From 597e6c63146eed208478191bc3ab629160a921b6 Mon Sep 17 00:00:00 2001 From: Alan Lei Date: Tue, 17 Mar 2020 14:33:46 -0700 Subject: [PATCH 01/19] Close connection after TLS timeout or error Signed-off-by: Alan Lei --- .../tyrus/container/grizzly/client/GrizzlyClientSocket.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/containers/grizzly-client/src/main/java/org/glassfish/tyrus/container/grizzly/client/GrizzlyClientSocket.java b/containers/grizzly-client/src/main/java/org/glassfish/tyrus/container/grizzly/client/GrizzlyClientSocket.java index d3388d59..d615d118 100644 --- a/containers/grizzly-client/src/main/java/org/glassfish/tyrus/container/grizzly/client/GrizzlyClientSocket.java +++ b/containers/grizzly-client/src/main/java/org/glassfish/tyrus/container/grizzly/client/GrizzlyClientSocket.java @@ -376,8 +376,10 @@ public void handleTimeout() { try { sslHandshakeFuture.get(timeoutMs, TimeUnit.MILLISECONDS); } catch (ExecutionException e) { + closeTransport(privateTransport); throw new DeploymentException("SSL handshake has failed", e.getCause()); } catch (Exception e) { + closeTransport(privateTransport); throw new DeploymentException(String.format("Connection to '%s' failed.", requestURI), e.getCause()); } From ec38c5a8e8c2959a28300eac13fe0fdaeffa3a9d Mon Sep 17 00:00:00 2001 From: Dan Siviter Date: Mon, 29 Jun 2020 16:53:20 +0100 Subject: [PATCH 02/19] Addresses #630 Signed-off-by: Dan Siviter --- .../tyrus/core/MessageHandlerManager.java | 10 +++-- .../glassfish/tyrus/core/TyrusSession.java | 16 ++++---- .../tyrus/core/TyrusSessionTest.java | 41 +++++++++++++++++-- 3 files changed, 53 insertions(+), 14 deletions(-) diff --git a/core/src/main/java/org/glassfish/tyrus/core/MessageHandlerManager.java b/core/src/main/java/org/glassfish/tyrus/core/MessageHandlerManager.java index a290fa9c..5335708f 100644 --- a/core/src/main/java/org/glassfish/tyrus/core/MessageHandlerManager.java +++ b/core/src/main/java/org/glassfish/tyrus/core/MessageHandlerManager.java @@ -301,6 +301,10 @@ public void removeMessageHandler(MessageHandler handler) { } } + Map, MessageHandler> getRegisteredHandlers() { + return new HashMap<>(registeredHandlers); + } + /** * Get all successfully registered {@link MessageHandler}s. * @@ -308,14 +312,14 @@ public void removeMessageHandler(MessageHandler handler) { */ public Set getMessageHandlers() { if (messageHandlerCache == null) { - messageHandlerCache = Collections.unmodifiableSet(new HashSet(registeredHandlers.values())); + messageHandlerCache = Collections.unmodifiableSet(new HashSet<>(registeredHandlers.values())); } return messageHandlerCache; } public List, MessageHandler>> getOrderedWholeMessageHandlers() { - List, MessageHandler>> result = new ArrayList, MessageHandler>>(); + List, MessageHandler>> result = new ArrayList<>(); for (final Map.Entry, MessageHandler> entry : registeredHandlers.entrySet()) { if (entry.getValue() instanceof MessageHandler.Whole) { result.add(entry); @@ -325,7 +329,7 @@ public List, MessageHandler>> getOrderedWholeMessageHandlers( return result; } - static Class getHandlerType(MessageHandler handler) { + private static Class getHandlerType(MessageHandler handler) { Class root; if (handler instanceof AsyncMessageHandler) { return ((AsyncMessageHandler) handler).getType(); diff --git a/core/src/main/java/org/glassfish/tyrus/core/TyrusSession.java b/core/src/main/java/org/glassfish/tyrus/core/TyrusSession.java index 787a9c0b..a7e2df5e 100755 --- a/core/src/main/java/org/glassfish/tyrus/core/TyrusSession.java +++ b/core/src/main/java/org/glassfish/tyrus/core/TyrusSession.java @@ -29,6 +29,7 @@ import java.util.Map; import java.util.Set; import java.util.UUID; +import java.util.Map.Entry; import java.util.concurrent.Future; import java.util.concurrent.ScheduledExecutorService; import java.util.concurrent.ScheduledFuture; @@ -61,7 +62,7 @@ * @author Martin Matula (martin.matula at oracle.com) * @author Pavel Bucek (pavel.bucek at oracle.com) */ -public class TyrusSession implements Session, DistributedSession { +public class TyrusSession implements DistributedSession { private static final Logger LOGGER = Logger.getLogger(TyrusSession.class.getName()); @@ -587,9 +588,10 @@ MessageHandler.Whole getMessageHandler(Class c) { void notifyMessageHandlers(Object message, boolean last) { boolean handled = false; - for (MessageHandler handler : getMessageHandlers()) { + for (Entry, MessageHandler> e : this.handlerManager.getRegisteredHandlers().entrySet()) { + MessageHandler handler = e.getValue(); if ((handler instanceof MessageHandler.Partial) - && MessageHandlerManager.getHandlerType(handler).isAssignableFrom(message.getClass())) { + && e.getKey().isAssignableFrom(message.getClass())) { if (handler instanceof AsyncMessageHandler) { checkMessageSize(message, ((AsyncMessageHandler) handler).getMaxMessageSize()); @@ -615,11 +617,9 @@ void notifyMessageHandlers(Object message, boolean last) { } void notifyPongHandler(PongMessage pongMessage) { - final Set messageHandlers = getMessageHandlers(); - for (MessageHandler handler : messageHandlers) { - if (MessageHandlerManager.getHandlerType(handler).equals(PongMessage.class)) { - ((MessageHandler.Whole) handler).onMessage(pongMessage); - } + final MessageHandler.Whole handler = getMessageHandler(PongMessage.class); + if (handler != null) { + handler.onMessage(pongMessage); } } diff --git a/core/src/test/java/org/glassfish/tyrus/core/TyrusSessionTest.java b/core/src/test/java/org/glassfish/tyrus/core/TyrusSessionTest.java index aa5908db..b0c387ad 100644 --- a/core/src/test/java/org/glassfish/tyrus/core/TyrusSessionTest.java +++ b/core/src/test/java/org/glassfish/tyrus/core/TyrusSessionTest.java @@ -294,7 +294,6 @@ public void onMessage(InputStream message, boolean last) { public void multiplePongHandlersAsync() { Session session = createSession(endpointWrapper); - session.addMessageHandler(new MessageHandler.Partial() { @Override public void onMessage(PongMessage message, boolean last) { @@ -312,7 +311,6 @@ public void onMessage(PongMessage message, boolean last) { public void multipleBasicDecodableAsync() { Session session = createSession(endpointWrapper); - session.addMessageHandler(new MessageHandler.Partial() { @Override public void onMessage(TyrusSessionTest message, boolean last) { @@ -359,7 +357,6 @@ public void onMessage(PongMessage message) { public void removeHandlers() { Session session = createSession(endpointWrapper); - final MessageHandler.Partial handler1 = new MessageHandler.Partial() { @Override public void onMessage(String message, boolean last) { @@ -408,6 +405,44 @@ public void idTest() { assertFalse(session2.getId().equals(session3.getId())); } + @Test + public void getLambdaHandlers() { + Session session = createSession(endpointWrapper); + + final MessageHandler.Partial handler1 = this::stringPartialHandler; + final MessageHandler.Whole handler2 = this::bytesHandler; + final MessageHandler.Whole handler3 = this::pongHandler; + + session.addMessageHandler(String.class, handler1); + session.addMessageHandler(ByteBuffer.class, handler2); + session.addMessageHandler(PongMessage.class, handler3); + + assertTrue(session.getMessageHandlers().contains(handler1)); + assertTrue(session.getMessageHandlers().contains(handler2)); + assertTrue(session.getMessageHandlers().contains(handler3)); + + session.removeMessageHandler(handler3); + + assertTrue(session.getMessageHandlers().contains(handler1)); + assertTrue(session.getMessageHandlers().contains(handler2)); + assertFalse(session.getMessageHandlers().contains(handler3)); + + session.removeMessageHandler(handler2); + + assertTrue(session.getMessageHandlers().contains(handler1)); + assertFalse(session.getMessageHandlers().contains(handler2)); + assertFalse(session.getMessageHandlers().contains(handler3)); + } + + private void stringPartialHandler(String message, boolean last) { + } + + private void bytesHandler(ByteBuffer message) { + } + + private void pongHandler(PongMessage message) { + } + @ServerEndpoint(value = "/echo") private static class EchoEndpoint extends Endpoint { From d884985666edca9865041760bcbc09987f5af5c6 Mon Sep 17 00:00:00 2001 From: jbescos Date: Wed, 8 Jul 2020 20:43:26 +0200 Subject: [PATCH 03/19] Support of TLSv1.3 by JDK Client (#707) Support TLSv1.3 Signed-off-by: Jorge Bescos Gascon --- .../tyrus/container/jdk/client/SslFilter.java | 56 ++++++++-------- .../container/jdk/client/SslFilterTest.java | 38 +++++------ .../jdk-client/src/test/resources/client.cert | 17 ----- .../src/test/resources/clientkey.cert | 27 ++++++++ .../src/test/resources/keystore_client | Bin 1282 -> 2621 bytes .../src/test/resources/keystore_server | Bin 1288 -> 2629 bytes .../src/test/resources/regenerate.sh | 60 ++++++++++++++++++ .../jdk-client/src/test/resources/server.cert | 17 ----- .../src/test/resources/serverkey.cert | 27 ++++++++ .../src/test/resources/truststore_client | Bin 882 -> 1218 bytes .../src/test/resources/truststore_server | Bin 876 -> 1218 bytes 11 files changed, 163 insertions(+), 79 deletions(-) delete mode 100644 containers/jdk-client/src/test/resources/client.cert create mode 100644 containers/jdk-client/src/test/resources/clientkey.cert create mode 100644 containers/jdk-client/src/test/resources/regenerate.sh delete mode 100644 containers/jdk-client/src/test/resources/server.cert create mode 100644 containers/jdk-client/src/test/resources/serverkey.cert diff --git a/containers/jdk-client/src/main/java/org/glassfish/tyrus/container/jdk/client/SslFilter.java b/containers/jdk-client/src/main/java/org/glassfish/tyrus/container/jdk/client/SslFilter.java index 52f29fd3..1b123b67 100644 --- a/containers/jdk-client/src/main/java/org/glassfish/tyrus/container/jdk/client/SslFilter.java +++ b/containers/jdk-client/src/main/java/org/glassfish/tyrus/container/jdk/client/SslFilter.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014, 2017 Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2014, 2020 Oracle and/or its affiliates. All rights reserved. * * This program and the accompanying materials are made available under the * terms of the Eclipse Public License v. 2.0, which is available at @@ -61,6 +61,7 @@ class SslFilter extends Filter { /* Some operations on SSL engine require a buffer as a parameter even if they don't need any data. This buffer is for that purpose. */ private static final ByteBuffer emptyBuffer = ByteBuffer.allocate(0); + private static final String TLSV13 = "TLSv1.3"; // buffer for passing data to the upper filter private final ByteBuffer applicationInputBuffer; @@ -72,6 +73,7 @@ class SslFilter extends Filter { private final WriteQueue writeQueue = new WriteQueue(); private volatile State state = State.NOT_STARTED; + private volatile boolean tlsv13 = false; /* * Pending write operation stored when writing data was not possible. It will be resumed when write operation is * available again. Only one write operation can be in progress at a time. Trying to store more than one pending @@ -192,14 +194,14 @@ BUFFER_UNDERFLOW can occur only after unwrap(), but to be 100% sure we handle al } case CLOSED: { - state = State.CLOSED; + setState(State.CLOSED); break; } case OK: { // check if we started re-handshaking - if (result.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) { - state = State.REHANDSHAKING; + if (isHandshaking(result.getHandshakeStatus())) { + setState(State.REHANDSHAKING); } networkOutputBuffer.flip(); @@ -361,7 +363,6 @@ private boolean handleRead(ByteBuffer networkData) { try { applicationInputBuffer.clear(); SSLEngineResult result = sslEngine.unwrap(networkData, applicationInputBuffer); - switch (result.getStatus()) { case BUFFER_OVERFLOW: { /* This means that the content of the ssl packet (max 16kB) did not fit into @@ -391,12 +392,11 @@ private boolean handleRead(ByteBuffer networkData) { // signal that there is nothing useful left in this buffer return false; } - // we started re-handshaking - if (result.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING + if (!tlsv13 && isHandshaking(result.getHandshakeStatus()) // make sure we don't confuse re-handshake with closing handshake && !sslEngine.isOutboundDone()) { - state = State.REHANDSHAKING; + setState(State.REHANDSHAKING); return doHandshakeStep(networkData); } @@ -418,19 +418,18 @@ private boolean doHandshakeStep(ByteBuffer networkData) { boolean handshakeFinished = false; synchronized (this) { - if (SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING.equals(sslEngine.getHandshakeStatus())) { + SSLEngineResult.HandshakeStatus hs = sslEngine.getHandshakeStatus(); + if (!isHandshaking(hs)) { // we stopped handshaking while waiting for the lock return true; } - try { /* we don't use networkOutputBuffer, because there might be a write operation still in progress -> we don't want to corrupt the buffer it is using */ LazyBuffer outputBuffer = new LazyBuffer(); boolean stepFinished = false; while (!stepFinished) { - SSLEngineResult.HandshakeStatus hs = sslEngine.getHandshakeStatus(); - + hs = sslEngine.getHandshakeStatus(); switch (hs) { case NOT_HANDSHAKING: { /* This should never happen. If we are here and not handshaking, it means a bug @@ -440,25 +439,18 @@ private boolean doHandshakeStep(ByteBuffer networkData) { throw new IllegalStateException("Trying to handshake, but SSL engine not in HANDSHAKING state." + "SSL filter state: \n" + getDebugState()); } - case FINISHED: { - /* According to SSLEngine javadoc FINISHED status can be returned only in SSLEngineResult, - but just to make sure we don't end up in an infinite loop when presented with an SSLEngine - implementation that does not respect this:*/ - stepFinished = true; - handshakeFinished = true; - break; + throw new IllegalStateException("Trying to handshake, but SSL engine not in HANDSHAKING state." + + "SSL filter state: \n" + getDebugState()); } // needs to write data to the network case NEED_WRAP: { ByteBuffer byteBuffer = outputBuffer.get(); SSLEngineResult result = sslEngine.wrap(emptyBuffer, byteBuffer); - if (result.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.FINISHED) { stepFinished = true; handshakeFinished = true; } - switch (result.getStatus()) { case BUFFER_OVERFLOW: { outputBuffer.resize(); @@ -475,7 +467,7 @@ that BUFFER_UNDERFLOW can occur only after unwrap(), but to be 100% sure we hand case CLOSED: { stepFinished = true; - state = State.CLOSED; + setState(State.CLOSED); break; } } @@ -516,7 +508,7 @@ that BUFFER_UNDERFLOW can occur only after unwrap(), but to be 100% sure we hand case CLOSED: { stepFinished = true; - state = State.CLOSED; + setState(State.CLOSED); break; } } @@ -558,6 +550,7 @@ that BUFFER_UNDERFLOW can occur only after unwrap(), but to be 100% sure we hand if (handshakeFinished) { handleHandshakeFinished(); + tlsv13 = TLSV13.equals(sslEngine.getSession().getProtocol()); // indicate that there still might be usable data in the input buffer return true; } @@ -575,12 +568,11 @@ private void handleHandshakeFinished() { return; } - if (state == State.HANDSHAKING) { - state = State.DATA; + setState(State.DATA); upstreamFilter.onSslHandshakeCompleted(); } else if (state == State.REHANDSHAKING) { - state = State.DATA; + setState(State.DATA); if (pendingApplicationWrite != null) { Runnable write = pendingApplicationWrite; // set pending write to null to cover the extremely improbable case that we start re-handshaking again @@ -598,7 +590,7 @@ private void handleSslError(Throwable t) { @Override void startSsl() { try { - state = State.HANDSHAKING; + setState(State.HANDSHAKING); sslEngine.beginHandshake(); doHandshakeStep(emptyBuffer); } catch (SSLException e) { @@ -740,4 +732,14 @@ public String toString() { } } } + + private void setState(State state) { + this.state = state; + } + + private boolean isHandshaking(SSLEngineResult.HandshakeStatus hs) { + return SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING != hs + // TLSv1.3 introduces this, and it is considered as not handshaking + && SSLEngineResult.HandshakeStatus.FINISHED != hs; + } } diff --git a/containers/jdk-client/src/test/java/org/glassfish/tyrus/container/jdk/client/SslFilterTest.java b/containers/jdk-client/src/test/java/org/glassfish/tyrus/container/jdk/client/SslFilterTest.java index 7961dc39..2ab96827 100644 --- a/containers/jdk-client/src/test/java/org/glassfish/tyrus/container/jdk/client/SslFilterTest.java +++ b/containers/jdk-client/src/test/java/org/glassfish/tyrus/container/jdk/client/SslFilterTest.java @@ -16,6 +16,10 @@ package org.glassfish.tyrus.container.jdk.client; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + import java.io.BufferedOutputStream; import java.io.IOException; import java.io.InputStream; @@ -42,29 +46,28 @@ import org.glassfish.tyrus.client.SslEngineConfigurator; import org.glassfish.tyrus.client.ThreadPoolConfig; import org.glassfish.tyrus.spi.CompletionHandler; - import org.junit.Before; import org.junit.Test; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.fail; - /** * @author Petr Janouch */ + public class SslFilterTest { - private static final int PORT = 8321; + protected static final int PORT = 8321; + protected static final String SERVER_KEY_STORE = "/keystore_server"; + protected static final String SERVER_TRUST_STORE = "/truststore_server"; + protected static final String CLIENT_KEY_STORE = "/keystore_client"; + protected static final String CLIENT_TRUST_STORE = "/truststore_client"; + protected static final String PASSWORD = "asdfgh"; @Before - public void beforeTest() { - System.setProperty("javax.net.ssl.keyStore", this.getClass().getResource("/keystore_server").getPath()); - System.setProperty("javax.net.ssl.keyStorePassword", "asdfgh"); - System.setProperty("javax.net.ssl.trustStore", this.getClass().getResource("/truststore_server").getPath()); - System.setProperty("javax.net.ssl.trustStorePassword", "asdfgh"); - System.setProperty("jdk.tls.server.protocols", "TLSv1.2"); - System.setProperty("jdk.tls.client.protocols", "TLSv1.2"); + public void before() { + System.setProperty("javax.net.ssl.keyStore", this.getClass().getResource(SERVER_KEY_STORE).getPath()); + System.setProperty("javax.net.ssl.keyStorePassword", PASSWORD); + System.setProperty("javax.net.ssl.trustStore", this.getClass().getResource(SERVER_TRUST_STORE).getPath()); + System.setProperty("javax.net.ssl.trustStorePassword", PASSWORD); } @Test @@ -376,10 +379,10 @@ private ByteBuffer stringToBuffer(String string) { private Filter openClientSocket(String host, final ByteBuffer readBuffer, final CountDownLatch completionLatch, HostnameVerifier customHostnameVerifier) throws Throwable { SslContextConfigurator sslConfig = SslContextConfigurator.DEFAULT_CONFIG; - sslConfig.setTrustStoreFile(this.getClass().getResource("/truststore_client").getPath()) - .setTrustStorePassword("asdfgh") - .setKeyStoreFile(this.getClass().getResource("/keystore_client").getPath()) - .setKeyStorePassword("asdfgh"); + sslConfig.setTrustStoreFile(this.getClass().getResource(CLIENT_TRUST_STORE).getPath()) + .setTrustStorePassword(PASSWORD) + .setKeyStoreFile(this.getClass().getResource(CLIENT_KEY_STORE).getPath()) + .setKeyStorePassword(PASSWORD); SslEngineConfigurator sslEngineConfigurator = new SslEngineConfigurator(sslConfig.createSSLContext()); sslEngineConfigurator.setHostnameVerifier(customHostnameVerifier); @@ -461,7 +464,6 @@ void close() { clientSocket.close(); throw exception.get(); } - return clientSocket; } diff --git a/containers/jdk-client/src/test/resources/client.cert b/containers/jdk-client/src/test/resources/client.cert deleted file mode 100644 index d43d88b5..00000000 --- a/containers/jdk-client/src/test/resources/client.cert +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDJTCCAuOgAwIBAgIET5ZyYjALBgcqhkjOOAQDBQAwdjELMAkGA1UEBhMCQ1oxFzAVBgNVBAgT -DkN6ZWNoIFJlcHVibGljMQ8wDQYDVQQHEwZQcmFndWUxGzAZBgNVBAoTEk9yYWNsZSBDb3Jwb3Jh -dGlvbjEPMA0GA1UECxMGSmVyc2V5MQ8wDQYDVQQDEwZDbGllbnQwHhcNMTIwNDI0MDkyOTA2WhcN -MTIwNzIzMDkyOTA2WjB2MQswCQYDVQQGEwJDWjEXMBUGA1UECBMOQ3plY2ggUmVwdWJsaWMxDzAN -BgNVBAcTBlByYWd1ZTEbMBkGA1UEChMST3JhY2xlIENvcnBvcmF0aW9uMQ8wDQYDVQQLEwZKZXJz -ZXkxDzANBgNVBAMTBkNsaWVudDCCAbcwggEsBgcqhkjOOAQBMIIBHwKBgQD9f1OBHXUSKVLfSpwu -7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9jVj6v8X1ujD2y5tVbNeBO4AdNG/yZmC3a5lQpaSf -n+gEexAiwk+7qdf+t8Yb+DtX58aophUPBPuD9tPFHsMCNVQTWhaRMvZ1864rYdcq7/IiAxmd0UgB -xwIVAJdgUI8VIwvMspK5gqLrhAvwWBz1AoGBAPfhoIXWmz3ey7yrXDa4V7l5lK+7+jrqgvlXTAs9 -B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyNKOCjrh4rs6Z1kW6jfwv6 -ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQBTDv+z0kqA4GEAAKBgBmHNACDk1aw -vUZjsRecMSBlkkCSqr/cCrYOsNwpfleQKsM6rdOofujANUVeoUFhX8e8K45FknxEqAugmhGQ9NRn -uMenrvV+XupC0V2uGH0OciXeAzHbfeItBCbmJcvMdPW/q+I2vFchv6+ajEiNHogBrCc3qwSMhyVQ -ug2fXHmJMAsGByqGSM44BAMFAAMvADAsAhQYznYmH0hrcLni4EqX3Ovac+pNJgIUehnEaW1V5djn -dhYBAYUkSycETl4= ------END CERTIFICATE----- diff --git a/containers/jdk-client/src/test/resources/clientkey.cert b/containers/jdk-client/src/test/resources/clientkey.cert new file mode 100644 index 00000000..305dc689 --- /dev/null +++ b/containers/jdk-client/src/test/resources/clientkey.cert @@ -0,0 +1,27 @@ +Alias name: clientkey +Creation date: Jun 22, 2020 +Entry type: PrivateKeyEntry +Certificate chain length: 1 +Certificate[1]: +-----BEGIN CERTIFICATE----- +MIIDjTCCAnWgAwIBAgIEdX5IhDANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJD +WjEXMBUGA1UECBMOQ3plY2ggUmVwdWJsaWMxDzANBgNVBAcTBlByYWd1ZTEbMBkG +A1UEChMST3JhY2xlIENvcnBvcmF0aW9uMQ8wDQYDVQQLEwZKZXJzZXkxDzANBgNV +BAMTBkNsaWVudDAgFw0yMDA2MjIwNzI5MzZaGA8yMTIwMDUyOTA3MjkzNlowdjEL +MAkGA1UEBhMCQ1oxFzAVBgNVBAgTDkN6ZWNoIFJlcHVibGljMQ8wDQYDVQQHEwZQ +cmFndWUxGzAZBgNVBAoTEk9yYWNsZSBDb3Jwb3JhdGlvbjEPMA0GA1UECxMGSmVy +c2V5MQ8wDQYDVQQDEwZDbGllbnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQClVUtMXL/+WK5Ma6mV+BeGZlSlGqT9teUUDwPkipZMA9wdXTC3iSIp098s +NCiPJBPXs+0KSrrPVgcHlMONcAzg3FHQrbP1aIH0oFOHR1bF/KNG1/XzV8HLMHqM +ynnDJ69sYOUy6BO6lYQM1GaPf0fdqkdii2/clKiKzzT/Ohr6549q3vdzHw4hKmoE +SKrdmv4OkOFGKzAH2dzNciHGnpiQj03DhjAN/8KobdUbsxoklnYOdDkg2UErI0zC +qPRg2DVVOxhViMOmPBheXVvdDiIAdLlXRiPTraetr1KxDHV6KXsQhKmADZhIj8jY +NjIyMo52bRTToaJQL5DKF6Boyx/tAgMBAAGjITAfMB0GA1UdDgQWBBSjbPqA6Tkv +6oS99eZLNQk11M+DODANBgkqhkiG9w0BAQsFAAOCAQEACNAqN0lz1cUlIocfhSk8 +JlAHsRbWoCxxJZNJE0WWZ6lfH5xdlW0/87yfSvtLwDOY/8OYAhbzjG5O8mQv/I32 +b2Acs42Sh+otVyLjbYicv+1yMuvmBnhEImeMHSGFjczYf9zQ+2PlerxdNwVKdpUL +V3Dt68wTlWNRYm9X6uVpNRG7fy7/goeJhAXuVER9Gtl/LQ6GJyZjVxYemckoXWDY +DCqVlzsZpnyoI2lrYXlcT3liPlRLJjqnWvmmF9GyqiIVeng9VTfStsEQ6LUfwKQO +dtvwYhbVtL++fuX/99WYCDRL8mSFu8REruQln3TJf79wOQ14O0H5jWjr4QoeOIf9 +aw== +-----END CERTIFICATE----- diff --git a/containers/jdk-client/src/test/resources/keystore_client b/containers/jdk-client/src/test/resources/keystore_client index d016fd2a8c8f6a4292353efc0df32cb9aa21dcdf..fbca50a85ef5b0ff74d01e2ccbdc34b47b7f53bd 100644 GIT binary patch literal 2621 zcmY+Ec{~%0AIBYI=E^a1CL?mzsPVXJ*dAJxO70`auw==Rl$ass<4DO+=3E)#kt0lw zIhr{_mK=-ZJ}0?SkKgb0`#rzk^T+q~dA;7B@Av!X8%E&Q=i=ms5kPESkorT5hucD& zKu!_?^aVfwu@3PVjKFj29~IAa0D;H(5ZfP)4X?m|t_1lxxkv=SK8yg^hN;+xA`-3rZ8zy5nyJWs@`4-wV`CnB zZFe!o)~0&~7~_H2n6f+H2xR8h%%FIus?dKv_q*^e(&UL84o5j>Y;Ms@4|fXo3$$7d z40R=28sbs=Dy2{52HERXA{|=F?JPykrLpAx(~Yw_*dSt;UGZ!DsNB_r2k(=oQaxfb z_UQ7Wd-A?bN&eVGhotw<@|78}3OeN-v$V3w75+c zTU8J>8(q%6?B5tC^W;;_St@~ec(iwT+p)HzPaeoipLMF*dj70F-x&`?yC+>J?SFNH zCrjS5U)%3yByYO5&MofU<3fX|CBt=}5I+AQ$sZ1bZS`qvSOXM@wk`LbC}O1)@B*f_ItZtv)8vNY-dtwDQW?Kz4QBF~MG5D8?ru3!7g(^C7*Mid7z(VbPRE_u-$;P zr$ub(y3QOR-VvCKUM{gOg({1`{pccrU5Rp)0PZStqji()HEkJt*%JqU_8p!34rHC} zSqsnE8-48l6#2mRQ8yXaHV<}b6U(|qIi~i0Z8lTl?N`q3{Hg50)DCpo$1@%t?8--w zJ`gC_;B>>dk;_`^k+k`w$+RW56*7!zCshJadQl*<**q#I!L}<~$&Uz4|EVLTxg6Pb z+YVV;s}j^-@I$sg82d6GWa_-(JUevKOgbJZTTC5Q6H$LkU%q;zDag9A46fXPJiBY4_$AtkCg>-sus(=*am7x0rx$UT!Rk-p7yB z+sl4$fFtBwkxuxHuxfBD!gNc6-v{s7Fg2gZnKFp#LfNl`@kuq0cW0Bbu=cZ#`hstZ zUx)hM{iUY_i9fgNl8Y@9k6vZMJEQd4`i@<&`;oc2Y^7%Ezj(p2U|0oHhRbr*IE`;S z*);X*ZV4hVNcS;JbW7!n7HjBC@w7)L2`w1o@BWmLgmgKe%#X-QO{~DW;`whX4SaC}$ED{wPLwbHtUCfa&zv<{iz|1Zuk$MMG$0087%QAV*yz)K{H5bw zeq*Kf?=a}!ssw?x!SZ4po*XwhupAf;97iyR-(iOR|B8e*7$9bY^~We^!}WE3(}wBm z>7LewA1c)A?>|7^L#tjpM3=cZISvE;zlQT4p5^_QXKS1yV;obaaa^JLR(yDk^wa?E z_}M|t+U4MdBokW zKk#ioX$sj!X2_{BzTj|sjqt3L`$Co3b47y&Z8(SP=KFvCY97>=AA^htHL#m5UmA;P znFx*brZ|~9eE3>uWMs>&;GeSUJR~SCGfER;h?N7J_Q=ezu=b^x;`_21r)`_eDxz$J z-O@^)k+;P*;tq{>%`7K0gSy}|8l8#UczG%lhZccw~JkCk0!hMTk?U99M|VK@#I^^{YQ(5_OZ{gN{c z+KKUU_n?cP^8P#@bz-RWcBA?yZ$q};Y+Ca7Qn<9=HvYIzkj|4?Bm~De5FUS&&N*B;A|+#x1%TfWa7XAEFRQNn@=r$KwcO{RCE-&pS}n}&D| z`(r<#Z_QzVVZCHEg(!dl+9z~sg9z5N%XOq%)a4BC2<4_B>xAb9>`-FfFK$owaAAfP zA?lIb4si9Hi04?9lKahMFXs4{OuLt}A@j~Q6D~C46B8CIdA5>@O6ZaSeB$aoRg-0Z zTC+UDoJuCK;k`0;IS(2NJG%D+CQgP7BoDrwho+Kmkz1=x%>ZiY(gA<`9!Hgwt}22n zf|)->_hQfU!@B3Ui0?*lTBECkqq8#AV?Kj&Cr){V-=SLPiYCW4Hq{nx`WN<4(FI0y z#)&Pxk!d-waZiVPvpKtp3IX$&EQa??Lz+vQ;xw5TO0@PP;6H+6Pd!_d7x}fId2J=o z*e4LUmJf;mZ~tP5y9E#7Il|fr2?@*gUkO(_VuE3gPGi#NT=brU&F;P2vv-(C&xQpU zl7D=mBuQWGZ}bLcgj`gEX$VN=O{(+B(HW++5dmFu|R<5Z@aYxR@?8|@`Dpj87AX9S88 z%Z*+kyEEJmEJ-nw+GS4gOyGJn2XY71ZwSEFt%$Uy*;}BD)U1ieUt7?$t3G{z>j=jk z4=++3Fes>x(iP_m|7cZze_(!8TE%qI;H?rHCg0~H#S-k$S|7Og>D~m|iFf9e(3Q!F z-w>*>voI(O#LJ^0%*`dk!vO#<*ff5&>agf>;4_O=l$S0#aJ*v-0ArkdJ-S^fqVzrG T0K@l6yCNR+5iV}dhorv%`|{bC literal 1282 zcmezO_TO6u1_mY|W&~r-%87uAMe$^ZajElO8m+%^IWz)oS<7V zbHD4?gYA14G>Uid?l+rjw0Jq!j?118H1>!HPq#kn6U=$Vsie#*NN&^r?vp#0{#Bh@ zWTj=2P^h%%(AP<>7sJn;-2CA}&5~)JU0be4`|xKj_)aSQ9+n2A6i*Onj*Pfbm0b&e0pzOAlA5`It7<&ugd+7P_Pz$QH`M z9J%s!kl(4FT6S5tr>n%r{hSfxdue+4-)E)ACbXqm%Wy5LpYTob#XF;Ltw=YucXzz= zmF#8ZZ)obKa4gRKuv*e6VBv$4mqi-X_C!^0$lRKEP-Y#szVUe$ZD!;4XU&tJPdUv{ z=`EJTb2Gfi*LPj}S@W*7t~CeK94^i@?fx2(x^w0Nu1M?P<4j)Qm|~64Gc~YeU|`lX zXku11XkvQ2fSHMriHXI3T2Yb#HygWFo5wi|7G_okgEB*I15P&PP!={}Cg&(aaRX5h zheMdpxhgd|Lm?=&pfo8bGue>efEOgeF3c8Cl$c(cYA9_W2@>EE7VmPEQlC^9C@b3Muxxj!Hu$|LYhJMz2@k>dGh?5;PxP!_bv>FZ7EiH4ErLDDn=FSGfO`1TM;;+b4Bz0hfz=GvrXzwi)*M3RZU^^vHo}7 zQ;WH=g@LKDL9*S1p?PxHhP`gd8^z}sDx^+wn6zsD9j%#;%j7OFJsggXBnH&1_#`7{UM#feZZ*>;GIJdo9_c-}1><0x8fuK)389oU zYHV3TXtFPZBw5OJ&vWm&_x$m_-}Aih_q~7qP$bw@b~Yf21l@%|&&TS;Zga75uu(|R zWe^EEe`tS2k-)zHh`^2@64>t0wmKYh26d3DJ0MyiUit5AtA8;+K1&rAb4LD z>S+`}Lfg~pQCmo_+jD-Alq7Z_pwk#c0(CEQirk(w&_^#`c)NtKZ75pmBeRd5b$Bg9 z|6;s_2q8$|ewfp~xR4swOxxsmTaNpU+jKv{#`*xYA}{at+ydKmNO=b+6RK~&j|#2} zHT;uD{3k`pkM$mJ;qDoK%>l39fcQ|0oT4rB}ez%C%8 zK_`1&<{Zcw7pUX(jH}dR(z=qyf~2g}P>i?20adnx8b4kdS5JgLCuR=V!N|v#wG{7n z^RnDm_xpvFk(`PwEdbUu-?r%drL5iM2cywg(cMo+sTMmL)b`b@(@J3@;67NaB~>Dk zeaw@nB6;#u<8oV4go^DGdMg=PU0xcIl16NTR@eeF!819b ztJOCj%=l1q3{zLOjwtl$L>PFh3&O2i952<}RNC*InZNZbeVl$?=Znre_;>1-rnJw_ zr$yV#?V?fq7r-L1`)s?Sraz;zjR_(z;=K9RmBq@oMw=I2OrjIF(}P4CaFZ_6bCB6A zVH!1@Q{S$!C-kmH(Qh>NxWR9e%5G|*^o6>JP@D92SH;*6d)|}NM)36(|H@*D-7g6xpejS3Uv`B#T(#T}40*|u<|~xl)kb8vsO6+miDv|GXD@{a79wZuA$JgGoW!bo z_iEENM0G=*qPIbXVOGSD@ti85=(V=KxV_3@#Ueb#Y{h}$kkO(aCMOsw6gTmv?O6b_ zgL%cwR_A)U9yiy(8retdtog~dQ@ZicMVtKJG;L+o&&ewwerc)>)stZDwDCc=A$yde zit5Y%2#_?F^|s%0_fSlJr&?%4PQusv%^~T8hgtS{YAYg3mQ}_IWsUutT@}^5Dc7C$ zWO$~rR;#a?*DD8W7t7+$`Yck;O6|0z5N~W-d zsL&cn9iRRbYOfs`6yIBg<4bxx30Nzf&wU$1iQ68Vfp-8?7&4C=O4f-V3}gn%&&lba z#Q#Pm6fOrBNlNB$#%oW2Qg78cjri^0%b@%)(g3kprAYy@Fh5uG5hHKsfZ!e986Ti_eev|aULM%6nin`BDDc*SALip1J?mcJf{kr6PvXr`q z#AE&um8RrV&lu{HM{84htF;@e(=u8%hbnKrc*Joc!7>i2H*x>^!#9qj?RRQ!VXWs^ z2p$#2o$-NsSPoa%4dUI`s}7U+4Tea|tDrCbu8dXMx%!ljRr{I!n;f6lnwveBdzmaX zz3+L?FVDCn2XXOMS{`u-jf-$Vh;QUw#ca;AbnA*!r|%Buz_mlqT+OAPzTUpdGnJlXHE2RH0BpI|#pCvnCD6$aD2rhnT9{dw=ccF&#N#0QEUeUaf;px|dIUR05U{W4)?`zRs>MnJ%*MsnYQ|Lr~r7e(&`t6%RS&8%>Hp zeU1a&V?uV$HCO@pWX4FeUMp_U#)_N0d_P!x!{gPNQd)%ai}}ki{AzAY4}Y%TXddH{ z_KA+vVRdw5+*tv!)x3uD7+@F^kQYUB`CPJ85MIkATXnNHj7*GS!vs3)ylr9B(tb~()sK6x(yXT(mi*uId zD%2*hJ?5&ZSq#fV5ZnyBM8bDBx_7(I?TeW1p_lrB?hs*H<#4dql9_R_l4E^L&F4g0T`W$elJ+k6)}j&-#Kbz5n>ZSEA$CMsg~tb*=0no$TxB8szfz;h>Ugb9yV`IBw! z?3P0#`KuQ;dSb4qGQ@t(`uC*ex$fn~t0);>VX#T_MTf{7D+XvZeG{0(9YtSpVb8W8 zwnZ2yZP~s>k1bpEbkX;ZA0Kv}_#sTi%F1? zk(Gg^iLw0Dv#GOBhO3-qKj!CrsY5pM%=CwocN*H7FHLG${rs2k`TzI(J{PikL}wmU zZf4l|{q)(wY3{x|{}-vrTU4L4d#n<%Kz4=4Q+3O>*+0PdClzwI%M>AD|!qvPWA);Z3+MFyF3qm%y2 zr#P|@5u73=OlXx=Sx^|3~R&YFXA4rYa0e;RJ*G%?Ef?xuW7Ci0%U z=XRs`ueWYQgtk6ym04Wpe07V&%vJpdxBa@L(UNY%wAAKix4~|c@S5+XPfR;49=DzH z+h}sJ|J_0H&8;8aFI!M2($>g#aO2##*-JIFZhvW2S(tG9(I0S3u}0{b8dx$gFzXvM zF>4z%F}+;C%*4pV#Nt1#=$rvJ8@pDU$2kiYW>yA+N<(e~PB!LH7B*of=O{yQ15pr% zLzvIGDm6JnAt<$=G$|)D*^u9W7bL+h%ob3Tm|mJ{C~Y7K65tXR@-IqE&Pi2p&Mzv+ zFG?)Q%+G_V<`!o2N-Zi*tuz!e5CExW7Us;!PfpCq$S*E2kQ3)MG%_$TGBL0;HZV1b z0&~rcjG^3tbXpVRc3`^Jfdv#JkR#93*vRm=KDbe~R7f-EzSkVRH&32_6WktT^WKHw zu$+Cvwm`K^*H{Ooz~7O!y%E3mAN{(^;M?ihp*hzZts7)b@;{{|Y|owkqJ zp{gm2KGy%vdulN^wlFX?HYDkUT3MGoc=<|slT6URSC^bCn`-n*MMcyBEam;a7^I;!^Eb#Y?-#-3U=;f7aQw!9HAd~Y8U zD=44Hl_9Fl8oeuI^K#jJZ?*gEIhHR-mtp$oU?IikXL7dK{F_6q?#0IK-OVVen^~X1 zK!-_$rQ!sJ0-FgGt2C>B6n&kvGhj%xAt4H~+Jdo4C$BZ{<%l V<_rD@AK6{uUnpBDGx>VNQUI3u_9XxS diff --git a/containers/jdk-client/src/test/resources/regenerate.sh b/containers/jdk-client/src/test/resources/regenerate.sh new file mode 100644 index 00000000..0c2797c6 --- /dev/null +++ b/containers/jdk-client/src/test/resources/regenerate.sh @@ -0,0 +1,60 @@ +# Copyright (c) 2020 Oracle and/or its affiliates. All rights reserved. +# +# This program and the accompanying materials are made available under the +# terms of the Eclipse Public License v. 2.0, which is available at +# http://www.eclipse.org/legal/epl-2.0. +# +# This Source Code may also be made available under the following Secondary +# Licenses when the conditions for such availability set forth in the +# Eclipse Public License v. 2.0 are satisfied: GNU General Public License, +# version 2 with the GNU Classpath Exception, which is available at +# https://www.gnu.org/software/classpath/license.html. +# +# SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0 + +# Use this script to easily generate new keystores and truststores for the tests. +# It must be executed in the same folder this script exists. + +#!/bin/bash + +set -e + +FOLDER=./ +PASSWORD='asdfgh' + +function clean(){ + echo "=============================> Cleaning" + cd ${FOLDER} + git clean -df $FOLDER && git checkout $FOLDER && git status +} + +function printKeystore(){ + KEYSTORE=$1 + echo "=============================> Print ${KEYSTORE}" + keytool -list -keystore ${FOLDER}/${KEYSTORE} -storepass ${PASSWORD} -v +} + +function createKeystore(){ + NEW_ALIAS=$1 + KEYSTORE=$2 + DNAME=$3 + NEW_KEYSTORE=${KEYSTORE} + keytool -keystore ${FOLDER}/${NEW_KEYSTORE} -genkey -keyalg RSA -alias ${NEW_ALIAS} -storepass ${PASSWORD} -dname "${DNAME}" -validity 36500 + keytool -list -rfc -keystore ${FOLDER}/${NEW_KEYSTORE} -alias ${NEW_ALIAS} -storepass ${PASSWORD} > ${FOLDER}/${NEW_ALIAS}.cert + echo "=============================> ${FOLDER}/${OLD_KEYSTORE} was created" +} + +function createTruststore(){ + NEW_ALIAS=$1 + TRUSTSTORE=$2 + CERT=$3 + keytool -import -noprompt -file ${FOLDER}/${CERT} -alias ${NEW_ALIAS} -keystore ${FOLDER}/${TRUSTSTORE} -storepass ${PASSWORD} + echo "=============================> ${FOLDER}/${TRUSTSTORE} was created" +} + +clean + +createKeystore 'serverkey' 'keystore_server.new' 'CN=localhost, OU=Jersey, O=Oracle Corporation, L=Prague, ST=Czech Republic, C=CZ' +createKeystore 'clientkey' 'keystore_client.new' 'CN=Client, OU=Jersey, O=Oracle Corporation, L=Prague, ST=Czech Republic, C=CZ' +createTruststore 'clientcert' 'truststore_server.new' 'clientkey.cert' +createTruststore 'servercert' 'truststore_client.new' 'serverkey.cert' diff --git a/containers/jdk-client/src/test/resources/server.cert b/containers/jdk-client/src/test/resources/server.cert deleted file mode 100644 index 820841cf..00000000 --- a/containers/jdk-client/src/test/resources/server.cert +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDKzCCAumgAwIBAgIET5ZyzjALBgcqhkjOOAQDBQAweTELMAkGA1UEBhMCQ1oxFzAVBgNVBAgT -DkN6ZWNoIFJlcHVibGljMQ8wDQYDVQQHEwZQcmFndWUxGzAZBgNVBAoTEk9yYWNsZSBDb3Jwb3Jh -dGlvbjEPMA0GA1UECxMGSmVyc2V5MRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTIwNDI0MDkzMDU0 -WhcNMTIwNzIzMDkzMDU0WjB5MQswCQYDVQQGEwJDWjEXMBUGA1UECBMOQ3plY2ggUmVwdWJsaWMx -DzANBgNVBAcTBlByYWd1ZTEbMBkGA1UEChMST3JhY2xlIENvcnBvcmF0aW9uMQ8wDQYDVQQLEwZK -ZXJzZXkxEjAQBgNVBAMTCWxvY2FsaG9zdDCCAbcwggEsBgcqhkjOOAQBMIIBHwKBgQD9f1OBHXUS -KVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9jVj6v8X1ujD2y5tVbNeBO4AdNG/yZmC3 -a5lQpaSfn+gEexAiwk+7qdf+t8Yb+DtX58aophUPBPuD9tPFHsMCNVQTWhaRMvZ1864rYdcq7/Ii -Axmd0UgBxwIVAJdgUI8VIwvMspK5gqLrhAvwWBz1AoGBAPfhoIXWmz3ey7yrXDa4V7l5lK+7+jrq -gvlXTAs9B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyNKOCjrh4rs6Z1 -kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQBTDv+z0kqA4GEAAKBgGIs -VTo7dODp6iOyHFL+mkOVlOloZcymyWlHUZXzKqrvAi5jISptZZM+AoJcUUlUWEO9uwVTvX0MCk+4 -viwlPwt+XhaPM0kqfFcx1IS07BAx7z9cXREfYQpoFSsFW7pUs6cdvu0rjj8Ip6BnHALxQDgaBk40 -zXM39kB9LdGBt4uDMAsGByqGSM44BAMFAAMvADAsAhQE4QoQP4xPibjnozo8x5ORJqBuCAIUTkLQ -2udZ2DeknwPYXp/zMkYXLN4= ------END CERTIFICATE----- diff --git a/containers/jdk-client/src/test/resources/serverkey.cert b/containers/jdk-client/src/test/resources/serverkey.cert new file mode 100644 index 00000000..fe337e4d --- /dev/null +++ b/containers/jdk-client/src/test/resources/serverkey.cert @@ -0,0 +1,27 @@ +Alias name: serverkey +Creation date: Jun 22, 2020 +Entry type: PrivateKeyEntry +Certificate chain length: 1 +Certificate[1]: +-----BEGIN CERTIFICATE----- +MIIDkzCCAnugAwIBAgIEPcyqRDANBgkqhkiG9w0BAQsFADB5MQswCQYDVQQGEwJD +WjEXMBUGA1UECBMOQ3plY2ggUmVwdWJsaWMxDzANBgNVBAcTBlByYWd1ZTEbMBkG +A1UEChMST3JhY2xlIENvcnBvcmF0aW9uMQ8wDQYDVQQLEwZKZXJzZXkxEjAQBgNV +BAMTCWxvY2FsaG9zdDAgFw0yMDA2MjIwNzI5MzVaGA8yMTIwMDUyOTA3MjkzNVow +eTELMAkGA1UEBhMCQ1oxFzAVBgNVBAgTDkN6ZWNoIFJlcHVibGljMQ8wDQYDVQQH +EwZQcmFndWUxGzAZBgNVBAoTEk9yYWNsZSBDb3Jwb3JhdGlvbjEPMA0GA1UECxMG +SmVyc2V5MRIwEAYDVQQDEwlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQCSeyzbVQcWrPEWRamOT7qD1unq3RXVNIWW4Ty80aWkVZfGknaM +eLN4u5E1KaOpzZiz0bRMJHmODleqClK3x5agVc7fZHS5+7UpIK2YFjR40gVwtSm8 +QEqgM2Oupx64xre7ueuStc+r3w+8ogI15/NY2RmlEKbsDvb5U336vIqwkSnMQ2sc +yVe0eqhVfjKh157GA6ORh3YeYCh2rpprBDUwuAXaRQUFENmSB7Scfa9WsVBsngwY +OUkaksosSVs9HU7WDkGLa2tVcNakaroT9MRFIttVuT3o5LjCImdBF0jqqyinipIk +EZaQJWmR8RgS/nB3SqDIrcASMTfKnQOWh9XXAgMBAAGjITAfMB0GA1UdDgQWBBRi +o3s6iusqJmz27RQuZ4X/PJWC5jANBgkqhkiG9w0BAQsFAAOCAQEAetRLpMZwt/Fp +6JLiywxEm0cpWZY3CtZpRXUYK6oiBxSoY4ZI/802cWFJnakYYRuRnTAj9yCEYbww +fbDMYVgS2x/q+CJsvPqg7aqPfR/2tqqm24pgpTE8QrH8FCGIsMHymc3sYV+pfkyI +mXMeztbDj3h+i654qgBI+stcnhTXhi7Hf2nHLGg2280XMC2+NVNhn3hGcbALr1mr +ka/s+LJw8jch9UkQT4fvL6jMn3v9LJL7vpIDiOtCYtralrLG7qLBYn0uXTA6IT8G +j22jxaJPtTZz+mXnCLqe+xQCOjp14uO0vbVf2yIOUwY5psaB2JkEJp8VlXjI0J+Z +c3pd96UiJw== +-----END CERTIFICATE----- diff --git a/containers/jdk-client/src/test/resources/truststore_client b/containers/jdk-client/src/test/resources/truststore_client index 74784fbcfd9ec5b99b6fb02aa86e9a438a20b1e4..f5533154ce74d23faf012b78960edaae6d229a95 100644 GIT binary patch literal 1218 zcmV;z1U>sOf&{(-0Ru3C1a}4rDuzgg_YDCD0ic2eXas@;WH5pRU@(FNTm}g$hDe6@ z4FLxRpn?QVFoFb00s#Opf&@Ya2`Yw2hW8Bt2LUiC1_~;MNQU)nm}hCnXsX@R@kH;BVuF8IggvS;_p z1mj>qQG{9L&r+o~r7wPMwsKyl8Js}TJ|#bk0I^!Wx80t?6<0z#0PVawB93jScpY#s z7i{cra$y)5#KQ%_tqHc}g#b9uOmX<8&Nl22|3&%XBT7FS0Tf>>%$4ZBYshR6YO1Y~ zTTHHTg5vl_Z+WN<>J@uyL{8b>Nt?i9T5wr%1yCx8kN33hry|}s_WHDpN-+>{5lZtc zt5Ks4@StsY5(z1slM=Z>bC*7%1C&cw1okpdh=t*-JCVxviT$?%8UEF)rya#HB}>KzZ7Z&iOV0oOl#R-Ikjma(d167C-&BbI*@j`*bP-q zjb72RJ$=pMi2F7ycB5y7|=i_B{H&Clo7+ z*Iw&`V^!3bb`OTmjB?mG&o&JaMXPS|A`hWo7Zf(}es2dDWVqzL2}h9Qc9!Ly;iO`& z{KiXzDdrGoX<$hI!+Iz~13)-rCVx2L$E_lZUE)6&o|SVv$-HO2^t~K86&*;y5&06e;L@5v^skQko^3Fa~L*Br) z?m5NRI>Dt~q!j)?FQW3(A9^Gut8#s4rmDC|PQw@2*eCpygezB2IhwWs&9Kg*M?H{v zz4MHeXs6n9tm*L7&VA(){C8t1ZT%-51GNZwNgpG8L{p8sk55Srn@28^j z_68CB{D70EoT>%C^_NE>=o6meQp)_W9)Dfj%b^$f~rX{xUDtIM2mgeK0;SAutIB1uG5%0vZJX1Qgqj$j<)`rXwD50s?}ku?xRf gwDklO>a=c_sakK!UDWB4o%~)se6?OY0s{etpkqxbp8x;= literal 882 zcmezO_TO6u1_mY|W(3n*#i>PQsYS`DMI}HXv&S37yct*{^h^yb85o%L4Vsv>4Vsu< zE?{P2WMX3RpH_6vfSZk7tIgw_1q(APgF&Ssw*e;`b0`a&Fq3nXp}2u4h{GYw=UkPV zoS_huT2PvllbLMDZ@>$ZU>9Z!C`wE(O*ND@kOT>E2@ClbB_`*jDmdpC733EsmSpDV z!Ble#vw5W!6{l7j3K8KDSQ;CcnnZ!Q=0?U) z?m#-NiE+C@6Qd3+pcsK1d8WojhQIZ}jk2XennCxy=IFh7^8B0N_8^=0E)0j|>>IWP zs%5&yIw%GHj$DTEYrX%Z#4I`Yq6gz~ zCQ*jz2?710%G_r*P1@PC=yePChX|RkAg6tQxS;jgY}1~ zxdiNc{5y9%UusOf&{(-0Ru3C1a}4rDuzgg_YDCD0ic2eXas@;WH5pRU@(FNTm}g$hDe6@ z4FLxRpn?QVFoFb00s#Opf&@Ya2`Yw2hW8Bt2LUiC1_~;MNQU~0h8yn&EtRjVruD=F%(H^eUwC4bvpIs!Sh$-vzjhb(zcbc&Wj zx>oAmYamkKQ9S*i+8RmuU};unB)KA1r^x2v|1}C6Gh(4(x*N9U3?$tOkaATZ0PuTo z)#`;ZA4i$GW@Jj6-H1{vU!xyvw4eE15Jr}o3~N&PMsjk5LGG=#anGugqI3N}IKHD! zD%-3HU+)g96lMly)-Kjp>eRf!*dSEx|WdudW{FzTlMIa@;kB<=YB2{A5 z+w80ZaI^QnwpQ=@H=M!JL}mSmM_|<-=vz0cED*QHN?HlNo-OH8{N-z+iBH92k+}+( zfxB#6riNPxDqC1r(Dk7He0?*4q*t>A@xwGE5H>IH(3B#d13L&eg~}Ri2a(r4s=z^L+4s-?gIX`a~NW* zxzaS6RKh^gtmHWlDhjUmUx2Z68m9~U!iHh8A<6bng_wr*R00dVp)UdOwEfl=hHd-!dSg1Qk;zqp&}$(fr_`_#vtB+=-q3a!mB zN1xpOpcaNCsSp)*y}`i3TMhFInc@%h-{^(WStFg8HZ_ z%)3C?;T|QcXN^MUv|Xy1(#U!TQ#n;g{9hP?{T07LJU`Osz-02!K9lV)OB2!d zseD4aDrlp3*D=H%N3=8Fq_7E;Akj&)Ec4gwpk3JEGcfMN2~qB!9q->&@MMEEm)dlE zBTK|`T5MP^_5y)UboWkETs`(F@KU8f=SEo#I1}d%?{o#qM-8@Lm(@wvy^0-=6GhZl z-p~`|zBw4ZVNE)P?f$C-WiUQ4AutIB1uG5%0vZJX1Qbn^pi(-jr(-M^TXS2DASeU8 g$v*@XYF2$!)|@Ghus@zkWl<1ghDL)n0s{etptZa<6951J literal 876 zcmezO_TO6u1_mY|W(3n*$vK&+c_qoIMI}HXv&ZW{`ZBOa=$RT=GB7Y}8Z$ZU>9Z!C`wE(O*ND@kOT>E2@ClbB_`*jDmdpC733EsmSpDV z!Ble#vw5W!6{l9h1ek@{oWagDkQ3)MG%_$TGBL0;vNSM@0&~rcjG^2Cb5|4Nc7rBH z9as=C0y*+bjg1U{>w_C*ONBIp?t9JAd-LS^H^J>eHt$^+4$Ij$YztJ&bd7aT3j7^u z+Z*v~|Ix3z48EP79h!5!(Yis_B>z)d!uIT$0ZW(6pZ|iTT0rTL|L&F7|7|}e{lhx^ z`LPwtMEO~MH-Ec)RPHd7X^3!?*hHgmrJvVnCtlZj|4E5ia_&VB#^X$)4AT<=`bCww z&up5svuV-m7VZxbGG9SX`~Gl2>$Tao_fGFw9b>j5d}rm9^}Byry=wXy?!#@%-jp5~ z8Q!<+N~Hg@LUw`1hAp0Ag~~5{G{l6rpXW5{IkD`ajaXH8NKLQCgT?FQv^Os+otU?{ zp8J=gY0}5vNmYz0)@PP{+_xfdLg$L+`wyd@&S#s{ofg+n9jcnb=wtowyr&j(V+#XQ zV}oS72}ASbunl|Nk~fOaF;qyM*8KHU5s5PQOj4PdXL%gcI_iw7PV)pr_Ypp z-M{*g*`9F4{p)A-c=XD3Fs@NIU(M3ft{Sk5cYaJ|CrY|z)@Lx#VG@xzSEeTKkzKI! z(F3pPcV6Ere&wsiBvK`LBr`Yk>5b=QVvLNfD&FcWesO1SExcc&!=88K`DM*T%jX7g IomhSg0Ez}aFaQ7m From cbee79bf27355b068917370b9e380bb266aa51c3 Mon Sep 17 00:00:00 2001 From: Maxim Nesen Date: Tue, 9 Jun 2020 14:36:03 +0200 Subject: [PATCH 04/19] css reference to documentation base Signed-off-by: Maxim Nesen --- docs/pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/pom.xml b/docs/pom.xml index 06cffb03..bb89aeff 100644 --- a/docs/pom.xml +++ b/docs/pom.xml @@ -1,7 +1,7 @@