File: test-nbd-tls.sh

package info (click to toggle)
nbdkit 1.46.2-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 15,504 kB
  • sloc: ansic: 63,658; sh: 18,717; makefile: 6,814; python: 1,848; cpp: 1,143; perl: 504; ml: 504; tcl: 62
file content (73 lines) | stat: -rwxr-xr-x 2,662 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
 
#!/usr/bin/env bash
# nbdkit
# Copyright Red Hat
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
#
# * Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# * Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# * Neither the name of Red Hat nor the names of its contributors may be
# used to endorse or promote products derived from this software without
# specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY RED HAT AND CONTRIBUTORS ''AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
# PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL RED HAT OR
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.

source ./functions.sh
set -e
set -x
set -u

requires "$QEMU_IMG" --version
requires_tls_certificates

# Does the nbd plugin support TLS?
if ! nbdkit --dump-plugin nbd | grep -sq libnbd_tls=1; then
    echo "$0: nbd plugin built without TLS support"
    exit 77
fi

sock1=$(mktemp -u /tmp/nbdkit-test-sock.XXXXXX)
sock2=$(mktemp -u /tmp/nbdkit-test-sock.XXXXXX)
pid1="test-nbd-tls.pid1"
pid2="test-nbd-tls.pid2"

files="$sock1 $sock2 $pid1 $pid2 nbd-tls.out"
rm -f $files
cleanup_fn rm -f $files

# Run nbd plugin as intermediary. Start this first, so it will be
# terminated before the encrypted server (terminating a client is
# easy, while terminating a server waits until there are no clients)
start_nbdkit -P "$pid2" -U "$sock2" --tls=off \
    nbd tls=require tls-certificates="$pkidir" socket="$sock1"

# Run encrypted server
start_nbdkit -P "$pid1" -U "$sock1" \
    --tls=require --tls-certificates="$pkidir" -D nbdkit.tls.session=1 \
    example1

# Run unencrypted client
"$QEMU_IMG" info --output=json -f raw "nbd+unix:///?socket=$sock2" > nbd-tls.out

cat nbd-tls.out

grep -sq '"format": *"raw"' nbd-tls.out
grep -sq '"virtual-size": *104857600\b' nbd-tls.out