RepoMirrors
/
haproxy
mirror of http://git.haproxy.org/git/haproxy.git/
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
haproxy/reg-tests/ssl
History
William Lallemand e6657fd108 MEDIUM: ssl: don't load file by discovering them in crt-store 
In commit 55e9e9591 ("MEDIUM: ssl: temporarily load files by detecting
their presence in crt-store"), ssl_sock_load_pem_into_ckch() was
replaced by ssl_sock_load_files_into_ckch() in the crt-store loading.

But the side effect was that we always try to autodetect, and this is
not what we want. This patch reverse this, and add specific code in the
crt-list loading, so we could autodetect in crt-list like it was done
before, but still try to load files when a crt-store filename keyword is
specified.

Example:

These crt-list lines won't autodetect files:

    foobar.crt [key foobar.key issuer foobar.issuer ocsp-update on] *.foo.bar
    foobar.crt [key foobar.key] *.foo.bar

These crt-list lines will autodect files:

    foobar.pem [ocsp-update on] *.foo.bar
    foobar.pem
 		2024-05-21 18:30:45 +02:00
..
generate_certificates REGTESTS: ssl: Add test for "generate-certificates" SSL option 2022-02-09 12:10:32 +01:00
ocsp_update REGTESTS: ssl: Add OCSP related tests 2024-03-20 16:12:10 +01:00
README
add_ssl_crt-list.vtc REGTESTS: ssl: update common.pem with the new pki 2023-10-09 21:58:21 +02:00
bug-2265.crt BUG/MINOR: ssl/cli: can't find ".crt" files when replacing a certificate 2023-08-28 18:20:39 +02:00
ca-auth.crt
cert1-example.com.pem.ecdsa
cert1-example.com.pem.rsa
cert2-example.com.pem.ecdsa
cert2-example.com.pem.rsa
client.ecdsa.pem REGTESTS: ssl: Add test for "curves" and "ecdhe" SSL options 2022-02-09 11:15:44 +01:00
client1.pem
client2_expired.pem
client3_revoked.pem
common.4096.dh REGTESTS: ssl: Add tests for DH related options 2022-02-14 10:07:14 +01:00
common.crt
common.key
common.pem REGTESTS: ssl: update common.pem with the new pki 2023-10-09 21:58:21 +02:00
crl-auth.pem
crt_store.vtc MEDIUM: ssl: don't load file by discovering them in crt-store 2024-05-21 18:30:45 +02:00
del_ssl_crt-list.vtc REGTESTS: ssl: update common.pem with the new pki 2023-10-09 21:58:21 +02:00
dynamic_server_ssl.vtc MEDIUM: server: remove experimental-mode for dynamic servers 2022-03-11 14:28:28 +01:00
ecdsa.crt
ecdsa.key
ecdsa.pem
filters.crt-list
interCA1_crl.pem
interCA1_crl_empty.pem
interCA2_crl.pem
interCA2_crl_empty.pem
localhost.crt-list
log_forward_ssl.vtc REGTESTS: ssl/log: test the log-forward with SSL 2022-09-13 17:03:30 +02:00
new_del_ssl_cafile.vtc MINOR: ssl/cli: implement "add ssl ca-file" 2022-08-19 19:58:53 +02:00
new_del_ssl_crlfile.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
ocsp_auto_update.vtc REGTESTS: ocsp-update: change the reg-test to support the new crt-store mode 2024-05-17 17:35:51 +02:00
ocsp_compat_check.vtc REGTESTS: ocsp-update: change the reg-test to support the new crt-store mode 2024-05-17 17:35:51 +02:00
rootCA_crl.pem
set_cafile_client.pem
set_cafile_interCA1.crt
set_cafile_interCA2.crt
set_cafile_rootCA.crt
set_cafile_server.pem
set_default_cert.crt-list
set_default_cert.pem
set_ssl_bug_2265.vtc REGTESTS: ssl: update common.pem with the new pki 2023-10-09 21:58:21 +02:00
set_ssl_cafile.vtc REGTESTS: wolfssl: temporarly disable some failing reg-tests 2023-10-09 23:05:18 +02:00
set_ssl_cert.vtc REGTESTS: ssl: update common.pem with the new pki 2023-10-09 21:58:21 +02:00
set_ssl_cert_bundle.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
set_ssl_cert_noext.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
set_ssl_crlfile.vtc REGTESTS: wolfssl: temporarly disable some failing reg-tests 2023-10-09 23:05:18 +02:00
set_ssl_server_cert.vtc REGTESTS: wolfssl: temporarly disable some failing reg-tests 2023-10-09 23:05:18 +02:00
show_ocsp_server.pem
show_ocsp_server.pem.issuer
show_ocsp_server.pem.ocsp
show_ocsp_server.pem.ocsp.revoked
show_ssl_ocspresponse.vtc REGTESTS: ssl: Fix empty line in cli command input 2024-02-07 17:10:49 +01:00
simple.crt-list
ssl_alpn.vtc MEDIUM: config: set useful ALPN defaults for HTTPS and QUIC 2023-04-19 09:52:20 +02:00
ssl_client_auth.vtc REGTESTS: ssl: simplify X509_V code check in ssl_client_auth.vtc 2023-05-03 15:54:49 +02:00
ssl_client_samples.vtc BUILD: ssl: ssl_c_r_dn fetches uses functiosn only available since 1.1.1 2023-05-15 12:07:52 +02:00
ssl_crt-list_filters.vtc REGTESTS: ssl: update the filters test for TLSv1.3 and sigalgs 2023-10-26 19:23:04 +02:00
ssl_curve_name.vtc MEDIUM: ssl: new sample fetch method to get curve name 2023-07-17 15:45:41 +02:00
ssl_curves.vtc MINOR: ssl: add support for 'curves' keyword on server lines 2023-09-07 23:29:10 +02:00
ssl_default_server.vtc REGTESTS: ssl: fix ssl_default_server.vtc 2021-12-29 18:20:19 +01:00
ssl_dh.vtc REGTESTS: ssl: disable ssl_dh.vtc for WolfSSL 2023-10-09 22:11:37 +02:00
ssl_errors.vtc REGTESTS: Fix ssl_errors.vtc script to wait for connections close 2023-02-21 11:44:55 +01:00
ssl_frontend_samples.vtc REGTESTS: ssl: update common.pem with the new pki 2023-10-09 21:58:21 +02:00
ssl_generate_certificate.vtc REGTESTS: ssl: skip generate-certificates test w/ wolfSSL 2023-09-20 16:02:16 +02:00
ssl_reuse.vtc REGTESTS: ssl: enable the ssl_reuse.vtc test for WolfSSL 2022-12-20 15:28:37 +01:00
ssl_server_samples.vtc REGTESTS: ssl: update common.pem with the new pki 2023-10-09 21:58:21 +02:00
ssl_simple_crt-list.vtc REGTESTS: extend the default I/O timeouts and make them overridable 2021-11-18 17:57:11 +01:00
wrong_ctx_storage.vtc

README 

File list:
 - common.pem: PEM file which may be used by most of the VTC files.