1# The client writes a message to Sys::Syslog native method. 2# The syslogd writes it into a file and through a pipe. 3# The syslogd passes it via TLS to localhost loghost. 4# The cafile is the system default which has no matching cert. 5# Find the message in client, file, pipe, syslogd log. 6# Check that syslogd has verify failure and server has no message. 7 8use strict; 9use warnings; 10use Socket; 11 12our %args = ( 13 syslogd => { 14 loghost => '@tls://localhost:$connectport', 15 ktrace => { 16 qr{NAMI "/etc/ssl/cert.pem"} => 1, 17 }, 18 loggrep => { 19 qr{CAfile /etc/ssl/cert.pem} => 1, 20 qr/Logging to FORWTLS \@tls:\/\/localhost:\d+/ => '>=4', 21 qr/syslogd: loghost .* connection error: /. 22 qr/handshake failed: error:.*/. 23 qr/SSL3_GET_SERVER_CERTIFICATE:certificate verify failed/ => 2, 24 get_testgrep() => 1, 25 }, 26 cacrt => "default", 27 }, 28 server => { 29 listen => { domain => AF_UNSPEC, proto => "tls", addr => "localhost" }, 30 up => "IO::Socket::SSL socket accept failed", 31 down => "Server", 32 exit => 255, 33 loggrep => { 34 qr/listen sock: (127.0.0.1|::1) \d+/ => 1, 35 qr/SSL accept attempt failed because of handshake problems/ => 1, 36 get_testgrep() => 0, 37 }, 38 }, 39); 40 411; 42