b491dbb7f8
The server side is fairly straightforward: we can always advertise support for detection of fast zero, and implement it by mapping the request to the block layer BDRV_REQ_NO_FALLBACK. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20190823143726.27062-5-eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> [eblake: update iotests 223, 233]
69 lines
2.8 KiB
Plaintext
69 lines
2.8 KiB
Plaintext
QA output created by 233
|
|
|
|
== preparing TLS creds ==
|
|
Generating a self signed certificate...
|
|
Generating a self signed certificate...
|
|
Generating a signed certificate...
|
|
Generating a signed certificate...
|
|
Generating a signed certificate...
|
|
Generating a signed certificate...
|
|
|
|
== preparing image ==
|
|
Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
|
|
wrote 1048576/1048576 bytes at offset 1048576
|
|
1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
|
|
|
|
== check TLS client to plain server fails ==
|
|
qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Denied by server for option 5 (starttls)
|
|
server reported: TLS not configured
|
|
qemu-nbd: Denied by server for option 5 (starttls)
|
|
server reported: TLS not configured
|
|
|
|
== check plain client to TLS server fails ==
|
|
qemu-img: Could not open 'nbd://localhost:PORT': TLS negotiation required before option 7 (go)
|
|
server reported: Option 0x7 not permitted before TLS
|
|
qemu-nbd: TLS negotiation required before option 3 (list)
|
|
server reported: Option 0x3 not permitted before TLS
|
|
|
|
== check TLS works ==
|
|
image: nbd://127.0.0.1:PORT
|
|
file format: nbd
|
|
virtual size: 64 MiB (67108864 bytes)
|
|
disk size: unavailable
|
|
image: nbd://127.0.0.1:PORT
|
|
file format: nbd
|
|
virtual size: 64 MiB (67108864 bytes)
|
|
disk size: unavailable
|
|
exports available: 1
|
|
export: ''
|
|
size: 67108864
|
|
flags: 0xced ( flush fua trim zeroes df cache fast-zero )
|
|
min block: 1
|
|
opt block: 4096
|
|
max block: 33554432
|
|
available meta contexts: 1
|
|
base:allocation
|
|
|
|
== check TLS with different CA fails ==
|
|
qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': The certificate hasn't got a known issuer
|
|
qemu-nbd: The certificate hasn't got a known issuer
|
|
|
|
== perform I/O over TLS ==
|
|
read 1048576/1048576 bytes at offset 1048576
|
|
1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
|
|
wrote 1048576/1048576 bytes at offset 1048576
|
|
1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
|
|
read 1048576/1048576 bytes at offset 1048576
|
|
1 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
|
|
|
|
== check TLS with authorization ==
|
|
qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Failed to read option reply: Cannot read from TLS channel: Software caused connection abort
|
|
qemu-img: Could not open 'driver=nbd,host=127.0.0.1,port=PORT,tls-creds=tls0': Failed to read option reply: Cannot read from TLS channel: Software caused connection abort
|
|
|
|
== final server log ==
|
|
qemu-nbd: option negotiation failed: Verify failed: No certificate was found.
|
|
qemu-nbd: option negotiation failed: Verify failed: No certificate was found.
|
|
qemu-nbd: option negotiation failed: TLS x509 authz check for CN=localhost,O=Cthulhu Dark Lord Enterprises client1,L=R'lyeh,C=South Pacific is denied
|
|
qemu-nbd: option negotiation failed: TLS x509 authz check for CN=localhost,O=Cthulhu Dark Lord Enterprises client3,L=R'lyeh,C=South Pacific is denied
|
|
*** done
|