You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by sh...@apache.org on 2019/02/12 21:47:01 UTC
[trafficserver] branch master updated: Adjust tls_client_versions
to be more resilient for different curl versions
This is an automated email from the ASF dual-hosted git repository.
shinrich pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 19e9776 Adjust tls_client_versions to be more resilient for different curl versions
19e9776 is described below
commit 19e9776877e005191b3349b0fe1ea1380f850388
Author: dyrock <ze...@gmail.com>
AuthorDate: Tue Feb 12 21:01:39 2019 +0000
Adjust tls_client_versions to be more resilient for different curl versions
---
tests/gold_tests/tls/tls_client_versions.test.py | 10 ++++------
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/tests/gold_tests/tls/tls_client_versions.test.py b/tests/gold_tests/tls/tls_client_versions.test.py
index 54de708..91eea68 100644
--- a/tests/gold_tests/tls/tls_client_versions.test.py
+++ b/tests/gold_tests/tls/tls_client_versions.test.py
@@ -34,7 +34,7 @@ Test.SkipUnless(
ts = Test.MakeATSProcess("ts", select_ports=False)
server = Test.MakeOriginServer("server", ssl=True)
-request_foo_header = {"headers": "GET / HTTP/1.1\r\n\r\n", "timestamp": "1469733493.993", "body": ""}
+request_foo_header = {"headers": "GET / HTTP/1.1\r\n\r\n", "timestamp": "1469733493.993", "body": ""}
response_foo_header = {"headers": "HTTP/1.1 200 OK\r\nConnection: close\r\n\r\n", "timestamp": "1469733493.993", "body": "foo ok"}
server.addResponse("sessionlog.json", request_foo_header, response_foo_header)
@@ -66,7 +66,7 @@ ts.Disk.records_config.update({
})
# foo.com should only offer the older TLS protocols
-# bar.com should terminate.
+# bar.com should terminate.
# empty SNI should tunnel to server_bar
ts.Disk.ssl_server_name_yaml.AddLines([
'- fqdn: foo.com',
@@ -78,9 +78,8 @@ tr = Test.AddTestRun("foo.com TLSv1_2")
tr.Processes.Default.StartBefore(server)
tr.Processes.Default.StartBefore(Test.Processes.ts, ready=When.PortOpen(ts.Variables.ssl_port))
tr.Processes.Default.Command = "curl -v --tls-max 1.2 --tlsv1.2 --resolve 'foo.com:{0}:127.0.0.1' -k https://foo.com:{0}".format(ts.Variables.ssl_port)
-tr.ReturnCode = 35
+tr.ReturnCode = 35
tr.StillRunningAfter = ts
-tr.Processes.Default.Streams.All += Testers.ContainsExpression("ssl_choose_client_version:unsupported protocol", "Should not allow TLSv1_2")
# Target foo.com for TLSv1. Should succeed
tr = Test.AddTestRun("foo.com TLSv1")
@@ -91,9 +90,8 @@ tr.StillRunningAfter = ts
# Target bar.com for TLSv1. Should fail
tr = Test.AddTestRun("bar.com TLSv1")
tr.Processes.Default.Command = "curl -v --tls-max 1.0 --tlsv1 --resolve 'bar.com:{0}:127.0.0.1' -k https://bar.com:{0}".format(ts.Variables.ssl_port)
-tr.ReturnCode = 35
+tr.ReturnCode = 35
tr.StillRunningAfter = ts
-tr.Processes.Default.Streams.All += Testers.ContainsExpression("alert protocol version", "Should not allow TLSv1_0")
# Target bar.com for TLSv1_2. Should succeed
tr = Test.AddTestRun("bar.com TLSv1_2")