From 98222dfccd544132c38f9a69fd4ece6e28087636 Mon Sep 17 00:00:00 2001
From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Thu, 26 Aug 2021 16:26:04 +0200
Subject: [PATCH] dnsdist: Check that the expected TLS provider is in use in
 the regression tests

---
 regression-tests.dnsdist/test_OCSP.py | 5 +++++
 regression-tests.dnsdist/test_TLS.py  | 9 +++++++++
 2 files changed, 14 insertions(+)

diff --git a/regression-tests.dnsdist/test_OCSP.py b/regression-tests.dnsdist/test_OCSP.py
index 7a10f69761..6b29e3df55 100644
--- a/regression-tests.dnsdist/test_OCSP.py
+++ b/regression-tests.dnsdist/test_OCSP.py
@@ -32,6 +32,9 @@ class DNSDistOCSPStaplingTest(DNSDistTest):
 
         return serialNumber
 
+    def getTLSProvider(self):
+        return self.sendConsoleCommand("getBind(0):getEffectiveTLSProvider()").rstrip()
+
 @unittest.skipIf('SKIP_DOH_TESTS' in os.environ, 'DNS over HTTPS tests are disabled')
 class TestOCSPStaplingDOH(DNSDistOCSPStaplingTest):
 
@@ -116,6 +119,7 @@ class TestOCSPStaplingTLSGnuTLS(DNSDistOCSPStaplingTest):
         """
         output = self.checkOCSPStaplingStatus('127.0.0.1', self._tlsServerPort, self._serverName, self._caCert)
         self.assertIn('OCSP Response Status: successful (0x0)', output)
+        self.assertEquals(self.getTLSProvider(), "gnutls")
 
         serialNumber = self.getOCSPSerial(output)
         self.assertTrue(serialNumber)
@@ -158,6 +162,7 @@ class TestOCSPStaplingTLSOpenSSL(DNSDistOCSPStaplingTest):
         """
         output = self.checkOCSPStaplingStatus('127.0.0.1', self._tlsServerPort, self._serverName, self._caCert)
         self.assertIn('OCSP Response Status: successful (0x0)', output)
+        self.assertEquals(self.getTLSProvider(), "openssl")
 
         serialNumber = self.getOCSPSerial(output)
         self.assertTrue(serialNumber)
diff --git a/regression-tests.dnsdist/test_TLS.py b/regression-tests.dnsdist/test_TLS.py
index c29bec9a74..4b850bac8e 100644
--- a/regression-tests.dnsdist/test_TLS.py
+++ b/regression-tests.dnsdist/test_TLS.py
@@ -14,6 +14,9 @@ class TLSTests(object):
         conn = self.openTLSConnection(self._tlsServerPort, self._serverName, self._caCert)
         return conn.getpeercert()
 
+    def getTLSProvider(self):
+        return self.sendConsoleCommand("getBind(0):getEffectiveTLSProvider()").rstrip()
+
     def testTLSSimple(self):
         """
         TLS: Single query
@@ -269,6 +272,9 @@ class TestOpenSSL(DNSDistTest, TLSTests):
     """
     _config_params = ['_consoleKeyB64', '_consolePort', '_testServerPort', '_tlsServerPort', '_serverCert', '_serverKey']
 
+    def testProvider(self):
+        self.assertEquals(self.getTLSProvider(), "openssl")
+
 class TestGnuTLS(DNSDistTest, TLSTests):
 
     _consoleKey = DNSDistTest.generateConsoleKey()
@@ -288,6 +294,9 @@ class TestGnuTLS(DNSDistTest, TLSTests):
     """
     _config_params = ['_consoleKeyB64', '_consolePort', '_testServerPort', '_tlsServerPort', '_serverCert', '_serverKey']
 
+    def testProvider(self):
+        self.assertEquals(self.getTLSProvider(), "gnutls")
+
 class TestDOTWithCache(DNSDistTest):
     _serverKey = 'server.key'
     _serverCert = 'server.chain'
-- 
2.47.2