httpi 2.4.3 → 3.0.0

data/spec/httpi/adapter/net_http_spec.rb

@@ -1,198 +1,54 @@
 require "spec_helper"
-require "integration/support/server"
+require "httpi/adapter/net_http"
+require "httpi/request"
 
-describe HTTPI::Adapter::NetHTTP do
+begin
+  HTTPI::Adapter.load_adapter(:net_http)
 
-  subject(:adapter) { :net_http }
+  describe HTTPI::Adapter::NetHTTP do
+    let(:adapter) { HTTPI::Adapter::NetHTTP.new(request) }
+    let(:request) { HTTPI::Request.new("http://example.com") }
 
-  context "http requests" do
-    before :all do
-      @server = IntegrationServer.run
-    end
-
-    after :all do
-      @server.stop
-    end
-
-    context 'when socks is specified' do
-
-      let(:socks_client) { mock('socks_client') }
-      let(:request){HTTPI::Request.new(@server.url)}
-
-      it 'uses Net::HTTP.SOCKSProxy as client' do
-        socks_client.expects(:new).with(URI(@server.url).host, URI(@server.url).port).returns(:socks_client_instance)
-        Net::HTTP.expects(:SOCKSProxy).with('localhost', 8080).returns socks_client
-
-        request.proxy = 'socks://localhost:8080'
-        adapter = HTTPI::Adapter::NetHTTP.new(request)
-
-        expect(adapter.client).to eq(:socks_client_instance)
+    let(:response) {
+      Object.new.tap do |r|
+        r.stubs(:code).returns(200)
+        r.stubs(:body).returns("abc")
+        r.stubs(:to_hash).returns({"Content-Length" => "3"})
       end
-    end
-
-    it "sends and receives HTTP headers" do
-      request = HTTPI::Request.new(@server.url + "x-header")
-      request.headers["X-Header"] = "HTTPI"
-
-      response = HTTPI.get(request, adapter)
-      expect(response.body).to include("HTTPI")
-    end
+    }
 
-    it "executes GET requests" do
-      response = HTTPI.get(@server.url, adapter)
-      expect(response.body).to eq("get")
-      expect(response.headers["Content-Type"]).to eq("text/plain")
+    before do
+      Net::HTTP.any_instance.stubs(:start).returns(response)
     end
 
-    it "executes POST requests" do
-      response = HTTPI.post(@server.url, "<some>xml</some>", adapter)
-      expect(response.body).to eq("post")
-      expect(response.headers["Content-Type"]).to eq("text/plain")
-    end
-
-    it "executes HEAD requests" do
-      response = HTTPI.head(@server.url, adapter)
-      expect(response.code).to eq(200)
-      expect(response.headers["Content-Type"]).to eq("text/plain")
-    end
+    describe "settings" do
+      describe "open_timeout, read_timeout" do
+        it "are being set on the client" do
+          request.open_timeout = 30
+          request.read_timeout = 40
 
-    it "executes PUT requests" do
-      response = HTTPI.put(@server.url, "<some>xml</some>", adapter)
-      expect(response.body).to eq("put")
-      expect(response.headers["Content-Type"]).to eq("text/plain")
-    end
+          adapter.client.expects(:open_timeout=).with(30)
+          adapter.client.expects(:read_timeout=).with(40)
 
-    it "executes DELETE requests" do
-      response = HTTPI.delete(@server.url, adapter)
-      expect(response.body).to eq("delete")
-      expect(response.headers["Content-Type"]).to eq("text/plain")
-    end
-
-    context "supports custom methods supported by Net::HTTP" do
-      let(:request) do
-        HTTPI::Request.new(@server.url).tap do|r|
-          r.body = request_body if request_body
+          adapter.request(:get)
         end
       end
 
-      let(:request_body) { nil }
-
-      let(:response) { HTTPI.request(http_method, request, adapter) }
-
-      shared_examples_for 'any supported custom method' do
-        specify { response.body.should eq http_method.to_s }
-        specify { response.headers["Content-Type"].should eq('text/plain') }
-      end
-
-      context 'PATCH' do
-        let(:http_method) { :patch }
-        let(:request_body) { "<some>xml</some>" }
-
-        it_behaves_like 'any supported custom method'
-      end
-
-      context 'UNSUPPORTED method' do
-        let(:http_method) { :unsupported }
-
-        specify { expect { response }.to raise_error HTTPI::NotSupportedError }
-      end
-    end
-
-    it "supports basic authentication" do
-      request = HTTPI::Request.new(@server.url + "basic-auth")
-      request.auth.basic("admin", "secret")
-
-      response = HTTPI.get(request, adapter)
-      expect(response.body).to eq("basic-auth")
-    end
-
-    it "does not support digest authentication" do
-      request = HTTPI::Request.new(@server.url + "digest-auth")
-      request.auth.digest("admin", "secret")
-
-      expect { HTTPI.get(request, adapter) }.
-        to raise_error(HTTPI::NotSupportedError, /does not support HTTP digest authentication/)
-    end
-
-    it "supports ntlm authentication" do
-      request = HTTPI::Request.new(@server.url + "ntlm-auth")
-      request.auth.ntlm("tester", "vReqSoafRe5O")
-
-      response = HTTPI.get(request, adapter)
-      expect(response.body).to eq("ntlm-auth")
-    end
-
-    it 'does not support ntlm authentication when Net::NTLM is not available' do
-      Net.expects(:const_defined?).with(:NTLM).returns false
-
-      request = HTTPI::Request.new(@server.url + 'ntlm-auth')
-      request.auth.ntlm("testing", "failures")
-
-      expect { HTTPI.get(request, adapter) }.
-        to raise_error(HTTPI::NotSupportedError, /Net::NTLM is not available/)
-    end
-
-    it 'does not require ntlm when ntlm authenication is not requested' do 
-      HTTPI::Adapter::NetHTTP.any_instance.stubs(:check_net_ntlm_version!).raises(RuntimeError)
-        request = HTTPI::Request.new(@server.url)
-        expect(request.auth.ntlm?).to be false
-
-        # make sure a request doesn't call ntlm check if we don't ask for it.
-        expect { HTTPI.get(request, adapter) }.not_to raise_error
-      HTTPI::Adapter::NetHTTP.any_instance.unstub(:check_net_ntlm_version!)
-    end
-
-    it 'does check ntlm when ntlm authentication is requested' do 
-      request = HTTPI::Request.new(@server.url + "ntlm-auth")
-      request.auth.ntlm("tester", "vReqSoafRe5O")
-        
-      expect { HTTPI.get(request, adapter) }.not_to raise_error
-
-      # the check should also verify that the version of ntlm is supported and still fail if it isn't
-      HTTPI::Adapter::NetHTTP.any_instance.stubs(:ntlm_version).returns("0.1.1")
-
-        request = HTTPI::Request.new(@server.url + "ntlm-auth")
-        request.auth.ntlm("tester", "vReqSoafRe5O")
-        
-        expect { HTTPI.get(request, adapter) }.to raise_error(ArgumentError, /Invalid version/)
-
-      HTTPI::Adapter::NetHTTP.any_instance.unstub(:ntlm_version)
-    end
-
-    it "does not crash when authenticate header is missing (on second request)" do
-      request = HTTPI::Request.new(@server.url + 'ntlm-auth')
-      request.auth.ntlm("tester", "vReqSoafRe5O")
-
-      expect { HTTPI.get(request, adapter) }.
-        to_not raise_error
-
-      expect { HTTPI.get(request, adapter) }.
-        to_not raise_error
-    end
-  end
-
-  # it does not support digest auth
-
-  if RUBY_PLATFORM =~ /java/
-    pending "Puma Server complains: SSL not supported on JRuby"
-  else
-    context "https requests" do
-      before :all do
-        @server = IntegrationServer.run(:ssl => true)
-      end
-      after :all do
-        @server.stop
-      end
-
-      # it does not raise when no certificate was set up
-      it "works when set up properly" do
-        request = HTTPI::Request.new(@server.url)
-        request.auth.ssl.ca_cert_file = IntegrationServer.ssl_ca_file
-
-        response = HTTPI.get(request, adapter)
-        expect(response.body).to eq("get")
+      describe "write_timeout" do
+        if Net::HTTP.method_defined?(:write_timeout=)
+          it "is being set on the client" do
+            request.write_timeout = 50
+            adapter.client.expects(:write_timeout=).with(50)
+            adapter.request(:get)
+          end
+        else
+          it "can not be set on the client" do
+            request.write_timeout = 50
+            expect { adapter.request(:get) }
+              .to raise_error(HTTPI::NotSupportedError, /write_timeout/)
+          end
+        end
       end
     end
   end
-
 end

data/spec/httpi/auth/ssl_spec.rb

@@ -4,6 +4,7 @@ require "httpi/auth/ssl"
 describe HTTPI::Auth::SSL do
   before(:all) do
     @ssl_versions = HTTPI::Auth::SSL::SSL_VERSIONS
+    @min_max_versions = HTTPI::Auth::SSL::MIN_MAX_VERSIONS
   end
 
   describe "VERIFY_MODES" do
@@ -158,6 +159,53 @@ describe HTTPI::Auth::SSL do
     end
   end
 
+  describe "#min_version" do
+    subject { HTTPI::Auth::SSL.new }
+
+    it "returns the min_version" do
+      subject.min_version = @min_max_versions.first
+      expect(subject.min_version).to eq(@min_max_versions.first)
+    end
+
+    it 'raises ArgumentError if the version is unsupported' do
+      expect { ssl.min_version = :ssl_fail }.
+        to raise_error(ArgumentError, "Invalid SSL min_version :ssl_fail\n" +
+                                      "Please specify one of #{@min_max_versions}")
+    end
+  end
+
+  describe "#max_version" do
+    subject { HTTPI::Auth::SSL.new }
+
+    it "returns the SSL version" do
+      subject.max_version = @min_max_versions.first
+      expect(subject.max_version).to eq(@min_max_versions.first)
+    end
+
+    it 'raises ArgumentError if the version is unsupported' do
+      expect { ssl.max_version = :ssl_fail }.
+        to raise_error(ArgumentError, "Invalid SSL max_version :ssl_fail\n" +
+                                      "Please specify one of #{@min_max_versions}")
+    end
+  end
+
+  describe '#ciphers' do
+    subject { ssl.ciphers }
+    let(:ssl) { HTTPI::Auth::SSL.new }
+
+    context 'without ciphers' do
+      before { ssl.ciphers = nil }
+
+      it { is_expected.to eq(nil) }
+    end
+
+    context 'with ciphers' do
+      before { ssl.ciphers = OpenSSL::SSL::SSLContext.new.ciphers }
+
+      it { is_expected.to be_any.and(all(be_an_instance_of(String))) }
+    end
+  end
+
   def ssl
     ssl = HTTPI::Auth::SSL.new
     ssl.cert_key_file = "spec/fixtures/client_key.pem"

data/spec/httpi/httpi_spec.rb

@@ -6,11 +6,9 @@ require "excon"
 require "net/http/persistent"
 require "http"
 
-unless RUBY_VERSION < "1.9"
+unless RUBY_PLATFORM =~ /java/
   require "em-synchrony"
   require "em-http-request"
-end
-unless RUBY_PLATFORM =~ /java/
   require "curb"
 end
 
@@ -294,7 +292,7 @@ describe HTTPI do
       end
 
       HTTPI::Adapter::ADAPTERS.each do |adapter, opts|
-        unless (adapter == :em_http && RUBY_VERSION =~ /1\.8/) || (adapter == :curb && RUBY_PLATFORM =~ /java/)
+        unless (adapter == :em_http || adapter == :curb) && RUBY_PLATFORM =~ /java/
           client_class = {
             :httpclient => lambda { HTTPClient },
             :curb       => lambda { Curl::Easy },

data/spec/integration/curb_spec.rb

@@ -33,6 +33,17 @@ describe HTTPI::Adapter::Curb do
         expect(response.headers["Set-Cookie"]).to eq(cookies)
       end
 
+      it "it supports read timeout" do
+        require "curb"
+
+        request = HTTPI::Request.new(@server.url + "timeout")
+        request.read_timeout = 0.5 # seconds
+
+        expect do
+          HTTPI.get(request, adapter)
+        end.to raise_exception(Curl::Err::TimeoutError)
+      end
+
       it "executes GET requests" do
         response = HTTPI.get(@server.url, adapter)
         expect(response.body).to eq("get")
@@ -112,6 +123,15 @@ describe HTTPI::Adapter::Curb do
         response = HTTPI.get(request, adapter)
         expect(response.body).to eq("get")
       end
+
+      it "works with ciphers" do
+        request = HTTPI::Request.new(@server.url)
+        request.auth.ssl.ca_cert_file = IntegrationServer.ssl_ca_file
+        request.auth.ssl.ciphers = OpenSSL::SSL::SSLContext.new.ciphers
+
+        response = HTTPI.get(request, adapter)
+        expect(response.body).to eq("get")
+      end
     end
 
   end

data/spec/integration/em_http_spec.rb

@@ -3,8 +3,8 @@ require "integration/support/server"
 
 describe HTTPI::Adapter::EmHttpRequest do
 
-  # em_http is not supported on ruby 1.8
-  unless RUBY_VERSION =~ /1\.8/
+  # em_http is not supported on java
+  unless RUBY_PLATFORM =~ /java/
     require "em-synchrony"
 
     subject(:adapter) { :em_http }
@@ -42,6 +42,23 @@ describe HTTPI::Adapter::EmHttpRequest do
         expect(response.headers["Set-Cookie"]).to eq(cookies)
       end
 
+      if RUBY_PLATFORM =~ /java/
+        pending <<-MSG
+          It seems like JRuby is missing support for inactivity timeout! See related issues on GitHub:
+            - https://github.com/eventmachine/eventmachine/issues/155
+            - https://github.com/eventmachine/eventmachine/pull/312
+        MSG
+      else
+        it "it supports read timeout" do
+          request = HTTPI::Request.new(@server.url + "timeout")
+          request.read_timeout = 0.5 # seconds
+
+          expect do
+            HTTPI.get(request, adapter)
+          end.to raise_exception(HTTPI::TimeoutError)
+        end
+      end
+
       it "executes GET requests" do
         response = HTTPI.get(@server.url, adapter)
         expect(response.body).to eq("get")

data/spec/integration/excon_spec.rb

@@ -1,7 +1,7 @@
 require "spec_helper"
 require "integration/support/server"
 
-describe HTTPI::Adapter::HTTPClient do
+describe HTTPI::Adapter::Excon do
 
   subject(:adapter) { :excon }
 
@@ -30,6 +30,17 @@ describe HTTPI::Adapter::HTTPClient do
       expect(response.headers["Set-Cookie"]).to eq(cookies)
     end
 
+    it "it supports read timeout" do
+      require "excon"
+
+      request = HTTPI::Request.new(@server.url + "timeout")
+      request.read_timeout = 0.5 # seconds
+
+      expect do
+        HTTPI.get(request, adapter)
+      end.to raise_exception(Excon::Error::Timeout)
+    end
+
     it "executes GET requests" do
       response = HTTPI.get(@server.url, adapter)
       expect(response.body).to eq("get")
@@ -68,6 +79,21 @@ describe HTTPI::Adapter::HTTPClient do
       expect(response.body).to eq("basic-auth")
     end
 
+    it "does not support ntlm authentication" do
+      request = HTTPI::Request.new(@server.url + "ntlm-auth")
+      request.auth.ntlm("tester", "vReqSoafRe5O")
+
+      expect { HTTPI.get(request, adapter) }.
+        to raise_error(HTTPI::NotSupportedError, /does not support NTLM authentication/)
+    end
+
+    it "supports disabling verify mode" do
+      request = HTTPI::Request.new(@server.url)
+      request.auth.ssl.verify_mode = :none
+      adapter_class = HTTPI::Adapter.load(adapter).new(request)
+      expect(adapter_class.client.data[:ssl_verify_peer]).to eq(false)
+    end
+
     it "supports chunked response" do
       request = HTTPI::Request.new(@server.url)
       res = ""
@@ -102,6 +128,46 @@ describe HTTPI::Adapter::HTTPClient do
         response = HTTPI.get(request, adapter)
         expect(response.body).to eq("get")
       end
+
+      it "works with min_version/max_version" do
+        request = HTTPI::Request.new(@server.url)
+        request.auth.ssl.ca_cert_file = IntegrationServer.ssl_ca_file
+        request.auth.ssl.min_version = :TLS1_2
+        request.auth.ssl.max_version = :TLS1_2
+
+        response = HTTPI.get(request, adapter)
+        expect(response.body).to eq("get")
+      end
+
+      it "works with client cert and key provided as file path" do
+        request = HTTPI::Request.new(@server.url)
+        request.auth.ssl.ca_cert_file = IntegrationServer.ssl_ca_file
+        request.auth.ssl.cert_file = "spec/fixtures/client_cert.pem"
+        request.auth.ssl.cert_key_file = "spec/fixtures/client_key.pem"
+
+        response = HTTPI.get(request, adapter)
+        expect(response.body).to eq("get")
+      end
+
+      it "works with client cert and key set directly" do
+        request = HTTPI::Request.new(@server.url)
+
+        request.auth.ssl.ca_cert_file = IntegrationServer.ssl_ca_file
+        request.auth.ssl.cert = OpenSSL::X509::Certificate.new File.open("spec/fixtures/client_cert.pem").read
+        request.auth.ssl.cert_key = OpenSSL::PKey.read File.open("spec/fixtures/client_key.pem").read
+
+        response = HTTPI.get(request, adapter)
+        expect(response.body).to eq("get")
+      end
+
+      it "works with ciphers" do
+        request = HTTPI::Request.new(@server.url)
+        request.auth.ssl.ca_cert_file = IntegrationServer.ssl_ca_file
+        request.auth.ssl.ciphers = OpenSSL::SSL::SSLContext.new.ciphers
+
+        response = HTTPI.get(request, adapter)
+        expect(response.body).to eq("get")
+      end
     end
   end
 

data/spec/integration/fixtures/ca_all.pem

@@ -1,44 +1,19 @@
 -----BEGIN CERTIFICATE-----
-MIID0DCCArigAwIBAgIBADANBgkqhkiG9w0BAQUFADA8MQswCQYDVQQGDAJKUDES
-MBAGA1UECgwJSklOLkdSLkpQMQwwCgYDVQQLDANSUlIxCzAJBgNVBAMMAkNBMB4X
-DTA0MDEzMDAwNDIzMloXDTM2MDEyMjAwNDIzMlowPDELMAkGA1UEBgwCSlAxEjAQ
-BgNVBAoMCUpJTi5HUi5KUDEMMAoGA1UECwwDUlJSMQswCQYDVQQDDAJDQTCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANbv0x42BTKFEQOE+KJ2XmiSdZpR
-wjzQLAkPLRnLB98tlzs4xo+y4RyY/rd5TT9UzBJTIhP8CJi5GbS1oXEerQXB3P0d
-L5oSSMwGGyuIzgZe5+vZ1kgzQxMEKMMKlzA73rbMd4Jx3u5+jdbP0EDrPYfXSvLY
-bS04n2aX7zrN3x5KdDrNBfwBio2/qeaaj4+9OxnwRvYP3WOvqdW0h329eMfHw0pi
-JI0drIVdsEqClUV4pebT/F+CPUPkEh/weySgo9wANockkYu5ujw2GbLFcO5LXxxm
-dEfcVr3r6t6zOA4bJwL0W/e6LBcrwiG/qPDFErhwtgTLYf6Er67SzLyA66UCAwEA
-AaOB3DCB2TAPBgNVHRMBAf8EBTADAQH/MDEGCWCGSAGG+EIBDQQkFiJSdWJ5L09w
-ZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRJ7Xd380KzBV7f
-USKIQ+O/vKbhDzAOBgNVHQ8BAf8EBAMCAQYwZAYDVR0jBF0wW4AUSe13d/NCswVe
-31EiiEPjv7ym4Q+hQKQ+MDwxCzAJBgNVBAYMAkpQMRIwEAYDVQQKDAlKSU4uR1Iu
-SlAxDDAKBgNVBAsMA1JSUjELMAkGA1UEAwwCQ0GCAQAwDQYJKoZIhvcNAQEFBQAD
-ggEBAIu/mfiez5XN5tn2jScgShPgHEFJBR0BTJBZF6xCk0jyqNx/g9HMj2ELCuK+
-r/Y7KFW5c5M3AQ+xWW0ZSc4kvzyTcV7yTVIwj2jZ9ddYMN3nupZFgBK1GB4Y05GY
-MJJFRkSu6d/Ph5ypzBVw2YMT/nsOo5VwMUGLgS7YVjU+u/HNWz80J3oO17mNZllj
-PvORJcnjwlroDnS58KoJ7GDgejv3ESWADvX1OHLE4cRkiQGeLoEU4pxdCxXRqX0U
-PbwIkZN9mXVcrmPHq8MWi4eC/V7hnbZETMHuWhUoiNdOEfsAXr3iP4KjyyRdwc7a
-d/xgcK06UVQRL/HbEYGiQL056mc=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDaDCCAlCgAwIBAgIBATANBgkqhkiG9w0BAQUFADA8MQswCQYDVQQGDAJKUDES
-MBAGA1UECgwJSklOLkdSLkpQMQwwCgYDVQQLDANSUlIxCzAJBgNVBAMMAkNBMB4X
-DTA0MDEzMDAwNDMyN1oXDTM1MDEyMjAwNDMyN1owPzELMAkGA1UEBgwCSlAxEjAQ
-BgNVBAoMCUpJTi5HUi5KUDEMMAoGA1UECwwDUlJSMQ4wDAYDVQQDDAVTdWJDQTCC
-ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ0Ou7AyRcRXnB/kVHv/6kwe
-ANzgg/DyJfsAUqW90m7Lu1nqyug8gK0RBd77yU0w5HOAMHTVSdpjZK0g2sgx4Mb1
-d/213eL9TTl5MRVEChTvQr8q5DVG/8fxPPE7fMI8eOAzd98/NOAChk+80r4Sx7fC
-kGVEE1bKwY1MrUsUNjOY2d6t3M4HHV3HX1V8ShuKfsHxgCmLzdI8U+5CnQedFgkm
-3e+8tr8IX5RR1wA1Ifw9VadF7OdI/bGMzog/Q8XCLf+WPFjnK7Gcx6JFtzF6Gi4x
-4dp1Xl45JYiVvi9zQ132wu8A1pDHhiNgQviyzbP+UjcB/tsOpzBQF8abYzgEkWEC
-AwEAAaNyMHAwDwYDVR0TAQH/BAUwAwEB/zAxBglghkgBhvhCAQ0EJBYiUnVieS9P
-cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUlCjXWLsReYzH
-LzsxwVnCXmKoB/owCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCJ/OyN
-rT8Cq2Y+G2yA/L1EMRvvxwFBqxavqaqHl/6rwsIBFlB3zbqGA/0oec6MAVnYynq4
-c4AcHTjx3bQ/S4r2sNTZq0DH4SYbQzIobx/YW8PjQUJt8KQdKMcwwi7arHP7A/Ha
-LKu8eIC2nsUBnP4NhkYSGhbmpJK+PFD0FVtD0ZIRlY/wsnaZNjWWcnWF1/FNuQ4H
-ySjIblqVQkPuzebv3Ror6ZnVDukn96Mg7kP4u6zgxOeqlJGRe1M949SS9Vudjl8X
-SF4aZUUB9pQGhsqQJVqaz2OlhGOp9D0q54xko/rekjAIcuDjl1mdX4F2WRrzpUmZ
-uY/bPeOBYiVsOYVe
+MIIDDjCCAfagAwIBAgIBAzANBgkqhkiG9w0BAQsFADA4MRMwEQYKCZImiZPyLGQB
+GRYDbmV0MRQwEgYKCZImiZPyLGQBGRYEcHVtYTELMAkGA1UEAwwCQ0EwHhcNMjAw
+ODAxMDAwMDAwWhcNMjQwODAxMDAwMDAwWjA4MRMwEQYKCZImiZPyLGQBGRYDbmV0
+MRQwEgYKCZImiZPyLGQBGRYEcHVtYTELMAkGA1UEAwwCQ0EwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDIHxrFcS2JkRQbXLFosb32unVkVuwHSPSt6Dpl
+2jUQHP/bceAx/d9waHYf8rlbCFAIoduZDOc7XCJUidgcG5NfLJyQpkkWOU8CGWH+
+Ipl4AE8auYCcy/0T7BQqaRC41HPmrJG1CC40rqcY47lUO2haI+vj5TZFHNhAbRat
+rR1iD1veis2gBZtrMzd4IlpvEHGv6ghfnSc20za4exmapjp/uAAIOXpeFX8QHumA
+bty4dd+iHpKjDzUrhG9Qa5v28ii2K1AcbczUQ7FzSp2/GoRSjF+WY6i86N9Z1M97
+2PEgy0IG5l6JHu1P0/rd00hN0h0Owzv3V5ldMLZap7+pVFQTAgMBAAGjIzAhMA8G
+A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IB
+AQA3GWpy4bYLOHLENDTUBeclF6cDdYiautD6gxd1SDLMWOhAUF7ywwT87OAJdr1I
++W1TUv5BRG21rNm1QsZfLbStdKA1mpiET/9nYN7m1YauL5hI3yD49TGuO9/sxcE5
+zNW7D3VBVNq+pyT21/TvLAgxCNvjjm7byzyIOcoRUyZx8WhCf8nUT6cEShXqEg4Q
+iUBSLI38tiQoZneuVzDRlXBY0PqoB19l2Kg9yThHjPTVhw5EAQSDKXCCvaxAbVw6
+ZPLNnOdK6DvqEZ3GC5WlaHQdmLxmN4OfV6AEtpgqgGY9u8K1ylTr3ET7xLK7bhcA
+oZsggEVZr1Ifx9BWIazRNwlw
 -----END CERTIFICATE-----

data/spec/integration/fixtures/server.cert

@@ -1,19 +1,19 @@
 -----BEGIN CERTIFICATE-----
-MIIC/zCCAeegAwIBAgIBATANBgkqhkiG9w0BAQUFADA/MQswCQYDVQQGDAJKUDES
-MBAGA1UECgwJSklOLkdSLkpQMQwwCgYDVQQLDANSUlIxDjAMBgNVBAMMBVN1YkNB
-MB4XDTA0MDEzMTAzMTMxNloXDTMzMDEyMzAzMTMxNlowQzELMAkGA1UEBgwCSlAx
-EjAQBgNVBAoMCUpJTi5HUi5KUDEMMAoGA1UECwwDUlJSMRIwEAYDVQQDDAlsb2Nh
-bGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANFJTxWqup3nV9dsJAku
-p+WaXnPNIzcpAA3qMGZDJTJsfa8Du7ZxTP0XJK5mETttBrn711cJxAuP3KjqnW9S
-vtZ9lY2sXJ6Zj62sN5LwG3VVe25dI28yR1EsbHjJ5Zjf9tmggMC6am52dxuHbt5/
-vHo4ngJuKE/U+eeGRivMn6gFAgMBAAGjgYUwgYIwDAYDVR0TAQH/BAIwADAxBglg
-hkgBhvhCAQ0EJBYiUnVieS9PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAd
-BgNVHQ4EFgQUpZIyygD9JxFYHHOTEuWOLbCKfckwCwYDVR0PBAQDAgWgMBMGA1Ud
-JQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBBQUAA4IBAQBwAIj5SaBHaA5X31IP
-CFCJiep96awfp7RANO0cuUj+ZpGoFn9d6FXY0g+Eg5wAkCNIzZU5NHN9xsdOpnUo
-zIBbyTfQEPrge1CMWMvL6uGaoEXytq84VTitF/xBTky4KtTn6+es4/e7jrrzeUXQ
-RC46gkHObmDT91RkOEGjHLyld2328jo3DIN/VTHIryDeVHDWjY5dENwpwdkhhm60
-DR9IrNBbXWEe9emtguNXeN0iu1ux0lG1Hc6pWGQxMlRKNvGh0yZB9u5EVe38tOV0
-jQaoNyL7qzcQoXD3Dmbi1p0iRmg/+HngISsz8K7k7MBNVsSclztwgCzTZOBiVtkM
-rRlQ
+MIIDBDCCAeygAwIBAgIBBzANBgkqhkiG9w0BAQsFADA4MRMwEQYKCZImiZPyLGQB
+GRYDbmV0MRQwEgYKCZImiZPyLGQBGRYEcHVtYTELMAkGA1UEAwwCQ0EwHhcNMjAw
+ODAxMDAwMDAwWhcNMjQwODAxMDAwMDAwWjA/MRMwEQYKCZImiZPyLGQBGRYDbmV0
+MRQwEgYKCZImiZPyLGQBGRYEcHVtYTESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXOg3gTrGJfVft9cSrfGRnEZezDB
+L93fcLwJAoaXGxbEg1RW/fOrSpSNemuqOvbzczV7m5eYTf1lHPBJsndbYyijIR1+
+Fp4tjFDp76SC3hxCIc3uYXIz0qQwSOAi1z15zobS4xF29jlsXWtfBl9fivjzdj/f
+pbZ+JPYOrlcJAf6Xmr3xh//13rOI0ytBMlWf51z/iAZBLm2wvbt+nR7B6koAdTgM
+Coe+gOtcLWYY5ApJ4qB9knGdxWoF5p7guHHw2aGTM0jyhgBowfVkFRiE2JUmODae
+g+dHsd8ogWbqhGyZTredJF/NRrLKU0h+t7ldKHvXEZy4qyqQlvKoTpODqQIDAQAB
+oxIwEDAOBgNVHQ8BAf8EBAMCBLAwDQYJKoZIhvcNAQELBQADggEBAI/bcQP4Hu9O
+OtaaIjVxN8+9jXUOrMpSogmZ4bRKImispt9SA+sbxec7iOMM2pG3Py2yi0hWGzii
+hSebWIsM1JuPj7ks9l8nGRxpGeInJwTkJorG4ZLEypoS2wW3fQZGx3o4da5V+U2Z
+HEY0wQTbPBqqnyeZ16ZFNVCzw8y9l7y7CEFjvUO3sq0pne9r7Z+XVgjGyBdBYkJS
+0kcqPBXFCMHrWH5UlacYlM5cqgoVztOp2STGmR3XR7a34oueeA10QSP+jzeYvWA1
+wTYA762uU2ReCdujfNbf8V1tZWAH36KldM3hhDNWeveAGxxj1h2R9T/k2kHl/a7D
+I3VdS59vjJY=
 -----END CERTIFICATE-----

data/spec/integration/fixtures/server.key

@@ -1,15 +1,27 @@
 -----BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDRSU8Vqrqd51fXbCQJLqflml5zzSM3KQAN6jBmQyUybH2vA7u2
-cUz9FySuZhE7bQa5+9dXCcQLj9yo6p1vUr7WfZWNrFyemY+trDeS8Bt1VXtuXSNv
-MkdRLGx4yeWY3/bZoIDAumpudncbh27ef7x6OJ4CbihP1PnnhkYrzJ+oBQIDAQAB
-AoGBAIf4CstW2ltQO7+XYGoex7Hh8s9lTSW/G2vu5Hbr1LTHy3fzAvdq8MvVR12O
-rk9fa+lU9vhzPc0NMB0GIDZ9GcHuhW5hD1Wg9OSCbTOkZDoH3CAFqonjh4Qfwv5W
-IPAFn9KHukdqGXkwEMdErsUaPTy9A1V/aROVEaAY+HJgq/eZAkEA/BP1QMV04WEZ
-Oynzz7/lLizJGGxp2AOvEVtqMoycA/Qk+zdKP8ufE0wbmCE3Qd6GoynavsHb6aGK
-gQobb8zDZwJBANSK6MrXlrZTtEaeZuyOB4mAmRzGzOUVkUyULUjEx2GDT93ujAma
-qm/2d3E+wXAkNSeRpjUmlQXy/2oSqnGvYbMCQQDRM+cYyEcGPUVpWpnj0shrF/QU
-9vSot/X1G775EMTyaw6+BtbyNxVgOIu2J+rqGbn3c+b85XqTXOPL0A2RLYkFAkAm
-syhSDtE9X55aoWsCNZY/vi+i4rvaFoQ/WleogVQAeGVpdo7/DK9t9YWoFBIqth0L
-mGSYFu9ZhvZkvQNV8eYrAkBJ+rOIaLDsmbrgkeDruH+B/9yrm4McDtQ/rgnOGYnH
-LjLpLLOrgUxqpzLWe++EwSLwK2//dHO+SPsQJ4xsyQJy
+MIIEpQIBAAKCAQEAvXOg3gTrGJfVft9cSrfGRnEZezDBL93fcLwJAoaXGxbEg1RW
+/fOrSpSNemuqOvbzczV7m5eYTf1lHPBJsndbYyijIR1+Fp4tjFDp76SC3hxCIc3u
+YXIz0qQwSOAi1z15zobS4xF29jlsXWtfBl9fivjzdj/fpbZ+JPYOrlcJAf6Xmr3x
+h//13rOI0ytBMlWf51z/iAZBLm2wvbt+nR7B6koAdTgMCoe+gOtcLWYY5ApJ4qB9
+knGdxWoF5p7guHHw2aGTM0jyhgBowfVkFRiE2JUmODaeg+dHsd8ogWbqhGyZTred
+JF/NRrLKU0h+t7ldKHvXEZy4qyqQlvKoTpODqQIDAQABAoIBAQCCtt8NkNMs2sYB
+jdc97mKtg6eTKeaBQlLCk9qblYV4uVLJUk3bVl6fTLP4/YQsvurmWMZ6ajQ5y1YS
+i3At5NB3MDitxo2SyXyfzcw6/oUU/uZaMJ4DOiqrcYGnJo6jd9UtPDURWqF77c7o
+/gZIfVGMr4w70IJc8fdDRUqH26Fpb7Gp0+RNUXtM9tSovkX/yICje7Hp4IIiJJ0t
+KGepdHfddshR4OIALh0k3jC9zfbYfSdIKZuGBf7bmjJTByLavjcG6HFLyt7aZBt3
+136hXAOvMO780WW2vQ8xAYkd+8bf4db4fjUpw3NWJ5wVdQhI9jhkAc9LhhxiDVoI
+g9IyaSUBAoGBAObajQ24JlNg11ZZffPZwmvMlMDyZ8pZ5dk/Up9nOvCp1J2+7ef/
+6wjkOhrSyIPpvJCmftOn0c9IkV7tk5673Kjmly33QiIwiEeEG3lNN6GytiXIGqFV
+ScPGznO/rNeKUsMFu3SXZNYs7aYqr9OCadwATuh+IzTQAx3T3prno4F5AoGBANIW
+kJRF2Pl4yWc7MRjF+WnGfhJHv7VOcLlmFD1fa/IIM9xuBRgikiBWHtFwLoXknsY8
+y2VqNrPEkjCp+qLpXLC8l3dzpNU33Z42h/tUfoTmgSgDUQXGggjzbcS8cf+1D55z
+KuPazKAndyiuhIENk1gE+5RKdNyjYP2sI4+L5jexAoGBANxx2rw9GywHj9n/P006
+pnO2Ol49nGsYiWp5E3bwZtIl+shf6GLgeRpWhj3TBnMhIlWnB/kpiiq8i0Tw7URo
+9H+9IqRcNqTbX2ebeXjOCc+5DkLp4LQq83OmRsM1R+HTTtC4ipb9cucqpA1HOftp
+z5isGq3ctdXaxP8YsLuPcw1RAoGAXZx0W70ryy2JAJidbd55Hiq17ktOHumOzO2x
+Qw+Lt9Lz2NqlJnXxCruVC9miwUJ3hPl93/iN21hRk6GJ7qFxDcda7nz3C5LTCzZd
+LR4fKfTTxBKGPb6QHpDpbmpRmZECHqZOjCzoVMyBCf2JST/VUbkWqKLso4uhIidb
+yRCbSmECgYEAp+IuwpnMxVPxP52/xPFVcAxH2pDfmn5TJLJCNuKEUAS9ncZuz7rh
+jJxtbC4AoGsS0+TdxnlMBvBpZE3QddQmjvey77yu/OvRUX2m/J/d+I2duTaHGR9Z
+9VMxtlFY+DbDkJI2HVVxu5XfLKMJSEsMza8K64Ntx3XY3dJLCHrR1EY=
 -----END RSA PRIVATE KEY-----