On 9/17/19 5:35 PM, Richard W.M. Jones wrote: > Test both the TLS enabled and fallback paths. > > nbd-server doesn't appear to support TLS at all, and qemu-nbd is known > not to allow fallback to unencrypted, and therefore it only makes > sense to test nbdkit at the moment. > --- > .gitignore | 4 ++++
> +interop_nbdkit_tls_certs_allow_enabled_SOURCES = interop.c > +interop_nbdkit_tls_certs_allow_enabled_CPPFLAGS = \ > + -I$(top_srcdir)/include \ > + -DSERVER=\"$(NBDKIT)\" \ > + -DSERVER_PARAMS='"--tls=require", "--tls-certificates=../tests/pki", > "-s", "--exit-with-parent", "file", tmpfile' \ Is it worth testing nbdkit's --tls=yes (the counterpart to libnbd TLS_ALLOW), to show that a server that permits but does not require encryption can accept a plaintext client? -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3226 Virtualization: qemu.org | libvirt.org
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Libguestfs mailing list [email protected] https://www.redhat.com/mailman/listinfo/libguestfs
