1# The syslogd listens on 127.0.0.1 TLS socket.
2# The TCP client writes cleartext into the TLS connection to syslogd.
3# The client connects and closes the connection to syslogd.
4# The syslogd writes the error into a file and through a pipe.
5# Find the error message in file, syslogd log.
6# Check that syslogd writes a log message about the SSL connect error.
7
8use strict;
9use warnings;
10use Socket;
11
12our %args = (
13    client => {
14	connect => { domain => AF_INET, proto => "tcp", addr => "127.0.0.1",
15	    port => 6514 },
16	func => sub {
17	    my $self = shift;
18	    print "Writing cleartext into a TLS connection is a bad idea\n";
19	    ${$self->{syslogd}}->loggrep("tls logger .* connection error", 5)
20		or die ref($self), " no connection error in syslogd.log";
21	},
22	loggrep => {
23	    qr/connect sock: 127.0.0.1 \d+/ => 1,
24	},
25    },
26    syslogd => {
27	options => ["-S", "127.0.0.1:6514"],
28	loggrep => {
29	    qr/syslogd\[\d+\]: tls logger .* accepted/ => 1,
30	    qr/syslogd\[\d+\]: tls logger .* connection error/ => 1,
31	},
32    },
33    server => {
34	func => sub {
35	    my $self = shift;
36	    ${$self->{syslogd}}->loggrep("tls logger .* connection error", 5)
37		or die ref($self), " no connection error in syslogd.log";
38	},
39	loggrep => {},
40    },
41    file => {
42	loggrep => {
43	    qr/syslogd\[\d+\]: tls logger .* connection error: /.
44		qr/handshake failed: error:.*:SSL routines:/.
45		qr/ST_ACCEPT:tlsv1 alert protocol version/ => 1,
46	},
47    },
48    pipe => { nocheck => 1 },
49    tty => { nocheck => 1 },
50);
51
521;
53