1# The client writes a message to Sys::Syslog native method.
2# The syslogd writes it into a file and through a pipe.
3# The syslogd passes it via TLS to localhost loghost.
4# The cafile is a fake ca with correct DN but wrong key.
5# Find the message in client, file, pipe, syslogd log.
6# Check that syslogd has verify failure and server has no message.
7
8use strict;
9use warnings;
10use Socket;
11
12our %args = (
13    syslogd => {
14	loghost => '@tls://localhost:$connectport',
15	loggrep => {
16	    qr/CAfile fake-ca.crt/ => 1,
17	    qr/Logging to FORWTLS \@tls:\/\/localhost:\d+/ => '>=4',
18	    qr/syslogd\[\d+\]: loghost .* connection error: /.
19		qr/certificate verification failed: /.
20		qr/certificate signature failure/ => 1,
21	    get_testgrep() => 1,
22	},
23	cacrt => "fake-ca.crt",
24    },
25    server => {
26	listen => { domain => AF_UNSPEC, proto => "tls", addr => "localhost" },
27	up => "IO::Socket::SSL socket accept failed",
28	down => "Server",
29	exit => 255,
30	loggrep => {
31	    qr/listen sock: (127.0.0.1|::1) \d+/ => 1,
32	    qr/SSL accept attempt failed because of handshake problems/ => 1,
33	    get_testgrep() => 0,
34	},
35    },
36);
37
381;
39