From fa3bf829e32c23d5b47b98f4e7098ff7e52f1ff0 Mon Sep 17 00:00:00 2001 From: Nick Vatamaniuc Date: Fri, 22 Sep 2023 10:51:55 -0400 Subject: [PATCH 1/2] Update Erlang CI images * Use latest patch levels for 24 and 25. * Add 26 to the list. In Erlang 26 TLS `verify` option switched the default value from `verify_none` to `verify_peer` [1]. So had to explictly set it in the test client. [1] https://www.erlang.org/blog/otp-26-highlights/#ssl-safer-defaults --- .github/workflows/ci.yml | 5 +++-- test/mochiweb_test_util.erl | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6005c403..366bd8dc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -15,8 +15,9 @@ jobs: os: - ubuntu-latest otp: - - "25.3.0.0" - - "24.3.4.10" + - "26.0.2.0" + - "25.3.2.3" + - "24.3.4.13" - "23.3.4.18" - "22.3.4.26" - "21.3.8.24" diff --git a/test/mochiweb_test_util.erl b/test/mochiweb_test_util.erl index 86987715..06d3a9e2 100644 --- a/test/mochiweb_test_util.erl +++ b/test/mochiweb_test_util.erl @@ -31,7 +31,7 @@ with_server(Transport, ServerFun, ClientFun) -> Res. ssl_client_opts(Opts) -> - [{server_name_indication, disable} | Opts]. + [{server_name_indication, disable}, {verify, verify_none} | Opts]. sock_fun(Transport, Port) -> Opts = [binary, {active, false}, {packet, http}], From 293b95d2e8ceabcdf8dc381b8c1fcaf7626002ea Mon Sep 17 00:00:00 2001 From: Bob Ippolito Date: Fri, 22 Sep 2023 12:08:01 -0700 Subject: [PATCH 2/2] Update certificates --- CHANGES.md | 5 ++ support/test-materials/create-certs.sh | 12 ++++ support/test-materials/test_ssl_cert.pem | 45 +++++++++----- support/test-materials/test_ssl_key.pem | 79 ++++++++++++++++-------- 4 files changed, 97 insertions(+), 44 deletions(-) create mode 100755 support/test-materials/create-certs.sh diff --git a/CHANGES.md b/CHANGES.md index 82e43ed2..c53c74f2 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,3 +1,8 @@ +Version 3.2.2 released XXXX-XX-XX + +* Update Erlang CI images + https://github.com/mochi/mochiweb/pull/261 + Version 3.2.1 released 2023-09-22 * mochinum:digits/1: fix handling of -0.0 for OTP-26.1/27.0 diff --git a/support/test-materials/create-certs.sh b/support/test-materials/create-certs.sh new file mode 100755 index 00000000..50d86521 --- /dev/null +++ b/support/test-materials/create-certs.sh @@ -0,0 +1,12 @@ +#!/bin/bash +set -e +cd "$(dirname "${BASH_SOURCE[0]}")" +# Create a new self-signed cert and key expiring in 10 years +openssl req \ + -newkey rsa:4096 \ + -x509 \ + -nodes \ + -days 3650 \ + -subj '/C=US/CN=localhost' \ + -keyout ./test_ssl_key.pem \ + -out ./test_ssl_cert.pem diff --git a/support/test-materials/test_ssl_cert.pem b/support/test-materials/test_ssl_cert.pem index f84ccca7..b58a16c2 100644 --- a/support/test-materials/test_ssl_cert.pem +++ b/support/test-materials/test_ssl_cert.pem @@ -1,19 +1,30 @@ -----BEGIN CERTIFICATE----- -MIIDIDCCAgigAwIBAgIJAJLkNZzERPIUMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV -BAMTCWxvY2FsaG9zdDAeFw0xMDAzMTgxOTM5MThaFw0yMDAzMTUxOTM5MThaMBQx -EjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAJeUCOZxbmtngF4S5lXckjSDLc+8C+XjMBYBPyy5eKdJY20AQ1s9/hhp3ulI -8pAvl+xVo4wQ+iBSvOzcy248Q+Xi6+zjceF7UNRgoYPgtJjKhdwcHV3mvFFrS/fp -9ggoAChaJQWDO1OCfUgTWXImhkw+vcDR11OVMAJ/h73dqzJPI9mfq44PTTHfYtgr -v4LAQAOlhXIAa2B+a6PlF6sqDqJaW5jLTcERjsBwnRhUGi7JevQzkejujX/vdA+N -jRBjKH/KLU5h3Q7wUchvIez0PXWVTCnZjpA9aR4m7YV05nKQfxtGd71czYDYk+j8 -hd005jetT4ir7JkAWValBybJVksCAwEAAaN1MHMwHQYDVR0OBBYEFJl9s51SnjJt -V/wgKWqV5Q6jnv1ZMEQGA1UdIwQ9MDuAFJl9s51SnjJtV/wgKWqV5Q6jnv1ZoRik -FjAUMRIwEAYDVQQDEwlsb2NhbGhvc3SCCQCS5DWcxETyFDAMBgNVHRMEBTADAQH/ -MA0GCSqGSIb3DQEBBQUAA4IBAQB2ldLeLCc+lxK5i0EZquLamMBJwDIjGpT0JMP9 -b4XQOK2JABIu54BQIZhwcjk3FDJz/uOW5vm8k1kYni8FCjNZAaRZzCUfiUYTbTKL -Rq9LuIAODyP2dnTqyKaQOOJHvrx9MRZ3XVecXPS0Tib4aO57vCaAbIkmhtYpTWmw -e3t8CAIDVtgvjR6Se0a1JA4LktR7hBu22tDImvCSJn1nVAaHpani6iPBPPdMuMsP -TBoeQfj8VpqBUjCStqJGa8ytjDFX73YaxV2mgrtGwPNme1x3YNRR11yTu7tksyMO -GrmgxNriqYRchBhNEf72AKF0LR1ByKwfbDB9rIsV00HtCgOp +MIIFIzCCAwugAwIBAgIUXrZDSfQKpfQ0niTPXnmjbTtoS5EwDQYJKoZIhvcNAQEL +BQAwITELMAkGA1UEBhMCVVMxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMzA5MjIx +OTAzNTZaFw0zMzA5MTkxOTAzNTZaMCExCzAJBgNVBAYTAlVTMRIwEAYDVQQDDAls +b2NhbGhvc3QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDMpjFOvzT4 +Y2KoBzVFdGALtLl69LTlyCrBOae4uJ4NaE0s8hJbgWHrtp6GgEIFDT4tlTvkbmHR +V80ocZXytJNUqjPfqZMLvxNsyqvvTbr7EuYel3qI8KrTYBw0cjYiDuuiwUurmHfd +FS4+e5xS0wnOH6u04t6lDeQSB7guwjkzgM2amFuTzA2JsQx/VRiha0IzPs1ylnEg +lzc0Q1MqFtRzYgj+7pmTkM9MLrG4s7EW6wXIP+9AXsZ7kU3kCH2eoTRTe50rabPn +48/bLEnvM8rpfXO73FO4EeSXNj1FZ6Ggo1fn4SBDL55PMf4/z16Z3xPZQz5yvAsK +sdwR2fyjuQw8rZPatolq3yyTDCXbD0sOaNYakVOyug1R3tAhBi7Ca2OhaS8GeN29 +2n/LTPppnlJtE7VNKTVmZ0uufUcxrEXxYDZUkCyYNJK4ku2eFGgh0M8YEKJ97kqH +TdFCMNwPM1Oue67ZVCvXQHKVuGHOKRJHGdLm2l+BZFjMC8yzELBqkTWUuj3pex9E +krGZCbn2Rf1y1ieVOXVe1pZDco3ApraWtKYfATUKqw6wWnzsfqRNJacb0i7oDbo6 +2vqE6Y6MOq8XoAp65SD8p7mKNUn6RYX5CPrjMH0ZH/eCF72mr4WRdsi0WTkysskw +v4VhXrZYG1PYl3Ktl+ITMc3PYLMvm0S8ZwIDAQABo1MwUTAdBgNVHQ4EFgQUKe6O +1Qq70RJJwShjlmForFaE0dkwHwYDVR0jBBgwFoAUKe6O1Qq70RJJwShjlmForFaE +0dkwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAVwVlnKqB6N8d +E/Uh6wzUVPbueIO5cNj6mqXcMzEqQbnHXLvNrFop4qpHTzyf9X+lAq8EwXmiO1nO +5udgFNdzp3Gz+eb4R2iJVH+DDS4J9bgdba3xhyioqkJV6Vyky+gdFYDlqQ+NYWOa +1k/ZNyRccGKkYdS3RqtW/3t9e7PC4xtlwv1M+CzOx0HoNpxxtKIYWLnBSWDzeMup +SUxgU/7Soh9zMSXu0zbcdI5rINKcsSQwrBfa2mUOw7VC512uYXv5eeqO4b7es6V4 +DfxBUyo1yyVu8pOuUm7Rrg7foJcNl21FWMb1fX8JYaN4MJ7z31EDR9CrjvwPevBd +kYIUEy0vMKiNqo3ELL/yb2C60t2OuGYVPaC0XdZ9XmrDD8MKFGcwKoalzlSfNhQf +K2tvaJBgJlCywcuro/pwjDdHqBCK2lLT0q1vI3dbSSdR0Okb1DqGNyvokrTbFbfu +4HnhsaFHCUUlJUexWH7il/+QlB+7Anyx3GgbZFkaWkTt7p/P5N0hMNQ8edVITLel +oLiNQqKydf7ox6L+OueL+LLH0/pOcrqInn3iv5sQduIr/7LcidnWzsjFq5mAEeiZ +xl2BQDBYD3od+LoLemTB6I4mGg85JuWqXv6UFf9FTGKk43LwMpQKjINVR/lpC4G9 +F7Iu4FUBycIq4t++EtHV1xBOg8eDrv0= -----END CERTIFICATE----- diff --git a/support/test-materials/test_ssl_key.pem b/support/test-materials/test_ssl_key.pem index 69bbf823..49c05f99 100644 --- a/support/test-materials/test_ssl_key.pem +++ b/support/test-materials/test_ssl_key.pem @@ -1,27 +1,52 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAl5QI5nFua2eAXhLmVdySNIMtz7wL5eMwFgE/LLl4p0ljbQBD -Wz3+GGne6UjykC+X7FWjjBD6IFK87NzLbjxD5eLr7ONx4XtQ1GChg+C0mMqF3Bwd -Xea8UWtL9+n2CCgAKFolBYM7U4J9SBNZciaGTD69wNHXU5UwAn+Hvd2rMk8j2Z+r -jg9NMd9i2Cu/gsBAA6WFcgBrYH5ro+UXqyoOolpbmMtNwRGOwHCdGFQaLsl69DOR -6O6Nf+90D42NEGMof8otTmHdDvBRyG8h7PQ9dZVMKdmOkD1pHibthXTmcpB/G0Z3 -vVzNgNiT6PyF3TTmN61PiKvsmQBZVqUHJslWSwIDAQABAoIBACI8Ky5xHDFh9RpK -Rn/KC7OUlTpADKflgizWJ0Cgu2F9L9mkn5HyFHvLHa+u7CootbWJOiEejH/UcBtH -WyMQtX0snYCpdkUpJv5wvMoebGu+AjHOn8tfm9T/2O6rhwgckLyMb6QpGbMo28b1 -p9QiY17BJPZx7qJQJcHKsAvwDwSThlb7MFmWf42LYWlzybpeYQvwpd+UY4I0WXLu -/dqJIS9Npq+5Y5vbo2kAEAssb2hSCvhCfHmwFdKmBzlvgOn4qxgZ1iHQgfKI6Z3Y -J0573ZgOVTuacn+lewtdg5AaHFcl/zIYEr9SNqRoPNGbPliuv6k6N2EYcufWL5lR -sCmmmHECgYEAxm+7OpepGr++K3+O1e1MUhD7vSPkKJrCzNtUxbOi2NWj3FFUSPRU -adWhuxvUnZgTcgM1+KuQ0fB2VmxXe9IDcrSFS7PKFGtd2kMs/5mBw4UgDZkOQh+q -kDiBEV3HYYJWRq0w3NQ/9Iy1jxxdENHtGmG9aqamHxNtuO608wGW2S8CgYEAw4yG -ZyAic0Q/U9V2OHI0MLxLCzuQz17C2wRT1+hBywNZuil5YeTuIt2I46jro6mJmWI2 -fH4S/geSZzg2RNOIZ28+aK79ab2jWBmMnvFCvaru+odAuser4N9pfAlHZvY0pT+S -1zYX3f44ygiio+oosabLC5nWI0zB2gG8pwaJlaUCgYEAgr7poRB+ZlaCCY0RYtjo -mYYBKD02vp5BzdKSB3V1zeLuBWM84pjB6b3Nw0fyDig+X7fH3uHEGN+USRs3hSj6 -BqD01s1OT6fyfbYXNw5A1r+nP+5h26Wbr0zblcKxdQj4qbbBZC8hOJNhqTqqA0Qe -MmzF7jiBaiZV/Cyj4x1f9BcCgYEAhjL6SeuTuOctTqs/5pz5lDikh6DpUGcH8qaV -o6aRAHHcMhYkZzpk8yh1uUdD7516APmVyvn6rrsjjhLVq4ZAJjwB6HWvE9JBN0TR -bILF+sREHUqU8Zn2Ku0nxyfXCKIOnxlx/J/y4TaGYqBqfXNFWiXNUrjQbIlQv/xR -K48g/MECgYBZdQlYbMSDmfPCC5cxkdjrkmAl0EgV051PWAi4wR+hLxIMRjHBvAk7 -IweobkFvT4TICulgroLkYcSa5eOZGxB/DHqcQCbWj3reFV0VpzmTDoFKG54sqBRl -vVntGt0pfA40fF17VoS7riAdHF53ippTtsovHEsg5tq5NrBl5uKm2g== ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDMpjFOvzT4Y2Ko +BzVFdGALtLl69LTlyCrBOae4uJ4NaE0s8hJbgWHrtp6GgEIFDT4tlTvkbmHRV80o +cZXytJNUqjPfqZMLvxNsyqvvTbr7EuYel3qI8KrTYBw0cjYiDuuiwUurmHfdFS4+ +e5xS0wnOH6u04t6lDeQSB7guwjkzgM2amFuTzA2JsQx/VRiha0IzPs1ylnEglzc0 +Q1MqFtRzYgj+7pmTkM9MLrG4s7EW6wXIP+9AXsZ7kU3kCH2eoTRTe50rabPn48/b +LEnvM8rpfXO73FO4EeSXNj1FZ6Ggo1fn4SBDL55PMf4/z16Z3xPZQz5yvAsKsdwR +2fyjuQw8rZPatolq3yyTDCXbD0sOaNYakVOyug1R3tAhBi7Ca2OhaS8GeN292n/L +TPppnlJtE7VNKTVmZ0uufUcxrEXxYDZUkCyYNJK4ku2eFGgh0M8YEKJ97kqHTdFC +MNwPM1Oue67ZVCvXQHKVuGHOKRJHGdLm2l+BZFjMC8yzELBqkTWUuj3pex9EkrGZ +Cbn2Rf1y1ieVOXVe1pZDco3ApraWtKYfATUKqw6wWnzsfqRNJacb0i7oDbo62vqE +6Y6MOq8XoAp65SD8p7mKNUn6RYX5CPrjMH0ZH/eCF72mr4WRdsi0WTkysskwv4Vh +XrZYG1PYl3Ktl+ITMc3PYLMvm0S8ZwIDAQABAoICAAxpxQvii5mVZ0jx4JVThCl+ +aNHAdHu+zHkaWixy/+moR4yDLAHif/ugNBvMcJsfcB1FTaccp7cSMFHuGD5RUOGn +Z6x+++Bc7EmCpMzH79OGFFc+sO8/FqpQZhjFF+t9vcuj4q2IR5z6L+sYuSUWj/Dk +xhfoVI25oSytMzE2FR1YO4bPcjgtl5SgHJxZbDw+THtED/CNyroQJTt4tsHfm9Tz +2Vlwd5HjDFZLbsdy5TosP0mKNz6CtF9cACSyYlkNrIxzyKP3FJm4NvkAX4VKCvQA +TzwFFtiCnVVetBC43HqCurSuvxo6kf7gjwXbBwEmVG0VQX0/UrW8KORPgjeCfe9q +3xMhGKZDA+ENUFKEsZfYnd3jvH10AEr7cdb3Juh7BLd3Y/rTUGyxTHI5NrqeZd7v +ycoV3OOU9mLpindInebZZbst1YhNUyBz49Q5SWnd38KL4T29KKZC5GYkRVosbYU1 +QztXvzf4PLkk+vK2HXRkKXFqhTMUfss937ap/a2ie/CQzNJi5kV1vKkxR70bR+gr +i9wlrVYmV9/iJ9h0Jt+U4ClmXgg2ZwsZgrywBhNNRD+wNR5dLzPxSEjUCXebIsEv +fm4FXxGm3i3CyT4qRgVZhJXIi1CtiUXWGpvgcTJ2LiXhnvupwW58eIHGel7VnVgy +W9SVMSudPPiPKumNQpaBAoIBAQDx3OXqXICcRACvGPv7RtCScNuC+UwWCq+C6gNx +SJwFUyPUajIoRUiP+MX/9mn4JFAffxNpHPYF0JHuY5RibHp2gO0aPz/vm+waV7Ie +arQPgCCxbfBxAomdr5JFN10FsbWnP+FuQTP5FwcmTSMCrU7K+cbEwO36a5K7OMO6 +dOh3dfX0vgzWzqPiXoRImjXDyLTpsMR2fgoYmV/d62GlQ+qcrWKO+yH/mvfv3uer +1t07ob+VCxgKYDSgbzpNJaLQ2kXbLxk0eNfCCxkuXWaqqojsQg+DzHTaj1Gdbpjt +RVObAeiMltYUcRGwJ6gQECOYEYlBoYVjjdvutu8E3D07RuyXAoIBAQDYnHMPhox3 +UgcUyHbkWprXn+uK+tveAwJA5ruusVCSctXuFnKt8gzNQwu8pfyJc8jRpaT8FB8R +I27+cWTvDCR5uDNZ2tCW3X3C28ZU1bXTPEoIQRIZseaV1wU+ualbWaLsGqTCkFeu +6yfVkLIWkTfhxDW5l4SEwClM/L4GqhfOOQJ3JvCza1fW+2mVvHmT92ro2xeNpqmq +sTfWsxn4RPCuoYWR2B0JeKwrsmHK8rqo4LhTf7ZPp2/dH/GQkSvi2lzhk/st4cEV +FxamwACmsdWimXHryDXcmAov/TdlZTM77I5Mz3YtFec+ucyJrl0caiwdc/md1LR0 +JlHLq7on+xixAoIBAQDkmWv6CjpI+IFI/i1Uf8ctUlw3u9dtUeY3r2VXklBdPAq2 +fzUvGOUPpwvF9SqNrgzI6Dv5crUaI9t6XUZnjK5nCU6RK00L9OzArTieRS4xJGJC +MW478jEOCF8Q6tYSRrgx/0/b/ObZvSk1y1yW8CVz9Ycoek20Di7epDVjK5J5LtYs +3+CUuzTtBXa0hITiqvZLlpbqhBCY1YZl408kfD/onHx2NekZhWhooN+JbIkoDqZc +geLUE8BKDzckqbjs/BFgrHB/RuRu9Dx1tTQPhSXrYDj30qxz01hJm7oRMSBndvNM +xlhLc99LBwBzRj3OQmzfyoGf6foA84iQqHV7bHq7AoIBAA/RjQ2LM+La2K2J3jTa +8QfiI99oZnoWGioHL5mYVVv8iubyOLm/PXQX+1lxfbnD/NxijmPiTEqCHe7y9P4I +EvnYm9dqBWWfEzoRtrAnUznz4ywrJFlABqjWpQlpoZaMOzumznVu+RhLEAOmp3rC +bCROoeXFzOWs6tc2deIitc5Xl3iAHX/czPNkNNe8hdxqayJKLbQogad3fa5uMe1R +i4oVPZ3i/GvepiQiyMV7aGpAzvU6FGRIxACP/qIiF+RfMf0/Q06cd+9EWmEfEG0b ++4/+SLWBT32mlMfgZBVBiLZNli7Bz82HFfYct3UuiJo0nrgf6hC+odcBnWOUTOny +imECggEAMziGwb86LK0mUS16FfPZfKevDVbr3KEGKxoPSd4VQ9Yt+9IIK/GrsJyW +jCcMuS4jn7jC/Ky+X5QwgrSEN4AtYWp0SRL5ifVJvpzmMrJSOEfImWWocRvBHxEg +o83VWamrxnk0MaTYn3GIqJya4GNPHyZdeuAhfOWRLgBg45X3ROA0Cfr87IH0rRjC +m2SgLq+SFb8dBc/CTIWnLF8HSjv1dOVy86u1xWiV02reWlJJyQWPyZr73H2i/SL4 +M3jTadyPtVN5TkntncL+e7SNECPAGFqbSR09Clo9knQKaG7+ZErWui5y/126hA4g +sQ7D9iHtfpktSwQcSfQ5hms9hJzL4A== +-----END PRIVATE KEY-----