RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2024-12-30 00:22:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,556 Commits 15 Branches 371 Tags 53 MiB
8ec9c81ac4
Commit Graph

11 Commits

Author SHA1 Message Date
Ilya Shipitsin
8de3eff8f7 REGTESTS: ssl: skip show_ssl_ocspresponse.vtc when BoringSSL is used 
OCSP stapling implementation is not compatible with BoringSSL, test
is broken in BoringSSL
 2022-02-02 17:48:02 +01:00
Willy Tarreau
f673923629 REGTESTS: extend the default I/O timeouts and make them overridable 
With the CI occasionally slowing down, we're starting to see again some
spurious failures despite the long 1-second timeouts. This reports false
positives that are disturbing and doesn't provide as much value as this
could. However at this delay it already becomes a pain for developers
to wait for the tests to complete.

This commit adds support for the new environment variable
HAPROXY_TEST_TIMEOUT that will allow anyone to modify the connect,
client and server timeouts. It was set to 5 seconds by default, which
should be plenty for quite some time in the CI. All relevant values
that were 200ms or above were replaced by this one. A few larger
values were left as they are special. One test for the set-timeout
action that used to rely on a fixed 1-sec value was extended to a
fixed 5-sec, as the timeout is normally not reached, but it needs
to be known to compare the old and new values.
 2021-11-18 17:57:11 +01:00
William Lallemand
f542941f71 REGTESTS: ssl: wrong feature cmd in show_ssl_ocspresponse.vtc 
The "feature cmd" needs to be separated in 2 parts to check the openssl
command.
 2021-09-30 18:45:18 +02:00
William Lallemand
2655f2ba33 REGTESTS: ssl: show_ssl_ocspresponse w/ freebsd won't use base64 
The reg-test show_ssl_ocspresponse.vtc won't use the "base64" binary on
freebsd, replace it by a "openssl base64" which does the same thing.
 2021-09-30 17:58:58 +02:00
William Lallemand
2f52fdb52e REGTESTS: ssl: enable show_ssl_ocspresponse.vtc again 
Since we disabled boringssl from the CI we can enable this test again.
 2021-09-30 15:28:30 +02:00
Marcin Deranek
310a260e4a MEDIUM: config: Deprecate tune.ssl.capture-cipherlist-size 
Deprecate tune.ssl.capture-cipherlist-size in favor of
tune.ssl.capture-buffer-size which better describes the purpose of the
setting.
 2021-08-26 19:52:04 +02:00
Tim Duesterhus
4ee192f072 REGTESTS: Replace REQUIRE_BINARIES with 'command -v' 
This migrates the tests to the native `feature cmd` functionality of VTest.
 2021-06-17 14:59:55 +02:00
Tim Duesterhus
c9570483b0 REGTESTS: Replace REQUIRE_OPTIONS with 'haproxy -cc' for 2.5+ tests 
This migrates the tests for HAProxy versions that support '-cc' to the native
VTest functionality.
 2021-06-17 14:59:55 +02:00
Tim Duesterhus
5efc48dcf1 REGTESTS: Replace REQUIRE_VERSION=2.5 with 'haproxy -cc' 
This is safe, because running `haproxy -cc 'version_atleast(2.5-dev0)'` on
HAProxy 2.4 will also result in an exit code of 1.
 2021-06-17 14:59:55 +02:00
William Lallemand
0061323114 REGTESTS: ssl: show_ssl_ocspresponce.vtc is broken with BoringSSL 
The `show ssl ocsp-response` feature is not available with BoringSSL,
but we don't have a way to disable this feature only with boringSSL on
the CI. Disable the reg-test until we do.
 2021-06-11 10:03:08 +02:00
Remi Tricot-Le Breton
2a77c62c18 REGTESTS: ssl: Add "show ssl ocsp-response" test 
This file adds tests for the new "show ssl ocsp-response" command and
the new "show ssl cert foo.pem.ocsp" and "show ssl cert *foo.pem.ocsp"
special cases. They are all used to display information about an OCSP
response, committed or not.
 2021-06-10 16:44:11 +02:00