Skip to content

Add internal/db for handling DB SSL conns #81

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Sep 6, 2018
Merged

Add internal/db for handling DB SSL conns #81

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
728bedc
First draft of db submodule
timvaillancourt Aug 29, 2018
ffd1b63
Fix ssl certs and tests
timvaillancourt Sep 6, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
98 changes: 48 additions & 50 deletions docker/test/ssl/client.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,54 +1,52 @@
-----BEGIN CERTIFICATE-----
MIIEmjCCAoICCQD1Zv3MGWT58zANBgkqhkiG9w0BAQsFADCBjjELMAkGA1UEBhMC
TkwxFjAUBgNVBAgMDU5vb3JkIEhvbGxhbmQxEjAQBgNVBAcMCUFtc3RlcmRhbTEQ
MA4GA1UECgwHUGVyY29uYTEMMAoGA1UECwwDU1NMMRIwEAYDVQQDDAlsb2NhbGhv
c3QxHzAdBgkqhkiG9w0BCQEWEGluZm9AcGVyY29uYS5jb20wHhcNMTgwNTE3MjMz
ODU1WhcNMjEwMjEwMjMzODU1WjCBjjELMAkGA1UEBhMCTkwxFjAUBgNVBAgMDU5v
b3JkIEhvbGxhbmQxEjAQBgNVBAcMCUFtc3RlcmRhbTEQMA4GA1UECgwHUGVyY29u
YTEMMAoGA1UECwwDU1NMMRIwEAYDVQQDDAkxMjcuMC4wLjExHzAdBgkqhkiG9w0B
CQEWEGluZm9AcGVyY29uYS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD6n+IET1WIE96CLeWI15Z2/YhHa+ktozkY0+ktRH/VRMq3TzPkwoY2r9Pn
re372SDXpbrwdiwhTHglpOixMnifnDSFhQ/lPaurPD4zle55D9UB61M25Ij5Gla7
Vqtkhfis4otOuN80ty41/zOas9MmYvVPyVx5rxc7j13k5bs6LaQbQNmOL17qq82K
762RmfqeIhOwPFwBO4vxenc3k3mQ0GVSRQ++pjKZwga3AqNe3i302+6euncx/OVY
Qdwa5KzUjSQXqWrDd1YZlTJH2cW1ELi5bSZa6YJhI6+7X5LwiSpKI0yFJ/2zUJsT
De6dgep4LPEbZk+Lgwd0i5uPwVedAgMBAAEwDQYJKoZIhvcNAQELBQADggIBACV8
tE44j4sMUQoqAFbIvoPKCjhH3Br8ESKa6t4Cn4LZ1rKD+UkK9WVCNuGHKWRNdVer
xy96P+8tXa01JKxq8aOflQ69IFNiJbohQ8u8gybhtQzQUiospLxw6j2N5+lD1B/i
0pZywuTS0ogaSdyqqeCllkbEWu/O7wtdH4Za6ANIybsFj3Avd05RfkR2oouWJD43
ODytXxFLTBtPlCKibXhAtKSTRP8jI9Jdu8FWZrJVWYCWcszf8SEkCb/3M9JaSG/v
cAD8cZT+nFrv8/9Bzge4HpJsaz4OJQpsIwbcHYj1pw3hIxBuWDJiXjYV0+tSmbF6
wDMl/Y1CqnsXINVOUCm82w5iqlwo3ByZRfnhKW5C78mJpe5QnCnhg9zkhGOuZPi7
dzNzIIdvXMLOLJS2hBa/jtWXHMgG8RCTXPg+7jbV05xA+FLzbenahSCFfvcZGpOS
CiTjVuqStTbzhNqWfmy0h7q5RRz68/PnKiqYDrdb5QxquJNqQocL6kMGQVjJ8iuS
Xd87wZ+vnn9nH6jmoH+xYcE3n2f2pN10dwwl2BaSs7endKPLZYNfGO2zlWQvTkpJ
noA5INdRA9y199ip8Bdy4Y0kVKLuHLShFttTzzCNczehcasS5ZZesRWSZ2YCQm6B
stYHqjrhY8GcAae2XAqySz3eDdY9tJrhHDNbll9R
MIIESjCCAjKgAwIBAgIRAKG/1k+fiFpnx/pdBHp0Hc8wDQYJKoZIhvcNAQELBQAw
ETEPMA0GA1UEAxMGcm9vdENBMB4XDTE4MDkwNjExMDQzNloXDTIwMDMwNjExMDQz
M1owFDESMBAGA1UEAxMJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAl+Qnlg3dSlyYi34yF2D35g9PhU6o5gm3qN22pEdDTOrTEihnF6lq
XqieDAaTTYehilqSsBjdZN8uTeJQ5Dsr/g8n43y8KCQFIcpNJLldV+pNEZydCK3R
sPr4+GgWGdpmA5Za8VlRgilYNVzSmABz9LZoa33YIjMSQ0BftAFnFl6N0ikDwPuN
L1A40EaE121QeEQgUTbcWcrJ1vJkJgcSGK6blVOy1dmHL4ABoD+n1+abDsoKM1Yz
XOgci8rbNUTS6P/2j4VW+MZRnM6rFCbo7wW11IUYSyShhTJoWFMdtc7zmQdTVBlo
RhKU0Ok1QDVr6vO+3PKriUcWY0cLFRcsGwIDAQABo4GZMIGWMA4GA1UdDwEB/wQE
AwIDuDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFAaP
Vu/GKnWUUjNznMkpU7t1V8V3MB8GA1UdIwQYMBaAFNVjkwWn6aryJsRlIsOr4gFM
ISnFMCUGA1UdEQQeMByCCWxvY2FsaG9zdIIJMTI3LjAuMC4xhwR/AAABMA0GCSqG
SIb3DQEBCwUAA4ICAQCYl8SMZJlaBOyUM0VAOZDks+OICJn8PUdu5XqvFA5ATnXE
MRGP1h34R/6Vkl/jwB/+2+9zEgT1z4hZ55blyOmZFB/j/jPrlqEIkUMHK1CVC6jI
f8ubNp4MNHVoV2Cw6wLw8E/GMZIcZ4t0G9Z7kFjHh0qS5PN00zbBCj927Q2FoBc2
oybS4KVgFeD9fklYCMoETp+WWaM7dec0OBdKWyCEP3JmMHITKTipro5yf6RZDvAB
TvoGcZIsIdKnoAknMYwG4ibcyI0z6XIF6/Hy/E6XdbsnmCHGIBHbRMMvqNXz3XJa
1s/vA4MHkUF9N14MRVI8cepFMsYBZkztNylYw159b9qiHzbeUm3BrSaJzQjefqkD
cMFLJ0jcZDg8N+pyMi3vvr41HfONw8iyqis3ZAjftZ56fwoj6ap4QZI8P+M7R//X
A4r11+ldDRsJRnLi6kCJK/ta2pKGuUvFeVqDDc/wNfBUMkmUeyZ9AcNoxFNDMmZT
sEhj6mTHcKlo+BcVdYMO4FrrgXkuRS0gY82qZucHRGQh3G1QPs4di7pVCopXuWjQ
8foI+SSRFqfcdPS5ljVyLV1g+RVBJnGYQiCM/JAPokRZpimZherxsmdnAW1A/XR1
/LXHw/5upwkouzsjFTEM8g1WDwtfp3HGFnHUxVHSe2lXI/2o+DZBU/ILEpxrgQ==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA+p/iBE9ViBPegi3liNeWdv2IR2vpLaM5GNPpLUR/1UTKt08z
5MKGNq/T563t+9kg16W68HYsIUx4JaTosTJ4n5w0hYUP5T2rqzw+M5XueQ/VAetT
NuSI+RpWu1arZIX4rOKLTrjfNLcuNf8zmrPTJmL1T8lcea8XO49d5OW7Oi2kG0DZ
ji9e6qvNiu+tkZn6niITsDxcATuL8Xp3N5N5kNBlUkUPvqYymcIGtwKjXt4t9Nvu
nrp3MfzlWEHcGuSs1I0kF6lqw3dWGZUyR9nFtRC4uW0mWumCYSOvu1+S8IkqSiNM
hSf9s1CbEw3unYHqeCzxG2ZPi4MHdIubj8FXnQIDAQABAoIBAHRKBWxsh0pZtc//
jda9+eICZ96D8rErYE3l3fcUJqCFh+4ggPqvS+lKEnAYoylNqVCGZMQ4gOd+fO0y
pIm72n5s0230vNhokiQlEtOKyRlBQFvgnj8FMY0sLHxGjcZZ53YItAz1+ROTv4xs
erxYnivclOjNjOwlUwlez3lrI0GtirzHoxNrYGRk2ZL7JHJdWhwsuP8fIklYAfCe
H6wFPiqQrpVpcIYTPIE/Q+g/7OrVfBVmYVLcHOJD3IzlD81OT9FJv4SZUn7QTJsS
zsselkxbWLFGTrKLyH87215+xolnxrxYWpmeB7TCPzkN53VU7DnbbcOTR9heuPtn
30ep+J0CgYEA/Vt5RDeWeKOjx8j9cwYP5LyKyHSqrYg2yEmov9UjFM4mzVEeendM
SomT1CPcntljYZ2mG7LPEaXojpr7OtKlANmLGKD9Ft352wYwyCMKfm1aDvo+N9Rh
AB3K0kM/oiNeEpENxcbbfI07WWojccG1SPhseWhw1E+Ezfw6Fqij34MCgYEA/T0c
q8PMjImcl/BcMIOpTCjfUlbaPv+hAH/oAZnxfZrtmyb5oOipR7xvPxjnbJxKZGXN
22WjymGrPBJIB7Dfpg6ky0TlQvt/fUDF8dwpqBXrtT/v0WpV3u83rJAXWFKs9vCp
pJiHIxTgOmaGsJayU5qcJQmEpv0RZiVuNlYWIl8CgYAysW/VJ24zG0L1AZE8x5S8
hsEaFMXlzOBxONPL9mB7lDgNUtLPXDlmnJp4kuhc3FBXQszus9tcw56Bkh78iRM8
1UpQlj2tqqKIoXd3RBOgck7XulhioVr7Q/rGEXCVB5CWFHH2BbD6/eNHI8aNx113
iUVjEXOp93MyJ+qTiBCp8wKBgQDNH5xCsXXVfH4gQGycS3ltnEnQa1Oa5fsm6XQn
H+gRYtYF79sR8IN1/Pdrd6O1QR+tFR1bEohKnTRTk0dPG4D9BC2ODP9bc1YAQeBU
mY4QfbkQdnqt+WEXFFPXblvKiiVaXPQ8w+PqkbVS+Msu7NIDkF/cTEpr7N8UC0ur
ra1+JwKBgQCURFoeNDEzj6N9jm/7ci6NH4IuuQmTmMUAlYc02CLTAsmb6pB9TD7n
QVg37SZNcuU0btMkzFgU78/LbtcShzoy7fMs3tDJkanfyTMItaNp0VU1jY8HTdTd
bG/wWfC0nSx8PmZgBps1nDMtvrrj6YKGbOQ4T30wS5tWIzNhx777/Q==
MIIEowIBAAKCAQEAl+Qnlg3dSlyYi34yF2D35g9PhU6o5gm3qN22pEdDTOrTEihn
F6lqXqieDAaTTYehilqSsBjdZN8uTeJQ5Dsr/g8n43y8KCQFIcpNJLldV+pNEZyd
CK3RsPr4+GgWGdpmA5Za8VlRgilYNVzSmABz9LZoa33YIjMSQ0BftAFnFl6N0ikD
wPuNL1A40EaE121QeEQgUTbcWcrJ1vJkJgcSGK6blVOy1dmHL4ABoD+n1+abDsoK
M1YzXOgci8rbNUTS6P/2j4VW+MZRnM6rFCbo7wW11IUYSyShhTJoWFMdtc7zmQdT
VBloRhKU0Ok1QDVr6vO+3PKriUcWY0cLFRcsGwIDAQABAoIBACCfhFEaUTkzgiAT
zrZuwU/MYgwDxQsDc0r1s9C87ZuLpCH2Q441eP8zwB5dGy4/v1Zz9aWU8ZhExzE7
NpyOiPhcUPjvRYppkiCbzs3gckf7runldWTz0GHuxaK02GpdGiQTGx1TTcpjDusH
MMQs9LrOosbTlKRjy7xeCzAiTP3kpGRw0+C8ey5GJ6PxchPQVDp0ONlfUjpsPO+c
FussLv5zg0UwaI62HPuJCGYEOXF8DLKcq/0YuZjesdbyrRzJ3B4KVVsG07BOWpoc
4Rn7E45oa1nXclfAo2ivJPuNsa/77lYtJnk+/o48U1UwzysjfYvrtZ6QeJ9nNcG9
9bbSsmECgYEAxZVHZTwoEVsa9rqWFs1gBU4ZziH57Sxt42zD0uQ5cBRvtAbNqRo6
C/nnSuJEdxanPB8YRCkV2iJcsrrVY2AuEci1WJyGdCoP5LMl1DEUEYIRsot1hxL8
l0Cab2IwpHZ52hYpEfR/Zfa7G2/UBJ+sLu8IDwNqGxqljFCzmO4PSBcCgYEAxMyJ
TCPGGX8Rk6t1GoBxGl97OrsOdKNQsKgk/c91tsZKqItUGeYhx0YS29xg5uJ3WNmN
3I9LW3RyVrn2DIn1fftKe4PCvy0/bf7Wr1U2PeaD8vLgWbos7fHn0cYlJInMABV2
8QQheCOj+fhSummiwqH7OhorGQ4Y+Gnzjkqrep0CgYA5pMOflV1bMuk68lS3clOB
OLfum5r+xueIYkL/U/Yt7MhqDVIS88Pbmp0QC9NNqx4/PBMoT5RAf6XrvvZid7z5
E0VVBNV1LpBUeK+gqHDiasAfBvDS54cp2X8038CxOp9yMOTqiBpi9QjBiG6iqrLh
PntrZeOe5LdHqIO9KjbrIQKBgBaEvPUcZs+GDbHS/axRpB97a3NV8hqAkXwVUV5F
fdezKtnMT4xDG/xcVU4ZEnF42mUtR6FEOEA3u9mWn8PhiVioB2bIteEAQXDJpzEa
1AETPmfvSKKbvgZgFsGXJarfpZsg2aJMcbP4iAvTUUwJSFlzBXcphWLxjQPnw7m1
a5e1AoGBALK70cpPmDMtKp3kmmTIDVlry42rMH/vSd31uXeEuO7xGOA2ijzpgoU2
sS7sD/Rf4m+3rJ5E+ys5aWi0vffnSBcLCxXJQS0Ck4lK+hTmPucHcZKy3o/cJNEM
rhkNdLdtzhtKMwbBcKeFAHdnp+2yzFOrjbbRKFFyirWfOZ9eVoZ3
-----END RSA PRIVATE KEY-----
98 changes: 48 additions & 50 deletions docker/test/ssl/mongodb.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,54 +1,52 @@
-----BEGIN CERTIFICATE-----
MIIEmjCCAoICCQD1Zv3MGWT58jANBgkqhkiG9w0BAQsFADCBjjELMAkGA1UEBhMC
TkwxFjAUBgNVBAgMDU5vb3JkIEhvbGxhbmQxEjAQBgNVBAcMCUFtc3RlcmRhbTEQ
MA4GA1UECgwHUGVyY29uYTEMMAoGA1UECwwDU1NMMRIwEAYDVQQDDAlsb2NhbGhv
c3QxHzAdBgkqhkiG9w0BCQEWEGluZm9AcGVyY29uYS5jb20wHhcNMTgwNTE3MjMz
ODQxWhcNMjEwMjEwMjMzODQxWjCBjjELMAkGA1UEBhMCTkwxFjAUBgNVBAgMDU5v
b3JkIEhvbGxhbmQxEjAQBgNVBAcMCUFtc3RlcmRhbTEQMA4GA1UECgwHUGVyY29u
YTEMMAoGA1UECwwDU1NMMRIwEAYDVQQDDAkxMjcuMC4wLjExHzAdBgkqhkiG9w0B
CQEWEGluZm9AcGVyY29uYS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDrIdlMvrkLhm+7AQpdJ+4ZRsrTi0XC9hKVGxcXvbr47zyWw2d1YHRP2ffh
Rhb+nq+k3BxilUapQaofJF+2Ygdq9xfR6eXt/dz6RdFcRpMlQNeuhP4ak/9Gqu8O
QC+PUe5GpVUCL+vheDY3RIVJRih001r/f+ENeDpd9pYHC7QPklgLcZF9SSZulAiO
Pvc28hZ4iFkCpXCHKCuhH5FezgnFlLeeCsdSj/T8P/fmMrSwPGDMjDqC/gNoozQ2
zDMJRRdtSaeeWS+q+7MrLj4xgPFTMqY8P42/cExuKZ8tlJzC9SdBPCqsYSFs/svC
zm/gliM6PiE0PM4txu+HyAI60W0/AgMBAAEwDQYJKoZIhvcNAQELBQADggIBAEsn
/pbBlNI6DP/X9Qt1Kiy5+ba5A9IkKV3DmMf+kYHHjPHuqbQjuUtHKrm5IWdiFQBg
RmxY4UqzprSzAiN/bv/I3+FwVDXYABxhcKmBYHAzj95aAORgmJJd+HHuPUlHfbPq
/MonlDsg49j/R19jT8bp91PcUsuK2+xPQ8Xll2Bj4xlHzFYjvdPFWt7c2DrmTTcM
f/Th0MzOD9YWXmUMQ0uKAkT1mq39qn6y3I7+iHkTK2SGYV2R8HX5jsgYYj7ZQ3TP
7azMniWOYI+XkUj+1J1/j+H+WKeLMDgFGHUUwMUhKs7MNQ5jAYaGU89ATY2PNm4p
J29Spvxo9B01bLVmU7qAmaCzz3yC3YjuGU6sbmTlSkieeIT6qM9Z3ncrDb2JCMAB
Wf4g3jvsidb1OLc1+J+UUno8crlSUPDKLr5bswU73zMha53E5vhjtE46QB5zEQEa
HzDg1faoBhJGy53NzaM4WiKwCY9aggDBvvVE2sjN7ombWV4/8RNRpLKE8c3PhyT1
0hFizQhu+xIe7pTgrfERNKTaMi89UUjPNIaWaaAIitrWoOVl8cxqm/zeWBlR2W7X
xc+z5RH333kZOZvfgYvC7LrNdVKVOYPl5bDHhACG305xwaqTyA2/YuOaZWxLEgA/
id1FnGihhxE95MsePKvmX1aaIZMjIh0q99VGoCdT
MIIESjCCAjKgAwIBAgIRAKG/1k+fiFpnx/pdBHp0Hc8wDQYJKoZIhvcNAQELBQAw
ETEPMA0GA1UEAxMGcm9vdENBMB4XDTE4MDkwNjExMDQzNloXDTIwMDMwNjExMDQz
M1owFDESMBAGA1UEAxMJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAl+Qnlg3dSlyYi34yF2D35g9PhU6o5gm3qN22pEdDTOrTEihnF6lq
XqieDAaTTYehilqSsBjdZN8uTeJQ5Dsr/g8n43y8KCQFIcpNJLldV+pNEZydCK3R
sPr4+GgWGdpmA5Za8VlRgilYNVzSmABz9LZoa33YIjMSQ0BftAFnFl6N0ikDwPuN
L1A40EaE121QeEQgUTbcWcrJ1vJkJgcSGK6blVOy1dmHL4ABoD+n1+abDsoKM1Yz
XOgci8rbNUTS6P/2j4VW+MZRnM6rFCbo7wW11IUYSyShhTJoWFMdtc7zmQdTVBlo
RhKU0Ok1QDVr6vO+3PKriUcWY0cLFRcsGwIDAQABo4GZMIGWMA4GA1UdDwEB/wQE
AwIDuDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFAaP
Vu/GKnWUUjNznMkpU7t1V8V3MB8GA1UdIwQYMBaAFNVjkwWn6aryJsRlIsOr4gFM
ISnFMCUGA1UdEQQeMByCCWxvY2FsaG9zdIIJMTI3LjAuMC4xhwR/AAABMA0GCSqG
SIb3DQEBCwUAA4ICAQCYl8SMZJlaBOyUM0VAOZDks+OICJn8PUdu5XqvFA5ATnXE
MRGP1h34R/6Vkl/jwB/+2+9zEgT1z4hZ55blyOmZFB/j/jPrlqEIkUMHK1CVC6jI
f8ubNp4MNHVoV2Cw6wLw8E/GMZIcZ4t0G9Z7kFjHh0qS5PN00zbBCj927Q2FoBc2
oybS4KVgFeD9fklYCMoETp+WWaM7dec0OBdKWyCEP3JmMHITKTipro5yf6RZDvAB
TvoGcZIsIdKnoAknMYwG4ibcyI0z6XIF6/Hy/E6XdbsnmCHGIBHbRMMvqNXz3XJa
1s/vA4MHkUF9N14MRVI8cepFMsYBZkztNylYw159b9qiHzbeUm3BrSaJzQjefqkD
cMFLJ0jcZDg8N+pyMi3vvr41HfONw8iyqis3ZAjftZ56fwoj6ap4QZI8P+M7R//X
A4r11+ldDRsJRnLi6kCJK/ta2pKGuUvFeVqDDc/wNfBUMkmUeyZ9AcNoxFNDMmZT
sEhj6mTHcKlo+BcVdYMO4FrrgXkuRS0gY82qZucHRGQh3G1QPs4di7pVCopXuWjQ
8foI+SSRFqfcdPS5ljVyLV1g+RVBJnGYQiCM/JAPokRZpimZherxsmdnAW1A/XR1
/LXHw/5upwkouzsjFTEM8g1WDwtfp3HGFnHUxVHSe2lXI/2o+DZBU/ILEpxrgQ==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA6yHZTL65C4ZvuwEKXSfuGUbK04tFwvYSlRsXF726+O88lsNn
dWB0T9n34UYW/p6vpNwcYpVGqUGqHyRftmIHavcX0enl7f3c+kXRXEaTJUDXroT+
GpP/RqrvDkAvj1HuRqVVAi/r4Xg2N0SFSUYodNNa/3/hDXg6XfaWBwu0D5JYC3GR
fUkmbpQIjj73NvIWeIhZAqVwhygroR+RXs4JxZS3ngrHUo/0/D/35jK0sDxgzIw6
gv4DaKM0NswzCUUXbUmnnlkvqvuzKy4+MYDxUzKmPD+Nv3BMbimfLZScwvUnQTwq
rGEhbP7Lws5v4JYjOj4hNDzOLcbvh8gCOtFtPwIDAQABAoIBAFu1CwTUymWFXKSq
RjmJLmNragZSJrZgtWS0eTBITtlyrcX7lqmAIj1WvUh+xs8uY0FAnE2S/UlclBar
YC1JVK1SjFbSDFzji8GNY5fC6vc3sCegNV92Y7VTTAPZ4vLaOL4TE/HTcQOymCq8
LeQjWfoeyTonzUYso08sst0yolsDsIozTOOM4+KaUr9xZNsWkqJcsAKRDlORvLBL
f1BSHAVG4B15iMgSvuh9AdCeqDm+kC8pqjaW8xnvM+GvWxlKcK0EOznFxKXTVJKu
D4MaZPKw1YJvrs8i5qpgnLKeGqFzGAQQ7q5ao9FfzPihtPewdYbYGjNi3KxiYSwQ
YjGUGkkCgYEA/5htdFkVHuINTMVG1CX04Nh8QAu+o3f0O2mHsmwAtYf/z/FH5+4T
FKPEQl96kwl9ggVxW++TcWSsU+hcmlrPqBhRd4xrKPJI7ma56v+zbygKLEJippVe
WM+J+QXpnAFi2lb3H3ryT/eTdg0U3GqMrPZSeYuLfv4miCa38ScWmRMCgYEA64Eh
ESonjl6Qb0+VO7qnPcSregJ/oonRrRMV9Pa72+nTOdtGjPiMT19YM7PDXsAbOLzP
j5pdgOkcQ9bSQkX78z0A/6+wsEiq+QbjpxSoyDHFNpc176i52XJsa5VbaMJQvGSy
XN/qXVyV03oluYuOM7iNSmwKIlCySRasgzD4rKUCgYEA6q/7UKm7SvAlZih+MK3p
e8tLy0L9ePvbtfHgN2QUApstuLHDZKKlwn3c51TkJ76/D3QP8mq455WY5jKlVNWt
dptdsnesrZxKexy3+Z9wEtChBqKuEmd0ifeGqLFVH3nmWrUflDg/5k1diTfZv8nW
AbrrX89R9vlGSB3FKBjMFyECgYEAigrr5hLOku4tPYHpmNRFGbjBRshWJmEgjZHF
agyCe1ppHN3CUfmSzSe3HL8/QrfafPx3sdYq/tglYEJ4hq5dC+vzPOyv5fUCeuwl
3xcGBCrgTap+zBcbsTEYCkvHA/X6uyNPRY9e4hDWJdrQaB08YmbIMxp3Kjwg9SSc
RF4dNZ0CgYEAsj63JNkNHErb6xj+ZiYq+QdZDaJUCjvwV7Dhrx1kkFXiHQjhRHwg
W5yYEe48LHabhZDXkrkDHBOuUIbJ/7cZGKJfduZtvYv0kNk3T54C1Asej2s04ssE
5Rp+eC7qFJMRuNBou8ou/lcon53Gn4ld0m9HQO63+mrfvuXGaHoFtFQ=
MIIEowIBAAKCAQEAl+Qnlg3dSlyYi34yF2D35g9PhU6o5gm3qN22pEdDTOrTEihn
F6lqXqieDAaTTYehilqSsBjdZN8uTeJQ5Dsr/g8n43y8KCQFIcpNJLldV+pNEZyd
CK3RsPr4+GgWGdpmA5Za8VlRgilYNVzSmABz9LZoa33YIjMSQ0BftAFnFl6N0ikD
wPuNL1A40EaE121QeEQgUTbcWcrJ1vJkJgcSGK6blVOy1dmHL4ABoD+n1+abDsoK
M1YzXOgci8rbNUTS6P/2j4VW+MZRnM6rFCbo7wW11IUYSyShhTJoWFMdtc7zmQdT
VBloRhKU0Ok1QDVr6vO+3PKriUcWY0cLFRcsGwIDAQABAoIBACCfhFEaUTkzgiAT
zrZuwU/MYgwDxQsDc0r1s9C87ZuLpCH2Q441eP8zwB5dGy4/v1Zz9aWU8ZhExzE7
NpyOiPhcUPjvRYppkiCbzs3gckf7runldWTz0GHuxaK02GpdGiQTGx1TTcpjDusH
MMQs9LrOosbTlKRjy7xeCzAiTP3kpGRw0+C8ey5GJ6PxchPQVDp0ONlfUjpsPO+c
FussLv5zg0UwaI62HPuJCGYEOXF8DLKcq/0YuZjesdbyrRzJ3B4KVVsG07BOWpoc
4Rn7E45oa1nXclfAo2ivJPuNsa/77lYtJnk+/o48U1UwzysjfYvrtZ6QeJ9nNcG9
9bbSsmECgYEAxZVHZTwoEVsa9rqWFs1gBU4ZziH57Sxt42zD0uQ5cBRvtAbNqRo6
C/nnSuJEdxanPB8YRCkV2iJcsrrVY2AuEci1WJyGdCoP5LMl1DEUEYIRsot1hxL8
l0Cab2IwpHZ52hYpEfR/Zfa7G2/UBJ+sLu8IDwNqGxqljFCzmO4PSBcCgYEAxMyJ
TCPGGX8Rk6t1GoBxGl97OrsOdKNQsKgk/c91tsZKqItUGeYhx0YS29xg5uJ3WNmN
3I9LW3RyVrn2DIn1fftKe4PCvy0/bf7Wr1U2PeaD8vLgWbos7fHn0cYlJInMABV2
8QQheCOj+fhSummiwqH7OhorGQ4Y+Gnzjkqrep0CgYA5pMOflV1bMuk68lS3clOB
OLfum5r+xueIYkL/U/Yt7MhqDVIS88Pbmp0QC9NNqx4/PBMoT5RAf6XrvvZid7z5
E0VVBNV1LpBUeK+gqHDiasAfBvDS54cp2X8038CxOp9yMOTqiBpi9QjBiG6iqrLh
PntrZeOe5LdHqIO9KjbrIQKBgBaEvPUcZs+GDbHS/axRpB97a3NV8hqAkXwVUV5F
fdezKtnMT4xDG/xcVU4ZEnF42mUtR6FEOEA3u9mWn8PhiVioB2bIteEAQXDJpzEa
1AETPmfvSKKbvgZgFsGXJarfpZsg2aJMcbP4iAvTUUwJSFlzBXcphWLxjQPnw7m1
a5e1AoGBALK70cpPmDMtKp3kmmTIDVlry42rMH/vSd31uXeEuO7xGOA2ijzpgoU2
sS7sD/Rf4m+3rJ5E+ys5aWi0vffnSBcLCxXJQS0Ck4lK+hTmPucHcZKy3o/cJNEM
rhkNdLdtzhtKMwbBcKeFAHdnp+2yzFOrjbbRKFFyirWfOZ9eVoZ3
-----END RSA PRIVATE KEY-----
59 changes: 27 additions & 32 deletions docker/test/ssl/rootCA.crt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,34 +1,29 @@
-----BEGIN CERTIFICATE-----
MIIF8TCCA9mgAwIBAgIJAOJmtQN03NYeMA0GCSqGSIb3DQEBCwUAMIGOMQswCQYD
VQQGEwJOTDEWMBQGA1UECAwNTm9vcmQgSG9sbGFuZDESMBAGA1UEBwwJQW1zdGVy
ZGFtMRAwDgYDVQQKDAdQZXJjb25hMQwwCgYDVQQLDANTU0wxEjAQBgNVBAMMCWxv
Y2FsaG9zdDEfMB0GCSqGSIb3DQEJARYQaW5mb0BwZXJjb25hLmNvbTAeFw0xODA1
MTcyMzE5NTVaFw0yMTAzMDYyMzE5NTVaMIGOMQswCQYDVQQGEwJOTDEWMBQGA1UE
CAwNTm9vcmQgSG9sbGFuZDESMBAGA1UEBwwJQW1zdGVyZGFtMRAwDgYDVQQKDAdQ
ZXJjb25hMQwwCgYDVQQLDANTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDEfMB0GCSqG
SIb3DQEJARYQaW5mb0BwZXJjb25hLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
ADCCAgoCggIBAMKN8ijHhWYhtA0/FfpM/V4ybFLjHyIpfFTviJSG5kdiPI99MMtB
n+gcBY+KAdQEsTfL7RXdrG0LBT6ynTXjVneqzm/FNfYCnFgDB15aYDDp7T10dGyc
kLFXi7seZ2Uz5LufShcErSsVpW2Wj1PmtwbwweURCZMGGtYuDd5IPzt/f75gJnh/
bQsuxkEpXYnG376PaxPD2Rod9Q4WGfb0Zfyzlb/EDq6Hw07js2dT7ghuHxmrtIHz
hADuPfm71hXMHoS/yQBtRgOOq+k87Z2FjOzkNv2BTXHBsextn1mAd3P4Zz4iaE6S
Y0f7iqY631Rl2fQ9IzhKPTZIDzHU7G4u/2AAK0XYP8AiEJCRU0P6Gm0bYWj3FKH5
ebgU0ei2XSRKbgnVF7ewe+TMdG0Jvcw1aEuBp19D7FdFC0Qd4u+3pmdc/viWCp/A
HjIrrMBqev+VoWAqZ3nN62tFUEDg3HqRgg7x8U5ZDt6U2exepQ7kGzTf8mKKjVdc
aBAEghy7/b2FekrBaAmN0QT6nmn+BIJINZIaZ7edwqN2/0cRKPJgnIYxThmaNKGj
AJp3LKg9PMraoge5Pd/spJaS2vFjnGJKAFyY0Qe+D0P3qW4Dy2BMb7XqiDck0pou
8VbgKWabaJeOykkxNJKrqGwPaZANfPKwHhWpd0VFsYz2mbEuMhLsY6ZVAgMBAAGj
UDBOMB0GA1UdDgQWBBRasQU/NGG2nIbC23Mmb4u1rD52AzAfBgNVHSMEGDAWgBRa
sQU/NGG2nIbC23Mmb4u1rD52AzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUA
A4ICAQAT4JsKP5g4md7JiAPtrVWe3FJ+EMq1vKe7tkjrtk1hMg9XG3rkC/sOCjzm
7B1APsU7IBpPLSnr3CWZAZCWrv2418x9PjKUzoCmBQOvx16/WxMPfkiKeJ3Qp3Pc
xv3sQ1c2A9eMFfrJs6mP2jEXb1Lbz6dmjRR4+iuW7+2IvCDdIGvVSzlqpFpif559
RxjAwgHIrWRcZ+Z8bjaeyyj7vg62oJrBJ6lsYQVPBT7p7kC5I+0848tgRNjh+1d/
74wvwoOuoD16ksS8w73ZFwX9HJ0DBp6sFkPljNDONMsab16NT3AAv4HssNBU08i6
uJVtEFTQt6rP6qeaXNGQr+9V4lBBcOdZMXOMCHk7zJyGsbMp25I/9alCoijUEYk7
ht8tc8HCLVqS48rko4pY/ui2OTW1JTvGnvQ9i6td+Hun8yXdXeEJLhxPTPUJhZxo
Ojd1YYBRpTwhzLtFzLJI5pcbbSJSjL0uPXay408W/EGk8RrNAcDP8nTLXIbm8PVY
nXddusuP8K2OdiQL5HjOStjTVpo81s67SoNiCG4KkLsaJZOWdCOnbUR/5GxTzNli
FZcTE7A7Vfy/X7Dt0zvyOkreRf6edMKwL0A4dSjxg/zSwUY7mnmYaVVfW9k1skxO
4D1C7hgXjkbvTz9Ctm7CELDJx4gy7ZPvzz7Dxo3+I9C266L6QA==
MIIE4jCCAsqgAwIBAgIBATANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDEwZyb290
Q0EwHhcNMTgwOTA2MTEwNDM0WhcNMjAwMzA2MTEwNDM0WjARMQ8wDQYDVQQDEwZy
b290Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDqVvFpIft91o1x
ALjDQ+zoCke2daQ5tntwbDwosbiGB58Jz5p/KVwGHQvYIt5yKSzc7KN7OkTFF8Xt
QGbVY2ZHOONHHZHOtuiBPz05fE/HDPxic2MO9jN4GGTphgFDBBfaEaF0G/19Rffk
1wtB8PoOY3MU0mSTxT1q2Ka2yY2VRbvoPxo7qbhCfXuAu1cA8RmbYCWQzGsqxPC6
s7cen9C5IOhHB/osQcI7ZoSL2fkiDch8SLFBPj7W5nofjH+P4Xncm2c65tHSy4pI
hbYW44NDR9o2RS1OdD2GhS9MHBppzQGAnXM3yxsbKDyzjcxZpIjwMlxaGz97y404
8ROET8Hu7CoOK9kPA20rmhpX/3ET7kiHs2f4/BlD7xNVL74tr1Plva/C8DcCWDC8
sf1PW4RJsuwadbkMAST4MY87HknIiN4NGKE6mSlfukaKKkW1HdCY7ynpCyv3Uru3
FiD5XrphSvonZbSfcnKjYQVKEudJWyMbdoO5JX6cDIb7QP3jsKADzedwrtWBWx2Z
CxWOJPeVan/I6OfV45q3LZFAsNjK2gquOe/3WmJKpO+EspivY+Fv/32IAACmjoY/
90Szf6YUKEE1Etpj9PT2gqmFleOx51A7jg3z4wUl3KI8CTcdVlDogct+4CHiQfJU
4ajXTqd3O0qGbulQPrZuhPZWBSbVqQIDAQABo0UwQzAOBgNVHQ8BAf8EBAMCAQYw
EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU1WOTBafpqvImxGUiw6viAUwh
KcUwDQYJKoZIhvcNAQELBQADggIBAMEw6cOWi7s/6A5cMObSbbfS91yXx4tjFda/
5lJ+7gxO935pQas2ZppxVpGUZezXH5rYl8bR/xGTZ1SLDqp0mjphVp4G6VQFtonK
E9nNRuVK9jDJ41IXjWEtdgeig5Sf6hRUbwTDTBulhSviQQzo7hQUpSknMC1UNAgy
op3q1dluBaG8BWi9aZu0WL5VdxdQdTCAXSrYqmeGZlc0IgiNiebRmkQwNImnvfzb
WmrCK8rThNdXml7G/BD+m9na1OwUVoee1oohbHmxH1YsNwe1rSEBL7oAHzNi695H
QrriZWu7t7QdO5ZITGZpzmVU1nrwSB/VgPH0tBAUeZSifctNII9NuW9FS1h3Gys1
JV2cwQYVCLK9+M/VhRdSv6u+UCHE1TtZwHmSKYjcdN52pUEnWZNtlwPyrJ7cbSEj
Wrq+iZBBO9qcPg20ldYLkjv1QlOGLnVbl2K9ePTTYbUaGo0DLGlA6E2lVjoD8FvS
DQYS6qQGHCgVgOPhca8FOCxKEfMvXSzKOF9eGn0rnzsUcJbiYxNArjDDKSRSyMhD
2TfBupFV+tYM8OXBDArgk464IZnjsrT4DeQQ+WOtEm3kHo/NVhZ/6A1uV/JyQhkF
D6FSNoKvWz3LIC5v42+hvj6teAk4wC9tFk4Q76c2PQxiwY1Ur8ySVUYiIv8bETCt
nQT44DuY
-----END CERTIFICATE-----
120 changes: 120 additions & 0 deletions internal/db/db.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,120 @@
package db

import (
"crypto/tls"
"crypto/x509"
"errors"
"fmt"
"io/ioutil"
"net"
"strings"
"time"

"github.com/globalsign/mgo"
)

const appName = "percona/mongodb-backup"

func loadCaCertificate(caFile string) (*x509.CertPool, error) {
caCert, err := ioutil.ReadFile(caFile)
if err != nil {
return nil, err
}
certificates := x509.NewCertPool()
if ok := certificates.AppendCertsFromPEM(caCert); !ok {
return nil, errors.New("could not append x509 PEM certificate to pool")
}
return certificates, nil
}

func validateConnection(conn *tls.Conn, tlsConfig *tls.Config, dnsName string) error {
if err := conn.Handshake(); err != nil {
conn.Close()
return err
}

opts := x509.VerifyOptions{
CurrentTime: time.Now(),
DNSName: dnsName,
Roots: tlsConfig.RootCAs,
Intermediates: x509.NewCertPool(),
}

certs := conn.ConnectionState().PeerCertificates
for i, cert := range certs {
if i == 0 {
continue
}
opts.Intermediates.AddCert(cert)
}

_, err := certs[0].Verify(opts)
if err != nil {
conn.Close()
return err
}

return nil
}

type Config struct {
Host string
Username string
Password string
CertFile string
CAFile string
Timeout time.Duration
Insecure bool
}

func NewDialInfo(config *Config) (*mgo.DialInfo, error) {
dialInfo := &mgo.DialInfo{
AppName: appName,
Addrs: []string{config.Host},
Username: config.Username,
Password: config.Password,
Direct: true,
}
if config.Timeout > 0 {
dialInfo.Timeout = config.Timeout
}

// return early if ssl is disabled
if config.CertFile == "" && config.CAFile == "" {
return dialInfo, nil
}

tlsConfig := &tls.Config{
InsecureSkipVerify: config.Insecure,
}
if config.CertFile != "" {
certificates, err := tls.LoadX509KeyPair(config.CertFile, config.CertFile)
if err != nil {
return nil, fmt.Errorf("Cannot load key pair from '%s': %v", config.CertFile, err)
}
tlsConfig.Certificates = []tls.Certificate{certificates}
}
if config.CAFile != "" {
caCert, err := loadCaCertificate(config.CAFile)
if err != nil {
return nil, fmt.Errorf("Cannot load client CA from '%s': %s", config.CAFile, err)
}
tlsConfig.RootCAs = caCert
}
dialInfo.DialServer = func(addr *mgo.ServerAddr) (net.Conn, error) {
conn, err := tls.Dial("tcp", addr.String(), tlsConfig)
if err != nil {
return nil, err
}
if !tlsConfig.InsecureSkipVerify {
// TODO: find a way to allow .validateConnection() errors to be read
// from outside of this func
dnsName := strings.SplitN(addr.String(), ":", 2)[0]
if err := validateConnection(conn, tlsConfig, dnsName); err != nil {
return nil, err
}
}
return conn, err
}
return dialInfo, nil
}
Loading