1 #! /bin/bash
2 #
3 # SysDB -- t/integration/ssl.sh
4 # Copyright (C) 2015 Sebastian 'tokkee' Harl <sh@tokkee.org>
5 # All rights reserved.
6 #
7 # Redistribution and use in source and binary forms, with or without
8 # modification, are permitted provided that the following conditions
9 # are met:
10 # 1. Redistributions of source code must retain the above copyright
11 # notice, this list of conditions and the following disclaimer.
12 # 2. Redistributions in binary form must reproduce the above copyright
13 # notice, this list of conditions and the following disclaimer in the
14 # documentation and/or other materials provided with the distribution.
15 #
16 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
17 # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
18 # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19 # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR
20 # CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
21 # EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
22 # PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
23 # OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
24 # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
25 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
26 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 #
29 # Integration tests using SSL connections.
30 #
32 set -ex
34 source "$( dirname "$0" )/test_lib.sh"
36 setup_ssl
38 cat <<EOF > "$SYSDBD_CONF"
39 <Listen "tcp:localhost:12345">
40 SSLCertificate "$SERVER_CERT"
41 SSLCertificateKey "$SERVER_KEY"
42 SSLCACertificates "$CA_CERT"
43 </Listen>
44 PluginDir "$PLUGIN_DIR"
45 LoadPlugin "store::memory"
46 EOF
47 run_sysdbd -D -C "$SYSDBD_CONF"
48 wait_for_sysdbd_tcp localhost 12345
50 run_sysdb -H "localhost:12345" -c 'LIST hosts' -U "$SYSDB_USER-invalid" \
51 -A "$CA_CERT" -C "$CLIENT_CERT" -K "$CLIENT_KEY" && exit 1
53 run_sysdb -H "localhost:12345" -c 'LIST hosts' -U "$SYSDB_USER-invalid" \
54 -A "$CA_CERT" -C "${CLIENT_CERT}.doesnotexist" -K "$CLIENT_KEY" && exit 1
56 run_sysdb -H "localhost:12345" -c 'LIST hosts' -U "$SYSDB_USER" \
57 -A "$CA_CERT" -C "$CLIENT_CERT" -K "$CLIENT_KEY"
59 # vim: set tw=78 sw=4 ts=4 noexpandtab :