1QA output created by 233 2 3== preparing TLS creds == 4Generating a self signed certificate... 5Generating a self signed certificate... 6Generating a signed certificate... 7Generating a signed certificate... 8Generating a signed certificate... 9Generating a signed certificate... 10 11== preparing image == 12Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864 13wrote 1048576/1048576 bytes at offset 1048576 141 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) 15 16== check TLS client to plain server fails == 17qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Denied by server for option 5 (starttls) 18server reported: TLS not configured 19qemu-nbd: Denied by server for option 5 (starttls) 20 21== check plain client to TLS server fails == 22qemu-img: Could not open 'nbd://localhost:PORT': TLS negotiation required before option 7 (go) 23Did you forget a valid tls-creds? 24server reported: Option 0x7 not permitted before TLS 25qemu-nbd: TLS negotiation required before option 3 (list) 26 27== check TLS works == 28image: nbd://127.0.0.1:PORT 29file format: nbd 30virtual size: 64 MiB (67108864 bytes) 31disk size: unavailable 32image: nbd://127.0.0.1:PORT 33file format: nbd 34virtual size: 64 MiB (67108864 bytes) 35disk size: unavailable 36exports available: 1 37 export: '' 38 size: 67108864 39 min block: 1 40 41== check TLS with different CA fails == 42qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': The certificate hasn't got a known issuer 43qemu-nbd: The certificate hasn't got a known issuer 44 45== perform I/O over TLS == 46read 1048576/1048576 bytes at offset 1048576 471 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) 48wrote 1048576/1048576 bytes at offset 1048576 491 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) 50read 1048576/1048576 bytes at offset 1048576 511 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) 52 53== check TLS with authorization == 54qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Failed to read option reply: Cannot read from TLS channel: Software caused connection abort 55qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Failed to read option reply: Cannot read from TLS channel: Software caused connection abort 56 57== final server log == 58qemu-nbd: option negotiation failed: Verify failed: No certificate was found. 59qemu-nbd: option negotiation failed: Verify failed: No certificate was found. 60qemu-nbd: option negotiation failed: TLS x509 authz check for DISTINGUISHED-NAME is denied 61qemu-nbd: option negotiation failed: TLS x509 authz check for DISTINGUISHED-NAME is denied 62*** done 63