From 281d367ec803f0dab785173fff7ed31f7b880144 Mon Sep 17 00:00:00 2001 From: Shahruk Hossain Date: Thu, 25 Mar 2021 21:33:49 +0600 Subject: [PATCH] test: fixed go TLS tests by adding localhost to SAN in TLS certicate - Go >= 1.15 dropped support for verifying hostname/IP address in the Common Name field of a certificate. It now requires that the hostname be present in Subject Alternative Names (SAN) extension. See https://github.com/golang/go/issues/39568#issuecomment-671424481 --- grpc/go-juzu/tls_test.go | 91 +++++++++++++++++++--------------------- 1 file changed, 44 insertions(+), 47 deletions(-) diff --git a/grpc/go-juzu/tls_test.go b/grpc/go-juzu/tls_test.go index f9ccee1..32ad057 100644 --- a/grpc/go-juzu/tls_test.go +++ b/grpc/go-juzu/tls_test.go @@ -30,60 +30,57 @@ import ( // The TLS certificates below were generated using: // -// openssl req -new -x509 -newkey rsa:2048 -days 36500 -keyout key.pem -out cert.pem -nodes +// openssl req -new -x509 -newkey rsa:2048 -days 36500 -keyout key.pem -out cert.pem -nodes -subj "/CN=localhost" -addext "subjectAltName=DNS:localhost" // // and are used for testing only. Do not use in production. var certPem = []byte(`-----BEGIN CERTIFICATE----- -MIIDlTCCAn2gAwIBAgIUISO9AdBzEIxv366ruyRniPVrA8AwDQYJKoZIhvcNAQEL -BQAwWTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDESMBAGA1UEAwwJbG9jYWxob3N0MCAX -DTIwMDExNDE4NTY0OVoYDzIxMTkxMjIxMTg1NjQ5WjBZMQswCQYDVQQGEwJBVTET -MBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQ -dHkgTHRkMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IB -DwAwggEKAoIBAQDdF183r5B4ZeM677SYQrf7JWc26eBN60mqOSC18aeRxkeQsgO4 -X3Y7wpQRcVdsm/i291otNIOWm4mJLLJFVE87Yq65gH4O4MHxQNlhZ0Bf1J8WsbsF -RHk3LF2rhUBll6cG+Z1OX7mCtmM33znXDFxTf3/DZ5XgeleNG98umeUMg8rHgj2y -UB4nwoMbeJIjk7e5tBQKCCNOYM1Mda1wzrvxo3blXsIFzpxLqQ+tVnYuql9CYjX1 -69Nwq+Dsgv6zNWzWMlPTPAKdbOVVvXV2hfQ3LmnuzCv9t/TUdwkdyUMDUkbF+T8v -eD5bMP3k8lYuaNu0YQmbgbKvklK7voaEFte9AgMBAAGjUzBRMB0GA1UdDgQWBBTO -3ItCZrqn4cPtvGiVT1BQ+gzZhDAfBgNVHSMEGDAWgBTO3ItCZrqn4cPtvGiVT1BQ -+gzZhDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCGSvX5vN2F -siW23KnlurUtNiSoPzwSOwRGzaPcQYc1rdTXfN0F3Hj4qRnVJ+9jl3z6/xQnrgzg -iQ+4bZcnJeebmPI0jMZZXDXdDnp/Ze4klELpG53DzVzGZ7FvENmfNFIEIx6hrT2K -TDrWfZomjYu4Tn5rGAA4TflA9u8AWHYcZDLtjiwuHNFJLY6PdZSJU+OaPJXztRDV -jg/KVCsPH5LLxZy1U175YbWN7nIDvG2/H7o2vQdBs9A8lJ8CEGr2/jXTl8GDyOYN -6uHPipr8Y2rvh/jY8HalYo3x5gXM7AJk4OBh6x/Fcw6L0BmUHrUYvaU8UbwjraKF -PISX1spqbI8a +MIIDITCCAgmgAwIBAgIURF9ueWPW7wLSODqDuGMxFrVQIdYwDQYJKoZIhvcNAQEL +BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MCAXDTIxMDMyNTE1MjkwOFoYDzIxMjEw +MzAxMTUyOTA4WjAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQCb8iDrB27cKi4ObbPAth3gybv4d8baWa03RwgM9k7m +mG6cHD3ZKZykiMZhtn0QrmIzx+pUU7J3lCkYcpBuPREYtNjlwo17Btr0/B3duVeT +jA7hb2HZbL3h2mUeTArS0ljoJ+6qhdjBTeDE5isc/favceK/4p5Q6mLU7x1udeyP +RGY8p+zkzZ0u62YMVuuaz9NWAJ3wAhC29ci+8Ub7oJBP01Lk15yZlkipSRpKGixq +gcLZQtCQpCmZP8cIwvYPc8xvxMq0cl78tyr+AD+6jZo1wEgyS5l/gPgTjlTwVDn/ +1mRZBXiwP2Mza/SkTk5JwlapFAuZ3J7mTCbmsHawtb8JAgMBAAGjaTBnMB0GA1Ud +DgQWBBQIoEPhVqkC4kjoMJnIz57YZHHbxTAfBgNVHSMEGDAWgBQIoEPhVqkC4kjo +MJnIz57YZHHbxTAPBgNVHRMBAf8EBTADAQH/MBQGA1UdEQQNMAuCCWxvY2FsaG9z +dDANBgkqhkiG9w0BAQsFAAOCAQEAeP43p+fc1IrDAdVb0l8Wt5NexPae+Xqigxm0 +vfR74lokSWvGeFtXH1nX1bsfvC5ydwS7x1+j5iZsC5x1w0pXSbp9n/go6VOPhpLH +BfzlJrNxHxwd3R12B18tyE0Bn6NcXTr4xgAZOgRSXigQnkt+6nO6sa3EpH8C/Bm0 +xFOSIvJzQr8ksqEvZnFS4TFNRt+Un/SfbYfIxn1U9YPeXswZg+c3RKCrtqAUULOb +6+zR6Qml1TTuQFWRmpY++j0HC/0YCaeACLgQF7b3Hy21j6kFe1uFhnZgRYO+tpS4 +DWWJnuh3aXY43/Fz32Srdl7RWgw7Y6j4LGKgF4n07h7qcsdp+g== -----END CERTIFICATE-----`) var keyPem = []byte(`-----BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDdF183r5B4ZeM6 -77SYQrf7JWc26eBN60mqOSC18aeRxkeQsgO4X3Y7wpQRcVdsm/i291otNIOWm4mJ -LLJFVE87Yq65gH4O4MHxQNlhZ0Bf1J8WsbsFRHk3LF2rhUBll6cG+Z1OX7mCtmM3 -3znXDFxTf3/DZ5XgeleNG98umeUMg8rHgj2yUB4nwoMbeJIjk7e5tBQKCCNOYM1M -da1wzrvxo3blXsIFzpxLqQ+tVnYuql9CYjX169Nwq+Dsgv6zNWzWMlPTPAKdbOVV -vXV2hfQ3LmnuzCv9t/TUdwkdyUMDUkbF+T8veD5bMP3k8lYuaNu0YQmbgbKvklK7 -voaEFte9AgMBAAECggEBAK18w4jMyQ7Q1KfQpOO9puT6Cq36g7pg4OMkBNkAkT9A -WbPfHDA3KG3oV4wAZluhYF8iZa6HQKKT1i6/1fu1Fp9A5l5Fx6UhFM6c1ncqMEeC -bnu+Z0TQ4FU9CRuoaknN4JEGmjt/vfAl8mFLVvW6i1AyAi1xQRhup/jgYBcPR76y -zcmgdyaDNX/Z4rPAIzPTJbEjPhV8L3J8SjM6CML9k03QA6GALyVIJwUOUy/qJtYL -9UrUFwE+jjbifWjIpNjdKPFi6ltgSk9cOQZXcKWw+0CBJ5q3cZ6m6faqnWyDMHqP -garQd8bHzxG5yrVqrYiP8Mv2vD+cham8Nl2frJsK4cECgYEA/yR5rTpaFkZ9fV12 -/r/KLapClg9R6COwBWk5nPvGde7rLMPVg2sQgyzfj7fRvZiQDx9zjmn96LJX+uwr -do88rWFUCmq5S/G0p1UD3DEW1b/YcN5D/nnG0QjeP0PSmG4Aj/SxDUD8AX1zwCpn -/G7dJame4A45tW3oxlGDMUPIwHkCgYEA3dWZV2VIHk5Aa4PJ92iTCtIPQnVb7140 -WL2cCmsvIWe/UkHvHJZYcgB78OOuNET3ijI83rx/Ry2iBapKnuHxbl8npOw+8btZ -GakR0Htbns/sOqfb1jruen6kw+HTZaYYYEckHw8DiARLc4PlC6WSsYhL8W2Jl+SD -mwBb4NJQKGUCgYBGcR2e9BNXPxL6f8mQwAbj4LQNliE5BFFezRR5ARJkERig/Vh/ -thmS/dqjZU7lF6/+XOKcmSrfCg48WuQNEbLg85QuZBTQoOUNpe0w5+S0EwmA7/y5 -z4lSwS4LLYCBUS2akSYo0J5DEw3YKl0XVsx7z37rwUGxk6zGxE6CVYKhkQKBgGGh -PyJqjcngsJNg5gM//+70MgkSs4pukGU51bH0KELwcRBXuk9/j59kvSdwXNveOn+U -yptQpEeEOtl5b+vrDqF/uWfpHW6wAG+9q/xwPgtwAMxz0dnAB/LbR9J50drbtcCx -rqEIr4ouMbK+KpDsptoBXUL87WBvDsip6MXSabrNAoGBAKKjpwZXPBUfjRMEWSrv -AQLrBifzWHi6NbC+yFxdbaidzOzOLfxMXUKW8MRWK9Wsqza1r/bubbVTakzzFuZa -sxjcfOmE0/ArjIxeMLVvaXbY1hCgwdplJf0JyksidT7njIkXL+vFwq6VD5R+JCC8 -MqcOXU7V6srirJOObsIHyC/i +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCb8iDrB27cKi4O +bbPAth3gybv4d8baWa03RwgM9k7mmG6cHD3ZKZykiMZhtn0QrmIzx+pUU7J3lCkY +cpBuPREYtNjlwo17Btr0/B3duVeTjA7hb2HZbL3h2mUeTArS0ljoJ+6qhdjBTeDE +5isc/favceK/4p5Q6mLU7x1udeyPRGY8p+zkzZ0u62YMVuuaz9NWAJ3wAhC29ci+ +8Ub7oJBP01Lk15yZlkipSRpKGixqgcLZQtCQpCmZP8cIwvYPc8xvxMq0cl78tyr+ +AD+6jZo1wEgyS5l/gPgTjlTwVDn/1mRZBXiwP2Mza/SkTk5JwlapFAuZ3J7mTCbm +sHawtb8JAgMBAAECggEANGCy5b3tYk1Ygsgd49BHYMThOachRx1vrG1TKudfwNvZ +6t0heNsdHbZCy3b7sqqfmTzAW+pwuvEsjGWOVTh1kZLMdv9NfdDjof08GsixvYEB +Tn6Woux/KmisJezshbrY2cDvzJ6AGw0JPZkBSg+S14Ks4j4/ZnYTE+nsPLmm5sdQ +RxLyVFhENzb7Rc5ILoLNQse1XaP+tBM7zh2NKEDuZgf8Upylom8g9XhHQDfLGxUv +JY0l4ytOCAbtxaVLv4uFqDUJ8SToQoVYEZVJ+bET5frIdKhiTKSDMbHyATFjiKug +Ebd7jHSE7z5XL7naQdcO50Fwna63+c8vcaHZeHyswQKBgQDIXoTMkL1Gc/dSxN7q +UpIpXOMQdpxdqPND4wMzfnBoXbCCLwhCKfzv2I5FpwceuWVVcRMrE566eA8fl+6k +pdoFWesMa9IRKfzIVovx8ok+wXSCUXhMCmFWcC/eQI94UNcwDxJU9QVcmW+oeLc+ +H3s/Umr/Aa/d5hpqvsJOdCYYdQKBgQDHPinm4mKUbASnb7yxKlcc880GUVPg1GU8 +aWG7xxWP7idwnbOICUrf5xdxlwlug2DhBio1yjsOy1luZoNDiixZNURLudKrPfwW +j0tq9hU5vPnGuNrZ19pdaf8Z17Ca3KSTFMhTjgIjlhYWgjLKEB485ltctlPbpo9R +nZCFzsuZxQKBgQCSqr1CkGA8Bf7wEzOpCi/7HwcGsgvbcyQ+eRmKw+68NnhRkuPU +qq9/UWEzEwRfNQ478L07Nu1lSSSo16nT06M3b45iVTo7XiSu8MsXm5Vi3nDOQ5xu +7No7T3t6kH90bphVkXK1xXTbR2U4SMS5MIoi281+RFnbb+e+Y0wP6W1JUQKBgQCF +yQIN3JlhHB8L5wWG2O1hrXtP8LAn2baYmBJeKlIaMUoeXmY8xDCYo+2kAkz8/g7B +SohxUffR+U11yjP91/vrcs8HIiGJhreM1m9HxTF/cZsuitW5TS19aD05NxGJCvsf +H+db45EgIBl4x7ge4i/LqMpUOMGaTf8SSIDQuIkSGQKBgDdF7tfXbJ6E8EdD3EMW +norwTQAFKoAyJlF7BUEVgjyZt1GKkbOZirO4QjtTgZk55TpesXpTcbN5Fl4I0Zll +QdhDNHP01pJ/E6AEfTWFnZGR0kzywhS8sPKjXGYgFXM05i9Fu4jaSKkkb3eCiW+V +w5EChlKjaj2TFOdi/2jHhMxF -----END PRIVATE KEY-----`) func setupGRPCServerWithTLS(mutual bool) (*grpc.Server, int, error) {