mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-07 07:37:02 +02:00
Code Issues Projects Releases Wiki Activity

REGTESTS: ssl: Add checks on ocsp-update log format

Browse Source 
Add checks on the ocsp-update's dedicated log format.
This commit is contained in:
Remi Tricot-Le Breton 2024-03-20 14:13:39 +01:00 committed by William Lallemand
parent 099b5c421c
commit 10ece2cf66
1 changed files with 23 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
reg-tests/ssl/ocsp_auto_update.vtc
View File

@ -112,7 +112,7 @@ haproxy h1 -wait
process p1 "openssl ocsp -index ${testdir}/ocsp_update/index.txt -rsigner ${testdir}/ocsp_update/ocsp.haproxy.com.pem -CA ${testdir}/ocsp_update/ocsp_update_rootca.crt -nrequest 2 -ndays 1 -port 12346 -timeout 5" -start process p1 "openssl ocsp -index ${testdir}/ocsp_update/index.txt -rsigner ${testdir}/ocsp_update/ocsp.haproxy.com.pem -CA ${testdir}/ocsp_update/ocsp_update_rootca.crt -nrequest 2 -ndays 1 -port 12346 -timeout 5" -start
barrier b1 cond 2 -cyclic barrier b1 cond 3 -cyclic
syslog Syslog_http -level info { syslog Syslog_http -level info {
recv recv
@ -124,12 +124,23 @@ syslog Syslog_http -level info {
barrier b1 sync barrier b1 sync
} -start } -start
syslog Syslog_ocsp -level notice {
recv
expect ~ "<OCSP-UPDATE> .*/ocsp_update/multicert_no_ocsp/server_ocsp_rsa.pem 1 \"Update successful\" 0 1"
recv
expect ~ "<OCSP-UPDATE> .*/ocsp_update/multicert_no_ocsp/server_ocsp_ecdsa.pem 1 \"Update successful\" 0 1"
barrier b1 sync
} -start
haproxy h2 -conf { haproxy h2 -conf {
global global
tune.ssl.default-dh-param 2048 tune.ssl.default-dh-param 2048
tune.ssl.capture-buffer-size 1 tune.ssl.capture-buffer-size 1
stats socket "${tmpdir}/h2/stats" level admin stats socket "${tmpdir}/h2/stats" level admin
crt-base ${testdir}/ocsp_update crt-base ${testdir}/ocsp_update
log ${Syslog_ocsp_addr}:${Syslog_ocsp_port} local0 notice notice
defaults defaults
mode http mode http
@ -150,7 +161,7 @@ haproxy h2 -conf {
listen http_rebound_lst listen http_rebound_lst
mode http mode http
option httplog option httplog
log ${Syslog_http_addr}:${Syslog_http_port} local0 log ${Syslog_http_addr}:${Syslog_http_port} local0 info info
bind "127.0.0.1:12345" bind "127.0.0.1:12345"
server s1 "127.0.0.1:12346" server s1 "127.0.0.1:12346"
} -start } -start
@ -471,7 +482,7 @@ process p5 -wait
# #
process p6 "openssl ocsp -index ${testdir}/ocsp_update/index.txt -rsigner ${testdir}/ocsp_update/ocsp.haproxy.com.pem -CA ${testdir}/ocsp_update/ocsp_update_rootca.crt -nrequest 1 -ndays 1 -port 12346 -timeout 5" -start process p6 "openssl ocsp -index ${testdir}/ocsp_update/index.txt -rsigner ${testdir}/ocsp_update/ocsp.haproxy.com.pem -CA ${testdir}/ocsp_update/ocsp_update_rootca.crt -nrequest 1 -ndays 1 -port 12346 -timeout 5" -start
barrier b6 cond 2 -cyclic barrier b6 cond 3 -cyclic
syslog Syslog_http6 -level info { syslog Syslog_http6 -level info {
recv recv
@ -480,12 +491,20 @@ syslog Syslog_http6 -level info {
barrier b6 sync barrier b6 sync
} -start } -start
syslog Syslog_ocsp6 -level notice {
recv
expect ~ "<OCSP-UPDATE> .*/ocsp_update/multicert/server_ocsp.pem.rsa 1 \"Update successful\" 0 1"
barrier b6 sync
} -start
haproxy h6 -conf { haproxy h6 -conf {
global global
tune.ssl.default-dh-param 2048 tune.ssl.default-dh-param 2048
tune.ssl.capture-buffer-size 1 tune.ssl.capture-buffer-size 1
stats socket "${tmpdir}/h6/stats" level admin stats socket "${tmpdir}/h6/stats" level admin
crt-base ${testdir} crt-base ${testdir}
log ${Syslog_ocsp6_addr}:${Syslog_ocsp6_port} local0 notice notice
defaults defaults
mode http mode http
@ -503,7 +522,7 @@ haproxy h6 -conf {
listen http_rebound_lst listen http_rebound_lst
mode http mode http
option httplog option httplog
log ${Syslog_http6_addr}:${Syslog_http6_port} local0 log ${Syslog_http6_addr}:${Syslog_http6_port} local0 info info
bind "127.0.0.1:12345" bind "127.0.0.1:12345"
server s1 "127.0.0.1:12346" server s1 "127.0.0.1:12346"
} -start } -start