From bb39c47d70e84acf5066f79eba27ae5945b837be Mon Sep 17 00:00:00 2001 From: Eric Blake Date: Sat, 17 Nov 2018 20:24:03 -0600 Subject: [PATCH] iotests: Also test I/O over NBD TLS MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Enhance test 233 to also perform I/O beyond the initial handshake. Signed-off-by: Eric Blake Message-Id: <20181118022403.2211483-1-eblake@redhat.com> Reviewed-by: Daniel P. Berrangé --- tests/qemu-iotests/233 | 12 +++++++++++- tests/qemu-iotests/233.out | 10 ++++++++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/tests/qemu-iotests/233 b/tests/qemu-iotests/233 index 46013cefdc..a4da60d0ad 100755 --- a/tests/qemu-iotests/233 +++ b/tests/qemu-iotests/233 @@ -62,7 +62,7 @@ tls_x509_create_client "ca2" "client2" echo echo "== preparing image ==" _make_test_img 64M - +$QEMU_IO -c 'w -P 0x11 1m 1m' "$TEST_IMG" | _filter_qemu_io echo echo "== check TLS client to plain server fails ==" @@ -96,6 +96,16 @@ $QEMU_IMG info --image-opts \ driver=nbd,host=$nbd_tcp_addr,port=$nbd_tcp_port,tls-creds=tls0 \ 2>&1 | sed "s/$nbd_tcp_port/PORT/g" +echo +echo "== perform I/O over TLS ==" +QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT +$QEMU_IO -c 'r -P 0x11 1m 1m' -c 'w -P 0x22 1m 1m' --image-opts \ + --object tls-creds-x509,dir=${tls_dir}/client1,endpoint=client,id=tls0 \ + driver=nbd,host=$nbd_tcp_addr,port=$nbd_tcp_port,tls-creds=tls0 \ + 2>&1 | _filter_qemu_io + +$QEMU_IO -f qcow2 -r -U -c 'r -P 0x22 1m 1m' "$TEST_IMG" | _filter_qemu_io + # success, all done echo "*** done" rm -f $seq.full diff --git a/tests/qemu-iotests/233.out b/tests/qemu-iotests/233.out index 616e9238c8..94acd9b947 100644 --- a/tests/qemu-iotests/233.out +++ b/tests/qemu-iotests/233.out @@ -9,6 +9,8 @@ Generating a signed certificate... == preparing image == Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864 +wrote 1048576/1048576 bytes at offset 1048576 +1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) == check TLS client to plain server fails == qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Denied by server for option 5 (starttls) @@ -27,4 +29,12 @@ disk size: unavailable == check TLS with different CA fails == option negotiation failed: Verify failed: No certificate was found. qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': The certificate hasn't got a known issuer + +== perform I/O over TLS == +read 1048576/1048576 bytes at offset 1048576 +1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +wrote 1048576/1048576 bytes at offset 1048576 +1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +read 1048576/1048576 bytes at offset 1048576 +1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) *** done