Compare commits
6 commits
master
...
support/v0
Author | SHA1 | Date | |
---|---|---|---|
8aee80dbdc | |||
5481339d69 | |||
|
594f716b3d | ||
|
c8531e85a4 | ||
|
925ba49d92 | ||
|
90efaa4771 |
42 changed files with 715 additions and 122 deletions
8
.github/workflows/tests.yml
vendored
8
.github/workflows/tests.yml
vendored
|
@ -39,14 +39,6 @@ jobs:
|
||||||
- name: Check dependencies
|
- name: Check dependencies
|
||||||
run: |
|
run: |
|
||||||
./scripts/check_deps.sh
|
./scripts/check_deps.sh
|
||||||
- name: Check go.mod is tidy
|
|
||||||
run: |
|
|
||||||
go mod tidy
|
|
||||||
if [[ $(git diff --name-only go.* | grep '' -c) != 0 ]]; then
|
|
||||||
echo "go mod tidy should be executed before the merge, following packages are unused or out of date:";
|
|
||||||
git diff go.*;
|
|
||||||
exit 1;
|
|
||||||
fi
|
|
||||||
|
|
||||||
codegencheck:
|
codegencheck:
|
||||||
name: Check code generated with 'go generate' is up-to-date
|
name: Check code generated with 'go generate' is up-to-date
|
||||||
|
|
14
CHANGELOG.md
14
CHANGELOG.md
|
@ -2,20 +2,6 @@
|
||||||
|
|
||||||
This document outlines major changes between releases.
|
This document outlines major changes between releases.
|
||||||
|
|
||||||
## 0.106.1 "Implication" (3 Jun 2024)
|
|
||||||
|
|
||||||
An urgent release that fixes mainnet state difference at block 5462944 which halts
|
|
||||||
blocks processing starting from the height 5468658. This release requires full node
|
|
||||||
DB resynchronization for mainnet nodes. T5 testnet DB state is not affected by this
|
|
||||||
bug (at least up to the current 4087361 height). Thus, DB resynchronisation may be
|
|
||||||
skipped for testnet nodes. No configuration changes implied.
|
|
||||||
|
|
||||||
Bugs fixed:
|
|
||||||
* mainnet state difference at block 5462944 caused by runtime notification
|
|
||||||
permissions check against the updated contract state instead of executing state
|
|
||||||
(#3472)
|
|
||||||
* unused neofs-contract dependency in the node modules (#3458)
|
|
||||||
|
|
||||||
## 0.106.0 "Zephyranthes" (21 May 2024)
|
## 0.106.0 "Zephyranthes" (21 May 2024)
|
||||||
|
|
||||||
We're rolling out a large set of updates including all of Neo 3.7.4 protocol changes:
|
We're rolling out a large set of updates including all of Neo 3.7.4 protocol changes:
|
||||||
|
|
|
@ -29,7 +29,6 @@ import (
|
||||||
"github.com/urfave/cli"
|
"github.com/urfave/cli"
|
||||||
"go.uber.org/zap"
|
"go.uber.org/zap"
|
||||||
"go.uber.org/zap/zapcore"
|
"go.uber.org/zap/zapcore"
|
||||||
"golang.org/x/term"
|
|
||||||
"gopkg.in/yaml.v3"
|
"gopkg.in/yaml.v3"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -220,7 +219,6 @@ var (
|
||||||
// If logPath is configured -- function creates a dir and a file for logging.
|
// If logPath is configured -- function creates a dir and a file for logging.
|
||||||
// If logPath is configured on Windows -- function returns closer to be
|
// If logPath is configured on Windows -- function returns closer to be
|
||||||
// able to close sink for the opened log output file.
|
// able to close sink for the opened log output file.
|
||||||
// If the program is run in TTY then logger adds timestamp to its entries.
|
|
||||||
func HandleLoggingParams(debug bool, cfg config.ApplicationConfiguration) (*zap.Logger, *zap.AtomicLevel, func() error, error) {
|
func HandleLoggingParams(debug bool, cfg config.ApplicationConfiguration) (*zap.Logger, *zap.AtomicLevel, func() error, error) {
|
||||||
var (
|
var (
|
||||||
level = zapcore.InfoLevel
|
level = zapcore.InfoLevel
|
||||||
|
@ -241,11 +239,7 @@ func HandleLoggingParams(debug bool, cfg config.ApplicationConfiguration) (*zap.
|
||||||
cc.DisableStacktrace = true
|
cc.DisableStacktrace = true
|
||||||
cc.EncoderConfig.EncodeDuration = zapcore.StringDurationEncoder
|
cc.EncoderConfig.EncodeDuration = zapcore.StringDurationEncoder
|
||||||
cc.EncoderConfig.EncodeLevel = zapcore.CapitalLevelEncoder
|
cc.EncoderConfig.EncodeLevel = zapcore.CapitalLevelEncoder
|
||||||
if term.IsTerminal(int(os.Stdout.Fd())) {
|
cc.EncoderConfig.EncodeTime = zapcore.ISO8601TimeEncoder
|
||||||
cc.EncoderConfig.EncodeTime = zapcore.ISO8601TimeEncoder
|
|
||||||
} else {
|
|
||||||
cc.EncoderConfig.EncodeTime = func(t time.Time, encoder zapcore.PrimitiveArrayEncoder) {}
|
|
||||||
}
|
|
||||||
cc.Encoding = "console"
|
cc.Encoding = "console"
|
||||||
cc.Level = zap.NewAtomicLevelAt(level)
|
cc.Level = zap.NewAtomicLevelAt(level)
|
||||||
cc.Sampling = nil
|
cc.Sampling = nil
|
||||||
|
|
113
cli/server/cli_server_mtls_test.go
Normal file
113
cli/server/cli_server_mtls_test.go
Normal file
|
@ -0,0 +1,113 @@
|
||||||
|
package server_test
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
"crypto/tls"
|
||||||
|
"path/filepath"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"github.com/nspcc-dev/neo-go/internal/testcli"
|
||||||
|
"github.com/nspcc-dev/neo-go/pkg/config"
|
||||||
|
"github.com/nspcc-dev/neo-go/pkg/rpcclient"
|
||||||
|
"github.com/stretchr/testify/require"
|
||||||
|
)
|
||||||
|
|
||||||
|
const certDir = "../../mtlstestdata/certs"
|
||||||
|
|
||||||
|
type tlsConfig struct {
|
||||||
|
ca string
|
||||||
|
cert string
|
||||||
|
key string
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestServerMTLS(t *testing.T) {
|
||||||
|
t.Run("http", func(t *testing.T) {
|
||||||
|
testServerMTLS(t, testServerMTLSHttp)
|
||||||
|
})
|
||||||
|
t.Run("websocket", func(t *testing.T) {
|
||||||
|
testServerMTLS(t, testServerMTLSWebSocket)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func testServerMTLS(t *testing.T, test func(*testing.T, tlsConfig, tlsConfig) error) {
|
||||||
|
configs := map[string]map[string]tlsConfig{}
|
||||||
|
for _, ca := range []string{"CA1", "CA2"} {
|
||||||
|
configs[ca] = make(map[string]tlsConfig)
|
||||||
|
for _, peer := range []string{"1", "2"} {
|
||||||
|
configs[ca][peer] = tlsConfig{
|
||||||
|
ca: filepath.Join(certDir, ca+"_cert.pem"),
|
||||||
|
cert: filepath.Join(certDir, "peer"+ca+"_"+peer+"_cert.pem"),
|
||||||
|
key: filepath.Join(certDir, "peer"+ca+"_"+peer+"_key.pem"),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
t.Run("good", func(t *testing.T) {
|
||||||
|
require.NoError(t, test(t, configs["CA1"]["1"], configs["CA1"]["2"]))
|
||||||
|
})
|
||||||
|
t.Run("wrong cert", func(t *testing.T) {
|
||||||
|
var verificationError *tls.CertificateVerificationError
|
||||||
|
err := test(t, configs["CA1"]["1"], configs["CA2"]["2"])
|
||||||
|
require.ErrorAs(t, err, &verificationError)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func testServerMTLSHttp(t *testing.T, server, client tlsConfig) error {
|
||||||
|
e := testcli.NewExecutorWithConfig(t, true, true, func(c *config.Config) {
|
||||||
|
rpc := &c.ApplicationConfiguration.RPC
|
||||||
|
rpc.Addresses = nil
|
||||||
|
|
||||||
|
cc := &rpc.TLSConfig
|
||||||
|
cc.Addresses = []string{"127.0.0.1:0"}
|
||||||
|
cc.Enabled = true
|
||||||
|
cc.RootCA = []string{server.ca}
|
||||||
|
cc.CertFile = server.cert
|
||||||
|
cc.KeyFile = server.key
|
||||||
|
})
|
||||||
|
|
||||||
|
cfg, err := rpcclient.TLSClientConfig([]string{client.ca}, client.cert, client.key)
|
||||||
|
require.NoError(t, err)
|
||||||
|
|
||||||
|
endpoint := "https://" + e.RPC.Addresses()[0]
|
||||||
|
c, err := rpcclient.New(context.Background(), endpoint, rpcclient.Options{
|
||||||
|
TLSClientConfig: cfg,
|
||||||
|
})
|
||||||
|
require.NoError(t, err)
|
||||||
|
|
||||||
|
defer c.Close()
|
||||||
|
|
||||||
|
return c.Init()
|
||||||
|
}
|
||||||
|
|
||||||
|
func testServerMTLSWebSocket(t *testing.T, server, client tlsConfig) error {
|
||||||
|
e := testcli.NewExecutorWithConfig(t, true, true, func(c *config.Config) {
|
||||||
|
rpc := &c.ApplicationConfiguration.RPC
|
||||||
|
rpc.Addresses = nil
|
||||||
|
|
||||||
|
cc := &rpc.TLSConfig
|
||||||
|
cc.Addresses = []string{"127.0.0.1:0"}
|
||||||
|
cc.Enabled = true
|
||||||
|
cc.RootCA = []string{server.ca}
|
||||||
|
cc.CertFile = server.cert
|
||||||
|
cc.KeyFile = server.key
|
||||||
|
})
|
||||||
|
|
||||||
|
cfg, err := rpcclient.TLSClientConfig([]string{client.ca}, client.cert, client.key)
|
||||||
|
require.NoError(t, err)
|
||||||
|
|
||||||
|
endpoint := "wss://" + e.RPC.Addresses()[0] + "/ws"
|
||||||
|
c, err := rpcclient.NewWS(context.Background(), endpoint, rpcclient.WSOptions{
|
||||||
|
Options: rpcclient.Options{
|
||||||
|
TLSClientConfig: cfg,
|
||||||
|
},
|
||||||
|
})
|
||||||
|
if err != nil {
|
||||||
|
// For the websocket client, NewWS() creates a connection,
|
||||||
|
// so TLS handshake error will be returned from there.
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
defer c.Close()
|
||||||
|
|
||||||
|
return c.Init()
|
||||||
|
}
|
1
cli/testdata/wallet1_solo.json
vendored
1
cli/testdata/wallet1_solo.json
vendored
|
@ -65,6 +65,7 @@
|
||||||
"key": "6PYSATFztBa3CHjSR6sLAKungUEAbQUCVE16KzmaQQ38gLeYGZ9Knd5mGv",
|
"key": "6PYSATFztBa3CHjSR6sLAKungUEAbQUCVE16KzmaQQ38gLeYGZ9Knd5mGv",
|
||||||
"label": "verify",
|
"label": "verify",
|
||||||
"contract": {
|
"contract": {
|
||||||
|
"script": "VwEAEUBXAANA",
|
||||||
"parameters": [],
|
"parameters": [],
|
||||||
"deployed": true
|
"deployed": true
|
||||||
},
|
},
|
||||||
|
|
|
@ -1105,7 +1105,7 @@ func handleRun(c *cli.Context) error {
|
||||||
breaks := v.Context().BreakPoints() // We ensure that there's a context loaded.
|
breaks := v.Context().BreakPoints() // We ensure that there's a context loaded.
|
||||||
ic.ReuseVM(v)
|
ic.ReuseVM(v)
|
||||||
v.GasLimit = gasLimit
|
v.GasLimit = gasLimit
|
||||||
v.LoadNEFMethod(&cs.NEF, &cs.Manifest, util.Uint160{}, cs.Hash, callflag.All, hasRet, offset, initOff, nil)
|
v.LoadNEFMethod(&cs.NEF, util.Uint160{}, cs.Hash, callflag.All, hasRet, offset, initOff, nil)
|
||||||
for _, bp := range breaks {
|
for _, bp := range breaks {
|
||||||
v.AddBreakPoint(bp)
|
v.AddBreakPoint(bp)
|
||||||
}
|
}
|
||||||
|
|
|
@ -651,8 +651,7 @@ func importDeployed(ctx *cli.Context) error {
|
||||||
return cli.NewExitError("contract has no `verify` method with boolean return", 1)
|
return cli.NewExitError("contract has no `verify` method with boolean return", 1)
|
||||||
}
|
}
|
||||||
acc.Address = address.Uint160ToString(cs.Hash)
|
acc.Address = address.Uint160ToString(cs.Hash)
|
||||||
// Explicitly overwrite single signature script of the provided WIF since the contract is known to be deployed.
|
acc.Contract.Script = cs.NEF.Script
|
||||||
acc.Contract.Script = nil
|
|
||||||
acc.Contract.Parameters = acc.Contract.Parameters[:0]
|
acc.Contract.Parameters = acc.Contract.Parameters[:0]
|
||||||
for _, p := range md.Parameters {
|
for _, p := range md.Parameters {
|
||||||
acc.Contract.Parameters = append(acc.Contract.Parameters, wallet.ContractParam{
|
acc.Contract.Parameters = append(acc.Contract.Parameters, wallet.ContractParam{
|
||||||
|
|
18
go.mod
18
go.mod
|
@ -17,7 +17,7 @@ require (
|
||||||
github.com/nspcc-dev/dbft v0.2.0
|
github.com/nspcc-dev/dbft v0.2.0
|
||||||
github.com/nspcc-dev/go-ordered-json v0.0.0-20240301084351-0246b013f8b2
|
github.com/nspcc-dev/go-ordered-json v0.0.0-20240301084351-0246b013f8b2
|
||||||
github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20240521091047-78685785716d
|
github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20240521091047-78685785716d
|
||||||
github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.12
|
github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.11
|
||||||
github.com/nspcc-dev/rfc6979 v0.2.1
|
github.com/nspcc-dev/rfc6979 v0.2.1
|
||||||
github.com/pierrec/lz4 v2.6.1+incompatible
|
github.com/pierrec/lz4 v2.6.1+incompatible
|
||||||
github.com/pmezard/go-difflib v1.0.0
|
github.com/pmezard/go-difflib v1.0.0
|
||||||
|
@ -51,22 +51,24 @@ require (
|
||||||
github.com/mattn/go-colorable v0.1.13 // indirect
|
github.com/mattn/go-colorable v0.1.13 // indirect
|
||||||
github.com/mattn/go-isatty v0.0.19 // indirect
|
github.com/mattn/go-isatty v0.0.19 // indirect
|
||||||
github.com/mmcloughlin/addchain v0.4.0 // indirect
|
github.com/mmcloughlin/addchain v0.4.0 // indirect
|
||||||
github.com/nspcc-dev/hrw/v2 v2.0.1 // indirect
|
github.com/nspcc-dev/hrw v1.0.9 // indirect
|
||||||
github.com/nspcc-dev/neofs-api-go/v2 v2.14.1-0.20240305074711-35bc78d84dc4 // indirect
|
github.com/nspcc-dev/neofs-api-go/v2 v2.14.0 // indirect
|
||||||
github.com/nspcc-dev/tzhash v1.7.2 // indirect
|
github.com/nspcc-dev/neofs-crypto v0.4.0 // indirect
|
||||||
|
github.com/nspcc-dev/tzhash v1.7.0 // indirect
|
||||||
github.com/prometheus/client_model v0.5.0 // indirect
|
github.com/prometheus/client_model v0.5.0 // indirect
|
||||||
github.com/prometheus/common v0.48.0 // indirect
|
github.com/prometheus/common v0.48.0 // indirect
|
||||||
github.com/prometheus/procfs v0.12.0 // indirect
|
github.com/prometheus/procfs v0.12.0 // indirect
|
||||||
github.com/rs/zerolog v1.30.0 // indirect
|
github.com/rs/zerolog v1.30.0 // indirect
|
||||||
github.com/russross/blackfriday/v2 v2.1.0 // indirect
|
github.com/russross/blackfriday/v2 v2.1.0 // indirect
|
||||||
|
github.com/spaolacci/murmur3 v1.1.0 // indirect
|
||||||
github.com/x448/float16 v0.8.4 // indirect
|
github.com/x448/float16 v0.8.4 // indirect
|
||||||
go.uber.org/multierr v1.11.0 // indirect
|
go.uber.org/multierr v1.10.0 // indirect
|
||||||
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 // indirect
|
golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63 // indirect
|
||||||
golang.org/x/mod v0.16.0 // indirect
|
golang.org/x/mod v0.16.0 // indirect
|
||||||
golang.org/x/net v0.23.0 // indirect
|
golang.org/x/net v0.23.0 // indirect
|
||||||
golang.org/x/sys v0.18.0 // indirect
|
golang.org/x/sys v0.18.0 // indirect
|
||||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240221002015-b0ce06bbee7c // indirect
|
google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 // indirect
|
||||||
google.golang.org/grpc v1.62.0 // indirect
|
google.golang.org/grpc v1.59.0 // indirect
|
||||||
google.golang.org/protobuf v1.33.0 // indirect
|
google.golang.org/protobuf v1.33.0 // indirect
|
||||||
rsc.io/tmplfunc v0.0.3 // indirect
|
rsc.io/tmplfunc v0.0.3 // indirect
|
||||||
)
|
)
|
||||||
|
|
43
go.sum
43
go.sum
|
@ -26,6 +26,7 @@ github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:ma
|
||||||
github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
|
github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
|
||||||
github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
|
github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
|
||||||
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
|
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
|
||||||
|
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 h1:8UrgZ3GkP4i/CLijOJx79Yu+etlyjdBU4sfcs2WYQMs=
|
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 h1:8UrgZ3GkP4i/CLijOJx79Yu+etlyjdBU4sfcs2WYQMs=
|
||||||
|
@ -91,18 +92,21 @@ github.com/nspcc-dev/dbft v0.2.0 h1:sDwsQES600OSIMncV176t2SX5OvB14lzeOAyKFOkbMI=
|
||||||
github.com/nspcc-dev/dbft v0.2.0/go.mod h1:oFE6paSC/yfFh9mcNU6MheMGOYXK9+sPiRk3YMoz49o=
|
github.com/nspcc-dev/dbft v0.2.0/go.mod h1:oFE6paSC/yfFh9mcNU6MheMGOYXK9+sPiRk3YMoz49o=
|
||||||
github.com/nspcc-dev/go-ordered-json v0.0.0-20240301084351-0246b013f8b2 h1:mD9hU3v+zJcnHAVmHnZKt3I++tvn30gBj2rP2PocZMk=
|
github.com/nspcc-dev/go-ordered-json v0.0.0-20240301084351-0246b013f8b2 h1:mD9hU3v+zJcnHAVmHnZKt3I++tvn30gBj2rP2PocZMk=
|
||||||
github.com/nspcc-dev/go-ordered-json v0.0.0-20240301084351-0246b013f8b2/go.mod h1:U5VfmPNM88P4RORFb6KSUVBdJBDhlqggJZYGXGPxOcc=
|
github.com/nspcc-dev/go-ordered-json v0.0.0-20240301084351-0246b013f8b2/go.mod h1:U5VfmPNM88P4RORFb6KSUVBdJBDhlqggJZYGXGPxOcc=
|
||||||
github.com/nspcc-dev/hrw/v2 v2.0.1 h1:CxYUkBeJvNfMEn2lHhrV6FjY8pZPceSxXUtMVq0BUOU=
|
github.com/nspcc-dev/hrw v1.0.9 h1:17VcAuTtrstmFppBjfRiia4K2wA/ukXZhLFS8Y8rz5Y=
|
||||||
github.com/nspcc-dev/hrw/v2 v2.0.1/go.mod h1:iZAs5hT2q47EGq6AZ0FjaUI6ggntOi7vrY4utfzk5VA=
|
github.com/nspcc-dev/hrw v1.0.9/go.mod h1:l/W2vx83vMQo6aStyx2AuZrJ+07lGv2JQGlVkPG06MU=
|
||||||
github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20240521091047-78685785716d h1:Vcb7YkZuUSSIC+WF/xV3UDfHbAxZgyT2zGleJP3Ig5k=
|
github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20240521091047-78685785716d h1:Vcb7YkZuUSSIC+WF/xV3UDfHbAxZgyT2zGleJP3Ig5k=
|
||||||
github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20240521091047-78685785716d/go.mod h1:/vrbWSHc7YS1KSYhVOyyeucXW/e+1DkVBOgnBEXUCeY=
|
github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20240521091047-78685785716d/go.mod h1:/vrbWSHc7YS1KSYhVOyyeucXW/e+1DkVBOgnBEXUCeY=
|
||||||
github.com/nspcc-dev/neofs-api-go/v2 v2.14.1-0.20240305074711-35bc78d84dc4 h1:arN0Ypn+jawZpu1BND7TGRn44InAVIqKygndsx0y2no=
|
github.com/nspcc-dev/neofs-api-go/v2 v2.14.0 h1:jhuN8Ldqz7WApvUJRFY0bjRXE1R3iCkboMX5QVZhHVk=
|
||||||
github.com/nspcc-dev/neofs-api-go/v2 v2.14.1-0.20240305074711-35bc78d84dc4/go.mod h1:7Tm1NKEoUVVIUlkVwFrPh7GG5+Lmta2m7EGr4oVpBd8=
|
github.com/nspcc-dev/neofs-api-go/v2 v2.14.0/go.mod h1:DRIr0Ic1s+6QgdqmNFNLIqMqd7lNMJfYwkczlm1hDtM=
|
||||||
github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.12 h1:mdxtlSU2I4oVZ/7AXTLKyz8uUPbDWikZw4DM8gvrddA=
|
github.com/nspcc-dev/neofs-crypto v0.4.0 h1:5LlrUAM5O0k1+sH/sktBtrgfWtq1pgpDs09fZo+KYi4=
|
||||||
github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.12/go.mod h1:JdsEM1qgNukrWqgOBDChcYp8oY4XUzidcKaxY4hNJvQ=
|
github.com/nspcc-dev/neofs-crypto v0.4.0/go.mod h1:6XJ8kbXgOfevbI2WMruOtI+qUJXNwSGM/E9eClXxPHs=
|
||||||
|
github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.11 h1:QOc8ZRN5DXlAeRPh5QG9u8rMLgoeRNiZF5/vL7QupWg=
|
||||||
|
github.com/nspcc-dev/neofs-sdk-go v1.0.0-rc.11/go.mod h1:W+ImTNRnSNMH8w43H1knCcIqwu7dLHePXtlJNZ7EFIs=
|
||||||
|
github.com/nspcc-dev/rfc6979 v0.2.0/go.mod h1:exhIh1PdpDC5vQmyEsGvc4YDM/lyQp/452QxGq/UEso=
|
||||||
github.com/nspcc-dev/rfc6979 v0.2.1 h1:8wWxkamHWFmO790GsewSoKUSJjVnL1fmdRpokU/RgRM=
|
github.com/nspcc-dev/rfc6979 v0.2.1 h1:8wWxkamHWFmO790GsewSoKUSJjVnL1fmdRpokU/RgRM=
|
||||||
github.com/nspcc-dev/rfc6979 v0.2.1/go.mod h1:Tk7h5kyUWkhjyO3zUgFFhy1v2vQv3BvQEntakdtqrWc=
|
github.com/nspcc-dev/rfc6979 v0.2.1/go.mod h1:Tk7h5kyUWkhjyO3zUgFFhy1v2vQv3BvQEntakdtqrWc=
|
||||||
github.com/nspcc-dev/tzhash v1.7.2 h1:iRXoa9TJqH/DQO7FFcqpq9BdruF9E7/xnFGlIghl5J4=
|
github.com/nspcc-dev/tzhash v1.7.0 h1:/+aL33NC7y5OIGnY2kYgjZt8mg7LVGFMdj/KAJLndnk=
|
||||||
github.com/nspcc-dev/tzhash v1.7.2/go.mod h1:oHiH0qwmTsZkeVs7pvCS5cVXUaLhXxSFvnmnZ++ijm4=
|
github.com/nspcc-dev/tzhash v1.7.0/go.mod h1:Dnx9LUlOLr5paL2Rtc96x0PPs8D9eIkUtowt1n+KQus=
|
||||||
github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78=
|
github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78=
|
||||||
github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
|
github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
|
||||||
github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
|
github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
|
||||||
|
@ -135,6 +139,11 @@ github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQD
|
||||||
github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
|
github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
|
||||||
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
|
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
|
||||||
github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
|
github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
|
||||||
|
github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI=
|
||||||
|
github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
|
||||||
|
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||||
|
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
|
||||||
|
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||||
github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
|
github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
|
||||||
github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
|
github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
|
||||||
github.com/syndtr/goleveldb v1.0.1-0.20210305035536-64b5b1c73954 h1:xQdMZ1WLrgkkvOZ/LDQxjVxMLdby7osSh4ZEVa5sIjs=
|
github.com/syndtr/goleveldb v1.0.1-0.20210305035536-64b5b1c73954 h1:xQdMZ1WLrgkkvOZ/LDQxjVxMLdby7osSh4ZEVa5sIjs=
|
||||||
|
@ -147,17 +156,18 @@ github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
|
||||||
github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
|
github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
|
||||||
go.etcd.io/bbolt v1.3.9 h1:8x7aARPEXiXbHmtUwAIv7eV2fQFHrLLavdiJ3uzJXoI=
|
go.etcd.io/bbolt v1.3.9 h1:8x7aARPEXiXbHmtUwAIv7eV2fQFHrLLavdiJ3uzJXoI=
|
||||||
go.etcd.io/bbolt v1.3.9/go.mod h1:zaO32+Ti0PK1ivdPtgMESzuzL2VPoIG1PCQNvOdo/dE=
|
go.etcd.io/bbolt v1.3.9/go.mod h1:zaO32+Ti0PK1ivdPtgMESzuzL2VPoIG1PCQNvOdo/dE=
|
||||||
|
go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ=
|
||||||
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
|
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
|
||||||
go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
|
go.uber.org/multierr v1.10.0 h1:S0h4aNzvfcFsC3dRF1jLoaov7oRaKqRGC/pUEJ2yvPQ=
|
||||||
go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
|
go.uber.org/multierr v1.10.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
|
||||||
go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
|
go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
|
||||||
go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
|
go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
|
||||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||||
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||||
golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
|
golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
|
||||||
golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
|
golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
|
||||||
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 h1:LfspQV/FYTatPTr/3HzIcmiUFH7PGP+OQ6mgDYo3yuQ=
|
golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63 h1:m64FZMko/V45gv0bNmrNYoDEq8U5YUhetc9cBWKS1TQ=
|
||||||
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc=
|
golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63/go.mod h1:0v4NqG35kSWCMzLaMeX+IQrlSnVE/bqGSyC2cz/9Le8=
|
||||||
golang.org/x/mod v0.16.0 h1:QX4fJ0Rr5cPQCF7O9lh9Se4pmwfwskqZfq5moyldzic=
|
golang.org/x/mod v0.16.0 h1:QX4fJ0Rr5cPQCF7O9lh9Se4pmwfwskqZfq5moyldzic=
|
||||||
golang.org/x/mod v0.16.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
|
golang.org/x/mod v0.16.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
|
||||||
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
|
@ -197,10 +207,10 @@ golang.org/x/tools v0.19.0/go.mod h1:qoJWxmGSIBmAeriMx19ogtrEPrGtDbPK634QFIcLAhc
|
||||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
|
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
|
||||||
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240221002015-b0ce06bbee7c h1:NUsgEN92SQQqzfA+YtqYNqYmB3DMMYLlIwUZAQFVFbo=
|
google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 h1:Jyp0Hsi0bmHXG6k9eATXoYtjd6e2UzZ1SCn/wIupY14=
|
||||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240221002015-b0ce06bbee7c/go.mod h1:H4O17MA/PE9BsGx3w+a+W2VOLLD1Qf7oJneAoU6WktY=
|
google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:oQ5rr10WTTMvP4A36n8JpR1OrO1BEiV4f78CneXZxkA=
|
||||||
google.golang.org/grpc v1.62.0 h1:HQKZ/fa1bXkX1oFOvSjmZEUL8wLSaZTjCcLAlmZRtdk=
|
google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk=
|
||||||
google.golang.org/grpc v1.62.0/go.mod h1:IWTG0VlJLCh1SkC58F7np9ka9mx/WNkjl4PGJaiq+QE=
|
google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98=
|
||||||
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
|
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
|
||||||
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
|
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
|
||||||
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
|
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
|
||||||
|
@ -220,6 +230,7 @@ gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
|
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
|
||||||
|
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||||
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
rsc.io/tmplfunc v0.0.3 h1:53XFQh69AfOa8Tw0Jm7t+GV7KZhOi6jzsCzTtKbMvzU=
|
rsc.io/tmplfunc v0.0.3 h1:53XFQh69AfOa8Tw0Jm7t+GV7KZhOi6jzsCzTtKbMvzU=
|
||||||
|
|
12
mtlstestdata/certs/CA.cnf
Normal file
12
mtlstestdata/certs/CA.cnf
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
[ req ]
|
||||||
|
prompt = no
|
||||||
|
distinguished_name = req_distinguished_name
|
||||||
|
|
||||||
|
[ req_distinguished_name ]
|
||||||
|
C = US
|
||||||
|
ST = Localzone
|
||||||
|
L = localhost
|
||||||
|
O = Neo Go Testing Certificate Authority
|
||||||
|
OU = Develop
|
||||||
|
CN = localdomain
|
||||||
|
emailAddress = root@localhost.localdomain
|
25
mtlstestdata/certs/CA1_cert.pem
Normal file
25
mtlstestdata/certs/CA1_cert.pem
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIELTCCAxWgAwIBAgIUMBz3pVD+hKVLC+LloiKR20rmQEcwDQYJKoZIhvcNAQEL
|
||||||
|
BQAwgbcxCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlMb2NhbHpvbmUxEjAQBgNVBAcM
|
||||||
|
CWxvY2FsaG9zdDEtMCsGA1UECgwkTmVvIEdvIFRlc3RpbmcgQ2VydGlmaWNhdGUg
|
||||||
|
QXV0aG9yaXR5MRAwDgYDVQQLDAdEZXZlbG9wMRQwEgYDVQQDDAtsb2NhbGRvbWFp
|
||||||
|
bjEpMCcGCSqGSIb3DQEJARYacm9vdEBsb2NhbGhvc3QubG9jYWxkb21haW4wHhcN
|
||||||
|
MjQwNjA1MTI0MzMyWhcNMjkwNjA0MTI0MzMyWjCBtzELMAkGA1UEBhMCVVMxEjAQ
|
||||||
|
BgNVBAgMCUxvY2Fsem9uZTESMBAGA1UEBwwJbG9jYWxob3N0MS0wKwYDVQQKDCRO
|
||||||
|
ZW8gR28gVGVzdGluZyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxEDAOBgNVBAsMB0Rl
|
||||||
|
dmVsb3AxFDASBgNVBAMMC2xvY2FsZG9tYWluMSkwJwYJKoZIhvcNAQkBFhpyb290
|
||||||
|
QGxvY2FsaG9zdC5sb2NhbGRvbWFpbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
|
||||||
|
AQoCggEBAJTnwrEIB2rgHoRcgdjGcm28iNyPVaxWFxlUiMCNZjsj/GzIfR5oUWM/
|
||||||
|
Qau35mB5h4bFfSMS3XGEZ2eli1qIBIGhlIliKK4t1TDPKkPppcrzp3bKKwKGHhyw
|
||||||
|
sIeUdG+6165led3ciiCiJI0BVlpGeZjO6FNGMieHe9nPahjBIu+tm5er9WRAgIvS
|
||||||
|
qcQPKEy6dX6nivakNDH9XO+mAlltEvSf1O1rrYxTYXqR6c3iSbUIycm79jt7n8cI
|
||||||
|
/3MkFs7WhmT112ZdE8eI5No54hMWeaEXeQmZ4WBqLSQU6FsQfb77+B4f0bMtOGfy
|
||||||
|
8RoX59GSXqPu2dpCvCOuC6ftAaVx2v8CAwEAAaMvMC0wDAYDVR0TBAUwAwEB/zAd
|
||||||
|
BgNVHQ4EFgQUSSahwFPWaizsjFDXu32S9cqiNcUwDQYJKoZIhvcNAQELBQADggEB
|
||||||
|
AHdfddsxnlXZARhZc+CkLccH/E8ej0b6f5+FWB0O1c0/UG/AvUuTFrDXE7NaFwQU
|
||||||
|
EfJdtPWCU8dBcNm/eKX69+X31uZcSULe8uN1woq66ij3SskjWUDa6/22tALtipt9
|
||||||
|
6H1vIfFuzpQdFfJcXarqZCacZET/XCqit8wj3DTbks/xe+aWPVdo+ukwxQEYWeXB
|
||||||
|
oyzAqw8cU7uxgd6NXbEBMwl38zHSapfV374BHdj2tngni4VDSdeQOijFHbpwACId
|
||||||
|
x6eDwtuPvQohSKPCQkiKXGJEfJGaWybaBkc7a/t+peSqCvXUfioBygaEkarg0Z4x
|
||||||
|
nOoyvxfot4xaaDIWOP6fIaY=
|
||||||
|
-----END CERTIFICATE-----
|
1
mtlstestdata/certs/CA1_cert.srl
Normal file
1
mtlstestdata/certs/CA1_cert.srl
Normal file
|
@ -0,0 +1 @@
|
||||||
|
62D019D50D8A9FD6A74B14E2FC735F89B0530C49
|
28
mtlstestdata/certs/CA1_key.pem
Normal file
28
mtlstestdata/certs/CA1_key.pem
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCU58KxCAdq4B6E
|
||||||
|
XIHYxnJtvIjcj1WsVhcZVIjAjWY7I/xsyH0eaFFjP0Grt+ZgeYeGxX0jEt1xhGdn
|
||||||
|
pYtaiASBoZSJYiiuLdUwzypD6aXK86d2yisChh4csLCHlHRvuteuZXnd3IogoiSN
|
||||||
|
AVZaRnmYzuhTRjInh3vZz2oYwSLvrZuXq/VkQICL0qnEDyhMunV+p4r2pDQx/Vzv
|
||||||
|
pgJZbRL0n9Tta62MU2F6kenN4km1CMnJu/Y7e5/HCP9zJBbO1oZk9ddmXRPHiOTa
|
||||||
|
OeITFnmhF3kJmeFgai0kFOhbEH2++/geH9GzLThn8vEaF+fRkl6j7tnaQrwjrgun
|
||||||
|
7QGlcdr/AgMBAAECggEALmBmc1OwV7mY15mmOVlJT2M+bw9XXBbuF84Lz4jak8XX
|
||||||
|
+xuQWHWeD56mefCLWHXRX4jHujJIdPALcq0NE3O0j5k/FXDUgbc1pH+JRuCQ6f5s
|
||||||
|
JGO/9IfH/iCLwpZak2fqf98MDyz+ej51ytLlTbWQbqbWlgURXt1kFgjzHuWcV3BN
|
||||||
|
YbGd2Qt8nDKAj2teSWoYUpEnyxKyWVywDJhVG6qvP77jMk+R8jWB0Aj78kWh7klO
|
||||||
|
hYKMjgeX2riAFPhe3/ALAp8sqF3Kwaog2dW853Q51iA2mmwOb7bNRTtaSnVmU1EU
|
||||||
|
My7NAP440pB5lg6W+Dyq6PlAZ8HFXUc0E08VxjstvQKBgQDPoKvjWlbF9bEX5L5x
|
||||||
|
zqekDrTBrEha1UfXWKdhIXjfHToOoy8pk5SSRmgRi8pthdgkKQcEAgdQm+a+Q0oS
|
||||||
|
lsNDzMUBgfj42N7AyKUq0Eb77RnKzazwhHalgOj41crvE9FyJUE9YlnA5mPbzCI+
|
||||||
|
ztylRhHagpWQPK3wQDBclnEscwKBgQC3mMXLNL7vDA/J0qyEcLYnvIYGNcpE9XNj
|
||||||
|
pdO1atoMHZsNsfFCtl+6hYT0u0DzhQfJqCSwGJR8sRvV7BnBsVNYCGuKduAX52kZ
|
||||||
|
IFRCgWywLHsXSKQeKEW3qPu3wu6LQSZ0CKwbs89/5jq6/u46j+SSnDng2/KqN80T
|
||||||
|
YNMDJPOgRQKBgQCO19tp7x0D1KSh652abrKnC/cPx5d/5nwmi7eb+4tM9K6co2gv
|
||||||
|
EnmEqSuv5py9/PdW6WMKPtsJejilbWXopBBy9M4U23aOvaWCvIfljKVJbTXxcM8q
|
||||||
|
Kff2pVmi2HNlSB0wirD3qlJVhCvva+GjlG34xtxBmNWNBjIkuASNrnLuQQKBgB2w
|
||||||
|
gNvZjb7ObocuoGNSbsKCRBIhBLKeFqjYmiHOQ7CN4RMX4XHuWBCrotKIrXoz2wyL
|
||||||
|
OlOXxftcEKpJYejmqhmkUu+zRY3YCDDd/4I5t7/NkaI0RwXxcUS/+OTAix7NzFAb
|
||||||
|
Tumz7Cw8qOawbwndVxM2XE22g8lu+KTXlYf+o78ZAoGAXmvUqjp/OXL+Ke65K4pZ
|
||||||
|
yqE52o7AlwxMMedDt0eGf+DHJkgvfv7PaSwaVPAxq1S6ckdAwFAYlwAHI0YU+YbX
|
||||||
|
39iZvk/8tmksqfUnZfHAXFCCB8gnODXhSgT5b89ATZrxaq1mjhv+5YtCfRukg6C1
|
||||||
|
UpvF9q0hQZR0EVFc62AE9aw=
|
||||||
|
-----END PRIVATE KEY-----
|
25
mtlstestdata/certs/CA2_cert.pem
Normal file
25
mtlstestdata/certs/CA2_cert.pem
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIELTCCAxWgAwIBAgIUcBn6P43bTXmrhKeUFC6sb67azscwDQYJKoZIhvcNAQEL
|
||||||
|
BQAwgbcxCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlMb2NhbHpvbmUxEjAQBgNVBAcM
|
||||||
|
CWxvY2FsaG9zdDEtMCsGA1UECgwkTmVvIEdvIFRlc3RpbmcgQ2VydGlmaWNhdGUg
|
||||||
|
QXV0aG9yaXR5MRAwDgYDVQQLDAdEZXZlbG9wMRQwEgYDVQQDDAtsb2NhbGRvbWFp
|
||||||
|
bjEpMCcGCSqGSIb3DQEJARYacm9vdEBsb2NhbGhvc3QubG9jYWxkb21haW4wHhcN
|
||||||
|
MjQwNjA1MTI0MzMyWhcNMjkwNjA0MTI0MzMyWjCBtzELMAkGA1UEBhMCVVMxEjAQ
|
||||||
|
BgNVBAgMCUxvY2Fsem9uZTESMBAGA1UEBwwJbG9jYWxob3N0MS0wKwYDVQQKDCRO
|
||||||
|
ZW8gR28gVGVzdGluZyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxEDAOBgNVBAsMB0Rl
|
||||||
|
dmVsb3AxFDASBgNVBAMMC2xvY2FsZG9tYWluMSkwJwYJKoZIhvcNAQkBFhpyb290
|
||||||
|
QGxvY2FsaG9zdC5sb2NhbGRvbWFpbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
|
||||||
|
AQoCggEBAKT+wLz7bRhFkBQGl9JfB77dtDo10lud1CnJAOAp8YzSx6eLZYqD82yr
|
||||||
|
HWuCEeXsDXtVHinWggKKYSvsMsZkSb8tMYDHufAgATiathYBxOGxgmDgPves0TgO
|
||||||
|
sx4mB7Q/zVSX5j/Xu0NJMkshQmX3xwTJm59SIdia+FJsY3yyWBwU3SjWg9sdsgTo
|
||||||
|
239X91vceaATqJKSqvHj2aGHD3Ok9p3rUzsEbG7tIiLfMl6h8SgsjNN9C+h2YlGC
|
||||||
|
OMvbu0fPXz2HhU/modR2WtURJNnRUnvlxEw7EW76Rgs+YHgCT9YcoXN8sAt0svJT
|
||||||
|
NOLFx43ynfpI87Jm0GwTuUYCQVzdJHMCAwEAAaMvMC0wDAYDVR0TBAUwAwEB/zAd
|
||||||
|
BgNVHQ4EFgQUv6yYE+TmGTL9qvoh+HwcBEJClF4wDQYJKoZIhvcNAQELBQADggEB
|
||||||
|
ABmqYkUsZhNZUxraquK8yj13Ci3ctyXV27i8TemDAbahWBghhmYB2T9DT0gS4g96
|
||||||
|
j3Vxw7SY2RaEWXn0aYfMJ6h9aj9W7W1gqvFipi9kQgCxDc8llhmZ6VaQjt1Pzv2D
|
||||||
|
EwaetJJ9CwGK3RQ0A147bkIb36WEGysKvj/dybKbA5kKll0tBDMWPn8gkT9JCjnH
|
||||||
|
bmJB/VbtE+h1zQBtDbw2JRhCavFz9oD1vZzDWMFNDFSki8RzPA2BEXjPNdHibyE1
|
||||||
|
Ge+zFopkl2M9stPs0ov1Ik97GotqjwEwJ2gx1dDalOeX5Jh44DmM3j7TOJrmZLW4
|
||||||
|
IAUpjyb1xYYir/xJmw0ZvRg=
|
||||||
|
-----END CERTIFICATE-----
|
1
mtlstestdata/certs/CA2_cert.srl
Normal file
1
mtlstestdata/certs/CA2_cert.srl
Normal file
|
@ -0,0 +1 @@
|
||||||
|
582A3A273BD489F09B8FC30052945CF2C3BEDD3F
|
28
mtlstestdata/certs/CA2_key.pem
Normal file
28
mtlstestdata/certs/CA2_key.pem
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCk/sC8+20YRZAU
|
||||||
|
BpfSXwe+3bQ6NdJbndQpyQDgKfGM0seni2WKg/Nsqx1rghHl7A17VR4p1oICimEr
|
||||||
|
7DLGZEm/LTGAx7nwIAE4mrYWAcThsYJg4D73rNE4DrMeJge0P81Ul+Y/17tDSTJL
|
||||||
|
IUJl98cEyZufUiHYmvhSbGN8slgcFN0o1oPbHbIE6Nt/V/db3HmgE6iSkqrx49mh
|
||||||
|
hw9zpPad61M7BGxu7SIi3zJeofEoLIzTfQvodmJRgjjL27tHz189h4VP5qHUdlrV
|
||||||
|
ESTZ0VJ75cRMOxFu+kYLPmB4Ak/WHKFzfLALdLLyUzTixceN8p36SPOyZtBsE7lG
|
||||||
|
AkFc3SRzAgMBAAECggEAS5FiNSvyi2tQ0dszLebYZVKleQOtlMh0o66r9/894oGn
|
||||||
|
b9UobIiCtQKqNtMb33J9uj8B0aetY/x9BODpYHQOUsEgKxtOzevao1I4k1u8EKJ8
|
||||||
|
VGJgdI9yQ3p4Dxbb8HJIWLY5foQQAIFFx6M0Bf+15ztvS0kSt2JC2X1LE5GbSUCI
|
||||||
|
wmTZKNtHh279sjJyhPtxVwjxwvYrH0x10/79nvEhPCara4l+7RM/auf0wYQBq90d
|
||||||
|
vflvZQgIyqI6tWi0uLLNS+2/HWlv8Q3x+pw3xFBWNPVwwBiCqAkcLFOwUdUKCzj/
|
||||||
|
97aOIZjB1fEcZvHoM35mTtTrMRk3TxxqDD1PoLFUAQKBgQDQoKZ/lVzMVStqBEzp
|
||||||
|
BoWfhU2OrHyCt/7L7vfqNNoZ6bUUWhWJ0L3LFFUJswqBqz+2cqIPgCAFVoHJTVGT
|
||||||
|
aT9IJut5BGw9KM5lPHi2PK5CHCaPU0bB2x64lqpt/ehBrjzfQ4pWCOAMwtkJJb1J
|
||||||
|
sGMBL/v4zn+sp3yQmlSoldiauwKBgQDKdckp0ZZ0Zq2R8rfGWvOXWq+liGgvr1KW
|
||||||
|
bVUizn79EXvGo1j2WUD5MAvMnXYcqFR3K7YHEIek31e5hviaNhs6lDIPeYdhK2a0
|
||||||
|
kWDfU2EQVC9ULLr5VHCIFkjsJxaK4ON75241O4/68EVXM1vgWAvYLJfPt6buejAN
|
||||||
|
k98H35KNqQKBgHC+sNv4Avtl951Gj63K2YGYz44QBwW5m5foH9BRGaCxXSuPd15Q
|
||||||
|
EZFi/oXMXRwwSLE3h/8qdaOM2XzJLRGl6g37AnwW+MugdtHc+Ts61c1iWzBPh8iR
|
||||||
|
uyt0OMxSUCbWm4zoeiT+jN44moPIAmCFUyu8G8adCgBrTvTyglfNCw6rAoGBALY+
|
||||||
|
enrjR8y11I3o71Zk7pqSrkOSWz55Uh1Ig3dWa+b/guyWg3EVfLASeLySDQzU1VuE
|
||||||
|
hFEtpvxZcwz1GvkttSrw1XMqkRt9xvDJYGsHEftx3DyoGxJu2PEXJkM1GEyhDQSu
|
||||||
|
mXzfhcZ7298Xwx9aAidwVKNNDL3kTTcboYrjzHcpAoGBAMT8bn/11GFzx0HLmumV
|
||||||
|
8OAEMRA8BhUvqEKT64DrPfTKfK2iYZ7vbA2jQyAkkaIih9OfsC6Fmhx2MWOYHqJ+
|
||||||
|
/uae1da99ygJ3079qwUZZqS16WNIHr+micGtE0X5hc9xFaLFfvuhMXtHWOVtKLRb
|
||||||
|
K0iKynoYLwt3LpMf4iGU320H
|
||||||
|
-----END PRIVATE KEY-----
|
37
mtlstestdata/certs/generate
Executable file
37
mtlstestdata/certs/generate
Executable file
|
@ -0,0 +1,37 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
outdir="${1:-./out}"
|
||||||
|
|
||||||
|
genca() {
|
||||||
|
local name="$1"
|
||||||
|
|
||||||
|
echo "Generating $name ..."
|
||||||
|
openssl req -nodes -new -x509 \
|
||||||
|
-keyout "${name}_key.pem" \
|
||||||
|
-out "${name}_cert.pem" \
|
||||||
|
-addext basicConstraints=CA:TRUE \
|
||||||
|
-days 1825 -config CA.cnf
|
||||||
|
}
|
||||||
|
|
||||||
|
gencert() {
|
||||||
|
local ca="$1"
|
||||||
|
local i="$2"
|
||||||
|
|
||||||
|
openssl req -sha256 -nodes -newkey rsa:2048 \
|
||||||
|
-keyout "peer${ca}_${i}_key.pem" \
|
||||||
|
-out "peer${i}.csr" -config "peer${i}.cnf"
|
||||||
|
openssl x509 -req -days 398 -in "peer${i}.csr" \
|
||||||
|
-CA "${ca}_cert.pem" \
|
||||||
|
-CAkey "${ca}_key.pem" \
|
||||||
|
-CAcreateserial -out "peer${ca}_${i}_cert.pem" \
|
||||||
|
-extensions req_ext \
|
||||||
|
-extfile "peer${i}.cnf"
|
||||||
|
rm "peer${i}.csr"
|
||||||
|
}
|
||||||
|
|
||||||
|
genca CA1
|
||||||
|
genca CA2
|
||||||
|
gencert CA1 1
|
||||||
|
gencert CA1 2
|
||||||
|
gencert CA2 1
|
||||||
|
gencert CA2 2
|
24
mtlstestdata/certs/peer1.cnf
Normal file
24
mtlstestdata/certs/peer1.cnf
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
[req]
|
||||||
|
default_bits = 2048
|
||||||
|
distinguished_name = req_distinguished_name
|
||||||
|
req_extensions = req_ext
|
||||||
|
x509_extensions = v3_req
|
||||||
|
prompt = no
|
||||||
|
|
||||||
|
[req_distinguished_name]
|
||||||
|
countryName = US
|
||||||
|
stateOrProvinceName = Localzone
|
||||||
|
localityName = Localhost
|
||||||
|
organizationName = Certificate signed by my CA
|
||||||
|
commonName = peer1.localdomain
|
||||||
|
|
||||||
|
[req_ext]
|
||||||
|
subjectAltName = @alt_names
|
||||||
|
|
||||||
|
[v3_req]
|
||||||
|
subjectAltName = @alt_names
|
||||||
|
|
||||||
|
[alt_names]
|
||||||
|
DNS.1 = node_one
|
||||||
|
IP.1 = 127.0.0.1
|
||||||
|
IP.2 = 172.200.0.1
|
24
mtlstestdata/certs/peer2.cnf
Normal file
24
mtlstestdata/certs/peer2.cnf
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
[req]
|
||||||
|
default_bits = 2048
|
||||||
|
distinguished_name = req_distinguished_name
|
||||||
|
req_extensions = req_ext
|
||||||
|
x509_extensions = v3_req
|
||||||
|
prompt = no
|
||||||
|
|
||||||
|
[req_distinguished_name]
|
||||||
|
countryName = US
|
||||||
|
stateOrProvinceName = Localzone
|
||||||
|
localityName = Localhost
|
||||||
|
organizationName = Certificate signed by my CA
|
||||||
|
commonName = peer2.localdomain
|
||||||
|
|
||||||
|
[req_ext]
|
||||||
|
subjectAltName = @alt_names
|
||||||
|
|
||||||
|
[v3_req]
|
||||||
|
subjectAltName = @alt_names
|
||||||
|
|
||||||
|
[alt_names]
|
||||||
|
DNS.1 = node_two
|
||||||
|
IP.1 = 127.0.0.1
|
||||||
|
IP.2 = 172.200.0.2
|
25
mtlstestdata/certs/peerCA1_1_cert.pem
Normal file
25
mtlstestdata/certs/peerCA1_1_cert.pem
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIEIDCCAwigAwIBAgIUYtAZ1Q2Kn9anSxTi/HNfibBTDEgwDQYJKoZIhvcNAQEL
|
||||||
|
BQAwgbcxCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlMb2NhbHpvbmUxEjAQBgNVBAcM
|
||||||
|
CWxvY2FsaG9zdDEtMCsGA1UECgwkTmVvIEdvIFRlc3RpbmcgQ2VydGlmaWNhdGUg
|
||||||
|
QXV0aG9yaXR5MRAwDgYDVQQLDAdEZXZlbG9wMRQwEgYDVQQDDAtsb2NhbGRvbWFp
|
||||||
|
bjEpMCcGCSqGSIb3DQEJARYacm9vdEBsb2NhbGhvc3QubG9jYWxkb21haW4wHhcN
|
||||||
|
MjQwNjA1MTI0MzMyWhcNMjUwNzA4MTI0MzMyWjB3MQswCQYDVQQGEwJVUzESMBAG
|
||||||
|
A1UECAwJTG9jYWx6b25lMRIwEAYDVQQHDAlMb2NhbGhvc3QxJDAiBgNVBAoMG0Nl
|
||||||
|
cnRpZmljYXRlIHNpZ25lZCBieSBteSBDQTEaMBgGA1UEAwwRcGVlcjEubG9jYWxk
|
||||||
|
b21haW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjIyW+qOID4Ruh
|
||||||
|
3svjEXwxoxWQOAqrIsZKiLGgHDwMCW5hDcQUXIzZA7ZjEdy1DqAEZD2EQp/vIYU9
|
||||||
|
fDnJxrURV9lwrq/ERkGDBy8UknmxiFBRPPjmWfmp9U2iCZu/jHrudI5E7U1cqQn0
|
||||||
|
lFOmVB+TYGRkFs4NgGiQwnYfvn4V2x+iJVbQZBZj6khQfUg0N4qdy6qnSPOW3Ln6
|
||||||
|
CgTXT/tWV3zX77pgWh6Mu9xbSSIEVs5pvfzJD5/mwTfhlIC8lG67vCo/Y7whuox+
|
||||||
|
89BzDl1Qmv6N7n2/PrNSLx4LL1ReUQIpn9Hw7A1P1BtC+iSgs4+6HTf0OT37mnyo
|
||||||
|
Ar5Ax2MJAgMBAAGjYzBhMB8GA1UdEQQYMBaCCG5vZGVfb25lhwR/AAABhwSsyAAB
|
||||||
|
MB0GA1UdDgQWBBTG/bTyZR1yrgYppvo1wBmaK1VHKDAfBgNVHSMEGDAWgBRJJqHA
|
||||||
|
U9ZqLOyMUNe7fZL1yqI1xTANBgkqhkiG9w0BAQsFAAOCAQEAbbxFcSgPWf9Xn4ya
|
||||||
|
46yunM9i7Wt+ORZhfqjJvQlkw3fvGw6Eey5Qd992YTtEKl9Zqn9bqV63dq5QLkHU
|
||||||
|
kS8AT6ugl+BaOOI/3X9Sy51f2H7toPMLFl0e4zEp4/lk5vnKwNPAG+meP5w5CAPJ
|
||||||
|
1nJKJ6juEAHdZ5GdfZtpkQTUmPrd2EuLzWCwfsnR2tAHk3wWs7CqHNZEJFDmFuDf
|
||||||
|
UT8idamDuo+Z9LMj4+O6fZGFi3NOgf5wAs1WPGB+rzqQ7sRYRt1hpJG/1K34A8dN
|
||||||
|
tQVe/3zPz0K/v3Wx8cYF+kXVUPF1gFeohErS23FmQE3iGo6yfs+r4sZPJ4LU0QTv
|
||||||
|
rFQqCQ==
|
||||||
|
-----END CERTIFICATE-----
|
28
mtlstestdata/certs/peerCA1_1_key.pem
Normal file
28
mtlstestdata/certs/peerCA1_1_key.pem
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjIyW+qOID4Ruh
|
||||||
|
3svjEXwxoxWQOAqrIsZKiLGgHDwMCW5hDcQUXIzZA7ZjEdy1DqAEZD2EQp/vIYU9
|
||||||
|
fDnJxrURV9lwrq/ERkGDBy8UknmxiFBRPPjmWfmp9U2iCZu/jHrudI5E7U1cqQn0
|
||||||
|
lFOmVB+TYGRkFs4NgGiQwnYfvn4V2x+iJVbQZBZj6khQfUg0N4qdy6qnSPOW3Ln6
|
||||||
|
CgTXT/tWV3zX77pgWh6Mu9xbSSIEVs5pvfzJD5/mwTfhlIC8lG67vCo/Y7whuox+
|
||||||
|
89BzDl1Qmv6N7n2/PrNSLx4LL1ReUQIpn9Hw7A1P1BtC+iSgs4+6HTf0OT37mnyo
|
||||||
|
Ar5Ax2MJAgMBAAECggEAAIKOPka3ISm5nUON6d1uwNV4jmk8cE1FJyu++WgJMITx
|
||||||
|
h0Rkn+crqgyCzBO818SOT8Ez94dBSn01dkwefqDcRUv74igrpL6O+x7BQQxVrM5H
|
||||||
|
KP/aq9atawB5MAfdaKeC5V6wKKtAvgjJvw3dJpSV/i8TlUQEfCKSARzYg3AkIwOZ
|
||||||
|
cjtgnPymv8s3J2QWvb2EgdV/NkJjlWWA+v+KvGggHXoJMwQeKHpk+zZP0OOJWK/f
|
||||||
|
n9upesSsDvVcxDAkbHYeBS57rVD3RRqL62hRhayx2L1vtxr1yqkjrFfsDcxlzeZA
|
||||||
|
+JQuGwu90gaqeLOOC0icIuGOdU8AgrXRzE2hMf80IQKBgQDONwmb+r4hY9oG54Gb
|
||||||
|
BooH3mYyQzUv7qs72M4Z5pe43tdQ/e99YryEUwAj8WwOMEUmwcJsjXs3PQ6O4LR3
|
||||||
|
91J9BooYY34aG51TlQ/HsZEQV/GIMPzptFOLtNMB9Zih54dwGq4tR5IRs4BR1U8k
|
||||||
|
FSa2uxEamnlPfV9twtTiDmr4qQKBgQDKhbmtkk+Zii6fTiCHb+R+Z0xsCzvKLDkk
|
||||||
|
yPUGpouPp5NRvc1qArRNFtk0pgakpvd+cbz6D/f2ypjreoHd2BsTOmyBoZ1dNktt
|
||||||
|
I7Jz6awhyZtOA2HafaZ7MweU27Oe4Yz5MtXsOlVO1uqsEuMUvVbnsI3MnH5mfxFY
|
||||||
|
JwbQUvmzYQKBgCISHdhTmU5S/Rbe8R73+Z5LNH9hc0w0Fr6Ql5zX6IF28ARFsGf7
|
||||||
|
BEKopAFMRhoiB4rbwI/G4HDD+b/JiIe5qTtW9UIKTi9qGJhSrITF5b3ZieKClYbX
|
||||||
|
cGZIvgQ427sEUfBHuDdq98tM6QqcP7Mqe3b9eVn348sqX7X21s1yrGHhAoGAMtCy
|
||||||
|
8jZP+rqNUDOOPe15a64HouR+sA/AltZFhNGtGvJ1KIFzVTIwg1dEUM2HxTCP0Q5A
|
||||||
|
2I3BLg9Pp2Ypx7w9rult6Gjgz06cRlo6oJL1OdUYPs7icqwsZaU8NcGapDb75Fs5
|
||||||
|
CfjpBssuPtbOW5nWgHPwYHKz1Iv1kiTYtNTdCoECgYEAlUrFQCRvemGIT6xiqq2/
|
||||||
|
9cu+6EOTPt8y2HMGrt7PQbpAnml6NzAc89oWIX9z2QCbUIdLekSDyrKJ4co1N1Wa
|
||||||
|
5eUlAH2jlEN7Z+aP7BXwBM8sftpPxDYXYAcezMFjgo5+qD9EtPV3/eD/yWMKMNq6
|
||||||
|
VbSAUdrJYF+y00i03c1K2aU=
|
||||||
|
-----END PRIVATE KEY-----
|
25
mtlstestdata/certs/peerCA1_2_cert.pem
Normal file
25
mtlstestdata/certs/peerCA1_2_cert.pem
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIEIDCCAwigAwIBAgIUYtAZ1Q2Kn9anSxTi/HNfibBTDEkwDQYJKoZIhvcNAQEL
|
||||||
|
BQAwgbcxCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlMb2NhbHpvbmUxEjAQBgNVBAcM
|
||||||
|
CWxvY2FsaG9zdDEtMCsGA1UECgwkTmVvIEdvIFRlc3RpbmcgQ2VydGlmaWNhdGUg
|
||||||
|
QXV0aG9yaXR5MRAwDgYDVQQLDAdEZXZlbG9wMRQwEgYDVQQDDAtsb2NhbGRvbWFp
|
||||||
|
bjEpMCcGCSqGSIb3DQEJARYacm9vdEBsb2NhbGhvc3QubG9jYWxkb21haW4wHhcN
|
||||||
|
MjQwNjA1MTI0MzMyWhcNMjUwNzA4MTI0MzMyWjB3MQswCQYDVQQGEwJVUzESMBAG
|
||||||
|
A1UECAwJTG9jYWx6b25lMRIwEAYDVQQHDAlMb2NhbGhvc3QxJDAiBgNVBAoMG0Nl
|
||||||
|
cnRpZmljYXRlIHNpZ25lZCBieSBteSBDQTEaMBgGA1UEAwwRcGVlcjIubG9jYWxk
|
||||||
|
b21haW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOn6sLFRRUHeIn
|
||||||
|
FxCxGHmbmW44jXG1HEWdxVN9269RIxBxsjoy/BnIZwzY2Qxq+ypxSYw9oDVTvOaN
|
||||||
|
FlVrEVCEaHXgkPAsWKT3x+pwav+Of2tyhG31As3juC2XIBLUtYk3fjo9WLBJ3zlk
|
||||||
|
61bJljMIGq/s8D3O9mvENPYdxZFfSi3ldd/gfmAcBNR5Cr7cZgRqgAqBYfHA1yYn
|
||||||
|
GnW3jaVsG+azQNl9JsjjJbt8P8FPnWk0OtIrvLf1K/gDrhBLawtWzVx2hDIWJrFr
|
||||||
|
x50WGT8n0rFSwzpdBCPSVi/DgpsXnijxhgSFXM9LwNW/xMsdA099AptOtwYZnSA1
|
||||||
|
nK2w2xU9AgMBAAGjYzBhMB8GA1UdEQQYMBaCCG5vZGVfdHdvhwR/AAABhwSsyAAC
|
||||||
|
MB0GA1UdDgQWBBQ8NZUHcQMX91htaMbmClg0qUHt8TAfBgNVHSMEGDAWgBRJJqHA
|
||||||
|
U9ZqLOyMUNe7fZL1yqI1xTANBgkqhkiG9w0BAQsFAAOCAQEAFGz0L3M66l1x18Wl
|
||||||
|
K9AwdyxsnxSH0IbmzZByBa3GiIvVGwAsrkpJorQIS4y7bguMrY3glnYE028mUKyN
|
||||||
|
KvMWcABt4+88K74wT4t7+uFbV4b+rL9S96cqck5Yvjv4wfOFa4k7YG/4u/QgKCY7
|
||||||
|
09ibmR+a8/LFAdq2JLCVO3aJzhvpWaAt4bihS9RpqwxhsdIQ+awzKLJxU0RHHfo7
|
||||||
|
TKVjcAJLfvzxWhV69OhhD0X89fb7lPAOtdbSe45eghPYsv8YnBqi52m/3hlPgp+/
|
||||||
|
xApTsXjDb8y5nNGPNkQ7KmES1rwYSvzEkXyQfb7AD+l6sWSxZpzE3e39juTABn8h
|
||||||
|
ocUsLg==
|
||||||
|
-----END CERTIFICATE-----
|
28
mtlstestdata/certs/peerCA1_2_key.pem
Normal file
28
mtlstestdata/certs/peerCA1_2_key.pem
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDOn6sLFRRUHeIn
|
||||||
|
FxCxGHmbmW44jXG1HEWdxVN9269RIxBxsjoy/BnIZwzY2Qxq+ypxSYw9oDVTvOaN
|
||||||
|
FlVrEVCEaHXgkPAsWKT3x+pwav+Of2tyhG31As3juC2XIBLUtYk3fjo9WLBJ3zlk
|
||||||
|
61bJljMIGq/s8D3O9mvENPYdxZFfSi3ldd/gfmAcBNR5Cr7cZgRqgAqBYfHA1yYn
|
||||||
|
GnW3jaVsG+azQNl9JsjjJbt8P8FPnWk0OtIrvLf1K/gDrhBLawtWzVx2hDIWJrFr
|
||||||
|
x50WGT8n0rFSwzpdBCPSVi/DgpsXnijxhgSFXM9LwNW/xMsdA099AptOtwYZnSA1
|
||||||
|
nK2w2xU9AgMBAAECggEAZT8tD5GlM/CuvCvbtIPDNyEwNsrscGwpmr0yA8aNukrd
|
||||||
|
yHCmfww0UBRa4bk9kgCAFCIPc7UY3G8AZBsRARVraG5NcJxk674GHBpcgPiVQEyk
|
||||||
|
qGlG/huBKvg5cse3In7P/Z6/SAc43wHgfFirXr1YRTzaftZb2xm5xduTzBPe/5sV
|
||||||
|
i9BFCjqS7X7xfaOdjgFfF25f1Cww1+ajfyLx7OjxtTxZ9EWZHZC4MRElD31zHKUA
|
||||||
|
g93vEl8eThbWBP1QtP4SsxrdYIZ57jTKu5qJR8E0yoyW+bfy7hvb4E9qXfXsvSts
|
||||||
|
VVk+rzUdyjLYa1T/i3koxrKccspoE1ePOO5WPPzuGwKBgQD/hIGNeVwQTXq6HKqO
|
||||||
|
Y1nBh8iRvBXARoRAF8z867z/S1z083uK3aEyQfjFD25MSfsLyAOWP2n29J54rmJU
|
||||||
|
9WEdpqUFx8unggbEV7poCCfjYMx1qAhTI5o61NJMq0qTtSuByHqwy2Dl5tmITyby
|
||||||
|
NYt8KGROMU3Gfi0GnBoKgs6NjwKBgQDPA4f9xWQLm65OgdmX23CDToO9vNn3XwZY
|
||||||
|
1aCuI94l6s8HnllOnSXHNgNWU+0odfeGjcsGv9HQV5MvMd/xy+T/d7aYHH8mNIWj
|
||||||
|
R+nag2X38gtyRla5sHcTVrdqN2HKhxSkc6an5nvZlW4pyPKs5oWUJ9+8aK9vxDE3
|
||||||
|
8KsvKzOicwKBgEdWPjk6Taq7hu0Y/cEdGbz/ZM7TPRteVKP0QSXHxw9bggtdQvul
|
||||||
|
HtECPCsAQOIJsY47fEzhTXtGFkxJG2juzPtTQDVZ75DHq437lC5hQImpx8t9az2S
|
||||||
|
7gdIzaHcHMkaRphIWYCsd1QYXFlDB/ONYXD7ce2mtDkblwSGZnrSxEofAoGAN/tx
|
||||||
|
fEw0KPt54Ns2t91tCOVjtRzsKPx2n/FtmYozmjdss1e8OQlAXSYbMu5RVT7JqIaR
|
||||||
|
4AphuCDmub2YHTCRhhCevXX/YJqVhTl+YUxld+7p74ZcD61MFlu+EChX9sge6fYo
|
||||||
|
nIE0/vttJjmkfuN8PjumQrJgty3sTX91G7VoKkcCgYBwhhB9TTFG3KNMReX51J4L
|
||||||
|
kKCBNu22HHJ5dBCah8rqRMsU8BVfGg2Nm2FZr4VKlm1c6NXD7hfilCpnROySMRMR
|
||||||
|
V7be1dTfKDre5tNHyQvtH8FheZ66BVOnIYsFd1j9Qvhb/H8CScs9hb6QW/l1lEKq
|
||||||
|
1UlE/hQed7qh0R9Ri98chQ==
|
||||||
|
-----END PRIVATE KEY-----
|
25
mtlstestdata/certs/peerCA2_1_cert.pem
Normal file
25
mtlstestdata/certs/peerCA2_1_cert.pem
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIEIDCCAwigAwIBAgIUWCo6JzvUifCbj8MAUpRc8sO+3T4wDQYJKoZIhvcNAQEL
|
||||||
|
BQAwgbcxCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlMb2NhbHpvbmUxEjAQBgNVBAcM
|
||||||
|
CWxvY2FsaG9zdDEtMCsGA1UECgwkTmVvIEdvIFRlc3RpbmcgQ2VydGlmaWNhdGUg
|
||||||
|
QXV0aG9yaXR5MRAwDgYDVQQLDAdEZXZlbG9wMRQwEgYDVQQDDAtsb2NhbGRvbWFp
|
||||||
|
bjEpMCcGCSqGSIb3DQEJARYacm9vdEBsb2NhbGhvc3QubG9jYWxkb21haW4wHhcN
|
||||||
|
MjQwNjA1MTI0MzMyWhcNMjUwNzA4MTI0MzMyWjB3MQswCQYDVQQGEwJVUzESMBAG
|
||||||
|
A1UECAwJTG9jYWx6b25lMRIwEAYDVQQHDAlMb2NhbGhvc3QxJDAiBgNVBAoMG0Nl
|
||||||
|
cnRpZmljYXRlIHNpZ25lZCBieSBteSBDQTEaMBgGA1UEAwwRcGVlcjEubG9jYWxk
|
||||||
|
b21haW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCms5mlQ+C4Vlga
|
||||||
|
fxC2l5itn/+jUKHtMyz8blawn0Y6VVGcDlZdj4tLxBJt9lb/4R7YOXKF1RMAQRjW
|
||||||
|
N5WGI95WizXTIT9aqO2RdKqUc9UkGu7Iyu/SL873ZefIOr+/G6Ekj7VAnHN7/pR/
|
||||||
|
rWaUvuXivXE2QBfMKzEpiIrmgQbDlMKdxaT4UFqTMLBd5Uzal4NTwXY0sGBVPoe0
|
||||||
|
W6LvvCG8hm7oe+JH6Gt7L7ksasE4LACTHXA/5IoGpw6sc9acwfhhnA3xAQenR0WQ
|
||||||
|
/L1AduD3l4UCpb2+7n126opnhk5pbTAxnnRaLhlJjTN5gmv6tLacBZgjGWgygYTA
|
||||||
|
XE0akvA9AgMBAAGjYzBhMB8GA1UdEQQYMBaCCG5vZGVfb25lhwR/AAABhwSsyAAB
|
||||||
|
MB0GA1UdDgQWBBRVpSZPhcfqKDCRSO8bGgqERcfr3DAfBgNVHSMEGDAWgBS/rJgT
|
||||||
|
5OYZMv2q+iH4fBwEQkKUXjANBgkqhkiG9w0BAQsFAAOCAQEAHcgwV/EIegh9zVrr
|
||||||
|
eA6sbbtcgWaGG0EAbLCHPSUQSNYcbYqW05qu5hM0O2uGhG3lKH6j53uXtw1Xj14A
|
||||||
|
Ro/ovEny5qh0r4qqOMvS4mJ6/GP5ykt92mIj2UBzZK29z3iWahyubZ843M235Vnd
|
||||||
|
2p2mk9pP4Jkzlv9ABv9mqZwKrhNuk8wR/oWaH7eVErBsgOqr8Wavmrac48ZfYLus
|
||||||
|
rFlAmpQA9OeR1tnn1kApX8PmeUsedOOIuqZBYqaVnC4fedSXjlsT3omjmN9+XURf
|
||||||
|
rQsORiwkcU2ov9nLVRT40An/FDcFTbBhqMykTxrYtkksCKtFmpGLD4SMvNX8wAal
|
||||||
|
ux/EEQ==
|
||||||
|
-----END CERTIFICATE-----
|
28
mtlstestdata/certs/peerCA2_1_key.pem
Normal file
28
mtlstestdata/certs/peerCA2_1_key.pem
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCms5mlQ+C4Vlga
|
||||||
|
fxC2l5itn/+jUKHtMyz8blawn0Y6VVGcDlZdj4tLxBJt9lb/4R7YOXKF1RMAQRjW
|
||||||
|
N5WGI95WizXTIT9aqO2RdKqUc9UkGu7Iyu/SL873ZefIOr+/G6Ekj7VAnHN7/pR/
|
||||||
|
rWaUvuXivXE2QBfMKzEpiIrmgQbDlMKdxaT4UFqTMLBd5Uzal4NTwXY0sGBVPoe0
|
||||||
|
W6LvvCG8hm7oe+JH6Gt7L7ksasE4LACTHXA/5IoGpw6sc9acwfhhnA3xAQenR0WQ
|
||||||
|
/L1AduD3l4UCpb2+7n126opnhk5pbTAxnnRaLhlJjTN5gmv6tLacBZgjGWgygYTA
|
||||||
|
XE0akvA9AgMBAAECggEAInCnDNuD7RmbnKfFSG/z8WUFn9RMC/EfeWyDWPyi+fDA
|
||||||
|
Ck10/uHl3aqdwx2adkVohbQCqs8tXIdWbgVwTRUSfY9HuL2c9OpDIKK5ji+LKKku
|
||||||
|
zYmNt/88E2U4mGe4zy8SYPcWs4lPG54qSGGG+LKi1HAemF5v/DStNL86sSoVf2jh
|
||||||
|
wPJoH+JwL7EoF8KF0X1Jb1ou9b1aVmImy4oMc2um1x68gdE8qdwA/NMSMpVn5Z2Q
|
||||||
|
hVzHByHqo5EuZVMLhFtGflXSJNUpiti8ICUBrXSCLrKrVFW+aQO4C2ADHHTMSoKk
|
||||||
|
jr7bg3gPiXRACU/rJDtaie0K4Mdpx4fvkol6+6FsUQKBgQDoo/94AM1Q1LF0VNnA
|
||||||
|
xzKWE6V2JxfyLbj+ojqD2ffH4toZ6EHLffin+WplLlkJj2bfwEUvoT5HDmUrR6d4
|
||||||
|
gz/DCSgr/pqmvTVeMPw4jAeF+1Z50azyJ1EQjBYWwTjzIvHUAS5Xb4LQ66YEjbed
|
||||||
|
0Ar39cgtDiFQNV1CToKGNWWXEQKBgQC3cKVdjGCSzitdp3GIGHWb8RRSmpJdRAUU
|
||||||
|
pUOfaM5OMsDgi44K4Boqi6J0A4WiN83uhHV7mRZIPFnE1HrmKIs5qyDYzpkP2pgD
|
||||||
|
hVKQsVl9wuzc+1cGS2R5v7S9YRMo8p6ten6jaFNV1oV8GXV6RHZP0HQhV5VdC0aG
|
||||||
|
7W2BAwO+bQKBgEFs9cjK+PL1jh54SnET1F8ukUcEQZDDWRaLi0dPgoa9frbwgah3
|
||||||
|
+flLhKeF/FZa9QSSLyLxBvG2067zTN7wknsIVTriNJ4V8i9WOWixwN/mSnCiDjBf
|
||||||
|
7EVqEEBAAQMn3bjQyDagzrpwu1TmgjAotRz9C1nYcnf7OgoOyFh0JejxAoGAKwBi
|
||||||
|
E3rrzJ499jdhWtj5APRTokWP2AMw+bUAFCdabWRiaIDubEg6egy/qViGBA/221n7
|
||||||
|
vFyXp5lWJdj1cmzArmUaTxinMts4VWL0huy8IMoIAol8zgHwbMXu1ZIjDq9JWTtk
|
||||||
|
4mN7XZzrL7s8Gcxgu7cO8h346pXRE6Im0F5ni0UCgYEAzO6qqoqVBjiELBgvaeiR
|
||||||
|
IpfnUW7XioGqUhWQnpd16iJmk4KVaxoLqTPIyWpDtHnyDZIeBvth5Z6DrNhEfXQb
|
||||||
|
2D1axvufxYnm9BAnnTzSJSO4VZOKb2XvVkpir4yr/EEcVQY/5FMfErZB8I7JEdtG
|
||||||
|
Q+E4nCA1hmD7cVNs3lR4hnc=
|
||||||
|
-----END PRIVATE KEY-----
|
25
mtlstestdata/certs/peerCA2_2_cert.pem
Normal file
25
mtlstestdata/certs/peerCA2_2_cert.pem
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIEIDCCAwigAwIBAgIUWCo6JzvUifCbj8MAUpRc8sO+3T8wDQYJKoZIhvcNAQEL
|
||||||
|
BQAwgbcxCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlMb2NhbHpvbmUxEjAQBgNVBAcM
|
||||||
|
CWxvY2FsaG9zdDEtMCsGA1UECgwkTmVvIEdvIFRlc3RpbmcgQ2VydGlmaWNhdGUg
|
||||||
|
QXV0aG9yaXR5MRAwDgYDVQQLDAdEZXZlbG9wMRQwEgYDVQQDDAtsb2NhbGRvbWFp
|
||||||
|
bjEpMCcGCSqGSIb3DQEJARYacm9vdEBsb2NhbGhvc3QubG9jYWxkb21haW4wHhcN
|
||||||
|
MjQwNjA1MTI0MzMyWhcNMjUwNzA4MTI0MzMyWjB3MQswCQYDVQQGEwJVUzESMBAG
|
||||||
|
A1UECAwJTG9jYWx6b25lMRIwEAYDVQQHDAlMb2NhbGhvc3QxJDAiBgNVBAoMG0Nl
|
||||||
|
cnRpZmljYXRlIHNpZ25lZCBieSBteSBDQTEaMBgGA1UEAwwRcGVlcjIubG9jYWxk
|
||||||
|
b21haW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDk1hs2OnNlwv4Q
|
||||||
|
TfqDwhjMmNB2X/yNP/tV2ith8JWccCsRExAAOTXdNITNpVcxAglThPmJwOa37Tie
|
||||||
|
roVL/tdwM4NguGj0bhh5U4ponRYMLrOz3bffwi3OuzR/3UwajCqLCMqHhgSLX//j
|
||||||
|
VwVRy51zsKL/4H6x4HpnAuMGF6b4JQuhVn7rZjGZGePrUS9H95V1HUFYMJeaVYCh
|
||||||
|
2w7LI1atdKyGJ6CQn3vreV++ewh1MCfYo6nr+Mb6sCud68onxKrimNQ6XiiaUa/u
|
||||||
|
e/v1yfyj+oxkeleFXwqNEF066TurqRKpteCZndjpGY4NP+jbvdpd8dqvqEAXVuU+
|
||||||
|
bzMzUL5bAgMBAAGjYzBhMB8GA1UdEQQYMBaCCG5vZGVfdHdvhwR/AAABhwSsyAAC
|
||||||
|
MB0GA1UdDgQWBBQ5QklSyEl7Rmq6X4as/rbAZ5DYYDAfBgNVHSMEGDAWgBS/rJgT
|
||||||
|
5OYZMv2q+iH4fBwEQkKUXjANBgkqhkiG9w0BAQsFAAOCAQEAj6AUm5xdZbXUwq65
|
||||||
|
nK+Fu28ciR7/fcp10CcM30B3ujwi9ktKW8ECNKs+rcGJ37H2FYVt9kjdZHyJHliv
|
||||||
|
giwWcVYHd9g2J4cSn3+YzVTGZAm9XArw8U69LV3LN2oz2NESLEEFzBtb0zt5mOEV
|
||||||
|
hYg7tez5qoGf4udfIg49z3yFeSXvMOhijYbNI7OTXyK0Y2W9qsEA+Uw9aoq6ePRQ
|
||||||
|
y5KLb6+EERvGByD0vbRdxoUIoXVVE3K5wnINrKzT4Zxe6R3xTUShEkbLi87fEB3m
|
||||||
|
hN1srmin/vpy1b4oqZdmYxpBPvnUit4LzK6Wliv0RALEikoYYBMrbIn0mvylguyK
|
||||||
|
RlJXFw==
|
||||||
|
-----END CERTIFICATE-----
|
28
mtlstestdata/certs/peerCA2_2_key.pem
Normal file
28
mtlstestdata/certs/peerCA2_2_key.pem
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDk1hs2OnNlwv4Q
|
||||||
|
TfqDwhjMmNB2X/yNP/tV2ith8JWccCsRExAAOTXdNITNpVcxAglThPmJwOa37Tie
|
||||||
|
roVL/tdwM4NguGj0bhh5U4ponRYMLrOz3bffwi3OuzR/3UwajCqLCMqHhgSLX//j
|
||||||
|
VwVRy51zsKL/4H6x4HpnAuMGF6b4JQuhVn7rZjGZGePrUS9H95V1HUFYMJeaVYCh
|
||||||
|
2w7LI1atdKyGJ6CQn3vreV++ewh1MCfYo6nr+Mb6sCud68onxKrimNQ6XiiaUa/u
|
||||||
|
e/v1yfyj+oxkeleFXwqNEF066TurqRKpteCZndjpGY4NP+jbvdpd8dqvqEAXVuU+
|
||||||
|
bzMzUL5bAgMBAAECggEAWSWbxj1xFTSoezuVm1yzAomJtIPiRDintiNfATGTZzU/
|
||||||
|
YdB2TE/9TuaV0fNWi04KyhGkkOioOQDeLNs6LIfj797xkG1m3cpCGInWArknjKlo
|
||||||
|
8moupqnj5ISDiEhyzGjMbguHstIf1RgZ/Lu648mZ1ib66QnQ8YTMynKSdJ4kOsif
|
||||||
|
LkKfywnwimpAcZbNi8igh5VUcKXF/bUiyPS3ROYxDMNj82M+Hap0SKyCEy1PvIjl
|
||||||
|
1mXiBWKW/9k5/fuq6UXe7f1mNmXQf7c2PNJqiwBuH/XmPNrcs/VemTO1TXP9M4DP
|
||||||
|
tt/y8FH+EBiHptPrKYrQHzzAuOk0wTjYNlxz5jw/aQKBgQD0v/B1MJLm3oIXUzya
|
||||||
|
sVUurRDN7pW56jmlDgT9hcbs2L0c1cqq7rC0HyYXzPASAUL2i5vv7mQ24+J8dXRM
|
||||||
|
XsAWR99zLi0V0kqYZoOpUzFPa2nBLnwsYVfGO53SXcrTES5ZVEugqa8WUY1/CEL/
|
||||||
|
/+Injyy9yt2WVni/90uI8atxfwKBgQDvWuh1gO6W9fcOrwzCC4mpY4yWAYhE+0Un
|
||||||
|
c3lV1F8w/4m9mtpsMWnsQVAOCmVcuuQ29ANXK+i50TGOE6oCMVTLbv4z25xIinwW
|
||||||
|
dTkS2+vRyR1uTY4ry1avc4GT8lVCiTFS7kfJ6pvnKN90uuR73tYjB5gpgEV8zEXC
|
||||||
|
szvoZaQpJQKBgBoC0BZUTDh3C1JZSUaTdB8ay39nTMhOaUPuYn9jGUoQmsCWxAw4
|
||||||
|
g9UQvmanJBh1w90Z5z+vkTz4KRjbDroTE80KZGgET0xTZhQeSP3U1pe/LaUXQKEi
|
||||||
|
00ZBDbvOtgCKgeeCeusfPXlcv3HxudUlJ67Wm4WsKrKQjBKywHdUX8kXAoGBAKTf
|
||||||
|
MtaVvEMiJE7qB1i2h9m1J8bAQXR6vHTjVsXnZrainueK/j+eff7uMk2pnY6VcdPk
|
||||||
|
m1R1e3Zbgc4C/41JG8aRqupfsLRLKBR0JJ83+6Vi6jHrnC3Qf+KVJsGZIF+XjvE4
|
||||||
|
Dx0nzMIa5mlKv04P/eLdPVQA9lxzfO4TdgWr1bs9AoGAHuWWTCqJ02npGfFp1Jpb
|
||||||
|
l6Jrf9WseMgpkL+Q+1uDSdTv8dqwrnNfvwE6xHKYLOY/xYR9B1N/padG+gIKyi1+
|
||||||
|
L/hKNN7Sslxfr1gYhtqfJ47wnCFOB8Z21KZSNwiBfr21p5uhTolNCGNGrqF5Stcc
|
||||||
|
D1eCreiloDIe2yXx+nFxkDA=
|
||||||
|
-----END PRIVATE KEY-----
|
|
@ -29,8 +29,10 @@ type (
|
||||||
|
|
||||||
// TLS describes SSL/TLS configuration.
|
// TLS describes SSL/TLS configuration.
|
||||||
TLS struct {
|
TLS struct {
|
||||||
BasicService `yaml:",inline"`
|
BasicService `yaml:",inline"`
|
||||||
CertFile string `yaml:"CertFile"`
|
RootCA []string `yaml:"RootCAs"`
|
||||||
KeyFile string `yaml:"KeyFile"`
|
InsecureSkipVerify bool `yaml:"InsecureSkipVerify"`
|
||||||
|
CertFile string `yaml:"CertFile"`
|
||||||
|
KeyFile string `yaml:"KeyFile"`
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
|
@ -2928,7 +2928,7 @@ func (bc *Blockchain) InitVerificationContext(ic *interop.Context, hash util.Uin
|
||||||
initOffset = md.Offset
|
initOffset = md.Offset
|
||||||
}
|
}
|
||||||
ic.Invocations[cs.Hash]++
|
ic.Invocations[cs.Hash]++
|
||||||
ic.VM.LoadNEFMethod(&cs.NEF, &cs.Manifest, util.Uint160{}, hash, callflag.ReadOnly,
|
ic.VM.LoadNEFMethod(&cs.NEF, util.Uint160{}, hash, callflag.ReadOnly,
|
||||||
true, verifyOffset, initOffset, nil)
|
true, verifyOffset, initOffset, nil)
|
||||||
}
|
}
|
||||||
if len(witness.InvocationScript) != 0 {
|
if len(witness.InvocationScript) != 0 {
|
||||||
|
@ -3017,7 +3017,12 @@ func (bc *Blockchain) verifyTxWitnesses(t *transaction.Transaction, block *block
|
||||||
|
|
||||||
// verifyHeaderWitnesses is a block-specific implementation of VerifyWitnesses logic.
|
// verifyHeaderWitnesses is a block-specific implementation of VerifyWitnesses logic.
|
||||||
func (bc *Blockchain) verifyHeaderWitnesses(currHeader, prevHeader *block.Header) error {
|
func (bc *Blockchain) verifyHeaderWitnesses(currHeader, prevHeader *block.Header) error {
|
||||||
hash := prevHeader.NextConsensus
|
var hash util.Uint160
|
||||||
|
if prevHeader == nil && currHeader.PrevHash.Equals(util.Uint256{}) {
|
||||||
|
hash = currHeader.Script.ScriptHash()
|
||||||
|
} else {
|
||||||
|
hash = prevHeader.NextConsensus
|
||||||
|
}
|
||||||
_, err := bc.VerifyWitness(hash, currHeader, &currHeader.Script, HeaderVerificationGasLimit)
|
_, err := bc.VerifyWitness(hash, currHeader, &currHeader.Script, HeaderVerificationGasLimit)
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
@ -144,7 +144,7 @@ func callExFromNative(ic *interop.Context, caller util.Uint160, cs *state.Contra
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
ic.VM.LoadNEFMethod(&cs.NEF, &cs.Manifest, caller, cs.Hash, f,
|
ic.VM.LoadNEFMethod(&cs.NEF, caller, cs.Hash, f,
|
||||||
hasReturn, methodOff, initOff, onUnload)
|
hasReturn, methodOff, initOff, onUnload)
|
||||||
|
|
||||||
for e, i := ic.VM.Estack(), len(args)-1; i >= 0; i-- {
|
for e, i := ic.VM.Estack(), len(args)-1; i >= 0; i-- {
|
||||||
|
|
|
@ -80,19 +80,19 @@ func Notify(ic *interop.Context) error {
|
||||||
if len(name) > MaxEventNameLen {
|
if len(name) > MaxEventNameLen {
|
||||||
return fmt.Errorf("event name must be less than %d", MaxEventNameLen)
|
return fmt.Errorf("event name must be less than %d", MaxEventNameLen)
|
||||||
}
|
}
|
||||||
curr := ic.VM.Context().GetManifest()
|
curHash := ic.VM.GetCurrentScriptHash()
|
||||||
if curr == nil {
|
ctr, err := ic.GetContract(curHash)
|
||||||
|
if err != nil {
|
||||||
return errors.New("notifications are not allowed in dynamic scripts")
|
return errors.New("notifications are not allowed in dynamic scripts")
|
||||||
}
|
}
|
||||||
var (
|
var (
|
||||||
ev = curr.ABI.GetEvent(name)
|
ev = ctr.Manifest.ABI.GetEvent(name)
|
||||||
checkErr error
|
checkErr error
|
||||||
curHash = ic.VM.GetCurrentScriptHash()
|
|
||||||
)
|
)
|
||||||
if ev == nil {
|
if ev == nil {
|
||||||
checkErr = fmt.Errorf("notification %s does not exist", name)
|
checkErr = fmt.Errorf("notification %s does not exist", name)
|
||||||
} else {
|
} else {
|
||||||
err := ev.CheckCompliance(args)
|
err = ev.CheckCompliance(args)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
checkErr = fmt.Errorf("notification %s is invalid: %w", name, err)
|
checkErr = fmt.Errorf("notification %s is invalid: %w", name, err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -637,7 +637,7 @@ func TestNotify(t *testing.T) {
|
||||||
_, _, bc, cs := getDeployedInternal(t)
|
_, _, bc, cs := getDeployedInternal(t)
|
||||||
ic, err := bc.GetTestVM(trigger.Application, nil, nil)
|
ic, err := bc.GetTestVM(trigger.Application, nil, nil)
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
ic.VM.LoadNEFMethod(&cs.NEF, &cs.Manifest, caller, cs.Hash, callflag.NoneFlag, true, 0, -1, nil)
|
ic.VM.LoadNEFMethod(&cs.NEF, caller, cs.Hash, callflag.NoneFlag, true, 0, -1, nil)
|
||||||
ic.VM.Estack().PushVal(args)
|
ic.VM.Estack().PushVal(args)
|
||||||
ic.VM.Estack().PushVal(name)
|
ic.VM.Estack().PushVal(name)
|
||||||
return ic
|
return ic
|
||||||
|
|
|
@ -44,13 +44,12 @@ const (
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
errAlreadyConnected = errors.New("already connected")
|
errAlreadyConnected = errors.New("already connected")
|
||||||
errIdenticalID = errors.New("identical node id")
|
errIdenticalID = errors.New("identical node id")
|
||||||
errInvalidNetwork = errors.New("invalid network")
|
errInvalidNetwork = errors.New("invalid network")
|
||||||
errMaxPeers = errors.New("max peers reached")
|
errMaxPeers = errors.New("max peers reached")
|
||||||
errServerShutdown = errors.New("server shutdown")
|
errServerShutdown = errors.New("server shutdown")
|
||||||
errInvalidInvType = errors.New("invalid inventory type")
|
errInvalidInvType = errors.New("invalid inventory type")
|
||||||
errBlocksRequestFailed = errors.New("blocks request failed")
|
|
||||||
)
|
)
|
||||||
|
|
||||||
type (
|
type (
|
||||||
|
@ -513,17 +512,10 @@ func (s *Server) run() {
|
||||||
if s.peers[drop.peer] {
|
if s.peers[drop.peer] {
|
||||||
delete(s.peers, drop.peer)
|
delete(s.peers, drop.peer)
|
||||||
s.lock.Unlock()
|
s.lock.Unlock()
|
||||||
if errors.Is(drop.reason, errInvalidInvType) || errors.Is(drop.reason, errStateMismatch) || errors.Is(drop.reason, errBlocksRequestFailed) {
|
s.log.Warn("peer disconnected",
|
||||||
s.log.Warn("peer disconnected",
|
zap.Stringer("addr", drop.peer.RemoteAddr()),
|
||||||
zap.Stringer("addr", drop.peer.RemoteAddr()),
|
zap.Error(drop.reason),
|
||||||
zap.Error(drop.reason),
|
zap.Int("peerCount", s.PeerCount()))
|
||||||
zap.Int("peerCount", s.PeerCount()))
|
|
||||||
} else {
|
|
||||||
s.log.Info("peer disconnected",
|
|
||||||
zap.Stringer("addr", drop.peer.RemoteAddr()),
|
|
||||||
zap.Error(drop.reason),
|
|
||||||
zap.Int("peerCount", s.PeerCount()))
|
|
||||||
}
|
|
||||||
if errors.Is(drop.reason, errIdenticalID) {
|
if errors.Is(drop.reason, errIdenticalID) {
|
||||||
s.discovery.RegisterSelf(drop.peer)
|
s.discovery.RegisterSelf(drop.peer)
|
||||||
} else {
|
} else {
|
||||||
|
@ -801,7 +793,7 @@ func (s *Server) requestBlocksOrHeaders(p Peer) error {
|
||||||
}
|
}
|
||||||
err := s.requestBlocks(bq, p)
|
err := s.requestBlocks(bq, p)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("%w: %w", errBlocksRequestFailed, err)
|
return err
|
||||||
}
|
}
|
||||||
if requestMPTNodes {
|
if requestMPTNodes {
|
||||||
return s.requestMPTNodes(p, s.stateSync.GetUnknownMPTNodesBatch(payload.MaxMPTHashesCount))
|
return s.requestMPTNodes(p, s.stateSync.GetUnknownMPTNodesBatch(payload.MaxMPTHashesCount))
|
||||||
|
@ -1353,7 +1345,7 @@ func (s *Server) handleMessage(peer Peer, msg *Message) error {
|
||||||
if peer.Handshaked() {
|
if peer.Handshaked() {
|
||||||
if inv, ok := msg.Payload.(*payload.Inventory); ok {
|
if inv, ok := msg.Payload.(*payload.Inventory); ok {
|
||||||
if !inv.Type.Valid(s.chain.P2PSigExtensionsEnabled()) || len(inv.Hashes) == 0 {
|
if !inv.Type.Valid(s.chain.P2PSigExtensionsEnabled()) || len(inv.Hashes) == 0 {
|
||||||
return fmt.Errorf("%w: %s", errInvalidInvType, inv.Type.String())
|
return errInvalidInvType
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
switch msg.Command {
|
switch msg.Command {
|
||||||
|
|
|
@ -3,6 +3,7 @@ package rpcclient
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"context"
|
"context"
|
||||||
|
"crypto/tls"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
@ -68,6 +69,8 @@ type Options struct {
|
||||||
RequestTimeout time.Duration
|
RequestTimeout time.Duration
|
||||||
// Limit total number of connections per host. No limit by default.
|
// Limit total number of connections per host. No limit by default.
|
||||||
MaxConnsPerHost int
|
MaxConnsPerHost int
|
||||||
|
TLSClientConfig *tls.Config
|
||||||
|
NetDialContext func(ctx context.Context, network, addr string) (net.Conn, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
// cache stores cache values for the RPC client methods.
|
// cache stores cache values for the RPC client methods.
|
||||||
|
@ -103,15 +106,26 @@ func initClient(ctx context.Context, cl *Client, endpoint string, opts Options)
|
||||||
if opts.RequestTimeout <= 0 {
|
if opts.RequestTimeout <= 0 {
|
||||||
opts.RequestTimeout = defaultRequestTimeout
|
opts.RequestTimeout = defaultRequestTimeout
|
||||||
}
|
}
|
||||||
|
dialContext := (&net.Dialer{
|
||||||
|
Timeout: opts.DialTimeout,
|
||||||
|
}).DialContext
|
||||||
|
if opts.NetDialContext != nil {
|
||||||
|
dialContext = func(ctx context.Context, network, addr string) (net.Conn, error) {
|
||||||
|
ctx, cancel := context.WithTimeout(ctx, opts.DialTimeout)
|
||||||
|
defer cancel()
|
||||||
|
return opts.NetDialContext(ctx, network, addr)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
tr := &http.Transport{
|
||||||
|
DialContext: dialContext,
|
||||||
|
MaxConnsPerHost: opts.MaxConnsPerHost,
|
||||||
|
TLSClientConfig: opts.TLSClientConfig,
|
||||||
|
}
|
||||||
|
|
||||||
httpClient := &http.Client{
|
httpClient := &http.Client{
|
||||||
Transport: &http.Transport{
|
Transport: tr,
|
||||||
DialContext: (&net.Dialer{
|
Timeout: opts.RequestTimeout,
|
||||||
Timeout: opts.DialTimeout,
|
|
||||||
}).DialContext,
|
|
||||||
MaxConnsPerHost: opts.MaxConnsPerHost,
|
|
||||||
},
|
|
||||||
Timeout: opts.RequestTimeout,
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO(@antdm): Enable SSL.
|
// TODO(@antdm): Enable SSL.
|
||||||
|
|
47
pkg/rpcclient/mtls_hook.go
Normal file
47
pkg/rpcclient/mtls_hook.go
Normal file
|
@ -0,0 +1,47 @@
|
||||||
|
package rpcclient
|
||||||
|
|
||||||
|
import (
|
||||||
|
"crypto/tls"
|
||||||
|
"crypto/x509"
|
||||||
|
"fmt"
|
||||||
|
"net/http"
|
||||||
|
"os"
|
||||||
|
)
|
||||||
|
|
||||||
|
// TransportHook ...
|
||||||
|
type TransportHook = func(*http.Transport)
|
||||||
|
|
||||||
|
func TLSClientConfig(rootCAs []string, certFile, keyFile string) (*tls.Config, error) {
|
||||||
|
certificate, err := tls.LoadX509KeyPair(certFile, keyFile)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("read client certificate: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
caCertPool := x509.NewCertPool()
|
||||||
|
for _, name := range rootCAs {
|
||||||
|
caCertFile, err := os.ReadFile(name)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("read CA certificate: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
caCertPool.AppendCertsFromPEM(caCertFile)
|
||||||
|
}
|
||||||
|
|
||||||
|
return &tls.Config{
|
||||||
|
RootCAs: caCertPool,
|
||||||
|
Certificates: []tls.Certificate{certificate},
|
||||||
|
InsecureSkipVerify: len(rootCAs) == 0,
|
||||||
|
}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// MTLSTransportHook enables client certificate advertising as well as retricting the set of rootCA we accept.
|
||||||
|
func MTLSTransportHook(rootCAs []string, certFile, keyFile string) (func(*http.Transport), error) {
|
||||||
|
cfg, err := TLSClientConfig(rootCAs, certFile, keyFile)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(tr *http.Transport) {
|
||||||
|
tr.TLSClientConfig = cfg
|
||||||
|
}, nil
|
||||||
|
}
|
|
@ -453,7 +453,7 @@ var errConnClosedByUser = errors.New("connection closed by user")
|
||||||
// You should call Init method to initialize the network magic the client is
|
// You should call Init method to initialize the network magic the client is
|
||||||
// operating on.
|
// operating on.
|
||||||
func NewWS(ctx context.Context, endpoint string, opts WSOptions) (*WSClient, error) {
|
func NewWS(ctx context.Context, endpoint string, opts WSOptions) (*WSClient, error) {
|
||||||
dialer := websocket.Dialer{HandshakeTimeout: opts.DialTimeout}
|
dialer := websocket.Dialer{HandshakeTimeout: opts.DialTimeout, TLSClientConfig: opts.TLSClientConfig, NetDialContext: opts.NetDialContext}
|
||||||
ws, resp, err := dialer.DialContext(ctx, endpoint, nil)
|
ws, resp, err := dialer.DialContext(ctx, endpoint, nil)
|
||||||
if resp != nil && resp.Body != nil { // Can be non-nil even with error returned.
|
if resp != nil && resp.Body != nil { // Can be non-nil even with error returned.
|
||||||
defer resp.Body.Close() // Not exactly required by websocket, but let's do this for bodyclose checker.
|
defer resp.Body.Close() // Not exactly required by websocket, but let's do this for bodyclose checker.
|
||||||
|
@ -601,7 +601,13 @@ readloop:
|
||||||
connCloseErr = fmt.Errorf("unknown response channel for response %d", id)
|
connCloseErr = fmt.Errorf("unknown response channel for response %d", id)
|
||||||
break readloop // Unknown response (unexpected response ID).
|
break readloop // Unknown response (unexpected response ID).
|
||||||
}
|
}
|
||||||
ch <- &rr.Response
|
select {
|
||||||
|
case <-c.writerDone:
|
||||||
|
break readloop
|
||||||
|
case <-c.shutdown:
|
||||||
|
break readloop
|
||||||
|
case ch <- &rr.Response:
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
// Malformed response, neither valid request, nor valid response.
|
// Malformed response, neither valid request, nor valid response.
|
||||||
connCloseErr = fmt.Errorf("malformed response")
|
connCloseErr = fmt.Errorf("malformed response")
|
||||||
|
|
|
@ -157,11 +157,6 @@ func (o *Oracle) processRequest(priv *keys.PrivateKey, req request) error {
|
||||||
resp.Code = transaction.Error
|
resp.Code = transaction.Error
|
||||||
}
|
}
|
||||||
case neofs.URIScheme:
|
case neofs.URIScheme:
|
||||||
if len(o.MainCfg.NeoFS.Nodes) == 0 {
|
|
||||||
o.Log.Warn("no NeoFS nodes configured", zap.String("url", req.Req.URL))
|
|
||||||
resp.Code = transaction.Error
|
|
||||||
break
|
|
||||||
}
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), o.MainCfg.NeoFS.Timeout)
|
ctx, cancel := context.WithTimeout(context.Background(), o.MainCfg.NeoFS.Timeout)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
index := (int(req.ID) + incTx.attempts) % len(o.MainCfg.NeoFS.Nodes)
|
index := (int(req.ID) + incTx.attempts) % len(o.MainCfg.NeoFS.Nodes)
|
||||||
|
|
|
@ -4,6 +4,8 @@ import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"context"
|
"context"
|
||||||
"crypto/elliptic"
|
"crypto/elliptic"
|
||||||
|
"crypto/tls"
|
||||||
|
"crypto/x509"
|
||||||
"encoding/binary"
|
"encoding/binary"
|
||||||
"encoding/hex"
|
"encoding/hex"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
@ -13,6 +15,7 @@ import (
|
||||||
"math/big"
|
"math/big"
|
||||||
"net"
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"os"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
"sync"
|
"sync"
|
||||||
|
@ -409,7 +412,27 @@ func (s *Server) Start() {
|
||||||
}
|
}
|
||||||
|
|
||||||
if cfg := s.config.TLSConfig; cfg.Enabled {
|
if cfg := s.config.TLSConfig; cfg.Enabled {
|
||||||
|
caCertPool := x509.NewCertPool()
|
||||||
|
for _, f := range cfg.RootCA {
|
||||||
|
data, err := os.ReadFile(f)
|
||||||
|
if err != nil {
|
||||||
|
s.errChan <- err
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
caCertPool.AppendCertsFromPEM(data)
|
||||||
|
}
|
||||||
|
|
||||||
for _, srv := range s.https {
|
for _, srv := range s.https {
|
||||||
|
if len(cfg.RootCA) == 0 {
|
||||||
|
s.log.Warn("client CAs are not provided, mTLS is disabled")
|
||||||
|
cfg.InsecureSkipVerify = true
|
||||||
|
}
|
||||||
|
srv.TLSConfig = &tls.Config{
|
||||||
|
ClientCAs: caCertPool,
|
||||||
|
ClientAuth: tls.RequireAndVerifyClientCert,
|
||||||
|
InsecureSkipVerify: cfg.InsecureSkipVerify,
|
||||||
|
}
|
||||||
srv.Handler = http.HandlerFunc(s.handleHTTPRequest)
|
srv.Handler = http.HandlerFunc(s.handleHTTPRequest)
|
||||||
s.log.Info("starting rpc-server (https)", zap.String("endpoint", srv.Addr))
|
s.log.Info("starting rpc-server (https)", zap.String("endpoint", srv.Addr))
|
||||||
|
|
||||||
|
@ -3144,9 +3167,12 @@ func escapeForLog(in string) string {
|
||||||
// Addresses returns the list of addresses RPC server is listening to in the form of
|
// Addresses returns the list of addresses RPC server is listening to in the form of
|
||||||
// address:port.
|
// address:port.
|
||||||
func (s *Server) Addresses() []string {
|
func (s *Server) Addresses() []string {
|
||||||
res := make([]string, len(s.http))
|
res := make([]string, 0, len(s.http))
|
||||||
for i, srv := range s.http {
|
for _, srv := range s.http {
|
||||||
res[i] = srv.Addr
|
res = append(res, srv.Addr)
|
||||||
|
}
|
||||||
|
for _, srv := range s.https {
|
||||||
|
res = append(res, srv.Addr)
|
||||||
}
|
}
|
||||||
return res
|
return res
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,7 +8,6 @@ import (
|
||||||
|
|
||||||
"github.com/nspcc-dev/neo-go/pkg/crypto/hash"
|
"github.com/nspcc-dev/neo-go/pkg/crypto/hash"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/smartcontract/callflag"
|
"github.com/nspcc-dev/neo-go/pkg/smartcontract/callflag"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/smartcontract/manifest"
|
|
||||||
"github.com/nspcc-dev/neo-go/pkg/smartcontract/nef"
|
"github.com/nspcc-dev/neo-go/pkg/smartcontract/nef"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/util"
|
"github.com/nspcc-dev/neo-go/pkg/util"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/vm/invocations"
|
"github.com/nspcc-dev/neo-go/pkg/vm/invocations"
|
||||||
|
@ -45,8 +44,6 @@ type scriptContext struct {
|
||||||
|
|
||||||
// NEF represents a NEF file for the current contract.
|
// NEF represents a NEF file for the current contract.
|
||||||
NEF *nef.File
|
NEF *nef.File
|
||||||
// Manifest represents a manifest for the current contract.
|
|
||||||
Manifest *manifest.Manifest
|
|
||||||
// invTree is an invocation tree (or a branch of it) for this context.
|
// invTree is an invocation tree (or a branch of it) for this context.
|
||||||
invTree *invocations.Tree
|
invTree *invocations.Tree
|
||||||
// onUnload is a callback that should be called after current context unloading
|
// onUnload is a callback that should be called after current context unloading
|
||||||
|
@ -252,11 +249,6 @@ func (c *Context) GetNEF() *nef.File {
|
||||||
return c.sc.NEF
|
return c.sc.NEF
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetManifest returns Manifest used by this context if it's present.
|
|
||||||
func (c *Context) GetManifest() *manifest.Manifest {
|
|
||||||
return c.sc.Manifest
|
|
||||||
}
|
|
||||||
|
|
||||||
// NumOfReturnVals returns the number of return values expected from this context.
|
// NumOfReturnVals returns the number of return values expected from this context.
|
||||||
func (c *Context) NumOfReturnVals() int {
|
func (c *Context) NumOfReturnVals() int {
|
||||||
return c.retCount
|
return c.retCount
|
||||||
|
|
|
@ -56,6 +56,6 @@ func TestContext_BreakPoints(t *testing.T) {
|
||||||
require.Equal(t, []int{3, 5}, v.Context().BreakPoints())
|
require.Equal(t, []int{3, 5}, v.Context().BreakPoints())
|
||||||
|
|
||||||
// New context -> clean breakpoints.
|
// New context -> clean breakpoints.
|
||||||
v.loadScriptWithCallingHash(prog, nil, nil, util.Uint160{}, util.Uint160{}, callflag.All, 1, 3, nil)
|
v.loadScriptWithCallingHash(prog, nil, util.Uint160{}, util.Uint160{}, callflag.All, 1, 3, nil)
|
||||||
require.Equal(t, []int{}, v.Context().BreakPoints())
|
require.Equal(t, []int{}, v.Context().BreakPoints())
|
||||||
}
|
}
|
||||||
|
|
14
pkg/vm/vm.go
14
pkg/vm/vm.go
|
@ -18,7 +18,6 @@ import (
|
||||||
"github.com/nspcc-dev/neo-go/pkg/encoding/address"
|
"github.com/nspcc-dev/neo-go/pkg/encoding/address"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/encoding/bigint"
|
"github.com/nspcc-dev/neo-go/pkg/encoding/bigint"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/smartcontract/callflag"
|
"github.com/nspcc-dev/neo-go/pkg/smartcontract/callflag"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/smartcontract/manifest"
|
|
||||||
"github.com/nspcc-dev/neo-go/pkg/smartcontract/nef"
|
"github.com/nspcc-dev/neo-go/pkg/smartcontract/nef"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/smartcontract/trigger"
|
"github.com/nspcc-dev/neo-go/pkg/smartcontract/trigger"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/util"
|
"github.com/nspcc-dev/neo-go/pkg/util"
|
||||||
|
@ -309,14 +308,14 @@ func (v *VM) LoadScript(b []byte) {
|
||||||
|
|
||||||
// LoadScriptWithFlags loads script and sets call flag to f.
|
// LoadScriptWithFlags loads script and sets call flag to f.
|
||||||
func (v *VM) LoadScriptWithFlags(b []byte, f callflag.CallFlag) {
|
func (v *VM) LoadScriptWithFlags(b []byte, f callflag.CallFlag) {
|
||||||
v.loadScriptWithCallingHash(b, nil, nil, v.GetCurrentScriptHash(), util.Uint160{}, f, -1, 0, nil)
|
v.loadScriptWithCallingHash(b, nil, v.GetCurrentScriptHash(), util.Uint160{}, f, -1, 0, nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
// LoadDynamicScript loads the given script with the given flags. This script is
|
// LoadDynamicScript loads the given script with the given flags. This script is
|
||||||
// considered to be dynamic, it can either return no value at all or return
|
// considered to be dynamic, it can either return no value at all or return
|
||||||
// exactly one value.
|
// exactly one value.
|
||||||
func (v *VM) LoadDynamicScript(b []byte, f callflag.CallFlag) {
|
func (v *VM) LoadDynamicScript(b []byte, f callflag.CallFlag) {
|
||||||
v.loadScriptWithCallingHash(b, nil, nil, v.GetCurrentScriptHash(), util.Uint160{}, f, -1, 0, DynamicOnUnload)
|
v.loadScriptWithCallingHash(b, nil, v.GetCurrentScriptHash(), util.Uint160{}, f, -1, 0, DynamicOnUnload)
|
||||||
}
|
}
|
||||||
|
|
||||||
// LoadScriptWithHash is similar to the LoadScriptWithFlags method, but it also loads
|
// LoadScriptWithHash is similar to the LoadScriptWithFlags method, but it also loads
|
||||||
|
@ -326,19 +325,19 @@ func (v *VM) LoadDynamicScript(b []byte, f callflag.CallFlag) {
|
||||||
// accordingly). It's up to the user of this function to make sure the script and hash match
|
// accordingly). It's up to the user of this function to make sure the script and hash match
|
||||||
// each other.
|
// each other.
|
||||||
func (v *VM) LoadScriptWithHash(b []byte, hash util.Uint160, f callflag.CallFlag) {
|
func (v *VM) LoadScriptWithHash(b []byte, hash util.Uint160, f callflag.CallFlag) {
|
||||||
v.loadScriptWithCallingHash(b, nil, nil, v.GetCurrentScriptHash(), hash, f, 1, 0, nil)
|
v.loadScriptWithCallingHash(b, nil, v.GetCurrentScriptHash(), hash, f, 1, 0, nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
// LoadNEFMethod allows to create a context to execute a method from the NEF
|
// LoadNEFMethod allows to create a context to execute a method from the NEF
|
||||||
// file with the specified caller and executing hash, call flags, return value,
|
// file with the specified caller and executing hash, call flags, return value,
|
||||||
// method and _initialize offsets.
|
// method and _initialize offsets.
|
||||||
func (v *VM) LoadNEFMethod(exe *nef.File, manifest *manifest.Manifest, caller util.Uint160, hash util.Uint160, f callflag.CallFlag,
|
func (v *VM) LoadNEFMethod(exe *nef.File, caller util.Uint160, hash util.Uint160, f callflag.CallFlag,
|
||||||
hasReturn bool, methodOff int, initOff int, onContextUnload ContextUnloadCallback) {
|
hasReturn bool, methodOff int, initOff int, onContextUnload ContextUnloadCallback) {
|
||||||
var rvcount int
|
var rvcount int
|
||||||
if hasReturn {
|
if hasReturn {
|
||||||
rvcount = 1
|
rvcount = 1
|
||||||
}
|
}
|
||||||
v.loadScriptWithCallingHash(exe.Script, exe, manifest, caller, hash, f, rvcount, methodOff, onContextUnload)
|
v.loadScriptWithCallingHash(exe.Script, exe, caller, hash, f, rvcount, methodOff, onContextUnload)
|
||||||
if initOff >= 0 {
|
if initOff >= 0 {
|
||||||
v.Call(initOff)
|
v.Call(initOff)
|
||||||
}
|
}
|
||||||
|
@ -346,7 +345,7 @@ func (v *VM) LoadNEFMethod(exe *nef.File, manifest *manifest.Manifest, caller ut
|
||||||
|
|
||||||
// loadScriptWithCallingHash is similar to LoadScriptWithHash but sets calling hash explicitly.
|
// loadScriptWithCallingHash is similar to LoadScriptWithHash but sets calling hash explicitly.
|
||||||
// It should be used for calling from native contracts.
|
// It should be used for calling from native contracts.
|
||||||
func (v *VM) loadScriptWithCallingHash(b []byte, exe *nef.File, manifest *manifest.Manifest, caller util.Uint160,
|
func (v *VM) loadScriptWithCallingHash(b []byte, exe *nef.File, caller util.Uint160,
|
||||||
hash util.Uint160, f callflag.CallFlag, rvcount int, offset int, onContextUnload ContextUnloadCallback) {
|
hash util.Uint160, f callflag.CallFlag, rvcount int, offset int, onContextUnload ContextUnloadCallback) {
|
||||||
v.checkInvocationStackSize()
|
v.checkInvocationStackSize()
|
||||||
ctx := NewContextWithParams(b, rvcount, offset)
|
ctx := NewContextWithParams(b, rvcount, offset)
|
||||||
|
@ -364,7 +363,6 @@ func (v *VM) loadScriptWithCallingHash(b []byte, exe *nef.File, manifest *manife
|
||||||
ctx.sc.scriptHash = hash
|
ctx.sc.scriptHash = hash
|
||||||
ctx.sc.callingScriptHash = caller
|
ctx.sc.callingScriptHash = caller
|
||||||
ctx.sc.NEF = exe
|
ctx.sc.NEF = exe
|
||||||
ctx.sc.Manifest = manifest
|
|
||||||
if v.invTree != nil {
|
if v.invTree != nil {
|
||||||
curTree := v.invTree
|
curTree := v.invTree
|
||||||
if parent != nil {
|
if parent != nil {
|
||||||
|
|
|
@ -278,6 +278,7 @@ func TestRegenerateCLIWallet1_solo(t *testing.T) {
|
||||||
hash := state.CreateContractHash(acc3.PrivateKey().GetScriptHash(), nefFile.Checksum, m.Name)
|
hash := state.CreateContractHash(acc3.PrivateKey().GetScriptHash(), nefFile.Checksum, m.Name)
|
||||||
acc4.Address = address.Uint160ToString(hash)
|
acc4.Address = address.Uint160ToString(hash)
|
||||||
acc4.Contract = &Contract{
|
acc4.Contract = &Contract{
|
||||||
|
Script: nefFile.Script,
|
||||||
Deployed: true,
|
Deployed: true,
|
||||||
Parameters: []ContractParam{},
|
Parameters: []ContractParam{},
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue