From c268313f60fa220a9927eb9d86ab09714959b998 Mon Sep 17 00:00:00 2001
From: William Lallemand <wlallemand@haproxy.com>
Date: Mon, 17 Jun 2024 15:31:24 +0200
Subject: [PATCH] REGTESTS: ssl: activate new SSL reg-tests with AWS-LC

Prerequisites are now available in AWS-LC, so we can enable these
reg-tests.

With this patch, aws-lc only has 5 reg-tests that are not working:
- reg-tests/ssl/ssl_reuse.vtc: stateful session resumption is only supported with TLSv1.2
- reg-tests/ssl/ssl_curve_name.vtc: function to extract curve name is not available
- reg-tests/ssl/ssl_errors.vtc: errors are not the same than OpenSSL
- reg-tests/ssl/ssl_dh.vtc: AWS-LC does not support DH
- reg-tests/ssl/ssl_curves.vtc: not working correctly

Which means most of the features are working correctly.
---
 reg-tests/ssl/set_ssl_cert_bundle.vtc  | 2 +-
 reg-tests/ssl/ssl_crt-list_filters.vtc | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/reg-tests/ssl/set_ssl_cert_bundle.vtc b/reg-tests/ssl/set_ssl_cert_bundle.vtc
index 270cba6e02..0941bdba9f 100644
--- a/reg-tests/ssl/set_ssl_cert_bundle.vtc
+++ b/reg-tests/ssl/set_ssl_cert_bundle.vtc
@@ -17,7 +17,7 @@
 varnishtest "Test the 'set ssl cert' feature of the CLI with bundles"
 # could work with haproxy 2.3 but the -cc is not available
 feature cmd "$HAPROXY_PROGRAM -cc 'version_atleast(2.5-dev9)'"
-feature cmd "$HAPROXY_PROGRAM -cc 'feature(OPENSSL) && ssllib_name_startswith(OpenSSL) && openssl_version_atleast(1.1.1)'"
+feature cmd "$HAPROXY_PROGRAM -cc 'feature(OPENSSL) && ssllib_name_startswith(OpenSSL) && openssl_version_atleast(1.1.1) || feature(OPENSSL_AWSLC)'"
 feature cmd "command -v socat"
 feature ignore_unknown_macro
 
diff --git a/reg-tests/ssl/ssl_crt-list_filters.vtc b/reg-tests/ssl/ssl_crt-list_filters.vtc
index e98efb7959..1d21ed8a1e 100644
--- a/reg-tests/ssl/ssl_crt-list_filters.vtc
+++ b/reg-tests/ssl/ssl_crt-list_filters.vtc
@@ -1,7 +1,7 @@
 #REGTEST_TYPE=bug
 varnishtest "Test for ECDSA/RSA selection and crt-list filters"
 feature cmd "$HAPROXY_PROGRAM -cc 'version_atleast(2.8)'"
-feature cmd "$HAPROXY_PROGRAM -cc 'feature(OPENSSL) && ssllib_name_startswith(OpenSSL) && openssl_version_atleast(1.1.1)'"
+feature cmd "$HAPROXY_PROGRAM -cc 'feature(OPENSSL) && ssllib_name_startswith(OpenSSL) && openssl_version_atleast(1.1.1) || feature(OPENSSL_AWSLC)'"
 # This test checks if the multiple certificate types works correctly with the
 # SNI, and that the negative filters are correctly excluded
 #