httpi 2.4.3 → 3.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 613b8bb3b0fa730f0920296081683075b6de1c34164bd347a1d93d5928d4af0b
-  data.tar.gz: 84d1328228a15c27afee7a4bbe04d3a29079129b7227697c6993728c96b4a4c9
+  metadata.gz: b488ad4ac7b6d32a313798d387be88d00976ffe2533a1413836bd7e102cfda83
+  data.tar.gz: f555c552fbdfa36b727c75e5bf2b3a9a19559098145ce3f969c94f250380b185
 SHA512:
-  metadata.gz: d4ea5d0acbfb93fd0599268946a062cb20d162195469bc92d548b241a75902b4b5f2131a5d95fc21c9165b8cf68058bc156126e265676d083b888558f4e32d35
-  data.tar.gz: '069622ebb89c624bb74d12a883506af7b38553f016a90c223a91a0230fb3b11115b665bafcdcf8c0f3a26c121abdf817581ff7fcddb68acd727ad9218ead6ba8'
+  metadata.gz: fccd5e6e95668a6b49e440eee050a2e8f7e456434e6a973bd2cc8d54c97854c1961fc5e941456ff6e3a4356a03bb6b8a7aad023fd7b8d74f0d73a2e1a18fd682
+  data.tar.gz: 825d197e0ccb00ba983aba28a40cb6c0f1789bc6ae9cb3ba82363548330fd66609c5c4e904285038d67de6c95850f1ccaca3901f7698b7317657e754f1035f7d

data/.github/workflows/development.yml

@@ -0,0 +1,48 @@
+name: Development
+
+on: [push, pull_request]
+
+jobs:
+  test:
+    name: ${{matrix.ruby}} on ${{matrix.os}}
+    runs-on: ${{matrix.os}}-latest
+    continue-on-error: ${{matrix.experimental}}
+    
+    strategy:
+      matrix:
+        os:
+          - ubuntu
+        
+        ruby:
+          - "2.6"
+          - "2.7"
+          - "3.0"
+        
+        experimental: [false]
+        env: [""]
+        
+        include:
+          - os: ubuntu
+            ruby: truffleruby
+            experimental: true
+          - os: ubuntu
+            ruby: jruby
+            experimental: true
+          - os: ubuntu
+            ruby: head
+            experimental: true
+    
+    steps:
+    - uses: actions/checkout@v2
+    
+    - name: Install dependencies
+      run: sudo apt-get install libcurl4-openssl-dev
+    
+    - uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{matrix.ruby}}
+        bundler-cache: true
+    
+    - name: Run tests
+      timeout-minutes: 5
+      run: ${{matrix.env}} bundle exec rspec

data/CHANGELOG.md

@@ -1,3 +1,26 @@
+### 3.0.0 (2021-10-19)
+
+* Improvement: [#225](https://github.com/savonrb/httpi/pull/225) Make rack and socksify dependencies optional.
+
+### 2.5.0 (2021-10-05)
+
+* Feature: [#214](https://github.com/savonrb/httpi/pull/214) Add SSL ciphers configuration
+* Improvement: [#227](https://github.com/savonrb/httpi/pull/227) Use GitHub Actions as CI. Require at least Ruby v2.3.
+
+### 2.4.5
+
+* Improvement: [#209](https://github.com/savonrb/httpi/pull/209) Drop Travis CI support for Ruby < 2.3.0 and jruby.
+* Feature: [#208](https://github.com/savonrb/httpi/pull/208) Add SSL min/max_version configuration for supporting adapters
+* Improvement: [#206](https://github.com/savonrb/httpi/pull/206) Support for net-http-persistent v3
+* Improvement: [#204](https://github.com/savonrb/httpi/pull/204) Avoid excon warning
+
+### 2.4.4
+
+* Improvement: [#197](https://github.com/savonrb/httpi/pull/197) Add support for new write timeout option to all adapters
+* Fix: [#196](https://github.com/savonrb/httpi/pull/196) Fix httpi adapters support for read/open timeout
+* Improvement: [Remove references to broken site](https://github.com/savonrb/httpi/commit/345e5e2b1a4376a7be769f67088a431895de09ad)
+* Fix: [#190](https://github.com/savonrb/httpi/pull/190) Don't convert port to string on Excon adapter
+
 ### 2.4.3
 
 * Fix: [#171](https://github.com/savonrb/httpi/pull/171) bug with rubyntlm v0.6.0

data/Gemfile

@@ -3,18 +3,20 @@ gemspec
 
 gem 'jruby-openssl',                                       :platforms => :jruby
 
-# compatibility restrictions for http clients under existing travis test environments
-gem 'public_suffix', '~> 2.0'   # or remove rubies < 2.1 from travis.yml
+gem 'public_suffix', '~> 4.0'
 
 # http clients
 gem 'httpclient',          '~> 2.3',    :require => false
-gem 'curb',                '~> 0.8',    :require => false, :platforms => :ruby
-gem 'em-http-request',                  :require => false, :platforms => [:ruby, :jruby]
+gem 'curb',                '~> 0.8',    :require => false, :platforms => [:ruby]
+gem 'em-http-request',                  :require => false, :platforms => [:ruby]
 gem 'em-synchrony',                     :require => false, :platforms => [:ruby, :jruby]
 gem 'excon',               '~> 0.21',   :require => false, :platforms => [:ruby, :jruby]
-gem 'net-http-persistent', '~> 2.8',    :require => false
+gem 'net-http-persistent', '~> 4.0',    :require => false
 gem 'http',                             :require => false
 
+# adapter extensions
+gem 'rack'
+gem 'socksify'
+
 # coverage
 gem 'simplecov',                        :require => false
-gem 'coveralls',                        :require => false

data/README.md

@@ -2,33 +2,23 @@
 
 A common interface for Ruby's HTTP libraries.
 
-[Documentation](http://httpirb.com) | [RDoc](http://rubydoc.info/gems/httpi) |
+[Documentation](https://www.rubydoc.info/gems/httpi) |
 [Mailing list](https://groups.google.com/forum/#!forum/httpirb)
 
-[![Build Status](https://secure.travis-ci.org/savonrb/httpi.png?branch=master)](http://travis-ci.org/savonrb/httpi)
-[![Gem Version](https://badge.fury.io/rb/httpi.png)](http://badge.fury.io/rb/httpi)
-[![Code Climate](https://codeclimate.com/github/savonrb/httpi.png)](https://codeclimate.com/github/savonrb/httpi)
-[![Coverage Status](https://coveralls.io/repos/savonrb/httpi/badge.png?branch=master)](https://coveralls.io/r/savonrb/httpi)
-
+[![Development](https://github.com/savonrb/httpi/actions/workflows/development.yml/badge.svg)](https://github.com/savonrb/httpi/actions/workflows/development.yml)
 
 ## Installation
 
-HTTPI is available through [Rubygems](http://rubygems.org/gems/httpi) and can be installed via:
+HTTPI is available through [Rubygems](https://rubygems.org/gems/httpi) and can be installed via:
 
-```
-$ gem install httpi
-```
+    $ gem install httpi
 
 or add it to your Gemfile like this:
 
-```
-gem 'httpi', '~> 2.1.0'
-```
-
+    gem 'httpi', '~> 3.0.0'
 
 ## Usage example
 
-
 ``` ruby
 require "httpi"
 
@@ -49,7 +39,21 @@ HTTPI.adapter = :httpclient
 HTTPI.request(:custom, request)
 ```
 
+### Rack Mock Adapter
+
+To use the Rack mock adapter, please add the `rack` gem to your gemfile.
+
+### SOCKS Proxy Support
+
+To use the the SOCKS proxy support, please add the `socksify` gem to your gemfile, and add the following code:
+
+``` ruby
+require 'socksify'
+require 'socksify/http'
+```
+
+to your project.
 
 ## Documentation
 
-Continue reading at [httpirb.com](http://httpirb.com)
+Continue reading at https://www.rubydoc.info/gems/httpi

data/UPDATING.md

@@ -0,0 +1,7 @@
+# Update guide
+
+## From 2.x to 3.x
+
+BREAKING CHANGE: the [#255](https://github.com/savonrb/httpi/pull/225) made the gem socksify and rack gems optional dependencies.
+
+In order to restore the old behavior, see the README section "SOCKS Proxy Support" and "Rack Mock Adapter".

data/httpi.gemspec

@@ -11,19 +11,16 @@ Gem::Specification.new do |s|
   s.homepage    = "http://github.com/savonrb/#{s.name}"
   s.summary     = "Common interface for Ruby's HTTP libraries"
   s.description = s.summary
-  s.required_ruby_version = '>= 1.9.2'
 
-  s.rubyforge_project = s.name
-  s.license = 'MIT'
+  s.required_ruby_version = '>= 2.3'
 
-  s.add_dependency 'rack'
-  s.add_dependency 'socksify'
+  s.license = 'MIT'
 
   s.add_development_dependency 'rubyntlm', '~> 0.3.2'
-  s.add_development_dependency 'rake',     '~> 10.0'
-  s.add_development_dependency 'rspec',    '~> 2.14'
+  s.add_development_dependency 'rake',     '~> 13.0'
+  s.add_development_dependency 'rspec',    '~> 3.5'
   s.add_development_dependency 'mocha',    '~> 0.13'
-  s.add_development_dependency 'puma',     '~> 2.3.2'
+  s.add_development_dependency 'puma',     '~> 5.0'
   s.add_development_dependency 'webmock'
 
   s.files = `git ls-files`.split("\n")

data/lib/httpi/adapter/curb.rb

@@ -72,8 +72,9 @@ module HTTPI
       def basic_setup
         @client.url = @request.url.to_s
         @client.proxy_url = @request.proxy.to_s if @request.proxy
-        @client.timeout = @request.read_timeout if @request.read_timeout
-        @client.connect_timeout = @request.open_timeout if @request.open_timeout
+        read_or_write_timeout = @request.read_timeout || @request.write_timeout
+        @client.timeout_ms = read_or_write_timeout * 1000 if read_or_write_timeout
+        @client.connect_timeout_ms = @request.open_timeout * 1000 if @request.open_timeout
         @client.headers = @request.headers.to_hash
         @client.verbose = false
         # cURL workaround
@@ -115,6 +116,7 @@ module HTTPI
           @client.cert_key = ssl.cert_key_file
           @client.cert = ssl.cert_file
           @client.certpassword = ssl.cert_key_password
+          @client.set(:ssl_cipher_list, ssl.ciphers.join(':')) if ssl.ciphers
 
           @client.ssl_verify_peer = ssl.verify_mode == :peer
         end
@@ -127,6 +129,9 @@ module HTTPI
           when :SSLv23  then 2
           when :SSLv3   then 3
         end
+        if ssl.min_version || ssl.max_version
+          raise NotSupportedError, 'Curb adapter does not support #min_version or #max_version. Please, use #ssl_version instead.'
+        end
       end
 
       def respond_with(client)

data/lib/httpi/adapter/em_http.rb

@@ -69,10 +69,11 @@ module HTTPI
       end
 
       def connection_options
-        options = {
-          :connect_timeout    => @request.open_timeout,
-          :inactivity_timeout => @request.read_timeout
-        }
+        options = {}
+
+        read_or_write_timeout = @request.read_timeout || @request.write_timeout
+        options[:inactivity_timeout] = read_or_write_timeout if read_or_write_timeout
+        options[:connect_timeout] = @request.open_timeout if @request.open_timeout
 
         options[:proxy] = proxy_options if @request.proxy
 

data/lib/httpi/adapter/excon.rb

@@ -41,8 +41,9 @@ module HTTPI
 
         opts = {
           :host => url.host,
+          :hostname => url.hostname,
           :path => url.path,
-          :port => url.port.to_s,
+          :port => url.port,
           :query => url.query,
           :scheme => url.scheme,
           :headers => @request.headers,
@@ -58,6 +59,7 @@ module HTTPI
         opts[:user], opts[:password] = *@request.auth.credentials if @request.auth.basic?
         opts[:connect_timeout] = @request.open_timeout if @request.open_timeout
         opts[:read_timeout]    = @request.read_timeout if @request.read_timeout
+        opts[:write_timeout]   = @request.write_timeout if @request.write_timeout
         opts[:response_block]  = @request.on_body if @request.on_body
         opts[:proxy]           = @request.proxy if @request.proxy
 
@@ -71,7 +73,10 @@ module HTTPI
           opts[:ssl_verify_peer] = false
         end
 
+        opts[:ciphers] = ssl.ciphers if ssl.ciphers
         opts[:ssl_version] = ssl.ssl_version if ssl.ssl_version
+        opts[:ssl_min_version] = ssl.min_version if ssl.min_version
+        opts[:ssl_max_version] = ssl.max_version if ssl.max_version
 
         opts
       end

data/lib/httpi/adapter/http.rb

@@ -58,7 +58,10 @@ module HTTPI
           context.cert        = @request.auth.ssl.cert
           context.key         = @request.auth.ssl.cert_key
           context.ssl_version = @request.auth.ssl.ssl_version if @request.auth.ssl.ssl_version != nil
+          context.min_version = @request.auth.ssl.min_version if @request.auth.ssl.min_version != nil
+          context.max_version = @request.auth.ssl.max_version if @request.auth.ssl.max_version != nil
           context.verify_mode = @request.auth.ssl.openssl_verify_mode
+          context.ciphers     = @request.auth.ssl.ciphers if @request.auth.ssl.ciphers
 
           client = ::HTTP::Client.new(:ssl_context => context)
         else
@@ -73,6 +76,12 @@ module HTTPI
           client = client.via(@request.proxy.host, @request.proxy.port, @request.proxy.user, @request.proxy.password)
         end
 
+        timeouts = {}
+        timeouts[:connect] = @request.open_timeout if @request.open_timeout
+        timeouts[:read] = @request.read_timeout if @request.read_timeout
+        timeouts[:write] = @request.write_timeout if @request.write_timeout
+        client = client.timeout(timeouts) if timeouts.any?
+
         client.headers(@request.headers)
       end
     end

data/lib/httpi/adapter/httpclient.rb

@@ -45,6 +45,7 @@ module HTTPI
         @client.proxy = @request.proxy if @request.proxy
         @client.connect_timeout = @request.open_timeout if @request.open_timeout
         @client.receive_timeout = @request.read_timeout if @request.read_timeout
+        @client.send_timeout = @request.write_timeout if @request.write_timeout
       end
 
       def setup_auth
@@ -72,11 +73,15 @@ module HTTPI
           # Send client-side certificate regardless of state of SSL verify mode
           @client.ssl_config.client_cert = ssl.cert
           @client.ssl_config.client_key = ssl.cert_key
+          @client.ssl_config.ciphers = ssl.ciphers if ssl.ciphers
 
           @client.ssl_config.verify_mode = ssl.openssl_verify_mode
         end
 
         @client.ssl_config.ssl_version = ssl.ssl_version.to_s if ssl.ssl_version
+        if ssl.min_version || ssl.max_version
+          raise NotSupportedError, 'Httpclient adapter does not support #min_version or #max_version. Please, use #ssl_version instead'
+        end
       end
 
       def respond_with(response)

data/lib/httpi/adapter/net_http.rb

@@ -4,8 +4,6 @@ require "httpi/adapter/base"
 require "httpi/response"
 require 'kconv'
 require 'socket'
-require "socksify"
-require 'socksify/http'
 
 module HTTPI
   module Adapter
@@ -155,6 +153,13 @@ module HTTPI
         @client.use_ssl = @request.ssl?
         @client.open_timeout = @request.open_timeout if @request.open_timeout
         @client.read_timeout = @request.read_timeout if @request.read_timeout
+        if @request.write_timeout
+          if @client.respond_to?(:write_timeout=) # Expected to appear in Ruby 2.6
+            @client.write_timeout = @request.write_timeout
+          else
+            raise NotSupportedError, "Net::HTTP supports write_timeout starting from Ruby 2.6"
+          end
+        end
       end
 
       def setup_ssl_auth
@@ -170,11 +175,14 @@ module HTTPI
           # Send client-side certificate regardless of state of SSL verify mode
           @client.key = ssl.cert_key
           @client.cert = ssl.cert
+          @client.ciphers = ssl.ciphers if ssl.ciphers
 
           @client.verify_mode = ssl.openssl_verify_mode
         end
 
         @client.ssl_version = ssl.ssl_version if ssl.ssl_version
+        @client.min_version = ssl.min_version if ssl.min_version
+        @client.max_version = ssl.max_version if ssl.max_version
       end
 
       def ssl_cert_store(ssl)

data/lib/httpi/adapter/net_http_persistent.rb

@@ -12,7 +12,11 @@ module HTTPI
       private
 
       def create_client
-        Net::HTTP::Persistent.new thread_key
+        if Gem::Version.new(Net::HTTP::Persistent::VERSION) >= Gem::Version.new('3.0.0')
+          Net::HTTP::Persistent.new name: thread_key
+        else
+          Net::HTTP::Persistent.new thread_key
+        end
       end
 
       def perform(http, http_request, &on_body)
@@ -32,12 +36,12 @@ module HTTPI
 
         @client.open_timeout = @request.open_timeout if @request.open_timeout
         @client.read_timeout = @request.read_timeout if @request.read_timeout
+        raise NotSupportedError, "Net::HTTP::Persistent does not support write_timeout" if @request.write_timeout
       end
 
       def thread_key
         @request.url.host.split(/\W/).reject{|p|p == ""}.join('-')
       end
-
     end
   end
 end

data/lib/httpi/auth/ssl.rb

@@ -20,9 +20,12 @@ module HTTPI
         ssl_context::METHODS.reject { |method| method.match(/server|client/) }
       end.sort.reverse
 
+      # Returns OpenSSL::SSL::*_VERSION values for min_version and max_version
+      MIN_MAX_VERSIONS = OpenSSL::SSL.constants.select{|constant| constant =~/_VERSION$/}.map{|version| version.to_s.gsub(/_VERSION$/,'').to_sym}.reverse
+
       # Returns whether SSL configuration is present.
       def present?
-        (verify_mode == :none) || (cert && cert_key) || ca_cert_file
+        (verify_mode == :none) || (cert && cert_key) || ca_cert_file || ciphers
       rescue TypeError, Errno::ENOENT
         false
       end
@@ -42,9 +45,27 @@ module HTTPI
       # Accessor for the ca_path to validate SSL certificates.
       attr_accessor :ca_cert_path
 
-      # ertificate store holds trusted CA certificates used to verify peer certificates.
+      # Certificate store holds trusted CA certificates used to verify peer certificates.
       attr_accessor :cert_store
 
+      # Accessor for the SSL ciphers list.
+      attr_reader :ciphers
+
+      # Sets the available symmetric algorithms for encryption and decryption.
+      # @see OpenSSL::SSL::SSLContext#ciphers
+      # @example
+      #   ssl.ciphers = "cipher1:cipher2:..."
+      #   ssl.ciphers = [name, ...]
+      #   ssl.ciphers = [[name, version, bits, alg_bits], ...]
+      def ciphers=(ciphers)
+        @ciphers =
+          if ciphers
+            context = OpenSSL::SSL::SSLContext.new
+            context.ciphers = ciphers
+            context.ciphers.map(&:first)
+          end
+      end
+
       # Returns the cert type to validate SSL certificates PEM|DER.
       def cert_type
         @cert_type ||= :pem
@@ -90,6 +111,36 @@ module HTTPI
         @ssl_version = version
       end
 
+      # Returns the SSL min_version number. Defaults to <tt>nil</tt> (auto-negotiate).
+      def min_version
+        @min_version ||= nil
+      end
+
+      # Sets the SSL min_version number. Expects one of <tt>HTTPI::Auth::SSL::MIN_MAX_VERSIONS</tt>.
+      def min_version=(version)
+        unless MIN_MAX_VERSIONS.include? version
+          raise ArgumentError, "Invalid SSL min_version #{version.inspect}\n" +
+                               "Please specify one of #{MIN_MAX_VERSIONS.inspect}"
+        end
+
+        @min_version = version
+      end
+
+      # Returns the SSL min_version number. Defaults to <tt>nil</tt> (auto-negotiate).
+      def max_version
+        @max_version ||= nil
+      end
+
+      # Sets the SSL min_version number. Expects one of <tt>HTTPI::Auth::SSL::MIN_MAX_VERSIONS</tt>.
+      def max_version=(version)
+        unless MIN_MAX_VERSIONS.include? version
+          raise ArgumentError, "Invalid SSL max_version #{version.inspect}\n" +
+                               "Please specify one of #{MIN_MAX_VERSIONS.inspect}"
+        end
+
+        @max_version = version
+      end
+
       # Returns an <tt>OpenSSL::X509::Certificate</tt> for the +cert_file+.
       def cert
         @cert ||= (OpenSSL::X509::Certificate.new File.read(cert_file) if cert_file)

data/lib/httpi/request.rb

@@ -11,7 +11,7 @@ module HTTPI
   class Request
 
     # Available attribute writers.
-    ATTRIBUTES = [:url, :proxy, :headers, :body, :open_timeout, :read_timeout, :follow_redirect, :redirect_limit, :query]
+    ATTRIBUTES = [:url, :proxy, :headers, :body, :open_timeout, :read_timeout, :write_timeout, :follow_redirect, :redirect_limit, :query]
 
     # Accepts a Hash of +args+ to mass assign attributes and authentication credentials.
     def initialize(args = {})
@@ -90,7 +90,7 @@ module HTTPI
       headers["Cookie"] = cookies if cookies
     end
 
-    attr_accessor :open_timeout, :read_timeout
+    attr_accessor :open_timeout, :read_timeout, :write_timeout
     attr_reader :body
 
     # Sets a body request given a String or a Hash.

data/lib/httpi/version.rb

@@ -1,3 +1,3 @@
 module HTTPI
-  VERSION = '2.4.3'
+  VERSION = '3.0.0'
 end

data/spec/fixtures/client_cert.pem

@@ -1,16 +1,20 @@
 -----BEGIN CERTIFICATE-----
-MIICbTCCAdYCCQDC4v8d04615DANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJE
-RTEQMA4GA1UECBMHSGFtYnVyZzEQMA4GA1UEBxMHSGFtYnVyZzEOMAwGA1UEChMF
-aHR0cGkxFDASBgNVBAMTC2V4YW1wbGUuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFt
-cGxlQGV4YW1wbGUuY29tMB4XDTEwMTAxNTE4NTg0N1oXDTExMTAxNTE4NTg0N1ow
-ezELMAkGA1UEBhMCREUxEDAOBgNVBAgTB0hhbWJ1cmcxEDAOBgNVBAcTB0hhbWJ1
-cmcxDjAMBgNVBAoTBWh0dHBpMRQwEgYDVQQDEwtleGFtcGxlLmNvbTEiMCAGCSqG
-SIb3DQEJARYTZXhhbXBsZUBleGFtcGxlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB
-jQAwgYkCgYEAvJiaojIFQAbFczXkBmjxpxra9LbQm0VIESFSl8uBSjmG/gmCBwKg
-8O94P3tAjDNClC+fEqBLE37KH4qe76yw7upgRruP5jQzUEL1yCaVtA/DoqgaCxZy
-7VhB2A3f71Zw6kQPt3BOME68fnGsTX65x9XAawCGzGmJSk/Z6wvml1MCAwEAATAN
-BgkqhkiG9w0BAQUFAAOBgQCxOyni9LOKf17vUKVG8Y4TBzRYwm8/hlEdVEU3JKG0
-/aCCwIJLHl+z+3L4r81IN3+YKrHilqx9K0emboJbBRQklYsv/AE+J44Bq3llRiro
-0e5zwH61jb1j+kxhcxoGiiy8R7hYho24ljuMgFGqtK3kZSP/t9tBLLVp+ItWQ6xX
-5g==
+MIIDVTCCAj2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAjMSEwHwYDVQQKDBhEZXZl
+bG9wbWVudC9DTj1sb2NhbGhvc3QwHhcNMTgwODEwMDAzMTQzWhcNMjgwODA3MDAz
+MTQzWjAjMSEwHwYDVQQKDBhEZXZlbG9wbWVudC9DTj1sb2NhbGhvc3QwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbU3vifU9omTx5T6ECuYnvryr4iWPP
+A4sXhduO8aD3IdA8zHlPtZnmh0liE30nAY00xKa4Eisxs9/UgUoHlEb5nCtYs6Od
+9pjiuyry2G5lBHIhLlVNTbReRKfjhr3ewUxcnQN0xiynjfsUMbzoVI1ZsGDWZ9gF
+4DHg3Accee3+/BNBDTWixYXh64D9YI1Tj/3fC1I2taUp32jdLXE9mbCByQlk5EZf
+BZUWx868FtwwzU3ymbq2uQQtTl5a0QHqLUwb0nkdewoRvaZJFkopI+1tgy0Hs+pY
+QM99vQWS7ViM5qbVYtPil/4VVWJbx/kQi/To4/Q8TxYbIRkoeJSOq9U3AgMBAAGj
+gZMwgZAwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU4W1eb4Zc4NOpBe8UXcmIzLHB
+FFQwSwYDVR0jBEQwQoAU4W1eb4Zc4NOpBe8UXcmIzLHBFFShJ6QlMCMxITAfBgNV
+BAoMGERldmVsb3BtZW50L0NOPWxvY2FsaG9zdIIBATAUBgNVHREEDTALgglsb2Nh
+bGhvc3QwDQYJKoZIhvcNAQELBQADggEBAM7oYR6eVIascNLhgfJFboVernRl137Y
+7hyjBQTSleMame/VN1MwMscUYpen8rFu9lUviKe9fxV/7OqNR4vvZ83ttbb+CxJ7
+3mwoQHufjrGcxsWUKrmtJsXAGZpGJFw7ygnKDAfDPKWSKYeUuQ417AutPWSvhWqa
+LEohhNCeHJj/+3U2vj2g2rvy0AASeMff9IMz/lpPZ2bjJQjlITXXPvswB2/uZSRT
+KWEifqfo03/nTjhzN7dz2hXEeZHroCq6FZa1R6smYVM79TORFWiKfdKtjXI8wQQ2
+BhVJpWQB2yw9d/4Q7x2EPjJEPiVoRLW0vF8uxr++14nhVkSpYJCSNAw=
 -----END CERTIFICATE-----

data/spec/fixtures/client_key.pem

@@ -1,15 +1,27 @@
 -----BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQC8mJqiMgVABsVzNeQGaPGnGtr0ttCbRUgRIVKXy4FKOYb+CYIH
-AqDw73g/e0CMM0KUL58SoEsTfsofip7vrLDu6mBGu4/mNDNQQvXIJpW0D8OiqBoL
-FnLtWEHYDd/vVnDqRA+3cE4wTrx+caxNfrnH1cBrAIbMaYlKT9nrC+aXUwIDAQAB
-AoGBAKjrGh1KJg+pwPInA5yGJGMil5h1obRgwmKtcPeKi7u6eOFSDMdQoGwMYKyj
-LTYlt21Yleat8XB9sHW9yAstpq5dU8Id2A4wfbJeaBYpek7u5+QwBENO4UrnulTk
-W0d+jECBVYECn8wCStxfoFcQQRhlGrsOn05379cD8e1odMOJAkEA3o/7CsgXqahG
-7L1HaWYtKnpFfTS+EQgdGvSahOolByAKTtMA2TUBU1FdlCk+ggWBGorqmWON5Qnm
-7UDHjOasZQJBANjuPOqa9ubqHccGwHec+72pQz6q5e8f1gf1XPn7EEuXsBzYiMMH
-qEa8zpfF0TmhQ0oWN75Cq709gfVVBfx/bVcCQHan1HN/Ef6FlKqKjxQGQXYwEfQa
-tmpmJP5GAktyeaM+1cAIhp9GvxooeveOtaCkRpxcC48ToIbHrLI4oyrfoHECQQC6
-bAHtmz6TMp5ka2j7Yez1EIC5WiQ/WxyTukgsi5V1YOX35B2jfPEf2SGxTE6BOBSb
-lnxRBPqRpkoIiwiZ9OgBAkBOWKBuHXmXM6wr+0p4KQ/DOeStZiBxUT8rYbX/i1BI
-/9Xo48KNerTx7qoDK+jIslDrilahvcwUz0fuVV7rHy/X
+MIIEpAIBAAKCAQEA21N74n1PaJk8eU+hArmJ768q+IljzwOLF4XbjvGg9yHQPMx5
+T7WZ5odJYhN9JwGNNMSmuBIrMbPf1IFKB5RG+ZwrWLOjnfaY4rsq8thuZQRyIS5V
+TU20XkSn44a93sFMXJ0DdMYsp437FDG86FSNWbBg1mfYBeAx4NwHHHnt/vwTQQ01
+osWF4euA/WCNU4/93wtSNrWlKd9o3S1xPZmwgckJZORGXwWVFsfOvBbcMM1N8pm6
+trkELU5eWtEB6i1MG9J5HXsKEb2mSRZKKSPtbYMtB7PqWEDPfb0Fku1YjOam1WLT
+4pf+FVViW8f5EIv06OP0PE8WGyEZKHiUjqvVNwIDAQABAoIBAQCbixNaxt/gIHyg
+0/YuRoMqdqIU7OrZz3t/TTEuqPItEc/qrmCCRRpGQT+rzIJ/fTw1ZhmOhWQYtaZR
+wPdNdLz5HOYo3A13Y4F9mpuU6iUwgvylx4Q7dJYsHKisVcymA5QyQjBHSpw0oB6m
+bbe5VO2B4/JpW+/6CsuU2rY4XciJgc+MDitqxgZOfMK8xcOiQ4EDa1OxL3TeZcYQ
+F5yUc39DhIDV03O/AFYnMZUMUQFNpSAyktms6YUL1JhwozcCaXB/da8TVRrLz1pl
+Cj3p2VgzHKa40NVCjXc2nvPCYRMF0yD0Jm9fRJPsCkVS3wtGgqQW+rwum1p/UPTr
+6x0MGd7RAoGBAPbxwBLiPyRnLy+9qgu2fS0JwXcG/6d6bhUrWS4hjzoggKyDz8Jg
+4KByXxnJVigZ8qlkynZKfb3FMuAPNxHxFhK5qPDNxV2UsdnR6RbDc9Sba8mBmzhl
+vvJSH7Nf7B0ws7sTzecXkh3BkaP5rhPycOxdLJs705p4RUALkDW7hn1NAoGBAONe
+dfmO49s2y1Ye2XrRCmGqfVa0n4pFmQajgputc4BPkf3XudtH365O0QEwt54Nw3dQ
+IvFzq/f0XVhkw4Coo38WZ4nTctbW/ZkVvKJnk2DJE1ubNJvw1wHzwz848BVT/b4Z
+VplqNDPvWmEmGFzrLeOwPZfDcglDxaCpjF7q0GqTAoGAcEOjUHJuxjvqpceR4NVL
+vwfqXhRecWMlXJZiaqhzFrfkB4m9D98+/3I/bdesRXrWaNAbgv+GfpmB8X65SHzT
+zht9hEvn6A1LdX0KfIDKzeMCc49qY49N6ZgQNVnsW7DiZLAyMVbz5Hc1oNhHnWXg
+lHQfbUsbfeQjh2Q6YVMpZxkCgYAmC2pGJciup46CjIrraAsKqJJsbbC8XETsvXNf
+RTisYaQWC4DH1lDxQ7LpNhOjWL46Oqh+KlK+HJ956PJlltI0s7UDdOQkWrj4YpC7
+xAT/DuY0T9YPuc7gPr+O1qIlj3ZH1smMxh6SChzfYJZ3BcsZ7CWCPWvZbQOmjHg2
+cagKDQKBgQCjuICU3aElEXyGwPCEazVakgcuAuiAAjECQrHrbSVPaTDu6Cumupkw
+50ypk/qJ3DegEumpufwLg37A9yFogkkHBI9Sw0PVjzXM0iWJsHceLTHWUgJBWcl3
+5Sl/AacXbUHz4NMqARNVrfR3DP33Z/YXJ4bpsVswEjD51jPwwluwyA==
 -----END RSA PRIVATE KEY-----