcUe+uaTe80mwuC5RZ -yFg7WjmLSmg/QvHz7zLJ2d+HV23wU8k2gLUxrnjsXIJAa20VVO/kp2Qip06/bveW -M9YZuToWwkx5oNIq6swzp3NX8SnRRKI3B4lqho7/R67OQg/B9fu0kQ9jfsNY+/e3 -bNqGvfKrxhdlmo1bju6chx9pXsIRnMMG/os6yNAi6p6m/MH3botd/et1RcVrZdGk -CqAlZD3Tlt2mJEkWQbzQvitaZSEHyIRPUZKtkG5MaCQD5vsPGz3graxaMW8aCo9W -sI0uxjlBY7ULhgb5kaje+gnaI1w= +BAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EXDTI1MDIyNTEzNDIzN1oY +DzIxMDcwNDE3MTM0MjM3WqAOMAwwCgYDVR0UBAMCAQEwDQYJKoZIhvcNAQELBQAD +ggEBAMGYs05Oy+hQmLtABJ7WvvGUwlW3/HN0TmDIPo21vcZIbn5xtI3wuLF/Tl9S +E74u8RaLwnyP1j8ioFVQjZxDnugfUWEmFwWjiNkkXgASDmpnnyuP6Kv3wkw1Aqpb +Thlcjqi8HIcXKdJoOPrWIQtaBDh/0TRnXqFggyQErkwc4HfGAE9ZLmLFFqB33ze6 +nNNyMecbSMYrKjlYKGYT2qzpp7oJMU+b0wLcdcJEdLcudRCg7GDfpcjIW+E83YSK +1AnRxpBiuk8JjsZOaXdTAfr0PI6HUeSd9kVRP5fF+EgMczKaM3wvZMpUtUqOhyCI +8nde+zlOYW1g7UCrALYohOX3mkI= -----END X509 CRL----- diff --git a/test/ssl/crl.pem b/test/ssl/crl.pem index c65a4909..50c8436c 100644 --- a/test/ssl/crl.pem +++ b/test/ssl/crl.pem @@ -1,12 +1,12 @@ -----BEGIN X509 CRL----- MIIB1jCBvwIBATANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJHQjETMBEGA1UE CAwKRGVyYnlzaGlyZTEaMBgGA1UECgwRTW9zcXVpdHRvIFByb2plY3QxEDAOBgNV -BAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EXDTI1MDExNTA1NTk1MloY -DzIxMDcwMzA3MDU1OTUyWjAUMBICAQUXDTI1MDExNTA1NTk1MlqgDjAMMAoGA1Ud -FAQDAgECMA0GCSqGSIb3DQEBCwUAA4IBAQCHwH7vhm+9jGNZ7kj495wYdl95f4uq -/EapecfQIItM6CZy9SvSfrC2MIv1JzSlIhIWntfaTWYtnDW2vS1h4oR/5Xqd9Pkw -DlYEExOIB1NJm2pY5bZy0fTBhZat6jCiz1+5Rs3sAxkyxSYQy2Qyd5sQtVlGRPZy -lzuf74yZyTdPWtWUtP2NDR51guTL+lHrJN8IL1EseYefoT075XWdCVY+GysyVm6Z -WSQ6/2m6XqIoEf+ExLhB+5EegVbqK7XmbxphxX+rsFGM9ORLxGYdrp2RR+X1STLa -fj22+ovzI01ZgZ+b/JuNlZD0o1HbqesPgccVleB1hCUOM9HhEVWfTauY +BAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EXDTI1MDIyNTEzNDIzN1oY +DzIxMDcwNDE3MTM0MjM3WjAUMBICAQUXDTI1MDIyNTEzNDIzN1qgDjAMMAoGA1Ud +FAQDAgECMA0GCSqGSIb3DQEBCwUAA4IBAQDTvPnLWty3F+fAmhhqZQ1ZflGPtF3I +SHY+3dzpPbWsuZ1MSjBlKnYZr+ACqwP5M/1yJ/t5cqnUvPVw7oycKUXLiMOPIkTL +cGiBDgluKWhC3VKUsCJRWZ0CGY1kDed0Js1sBc4j3JNm5eGMxcDERAncW64ClOKc +L+ClVJ1JHjtoVwqxOS1PRVZLi8frC8pozUVBBBZ/wZTJcYtlz1shaIjCqlloHWNh +RPKVJ+NOUwsVlIhunCwI6QbCKxsXw0Fa9CP6PXMs5sNeW8zbruN6G9ofdK4sKg2K +pCvjOBUqRapRk7z89TKRM88whEtUKhB+ILb1NIpCq/Gc5NlH8sbAjrRQ -----END X509 CRL----- diff --git a/test/ssl/server-expired.crt b/test/ssl/server-expired.crt index 52eac041..a8737cce 100644 --- a/test/ssl/server-expired.crt +++ b/test/ssl/server-expired.crt @@ -12,24 +12,24 @@ Certificate: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: - 00:97:a0:c8:2e:50:b0:14:d7:84:7e:f6:e8:cd:1b: - dd:3a:b9:ed:7d:a2:63:37:4b:e5:0f:26:a0:fb:27: - 94:40:5c:a1:24:9a:28:15:5f:57:35:99:b5:7e:16: - 16:fd:9e:4c:30:d8:de:09:81:4f:ce:ff:b2:dc:48: - 9e:58:31:33:07:ce:9f:89:e8:30:c3:cc:3b:2e:3d: - 63:88:21:9f:e3:4c:89:0a:46:35:45:cd:ad:5f:5e: - da:03:da:b7:21:e1:b8:70:3f:47:ed:1f:20:67:25: - d0:dc:c0:f2:c6:61:fa:e5:ca:28:ef:07:7a:79:d1: - a1:5a:f7:0d:cc:c8:31:b2:6c:a9:fe:78:8e:11:9a: - 7e:26:07:76:b3:ec:cc:a1:d2:23:44:80:1a:85:05: - b1:c3:81:ea:c3:2c:21:09:8e:32:1f:3c:3a:60:dc: - c7:22:b8:04:1a:fd:73:e8:78:79:ea:88:69:4c:75: - 5c:bc:d6:cb:9c:bc:65:5c:6f:65:59:78:a2:c3:00: - 4e:90:36:da:27:cd:4a:10:68:0a:66:29:79:2d:85: - 9e:b2:f4:e0:19:a3:b3:a7:f5:ab:6e:79:78:36:2b: - 19:b8:0f:62:24:d9:6a:1e:c1:be:c0:14:d7:dd:5f: - fc:d5:0a:0d:e6:f7:c6:be:bd:4f:13:cf:18:0b:89: - bf:ab + 00:cd:a9:03:cf:be:ed:03:a5:cc:a6:35:4d:25:61: + 37:bd:42:3a:26:04:a2:29:17:14:26:3d:6e:01:2c: + f9:9d:20:4a:5f:16:c8:15:7a:7d:85:ae:1f:08:ff: + cd:90:27:19:19:49:99:c8:0d:4d:96:f9:de:0e:c8: + 26:7c:d4:aa:84:e7:4d:9d:0f:44:46:af:c2:86:22: + f3:ca:1a:09:0d:98:3e:b1:1e:d7:aa:20:95:b4:15: + 11:df:07:ee:ca:06:7d:f7:97:f3:7e:a2:e2:ba:ce: + 25:32:a9:d4:96:17:07:c6:eb:d7:ed:ee:3a:94:e4: + 66:a9:55:be:90:f5:09:5b:1a:b0:2f:b9:a5:96:6a: + 3d:4c:68:07:fb:4d:df:f0:a0:d5:19:ea:24:75:d5: + a9:10:e5:ff:e1:08:44:a3:49:21:ec:7c:0d:c9:50: + 52:fa:33:7a:dd:52:23:79:3b:52:38:cb:e4:bc:27: + 65:23:0f:8f:df:eb:38:3c:21:9d:de:41:88:34:b7: + e2:90:03:74:79:dc:92:94:e1:71:4f:ff:b7:99:e6: + be:78:2f:ac:81:19:1e:48:1f:81:2b:f7:aa:cc:0b: + 12:f9:64:41:5d:b1:c2:da:99:90:e5:67:51:ca:b3: + 96:ef:b8:f5:15:82:0f:0f:d3:1a:dd:e1:7e:01:2d: + b0:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: @@ -37,26 +37,26 @@ Certificate: Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: - 02:C4:11:7C:33:56:82:9C:B4:B8:4D:D3:BA:2D:17:62:7B:D5:07:62 + 52:53:B2:A2:BB:A7:6B:6E:1C:5B:2F:FA:ED:27:B1:E7:94:BB:E4:6E X509v3 Authority Key Identifier: - 53:48:5A:50:4D:78:80:6D:55:79:8A:FE:A9:A3:68:7A:04:9A:F0:87 + 32:41:09:D3:64:22:D3:E9:E0:07:DA:E3:D5:56:C8:44:61:46:DC:38 Signature Algorithm: sha256WithRSAEncryption Signature Value: - 67:09:c5:63:8f:03:0d:ed:57:db:be:8d:46:5a:67:26:09:c3: - 16:bb:19:40:b8:66:22:78:b3:fb:b5:0e:14:e8:9e:09:07:61: - a4:bf:5f:e5:af:38:2b:38:eb:a8:01:1f:1a:4e:a3:11:42:4d: - 5d:5d:5f:55:86:fe:21:f1:ca:b4:26:de:3a:78:40:bb:f4:14: - b8:b6:36:ea:30:75:00:89:b6:f0:c4:91:8a:06:f7:72:bd:4e: - 2f:2e:38:cf:a4:f0:59:ff:bd:83:17:25:65:68:54:de:39:b3: - b3:82:6a:f8:40:24:26:33:1b:b0:cd:53:99:66:ea:d3:f3:df: - 6d:e0:9e:2f:7b:77:c7:4d:fa:8a:18:cb:25:34:88:f7:f0:75: - 72:75:d9:fe:85:45:c3:c3:b3:40:3b:62:36:ca:39:2e:f2:bc: - dd:3e:eb:25:7e:6d:ac:db:d1:cc:54:39:dc:b8:5b:ef:19:c0: - 5f:a0:49:f3:a2:13:24:21:80:73:58:a8:1b:ef:49:a7:c7:47: - 49:78:a2:71:bd:a9:6d:c4:1f:cc:de:53:8e:16:f2:11:c1:9e: - 03:c7:b4:b8:eb:85:02:90:5e:56:2c:df:22:f4:0c:c0:8d:9a: - 7f:c0:86:c8:24:3c:05:36:34:2c:36:d0:f2:c8:6e:b9:b2:58: - b1:a1:a7:54 + 93:92:e2:4f:11:52:ea:df:aa:a3:69:66:dc:7f:36:53:5b:10: + c6:eb:75:2b:e2:25:0c:72:22:46:2f:19:d0:cc:d1:b9:19:0c: + 93:77:91:7f:28:4d:3a:b3:06:94:f9:f0:49:14:7d:b2:12:60: + da:9f:24:59:5f:cd:eb:eb:16:44:f3:ba:47:96:10:71:f8:be: + 37:66:a0:af:fc:f9:96:53:31:c3:53:1f:88:72:ff:6b:a4:18: + ec:55:a6:1c:bf:a8:af:8c:13:35:55:2d:aa:a2:26:c7:2c:1a: + 55:aa:7a:12:11:eb:2d:fc:8c:6e:06:bb:d5:5b:f8:d1:25:bb: + 38:6c:1a:54:68:d0:05:00:4c:9e:b3:db:5c:d1:85:3a:b3:0a: + ee:cd:33:1d:4c:d3:0c:e6:39:d1:a4:84:f3:57:f9:59:1e:75: + 37:a9:26:82:37:f9:5c:6d:82:11:f6:25:94:74:32:c1:8f:d5: + 19:b5:30:ec:dd:9b:aa:92:91:69:dd:25:e9:72:cf:37:7d:f3: + 9c:d6:1c:e2:43:7f:bc:9c:08:6c:ed:b2:5a:76:d3:ac:bf:92: + 7c:cd:47:f9:7d:59:1f:87:f4:97:ad:7b:48:00:a0:36:72:fc: + fb:0b:94:46:43:37:c0:81:8f:32:38:5c:e5:a0:12:bf:b9:2c: + 91:ae:bf:76 -----BEGIN CERTIFICATE----- MIID2TCCAsGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJHQjET MBEGA1UECAwKRGVyYnlzaGlyZTEaMBgGA1UECgwRTW9zcXVpdHRvIFByb2plY3Qx @@ -64,19 +64,19 @@ EDAOBgNVBAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EwHhcNMTIwODIw MDAwMDAwWhcNMTIwODIxMDAwMDAwWjB+MQswCQYDVQQGEwJHQjEYMBYGA1UECAwP Tm90dGluZ2hhbXNoaXJlMRMwEQYDVQQHDApOb3R0aW5naGFtMQ8wDQYDVQQKDAZT ZXJ2ZXIxGzAZBgNVBAsMElByb2R1Y3Rpb24tZXhwaXJlZDESMBAGA1UEAwwJbG9j -YWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6DILlCwFNeE -fvbozRvdOrntfaJjN0vlDyag+yeUQFyhJJooFV9XNZm1fhYW/Z5MMNjeCYFPzv+y -3EieWDEzB86fiegww8w7Lj1jiCGf40yJCkY1Rc2tX17aA9q3IeG4cD9H7R8gZyXQ -3MDyxmH65coo7wd6edGhWvcNzMgxsmyp/niOEZp+Jgd2s+zModIjRIAahQWxw4Hq -wywhCY4yHzw6YNzHIrgEGv1z6Hh56ohpTHVcvNbLnLxlXG9lWXiiwwBOkDbaJ81K -EGgKZil5LYWesvTgGaOzp/Wrbnl4NisZuA9iJNlqHsG+wBTX3V/81QoN5vfGvr1P -E88YC4m/qwIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVu -U1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUAsQRfDNWgpy0uE3T -ui0XYnvVB2IwHwYDVR0jBBgwFoAUU0haUE14gG1VeYr+qaNoegSa8IcwDQYJKoZI -hvcNAQELBQADggEBAGcJxWOPAw3tV9u+jUZaZyYJwxa7GUC4ZiJ4s/u1DhTongkH -YaS/X+WvOCs466gBHxpOoxFCTV1dX1WG/iHxyrQm3jp4QLv0FLi2NuowdQCJtvDE -kYoG93K9Ti8uOM+k8Fn/vYMXJWVoVN45s7OCavhAJCYzG7DNU5lm6tPz323gni97 -d8dN+ooYyyU0iPfwdXJ12f6FRcPDs0A7YjbKOS7yvN0+6yV+bazb0cxUOdy4W+8Z -wF+gSfOiEyQhgHNYqBvvSafHR0l4onG9qW3EH8zeU44W8hHBngPHtLjrhQKQXlYs -3yL0DMCNmn/AhsgkPAU2NCw20PLIbrmyWLGhp1Q= +YWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzakDz77tA6XM +pjVNJWE3vUI6JgSiKRcUJj1uASz5nSBKXxbIFXp9ha4fCP/NkCcZGUmZyA1Nlvne +DsgmfNSqhOdNnQ9ERq/ChiLzyhoJDZg+sR7XqiCVtBUR3wfuygZ995fzfqLius4l +MqnUlhcHxuvX7e46lORmqVW+kPUJWxqwL7mllmo9TGgH+03f8KDVGeokddWpEOX/ +4QhEo0kh7HwNyVBS+jN63VIjeTtSOMvkvCdlIw+P3+s4PCGd3kGINLfikAN0edyS +lOFxT/+3mea+eC+sgRkeSB+BK/eqzAsS+WRBXbHC2pmQ5WdRyrOW77j1FYIPD9Ma +3eF+AS2w2wIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVu +U1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUUlOyoruna24cWy/6 +7Sex55S75G4wHwYDVR0jBBgwFoAUMkEJ02Qi0+ngB9rj1VbIRGFG3DgwDQYJKoZI +hvcNAQELBQADggEBAJOS4k8RUurfqqNpZtx/NlNbEMbrdSviJQxyIkYvGdDM0bkZ +DJN3kX8oTTqzBpT58EkUfbISYNqfJFlfzevrFkTzukeWEHH4vjdmoK/8+ZZTMcNT +H4hy/2ukGOxVphy/qK+MEzVVLaqiJscsGlWqehIR6y38jG4Gu9Vb+NEluzhsGlRo +0AUATJ6z21zRhTqzCu7NMx1M0wzmOdGkhPNX+VkedTepJoI3+VxtghH2JZR0MsGP +1Rm1MOzdm6qSkWndJelyzzd985zWHOJDf7ycCGztslp206y/knzNR/l9WR+H9Jet +e0gAoDZy/PsLlEZDN8CBjzI4XOWgEr+5LJGuv3Y= -----END CERTIFICATE----- diff --git a/test/ssl/server-expired.key b/test/ssl/server-expired.key index e08dcbed..8ddf521f 100644 --- a/test/ssl/server-expired.key +++ b/test/ssl/server-expired.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCXoMguULAU14R+ -9ujNG906ue19omM3S+UPJqD7J5RAXKEkmigVX1c1mbV+Fhb9nkww2N4JgU/O/7Lc -SJ5YMTMHzp+J6DDDzDsuPWOIIZ/jTIkKRjVFza1fXtoD2rch4bhwP0ftHyBnJdDc -wPLGYfrlyijvB3p50aFa9w3MyDGybKn+eI4Rmn4mB3az7Myh0iNEgBqFBbHDgerD -LCEJjjIfPDpg3MciuAQa/XPoeHnqiGlMdVy81sucvGVcb2VZeKLDAE6QNtonzUoQ -aApmKXkthZ6y9OAZo7On9atueXg2Kxm4D2Ik2Woewb7AFNfdX/zVCg3m98a+vU8T -zxgLib+rAgMBAAECggEAAoOuuE79C8lAChYKuz9FRPBx6FfYV/vPbrq/8I6ggoDm -ukZWg+plmQ1bJ+PJy4oMgx/DVzGln+391ivzBJ6OyZPDt5nc3j6yh/24hqz4bmCi -2U8tMW50e8Y/Y+hV/kfL0CM+r1L9llbXbJhEJaLYw5VgfZOxN0nW3NRB3+rJCgGz -v5Zdsw6C7bYXuLJwep5SsmSOg5qcaVioti2pfYxX/uzcbSqPvvYHatkcot56vQmp -vQABzmJ/ppFb4QAqP+A8abCDm2HT1kTymC8ztuz9HjCGRpxJ1QiRkc05U4/hnQja -CgMp8jZkm+VHRKxNw2i2jGN0aJ4RZT07wQXKfiRmNQKBgQDRRfePDJfMDRpJCr1Q -e7+zW8plzvSjmdW6ophbHkK0sUj3pt1bPBfF5LAYb6AYoI/LEH9KCg6e545R7w/S -ngJMu1reFzwGOj6ALx8bdo2jW7dH0XDorNzTaNuBWaQIgdEt8AAf/WF+mf+Ir6mh -FBsbLYkZJr7gkCcR2UHr83FoXwKBgQC5e9H+ScxAsqKNyWXbmd/5d8ulRrwyVM5n -zO4BnbpKAN3AqLKYm+56Pp1l11d7aR7SIwJQc4QOsLk3+NtzaiIeoGnOFBnGFQLg -cPXIej3IdS0QYnVrCoSrizRd9HhkRzskRd1vw55FzGqxuRsCmjdYx+R5bdMc41PH -4YrFK5NcNQKBgQDEfatJVwuX/Z12g2zpiqed4kuRd9XfXmt9B3mB5FHBksvuK3Cf -Xzb7ChQFfZmWRft9MIoznGnJ7aSFba8vlEiYfzl8Wdh0CG/yr0vH33JxtYXLGu2m -qdfVcBjZxK7theY/+Z5EawYFdtalIjplEZm51PFq+iQyeWcVrSXmQvdyhQKBgQCK -cVTnzAVcNPkHg083fb6i4Ttq/UTy/EGjUF5FbojhO4xIhKHpLlntfFbW8MgnIOsU -RXUwv0fN/zIACQsjNhCJc4oFexNRudUP2MBbBoKe4HbmR9cEMjGcKKbJifNiRZhr -FoqVJRk5V747MMJsStcMuQZbbBGq+jJKepmtWT0AEQKBgFr0BAqUsyGaD0FYTE8e -56YNYYkJpm+QSqvvufAi5PgKmV8L883uW6qp/eJdDJf5/Hxi0zxZR3lH5u0GxQoI -YamhbnqfT783bO4Yo+mqVPX1e8Ynk4XdIAQ/q17FP9AxPQbXZ9EQ/9zQ8/99Sq/j -J5n3BN38aQcM7UtuRhw7Kv81 +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDNqQPPvu0Dpcym +NU0lYTe9QjomBKIpFxQmPW4BLPmdIEpfFsgVen2Frh8I/82QJxkZSZnIDU2W+d4O +yCZ81KqE502dD0RGr8KGIvPKGgkNmD6xHteqIJW0FRHfB+7KBn33l/N+ouK6ziUy +qdSWFwfG69ft7jqU5GapVb6Q9QlbGrAvuaWWaj1MaAf7Td/woNUZ6iR11akQ5f/h +CESjSSHsfA3JUFL6M3rdUiN5O1I4y+S8J2UjD4/f6zg8IZ3eQYg0t+KQA3R53JKU +4XFP/7eZ5r54L6yBGR5IH4Er96rMCxL5ZEFdscLamZDlZ1HKs5bvuPUVgg8P0xrd +4X4BLbDbAgMBAAECggEABAwNE3vUsDCwEUk/5mS+XbloPt1Hz6Uw8/uw0XxwFmPP +SDBrlDif2w9CdGvhlgee79IfS5eEwlwnvtoOH9YThkqtn/yalwWDFMlVS3yDAcMl +i1i/B7hdGc5xq+uSYGQLpeFV8lUEPzF/++Tpq7ZyTxDPDqiUezTvbD+lYLbhuJWJ +1TdPPoWTcVZXrw8dubdgWYsDniF8IKcBoBeV8vx8Umx7lT+aohdxpHoMnqhR0U4L +k4PHJUFTkDtuS+6fPhePimDc7kTDzDpTsQAi/3gkbfCbM0Z7hX65TZCjv2/XD5GT +TOzLqi6ZvvORCCi/u7lmI+Mgrt5phdditLxVEbJU8QKBgQDpKvAfOizHgS8E42Mj +Z6NSmOAXCOJiY8z7PZwBm6FZpoTsuf4JvtVAdXw1o0a4YgxaC35QYjupRu4t/4Oe +oD6Drm/mNsIi40OTWogBW0pbwhGn5bz/E/PBtSG1zaM7uK/1gHZQL7OrQmk0v6sq +J8PhlitkysprFbpcnbFwkkx4QwKBgQDhzIRa7A59FuTo4LUNOdWZFT9I8nRy6iSs +rtPv8Wc1VZ6YrUqAeb+L33Xm0GjUAgxzjYWM+Nf5FGQW3mlcEKkJkLi9MwFBgtrq +UgFNoJUW4XxUmBGmnZj+0w1p9JxTI1/WxdzR9As1ILIM7w7zeBmedySCdrMQPe+c +alQWB3KHiQKBgHYP58XoDwR1xPkUqf4jW+9WuSDwvrBTGFeeun+V7f0W8/dptdf5 +aMFau6ntIsH544c0iqDpHIx5/eAMoPiQ6xaCHObUkzhXGsBh9ru5Hc2YVphNG4WM +9MAAlzEXDrAOtAn7Ie04OiFdXyf2ZRTTTbvL7ez7QcM3HUYIEvCNI2tBAoGAM4aC +8WiKidruk4GrbwAykMM7dL72+b4abllavZc9sPr/vOFWbejaX+W3Ntt6AF8TTk8O +GbQzPIB9soZATqTynd8reOkpsTRWFkBuUbOCMf10bK1i4b12yzeICRSrk4Ev/oea +M0LYR+BVIQRwSfivB+0yJJ9Hjz5C7lOJKpm6ddkCgYEAhLG+idT01/DOf0ttcizn +COsGdeQGEvd9/LEQln8JI5CW39K+JfwfJapeJ5Wv8shHLwz+HVlypXFTKHZK215L +f/WO+bvmDu1NunHIgH6cTGFSkpTANRlylQSosRNLAh/zBPSVWeLQVN2vAjoZ/nvB +OKG/b/+LDZa5X4IoFZV9lzs= -----END PRIVATE KEY----- diff --git a/test/ssl/server.crt b/test/ssl/server.crt index e578ebec..3adae36e 100644 --- a/test/ssl/server.crt +++ b/test/ssl/server.crt @@ -5,31 +5,31 @@ Certificate: Signature Algorithm: sha256WithRSAEncryption Issuer: C=GB, ST=Derbyshire, O=Mosquitto Project, OU=Testing, CN=Signing CA Validity - Not Before: Jan 15 05:59:52 2025 GMT - Not After : Jan 14 05:59:52 2030 GMT + Not Before: Feb 25 13:42:37 2025 GMT + Not After : Feb 24 13:42:37 2030 GMT Subject: C=GB, ST=Nottinghamshire, L=Nottingham, O=Server, OU=Production, CN=localhost Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: - 00:d8:aa:9a:e7:2c:34:1e:70:b4:57:9b:1f:fa:28: - e7:65:84:dc:a4:13:ce:b4:26:9e:e1:f3:59:bd:97: - dc:43:ff:19:40:a4:87:a6:f2:29:c1:a8:76:dc:f1: - f3:bf:18:31:7a:0e:d3:50:ad:fd:e7:a6:d4:4d:81: - 9b:99:45:62:e4:ee:c6:3b:42:7a:2b:19:5b:00:f2: - e9:5d:04:ff:86:eb:7b:9a:ff:68:74:00:73:1d:62: - 53:76:02:dc:51:6e:86:b0:68:c9:93:bf:de:df:80: - fa:e0:9f:e3:28:78:47:ec:f7:f6:bb:f2:ca:24:15: - f8:ab:4e:34:af:f7:4c:44:db:63:24:fe:e9:1b:34: - 81:05:43:1c:62:bf:75:9e:ef:a0:6f:1d:0c:56:57: - 0a:72:e7:d4:28:ad:75:92:9a:90:92:52:8f:5f:d1: - 65:43:b6:13:cc:09:09:4c:e5:96:88:73:1b:fe:bf: - 43:83:41:0c:03:dc:8d:31:ff:97:f8:03:5c:af:0b: - e5:60:7b:46:cc:a3:7c:e8:26:d7:19:ed:af:4f:b2: - fb:aa:d8:95:eb:8d:b4:e4:3b:10:08:0c:13:7b:77: - ac:2f:33:b7:bd:53:07:03:b1:b7:05:07:c2:a7:d8: - 4c:c5:1c:d4:f6:cd:db:48:03:fe:e4:0f:91:b1:a1: - 80:31 + 00:af:6d:36:10:72:79:73:45:9e:07:a3:f2:8d:28: + c8:03:63:15:7f:11:15:0f:1b:34:e7:e0:cf:56:9d: + 7d:3b:7c:5a:6b:f3:15:c0:90:09:d4:2b:0c:44:6c: + 4a:f0:0d:cf:28:60:1e:81:ac:e7:d3:66:e7:5c:de: + 95:75:d3:99:93:01:42:31:7c:50:d4:9e:6e:22:b3: + 1b:c9:0f:e5:33:4d:ad:17:f0:9c:20:69:57:1e:e8: + 15:bd:cf:7f:08:8a:68:14:9d:3e:ef:25:0a:5e:3d: + 34:c7:5b:30:fa:65:fa:0f:d2:80:b9:11:8e:dd:c2: + 85:3f:93:83:88:15:5d:66:6f:9c:8e:67:08:cf:61: + 53:d4:dd:f6:01:04:ee:32:d5:38:98:9d:d5:b2:ca: + ec:ff:a1:b6:08:79:a5:3c:66:81:fe:96:b5:01:67: + 33:ce:b3:7d:e9:e5:fe:b2:de:9a:e8:b0:18:d3:25: + 80:37:f4:d7:dc:33:79:85:1b:18:bc:ac:59:61:e7: + 30:46:c2:75:f9:ba:54:39:0e:39:67:b7:42:04:c7: + ac:84:a8:cd:33:f9:b8:05:d5:ff:bf:ac:5e:dd:1a: + 2e:e2:83:f4:49:b3:62:c0:d7:29:a2:be:4b:6e:6d: + ed:cf:0b:90:39:04:65:66:5f:82:19:4b:d0:da:db: + a4:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: @@ -37,46 +37,46 @@ Certificate: Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: - DA:E3:8E:FA:E2:50:AD:B5:CD:35:F2:AA:5D:C7:62:10:00:7F:54:E7 + D3:87:2B:89:AE:E5:87:47:2B:FD:59:80:FD:FD:05:0A:75:D2:40:45 X509v3 Authority Key Identifier: - 53:48:5A:50:4D:78:80:6D:55:79:8A:FE:A9:A3:68:7A:04:9A:F0:87 + 32:41:09:D3:64:22:D3:E9:E0:07:DA:E3:D5:56:C8:44:61:46:DC:38 Signature Algorithm: sha256WithRSAEncryption Signature Value: - 14:27:33:81:d2:ec:f2:2c:8c:df:95:bd:e7:93:25:c8:5e:da: - 1b:be:55:dc:38:63:c0:d2:cf:cd:45:09:89:e3:69:c7:3a:cb: - 02:17:44:c9:dd:87:c3:5a:ea:a2:e6:dd:f1:98:ef:8d:c5:ee: - c8:1c:a4:21:09:10:aa:bf:5c:95:f0:59:d4:a1:92:6e:81:0f: - 80:82:c1:d0:7f:fe:12:0f:d7:13:65:68:ac:a5:37:ae:b2:45: - 06:8b:a4:32:2f:3c:26:c9:a8:f0:d8:de:64:29:44:dd:6b:19: - 95:30:71:ed:eb:52:18:65:3f:2b:57:44:61:5e:9e:e9:a2:ca: - 04:46:e5:71:db:e6:69:63:31:40:2c:e0:ad:e4:89:1b:81:90: - d7:4c:ed:0f:2b:4a:58:56:d4:40:42:26:f4:8a:82:bf:cc:94: - 2e:02:61:2c:f8:e2:ad:b9:f8:6e:a5:fc:79:df:15:67:8a:6d: - dc:98:ea:19:25:5a:13:0f:e2:ec:db:d2:84:33:82:dd:f9:af: - b0:92:0f:f7:1c:e4:54:18:0c:6a:3e:82:a7:c9:f0:01:6f:cf: - 23:70:5e:d1:9d:d6:1c:79:f0:a1:9b:ba:94:58:fc:57:1c:ba: - ab:46:1c:9f:d8:97:26:e7:f6:10:dd:02:a6:cb:d2:ec:23:ec: - cd:ea:31:0b + dc:03:9f:a9:7a:87:12:17:1a:d0:05:c6:41:07:d7:00:b7:10: + e1:63:90:ae:43:b4:d6:a4:cf:6d:80:ef:a2:2c:0a:f9:af:61: + b0:c5:f9:6f:fc:98:0f:a6:e5:d6:a4:14:00:39:5a:29:12:db: + 9a:ac:8b:f6:b9:5a:2e:0c:40:52:b9:c2:2f:76:a5:33:17:4d: + 42:42:5b:50:50:79:be:73:a9:be:85:33:88:bf:61:67:4c:aa: + fa:6b:1e:d8:69:5a:bf:94:ca:24:af:8b:b9:cd:c4:97:cf:a3: + 28:34:94:58:5e:ed:ee:77:a8:fb:ad:72:d5:a3:c4:20:91:63: + 9a:01:dc:26:e2:ce:1e:c5:2e:e6:14:33:b8:da:e9:3b:92:2c: + 3b:1b:49:ab:36:2f:12:fa:4d:e9:89:e0:7b:f2:76:28:0c:3e: + 48:b7:92:52:eb:dd:f9:bd:15:09:a7:5c:0c:05:27:e3:1f:5d: + bc:0b:95:4e:59:5d:5a:06:e1:ea:7f:0a:a2:29:0b:1a:d5:40: + be:cd:9a:64:8d:e8:0f:15:b0:0d:fc:02:8d:37:ee:a3:06:d1: + 94:df:e3:0d:77:c2:1e:99:f6:3f:ed:ad:db:5d:7d:e0:7b:7e: + cf:b7:c3:12:51:0e:ba:e9:0f:d0:14:fa:bf:e5:56:70:27:e2: + 6c:24:72:d2 -----BEGIN CERTIFICATE----- MIID0TCCArmgAwIBAgIBATANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJHQjET MBEGA1UECAwKRGVyYnlzaGlyZTEaMBgGA1UECgwRTW9zcXVpdHRvIFByb2plY3Qx -EDAOBgNVBAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EwHhcNMjUwMTE1 -MDU1OTUyWhcNMzAwMTE0MDU1OTUyWjB2MQswCQYDVQQGEwJHQjEYMBYGA1UECAwP +EDAOBgNVBAsMB1Rlc3RpbmcxEzARBgNVBAMMClNpZ25pbmcgQ0EwHhcNMjUwMjI1 +MTM0MjM3WhcNMzAwMjI0MTM0MjM3WjB2MQswCQYDVQQGEwJHQjEYMBYGA1UECAwP Tm90dGluZ2hhbXNoaXJlMRMwEQYDVQQHDApOb3R0aW5naGFtMQ8wDQYDVQQKDAZT ZXJ2ZXIxEzARBgNVBAsMClByb2R1Y3Rpb24xEjAQBgNVBAMMCWxvY2FsaG9zdDCC -ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANiqmucsNB5wtFebH/oo52WE -3KQTzrQmnuHzWb2X3EP/GUCkh6byKcGodtzx878YMXoO01Ct/eem1E2Bm5lFYuTu -xjtCeisZWwDy6V0E/4bre5r/aHQAcx1iU3YC3FFuhrBoyZO/3t+A+uCf4yh4R+z3 -9rvyyiQV+KtONK/3TETbYyT+6Rs0gQVDHGK/dZ7voG8dDFZXCnLn1CitdZKakJJS -j1/RZUO2E8wJCUzllohzG/6/Q4NBDAPcjTH/l/gDXK8L5WB7RsyjfOgm1xntr0+y -+6rYleuNtOQ7EAgME3t3rC8zt71TBwOxtwUHwqfYTMUc1PbN20gD/uQPkbGhgDEC +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK9tNhByeXNFngej8o0oyANj +FX8RFQ8bNOfgz1adfTt8WmvzFcCQCdQrDERsSvANzyhgHoGs59Nm51zelXXTmZMB +QjF8UNSebiKzG8kP5TNNrRfwnCBpVx7oFb3PfwiKaBSdPu8lCl49NMdbMPpl+g/S +gLkRjt3ChT+Tg4gVXWZvnI5nCM9hU9Td9gEE7jLVOJid1bLK7P+htgh5pTxmgf6W +tQFnM86zfenl/rLemuiwGNMlgDf019wzeYUbGLysWWHnMEbCdfm6VDkOOWe3QgTH +rISozTP5uAXV/7+sXt0aLuKD9EmzYsDXKaK+S25t7c8LkDkEZWZfghlL0NrbpO8C AwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5l -cmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFNrjjvriUK21zTXyql3HYhAAf1Tn -MB8GA1UdIwQYMBaAFFNIWlBNeIBtVXmK/qmjaHoEmvCHMA0GCSqGSIb3DQEBCwUA -A4IBAQAUJzOB0uzyLIzflb3nkyXIXtobvlXcOGPA0s/NRQmJ42nHOssCF0TJ3YfD -Wuqi5t3xmO+Nxe7IHKQhCRCqv1yV8FnUoZJugQ+AgsHQf/4SD9cTZWispTeuskUG -i6QyLzwmyajw2N5kKUTdaxmVMHHt61IYZT8rV0RhXp7posoERuVx2+ZpYzFALOCt -5IkbgZDXTO0PK0pYVtRAQib0ioK/zJQuAmEs+OKtufhupfx53xVnim3cmOoZJVoT -D+Ls29KEM4Ld+a+wkg/3HORUGAxqPoKnyfABb88jcF7RndYcefChm7qUWPxXHLqr -Rhyf2Jcm5/YQ3QKmy9LsI+zN6jEL +cmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFNOHK4mu5YdHK/1ZgP39BQp10kBF +MB8GA1UdIwQYMBaAFDJBCdNkItPp4Afa49VWyERhRtw4MA0GCSqGSIb3DQEBCwUA +A4IBAQDcA5+peocSFxrQBcZBB9cAtxDhY5CuQ7TWpM9tgO+iLAr5r2Gwxflv/JgP +puXWpBQAOVopEtuarIv2uVouDEBSucIvdqUzF01CQltQUHm+c6m+hTOIv2FnTKr6 +ax7YaVq/lMokr4u5zcSXz6MoNJRYXu3ud6j7rXLVo8QgkWOaAdwm4s4exS7mFDO4 +2uk7kiw7G0mrNi8S+k3pieB78nYoDD5It5JS6935vRUJp1wMBSfjH128C5VOWV1a +BuHqfwqiKQsa1UC+zZpkjegPFbAN/AKNN+6jBtGU3+MNd8IemfY/7a3bXX3ge37P +t8MSUQ666Q/QFPq/5VZwJ+JsJHLS -----END CERTIFICATE----- diff --git a/test/ssl/server.key b/test/ssl/server.key index 053fa72e..3a86e52e 100644 --- a/test/ssl/server.key +++ b/test/ssl/server.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDYqprnLDQecLRX -mx/6KOdlhNykE860Jp7h81m9l9xD/xlApIem8inBqHbc8fO/GDF6DtNQrf3nptRN -gZuZRWLk7sY7QnorGVsA8uldBP+G63ua/2h0AHMdYlN2AtxRboawaMmTv97fgPrg -n+MoeEfs9/a78sokFfirTjSv90xE22Mk/ukbNIEFQxxiv3We76BvHQxWVwpy59Qo -rXWSmpCSUo9f0WVDthPMCQlM5ZaIcxv+v0ODQQwD3I0x/5f4A1yvC+Vge0bMo3zo -JtcZ7a9Psvuq2JXrjbTkOxAIDBN7d6wvM7e9UwcDsbcFB8Kn2EzFHNT2zdtIA/7k -D5GxoYAxAgMBAAECggEAFiGdF4JwI3DbNvyhME4XzsqauAbO7R9pyMYw8zkNFoP6 -6hu0QIUJZ17kH072mR0pRqC3jIztO8mSc4VK5cXM43oRVRHGBVt+bHMji60cRcWN -d2hh3MGEAKsfv9TseMPrrZ7Sgk1NwHI+Dg4+544buLSeZxXWeIenAiaHorbFu12m -PgQMELJo2XMu4Q1+aksLKziu423JPwj00Nf0JnSqTlQLex+sv/+D6jO955GhhqUK -MlI707V3myXTwex63rqHaIn4cvpqO0SBOHZi5s8CFcNL+NyJ8JzF+/sfFEsHrvAb -LX7/LstjjuyGX3Ac2W2V9OWBGUBWh3/lMyZhFM1o3QKBgQD9RseWwcGbHbVOI5v3 -p8N2PyZ1+9qPJbPCQZs5I00yHPZ/kt+AcRrAc30Q46ArHGcx4MfXjXd+AcLIS1Gi -NvW15aPIs9G5/q6p4spHKupntHfrF5QIoyQZa/FHI80Brvr3xbMxBY9SXMuvEpmM -602wvmSbFufjCEz5pLqqgW6HBQKBgQDa/wuPeDSq2HAICkFP8x7WyA5yLCZQ9KWW -N54Cjy8NZ73fUpp/QWbyfYLRInSikNKzirM4rhn3ErWvOj9y+ne4Kj/CAVNCTXR3 -W05NolKHwZKXV8Dr9rXbko5oRHfSO4yeUtZOJai2bYN67o8gBe4NU+cQGGJDjZtT -aW7NlBZEPQKBgAaO66IiuEGs/kHcuDAsfuoz7moFsH4eas4v5rYPDPOsPlHFWtY3 -l4q+MtHaIw6auK1Y9bPGLP7tSr7m/GEn7SrdnGUZCug3CQzLG5PGL7WpvaUvwhyL -JOcnnWLLMYbGoicCToaJb1Ghp4CMCb/VY/icpXxClpSRZXTdaBv8KAGFAoGAAfRu -3Pv8tF20Ok4lIRqRdudYQaqlOOnGJJ4gefNfPyZi6oBpQqOJ0LZQGZ/OHLlgOBwP -13yuXKc9GfBSKquTsAAoi4nJfXkFhh85hrXhOLcAoPs2jKSqIOig/stFqom/ipZA -tXfelqpJlypT+rwy0Mmj8V/WWLYF4eu6AnnE7R0CgYB9agshRq/Z1sgpES5XvjSP -3a2+8Vcs3aplF5tlveZjxkmS4KQZ++0kYM73iqCnRv5uq+gKEO8mvgoLQagmsTQS -VVzr3MPgt7v/XWL+xd2l2aptmFTsooB19W5hLdZyuSMiZ5vbLC3YKXp9QJUwCBcu -TJacenyugbwoi4L9HNz83g== +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCvbTYQcnlzRZ4H +o/KNKMgDYxV/ERUPGzTn4M9WnX07fFpr8xXAkAnUKwxEbErwDc8oYB6BrOfTZudc +3pV105mTAUIxfFDUnm4isxvJD+UzTa0X8JwgaVce6BW9z38IimgUnT7vJQpePTTH +WzD6ZfoP0oC5EY7dwoU/k4OIFV1mb5yOZwjPYVPU3fYBBO4y1TiYndWyyuz/obYI +eaU8ZoH+lrUBZzPOs33p5f6y3prosBjTJYA39NfcM3mFGxi8rFlh5zBGwnX5ulQ5 +Djlnt0IEx6yEqM0z+bgF1f+/rF7dGi7ig/RJs2LA1ymivktube3PC5A5BGVmX4IZ +S9Da26TvAgMBAAECggEALdeWNzoS7sKUh16adbTgf7IW3fuyyx3K94VR6UqCfVcD +sg318zowt1cAf6jk9FJHfj+P+Ucb1aygbS5lVEMVcMr1Z0UbQlScZ0jyy9nxhTSZ +NRZVVkrwz0zK0a01fx/cDvcAiTHewb2w2x/DbsvTSusxZCtocB7y/ygnSRp8K9Yz +0ny+sDeu6HIV2CVjzHMEgtu+QSEMWkHFOnqxs37/is361P7/oKtGo/NTCmDcR08o +R/dZkjFx8vYHc5t5gAkqQgM55THZkfNfUX6aNpEDycMbo0QbjIfmyuVxWjBWR9P2 +z2BS6EKgPqXIApgN9ilr+ZzoAoL9SvSoTmsdNKxWkQKBgQDhwMuY1ZlMQ0frnb5f +EwLrPvuYzRWbTCp0OcYbrtqOMqE1LFHajl1bR0nyWRC76kxG6w/ts865hNu+sD2Y +INPmIIoOZHie7cqr/LZqEPL0/WEU/bQ3ghhNYyuS6cTxdolfNY8ynSsEsK7uGu5M +EJ7Znc2BBXyNUWqv+k7WQrVefQKBgQDG7j7FnRFv/mSWkSXLN8GLxmROdpCsoBdj +WNopC6rwZDoOc68+h3nAd9QtoSrl1l4WBd3DZzG+93diMfKfUcDMTFA/n82rlKqr +AMqOLY06H3vMFDAvcNW8v3tlGRXKBCToI/SSqyoY+/Jwj36sA1KemH2BJNY0XzBi +gMHKULwQ2wKBgDNNKbdAiwaun3Bmt3VJj7c/59LwgAF7jIY+/ssZsCbyUHoR6UP+ +aC6vA5nkLY5WjyDqmAMPgmHcVEeAK28fvqekK1tb76FGLnFpC1cNJPkRf3dStBqN +INKtP6CyKQQqSMtvE2yQFM+LCyWmzxJQEJkpaCLyyTwgDVuSSUodfLPNAoGANtQN +awvqdXKpKLKitwsMBklM9i9JmrqZF6Gyp2N23sDRG5CY+WP/k6OzUEw+dZCK6Aj/ +4U588IRmXCMmGvE+cVCLQa360tKr42vZaCx341AwH8Rkr36q+lXQXcH3NnHD9lOK +oi4Y8T/nx0xVfnV//QRMex67Bz5BKLUSNH/iBccCgYADYU6T/cpSXbkY6tviZM7D +ew+9eaQFS7zw0a0tEi86BUB88LzbKQFxCMYmz4U9EhaB2rQdloQqElHyQEDASC6N +vs541Oel0aS+qiEPxyscdLSk7SfZ9P9hmL/VCGu9Dr9B6rwb99jujVr08mjBccD4 +bkWtcl2BvA2IRIG5qGEMGg== -----END PRIVATE KEY----- diff --git a/test/ssl/test-alt-ca.crt b/test/ssl/test-alt-ca.crt index 0ea9988e..710bfd1b 100644 --- a/test/ssl/test-alt-ca.crt +++ b/test/ssl/test-alt-ca.crt @@ -5,78 +5,77 @@ Certificate: Signature Algorithm: sha256WithRSAEncryption Issuer: C=GB, ST=Derbyshire, L=Derby, O=Mosquitto Project, OU=Testing, CN=Root CA Validity - Not Before: Jan 15 05:59:52 2025 GMT - Not After : Jan 14 05:59:52 2030 GMT + Not Before: Feb 25 13:42:36 2025 GMT + Not After : Feb 24 13:42:36 2030 GMT Subject: C=GB, ST=Derbyshire, O=Mosquitto Project, OU=Testing, CN=Alternative Signing CA Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: - 00:c6:f4:be:68:26:56:a7:ee:e6:5d:73:c3:a2:59: - 7c:7d:e4:ad:04:03:1c:8f:ba:8b:2f:21:c5:9b:4d: - de:a9:68:1b:83:12:c2:ed:4a:65:26:02:a9:97:34: - 0a:52:24:f6:d4:1c:b9:c6:07:05:d7:46:fa:99:e5: - c1:0b:c4:e4:ce:e6:86:a4:f7:70:78:8b:bc:61:8f: - b1:15:3c:fa:38:00:7c:b3:25:80:0c:a7:aa:58:df: - 62:56:9f:8e:44:8e:da:ec:f2:d2:51:aa:30:08:2d: - 8a:f8:f9:44:ed:5a:88:1f:7e:43:99:1b:c2:b2:b0: - cd:98:3e:af:5f:5e:ea:40:ca:33:d2:16:72:2f:0c: - 03:c1:15:f2:84:8f:45:e4:a6:ca:06:9a:a1:0e:00: - 7a:77:82:b9:b6:f0:63:94:79:80:87:67:c2:73:99: - d2:f7:ab:8e:99:2e:1d:2c:f6:b8:40:90:b2:46:71: - 88:0f:2b:51:2b:2b:86:be:4b:31:36:49:c4:e6:b3: - 37:a6:08:e0:dd:ab:f4:6b:f8:04:b7:b7:7e:79:38: - c1:24:18:65:d2:3e:84:96:89:64:22:db:72:80:d0: - 4f:b0:64:ad:65:b2:69:f1:95:e9:e8:7c:16:fc:06: - 1f:ba:a0:26:69:e0:51:cf:04:f3:2e:47:9d:04:c9: - 82:f1 + 00:aa:59:a8:08:08:d9:57:f3:ca:c8:a1:a8:9a:f0: + ff:32:28:79:06:44:75:1f:bc:aa:ab:80:a7:36:1b: + 2f:25:00:a8:fb:d9:f2:52:3b:94:c1:d3:f4:34:5b: + 58:34:1a:59:a2:1b:13:bf:ef:dd:81:c8:36:c6:a2: + 7b:53:d6:3a:85:6a:65:4c:49:7f:1c:4a:5a:5d:97: + d8:3a:63:02:d5:f3:1d:a6:23:71:56:5d:5c:6d:1d: + b1:1e:39:dc:df:31:21:61:be:f3:a5:b3:ac:52:0f: + b1:22:f2:a6:50:82:05:2b:53:59:53:84:ca:6e:6e: + 0a:01:1e:29:f8:64:90:ab:7c:09:77:d7:f5:03:67: + 01:fe:ed:ec:97:c6:34:87:b6:fb:58:a8:93:46:91: + ea:5f:07:ec:0f:0d:87:53:bc:55:eb:6a:7f:32:21: + 93:6f:d5:65:a3:9e:28:7d:61:a4:87:1d:91:f5:da: + f9:40:b9:a9:ba:30:74:18:05:a4:ba:4e:43:ad:fa: + 56:65:f6:03:b3:37:71:23:8b:f0:eb:3c:7f:8f:e2: + 57:34:9f:52:6c:84:17:28:34:2e:51:2f:e4:e1:2d: + 00:83:45:fd:4b:a5:52:84:c5:c9:8a:9f:7a:33:67: + e9:44:96:d7:36:a4:eb:7d:12:d7:6b:75:a0:d4:28: + 2c:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: - E2:64:81:3A:37:6B:85:70:FA:07:EE:90:63:11:AF:A2:47:79:59:73 + 0C:BC:B7:AC:50:1C:1F:52:79:73:34:F8:01:E1:03:4D:FD:A1:CB:B9 X509v3 Authority Key Identifier: - 0F:B8:7D:2E:0F:7C:9E:AA:4F:C6:6B:2B:AE:90:CF:CE:E8:2C:45:CC - X509v3 Basic Constraints: critical + A8:C7:9F:BC:59:76:70:BA:3E:11:6D:54:51:E3:25:CC:83:96:C9:B4 + X509v3 Basic Constraints: CA:TRUE X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption Signature Value: - 7b:ae:f3:5e:73:1f:5b:13:b2:1d:c0:07:4d:20:02:7d:29:86: - d5:c5:21:e3:0d:80:c9:8e:4d:f2:38:11:a4:5e:3a:78:a3:93: - 08:e7:39:6b:ca:49:74:0f:8b:d2:00:6b:95:12:9a:65:5f:9c: - 90:90:7b:aa:4b:f9:99:8a:c4:cb:44:0d:1d:5d:af:f3:77:2e: - 9a:7c:34:3b:7a:1a:70:06:b1:e5:0e:3c:03:f8:79:12:05:10: - 47:ee:d8:96:40:10:b8:26:f0:5e:74:8e:7c:85:16:3f:81:e8: - 2a:6b:2a:04:ca:e9:1a:02:af:6b:d4:f6:f7:4d:2c:c1:8b:54: - 90:69:63:9f:04:db:46:7d:ad:42:20:e6:c1:aa:f0:5b:85:2e: - c7:d3:bf:c9:07:0c:9b:9c:2b:4d:0c:56:e0:cd:c3:85:a7:a9: - 02:5e:12:1a:8d:2e:d7:3a:4e:7c:f9:8d:98:47:cb:f6:11:27: - 90:48:d1:12:58:50:bf:64:66:bc:d0:7b:1f:9c:1b:5c:e0:40: - c9:92:06:41:20:ad:63:a2:28:d6:cb:a6:18:aa:1e:8f:fa:62: - 02:83:5a:32:ae:b2:22:d6:e9:d5:2b:d8:31:69:61:4a:7a:46: - 12:05:89:37:59:76:5d:7c:e0:bd:2f:4f:51:ee:1d:33:e5:7c: - 0e:5c:69:21 + 11:10:5f:d8:0d:60:a9:cd:b7:a2:1e:a6:f2:11:7c:d0:a6:ab: + 7e:50:7e:a0:41:47:ac:d5:9f:04:b4:f2:3c:39:99:5b:a5:98: + 18:f3:ac:42:01:c7:ff:e9:fb:cf:ac:74:7e:b6:09:98:8c:82: + f7:75:4b:d9:9e:29:04:3c:c4:16:9e:c0:68:44:8a:a3:76:da: + 08:72:69:a4:c1:df:d8:af:58:6e:e7:91:84:04:52:70:45:b7: + 57:72:ac:d5:e4:15:7e:e8:6e:7a:12:b8:f0:8a:8e:d7:4c:0f: + 8d:41:e5:a1:92:8b:42:0d:9c:0f:ae:20:a8:3c:80:d2:96:01: + 6c:46:6f:a7:2f:b0:95:12:19:e2:5c:1c:ab:65:ac:72:d6:db: + 20:8d:9c:c5:cf:d5:8d:0a:36:5e:a3:59:2e:ce:40:9b:c1:1e: + e4:60:e3:e0:fb:80:5c:67:c2:57:c5:c9:44:d0:b9:70:2d:9b: + 2f:da:25:a0:3f:60:f7:19:86:ec:a5:8b:c6:29:40:bd:03:55: + 87:f6:ac:5f:2d:7b:3b:68:59:c6:85:dc:1c:f0:df:eb:8b:7d: + 42:35:4b:73:bc:03:fd:06:96:8e:2c:c8:61:ea:12:01:73:ff: + 50:d6:41:b0:75:c7:c4:06:53:4b:fc:a2:79:97:91:bc:00:db: + 48:23:a8:a0 -----BEGIN CERTIFICATE----- MIIDvjCCAqagAwIBAgIBAjANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjET MBEGA1UECAwKRGVyYnlzaGlyZTEOMAwGA1UEBwwFRGVyYnkxGjAYBgNVBAoMEU1v c3F1aXR0byBQcm9qZWN0MRAwDgYDVQQLDAdUZXN0aW5nMRAwDgYDVQQDDAdSb290 -IENBMB4XDTI1MDExNTA1NTk1MloXDTMwMDExNDA1NTk1MlowcTELMAkGA1UEBhMC +IENBMB4XDTI1MDIyNTEzNDIzNloXDTMwMDIyNDEzNDIzNlowcTELMAkGA1UEBhMC R0IxEzARBgNVBAgMCkRlcmJ5c2hpcmUxGjAYBgNVBAoMEU1vc3F1aXR0byBQcm9q ZWN0MRAwDgYDVQQLDAdUZXN0aW5nMR8wHQYDVQQDDBZBbHRlcm5hdGl2ZSBTaWdu -aW5nIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvS+aCZWp+7m -XXPDoll8feStBAMcj7qLLyHFm03eqWgbgxLC7UplJgKplzQKUiT21By5xgcF10b6 -meXBC8TkzuaGpPdweIu8YY+xFTz6OAB8syWADKeqWN9iVp+ORI7a7PLSUaowCC2K -+PlE7VqIH35DmRvCsrDNmD6vX17qQMoz0hZyLwwDwRXyhI9F5KbKBpqhDgB6d4K5 -tvBjlHmAh2fCc5nS96uOmS4dLPa4QJCyRnGIDytRKyuGvksxNknE5rM3pgjg3av0 -a/gEt7d+eTjBJBhl0j6ElolkIttygNBPsGStZbJp8ZXp6HwW/AYfuqAmaeBRzwTz -LkedBMmC8QIDAQABo2AwXjAdBgNVHQ4EFgQU4mSBOjdrhXD6B+6QYxGvokd5WXMw -HwYDVR0jBBgwFoAUD7h9Lg98nqpPxmsrrpDPzugsRcwwDwYDVR0TAQH/BAUwAwEB -/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAHuu815zH1sTsh3AB00g -An0phtXFIeMNgMmOTfI4EaReOnijkwjnOWvKSXQPi9IAa5USmmVfnJCQe6pL+ZmK -xMtEDR1dr/N3Lpp8NDt6GnAGseUOPAP4eRIFEEfu2JZAELgm8F50jnyFFj+B6Cpr -KgTK6RoCr2vU9vdNLMGLVJBpY58E20Z9rUIg5sGq8FuFLsfTv8kHDJucK00MVuDN -w4WnqQJeEhqNLtc6Tnz5jZhHy/YRJ5BI0RJYUL9kZrzQex+cG1zgQMmSBkEgrWOi -KNbLphiqHo/6YgKDWjKusiLW6dUr2DFpYUp6RhIFiTdZdl184L0vT1HuHTPlfA5c -aSE= +aW5nIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlmoCAjZV/PK +yKGomvD/Mih5BkR1H7yqq4CnNhsvJQCo+9nyUjuUwdP0NFtYNBpZohsTv+/dgcg2 +xqJ7U9Y6hWplTEl/HEpaXZfYOmMC1fMdpiNxVl1cbR2xHjnc3zEhYb7zpbOsUg+x +IvKmUIIFK1NZU4TKbm4KAR4p+GSQq3wJd9f1A2cB/u3sl8Y0h7b7WKiTRpHqXwfs +Dw2HU7xV62p/MiGTb9Vlo54ofWGkhx2R9dr5QLmpujB0GAWkuk5DrfpWZfYDszdx +I4vw6zx/j+JXNJ9SbIQXKDQuUS/k4S0Ag0X9S6VShMXJip96M2fpRJbXNqTrfRLX +a3Wg1CgsNQIDAQABo1AwTjAdBgNVHQ4EFgQUDLy3rFAcH1J5czT4AeEDTf2hy7kw +HwYDVR0jBBgwFoAUqMefvFl2cLo+EW1UUeMlzIOWybQwDAYDVR0TBAUwAwEB/zAN +BgkqhkiG9w0BAQsFAAOCAQEAERBf2A1gqc23oh6m8hF80KarflB+oEFHrNWfBLTy +PDmZW6WYGPOsQgHH/+n7z6x0frYJmIyC93VL2Z4pBDzEFp7AaESKo3baCHJppMHf +2K9YbueRhARScEW3V3Ks1eQVfuhuehK48IqO10wPjUHloZKLQg2cD64gqDyA0pYB +bEZvpy+wlRIZ4lwcq2WsctbbII2cxc/VjQo2XqNZLs5Am8Ee5GDj4PuAXGfCV8XJ +RNC5cC2bL9oloD9g9xmG7KWLxilAvQNVh/asXy17O2hZxoXcHPDf64t9QjVLc7wD +/QaWjizIYeoSAXP/UNZBsHXHxAZTS/yieZeRvADbSCOooA== -----END CERTIFICATE----- diff --git a/test/ssl/test-alt-ca.key b/test/ssl/test-alt-ca.key index 0abed784..b33bf7a3 100644 --- a/test/ssl/test-alt-ca.key +++ b/test/ssl/test-alt-ca.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDG9L5oJlan7uZd -c8OiWXx95K0EAxyPuosvIcWbTd6paBuDEsLtSmUmAqmXNApSJPbUHLnGBwXXRvqZ -5cELxOTO5oak93B4i7xhj7EVPPo4AHyzJYAMp6pY32JWn45Ejtrs8tJRqjAILYr4 -+UTtWogffkOZG8KysM2YPq9fXupAyjPSFnIvDAPBFfKEj0XkpsoGmqEOAHp3grm2 -8GOUeYCHZ8JzmdL3q46ZLh0s9rhAkLJGcYgPK1ErK4a+SzE2ScTmszemCODdq/Rr -+AS3t355OMEkGGXSPoSWiWQi23KA0E+wZK1lsmnxlenofBb8Bh+6oCZp4FHPBPMu -R50EyYLxAgMBAAECggEAB9FhsweAo7gyQq1UHGrORscn2k7B/k7a/cbitDPW4krG -O/wOf1MLTvdPUTL5DdnIfjTDwwmPG/K80bPSxmLeB9hMpapYd9Ar3pyOHZLIFU/F -lqeMVNL40WWzwEokRcLkTOfMxms82HFrstVetUH3s98bCmbqG2nxpkAeVY3OAC4w -HwSL/3t4cbKuoYfZAtZ2oNwYdMGzCngY416fJjYSvk/R7YKp0WMTsmDAzgHcig2/ -9UKb98T+dy6qlFj0eKisCUwtuP6+Xx/zLwPAkQ6G/i9SBTUWp1PEy0SK7thu4MV0 -y1xnemB6uqS3dcWiR6iE1ffvO8qjRAOYZNbplLO7jQKBgQDvhXyKqgCrOAZWg/DN -XdPZS9mRs+J0Rox0zn1PJmr05ylNCRywCDg4D+ACJWXeR1LSDMGncLjY3Kg8vrce -D4dpqor5KVlzls8ABogWhVsi+XCkHxY6MCn5ezR92HbyU7mzUrggbOeg0i34dWRB -h7HvV5GxtFIQqPhLhBiYr2qJvQKBgQDUpM8WA8rcwYMWrOUYjgiZXhvQEZvR74m0 -hXzxtBelTzhlVCmmpU2BSUQ+/UK2WCW+U4a/5qVX6DWGr3oluraoFIvyuJTyq5sX -V3OzKt75b+Ueu0lo84cfqwq4rGwIkXT98+8exnJAn59nBnsQAF1ig7wZ7WkrcBKH -do+ACP6fRQKBgQCKvs1c2YtXozVwqi80FzTfe6OFVilIZ5F3HCHUVpHAWaM//5ZB -lhFS0EdXluhCcRhVmpQW9SHuZSuDPIqAfEhZejPUjxJE9cfk4OO1//vB77JDL8rF -XB8EaE0I1PpZ9wvsB2+nQM6QBxAgC4hOuVbmKNi5kpWzFt31iIhi8cIKFQKBgQC0 -efjFH4zi1l7zNOTwdUQ5HxWOABP3F04R6CYGYqqbBGTCI6+CH9RrQYrpxzwC1Ueb -hPreDt0QgiZD3NVYBmOWvnGVHTJV0G4+Xlv1mhJLNLwK3DxPFjn+F8ZuvPCoSQQ5 -sfqmbRl1XcUFxQtXpmecAGD6xHQ5iNJBJNBgg8HP3QKBgQDrEqG5zP2v3ZXakIAy -zyY/MlQISDefhx4Z7RDWd57YL/paJ2qTM/Au2tEqZg7fi5LtSNrUaj/q8REX0v9f -xwMA0TQDi7+cwyYkm6UOnwOlZxHbq5+tF/gNAlk3DD4dTXxHxwgEBcu4f20baXZu -N3Kq9faL+jkYQGWOIjc5tAMmPg== +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCqWagICNlX88rI +oaia8P8yKHkGRHUfvKqrgKc2Gy8lAKj72fJSO5TB0/Q0W1g0GlmiGxO/792ByDbG +ontT1jqFamVMSX8cSlpdl9g6YwLV8x2mI3FWXVxtHbEeOdzfMSFhvvOls6xSD7Ei +8qZQggUrU1lThMpubgoBHin4ZJCrfAl31/UDZwH+7eyXxjSHtvtYqJNGkepfB+wP +DYdTvFXran8yIZNv1WWjnih9YaSHHZH12vlAuam6MHQYBaS6TkOt+lZl9gOzN3Ej +i/DrPH+P4lc0n1JshBcoNC5RL+ThLQCDRf1LpVKExcmKn3ozZ+lEltc2pOt9Etdr +daDUKCw1AgMBAAECggEAGuVTnbZ39REC1Vvgw7CFOlAgO5hsvaQLdk82bK6CFQoz +pAAB6HCLyMaZlKKkxyUvPbmfYVCSh+kql4C+jrq7kVD+dBBZR12ImE+0eL4lNnkk +wenFUpN5rP4LzEU/1ZAWQIPmSCVEHHi/HlDIEtypyvC6oRsi3aigtRMkIURk1bja +VHyMDmBaAfnCdjHZWRota+New9XHbyPvNYnSFZRCUk9AFHpreWcPaGC0h8rofhes +FnyDP/20DFU2ftsOVdmacTbieQaBR2HIQ9yOZkW+u3shO3i+EK2Ol4LhnmNTPO2X +eZ6ZTTFjwmZB0gEGMr89Kyf1XbTn513jGkWWxY4EyQKBgQDfsJixdeYZUFsXKUTP +vbkt23AaJTcXhR++zbsMSRqe2qJDLCgCjUfr+sAksXz46tAqh+D6XhNOeITh27b9 +PrPzahmk/iOZCNQw1rOsKwVUoEOkAkV5bUSh613kFp4Rb4CRfjdsZQnZmsN4Ot3b +eAYrrCK8Su/Bt8K9YstuCGzrzwKBgQDC9LccW29RKXU/4jfXvmACnS61jNkJIECG +e6sPw6q9WiP/CTpv6xVMSFv9BY2LCycqvrtTZ01fHXwQrNr8omGVjUI6fNPLa8BE +skLgvro8Rgz+JWMx0F2LUBktYfugVwxvGvE72PdiljQoCaMJGyRixV8HmSqCc3nV ++gBR00hUuwKBgBMXBiD299knM27plbbI8TnJpWqFzIrUUJ4+/nyQ7JWsAPcMmKmH +FyE7eBRplUnE+Fj42alkR++Fd4my743zQPZAEsoy6iTQTROR7yl9Tmondz5S90zi +l13eMVga2giQ5H8GL4KvqMSKYa4sD+z/9D7b5Ob+2jFFFniFKulMDMefAoGAMMhp +VWgvx6BXHYAutwaFIcJRIM64tEbkvoINgOlWPQFkRnn5rG2nq6njksGj9Gn7CAAo +Aau0uZs4IzgNp++9+V0aeGYp3Rn+R3JPt8sh8NkagTG7y4g3EBgf5LJC85E0pEya +ln4pEPtC283lhO7MwQZgTBdwgqoAj6F6GP+EducCgYEAjF9SnssplLRMtndYh4/5 +GJ5yrCIjmlhJn1IhWJhZA7b6SPcpVAqC8MyLFhzOf3ndhNr6CSOjyFRXU9qocXk2 +DC3fYItKue2J/5ZdeUEad02Xp63aCdyGwOf9DeqiagwbdrMq33x83MgM5IhGEtGk +/5QPwhWqu6o275C26ymcH6A= -----END PRIVATE KEY----- diff --git a/test/ssl/test-bad-root-ca.crt b/test/ssl/test-bad-root-ca.crt index 4c85b6f0..91f37060 100644 --- a/test/ssl/test-bad-root-ca.crt +++ b/test/ssl/test-bad-root-ca.crt @@ -1,23 +1,23 @@ -----BEGIN CERTIFICATE----- -MIID2jCCAsKgAwIBAgIUcP+yBe8r3tqK7Wx8qqmrv9eRQs0wDQYJKoZIhvcNAQEL +MIIDyjCCArKgAwIBAgIUXb9r7koNRls/iT5zztJZIjIR3LwwDQYJKoZIhvcNAQEL BQAwdjELMAkGA1UEBhMCR0IxEzARBgNVBAgMCkRlcmJ5c2hpcmUxDjAMBgNVBAcM BURlcmJ5MRowGAYDVQQKDBFNb3NxdWl0dG8gUHJvamVjdDEQMA4GA1UECwwHVGVz -dGluZzEUMBIGA1UEAwwLQmFkIFJvb3QgQ0EwHhcNMjUwMTE1MDU1OTUxWhcNMzUw -MTEzMDU1OTUxWjB2MQswCQYDVQQGEwJHQjETMBEGA1UECAwKRGVyYnlzaGlyZTEO +dGluZzEUMBIGA1UEAwwLQmFkIFJvb3QgQ0EwHhcNMjUwMjI1MTM0MjM2WhcNMzUw +MjIzMTM0MjM2WjB2MQswCQYDVQQGEwJHQjETMBEGA1UECAwKRGVyYnlzaGlyZTEO MAwGA1UEBwwFRGVyYnkxGjAYBgNVBAoMEU1vc3F1aXR0byBQcm9qZWN0MRAwDgYD VQQLDAdUZXN0aW5nMRQwEgYDVQQDDAtCYWQgUm9vdCBDQTCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKjJqd2ySvJLaZEAKbFs0lwedxxv4PLmS1aGONxL -bkCJmdZ3geMnPfG6LyOaGO0Y5WkU1IHTaYVfUW2mtNPS1KyPD83RczMstU6vepra -nwwu4dCnJWm9JIG3NL/wtwSSu5AwGwQu5+9RsP4ORQ5qIJFcoTNogPPNrGp/OFvO -pohDS/Oi39RkhObSWn6MH+JMLJb2lDlubZqlSwX767BrNltzjhdN8xhwfrIRzgM6 -mt2vg+bfDm7t6h5TUcY1uRNPLDOJprGnfDhK73EEWuKfSI0ri4gEvZ4eeBcCYDah -R0zgVRXiYSGgQaeKufia7BOfV51vrGl6Twa6UQ2lwCzedmcCAwEAAaNgMF4wHQYD -VR0OBBYEFOP12PMmTpGE0++Fuz+j+94JoccqMB8GA1UdIwQYMBaAFOP12PMmTpGE -0++Fuz+j+94JoccqMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqG -SIb3DQEBCwUAA4IBAQBK6/ogbvRrK49m4D7k9QSseDAi6EIqv32X0FbTOaP/NEvP -wDCQZITYiDIeCwxU8tOUaxk/DA+JyZbLZAWL55PXW4Ov1CP0dl7mmaxbISoS0RVr -VboBqZq2k/WftvLX6PH4dvdAX2k6bJ3533SmgvGLahAKBZlw06oEuf+jHmZLHqVu -Yib3tkxCOC4Yv16QjUny2WGnxU/DvWr2PdQUyfn8Ow66H5VYqY+IFFXsO4+86ln2 -i/2YyqtMm2/1AvbwWnTY/JUnsqx3OtIT2bDaVJ1jQe3EYG3q1DZrZFjETE71de+n -Hxs/ECd7v42nNX81XottcEJdz9I9kpgDNtkEKEuK +AQEBBQADggEPADCCAQoCggEBANDnOTPcfBvmJyXawk1ZDn737d1y77HQchqtOECx +pk5bjUdq86/rz5bYLfauoXQkoXK7ntW0QO8BMDnJ2rBWRB5Q0bOjW0xbCTIzsGoG ++wd8LNh6GjN+oihbc9lcbhX4ZzEuv56/R6A6zPdHi3Bqvviu2bveDXtCVPe8W9Q3 +H8tMg9Zct9tbIA5uLn75m1thEtlos+XfNMOGHOhLRChSy2RYrYauBOQulk8IRC+p +c8KLUq0Q/qp9ZEYRVWaxvIjZ76GxCbVcM5cRLo3k9rqMfBnGVJfKA3bFZQcLGIkX +6JCjBzar8Gd/Ry1nSr5EFbDu+/pVWz5tHhSaP4phPKDQ8K0CAwEAAaNQME4wHQYD +VR0OBBYEFM4yIMGXrIeW+dzyzrRm/lrfbOoIMB8GA1UdIwQYMBaAFM4yIMGXrIeW ++dzyzrRm/lrfbOoIMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAMEK ++RqkPQpUcdcy7WSfpJlIkfbZi8RalIL3h5jVqijiGaiPq2kWA7XhJVo5k68bkL+Y +Ijjf1em1UfdkVrltsselMrwrjoBqQ6ah3S4s8GQBgf82VD728xsdo+yVuW0WrYbA +Ssl6uP5DEWKem/kPxiCdTDN5whWW5TJE9Qz0MoUrny8yQCyOym7hsBmBnOllq7Dq +tpNgIRaAcXVFDcJUmftvHPfIKrf6ENT289dOsuEhhQcCtzloi1L2y28KwVJpj5Tn +7Y0uVuV4q5c2MWMzm/UPN2Oj+miFBgxBmVPpVII5XEwlsQIQaa3vXkBLtJZqQzIN +WFh96OKwJ7vDVet/DAE= -----END CERTIFICATE----- diff --git a/test/ssl/test-bad-root-ca.key b/test/ssl/test-bad-root-ca.key index 1a44d387..4324efae 100644 --- a/test/ssl/test-bad-root-ca.key +++ b/test/ssl/test-bad-root-ca.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCoyandskryS2mR -ACmxbNJcHnccb+Dy5ktWhjjcS25AiZnWd4HjJz3xui8jmhjtGOVpFNSB02mFX1Ft -prTT0tSsjw/N0XMzLLVOr3qa2p8MLuHQpyVpvSSBtzS/8LcEkruQMBsELufvUbD+ -DkUOaiCRXKEzaIDzzaxqfzhbzqaIQ0vzot/UZITm0lp+jB/iTCyW9pQ5bm2apUsF -++uwazZbc44XTfMYcH6yEc4DOprdr4Pm3w5u7eoeU1HGNbkTTywziaaxp3w4Su9x -BFrin0iNK4uIBL2eHngXAmA2oUdM4FUV4mEhoEGnirn4muwTn1edb6xpek8GulEN -pcAs3nZnAgMBAAECggEACHVOo12faYPuRDC/Zh+UwmlZFl45kMKJ958zSJV+br0r -2Iuq68tYIdMZhfhfaRDsfMxpQnY/Mp/5BdHVpvXI6DrPvm8muDj0fv8b2ZhnYaYU -dS8jGKjnTu7I4G4mJb8FUi+Znac3bTk+nC9H4PXgMENK5WIbxYaYLiALnszSG0A7 -E42TS5KLEOpg/axIze0vgeXEi6qtSlrLhAdHex3JqZO/owbyaAQBHeyhGW26tPXV -jtIuoj986BlrVRWY2jwugo8Bf0c4DmRQRh3ooFiXhz/9JV58X9G2IkMKT1puj89v -7WT3rqx+DIdjO0WHgQZPo1Oo0a46Kvxm1ZXfWkf0CQKBgQDsdFH4erR1ecKJ4BkC -+vHgNNSVcOvVlUqtc+FQTFl2XIccfqeLyPgs03CfTUiJwEewbp5PfAzhj8EhOPh+ -7CdVcem6Vh/xgKbeheW6t88UA4tCF3UmJLa5aMqBP4o0spTJQVZolqBlF9meE4wj -iDyX8E7RoxMNPUE2RZ5bosAXTwKBgQC2vW4e520NOH0sOAc4HiOif5OL50UbmP9E -vBiKZJtmiHJo4iZtoJVseBScePNDtyiENW5m6PGmkTjQBg3GD1OJX1rUVwEoCYzc -9RU9Xz5VAMVfgrMuyjgvqGW9IVvor5NRxVQqdXIbBfxMFM7AjOg87ki9kb6jMdD+ -desuA8LpaQKBgHs2KbiXCA3nAq4hribVaNBx9wxgKSPEhYNYzOGwxzVcBbOdc+Tt -NhT1oMwB03ikTzbqjWfRtkybQgHz09kfaWem0ioc0sxfQ5TUpN7lBOzi49/upUbY -/rYimtM6ruPC4rD0cPhS9QV4phcvDGk/hoON3yRyG21cq+yB3oDVj88VAoGBAIXV -ytb7a5TpMFO4XSEuga67fNZT9Ps3XI18rQR+lonLmO9T4g0cNROSBpZqxs9rT1M0 -xry8Em+JoHBKXsAV7XqIyb8GUaR/ChmxrXKbVM1wmR1QXecA15Gf5ZNU4TlTjbOv -r+rAxWchRRx7iMjg6h3l7oRYP6TKEWSr/ChhPNkxAoGAWBDAjmlVF8qqeblAQsfL -vlN37WbSqjstbfoRp1VFfEevMfk+/jl1pFDu1ak1oyV3G1Lhf4sK0iIGz0MHAnPk -mDTKRwrC/SlVxGR9jBOXVcznlzZCpLVVHPbcdgEep6YKFA3XwSxzedCI5eABJEen -AvaGMrB78dp3ZMyGlPEXG7s= +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDQ5zkz3Hwb5icl +2sJNWQ5+9+3dcu+x0HIarThAsaZOW41HavOv68+W2C32rqF0JKFyu57VtEDvATA5 +ydqwVkQeUNGzo1tMWwkyM7BqBvsHfCzYehozfqIoW3PZXG4V+GcxLr+ev0egOsz3 +R4twar74rtm73g17QlT3vFvUNx/LTIPWXLfbWyAObi5++ZtbYRLZaLPl3zTDhhzo +S0QoUstkWK2GrgTkLpZPCEQvqXPCi1KtEP6qfWRGEVVmsbyI2e+hsQm1XDOXES6N +5Pa6jHwZxlSXygN2xWUHCxiJF+iQowc2q/Bnf0ctZ0q+RBWw7vv6VVs+bR4Umj+K +YTyg0PCtAgMBAAECggEABFkLo7yvCJWdsvf+m0WDO7lFRhqiSn0gItYAGbiY0YCu +TBI5yCuMQoN1UXEJAzXP9mdZQvFheJf5vPoqhwkEmezssGRx/gDXDChvP4Wtq9Y1 +yLuh1/iGv3hHzPpTgDmPTELA0jkA8KDIq0zd5hUSrHJXLcXNWgdjZVSSRLRxAPYp +DbdP8XrVzLMYZvdu+4XSRhVgjc8fOTGvWRM6/1tj7TeBOAItJFwIyaSufq8YOiH5 +IsVgjWxFD5ONnxrRCQBBGEmTDXDxeYIyjkv1bGJIcBjGOGTjDFrPwiyBAxH6qMes +4juXDdADGtxDCC7iamgzIy/Wa/13oRjuklCnn2uwsQKBgQD9VQQYLiVtMaO+LtX/ +4MY4jYCC3/UOlYlaloUUErgEZxcnumFYWmYyWwGigCPs+HGjgsdW5Va85Z5mkcH9 +3Yzx2HAYoDar8VN54AxTOePi6o9aLM08PycJT/f42nhVE00BvfuqrCWBTKjZcjAw +MGabxBwYTQvYysSJTEB2Zw7CCwKBgQDTGm1VNJIskYyr/BZ6pH69CShCcVSPORPu +GDwKD+a8XXTduaULZ8dspayEhq8FbtlCK1FKJ1e8bRiewVXReMJ2jXHc/2BKYLwx +NUHLOiUQ2ue3YiVsJUB+0IzlNHF08ULw1/FYPKbtIKzSDuid8Kbdswmp018XAyka ++3U+VCnDJwKBgA9rXk1ueZ6018eaqDHj54zHqBvPL+ZMWcjmwoDfRs4VzEYBxS0Q +i4njGi1e6VDiKmCOdD2oxefHfiW2F32xP4P07ZXCIrHChZc0eOuT6XgFWOZfNbrG +CUU61dgSzCI5g4Von+nagonlNZ3Oono8Z/JxNFiST/dJGD9XIdFTIoXTAoGBAMT4 +3ZcpLFMFo/o9h0P8BH2h87y7Pik9GsmIN000NRkBIrBYLhWMSdmoZGZrvRcWrQU+ +oeTM/OJF8TkAMHD5eolfxSRt7Iy54h8QEEnuAPPPLXJA06YqxBkPwseCvXJeQxWy +h/DK9v4/BMIjQw1LpIcsLRIWtZ0lR89zXZxAr471AoGBAM4OA27EsGMDj/HfCyG9 +ok4ELLnE6LuKrZ7pwrP6wtrF4q0RcBGKqW1Lau99YkPPQCrZUYZYy7ZD6l9MCxih +enwTYBIhffX1Zro7uR3wAhVF5dO453KtY0o6DvW3+7oBbCi18ZfVuI+IciokHr0/ +txSnhEoyA/BiPSFHkKd95yzN -----END PRIVATE KEY----- diff --git a/test/ssl/test-fake-root-ca.crt b/test/ssl/test-fake-root-ca.crt index db24c47c..1850f34d 100644 --- a/test/ssl/test-fake-root-ca.crt +++ b/test/ssl/test-fake-root-ca.crt @@ -1,23 +1,23 @@ -----BEGIN CERTIFICATE----- -MIID0jCCArqgAwIBAgIUHIGcyUbO+opGNQnX0hIEKG9D8yMwDQYJKoZIhvcNAQEL +MIIDwjCCAqqgAwIBAgIUIywAZR/e0AQDbsbT1uhNm5SJrVcwDQYJKoZIhvcNAQEL BQAwcjELMAkGA1UEBhMCR0IxEzARBgNVBAgMCkRlcmJ5c2hpcmUxDjAMBgNVBAcM BURlcmJ5MRowGAYDVQQKDBFNb3NxdWl0dG8gUHJvamVjdDEQMA4GA1UECwwHVGVz -dGluZzEQMA4GA1UEAwwHUm9vdCBDQTAeFw0yNTAxMTUwNTU5NTJaFw0zNTAxMTMw -NTU5NTJaMHIxCzAJBgNVBAYTAkdCMRMwEQYDVQQIDApEZXJieXNoaXJlMQ4wDAYD +dGluZzEQMA4GA1UEAwwHUm9vdCBDQTAeFw0yNTAyMjUxMzQyMzZaFw0zNTAyMjMx +MzQyMzZaMHIxCzAJBgNVBAYTAkdCMRMwEQYDVQQIDApEZXJieXNoaXJlMQ4wDAYD VQQHDAVEZXJieTEaMBgGA1UECgwRTW9zcXVpdHRvIFByb2plY3QxEDAOBgNVBAsM B1Rlc3RpbmcxEDAOBgNVBAMMB1Jvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB -DwAwggEKAoIBAQCuJnKpr/8Exie3PKgOc4jTheDdaEHZoSHcgz1cZUPWY/5m1Ixz -ONHMSzKX6PjEjIOGCi8FP3EKdawXuq1nNDKZWYo/jsNGUK6++Av/iXAA4n72Cbt6 -EOOqp/3AOgaS8u1Kapi6XslObdeBAXkY8+MpsFBv3G2UTsd7OZabjZH8Sz4KU1Im -l0yHj8xlB+IleBRXH1Olnp5D2Zoi2BQ19H0J4Skssup56lguE+ub+2fXCHsopepG -i7tmiB9KU31XTYgkPr3Fhjs0sGVdU3BQ1kekNfpwBkR/T/qux9eYeRPHte3E2mu+ -/1Q6t051oiL+y6AyPsAgRoO2/wLLv3zQQ2uNAgMBAAGjYDBeMB0GA1UdDgQWBBQK -VMvQNj06wi2y7qCSjdsbeU6FXDAfBgNVHSMEGDAWgBQKVMvQNj06wi2y7qCSjdsb -eU6FXDAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQsF -AAOCAQEALal1oxOOkJGBDsTMtfT4Oiu2VCDFkHUEtV4Lgvaq7Jnwj33HatmYv6A4 -U/0pRFilu+duUls0Q7uEKjOzJ0LY8DzqXHDz/ZtJk2JDoNdxuuiygo0OtODF2NYK -P56Kt0lkSPzTOH6XDSA5yM8W2rba64DClZKoLQjISQ6VUONNR1oAhhbIOmAcuNh4 -VTXw6kpncGYR0f3pqc9XCpWvFDo1nlKgxLhLCgZIE9v3IV5Q4zxPLmS5VobgWFFS -EX6wNEAqju+EzCuagy8BqMsDZapZN/xzQPw432st2YBoPqhKxSl1HHAhQH4aPh9T -U7jwlkCUKSH6ynlSEksI8RSsS4S3bw== +DwAwggEKAoIBAQDJ4Kbrd4pl8OaiwI+sk8aXfUw3enbTYO6vwPZioITSyJexNZW2 +kFDanil0vZx1hka7csaSHwb0hFc7HAhNbhDWiNmVh5VLCSq7dIvZIpXZSGXgJSk+ +BNNX93ShFCveQqbWuPJ9ujaKI9UjQUoRon48U/EQVGhN5GHJHj6Nvzd/B2LGZg7t +H58rzUyj9wnzBMKVgNnrVymdU5Wi3+c+rNQVaBDjsEYnG4SRUrBvVQ4x9bRYpfdC +tWT+gJR5tMG9j9oCCdB1a/sDb/ovCFEiIJDSxTqFKbJrbPz+iX1CWd/S83mZqZB6 +LZwpmWbFygxLwHKL1JBxBdZ4RSQZmMAwJm7DAgMBAAGjUDBOMB0GA1UdDgQWBBRd +I13QK7ettaI0G3/cEK2FUP6EIjAfBgNVHSMEGDAWgBRdI13QK7ettaI0G3/cEK2F +UP6EIjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQB10R9DLQhPhu5m +yRxQlMFhZK+GqTnOFmfhgOXQZrdGHgI4OAOGadO4s4yPP8CYsQInjinz5Mr7htQF +Zkao8LGdpbO79UDHKXBruExsjIcxOhRMZSLOUPGZA7lPasgCmlo2oIVYoJSwFv1C ++eLWHmk6w1mrSiR4Kxj6MBzYZQgWZedn3nDbksIIxMLmNYBsJSI/Tgs0OnddBpEJ +8UhqAC50EcEgcrT1Lbg5uOr4LasfIJ2XP/1y/Gnva9lTupvJdez2IsRkQWDzETLQ +93eojom5iphPrhXQKWh6nr/NttC85G7H+XZkx0bUGHw3TsVoWgTqCLncXF20FNAd +HdptYmAG -----END CERTIFICATE----- diff --git a/test/ssl/test-fake-root-ca.key b/test/ssl/test-fake-root-ca.key index fb0f06e2..7daa05b7 100644 --- a/test/ssl/test-fake-root-ca.key +++ b/test/ssl/test-fake-root-ca.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCuJnKpr/8Exie3 -PKgOc4jTheDdaEHZoSHcgz1cZUPWY/5m1IxzONHMSzKX6PjEjIOGCi8FP3EKdawX -uq1nNDKZWYo/jsNGUK6++Av/iXAA4n72Cbt6EOOqp/3AOgaS8u1Kapi6XslObdeB -AXkY8+MpsFBv3G2UTsd7OZabjZH8Sz4KU1Iml0yHj8xlB+IleBRXH1Olnp5D2Zoi -2BQ19H0J4Skssup56lguE+ub+2fXCHsopepGi7tmiB9KU31XTYgkPr3Fhjs0sGVd -U3BQ1kekNfpwBkR/T/qux9eYeRPHte3E2mu+/1Q6t051oiL+y6AyPsAgRoO2/wLL -v3zQQ2uNAgMBAAECggEABDPzV9BijuKauhu2+++ijBBSwU/Z1FRvinCJvj1yFK4s -c/OJ7DdL1kAJBDeK1sYutRZxKhGXkHwPNNy8K0h24X09Y+lLIdr391iUhDdJ7QuK -VYpzQYU/frKNN41u89mfC8kPeeKoaGx9jfnTdVxgIspu4TQ9r3LzR4W38nXJNysu -JqEIaos+EgASkwkdHAPBXbMzthdcQVUH2gh6YHpC7NUl2g34W9U/bXD53mi+paJQ -/HIKUjfAO2d/9VTD7/XANHv0WLamZg/wHhO7SNy1Jre/QRED+VdsPStAJaFEGhjy -srZdrA4zUCMksX/gh2e49ggS116ozCrAvjVIaxM3lQKBgQDkcJGbld0bOprQLxDB -MkLWRyqDe6t5FQUxd9KSMm22CuuP+tE2JvlsX1fJ9EA2lLzL8ietiCjcx7VcXAPH -JENM125ZJN4VwTUAWr73Gu88t09a2HMtGE88aFfjvIVoNYoTPGm6fq44oRHDjVGL -oF5auPM+jlSpjUFX2NuRbbt54wKBgQDDKSFO1MLw83tygk2ku5sYYmkDGcCyzS9l -NG/HrCEs5SiiOddi/zfTQYhJrchLJfoeA48AAabwBYlUJE7AR2BPw3tI80HWBu5W -ECVvx+WHpXxKG+2Pw65tXCeNbLDeHmIbp0pFR6zECUCgcCBaoLFMhv421FT875mW -uShxxi8/zwKBgBuzVsTCEHS7z4gNHQAAY0BuksYs2ect2FpeSEd4G/umKVhlNrdV -VIuCqDeSCbNUp+wnKg6N4z6abPCNK9wbFpobyYK/yLpkmlO3rU5zkq0PIW1Hr/e4 -6erOUFIKSzcOvvaELeHyeJffWDMZUNkYkjh4Eu7z/Wot+c14O2/QGZq3AoGBALJ+ -V7xl07XUuz9L9f+Ipp1yxGDVmOzvxT1m7CVPRThuju9wv5IHouNQuHnKu7ofjdcN -oih7WleEeMnAO1aY8XmCbKuX8Mrzo+CK+/J0fXXG4RpW2Lv4WPwkoPg0RL+iQlDQ -fJlIqLbTT4xtgOnitsYrYS58nQ6JhYvY5SjJ/kT5AoGAFGI5Zv/IaFNU7Ifvehe4 -foKa+s5cnQSqC2KuIaDi7cWOY4IyogxYqO75jHUvns0OiT+AB7eGLgCB3vhPSSl/ -ZTxHTWGinaCREq5pVsb8r1E9ty9RcSMLzteBOc7t7vSCabq64B6/Z/gExUZtynW2 -EsVoiVVpras35oIg+oXbPJY= +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDJ4Kbrd4pl8Oai +wI+sk8aXfUw3enbTYO6vwPZioITSyJexNZW2kFDanil0vZx1hka7csaSHwb0hFc7 +HAhNbhDWiNmVh5VLCSq7dIvZIpXZSGXgJSk+BNNX93ShFCveQqbWuPJ9ujaKI9Uj +QUoRon48U/EQVGhN5GHJHj6Nvzd/B2LGZg7tH58rzUyj9wnzBMKVgNnrVymdU5Wi +3+c+rNQVaBDjsEYnG4SRUrBvVQ4x9bRYpfdCtWT+gJR5tMG9j9oCCdB1a/sDb/ov +CFEiIJDSxTqFKbJrbPz+iX1CWd/S83mZqZB6LZwpmWbFygxLwHKL1JBxBdZ4RSQZ +mMAwJm7DAgMBAAECggEADjRDimECC+PEI1w8WUtmHbwv/XdQa28JwrQBCGkWIpg0 +LcCapOdilcwRfqh/HOwyh3d77hJ6Z5n0/H1S2Dl2VdUrLUPTU7d0mkJV1K4dfQke +O4P7cuTdoFx47rYZbOBwfL5mnkU/F4xar5a+1dICr88rY8q/zAgI5iDxDDT4FdsY +yKL3iOh06yU6c8X0eks6vTJYo3iZgd1OuMNEmmwc5WZ555yFpPYqvqMZz+m5N19L +2jOhvCyljdBLnvL+ZnthNm//l4jcmlsnV1pJrASeVcjB6mjIhvDM3WpwM0aPY94D +enqOmpyqe3Ymls6Ggcu3Csr6YKKxflmu3KgMdBKKAQKBgQDoFY09iaPBdRy4M9TC ++Rm05XC0pG6zYvCYCYZ0115y05Ma2fkhHP3yRbvScMAan4QjxzD2oODR0ZrG+Z1A +M5+zpW/bTDHTBe54xJSRdPChPlaCZ6aACalerK/xj/uOgEd/IeSrgszsw853p8s4 +V78SuSoAyxpNLW8JYZMxwyoHEQKBgQDerj2J2GGEJ0rUEk9MeD8o7x1SyfLBgWzo +HwNAyd1XOXj5hQGOe96FPMk1DjJhH70+f11sH7MUdcQ8OJLyAD7033cocLU3+mkS +mRW2cZcce1hDOHR3U76cSXMr4+n700KTqt1wfk1kr9bmlL1sL2VvoM+U3bBCWav6 +NiDDwn5gkwKBgEISsK1OXEKddtmyV+ZSSNFJaPbkwWdsyZZfT9o/3nHOblj8qYKV +4G5zD+/vjaGGvHX7JaNxVdAmXmw7cFtw1wysEtZaMO0lCSl0vd9TbZZaSwLBQ5O8 +LG35t/WLylBdkP1Oxu1VRcY6ULOcH60gvhM0iBLFv+0s/Cmtj9xg9bwhAoGAAJ1w +lBHh6xCEt2M5jteCLSXD6fee0QP/fgCf7KziDJyfBellILSc37dUQu5AG16QEj0d +z++iefr9SMFLPpnbkqePV7A//+CUK7X6hl938F8y1jSwtaeojhvx0nw1qDlkJK5D +IE1o/08xA8ADaeoTmKRUDnAyTWyb+fvuSTwfRzsCgYBg+RxHjXKRj3H3UEiU8NKO +RrfQKkn41oiJzmqLaoNep34zglMoR+aAcPSscN9ZNWa52Sih6E9rfHiKJI05CS/v +0rKu6kguRo6DE/rPv557Jr6AmU4xDdKqgIhmma7y+mpd/FP9obTobHb0+GSXMqnL +onY51XJHxtahtrzWKMUGCQ== -----END PRIVATE KEY----- diff --git a/test/ssl/test-root-ca.crt b/test/ssl/test-root-ca.crt index 5e93e740..5778597e 100644 --- a/test/ssl/test-root-ca.crt +++ b/test/ssl/test-root-ca.crt @@ -1,23 +1,23 @@ -----BEGIN CERTIFICATE----- -MIID0jCCArqgAwIBAgIUW8+lC7lrC3H9c9s3xSbY7PqwZ0YwDQYJKoZIhvcNAQEL +MIIDwjCCAqqgAwIBAgIUDiOgy2+OZHYt79OQYMRk66SIxq8wDQYJKoZIhvcNAQEL BQAwcjELMAkGA1UEBhMCR0IxEzARBgNVBAgMCkRlcmJ5c2hpcmUxDjAMBgNVBAcM BURlcmJ5MRowGAYDVQQKDBFNb3NxdWl0dG8gUHJvamVjdDEQMA4GA1UECwwHVGVz -dGluZzEQMA4GA1UEAwwHUm9vdCBDQTAeFw0yNTAxMTUwNTU5NTFaFw0zNTAxMTMw -NTU5NTFaMHIxCzAJBgNVBAYTAkdCMRMwEQYDVQQIDApEZXJieXNoaXJlMQ4wDAYD +dGluZzEQMA4GA1UEAwwHUm9vdCBDQTAeFw0yNTAyMjUxMzQyMzZaFw0zNTAyMjMx +MzQyMzZaMHIxCzAJBgNVBAYTAkdCMRMwEQYDVQQIDApEZXJieXNoaXJlMQ4wDAYD VQQHDAVEZXJieTEaMBgGA1UECgwRTW9zcXVpdHRvIFByb2plY3QxEDAOBgNVBAsM B1Rlc3RpbmcxEDAOBgNVBAMMB1Jvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB -DwAwggEKAoIBAQDAK2HNO04pSn4OD45IA2nph6j9iiS5fg7ppJKV67dUvXFDjf/h -OKmP2dOgF2TyD0erKKB7MdCHJxEmt6yT873Js4Sdo6RioApUtcAzdlO7e7EYR8Y2 -HMh5dlwniOoRDeIHUeCcSdn+t+751vBusGbQVEFGJdmW9eo+gkNYa4C48kxF/ntL -drDNIUPL/WZmjE6lqeF4n5ShrRenkPduZ2Z+YOua6eKY22q5PaoULN6kSUcDw3iP -3j7WHt2yvf+Wl6G5Xb0gf+btEoX/FR5wwj0blbT3eSbjqqxuwp7M6v7TYPeptVfI -1PSd2e6AS5MPjOpe3PccCnUQFVhgZ/YQksz5AgMBAAGjYDBeMB0GA1UdDgQWBBQP -uH0uD3yeqk/GayuukM/O6CxFzDAfBgNVHSMEGDAWgBQPuH0uD3yeqk/GayuukM/O -6CxFzDAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQsF -AAOCAQEAHoScGN8Wpx3D6N5tZLzJ+3b5bbuUv+RYdcMvbQpfDtbpoqolPCHDa0AZ -vwkYL/X9VUIiyi9RoTz3jARqL8+cJPF9FwBtuEZcrrs4doLR4uFHpDFY/qFxsa3W -e7WOiUTRQUi4jzVoUqomJJ0tyAEBLea4Wjnr8v20ao56NC1bZk3jU4yn22NTlpS/ -gDFdSc0D1+VxgaOwZBPPT8yGcPe1JfyPzTII4m5B3LhTjOljtt4DygXEPC8D6yA/ -KPOiXBTSGRa2sqXVt2lHqKFloPMlipI6+raG40m9iILrmEfVWa7vr0n/oChPGYGD -hTtA/VDL/ziC40s7Mv0kyDIZhV+TlA== +DwAwggEKAoIBAQCWyHR/VLT7MC15Sg4tbkSn76iaEk7uLLH1TeoPmIvx9gOdRTOl +4dpmgHbHnxDTGJKN7s3AP2JabDlW2po9g5p8rQW4udFKU3AdA2WANEwxxiDOr4+P +R/NigojbuCjyYQq/mJVRfA9+dsusESSbPhdKCXim6RzW9kZv1iXtqcvSSdSCEqnm +t1ggM25FlayWKpdK4pxoNG6YHidPuXhTGGIzPAoAgYTKLwtE2r/skJaWOZDcaRuE +2IWcnVc1oA0QUF1cLGuzr0McoLenRGJY9FwJW/lRD2rptuTuhHt49Lp1ktssMYPS +kgPNGUzKSjl1UuT8vIos707D6hjLWBGZ2TcRAgMBAAGjUDBOMB0GA1UdDgQWBBSo +x5+8WXZwuj4RbVRR4yXMg5bJtDAfBgNVHSMEGDAWgBSox5+8WXZwuj4RbVRR4yXM +g5bJtDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCOU45Xzsv4KM2w +IZ8Zs5V0O9ymJFoNprsZNOSsHocYO++HvgNBeNttckj/SYUCrmjjgrl2FLfjylBR +LY8viHltUFvYSJbALaitOLeeyO/wxaOEHBCNoaXaUStBmkOEE47QdAbj12hvZNWT +i7oO4eGxHYLTcAx5ZB2yrmBtxtoPbLDAjv8WrjbCd+Ph47SVTj4bl3OOJd+EUgew +8KDkiujFA+iz/yXiE144uDKI+TXvjVacewJnimbtjhRvBbUXs7TkPLWZlgszM+M/ +/WudYPsCapM6fYb01Nvn8dLRRsIpqNUo/jghs96ss6c7MjBdToLCoM/SRzDiRWSH +uxQtAfaZ -----END CERTIFICATE----- diff --git a/test/ssl/test-root-ca.key b/test/ssl/test-root-ca.key index 9557e7dc..c040da08 100644 --- a/test/ssl/test-root-ca.key +++ b/test/ssl/test-root-ca.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDAK2HNO04pSn4O -D45IA2nph6j9iiS5fg7ppJKV67dUvXFDjf/hOKmP2dOgF2TyD0erKKB7MdCHJxEm -t6yT873Js4Sdo6RioApUtcAzdlO7e7EYR8Y2HMh5dlwniOoRDeIHUeCcSdn+t+75 -1vBusGbQVEFGJdmW9eo+gkNYa4C48kxF/ntLdrDNIUPL/WZmjE6lqeF4n5ShrRen -kPduZ2Z+YOua6eKY22q5PaoULN6kSUcDw3iP3j7WHt2yvf+Wl6G5Xb0gf+btEoX/ -FR5wwj0blbT3eSbjqqxuwp7M6v7TYPeptVfI1PSd2e6AS5MPjOpe3PccCnUQFVhg -Z/YQksz5AgMBAAECggEAB1mBZ5KFlkGxmYMRy4JJ6jMUjQHcDrYaBuiS7KXzwItw -Sgejyi7bGVPY6q4KX9GiyZKHtL5+fbTKTKNIt+3iC9VQVKEeF+GME5pR7AXyBOEh -sE6Kb6ZhKngS5TYw0Y8o3mPMxd1zN3E8dBS65FjdzcjzKCYpcMMd/t8HiVmvNiOJ -LYFPrLMGjTvXwQm4Rq4wo3pSvmeCYMO9heivjRX0wwU2WAAk1V0ug/JhWBK+SDrz -Gx/qSfjqRdY1DJ55C9kwxNhj7Kl9fpGBFAdX28rsDSDzy80HWmg9OpSkwCfHOOYv -/oMJYsddYXx7LdQQ9kwh6cvMMTQs0HpjRvYTwz67uwKBgQDxUNIba0X8KqNEM+/e -6J8hXqsJ43vFHmYccKXJiDntywZK1VpaLy/wRat8BP96+7ao+kKanr2B1mktFNLc -YQXtyLxtT4V7BEcH3RuwEUBkpquOZTV7CmTPEt4KeUV/A4EliM9JsDvEP4/rjMbL -kDfjCVft2rcAOMny5vp3HSbDwwKBgQDL3Pf2EDlchGyjBXEG90QCd0IGIfUbN6+J -oDKtb/TNbGyeGDBPN3gd9KDonNQwivsrLemDNPmyqFXzVBKyn9Dcbr/5wz/1h5Aj -Os0Qs7A7AuGUPOXYVbbc0Mx+LyFmniTf5XQISxQKVqSjk74ZHeLfM9hG5KcNNb+M -WhZaM1vMkwKBgAte04eXNmT7XVYJXHQUYesgms6MeXiARi9w317vnEsoFdPQ2cEG -GCwqHDprwd35nlG3+QtwD13ezHXjVUwtBip+GuLLrG5vdSlZscRKC86yS8MZ4bs6 -ciWPrgawUCX79EngeGPweeB1XkKrD3LoCLoZ5pq+g4DvLBTV7VdPeFQhAoGAFt9m -7rOpS+kLq0q8ALUTa1doD/oVXwVja4SOywjJpZappR8/pFOr5WiB+TdHU170iUaw -cWkrLtFWO2POaT4nF+RRI7u1XF3mXR2Gzn3qouRS3OfsPdZ4GtRObUXqcHID3x8G -YrvRtss706KK7JR+1N4jQOj8mS3TnPKqmVozzYMCgYEAoYIZcapUKI4KEVFgFhkG -2aPr4HJib9rxnk4VsjZT6wtyRJUzgtfVkegKxHSTKa6HqUXNly1fo9BmUfK7wj/b -ETIHdCEEHuh9IquhXc7hThepYzip7eqAJw26tRSovSIPpX6jgR4rl/YR2rYoBYuR -h7ak70C9EWzP2VX3aEkcz4Q= +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCWyHR/VLT7MC15 +Sg4tbkSn76iaEk7uLLH1TeoPmIvx9gOdRTOl4dpmgHbHnxDTGJKN7s3AP2JabDlW +2po9g5p8rQW4udFKU3AdA2WANEwxxiDOr4+PR/NigojbuCjyYQq/mJVRfA9+dsus +ESSbPhdKCXim6RzW9kZv1iXtqcvSSdSCEqnmt1ggM25FlayWKpdK4pxoNG6YHidP +uXhTGGIzPAoAgYTKLwtE2r/skJaWOZDcaRuE2IWcnVc1oA0QUF1cLGuzr0McoLen +RGJY9FwJW/lRD2rptuTuhHt49Lp1ktssMYPSkgPNGUzKSjl1UuT8vIos707D6hjL +WBGZ2TcRAgMBAAECggEADM9VZF7uLDvs1RXXTAFG+Gx6KrK8/WuTJ9e5d586XnFL +38/aAjEEpLorvSxUmdaH1uKPnNJVuQBiQ7B5M5orZQWvC4FP2Exr5S8db62hvoXK +UjzkiaPvd7JGzcHgyqy3ZM0h/GT5jQErLwBa14yIHnxdAXMjBdkw5T3whXcsL36A +UuWg8aVL6Y4D/c7RDlXh7nZ787bcnTT90KDDggLhLy0p1jKkb97lUX5M6TmtW7jp +Mvd5pXLf6805sgI8wr/GcwsHKRsgkzcrNUFCiFMeU5/Bb4HJI9S7CvzKVz9OON71 +rkHD0eku22flK6v/RI8KF1x8XT5QOoWFvS2saqkdsQKBgQDNOzuGtP6WFWWiUQ6E +qYfo+zWjWGGuTT6kad52F43uvL5wto0q8ymMV8dpRYK7v8ZSo99v+goUe77uKP10 +qvlvI7cpnLOoUsTyBIgANP9MEcJCC6P1sxqraAXI4gHINSnw8REyKJbaf7rK33b3 +6b0tqgSV0CUwoAx75ixj7pP9uQKBgQC8FSaS2nE/EO8VW37UGPZN+BzGYjzg9RsT +ghDYDp/bVqg4hVNw4uc7niiS31n4J2ser1ETfi8nRDJs/ieihfuqGXI5xdzNRO7q +EO0bo59rXMj9u8hf9EHERMl3rV5a1ZqDNHNF8VcqJhR3Vsmx9iZziwQzUfzeUTZl +4iysj8jwGQKBgGUJLBz9LfilQAvQ69zTuV0xjw6DjFNLI/O9Sw/IOM+3i+nhdU4X +t/SnojxpRBs6JmC43F88MYo0AaMt+tlc8r+MTbfmtWvAk8SyBmJTtPu2InRxVp63 +NgH8jByBZ28w/RzpERYodVvMViFaMi+Kmt/IO8mlVynBIWQ9xMzNv33BAoGALTwh +BNzIs9RMzCQvQq+mPWZY9VWXMruAgZacmnoZ9FTJLJ7UTKgl2O7W70wMhWRlnQGp +TDji+lyqjBAsVChJOMXZ9Q8jZbMYiu77N9SIePfd1zicnodOcffhRIlL0ijheoDY +4I+E2TxDW9hhtg1vfgaHQhiL6qQ5oxNcjzwdpbECgYAyphS7WkKLVaXjR+AEwAHL +NL0PtYHZe9wmteV8S61ujQOocFZiNN83ElLXMQghzsJC8MJhoohtV5kuH9JVbH6J +MSn0Hfqo3iIen6fR9ZaenLkeQ2E7noISKFQdiYq5h9EI3BUaN+cfpMT+Qw8wlGZF +spG+YrTS3WSc74H634eYSg== -----END PRIVATE KEY----- diff --git a/test/ssl/test-signing-ca.crt b/test/ssl/test-signing-ca.crt index 460d8ba2..f5613845 100644 --- a/test/ssl/test-signing-ca.crt +++ b/test/ssl/test-signing-ca.crt @@ -5,77 +5,77 @@ Certificate: Signature Algorithm: sha256WithRSAEncryption Issuer: C=GB, ST=Derbyshire, L=Derby, O=Mosquitto Project, OU=Testing, CN=Root CA Validity - Not Before: Jan 15 05:59:52 2025 GMT - Not After : Jan 14 05:59:52 2030 GMT + Not Before: Feb 25 13:42:36 2025 GMT + Not After : Feb 24 13:42:36 2030 GMT Subject: C=GB, ST=Derbyshire, O=Mosquitto Project, OU=Testing, CN=Signing CA Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: - 00:da:66:c6:f0:fb:48:ef:2f:a7:df:22:2a:db:cc: - 8c:18:0d:99:18:b9:55:71:c0:90:0e:5a:c6:06:54: - d9:f2:ce:d5:55:05:52:be:b2:25:57:17:fc:35:03: - e8:0a:11:87:29:f0:47:e6:a7:4d:e4:b6:03:4a:e0: - 37:be:de:e4:80:a4:c9:54:07:d4:84:7d:81:e2:fd: - 50:77:ec:b1:e1:15:a6:24:bf:9a:76:63:cd:99:00: - dd:8b:42:0e:3b:92:7d:74:d4:35:12:79:15:07:c2: - 19:e5:fc:dc:64:74:bd:dd:71:56:98:d9:4e:65:d8: - 5c:86:43:e6:35:02:88:0e:a2:b0:e6:f8:2b:84:88: - 68:28:7f:a3:71:4a:ef:4f:a6:3f:2f:58:e2:c8:86: - 2e:07:bc:6a:3d:14:3e:ca:dc:6d:1b:6f:86:61:5b: - c0:bf:da:c9:45:1e:1a:a8:19:a1:66:9b:f8:4d:a2: - 23:77:ea:8a:ef:5d:0e:6a:71:f8:26:5e:0a:e1:2d: - 2b:1a:e8:4b:19:e2:65:7b:e8:eb:69:40:c4:e8:ea: - 31:d2:54:24:c0:a8:d5:1e:e7:c9:0f:2b:a2:69:9f: - 38:3c:02:37:a0:f2:ca:01:51:cf:1c:b5:21:0b:2a: - 5c:c4:93:bb:ac:59:ff:7e:67:c6:a1:e0:84:cd:a0: - e6:ad + 00:fc:78:66:8a:f8:af:87:3b:96:62:ea:85:fd:51: + f9:0f:e4:a6:c2:3d:2d:0d:f6:a2:ff:32:2c:b4:d9: + 31:4c:fa:e9:31:87:62:12:c1:67:99:1d:96:65:d6: + 70:cf:2e:b3:7f:fc:d6:90:8d:9f:eb:e6:a7:a3:4f: + 07:ab:be:90:37:6e:ee:26:47:e5:0f:0f:a2:41:56: + 2d:ff:45:45:87:7a:c4:90:f3:c6:73:af:83:a5:40: + 56:fe:24:28:71:c1:a3:03:74:7a:ce:2a:14:af:89: + 47:7c:0c:c3:ec:36:e3:ee:95:bd:0e:da:23:2b:52: + b4:c9:c1:84:eb:62:84:95:de:76:f3:be:68:dc:bd: + 82:73:b0:e5:08:51:6d:3e:97:4a:5d:b8:3d:05:ea: + da:ae:d3:d9:a4:58:f9:ef:c9:57:52:f5:38:1c:27: + 67:70:8d:4e:b2:46:c0:12:fe:b9:7d:1e:79:6c:d3: + c7:36:e2:e1:ce:35:8b:89:61:0f:35:ef:c1:76:3f: + c0:0f:e9:10:27:5a:71:ca:63:2b:6e:19:66:aa:74: + df:a0:1c:5a:73:e1:0b:ca:6e:67:09:fa:e2:0a:b4: + 29:63:b0:3b:7d:2f:82:b3:10:56:d9:1b:a1:77:60: + 2b:d7:8d:05:40:20:88:71:98:91:18:e4:ce:af:07: + 4b:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: - 53:48:5A:50:4D:78:80:6D:55:79:8A:FE:A9:A3:68:7A:04:9A:F0:87 + 32:41:09:D3:64:22:D3:E9:E0:07:DA:E3:D5:56:C8:44:61:46:DC:38 X509v3 Authority Key Identifier: - 0F:B8:7D:2E:0F:7C:9E:AA:4F:C6:6B:2B:AE:90:CF:CE:E8:2C:45:CC - X509v3 Basic Constraints: critical + A8:C7:9F:BC:59:76:70:BA:3E:11:6D:54:51:E3:25:CC:83:96:C9:B4 + X509v3 Basic Constraints: CA:TRUE X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption Signature Value: - 35:7d:11:3c:db:4d:b5:63:d3:c0:6d:61:fa:6c:e5:43:15:aa: - c6:c4:f7:20:5b:78:aa:95:b7:e4:cf:89:ca:c8:17:10:d0:f0: - 69:12:96:e4:f3:c5:58:ab:aa:e0:be:eb:5d:37:43:af:9e:3a: - 6f:f9:ef:cf:6f:f5:67:25:62:e4:70:8e:08:9a:fc:17:32:45: - b5:f1:c8:6c:ad:e8:4c:2f:14:67:24:e0:24:b6:84:22:34:26: - 8b:6d:ff:e1:5c:9d:c2:84:18:d7:9d:48:ad:a0:0b:9c:ed:cd: - 9e:d4:a8:20:7a:41:ea:c3:00:a3:3b:a5:ab:22:ad:41:45:5a: - 17:5f:e2:1a:8c:9f:ab:be:bc:7b:3d:a4:23:93:db:80:2c:1b: - 9b:50:cf:72:b9:ef:f5:54:76:63:47:a0:73:bd:57:37:51:47: - e6:0e:f6:b2:81:70:11:db:88:44:6d:82:96:6f:85:6d:67:25: - 1b:67:b3:ad:3c:59:17:96:6a:c0:9f:f4:d4:8a:5a:ee:81:8d: - 8f:18:2c:92:9c:ab:26:40:36:21:ba:1b:db:13:65:34:dd:bf: - 26:ad:12:1f:aa:97:55:c5:d4:60:e5:9e:75:37:3d:3c:3b:b2: - b0:97:15:6a:a9:1e:66:bf:a4:64:82:6b:8e:60:f4:26:a0:5c: - 81:f1:f4:64 + 4e:38:ce:97:e9:c4:d8:65:6a:d9:b0:57:6b:93:3d:0f:ef:fa: + 3d:ca:e1:33:c3:2f:5b:2b:2b:fe:f6:62:af:66:33:6f:f7:e4: + 0b:1d:c9:ef:fb:01:b0:8c:43:2f:f3:68:b4:f9:f9:10:e0:0b: + bc:f4:a2:c5:8c:95:45:e4:73:38:e7:3c:56:4a:2a:70:a5:3a: + 1f:ce:30:15:2f:06:ec:98:5e:9d:54:fb:9d:c8:d1:1e:55:94: + 06:9c:fd:40:6f:95:2a:8d:48:c5:9e:2c:15:49:f4:9a:dd:1f: + 14:02:7c:7d:3e:9e:71:f5:0d:80:22:e1:83:80:3f:23:0f:47: + 3f:ef:ad:73:bc:e3:83:5d:87:a4:b7:78:86:51:ac:66:66:d4: + 4e:3a:d7:24:1d:3d:61:ff:99:02:62:3f:3f:79:7a:3a:30:cb: + 78:84:3e:63:bd:6d:55:49:4b:34:c4:92:16:9f:c2:4c:20:a1: + 81:52:73:ab:7a:46:40:6c:ea:0a:bd:7e:fa:01:1c:3c:2e:fa: + 21:95:80:ac:3b:a7:98:c0:7a:33:64:1b:39:c1:bb:a8:d6:45: + 1a:f0:62:2f:f8:99:dc:dc:02:d7:bd:fe:b7:28:5d:05:60:68: + 47:ac:99:1f:ea:8f:01:5a:81:20:3d:52:15:3b:d7:43:bf:c8: + 78:68:8c:9a -----BEGIN CERTIFICATE----- MIIDsjCCApqgAwIBAgIBATANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjET MBEGA1UECAwKRGVyYnlzaGlyZTEOMAwGA1UEBwwFRGVyYnkxGjAYBgNVBAoMEU1v c3F1aXR0byBQcm9qZWN0MRAwDgYDVQQLDAdUZXN0aW5nMRAwDgYDVQQDDAdSb290 -IENBMB4XDTI1MDExNTA1NTk1MloXDTMwMDExNDA1NTk1MlowZTELMAkGA1UEBhMC +IENBMB4XDTI1MDIyNTEzNDIzNloXDTMwMDIyNDEzNDIzNlowZTELMAkGA1UEBhMC R0IxEzARBgNVBAgMCkRlcmJ5c2hpcmUxGjAYBgNVBAoMEU1vc3F1aXR0byBQcm9q ZWN0MRAwDgYDVQQLDAdUZXN0aW5nMRMwEQYDVQQDDApTaWduaW5nIENBMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mbG8PtI7y+n3yIq28yMGA2ZGLlV -ccCQDlrGBlTZ8s7VVQVSvrIlVxf8NQPoChGHKfBH5qdN5LYDSuA3vt7kgKTJVAfU -hH2B4v1Qd+yx4RWmJL+admPNmQDdi0IOO5J9dNQ1EnkVB8IZ5fzcZHS93XFWmNlO -ZdhchkPmNQKIDqKw5vgrhIhoKH+jcUrvT6Y/L1jiyIYuB7xqPRQ+ytxtG2+GYVvA -v9rJRR4aqBmhZpv4TaIjd+qK710OanH4Jl4K4S0rGuhLGeJle+jraUDE6Oox0lQk -wKjVHufJDyuiaZ84PAI3oPLKAVHPHLUhCypcxJO7rFn/fmfGoeCEzaDmrQIDAQAB -o2AwXjAdBgNVHQ4EFgQUU0haUE14gG1VeYr+qaNoegSa8IcwHwYDVR0jBBgwFoAU -D7h9Lg98nqpPxmsrrpDPzugsRcwwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMC -AQYwDQYJKoZIhvcNAQELBQADggEBADV9ETzbTbVj08BtYfps5UMVqsbE9yBbeKqV -t+TPicrIFxDQ8GkSluTzxVirquC+6103Q6+eOm/5789v9WclYuRwjgia/BcyRbXx -yGyt6EwvFGck4CS2hCI0Jott/+FcncKEGNedSK2gC5ztzZ7UqCB6QerDAKM7pasi -rUFFWhdf4hqMn6u+vHs9pCOT24AsG5tQz3K57/VUdmNHoHO9VzdRR+YO9rKBcBHb -iERtgpZvhW1nJRtns608WReWasCf9NSKWu6BjY8YLJKcqyZANiG6G9sTZTTdvyat -Eh+ql1XF1GDlnnU3PTw7srCXFWqpHma/pGSCa45g9CagXIHx9GQ= +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/HhmivivhzuWYuqF/VH5D+Smwj0t +Dfai/zIstNkxTPrpMYdiEsFnmR2WZdZwzy6zf/zWkI2f6+ano08Hq76QN27uJkfl +Dw+iQVYt/0VFh3rEkPPGc6+DpUBW/iQoccGjA3R6zioUr4lHfAzD7Dbj7pW9Dtoj +K1K0ycGE62KEld52875o3L2Cc7DlCFFtPpdKXbg9BerartPZpFj578lXUvU4HCdn +cI1OskbAEv65fR55bNPHNuLhzjWLiWEPNe/Bdj/AD+kQJ1pxymMrbhlmqnTfoBxa +c+ELym5nCfriCrQpY7A7fS+CsxBW2Ruhd2Ar140FQCCIcZiRGOTOrwdLpQIDAQAB +o1AwTjAdBgNVHQ4EFgQUMkEJ02Qi0+ngB9rj1VbIRGFG3DgwHwYDVR0jBBgwFoAU +qMefvFl2cLo+EW1UUeMlzIOWybQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsF +AAOCAQEATjjOl+nE2GVq2bBXa5M9D+/6PcrhM8MvWysr/vZir2Yzb/fkCx3J7/sB +sIxDL/NotPn5EOALvPSixYyVReRzOOc8VkoqcKU6H84wFS8G7JhenVT7ncjRHlWU +Bpz9QG+VKo1IxZ4sFUn0mt0fFAJ8fT6ecfUNgCLhg4A/Iw9HP++tc7zjg12HpLd4 +hlGsZmbUTjrXJB09Yf+ZAmI/P3l6OjDLeIQ+Y71tVUlLNMSSFp/CTCChgVJzq3pG +QGzqCr1++gEcPC76IZWArDunmMB6M2QbOcG7qNZFGvBiL/iZ3NwC173+tyhdBWBo +R6yZH+qPAVqBID1SFTvXQ7/IeGiMmg== -----END CERTIFICATE----- diff --git a/test/ssl/test-signing-ca.key b/test/ssl/test-signing-ca.key index bbf74dd9..69ef84b2 100644 --- a/test/ssl/test-signing-ca.key +++ b/test/ssl/test-signing-ca.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDaZsbw+0jvL6ff -IirbzIwYDZkYuVVxwJAOWsYGVNnyztVVBVK+siVXF/w1A+gKEYcp8Efmp03ktgNK -4De+3uSApMlUB9SEfYHi/VB37LHhFaYkv5p2Y82ZAN2LQg47kn101DUSeRUHwhnl -/NxkdL3dcVaY2U5l2FyGQ+Y1AogOorDm+CuEiGgof6NxSu9Ppj8vWOLIhi4HvGo9 -FD7K3G0bb4ZhW8C/2slFHhqoGaFmm/hNoiN36orvXQ5qcfgmXgrhLSsa6EsZ4mV7 -6OtpQMTo6jHSVCTAqNUe58kPK6Jpnzg8Ajeg8soBUc8ctSELKlzEk7usWf9+Z8ah -4ITNoOatAgMBAAECggEAGHlL8dU25xbACREbHGZfjJJ5hXu/R2/8tJ8Xcb4wbjUf -Ute13gi4hnn5mTdG2Vn9e4WhiQdWgzqiQ9G8bXcsw/2zUedOuUoXNAiO6+FqTX7P -j26pMHsenvap3OEaFzLjPCRLjjZjVOs7W7pqOBec7yO0QIyZbHBCbglN0sLl3D3J -35zTVrPFaRqg0QajOdp43ZPK+UHQRJ1OVt0BV44/GnZqvXC52kWfX9FZLak4E6Rj -Z15PEhYlAT+DfaWxPAZO5p4M8/SBi8HjXsMAetLxJBHKJRW0Jbm3gOVU2Nt5HGtT -nyKR5nsTAgXWKCAB9im8d17FzjmthWDtHl2Dh7iLQQKBgQD6mQuLExQkXqdjeFNM -lOCic3LfK9cn7hy0YINmaQEC6ZVnVx8Zpraa+CdVUazH8B2LA/uxrMstdzykFlr3 -/mCS2CWcDVJP8ORbC9X2Vh7my/N0vbNSfjNKiF18snmi5rWfPJjQ8GLv/GKRNiTp -2jssO2FVLDLhR8nW/e+cIicAIwKBgQDfHA1uH8bx6ROU5k1g5lr9f8eZMAmaO7rv -uHmxLo9Usn8Hew6qD62a3oHkDCm4qnyCEl/yDvv7DOJXdugwnoZKaIIiyGA/Mcvg -Bv92i3vNscbV8GF5vTww+wrvSJsP9+HJtrDBSO3HKFI7vaJE614WSKppZNeCo23i -R4tVzaKC7wKBgQDWyc6nCVc+RRLbowpinUhcdO+EcSMcym43/HEjmeSQBn1T8cxq -RAZHlWLBMhwR0rC/sk5M33nWIlkLm02lOZa0xiaWNqTSd/qCPwbI+M/Lqgulh+Ln -VdvIilD2zFKNWYlaTqn8i82BPKWPKQVCmxYUt2CZjCSgCtPpPgXdoTgkWQKBgAm5 -BzzNVbYlGh1bC/Q1FbIGZ4Rde42lHLhlqaf3B3gBb1e8HR98H2yoVbDCdu79Pv/M -HTJHROPj49k77VJxFhkYBNPPN6KJYQEaTPe1jGeiX6/jEdxkSsM3rXpQB7Hic4x+ -0aUasIIFV9ASq4elWixObl65bkrbJGbAB2pt068xAoGABlKwzukz8MOpBr4+rt9w -p/C0jCxy1yYG9EKLoeTk1IcuJPAau4slOnVY1yZzptfwa9STLDgdKlq2WPDddr0+ -Rf2ekk/LGNcs470eIoNcxpA3w4MxnAPLrJuGDBsbPTTWN8V7d3NnUfEh/gJmlPQd -WINyhDvmK0QfjzL2+OKSN6Y= +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQD8eGaK+K+HO5Zi +6oX9UfkP5KbCPS0N9qL/Miy02TFM+ukxh2ISwWeZHZZl1nDPLrN//NaQjZ/r5qej +TwervpA3bu4mR+UPD6JBVi3/RUWHesSQ88Zzr4OlQFb+JChxwaMDdHrOKhSviUd8 +DMPsNuPulb0O2iMrUrTJwYTrYoSV3nbzvmjcvYJzsOUIUW0+l0pduD0F6tqu09mk +WPnvyVdS9TgcJ2dwjU6yRsAS/rl9Hnls08c24uHONYuJYQ8178F2P8AP6RAnWnHK +YytuGWaqdN+gHFpz4QvKbmcJ+uIKtCljsDt9L4KzEFbZG6F3YCvXjQVAIIhxmJEY +5M6vB0ulAgMBAAECggEAI0dYvt0au/kf3dEbKYd5l9ax1a0SPWQEKUhT1m6OFM1v +5feexPOpHAx2HmNdbpn+Q6lrOxZLLT3VGX0a240cnl5eIVPFBnp/CAW4ljXSDikh +zAaAadxx9xa7QTaAv0qZUouFeIcJTnEOn98xxnFyHr3mRevF49EiCZpEzlZ9I+rD +4+gzKuP1YE9UlA7AIvR3/FGg1KSyXimehGCwi5jhPGmLzDGi3y/05FydZS2kMZd9 +5m1KA3OSiqR9aPnQJOrkukLPDRNimaVquSsebsB+Td9v3OkirJwoTyWFQr2qxA0J +/haYval/tniPly5mVwGP3I5kmo7/caX6y5OSU/BMwQKBgQD/ixH/Y0ovgoKU+GpI +Ns3Rb4J5/lz2NijICSNCTn5ODB5O1WQDR/wQ949c3TK4Z8DaMea/OW0+P0Kxtn1+ +Qi7okrq+fAkizpLWXxS3g3zCLH8d0VBe26HNaU8HlC7NRb8P3zF1L5VmVyK0UINC +nHq0033h6GbMX+dIxr70IfnTQQKBgQD86+yWHXvXt+Oyyx5l8SJK2LW4HqML9Dho +lGd1Grjv2A4YLy2zQrPcSsshU8bri4Yn/FZqCmZpMMFT/FpnfwkOeR+0Ve+3a/hQ +fehW3ISWDqqhPPVaX9xQqPv4nYeM8k4VoqRAmoo6qZ67UL/bCdWq1xLCu8AxKpEv +dC3dhyEzZQKBgEpvphRwRaHFMGhYXA0g+Z7yDl2evFFzwTlTgBPGbYAqg4GPIwzZ +oREIK5hvTmDsx/5G3uIAxlOFddXyRGfMu4E/jGoEE10yMw+CrrQt9t9Qus5itDiN +XXpKHJ0miuN8V4U2DGAINkqTQyam9TUoA448tMRjP950aRiH3AOdCfqBAoGBAJqw +ZPPvNnZadv48cuwgjju+zW299zTxeqqj0Z7y6BdxSjWKbWYNLtpWOGS6y5f2rue3 +0tZqY/aEJkoKtvRD4zMh670tLj893xLD3x15I/JvJ/cTxHAw3xvKLsoA9w3CiPV8 +kv8cRdzZL0cbfSwnmLIzdrr5f/PSOBgQ85hg9HJtAoGAGA2O4Ez5pYBlhhoyCWK0 +cMcPss2SQ3A+ZtOiNJmMFiNu/FfdrI5T/j7XPunU5WjK+IHF8ohRkNTbr5/6q2Zm +oup4fEgNuoBd6dqs/apjjIKeidTBECzdrBXj/+20eVcp3kORKcH5LOlAQHuOCcKF +mehZbzBDHYOn7H/mYSs6N0g= -----END PRIVATE KEY----- diff --git a/test/unit/util_topic_test.c b/test/unit/util_topic_test.c index df5ee697..f452725b 100644 --- a/test/unit/util_topic_test.c +++ b/test/unit/util_topic_test.c @@ -196,6 +196,7 @@ static void TEST_invalid(void) no_match_helper(MOSQ_ERR_INVAL, "foo/#abc", "foo"); no_match_helper(MOSQ_ERR_INVAL, "#abc", "foo"); no_match_helper(MOSQ_ERR_INVAL, "/#a", "foo/bar"); + no_match_helper(MOSQ_ERR_INVAL, "", "foo/bar/#"); } /* ======================================================================== @@ -233,6 +234,7 @@ static void TEST_pub_topic_invalid(void) pub_topic_helper("pub/topic#", MOSQ_ERR_INVAL); pub_topic_helper("pub/topic/#", MOSQ_ERR_INVAL); pub_topic_helper("+/pub/topic", MOSQ_ERR_INVAL); + pub_topic_helper("", MOSQ_ERR_INVAL); } @@ -278,6 +280,7 @@ static void TEST_sub_topic_invalid(void) sub_topic_helper("sub/#topic", MOSQ_ERR_INVAL); sub_topic_helper("sub/topic#", MOSQ_ERR_INVAL); sub_topic_helper("#/sub/topic", MOSQ_ERR_INVAL); + sub_topic_helper("", MOSQ_ERR_INVAL); } /* ======================================================================== diff --git a/vcpkg.json b/vcpkg.json index 23e62abb..285dfcbe 100644 --- a/vcpkg.json +++ b/vcpkg.json @@ -1,6 +1,6 @@ { "name": "mosquitto", - "version-string": "2.0.20", + "version-string": "2.0.21", "dependencies": [ "cjson", "libwebsockets", diff --git a/www/pages/documentation/using-the-snap.md b/www/pages/documentation/using-the-snap.md index 41d6f3d4..31e22109 100644 --- a/www/pages/documentation/using-the-snap.md +++ b/www/pages/documentation/using-the-snap.md @@ -74,6 +74,20 @@ and keys, must also be placed in `/var/snap/mosquitto/common/` - in new folders if wanted. This directory is the only place accessible by Mosquitto when running as a snap. +Starting and stopping the broker service can be done with the snap command: + +``` +snap start mosquitto +snap stop mosquitto +``` + +Or via systemd: + +``` +systemctl start snap.mosquitto.mosquitto +systemctl stop snap.mosquitto.mosquitto +``` + All other aspects of running Mosquitto are the same as with any other installation methods.