diff --git a/reg-tests/checks/ssl-hello-check.vtc b/reg-tests/checks/ssl-hello-check.vtc index 7cabfabc8..a44b6e15c 100644 --- a/reg-tests/checks/ssl-hello-check.vtc +++ b/reg-tests/checks/ssl-hello-check.vtc @@ -24,7 +24,9 @@ syslog S3 -level notice { haproxy htst -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif defaults mode tcp diff --git a/reg-tests/checks/tcp-check-ssl.vtc b/reg-tests/checks/tcp-check-ssl.vtc index 9ad0dfab5..4020f73f5 100644 --- a/reg-tests/checks/tcp-check-ssl.vtc +++ b/reg-tests/checks/tcp-check-ssl.vtc @@ -29,7 +29,9 @@ syslog S4 -level notice { haproxy htst -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif defaults mode tcp diff --git a/reg-tests/checks/tls_health_checks.vtc b/reg-tests/checks/tls_health_checks.vtc index e94a2c719..9c3039f53 100644 --- a/reg-tests/checks/tls_health_checks.vtc +++ b/reg-tests/checks/tls_health_checks.vtc @@ -34,7 +34,9 @@ syslog S1 -level notice { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif defaults mode http @@ -83,7 +85,9 @@ syslog S6 -level notice { haproxy h2 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif defaults timeout client "${HAPROXY_TEST_TIMEOUT-5s}" diff --git a/reg-tests/connection/proxy_protocol_random_fail.vtc b/reg-tests/connection/proxy_protocol_random_fail.vtc index 1ae33deb9..93667decf 100644 --- a/reg-tests/connection/proxy_protocol_random_fail.vtc +++ b/reg-tests/connection/proxy_protocol_random_fail.vtc @@ -24,7 +24,9 @@ syslog Slog_1 -repeat 8 -level info { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif log ${Slog_1_addr}:${Slog_1_port} len 2048 local0 debug err defaults diff --git a/reg-tests/jwt/jws_verify.vtc b/reg-tests/jwt/jws_verify.vtc index 43d37c755..57a2ee239 100644 --- a/reg-tests/jwt/jws_verify.vtc +++ b/reg-tests/jwt/jws_verify.vtc @@ -23,7 +23,9 @@ server s1 -repeat 24 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h1/stats" level admin diff --git a/reg-tests/ssl/add_ssl_crt-list.vtc b/reg-tests/ssl/add_ssl_crt-list.vtc index fbf381738..6c6379ec3 100644 --- a/reg-tests/ssl/add_ssl_crt-list.vtc +++ b/reg-tests/ssl/add_ssl_crt-list.vtc @@ -22,7 +22,9 @@ server s1 -repeat 2 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 crt-base ${testdir} stats socket "${tmpdir}/h1/stats" level admin diff --git a/reg-tests/ssl/del_ssl_crt-list.vtc b/reg-tests/ssl/del_ssl_crt-list.vtc index 5cf4c6af3..3a2beccb6 100644 --- a/reg-tests/ssl/del_ssl_crt-list.vtc +++ b/reg-tests/ssl/del_ssl_crt-list.vtc @@ -20,7 +20,9 @@ server s1 -repeat 2 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 crt-base ${testdir} stats socket "${tmpdir}/h1/stats" level admin diff --git a/reg-tests/ssl/new_del_ssl_cafile.vtc b/reg-tests/ssl/new_del_ssl_cafile.vtc index 2123fb030..7e8a9f19d 100644 --- a/reg-tests/ssl/new_del_ssl_cafile.vtc +++ b/reg-tests/ssl/new_del_ssl_cafile.vtc @@ -21,7 +21,9 @@ server s1 -repeat 2 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h1/stats" level admin crt-base ${testdir} diff --git a/reg-tests/ssl/new_del_ssl_crlfile.vtc b/reg-tests/ssl/new_del_ssl_crlfile.vtc index 8658a1a7a..8575f2644 100644 --- a/reg-tests/ssl/new_del_ssl_crlfile.vtc +++ b/reg-tests/ssl/new_del_ssl_crlfile.vtc @@ -21,7 +21,9 @@ server s1 -repeat 3 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h1/stats" level admin crt-base ${testdir} diff --git a/reg-tests/ssl/ocsp_auto_update.vtc b/reg-tests/ssl/ocsp_auto_update.vtc index 019395380..bcaf96b19 100644 --- a/reg-tests/ssl/ocsp_auto_update.vtc +++ b/reg-tests/ssl/ocsp_auto_update.vtc @@ -47,7 +47,9 @@ feature ignore_unknown_macro haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h1/stats" level admin crt-base ${testdir}/ocsp_update @@ -115,7 +117,9 @@ syslog Syslog_ocsp -level notice { haproxy h2 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h2/stats" level admin crt-base ${testdir}/ocsp_update @@ -182,7 +186,9 @@ syslog Syslog_ocsp3 -level notice { haproxy h3 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h3/stats" level admin crt-base ${testdir}/ocsp_update @@ -254,7 +260,9 @@ syslog Syslog_ocsp4 -level notice { haproxy h4 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h4/stats" level admin crt-base ${testdir}/ocsp_update @@ -368,7 +376,9 @@ syslog Syslog_ocsp5 -level notice { haproxy h5 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h5/stats" level admin crt-base ${testdir}/ocsp_update @@ -450,7 +460,9 @@ syslog Syslog_ocsp6 -level notice { haproxy h6 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h6/stats" level admin crt-base ${testdir} @@ -526,7 +538,9 @@ syslog Syslog_ocsp7 -level notice { haproxy h7 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h7/stats" level admin crt-base ${testdir} @@ -589,7 +603,9 @@ process p7 -wait haproxy h8 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h8/stats" level admin crt-base ${testdir}/ocsp_update @@ -683,7 +699,9 @@ syslog Syslog_ocsp9 -level notice { haproxy h9 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h9/stats" level admin crt-base ${testdir}/ocsp_update diff --git a/reg-tests/ssl/set_ssl_bug_2265.vtc b/reg-tests/ssl/set_ssl_bug_2265.vtc index e743c0a81..c773f134c 100644 --- a/reg-tests/ssl/set_ssl_bug_2265.vtc +++ b/reg-tests/ssl/set_ssl_bug_2265.vtc @@ -25,7 +25,9 @@ server s1 -repeat 3 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h1/stats" level admin diff --git a/reg-tests/ssl/set_ssl_cafile.vtc b/reg-tests/ssl/set_ssl_cafile.vtc index b948b4bd7..2e5aebbda 100644 --- a/reg-tests/ssl/set_ssl_cafile.vtc +++ b/reg-tests/ssl/set_ssl_cafile.vtc @@ -27,7 +27,9 @@ server s1 -repeat 4 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h1/stats" level admin diff --git a/reg-tests/ssl/set_ssl_cert.vtc b/reg-tests/ssl/set_ssl_cert.vtc index 70a6f5ee0..6373498de 100644 --- a/reg-tests/ssl/set_ssl_cert.vtc +++ b/reg-tests/ssl/set_ssl_cert.vtc @@ -31,7 +31,9 @@ server s1 -repeat 9 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h1/stats" level admin crt-base ${testdir} diff --git a/reg-tests/ssl/set_ssl_cert_bundle.vtc b/reg-tests/ssl/set_ssl_cert_bundle.vtc index 0941bdba9..3b3c0b343 100644 --- a/reg-tests/ssl/set_ssl_cert_bundle.vtc +++ b/reg-tests/ssl/set_ssl_cert_bundle.vtc @@ -28,7 +28,9 @@ server s1 -repeat 9 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h1/stats" level admin crt-base ${testdir} diff --git a/reg-tests/ssl/set_ssl_cert_noext.vtc b/reg-tests/ssl/set_ssl_cert_noext.vtc index 8eb8b24dd..ed5fdb5c7 100644 --- a/reg-tests/ssl/set_ssl_cert_noext.vtc +++ b/reg-tests/ssl/set_ssl_cert_noext.vtc @@ -23,7 +23,9 @@ server s1 -repeat 3 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 ssl-load-extra-del-ext stats socket "${tmpdir}/h1/stats" level admin diff --git a/reg-tests/ssl/set_ssl_crlfile.vtc b/reg-tests/ssl/set_ssl_crlfile.vtc index 54d599859..86cab0017 100644 --- a/reg-tests/ssl/set_ssl_crlfile.vtc +++ b/reg-tests/ssl/set_ssl_crlfile.vtc @@ -30,7 +30,9 @@ server s1 -repeat 4 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h1/stats" level admin diff --git a/reg-tests/ssl/set_ssl_server_cert.vtc b/reg-tests/ssl/set_ssl_server_cert.vtc index 847d45b8d..55d8df0ef 100644 --- a/reg-tests/ssl/set_ssl_server_cert.vtc +++ b/reg-tests/ssl/set_ssl_server_cert.vtc @@ -16,7 +16,9 @@ server s1 -repeat 4 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h1/stats" level admin nbthread 1 diff --git a/reg-tests/ssl/show_ssl_ocspresponse.vtc b/reg-tests/ssl/show_ssl_ocspresponse.vtc index 8b1db1692..08969ba2b 100644 --- a/reg-tests/ssl/show_ssl_ocspresponse.vtc +++ b/reg-tests/ssl/show_ssl_ocspresponse.vtc @@ -27,7 +27,9 @@ feature ignore_unknown_macro haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h1/stats" level admin diff --git a/reg-tests/ssl/ssl_alpn.vtc b/reg-tests/ssl/ssl_alpn.vtc index dfc63ac04..9d032769c 100644 --- a/reg-tests/ssl/ssl_alpn.vtc +++ b/reg-tests/ssl/ssl_alpn.vtc @@ -11,7 +11,9 @@ feature ignore_unknown_macro haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif defaults mode http diff --git a/reg-tests/ssl/ssl_client_auth.vtc b/reg-tests/ssl/ssl_client_auth.vtc index ab8ba18fc..a223a9c18 100644 --- a/reg-tests/ssl/ssl_client_auth.vtc +++ b/reg-tests/ssl/ssl_client_auth.vtc @@ -25,7 +25,9 @@ server s1 -repeat 3 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif defaults mode http diff --git a/reg-tests/ssl/ssl_client_samples.vtc b/reg-tests/ssl/ssl_client_samples.vtc index 5a84e4b25..6b770822c 100644 --- a/reg-tests/ssl/ssl_client_samples.vtc +++ b/reg-tests/ssl/ssl_client_samples.vtc @@ -12,7 +12,9 @@ server s1 -repeat 3 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 crt-base ${testdir} diff --git a/reg-tests/ssl/ssl_crt-list_filters.vtc b/reg-tests/ssl/ssl_crt-list_filters.vtc index 1d21ed8a1..843d85af4 100644 --- a/reg-tests/ssl/ssl_crt-list_filters.vtc +++ b/reg-tests/ssl/ssl_crt-list_filters.vtc @@ -16,7 +16,9 @@ server s1 -repeat 6 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif crt-base ${testdir} stats socket "${tmpdir}/h1/stats" level admin diff --git a/reg-tests/ssl/ssl_curve_name.vtc b/reg-tests/ssl/ssl_curve_name.vtc index a285a8f86..551679177 100644 --- a/reg-tests/ssl/ssl_curve_name.vtc +++ b/reg-tests/ssl/ssl_curve_name.vtc @@ -11,7 +11,9 @@ server s1 -repeat 3 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 crt-base ${testdir} diff --git a/reg-tests/ssl/ssl_curves.vtc b/reg-tests/ssl/ssl_curves.vtc index 6a8b1b690..5ffd2d8bd 100644 --- a/reg-tests/ssl/ssl_curves.vtc +++ b/reg-tests/ssl/ssl_curves.vtc @@ -39,7 +39,9 @@ syslog Slg_cust_fmt -level info { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif defaults mode http diff --git a/reg-tests/ssl/ssl_default_server.vtc b/reg-tests/ssl/ssl_default_server.vtc index 485a9ba17..88a3ccbe4 100644 --- a/reg-tests/ssl/ssl_default_server.vtc +++ b/reg-tests/ssl/ssl_default_server.vtc @@ -22,7 +22,9 @@ server s1 -repeat 7 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h1/stats" level admin crt-base ${testdir} diff --git a/reg-tests/ssl/ssl_errors.vtc b/reg-tests/ssl/ssl_errors.vtc index 8fb9c5a12..a3c54553c 100644 --- a/reg-tests/ssl/ssl_errors.vtc +++ b/reg-tests/ssl/ssl_errors.vtc @@ -168,7 +168,9 @@ syslog Slg_bcknd_fe -level info { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 stats socket "${tmpdir}/h1/stats" level admin .if openssl_version_atleast(3.0.0) diff --git a/reg-tests/ssl/ssl_frontend_samples.vtc b/reg-tests/ssl/ssl_frontend_samples.vtc index 401e19344..56a208bcc 100644 --- a/reg-tests/ssl/ssl_frontend_samples.vtc +++ b/reg-tests/ssl/ssl_frontend_samples.vtc @@ -11,7 +11,9 @@ server s1 -repeat 3 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 crt-base ${testdir} diff --git a/reg-tests/ssl/ssl_generate_certificate.vtc b/reg-tests/ssl/ssl_generate_certificate.vtc index ba0b53b36..ace27d877 100644 --- a/reg-tests/ssl/ssl_generate_certificate.vtc +++ b/reg-tests/ssl/ssl_generate_certificate.vtc @@ -27,7 +27,9 @@ server s1 -repeat 6 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 2048 defaults diff --git a/reg-tests/ssl/ssl_server_samples.vtc b/reg-tests/ssl/ssl_server_samples.vtc index c037523b1..2841d1cc6 100644 --- a/reg-tests/ssl/ssl_server_samples.vtc +++ b/reg-tests/ssl/ssl_server_samples.vtc @@ -11,7 +11,9 @@ server s1 -repeat 3 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 crt-base ${testdir} stats socket "${tmpdir}/h1/stats" level admin diff --git a/reg-tests/ssl/ssl_simple_crt-list.vtc b/reg-tests/ssl/ssl_simple_crt-list.vtc index f7b03a275..d70327b0b 100644 --- a/reg-tests/ssl/ssl_simple_crt-list.vtc +++ b/reg-tests/ssl/ssl_simple_crt-list.vtc @@ -12,7 +12,9 @@ server s1 -repeat 4 { haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif crt-base ${testdir} stats socket "${tmpdir}/h1/stats" level admin diff --git a/reg-tests/ssl/wrong_ctx_storage.vtc b/reg-tests/ssl/wrong_ctx_storage.vtc index dd746d46d..4275731fe 100644 --- a/reg-tests/ssl/wrong_ctx_storage.vtc +++ b/reg-tests/ssl/wrong_ctx_storage.vtc @@ -24,7 +24,9 @@ feature ignore_unknown_macro haproxy h1 -conf { global + .if !ssllib_name_startswith(AWS-LC) tune.ssl.default-dh-param 2048 + .endif tune.ssl.capture-buffer-size 1 defaults