Commit 667831ff authored by Julien Muchembled's avatar Julien Muchembled

Review some re6stnet options and update demo

parent df77b6a2
-----BEGIN CERTIFICATE-----
MIIDDTCCAfWgAwIBAgIHASABDbgAQjANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQG
EwJGUjEPMA0GA1UEAwwGVlBOIENBMB4XDTEyMDcxNjExNTMwNVoXDTEzMDcxNjEx
NTMwNVowHjELMAkGA1UEBhMCRlIxDzANBgNVBAMMBlZQTiBDQTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBALMp1ojWB123yI3kxM0x75sq5W3QJ+rfg5SH
TLvc1CbUeNQwMeJT/l2OQG7D5jyrw4wjAK43w+DKnoJ8WK8sfdrjZ5uDEmfaR9Tv
TvyCJsIS4g9YP0ZdCNKA/7swlW/erbiDhhlOxrqUonxjU58/aLa41He/v/cEEiyh
vymJqXaRsuDP3ov5zMOM85WxX5Uf3UySrqQ7uN82k2gEdVJfORClW6nGLzrAQUiu
TOUBhlGZjR9FymuGi8jWIMul2wmxj/LI+B9c0mT3GFOU9Sg3HIfQQ+Ea/QoCslmT
CXN0OPlFVhhwtMSB7fviCvUQgzLN7H+Q3nLVqza1f2XBdNE5zmkCAwEAAaNQME4w
HQYDVR0OBBYEFKAM2cc4IXnFIZuYD1IK6MItGzSdMB8GA1UdIwQYMBaAFKAM2cc4
IXnFIZuYD1IK6MItGzSdMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEB
AFIqN4FoxebGAd2f60J9s60a7IExmrrGOCEL+x74XCV+4QBI4UQ27KYzGltXgBO6
eyY2urg2b8MyCjU/U/N5iK6QhzIUw9oGY927V/6WxlMX/DzKAx9VQg2oIxDrj+tA
TpUw9MxlhL/VBJDxuJe6tjM0zdevTVeDgQAJa0UGMTqfMDFjN53WY+ZUyI/0TXwg
tDmEguWFuE/1O1lzZIq9Bv+5lsIsXynzshDLX8t5VGHrPQ8kBs6v7wTLfdtJyDZz
/jLm5Us3/tUB71aMUa3+7bJEFdqtdasbhBAJAgI4hKszmZfsI9H4NHKWQ51cQKNh
P7R0fzBg1J/ueLW5vuPCkXE=
MIIDTTCCAjWgAwIBAgIHASABDbgAQjANBgkqhkiG9w0BAQUFADA+MRowGAYDVQQD
DBFyZTZzdC5leGFtcGxlLmNvbTEgMB4GCSqGSIb3DQEJARYRcmU2c3RAZXhhbXBs
ZS5jb20wHhcNMTIwOTA2MTI0MTM0WhcNMjAwMTAxMTI0MTM0WjA+MRowGAYDVQQD
DBFyZTZzdC5leGFtcGxlLmNvbTEgMB4GCSqGSIb3DQEJARYRcmU2c3RAZXhhbXBs
ZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzKdaI1gddt8iN
5MTNMe+bKuVt0Cfq34OUh0y73NQm1HjUMDHiU/5djkBuw+Y8q8OMIwCuN8Pgyp6C
fFivLH3a42ebgxJn2kfU7078gibCEuIPWD9GXQjSgP+7MJVv3q24g4YZTsa6lKJ8
Y1OfP2i2uNR3v7/3BBIsob8pial2kbLgz96L+czDjPOVsV+VH91Mkq6kO7jfNpNo
BHVSXzkQpVupxi86wEFIrkzlAYZRmY0fRcprhovI1iDLpdsJsY/yyPgfXNJk9xhT
lPUoNxyH0EPhGv0KArJZkwlzdDj5RVYYcLTEge374gr1EIMyzex/kN5y1as2tX9l
wXTROc5pAgMBAAGjUDBOMB0GA1UdDgQWBBSgDNnHOCF5xSGbmA9SCujCLRs0nTAf
BgNVHSMEGDAWgBSgDNnHOCF5xSGbmA9SCujCLRs0nTAMBgNVHRMEBTADAQH/MA0G
CSqGSIb3DQEBBQUAA4IBAQBZQvMkCSCrrJoS432kJUg//iB0+c1mftbYTez+wqHq
NzEPnv5EWJtYsYvZUx6huNvrv5UR9S9MkGyH1u8kw3mW5lRKTPBC9NdAgywhsDES
VTDx02EZhsKEA2VaxhirGyJEDSgXADQNZNtB0Mw+M8/tociZKOiih6gwJw3sYcDz
9mTQFG44YG2nSmxEqP2m+32km0gvxLNIyoCnZN1x25dcRcJ5H9AbbIfSZxC02rqc
Wy0HLmfa7ZPLYD5Qz/TuCXXRXxyy5AYasVsz2GdXDNXRwiEmYqfM69EDtwZqTPZj
cfJdgSNqrysIXYE6SgBi6RUtOlmBubdxke4EZZ4ImdGo
-----END CERTIFICATE-----
......@@ -26,6 +26,11 @@ if not os.path.exists(registry):
sql = open('registry/registry.sql').read()
db = sqlite3.connect(registry)
db.executescript(sql)
for prefix, cert in db.execute("SELECT prefix, cert FROM cert"
" WHERE cert IS NOT NULL"):
i = int(prefix, 2)
with open(("m%u" % i if i else "registry") + "/cert.crt", 'w') as f:
f.write(cert)
db.close()
def disable_signal_on_children(sig):
......
-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyNTA1MzAwMVoXDTEzMDcyNTA1MzAwMVowDzENMAsG
A1UEAxMENy8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMBm39B1
mHqMnb31Eig/FhcWJOvaAMfYwrxcuLWfM0orX+4M0Qj3Loqpg7Cktzj7TOMCxhdw
7cTyoVTAQX0RVFk+jmsYOD7RGZGUB7Wa3+DG/vhEbPcq5SuQMls/VhNOhw1clgBG
Dg6bprdNyTJGVlxAzioZh9m20RHjEiZFiFjd5EZrUUnV6PNAXS4SNF9GQ360Pfh+
/agGliCM9XBRq2zqD0+bmy5RwYKMGvQeeQsK5K4O2PAivel87YGtGQtqfXaKDpVX
RxCUPyBj/irSE2xv/IL3BiMTR2FEUegzPtGs1ryBXx9bls6D6Y6v9+KtKHs4icAD
tKRyUN/AKhUOafcCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAOt3KUHqzkMTVsHvy
1AsD+pFwk+l0n8EF7zfACSSRLAWeh2uky8/1T0NSjIPDBwMC44m2n57QScno59mi
QCdI3eJGLHYeOOV/523vuQx3TULjoxEVhux3WkO/OrgRdRSGxyspnb9XR2ExrLXa
jwUkpa74kvFdC7n4UdSdhf5MC3CBOi8k8bs/fzIbj9oW+CtWebwe5dfBAKjHxjPy
s1PiWo8u4fp0D0ljznVEw2Z+HvfmtxKKoXMtz14fM+i05i6A70eFYWgzbv4cb1Fy
jyz1bgEdd9PUeikRRcpHNOYHQd79Q3f10wliqqxZXTB2bsdMD9NFmDnyIk4wEz3N
pAA5fw==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyNTA1Mjg1NloXDTEzMDcyNTA1Mjg1NlowDzENMAsG
A1UEAxMENS8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPfcxv4a
S8vmvC5hgXQx/51lviKt9BaBDUr9EPwxvJoyWwDjINRhcxhXg1OhUALJu4fCGOGr
oE9pEvoWZRp+GOTBrTXxf3cEN5OChyhMr0qnZZbDAeFZOtaN4rjTuIH7nONDKkC2
DszWuwTBPJ+p8048Qq8MaAjM08s5sUmvmiWA7zZbtk4RY0coci5W/uf4pnjjB0A/
ZfcpBQIuSxFacAD8aDOv8SEb/OQtX1oAlptGcUTpNS12xgs/sOhF3qqqXg3/OX6I
VK1ffvc2GQd3Ovmu82e7WgFkt031foVPe0kuj0W9zPYvjiLFL2xCBxP6TGn1iLDI
DOMocZTRVFDZP+8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAg+jU0OWHYuUW6LE9
qkKml7vH8EEeSVmZF82p6YdOxEQMPfhdoNKcLlDWXMPlAk9+areItd7hjhMJj0N1
SZr8+3NeEx8Yde4h21j/MSQNmOkXUppYxXFeFylA4R0EVOFxZs5mrMbaeSn7e11j
E7zUku78dTGKDCKuQLzdvywDHzo260f8CKOJ02XaWYeuVDyziCWO+HpAhdUKHJBy
pQH+TZB+jjbs5dfCaQYUZetmqYWPECx19ZcP39MocsUHveIXJ5gmBLKjU2BqT07C
0dfh38tYazsl1NeblDksKvSOSNdpwfI0DFfMvLE3OY1BiDy/0rLwOSQeKI8kHT3C
+kdkjw==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyMzA5MDU1NVoXDTEzMDcyMzA5MDU1NVowDzENMAsG
A1UEAxMEMi8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKqbrhL/
yPlfnh+floUyX9yjk61fXzQD/FymcypFcs+6cNyOxzx2o1JiLOh9ETb9tXrsZ+ZC
pj21Sy/+aEWtAbrRwtLeomU+AbOKB3r3Ln5TnCXc4YFOVuul+yNz6pRrO0qtV5Fx
vmHFynpojPnWOPkIhEXYgnBvpHouDvM/u3Ljs0aGGNgb2BNwnZfncQwtmsaoekCe
V0aao3cxbkg6OmQKVbjfdUb9ditHhv8T4ssNo89UVwfnOsdM60kLhqMNbyI0b51X
s5/TwRxHzNr3i15DeAMKUm534zrnU99z6ba6WnSmLANPR43h3otsljJtU7XHUt3Q
J6CkynVfHclUhvECAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgd4aA37+Rhcw0CCt
3sci74/oN5WZz7zNGhHEkZXTuLCm64h1Z74U0aHO24Kje/fhyha8+3hBXJCHre3V
rDgWQfmZZ+NBwSpo94KNqs4gidBUf1ihEswCTz2qnoJovNjsMUJjUUhiJre8zjag
bbjET40XSBxbmf420tU0q6/hYTN1rboEFIu35QVjH+Gaw35BYSqUUzAyxk1eTEDe
EbxtMvBXCYE2TMKhdTwXa5Rj3oUsirwvKVpre/nmBLdTlXleEP1ALf9RAHCn9XzV
4rzIiGy4zJtgQLBRh66OlweGC+LUSQc2GRDqBBTo5yGnBckkaw3tCIVT4sMJP4mZ
ja8FPA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyNTA1MjkyNloXDTEzMDcyNTA1MjkyNlowDzENMAsG
A1UEAxMENi8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANtC8H6a
Sr79bS+kg8UtNLoQy/mSGjfMMvA8k069mTzzYQ1+0SUadVN00sdEjOEz+HoyhM55
ipBjFhTUCe9A5RSGiMwaaxB9v/dsDqBpuUSXE8APPlEQkhFlGLjlE6OsmGI5mbiZ
VL/gRZ/jigxjcYuekNkB0Vc2HLu1Mka6UksprVk/C0jMSowqRheMQtqH5BmjgLiB
TCx24on8eysPRwuAZ2gIOEs6z0k13jhzoDyp3GGBV1JbREE1GBiN97h9bTeC/ivV
f1kqqioAG6QwdlZvhwo5Q9sVWmHIw/qDgXWYV1CCIsMFsIdmNVejaSiYUI3hm9/o
t9uCAMSlpSIFzY0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAslE24ttNqKNc2Bea
wIwqii1YKSvLxLtN5aXpvj+sFwcfAcjgGc4ccputqknETKUIAZ6WcbnK3gYnx5ya
HYBS5MiJuZh4FWqrSwJLEIo36pTZvYQx8KVEu2P/lOaokzPrXp5a8Lq+bw7EdCQH
1PjK8qo11trZT4thei5lPR0HxFgDexAPQ8CwOhAXb51xIIwWXdAGla7x3MPwf7Xo
R0YNR/zjm1UGb2DMT4vzPoPSjgZNf2Gg2DfqdtcpUlzd8sMyH6c+iiR8qe/7Lpzt
KGE/vo0VZVbKrANbrfdqrn8ZQV7yB+zXlCEWfqfBy+9NymF5uncJcKHSlhmClCuR
VH8hMw==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyMDAyNTc0NFoXDTEzMDcyMDAyNTc0NFowDzENMAsG
A1UEAxMEMS8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOXp2VvO
sIpiLl6da9dRvuxjfDHY5yQOlj4DrN/zrVwVM5Wl+4mwafbORmY5d6vLNSLgvu1s
jdlRe0herBzs707YcN/z9XTk+mfxyy1vhWVl9LeqBRLMgoTGYHMLyuKIT6xVFlHd
ECfsC2vjLBzKPjmMSduTjsxkAjm72dfOw51+KJ7Nd0kAeevR7H882Z6yPfvUOuPC
zEQhqAurV0ujuUqjVFzx1OkZNS1yme3cMJWXfg11JpFYIwc9G641vzrAfiOtQnjd
gq0v2eHJMmphLB0cXvf5wop41r5ClxEi/YgZfak5FLNjh5G0uJSG3si1rl4CCTnc
Hz6G1YMCnto8FMkCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAXIVyAqtoy0239HSc
zENpdWL9tmCiYk3sgBqAhmBtxBVOvflcLhA8IIEaiI07LOHXfIZVxkX1D6agFc4B
R/lltDVnjglGa9L7R5eFF9BtlCXyM+bBYzMnCH7yyw4TNspZg2quaOyFETb46pNL
g5FwMZxxtWb2+ehROBnk3VtuDA/0vLW3qQMf8dArtObsp4uj2ZAjUJ9+liBbwsar
wTPVCqnohPFNwEG0g67D5yHD5WinJpRJ7X12m853oSNz6C1Pcna1yb3u9zKOAto5
Iue82Lm/e0U2xPBegIgwwQFbSuAr1HUnmFiV2/KoNW8tFnjYoXRy5nPXoHiCMyCE
jreVUg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyMDAyNTUzM1oXDTEzMDcyMDAyNTUzM1owDzENMAsG
A1UEAxMEMC8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/J8RTg
KmHHsrhx70VJUHQx+tlwoRT9glnSUeFquJwN0sfRs/u9ZaPnwDhwBNOEKBXw1ict
HCqnVJ4DxxgkOcdTftibFEXIdUdtMLEehrfbzZ7jJhbNHzkBsP2DfdISNP/tH09O
EYuNfvfkL8BdJqi2Yc6Fi+V4DpYX9ByjJZQdAFh8ROG71eyheWImw/XJ7Bpu3FLj
xyAMDl7+aLNgj8VCHlxIha5PSEpYyQqhyUXKM4bFI6KrT/1Zx+rkzJ0uP6j6iBPI
UWqktTCvOfyjUYHNv8GjsKT/6bWimj3rPOoPaEDcmIqhA0GdPLuOUkh1lm+PjM0N
7If0U7Hy4ZlBLLUCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAGkI/qlb9SYsbt+zG
MO+ThK17borBkf/HQ8KXJ535xx9KwmEqYo9DqKz8YVm+Cvg1KigyQLoBEx09yGJ7
mvUL8ZC5Q1ag/XgQ0g2+ickaiJ4zkVBCbAi4iykdEjvP5RvZqYMx3l70WcEJKnZB
alP4rXcbfQqCnuan5YNBjgkAZVzn4zyvlUVT0DKqHksJzL38WURmopocD2vocsqk
kPfJDDcaNE+JmHKW1W8CJDy98Eki6yVPcsjeZ+RSxgx5U/xfVYS8AOF2aB0ZcXwd
nH6joJWMUIu/R05of+a7XJGXGR86PMj0XqcwMx4/OlNxXbMgVnAwAb5Xm6auXHdP
dchlKQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyNTA1MzIyOFoXDTEzMDcyNTA1MzIyOFowDzENMAsG
A1UEAxMEOC8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKrSdByu
pjlYwmw+OEcqHkZ9kNf4NFZjwxOojfJcPoC+pelK/IRxDPnZD5nLgxfFSTzQfLBn
QzzMzexzWmPj2ux3p2nhjT5/Sot40zJa6cJycLg3/g9nOZpFlhDEpyqF92KNIuY2
/r4gMZiDiRZNeyY52lnWVTjehGmYizpBU0KoSSVVSTbUJ5tA7l4bbqitb1nv9m6l
fKF/y1C7TfIbHKDRYOk6nnhOEdJxDkvPfSg61qF9UHM3EyPOZ7gq73gPOct59ccL
0v8+tENGtg49X2W/Hlx2OMd+XJHW2nmyvoWlDq9Z1bavuupwlI2bOhOIL309+BpT
JStHWyWE6Sv4088CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAoYRNTBilhwVWOl4R
xaGMtzAKs3FnYjxmh/1AZf0dFIKRPbJ+0fHrwF57oJCXGopgnbcKzqFVzg5XKhZN
09GynKpP0q7d94G077GW4e5XbNnneXs+oEYM9dVRZ2rWdWF4rHNjT6yRxH7Nimw/
9iw2r8fjdidl83zWdhGozBG5AlzuH+i1X88fKBYAR5u6m/HPm5HMUm1o3TgLB3Dt
3C6gyAKRGnvoK9B/RoeloR0Jwz4b5laPoSbH1TotJPLZEjiz8/jFbdG9xmzgS+BM
ciO5NpreBCOrRB9Z7qHf1gX2iRO4mChN7CfWQYVsr5HVqiNmeBQxDkbPx/PomRLT
rlyT1Q==
-----END CERTIFICATE-----
db registry/registry.db
ca ca.crt
key registry/ca.key
private 2001:db8:42:8::1
private 2001:db8:42::1
logfile registry/registry.log
......@@ -21,169 +21,132 @@ INSERT INTO "cert" VALUES('000000001',NULL,NULL);
INSERT INTO "cert" VALUES('0000000001',NULL,NULL);
INSERT INTO "cert" VALUES('00000000001',NULL,NULL);
INSERT INTO "cert" VALUES('000000000001',NULL,NULL);
INSERT INTO "cert" VALUES('0000000000000000','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyMDAyNTUzM1oXDTEzMDcyMDAyNTUzM1owDzENMAsG
A1UEAxMEMC8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/J8RTg
KmHHsrhx70VJUHQx+tlwoRT9glnSUeFquJwN0sfRs/u9ZaPnwDhwBNOEKBXw1ict
HCqnVJ4DxxgkOcdTftibFEXIdUdtMLEehrfbzZ7jJhbNHzkBsP2DfdISNP/tH09O
EYuNfvfkL8BdJqi2Yc6Fi+V4DpYX9ByjJZQdAFh8ROG71eyheWImw/XJ7Bpu3FLj
xyAMDl7+aLNgj8VCHlxIha5PSEpYyQqhyUXKM4bFI6KrT/1Zx+rkzJ0uP6j6iBPI
UWqktTCvOfyjUYHNv8GjsKT/6bWimj3rPOoPaEDcmIqhA0GdPLuOUkh1lm+PjM0N
7If0U7Hy4ZlBLLUCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAGkI/qlb9SYsbt+zG
MO+ThK17borBkf/HQ8KXJ535xx9KwmEqYo9DqKz8YVm+Cvg1KigyQLoBEx09yGJ7
mvUL8ZC5Q1ag/XgQ0g2+ickaiJ4zkVBCbAi4iykdEjvP5RvZqYMx3l70WcEJKnZB
alP4rXcbfQqCnuan5YNBjgkAZVzn4zyvlUVT0DKqHksJzL38WURmopocD2vocsqk
kPfJDDcaNE+JmHKW1W8CJDy98Eki6yVPcsjeZ+RSxgx5U/xfVYS8AOF2aB0ZcXwd
nH6joJWMUIu/R05of+a7XJGXGR86PMj0XqcwMx4/OlNxXbMgVnAwAb5Xm6auXHdP
dchlKQ==
INSERT INTO "cert" VALUES('0000000000001',NULL,NULL);
INSERT INTO "cert" VALUES('0000000000000111',NULL,NULL);
INSERT INTO "cert" VALUES('0000000000000000','re6st@example.com','-----BEGIN CERTIFICATE-----
MIICwTCCAakCAQAwDQYJKoZIhvcNAQEFBQAwPjEaMBgGA1UEAwwRcmU2c3QuZXhh
bXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEXJlNnN0QGV4YW1wbGUuY29tMB4XDTEy
MDkwNjEyNDU0NloXDTEzMDkwNjEyNDU0NlowDzENMAsGA1UEAxMEMC8xNjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKrSdByupjlYwmw+OEcqHkZ9kNf4
NFZjwxOojfJcPoC+pelK/IRxDPnZD5nLgxfFSTzQfLBnQzzMzexzWmPj2ux3p2nh
jT5/Sot40zJa6cJycLg3/g9nOZpFlhDEpyqF92KNIuY2/r4gMZiDiRZNeyY52lnW
VTjehGmYizpBU0KoSSVVSTbUJ5tA7l4bbqitb1nv9m6lfKF/y1C7TfIbHKDRYOk6
nnhOEdJxDkvPfSg61qF9UHM3EyPOZ7gq73gPOct59ccL0v8+tENGtg49X2W/Hlx2
OMd+XJHW2nmyvoWlDq9Z1bavuupwlI2bOhOIL309+BpTJStHWyWE6Sv4088CAwEA
ATANBgkqhkiG9w0BAQUFAAOCAQEABWrPo8k4BCbRoZnGTZtlO5fyeDDK97u7gyjZ
RXVP0bxk3FrCRXW3cWtqkZQjlxOxQ99doT6stnJiaRiLwBlI6JSjfRS2/xb4aS8h
12PhehzrrQhF33/JVV378JptCjPV70goKct3PB3g4lxQDNmpS2bHnpZjdfQkR33q
RWdYdUtEyF4Kmi0D0fzTQEwcVWpSwjpyxW1nVBSstIlg/qLpzXQYkfYu4/2M/17z
n0w5o4DuuDEr2cOSbqa1rp06IJkHc0B2bjeCbnkQXp2x5HBrZHel12AzujGHE83R
7yTyU7SkjpQJs0DH2uw2admvCaduf8tszZ2UXrbO9r+frK44PQ==
-----END CERTIFICATE-----
');
INSERT INTO "cert" VALUES('0000000000000001','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyMDAyNTc0NFoXDTEzMDcyMDAyNTc0NFowDzENMAsG
A1UEAxMEMS8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOXp2VvO
sIpiLl6da9dRvuxjfDHY5yQOlj4DrN/zrVwVM5Wl+4mwafbORmY5d6vLNSLgvu1s
jdlRe0herBzs707YcN/z9XTk+mfxyy1vhWVl9LeqBRLMgoTGYHMLyuKIT6xVFlHd
ECfsC2vjLBzKPjmMSduTjsxkAjm72dfOw51+KJ7Nd0kAeevR7H882Z6yPfvUOuPC
zEQhqAurV0ujuUqjVFzx1OkZNS1yme3cMJWXfg11JpFYIwc9G641vzrAfiOtQnjd
gq0v2eHJMmphLB0cXvf5wop41r5ClxEi/YgZfak5FLNjh5G0uJSG3si1rl4CCTnc
Hz6G1YMCnto8FMkCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAXIVyAqtoy0239HSc
zENpdWL9tmCiYk3sgBqAhmBtxBVOvflcLhA8IIEaiI07LOHXfIZVxkX1D6agFc4B
R/lltDVnjglGa9L7R5eFF9BtlCXyM+bBYzMnCH7yyw4TNspZg2quaOyFETb46pNL
g5FwMZxxtWb2+ehROBnk3VtuDA/0vLW3qQMf8dArtObsp4uj2ZAjUJ9+liBbwsar
wTPVCqnohPFNwEG0g67D5yHD5WinJpRJ7X12m853oSNz6C1Pcna1yb3u9zKOAto5
Iue82Lm/e0U2xPBegIgwwQFbSuAr1HUnmFiV2/KoNW8tFnjYoXRy5nPXoHiCMyCE
jreVUg==
INSERT INTO "cert" VALUES('0000000000000001','foo@example.com','-----BEGIN CERTIFICATE-----
MIICwTCCAakCAQAwDQYJKoZIhvcNAQEFBQAwPjEaMBgGA1UEAwwRcmU2c3QuZXhh
bXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEXJlNnN0QGV4YW1wbGUuY29tMB4XDTEy
MDkwNjEyNDY1OVoXDTEzMDkwNjEyNDY1OVowDzENMAsGA1UEAxMEMS8xNjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMBm39B1mHqMnb31Eig/FhcWJOva
AMfYwrxcuLWfM0orX+4M0Qj3Loqpg7Cktzj7TOMCxhdw7cTyoVTAQX0RVFk+jmsY
OD7RGZGUB7Wa3+DG/vhEbPcq5SuQMls/VhNOhw1clgBGDg6bprdNyTJGVlxAzioZ
h9m20RHjEiZFiFjd5EZrUUnV6PNAXS4SNF9GQ360Pfh+/agGliCM9XBRq2zqD0+b
my5RwYKMGvQeeQsK5K4O2PAivel87YGtGQtqfXaKDpVXRxCUPyBj/irSE2xv/IL3
BiMTR2FEUegzPtGs1ryBXx9bls6D6Y6v9+KtKHs4icADtKRyUN/AKhUOafcCAwEA
ATANBgkqhkiG9w0BAQUFAAOCAQEAE66CsCulIbugAKWTKCACnvDvcbBBjRZooPnQ
JYnqVrNUFFvpuwpdAD1ke5mfvjCwDhE+eFPuWAFJfy7HHdRtA+aK8lMQld8hr0sh
enfwlpOuxNSbxqHMlnZ9vKVE2Zrw87dl6W4fDqpDlWSvtoKfiYBa6MRg3IdAMoDI
4+fA6AIbxdiNNXw7BvNwma4PGEpsqD3wE4/xNrVpbXc+d20N8Xhexf6NFtTlwwQh
XNayeySHlZMk41CMnjbk9tMSr1HAQVYYA/Wf1Ryy3Nz46nawYFMtdafRTj/Xzs6A
tDtF1kiAUNECGbjLY0xTKm5kWCyl1bIFFcXQu8z3aHZk9UzBRQ==
-----END CERTIFICATE-----
');
INSERT INTO "cert" VALUES('0000000000000010','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyMzA5MDU1NVoXDTEzMDcyMzA5MDU1NVowDzENMAsG
A1UEAxMEMi8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKqbrhL/
yPlfnh+floUyX9yjk61fXzQD/FymcypFcs+6cNyOxzx2o1JiLOh9ETb9tXrsZ+ZC
pj21Sy/+aEWtAbrRwtLeomU+AbOKB3r3Ln5TnCXc4YFOVuul+yNz6pRrO0qtV5Fx
vmHFynpojPnWOPkIhEXYgnBvpHouDvM/u3Ljs0aGGNgb2BNwnZfncQwtmsaoekCe
V0aao3cxbkg6OmQKVbjfdUb9ditHhv8T4ssNo89UVwfnOsdM60kLhqMNbyI0b51X
s5/TwRxHzNr3i15DeAMKUm534zrnU99z6ba6WnSmLANPR43h3otsljJtU7XHUt3Q
J6CkynVfHclUhvECAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgd4aA37+Rhcw0CCt
3sci74/oN5WZz7zNGhHEkZXTuLCm64h1Z74U0aHO24Kje/fhyha8+3hBXJCHre3V
rDgWQfmZZ+NBwSpo94KNqs4gidBUf1ihEswCTz2qnoJovNjsMUJjUUhiJre8zjag
bbjET40XSBxbmf420tU0q6/hYTN1rboEFIu35QVjH+Gaw35BYSqUUzAyxk1eTEDe
EbxtMvBXCYE2TMKhdTwXa5Rj3oUsirwvKVpre/nmBLdTlXleEP1ALf9RAHCn9XzV
4rzIiGy4zJtgQLBRh66OlweGC+LUSQc2GRDqBBTo5yGnBckkaw3tCIVT4sMJP4mZ
ja8FPA==
INSERT INTO "cert" VALUES('0000000000000010','foo@example.com','-----BEGIN CERTIFICATE-----
MIICwTCCAakCAQAwDQYJKoZIhvcNAQEFBQAwPjEaMBgGA1UEAwwRcmU2c3QuZXhh
bXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEXJlNnN0QGV4YW1wbGUuY29tMB4XDTEy
MDkwNjEyNDcxMVoXDTEzMDkwNjEyNDcxMVowDzENMAsGA1UEAxMEMi8xNjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPfcxv4aS8vmvC5hgXQx/51lviKt
9BaBDUr9EPwxvJoyWwDjINRhcxhXg1OhUALJu4fCGOGroE9pEvoWZRp+GOTBrTXx
f3cEN5OChyhMr0qnZZbDAeFZOtaN4rjTuIH7nONDKkC2DszWuwTBPJ+p8048Qq8M
aAjM08s5sUmvmiWA7zZbtk4RY0coci5W/uf4pnjjB0A/ZfcpBQIuSxFacAD8aDOv
8SEb/OQtX1oAlptGcUTpNS12xgs/sOhF3qqqXg3/OX6IVK1ffvc2GQd3Ovmu82e7
WgFkt031foVPe0kuj0W9zPYvjiLFL2xCBxP6TGn1iLDIDOMocZTRVFDZP+8CAwEA
ATANBgkqhkiG9w0BAQUFAAOCAQEAGeF6uzYKGErAHqFNLwP+kBuMiNBtsprrw3q/
ZGzuf19KO+6kKdL0ruxr1A82QVuoJTndJF13xuqocBIy4xKxNYR2IkK2NJuNh+XS
GAXekoO3WJFaIkuYL65td0hBpNGrxhkh67lEx8hvJU0aCoLJsvBg28T4+PHXczHN
3bJ8zWpKUSbK56PJkj8p0r05I2HnGzXFcg06rb+lbLQqRLls+oLnL94094t/mQJi
VpUFjfMgz3kQfFHDo32R2+6nn5lq7Vx33Gdj9ts9bER1ckoD5Z0mZ3soDM3am/RC
XJwpfQom2qGZNH2dBbI/8eHkZ8Zj7RQgAR2PU+6jfz9Ut9lYLg==
-----END CERTIFICATE-----
');
INSERT INTO "cert" VALUES('0000000000000011','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyMzA5MTI1NFoXDTEzMDcyMzA5MTI1NFowDzENMAsG
A1UEAxMEMy8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxbk6ar
FjOD6Vs9niPErCVxq5CBw1lo43CQ0W7CWsJoOGBLd+HikqXTTThQIJPdZdIOh8WE
UzAhnlgPtU+kPw4mx6BW3IU09VYQTTEGzxR1TAKqi29dkImD5NwzFuWAMtOpcIwd
B9SWfzZ5Uan9vCCvNopY7eC5Jkp7fd0u0oIalxCaGupCGCfQbqFSEQ2hJ5EjFwbR
zn4bnU3E5ZDDGx3EPc8XskWjleCpfABOYgxMsIVwsHCkfvtS9p9AwBgL3cZov0zt
8h5z1A+/41slYF65g9RO1oYEv/XVhbMhEHeggmS+zSRRXXilbkflD5osnqCsm3EG
MxjkTTnjcnHungMCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAQLggkWCh2d6t5t2r
vrqYMi9o4nAfcDtwK/mV0j96wqh4Xi1OMVmTScRGxKMdK6SaMsYaY6A+pPd9oRDX
Neypd7+Dvc7uC+kxrdii2nff+AE6RwS0AylrDwmjgBt5wruGO6DU4j/2l7a76KHJ
uyd1SrQy+gK2PeJwHI6FCUUU9RVJEQIYb2KdNmnvAQvyw0NQjRhGWqw1sVquPZaZ
s7gZSNSvKdXw/9FjN5kF3LtBBfMdoXJbNMLy5Pb4awowmrWLKWHptMfsbX+sWVY2
SeSpedohuRb3rFzo8jZqbc1oKDqM1pyYadXopKl7TMzltFGRnW00uJ32KuSK+ckj
T/3h7Q==
INSERT INTO "cert" VALUES('0000000000000011','bar@example.com','-----BEGIN CERTIFICATE-----
MIICwTCCAakCAQAwDQYJKoZIhvcNAQEFBQAwPjEaMBgGA1UEAwwRcmU2c3QuZXhh
bXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEXJlNnN0QGV4YW1wbGUuY29tMB4XDTEy
MDkwNjEyNDc1MloXDTEzMDkwNjEyNDc1MlowDzENMAsGA1UEAxMEMy8xNjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKqbrhL/yPlfnh+floUyX9yjk61f
XzQD/FymcypFcs+6cNyOxzx2o1JiLOh9ETb9tXrsZ+ZCpj21Sy/+aEWtAbrRwtLe
omU+AbOKB3r3Ln5TnCXc4YFOVuul+yNz6pRrO0qtV5FxvmHFynpojPnWOPkIhEXY
gnBvpHouDvM/u3Ljs0aGGNgb2BNwnZfncQwtmsaoekCeV0aao3cxbkg6OmQKVbjf
dUb9ditHhv8T4ssNo89UVwfnOsdM60kLhqMNbyI0b51Xs5/TwRxHzNr3i15DeAMK
Um534zrnU99z6ba6WnSmLANPR43h3otsljJtU7XHUt3QJ6CkynVfHclUhvECAwEA
ATANBgkqhkiG9w0BAQUFAAOCAQEAV/YApyKcnlWGUZl+RJxyT58Db3Wzgj223GVb
zXwx2e5cGl1ENIouDriLks9CydRifNhL2oU1SVuwHYRcQfhXukRuUXQHUjmILhSy
t+lhgQabanZ89swEEdefQi7LQ1f2N/gwe9PHmazerllW8VAf/Vgb8jukhSWObve7
JeTlfkcvKdfqTOFHHnrHSUNiCkIIEbHL4jKP8DFZb3UCFG0shoLrJz7ve68hzoKq
u7yAYtNg3W90rwUJ5Djs03BGDVTQm/GnNIpeBzbnyaoyq7nkvnurRkgKGS98dbhQ
qS36+1DwuPlUl9IJsAW3kwvxEgu/lZbwXf+30oaVzJVRAjGx4A==
-----END CERTIFICATE-----
');
INSERT INTO "cert" VALUES('0000000000000100','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyNTA1MjczMFoXDTEzMDcyNTA1MjczMFowDzENMAsG
A1UEAxMENC8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOQojOvz
vmlyLp4IlahST3CEI121TuRpsscFT5ojapFwKLtcQkYFNo+IsXqrSNXQV4IC1yNx
7Q2U7KCpPkI4iNjip7xYmaEUWG34TirOnwBBYx83jqthuJG+m+Gctq2OeUA8EXAQ
oJO/gcD0OFxu32xLkqH8gq843EfRVBTs5mQuiHmc+zXVjtIfAPEwFNx0TaSUmDxo
EmQjcgDsASMobendRMx76L8fkCoRPbo0D9RcqrWb5wBj+WdT9uZYuRXEpP0W1Lv6
c0sMNXHh2Z/zKDn2u/+6lczt9VHAK4MPtqcs7EkkFkSk+ZOiXkKwapvXFXGf1mEy
Be/mPc/OaPrchhECAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAEa4AdPFGhvgXZiGj
s/vLV+cCWoSw7/oxjYhJuGvKcyk/tQ9N3KwI7tH8WuNR6R53StP1L+k8Jn+wszIP
rVrMto367kgLr5eFnDC9aLUZKzqaaz/BdyPJ+pdxTWlzBJ8Ey/8epMtD4dggDw69
nXni9KKchTwLZT3kgWbrvGuCm+Td/lwF1PAmauz9PZm1BXoy4MA0yAyh8LjQYF4j
j8yohYR8fOtTbMCiubbLMy+QA7OIe5iiOGI6nNksiLY7ADgfkkB4kMw7uQe3EYnb
B8Y7Axamnw1+iC+5iYv5TVZpbtwktkP9LQcZ1HIq8gLLxagcOvysiDgQpddIUhkf
WBZmZQ==
INSERT INTO "cert" VALUES('0000000000000100','bar@example.com','-----BEGIN CERTIFICATE-----
MIICwTCCAakCAQAwDQYJKoZIhvcNAQEFBQAwPjEaMBgGA1UEAwwRcmU2c3QuZXhh
bXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEXJlNnN0QGV4YW1wbGUuY29tMB4XDTEy
MDkwNjEyNDgwM1oXDTEzMDkwNjEyNDgwM1owDzENMAsGA1UEAxMENC8xNjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANtC8H6aSr79bS+kg8UtNLoQy/mS
GjfMMvA8k069mTzzYQ1+0SUadVN00sdEjOEz+HoyhM55ipBjFhTUCe9A5RSGiMwa
axB9v/dsDqBpuUSXE8APPlEQkhFlGLjlE6OsmGI5mbiZVL/gRZ/jigxjcYuekNkB
0Vc2HLu1Mka6UksprVk/C0jMSowqRheMQtqH5BmjgLiBTCx24on8eysPRwuAZ2gI
OEs6z0k13jhzoDyp3GGBV1JbREE1GBiN97h9bTeC/ivVf1kqqioAG6QwdlZvhwo5
Q9sVWmHIw/qDgXWYV1CCIsMFsIdmNVejaSiYUI3hm9/ot9uCAMSlpSIFzY0CAwEA
ATANBgkqhkiG9w0BAQUFAAOCAQEAXeroStBs1o805hh8ICakCxdxqPXRTtSoXK4z
590x7epWsGMC0NeMVi+UxMrs0GgrYCPATBj3/dFX/utbk/qL4rRwlCJOqBRgSxqQ
QGRbIQ/5Dj/9kVxkSnWLynSjur3VUHtlG7XRU9mxHP9sUJYj+nm7ZDzJcBO0A8fH
NU08pm0RvtkqiS+MYR1VjeHpaXbLPn3kMXZjogPRCbyJ8/oY8uAjPN7DCMjc1cuz
jMzpA8nGWSXfDKfgtsFRNFcHEf1ozGH9aqtBUtWTNysb2zyMV4NpQ8R0R6UjgJpf
8eW1huxWm9bSD8PzCzaCApThGN89dvayTVibXaZVtNT0sZaBrw==
-----END CERTIFICATE-----
');
INSERT INTO "cert" VALUES('0000000000000101','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyNTA1Mjg1NloXDTEzMDcyNTA1Mjg1NlowDzENMAsG
A1UEAxMENS8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPfcxv4a
S8vmvC5hgXQx/51lviKt9BaBDUr9EPwxvJoyWwDjINRhcxhXg1OhUALJu4fCGOGr
oE9pEvoWZRp+GOTBrTXxf3cEN5OChyhMr0qnZZbDAeFZOtaN4rjTuIH7nONDKkC2
DszWuwTBPJ+p8048Qq8MaAjM08s5sUmvmiWA7zZbtk4RY0coci5W/uf4pnjjB0A/
ZfcpBQIuSxFacAD8aDOv8SEb/OQtX1oAlptGcUTpNS12xgs/sOhF3qqqXg3/OX6I
VK1ffvc2GQd3Ovmu82e7WgFkt031foVPe0kuj0W9zPYvjiLFL2xCBxP6TGn1iLDI
DOMocZTRVFDZP+8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAg+jU0OWHYuUW6LE9
qkKml7vH8EEeSVmZF82p6YdOxEQMPfhdoNKcLlDWXMPlAk9+areItd7hjhMJj0N1
SZr8+3NeEx8Yde4h21j/MSQNmOkXUppYxXFeFylA4R0EVOFxZs5mrMbaeSn7e11j
E7zUku78dTGKDCKuQLzdvywDHzo260f8CKOJ02XaWYeuVDyziCWO+HpAhdUKHJBy
pQH+TZB+jjbs5dfCaQYUZetmqYWPECx19ZcP39MocsUHveIXJ5gmBLKjU2BqT07C
0dfh38tYazsl1NeblDksKvSOSNdpwfI0DFfMvLE3OY1BiDy/0rLwOSQeKI8kHT3C
+kdkjw==
INSERT INTO "cert" VALUES('0000000000000101','baz@example.com','-----BEGIN CERTIFICATE-----
MIICwTCCAakCAQAwDQYJKoZIhvcNAQEFBQAwPjEaMBgGA1UEAwwRcmU2c3QuZXhh
bXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEXJlNnN0QGV4YW1wbGUuY29tMB4XDTEy
MDkwNjEyNDgxOVoXDTEzMDkwNjEyNDgxOVowDzENMAsGA1UEAxMENS8xNjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOXp2VvOsIpiLl6da9dRvuxjfDHY
5yQOlj4DrN/zrVwVM5Wl+4mwafbORmY5d6vLNSLgvu1sjdlRe0herBzs707YcN/z
9XTk+mfxyy1vhWVl9LeqBRLMgoTGYHMLyuKIT6xVFlHdECfsC2vjLBzKPjmMSduT
jsxkAjm72dfOw51+KJ7Nd0kAeevR7H882Z6yPfvUOuPCzEQhqAurV0ujuUqjVFzx
1OkZNS1yme3cMJWXfg11JpFYIwc9G641vzrAfiOtQnjdgq0v2eHJMmphLB0cXvf5
wop41r5ClxEi/YgZfak5FLNjh5G0uJSG3si1rl4CCTncHz6G1YMCnto8FMkCAwEA
ATANBgkqhkiG9w0BAQUFAAOCAQEAoMxpg9CQYFTv6aOaNmblgy/etBQDSZK5bDhp
j33e/xoEPTNxGvkZ+966uXF9pxVz21uUcTJjlOdSzWnN8xIBXjkubOLX9khJoZc7
yhTMBOhyurtti5/keIR1LMypgz/Fsk72DnX01kkmzhp/C5m+cQIX+Y7uio7xIWTJ
516yftcDHIJgmzn7a6nu8G6oCuU1uhWwnUQCyniwodBGAOkhXptBp2CX9S6itz/4
SJT7estAjJYmkPGiZIsZg8z6VquHGEmG+TDP9qmbdlGrPshI11dnqF8B0ozeSNWN
o1taiYL3UMPOORzgdDrPNe+W4l7BxHAF3ctJLa88PjbK39hhbw==
-----END CERTIFICATE-----
');
INSERT INTO "cert" VALUES('0000000000000110','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyNTA1MjkyNloXDTEzMDcyNTA1MjkyNlowDzENMAsG
A1UEAxMENi8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANtC8H6a
Sr79bS+kg8UtNLoQy/mSGjfMMvA8k069mTzzYQ1+0SUadVN00sdEjOEz+HoyhM55
ipBjFhTUCe9A5RSGiMwaaxB9v/dsDqBpuUSXE8APPlEQkhFlGLjlE6OsmGI5mbiZ
VL/gRZ/jigxjcYuekNkB0Vc2HLu1Mka6UksprVk/C0jMSowqRheMQtqH5BmjgLiB
TCx24on8eysPRwuAZ2gIOEs6z0k13jhzoDyp3GGBV1JbREE1GBiN97h9bTeC/ivV
f1kqqioAG6QwdlZvhwo5Q9sVWmHIw/qDgXWYV1CCIsMFsIdmNVejaSiYUI3hm9/o
t9uCAMSlpSIFzY0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAslE24ttNqKNc2Bea
wIwqii1YKSvLxLtN5aXpvj+sFwcfAcjgGc4ccputqknETKUIAZ6WcbnK3gYnx5ya
HYBS5MiJuZh4FWqrSwJLEIo36pTZvYQx8KVEu2P/lOaokzPrXp5a8Lq+bw7EdCQH
1PjK8qo11trZT4thei5lPR0HxFgDexAPQ8CwOhAXb51xIIwWXdAGla7x3MPwf7Xo
R0YNR/zjm1UGb2DMT4vzPoPSjgZNf2Gg2DfqdtcpUlzd8sMyH6c+iiR8qe/7Lpzt
KGE/vo0VZVbKrANbrfdqrn8ZQV7yB+zXlCEWfqfBy+9NymF5uncJcKHSlhmClCuR
VH8hMw==
INSERT INTO "cert" VALUES('0000000000000110','qux@example.com','-----BEGIN CERTIFICATE-----
MIICwTCCAakCAQAwDQYJKoZIhvcNAQEFBQAwPjEaMBgGA1UEAwwRcmU2c3QuZXhh
bXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEXJlNnN0QGV4YW1wbGUuY29tMB4XDTEy
MDkwNjEyNDk1N1oXDTEzMDkwNjEyNDk1N1owDzENMAsGA1UEAxMENi8xNjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/J8RTgKmHHsrhx70VJUHQx+tlw
oRT9glnSUeFquJwN0sfRs/u9ZaPnwDhwBNOEKBXw1ictHCqnVJ4DxxgkOcdTftib
FEXIdUdtMLEehrfbzZ7jJhbNHzkBsP2DfdISNP/tH09OEYuNfvfkL8BdJqi2Yc6F
i+V4DpYX9ByjJZQdAFh8ROG71eyheWImw/XJ7Bpu3FLjxyAMDl7+aLNgj8VCHlxI
ha5PSEpYyQqhyUXKM4bFI6KrT/1Zx+rkzJ0uP6j6iBPIUWqktTCvOfyjUYHNv8Gj
sKT/6bWimj3rPOoPaEDcmIqhA0GdPLuOUkh1lm+PjM0N7If0U7Hy4ZlBLLUCAwEA
ATANBgkqhkiG9w0BAQUFAAOCAQEAF05gZ8FLUoGhWHKtcsNfeAvxCd7iEGi3ilze
GikZJVUOddgaMJO/WcCcusMmdl4vsXFNzitBv+ueIxCcIMLnjBOcvtOulq+H5aok
ijt5SBfHOOmpKfzdOcg/Phhl0/oFiJtYAaYIZGGrEAAiG1iY6X/PJEWiiPgEaUKQ
F/y/sxy3syV9A1zZiVcEv1ju4adrXtJCyZN5giuR0VvEcyuA5PPpkTU1S8GaBf19
ZHyZtobDw/6U+U64dYBfWpDdZ8bSJnaueufbgGsPIIteOBeZJJzPBHYivi6rq6rR
syCrauaY43bjqe5i8ydsxVuW5CjBC4Us1/IVA7Ju7p7O9H6EeA==
-----END CERTIFICATE-----
');
INSERT INTO "cert" VALUES('0000000000000111','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyNTA1MzAwMVoXDTEzMDcyNTA1MzAwMVowDzENMAsG
A1UEAxMENy8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMBm39B1
mHqMnb31Eig/FhcWJOvaAMfYwrxcuLWfM0orX+4M0Qj3Loqpg7Cktzj7TOMCxhdw
7cTyoVTAQX0RVFk+jmsYOD7RGZGUB7Wa3+DG/vhEbPcq5SuQMls/VhNOhw1clgBG
Dg6bprdNyTJGVlxAzioZh9m20RHjEiZFiFjd5EZrUUnV6PNAXS4SNF9GQ360Pfh+
/agGliCM9XBRq2zqD0+bmy5RwYKMGvQeeQsK5K4O2PAivel87YGtGQtqfXaKDpVX
RxCUPyBj/irSE2xv/IL3BiMTR2FEUegzPtGs1ryBXx9bls6D6Y6v9+KtKHs4icAD
tKRyUN/AKhUOafcCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAOt3KUHqzkMTVsHvy
1AsD+pFwk+l0n8EF7zfACSSRLAWeh2uky8/1T0NSjIPDBwMC44m2n57QScno59mi
QCdI3eJGLHYeOOV/523vuQx3TULjoxEVhux3WkO/OrgRdRSGxyspnb9XR2ExrLXa
jwUkpa74kvFdC7n4UdSdhf5MC3CBOi8k8bs/fzIbj9oW+CtWebwe5dfBAKjHxjPy
s1PiWo8u4fp0D0ljznVEw2Z+HvfmtxKKoXMtz14fM+i05i6A70eFYWgzbv4cb1Fy
jyz1bgEdd9PUeikRRcpHNOYHQd79Q3f10wliqqxZXTB2bsdMD9NFmDnyIk4wEz3N
pAA5fw==
-----END CERTIFICATE-----
');
INSERT INTO "cert" VALUES('0000000000001000','ulysse.beaugnon@tiolive.com','-----BEGIN CERTIFICATE-----
MIICoDCCAYgCADANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJGUjEPMA0GA1UE
AwwGVlBOIENBMB4XDTEyMDcyNTA1MzIyOFoXDTEzMDcyNTA1MzIyOFowDzENMAsG
A1UEAxMEOC8xNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKrSdByu
pjlYwmw+OEcqHkZ9kNf4NFZjwxOojfJcPoC+pelK/IRxDPnZD5nLgxfFSTzQfLBn
QzzMzexzWmPj2ux3p2nhjT5/Sot40zJa6cJycLg3/g9nOZpFlhDEpyqF92KNIuY2
/r4gMZiDiRZNeyY52lnWVTjehGmYizpBU0KoSSVVSTbUJ5tA7l4bbqitb1nv9m6l
fKF/y1C7TfIbHKDRYOk6nnhOEdJxDkvPfSg61qF9UHM3EyPOZ7gq73gPOct59ccL
0v8+tENGtg49X2W/Hlx2OMd+XJHW2nmyvoWlDq9Z1bavuupwlI2bOhOIL309+BpT
JStHWyWE6Sv4088CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAoYRNTBilhwVWOl4R
xaGMtzAKs3FnYjxmh/1AZf0dFIKRPbJ+0fHrwF57oJCXGopgnbcKzqFVzg5XKhZN
09GynKpP0q7d94G077GW4e5XbNnneXs+oEYM9dVRZ2rWdWF4rHNjT6yRxH7Nimw/
9iw2r8fjdidl83zWdhGozBG5AlzuH+i1X88fKBYAR5u6m/HPm5HMUm1o3TgLB3Dt
3C6gyAKRGnvoK9B/RoeloR0Jwz4b5laPoSbH1TotJPLZEjiz8/jFbdG9xmzgS+BM
ciO5NpreBCOrRB9Z7qHf1gX2iRO4mChN7CfWQYVsr5HVqiNmeBQxDkbPx/PomRLT
rlyT1Q==
-----END CERTIFICATE-----
');
INSERT INTO "cert" VALUES('0000000000001001',NULL,NULL);
INSERT INTO "cert" VALUES('000000000000101',NULL,NULL);
INSERT INTO "cert" VALUES('00000000000011',NULL,NULL);
COMMIT;
import errno
import os
import subprocess
import logging
import utils
import logging, errno, os, subprocess
from . import utils
here = os.path.realpath(os.path.dirname(__file__))
ovpn_server = os.path.join(here, 'ovpn-server')
ovpn_client = os.path.join(here, 'ovpn-client')
ovpn_log = None
def openvpn(iface, hello_interval, encrypt, *args, **kw):
args = ['openvpn',
......@@ -17,9 +14,10 @@ def openvpn(iface, hello_interval, encrypt, *args, **kw):
'--persist-key',
'--script-security', '2',
'--ping-exit', str(4 * hello_interval),
'--log-append', os.path.join(log, '%s.log' % iface),
#'--user', 'nobody', '--group', 'nogroup',
] + list(args)
if ovpn_log:
args += '--log-append', os.path.join(ovpn_log, '%s.log' % iface),
if not encrypt:
args += '--cipher', 'none'
logging.debug('%r', args)
......@@ -60,8 +58,8 @@ def client(iface, server_address, pipe_fd, hello_interval, encrypt, *args, **kw)
return openvpn(iface, hello_interval, encrypt, *remote, **kw)
def router(network, subnet, subnet_size, interface_list,
wireless, hello_interval, verbose, pidfile, state_path, **kw):
def router(network, subnet, subnet_size, hello_interval, log_path, state_path,
pidfile, *args, **kw):
args = ['babeld',
'-C', 'redistribute local ip %s/%s le %s' % (subnet, subnet_size, subnet_size),
'-C', 'redistribute local deny',
......@@ -77,25 +75,18 @@ def router(network, subnet, subnet_size, interface_list,
#'-C', 'in ip ::/0 le %s' % network_mask,
# Don't route other addresses
'-C', 'in deny',
'-d', str(verbose),
'-h', str(hello_interval),
'-H', str(hello_interval),
'-L', os.path.join(log, 'babeld.log'),
'-L', log_path,
'-S', state_path,
'-I', pidfile,
'-s',
]
if pidfile:
args += '-I', pidfile
] + list(args)
# WKRD: babeld fails to start if pidfile already exists
else:
pidfile = '/var/run/babeld.pid'
try:
os.remove(pidfile)
except OSError, e:
if e.errno != errno.ENOENT:
raise
if wireless:
args.append('-w')
args = args + interface_list
logging.info('%r', args)
return subprocess.Popen(args, **kw)
......@@ -268,7 +268,7 @@ class TunnelManager(object):
def handlePeerEvent(self):
msg, address = self.sock.recvfrom(1<<16)
if not utils.binFromIp(address[0]).startswith(self._network):
if not (msg or utils.binFromIp(address[0]).startswith(self._network)):
return
code = ord(msg[0])
if code == 1: # answer
......
#!/usr/bin/env python
import argparse, atexit, errno, logging, os
import select, signal, sqlite3, sys, time, traceback
import atexit, errno, logging, os, select
import signal, sqlite3, sys, time, traceback
from re6st import plib, utils, db, tunnel
def ovpnArgs(optional_args, ca_path, cert_path, key_path):
# Treat openvpn arguments
if optional_args and optional_args[0] == "--":
del optional_args[0]
optional_args.append('--ca')
optional_args.append(ca_path)
optional_args.append('--cert')
optional_args.append(cert_path)
optional_args.append('--key')
optional_args.append(key_path)
return optional_args
def getConfig():
parser = utils.ArgParser(fromfile_prefix_chars='@',
......@@ -46,21 +34,24 @@ def getConfig():
" are other re6st node on the same network segment.")
_ = parser.add_argument_group('routing').add_argument
_('--babel-pidfile', metavar='PID',
_('-B', dest='babel_args', metavar='ARG', action='append', default=[],
help="Extra arguments to forward to Babel.")
_('--babel-pidfile', metavar='PID', default='/var/run/re6st-babeld.pid',
help="Specify a file to write our process id to"
" (option -I of Babel).")
_('--babel-verb', default=0, metavar='LEVEL',
help="Log level of Babel (option -d of Babel).")
_('--hello', type=int, default=15,
help="Hello interval in seconds, for both wired and wireless"
" connections. OpenVPN ping-exit option is set to 4 times the"
" hello interval. It takes between 3 and 4 times the"
" hello interval for Babel to re-establish connection with a"
" node for which the direct connection has been cut.")
_('-w', '--wireless', action='store_true',
help="Assume all interfaces are wireless (option -w of Babel).")
_ = parser.add_argument_group('tunnelling').add_argument
_('-O', dest='openvpn_args', metavar='ARG', action='append', default=[],
help="Extra arguments to forward to both server and client OpenVPN"
" subprocesses. Often used to configure verbosity.")
_('--ovpnlog', action='store_true',
help="Tell each OpenVPN subprocess to log to a dedicated file.")
_('--encrypt', action='store_true',
help='Specify that tunnels should be encrypted.')
_('--pp', nargs=2, action='append', metavar=('PORT', 'PROTO'),
......@@ -87,9 +78,6 @@ def getConfig():
" tunnel is closed if the number of client tunnels has reached"
" its maximum number (client-count).")
_('openvpn_args', nargs=argparse.REMAINDER,
help="Use pseudo-argument '--' to forward positional arguments as extra"
" arguments to both server and client OpenVPN subprocesses.")
return parser.parse_args()
......@@ -98,15 +86,19 @@ def main():
config = getConfig()
network = utils.networkFromCa(config.ca)
prefix = utils.binFromSubnet(utils.subnetFromCert(config.cert))
openvpn_args = ovpnArgs(config.openvpn_args, config.ca, config.cert,
config.key)
config.openvpn_args += (
'--ca', config.ca,
'--cert', config.cert,
'--key', config.key)
# Set logging
utils.setupLog(config.verbose, os.path.join(config.log, 're6stnet.log'))
logging.trace("Configuration:\n%r", config)
utils.makedirs(config.state)
db_path = os.path.join(config.state, 'peers.db')
plib.log = tunnel.log = config.log
if config.ovpnlog:
plib.ovpn_log = config.log
# Create and open read_only pipe to get server events
logging.info('Creating pipe for server events...')
......@@ -148,20 +140,22 @@ def main():
try:
# Init db and tunnels
peer_db = db.PeerDB(db_path, config.registry, config.key, prefix)
tunnel_manager = tunnel.TunnelManager(write_pipe, peer_db, openvpn_args,
config.hello, config.tunnel_refresh, config.client_count,
config.iface_list, network, prefix, address, ip_changed,
config.encrypt)
tunnel_manager = tunnel.TunnelManager(write_pipe, peer_db,
config.openvpn_args, config.hello, config.tunnel_refresh,
config.client_count, config.iface_list, network, prefix, address,
ip_changed, config.encrypt)
server_tunnels = {}
for x in pp:
server_tunnels.setdefault('re6stnet-' + x[1], x)
interface_list = list(tunnel_manager.free_interface_set) \
+ config.iface_list + server_tunnels.keys()
subnet = network + prefix
config.babel_args += tunnel_manager.free_interface_set
config.babel_args += config.iface_list
config.babel_args += server_tunnels
router = plib.router(network, utils.ipFromBin(subnet), len(subnet),
interface_list, config.wireless, config.hello, config.babel_verb,
config.babel_pidfile, os.path.join(config.state, 'babeld.state'))
config.hello, os.path.join(config.log, 'babeld.log'),
os.path.join(config.state, 'babeld.state'),
config.babel_pidfile, *config.babel_args)
# main loop
try:
......@@ -171,7 +165,7 @@ def main():
utils.ipFromBin(subnet, '1') if proto == pp[0][1] else None,
len(network) + len(prefix),
config.max_clients, config.dh, write_pipe, port,
proto, config.hello, config.encrypt, *openvpn_args))
proto, config.hello, config.encrypt, *config.openvpn_args))
while True:
next = tunnel_manager.next_refresh
if forwarder:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment