REGTESTS: set_ssl_server_cert.vtc: remove SSL caching and set as working

In a previous commit this test was disabled because I though the
feature was broken, but in fact this is the test which is broken.

Indeed the connection between the server and the client was not
renegociated and was using the SSL cache or a ticket. To be work
correctly these 2 features must be disabled or a new connection must be
established after the ticket timeout, which is too long for a regtest.

Also a "nbthread 1" was added as it was easier to reproduce the problem
with it.

diff --git a/reg-tests/ssl/set_ssl_server_cert.vtc b/reg-tests/ssl/set_ssl_server_cert.vtc
index 0a58c1bbd3d6a0dd5ff947b0457bff97c4092041..61346e07e5991043f3cb6fd06315238318ecd830 100644 (file)
--- a/reg-tests/ssl/set_ssl_server_cert.vtc
+++ b/reg-tests/ssl/set_ssl_server_cert.vtc
@@ -1,4 +1,4 @@
-#REGTEST_TYPE=broken
+#REGTEST_TYPE=devel
 
 # This reg-test uses the "set ssl cert" command to update a backend certificate over the CLI.
 # It requires socat to upload the certificate
@@ -19,6 +19,8 @@ haproxy h1 -conf {
         tune.ssl.default-dh-param 2048
         tune.ssl.capture-cipherlist-size 1
         stats socket "${tmpdir}/h1/stats" level admin
+        nbthread 1
+        tune.ssl.cachesize 0
 
     defaults
         mode http
@@ -39,7 +41,7 @@ haproxy h1 -conf {
         # crt: certificate of the server
         # ca-file: CA used for client authentication request
         # crl-file: revocation list for client auth: the client1 certificate is revoked
-        bind "${tmpdir}/ssl.sock" ssl crt ${testdir}/common.pem ca-file ${testdir}/ca-auth.crt verify optional crt-ignore-err all crl-file ${testdir}/crl-auth.pem
+        bind "${tmpdir}/ssl.sock" ssl crt ${testdir}/common.pem ca-file ${testdir}/ca-auth.crt verify optional crt-ignore-err all crl-file ${testdir}/crl-auth.pem no-tls-tickets
 
         acl cert_expired ssl_c_verify 10
         acl cert_revoked ssl_c_verify 23