diff options
Diffstat (limited to 'qa/712')
| -rwxr-xr-x | qa/712 | 65 |
1 files changed, 65 insertions, 0 deletions
@@ -0,0 +1,65 @@ +#!/bin/sh +# PCP QA Test No. 712 +# +# Exercise encrypted communications between pmcd/clients +# Copyright (c) 2012-2013 Red Hat. +# + +seq=`basename $0` +echo "QA output created by $seq" + +. ./common.secure +nss_notrun_checks + +_cleanup() +{ + nss_cleanup + + $sudo $PCP_RC_DIR/pcp restart 2>&1 | _filter_pcp_stop | _filter_pcp_start + _wait_for_pmcd + _wait_for_pmlogger + + $sudo rm -f $tmp.* + $sudo rm -fr $tmp +} + +status=1 # failure is the default! +$sudo rm -rf $tmp.* $seq.full +trap "_cleanup; exit \$status" 0 1 2 3 15 +$sudo $PCP_RC_DIR/pcp stop | _filter_pcp_stop + +# real QA test starts here +nss_backup +nss_setup_randomness + +# verify that local clients cannot establish a connection +# without having a valid certificate database setup. +nss_setup_collector false + +nss_setup_empty_userdb +echo "checking client, no certificate at all. should fail..." | tee -a $seq.full +export PCP_SECURE_SOCKETS=1 +yes | pminfo -h $hostname -f hinv.ncpu 2>&1 | tee -a $seq.full | nss_filter_pminfo +unset PCP_SECURE_SOCKETS + +# verify that local clients are prompted to establish a connection +# when a valid collectoer certificate exists but no client config. +nss_setup_collector true $qahost $hostname + +nss_setup_empty_userdb +echo "checking client, server certificate only. should prompt and fail..." | tee -a $seq.full +export PCP_SECURE_SOCKETS=1 +yes | pminfo -h $hostname -f hinv.ncpu 2>&1 | tee -a $seq.full | nss_filter_pminfo +unset PCP_SECURE_SOCKETS + +# make the new certificate visible to just this user +echo "checking client, user certificate only. should pass..." +nss_setup_empty_userdb +nss_import_cert_userdb +export PCP_SECURE_SOCKETS=1 +yes | pminfo -h $hostname -f hinv.ncpu 2>&1 | tee -a $seq.full | nss_filter_pminfo +unset PCP_SECURE_SOCKETS + +# success, all done +status=0 +exit |