1# The client writes a message to Sys::Syslog native method. 2# The syslogd writes it into a file and through a pipe. 3# The syslogd passes it via TLS to localhost loghost. 4# The cafile is a fake ca with correct DN but wrong key. 5# Find the message in client, file, pipe, syslogd log. 6# Check that syslogd has verify failure and server has no message. 7 8use strict; 9use warnings; 10use Errno ':POSIX'; 11use Socket; 12 13my @errors = (EPIPE); 14my $errors = "(". join("|", map { $! = $_ } @errors). ")"; 15 16our %args = ( 17 syslogd => { 18 loghost => '@tls://localhost:$connectport', 19 loggrep => { 20 qr/CAfile fake-ca.crt/ => 1, 21 qr/Logging to FORWTLS \@tls:\/\/localhost:\d+/ => '>=4', 22 qr/syslogd\[\d+\]: loghost .* connection error: /. 23 qr/certificate verification failed: /. 24 qr/certificate signature failure/ => 1, 25 get_testgrep() => 1, 26 }, 27 cacrt => "fake-ca.crt", 28 }, 29 server => { 30 listen => { domain => AF_UNSPEC, proto => "tls", addr => "localhost" }, 31 up => "IO::Socket::SSL socket accept failed", 32 down => "Server", 33 exit => 255, 34 loggrep => { 35 qr/listen sock: (127.0.0.1|::1) \d+/ => 1, 36 qr/IO::Socket::SSL socket accept failed: /. 37 qr/.*,SSL accept attempt failed error:.*/. 38 qr/(tlsv1 alert decrypt error|$errors)/ => 1, 39 get_testgrep() => 0, 40 }, 41 }, 42); 43 441; 45