REGTEST: quic: add add_ssl_crt-list.vtc new QUIC test

This new reg test calls add_ssl_crt-list.vtc to run exactly the same test
as reg-test/ssl/add_ssl_crt-list.vtc but with QUIC connections.

diff --git a/reg-tests/quic/add_ssl_crt-list.vtc b/reg-tests/quic/add_ssl_crt-list.vtc
new file mode 100644 (file)
index 0000000..a9052ea
--- /dev/null
+++ b/reg-tests/quic/add_ssl_crt-list.vtc
@@ -0,0 +1,10 @@
+#REGTEST_TYPE=devel
+
+# Same test as ssl/add_ssl_crt-list.vtc, but with QUIC connections where applicable (only for TLSv3)
+
+varnishtest "Test the 'add ssl crt-list' feature of the CLI"
+
+feature cmd "$HAPROXY_PROGRAM -cc 'feature(QUIC) && !feature(QUIC_OPENSSL_COMPAT) && !feature(OPENSSL_WOLFSSL)'"
+
+setenv VTC_SOCK_TYPE quic
+include ${testdir}/../ssl/add_ssl_crt-list.vtc

diff --git a/reg-tests/quic/ecdsa.pem b/reg-tests/quic/ecdsa.pem
new file mode 120000 (symlink)
index 0000000..ea1a43d
--- /dev/null
+++ b/reg-tests/quic/ecdsa.pem
@@ -0,0 +1 @@
+../ssl/ecdsa.pem
\ No newline at end of file

diff --git a/reg-tests/quic/localhost.crt-list b/reg-tests/quic/localhost.crt-list
new file mode 120000 (symlink)
index 0000000..c8c6f48
--- /dev/null
+++ b/reg-tests/quic/localhost.crt-list
@@ -0,0 +1 @@
+../ssl/localhost.crt-list
\ No newline at end of file

diff --git a/reg-tests/ssl/add_ssl_crt-list.vtc b/reg-tests/ssl/add_ssl_crt-list.vtc
index 5dd2d9506b396cf5ca77be3c47a132df8fa02ce3..6b4301c6ce8a75ed23c208989463930a9adf6f06 100644 (file)
--- a/reg-tests/ssl/add_ssl_crt-list.vtc
+++ b/reg-tests/ssl/add_ssl_crt-list.vtc
@@ -20,8 +20,15 @@ server s1 -repeat 2 {
     txresp
 } -start
 
+setenv -ifunset VTC_SOCK_TYPE stream
+
 haproxy h1 -conf {
     global
+    .if streq("$VTC_SOCK_TYPE",quic)
+        # required for backend connections
+        expose-experimental-directives
+    .endif
+
     .if feature(THREAD)
         thread-groups 1
     .endif
@@ -46,13 +53,13 @@ haproxy h1 -conf {
     listen clear-lst
         bind "fd@${clearlst}"
         balance roundrobin
-        server s1 "${tmpdir}/ssl.sock" ssl verify none sni str(www.test1.com)
-        server s2 "${tmpdir}/ssl.sock" ssl verify none sni str(localhost)
+        server s1 "${VTC_SOCK_TYPE}+${h1_ssl_lst_addr}:${h1_ssl_lst_port}" ssl verify none sni str(www.test1.com)
+        server s2 "${VTC_SOCK_TYPE}+${h1_ssl_lst_addr}:${h1_ssl_lst_port}" ssl verify none sni str(localhost)
 
 
     listen ssl-lst
         mode http
-        bind "${tmpdir}/ssl.sock" ssl strict-sni crt-list ${testdir}/localhost.crt-list
+        bind "${VTC_SOCK_TYPE}+fd@${ssl_lst}" ssl strict-sni crt-list ${testdir}/localhost.crt-list
 
         server s1 ${s1_addr}:${s1_port}
         server s2 ${s1_addr}:${s1_port} ssl crt "${testdir}/common.pem" weight 0 verify none