From b22c01d3d889b2f0eee4b3ec10edeb4cabf6b6bc Mon Sep 17 00:00:00 2001 From: Wouter Verhelst Date: Mon, 21 Nov 2016 09:13:33 +0100 Subject: [PATCH] Add a "wrong certificate used" test We want to fail authentication when the certificate in use is one not signed by the correct CA, so ensure that that happens. Signed-off-by: Wouter Verhelst --- tests/run/Makefile.am | 4 +++- tests/run/simple_test | 21 +++++++++++++++++++++ 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/tests/run/Makefile.am b/tests/run/Makefile.am index 2e5c925..c63732b 100644 --- a/tests/run/Makefile.am +++ b/tests/run/Makefile.am @@ -5,7 +5,8 @@ TLSSRC = endif TESTS_ENVIRONMENT=$(srcdir)/simple_test TESTS = cfg1 cfgmulti cfgnew cfgsize write flush integrity dirconfig list \ - rowrite tree rotree unix integrityhuge handshake tls tlshuge + rowrite tree rotree unix integrityhuge handshake tls tlshuge tlswrongcert +XFAIL_TESTS = tlswrongcert check_PROGRAMS = nbd-tester-client ## Various Automake versions don't play nice with files in parent ## directories, so instead work with a local copy @@ -45,3 +46,4 @@ unix: handshake: tls: tlshuge: +tlswrongcert: diff --git a/tests/run/simple_test b/tests/run/simple_test index 14a0b98..2c9c3df 100755 --- a/tests/run/simple_test +++ b/tests/run/simple_test @@ -351,6 +351,27 @@ EOF ./nbd-tester-client -N export1 -i -t "${mydir}/integrityhuge-test.tr" -C "${certdir}/client-cert.pem" -K "${certdir}/client-key.pem" -A "${certdir}/ca-cert.pem" -H localhost 127.0.0.1 retval=$? ;; + */tlswrongcert) + certdir=$(pwd)/certs + cat >${conffile} <