1afcd1c2fSDaniel P. BerrangéQA output created by 233 2afcd1c2fSDaniel P. Berrangé 3afcd1c2fSDaniel P. Berrangé== preparing TLS creds == 4afcd1c2fSDaniel P. BerrangéGenerating a self signed certificate... 5afcd1c2fSDaniel P. BerrangéGenerating a self signed certificate... 6afcd1c2fSDaniel P. BerrangéGenerating a signed certificate... 7afcd1c2fSDaniel P. BerrangéGenerating a signed certificate... 8afcd1c2fSDaniel P. BerrangéGenerating a signed certificate... 9*b25e12daSDaniel P. BerrangeGenerating a signed certificate... 10afcd1c2fSDaniel P. Berrangé 11afcd1c2fSDaniel P. Berrangé== preparing image == 12afcd1c2fSDaniel P. BerrangéFormatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864 13bb39c47dSEric Blakewrote 1048576/1048576 bytes at offset 1048576 14bb39c47dSEric Blake1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) 15afcd1c2fSDaniel P. Berrangé 16afcd1c2fSDaniel P. Berrangé== check TLS client to plain server fails == 17afcd1c2fSDaniel P. Berrangéqemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Denied by server for option 5 (starttls) 18afcd1c2fSDaniel P. Berrangéserver reported: TLS not configured 19ddd09448SEric Blakeqemu-nbd: Denied by server for option 5 (starttls) 20ddd09448SEric Blakeserver reported: TLS not configured 21afcd1c2fSDaniel P. Berrangé 22afcd1c2fSDaniel P. Berrangé== check plain client to TLS server fails == 23afcd1c2fSDaniel P. Berrangéqemu-img: Could not open 'nbd://localhost:PORT': TLS negotiation required before option 8 (structured reply) 24afcd1c2fSDaniel P. Berrangéserver reported: Option 0x8 not permitted before TLS 25ddd09448SEric Blakeqemu-nbd: TLS negotiation required before option 8 (structured reply) 26ddd09448SEric Blakeserver reported: Option 0x8 not permitted before TLS 27afcd1c2fSDaniel P. Berrangé 28afcd1c2fSDaniel P. Berrangé== check TLS works == 29afcd1c2fSDaniel P. Berrangéimage: nbd://127.0.0.1:PORT 30afcd1c2fSDaniel P. Berrangéfile format: nbd 31afcd1c2fSDaniel P. Berrangévirtual size: 64M (67108864 bytes) 32afcd1c2fSDaniel P. Berrangédisk size: unavailable 33*b25e12daSDaniel P. Berrangeimage: nbd://127.0.0.1:PORT 34*b25e12daSDaniel P. Berrangefile format: nbd 35*b25e12daSDaniel P. Berrangevirtual size: 64M (67108864 bytes) 36*b25e12daSDaniel P. Berrangedisk size: unavailable 37ddd09448SEric Blakeexports available: 1 38ddd09448SEric Blake export: '' 39ddd09448SEric Blake size: 67108864 40ddd09448SEric Blake flags: 0x4ed ( flush fua trim zeroes df cache ) 41ddd09448SEric Blake min block: 512 42ddd09448SEric Blake opt block: 4096 43ddd09448SEric Blake max block: 33554432 44ddd09448SEric Blake available meta contexts: 1 45ddd09448SEric Blake base:allocation 46afcd1c2fSDaniel P. Berrangé 47afcd1c2fSDaniel P. Berrangé== check TLS with different CA fails == 48afcd1c2fSDaniel P. Berrangéqemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': The certificate hasn't got a known issuer 49ddd09448SEric Blakeqemu-nbd: The certificate hasn't got a known issuer 50bb39c47dSEric Blake 51bb39c47dSEric Blake== perform I/O over TLS == 52bb39c47dSEric Blakeread 1048576/1048576 bytes at offset 1048576 53bb39c47dSEric Blake1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) 54bb39c47dSEric Blakewrote 1048576/1048576 bytes at offset 1048576 55bb39c47dSEric Blake1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) 56bb39c47dSEric Blakeread 1048576/1048576 bytes at offset 1048576 57bb39c47dSEric Blake1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) 58d0898051SEric Blake 59*b25e12daSDaniel P. Berrange== check TLS with authorization == 60*b25e12daSDaniel P. Berrangeqemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=10809,tls-creds=tls0': Failed to read option reply: Cannot read from TLS channel: Software caused connection abort 61*b25e12daSDaniel P. Berrangeqemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=10809,tls-creds=tls0': Failed to read option reply: Cannot read from TLS channel: Software caused connection abort 62*b25e12daSDaniel P. Berrange 63d0898051SEric Blake== final server log == 64d0898051SEric Blakeqemu-nbd: option negotiation failed: Verify failed: No certificate was found. 65ddd09448SEric Blakeqemu-nbd: option negotiation failed: Verify failed: No certificate was found. 66*b25e12daSDaniel P. Berrangeqemu-nbd: option negotiation failed: TLS x509 authz check for CN=localhost,O=Cthulhu Dark Lord Enterprises client1,L=R'lyeh,C=South Pacific is denied 67*b25e12daSDaniel P. Berrangeqemu-nbd: option negotiation failed: TLS x509 authz check for CN=localhost,O=Cthulhu Dark Lord Enterprises client3,L=R'lyeh,C=South Pacific is denied 68afcd1c2fSDaniel P. Berrangé*** done 69