1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
# Syslogd gets an empty TLS server key.
# The client cannot connect to 127.0.0.1 TLS socket.
# Check that syslog log contains an error message.
use strict;
use warnings;
use Socket;
my $key = "/etc/ssl/private/127.0.0.1:6514.key";
my $cert = "/etc/ssl/127.0.0.1:6514.crt";
my @sudo = $ENV{SUDO} ? $ENV{SUDO} : ();
my @cmd = (@sudo, "cp", "--", "empty", $key);
system(@cmd) and die "Command '@cmd' failed: $?";
@cmd = (@sudo, "cp", "--", "127.0.0.1.crt", $cert);
system(@cmd) and die "Command '@cmd' failed: $?";
END {
local $?;
my @cmd = (@sudo, "rm", "-f", "--", $key, $cert);
system(@cmd) and warn "Command '@cmd' failed: $?";
}
our %args = (
client => {
func => sub {
my $self = shift;
IO::Socket::INET6->new(
Domain => AF_INET,
Proto => "tcp",
PeerAddr => "127.0.0.1",
PeerPort => 6514,
) and die "tcp socket connect to 127.0.0.1:6514 succeeded";
},
nocheck => 1,
},
syslogd => {
options => ["-S", "127.0.0.1:6514"],
ktrace => {
qr{NAMI "/etc/ssl/private/127.0.0.1:6514.key"} => 1,
qr{NAMI "/etc/ssl/127.0.0.1:6514.crt"} => 1,
qr{NAMI "/etc/ssl/private/127.0.0.1.key"} => 0,
qr{NAMI "/etc/ssl/127.0.0.1.crt"} => 0,
},
loggrep => {
qr{Keyfile $key} => 1,
qr{Certfile $cert} => 1,
qr{tls_configure server: failed to read private key} => 1,
},
},
server => {
noserver => 1,
},
file => { nocheck => 1 },
pipe => { nocheck => 1 },
tty => { nocheck => 1 },
);
1;
|