mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-11-30 15:21:04 +01:00
Code Issues Projects Releases Wiki Activity

REGTESTS: quic: issuers_chain_path.vtc supported by QUIC

Browse Source 
ssl/issuers_chain_path.vtc was rename to ssl/issuers_chain_path.vtci
to produce a common part runnable both for QUIC and TCP connections.
Then issuers_chain_path.vtc files were created both under ssl and quic directories
to call this .vtci file with correct VTC_SOCK_TYPE environment values
("quic" for QUIC connection and "stream" for TCP connections);
This commit is contained in:
Frederic Lecaille 2025-11-28 17:06:43 +01:00
parent 57837f09fc
commit d04be01234
3 changed files with 49 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
reg-tests/quic/issuers_chain_path.vtc Normal file
View File

@ -0,0 +1,10 @@
#REGTEST_TYPE=bug
# This reg-test checks if the 'issuers-chain-path' work correctly
#
varnishtest "Test the issuers-chain-path keyword"
feature cmd "$HAPROXY_PROGRAM -cc 'version_atleast(2.6)'"
feature cmd "$HAPROXY_PROGRAM -cc 'feature(QUIC) && feature(OPENSSL) && openssl_version_atleast(1.1.1)'"
feature cmd "command -v openssl && command -v socat"
setenv VTC_SOCK_TYPE quic
include ${testdir}/../ssl/issuers_chain_path.vtci

38
reg-tests/ssl/issuers_chain_path.vtc
View File

@ -5,40 +5,6 @@ varnishtest "Test the issuers-chain-path keyword"
feature cmd "$HAPROXY_PROGRAM -cc 'version_atleast(2.6)'" feature cmd "$HAPROXY_PROGRAM -cc 'version_atleast(2.6)'"
feature cmd "$HAPROXY_PROGRAM -cc 'feature(OPENSSL) && openssl_version_atleast(1.1.1)'" feature cmd "$HAPROXY_PROGRAM -cc 'feature(OPENSSL) && openssl_version_atleast(1.1.1)'"
feature cmd "command -v openssl && command -v socat" feature cmd "command -v openssl && command -v socat"
feature ignore_unknown_macro
haproxy h1 -conf {
global
.if feature(THREAD)
thread-groups 1
.endif
stats socket "${tmpdir}/h1/stats" level admin
issuers-chain-path "${testdir}/certs/issuers-chain-path/ca/"
crt-base "${testdir}/certs/issuers-chain-path"
defaults
mode http
option httplog
log stderr local0 debug err
option logasap
timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
timeout client "${HAPROXY_TEST_TIMEOUT-5s}"
timeout server "${HAPROXY_TEST_TIMEOUT-5s}"
frontend ssl-fe
bind "${tmpdir}/ssl.sock" ssl crt server.pem
http-request return status 200
} -start
# We should have two distinct ocsp responses known that were loaded at build time
haproxy h1 -cli {
send "show ssl cert ${testdir}/certs/issuers-chain-path/server.pem"
expect ~ ".*Chain Filename.*"
send "show ssl cert ${testdir}/certs/issuers-chain-path/server.pem"
expect ~ ".*Chain Subject.*"
}
haproxy h1 -wait
setenv VTC_SOCK_TYPE stream
include ${testdir}/issuers_chain_path.vtci

37
reg-tests/ssl/issuers_chain_path.vtci Normal file
View File

@ -0,0 +1,37 @@
feature ignore_unknown_macro
haproxy h1 -conf {
global
.if feature(THREAD)
thread-groups 1
.endif
stats socket "${tmpdir}/h1/stats" level admin
issuers-chain-path "${testdir}/certs/issuers-chain-path/ca/"
crt-base "${testdir}/certs/issuers-chain-path"
defaults
mode http
option httplog
log stderr local0 debug err
option logasap
timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
timeout client "${HAPROXY_TEST_TIMEOUT-5s}"
timeout server "${HAPROXY_TEST_TIMEOUT-5s}"
frontend ssl-fe
bind "${VTC_SOCK_TYPE}+fd@${ssl_fe}" ssl crt server.pem
http-request return status 200
} -start
# We should have two distinct ocsp responses known that were loaded at build time
haproxy h1 -cli {
send "show ssl cert ${testdir}/certs/issuers-chain-path/server.pem"
expect ~ ".*Chain Filename.*"
send "show ssl cert ${testdir}/certs/issuers-chain-path/server.pem"
expect ~ ".*Chain Subject.*"
}
haproxy h1 -wait