REGTESTS: quic: issuers_chain_path.vtc supported by QUIC

ssl/issuers_chain_path.vtc was rename to ssl/issuers_chain_path.vtci to produce a common part runnable both for QUIC and TCP connections. Then issuers_chain_path.vtc files were created both under ssl and quic directories to call this .vtci file with correct VTC_SOCK_TYPE environment values ("quic" for QUIC connection and "stream" for TCP connections);
2025-11-29 23:01:03 +01:00 · 2025-11-28 17:06:43 +01:00 · 2025-11-28 17:06:43 +01:00 · d04be01234
commit d04be01234
parent 57837f09fc
3 changed files with 49 additions and 36 deletions
--- a/reg-tests/quic/issuers_chain_path.vtc
+++ b/reg-tests/quic/issuers_chain_path.vtc
@ -0,0 +1,10 @@
+#REGTEST_TYPE=bug
+# This reg-test checks if the 'issuers-chain-path' work correctly
+#
+varnishtest "Test the issuers-chain-path keyword"
+feature cmd "$HAPROXY_PROGRAM -cc 'version_atleast(2.6)'"
+feature cmd "$HAPROXY_PROGRAM -cc 'feature(QUIC) && feature(OPENSSL) && openssl_version_atleast(1.1.1)'"
+feature cmd "command -v openssl && command -v socat"
+
+setenv VTC_SOCK_TYPE quic
+include ${testdir}/../ssl/issuers_chain_path.vtci
--- a/reg-tests/ssl/issuers_chain_path.vtc
+++ b/reg-tests/ssl/issuers_chain_path.vtc
@ -5,40 +5,6 @@ varnishtest "Test the issuers-chain-path keyword"
 feature cmd "$HAPROXY_PROGRAM -cc 'version_atleast(2.6)'"
 feature cmd "$HAPROXY_PROGRAM -cc 'feature(OPENSSL) && openssl_version_atleast(1.1.1)'"
 feature cmd "command -v openssl && command -v socat"
-feature ignore_unknown_macro
-
-haproxy h1 -conf {
-    global
-    .if feature(THREAD)
-        thread-groups 1
-    .endif
-
-        stats socket "${tmpdir}/h1/stats" level admin
-        issuers-chain-path "${testdir}/certs/issuers-chain-path/ca/"
-        crt-base "${testdir}/certs/issuers-chain-path"
-
-    defaults
-        mode http
-        option httplog
-        log stderr local0 debug err
-        option logasap
-        timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
-        timeout client  "${HAPROXY_TEST_TIMEOUT-5s}"
-        timeout server  "${HAPROXY_TEST_TIMEOUT-5s}"
-
-    frontend ssl-fe
-        bind "${tmpdir}/ssl.sock" ssl crt server.pem
-        http-request return status 200
-} -start
-
-
-# We should have two distinct ocsp responses known that were loaded at build time
-haproxy h1 -cli {
-	send "show ssl cert ${testdir}/certs/issuers-chain-path/server.pem"
-	expect ~ ".*Chain Filename.*"
-	send "show ssl cert ${testdir}/certs/issuers-chain-path/server.pem"
-	expect ~ ".*Chain Subject.*"
-}
-
-haproxy h1 -wait

+setenv VTC_SOCK_TYPE stream
+include ${testdir}/issuers_chain_path.vtci
--- a/reg-tests/ssl/issuers_chain_path.vtci
+++ b/reg-tests/ssl/issuers_chain_path.vtci
@ -0,0 +1,37 @@
+feature ignore_unknown_macro
+
+haproxy h1 -conf {
+    global
+    .if feature(THREAD)
+        thread-groups 1
+    .endif
+
+        stats socket "${tmpdir}/h1/stats" level admin
+        issuers-chain-path "${testdir}/certs/issuers-chain-path/ca/"
+        crt-base "${testdir}/certs/issuers-chain-path"
+
+    defaults
+        mode http
+        option httplog
+        log stderr local0 debug err
+        option logasap
+        timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
+        timeout client  "${HAPROXY_TEST_TIMEOUT-5s}"
+        timeout server  "${HAPROXY_TEST_TIMEOUT-5s}"
+
+    frontend ssl-fe
+        bind "${VTC_SOCK_TYPE}+fd@${ssl_fe}" ssl crt server.pem
+        http-request return status 200
+} -start
+
+
+# We should have two distinct ocsp responses known that were loaded at build time
+haproxy h1 -cli {
+	send "show ssl cert ${testdir}/certs/issuers-chain-path/server.pem"
+	expect ~ ".*Chain Filename.*"
+	send "show ssl cert ${testdir}/certs/issuers-chain-path/server.pem"
+	expect ~ ".*Chain Subject.*"
+}
+
+haproxy h1 -wait
+