diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 09:35:11 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 09:35:11 +0000 |
commit | da76459dc21b5af2449af2d36eb95226cb186ce2 (patch) | |
tree | 542ebb3c1e796fac2742495b8437331727bbbfa0 /reg-tests/checks/ssl-hello-check.vtc | |
parent | Initial commit. (diff) | |
download | haproxy-da76459dc21b5af2449af2d36eb95226cb186ce2.tar.xz haproxy-da76459dc21b5af2449af2d36eb95226cb186ce2.zip |
Adding upstream version 2.6.12.upstream/2.6.12upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | reg-tests/checks/ssl-hello-check.vtc | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/reg-tests/checks/ssl-hello-check.vtc b/reg-tests/checks/ssl-hello-check.vtc new file mode 100644 index 0000000..49abc0b --- /dev/null +++ b/reg-tests/checks/ssl-hello-check.vtc @@ -0,0 +1,76 @@ +varnishtest "Health-checks: ssl-hello health-check" +#REQUIRE_OPTION=OPENSSL +#REQUIRE_VERSION=2.2 +#REGTEST_TYPE=slow +feature ignore_unknown_macro + +# This scripts tests health-checks for SSL application, enabled using +# "option ssl-hello-chk" line. + +syslog S1 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be1/srv succeeded, reason: Layer6 check passed.+check duration: [[:digit:]]+ms, status: 1/1 UP." +} -start + + +syslog S2 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be2/srv failed, reason: Layer6 invalid response.+info: \"TCPCHK got an empty response at step 2\".+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + +syslog S3 -level notice { + recv + expect ~ "[^:\\[ ]\\[${h1_pid}\\]: Health check for server be3/srv failed, reason: Layer6 invalid response.+check duration: [[:digit:]]+ms, status: 0/1 DOWN." +} -start + +haproxy htst -conf { + global + tune.ssl.default-dh-param 2048 + + defaults + mode tcp + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + + frontend fe1 + bind "fd@${fe1}" ssl crt ${testdir}/common.pem + + frontend fe2 + bind "fd@${fe2}" + + frontend fe3 + mode http + bind "fd@${fe3}" + +} -start + +haproxy h1 -conf { + defaults + mode tcp + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + + backend be1 + log ${S1_addr}:${S1_port} daemon + option log-health-checks + option ssl-hello-chk + server srv ${htst_fe1_addr}:${htst_fe1_port} check inter 1s rise 1 fall 1 + + backend be2 + log ${S2_addr}:${S2_port} daemon + option log-health-checks + option ssl-hello-chk + server srv ${htst_fe2_addr}:${htst_fe2_port} check inter 1s rise 1 fall 1 + + backend be3 + log ${S3_addr}:${S3_port} daemon + option log-health-checks + option ssl-hello-chk + server srv ${htst_fe3_addr}:${htst_fe3_port} check inter 1s rise 1 fall 1 +} -start + +syslog S1 -wait +syslog S2 -wait +syslog S3 -wait |