From 5e5a4055f56053197957874f557d973cb214d1ab Mon Sep 17 00:00:00 2001 From: Heng Pan Date: Wed, 8 Nov 2023 20:06:30 +0000 Subject: [PATCH 01/12] add --insecure arg to parse_args_server --- src/py/flwr/server/app.py | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/py/flwr/server/app.py b/src/py/flwr/server/app.py index 8d1317aba403..3c18d8a44b0c 100644 --- a/src/py/flwr/server/app.py +++ b/src/py/flwr/server/app.py @@ -675,6 +675,15 @@ def _parse_args_server() -> argparse.ArgumentParser: "(meaning, a Driver API and a Fleet API), " "that clients will be able to connect to.", ) + + # Add a new argument for the `--insecure` flag + parser.add_argument( + "--insecure", + action="store_true", + help="Run the server without HTTPS. " + "By default, the server runs with HTTPS enabled. " + "Use this flag only if you understand the risks." + ) _add_args_common(parser=parser) _add_args_driver_api(parser=parser) From 36254e6c9079a5018ed6fd82d92b5682ba2b5585 Mon Sep 17 00:00:00 2001 From: Heng Pan Date: Sat, 11 Nov 2023 21:48:35 +0000 Subject: [PATCH 02/12] add insecure and certificates args for flower-server --- src/py/flwr/server/app.py | 54 ++++++++++++++++++++++++++++++++------- 1 file changed, 45 insertions(+), 9 deletions(-) diff --git a/src/py/flwr/server/app.py b/src/py/flwr/server/app.py index 3c18d8a44b0c..8568056c6eb1 100644 --- a/src/py/flwr/server/app.py +++ b/src/py/flwr/server/app.py @@ -22,6 +22,7 @@ from dataclasses import dataclass from logging import ERROR, INFO, WARN from os.path import isfile +from pathlib import Path from signal import SIGINT, SIGTERM, signal from types import FrameType from typing import List, Optional, Tuple @@ -254,6 +255,7 @@ def run_driver_api() -> None: grpc_server: grpc.Server = _run_driver_api_grpc( address=address, state_factory=state_factory, + certificates=None, ) # Graceful shutdown @@ -315,6 +317,7 @@ def run_fleet_api() -> None: fleet_server = _run_fleet_api_grpc_bidi( address=address, state_factory=state_factory, + certificates=None, ) grpc_servers.append(fleet_server) elif args.fleet_api_type == TRANSPORT_TYPE_GRPC_RERE: @@ -327,6 +330,7 @@ def run_fleet_api() -> None: fleet_server = _run_fleet_api_grpc_rere( address=address, state_factory=state_factory, + certificates=None, ) grpc_servers.append(fleet_server) else: @@ -346,7 +350,7 @@ def run_fleet_api() -> None: bckg_threads[0].join() -# pylint: disable=too-many-branches +# pylint: disable=too-many-branches, too-many-locals, too-many-statements def run_server() -> None: """Run Flower server (Driver API and Fleet API).""" log(INFO, "Starting Flower server") @@ -360,6 +364,23 @@ def run_server() -> None: host, port, is_v6 = parsed_address address = f"[{host}]:{port}" if is_v6 else f"{host}:{port}" + # Obtain certificates + if args.insecure: + certificates = None + # Check if certificates are provided + elif args.certificates: + certificates = ( + Path(args.certificates[0]).read_bytes(), # CA certificate + Path(args.certificates[1]).read_bytes(), # server certificate + Path(args.certificates[2]).read_bytes(), # server private key + ) + else: + sys.exit( + "Certificates are required unless running in insecure mode. " + "Please provide certificate paths with '--certificates' or run the server " + "in insecure mode using '--insecure' if you understand the risks." + ) + # Initialize StateFactory state_factory = StateFactory(args.database) @@ -367,6 +388,7 @@ def run_server() -> None: driver_server: grpc.Server = _run_driver_api_grpc( address=address, state_factory=state_factory, + certificates=certificates, ) grpc_servers = [driver_server] @@ -408,6 +430,7 @@ def run_server() -> None: fleet_server = _run_fleet_api_grpc_bidi( address=address, state_factory=state_factory, + certificates=certificates, ) grpc_servers.append(fleet_server) elif args.fleet_api_type == TRANSPORT_TYPE_GRPC_RERE: @@ -420,6 +443,7 @@ def run_server() -> None: fleet_server = _run_fleet_api_grpc_rere( address=address, state_factory=state_factory, + certificates=certificates, ) grpc_servers.append(fleet_server) else: @@ -490,6 +514,7 @@ def graceful_exit_handler( # type: ignore def _run_driver_api_grpc( address: str, state_factory: StateFactory, + certificates: Optional[Tuple[bytes, bytes, bytes]], ) -> grpc.Server: """Run Driver API (gRPC, request-response).""" # Create Driver API gRPC server @@ -501,7 +526,7 @@ def _run_driver_api_grpc( servicer_and_add_fn=(driver_servicer, driver_add_servicer_to_server_fn), server_address=address, max_message_length=GRPC_MAX_MESSAGE_LENGTH, - certificates=None, + certificates=certificates, ) log(INFO, "Flower ECE: Starting Driver API (gRPC-rere) on %s", address) @@ -513,6 +538,7 @@ def _run_driver_api_grpc( def _run_fleet_api_grpc_bidi( address: str, state_factory: StateFactory, + certificates: Optional[Tuple[bytes, bytes, bytes]], ) -> grpc.Server: """Run Fleet API (gRPC, bidirectional streaming).""" # DriverClientManager @@ -529,7 +555,7 @@ def _run_fleet_api_grpc_bidi( servicer_and_add_fn=(fleet_servicer, fleet_add_servicer_to_server_fn), server_address=address, max_message_length=GRPC_MAX_MESSAGE_LENGTH, - certificates=None, + certificates=certificates, ) log(INFO, "Flower ECE: Starting Fleet API (gRPC-bidi) on %s", address) @@ -541,6 +567,7 @@ def _run_fleet_api_grpc_bidi( def _run_fleet_api_grpc_rere( address: str, state_factory: StateFactory, + certificates: Optional[Tuple[bytes, bytes, bytes]], ) -> grpc.Server: """Run Fleet API (gRPC, request-response).""" # Create Fleet API gRPC server @@ -552,7 +579,7 @@ def _run_fleet_api_grpc_rere( servicer_and_add_fn=(fleet_servicer, fleet_add_servicer_to_server_fn), server_address=address, max_message_length=GRPC_MAX_MESSAGE_LENGTH, - certificates=None, + certificates=certificates, ) log(INFO, "Flower ECE: Starting Fleet API (gRPC-rere) on %s", address) @@ -675,14 +702,23 @@ def _parse_args_server() -> argparse.ArgumentParser: "(meaning, a Driver API and a Fleet API), " "that clients will be able to connect to.", ) - - # Add a new argument for the `--insecure` flag + + # Add "--insecure" and "--certificates" parser.add_argument( "--insecure", action="store_true", - help="Run the server without HTTPS. " - "By default, the server runs with HTTPS enabled. " - "Use this flag only if you understand the risks." + help="Run the server without HTTPS, regardless of whether certificate " + "paths are provided. By default, the server runs with HTTPS enabled. " + "Use this flag only if you understand the risks.", + ) + parser.add_argument( + "--certificates", + nargs=3, + metavar=("CA_CERT", "SERVER_CERT", "PRIVATE_KEY"), + type=str, + help="Paths to the CA certificate, server certificate, and server private " + "key, in that order. Note: The server can only be started without " + "certificates by enabling the `--insecure` flag.", ) _add_args_common(parser=parser) From 859ed6fdd701ceeb8ea4e3cce50751c74f4ed90a Mon Sep 17 00:00:00 2001 From: Heng Pan Date: Sun, 12 Nov 2023 16:40:24 +0000 Subject: [PATCH 03/12] update e2e/test_driver.sh --- e2e/test_driver.sh | 2 +- src/py/flwr/server/app.py | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/e2e/test_driver.sh b/e2e/test_driver.sh index 3ca95e90d321..30c804162128 100755 --- a/e2e/test_driver.sh +++ b/e2e/test_driver.sh @@ -1,7 +1,7 @@ #!/bin/bash set -e -timeout 2m flower-server --grpc-bidi --grpc-bidi-fleet-api-address 0.0.0.0:8080 & +timeout 2m flower-server --insecure --grpc-bidi --grpc-bidi-fleet-api-address 0.0.0.0:8080 & sleep 3 python client.py & diff --git a/src/py/flwr/server/app.py b/src/py/flwr/server/app.py index 8568056c6eb1..c2662472556d 100644 --- a/src/py/flwr/server/app.py +++ b/src/py/flwr/server/app.py @@ -366,6 +366,7 @@ def run_server() -> None: # Obtain certificates if args.insecure: + log(WARN, "The server will be started without HTTPS.") certificates = None # Check if certificates are provided elif args.certificates: From bf07ee30c6a7320b3cc828023e7b222bd185f040 Mon Sep 17 00:00:00 2001 From: Heng Pan Date: Wed, 15 Nov 2023 10:29:39 +0000 Subject: [PATCH 04/12] update run_driver_api and run_fleet_api --- src/py/flwr/server/app.py | 70 +++++++++++++++++++++++---------------- 1 file changed, 41 insertions(+), 29 deletions(-) diff --git a/src/py/flwr/server/app.py b/src/py/flwr/server/app.py index c2662472556d..3a8ea862fab8 100644 --- a/src/py/flwr/server/app.py +++ b/src/py/flwr/server/app.py @@ -248,6 +248,9 @@ def run_driver_api() -> None: host, port, is_v6 = parsed_address address = f"[{host}]:{port}" if is_v6 else f"{host}:{port}" + # Obtain certificates + certificates = _try_obtain_certificates(args) + # Initialize StateFactory state_factory = StateFactory(args.database) @@ -255,7 +258,7 @@ def run_driver_api() -> None: grpc_server: grpc.Server = _run_driver_api_grpc( address=address, state_factory=state_factory, - certificates=None, + certificates=certificates, ) # Graceful shutdown @@ -275,6 +278,9 @@ def run_fleet_api() -> None: event(EventType.RUN_FLEET_API_ENTER) args = _parse_args_fleet().parse_args() + # Obtain certificates + certificates = _try_obtain_certificates(args) + # Initialize StateFactory state_factory = StateFactory(args.database) @@ -317,7 +323,7 @@ def run_fleet_api() -> None: fleet_server = _run_fleet_api_grpc_bidi( address=address, state_factory=state_factory, - certificates=None, + certificates=certificates, ) grpc_servers.append(fleet_server) elif args.fleet_api_type == TRANSPORT_TYPE_GRPC_RERE: @@ -330,7 +336,7 @@ def run_fleet_api() -> None: fleet_server = _run_fleet_api_grpc_rere( address=address, state_factory=state_factory, - certificates=None, + certificates=certificates, ) grpc_servers.append(fleet_server) else: @@ -365,22 +371,7 @@ def run_server() -> None: address = f"[{host}]:{port}" if is_v6 else f"{host}:{port}" # Obtain certificates - if args.insecure: - log(WARN, "The server will be started without HTTPS.") - certificates = None - # Check if certificates are provided - elif args.certificates: - certificates = ( - Path(args.certificates[0]).read_bytes(), # CA certificate - Path(args.certificates[1]).read_bytes(), # server certificate - Path(args.certificates[2]).read_bytes(), # server private key - ) - else: - sys.exit( - "Certificates are required unless running in insecure mode. " - "Please provide certificate paths with '--certificates' or run the server " - "in insecure mode using '--insecure' if you understand the risks." - ) + certificates = _try_obtain_certificates(args) # Initialize StateFactory state_factory = StateFactory(args.database) @@ -466,6 +457,29 @@ def run_server() -> None: driver_server.wait_for_termination(timeout=1) +def _try_obtain_certificates( + args: argparse.Namespace, +) -> Optional[Tuple[bytes, bytes, bytes]]: + # Obtain certificates + if args.insecure: + log(WARN, "The server will be started without HTTPS.") + certificates = None + # Check if certificates are provided + elif args.certificates: + certificates = ( + Path(args.certificates[0]).read_bytes(), # CA certificate + Path(args.certificates[1]).read_bytes(), # server certificate + Path(args.certificates[2]).read_bytes(), # server private key + ) + else: + sys.exit( + "Certificates are required unless running in insecure mode. " + "Please provide certificate paths with '--certificates' or run the server " + "in insecure mode using '--insecure' if you understand the risks." + ) + return certificates + + def _register_exit_handlers( grpc_servers: List[grpc.Server], bckg_threads: List[threading.Thread], @@ -704,7 +718,14 @@ def _parse_args_server() -> argparse.ArgumentParser: "that clients will be able to connect to.", ) - # Add "--insecure" and "--certificates" + _add_args_common(parser=parser) + _add_args_driver_api(parser=parser) + _add_args_fleet_api(parser=parser) + + return parser + + +def _add_args_common(parser: argparse.ArgumentParser) -> None: parser.add_argument( "--insecure", action="store_true", @@ -721,15 +742,6 @@ def _parse_args_server() -> argparse.ArgumentParser: "key, in that order. Note: The server can only be started without " "certificates by enabling the `--insecure` flag.", ) - - _add_args_common(parser=parser) - _add_args_driver_api(parser=parser) - _add_args_fleet_api(parser=parser) - - return parser - - -def _add_args_common(parser: argparse.ArgumentParser) -> None: parser.add_argument( "--database", help="A string representing the path to the database " From 2db7d2ba266d0979c143898f186bfcd599787f49 Mon Sep 17 00:00:00 2001 From: Heng Pan Date: Thu, 16 Nov 2023 09:38:55 +0000 Subject: [PATCH 05/12] add e2e test --- .github/workflows/e2e.yml | 2 ++ e2e/bare-https/README.md | 3 ++ e2e/bare-https/client.py | 35 +++++++++++++++++++++++ e2e/bare-https/driver.py | 12 ++++++++ e2e/bare-https/pyproject.toml | 13 +++++++++ e2e/bare-https/server.py | 15 ++++++++++ e2e/certificates/ca.crt | 30 ++++++++++++++++++++ e2e/certificates/server.key | 52 +++++++++++++++++++++++++++++++++++ e2e/certificates/server.pem | 31 +++++++++++++++++++++ e2e/test.sh | 2 +- e2e/test_driver.sh | 11 +++++++- 11 files changed, 204 insertions(+), 2 deletions(-) create mode 100644 e2e/bare-https/README.md create mode 100644 e2e/bare-https/client.py create mode 100644 e2e/bare-https/driver.py create mode 100644 e2e/bare-https/pyproject.toml create mode 100644 e2e/bare-https/server.py create mode 100644 e2e/certificates/ca.crt create mode 100644 e2e/certificates/server.key create mode 100644 e2e/certificates/server.pem diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 6189794e8f69..5299a4d50d5e 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -60,6 +60,8 @@ jobs: include: - directory: bare + - directory: bare-https + - directory: jax - directory: pytorch diff --git a/e2e/bare-https/README.md b/e2e/bare-https/README.md new file mode 100644 index 000000000000..2b7fb953a24b --- /dev/null +++ b/e2e/bare-https/README.md @@ -0,0 +1,3 @@ +# Bare Flower testing + +This directory is used for testing Flower in a bare minimum scenario, that is, with a dummy model and dummy operations. This is mainly to test the core functionnality of Flower independently from any framework. It can easily be extendended to test more complex communication set-ups. diff --git a/e2e/bare-https/client.py b/e2e/bare-https/client.py new file mode 100644 index 000000000000..079615b63fda --- /dev/null +++ b/e2e/bare-https/client.py @@ -0,0 +1,35 @@ +import flwr as fl +import numpy as np +from pathlib import Path + + +model_params = np.array([1]) +objective = 5 + +# Define Flower client +class FlowerClient(fl.client.NumPyClient): + def get_parameters(self, config): + return model_params + + def fit(self, parameters, config): + model_params = parameters + model_params = [param * (objective/np.mean(param)) for param in model_params] + return model_params, 1, {} + + def evaluate(self, parameters, config): + model_params = parameters + loss = min(np.abs(1 - np.mean(model_params)/objective), 1) + accuracy = 1 - loss + return loss, 1, {"accuracy": accuracy} + +def client_fn(cid): + return FlowerClient() + + +if __name__ == "__main__": + # Start Flower client + fl.client.start_numpy_client( + server_address="127.0.0.1:8080", + client=FlowerClient(), + root_certificates=Path("../certificates/ca.crt").read_bytes(), + ) diff --git a/e2e/bare-https/driver.py b/e2e/bare-https/driver.py new file mode 100644 index 000000000000..f2bf94ee44e2 --- /dev/null +++ b/e2e/bare-https/driver.py @@ -0,0 +1,12 @@ +import flwr as fl +from pathlib import Path + + +# Start Flower server +hist = fl.driver.start_driver( + server_address="127.0.0.1:9091", + config=fl.server.ServerConfig(num_rounds=3), + root_certificates=Path("../certificates/ca.crt").read_bytes(), +) + +assert hist.losses_distributed[-1][1] == 0 diff --git a/e2e/bare-https/pyproject.toml b/e2e/bare-https/pyproject.toml new file mode 100644 index 000000000000..9489a43195f9 --- /dev/null +++ b/e2e/bare-https/pyproject.toml @@ -0,0 +1,13 @@ +[build-system] +requires = ["poetry-core>=1.4.0"] +build-backend = "poetry.core.masonry.api" + +[tool.poetry] +name = "bare_https_test" +version = "0.1.0" +description = "HTTPS-enabled bare Federated Learning test with Flower" +authors = ["The Flower Authors "] + +[tool.poetry.dependencies] +python = "^3.8" +flwr = { path = "../../", develop = true } diff --git a/e2e/bare-https/server.py b/e2e/bare-https/server.py new file mode 100644 index 000000000000..cab7ef038b7a --- /dev/null +++ b/e2e/bare-https/server.py @@ -0,0 +1,15 @@ +import flwr as fl +from pathlib import Path + + +hist = fl.server.start_server( + server_address="127.0.0.1:8080", + config=fl.server.ServerConfig(num_rounds=3), + certificates=( + Path("../certificates/ca.crt").read_bytes(), + Path("../certificates/server.pem").read_bytes(), + Path("../certificates/server.key").read_bytes(), + ) +) + +assert hist.losses_distributed[-1][1] == 0 or (hist.losses_distributed[0][1] / hist.losses_distributed[-1][1]) >= 0.98 diff --git a/e2e/certificates/ca.crt b/e2e/certificates/ca.crt new file mode 100644 index 000000000000..ca94bd4893e7 --- /dev/null +++ b/e2e/certificates/ca.crt @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFOzCCAyOgAwIBAgIUI4Z1SFPZUIM0LS7TXUS87u0JMk4wDQYJKoZIhvcNAQEL +BQAwLTELMAkGA1UEBhMCREUxCzAJBgNVBAgMAkhIMREwDwYDVQQKDAhDQSwgSW5j +LjAeFw0yMzExMTUyMDI4NDRaFw0yNDExMTQyMDI4NDRaMC0xCzAJBgNVBAYTAkRF +MQswCQYDVQQIDAJISDERMA8GA1UECgwIQ0EsIEluYy4wggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQCVDJfeHo3p9GBRpAUIjHuBK7yxUd1xCLWei457jEO8 +B7N0yJyQ1xOAzqTfK/t7xAv8L45tHWTzJfhUVMxInES7ivSg3Zr3JB8vssONEpKK +t8CWJzh5eQY4P/qrfYhzzLLIcQwKVYd6kac1Tm0yvpArmfwpTHBpWzzkwQN3KmF2 +SG2k51bfKTcLspeJD0cKI/PUWqKLlCmZ4qvXByIIIQdNuCbu0booEjm8C4uJXD23 +SjxXSZNIRA8mRztC5AN/VJECPzu4Si9CsWlrsO5zdtc6XduXOXqbYmZgzpYDr1Tp +G7Kgsc87HDUzVd5Ec/SbBoLjInFIlrE88TmSvKC0x85HWEhQwTQv0WzxRvaty0jY +xUveTQ+2v103msgE5mddzCPecYgb0t7IpJ/9vvo4oA9PwXCy+jFVqyTCHwYg3sYT +hHSyBtYalBChZ9jdI8oj1KHt59Ft4mqT8olmATFU0of+1pwYj5LaFz/tFklLYXek +ewphcbzSgLXRcbLIKSTY6ISnMURjX++DV8DBwq4qmiEU/YkOi6iYxlV27X0p2KV9 +CkgtlDueakrParYGsy3ND+O+nIJ1nujIUme6xVoQ0qUy/KF2O11keIBn1gHYYX0n +Tw5SSxhqfmlvCs1aiVwx6BLUTT1iytG4FQwrTFkABCF5Pd0GB9zcbQMRg7VWs6X1 +mwIDAQABo1MwUTAdBgNVHQ4EFgQUEUQfIyktB1BkiiskGLSLycDFexIwHwYDVR0j +BBgwFoAUEUQfIyktB1BkiiskGLSLycDFexIwDwYDVR0TAQH/BAUwAwEB/zANBgkq +hkiG9w0BAQsFAAOCAgEAWO3LcrNZzv+RjkQYS9a72Xh1zxSsHwI/W9LemkQaGIRO +5kUoRdIJJAka5Rn5IlFi5Qoy16RZzfOTdvav9YO5D9AUZiLLwiegjnrW0g40THer +Hjc0RDXZSGF3BTqXxOQygcblulcty6+M0wBZ/HvYBCGpTbvBf+eVODXmE6XfvBSd +roA+xc3NvQoUVSyLMDgnPwCjM6vyV8g8nyM8lW+mq1NfDq8z/HzYdn0E0LNhnk1e +MubuFfHl8OEO5CXc7Z7MUpenn+ZNY/e8EjOzlSH6Qhyy/3p9evatZ/wXr682ZqKt +6GWNRRXDHZhWY980KZpeGocNwjFwop/eirbFhKfU5zw8e2KwEeFi9S0uXGDjx0oQ +g+nFC+xXGtsrQqM/9x6caEmECy3uCzw06uSu1/nLYQ5unuGOA21+tTPL97OQz5hK +bHcohzU6NdqF0rFQ/wufCvowAPww3oD7IqkFJoD8W245BnGPAb0SfZ6j8AEKgAko +r58r32ax5Axgx1QRSuR+HZX5jlF6fI4YNHe32jrBA3BXeyfwQpdOUOJTR02j4cII +hpode5GHr1zDI9W6xTaTyR3rZ5TiVR2SpZxxUNqeR70+YnoljXzluh+77AdVv7Kv +Aa1NOvuOuKW9paku3PsFsnGu783Yokjrh0V3Wez8y8HcmyFRbuTsnTWEf3Cbzbw= +-----END CERTIFICATE----- diff --git a/e2e/certificates/server.key b/e2e/certificates/server.key new file mode 100644 index 000000000000..e92e626c0bc5 --- /dev/null +++ b/e2e/certificates/server.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQC3IPN9IdJOH0rD +JGvahkZctu6BB7c3v5cvlHTebsfUY1SxeWdvgFYV00i1Btz6KBn967wAfjI+ngad +6MLhF7tqZgVkiCK5ae54qv07j2ZZVvWNA+gOMWz1yW3L7webO2VrYntFuHk1kI7j +0hc70AHdWClEhjtv4/X8oTKyQOATns1Dzuv7lwYFnOZ43HkG9NJtyxUtrms6qK/F +tcppPd0RHQe4MWEOZ4MA9Comr5N8pMzG6VcvNcZv8100Z2/RI80Y0l1mVFQ6JyWi +DGSSlIrNePBLnxQg8i9SAuQs1pCbyBJZcQwGZEWDzhsAvqXAU7+Q0gG8GsP9rAAP +dFOFNmw9HpW37wOJKV9ezvqwHFv8GILAZcNii7fOLU4FAiq1VwVz1MKcJrkX1U54 +wNdWcVuN5qm6qiwaxum0FaJuT39thitJhqh1JXziNRzEv4NEmnRlPqaLKDrBFjEr +beNUNzYt58MfM6DGFQZTeFzBKnceU699s7e+VXYhQqClx7Kzp5zcuoi+knxgaJWR +2LVgngBc88R/E9hdIw3tRsTXPuP8oC6JHfQ8RlLl1kjCG+ymx+SDop6H7StuC249 +U87gcM8fP4Etmu+jDhTUsCHmq3nTVRvZEmqWEC64rX6ozLUT7zjRH/og/QIgsQra +K/NsCOwwlGNdK/WhIzQzcxhX46fn6QIDAQABAoICAAyAaV7vgiXnKPltcRd39zG5 +I0sXtcBOigmrftb4hRfQuCVtfkw0XKwcwmfpUgiZ2DxnbWwzMUbpDtaU30jyj87R +rCiSypwRyT/fnG4Gehw7PYQk8iCV6zRUTfSQGtrUETZlgLjfwRaRCdAvtXpV1uq/ +bAHLkB8xVseqUYWtvB5axvSMGbwRMU4MygcSNgjtibgJFycJMzTL80PyByFsIb1b +V/2REWkkU+Mqx/3gGpd1wK0LnPISH7vgx0oejZmfcg7xvYKQ2zclGQKZCfyfu2IP +kYf4Ei21mtlkbSNKepDH9ci5WPLOwZgf5+QDH9mjXf6K96dZxGt65H4pmNINRxI/ +gYLwFytIisHeOKGS5hbg6v8NXPcfsRR7200MQqGXbKhZxCdG3uPwk1LqV2fS99yf +jz3nvRDQXNWGohsNzyqMt2VyRQbEEelmwDfRsypff15aChCt0HNu0rXI4OO4X0iq +TPyARp1kSbI9d0Q34R2LsaYWFZr1Dbe6X3rHRdvIuoFaTnRi59cXYoAnsuEFFAuq +NXGSohMJTS84L7/qoakE/DbXDtjIHrQRf3tdw5D/npIsHqm9viZpnov3avT92eld +qZADoNnr1MVtAfukF4yzhgMgzxVeS0DCrPri3LNX4sBr6z2FpguFPfzISK/C3sb7 +56BKGk6shNRJLXi3bQcBAoIBAQDgSkvGd5W6edR/s2T7mdqGiXM9TxnELSFRxOG6 +SJCxiLKNxsHRcPRxCFeAYTrCTzq3peX7uTEsb/fWNq9WRY76Yisg4Zd7eRTuWkcu +swvF+alx8aVQAg5bwlv/a0hnf1CikQR5mbSgvaMp9MoPF8q8FUSV7ZXyU6Y6tutY +6a2tz74G30xoMptD4wpcnHkbaVcyQPuAzttOWu4qYOtuvn0ybXC5Ctbs1XBHth3s +Q6l62eMa3R7e1RXJdfew6fiiWVEkfxihvkQQ5G14tW5Vf//xnckUHr/HYMArZURW +BrNTCBt5jlj2Cd+255VLdpSO098+sxFzwE7p/mJiF3U0cTXZAoIBAQDRBOcWsCZC +uIrTbUyHM1LzQQ5sxfdC5S+433zMFClV0tNy5kdVut/J8BnVGWcxLuisj+9KJQ/5 +Iv85mwb15Qyr8jFp3pwkbQBkiR+6/CmSWTYrNZm/5VCyEhR2NlLrlHko8wCtQtMI +iNvXTamQ8HfSsvRakw2SIWfqFvru66NLuRalBlStMYJa9v11vnTYPmd45V8tqhV+ +K7Mozwe24TKabeh8Y72G1l4V3Yynpzqv07VRk/xuIQHelPZyUbaqeYMO0xDmYBaC +ldaxVcYmamNn6iuGsgVavGa3jppflo/0TYfWDAcljLqNVZ7sw1VimqwLueXFGxH5 +1uaUn0ZsgqiRAoIBACscfMYwNDp8smi9XbqyzvsvLlRpgOVhW1cxRcYdrppBUTjJ +LHYKhSG43cDSb43r1rh4DeW9qgMFnpixODCX/CyKdAnE8u4LzwclmSsTxT6Ph49c +SE9BperjR/WndGpYYXJt93M8JSkEanllEPWnuBNA70b2PO0wQPJmOISFnhmbpcYC +Y9hfadK5sEMu3GR1cgo5zV3r5OGBvuesa3SE7uGjgZg/yiIJwKQ4EDZapxfzC6Ed +QZLJWH+5yhtaTa0/B8bBG0XzoXexwI0EKqoKiXKyxnS0mF5FbYqp02HJtexO0aEi +yFy6dyLcDqlLqLBvbyjJGKCsJT7644RBSAkFfbkCggEBAI4Msew2XFo9xoM3panA +lKAi12XPCGKbFVqj79FV5l2gQPm2TEaUEODRXwz3Da1cPt5/l1UhaQCc6y1AEXPt +bTYyC6jyk9UhiwHIOxs9ohcGsAyfidTjSHssVGGeO65Eoi7VLuGRJ5CGSjnBWvrY +oeY8nlor1C46q79oTLMwyzJ8IEqYydVGb1vYvZpWjFwl1PZRk+SZ0a+EjWavhIOh ++lz/Ut+ufTB04U4k2iFaQkUaMQC2/PfvULDvNamtpOGoYQwjHzohlUq8AENWkqqq +5NHLUDdjJsZqgbg/nuRVk5GpWyZ52CWJxYKl7LLlcVLo4QG7Hc9dvVK43M2mjRrT +lTECggEBAL0YPfIqZblIPYihmlcwJZAgaxg3aYNVwM533eizEkmafjq5nuwJAI5K +ipHaA2BlkP0sQC4gnwcbHbANwSKDAhfQbUdJFqsxsjraXZ66CSPQjhPswl1VQwPL +iIrUh8otvkDXkyyUsGPsT0ikP5Y4Sss32uSEHlOkhd52Ld5gilmCTjw991Gxp6Jm +42luiUnlwQMucR3YZFBFK+YMOkXzXhIyjDpRLiDsnCwgmSLokGpAgTx79duN7Q60 +sVZ/vqasbium/iVkLttMCdsYtACGKjXVzH7uNTy5gXBQcvGolzeOOBbFCH8SQiRe +DzNYhL6mO2B/QOWEZPjoJ3AgceHEkqg= +-----END PRIVATE KEY----- diff --git a/e2e/certificates/server.pem b/e2e/certificates/server.pem new file mode 100644 index 000000000000..8ea35406ec6a --- /dev/null +++ b/e2e/certificates/server.pem @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFajCCA1KgAwIBAgIUEaOR43jMF3DXOiW7Cr/yYlbzq7UwDQYJKoZIhvcNAQEL +BQAwLTELMAkGA1UEBhMCREUxCzAJBgNVBAgMAkhIMREwDwYDVQQKDAhDQSwgSW5j +LjAeFw0yMzExMTUyMDI4NDVaFw0yNDExMTQyMDI4NDVaMD8xCzAJBgNVBAYTAkRF +MQswCQYDVQQIDAJISDEPMA0GA1UECgwGRmxvd2VyMRIwEAYDVQQDDAlsb2NhbGhv +c3QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC3IPN9IdJOH0rDJGva +hkZctu6BB7c3v5cvlHTebsfUY1SxeWdvgFYV00i1Btz6KBn967wAfjI+ngad6MLh +F7tqZgVkiCK5ae54qv07j2ZZVvWNA+gOMWz1yW3L7webO2VrYntFuHk1kI7j0hc7 +0AHdWClEhjtv4/X8oTKyQOATns1Dzuv7lwYFnOZ43HkG9NJtyxUtrms6qK/Ftcpp +Pd0RHQe4MWEOZ4MA9Comr5N8pMzG6VcvNcZv8100Z2/RI80Y0l1mVFQ6JyWiDGSS +lIrNePBLnxQg8i9SAuQs1pCbyBJZcQwGZEWDzhsAvqXAU7+Q0gG8GsP9rAAPdFOF +Nmw9HpW37wOJKV9ezvqwHFv8GILAZcNii7fOLU4FAiq1VwVz1MKcJrkX1U54wNdW +cVuN5qm6qiwaxum0FaJuT39thitJhqh1JXziNRzEv4NEmnRlPqaLKDrBFjErbeNU +NzYt58MfM6DGFQZTeFzBKnceU699s7e+VXYhQqClx7Kzp5zcuoi+knxgaJWR2LVg +ngBc88R/E9hdIw3tRsTXPuP8oC6JHfQ8RlLl1kjCG+ymx+SDop6H7StuC249U87g +cM8fP4Etmu+jDhTUsCHmq3nTVRvZEmqWEC64rX6ozLUT7zjRH/og/QIgsQraK/Ns +COwwlGNdK/WhIzQzcxhX46fn6QIDAQABo3AwbjAsBgNVHREEJTAjgglsb2NhbGhv +c3SHEAAAAAAAAAAAAAAAAAAAAAGHBH8AAAEwHQYDVR0OBBYEFLw5D4yWbo1qaubM +EvSVqzwPQNmUMB8GA1UdIwQYMBaAFBFEHyMpLQdQZIorJBi0i8nAxXsSMA0GCSqG +SIb3DQEBCwUAA4ICAQACmQEykNsSPjaX/rfpvm4iaMudSCYZ2Ly2pFywhpcjZz// +IJEoiyo84k4PmenghRvcmU5CCY3rtRaOiNzcRMKv8+CcdMkMTcI8jVR29YIgARmu +qukgQ5DGPz0BG9nRoqS6N3rELkiQYcW6FfGQnr9zSaE+7Aq/u0o+B0P7WSr7jjsF +vEo6CljHGiYQI/e1I2XQ+/9KNBe7T24ttXl8uUMml1mg/zT4mfFMMELYaNFDwxi0 +y1TwOc2HVn8PzlH7n89eMLKypxdemrwMV/UAPDS6YjOhXlpuB15UqpjZYRJtLJOx +KEFnf5MqUnBSjulwa7cbLw1ckThLw+zt6iXTG5bJTsnmTKMk8gRuUPwOkiA0/hTT +BPYqpzdaPDEJt7/iN0g1wk9c+W2bjAhwVCEwsdZdQx+yhba8wd62Nfn0vd6h9noB +Ra5tDSBkuno18yQNFzhTU8p/3lFjJdfsCV8+O/UcoJhxG7KMPLvSZ3mSPkS3SGe3 +uwrL74GrSPEsg3Gut5xCUpY6BkthELGWSGEAtk7iAJNFyZoqLUoPulNM2IJnQ2KN +vH0xa3tNufca/IKqVHK/oA91Mgw1o08FNWMwnCBq4w798qffZoHBUHtw19Z9Uunk +Z3ZZOUbucVNQoGPPfLyffHduZjnJ+JAhMQjMKahjzQiDCpOZzZ4wy+FV3JOpfQ== +-----END CERTIFICATE----- diff --git a/e2e/test.sh b/e2e/test.sh index c1f8d3177113..35ed961b02c3 100755 --- a/e2e/test.sh +++ b/e2e/test.sh @@ -2,7 +2,7 @@ set -e case "$1" in - pandas) + pandas | bare-https) server_file="server.py" ;; *) diff --git a/e2e/test_driver.sh b/e2e/test_driver.sh index 30c804162128..7fcd6cc74066 100755 --- a/e2e/test_driver.sh +++ b/e2e/test_driver.sh @@ -1,7 +1,16 @@ #!/bin/bash set -e -timeout 2m flower-server --insecure --grpc-bidi --grpc-bidi-fleet-api-address 0.0.0.0:8080 & +case "$1" in + bare-https) + cert_arg="--certificates ../certificates/ca.crt ../certificates/server.pem ../certificates/server.key" + ;; + *) + cert_arg="--insecure" + ;; +esac + +timeout 2m flower-server $cert_arg --grpc-bidi --grpc-bidi-fleet-api-address 0.0.0.0:8080 & sleep 3 python client.py & From 18c42d7a5d722b3a2078310f0b600880fe373e6b Mon Sep 17 00:00:00 2001 From: Heng Pan Date: Thu, 16 Nov 2023 09:59:42 +0000 Subject: [PATCH 06/12] add empty simulation.py for bare-https --- e2e/bare-https/simulation.py | 1 + 1 file changed, 1 insertion(+) create mode 100644 e2e/bare-https/simulation.py diff --git a/e2e/bare-https/simulation.py b/e2e/bare-https/simulation.py new file mode 100644 index 000000000000..6bb7b92130da --- /dev/null +++ b/e2e/bare-https/simulation.py @@ -0,0 +1 @@ +# No simulation test for bare-https \ No newline at end of file From ea958f8bd498e9bd9fe701671417ec56baeb17f6 Mon Sep 17 00:00:00 2001 From: Heng Pan Date: Thu, 16 Nov 2023 10:08:12 +0000 Subject: [PATCH 07/12] update command for test_driver.sh --- .github/workflows/e2e.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 5299a4d50d5e..a5121ad71b38 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -137,7 +137,7 @@ jobs: - name: Run virtual client test run: python simulation.py - name: Run driver test - run: ./../test_driver.sh + run: ./../test_driver.sh "${{ matrix.directory }}" strategies: runs-on: ubuntu-22.04 From b824baa499aa34ec0d513a38a4c2eb95ae8c959a Mon Sep 17 00:00:00 2001 From: "Daniel J. Beutel" Date: Thu, 16 Nov 2023 14:42:44 +0100 Subject: [PATCH 08/12] Update src/py/flwr/server/app.py Co-authored-by: Taner Topal --- src/py/flwr/server/app.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/py/flwr/server/app.py b/src/py/flwr/server/app.py index 3a8ea862fab8..63c24c37a685 100644 --- a/src/py/flwr/server/app.py +++ b/src/py/flwr/server/app.py @@ -462,7 +462,7 @@ def _try_obtain_certificates( ) -> Optional[Tuple[bytes, bytes, bytes]]: # Obtain certificates if args.insecure: - log(WARN, "The server will be started without HTTPS.") + log(WARN, "Option `--insecure` was set. Starting insecure HTTP server.") certificates = None # Check if certificates are provided elif args.certificates: From 4281c0d301acd6f6d4af672487cbfe048bb6677b Mon Sep 17 00:00:00 2001 From: "Daniel J. Beutel" Date: Thu, 16 Nov 2023 14:42:59 +0100 Subject: [PATCH 09/12] Update e2e/bare-https/simulation.py Co-authored-by: Taner Topal --- e2e/bare-https/simulation.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/e2e/bare-https/simulation.py b/e2e/bare-https/simulation.py index 6bb7b92130da..b7268c98dcbc 100644 --- a/e2e/bare-https/simulation.py +++ b/e2e/bare-https/simulation.py @@ -1 +1 @@ -# No simulation test for bare-https \ No newline at end of file +# No simulation test for bare-https From 80760eda6baa1361bb414de02a6f150c3f781ec9 Mon Sep 17 00:00:00 2001 From: Heng Pan Date: Thu, 16 Nov 2023 20:06:51 +0000 Subject: [PATCH 10/12] mv cert files to bare-https --- e2e/bare-https/certificate.conf | 20 ++++++++++ e2e/bare-https/certificates/ca.crt | 30 ++++++++++++++ e2e/bare-https/certificates/ca.key | 52 ++++++++++++++++++++++++ e2e/bare-https/certificates/server.csr | 28 +++++++++++++ e2e/bare-https/certificates/server.key | 52 ++++++++++++++++++++++++ e2e/bare-https/certificates/server.pem | 31 +++++++++++++++ e2e/bare-https/client.py | 2 +- e2e/bare-https/driver.py | 2 +- e2e/bare-https/generate.sh | 55 ++++++++++++++++++++++++++ e2e/bare-https/server.py | 6 +-- e2e/certificates/ca.crt | 30 -------------- e2e/certificates/server.key | 52 ------------------------ e2e/certificates/server.pem | 31 --------------- e2e/test_driver.sh | 2 +- 14 files changed, 274 insertions(+), 119 deletions(-) create mode 100644 e2e/bare-https/certificate.conf create mode 100644 e2e/bare-https/certificates/ca.crt create mode 100644 e2e/bare-https/certificates/ca.key create mode 100644 e2e/bare-https/certificates/server.csr create mode 100644 e2e/bare-https/certificates/server.key create mode 100644 e2e/bare-https/certificates/server.pem create mode 100755 e2e/bare-https/generate.sh delete mode 100644 e2e/certificates/ca.crt delete mode 100644 e2e/certificates/server.key delete mode 100644 e2e/certificates/server.pem diff --git a/e2e/bare-https/certificate.conf b/e2e/bare-https/certificate.conf new file mode 100644 index 000000000000..ea97fcbb700d --- /dev/null +++ b/e2e/bare-https/certificate.conf @@ -0,0 +1,20 @@ +[req] +default_bits = 4096 +prompt = no +default_md = sha256 +req_extensions = req_ext +distinguished_name = dn + +[dn] +C = DE +ST = HH +O = Flower +CN = localhost + +[req_ext] +subjectAltName = @alt_names + +[alt_names] +DNS.1 = localhost +IP.1 = ::1 +IP.2 = 127.0.0.1 diff --git a/e2e/bare-https/certificates/ca.crt b/e2e/bare-https/certificates/ca.crt new file mode 100644 index 000000000000..587e2fe61953 --- /dev/null +++ b/e2e/bare-https/certificates/ca.crt @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFOzCCAyOgAwIBAgIUW9q65pEqWxu53JgdJ3llySRq9rAwDQYJKoZIhvcNAQEL +BQAwLTELMAkGA1UEBhMCREUxCzAJBgNVBAgMAkhIMREwDwYDVQQKDAhDQSwgSW5j +LjAeFw0yMzExMTYyMDAzMThaFw0yNDExMTUyMDAzMThaMC0xCzAJBgNVBAYTAkRF +MQswCQYDVQQIDAJISDERMA8GA1UECgwIQ0EsIEluYy4wggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQC7usJuOKHuQja4W43VvJXliqtY8t3vbvdIVooKosTs +K7aGr9QozG2/5Vzz5190p5X22/Z7n1NZs43LDDn8yMlJ7bwUS1mb4MDkDShyRmSK +XSfeZ0OvytnwFgPBtRQZpEUb0y6lvItTxh0qDGyIjG0BJxISwjgIZhX4/NtzyUu8 +0ppKta9nAxhd88WUn0m/IDmg1G80PxkEXMMIAdjlMD1th6MVo4zSeO0SC8cCsmxr +FwCi60aNqjghEhr05fIYMdBCKMyeUJGHAVGuPkB88eUUDMt9rbn9cI1hkFoRcbfI +Lpm70sLrRYjr+6o9Ag/VnmoJnshYC5/qLenmcQUYWLdN8w9d1t7x9U+NsZiFqf1c +KEZ4b8LoxKeFcR/LCgiJg+TTcW466wZfoGnZiDqyEkOxQTvvY30e7LZ/0LRe1Xwc +E4TWFfEpZYdaccDkvDJGrMlRq1Yk9QMgSCDoA5H7nY+QTpiVwVynkFn8ejFSrPqA +/J0504nQiGQcspLocUBm78qY7tBtmfURkQ5X9ybk1BtiS5e9ectUusthL18R8Nv+ +kXaqZhZzMs1hjdpAu1fobTI5ThOIhoVwSEbRkPzZjby6qiTtZhN44IGyxn9gu9J9 +DzQctPJeL5z9VotCBaMRBnQ4923Vy8U6U6NOcvWKuh/U9i1J3ZoICRu3r8exvqnc +/wIDAQABo1MwUTAdBgNVHQ4EFgQUtzUdz0rhQ1k0x9zpk0/fxUqrPaEwHwYDVR0j +BBgwFoAUtzUdz0rhQ1k0x9zpk0/fxUqrPaEwDwYDVR0TAQH/BAUwAwEB/zANBgkq +hkiG9w0BAQsFAAOCAgEAoJ1dyr5YhnGWiy7gDI51uo46gJHRd+vd2WNlRlALswbw +tO+Bj55aDtu2gRTF3QbktXBeSezMBTexPQYZy34A8kh/4k2BhmxA8b2OnpDa9XEf +0kyr0f2XTyq+DGPCfHGswk3QTZDwz/FKLT2gq3YSNlHM7ZdilB+oILhSSVoeY+E4 +6JGj7WcYIStNLEsA1F/KPmsSbXM7rYOprTdCZ2bfMutv1JI9//xMlnDFQwcNHRBZ +AeZqV1ZjTmXdiDs2Tz12NtqfxD/XiHTqNjwDMaDA4sDKARt4xS7fr6xIAkZHVOtx +pZiBS7jomcFq8OFLNsAHHF4YPs7pICdkdD1BF7lLxgCDTHJrhwyvJN648JyhgeIc +Y7Vz7tAEP29mBGT7Wuo1OiqYuVzu5m8Xrdllqr/HCo24kiD3DpbCPDA2YdS5RGpz +RoJYnIB00bBhPGueVw9DiQ8VDeqQbm1+2LGfwmUdxLMJ+V9EJsPCBUOGpfMYggsd +mNu4WHTnL9jlN6wICfHu0RtSRIH0aeI+PFOHGek0CUa3ZgwvVHLlUjogMCAy4xH7 +gYBgueu/Q+cuA5fIHwi9Nst+EdFSD9sC6To78K//qONtv62V4lGSIWVkUpmdEKDN +0fcZkePEVOMy3SqXKd5nc8aF9Bw6uy86Y/uTju0w4A/5+Quf978PrjQwSDCJVj8= +-----END CERTIFICATE----- diff --git a/e2e/bare-https/certificates/ca.key b/e2e/bare-https/certificates/ca.key new file mode 100644 index 000000000000..3b4be83821fc --- /dev/null +++ b/e2e/bare-https/certificates/ca.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQC7usJuOKHuQja4 +W43VvJXliqtY8t3vbvdIVooKosTsK7aGr9QozG2/5Vzz5190p5X22/Z7n1NZs43L +DDn8yMlJ7bwUS1mb4MDkDShyRmSKXSfeZ0OvytnwFgPBtRQZpEUb0y6lvItTxh0q +DGyIjG0BJxISwjgIZhX4/NtzyUu80ppKta9nAxhd88WUn0m/IDmg1G80PxkEXMMI +AdjlMD1th6MVo4zSeO0SC8cCsmxrFwCi60aNqjghEhr05fIYMdBCKMyeUJGHAVGu +PkB88eUUDMt9rbn9cI1hkFoRcbfILpm70sLrRYjr+6o9Ag/VnmoJnshYC5/qLenm +cQUYWLdN8w9d1t7x9U+NsZiFqf1cKEZ4b8LoxKeFcR/LCgiJg+TTcW466wZfoGnZ +iDqyEkOxQTvvY30e7LZ/0LRe1XwcE4TWFfEpZYdaccDkvDJGrMlRq1Yk9QMgSCDo +A5H7nY+QTpiVwVynkFn8ejFSrPqA/J0504nQiGQcspLocUBm78qY7tBtmfURkQ5X +9ybk1BtiS5e9ectUusthL18R8Nv+kXaqZhZzMs1hjdpAu1fobTI5ThOIhoVwSEbR +kPzZjby6qiTtZhN44IGyxn9gu9J9DzQctPJeL5z9VotCBaMRBnQ4923Vy8U6U6NO +cvWKuh/U9i1J3ZoICRu3r8exvqnc/wIDAQABAoICAAd7ZgxmjW2ljfDDFWATaBYB +9NpSs627SnfDmzTZT+fpxhiQIXCO1UD0r0O5UQChPUTdd3Ft5DCLC3ewQQ9mIT+l +Df3xEt03k/iC3b3QOGmbVN90VipHd3AuMHAj+20aMvbs78sDPLpWBwuJ+zll/2Iw +YHQG8ZzEFNQbn9N5jl80NZoMq7T7VplIAfPudU38xs82KEh4y1J1MAC9shtQVOJs +qX9PSWmKEEjL116wJcoO3KOhpOo4gowu4IwqLf/w3FAGuEEHDQXIc6zyJjfUnEC0 +UdfseKE1Py1IR46ybZS45r+posMlvlNJcHuF/YOSEL/ZaDq6G+GFevEISB+0SXns +UAkOnRwqKXl68G3Bk3TFPEIQFrn2jmTnSduGiEeODMLwRs0bOkji5Ggw5kRIfhW2 +j6s/82PIZ7WHuG3W4XALBxMN4XEXCKBsrIvOJAKUZs3Iq4BOMcqilbNdjtvhLSdg +XbAZkLNfWI9MgoiWhhsK6kMTM+FmXG1AOd+aYZutWkwB1zifXDggaTJ73R71ieBK +Yfh15Nxk5DYXuZ0iNZwn2RD+Eaxm/D8jITVPKG+b6bJqDh5GrnLeTyROPx4cR2Us +ojAOFdfNnCBkia+t5GuEGBf0txwWMTKS33nr8Ut8a7Ol2n3ud0ilItYIoTloUUin +UDZvnpOJu/8hInZ9Gb7hAoIBAQDu33SiOHvoEElz6M67F0vP7O2OCy5HXzd9C+np +SGCHIZTwgObB7lMBe42xdHMY+Xdn+8CKRSX3LwsWpydTq8GRyp5nZVZKY/YZTvkx +viM6HRGNyK1+oClqRWFjlayg1KRkP1QArqf6AO9Noc9cH8ISsVOI7MApZVramlTn +hY8kLjdMr/WLS6OHpq0fS28+3YRzfEYIxAgvsgIknOQTXGOSnSLoY6dNSYsawoOL +zCrsdy18CJ1gE7EY+e4+UqXeRlJTLgYB+n7MVoTKTuzRFtXdJNPVbSQq4vzYV1tP +OsdZP7cCpyUUtfAKDy+IucImtbUv42Cw9DAOImkVyMht3LiLAoIBAQDJMI+PyEvI +euQmwtsyNc8zAWcsIJfdS+LDMcpaAdFVuVirGLWULf4AB3n4pAXbp7Tihi4aCbz/ +YT0dC37s6ShHyt7856mA5kmPPCoA3er0TSnSJ9VilEeW3a/ciIRM/xTuKiqyGIpd +HfyaixfLTEhrKm4vRfkFboaVBL8HdHd0xvrn/CkBQAWxdX85HwFHiVmz0Xwow6T4 +z2A5cI0lwaC7sREuPudGSNL7fNdqkoaVYW8HsxHiKK0TqScCWpVcmF9R7jYp493n +4Bq1z5kzpGKJ6glIrYcfQlsL60vqO6bQLQ1eapUtuk4qqJaJ3X64yUs7bD0WM9fz +LcFbgX8d0EfdAoIBAQDJ8Ia9jVrSuNIf9zSt3eftg7LgXntlQw253RSGbvWLx8wN +9isez8fEfRswZe3Xsy5K7f275vFNoquRHwaUKaOfCNgZOQZWJWOryaPJdaB6RJDO +eFSTs/rPKJBIjARAgwPm69KsMPs40wl7a8vNadu7ycWBAAUD+fdwzv/wKmz0fU2q +uyat9+frifDZgAAv+T08FFdwmakCCU7efPQjmftjuwwDwhtxrza2DLMAwD2ZYrdF +IFNLIdqZ7tCGR4CKBJEcWNAjZA1F2e6wyUBTEycBqVycFYR57SMsEc3TkTFuNfsV +dxBWDek719Krl76W0w61yVe4wPbPPC/yhqdKmUo5AoIBAQC0dkN/pBkd5eV6QzRc +kFmflbWWplGyJVxs29925sR/kTZQmmRdWvfHzO0CMxYyFfcxbUwy/OMza2RnBiW+ +mdEQvI9R6PZo8aevvDas+mHC6ugFYseLmhew4n7ZYPbTHccHbnlHsK2Dot8vPG6G +Y5Fd1vxomOoqjh5X0p8LL9PqwoTSy6N4RJYWvJ72fLIoGbKFkfU9l2gF6fWU8Dkb +Udg8IzKW+cN3juD4xd1v8aiYm4H9NQlohDXjOcoM2XW6Tc7KbdLVtlgYojMzO9he +syfUL0JOl6BpUJrcUR2SKBmUB6VDOHVBRCjTKM+HME93rs81qPwOS0h8D2GuE7US +5/1dAoIBAEcsx4yB14RaCSveLKWp6eyIbS3Vxk8+JKTmHFc+hpRz7qvf5JF8fxNZ +tERlw0vPyCUsokwOImf7yWnERwcUY8eKAT/MZz9vvdtabiyF2xEHQkwxIPVHpIGV +nxb+c97Z/jW/M/fvcK4m71iYvkMcOhi6M2DuiP+/GTjv9Wx6zZutUhyqjG3ms6ph +Y7SLmq7IVLawcUhwXEoNq8yH9Lq4LUgizrznyfznM97sb4mAqfzbo9NfQ0b3y4Bk +zPFD6CrDJEshilMkmELf0bkQkk3JY18qp0CE/Wb+AZzpkwbv8lOm1AN1kMGAy0fk +UPpDTwO8CwFKfZcJBu/fSzGLo7/36FE= +-----END PRIVATE KEY----- diff --git a/e2e/bare-https/certificates/server.csr b/e2e/bare-https/certificates/server.csr new file mode 100644 index 000000000000..b3cdbbf1af53 --- /dev/null +++ b/e2e/bare-https/certificates/server.csr @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIEwzCCAqsCAQAwPzELMAkGA1UEBhMCREUxCzAJBgNVBAgMAkhIMQ8wDQYDVQQK +DAZGbG93ZXIxEjAQBgNVBAMMCWxvY2FsaG9zdDCCAiIwDQYJKoZIhvcNAQEBBQAD +ggIPADCCAgoCggIBAJ9H5zYrUCxa1qJP2Hf1dFPusof+wjmGZhDDNvaDH7FGqaZU +rTi+zdsLQX2XwthyYuJitL+Wh9mi6EW6M5pLS/JAmOkMdq6Go30HAgMeOMY2g4go +qdzcjvs0GrOKhx4Rc4mTm4048pdl46RGgjY1bUilTNKxK6+9SrRdsIrUWoF9eI/l +/TvZCXtcfJ7qY9Fy00Ex5uvgOdvmDSaQ2UcRckX9CPQdbr6bWM+1/D5ibS0qXqlv +uoAReWLxkzDGSpvrDPy+ghMoS4015BVC9WKJebH6bkinVvIqPdt/D5zN9YbMQLgw +D45PinDB+nTwDUXn2Yak4E5255ehqRNeW1LkKKzrZUsUZGH8jMazLMW+AZHJGoGD +QY4M7/02XydK7SOQO3i8Oljor4sA/bLih1nE/WSMPszMj8OLLyT90zWpIdRDgSt8 +rOXPA/2yj2FOH1sqU76tfCaoGF+kxHqczIq7C6ftaFKEWnukfn/4k4fflEl8Yvg6 +ycxqB04rFQG5e4CLaXJoKPtOIBl7FttqMczsUDXjwZXrCJ/8UkizNW+vypUSR1fu +ZW2HuQo3Nudlf+IKkN4njnjW0hR7GsyPi6rz45SwMGeVn8qJV3vlDeUvRfpUC3pU +z51oUMtu57kQEp6WlNjMLvjVx2ZbtZtZjalouyQQEkRN3kpe3Qr8TnMicNObAgMB +AAGgPzA9BgkqhkiG9w0BCQ4xMDAuMCwGA1UdEQQlMCOCCWxvY2FsaG9zdIcQAAAA +AAAAAAAAAAAAAAAAAYcEfwAAATANBgkqhkiG9w0BAQsFAAOCAgEAmx1Gj8IKa4Zl +yT+a0x0/Ay02HzJXSWfqu6ExovBUKtchKzS9ndzvNW5Tvsu6+x/Inl4obmIoNO+I +SjxoVCuLU2S0JDlzX0nJBK9rZ1xZA710TSE0ofFhLqYq2B3Mv/JKPGWxZ5OapHg7 +IjN0Ln5jQhWOZwXC6wutUh0AH8GlFnMjdGwcvqosMEqbGTL8d/ZPfyFaaaqDYZrA +OQaNkV5b45RMF9N4IufG+9eNvf1cRGnZS2KswKlTgM5JQJLX4j6ng9Rd3BzDP9lE +SUB5TWion4lHGrlZ61Cfpb6pFGRpt0ApSQd8ZRq6WLTrGw/klA2MA69yzCkEbFt1 +CeYot7Pyre71zQ0JpBHXLSkkiGBwGZnsUC9z9pvZM9pKdP25jlLmrZiGvaqlAqpI +vTFNdcD00z67Htst9APKj0Clw0f14anubcYaL964PwusCyjOF3m4lAEhkXlHjfGi +EW10rYpIh21Z3TIkXT9bJ25lBONmhJenTXasRhSVnaDs1rlQP1zzJKEqQYhhMEki +mtS70iXZKqK3V9ELycUTWb2AgprP8pUIOpnT9+X8e9cyraFVDRfeGjcMmPhKnS7C +Z9YOdF4TvDnBwvIZYpFjKyB82DzO0Ug7uszqaoPEXsuWVL2gB62t/dpnsMqr6bd2 +vOdvqSTEDBFz0kRoNTlKTEKjgxRp0+E= +-----END CERTIFICATE REQUEST----- diff --git a/e2e/bare-https/certificates/server.key b/e2e/bare-https/certificates/server.key new file mode 100644 index 000000000000..6c966cd6cdb7 --- /dev/null +++ b/e2e/bare-https/certificates/server.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQCfR+c2K1AsWtai +T9h39XRT7rKH/sI5hmYQwzb2gx+xRqmmVK04vs3bC0F9l8LYcmLiYrS/lofZouhF +ujOaS0vyQJjpDHauhqN9BwIDHjjGNoOIKKnc3I77NBqzioceEXOJk5uNOPKXZeOk +RoI2NW1IpUzSsSuvvUq0XbCK1FqBfXiP5f072Ql7XHye6mPRctNBMebr4Dnb5g0m +kNlHEXJF/Qj0HW6+m1jPtfw+Ym0tKl6pb7qAEXli8ZMwxkqb6wz8voITKEuNNeQV +QvViiXmx+m5Ip1byKj3bfw+czfWGzEC4MA+OT4pwwfp08A1F59mGpOBOdueXoakT +XltS5Cis62VLFGRh/IzGsyzFvgGRyRqBg0GODO/9Nl8nSu0jkDt4vDpY6K+LAP2y +4odZxP1kjD7MzI/Diy8k/dM1qSHUQ4ErfKzlzwP9so9hTh9bKlO+rXwmqBhfpMR6 +nMyKuwun7WhShFp7pH5/+JOH35RJfGL4OsnMagdOKxUBuXuAi2lyaCj7TiAZexbb +ajHM7FA148GV6wif/FJIszVvr8qVEkdX7mVth7kKNzbnZX/iCpDeJ4541tIUexrM +j4uq8+OUsDBnlZ/KiVd75Q3lL0X6VAt6VM+daFDLbue5EBKelpTYzC741cdmW7Wb +WY2paLskEBJETd5KXt0K/E5zInDTmwIDAQABAoICAChGylSMR02v+q44eoh67Nt8 +dHCnHv3k2lJKys8zAQSW1bdVmifLN8q34eucQIzy/8Y3J3V63wdNhmZ7Wykc+Stc +4k2r9SbUrOqkpwGa1shoaII5phpPO2iSGF5mHRyhVRHo3WCskctu3E1h9vM2N1gz +VGXCn0VlHErXlhjE8c3kqGPayFol25vyGyEkK/F+k6TctYPXw0mztoeWARtTcg34 +mhcAikxwg9iiMBKmWO0e1akKs6JGyOcYJxwiSCN9IF+Y3NNzUQd4JSCrOdmc4cT7 +in+csQOzYsjqLEx+WCOp6oOow4Y83sj8hBSlzvVqVzsQ3hd5Qb66BkL7jSQ8xXvu +I/wh6T+O1Vj8FttYBKJMptqhCstWCzKSBwYqvoYuOIbGZBRn6hmd7jBcZCveIblB +s+yiJsAvbD73jZ7WDaOdbJn7PNq33LFANRkNz7NxwPdRbqh+IVobleWGr3G6Wwcx +RAZxR9pI44zh7knjv1kDQSmPCYbubRmR5qfJVW+hfpz8IQTJLBeEHUkX4WpMOfDD +PVVjStvOuBLV3igB79f7PcYiAbyVyAZ5uo75Inde91LYBhxQ/CirztD12yF5EliR +ikSWr/ibG0FnHTwJoXQrSn0kJrB6MqD3biloOhSDghIHtwYh2ZQBJ31/NdCFfcBe +VPMMtu8NFoNLS6r5q8wBAoIBAQDSgI0DQnvbxWl/OdCJFRIHXurq1xj5JGt5igI0 +GPLFOTfW+dE1wpoNuEkruzFCUyPWiFKj571e8UBJCVrqjh9nZE4tCLQge5K0Y7R0 +wNch7He1mw//tNe9ERbd568F0yCj0mQbhy6fwKJNbBrYf3DQWCV2DJcNYC0yBCrq +Tw/9jbcv81xr6Xuinac8IkSm9TwM5qK6TSUI0J5Mp+B3Kgwz37lbarY3aDX/5zBN +9cMRWMNGoPF6MNbJHp3lYjoXDb92iDvLkEtMiQZtJEhbJIauwr9s2yb3MqYanv5Q +oD5S9Su/vVL7MIy9uSsLX7SVPyRmaRtwBcHaOUBReEVQLPiBAoIBAQDBtTCo7ndV +56798jmgcMH6EX0jm+JfY2FWHIKs2L+0OlglSQOXBOR30Nb7gDaQLDVpMoRyIqSi +EgvyUr8RLyWUvadevIJudvnHI+6MvJqgN65+LqsRSAe8cm4eGU/4f9+FOd4Dwv6n +9w6VijuAa3cv/oOsSLO5pdTM0ejqCKXVn/Dvc1Xvu2UOd2Sq9pjON/yp1szeyzBo +K3F2DBQSApE5hPLsFX5JwafC4ZfEx3i70bB8Efrsx+WFIfyKtXg2b1uvI7hZWFwH +6mFpWdaPFk0zPRtSLR2CzcTHqUu7/pF8rb2UvRDskyz+JAF48xLeA/jNeqvmR9KL +GoxK1Foa054bAoIBAQCtzwkgFOgyKcmXDES8u5IcVepAqARtyv2W6DYzkBn8cOdD +cRimfB05kN2R50mgCwf/XqZlwbYiS68Z30ibfWg+tZq7IoGghIg4vE7HTGcWEqsx +X2yRZV/xM8gex+tDMvWzbsfL1w3PSH560PVFp8ydqvqbg3/BwpTuxHQu7cM1R6tn +Q1kfnTTBq8znISBwfvLrcBATJhmbMq5SexcjLavPtT3WVsFH9JsJxnmjFXbQvurW +SZO5odPnUolrWnS+jlJ167z7sxQJiOaufZPk9b7jU9g9aKK+36o5Nuij5/wuAVPz +SL7Yu1iqWtdI1+hCh1Vl3gmSsJ5EspsB6f3JWqiBAoIBAH+VNHh/oA/vqf1Otg/r +VIe9TxvOB1pmXWzXGGZ52EH/j6D3JysnqMcVwRMjTkzFIWSpRjzafm7UzhOL1pad +4/XEuGEYbhwNttQn4W3Gp11Rb1diq3+VXqsK/2ZJq7dzmafpBkaZ/xpoCa4KvsgF +gBoXW2h09hMXm0JQG0VR7s/2KT29TGO6nIPbtW05QEnK7Fp8xLEVSUvDGVbz+6Al +Gru0yj8epPA1YaZk6Y5NB0NFiCUfvpKH0q9ORESj44qO6+c98qS+Itd/0ysNZdkW +ikBuRflpB5/ooWwUIHKw5+gjktNNd8Ep6p903ZdpGgsquIu1+VSSB6VhFfgPR02W +BfMCggEBAMDQPTjS+Sx0zjxTeIsYt0e3XvxZJwpajGWxZCdssv7Fsr+A1suWiUNM +YJcSeVzdkZevvRfxEIdJ4HjMY7dRdoJzh2/k4Kj9FR+36yXYT/D0h7j5eLpG1ZI8 +dUmer+pr+bm/CrgyE5jNmTMDiqBW+DlhTqmh066hP7r26262eWrXbF1clD7m+qY5 +qUvkUAG5YSMsSxMuhDeMxXeQs7Fq6xurQz5/IX36z6wgP+PCJs7MNqNOrWkyK39b +9gALYsDH24vKKreKLRupWxJeJmwkHNAHU6L7g8X/bGXohw6CwCS+Lecuq/Ox4HFp +KcCE1zHxuL8lbpuW8CWf+mZYGbAhe9Q= +-----END PRIVATE KEY----- diff --git a/e2e/bare-https/certificates/server.pem b/e2e/bare-https/certificates/server.pem new file mode 100644 index 000000000000..a990e37fda5a --- /dev/null +++ b/e2e/bare-https/certificates/server.pem @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFajCCA1KgAwIBAgIUbDaNaPKkp8QUcJueaxBg7b+aC/owDQYJKoZIhvcNAQEL +BQAwLTELMAkGA1UEBhMCREUxCzAJBgNVBAgMAkhIMREwDwYDVQQKDAhDQSwgSW5j +LjAeFw0yMzExMTYyMDAzMjBaFw0yNDExMTUyMDAzMjBaMD8xCzAJBgNVBAYTAkRF +MQswCQYDVQQIDAJISDEPMA0GA1UECgwGRmxvd2VyMRIwEAYDVQQDDAlsb2NhbGhv +c3QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCfR+c2K1AsWtaiT9h3 +9XRT7rKH/sI5hmYQwzb2gx+xRqmmVK04vs3bC0F9l8LYcmLiYrS/lofZouhFujOa +S0vyQJjpDHauhqN9BwIDHjjGNoOIKKnc3I77NBqzioceEXOJk5uNOPKXZeOkRoI2 +NW1IpUzSsSuvvUq0XbCK1FqBfXiP5f072Ql7XHye6mPRctNBMebr4Dnb5g0mkNlH +EXJF/Qj0HW6+m1jPtfw+Ym0tKl6pb7qAEXli8ZMwxkqb6wz8voITKEuNNeQVQvVi +iXmx+m5Ip1byKj3bfw+czfWGzEC4MA+OT4pwwfp08A1F59mGpOBOdueXoakTXltS +5Cis62VLFGRh/IzGsyzFvgGRyRqBg0GODO/9Nl8nSu0jkDt4vDpY6K+LAP2y4odZ +xP1kjD7MzI/Diy8k/dM1qSHUQ4ErfKzlzwP9so9hTh9bKlO+rXwmqBhfpMR6nMyK +uwun7WhShFp7pH5/+JOH35RJfGL4OsnMagdOKxUBuXuAi2lyaCj7TiAZexbbajHM +7FA148GV6wif/FJIszVvr8qVEkdX7mVth7kKNzbnZX/iCpDeJ4541tIUexrMj4uq +8+OUsDBnlZ/KiVd75Q3lL0X6VAt6VM+daFDLbue5EBKelpTYzC741cdmW7WbWY2p +aLskEBJETd5KXt0K/E5zInDTmwIDAQABo3AwbjAsBgNVHREEJTAjgglsb2NhbGhv +c3SHEAAAAAAAAAAAAAAAAAAAAAGHBH8AAAEwHQYDVR0OBBYEFJjFdAn/zwPiic/f +SLs3z5uI3r81MB8GA1UdIwQYMBaAFLc1Hc9K4UNZNMfc6ZNP38VKqz2hMA0GCSqG +SIb3DQEBCwUAA4ICAQA4/YQK5YEkUg1WzuX2svLe6cFW5V/KFvYeNqOHeDeqAAFp +bLBUR5wA4rtMqGEoPTHfHNHBmg+mgkbF5QotnB20UIW9vb76MZ5OJgb56jxmUk74 +oKtzjRQzOYQfyuOZDQre0XBOTrxj2jA2eORBideUTGSIrCq13fXrVWLIkRrIQOoz +bBsCQ6BrxGMZ1icyWEQU/PGmWIHOnw/EqsK4m5ZeKd3jqvizbNtdaUYnSOuidp3H +kK9QphYlmpnwubJrAuv9NeO/5zvUPW3etGYyg7NwoVONxVZNcLOetRRx/FIToU+6 +OFBBsGnv4s7HIoHCOVZ6RtDQ7in2xYBojk3oUU8wRrk4oyyHBO1v/alHsuDEsg+d +R0kXpNHHk9vU7q6VkEkNjrdEmqCOhAfpEsQ+LwCv8VnX3yX1WxeDItNV4775/Sb6 +fxfMj4y9rzbEv/sejs9tD+FRkLZV8boo21q729krl4z9RpoAVQio2EggGDITn5rV ++jPJvVQg1+7f7rElVY9AHri2MTVkxFiE41IFANjVcLQjZCjrpSZgQi8U8DJLMJwY +A8GALpKR18E8otUCPoeEWpa6qY3Wr6i0JMqZkQSLukYzyGvenjuvUn36FTs7XLYs +2UEPxalmwBu1y0o5k1qrEcU4FEjYuV0fJ8li/X4bua+5pYFy3FdeL/ZPEWtGlA== +-----END CERTIFICATE----- diff --git a/e2e/bare-https/client.py b/e2e/bare-https/client.py index 079615b63fda..da04a320b1d2 100644 --- a/e2e/bare-https/client.py +++ b/e2e/bare-https/client.py @@ -31,5 +31,5 @@ def client_fn(cid): fl.client.start_numpy_client( server_address="127.0.0.1:8080", client=FlowerClient(), - root_certificates=Path("../certificates/ca.crt").read_bytes(), + root_certificates=Path("certificates/ca.crt").read_bytes(), ) diff --git a/e2e/bare-https/driver.py b/e2e/bare-https/driver.py index f2bf94ee44e2..5c44e4c641ae 100644 --- a/e2e/bare-https/driver.py +++ b/e2e/bare-https/driver.py @@ -6,7 +6,7 @@ hist = fl.driver.start_driver( server_address="127.0.0.1:9091", config=fl.server.ServerConfig(num_rounds=3), - root_certificates=Path("../certificates/ca.crt").read_bytes(), + root_certificates=Path("certificates/ca.crt").read_bytes(), ) assert hist.losses_distributed[-1][1] == 0 diff --git a/e2e/bare-https/generate.sh b/e2e/bare-https/generate.sh new file mode 100755 index 000000000000..72362656e756 --- /dev/null +++ b/e2e/bare-https/generate.sh @@ -0,0 +1,55 @@ +#!/bin/bash +# This script will generate all certificates if ca.crt does not exist + +set -e +# Change directory to the script's directory +cd "$(dirname "${BASH_SOURCE[0]}")" + +CA_PASSWORD=notsafe + +CERT_DIR=certificates + +# Generate directories if not exists +mkdir -p $CERT_DIR + +# Uncomment the below block if you want to skip certificate generation if they already exist. +# if [ -f "$CERT_DIR/ca.crt" ]; then +# echo "Skipping certificate generation as they already exist." +# exit 0 +# fi + +# Clearing any existing files in the certificates directory +rm -f $CERT_DIR/* + +# Generate the root certificate authority key and certificate based on key +openssl genrsa -out $CERT_DIR/ca.key 4096 +openssl req \ + -new \ + -x509 \ + -key $CERT_DIR/ca.key \ + -sha256 \ + -subj "/C=DE/ST=HH/O=CA, Inc." \ + -days 365 -out $CERT_DIR/ca.crt + +# Generate a new private key for the server +openssl genrsa -out $CERT_DIR/server.key 4096 + +# Create a signing CSR +openssl req \ + -new \ + -key $CERT_DIR/server.key \ + -out $CERT_DIR/server.csr \ + -config certificate.conf + +# Generate a certificate for the server +openssl x509 \ + -req \ + -in $CERT_DIR/server.csr \ + -CA $CERT_DIR/ca.crt \ + -CAkey $CERT_DIR/ca.key \ + -CAcreateserial \ + -out $CERT_DIR/server.pem \ + -days 365 \ + -sha256 \ + -extfile certificate.conf \ + -extensions req_ext diff --git a/e2e/bare-https/server.py b/e2e/bare-https/server.py index cab7ef038b7a..fcad7a3e4522 100644 --- a/e2e/bare-https/server.py +++ b/e2e/bare-https/server.py @@ -6,9 +6,9 @@ server_address="127.0.0.1:8080", config=fl.server.ServerConfig(num_rounds=3), certificates=( - Path("../certificates/ca.crt").read_bytes(), - Path("../certificates/server.pem").read_bytes(), - Path("../certificates/server.key").read_bytes(), + Path("certificates/ca.crt").read_bytes(), + Path("certificates/server.pem").read_bytes(), + Path("certificates/server.key").read_bytes(), ) ) diff --git a/e2e/certificates/ca.crt b/e2e/certificates/ca.crt deleted file mode 100644 index ca94bd4893e7..000000000000 --- a/e2e/certificates/ca.crt +++ /dev/null @@ -1,30 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFOzCCAyOgAwIBAgIUI4Z1SFPZUIM0LS7TXUS87u0JMk4wDQYJKoZIhvcNAQEL -BQAwLTELMAkGA1UEBhMCREUxCzAJBgNVBAgMAkhIMREwDwYDVQQKDAhDQSwgSW5j -LjAeFw0yMzExMTUyMDI4NDRaFw0yNDExMTQyMDI4NDRaMC0xCzAJBgNVBAYTAkRF -MQswCQYDVQQIDAJISDERMA8GA1UECgwIQ0EsIEluYy4wggIiMA0GCSqGSIb3DQEB -AQUAA4ICDwAwggIKAoICAQCVDJfeHo3p9GBRpAUIjHuBK7yxUd1xCLWei457jEO8 -B7N0yJyQ1xOAzqTfK/t7xAv8L45tHWTzJfhUVMxInES7ivSg3Zr3JB8vssONEpKK -t8CWJzh5eQY4P/qrfYhzzLLIcQwKVYd6kac1Tm0yvpArmfwpTHBpWzzkwQN3KmF2 -SG2k51bfKTcLspeJD0cKI/PUWqKLlCmZ4qvXByIIIQdNuCbu0booEjm8C4uJXD23 -SjxXSZNIRA8mRztC5AN/VJECPzu4Si9CsWlrsO5zdtc6XduXOXqbYmZgzpYDr1Tp -G7Kgsc87HDUzVd5Ec/SbBoLjInFIlrE88TmSvKC0x85HWEhQwTQv0WzxRvaty0jY -xUveTQ+2v103msgE5mddzCPecYgb0t7IpJ/9vvo4oA9PwXCy+jFVqyTCHwYg3sYT -hHSyBtYalBChZ9jdI8oj1KHt59Ft4mqT8olmATFU0of+1pwYj5LaFz/tFklLYXek -ewphcbzSgLXRcbLIKSTY6ISnMURjX++DV8DBwq4qmiEU/YkOi6iYxlV27X0p2KV9 -CkgtlDueakrParYGsy3ND+O+nIJ1nujIUme6xVoQ0qUy/KF2O11keIBn1gHYYX0n -Tw5SSxhqfmlvCs1aiVwx6BLUTT1iytG4FQwrTFkABCF5Pd0GB9zcbQMRg7VWs6X1 -mwIDAQABo1MwUTAdBgNVHQ4EFgQUEUQfIyktB1BkiiskGLSLycDFexIwHwYDVR0j -BBgwFoAUEUQfIyktB1BkiiskGLSLycDFexIwDwYDVR0TAQH/BAUwAwEB/zANBgkq -hkiG9w0BAQsFAAOCAgEAWO3LcrNZzv+RjkQYS9a72Xh1zxSsHwI/W9LemkQaGIRO -5kUoRdIJJAka5Rn5IlFi5Qoy16RZzfOTdvav9YO5D9AUZiLLwiegjnrW0g40THer -Hjc0RDXZSGF3BTqXxOQygcblulcty6+M0wBZ/HvYBCGpTbvBf+eVODXmE6XfvBSd -roA+xc3NvQoUVSyLMDgnPwCjM6vyV8g8nyM8lW+mq1NfDq8z/HzYdn0E0LNhnk1e -MubuFfHl8OEO5CXc7Z7MUpenn+ZNY/e8EjOzlSH6Qhyy/3p9evatZ/wXr682ZqKt -6GWNRRXDHZhWY980KZpeGocNwjFwop/eirbFhKfU5zw8e2KwEeFi9S0uXGDjx0oQ -g+nFC+xXGtsrQqM/9x6caEmECy3uCzw06uSu1/nLYQ5unuGOA21+tTPL97OQz5hK -bHcohzU6NdqF0rFQ/wufCvowAPww3oD7IqkFJoD8W245BnGPAb0SfZ6j8AEKgAko -r58r32ax5Axgx1QRSuR+HZX5jlF6fI4YNHe32jrBA3BXeyfwQpdOUOJTR02j4cII -hpode5GHr1zDI9W6xTaTyR3rZ5TiVR2SpZxxUNqeR70+YnoljXzluh+77AdVv7Kv -Aa1NOvuOuKW9paku3PsFsnGu783Yokjrh0V3Wez8y8HcmyFRbuTsnTWEf3Cbzbw= ------END CERTIFICATE----- diff --git a/e2e/certificates/server.key b/e2e/certificates/server.key deleted file mode 100644 index e92e626c0bc5..000000000000 --- a/e2e/certificates/server.key +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQC3IPN9IdJOH0rD -JGvahkZctu6BB7c3v5cvlHTebsfUY1SxeWdvgFYV00i1Btz6KBn967wAfjI+ngad -6MLhF7tqZgVkiCK5ae54qv07j2ZZVvWNA+gOMWz1yW3L7webO2VrYntFuHk1kI7j -0hc70AHdWClEhjtv4/X8oTKyQOATns1Dzuv7lwYFnOZ43HkG9NJtyxUtrms6qK/F -tcppPd0RHQe4MWEOZ4MA9Comr5N8pMzG6VcvNcZv8100Z2/RI80Y0l1mVFQ6JyWi -DGSSlIrNePBLnxQg8i9SAuQs1pCbyBJZcQwGZEWDzhsAvqXAU7+Q0gG8GsP9rAAP -dFOFNmw9HpW37wOJKV9ezvqwHFv8GILAZcNii7fOLU4FAiq1VwVz1MKcJrkX1U54 -wNdWcVuN5qm6qiwaxum0FaJuT39thitJhqh1JXziNRzEv4NEmnRlPqaLKDrBFjEr -beNUNzYt58MfM6DGFQZTeFzBKnceU699s7e+VXYhQqClx7Kzp5zcuoi+knxgaJWR -2LVgngBc88R/E9hdIw3tRsTXPuP8oC6JHfQ8RlLl1kjCG+ymx+SDop6H7StuC249 -U87gcM8fP4Etmu+jDhTUsCHmq3nTVRvZEmqWEC64rX6ozLUT7zjRH/og/QIgsQra -K/NsCOwwlGNdK/WhIzQzcxhX46fn6QIDAQABAoICAAyAaV7vgiXnKPltcRd39zG5 -I0sXtcBOigmrftb4hRfQuCVtfkw0XKwcwmfpUgiZ2DxnbWwzMUbpDtaU30jyj87R -rCiSypwRyT/fnG4Gehw7PYQk8iCV6zRUTfSQGtrUETZlgLjfwRaRCdAvtXpV1uq/ -bAHLkB8xVseqUYWtvB5axvSMGbwRMU4MygcSNgjtibgJFycJMzTL80PyByFsIb1b -V/2REWkkU+Mqx/3gGpd1wK0LnPISH7vgx0oejZmfcg7xvYKQ2zclGQKZCfyfu2IP -kYf4Ei21mtlkbSNKepDH9ci5WPLOwZgf5+QDH9mjXf6K96dZxGt65H4pmNINRxI/ -gYLwFytIisHeOKGS5hbg6v8NXPcfsRR7200MQqGXbKhZxCdG3uPwk1LqV2fS99yf -jz3nvRDQXNWGohsNzyqMt2VyRQbEEelmwDfRsypff15aChCt0HNu0rXI4OO4X0iq -TPyARp1kSbI9d0Q34R2LsaYWFZr1Dbe6X3rHRdvIuoFaTnRi59cXYoAnsuEFFAuq -NXGSohMJTS84L7/qoakE/DbXDtjIHrQRf3tdw5D/npIsHqm9viZpnov3avT92eld -qZADoNnr1MVtAfukF4yzhgMgzxVeS0DCrPri3LNX4sBr6z2FpguFPfzISK/C3sb7 -56BKGk6shNRJLXi3bQcBAoIBAQDgSkvGd5W6edR/s2T7mdqGiXM9TxnELSFRxOG6 -SJCxiLKNxsHRcPRxCFeAYTrCTzq3peX7uTEsb/fWNq9WRY76Yisg4Zd7eRTuWkcu -swvF+alx8aVQAg5bwlv/a0hnf1CikQR5mbSgvaMp9MoPF8q8FUSV7ZXyU6Y6tutY -6a2tz74G30xoMptD4wpcnHkbaVcyQPuAzttOWu4qYOtuvn0ybXC5Ctbs1XBHth3s -Q6l62eMa3R7e1RXJdfew6fiiWVEkfxihvkQQ5G14tW5Vf//xnckUHr/HYMArZURW -BrNTCBt5jlj2Cd+255VLdpSO098+sxFzwE7p/mJiF3U0cTXZAoIBAQDRBOcWsCZC -uIrTbUyHM1LzQQ5sxfdC5S+433zMFClV0tNy5kdVut/J8BnVGWcxLuisj+9KJQ/5 -Iv85mwb15Qyr8jFp3pwkbQBkiR+6/CmSWTYrNZm/5VCyEhR2NlLrlHko8wCtQtMI -iNvXTamQ8HfSsvRakw2SIWfqFvru66NLuRalBlStMYJa9v11vnTYPmd45V8tqhV+ -K7Mozwe24TKabeh8Y72G1l4V3Yynpzqv07VRk/xuIQHelPZyUbaqeYMO0xDmYBaC -ldaxVcYmamNn6iuGsgVavGa3jppflo/0TYfWDAcljLqNVZ7sw1VimqwLueXFGxH5 -1uaUn0ZsgqiRAoIBACscfMYwNDp8smi9XbqyzvsvLlRpgOVhW1cxRcYdrppBUTjJ -LHYKhSG43cDSb43r1rh4DeW9qgMFnpixODCX/CyKdAnE8u4LzwclmSsTxT6Ph49c -SE9BperjR/WndGpYYXJt93M8JSkEanllEPWnuBNA70b2PO0wQPJmOISFnhmbpcYC -Y9hfadK5sEMu3GR1cgo5zV3r5OGBvuesa3SE7uGjgZg/yiIJwKQ4EDZapxfzC6Ed -QZLJWH+5yhtaTa0/B8bBG0XzoXexwI0EKqoKiXKyxnS0mF5FbYqp02HJtexO0aEi -yFy6dyLcDqlLqLBvbyjJGKCsJT7644RBSAkFfbkCggEBAI4Msew2XFo9xoM3panA -lKAi12XPCGKbFVqj79FV5l2gQPm2TEaUEODRXwz3Da1cPt5/l1UhaQCc6y1AEXPt -bTYyC6jyk9UhiwHIOxs9ohcGsAyfidTjSHssVGGeO65Eoi7VLuGRJ5CGSjnBWvrY -oeY8nlor1C46q79oTLMwyzJ8IEqYydVGb1vYvZpWjFwl1PZRk+SZ0a+EjWavhIOh -+lz/Ut+ufTB04U4k2iFaQkUaMQC2/PfvULDvNamtpOGoYQwjHzohlUq8AENWkqqq -5NHLUDdjJsZqgbg/nuRVk5GpWyZ52CWJxYKl7LLlcVLo4QG7Hc9dvVK43M2mjRrT -lTECggEBAL0YPfIqZblIPYihmlcwJZAgaxg3aYNVwM533eizEkmafjq5nuwJAI5K -ipHaA2BlkP0sQC4gnwcbHbANwSKDAhfQbUdJFqsxsjraXZ66CSPQjhPswl1VQwPL -iIrUh8otvkDXkyyUsGPsT0ikP5Y4Sss32uSEHlOkhd52Ld5gilmCTjw991Gxp6Jm -42luiUnlwQMucR3YZFBFK+YMOkXzXhIyjDpRLiDsnCwgmSLokGpAgTx79duN7Q60 -sVZ/vqasbium/iVkLttMCdsYtACGKjXVzH7uNTy5gXBQcvGolzeOOBbFCH8SQiRe -DzNYhL6mO2B/QOWEZPjoJ3AgceHEkqg= ------END PRIVATE KEY----- diff --git a/e2e/certificates/server.pem b/e2e/certificates/server.pem deleted file mode 100644 index 8ea35406ec6a..000000000000 --- a/e2e/certificates/server.pem +++ /dev/null @@ -1,31 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFajCCA1KgAwIBAgIUEaOR43jMF3DXOiW7Cr/yYlbzq7UwDQYJKoZIhvcNAQEL -BQAwLTELMAkGA1UEBhMCREUxCzAJBgNVBAgMAkhIMREwDwYDVQQKDAhDQSwgSW5j -LjAeFw0yMzExMTUyMDI4NDVaFw0yNDExMTQyMDI4NDVaMD8xCzAJBgNVBAYTAkRF -MQswCQYDVQQIDAJISDEPMA0GA1UECgwGRmxvd2VyMRIwEAYDVQQDDAlsb2NhbGhv -c3QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC3IPN9IdJOH0rDJGva -hkZctu6BB7c3v5cvlHTebsfUY1SxeWdvgFYV00i1Btz6KBn967wAfjI+ngad6MLh -F7tqZgVkiCK5ae54qv07j2ZZVvWNA+gOMWz1yW3L7webO2VrYntFuHk1kI7j0hc7 -0AHdWClEhjtv4/X8oTKyQOATns1Dzuv7lwYFnOZ43HkG9NJtyxUtrms6qK/Ftcpp -Pd0RHQe4MWEOZ4MA9Comr5N8pMzG6VcvNcZv8100Z2/RI80Y0l1mVFQ6JyWiDGSS -lIrNePBLnxQg8i9SAuQs1pCbyBJZcQwGZEWDzhsAvqXAU7+Q0gG8GsP9rAAPdFOF -Nmw9HpW37wOJKV9ezvqwHFv8GILAZcNii7fOLU4FAiq1VwVz1MKcJrkX1U54wNdW -cVuN5qm6qiwaxum0FaJuT39thitJhqh1JXziNRzEv4NEmnRlPqaLKDrBFjErbeNU -NzYt58MfM6DGFQZTeFzBKnceU699s7e+VXYhQqClx7Kzp5zcuoi+knxgaJWR2LVg -ngBc88R/E9hdIw3tRsTXPuP8oC6JHfQ8RlLl1kjCG+ymx+SDop6H7StuC249U87g -cM8fP4Etmu+jDhTUsCHmq3nTVRvZEmqWEC64rX6ozLUT7zjRH/og/QIgsQraK/Ns -COwwlGNdK/WhIzQzcxhX46fn6QIDAQABo3AwbjAsBgNVHREEJTAjgglsb2NhbGhv -c3SHEAAAAAAAAAAAAAAAAAAAAAGHBH8AAAEwHQYDVR0OBBYEFLw5D4yWbo1qaubM -EvSVqzwPQNmUMB8GA1UdIwQYMBaAFBFEHyMpLQdQZIorJBi0i8nAxXsSMA0GCSqG -SIb3DQEBCwUAA4ICAQACmQEykNsSPjaX/rfpvm4iaMudSCYZ2Ly2pFywhpcjZz// -IJEoiyo84k4PmenghRvcmU5CCY3rtRaOiNzcRMKv8+CcdMkMTcI8jVR29YIgARmu -qukgQ5DGPz0BG9nRoqS6N3rELkiQYcW6FfGQnr9zSaE+7Aq/u0o+B0P7WSr7jjsF -vEo6CljHGiYQI/e1I2XQ+/9KNBe7T24ttXl8uUMml1mg/zT4mfFMMELYaNFDwxi0 -y1TwOc2HVn8PzlH7n89eMLKypxdemrwMV/UAPDS6YjOhXlpuB15UqpjZYRJtLJOx -KEFnf5MqUnBSjulwa7cbLw1ckThLw+zt6iXTG5bJTsnmTKMk8gRuUPwOkiA0/hTT -BPYqpzdaPDEJt7/iN0g1wk9c+W2bjAhwVCEwsdZdQx+yhba8wd62Nfn0vd6h9noB -Ra5tDSBkuno18yQNFzhTU8p/3lFjJdfsCV8+O/UcoJhxG7KMPLvSZ3mSPkS3SGe3 -uwrL74GrSPEsg3Gut5xCUpY6BkthELGWSGEAtk7iAJNFyZoqLUoPulNM2IJnQ2KN -vH0xa3tNufca/IKqVHK/oA91Mgw1o08FNWMwnCBq4w798qffZoHBUHtw19Z9Uunk -Z3ZZOUbucVNQoGPPfLyffHduZjnJ+JAhMQjMKahjzQiDCpOZzZ4wy+FV3JOpfQ== ------END CERTIFICATE----- diff --git a/e2e/test_driver.sh b/e2e/test_driver.sh index 7fcd6cc74066..d268035387cf 100755 --- a/e2e/test_driver.sh +++ b/e2e/test_driver.sh @@ -3,7 +3,7 @@ set -e case "$1" in bare-https) - cert_arg="--certificates ../certificates/ca.crt ../certificates/server.pem ../certificates/server.key" + cert_arg="--certificates certificates/ca.crt certificates/server.pem certificates/server.key" ;; *) cert_arg="--insecure" From eb4dffed13a576c4aa0539a7f3241775b4d2255c Mon Sep 17 00:00:00 2001 From: Heng Pan Date: Fri, 17 Nov 2023 09:59:00 +0000 Subject: [PATCH 11/12] cert files on-the-fly --- e2e/bare-https/certificates/ca.crt | 30 --------------- e2e/bare-https/certificates/ca.key | 52 -------------------------- e2e/bare-https/certificates/server.csr | 28 -------------- e2e/bare-https/certificates/server.key | 52 -------------------------- e2e/bare-https/certificates/server.pem | 31 --------------- e2e/test_driver.sh | 1 + 6 files changed, 1 insertion(+), 193 deletions(-) delete mode 100644 e2e/bare-https/certificates/ca.crt delete mode 100644 e2e/bare-https/certificates/ca.key delete mode 100644 e2e/bare-https/certificates/server.csr delete mode 100644 e2e/bare-https/certificates/server.key delete mode 100644 e2e/bare-https/certificates/server.pem diff --git a/e2e/bare-https/certificates/ca.crt b/e2e/bare-https/certificates/ca.crt deleted file mode 100644 index 587e2fe61953..000000000000 --- a/e2e/bare-https/certificates/ca.crt +++ /dev/null @@ -1,30 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFOzCCAyOgAwIBAgIUW9q65pEqWxu53JgdJ3llySRq9rAwDQYJKoZIhvcNAQEL -BQAwLTELMAkGA1UEBhMCREUxCzAJBgNVBAgMAkhIMREwDwYDVQQKDAhDQSwgSW5j -LjAeFw0yMzExMTYyMDAzMThaFw0yNDExMTUyMDAzMThaMC0xCzAJBgNVBAYTAkRF -MQswCQYDVQQIDAJISDERMA8GA1UECgwIQ0EsIEluYy4wggIiMA0GCSqGSIb3DQEB -AQUAA4ICDwAwggIKAoICAQC7usJuOKHuQja4W43VvJXliqtY8t3vbvdIVooKosTs -K7aGr9QozG2/5Vzz5190p5X22/Z7n1NZs43LDDn8yMlJ7bwUS1mb4MDkDShyRmSK -XSfeZ0OvytnwFgPBtRQZpEUb0y6lvItTxh0qDGyIjG0BJxISwjgIZhX4/NtzyUu8 -0ppKta9nAxhd88WUn0m/IDmg1G80PxkEXMMIAdjlMD1th6MVo4zSeO0SC8cCsmxr -FwCi60aNqjghEhr05fIYMdBCKMyeUJGHAVGuPkB88eUUDMt9rbn9cI1hkFoRcbfI -Lpm70sLrRYjr+6o9Ag/VnmoJnshYC5/qLenmcQUYWLdN8w9d1t7x9U+NsZiFqf1c -KEZ4b8LoxKeFcR/LCgiJg+TTcW466wZfoGnZiDqyEkOxQTvvY30e7LZ/0LRe1Xwc -E4TWFfEpZYdaccDkvDJGrMlRq1Yk9QMgSCDoA5H7nY+QTpiVwVynkFn8ejFSrPqA -/J0504nQiGQcspLocUBm78qY7tBtmfURkQ5X9ybk1BtiS5e9ectUusthL18R8Nv+ -kXaqZhZzMs1hjdpAu1fobTI5ThOIhoVwSEbRkPzZjby6qiTtZhN44IGyxn9gu9J9 -DzQctPJeL5z9VotCBaMRBnQ4923Vy8U6U6NOcvWKuh/U9i1J3ZoICRu3r8exvqnc -/wIDAQABo1MwUTAdBgNVHQ4EFgQUtzUdz0rhQ1k0x9zpk0/fxUqrPaEwHwYDVR0j -BBgwFoAUtzUdz0rhQ1k0x9zpk0/fxUqrPaEwDwYDVR0TAQH/BAUwAwEB/zANBgkq -hkiG9w0BAQsFAAOCAgEAoJ1dyr5YhnGWiy7gDI51uo46gJHRd+vd2WNlRlALswbw -tO+Bj55aDtu2gRTF3QbktXBeSezMBTexPQYZy34A8kh/4k2BhmxA8b2OnpDa9XEf -0kyr0f2XTyq+DGPCfHGswk3QTZDwz/FKLT2gq3YSNlHM7ZdilB+oILhSSVoeY+E4 -6JGj7WcYIStNLEsA1F/KPmsSbXM7rYOprTdCZ2bfMutv1JI9//xMlnDFQwcNHRBZ -AeZqV1ZjTmXdiDs2Tz12NtqfxD/XiHTqNjwDMaDA4sDKARt4xS7fr6xIAkZHVOtx -pZiBS7jomcFq8OFLNsAHHF4YPs7pICdkdD1BF7lLxgCDTHJrhwyvJN648JyhgeIc -Y7Vz7tAEP29mBGT7Wuo1OiqYuVzu5m8Xrdllqr/HCo24kiD3DpbCPDA2YdS5RGpz -RoJYnIB00bBhPGueVw9DiQ8VDeqQbm1+2LGfwmUdxLMJ+V9EJsPCBUOGpfMYggsd -mNu4WHTnL9jlN6wICfHu0RtSRIH0aeI+PFOHGek0CUa3ZgwvVHLlUjogMCAy4xH7 -gYBgueu/Q+cuA5fIHwi9Nst+EdFSD9sC6To78K//qONtv62V4lGSIWVkUpmdEKDN -0fcZkePEVOMy3SqXKd5nc8aF9Bw6uy86Y/uTju0w4A/5+Quf978PrjQwSDCJVj8= ------END CERTIFICATE----- diff --git a/e2e/bare-https/certificates/ca.key b/e2e/bare-https/certificates/ca.key deleted file mode 100644 index 3b4be83821fc..000000000000 --- a/e2e/bare-https/certificates/ca.key +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQC7usJuOKHuQja4 -W43VvJXliqtY8t3vbvdIVooKosTsK7aGr9QozG2/5Vzz5190p5X22/Z7n1NZs43L -DDn8yMlJ7bwUS1mb4MDkDShyRmSKXSfeZ0OvytnwFgPBtRQZpEUb0y6lvItTxh0q -DGyIjG0BJxISwjgIZhX4/NtzyUu80ppKta9nAxhd88WUn0m/IDmg1G80PxkEXMMI -AdjlMD1th6MVo4zSeO0SC8cCsmxrFwCi60aNqjghEhr05fIYMdBCKMyeUJGHAVGu -PkB88eUUDMt9rbn9cI1hkFoRcbfILpm70sLrRYjr+6o9Ag/VnmoJnshYC5/qLenm -cQUYWLdN8w9d1t7x9U+NsZiFqf1cKEZ4b8LoxKeFcR/LCgiJg+TTcW466wZfoGnZ -iDqyEkOxQTvvY30e7LZ/0LRe1XwcE4TWFfEpZYdaccDkvDJGrMlRq1Yk9QMgSCDo -A5H7nY+QTpiVwVynkFn8ejFSrPqA/J0504nQiGQcspLocUBm78qY7tBtmfURkQ5X -9ybk1BtiS5e9ectUusthL18R8Nv+kXaqZhZzMs1hjdpAu1fobTI5ThOIhoVwSEbR -kPzZjby6qiTtZhN44IGyxn9gu9J9DzQctPJeL5z9VotCBaMRBnQ4923Vy8U6U6NO -cvWKuh/U9i1J3ZoICRu3r8exvqnc/wIDAQABAoICAAd7ZgxmjW2ljfDDFWATaBYB -9NpSs627SnfDmzTZT+fpxhiQIXCO1UD0r0O5UQChPUTdd3Ft5DCLC3ewQQ9mIT+l -Df3xEt03k/iC3b3QOGmbVN90VipHd3AuMHAj+20aMvbs78sDPLpWBwuJ+zll/2Iw -YHQG8ZzEFNQbn9N5jl80NZoMq7T7VplIAfPudU38xs82KEh4y1J1MAC9shtQVOJs -qX9PSWmKEEjL116wJcoO3KOhpOo4gowu4IwqLf/w3FAGuEEHDQXIc6zyJjfUnEC0 -UdfseKE1Py1IR46ybZS45r+posMlvlNJcHuF/YOSEL/ZaDq6G+GFevEISB+0SXns -UAkOnRwqKXl68G3Bk3TFPEIQFrn2jmTnSduGiEeODMLwRs0bOkji5Ggw5kRIfhW2 -j6s/82PIZ7WHuG3W4XALBxMN4XEXCKBsrIvOJAKUZs3Iq4BOMcqilbNdjtvhLSdg -XbAZkLNfWI9MgoiWhhsK6kMTM+FmXG1AOd+aYZutWkwB1zifXDggaTJ73R71ieBK -Yfh15Nxk5DYXuZ0iNZwn2RD+Eaxm/D8jITVPKG+b6bJqDh5GrnLeTyROPx4cR2Us -ojAOFdfNnCBkia+t5GuEGBf0txwWMTKS33nr8Ut8a7Ol2n3ud0ilItYIoTloUUin -UDZvnpOJu/8hInZ9Gb7hAoIBAQDu33SiOHvoEElz6M67F0vP7O2OCy5HXzd9C+np -SGCHIZTwgObB7lMBe42xdHMY+Xdn+8CKRSX3LwsWpydTq8GRyp5nZVZKY/YZTvkx -viM6HRGNyK1+oClqRWFjlayg1KRkP1QArqf6AO9Noc9cH8ISsVOI7MApZVramlTn -hY8kLjdMr/WLS6OHpq0fS28+3YRzfEYIxAgvsgIknOQTXGOSnSLoY6dNSYsawoOL -zCrsdy18CJ1gE7EY+e4+UqXeRlJTLgYB+n7MVoTKTuzRFtXdJNPVbSQq4vzYV1tP -OsdZP7cCpyUUtfAKDy+IucImtbUv42Cw9DAOImkVyMht3LiLAoIBAQDJMI+PyEvI -euQmwtsyNc8zAWcsIJfdS+LDMcpaAdFVuVirGLWULf4AB3n4pAXbp7Tihi4aCbz/ -YT0dC37s6ShHyt7856mA5kmPPCoA3er0TSnSJ9VilEeW3a/ciIRM/xTuKiqyGIpd -HfyaixfLTEhrKm4vRfkFboaVBL8HdHd0xvrn/CkBQAWxdX85HwFHiVmz0Xwow6T4 -z2A5cI0lwaC7sREuPudGSNL7fNdqkoaVYW8HsxHiKK0TqScCWpVcmF9R7jYp493n -4Bq1z5kzpGKJ6glIrYcfQlsL60vqO6bQLQ1eapUtuk4qqJaJ3X64yUs7bD0WM9fz -LcFbgX8d0EfdAoIBAQDJ8Ia9jVrSuNIf9zSt3eftg7LgXntlQw253RSGbvWLx8wN -9isez8fEfRswZe3Xsy5K7f275vFNoquRHwaUKaOfCNgZOQZWJWOryaPJdaB6RJDO -eFSTs/rPKJBIjARAgwPm69KsMPs40wl7a8vNadu7ycWBAAUD+fdwzv/wKmz0fU2q -uyat9+frifDZgAAv+T08FFdwmakCCU7efPQjmftjuwwDwhtxrza2DLMAwD2ZYrdF -IFNLIdqZ7tCGR4CKBJEcWNAjZA1F2e6wyUBTEycBqVycFYR57SMsEc3TkTFuNfsV -dxBWDek719Krl76W0w61yVe4wPbPPC/yhqdKmUo5AoIBAQC0dkN/pBkd5eV6QzRc -kFmflbWWplGyJVxs29925sR/kTZQmmRdWvfHzO0CMxYyFfcxbUwy/OMza2RnBiW+ -mdEQvI9R6PZo8aevvDas+mHC6ugFYseLmhew4n7ZYPbTHccHbnlHsK2Dot8vPG6G -Y5Fd1vxomOoqjh5X0p8LL9PqwoTSy6N4RJYWvJ72fLIoGbKFkfU9l2gF6fWU8Dkb -Udg8IzKW+cN3juD4xd1v8aiYm4H9NQlohDXjOcoM2XW6Tc7KbdLVtlgYojMzO9he -syfUL0JOl6BpUJrcUR2SKBmUB6VDOHVBRCjTKM+HME93rs81qPwOS0h8D2GuE7US -5/1dAoIBAEcsx4yB14RaCSveLKWp6eyIbS3Vxk8+JKTmHFc+hpRz7qvf5JF8fxNZ -tERlw0vPyCUsokwOImf7yWnERwcUY8eKAT/MZz9vvdtabiyF2xEHQkwxIPVHpIGV -nxb+c97Z/jW/M/fvcK4m71iYvkMcOhi6M2DuiP+/GTjv9Wx6zZutUhyqjG3ms6ph -Y7SLmq7IVLawcUhwXEoNq8yH9Lq4LUgizrznyfznM97sb4mAqfzbo9NfQ0b3y4Bk -zPFD6CrDJEshilMkmELf0bkQkk3JY18qp0CE/Wb+AZzpkwbv8lOm1AN1kMGAy0fk -UPpDTwO8CwFKfZcJBu/fSzGLo7/36FE= ------END PRIVATE KEY----- diff --git a/e2e/bare-https/certificates/server.csr b/e2e/bare-https/certificates/server.csr deleted file mode 100644 index b3cdbbf1af53..000000000000 --- a/e2e/bare-https/certificates/server.csr +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIEwzCCAqsCAQAwPzELMAkGA1UEBhMCREUxCzAJBgNVBAgMAkhIMQ8wDQYDVQQK -DAZGbG93ZXIxEjAQBgNVBAMMCWxvY2FsaG9zdDCCAiIwDQYJKoZIhvcNAQEBBQAD -ggIPADCCAgoCggIBAJ9H5zYrUCxa1qJP2Hf1dFPusof+wjmGZhDDNvaDH7FGqaZU -rTi+zdsLQX2XwthyYuJitL+Wh9mi6EW6M5pLS/JAmOkMdq6Go30HAgMeOMY2g4go -qdzcjvs0GrOKhx4Rc4mTm4048pdl46RGgjY1bUilTNKxK6+9SrRdsIrUWoF9eI/l -/TvZCXtcfJ7qY9Fy00Ex5uvgOdvmDSaQ2UcRckX9CPQdbr6bWM+1/D5ibS0qXqlv -uoAReWLxkzDGSpvrDPy+ghMoS4015BVC9WKJebH6bkinVvIqPdt/D5zN9YbMQLgw -D45PinDB+nTwDUXn2Yak4E5255ehqRNeW1LkKKzrZUsUZGH8jMazLMW+AZHJGoGD -QY4M7/02XydK7SOQO3i8Oljor4sA/bLih1nE/WSMPszMj8OLLyT90zWpIdRDgSt8 -rOXPA/2yj2FOH1sqU76tfCaoGF+kxHqczIq7C6ftaFKEWnukfn/4k4fflEl8Yvg6 -ycxqB04rFQG5e4CLaXJoKPtOIBl7FttqMczsUDXjwZXrCJ/8UkizNW+vypUSR1fu -ZW2HuQo3Nudlf+IKkN4njnjW0hR7GsyPi6rz45SwMGeVn8qJV3vlDeUvRfpUC3pU -z51oUMtu57kQEp6WlNjMLvjVx2ZbtZtZjalouyQQEkRN3kpe3Qr8TnMicNObAgMB -AAGgPzA9BgkqhkiG9w0BCQ4xMDAuMCwGA1UdEQQlMCOCCWxvY2FsaG9zdIcQAAAA -AAAAAAAAAAAAAAAAAYcEfwAAATANBgkqhkiG9w0BAQsFAAOCAgEAmx1Gj8IKa4Zl -yT+a0x0/Ay02HzJXSWfqu6ExovBUKtchKzS9ndzvNW5Tvsu6+x/Inl4obmIoNO+I -SjxoVCuLU2S0JDlzX0nJBK9rZ1xZA710TSE0ofFhLqYq2B3Mv/JKPGWxZ5OapHg7 -IjN0Ln5jQhWOZwXC6wutUh0AH8GlFnMjdGwcvqosMEqbGTL8d/ZPfyFaaaqDYZrA -OQaNkV5b45RMF9N4IufG+9eNvf1cRGnZS2KswKlTgM5JQJLX4j6ng9Rd3BzDP9lE -SUB5TWion4lHGrlZ61Cfpb6pFGRpt0ApSQd8ZRq6WLTrGw/klA2MA69yzCkEbFt1 -CeYot7Pyre71zQ0JpBHXLSkkiGBwGZnsUC9z9pvZM9pKdP25jlLmrZiGvaqlAqpI -vTFNdcD00z67Htst9APKj0Clw0f14anubcYaL964PwusCyjOF3m4lAEhkXlHjfGi -EW10rYpIh21Z3TIkXT9bJ25lBONmhJenTXasRhSVnaDs1rlQP1zzJKEqQYhhMEki -mtS70iXZKqK3V9ELycUTWb2AgprP8pUIOpnT9+X8e9cyraFVDRfeGjcMmPhKnS7C -Z9YOdF4TvDnBwvIZYpFjKyB82DzO0Ug7uszqaoPEXsuWVL2gB62t/dpnsMqr6bd2 -vOdvqSTEDBFz0kRoNTlKTEKjgxRp0+E= ------END CERTIFICATE REQUEST----- diff --git a/e2e/bare-https/certificates/server.key b/e2e/bare-https/certificates/server.key deleted file mode 100644 index 6c966cd6cdb7..000000000000 --- a/e2e/bare-https/certificates/server.key +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQCfR+c2K1AsWtai -T9h39XRT7rKH/sI5hmYQwzb2gx+xRqmmVK04vs3bC0F9l8LYcmLiYrS/lofZouhF -ujOaS0vyQJjpDHauhqN9BwIDHjjGNoOIKKnc3I77NBqzioceEXOJk5uNOPKXZeOk -RoI2NW1IpUzSsSuvvUq0XbCK1FqBfXiP5f072Ql7XHye6mPRctNBMebr4Dnb5g0m -kNlHEXJF/Qj0HW6+m1jPtfw+Ym0tKl6pb7qAEXli8ZMwxkqb6wz8voITKEuNNeQV -QvViiXmx+m5Ip1byKj3bfw+czfWGzEC4MA+OT4pwwfp08A1F59mGpOBOdueXoakT -XltS5Cis62VLFGRh/IzGsyzFvgGRyRqBg0GODO/9Nl8nSu0jkDt4vDpY6K+LAP2y -4odZxP1kjD7MzI/Diy8k/dM1qSHUQ4ErfKzlzwP9so9hTh9bKlO+rXwmqBhfpMR6 -nMyKuwun7WhShFp7pH5/+JOH35RJfGL4OsnMagdOKxUBuXuAi2lyaCj7TiAZexbb -ajHM7FA148GV6wif/FJIszVvr8qVEkdX7mVth7kKNzbnZX/iCpDeJ4541tIUexrM -j4uq8+OUsDBnlZ/KiVd75Q3lL0X6VAt6VM+daFDLbue5EBKelpTYzC741cdmW7Wb -WY2paLskEBJETd5KXt0K/E5zInDTmwIDAQABAoICAChGylSMR02v+q44eoh67Nt8 -dHCnHv3k2lJKys8zAQSW1bdVmifLN8q34eucQIzy/8Y3J3V63wdNhmZ7Wykc+Stc -4k2r9SbUrOqkpwGa1shoaII5phpPO2iSGF5mHRyhVRHo3WCskctu3E1h9vM2N1gz -VGXCn0VlHErXlhjE8c3kqGPayFol25vyGyEkK/F+k6TctYPXw0mztoeWARtTcg34 -mhcAikxwg9iiMBKmWO0e1akKs6JGyOcYJxwiSCN9IF+Y3NNzUQd4JSCrOdmc4cT7 -in+csQOzYsjqLEx+WCOp6oOow4Y83sj8hBSlzvVqVzsQ3hd5Qb66BkL7jSQ8xXvu -I/wh6T+O1Vj8FttYBKJMptqhCstWCzKSBwYqvoYuOIbGZBRn6hmd7jBcZCveIblB -s+yiJsAvbD73jZ7WDaOdbJn7PNq33LFANRkNz7NxwPdRbqh+IVobleWGr3G6Wwcx -RAZxR9pI44zh7knjv1kDQSmPCYbubRmR5qfJVW+hfpz8IQTJLBeEHUkX4WpMOfDD -PVVjStvOuBLV3igB79f7PcYiAbyVyAZ5uo75Inde91LYBhxQ/CirztD12yF5EliR -ikSWr/ibG0FnHTwJoXQrSn0kJrB6MqD3biloOhSDghIHtwYh2ZQBJ31/NdCFfcBe -VPMMtu8NFoNLS6r5q8wBAoIBAQDSgI0DQnvbxWl/OdCJFRIHXurq1xj5JGt5igI0 -GPLFOTfW+dE1wpoNuEkruzFCUyPWiFKj571e8UBJCVrqjh9nZE4tCLQge5K0Y7R0 -wNch7He1mw//tNe9ERbd568F0yCj0mQbhy6fwKJNbBrYf3DQWCV2DJcNYC0yBCrq -Tw/9jbcv81xr6Xuinac8IkSm9TwM5qK6TSUI0J5Mp+B3Kgwz37lbarY3aDX/5zBN -9cMRWMNGoPF6MNbJHp3lYjoXDb92iDvLkEtMiQZtJEhbJIauwr9s2yb3MqYanv5Q -oD5S9Su/vVL7MIy9uSsLX7SVPyRmaRtwBcHaOUBReEVQLPiBAoIBAQDBtTCo7ndV -56798jmgcMH6EX0jm+JfY2FWHIKs2L+0OlglSQOXBOR30Nb7gDaQLDVpMoRyIqSi -EgvyUr8RLyWUvadevIJudvnHI+6MvJqgN65+LqsRSAe8cm4eGU/4f9+FOd4Dwv6n -9w6VijuAa3cv/oOsSLO5pdTM0ejqCKXVn/Dvc1Xvu2UOd2Sq9pjON/yp1szeyzBo -K3F2DBQSApE5hPLsFX5JwafC4ZfEx3i70bB8Efrsx+WFIfyKtXg2b1uvI7hZWFwH -6mFpWdaPFk0zPRtSLR2CzcTHqUu7/pF8rb2UvRDskyz+JAF48xLeA/jNeqvmR9KL -GoxK1Foa054bAoIBAQCtzwkgFOgyKcmXDES8u5IcVepAqARtyv2W6DYzkBn8cOdD -cRimfB05kN2R50mgCwf/XqZlwbYiS68Z30ibfWg+tZq7IoGghIg4vE7HTGcWEqsx -X2yRZV/xM8gex+tDMvWzbsfL1w3PSH560PVFp8ydqvqbg3/BwpTuxHQu7cM1R6tn -Q1kfnTTBq8znISBwfvLrcBATJhmbMq5SexcjLavPtT3WVsFH9JsJxnmjFXbQvurW -SZO5odPnUolrWnS+jlJ167z7sxQJiOaufZPk9b7jU9g9aKK+36o5Nuij5/wuAVPz -SL7Yu1iqWtdI1+hCh1Vl3gmSsJ5EspsB6f3JWqiBAoIBAH+VNHh/oA/vqf1Otg/r -VIe9TxvOB1pmXWzXGGZ52EH/j6D3JysnqMcVwRMjTkzFIWSpRjzafm7UzhOL1pad -4/XEuGEYbhwNttQn4W3Gp11Rb1diq3+VXqsK/2ZJq7dzmafpBkaZ/xpoCa4KvsgF -gBoXW2h09hMXm0JQG0VR7s/2KT29TGO6nIPbtW05QEnK7Fp8xLEVSUvDGVbz+6Al -Gru0yj8epPA1YaZk6Y5NB0NFiCUfvpKH0q9ORESj44qO6+c98qS+Itd/0ysNZdkW -ikBuRflpB5/ooWwUIHKw5+gjktNNd8Ep6p903ZdpGgsquIu1+VSSB6VhFfgPR02W -BfMCggEBAMDQPTjS+Sx0zjxTeIsYt0e3XvxZJwpajGWxZCdssv7Fsr+A1suWiUNM -YJcSeVzdkZevvRfxEIdJ4HjMY7dRdoJzh2/k4Kj9FR+36yXYT/D0h7j5eLpG1ZI8 -dUmer+pr+bm/CrgyE5jNmTMDiqBW+DlhTqmh066hP7r26262eWrXbF1clD7m+qY5 -qUvkUAG5YSMsSxMuhDeMxXeQs7Fq6xurQz5/IX36z6wgP+PCJs7MNqNOrWkyK39b -9gALYsDH24vKKreKLRupWxJeJmwkHNAHU6L7g8X/bGXohw6CwCS+Lecuq/Ox4HFp -KcCE1zHxuL8lbpuW8CWf+mZYGbAhe9Q= ------END PRIVATE KEY----- diff --git a/e2e/bare-https/certificates/server.pem b/e2e/bare-https/certificates/server.pem deleted file mode 100644 index a990e37fda5a..000000000000 --- a/e2e/bare-https/certificates/server.pem +++ /dev/null @@ -1,31 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFajCCA1KgAwIBAgIUbDaNaPKkp8QUcJueaxBg7b+aC/owDQYJKoZIhvcNAQEL -BQAwLTELMAkGA1UEBhMCREUxCzAJBgNVBAgMAkhIMREwDwYDVQQKDAhDQSwgSW5j -LjAeFw0yMzExMTYyMDAzMjBaFw0yNDExMTUyMDAzMjBaMD8xCzAJBgNVBAYTAkRF -MQswCQYDVQQIDAJISDEPMA0GA1UECgwGRmxvd2VyMRIwEAYDVQQDDAlsb2NhbGhv -c3QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCfR+c2K1AsWtaiT9h3 -9XRT7rKH/sI5hmYQwzb2gx+xRqmmVK04vs3bC0F9l8LYcmLiYrS/lofZouhFujOa -S0vyQJjpDHauhqN9BwIDHjjGNoOIKKnc3I77NBqzioceEXOJk5uNOPKXZeOkRoI2 -NW1IpUzSsSuvvUq0XbCK1FqBfXiP5f072Ql7XHye6mPRctNBMebr4Dnb5g0mkNlH -EXJF/Qj0HW6+m1jPtfw+Ym0tKl6pb7qAEXli8ZMwxkqb6wz8voITKEuNNeQVQvVi -iXmx+m5Ip1byKj3bfw+czfWGzEC4MA+OT4pwwfp08A1F59mGpOBOdueXoakTXltS -5Cis62VLFGRh/IzGsyzFvgGRyRqBg0GODO/9Nl8nSu0jkDt4vDpY6K+LAP2y4odZ -xP1kjD7MzI/Diy8k/dM1qSHUQ4ErfKzlzwP9so9hTh9bKlO+rXwmqBhfpMR6nMyK -uwun7WhShFp7pH5/+JOH35RJfGL4OsnMagdOKxUBuXuAi2lyaCj7TiAZexbbajHM -7FA148GV6wif/FJIszVvr8qVEkdX7mVth7kKNzbnZX/iCpDeJ4541tIUexrMj4uq -8+OUsDBnlZ/KiVd75Q3lL0X6VAt6VM+daFDLbue5EBKelpTYzC741cdmW7WbWY2p -aLskEBJETd5KXt0K/E5zInDTmwIDAQABo3AwbjAsBgNVHREEJTAjgglsb2NhbGhv -c3SHEAAAAAAAAAAAAAAAAAAAAAGHBH8AAAEwHQYDVR0OBBYEFJjFdAn/zwPiic/f -SLs3z5uI3r81MB8GA1UdIwQYMBaAFLc1Hc9K4UNZNMfc6ZNP38VKqz2hMA0GCSqG -SIb3DQEBCwUAA4ICAQA4/YQK5YEkUg1WzuX2svLe6cFW5V/KFvYeNqOHeDeqAAFp -bLBUR5wA4rtMqGEoPTHfHNHBmg+mgkbF5QotnB20UIW9vb76MZ5OJgb56jxmUk74 -oKtzjRQzOYQfyuOZDQre0XBOTrxj2jA2eORBideUTGSIrCq13fXrVWLIkRrIQOoz -bBsCQ6BrxGMZ1icyWEQU/PGmWIHOnw/EqsK4m5ZeKd3jqvizbNtdaUYnSOuidp3H -kK9QphYlmpnwubJrAuv9NeO/5zvUPW3etGYyg7NwoVONxVZNcLOetRRx/FIToU+6 -OFBBsGnv4s7HIoHCOVZ6RtDQ7in2xYBojk3oUU8wRrk4oyyHBO1v/alHsuDEsg+d -R0kXpNHHk9vU7q6VkEkNjrdEmqCOhAfpEsQ+LwCv8VnX3yX1WxeDItNV4775/Sb6 -fxfMj4y9rzbEv/sejs9tD+FRkLZV8boo21q729krl4z9RpoAVQio2EggGDITn5rV -+jPJvVQg1+7f7rElVY9AHri2MTVkxFiE41IFANjVcLQjZCjrpSZgQi8U8DJLMJwY -A8GALpKR18E8otUCPoeEWpa6qY3Wr6i0JMqZkQSLukYzyGvenjuvUn36FTs7XLYs -2UEPxalmwBu1y0o5k1qrEcU4FEjYuV0fJ8li/X4bua+5pYFy3FdeL/ZPEWtGlA== ------END CERTIFICATE----- diff --git a/e2e/test_driver.sh b/e2e/test_driver.sh index d268035387cf..e5baac20fa1f 100755 --- a/e2e/test_driver.sh +++ b/e2e/test_driver.sh @@ -3,6 +3,7 @@ set -e case "$1" in bare-https) + ./generate.sh cert_arg="--certificates certificates/ca.crt certificates/server.pem certificates/server.key" ;; *) From 6e8b51afcc804db12292c4b3b3c0a47ea20410b9 Mon Sep 17 00:00:00 2001 From: Heng Pan Date: Fri, 17 Nov 2023 10:13:23 +0000 Subject: [PATCH 12/12] add ./generate.sh call --- e2e/test.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/e2e/test.sh b/e2e/test.sh index 35ed961b02c3..4ea17a4f994b 100755 --- a/e2e/test.sh +++ b/e2e/test.sh @@ -2,7 +2,11 @@ set -e case "$1" in - pandas | bare-https) + pandas) + server_file="server.py" + ;; + bare-https) + ./generate.sh server_file="server.py" ;; *)