blob: e9f6acd262d5ab5ab2b6d020e3341166106f71e5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
#!/bin/bash
# This file is part of the rsyslog project, released under ASL 2.0
. ${srcdir:=.}/diag.sh init
printf 'using TLS driver: %s\n' ${RS_TLS_DRIVER:=gtls}
# start up the instances
# export RSYSLOG_DEBUG="debug nostdout noprintmutexaction"
export RSYSLOG_DEBUGLOG="$RSYSLOG_DYNNAME.receiver.debuglog"
generate_conf
add_conf '
global(
defaultNetstreamDriverCAFile="'$srcdir/testsuites/x.509/ca.pem'"
defaultNetstreamDriverCertFile="'$srcdir/testsuites/x.509/client-cert.pem'"
defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-key.pem'"
defaultNetstreamDriver="'$RS_TLS_DRIVER'"
# debug.whitelist="on"
# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
StreamDriver.Name="'$RS_TLS_DRIVER'"
StreamDriver.Mode="1"
StreamDriver.AuthMode="x509/certvalid"
StreamDriver.PermitExpiredCerts="off"
)
input(type="imtcp" port="0" listenPortFileName="'$RSYSLOG_DYNNAME'.tcpflood_port")
action(type="omfile" file="'$RSYSLOG_OUT_LOG'")
'
startup
export PORT_RCVR=$TCPFLOOD_PORT
export RSYSLOG_DEBUGLOG="$RSYSLOG_DYNNAME.sender.debuglog"
#valgrind="valgrind"
generate_conf 2
add_conf '
global(
defaultNetstreamDriverCAFile="'$srcdir/testsuites/x.509/ca.pem'"
defaultNetstreamDriverCertFile="'$srcdir/testsuites/x.509/client-expired-cert.pem'"
defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-expired-key.pem'"
defaultNetstreamDriver="'$RS_TLS_DRIVER'"
)
# set up the action
$ActionSendStreamDriverMode 1 # require TLS for the connection
$ActionSendStreamDriverAuthMode anon
*.* @@127.0.0.1:'$PORT_RCVR'
' 2
startup 2
# now inject the messages into instance 2. It will connect to instance 1,
# and that instance will record the data.
injectmsg2
# shut down sender when everything is sent, receiver continues to run concurrently
shutdown_when_empty 2
wait_shutdown 2
# now it is time to stop the receiver as well
shutdown_when_empty
wait_shutdown
content_check --regex "not permitted to talk to peer '.*', certificate invalid: certificate expired"
exit_test
|