tests/qemu-iotests/233.out - qemu - Git at Google

 QA output created by 233

 == preparing TLS creds ==
 Generating a self signed certificate...
 Generating a self signed certificate...
 Generating a signed certificate...
 Generating a signed certificate...
 Generating a signed certificate...
 Generating a signed certificate...
 Generating a random key for user 'psk1'
 Generating a random key for user 'psk2'

 == preparing image ==
 Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
 wrote 1048576/1048576 bytes at offset 1048576
 1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)

 == check TLS client to plain server fails ==
 qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Denied by server for option 5 (starttls)
 server reported: TLS not configured
 qemu-nbd: Denied by server for option 5 (starttls)

 == check plain client to TLS server fails ==
 qemu-img: Could not open 'nbd://localhost:PORT': TLS negotiation required before option 7 (go)
 Did you forget a valid tls-creds?
 server reported: Option 0x7 not permitted before TLS
 qemu-nbd: TLS negotiation required before option 3 (list)

 == check TLS works ==
 image: nbd://127.0.0.1:PORT
 file format: nbd
 virtual size: 64 MiB (67108864 bytes)
 disk size: unavailable
 image: nbd://127.0.0.1:PORT
 file format: nbd
 virtual size: 64 MiB (67108864 bytes)
 disk size: unavailable
 exports available: 1
  export: ''
   size:  67108864
   min block: 1
   transaction size: 64-bit

 == check TLS fail over TCP with mismatched hostname ==
 qemu-img: Could not open 'driver=nbd,host=localhost,port=PORT,tls-creds=tls0': Certificate does not match the hostname localhost
 qemu-nbd: Certificate does not match the hostname localhost

 == check TLS works over TCP with mismatched hostname and override ==
 image: nbd://localhost:PORT
 file format: nbd
 virtual size: 64 MiB (67108864 bytes)
 disk size: unavailable
 exports available: 1
  export: ''
   size:  67108864
   min block: 1
   transaction size: 64-bit

 == check TLS with different CA fails ==
 qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': The certificate hasn't got a known issuer
 qemu-nbd: The certificate hasn't got a known issuer

 == perform I/O over TLS ==
 read 1048576/1048576 bytes at offset 1048576
 1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
 wrote 1048576/1048576 bytes at offset 1048576
 1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
 read 1048576/1048576 bytes at offset 1048576
 1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)

 == check TLS with authorization ==
 qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Failed to read option reply: Cannot read from TLS channel: Software caused connection abort
 qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Failed to read option reply: Cannot read from TLS channel: Software caused connection abort

 == check TLS fail over UNIX with no hostname ==
 qemu-img: Could not open 'driver=nbd,path=SOCK_DIR/qemu-nbd.sock,tls-creds=tls0': No hostname for certificate validation
 qemu-nbd: No hostname for certificate validation

 == check TLS works over UNIX with hostname override ==
 image: nbd+unix://?socket=SOCK_DIR/qemu-nbd.sock
 file format: nbd
 virtual size: 64 MiB (67108864 bytes)
 disk size: unavailable
 exports available: 1
  export: ''
   size:  67108864
   min block: 1
   transaction size: 64-bit

 == check TLS works over UNIX with PSK ==
 image: nbd+unix://?socket=SOCK_DIR/qemu-nbd.sock
 file format: nbd
 virtual size: 64 MiB (67108864 bytes)
 disk size: unavailable
 exports available: 1
  export: ''
   size:  67108864
   min block: 1
   transaction size: 64-bit

 == check TLS fails over UNIX with mismatch PSK ==
 qemu-img: Could not open 'driver=nbd,path=SOCK_DIR/qemu-nbd.sock,tls-creds=tls0': TLS handshake failed: The TLS connection was non-properly terminated.
 qemu-nbd: TLS handshake failed: The TLS connection was non-properly terminated.

 == final server log ==
 qemu-nbd: option negotiation failed: Failed to read opts magic: Cannot read from TLS channel: Software caused connection abort
 qemu-nbd: option negotiation failed: Failed to read opts magic: Cannot read from TLS channel: Software caused connection abort
 qemu-nbd: option negotiation failed: Verify failed: No certificate was found.
 qemu-nbd: option negotiation failed: Verify failed: No certificate was found.
 qemu-nbd: option negotiation failed: TLS x509 authz check for DISTINGUISHED-NAME is denied
 qemu-nbd: option negotiation failed: TLS x509 authz check for DISTINGUISHED-NAME is denied
 qemu-nbd: option negotiation failed: Failed to read opts magic: Cannot read from TLS channel: Software caused connection abort
 qemu-nbd: option negotiation failed: Failed to read opts magic: Cannot read from TLS channel: Software caused connection abort
 qemu-nbd: option negotiation failed: TLS handshake failed: An illegal parameter has been received.
 qemu-nbd: option negotiation failed: TLS handshake failed: An illegal parameter has been received.
 *** done
	QA output created by 233

	== preparing TLS creds ==
	Generating a self signed certificate...
	Generating a self signed certificate...
	Generating a signed certificate...
	Generating a signed certificate...
	Generating a signed certificate...
	Generating a signed certificate...
	Generating a random key for user 'psk1'
	Generating a random key for user 'psk2'

	== preparing image ==
	Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
	wrote 1048576/1048576 bytes at offset 1048576
	1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)

	== check TLS client to plain server fails ==
	qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Denied by server for option 5 (starttls)
	server reported: TLS not configured
	qemu-nbd: Denied by server for option 5 (starttls)

	== check plain client to TLS server fails ==
	qemu-img: Could not open 'nbd://localhost:PORT': TLS negotiation required before option 7 (go)
	Did you forget a valid tls-creds?
	server reported: Option 0x7 not permitted before TLS
	qemu-nbd: TLS negotiation required before option 3 (list)

	== check TLS works ==
	image: nbd://127.0.0.1:PORT
	file format: nbd
	virtual size: 64 MiB (67108864 bytes)
	disk size: unavailable
	image: nbd://127.0.0.1:PORT
	file format: nbd
	virtual size: 64 MiB (67108864 bytes)
	disk size: unavailable
	exports available: 1
	export: ''
	size: 67108864
	min block: 1
	transaction size: 64-bit

	== check TLS fail over TCP with mismatched hostname ==
	qemu-img: Could not open 'driver=nbd,host=localhost,port=PORT,tls-creds=tls0': Certificate does not match the hostname localhost
	qemu-nbd: Certificate does not match the hostname localhost

	== check TLS works over TCP with mismatched hostname and override ==
	image: nbd://localhost:PORT
	file format: nbd
	virtual size: 64 MiB (67108864 bytes)
	disk size: unavailable
	exports available: 1
	export: ''
	size: 67108864
	min block: 1
	transaction size: 64-bit

	== check TLS with different CA fails ==
	qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': The certificate hasn't got a known issuer
	qemu-nbd: The certificate hasn't got a known issuer

	== perform I/O over TLS ==
	read 1048576/1048576 bytes at offset 1048576
	1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
	wrote 1048576/1048576 bytes at offset 1048576
	1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
	read 1048576/1048576 bytes at offset 1048576
	1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)

	== check TLS with authorization ==
	qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Failed to read option reply: Cannot read from TLS channel: Software caused connection abort
	qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Failed to read option reply: Cannot read from TLS channel: Software caused connection abort

	== check TLS fail over UNIX with no hostname ==
	qemu-img: Could not open 'driver=nbd,path=SOCK_DIR/qemu-nbd.sock,tls-creds=tls0': No hostname for certificate validation
	qemu-nbd: No hostname for certificate validation

	== check TLS works over UNIX with hostname override ==
	image: nbd+unix://?socket=SOCK_DIR/qemu-nbd.sock
	file format: nbd
	virtual size: 64 MiB (67108864 bytes)
	disk size: unavailable
	exports available: 1
	export: ''
	size: 67108864
	min block: 1
	transaction size: 64-bit

	== check TLS works over UNIX with PSK ==
	image: nbd+unix://?socket=SOCK_DIR/qemu-nbd.sock
	file format: nbd
	virtual size: 64 MiB (67108864 bytes)
	disk size: unavailable
	exports available: 1
	export: ''
	size: 67108864
	min block: 1
	transaction size: 64-bit

	== check TLS fails over UNIX with mismatch PSK ==
	qemu-img: Could not open 'driver=nbd,path=SOCK_DIR/qemu-nbd.sock,tls-creds=tls0': TLS handshake failed: The TLS connection was non-properly terminated.
	qemu-nbd: TLS handshake failed: The TLS connection was non-properly terminated.

	== final server log ==
	qemu-nbd: option negotiation failed: Failed to read opts magic: Cannot read from TLS channel: Software caused connection abort
	qemu-nbd: option negotiation failed: Failed to read opts magic: Cannot read from TLS channel: Software caused connection abort
	qemu-nbd: option negotiation failed: Verify failed: No certificate was found.
	qemu-nbd: option negotiation failed: Verify failed: No certificate was found.
	qemu-nbd: option negotiation failed: TLS x509 authz check for DISTINGUISHED-NAME is denied
	qemu-nbd: option negotiation failed: TLS x509 authz check for DISTINGUISHED-NAME is denied
	qemu-nbd: option negotiation failed: Failed to read opts magic: Cannot read from TLS channel: Software caused connection abort
	qemu-nbd: option negotiation failed: Failed to read opts magic: Cannot read from TLS channel: Software caused connection abort
	qemu-nbd: option negotiation failed: TLS handshake failed: An illegal parameter has been received.
	qemu-nbd: option negotiation failed: TLS handshake failed: An illegal parameter has been received.
	*** done