1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
#!/bin/sh
# PCP QA Test No. 714
#
# Exercise encrypted communications between pmcd/clients
# Copyright (c) 2013 Red Hat.
#
seq=`basename $0`
echo "QA output created by $seq"
. ./common.secure
nss_notrun_checks
_cleanup()
{
nss_cleanup
_service pcp restart 2>&1 | _filter_pcp_restart
_wait_for_pmcd
_wait_for_pmlogger
$sudo rm -f $tmp.*
$sudo rm -fr $tmp
}
status=1 # failure is the default!
trap "_cleanup; exit \$status" 0 1 2 3 15
if ! _service pmlogger stop 2>&1; then _exit 1; fi \
| _filter_pcp_stop
_wait_pmlogger_end || _exit 1
if ! _service pmcd stop 2>&1; then _exit 1; fi \
| _filter_pcp_stop
_wait_pmcd_end || _exit 1
# real QA test starts here
nss_backup
nss_setup_randomness
# verify that local clients are warned if establishing a connection
# when an invalid collecter certificate is presented (DNS mismatch).
nss_setup_collector true $qahost $hostname
nss_setup_empty_userdb
nss_import_cert_userdb
nss_setup_collector true no.such.host.pcp.io no
echo "checking client, bad server certificate. should fail DNS check..." | tee -a $seq_full
PCP_SECURE_SOCKETS=1; export PCP_SECURE_SOCKETS
yes | pminfo -h $hostname -f hinv.ncpu 2>&1 | tee -a $seq_full | nss_filter_pminfo
unset PCP_SECURE_SOCKETS
# success, all done
status=0
exit
|
