redis 3.2.2 → 3.3.1

data/test/connection_handling_test.rb

@@ -51,6 +51,33 @@ class TestConnectionHandling < Test::Unit::TestCase
     assert !r.client.connected?
   end
 
+  def test_close
+    quit = 0
+
+    commands = {
+      :quit => lambda do
+        quit += 1
+        "+OK"
+      end
+    }
+
+    redis_mock(commands) do |redis|
+      assert_equal 0, quit
+
+      redis.quit
+
+      assert_equal 1, quit
+
+      redis.ping
+
+      redis.close
+
+      assert_equal 1, quit
+
+      assert !redis.connected?
+    end
+  end
+
   def test_disconnect
     quit = 0
 

data/test/distributed_internals_test.rb

@@ -72,7 +72,7 @@ class TestDistributedInternals < Test::Unit::TestCase
     nodes = ["redis://localhost:#{PORT}/15", "redis://localhost:#{PORT}/15", *NODES]
 
     assert_raise(RuntimeError) do
-      redis = Redis::Distributed.new nodes
+      Redis::Distributed.new nodes
     end
   end
 

data/test/internals_test.rb

@@ -5,6 +5,7 @@ require File.expand_path("helper", File.dirname(__FILE__))
 class TestInternals < Test::Unit::TestCase
 
   include Helper::Client
+  include Helper::Skipable
 
   def test_logger
     r.ping
@@ -160,6 +161,25 @@ class TestInternals < Test::Unit::TestCase
     assert (Time.now - start_time) <= opts[:timeout]
   end
 
+  driver(:ruby) do
+    def test_write_timeout
+      return skip("Relies on buffer sizes, might be unreliable")
+
+      server = TCPServer.new("127.0.0.1", 0)
+      port   = server.addr[1]
+
+      # Hacky, but we need the buffer size
+      val = TCPSocket.new("127.0.0.1", port).getsockopt(Socket::SOL_SOCKET, Socket::SO_SNDBUF).unpack("i")[0]
+
+      assert_raise(Redis::TimeoutError) do
+        Timeout.timeout(1) do
+          redis = Redis.new(:port => port, :timeout => 5, :write_timeout => 0.1)
+          redis.set("foo", "1" * val*2)
+        end
+      end
+    end
+  end
+
   def close_on_ping(seq, options = {})
     $request = 0
 

data/test/lint/blocking_commands.rb

@@ -35,7 +35,7 @@ module Lint
         :brpoplpush => lambda do |*args|
           sleep options[:delay] if options.has_key?(:delay)
           to_protocol(args.last)
-        end,
+        end
       }
 
       redis_mock(commands, &blk)

data/test/lint/sorted_sets.rb

@@ -39,8 +39,8 @@ module Lint
         # INCR option
         assert_equal 1.0, r.zadd("foo", 1, "s1", :incr => true)
         assert_equal 11.0, r.zadd("foo", 10, "s1", :incr => true)
-        assert_equal -Infinity, r.zadd("bar", "-inf", "s1", :incr => true)
-        assert_equal +Infinity, r.zadd("bar", "+inf", "s2", :incr => true)
+        assert_equal(-Infinity, r.zadd("bar", "-inf", "s1", :incr => true))
+        assert_equal(+Infinity, r.zadd("bar", "+inf", "s2", :incr => true))
         r.del "foo", "bar"
 
         # Incompatible options combination
@@ -101,8 +101,8 @@ module Lint
         # INCR option
         assert_equal 1.0, r.zadd("foo", [1, "s1"], :incr => true)
         assert_equal 11.0, r.zadd("foo", [10, "s1"], :incr => true)
-        assert_equal -Infinity, r.zadd("bar", ["-inf", "s1"], :incr => true)
-        assert_equal +Infinity, r.zadd("bar", ["+inf", "s2"], :incr => true)
+        assert_equal(-Infinity, r.zadd("bar", ["-inf", "s1"], :incr => true))
+        assert_equal(+Infinity, r.zadd("bar", ["+inf", "s2"], :incr => true))
         assert_raise(Redis::CommandError) { r.zadd("foo", [1, "s1", 2, "s2"], :incr => true) }
         r.del "foo", "bar"
 

data/test/publish_subscribe_test.rb

@@ -251,4 +251,32 @@ class TestPublishSubscribe < Test::Unit::TestCase
       assert received
     end
   end
+
+  def test_subscribe_with_timeout
+    received = false
+
+    assert_raise Redis::TimeoutError do
+      r.subscribe_with_timeout(1, "foo")  do |on|
+        on.message do |channel, message|
+          received = true
+        end
+      end
+    end
+
+    assert !received
+  end
+
+  def test_psubscribe_with_timeout
+    received = false
+
+    assert_raise Redis::TimeoutError do
+      r.psubscribe_with_timeout(1, "f*")  do |on|
+        on.message do |channel, message|
+          received = true
+        end
+      end
+    end
+
+    assert !received
+  end
 end

data/test/sentinel_command_test.rb

@@ -2,7 +2,7 @@
 
 require File.expand_path("helper", File.dirname(__FILE__))
 
-class SentinalCommandsTest < Test::Unit::TestCase
+class SentinelCommandsTest < Test::Unit::TestCase
 
   include Helper::Client
 

data/test/sentinel_test.rb

@@ -2,7 +2,7 @@
 
 require File.expand_path("helper", File.dirname(__FILE__))
 
-class SentinalTest < Test::Unit::TestCase
+class SentinelTest < Test::Unit::TestCase
 
   include Helper::Client
 

data/test/ssl_test.rb

@@ -0,0 +1,66 @@
+# encoding: UTF-8
+
+if RUBY_VERSION >= "1.9.3"
+  require File.expand_path("helper", File.dirname(__FILE__))
+
+  class SslTest < Test::Unit::TestCase
+
+    include Helper::Client
+
+    driver(:ruby) do
+
+      def test_verified_ssl_connection
+        RedisMock.start({ :ping => proc { "+PONG" } }, ssl_server_opts("trusted")) do |port|
+          redis = Redis.new(:port => port, :ssl => true, :ssl_params => { :ca_file => ssl_ca_file })
+          assert_equal redis.ping, "PONG"
+        end
+      end
+
+      def test_unverified_ssl_connection
+        assert_raise(OpenSSL::SSL::SSLError) do
+          RedisMock.start({ :ping => proc { "+PONG" } }, ssl_server_opts("untrusted")) do |port|
+            redis = Redis.new(:port => port, :ssl => true, :ssl_params => { :ca_file => ssl_ca_file })
+            redis.ping
+          end
+        end
+      end
+
+    end
+
+    driver(:hiredis, :synchrony) do
+
+      def test_ssl_not_implemented_exception
+        assert_raise(NotImplementedError) do
+          RedisMock.start({ :ping => proc { "+PONG" } }, ssl_server_opts("trusted")) do |port|
+            redis = Redis.new(:port => port, :ssl => true, :ssl_params => { :ca_file => ssl_ca_file })
+            redis.ping
+          end
+        end
+      end
+
+    end
+
+    private
+
+    def ssl_server_opts(prefix)
+      ssl_cert = File.join(cert_path, "#{prefix}-cert.crt")
+      ssl_key  = File.join(cert_path, "#{prefix}-cert.key")
+
+      {
+        :ssl => true,
+        :ssl_params => {
+          :cert => OpenSSL::X509::Certificate.new(File.read(ssl_cert)),
+          :key  => OpenSSL::PKey::RSA.new(File.read(ssl_key))
+        }
+      }
+    end
+
+    def ssl_ca_file
+      File.join(cert_path, "trusted-ca.crt")
+    end
+
+    def cert_path
+      File.expand_path("../support/ssl/", __FILE__)
+    end
+  end
+end

data/test/support/redis_mock.rb

@@ -3,8 +3,19 @@ require "socket"
 module RedisMock
   class Server
     def initialize(options = {}, &block)
-      @server = TCPServer.new(options[:host] || "127.0.0.1", 0)
-      @server.setsockopt(Socket::SOL_SOCKET, Socket::SO_REUSEADDR, true)
+      tcp_server = TCPServer.new(options[:host] || "127.0.0.1", 0)
+      tcp_server.setsockopt(Socket::SOL_SOCKET, Socket::SO_REUSEADDR, true)
+
+      if options[:ssl]
+        ctx = OpenSSL::SSL::SSLContext.new
+
+        ssl_params = options.fetch(:ssl_params, {})
+        ctx.set_params(ssl_params) unless ssl_params.empty?
+
+        @server = OpenSSL::SSL::SSLServer.new(tcp_server, ctx)
+      else
+        @server = tcp_server
+      end
     end
 
     def port

data/test/support/ssl/gen_certs.sh

@@ -0,0 +1,31 @@
+#!/bin/sh
+
+get_subject() {
+  if [ "$1" = "trusted" ]
+  then
+    echo "/C=IT/ST=Sicily/L=Catania/O=Redis/OU=Security/CN=127.0.0.1"
+  else
+    echo "/C=XX/ST=Untrusted/L=Evilville/O=Evil Hacker/OU=Attack Department/CN=127.0.0.1"
+  fi
+}
+
+# Generate two CAs: one to be considered trusted, and one that's untrusted
+for type in trusted untrusted; do
+  rm -rf ./demoCA
+  mkdir -p ./demoCA
+  mkdir -p ./demoCA/certs
+  mkdir -p ./demoCA/crl
+  mkdir -p ./demoCA/newcerts
+  mkdir -p ./demoCA/private
+  touch ./demoCA/index.txt
+
+  openssl genrsa -out ${type}-ca.key 2048
+  openssl req -new -x509 -days 12500 -key ${type}-ca.key -out ${type}-ca.crt -subj "$(get_subject $type)"
+  openssl x509 -in ${type}-ca.crt -noout -next_serial -out ./demoCA/serial
+
+  openssl req -newkey rsa:2048 -keyout ${type}-cert.key -nodes -out ${type}-cert.req -subj "$(get_subject $type)"
+  openssl ca -days 12500 -cert ${type}-ca.crt -keyfile ${type}-ca.key -out ${type}-cert.crt -infiles ${type}-cert.req
+  rm ${type}-cert.req
+done
+
+rm -rf ./demoCA

data/test/support/ssl/trusted-ca.crt

@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIJAM7kyjC89Qj/MA0GCSqGSIb3DQEBCwUAMGcxCzAJBgNV
+BAYTAklUMQ8wDQYDVQQIEwZTaWNpbHkxEDAOBgNVBAcTB0NhdGFuaWExDjAMBgNV
+BAoTBVJlZGlzMREwDwYDVQQLEwhTZWN1cml0eTESMBAGA1UEAxMJMTI3LjAuMC4x
+MCAXDTE2MDQwMjAzMzQ0MVoYDzIwNTAwNjIzMDMzNDQxWjBnMQswCQYDVQQGEwJJ
+VDEPMA0GA1UECBMGU2ljaWx5MRAwDgYDVQQHEwdDYXRhbmlhMQ4wDAYDVQQKEwVS
+ZWRpczERMA8GA1UECxMIU2VjdXJpdHkxEjAQBgNVBAMTCTEyNy4wLjAuMTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMeibFqEG38mtN9DSXy6NZdd7AjH
+4/D+VdDzlbJlI5IBACCV9p6P2j5PFlFvkHFE6vr6biMaLXNAmUHYfDzeT95LODHH
+t+8HlR51cNYrnt9B3eiVwEnJ7+axuDHg6nUgLXeKeog+vEqreZwLnFibxt2qpFze
+xzyKJ37Pm+iAey5glCc/v7ECYQ4sWVVV+ciC+sAwmZDfZXCBQtRRokJ6ikqQDwWV
+DugGcV46feTpu79OmkLLM8PI3E7ow2F/3iv67gmdlO5m9wX1ahWzJKUapBTxgf4X
+QG0s60WbC9iJIvgXRGW7wWSsqSVJkfLYllDTPgfpLyl1+FR3A4awrsPiMVUCAwEA
+AaOBzDCByTAdBgNVHQ4EFgQU+YG9kJR3Vy31d7QVyxRAYyKTK18wgZkGA1UdIwSB
+kTCBjoAU+YG9kJR3Vy31d7QVyxRAYyKTK1+ha6RpMGcxCzAJBgNVBAYTAklUMQ8w
+DQYDVQQIEwZTaWNpbHkxEDAOBgNVBAcTB0NhdGFuaWExDjAMBgNVBAoTBVJlZGlz
+MREwDwYDVQQLEwhTZWN1cml0eTESMBAGA1UEAxMJMTI3LjAuMC4xggkAzuTKMLz1
+CP8wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAeFKB7DUixmxbdvNw
+n/mNoHK+OOZXmfxZDCo0v2gcQ4WXUiCqL6MagrImCvkEz5RL6Fk2ZflEV2iGQ5Ds
+CmF2n47ISpqG29bfI5R1rcbfqK/5tazUIhQu12ThNmkEh7hCuW/0LqJrnmxpuRLy
+le9e3svCC96lwjFczzU/utWurKt7S7Di3C4P+AXAJJuszDMLMCBLaB/3j24cNpOx
+zzeZo02x4rpsD2+MMfRDWMWezVEyk63KnI0kt3JGnepsKCFc48ZOk09LwFk3Rfaq
+zuKSgEJJw1mfsdBfysM0HQw20yyjSdoTEfQq3bXctTNi+pEOgW6x7TMsnngYYLXV
+9XTrpg==
+-----END CERTIFICATE-----

data/test/support/ssl/trusted-ca.key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEAx6JsWoQbfya030NJfLo1l13sCMfj8P5V0POVsmUjkgEAIJX2
+no/aPk8WUW+QcUTq+vpuIxotc0CZQdh8PN5P3ks4Mce37weVHnVw1iue30Hd6JXA
+Scnv5rG4MeDqdSAtd4p6iD68Sqt5nAucWJvG3aqkXN7HPIonfs+b6IB7LmCUJz+/
+sQJhDixZVVX5yIL6wDCZkN9lcIFC1FGiQnqKSpAPBZUO6AZxXjp95Om7v06aQssz
+w8jcTujDYX/eK/ruCZ2U7mb3BfVqFbMkpRqkFPGB/hdAbSzrRZsL2Iki+BdEZbvB
+ZKypJUmR8tiWUNM+B+kvKXX4VHcDhrCuw+IxVQIDAQABAoIBAQCzbGHiQJXOA+XQ
+O9OSjHGaJ8n6Yl2VvaE3eZXzjj8X/Fo271GGVVgbZE10x8aUZxKim+3dEqwCx+52
+ZbHTqyMxcX2CEDRaWwBFLdxKQU467iIZ5m26ZAp/1v7rpXBT8KWsqQNT7L6ihdd4
+zl6orOlhVPsAlSGQYcL5kHJZ1w/fL0phEbwdISd3PYhGHXMNmqfXorzJYHDQA4R+
+yR7WpP1dmnUeEKrHc9FFcBZ75BGlWjdCPZMFKc7IndZumarhBpWH9yZMUxrUIo4V
+SCweRUFdD5H1lMZ0YiIAE25wKNEQ2iGd3Jfr8Vj1KFSHC9I2FJA3aFRRUgTwxx/W
+h0mJy1ZJAoGBAPYsSSlwQdxZjnyZiVkNSD4MoLdof//nRxeKGejq6AiXDvcsLyJy
+0MKk4YBFw2249TWm/KBbMAFiBE7d8uPtP5pPfjNVPX6VltH3AhSZ7Ugbpo6C3NFA
+GpzFVtNaWgCVDloDVdmsY7ssDFuAIih0paklPAqnLY+Ua9m1BiEPrB+bAoGBAM+a
+i+0NMR4AyKpuo1exdd+7BIHw5HNPwGmR1ggdGWduH0zsOhEawQKKFv1X9xKAcXxW
+PyeD56/Tmn7fkWvuE8dOu9E6em0vgmxhYyn4nyLAFYF5uKXYo78MpIEThdpl1ldT
+iHwG/25vunaBUHhwbHPUD+F989tmRuCjoFkuA5nPAoGAaqPIlcDhZvkMtoE0dHVC
+hE6oGIuWV17y9wmGK9YG6iG2A/EKAhxGvur6HL0b6Z4j6zgJW9Xkt9SkFR4kqAQQ
+d2JUQxx75SgcC5y7M/1yQrhnsHiT+7mPTbZW5HvRXUs0yl2DhSYeleiA+epJ4ciW
+Mu3EUsEVBYvAJLE8lHnbkF0CgYEAhyxpz3+3a4G3JsHDOWYjCfoLhVAEb9CNyC9c
+3QuVbvMVDlEBvgFdivm+3lZYWYOoYP0HQgNw59svzUxks5Hg7vUk9abN8CnvEgKX
+PszTUR0g450NzW6xr8PbmO/NR9bnKRUK2Tb1OkMldePdMY6CDykU7g3EqiZ+H+Zq
+kaaUUaECgYEAmk5W+S94q5jLemnfAChC5lva/0/aHdhtaoH4Lo+j0haMsdiy8/ZE
+sh+3gQ8pqwaCAwnKxAcppt/FNZ7tHRsH3oyY6biypn3WppQj+BA41nuzbspOKJhR
+ZDXKFCItbzUjyi23Dx4P4DgMivkpV+e88RMIuBnv4yjl5iOLq+vf4Rg=
+-----END RSA PRIVATE KEY-----

data/test/support/ssl/trusted-cert.crt

@@ -0,0 +1,81 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 14908262977180600576 (0xcee4ca30bcf50900)
+    Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=IT, ST=Sicily, L=Catania, O=Redis, OU=Security, CN=127.0.0.1
+        Validity
+            Not Before: Apr  2 03:34:42 2016 GMT
+            Not After : Jun 23 03:34:42 2050 GMT
+        Subject: C=IT, ST=Sicily, O=Redis, OU=Security, CN=127.0.0.1
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:ab:bf:ac:ef:dc:99:35:fa:07:3f:d5:33:86:f1:
+                    7d:9e:57:8b:d5:c1:10:04:0c:35:95:7c:61:ff:05:
+                    a6:f9:ef:71:5c:c5:83:68:a2:ad:5d:0f:a5:2b:b4:
+                    76:9f:36:8f:df:75:fb:d6:48:00:c0:f0:68:56:f6:
+                    49:84:4d:4e:e1:ca:dd:24:9f:2f:5e:7c:35:26:57:
+                    d6:d5:95:d1:3f:40:32:22:43:2c:8c:b7:8c:89:56:
+                    7c:d0:94:e5:f7:cf:4a:51:3f:60:b2:fe:1f:3b:38:
+                    d6:47:5d:2e:4f:38:75:d9:9b:c8:0f:d1:fd:91:5a:
+                    07:c3:94:95:1f:7b:f1:ae:dc:a1:83:e2:6b:78:05:
+                    34:b3:8b:87:86:31:9f:cc:8b:15:cd:18:2e:06:36:
+                    ca:f8:29:f8:6e:93:60:78:ec:8a:e8:a6:94:ad:24:
+                    a8:e3:d4:ac:42:da:52:0f:34:e8:d0:10:e5:53:db:
+                    f8:3a:56:48:10:33:df:80:70:1c:72:5e:1f:c3:11:
+                    bb:3b:b9:6b:0a:e0:82:eb:67:d4:8f:5c:30:d3:cf:
+                    17:6d:86:01:0e:ae:43:c1:d8:c0:5e:99:ef:fa:60:
+                    0a:f2:62:68:62:8b:05:f3:8b:b1:34:d8:70:78:35:
+                    74:76:c2:46:13:a3:1f:5d:7b:3b:49:20:1e:98:54:
+                    63:77
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            Netscape Comment: 
+                OpenSSL Generated Certificate
+            X509v3 Subject Key Identifier: 
+                81:DE:C0:39:F9:8A:57:50:DB:B1:6A:B3:D0:5F:E9:2C:87:5A:1E:3D
+            X509v3 Authority Key Identifier: 
+                keyid:F9:81:BD:90:94:77:57:2D:F5:77:B4:15:CB:14:40:63:22:93:2B:5F
+
+    Signature Algorithm: sha1WithRSAEncryption
+         a3:0a:d7:22:5a:bc:cc:f6:ed:2f:f2:9f:dd:e0:46:02:73:14:
+         dd:a7:f5:39:b9:16:19:16:36:b6:22:5c:66:14:c0:d3:ac:55:
+         fc:52:2d:c3:b2:70:5f:cf:3d:23:71:78:e9:31:88:65:2c:2e:
+         4a:09:6e:4b:97:bb:4d:38:87:d8:25:ed:bb:ed:62:19:08:50:
+         f2:40:cc:39:ee:f9:a8:3a:5d:2b:e7:34:eb:8a:74:c7:c9:bc:
+         88:9b:9b:ca:5b:11:20:ca:53:b2:0b:20:49:fc:b9:f7:ec:03:
+         c9:5d:c1:24:75:27:f8:7c:70:dc:6a:2c:98:48:93:5f:7f:7e:
+         94:a1:cf:79:b3:24:e3:de:9e:f0:0f:d8:d6:3e:c9:52:30:31:
+         87:90:c2:d2:23:be:d8:7a:e9:e6:bb:4b:00:75:30:49:4b:98:
+         d5:f6:7d:b5:83:b5:57:85:20:98:00:51:55:c3:a2:81:ec:6c:
+         11:91:33:60:14:7b:d2:01:ee:5b:bf:5b:68:f5:e0:4e:45:0a:
+         68:cd:33:4f:29:72:fa:fe:6a:19:b6:84:70:90:a4:d5:7a:04:
+         2e:da:5b:98:4f:e4:aa:a6:c4:68:aa:5c:8c:a5:5e:df:20:94:
+         22:f7:37:45:71:a4:bc:72:34:ee:42:cf:9d:0f:fb:4a:39:d1:
+         8e:41:f3:3f
+-----BEGIN CERTIFICATE-----
+MIIDvDCCAqSgAwIBAgIJAM7kyjC89QkAMA0GCSqGSIb3DQEBBQUAMGcxCzAJBgNV
+BAYTAklUMQ8wDQYDVQQIEwZTaWNpbHkxEDAOBgNVBAcTB0NhdGFuaWExDjAMBgNV
+BAoTBVJlZGlzMREwDwYDVQQLEwhTZWN1cml0eTESMBAGA1UEAxMJMTI3LjAuMC4x
+MCAXDTE2MDQwMjAzMzQ0MloYDzIwNTAwNjIzMDMzNDQyWjBVMQswCQYDVQQGEwJJ
+VDEPMA0GA1UECBMGU2ljaWx5MQ4wDAYDVQQKEwVSZWRpczERMA8GA1UECxMIU2Vj
+dXJpdHkxEjAQBgNVBAMTCTEyNy4wLjAuMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAKu/rO/cmTX6Bz/VM4bxfZ5Xi9XBEAQMNZV8Yf8FpvnvcVzFg2ii
+rV0PpSu0dp82j991+9ZIAMDwaFb2SYRNTuHK3SSfL158NSZX1tWV0T9AMiJDLIy3
+jIlWfNCU5ffPSlE/YLL+Hzs41kddLk84ddmbyA/R/ZFaB8OUlR978a7coYPia3gF
+NLOLh4Yxn8yLFc0YLgY2yvgp+G6TYHjsiuimlK0kqOPUrELaUg806NAQ5VPb+DpW
+SBAz34BwHHJeH8MRuzu5awrggutn1I9cMNPPF22GAQ6uQ8HYwF6Z7/pgCvJiaGKL
+BfOLsTTYcHg1dHbCRhOjH117O0kgHphUY3cCAwEAAaN7MHkwCQYDVR0TBAIwADAs
+BglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYD
+VR0OBBYEFIHewDn5ildQ27Fqs9Bf6SyHWh49MB8GA1UdIwQYMBaAFPmBvZCUd1ct
+9Xe0FcsUQGMikytfMA0GCSqGSIb3DQEBBQUAA4IBAQCjCtciWrzM9u0v8p/d4EYC
+cxTdp/U5uRYZFja2IlxmFMDTrFX8Ui3DsnBfzz0jcXjpMYhlLC5KCW5Ll7tNOIfY
+Je277WIZCFDyQMw57vmoOl0r5zTrinTHybyIm5vKWxEgylOyCyBJ/Ln37APJXcEk
+dSf4fHDcaiyYSJNff36Uoc95syTj3p7wD9jWPslSMDGHkMLSI77Yeunmu0sAdTBJ
+S5jV9n21g7VXhSCYAFFVw6KB7GwRkTNgFHvSAe5bv1to9eBORQpozTNPKXL6/moZ
+toRwkKTVegQu2luYT+SqpsRoqlyMpV7fIJQi9zdFcaS8cjTuQs+dD/tKOdGOQfM/
+-----END CERTIFICATE-----

data/test/support/ssl/trusted-cert.key

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCrv6zv3Jk1+gc/
+1TOG8X2eV4vVwRAEDDWVfGH/Bab573FcxYNooq1dD6UrtHafNo/fdfvWSADA8GhW
+9kmETU7hyt0kny9efDUmV9bVldE/QDIiQyyMt4yJVnzQlOX3z0pRP2Cy/h87ONZH
+XS5POHXZm8gP0f2RWgfDlJUfe/Gu3KGD4mt4BTSzi4eGMZ/MixXNGC4GNsr4Kfhu
+k2B47IroppStJKjj1KxC2lIPNOjQEOVT2/g6VkgQM9+AcBxyXh/DEbs7uWsK4ILr
+Z9SPXDDTzxdthgEOrkPB2MBeme/6YAryYmhiiwXzi7E02HB4NXR2wkYTox9deztJ
+IB6YVGN3AgMBAAECggEASmOxIgtoiQqMzUcpFE/Q2x6MQL9okng/VUoUoALwudzO
+OyKJsm6TrHU0U2PM5VUap+1QcRWqzebTKqduXFGn0wCtHEmemMwvsTXmpYhIo57I
+mDKEP0bZJjtBwI5dtSIhzGMpHR4YpOwPU8W2YzXPRbvFwaRwsd5O8pWOqZ5jphrQ
+DtkLNz4hIFsMihPeYFpuAjsZ2cMIGPtlY2qbfjyno7hd7LxNzL/2vMlDw5MHHtw4
+snxLN92KomC6rSUUydNDyemyMpg8iRwm7gmYzVoZf6aTbI2RdFcv2KZfpUWYdB+I
+yU8ZV1Sch7VQ+xLVy74SuY8AZ2Rq4S3M+EmEa5ghoQKBgQDfgOIyStulfYn6UC1A
+OYwcGoSOaVNfPE/m9BZN58xK0+XnEqQECMsyg/GYS65Zri4+KJYPxqv6f9ljLTGE
+0PxiA7wq+QWnv4EM+3aGShxwyVlmgJZyyBfJtAMr1iDm4JsidTT5GMdfxRICPGZY
+WVggcz/cVu39OxRrumREuTWAzwKBgQDEuGheZv68cYt5EkzOWxeFQyt1bzXn1CJg
+IXnIFZIekJhVGpBG+zMAYri9+hSheiDrwfIcSfTq9LxF6JNUvaU4qMrkwvW21jKs
+n7ofcA+VYq2mggoIuuvKVqXemLHorC0U/zCMnM6rycaa9sB5tsF+Js93uvf1TEJt
+veV0yCeM2QKBgF1M0iAoe7SDyXuCyMEMxN5ee4NvmGwjIz/IGR+Aahm6hziE4Y8F
+lL2LsujefvPU8FzmWG5Rgy1Y/YiXLxrAmvrXkE9oEOJL4TVoK7w3Z9P1Waqedy+H
+M9bxnHlKNAXtMRWbU/fATko+XBwu1pJ/CXjSY5A5gbO6W/X0ozLFFf6lAoGABRZ7
+5I0nY3pQUCZQBDpI5nJxSk1BCKjs5q2W97zPFalJt1HDj4JptEXZX1h7dh2xgkd2
+2pJzGiyQPgKg5N0uy8NZ1AbS0hLCJsLOzodYb9Wohhjw537mIEqTaalrWIgzdkqP
+V+OqWLkUQOfG3J8EbB3W2dLlHNwHD82MhLO0iikCgYEAvdK5LmpUdZXMVtiOMZO5
+t3M0vwi6vPhW7DV1QET51x/U+SyH4rvZGeqRl+gcKrZ8SreOlyICvsPgVmvLCrHE
+gJLPWJIzI8Mg6u91/KpiVmRahnJjOn3oHNuLSqFjn9lIhmA5dN7zQDXzPdYrWPNR
+u1QX+JLhlP33ejgdkdLsNiM=
+-----END PRIVATE KEY-----