Skip to content

R
re6stnet
Commit 667831ff authored by Julien Muchembled's avatar Julien Muchembled
Browse files
Options

Review some re6stnet options and update demo

parent df77b6a2
Hide whitespace changes
Inline Side-by-side
Showing with 177 additions and 342 deletions
demo/ca.crt
View file @ 667831ff
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIDDTCCAfWgAwIBAgIHASABDbgAQjANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQG MIIDTTCCAjWgAwIBAgIHASABDbgAQjANBgkqhkiG9w0BAQUFADA+MRowGAYDVQQD
EwJGUjEPMA0GA1UEAwwGVlBOIENBMB4XDTEyMDcxNjExNTMwNVoXDTEzMDcxNjEx DBFyZTZzdC5leGFtcGxlLmNvbTEgMB4GCSqGSIb3DQEJARYRcmU2c3RAZXhhbXBs
NTMwNVowHjELMAkGA1UEBhMCRlIxDzANBgNVBAMMBlZQTiBDQTCCASIwDQYJKoZI ZS5jb20wHhcNMTIwOTA2MTI0MTM0WhcNMjAwMTAxMTI0MTM0WjA+MRowGAYDVQQD
hvcNAQEBBQADggEPADCCAQoCggEBALMp1ojWB123yI3kxM0x75sq5W3QJ+rfg5SH DBFyZTZzdC5leGFtcGxlLmNvbTEgMB4GCSqGSIb3DQEJARYRcmU2c3RAZXhhbXBs
TLvc1CbUeNQwMeJT/l2OQG7D5jyrw4wjAK43w+DKnoJ8WK8sfdrjZ5uDEmfaR9Tv ZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzKdaI1gddt8iN
TvyCJsIS4g9YP0ZdCNKA/7swlW/erbiDhhlOxrqUonxjU58/aLa41He/v/cEEiyh 5MTNMe+bKuVt0Cfq34OUh0y73NQm1HjUMDHiU/5djkBuw+Y8q8OMIwCuN8Pgyp6C
vymJqXaRsuDP3ov5zMOM85WxX5Uf3UySrqQ7uN82k2gEdVJfORClW6nGLzrAQUiu fFivLH3a42ebgxJn2kfU7078gibCEuIPWD9GXQjSgP+7MJVv3q24g4YZTsa6lKJ8
TOUBhlGZjR9FymuGi8jWIMul2wmxj/LI+B9c0mT3GFOU9Sg3HIfQQ+Ea/QoCslmT Y1OfP2i2uNR3v7/3BBIsob8pial2kbLgz96L+czDjPOVsV+VH91Mkq6kO7jfNpNo
CXN0OPlFVhhwtMSB7fviCvUQgzLN7H+Q3nLVqza1f2XBdNE5zmkCAwEAAaNQME4w BHVSXzkQpVupxi86wEFIrkzlAYZRmY0fRcprhovI1iDLpdsJsY/yyPgfXNJk9xhT
HQYDVR0OBBYEFKAM2cc4IXnFIZuYD1IK6MItGzSdMB8GA1UdIwQYMBaAFKAM2cc4 lPUoNxyH0EPhGv0KArJZkwlzdDj5RVYYcLTEge374gr1EIMyzex/kN5y1as2tX9l
IXnFIZuYD1IK6MItGzSdMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEB wXTROc5pAgMBAAGjUDBOMB0GA1UdDgQWBBSgDNnHOCF5xSGbmA9SCujCLRs0nTAf
AFIqN4FoxebGAd2f60J9s60a7IExmrrGOCEL+x74XCV+4QBI4UQ27KYzGltXgBO6 BgNVHSMEGDAWgBSgDNnHOCF5xSGbmA9SCujCLRs0nTAMBgNVHRMEBTADAQH/MA0G
eyY2urg2b8MyCjU/U/N5iK6QhzIUw9oGY927V/6WxlMX/DzKAx9VQg2oIxDrj+tA CSqGSIb3DQEBBQUAA4IBAQBZQvMkCSCrrJoS432kJUg//iB0+c1mftbYTez+wqHq
TpUw9MxlhL/VBJDxuJe6tjM0zdevTVeDgQAJa0UGMTqfMDFjN53WY+ZUyI/0TXwg NzEPnv5EWJtYsYvZUx6huNvrv5UR9S9MkGyH1u8kw3mW5lRKTPBC9NdAgywhsDES
tDmEguWFuE/1O1lzZIq9Bv+5lsIsXynzshDLX8t5VGHrPQ8kBs6v7wTLfdtJyDZz VTDx02EZhsKEA2VaxhirGyJEDSgXADQNZNtB0Mw+M8/tociZKOiih6gwJw3sYcDz
/jLm5Us3/tUB71aMUa3+7bJEFdqtdasbhBAJAgI4hKszmZfsI9H4NHKWQ51cQKNh 9mTQFG44YG2nSmxEqP2m+32km0gvxLNIyoCnZN1x25dcRcJ5H9AbbIfSZxC02rqc
P7R0fzBg1J/ueLW5vuPCkXE= Wy0HLmfa7ZPLYD5Qz/TuCXXRXxyy5AYasVsz2GdXDNXRwiEmYqfM69EDtwZqTPZj
cfJdgSNqrysIXYE6SgBi6RUtOlmBubdxke4EZZ4ImdGo
-----END CERTIFICATE----- -----END CERTIFICATE-----
demo/demo
View file @ 667831ff
...@@ -26,6 +26,11 @@ if not os.path.exists(registry): ...@@ -26,6 +26,11 @@ if not os.path.exists(registry):
sql = open('registry/registry.sql').read() sql = open('registry/registry.sql').read()
db = sqlite3.connect(registry) db = sqlite3.connect(registry)
db.executescript(sql) db.executescript(sql)
for prefix, cert in db.execute("SELECT prefix, cert FROM cert"
" WHERE cert IS NOT NULL"):
i = int(prefix, 2)
with open(("m%u" % i if i else "registry") + "/cert.crt", 'w') as f:
f.write(cert)
db.close() db.close()
def disable_signal_on_children(sig): def disable_signal_on_children(sig):
......
demo/m1/cert.crt deleted 100644 → 0
View file @ df77b6a2
-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyNTA1MzAwMVoXDTEzMDcyNTA1MzAwMVowDzENMAsG
A1UEAxMENy8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMBm39B1
mHqMnb31Eig/FhcWJOvaAMfYwrxcuLWfM0orX+4M0Qj3Loqpg7Cktzj7TOMCxhdw
7cTyoVTAQX0RVFk+jmsYOD7RGZGUB7Wa3+DG/vhEbPcq5SuQMls/VhNOhw1clgBG
Dg6bprdNyTJGVlxAzioZh9m20RHjEiZFiFjd5EZrUUnV6PNAXS4SNF9GQ360Pfh+
/agGliCM9XBRq2zqD0+bmy5RwYKMGvQeeQsK5K4O2PAivel87YGtGQtqfXaKDpVX
RxCUPyBj/irSE2xv/IL3BiMTR2FEUegzPtGs1ryBXx9bls6D6Y6v9+KtKHs4icAD
tKRyUN/AKhUOafcCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAOt3KUHqzkMTVsHvy
1AsD+pFwk+l0n8EF7zfACSSRLAWeh2uky8/1T0NSjIPDBwMC44m2n57QScno59mi
QCdI3eJGLHYeOOV/523vuQx3TULjoxEVhux3WkO/OrgRdRSGxyspnb9XR2ExrLXa
jwUkpa74kvFdC7n4UdSdhf5MC3CBOi8k8bs/fzIbj9oW+CtWebwe5dfBAKjHxjPy
s1PiWo8u4fp0D0ljznVEw2Z+HvfmtxKKoXMtz14fM+i05i6A70eFYWgzbv4cb1Fy
jyz1bgEdd9PUeikRRcpHNOYHQd79Q3f10wliqqxZXTB2bsdMD9NFmDnyIk4wEz3N
pAA5fw==
-----END CERTIFICATE-----
demo/m2/cert.crt deleted 100644 → 0
View file @ df77b6a2
-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyNTA1Mjg1NloXDTEzMDcyNTA1Mjg1NlowDzENMAsG
A1UEAxMENS8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPfcxv4a
S8vmvC5hgXQx/51lviKt9BaBDUr9EPwxvJoyWwDjINRhcxhXg1OhUALJu4fCGOGr
oE9pEvoWZRp+GOTBrTXxf3cEN5OChyhMr0qnZZbDAeFZOtaN4rjTuIH7nONDKkC2
DszWuwTBPJ+p8048Qq8MaAjM08s5sUmvmiWA7zZbtk4RY0coci5W/uf4pnjjB0A/
ZfcpBQIuSxFacAD8aDOv8SEb/OQtX1oAlptGcUTpNS12xgs/sOhF3qqqXg3/OX6I
VK1ffvc2GQd3Ovmu82e7WgFkt031foVPe0kuj0W9zPYvjiLFL2xCBxP6TGn1iLDI
DOMocZTRVFDZP+8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAg+jU0OWHYuUW6LE9
qkKml7vH8EEeSVmZF82p6YdOxEQMPfhdoNKcLlDWXMPlAk9+areItd7hjhMJj0N1
SZr8+3NeEx8Yde4h21j/MSQNmOkXUppYxXFeFylA4R0EVOFxZs5mrMbaeSn7e11j
E7zUku78dTGKDCKuQLzdvywDHzo260f8CKOJ02XaWYeuVDyziCWO+HpAhdUKHJBy
pQH+TZB+jjbs5dfCaQYUZetmqYWPECx19ZcP39MocsUHveIXJ5gmBLKjU2BqT07C
0dfh38tYazsl1NeblDksKvSOSNdpwfI0DFfMvLE3OY1BiDy/0rLwOSQeKI8kHT3C
+kdkjw==
-----END CERTIFICATE-----
demo/m3/cert.crt deleted 100644 → 0
View file @ df77b6a2
-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyMzA5MDU1NVoXDTEzMDcyMzA5MDU1NVowDzENMAsG
A1UEAxMEMi8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKqbrhL/
yPlfnh+floUyX9yjk61fXzQD/FymcypFcs+6cNyOxzx2o1JiLOh9ETb9tXrsZ+ZC
pj21Sy/+aEWtAbrRwtLeomU+AbOKB3r3Ln5TnCXc4YFOVuul+yNz6pRrO0qtV5Fx
vmHFynpojPnWOPkIhEXYgnBvpHouDvM/u3Ljs0aGGNgb2BNwnZfncQwtmsaoekCe
V0aao3cxbkg6OmQKVbjfdUb9ditHhv8T4ssNo89UVwfnOsdM60kLhqMNbyI0b51X
s5/TwRxHzNr3i15DeAMKUm534zrnU99z6ba6WnSmLANPR43h3otsljJtU7XHUt3Q
J6CkynVfHclUhvECAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgd4aA37+Rhcw0CCt
3sci74/oN5WZz7zNGhHEkZXTuLCm64h1Z74U0aHO24Kje/fhyha8+3hBXJCHre3V
rDgWQfmZZ+NBwSpo94KNqs4gidBUf1ihEswCTz2qnoJovNjsMUJjUUhiJre8zjag
bbjET40XSBxbmf420tU0q6/hYTN1rboEFIu35QVjH+Gaw35BYSqUUzAyxk1eTEDe
EbxtMvBXCYE2TMKhdTwXa5Rj3oUsirwvKVpre/nmBLdTlXleEP1ALf9RAHCn9XzV
4rzIiGy4zJtgQLBRh66OlweGC+LUSQc2GRDqBBTo5yGnBckkaw3tCIVT4sMJP4mZ
ja8FPA==
-----END CERTIFICATE-----
demo/m4/cert.crt deleted 100644 → 0
View file @ df77b6a2
-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyNTA1MjkyNloXDTEzMDcyNTA1MjkyNlowDzENMAsG
A1UEAxMENi8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANtC8H6a
Sr79bS+kg8UtNLoQy/mSGjfMMvA8k069mTzzYQ1+0SUadVN00sdEjOEz+HoyhM55
ipBjFhTUCe9A5RSGiMwaaxB9v/dsDqBpuUSXE8APPlEQkhFlGLjlE6OsmGI5mbiZ
VL/gRZ/jigxjcYuekNkB0Vc2HLu1Mka6UksprVk/C0jMSowqRheMQtqH5BmjgLiB
TCx24on8eysPRwuAZ2gIOEs6z0k13jhzoDyp3GGBV1JbREE1GBiN97h9bTeC/ivV
f1kqqioAG6QwdlZvhwo5Q9sVWmHIw/qDgXWYV1CCIsMFsIdmNVejaSiYUI3hm9/o
t9uCAMSlpSIFzY0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAslE24ttNqKNc2Bea
wIwqii1YKSvLxLtN5aXpvj+sFwcfAcjgGc4ccputqknETKUIAZ6WcbnK3gYnx5ya
HYBS5MiJuZh4FWqrSwJLEIo36pTZvYQx8KVEu2P/lOaokzPrXp5a8Lq+bw7EdCQH
1PjK8qo11trZT4thei5lPR0HxFgDexAPQ8CwOhAXb51xIIwWXdAGla7x3MPwf7Xo
R0YNR/zjm1UGb2DMT4vzPoPSjgZNf2Gg2DfqdtcpUlzd8sMyH6c+iiR8qe/7Lpzt
KGE/vo0VZVbKrANbrfdqrn8ZQV7yB+zXlCEWfqfBy+9NymF5uncJcKHSlhmClCuR
VH8hMw==
-----END CERTIFICATE-----
demo/m5/cert.crt deleted 100644 → 0
View file @ df77b6a2
-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyMDAyNTc0NFoXDTEzMDcyMDAyNTc0NFowDzENMAsG
A1UEAxMEMS8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOXp2VvO
sIpiLl6da9dRvuxjfDHY5yQOlj4DrN/zrVwVM5Wl+4mwafbORmY5d6vLNSLgvu1s
jdlRe0herBzs707YcN/z9XTk+mfxyy1vhWVl9LeqBRLMgoTGYHMLyuKIT6xVFlHd
ECfsC2vjLBzKPjmMSduTjsxkAjm72dfOw51+KJ7Nd0kAeevR7H882Z6yPfvUOuPC
zEQhqAurV0ujuUqjVFzx1OkZNS1yme3cMJWXfg11JpFYIwc9G641vzrAfiOtQnjd
gq0v2eHJMmphLB0cXvf5wop41r5ClxEi/YgZfak5FLNjh5G0uJSG3si1rl4CCTnc
Hz6G1YMCnto8FMkCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAXIVyAqtoy0239HSc
zENpdWL9tmCiYk3sgBqAhmBtxBVOvflcLhA8IIEaiI07LOHXfIZVxkX1D6agFc4B
R/lltDVnjglGa9L7R5eFF9BtlCXyM+bBYzMnCH7yyw4TNspZg2quaOyFETb46pNL
g5FwMZxxtWb2+ehROBnk3VtuDA/0vLW3qQMf8dArtObsp4uj2ZAjUJ9+liBbwsar
wTPVCqnohPFNwEG0g67D5yHD5WinJpRJ7X12m853oSNz6C1Pcna1yb3u9zKOAto5
Iue82Lm/e0U2xPBegIgwwQFbSuAr1HUnmFiV2/KoNW8tFnjYoXRy5nPXoHiCMyCE
jreVUg==
-----END CERTIFICATE-----
demo/m6/cert.crt deleted 100644 → 0
View file @ df77b6a2
-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyMDAyNTUzM1oXDTEzMDcyMDAyNTUzM1owDzENMAsG
A1UEAxMEMC8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/J8RTg
KmHHsrhx70VJUHQx+tlwoRT9glnSUeFquJwN0sfRs/u9ZaPnwDhwBNOEKBXw1ict
HCqnVJ4DxxgkOcdTftibFEXIdUdtMLEehrfbzZ7jJhbNHzkBsP2DfdISNP/tH09O
EYuNfvfkL8BdJqi2Yc6Fi+V4DpYX9ByjJZQdAFh8ROG71eyheWImw/XJ7Bpu3FLj
xyAMDl7+aLNgj8VCHlxIha5PSEpYyQqhyUXKM4bFI6KrT/1Zx+rkzJ0uP6j6iBPI
UWqktTCvOfyjUYHNv8GjsKT/6bWimj3rPOoPaEDcmIqhA0GdPLuOUkh1lm+PjM0N
7If0U7Hy4ZlBLLUCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAGkI/qlb9SYsbt+zG
MO+ThK17borBkf/HQ8KXJ535xx9KwmEqYo9DqKz8YVm+Cvg1KigyQLoBEx09yGJ7
mvUL8ZC5Q1ag/XgQ0g2+ickaiJ4zkVBCbAi4iykdEjvP5RvZqYMx3l70WcEJKnZB
alP4rXcbfQqCnuan5YNBjgkAZVzn4zyvlUVT0DKqHksJzL38WURmopocD2vocsqk
kPfJDDcaNE+JmHKW1W8CJDy98Eki6yVPcsjeZ+RSxgx5U/xfVYS8AOF2aB0ZcXwd
nH6joJWMUIu/R05of+a7XJGXGR86PMj0XqcwMx4/OlNxXbMgVnAwAb5Xm6auXHdP
dchlKQ==
-----END CERTIFICATE-----
demo/registry/cert.crt deleted 100644 → 0
View file @ df77b6a2
-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyNTA1MzIyOFoXDTEzMDcyNTA1MzIyOFowDzENMAsG
A1UEAxMEOC8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKrSdByu
pjlYwmw+OEcqHkZ9kNf4NFZjwxOojfJcPoC+pelK/IRxDPnZD5nLgxfFSTzQfLBn
QzzMzexzWmPj2ux3p2nhjT5/Sot40zJa6cJycLg3/g9nOZpFlhDEpyqF92KNIuY2
/r4gMZiDiRZNeyY52lnWVTjehGmYizpBU0KoSSVVSTbUJ5tA7l4bbqitb1nv9m6l
fKF/y1C7TfIbHKDRYOk6nnhOEdJxDkvPfSg61qF9UHM3EyPOZ7gq73gPOct59ccL
0v8+tENGtg49X2W/Hlx2OMd+XJHW2nmyvoWlDq9Z1bavuupwlI2bOhOIL309+BpT
JStHWyWE6Sv4088CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAoYRNTBilhwVWOl4R
xaGMtzAKs3FnYjxmh/1AZf0dFIKRPbJ+0fHrwF57oJCXGopgnbcKzqFVzg5XKhZN
09GynKpP0q7d94G077GW4e5XbNnneXs+oEYM9dVRZ2rWdWF4rHNjT6yRxH7Nimw/
9iw2r8fjdidl83zWdhGozBG5AlzuH+i1X88fKBYAR5u6m/HPm5HMUm1o3TgLB3Dt
3C6gyAKRGnvoK9B/RoeloR0Jwz4b5laPoSbH1TotJPLZEjiz8/jFbdG9xmzgS+BM
ciO5NpreBCOrRB9Z7qHf1gX2iRO4mChN7CfWQYVsr5HVqiNmeBQxDkbPx/PomRLT
rlyT1Q==
-----END CERTIFICATE-----
demo/registry/re6st-registry.conf
View file @ 667831ff
db registry/registry.db db registry/registry.db
ca ca.crt ca ca.crt
key registry/ca.key key registry/ca.key
private 2001:db8:42:8::1 private 2001:db8:42::1
logfile registry/registry.log logfile registry/registry.log
demo/registry/registry.sql
View file @ 667831ff
...@@ -21,169 +21,132 @@ INSERT INTO "cert" VALUES('000000001',NULL,NULL); ...@@ -21,169 +21,132 @@ INSERT INTO "cert" VALUES('000000001',NULL,NULL);
INSERT INTO "cert" VALUES('0000000001',NULL,NULL); INSERT INTO "cert" VALUES('0000000001',NULL,NULL);
INSERT INTO "cert" VALUES('00000000001',NULL,NULL); INSERT INTO "cert" VALUES('00000000001',NULL,NULL);
INSERT INTO "cert" VALUES('000000000001',NULL,NULL); INSERT INTO "cert" VALUES('000000000001',NULL,NULL);
INSERT INTO "cert" VALUES('0000000000000000','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE----- INSERT INTO "cert" VALUES('0000000000001',NULL,NULL);
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE INSERT INTO "cert" VALUES('0000000000000111',NULL,NULL);
AwwGVlBOIENBMB4XDTEyMDcyMDAyNTUzM1oXDTEzMDcyMDAyNTUzM1owDzENMAsG INSERT INTO "cert" VALUES('0000000000000000','re6st@example.com','-----BEGIN CERTIFICATE-----
A1UEAxMEMC8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/J8RTg MIICwTCCAakCAQAwDQYJKoZIhvcNAQEFBQAwPjEaMBgGA1UEAwwRcmU2c3QuZXhh
KmHHsrhx70VJUHQx+tlwoRT9glnSUeFquJwN0sfRs/u9ZaPnwDhwBNOEKBXw1ict bXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEXJlNnN0QGV4YW1wbGUuY29tMB4XDTEy
HCqnVJ4DxxgkOcdTftibFEXIdUdtMLEehrfbzZ7jJhbNHzkBsP2DfdISNP/tH09O MDkwNjEyNDU0NloXDTEzMDkwNjEyNDU0NlowDzENMAsGA1UEAxMEMC8xNjCCASIw
EYuNfvfkL8BdJqi2Yc6Fi+V4DpYX9ByjJZQdAFh8ROG71eyheWImw/XJ7Bpu3FLj DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKrSdByupjlYwmw+OEcqHkZ9kNf4
xyAMDl7+aLNgj8VCHlxIha5PSEpYyQqhyUXKM4bFI6KrT/1Zx+rkzJ0uP6j6iBPI NFZjwxOojfJcPoC+pelK/IRxDPnZD5nLgxfFSTzQfLBnQzzMzexzWmPj2ux3p2nh
UWqktTCvOfyjUYHNv8GjsKT/6bWimj3rPOoPaEDcmIqhA0GdPLuOUkh1lm+PjM0N jT5/Sot40zJa6cJycLg3/g9nOZpFlhDEpyqF92KNIuY2/r4gMZiDiRZNeyY52lnW
7If0U7Hy4ZlBLLUCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAGkI/qlb9SYsbt+zG VTjehGmYizpBU0KoSSVVSTbUJ5tA7l4bbqitb1nv9m6lfKF/y1C7TfIbHKDRYOk6
MO+ThK17borBkf/HQ8KXJ535xx9KwmEqYo9DqKz8YVm+Cvg1KigyQLoBEx09yGJ7 nnhOEdJxDkvPfSg61qF9UHM3EyPOZ7gq73gPOct59ccL0v8+tENGtg49X2W/Hlx2
mvUL8ZC5Q1ag/XgQ0g2+ickaiJ4zkVBCbAi4iykdEjvP5RvZqYMx3l70WcEJKnZB OMd+XJHW2nmyvoWlDq9Z1bavuupwlI2bOhOIL309+BpTJStHWyWE6Sv4088CAwEA
alP4rXcbfQqCnuan5YNBjgkAZVzn4zyvlUVT0DKqHksJzL38WURmopocD2vocsqk ATANBgkqhkiG9w0BAQUFAAOCAQEABWrPo8k4BCbRoZnGTZtlO5fyeDDK97u7gyjZ
kPfJDDcaNE+JmHKW1W8CJDy98Eki6yVPcsjeZ+RSxgx5U/xfVYS8AOF2aB0ZcXwd RXVP0bxk3FrCRXW3cWtqkZQjlxOxQ99doT6stnJiaRiLwBlI6JSjfRS2/xb4aS8h
nH6joJWMUIu/R05of+a7XJGXGR86PMj0XqcwMx4/OlNxXbMgVnAwAb5Xm6auXHdP 12PhehzrrQhF33/JVV378JptCjPV70goKct3PB3g4lxQDNmpS2bHnpZjdfQkR33q
dchlKQ== RWdYdUtEyF4Kmi0D0fzTQEwcVWpSwjpyxW1nVBSstIlg/qLpzXQYkfYu4/2M/17z
n0w5o4DuuDEr2cOSbqa1rp06IJkHc0B2bjeCbnkQXp2x5HBrZHel12AzujGHE83R
7yTyU7SkjpQJs0DH2uw2admvCaduf8tszZ2UXrbO9r+frK44PQ==
-----END CERTIFICATE----- -----END CERTIFICATE-----
'); ');
INSERT INTO "cert" VALUES('0000000000000001','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE----- INSERT INTO "cert" VALUES('0000000000000001','foo@example.com','-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE MIICwTCCAakCAQAwDQYJKoZIhvcNAQEFBQAwPjEaMBgGA1UEAwwRcmU2c3QuZXhh
AwwGVlBOIENBMB4XDTEyMDcyMDAyNTc0NFoXDTEzMDcyMDAyNTc0NFowDzENMAsG bXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEXJlNnN0QGV4YW1wbGUuY29tMB4XDTEy
A1UEAxMEMS8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOXp2VvO MDkwNjEyNDY1OVoXDTEzMDkwNjEyNDY1OVowDzENMAsGA1UEAxMEMS8xNjCCASIw
sIpiLl6da9dRvuxjfDHY5yQOlj4DrN/zrVwVM5Wl+4mwafbORmY5d6vLNSLgvu1s DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMBm39B1mHqMnb31Eig/FhcWJOva
jdlRe0herBzs707YcN/z9XTk+mfxyy1vhWVl9LeqBRLMgoTGYHMLyuKIT6xVFlHd AMfYwrxcuLWfM0orX+4M0Qj3Loqpg7Cktzj7TOMCxhdw7cTyoVTAQX0RVFk+jmsY
ECfsC2vjLBzKPjmMSduTjsxkAjm72dfOw51+KJ7Nd0kAeevR7H882Z6yPfvUOuPC OD7RGZGUB7Wa3+DG/vhEbPcq5SuQMls/VhNOhw1clgBGDg6bprdNyTJGVlxAzioZ
zEQhqAurV0ujuUqjVFzx1OkZNS1yme3cMJWXfg11JpFYIwc9G641vzrAfiOtQnjd h9m20RHjEiZFiFjd5EZrUUnV6PNAXS4SNF9GQ360Pfh+/agGliCM9XBRq2zqD0+b
gq0v2eHJMmphLB0cXvf5wop41r5ClxEi/YgZfak5FLNjh5G0uJSG3si1rl4CCTnc my5RwYKMGvQeeQsK5K4O2PAivel87YGtGQtqfXaKDpVXRxCUPyBj/irSE2xv/IL3
Hz6G1YMCnto8FMkCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAXIVyAqtoy0239HSc BiMTR2FEUegzPtGs1ryBXx9bls6D6Y6v9+KtKHs4icADtKRyUN/AKhUOafcCAwEA
zENpdWL9tmCiYk3sgBqAhmBtxBVOvflcLhA8IIEaiI07LOHXfIZVxkX1D6agFc4B ATANBgkqhkiG9w0BAQUFAAOCAQEAE66CsCulIbugAKWTKCACnvDvcbBBjRZooPnQ
R/lltDVnjglGa9L7R5eFF9BtlCXyM+bBYzMnCH7yyw4TNspZg2quaOyFETb46pNL JYnqVrNUFFvpuwpdAD1ke5mfvjCwDhE+eFPuWAFJfy7HHdRtA+aK8lMQld8hr0sh
g5FwMZxxtWb2+ehROBnk3VtuDA/0vLW3qQMf8dArtObsp4uj2ZAjUJ9+liBbwsar enfwlpOuxNSbxqHMlnZ9vKVE2Zrw87dl6W4fDqpDlWSvtoKfiYBa6MRg3IdAMoDI
wTPVCqnohPFNwEG0g67D5yHD5WinJpRJ7X12m853oSNz6C1Pcna1yb3u9zKOAto5 4+fA6AIbxdiNNXw7BvNwma4PGEpsqD3wE4/xNrVpbXc+d20N8Xhexf6NFtTlwwQh
Iue82Lm/e0U2xPBegIgwwQFbSuAr1HUnmFiV2/KoNW8tFnjYoXRy5nPXoHiCMyCE XNayeySHlZMk41CMnjbk9tMSr1HAQVYYA/Wf1Ryy3Nz46nawYFMtdafRTj/Xzs6A
jreVUg== tDtF1kiAUNECGbjLY0xTKm5kWCyl1bIFFcXQu8z3aHZk9UzBRQ==
-----END CERTIFICATE----- -----END CERTIFICATE-----
'); ');
INSERT INTO "cert" VALUES('0000000000000010','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE----- INSERT INTO "cert" VALUES('0000000000000010','foo@example.com','-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE MIICwTCCAakCAQAwDQYJKoZIhvcNAQEFBQAwPjEaMBgGA1UEAwwRcmU2c3QuZXhh
AwwGVlBOIENBMB4XDTEyMDcyMzA5MDU1NVoXDTEzMDcyMzA5MDU1NVowDzENMAsG bXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEXJlNnN0QGV4YW1wbGUuY29tMB4XDTEy
A1UEAxMEMi8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKqbrhL/ MDkwNjEyNDcxMVoXDTEzMDkwNjEyNDcxMVowDzENMAsGA1UEAxMEMi8xNjCCASIw
yPlfnh+floUyX9yjk61fXzQD/FymcypFcs+6cNyOxzx2o1JiLOh9ETb9tXrsZ+ZC DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPfcxv4aS8vmvC5hgXQx/51lviKt
pj21Sy/+aEWtAbrRwtLeomU+AbOKB3r3Ln5TnCXc4YFOVuul+yNz6pRrO0qtV5Fx 9BaBDUr9EPwxvJoyWwDjINRhcxhXg1OhUALJu4fCGOGroE9pEvoWZRp+GOTBrTXx
vmHFynpojPnWOPkIhEXYgnBvpHouDvM/u3Ljs0aGGNgb2BNwnZfncQwtmsaoekCe f3cEN5OChyhMr0qnZZbDAeFZOtaN4rjTuIH7nONDKkC2DszWuwTBPJ+p8048Qq8M
V0aao3cxbkg6OmQKVbjfdUb9ditHhv8T4ssNo89UVwfnOsdM60kLhqMNbyI0b51X aAjM08s5sUmvmiWA7zZbtk4RY0coci5W/uf4pnjjB0A/ZfcpBQIuSxFacAD8aDOv
s5/TwRxHzNr3i15DeAMKUm534zrnU99z6ba6WnSmLANPR43h3otsljJtU7XHUt3Q 8SEb/OQtX1oAlptGcUTpNS12xgs/sOhF3qqqXg3/OX6IVK1ffvc2GQd3Ovmu82e7
J6CkynVfHclUhvECAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgd4aA37+Rhcw0CCt WgFkt031foVPe0kuj0W9zPYvjiLFL2xCBxP6TGn1iLDIDOMocZTRVFDZP+8CAwEA
3sci74/oN5WZz7zNGhHEkZXTuLCm64h1Z74U0aHO24Kje/fhyha8+3hBXJCHre3V ATANBgkqhkiG9w0BAQUFAAOCAQEAGeF6uzYKGErAHqFNLwP+kBuMiNBtsprrw3q/
rDgWQfmZZ+NBwSpo94KNqs4gidBUf1ihEswCTz2qnoJovNjsMUJjUUhiJre8zjag ZGzuf19KO+6kKdL0ruxr1A82QVuoJTndJF13xuqocBIy4xKxNYR2IkK2NJuNh+XS
bbjET40XSBxbmf420tU0q6/hYTN1rboEFIu35QVjH+Gaw35BYSqUUzAyxk1eTEDe GAXekoO3WJFaIkuYL65td0hBpNGrxhkh67lEx8hvJU0aCoLJsvBg28T4+PHXczHN
EbxtMvBXCYE2TMKhdTwXa5Rj3oUsirwvKVpre/nmBLdTlXleEP1ALf9RAHCn9XzV 3bJ8zWpKUSbK56PJkj8p0r05I2HnGzXFcg06rb+lbLQqRLls+oLnL94094t/mQJi
4rzIiGy4zJtgQLBRh66OlweGC+LUSQc2GRDqBBTo5yGnBckkaw3tCIVT4sMJP4mZ VpUFjfMgz3kQfFHDo32R2+6nn5lq7Vx33Gdj9ts9bER1ckoD5Z0mZ3soDM3am/RC
ja8FPA== XJwpfQom2qGZNH2dBbI/8eHkZ8Zj7RQgAR2PU+6jfz9Ut9lYLg==
-----END CERTIFICATE----- -----END CERTIFICATE-----
'); ');
INSERT INTO "cert" VALUES('0000000000000011','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE----- INSERT INTO "cert" VALUES('0000000000000011','bar@example.com','-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE MIICwTCCAakCAQAwDQYJKoZIhvcNAQEFBQAwPjEaMBgGA1UEAwwRcmU2c3QuZXhh
AwwGVlBOIENBMB4XDTEyMDcyMzA5MTI1NFoXDTEzMDcyMzA5MTI1NFowDzENMAsG bXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEXJlNnN0QGV4YW1wbGUuY29tMB4XDTEy
A1UEAxMEMy8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxbk6ar MDkwNjEyNDc1MloXDTEzMDkwNjEyNDc1MlowDzENMAsGA1UEAxMEMy8xNjCCASIw
FjOD6Vs9niPErCVxq5CBw1lo43CQ0W7CWsJoOGBLd+HikqXTTThQIJPdZdIOh8WE DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKqbrhL/yPlfnh+floUyX9yjk61f
UzAhnlgPtU+kPw4mx6BW3IU09VYQTTEGzxR1TAKqi29dkImD5NwzFuWAMtOpcIwd XzQD/FymcypFcs+6cNyOxzx2o1JiLOh9ETb9tXrsZ+ZCpj21Sy/+aEWtAbrRwtLe
B9SWfzZ5Uan9vCCvNopY7eC5Jkp7fd0u0oIalxCaGupCGCfQbqFSEQ2hJ5EjFwbR omU+AbOKB3r3Ln5TnCXc4YFOVuul+yNz6pRrO0qtV5FxvmHFynpojPnWOPkIhEXY
zn4bnU3E5ZDDGx3EPc8XskWjleCpfABOYgxMsIVwsHCkfvtS9p9AwBgL3cZov0zt gnBvpHouDvM/u3Ljs0aGGNgb2BNwnZfncQwtmsaoekCeV0aao3cxbkg6OmQKVbjf
8h5z1A+/41slYF65g9RO1oYEv/XVhbMhEHeggmS+zSRRXXilbkflD5osnqCsm3EG dUb9ditHhv8T4ssNo89UVwfnOsdM60kLhqMNbyI0b51Xs5/TwRxHzNr3i15DeAMK
MxjkTTnjcnHungMCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAQLggkWCh2d6t5t2r Um534zrnU99z6ba6WnSmLANPR43h3otsljJtU7XHUt3QJ6CkynVfHclUhvECAwEA
vrqYMi9o4nAfcDtwK/mV0j96wqh4Xi1OMVmTScRGxKMdK6SaMsYaY6A+pPd9oRDX ATANBgkqhkiG9w0BAQUFAAOCAQEAV/YApyKcnlWGUZl+RJxyT58Db3Wzgj223GVb
Neypd7+Dvc7uC+kxrdii2nff+AE6RwS0AylrDwmjgBt5wruGO6DU4j/2l7a76KHJ zXwx2e5cGl1ENIouDriLks9CydRifNhL2oU1SVuwHYRcQfhXukRuUXQHUjmILhSy
uyd1SrQy+gK2PeJwHI6FCUUU9RVJEQIYb2KdNmnvAQvyw0NQjRhGWqw1sVquPZaZ t+lhgQabanZ89swEEdefQi7LQ1f2N/gwe9PHmazerllW8VAf/Vgb8jukhSWObve7
s7gZSNSvKdXw/9FjN5kF3LtBBfMdoXJbNMLy5Pb4awowmrWLKWHptMfsbX+sWVY2 JeTlfkcvKdfqTOFHHnrHSUNiCkIIEbHL4jKP8DFZb3UCFG0shoLrJz7ve68hzoKq
SeSpedohuRb3rFzo8jZqbc1oKDqM1pyYadXopKl7TMzltFGRnW00uJ32KuSK+ckj u7yAYtNg3W90rwUJ5Djs03BGDVTQm/GnNIpeBzbnyaoyq7nkvnurRkgKGS98dbhQ
T/3h7Q== qS36+1DwuPlUl9IJsAW3kwvxEgu/lZbwXf+30oaVzJVRAjGx4A==
-----END CERTIFICATE----- -----END CERTIFICATE-----
'); ');
INSERT INTO "cert" VALUES('0000000000000100','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE----- INSERT INTO "cert" VALUES('0000000000000100','bar@example.com','-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE MIICwTCCAakCAQAwDQYJKoZIhvcNAQEFBQAwPjEaMBgGA1UEAwwRcmU2c3QuZXhh
AwwGVlBOIENBMB4XDTEyMDcyNTA1MjczMFoXDTEzMDcyNTA1MjczMFowDzENMAsG bXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEXJlNnN0QGV4YW1wbGUuY29tMB4XDTEy
A1UEAxMENC8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOQojOvz MDkwNjEyNDgwM1oXDTEzMDkwNjEyNDgwM1owDzENMAsGA1UEAxMENC8xNjCCASIw
vmlyLp4IlahST3CEI121TuRpsscFT5ojapFwKLtcQkYFNo+IsXqrSNXQV4IC1yNx DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANtC8H6aSr79bS+kg8UtNLoQy/mS
7Q2U7KCpPkI4iNjip7xYmaEUWG34TirOnwBBYx83jqthuJG+m+Gctq2OeUA8EXAQ GjfMMvA8k069mTzzYQ1+0SUadVN00sdEjOEz+HoyhM55ipBjFhTUCe9A5RSGiMwa
oJO/gcD0OFxu32xLkqH8gq843EfRVBTs5mQuiHmc+zXVjtIfAPEwFNx0TaSUmDxo axB9v/dsDqBpuUSXE8APPlEQkhFlGLjlE6OsmGI5mbiZVL/gRZ/jigxjcYuekNkB
EmQjcgDsASMobendRMx76L8fkCoRPbo0D9RcqrWb5wBj+WdT9uZYuRXEpP0W1Lv6 0Vc2HLu1Mka6UksprVk/C0jMSowqRheMQtqH5BmjgLiBTCx24on8eysPRwuAZ2gI
c0sMNXHh2Z/zKDn2u/+6lczt9VHAK4MPtqcs7EkkFkSk+ZOiXkKwapvXFXGf1mEy OEs6z0k13jhzoDyp3GGBV1JbREE1GBiN97h9bTeC/ivVf1kqqioAG6QwdlZvhwo5
Be/mPc/OaPrchhECAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAEa4AdPFGhvgXZiGj Q9sVWmHIw/qDgXWYV1CCIsMFsIdmNVejaSiYUI3hm9/ot9uCAMSlpSIFzY0CAwEA
s/vLV+cCWoSw7/oxjYhJuGvKcyk/tQ9N3KwI7tH8WuNR6R53StP1L+k8Jn+wszIP ATANBgkqhkiG9w0BAQUFAAOCAQEAXeroStBs1o805hh8ICakCxdxqPXRTtSoXK4z
rVrMto367kgLr5eFnDC9aLUZKzqaaz/BdyPJ+pdxTWlzBJ8Ey/8epMtD4dggDw69 590x7epWsGMC0NeMVi+UxMrs0GgrYCPATBj3/dFX/utbk/qL4rRwlCJOqBRgSxqQ
nXni9KKchTwLZT3kgWbrvGuCm+Td/lwF1PAmauz9PZm1BXoy4MA0yAyh8LjQYF4j QGRbIQ/5Dj/9kVxkSnWLynSjur3VUHtlG7XRU9mxHP9sUJYj+nm7ZDzJcBO0A8fH
j8yohYR8fOtTbMCiubbLMy+QA7OIe5iiOGI6nNksiLY7ADgfkkB4kMw7uQe3EYnb NU08pm0RvtkqiS+MYR1VjeHpaXbLPn3kMXZjogPRCbyJ8/oY8uAjPN7DCMjc1cuz
B8Y7Axamnw1+iC+5iYv5TVZpbtwktkP9LQcZ1HIq8gLLxagcOvysiDgQpddIUhkf jMzpA8nGWSXfDKfgtsFRNFcHEf1ozGH9aqtBUtWTNysb2zyMV4NpQ8R0R6UjgJpf
WBZmZQ== 8eW1huxWm9bSD8PzCzaCApThGN89dvayTVibXaZVtNT0sZaBrw==
-----END CERTIFICATE----- -----END CERTIFICATE-----
'); ');
INSERT INTO "cert" VALUES('0000000000000101','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE----- INSERT INTO "cert" VALUES('0000000000000101','baz@example.com','-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE MIICwTCCAakCAQAwDQYJKoZIhvcNAQEFBQAwPjEaMBgGA1UEAwwRcmU2c3QuZXhh
AwwGVlBOIENBMB4XDTEyMDcyNTA1Mjg1NloXDTEzMDcyNTA1Mjg1NlowDzENMAsG bXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEXJlNnN0QGV4YW1wbGUuY29tMB4XDTEy
A1UEAxMENS8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPfcxv4a MDkwNjEyNDgxOVoXDTEzMDkwNjEyNDgxOVowDzENMAsGA1UEAxMENS8xNjCCASIw
S8vmvC5hgXQx/51lviKt9BaBDUr9EPwxvJoyWwDjINRhcxhXg1OhUALJu4fCGOGr DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOXp2VvOsIpiLl6da9dRvuxjfDHY
oE9pEvoWZRp+GOTBrTXxf3cEN5OChyhMr0qnZZbDAeFZOtaN4rjTuIH7nONDKkC2 5yQOlj4DrN/zrVwVM5Wl+4mwafbORmY5d6vLNSLgvu1sjdlRe0herBzs707YcN/z
DszWuwTBPJ+p8048Qq8MaAjM08s5sUmvmiWA7zZbtk4RY0coci5W/uf4pnjjB0A/ 9XTk+mfxyy1vhWVl9LeqBRLMgoTGYHMLyuKIT6xVFlHdECfsC2vjLBzKPjmMSduT
ZfcpBQIuSxFacAD8aDOv8SEb/OQtX1oAlptGcUTpNS12xgs/sOhF3qqqXg3/OX6I jsxkAjm72dfOw51+KJ7Nd0kAeevR7H882Z6yPfvUOuPCzEQhqAurV0ujuUqjVFzx
VK1ffvc2GQd3Ovmu82e7WgFkt031foVPe0kuj0W9zPYvjiLFL2xCBxP6TGn1iLDI 1OkZNS1yme3cMJWXfg11JpFYIwc9G641vzrAfiOtQnjdgq0v2eHJMmphLB0cXvf5
DOMocZTRVFDZP+8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAg+jU0OWHYuUW6LE9 wop41r5ClxEi/YgZfak5FLNjh5G0uJSG3si1rl4CCTncHz6G1YMCnto8FMkCAwEA
qkKml7vH8EEeSVmZF82p6YdOxEQMPfhdoNKcLlDWXMPlAk9+areItd7hjhMJj0N1 ATANBgkqhkiG9w0BAQUFAAOCAQEAoMxpg9CQYFTv6aOaNmblgy/etBQDSZK5bDhp
SZr8+3NeEx8Yde4h21j/MSQNmOkXUppYxXFeFylA4R0EVOFxZs5mrMbaeSn7e11j j33e/xoEPTNxGvkZ+966uXF9pxVz21uUcTJjlOdSzWnN8xIBXjkubOLX9khJoZc7
E7zUku78dTGKDCKuQLzdvywDHzo260f8CKOJ02XaWYeuVDyziCWO+HpAhdUKHJBy yhTMBOhyurtti5/keIR1LMypgz/Fsk72DnX01kkmzhp/C5m+cQIX+Y7uio7xIWTJ
pQH+TZB+jjbs5dfCaQYUZetmqYWPECx19ZcP39MocsUHveIXJ5gmBLKjU2BqT07C 516yftcDHIJgmzn7a6nu8G6oCuU1uhWwnUQCyniwodBGAOkhXptBp2CX9S6itz/4
0dfh38tYazsl1NeblDksKvSOSNdpwfI0DFfMvLE3OY1BiDy/0rLwOSQeKI8kHT3C SJT7estAjJYmkPGiZIsZg8z6VquHGEmG+TDP9qmbdlGrPshI11dnqF8B0ozeSNWN
+kdkjw== o1taiYL3UMPOORzgdDrPNe+W4l7BxHAF3ctJLa88PjbK39hhbw==
-----END CERTIFICATE----- -----END CERTIFICATE-----
'); ');
INSERT INTO "cert" VALUES('0000000000000110','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE----- INSERT INTO "cert" VALUES('0000000000000110','qux@example.com','-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE MIICwTCCAakCAQAwDQYJKoZIhvcNAQEFBQAwPjEaMBgGA1UEAwwRcmU2c3QuZXhh
AwwGVlBOIENBMB4XDTEyMDcyNTA1MjkyNloXDTEzMDcyNTA1MjkyNlowDzENMAsG bXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEXJlNnN0QGV4YW1wbGUuY29tMB4XDTEy
A1UEAxMENi8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANtC8H6a MDkwNjEyNDk1N1oXDTEzMDkwNjEyNDk1N1owDzENMAsGA1UEAxMENi8xNjCCASIw
Sr79bS+kg8UtNLoQy/mSGjfMMvA8k069mTzzYQ1+0SUadVN00sdEjOEz+HoyhM55 DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/J8RTgKmHHsrhx70VJUHQx+tlw
ipBjFhTUCe9A5RSGiMwaaxB9v/dsDqBpuUSXE8APPlEQkhFlGLjlE6OsmGI5mbiZ oRT9glnSUeFquJwN0sfRs/u9ZaPnwDhwBNOEKBXw1ictHCqnVJ4DxxgkOcdTftib
VL/gRZ/jigxjcYuekNkB0Vc2HLu1Mka6UksprVk/C0jMSowqRheMQtqH5BmjgLiB FEXIdUdtMLEehrfbzZ7jJhbNHzkBsP2DfdISNP/tH09OEYuNfvfkL8BdJqi2Yc6F
TCx24on8eysPRwuAZ2gIOEs6z0k13jhzoDyp3GGBV1JbREE1GBiN97h9bTeC/ivV i+V4DpYX9ByjJZQdAFh8ROG71eyheWImw/XJ7Bpu3FLjxyAMDl7+aLNgj8VCHlxI
f1kqqioAG6QwdlZvhwo5Q9sVWmHIw/qDgXWYV1CCIsMFsIdmNVejaSiYUI3hm9/o ha5PSEpYyQqhyUXKM4bFI6KrT/1Zx+rkzJ0uP6j6iBPIUWqktTCvOfyjUYHNv8Gj
t9uCAMSlpSIFzY0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAslE24ttNqKNc2Bea sKT/6bWimj3rPOoPaEDcmIqhA0GdPLuOUkh1lm+PjM0N7If0U7Hy4ZlBLLUCAwEA
wIwqii1YKSvLxLtN5aXpvj+sFwcfAcjgGc4ccputqknETKUIAZ6WcbnK3gYnx5ya ATANBgkqhkiG9w0BAQUFAAOCAQEAF05gZ8FLUoGhWHKtcsNfeAvxCd7iEGi3ilze
HYBS5MiJuZh4FWqrSwJLEIo36pTZvYQx8KVEu2P/lOaokzPrXp5a8Lq+bw7EdCQH GikZJVUOddgaMJO/WcCcusMmdl4vsXFNzitBv+ueIxCcIMLnjBOcvtOulq+H5aok
1PjK8qo11trZT4thei5lPR0HxFgDexAPQ8CwOhAXb51xIIwWXdAGla7x3MPwf7Xo ijt5SBfHOOmpKfzdOcg/Phhl0/oFiJtYAaYIZGGrEAAiG1iY6X/PJEWiiPgEaUKQ
R0YNR/zjm1UGb2DMT4vzPoPSjgZNf2Gg2DfqdtcpUlzd8sMyH6c+iiR8qe/7Lpzt F/y/sxy3syV9A1zZiVcEv1ju4adrXtJCyZN5giuR0VvEcyuA5PPpkTU1S8GaBf19
KGE/vo0VZVbKrANbrfdqrn8ZQV7yB+zXlCEWfqfBy+9NymF5uncJcKHSlhmClCuR ZHyZtobDw/6U+U64dYBfWpDdZ8bSJnaueufbgGsPIIteOBeZJJzPBHYivi6rq6rR
VH8hMw== syCrauaY43bjqe5i8ydsxVuW5CjBC4Us1/IVA7Ju7p7O9H6EeA==
-----END CERTIFICATE----- -----END CERTIFICATE-----
'); ');
INSERT INTO "cert" VALUES('0000000000000111','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyNTA1MzAwMVoXDTEzMDcyNTA1MzAwMVowDzENMAsG
A1UEAxMENy8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMBm39B1
mHqMnb31Eig/FhcWJOvaAMfYwrxcuLWfM0orX+4M0Qj3Loqpg7Cktzj7TOMCxhdw
7cTyoVTAQX0RVFk+jmsYOD7RGZGUB7Wa3+DG/vhEbPcq5SuQMls/VhNOhw1clgBG
Dg6bprdNyTJGVlxAzioZh9m20RHjEiZFiFjd5EZrUUnV6PNAXS4SNF9GQ360Pfh+
/agGliCM9XBRq2zqD0+bmy5RwYKMGvQeeQsK5K4O2PAivel87YGtGQtqfXaKDpVX
RxCUPyBj/irSE2xv/IL3BiMTR2FEUegzPtGs1ryBXx9bls6D6Y6v9+KtKHs4icAD
tKRyUN/AKhUOafcCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAOt3KUHqzkMTVsHvy
1AsD+pFwk+l0n8EF7zfACSSRLAWeh2uky8/1T0NSjIPDBwMC44m2n57QScno59mi
QCdI3eJGLHYeOOV/523vuQx3TULjoxEVhux3WkO/OrgRdRSGxyspnb9XR2ExrLXa
jwUkpa74kvFdC7n4UdSdhf5MC3CBOi8k8bs/fzIbj9oW+CtWebwe5dfBAKjHxjPy
s1PiWo8u4fp0D0ljznVEw2Z+HvfmtxKKoXMtz14fM+i05i6A70eFYWgzbv4cb1Fy
jyz1bgEdd9PUeikRRcpHNOYHQd79Q3f10wliqqxZXTB2bsdMD9NFmDnyIk4wEz3N
pAA5fw==
-----END CERTIFICATE-----
');
INSERT INTO "cert" VALUES('0000000000001000','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyNTA1MzIyOFoXDTEzMDcyNTA1MzIyOFowDzENMAsG
A1UEAxMEOC8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKrSdByu
pjlYwmw+OEcqHkZ9kNf4NFZjwxOojfJcPoC+pelK/IRxDPnZD5nLgxfFSTzQfLBn
QzzMzexzWmPj2ux3p2nhjT5/Sot40zJa6cJycLg3/g9nOZpFlhDEpyqF92KNIuY2
/r4gMZiDiRZNeyY52lnWVTjehGmYizpBU0KoSSVVSTbUJ5tA7l4bbqitb1nv9m6l
fKF/y1C7TfIbHKDRYOk6nnhOEdJxDkvPfSg61qF9UHM3EyPOZ7gq73gPOct59ccL
0v8+tENGtg49X2W/Hlx2OMd+XJHW2nmyvoWlDq9Z1bavuupwlI2bOhOIL309+BpT
JStHWyWE6Sv4088CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAoYRNTBilhwVWOl4R
xaGMtzAKs3FnYjxmh/1AZf0dFIKRPbJ+0fHrwF57oJCXGopgnbcKzqFVzg5XKhZN
09GynKpP0q7d94G077GW4e5XbNnneXs+oEYM9dVRZ2rWdWF4rHNjT6yRxH7Nimw/
9iw2r8fjdidl83zWdhGozBG5AlzuH+i1X88fKBYAR5u6m/HPm5HMUm1o3TgLB3Dt
3C6gyAKRGnvoK9B/RoeloR0Jwz4b5laPoSbH1TotJPLZEjiz8/jFbdG9xmzgS+BM
ciO5NpreBCOrRB9Z7qHf1gX2iRO4mChN7CfWQYVsr5HVqiNmeBQxDkbPx/PomRLT
rlyT1Q==
-----END CERTIFICATE-----
');
INSERT INTO "cert" VALUES('0000000000001001',NULL,NULL);
INSERT INTO "cert" VALUES('000000000000101',NULL,NULL);
INSERT INTO "cert" VALUES('00000000000011',NULL,NULL);
COMMIT; COMMIT;
re6st/plib.py
View file @ 667831ff
import errno import logging, errno, os, subprocess
import os from . import utils
import subprocess
import logging
import utils
here = os.path.realpath(os.path.dirname(__file__)) here = os.path.realpath(os.path.dirname(__file__))
ovpn_server = os.path.join(here, 'ovpn-server') ovpn_server = os.path.join(here, 'ovpn-server')
ovpn_client = os.path.join(here, 'ovpn-client') ovpn_client = os.path.join(here, 'ovpn-client')
ovpn_log = None
def openvpn(iface, hello_interval, encrypt, *args, **kw): def openvpn(iface, hello_interval, encrypt, *args, **kw):
args = ['openvpn', args = ['openvpn',
...@@ -17,9 +14,10 @@ def openvpn(iface, hello_interval, encrypt, *args, **kw): ...@@ -17,9 +14,10 @@ def openvpn(iface, hello_interval, encrypt, *args, **kw):
'--persist-key', '--persist-key',
'--script-security', '2', '--script-security', '2',
'--ping-exit', str(4 * hello_interval), '--ping-exit', str(4 * hello_interval),
'--log-append', os.path.join(log, '%s.log' % iface),
#'--user', 'nobody', '--group', 'nogroup', #'--user', 'nobody', '--group', 'nogroup',
] + list(args) ] + list(args)
if ovpn_log:
args += '--log-append', os.path.join(ovpn_log, '%s.log' % iface),
if not encrypt: if not encrypt:
args += '--cipher', 'none' args += '--cipher', 'none'
logging.debug('%r', args) logging.debug('%r', args)
...@@ -60,8 +58,8 @@ def client(iface, server_address, pipe_fd, hello_interval, encrypt, *args, **kw) ...@@ -60,8 +58,8 @@ def client(iface, server_address, pipe_fd, hello_interval, encrypt, *args, **kw)
return openvpn(iface, hello_interval, encrypt, *remote, **kw) return openvpn(iface, hello_interval, encrypt, *remote, **kw)
def router(network, subnet, subnet_size, interface_list, def router(network, subnet, subnet_size, hello_interval, log_path, state_path,
wireless, hello_interval, verbose, pidfile, state_path, **kw): pidfile, *args, **kw):
args = ['babeld', args = ['babeld',
'-C', 'redistribute local ip %s/%s le %s' % (subnet, subnet_size, subnet_size), '-C', 'redistribute local ip %s/%s le %s' % (subnet, subnet_size, subnet_size),
'-C', 'redistribute local deny', '-C', 'redistribute local deny',
...@@ -77,25 +75,18 @@ def router(network, subnet, subnet_size, interface_list, ...@@ -77,25 +75,18 @@ def router(network, subnet, subnet_size, interface_list,
#'-C', 'in ip ::/0 le %s' % network_mask, #'-C', 'in ip ::/0 le %s' % network_mask,
# Don't route other addresses # Don't route other addresses
'-C', 'in deny', '-C', 'in deny',
'-d', str(verbose),
'-h', str(hello_interval), '-h', str(hello_interval),
'-H', str(hello_interval), '-H', str(hello_interval),
'-L', os.path.join(log, 'babeld.log'), '-L', log_path,
'-S', state_path, '-S', state_path,
'-I', pidfile,
'-s', '-s',
] ] + list(args)
if pidfile:
args += '-I', pidfile
# WKRD: babeld fails to start if pidfile already exists # WKRD: babeld fails to start if pidfile already exists
else:
pidfile = '/var/run/babeld.pid'
try: try:
os.remove(pidfile) os.remove(pidfile)
except OSError, e: except OSError, e:
if e.errno != errno.ENOENT: if e.errno != errno.ENOENT:
raise raise
if wireless:
args.append('-w')
args = args + interface_list
logging.info('%r', args) logging.info('%r', args)
return subprocess.Popen(args, **kw) return subprocess.Popen(args, **kw)
re6st/tunnel.py
View file @ 667831ff
...@@ -268,7 +268,7 @@ class TunnelManager(object): ...@@ -268,7 +268,7 @@ class TunnelManager(object):
def handlePeerEvent(self): def handlePeerEvent(self):
msg, address = self.sock.recvfrom(1<<16) msg, address = self.sock.recvfrom(1<<16)
if not utils.binFromIp(address[0]).startswith(self._network): if not (msg or utils.binFromIp(address[0]).startswith(self._network)):
return return
code = ord(msg[0]) code = ord(msg[0])
if code == 1: # answer if code == 1: # answer
......
re6stnet
View file @ 667831ff
#!/usr/bin/env python #!/usr/bin/env python
import argparse, atexit, errno, logging, os import atexit, errno, logging, os, select
import select, signal, sqlite3, sys, time, traceback import signal, sqlite3, sys, time, traceback
from re6st import plib, utils, db, tunnel from re6st import plib, utils, db, tunnel
def ovpnArgs(optional_args, ca_path, cert_path, key_path):
# Treat openvpn arguments
if optional_args and optional_args[0] == "--":
del optional_args[0]
optional_args.append('--ca')
optional_args.append(ca_path)
optional_args.append('--cert')
optional_args.append(cert_path)
optional_args.append('--key')
optional_args.append(key_path)
return optional_args
def getConfig(): def getConfig():
parser = utils.ArgParser(fromfile_prefix_chars='@', parser = utils.ArgParser(fromfile_prefix_chars='@',
...@@ -46,21 +34,24 @@ def getConfig(): ...@@ -46,21 +34,24 @@ def getConfig():
" are other re6st node on the same network segment.") " are other re6st node on the same network segment.")
_ = parser.add_argument_group('routing').add_argument _ = parser.add_argument_group('routing').add_argument
_('--babel-pidfile', metavar='PID', _('-B', dest='babel_args', metavar='ARG', action='append', default=[],
help="Extra arguments to forward to Babel.")
_('--babel-pidfile', metavar='PID', default='/var/run/re6st-babeld.pid',
help="Specify a file to write our process id to" help="Specify a file to write our process id to"
" (option -I of Babel).") " (option -I of Babel).")
_('--babel-verb', default=0, metavar='LEVEL',
help="Log level of Babel (option -d of Babel).")
_('--hello', type=int, default=15, _('--hello', type=int, default=15,
help="Hello interval in seconds, for both wired and wireless" help="Hello interval in seconds, for both wired and wireless"
" connections. OpenVPN ping-exit option is set to 4 times the" " connections. OpenVPN ping-exit option is set to 4 times the"
" hello interval. It takes between 3 and 4 times the" " hello interval. It takes between 3 and 4 times the"
" hello interval for Babel to re-establish connection with a" " hello interval for Babel to re-establish connection with a"
" node for which the direct connection has been cut.") " node for which the direct connection has been cut.")
_('-w', '--wireless', action='store_true',
help="Assume all interfaces are wireless (option -w of Babel).")
_ = parser.add_argument_group('tunnelling').add_argument _ = parser.add_argument_group('tunnelling').add_argument
_('-O', dest='openvpn_args', metavar='ARG', action='append', default=[],
help="Extra arguments to forward to both server and client OpenVPN"
" subprocesses. Often used to configure verbosity.")
_('--ovpnlog', action='store_true',
help="Tell each OpenVPN subprocess to log to a dedicated file.")
_('--encrypt', action='store_true', _('--encrypt', action='store_true',
help='Specify that tunnels should be encrypted.') help='Specify that tunnels should be encrypted.')
_('--pp', nargs=2, action='append', metavar=('PORT', 'PROTO'), _('--pp', nargs=2, action='append', metavar=('PORT', 'PROTO'),
...@@ -87,9 +78,6 @@ def getConfig(): ...@@ -87,9 +78,6 @@ def getConfig():
" tunnel is closed if the number of client tunnels has reached" " tunnel is closed if the number of client tunnels has reached"
" its maximum number (client-count).") " its maximum number (client-count).")
_('openvpn_args', nargs=argparse.REMAINDER,
help="Use pseudo-argument '--' to forward positional arguments as extra"
" arguments to both server and client OpenVPN subprocesses.")
return parser.parse_args() return parser.parse_args()
...@@ -98,15 +86,19 @@ def main(): ...@@ -98,15 +86,19 @@ def main():
config = getConfig() config = getConfig()
network = utils.networkFromCa(config.ca) network = utils.networkFromCa(config.ca)
prefix = utils.binFromSubnet(utils.subnetFromCert(config.cert)) prefix = utils.binFromSubnet(utils.subnetFromCert(config.cert))
openvpn_args = ovpnArgs(config.openvpn_args, config.ca, config.cert, config.openvpn_args += (
config.key) '--ca', config.ca,
'--cert', config.cert,
'--key', config.key)
# Set logging # Set logging
utils.setupLog(config.verbose, os.path.join(config.log, 're6stnet.log')) utils.setupLog(config.verbose, os.path.join(config.log, 're6stnet.log'))
logging.trace("Configuration:\n%r", config) logging.trace("Configuration:\n%r", config)
utils.makedirs(config.state) utils.makedirs(config.state)
db_path = os.path.join(config.state, 'peers.db') db_path = os.path.join(config.state, 'peers.db')
plib.log = tunnel.log = config.log if config.ovpnlog:
plib.ovpn_log = config.log
# Create and open read_only pipe to get server events # Create and open read_only pipe to get server events
logging.info('Creating pipe for server events...') logging.info('Creating pipe for server events...')
...@@ -148,20 +140,22 @@ def main(): ...@@ -148,20 +140,22 @@ def main():
try: try:
# Init db and tunnels # Init db and tunnels
peer_db = db.PeerDB(db_path, config.registry, config.key, prefix) peer_db = db.PeerDB(db_path, config.registry, config.key, prefix)
tunnel_manager = tunnel.TunnelManager(write_pipe, peer_db, openvpn_args, tunnel_manager = tunnel.TunnelManager(write_pipe, peer_db,
config.hello, config.tunnel_refresh, config.client_count, config.openvpn_args, config.hello, config.tunnel_refresh,
config.iface_list, network, prefix, address, ip_changed, config.client_count, config.iface_list, network, prefix, address,
config.encrypt) ip_changed, config.encrypt)
server_tunnels = {} server_tunnels = {}
for x in pp: for x in pp:
server_tunnels.setdefault('re6stnet-' + x[1], x) server_tunnels.setdefault('re6stnet-' + x[1], x)
interface_list = list(tunnel_manager.free_interface_set) \
+ config.iface_list + server_tunnels.keys()
subnet = network + prefix subnet = network + prefix
config.babel_args += tunnel_manager.free_interface_set
config.babel_args += config.iface_list
config.babel_args += server_tunnels
router = plib.router(network, utils.ipFromBin(subnet), len(subnet), router = plib.router(network, utils.ipFromBin(subnet), len(subnet),
interface_list, config.wireless, config.hello, config.babel_verb, config.hello, os.path.join(config.log, 'babeld.log'),
config.babel_pidfile, os.path.join(config.state, 'babeld.state')) os.path.join(config.state, 'babeld.state'),
config.babel_pidfile, *config.babel_args)
# main loop # main loop
try: try:
...@@ -171,7 +165,7 @@ def main(): ...@@ -171,7 +165,7 @@ def main():
utils.ipFromBin(subnet, '1') if proto == pp[0][1] else None, utils.ipFromBin(subnet, '1') if proto == pp[0][1] else None,
len(network) + len(prefix), len(network) + len(prefix),
config.max_clients, config.dh, write_pipe, port, config.max_clients, config.dh, write_pipe, port,
proto, config.hello, config.encrypt, *openvpn_args)) proto, config.hello, config.encrypt, *config.openvpn_args))
while True: while True:
next = tunnel_manager.next_refresh next = tunnel_manager.next_refresh
if forwarder: if forwarder:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7