On Tue, Nov 20, 2018 at 11:45:54AM -0600, Eric Blake wrote: > On 11/20/18 11:27 AM, Kevin Wolf wrote: > > Am 16.11.2018 um 16:53 hat Daniel P. Berrangé geschrieben: > > > Add tests that validate it is possible to connect to an NBD server > > > running TLS mode. Also test mis-matched TLS vs non-TLS connections > > > correctly fail. > > > > > +echo > > > +echo "== preparing TLS creds ==" > > > + > > > +tls_x509_create_root_ca "ca1" > > > +tls_x509_create_root_ca "ca2" > > > +tls_x509_create_server "ca1" "server1" > > > +tls_x509_create_client "ca1" "client1" > > > +tls_x509_create_client "ca2" "client2" > > > > Looks like we can't blindly assume that certtool exists. This test case > > fails for me, starting with the following diff: > > Looks like we'll need a followup patch to skip the test if certtool is not > found. (I already did the same in common.nbd if 'ss' was not found; so it > should be easy to copy...)
FWIW certtool is part of gnutls-utils and is available on every platform that QEMU officially supports as a build target. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
