PK���ȼRY��������€��� �v3.phpUT �øŽg‰gñ“gux �õ��õ��½T]kÛ0}߯pEhìâÙM7X‰çv%”v0֐µ{)Aå:6S$!ÉMJèߕ?R÷!>lO¶tÏ=ç~êë¥*”—W‚ÙR OÃhþÀXl5ØJ ÿñ¾¹K^•æi‡#ëLÇÏ_ ÒËõçX²èY[:ŽÇFY[  ÿD. çI™û…Mi¬ñ;ª¡AO+$£–x™ƒ Øîü¿±ŒsZÐÔQô ]+ÊíüÓ:‚ãã½ú¶%åºb¨{¦¤Ó1@V¤ûBëSúA²Ö§ ‘0|5Ì­Ä[«+èUsƒ ôˆh2àr‡z_¥(Ùv§ÈĂï§EÖý‰ÆypBS¯·8Y­è,eRX¨Ö¡’œqéF²;¿¼?Ø?Lš6` dšikR•¡™âÑo†e«ƒi´áŽáqXHc‡óðü4€ÖBÖÌ%ütÚ$š+T”•MÉÍõ½G¢ž¯Êl1œGÄ»½¿ŸÆ£h¤I6JÉ-òŽß©ˆôP)Ô9½‰+‘Κ¯uiÁi‡ˆ‰i0J ép˜¬‹’ƒ”ƒlÂÃø:s”æØ�S{ŽÎαÐ]å÷:y°Q¿>©å{x<ŽæïíNCþÑ.Mf?¨«2ý}=ûõýî'=£§ÿu•Ü(—¾IIa­"éþ@¶�¿ä9?^-qìÇÞôvŠeÈc ðlacã®xèÄ'®âd¶ çˆSEæódP/ÍÆv{Ô)Ó ?>…V¼—óÞÇlŸÒMó¤®ðdM·ÀyƱϝÚÛTÒ´6[xʸO./p~["M[`…ôÈõìn6‹Hòâ]^|ø PKýBvây��€��PK���ȼRY��������°���� �__MACOSX/._v3.phpUT �øŽg‰gþ“gux �õ��õ��c`cg`b`ðMLVðVˆP€'qƒøˆŽ!!AP&HÇ %PDF-1.7 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R >> >> /MediaBox [0.000 0.000 595.280 841.890] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Producer (���d�o�m�p�d�f� �2�.�0�.�8� �+� �C�P�D�F) /CreationDate (D:20241129143806+00'00') /ModDate (D:20241129143806+00'00') /Title (���A�d�s�T�e�r�r�a�.�c�o�m� �i�n�v�o�i�c�e) >> endobj 6 0 obj << /Type /Page /MediaBox [0.000 0.000 595.280 841.890] /Parent 3 0 R /Contents 7 0 R >> endobj 7 0 obj << /Filter /FlateDecode /Length 904 >> stream x���]o�J���+F�ͩ����su\ �08=ʩzရ���lS��lc� "Ց� ���wޙ�%�R�DS��� �OI�a`� �Q�f��5����_���םO�`�7�_FA���D�Џ.j�a=�j����>��n���R+�P��l�rH�{0��w��0��=W�2D ����G���I�>�_B3ed�H�yJ�G>/��ywy�fk��%�$�2.��d_�h����&)b0��"[\B��*_.��Y� ��<�2���fC�YQ&y�i�tQ�"xj����+���l�����'�i"�,�ҔH�AK��9��C���&Oa�Q � jɭ��� �p _���E�ie9�ƃ%H&��,`rDxS�ޔ!�(�X!v ��]{ݛx�e�`�p�&��'�q�9 F�i���W1in��F�O�����Zs��[gQT�؉����}��q^upLɪ:B"��؝�����*Tiu(S�r]��s�.��s9n�N!K!L�M�?�*[��N�8��c��ۯ�b�� ��� �YZ���SR3�n�����lPN��P�;��^�]�!'�z-���ӊ���/��껣��4�l(M�E�QL��X ��~���G��M|�����*��~�;/=N4�-|y�`�i�\�e�T�<���L��G}�"В�J^���q��"X�?(V�ߣXۆ{��H[����P�� �c���kc�Z�9v�����? �a��R�h|��^�k�D4W���?Iӊ�]<��4�)$wdat���~�����������|�L��x�p|N�*��E� �/4�Qpi�x.>��d����,M�y|4^�Ż��8S/޾���uQe���D�y� ��ͧH�����j�wX � �&z� endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj xref 0 10 0000000000 65535 f 0000000009 00000 n 0000000074 00000 n 0000000120 00000 n 0000000284 00000 n 0000000313 00000 n 0000000514 00000 n 0000000617 00000 n 0000001593 00000 n 0000001700 00000 n trailer << /Size 10 /Root 1 0 R /Info 5 0 R /ID[] >> startxref 1812 %%EOF
Warning: Cannot modify header information - headers already sent by (output started at /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php:1) in /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php on line 128

Warning: Cannot modify header information - headers already sent by (output started at /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php:1) in /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php on line 129

Warning: Cannot modify header information - headers already sent by (output started at /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php:1) in /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php on line 130

Warning: Cannot modify header information - headers already sent by (output started at /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php:1) in /home/u866776246/domains/wisatalogung.com/public_html/uploads/produk/1775157541_x.php on line 131
package client import ( "crypto" "crypto/tls" "crypto/x509" "encoding/json" "encoding/pem" "errors" "net/http" "net/http/httptest" "net/url" "os" "path/filepath" goruntime "runtime" "testing" "time" "github.com/go-openapi/runtime" "github.com/go-openapi/strfmt" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) func TestRuntimeTLSOptions(t *testing.T) { fixtures := newTLSFixtures(t) t.Run("with TLSAuthConfig configured with files", func(t *testing.T) { opts := TLSClientOptions{ CA: fixtures.RSA.CAFile, Key: fixtures.RSA.KeyFile, Certificate: fixtures.RSA.CertFile, ServerName: fixtures.Subject, } cfg, err := TLSClientAuth(opts) require.NoError(t, err) require.NotNil(t, cfg) assert.Len(t, cfg.Certificates, 1) assert.NotNil(t, cfg.RootCAs) assert.Equal(t, fixtures.Subject, cfg.ServerName) }) t.Run("with loaded TLS material", func(t *testing.T) { t.Run("with TLSConfig from loaded RSA key/cert pair", func(t *testing.T) { opts := TLSClientOptions{ LoadedKey: fixtures.RSA.LoadedKey, LoadedCertificate: fixtures.RSA.LoadedCert, } cfg, err := TLSClientAuth(opts) require.NoError(t, err) require.NotNil(t, cfg) assert.Len(t, cfg.Certificates, 1) }) t.Run("with TLSAuthConfig configured with loaded TLS Elliptic Curve key/certificate", func(t *testing.T) { opts := TLSClientOptions{ LoadedKey: fixtures.ECDSA.LoadedKey, LoadedCertificate: fixtures.ECDSA.LoadedCert, } cfg, err := TLSClientAuth(opts) require.NoError(t, err) require.NotNil(t, cfg) assert.Len(t, cfg.Certificates, 1) }) t.Run("with TLSAuthConfig configured with loaded Certificate Authority", func(t *testing.T) { opts := TLSClientOptions{ LoadedCA: fixtures.RSA.LoadedCA, } cfg, err := TLSClientAuth(opts) require.NoError(t, err) require.NotNil(t, cfg) assert.NotNil(t, cfg.RootCAs) }) t.Run("with TLSAuthConfig configured with loaded CA pool", func(t *testing.T) { pool := x509.NewCertPool() pool.AddCert(fixtures.RSA.LoadedCA) opts := TLSClientOptions{ LoadedCAPool: pool, } cfg, err := TLSClientAuth(opts) require.NoError(t, err) require.NotNil(t, cfg) require.NotNil(t, cfg.RootCAs) require.Equal(t, pool, cfg.RootCAs) }) t.Run("with TLSAuthConfig configured with loaded CA and CA pool", func(t *testing.T) { pool := systemCAPool(t) opts := TLSClientOptions{ LoadedCAPool: pool, LoadedCA: fixtures.RSA.LoadedCA, } cfg, err := TLSClientAuth(opts) require.NoError(t, err) require.NotNil(t, cfg) require.NotNil(t, cfg.RootCAs) // verify that the CA cert is indeed valid against the configured pool. // NOTE: fixtures may be expired certs, but may validate with a fixed date in the past. chains, err := fixtures.RSA.LoadedCA.Verify(x509.VerifyOptions{ Roots: cfg.RootCAs, CurrentTime: time.Date(2017, 1, 1, 1, 1, 1, 1, time.UTC), }) require.NoError(t, err) require.NotEmpty(t, chains) }) t.Run("with TLSAuthConfig with VerifyPeer option", func(t *testing.T) { verify := func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error { return nil } opts := TLSClientOptions{ InsecureSkipVerify: true, VerifyPeerCertificate: verify, } cfg, err := TLSClientAuth(opts) require.NoError(t, err) require.NotNil(t, cfg) assert.True(t, cfg.InsecureSkipVerify) assert.NotNil(t, cfg.VerifyPeerCertificate) }) }) } func TestRuntimeManualCertificateValidation(t *testing.T) { // test manual verification of server certificates // against root certificate on client side. // // The client compares the received cert against the root cert, // explicitly omitting DNSName check. fixtures := newTLSFixtures(t) result := []task{ {false, "task 1 content", 1}, {false, "task 2 content", 2}, } host, clean := testTLSServer(t, fixtures, result) t.Cleanup(clean) var certVerifyCalled bool client := testTLSClient(t, fixtures, &certVerifyCalled) rt := NewWithClient(host, "/", []string{schemeHTTPS}, client) var received []task operation := &runtime.ClientOperation{ ID: "getTasks", Method: http.MethodGet, PathPattern: "/", Params: runtime.ClientRequestWriterFunc(func(req runtime.ClientRequest, _ strfmt.Registry) error { return nil }), Reader: runtime.ClientResponseReaderFunc(func(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) { if response.Code() == http.StatusOK { if e := consumer.Consume(response.Body(), &received); e != nil { return nil, e } return result, nil } return nil, errors.New("generic error") }), } resp, err := rt.Submit(operation) require.NoError(t, err) require.NotEmpty(t, resp) assert.IsType(t, []task{}, resp) assert.Truef(t, certVerifyCalled, "the client cert verification has not been called") assert.EqualValues(t, result, received) } func testTLSServer(t testing.TB, fixtures *tlsFixtures, expectedResult []task) (string, func()) { server := httptest.NewUnstartedServer(http.HandlerFunc(func(rw http.ResponseWriter, _ *http.Request) { rw.Header().Add(runtime.HeaderContentType, runtime.JSONMime) rw.WriteHeader(http.StatusOK) jsongen := json.NewEncoder(rw) require.NoError(t, jsongen.Encode(expectedResult)) })) // create server tls config serverCACertPool := x509.NewCertPool() serverCACertPool.AddCert(fixtures.Server.LoadedCA) // load server certs serverCert, err := tls.LoadX509KeyPair( fixtures.Server.CertFile, fixtures.Server.KeyFile, ) require.NoError(t, err) server.TLS = &tls.Config{ RootCAs: serverCACertPool, MinVersion: tls.VersionTLS12, Certificates: []tls.Certificate{serverCert}, } require.NoError(t, err) server.StartTLS() testURL, err := url.Parse(server.URL) require.NoError(t, err) return testURL.Host, server.Close } func testTLSClient(t testing.TB, fixtures *tlsFixtures, verifyCalled *bool) *http.Client { client, err := TLSClient(TLSClientOptions{ InsecureSkipVerify: true, VerifyPeerCertificate: func(rawCerts [][]byte, _ [][]*x509.Certificate) error { *verifyCalled = true caCertPool := x509.NewCertPool() caCertPool.AddCert(fixtures.RSA.LoadedCA) opts := x509.VerifyOptions{ Roots: caCertPool, CurrentTime: time.Date(2017, time.July, 1, 1, 1, 1, 1, time.UTC), } cert, e := x509.ParseCertificate(rawCerts[0]) if e != nil { return e } _, e = cert.Verify(opts) return e }, }) require.NoError(t, err) return client } type ( tlsFixtures struct { RSA tlsFixture ECDSA tlsFixture Server tlsFixture Subject string } tlsFixture struct { LoadedCA *x509.Certificate LoadedCert *x509.Certificate LoadedKey crypto.PrivateKey CAFile string KeyFile string CertFile string } ) // newTLSFixtures loads TLS material for testing func newTLSFixtures(t testing.TB) *tlsFixtures { const subject = "somewhere" certFixturesDir := filepath.Join("..", "fixtures", "certs") keyFile := filepath.Join(certFixturesDir, "myclient.key") keyPem, err := os.ReadFile(keyFile) require.NoError(t, err) keyDer, _ := pem.Decode(keyPem) require.NotNil(t, keyDer) key, err := x509.ParsePKCS1PrivateKey(keyDer.Bytes) require.NoError(t, err) certFile := filepath.Join(certFixturesDir, "myclient.crt") certPem, err := os.ReadFile(certFile) require.NoError(t, err) certDer, _ := pem.Decode(certPem) require.NotNil(t, certDer) cert, err := x509.ParseCertificate(certDer.Bytes) require.NoError(t, err) eccKeyFile := filepath.Join(certFixturesDir, "myclient-ecc.key") eckeyPem, err := os.ReadFile(eccKeyFile) require.NoError(t, err) _, remainder := pem.Decode(eckeyPem) ecKeyDer, _ := pem.Decode(remainder) require.NotNil(t, ecKeyDer) ecKey, err := x509.ParseECPrivateKey(ecKeyDer.Bytes) require.NoError(t, err) eccCertFile := filepath.Join(certFixturesDir, "myclient-ecc.crt") ecCertPem, err := os.ReadFile(eccCertFile) require.NoError(t, err) ecCertDer, _ := pem.Decode(ecCertPem) require.NotNil(t, ecCertDer) ecCert, err := x509.ParseCertificate(ecCertDer.Bytes) require.NoError(t, err) caFile := filepath.Join(certFixturesDir, "myCA.crt") caPem, err := os.ReadFile(caFile) require.NoError(t, err) caBlock, _ := pem.Decode(caPem) require.NotNil(t, caBlock) caCert, err := x509.ParseCertificate(caBlock.Bytes) require.NoError(t, err) serverKeyFile := filepath.Join(certFixturesDir, "mycert1.key") serverKeyPem, err := os.ReadFile(serverKeyFile) require.NoError(t, err) serverKeyDer, _ := pem.Decode(serverKeyPem) require.NotNil(t, serverKeyDer) serverKey, err := x509.ParsePKCS1PrivateKey(serverKeyDer.Bytes) require.NoError(t, err) serverCertFile := filepath.Join(certFixturesDir, "mycert1.crt") serverCertPem, err := os.ReadFile(serverCertFile) require.NoError(t, err) serverCertDer, _ := pem.Decode(serverCertPem) require.NotNil(t, serverCertDer) serverCert, err := x509.ParseCertificate(serverCertDer.Bytes) require.NoError(t, err) return &tlsFixtures{ Subject: subject, RSA: tlsFixture{ CAFile: caFile, KeyFile: keyFile, CertFile: certFile, LoadedCA: caCert, LoadedKey: key, LoadedCert: cert, }, ECDSA: tlsFixture{ KeyFile: eccKeyFile, CertFile: eccCertFile, LoadedKey: ecKey, LoadedCert: ecCert, }, Server: tlsFixture{ KeyFile: serverKeyFile, CertFile: serverCertFile, LoadedCA: caCert, LoadedKey: serverKey, LoadedCert: serverCert, }, } } func systemCAPool(t testing.TB) *x509.CertPool { if goruntime.GOOS == "windows" { // Windows doesn't have the system cert pool. return x509.NewCertPool() } pool, err := x509.SystemCertPool() require.NoError(t, err) return pool }