diff options
| author | Daniel P. Berrangé <berrange@redhat.com> | 2022-03-04 19:36:08 +0000 |
|---|---|---|
| committer | Eric Blake <eblake@redhat.com> | 2022-03-07 17:12:55 -0600 |
| commit | 3da93d4bc6749d56349cd16340f07ca9825996ed (patch) | |
| tree | f906608410dd7c4ea0180f623534c77e7057fb7e /tests/qemu-iotests/common.tls | |
| parent | ebc0141ba7e5d594ef9ea0efbf841e2e90edea7c (diff) | |
| download | qemu-3da93d4bc6749d56349cd16340f07ca9825996ed.zip qemu-3da93d4bc6749d56349cd16340f07ca9825996ed.tar.gz qemu-3da93d4bc6749d56349cd16340f07ca9825996ed.tar.bz2 | |
tests/qemu-iotests: validate NBD TLS with hostname mismatch
This validates that connections to an NBD server where the certificate
hostname does not match will fail. It further validates that using the
new 'tls-hostname' override option can solve the failure.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20220304193610.3293146-11-berrange@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Diffstat (limited to 'tests/qemu-iotests/common.tls')
| -rw-r--r-- | tests/qemu-iotests/common.tls | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/tests/qemu-iotests/common.tls b/tests/qemu-iotests/common.tls index 6ba28a7..4a57609 100644 --- a/tests/qemu-iotests/common.tls +++ b/tests/qemu-iotests/common.tls @@ -118,12 +118,13 @@ tls_x509_create_server() caname=$1 name=$2 + # We don't include 'localhost' in the cert, as + # we want to keep it unlisted to let tests + # validate hostname override mkdir -p "${tls_dir}/$name" cat > "${tls_dir}/cert.info" <<EOF organization = Cthulhu Dark Lord Enterprises $name -cn = localhost -dns_name = localhost -dns_name = localhost.localdomain +cn = iotests.qemu.org ip_address = 127.0.0.1 ip_address = ::1 tls_www_server |