REGTESTS: update the ocsp-update tests

Update the ocsp-update tests for the recent changes: - "tune.ssl.ocsp-update.mode" was renamed iin "ocsp-update.mode" - Incompatibilities check string changed
haproxy · May 7, 2024 · 2a6e1ae · 2a6e1ae
1 parent c0338fb
commit 2a6e1ae
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 28 deletions.
diff --git a/reg-tests/ssl/ocsp_auto_update.vtc b/reg-tests/ssl/ocsp_auto_update.vtc
@@ -530,7 +530,7 @@ haproxy h7 -conf {
         tune.ssl.capture-buffer-size 1
         stats socket "${tmpdir}/h7/stats" level admin
         crt-base ${testdir}
-        tune.ssl.ocsp-update.mode on
+        ocsp-update.mode on
         log ${Syslog_ocsp7_addr}:${Syslog_ocsp7_port} local0 notice notice
 
     defaults
@@ -653,7 +653,7 @@ haproxy h8 -cli {
 # Check that the auto update option consistency check work even when crt-list
 # lines are added through the cli
 shell {
-    printf "add ssl crt-list ${testdir}/ocsp_update/multicert_both_certs.crt-list <<\nmulticert/server_ocsp.pem.ecdsa foo.foo\n\n" | socat "${tmpdir}/h8/stats" - | grep "Incompatibilities found in OCSP update mode for certificate"
+    printf "add ssl crt-list ${testdir}/ocsp_update/multicert_both_certs.crt-list <<\nmulticert/server_ocsp.pem.ecdsa foo.foo\n\n" | socat "${tmpdir}/h8/stats" - | grep "different parameter 'ocsp-update' : 'on' vs 'off'"
 }
 
 haproxy h8 -wait
@@ -723,7 +723,7 @@ shell {
 # Check that the line is in the crt-list
 haproxy h9 -cli {
     send "show ssl crt-list ${testdir}/ocsp_update/multicert_ecdsa_no_update.crt-list"
-    expect ~ "${testdir}/ocsp_update/rsa.pem .* foo.bar"
+    expect ~ "${testdir}/ocsp_update/rsa.pem.*ocsp-update off.*foo.bar"
 }
 
 # Check that the new certificate is NOT in the auto update list

diff --git a/reg-tests/ssl/ocsp_compat_check.vtc b/reg-tests/ssl/ocsp_compat_check.vtc
@@ -3,7 +3,7 @@
 # broken with BoringSSL.
 #
 # This reg-test tries loading multiple configurations that make use of the
-# 'ocsp-update' crt-list option and the global 'tune.ssl.ocsp-update.mode'
+# 'ocsp-update' crt-list option and the global 'ocsp-update.mode'
 # option. It ensures that an error message is raised when the user provides an
 # incoherent configuration. Any configuration in which a given certificate has
 # the ocsp auto update mode set to 'on' as well as 'off' simultaneously should
@@ -37,7 +37,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-#    tune.ssl.ocsp-update.mode on
+#    ocsp-update.mode on
 
 defaults
     log stderr local0 debug err
@@ -65,7 +65,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-    tune.ssl.ocsp-update.mode on
+    ocsp-update.mode on
 
 defaults
     log stderr local0 debug err
@@ -93,7 +93,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-    tune.ssl.ocsp-update.mode off
+    ocsp-update.mode off
 
 defaults
     log stderr local0 debug err
@@ -121,7 +121,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-#    tune.ssl.ocsp-update.mode off
+#    ocsp-update.mode off
 
 defaults
     log stderr local0 debug err
@@ -150,7 +150,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-    tune.ssl.ocsp-update.mode on
+    ocsp-update.mode on
 
 defaults
     log stderr local0 debug err
@@ -179,7 +179,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-    tune.ssl.ocsp-update.mode off
+    ocsp-update.mode off
 
 defaults
     log stderr local0 debug err
@@ -210,7 +210,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-#    tune.ssl.ocsp-update.mode off
+#    ocsp-update.mode off
 
 defaults
     log stderr local0 debug err
@@ -240,7 +240,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-#    tune.ssl.ocsp-update.mode off
+#    ocsp-update.mode off
 
 defaults
     log stderr local0 debug err
@@ -270,7 +270,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-    tune.ssl.ocsp-update.mode on
+    ocsp-update.mode on
 
 defaults
     log stderr local0 debug err
@@ -300,7 +300,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-    tune.ssl.ocsp-update.mode on
+    ocsp-update.mode on
 
 defaults
     log stderr local0 debug err
@@ -330,7 +330,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-    tune.ssl.ocsp-update.mode off
+    ocsp-update.mode off
 
 defaults
     log stderr local0 debug err
@@ -360,7 +360,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-    tune.ssl.ocsp-update.mode off
+    ocsp-update.mode off
 
 defaults
     log stderr local0 debug err
@@ -397,7 +397,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-#    tune.ssl.ocsp-update.mode on
+#    ocsp-update.mode on
 
 defaults
     log stderr local0 debug err
@@ -425,7 +425,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-    tune.ssl.ocsp-update.mode on
+    ocsp-update.mode on
 
 defaults
     log stderr local0 debug err
@@ -453,7 +453,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-    tune.ssl.ocsp-update.mode off
+    ocsp-update.mode off
 
 defaults
     log stderr local0 debug err
@@ -481,7 +481,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-#    tune.ssl.ocsp-update.mode off
+#    ocsp-update.mode off
 
 defaults
     log stderr local0 debug err
@@ -510,7 +510,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-    tune.ssl.ocsp-update.mode on
+    ocsp-update.mode on
 
 defaults
     log stderr local0 debug err
@@ -539,7 +539,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-    tune.ssl.ocsp-update.mode off
+    ocsp-update.mode off
 
 defaults
     log stderr local0 debug err
@@ -570,7 +570,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-#    tune.ssl.ocsp-update.mode off
+#    ocsp-update.mode off
 
 defaults
     log stderr local0 debug err
@@ -600,7 +600,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-#    tune.ssl.ocsp-update.mode off
+#    ocsp-update.mode off
 
 defaults
     log stderr local0 debug err
@@ -630,7 +630,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-    tune.ssl.ocsp-update.mode on
+    ocsp-update.mode on
 
 defaults
     log stderr local0 debug err
@@ -660,7 +660,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-    tune.ssl.ocsp-update.mode on
+    ocsp-update.mode on
 
 defaults
     log stderr local0 debug err
@@ -690,7 +690,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-    tune.ssl.ocsp-update.mode off
+    ocsp-update.mode off
 
 defaults
     log stderr local0 debug err
@@ -720,7 +720,7 @@ EOF
     cat << EOF > ${tmpdir}/ocsp_compat_check.cfg
 global
     crt-base ${testdir}/ocsp_update/multicert
-    tune.ssl.ocsp-update.mode off
+    ocsp-update.mode off
 
 defaults
     log stderr local0 debug err