konevsa/haproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
haproxy/reg-tests/ssl
History
Remi Tricot-Le Breton 0498fa4059 BUG/MINOR: ssl: Default-server configuration ignored by server 
When a default-server line specified a client certificate to use, the
frontend would not take it into account and create an empty SSL context,
which would raise an error on the backend side ("peer did not return a
certificate").

This bug was introduced by d817dc733eacfd7cf5bb0bbc6128f44644db078e in
which the SSL contexts are created earlier than before (during the
default-server line parsing) without setting it in the corresponding
server structures. It then made the server create an empty SSL context
in ssl_sock_prepare_srv_ctx because it thought it needed one.

It was raised on redmine, in Bug #3906.

It can be backported to 2.4.
2021-07-13 18:35:38 +02:00
..
add_ssl_crt-list.vtc
REGTESTS: Replace REQUIRE_BINARIES with 'command -v'
2021-06-17 14:59:55 +02:00
ca-auth.crt
REGTEST: ssl: test the client certificate authentication
2020-04-28 22:04:13 +02:00
cert1-example.com.pem.ecdsa
REGTESTS: ssl: "set ssl cert" and multi-certificates bundle
2021-04-02 15:47:17 +02:00
cert1-example.com.pem.rsa
REGTESTS: ssl: "set ssl cert" and multi-certificates bundle
2021-04-02 15:47:17 +02:00
cert2-example.com.pem.ecdsa
REGTESTS: ssl: "set ssl cert" and multi-certificates bundle
2021-04-02 15:47:17 +02:00
cert2-example.com.pem.rsa
REGTESTS: ssl: "set ssl cert" and multi-certificates bundle
2021-04-02 15:47:17 +02:00
client1.pem
MINOR: ssl: add ssl_{c,s}_chain_der fetch methods
2020-08-07 15:38:40 +02:00
client2_expired.pem
REGTEST: ssl: test the client certificate authentication
2020-04-28 22:04:13 +02:00
client3_revoked.pem
REGTEST: ssl: test the client certificate authentication
2020-04-28 22:04:13 +02:00
common.crt
REGTEST: ssl: test "set ssl cert" with separate key / crt
2020-10-23 18:41:08 +02:00
common.key
REGTEST: ssl: test "set ssl cert" with separate key / crt
2020-10-23 18:41:08 +02:00
common.pem
MINOR: ssl: add ssl_{c,s}_chain_der fetch methods
2020-08-07 15:38:40 +02:00
crl-auth.pem
REGTEST: ssl: test the client certificate authentication
2020-04-28 22:04:13 +02:00
del_ssl_crt-list.vtc
CLEANUP: reg-tests: Remove obsolete no-htx parameter for reg-tests
2021-06-04 15:41:21 +02:00
ecdsa.crt
REGTEST: ssl: test "set ssl cert" with separate key / crt
2020-10-23 18:41:08 +02:00
ecdsa.key
REGTEST: ssl: test "set ssl cert" with separate key / crt
2020-10-23 18:41:08 +02:00
ecdsa.pem
REGTEST: ssl: test the "set ssl cert" CLI command
2019-12-19 13:51:38 +01:00
filters.crt-list
REGTEST: ssl: test wildcard and multi-type + exclusions
2020-11-06 14:59:36 +01:00
interCA1_crl_empty.pem
REGTESTS: ssl: Add "set/commit ssl crl-file" test
2021-05-17 10:50:24 +02:00
interCA1_crl.pem
REGTESTS: ssl: Add "set/commit ssl crl-file" test
2021-05-17 10:50:24 +02:00
interCA2_crl_empty.pem
REGTESTS: ssl: Add "set/commit ssl crl-file" test
2021-05-17 10:50:24 +02:00
interCA2_crl.pem
REGTESTS: ssl: Add "set/commit ssl crl-file" test
2021-05-17 10:50:24 +02:00
localhost.crt-list
REGTEST: ssl: pollute the crt-list file
2020-04-01 20:10:53 +02:00
new_del_ssl_cafile.vtc
REGTESTS: Replace REQUIRE_BINARIES with 'command -v'
2021-06-17 14:59:55 +02:00
new_del_ssl_crlfile.vtc
REGTESTS: Replace REQUIRE_BINARIES with 'command -v'
2021-06-17 14:59:55 +02:00
README
MINOR: reg-tests: Add a few regression testing files.
2018-06-20 10:03:24 +02:00
rootCA_crl.pem
REGTESTS: ssl: Add "set/commit ssl crl-file" test
2021-05-17 10:50:24 +02:00
set_cafile_client.pem
REGTESTS: ssl: Add new ca-file update tests
2021-05-17 10:50:24 +02:00
set_cafile_interCA1.crt
REGTESTS: ssl: Add new ca-file update tests
2021-05-17 10:50:24 +02:00
set_cafile_interCA2.crt
REGTESTS: ssl: Add new ca-file update tests
2021-05-17 10:50:24 +02:00
set_cafile_rootCA.crt
REGTESTS: ssl: Add new ca-file update tests
2021-05-17 10:50:24 +02:00
set_cafile_server.pem
REGTESTS: ssl: Add new ca-file update tests
2021-05-17 10:50:24 +02:00
set_default_cert.crt-list
BUG/MINOR: ssl: Fix update of default certificate
2021-03-26 13:06:29 +01:00
set_default_cert.pem
BUG/MINOR: ssl: Fix update of default certificate
2021-03-26 13:06:29 +01:00
set_ssl_cafile.vtc
REGTESTS: Replace REQUIRE_BINARIES with 'command -v'
2021-06-17 14:59:55 +02:00
set_ssl_cert_bundle.vtc
REGTESTS: Replace REQUIRE_BINARIES with 'command -v'
2021-06-17 14:59:55 +02:00
set_ssl_cert_noext.vtc
REGTESTS: Replace REQUIRE_BINARIES with 'command -v'
2021-06-17 14:59:55 +02:00
set_ssl_cert.vtc
REGTESTS: Replace REQUIRE_BINARIES with 'command -v'
2021-06-17 14:59:55 +02:00
set_ssl_crlfile.vtc
REGTESTS: Replace REQUIRE_BINARIES with 'command -v'
2021-06-17 14:59:55 +02:00
set_ssl_server_cert.vtc
REGTESTS: Replace REQUIRE_BINARIES with 'command -v'
2021-06-17 14:59:55 +02:00
show_ocsp_server.pem
REGTESTS: ssl: Add "show ssl ocsp-response" test
2021-06-10 16:44:11 +02:00
show_ocsp_server.pem.issuer
REGTESTS: ssl: Add "show ssl ocsp-response" test
2021-06-10 16:44:11 +02:00
show_ocsp_server.pem.ocsp
REGTESTS: ssl: Add "show ssl ocsp-response" test
2021-06-10 16:44:11 +02:00
show_ocsp_server.pem.ocsp.revoked
REGTESTS: ssl: Add "show ssl ocsp-response" test
2021-06-10 16:44:11 +02:00
show_ssl_ocspresponse.vtc
REGTESTS: Replace REQUIRE_BINARIES with 'command -v'
2021-06-17 14:59:55 +02:00
simple.crt-list
BUG/MEDIUM: ssl/crt-list: correctly insert crt-list line if crt already loaded
2020-11-06 16:39:39 +01:00
ssl_client_auth.vtc
REGTESTS: Remove REQUIRE_VERSION=1.6 from all tests
2021-06-11 19:21:28 +02:00
ssl_client_samples.vtc
CLEANUP: reg-tests: Remove obsolete no-htx parameter for reg-tests
2021-06-04 15:41:21 +02:00
ssl_crt-list_filters.vtc
CLEANUP: reg-tests: Remove obsolete no-htx parameter for reg-tests
2021-06-04 15:41:21 +02:00
ssl_default_server.vtc
BUG/MINOR: ssl: Default-server configuration ignored by server
2021-07-13 18:35:38 +02:00
ssl_frontend_samples.vtc
CLEANUP: reg-tests: Remove obsolete no-htx parameter for reg-tests
2021-06-04 15:41:21 +02:00
ssl_server_samples.vtc
CLEANUP: reg-tests: Remove obsolete no-htx parameter for reg-tests
2021-06-04 15:41:21 +02:00
ssl_simple_crt-list.vtc
CLEANUP: reg-tests: Remove obsolete no-htx parameter for reg-tests
2021-06-04 15:41:21 +02:00
wrong_ctx_storage.vtc
CLEANUP: reg-tests: Remove obsolete no-htx parameter for reg-tests
2021-06-04 15:41:21 +02:00

README 

File list:
 - common.pem: PEM file which may be used by most of the VTC files.