[Libguestfs] [PATCH libnbd 5/5] interop: Add tests of nbdkit + LIBNBD_TLS_ALLOW.
Eric Blake
eblake at redhat.com
Wed Sep 18 12:41:50 UTC 2019
On 9/17/19 5:35 PM, Richard W.M. Jones wrote:
> Test both the TLS enabled and fallback paths.
>
> nbd-server doesn't appear to support TLS at all, and qemu-nbd is known
> not to allow fallback to unencrypted, and therefore it only makes
> sense to test nbdkit at the moment.
> ---
> .gitignore | 4 ++++
> +interop_nbdkit_tls_certs_allow_enabled_SOURCES = interop.c
> +interop_nbdkit_tls_certs_allow_enabled_CPPFLAGS = \
> + -I$(top_srcdir)/include \
> + -DSERVER=\"$(NBDKIT)\" \
> + -DSERVER_PARAMS='"--tls=require", "--tls-certificates=../tests/pki", "-s", "--exit-with-parent", "file", tmpfile' \
Is it worth testing nbdkit's --tls=yes (the counterpart to libnbd
TLS_ALLOW), to show that a server that permits but does not require
encryption can accept a plaintext client?
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3226
Virtualization: qemu.org | libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libguestfs/attachments/20190918/fb5724ca/attachment.sig>
More information about the Libguestfs
mailing list