We want to fail authentication when the certificate in use is one not
signed by the correct CA, so ensure that that happens.
Signed-off-by: Wouter Verhelst <w@uter.be>
endif
TESTS_ENVIRONMENT=$(srcdir)/simple_test
TESTS = cfg1 cfgmulti cfgnew cfgsize write flush integrity dirconfig list \
- rowrite tree rotree unix integrityhuge handshake tls tlshuge
+ rowrite tree rotree unix integrityhuge handshake tls tlshuge tlswrongcert
+XFAIL_TESTS = tlswrongcert
check_PROGRAMS = nbd-tester-client
## Various Automake versions don't play nice with files in parent
## directories, so instead work with a local copy
handshake:
tls:
tlshuge:
+tlswrongcert:
./nbd-tester-client -N export1 -i -t "${mydir}/integrityhuge-test.tr" -C "${certdir}/client-cert.pem" -K "${certdir}/client-key.pem" -A "${certdir}/ca-cert.pem" -H localhost 127.0.0.1
retval=$?
;;
+ */tlswrongcert)
+ certdir=$(pwd)/certs
+ cat >${conffile} <<EOF
+[generic]
+ certfile = $certdir/server-cert.pem
+ keyfile = $certdir/server-key.pem
+ cacertfile = $certdir/ca-cert.pem
+[export1]
+ exportname = $tmpnam
+ flush = true
+ fua = true
+ rotational = true
+ filesize = 52428800
+ temporary = true
+EOF
+ ../../nbd-server -C ${conffile} -p ${pidfile} &
+ PID=$!
+ sleep 1
+ ./nbd-tester-client -N export1 "${mydir}/integrity-test.tr" -C "${certdir}/selfsigned-cert.pem" -K "${certdir}/selfsigned-key.pem" localhost
+ retval=$?
+ ;;
*)
echo "E: unknown test $1"
exit 1