Haraka 3.1.3 → 3.1.5

package/tls_socket.js

@@ -159,21 +159,16 @@ exports.parse_x509 = async (string) => {
     const res = {}
     if (!string) return res
 
-    const keyRe = new RegExp('([-]+BEGIN (?:\\w+ )?PRIVATE KEY[-]+[^-]*[-]+END (?:\\w+ )?PRIVATE KEY[-]+)', 'gm')
+    const keyRe = /([-]+BEGIN (?:\w+ )?PRIVATE KEY[-]+[^-]*[-]+END (?:\w+ )?PRIVATE KEY[-]+)/gm
     res.keys = string.match(keyRe)
 
-    const certRe = new RegExp('([-]+BEGIN CERTIFICATE[-]+[^-]*[-]+END CERTIFICATE[-]+)', 'gm')
+    const certRe = /([-]+BEGIN CERTIFICATE[-]+[^-]*[-]+END CERTIFICATE[-]+)/gm
     res.chain = string.match(certRe)
 
     if (res.chain?.length) {
-        const opensslArgs = [res.chain[0], 'x509', '-noout']
-        // shush openssl, https://github.com/openssl/openssl/issues/22893
-        // if (['darwin','linux','freebsd'].includes(process.platform))
-        //     opensslArgs.push('-in', '/dev/stdin')
-
         // it's cleaner to call openssl with each of -enddate, -subject, etc, but it costs
         // 40-50ms per spawn with node v21 on a M1 MBP
-        const raw = await openssl(...opensslArgs, '-enddate', '-subject', '-ext', 'subjectAltName')
+        const raw = await openssl(res.chain[0], 'x509', '-noout', '-enddate', '-subject', '-ext', 'subjectAltName')
         if (!raw) return res
 
         res.expire = new Date(raw.match(/notAfter=(.* [A-Z]{3})/)[1])
@@ -191,7 +186,7 @@ exports.parse_x509 = async (string) => {
 }
 
 exports.load_tls_ini = (opts) => {
-    log.info(`loading tls.ini`) // from ${this.config.root_path}`);
+    log.info('loading tls.ini')
 
     const cfg = exports.config.get(
         'tls.ini',
@@ -339,7 +334,7 @@ exports.load_default_opts = () => {
     if (!Array.isArray(cfg.key)) cfg.key = [cfg.key]
     if (!Array.isArray(cfg.cert)) cfg.cert = [cfg.cert]
 
-    if (cfg.key.length != cfg.cert.length) {
+    if (cfg.key.length !== cfg.cert.length) {
         log.error(`number of keys (${cfg.key.length}) not equal to certs (${cfg.cert.length}).`)
     }
 
@@ -454,19 +449,20 @@ exports.get_certs_dir = async (tlsDir) => {
 function openssl(crt, ...params) {
     return new Promise((resolve) => {
         let crtTxt = ''
+        let errTxt = ''
 
-        const o = spawn('openssl', [...params], { timeout: 1000 })
+        const o = spawn('openssl', params, { timeout: 2000 })
         o.stdout.on('data', (data) => {
             crtTxt += data
         })
 
         o.stderr.on('data', (data) => {
-            log.debug(`err: ${data.toString().trim()}`)
+            errTxt += data
         })
 
         o.on('close', (code) => {
             if (code !== 0) {
-                if (code) console.error(code)
+                log.error(`openssl ${params.join(' ')} failed with code ${code}: ${errTxt.trim()}`)
             }
             resolve(crtTxt)
         })
@@ -484,8 +480,7 @@ exports.getSocketOpts = async (name) => {
         await this.get_certs_dir('tls')
     } catch (err) {
         if (err.code !== 'ENOENT') {
-            console.error(err.messsage)
-            log.error(err)
+            log.error(err.message)
         }
     }
 
@@ -519,7 +514,7 @@ exports.ensureDhparams = (done) => {
 
     log.info(`Generating a 2048 bit dhparams file at ${fpResolved}`)
 
-    const o = spawn('openssl', ['dhparam', '-out', `${fpResolved}`, '2048'])
+    const o = spawn('openssl', ['dhparam', '-out', fpResolved, '2048'], { timeout: 30000 })
     o.stdout.on('data', (data) => {
         // normally empty output
         log.debug(data)
@@ -586,9 +581,9 @@ exports.shutdown = () => {
 
 function cleanOcspCache() {
     log.debug(`Cleaning ocspCache. How many keys? ${Object.keys(ocspCache.cache).length}`)
-    Object.keys(ocspCache.cache).forEach((key) => {
+    for (const key of Object.keys(ocspCache.cache)) {
         clearTimeout(ocspCache.cache[key].timer)
-    })
+    }
 }
 
 exports.certsByHost = certsByHost
@@ -615,7 +610,7 @@ function createServer(cb) {
 
             cryptoSocket.removeAllListeners('data')
 
-            const options = Object.assign({}, certsByHost['*'])
+            const options = { ...certsByHost['*'] }
             options.server = server // TLSSocket needs server for SNI to work
 
             options.rejectUnauthorized = exports.get_rejectUnauthorized(
@@ -679,21 +674,22 @@ function connect(conn_options = {}) {
             const host = conn_options.host
             if (exports.cfg === undefined) exports.load_tls_ini()
             if (exports.cfg.mutual_auth_hosts[host]) {
-                options = Object.assign(options, getCertFor(exports.cfg.mutual_auth_hosts[host]))
+                options = { ...options, ...getCertFor(exports.cfg.mutual_auth_hosts[host]) }
             } else if (exports.cfg.mutual_auth_hosts_exclude[host]) {
                 // send no client cert
             } else if (exports.cfg.main.mutual_tls) {
-                options = Object.assign(options, getCertFor(host))
+                options = { ...options, ...getCertFor(host) }
             }
         }
         options.socket = cryptoSocket
 
-        const cleartext = new tls.connect(options)
+        const cleartext = tls.connect(options)
 
         pipe(cleartext, cryptoSocket)
 
         cleartext.on('error', (err) => {
-            if (err.reason) log.error(`client TLS error: ${err}`)
+            err.source = 'tls'
+            socket.emit('error', err)
         })
 
         cleartext.once('secureConnect', () => {

package/transaction.js

@@ -55,9 +55,12 @@ class Transaction {
 
         for (const o of this.body_filters) {
             this.body.add_filter((ct, enc, buf) => {
-                const re_match = util.types.isRegExp(o.ct_match) && o.ct_match.test(ct.toLowerCase())
-                const ct_begins = ct.toLowerCase().indexOf(String(o.ct_match).toLowerCase()) === 0
-                if (re_match || ct_begins) return o.filter(ct, enc, buf)
+                if (!ct) return buf
+                const ct_lc = String(ct).toLowerCase().trim()
+                const re_match = util.types.isRegExp(o.ct_match) && o.ct_match.test(ct_lc)
+                const ct_begins = ct_lc.indexOf(String(o.ct_match).toLowerCase()) === 0
+                if (re_match || ct_begins) return o.filter(ct, enc, buf) || buf
+                return buf
             })
         }
     }
@@ -133,7 +136,7 @@ class Transaction {
         // is this the end of headers line?
         if (this.header_pos === 0 && (line[0] === 0x0a || (line[0] === 0x0d && line[1] === 0x0a))) {
             this.header.parse(this.header_lines)
-            this.header_pos = this.header_lines.length
+            this.header_pos = this.header.header_list ? this.header.header_list.length : -1
             this.found_hb_sep = true
             if (this.parse_body) this.ensure_body()
         } else if (this.header_pos === 0) {
@@ -143,6 +146,7 @@ class Transaction {
                 this.header_lines.push(line.toString(this.encoding).replace(/\r\n$/, '\n'))
             }
         } else if (this.parse_body) {
+            this.ensure_body()
             let new_line = line
             if (new_line[0] === 0x2e) new_line = new_line.slice(1) // Strip leading "."
 
@@ -169,13 +173,23 @@ class Transaction {
             }
             const body_lines = this.header_lines.splice(header_pos + 1)
             this.header.parse(this.header_lines)
-            this.header_pos = header_pos
+            this.header_pos = this.header.header_list ? this.header.header_list.length : -1
+            this.found_hb_sep = true
+
+            // We MUST add an empty line to the message_stream so that it knows
+            // where the headers end. Otherwise it skips everything.
+            if (!this.discard_data) this.message_stream.add_line(Buffer.from('\r\n'))
+
             if (this.parse_body) {
                 this.ensure_body()
                 for (const bodyLine of body_lines) {
                     this.body.parse_more(bodyLine)
                 }
             }
+
+            for (const bodyLine of body_lines) {
+                if (!this.discard_data) this.message_stream.add_line(Buffer.from(`${bodyLine}\n`))
+            }
         }
         if (this.header_pos && this.parse_body) {
             const line = this.add_dot_stuffing_and_ensure_crlf_newlines(this.body.parse_end())
@@ -195,22 +209,21 @@ class Transaction {
 
     add_header(key, value) {
         this.header.add_end(key, value)
-        if (this.header_pos > 0) this.reset_headers()
+        if (this.found_hb_sep) this.reset_headers()
     }
 
     add_leading_header(key, value) {
         this.header.add(key, value)
-        if (this.header_pos > 0) this.reset_headers()
+        if (this.found_hb_sep) this.reset_headers()
     }
 
     reset_headers() {
-        const header_lines = this.header.lines()
-        this.header_pos = header_lines.length
+        this.header_pos = this.header.header_list ? this.header.header_list.length : -1
     }
 
     remove_header(key) {
         this.header.remove(key)
-        if (this.header_pos > 0) this.reset_headers()
+        if (this.found_hb_sep) this.reset_headers()
     }
 
     attachment_hooks(start, data, end) {
@@ -230,6 +243,16 @@ class Transaction {
     add_body_filter(ct_match, filter) {
         this.parse_body = true
         this.body_filters.push({ ct_match, filter })
+        if (this.body) {
+            this.body.add_filter((ct, enc, buf) => {
+                if (!ct) return buf
+                const ct_lc = String(ct).toLowerCase().trim()
+                const re_match = util.types.isRegExp(ct_match) && ct_match.test(ct_lc)
+                const ct_begins = ct_lc.indexOf(String(ct_match).toLowerCase()) === 0
+                if (re_match || ct_begins) return filter(ct, enc, buf) || buf
+                return buf
+            })
+        }
     }
 
     incr_mime_count(line) {

package/config/rabbitmq.ini

@@ -1,10 +0,0 @@
-[rabbitmq]
-exchangeName  = emailMessages
-server_ip = localhost
-server_port = 5672
-queueName = email
-deliveryMode = 2
-confirm = true
-durable = true
-autoDelete = false
-exchangeType = direct

package/config/rabbitmq_amqplib.ini

@@ -1,19 +0,0 @@
-[rabbitmq]
-host = localhost
-port = 5672
-user = guest
-password = guest
-exchangeName  = email_messages
-exchangeType = direct
-queueName = emails
-deliveryMode = 2
-confirm = true
-durable = true
-autoDelete = false
-
-; Optional queue arguments
-; [queue_args]
-; x-dead-letter-exchange =
-; x-dead-letter-routing-key = emails_dlq
-; x-overflow = reject-publish
-; x-queue-type = quorum

package/docs/plugins/queue/rabbitmq.md

@@ -1,34 +0,0 @@
-# queue/rabbitmq
-
-This plugin delivers mails to rabbitmq queue for further processing.
-
-## Configuration
-
-- `config/rabbitmq.ini`
-  This config file provides server address and port of rabbitmq server to deliver with other configs of queues and exchange.
-
-  Example:
-
-        [rabbitmq]
-        ; This is name of exchange.
-        exchangeName  = emailMessages
-        ; ip and port of the server.
-        server_ip = localhost
-        server_port = 5672
-        ; user and password
-        user = guest
-        password = guest
-        ; name of the queue which reader will read
-        queueName = email
-        ; This is for making it persistant while publishing message
-        deliveryMode = 2
-        ; If true it will require ack for marking it complete from worker
-        confirm = true
-        ; Again for persistance passed while creating queue
-        durable = true
-        ; if true will delete queue if publisher quits
-        autoDelete = false
-        ; type of the exchange
-        exchangeType = direct
-
-More information about rabbitmq can be found at https://www.rabbitmq.com/

package/docs/plugins/queue/rabbitmq_amqplib.md

@@ -1,51 +0,0 @@
-# queue/rabbitmq_amqplib
-
-This plugin delivers emails to RabbitMQ queue for further processing. Based on `queue/rabbitmq` but using `amqplib`.
-
-## Dependency
-
-- `amqplib` - https://github.com/squaremo/amqp.node
-
-## Configuration
-
-- `config/rabbitmq.ini` - Connection, exchange and queue settings
-
-  Example:
-
-        [rabbitmq]
-        ; Connection
-      ; Protocol. Either "amqp" or "amqps"
-      protocol = amqp
-      host = localhost
-      port = 5672
-      ;Virtual Host. Start with "/". Leave blank or not use if you don't want to use virtual hosts.
-      vhost = /haraka
-      ;Credentials
-      user = guest
-      password = guest
-      ; Exchange
-      exchangeName  = email_messages
-      exchangeType = direct
-      ; Queue
-      queueName = emails
-      confirm = true
-      durable = true
-      autoDelete = false
-      ; Message
-      deliveryMode = 2
-      priority = 1
-
-      ; Optional exchange arguments
-      ; More information about exchange x-arguments can be found at https://www.rabbitmq.com/docs/exchanges#optional-arguments
-      [exchange_args]
-      alternate-exchange =
-
-      ; Optional queue arguments
-      ; More information about queue x-arguments can be found at https://www.rabbitmq.com/queues.html#optional-arguments
-      [queue_args]
-      x-dead-letter-exchange =
-      x-dead-letter-routing-key = emails_dlq
-      x-overflow = reject-publish
-      x-queue-type = quorum
-
-More information about RabbitMQ can be found at https://www.rabbitmq.com/

package/plugins/queue/rabbitmq.js

@@ -1,141 +0,0 @@
-const amqp = require('amqp')
-
-let rabbitqueue
-let exchangeName
-let queueName
-let deliveryMode
-let connExchange_
-let connQueue_
-let routing_
-exports.exchangeMapping = {}
-
-//This method registers the hook and try to initialize the connection to rabbitmq server for later use.
-exports.register = function () {
-    this.logdebug('About to connect and initialize queue object')
-    this.init_rabbitmq_server()
-    this.logdebug(`Finished initiating : ${exports.exchangeMapping[exchangeName + queueName]}`)
-}
-
-//Actual magic of publishing message to rabbit when email comes happen here.
-exports.hook_queue = function (next, connection) {
-    if (!connection?.transaction) return next()
-
-    //Calling the get_data method and when it gets the data on callback, publish the message to queue with routing key.
-    connection.transaction.message_stream.get_data((buffere) => {
-        const exchangeData = exports.exchangeMapping[exchangeName + queueName]
-        this.logdebug(`Sending the data: ${queueName} Routing : ${exchangeData} exchange :${connExchange_}`)
-        if (connExchange_ && routing_) {
-            //This is publish function of rabbitmq amqp library, currently direct queue is configured and routing is fixed.
-            //Needs to be changed.
-            connExchange_.publish(routing_, buffere, { deliveryMode }, (error) => {
-                if (error) {
-                    //There was some error while sending the email to queue.
-                    this.logdebug('queueFailure: #{JSON.stringify(error)}')
-                    exports.init_rabbitmq_server()
-                    next()
-                } else {
-                    //Queueing was successful, send ok as reply
-                    this.logdebug('queueSuccess')
-                    next(OK, 'Successfully Queued! in rabbitmq')
-                }
-            })
-        } else {
-            //Seems like connExchange is not defined , lets create one for next call
-            exports.init_rabbitmq_server()
-            next()
-        }
-    })
-}
-
-//This initializes the connection to rabbitmq server, It reads values from rabbitmq.ini file in config directory.
-exports.init_rabbitmq_server = function () {
-    // this is called during init of rabbitmq
-
-    //Read the config file rabbitmq
-    const config = this.config.get('rabbitmq.ini')
-    //Just putting the defaults
-    const options = {}
-    let confirm = true
-    let durable = true
-    let autoDelete = false
-    let exchangeType = 'direct'
-
-    //Getting the values from config file rabbitmq.ini
-    if (config.rabbitmq) {
-        options.host = config.rabbitmq.server_ip || '127.0.0.1'
-        options.port = config.rabbitmq.server_port || '5672'
-        options.login = config.rabbitmq.user || 'guest'
-        options.password = config.rabbitmq.password || 'guest'
-        exchangeName = config.rabbitmq.exchangeName || 'emailMessages'
-        exchangeType = config.rabbitmq.exchangeType || 'direct'
-        confirm = config.rabbitmq.confirm === 'true' || true
-        durable = config.rabbitmq.durable === 'true' || true
-        autoDelete = config.rabbitmq.autoDelete === 'true' || false
-        deliveryMode = config.rabbitmq.deliveryMode || 2
-        queueName = config.rabbitmq.queueName || 'emails'
-    } else {
-        //If config file is not available , lets get the default values
-        queueName = 'emails'
-        exchangeName = 'emailMessages'
-        deliveryMode = 2
-        durable = true
-    }
-
-    //Create connection to the rabbitmq server
-    this.logdebug('About to Create connection with server')
-    rabbitqueue = amqp.createConnection(options)
-
-    //Declaring listerner on error on connection.
-    rabbitqueue.on('error', (error) => {
-        this.logerror(`There was some error on the connection : ${error}`)
-    })
-
-    //Declaring listerner on close on connection.
-    rabbitqueue.on('close', (close) => {
-        this.logdebug(` Connection  is being closed : ${close}`)
-    })
-
-    /* Declaring the function to perform when connection is established and ready, function involves like:
-     *    1. Creating or connecting to Exchange.
-     *  2. Creating or connecting to Queue.
-     *  3. Binding the Exchange and Queue.
-     *  4. Saving some variables in global to be used while publishing message.
-     */
-
-    rabbitqueue.on('ready', () => {
-        this.logdebug('Connection is ready, will try making exchange')
-        // Now connection is ready will try to open exchange with config data.
-        rabbitqueue.exchange(exchangeName, { type: exchangeType, confirm, durable }, (connExchange) => {
-            this.logdebug(`connExchange with server ${connExchange} autoDelete : ${autoDelete}`)
-
-            //Exchange is now open, will try to open queue.
-            return rabbitqueue.queue(queueName, { autoDelete, durable }, (connQueue) => {
-                this.logdebug(`connQueue with server ${connQueue}`)
-
-                //Creating the Routing key to bind the queue and exchange.
-                const routing = `${queueName}Routing`
-
-                // Will try to bing queue and exchange which was created above.
-                connQueue.bind(connExchange, routing)
-                const key = exchangeName + queueName
-
-                //Save the variables for publising later.
-                if (!exports.exchangeMapping[key]) {
-                    exports.exchangeMapping[key] = []
-                }
-                connExchange_ = connExchange
-                connQueue_ = connQueue
-                routing_ = routing
-                exports.exchangeMapping[key].push({
-                    exchange: connExchange_,
-                    queue: connQueue_,
-                    routing: routing_,
-                    queueName,
-                })
-                this.logdebug(
-                    `exchange: ${exchangeName}, queue: ${queueName}  exchange : ${connExchange_} queue : ${connQueue_}`,
-                )
-            })
-        })
-    })
-}

package/plugins/queue/rabbitmq_amqplib.js

@@ -1,96 +0,0 @@
-// queue/rabbitmq_amqplib
-
-const amqp = require('amqplib/callback_api')
-
-let channel
-let queue
-let deliveryMode
-let priority
-
-exports.register = function () {
-    this.init_amqp_connection()
-}
-
-exports.rabbitmq_queue = function (next, connection) {
-    if (!connection?.transaction) return next()
-
-    connection.transaction.message_stream.get_data((str) => {
-        const sendOptions = { deliveryMode }
-        if (priority != null) {
-            sendOptions.priority = priority
-        }
-        if (channel?.sendToQueue(queue, str, sendOptions)) {
-            return next(OK)
-        } else {
-            this.logerror('Failed to queue to rabbitmq')
-            return next()
-        }
-    })
-}
-
-exports.init_amqp_connection = function () {
-    const cfg = this.config.get('rabbitmq.ini').rabbitmq
-
-    const protocol = cfg.protocol || 'amqp'
-    const host = cfg.host || '127.0.0.1'
-    const port = cfg.port || '5672'
-    const vhost = cfg.vhost || ''
-    const user = cfg.user || 'guest'
-    const password = cfg.password || 'guest'
-    const exchangeName = cfg.exchangeName || 'emailMessages'
-    const exchangeType = cfg.exchangeType || 'direct'
-    const queueName = cfg.queueName || 'emails'
-    const durable = cfg.durable === 'true' || true
-    // var confirm = cfg.confirm === "true" || true;
-    const autoDelete = cfg.autoDelete === 'true' || false
-    deliveryMode = cfg.deliveryMode || 2
-    priority = cfg.priority
-
-    amqp.connect(
-        `${protocol}://${encodeURIComponent(user)}:${encodeURIComponent(password)}@${host}:${port}${vhost}`,
-        (err, conn) => {
-            if (err) {
-                this.logerror(`Connection to rabbitmq failed: ${err}`)
-                return
-            }
-            // TODO: if !confirm conn.createChannel...
-            conn.createConfirmChannel((err2, ch) => {
-                if (err2) {
-                    this.logerror(`Error creating rabbitmq channel: ${err2}`)
-                    return conn.close()
-                }
-                ch.assertExchange(
-                    exchangeName,
-                    exchangeType,
-                    {
-                        durable,
-                        arguments: this.config.get('rabbitmq.ini').exchange_args,
-                    },
-                    (err3, ok) => {
-                        if (err3) {
-                            this.logerror(`Error asserting rabbitmq exchange: ${err3}`)
-                            return conn.close()
-                        }
-                        ch.assertQueue(
-                            queueName,
-                            {
-                                durable,
-                                autoDelete,
-                                arguments: this.config.get('rabbitmq.ini').queue_args,
-                            },
-                            (err4, ok2) => {
-                                if (err4) {
-                                    this.logerror(`Error asserting rabbitmq queue: ${err4}`)
-                                    return conn.close()
-                                }
-                                queue = ok2.queue
-                                channel = ch
-                                this.register_hook('queue', 'rabbitmq_queue')
-                            },
-                        )
-                    },
-                )
-            })
-        },
-    )
-}

package/test/config/tls/ec.pem

@@ -1,23 +0,0 @@
------BEGIN EC PARAMETERS-----
-BggqhkjOPQMBBw==
------END EC PARAMETERS-----
------BEGIN EC PRIVATE KEY-----
-MHcCAQEEIIDhiI5q6l7txfMJ6kIEYjK12EFcHLvDIkfWIwzdZBsloAoGCCqGSM49
-AwEHoUQDQgAEZg2nHEFy9nquFPF3DQyQE28e/ytjXeb4nD/8U+L4KHKFtglaX3R4
-uZ+5JcwfcDghpL4Z8h4ouUD/xqe957e2+g==
------END EC PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIICaTCCAg+gAwIBAgIUEDa9VX16wCdo97WvIk7jyEBz1wQwCgYIKoZIzj0EAwIw
-gYkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
-ZWF0dGxlMRQwEgYDVQQKDAtIYXJha2EgTWFpbDEXMBUGA1UEAwwObWFpbC5oYXJh
-a2EuaW8xJDAiBgkqhkiG9w0BCQEWFWhhcmFrYS5tYWlsQGdtYWlsLmNvbTAeFw0y
-MTEwMTQwNjQxMTlaFw0yMjEwMTQwNjQxMTlaMIGJMQswCQYDVQQGEwJVUzETMBEG
-A1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEUMBIGA1UECgwLSGFy
-YWthIE1haWwxFzAVBgNVBAMMDm1haWwuaGFyYWthLmlvMSQwIgYJKoZIhvcNAQkB
-FhVoYXJha2EubWFpbEBnbWFpbC5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC
-AARmDaccQXL2eq4U8XcNDJATbx7/K2Nd5vicP/xT4vgocoW2CVpfdHi5n7klzB9w
-OCGkvhnyHii5QP/Gp73nt7b6o1MwUTAdBgNVHQ4EFgQU094ROMLHmLEspT4ZoCfX
-Rz0mR/YwHwYDVR0jBBgwFoAU094ROMLHmLEspT4ZoCfXRz0mR/YwDwYDVR0TAQH/
-BAUwAwEB/zAKBggqhkjOPQQDAgNIADBFAiEAsmshzvMDjmYDHyGRrKdMmsnnESFd
-GMtfRXYIv0AZe7ICIGD2Sta9LL0zZ44ARGXhh+sPjxd78I/+0FdIPsofr2I+
------END CERTIFICATE-----

package/test/config/tls/mismatched.pem

@@ -1,49 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDcg5h5TVO1gECK
-yNCXbpJduNqJvhE6hyVb9q0WRR8zKHE7DnOog9JqOcrz4mv3TmszDZ2511mGxo/v
-j2dAYakU7HxEuSqKX1CsjbDP3xa7IvVCaKQbcMImq7dzmenXkCdPivuglZmooZen
-c18QZ6YkrunDeh/OcP8WAA+9yYXp82lmKPzKNkJETfGVXff0loXWR5SSjGXYvjqm
-XK6IXqPcuNriUTmylLx2149O6RWJPaZ2YYxTOHTeV5OMeEHjLpAOShCfZi4VYvAe
-GZSFq5UdMv5QD1k6BueS1Ruf6ChCLjfqkMcCAw8DOY8oxvzovgM/sgBcx3L00/pe
-QeSegG+3AgMBAAECggEAW9qJEcYvH0SMHgNmOB375ARTK9s7S/jti/Aly0gBpgqr
-l+D+NmyqokruikZ/mKVWrA546+eTSDu/yxcd+Eh16NxVKz9CRB9N+IKQ6xXPXyZB
-qWbzLOb8SKVwpjuvl3ZZmZ2YER0fw4mEJWE+cRPrtg4SG7XsN88DwoNGC1U9beSL
-vZ3lDuOMHNBNGx5k608i5HCV8Ty3Sz8ksvL9fPFwUpKAvRuG3lYgS+GxSrijH+KO
-vIwXAu3E+7MIPXdbsg14HBRRHEfyQlRGV8rj3e8neDLFarB8fXDVqIsko6/D5qZZ
-D/jXYW7pcafOGT0PTbHxUMrUxahhAjKKfPt3Y7JVcQKBgQDzIhmN7SbQvu2dl54X
-XezrgKteDVd4q7VYVpiAjNEZA+kNdBcXC6k2T5WMNPesNwyFIoDLDFWUg4FMG/Mc
-KA1eArBocGQ0gQvLlnlUxBy519e/AAj7jTspLi7gAwLqfTo0TGdTH/Hfq+1uCXys
-dd3BKYnDKc4aDPTQCEkRzfPHDwKBgQDoLw7MZecGnNNrqArqsOaOO1uUKFysW6pi
-2ZU7KKj1x6vKGIW88YmzNBPCj4LU8XlXbR1isaSs5TaWgc6N0aAEXwA6TN/8PXhq
-6IXarR1WJIq2DEDtdBrj2AiaPoF8Y6hsebsQs+EpyLx8MCGLaucYJvqyK87ep000
-mXQuyfgM2QKBgHCLy2qAaeRdTV8S7TKB3wcQ88LAyEnqqjJvO37eMHi076+zmnCn
-jDfA1UgmyLNmdBw44YeceQ0bZsHVek8BV1a6RfDCfhAz4ELor9eGRInemVcn7ACN
-2uHwJ/C4VCQ5vbSx3W6ELhHM40Z5i8XFddZRpRy7gFVcxAJ8o15jiMIPAoGAHiq3
-DoGS8b4AjjVILdQMMKCvtmFEITTLv4orpIMU6NInlNt4zOLJFFqI0reYtRgmvuAz
-eDZCgiBJ5mY5Mx3wX4EEY47Hb1uBQMqzUYU6kY2v5BVVfkSelcnk3D2Qz1uXb3il
-gHcOo0IskyohwZ6DJhUyb2HXwAAWvOXPPaEKNIkCgYAqWhzYCAoxZ6f7i2I3J1JO
-5OaMi4+9YR3ivTDcKVYp1ZOzANe0gsQlal/gf2fTjG35b9FyK3Lo5rp0QLKxv2vh
-6dR+sk+58jJhk8H1kPNIVzvA4SAd51YoE0x7edi7+5vDMwlz57yz5rwMQvN1wUOO
-5Ev9F9qrVJZFF4Ei+fRW9Q==
------END PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIIDXTCCAkWgAwIBAgIJAIloeq99SSuwMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
-BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQwHhcNMTcwMTMxMDQyNTIwWhcNMjMwMTMwMDQyNTIwWjBF
-MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
-ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
-CgKCAQEAyMYkzD7HnZ29d83Hi2cTOVRsNJX/oTwwq7SiZwm8cwt/bMj4pK2XFxHK
-0UDHSTgERKLSTCZJRvvGnWyBGRfTkdYui605gxlcmUkvHY5ZJ658iLnFCyrKkTj6
-hZOCtD2Y4P0WUItt4LsU+5smluZoJeeNfJG3os77LHb2G7j2U8UbKyH5uYRGecmt
-cuFfIPUxny2Mom+3BySb1QDOcMO1JtI2IzbuRKUlWicIjhqGyYTm5ceZoGt18hSC
-xilH2dT59rB2XKZ2gR1oA/Zj7EXCxzUvw48JuPZgbayuhRgDIPJVh26PDR5atYkq
-/RUtMaeurPTL++BUrGYTObLw86h1FwIDAQABo1AwTjAdBgNVHQ4EFgQUsW4yJbIS
-kLw2Q3V2a2vjWkzGo3owHwYDVR0jBBgwFoAUsW4yJbISkLw2Q3V2a2vjWkzGo3ow
-DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAjom2PQHtX0hCpMZovIoA
-JHeGMffuoP2N1445SMkxvxfcawK4LP/eeTvHGsBukBsVqa206orqooYVd3UWtcSQ
-rKfkwM0fQ1j7vCswJfCE3HIGtPyUTrtQHLAbu0vNeIlAH2v/wJZ+rhjIc3DrN8dt
-u2dnErb4V/KM5f3vlyZQgLvwJisx/vzvTYD0GC0XteHwxkJ6mpnH3ORDVyLaBZA3
-bFkuB7iwp4frwdvdcIDYVcuFBaLcu1zoJuSdEYNXo5d4Ji6hnSTyZsXz4jkGoH7n
-5OLoHzF0lY9EpyLMdINWOyodxTEXjKUWggSUKsFRWkb8cTUjp+0lfvFiJ6gs3H+a
-sQ==
------END CERTIFICATE-----