mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-06 07:07:04 +02:00
Code Issues Projects Releases Wiki Activity
a6c0a59e9a
haproxy/reg-tests/ssl
History
Remi Tricot-Le Breton a6c0a59e9a MINOR: ssl: Use ocsp update task for "update ssl ocsp-response" command 
Instead of having a dedicated httpclient instance and its own code
decorrelated from the actual auto update one, the "update ssl
ocsp-response" will now use the update task in order to perform updates.

Since the cli command allows to update responses that were never
included in the auto update tree, a new flag was added to the
certificate_ocsp structure so that the said entry can be inserted into
the tree "by hand" and it won't be reinserted back into the tree after
the update process is performed. The 'update_once' flag "stole" a bit
from the 'fail_count' counter since it is the one less likely to reach
UINT_MAX among the ocsp counters of the certificate_ocsp structure.

This new logic required that every certificate_ocsp entry contained all
the ocsp-related information at all time since entries that are not
supposed to be configured automatically can still be updated through the
cli. The logic of the ssl_sock_load_ocsp was changed accordingly.
2023-03-14 11:07:32 +01:00
..
generate_certificates REGTESTS: ssl: Add test for "generate-certificates" SSL option 2022-02-09 12:10:32 +01:00
ocsp_update REGTESTS: ssl: Fix ocsp update crt-lists 2023-03-02 15:37:23 +01:00
add_ssl_crt-list.vtc BUG/MEDIUM: ssl/cli: crash when crt inserted into a crt-list 2022-06-20 17:27:49 +02:00
ca-auth.crt REGTEST: ssl: test the client certificate authentication 2020-04-28 22:04:13 +02:00
cert1-example.com.pem.ecdsa REGTESTS: ssl: "set ssl cert" and multi-certificates bundle 2021-04-02 15:47:17 +02:00
cert1-example.com.pem.rsa REGTESTS: ssl: "set ssl cert" and multi-certificates bundle 2021-04-02 15:47:17 +02:00
cert2-example.com.pem.ecdsa REGTESTS: ssl: "set ssl cert" and multi-certificates bundle 2021-04-02 15:47:17 +02:00
cert2-example.com.pem.rsa REGTESTS: ssl: "set ssl cert" and multi-certificates bundle 2021-04-02 15:47:17 +02:00
client1.pem MINOR: ssl: add ssl_{c,s}_chain_der fetch methods 2020-08-07 15:38:40 +02:00
client2_expired.pem REGTEST: ssl: test the client certificate authentication 2020-04-28 22:04:13 +02:00
client3_revoked.pem REGTEST: ssl: test the client certificate authentication 2020-04-28 22:04:13 +02:00
client.ecdsa.pem REGTESTS: ssl: Add test for "curves" and "ecdhe" SSL options 2022-02-09 11:15:44 +01:00
common.4096.dh REGTESTS: ssl: Add tests for DH related options 2022-02-14 10:07:14 +01:00
common.crt REGTEST: ssl: test "set ssl cert" with separate key / crt 2020-10-23 18:41:08 +02:00
common.key REGTEST: ssl: test "set ssl cert" with separate key / crt 2020-10-23 18:41:08 +02:00
common.pem MINOR: ssl: add ssl_{c,s}_chain_der fetch methods 2020-08-07 15:38:40 +02:00
crl-auth.pem REGTEST: ssl: test the client certificate authentication 2020-04-28 22:04:13 +02:00
del_ssl_crt-list.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
dynamic_server_ssl.vtc MEDIUM: server: remove experimental-mode for dynamic servers 2022-03-11 14:28:28 +01:00
ecdsa.crt REGTEST: ssl: test "set ssl cert" with separate key / crt 2020-10-23 18:41:08 +02:00
ecdsa.key REGTEST: ssl: test "set ssl cert" with separate key / crt 2020-10-23 18:41:08 +02:00
ecdsa.pem REGTEST: ssl: test the "set ssl cert" CLI command 2019-12-19 13:51:38 +01:00
filters.crt-list REGTEST: ssl: test wildcard and multi-type + exclusions 2020-11-06 14:59:36 +01:00
interCA1_crl_empty.pem REGTESTS: ssl: Add "set/commit ssl crl-file" test 2021-05-17 10:50:24 +02:00
interCA1_crl.pem REGTESTS: ssl: Add "set/commit ssl crl-file" test 2021-05-17 10:50:24 +02:00
interCA2_crl_empty.pem REGTESTS: ssl: Add "set/commit ssl crl-file" test 2021-05-17 10:50:24 +02:00
interCA2_crl.pem REGTESTS: ssl: Add "set/commit ssl crl-file" test 2021-05-17 10:50:24 +02:00
localhost.crt-list REGTEST: ssl: pollute the crt-list file 2020-04-01 20:10:53 +02:00
log_forward_ssl.vtc REGTESTS: ssl/log: test the log-forward with SSL 2022-09-13 17:03:30 +02:00
new_del_ssl_cafile.vtc MINOR: ssl/cli: implement "add ssl ca-file" 2022-08-19 19:58:53 +02:00
new_del_ssl_crlfile.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
ocsp_auto_update.vtc MINOR: ssl: Use ocsp update task for "update ssl ocsp-response" command 2023-03-14 11:07:32 +01:00
README
rootCA_crl.pem REGTESTS: ssl: Add "set/commit ssl crl-file" test 2021-05-17 10:50:24 +02:00
set_cafile_client.pem REGTESTS: ssl: Add new ca-file update tests 2021-05-17 10:50:24 +02:00
set_cafile_interCA1.crt REGTESTS: ssl: Add new ca-file update tests 2021-05-17 10:50:24 +02:00
set_cafile_interCA2.crt REGTESTS: ssl: Add new ca-file update tests 2021-05-17 10:50:24 +02:00
set_cafile_rootCA.crt REGTESTS: ssl: Add new ca-file update tests 2021-05-17 10:50:24 +02:00
set_cafile_server.pem REGTESTS: ssl: Add new ca-file update tests 2021-05-17 10:50:24 +02:00
set_default_cert.crt-list BUG/MINOR: ssl: Fix update of default certificate 2021-03-26 13:06:29 +01:00
set_default_cert.pem BUG/MINOR: ssl: Fix update of default certificate 2021-03-26 13:06:29 +01:00
set_ssl_cafile.vtc MINOR: ssl/cli: implement "add ssl ca-file" 2022-08-19 19:58:53 +02:00
set_ssl_cert_bundle.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
set_ssl_cert_noext.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
set_ssl_cert.vtc REGTESTS: ssl: add the same cert for client/server 2022-06-20 18:06:43 +02:00
set_ssl_crlfile.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
set_ssl_server_cert.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
show_ocsp_server.pem REGTESTS: ssl: Add "show ssl ocsp-response" test 2021-06-10 16:44:11 +02:00
show_ocsp_server.pem.issuer REGTESTS: ssl: Add "show ssl ocsp-response" test 2021-06-10 16:44:11 +02:00
show_ocsp_server.pem.ocsp REGTESTS: ssl: Add "show ssl ocsp-response" test 2021-06-10 16:44:11 +02:00
show_ocsp_server.pem.ocsp.revoked REGTESTS: ssl: Add "show ssl ocsp-response" test 2021-06-10 16:44:11 +02:00
show_ssl_ocspresponse.vtc REGTESTS: ssl: skip show_ssl_ocspresponse.vtc when BoringSSL is used 2022-02-02 17:48:02 +01:00
simple.crt-list BUG/MEDIUM: ssl/crt-list: correctly insert crt-list line if crt already loaded 2020-11-06 16:39:39 +01:00
ssl_client_auth.vtc MINOR: ssl: x509_v_err_str converter transforms an integer to a X509_V_ERR name 2022-11-10 13:28:37 +01:00
ssl_client_samples.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
ssl_crt-list_filters.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
ssl_curves.vtc REGTESTS: ssl: Add test for "curves" and "ecdhe" SSL options 2022-02-09 11:15:44 +01:00
ssl_default_server.vtc REGTESTS: ssl: fix ssl_default_server.vtc 2021-12-29 18:20:19 +01:00
ssl_dh.vtc MEDIUM: ssl: Disable DHE ciphers by default 2022-04-20 17:30:55 +02:00
ssl_errors.vtc REGTESTS: Fix ssl_errors.vtc script to wait for connections close 2023-02-21 11:44:55 +01:00
ssl_frontend_samples.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
ssl_generate_certificate.vtc REGTESTS: ssl: fix grep invocation to use extended regex in ssl_generate_certificate.vtc 2022-08-06 23:24:13 +02:00
ssl_reuse.vtc REGTESTS: ssl: enable the ssl_reuse.vtc test for WolfSSL 2022-12-20 15:28:37 +01:00
ssl_server_samples.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
ssl_simple_crt-list.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
wrong_ctx_storage.vtc MEDIUM: config: Deprecate tune.ssl.capture-cipherlist-size 2021-08-26 19:52:04 +02:00

README 

File list:
 - common.pem: PEM file which may be used by most of the VTC files.