4 # Exercise encrypted communications between pmcd/clients
5 # Copyright (c) 2012-2013 Red Hat.
9 echo "QA output created by $seq"
18 $sudo $PCP_RC_DIR/pcp restart
2>&1 | _filter_pcp_stop | _filter_pcp_start
26 status
=1 # failure is the default!
27 $sudo rm -rf $tmp.
* $seq.full
28 trap "_cleanup; exit \$status" 0 1 2 3 15
29 $sudo $PCP_RC_DIR/pcp stop | _filter_pcp_stop
31 # real QA test starts here
35 # verify that local clients cannot establish a connection
36 # without having a valid certificate database setup.
37 nss_setup_collector false
39 nss_setup_empty_userdb
40 echo "checking client, no certificate at all. should fail..." |
tee -a $seq.full
41 export PCP_SECURE_SOCKETS
=1
42 yes | pminfo
-h $hostname -f hinv.ncpu
2>&1 |
tee -a $seq.full | nss_filter_pminfo
43 unset PCP_SECURE_SOCKETS
45 # verify that local clients are prompted to establish a connection
46 # when a valid collectoer certificate exists but no client config.
47 nss_setup_collector true
$qahost $hostname
49 nss_setup_empty_userdb
50 echo "checking client, server certificate only. should prompt and fail..." |
tee -a $seq.full
51 export PCP_SECURE_SOCKETS
=1
52 yes | pminfo
-h $hostname -f hinv.ncpu
2>&1 |
tee -a $seq.full | nss_filter_pminfo
53 unset PCP_SECURE_SOCKETS
55 # make the new certificate visible to just this user
56 echo "checking client, user certificate only. should pass..."
57 nss_setup_empty_userdb
58 nss_import_cert_userdb
59 export PCP_SECURE_SOCKETS
=1
60 yes | pminfo
-h $hostname -f hinv.ncpu
2>&1 |
tee -a $seq.full | nss_filter_pminfo
61 unset PCP_SECURE_SOCKETS