This is an automated email from the ASF dual-hosted git repository.
rrm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 8f25b6b Remove reference to client.verify.server from tests and other
bits (#7639)
8f25b6b is described below
commit 8f25b6b871a9e96c3e87789f728a0016975094ba
Author: Randall Meyer <[email protected]>
AuthorDate: Mon Mar 29 07:23:15 2021 -0700
Remove reference to client.verify.server from tests and other bits (#7639)
Option originally removed in 9f15e7750030d298078ab43d62534d331c15d63c
Also remove unnecessary setting of cipher suite in tests
---
.../api/types/TSOverridableConfigKey.en.rst | 1 -
include/ts/apidefs.h.in | 1 -
lib/perl/lib/Apache/TS/AdminClient.pm | 1 -
plugins/lua/ts_lua_http_config.c | 2 --
proxy/http/HttpConfig.h | 1 -
src/shared/overridable_txn_vars.cc | 1 -
src/traffic_server/InkAPI.cc | 3 --
src/traffic_server/InkAPITest.cc | 1 -
.../chunked_encoding/chunked_encoding.test.py | 13 +++-----
.../chunked_encoding/chunked_encoding_h2.test.py | 1 -
tests/gold_tests/continuations/double_h2.test.py | 2 --
tests/gold_tests/h2/h2disable.test.py | 1 -
.../h2/h2disable_no_accept_threads.test.py | 1 -
tests/gold_tests/h2/h2enable.test.py | 1 -
.../h2/h2enable_no_accept_threads.test.py | 1 -
tests/gold_tests/h2/h2spec.test.py | 1 -
tests/gold_tests/h2/http2.test.py | 2 --
tests/gold_tests/h2/http2_priority.test.py | 2 --
tests/gold_tests/h2/httpbin.test.py | 2 --
tests/gold_tests/ip_allow/ip_allow.test.py | 2 --
.../pluginTest/lua/lua_watermark.test.py | 4 ---
.../regex_revalidate/regex_revalidate.test.py | 3 --
.../pluginTest/slice/slice_regex.test.py | 1 -
.../pluginTest/sslheaders/sslheaders.test.py | 6 ----
.../pluginTest/traffic_dump/traffic_dump.test.py | 1 -
.../traffic_dump/traffic_dump_sni_filter.test.py | 1 -
tests/gold_tests/remap/remap_https.test.py | 2 --
tests/gold_tests/timeout/tls_conn_timeout.test.py | 8 -----
tests/gold_tests/tls/tls.test.py | 7 ++--
.../tls/tls_check_cert_selection.test.py | 1 -
tests/gold_tests/tls/tls_client_cert.test.py | 2 --
tests/gold_tests/tls/tls_client_cert2.test.py | 1 -
.../tls/tls_client_cert_override.test.py | 1 -
tests/gold_tests/tls/tls_client_verify.test.py | 1 -
tests/gold_tests/tls/tls_client_verify2.test.py | 1 -
tests/gold_tests/tls/tls_client_verify3.test.py | 1 -
tests/gold_tests/tls/tls_client_versions.test.py | 1 -
tests/gold_tests/tls/tls_engine.test.py | 1 -
tests/gold_tests/tls/tls_forward_nonhttp.test.py | 1 -
.../gold_tests/tls/tls_hooks_client_verify.test.py | 1 -
tests/gold_tests/tls/tls_hooks_verify.test.py | 1 -
tests/gold_tests/tls/tls_keepalive.test.py | 1 -
tests/gold_tests/tls/tls_ocsp.test.py | 1 -
.../tls/tls_origin_session_reuse.test.py | 4 ---
tests/gold_tests/tls/tls_sni_host_policy.test.py | 1 -
tests/gold_tests/tls/tls_ticket.test.py | 2 --
tests/gold_tests/tls/tls_tunnel.test.py | 24 +++++++-------
tests/gold_tests/tls/tls_tunnel_forward.test.py | 20 ++++++------
tests/gold_tests/tls/tls_verify.test.py | 1 -
tests/gold_tests/tls/tls_verify2.test.py | 1 -
tests/gold_tests/tls/tls_verify3.test.py | 1 -
tests/gold_tests/tls/tls_verify_base.test.py | 1 -
.../gold_tests/tls/tls_verify_ca_override.test.py | 1 -
.../gold_tests/tls/tls_verify_not_pristine.test.py | 1 -
tests/gold_tests/tls/tls_verify_override.test.py | 1 -
.../tls/tls_verify_override_base.test.py | 1 -
.../gold_tests/tls/tls_verify_override_sni.test.py | 1 -
tests/gold_tests/tls_hooks/tls_hooks.test.py | 2 --
tests/gold_tests/tls_hooks/tls_hooks10.test.py | 13 +++-----
tests/gold_tests/tls_hooks/tls_hooks11.test.py | 13 +++-----
tests/gold_tests/tls_hooks/tls_hooks12.test.py | 13 +++-----
tests/gold_tests/tls_hooks/tls_hooks13.test.py | 13 +++-----
tests/gold_tests/tls_hooks/tls_hooks14.test.py | 13 +++-----
tests/gold_tests/tls_hooks/tls_hooks15.test.py | 13 +++-----
tests/gold_tests/tls_hooks/tls_hooks16.test.py | 13 +++-----
tests/gold_tests/tls_hooks/tls_hooks17.test.py | 13 +++-----
tests/gold_tests/tls_hooks/tls_hooks18.test.py | 38 ++++++++++------------
tests/gold_tests/tls_hooks/tls_hooks2.test.py | 13 +++-----
tests/gold_tests/tls_hooks/tls_hooks3.test.py | 13 +++-----
tests/gold_tests/tls_hooks/tls_hooks4.test.py | 13 +++-----
tests/gold_tests/tls_hooks/tls_hooks6.test.py | 13 +++-----
tests/gold_tests/tls_hooks/tls_hooks7.test.py | 13 +++-----
tests/gold_tests/tls_hooks/tls_hooks8.test.py | 13 +++-----
tests/gold_tests/tls_hooks/tls_hooks9.test.py | 13 +++-----
74 files changed, 123 insertions(+), 260 deletions(-)
diff --git a/doc/developer-guide/api/types/TSOverridableConfigKey.en.rst
b/doc/developer-guide/api/types/TSOverridableConfigKey.en.rst
index a17c791..cb672d4 100644
--- a/doc/developer-guide/api/types/TSOverridableConfigKey.en.rst
+++ b/doc/developer-guide/api/types/TSOverridableConfigKey.en.rst
@@ -147,7 +147,6 @@ Enumeration Members
.. c:macro:: TS_CONFIG_HTTP_ALLOW_HALF_OPEN
.. c:macro:: TS_CONFIG_HTTP_PER_SERVER_CONNECTION_MAX
.. c:macro:: TS_CONFIG_HTTP_PER_SERVER_CONNECTION_MATCH
- .. c:macro:: TS_CONFIG_SSL_CLIENT_VERIFY_SERVER
.. c:macro:: TS_CONFIG_SSL_CLIENT_VERIFY_SERVER_POLICY
.. c:macro:: TS_CONFIG_SSL_CLIENT_VERIFY_SERVER_PROPERTIES
.. c:macro:: TS_CONFIG_SSL_CLIENT_SNI_POLICY
diff --git a/include/ts/apidefs.h.in b/include/ts/apidefs.h.in
index ec8984c..e85958d 100644
--- a/include/ts/apidefs.h.in
+++ b/include/ts/apidefs.h.in
@@ -790,7 +790,6 @@ typedef enum {
TS_CONFIG_HTTP_SERVER_MIN_KEEP_ALIVE_CONNS,
TS_CONFIG_HTTP_PER_SERVER_CONNECTION_MAX,
TS_CONFIG_HTTP_PER_SERVER_CONNECTION_MATCH,
- TS_CONFIG_SSL_CLIENT_VERIFY_SERVER,
TS_CONFIG_SSL_CLIENT_VERIFY_SERVER_POLICY,
TS_CONFIG_SSL_CLIENT_VERIFY_SERVER_PROPERTIES,
TS_CONFIG_SSL_CLIENT_SNI_POLICY,
diff --git a/lib/perl/lib/Apache/TS/AdminClient.pm
b/lib/perl/lib/Apache/TS/AdminClient.pm
index dbccd3e..3767cce 100644
--- a/lib/perl/lib/Apache/TS/AdminClient.pm
+++ b/lib/perl/lib/Apache/TS/AdminClient.pm
@@ -579,7 +579,6 @@ The Apache Traffic Server Administration Manual will
explain what these strings
proxy.config.ssl.client.cert.path
proxy.config.ssl.client.private_key.filename
proxy.config.ssl.client.private_key.path
- proxy.config.ssl.client.verify.server
proxy.config.ssl.server.cert_chain.filename
proxy.config.ssl.server.cert.path
proxy.config.ssl.server.cipher_suite
diff --git a/plugins/lua/ts_lua_http_config.c b/plugins/lua/ts_lua_http_config.c
index cb75346..a6bece1 100644
--- a/plugins/lua/ts_lua_http_config.c
+++ b/plugins/lua/ts_lua_http_config.c
@@ -129,7 +129,6 @@ typedef enum {
TS_LUA_CONFIG_HTTP_ALLOW_MULTI_RANGE =
TS_CONFIG_HTTP_ALLOW_MULTI_RANGE,
TS_LUA_CONFIG_HTTP_REQUEST_BUFFER_ENABLED =
TS_CONFIG_HTTP_REQUEST_BUFFER_ENABLED,
TS_LUA_CONFIG_HTTP_ALLOW_HALF_OPEN =
TS_CONFIG_HTTP_ALLOW_HALF_OPEN,
- TS_LUA_CONFIG_SSL_CLIENT_VERIFY_SERVER =
TS_CONFIG_SSL_CLIENT_VERIFY_SERVER,
TS_LUA_CONFIG_SSL_CLIENT_VERIFY_SERVER_POLICY =
TS_CONFIG_SSL_CLIENT_VERIFY_SERVER_POLICY,
TS_LUA_CONFIG_SSL_CLIENT_VERIFY_SERVER_PROPERTIES =
TS_CONFIG_SSL_CLIENT_VERIFY_SERVER_PROPERTIES,
TS_LUA_CONFIG_SSL_CLIENT_SNI_POLICY =
TS_CONFIG_SSL_CLIENT_SNI_POLICY,
@@ -254,7 +253,6 @@ ts_lua_var_item ts_lua_http_config_vars[] = {
TS_LUA_MAKE_VAR_ITEM(TS_LUA_CONFIG_HTTP_ALLOW_MULTI_RANGE),
TS_LUA_MAKE_VAR_ITEM(TS_LUA_CONFIG_HTTP_REQUEST_BUFFER_ENABLED),
TS_LUA_MAKE_VAR_ITEM(TS_LUA_CONFIG_HTTP_ALLOW_HALF_OPEN),
- TS_LUA_MAKE_VAR_ITEM(TS_CONFIG_SSL_CLIENT_VERIFY_SERVER),
TS_LUA_MAKE_VAR_ITEM(TS_CONFIG_SSL_CLIENT_VERIFY_SERVER_POLICY),
TS_LUA_MAKE_VAR_ITEM(TS_CONFIG_SSL_CLIENT_VERIFY_SERVER_PROPERTIES),
TS_LUA_MAKE_VAR_ITEM(TS_CONFIG_SSL_CLIENT_SNI_POLICY),
diff --git a/proxy/http/HttpConfig.h b/proxy/http/HttpConfig.h
index b849194..81fe5f9 100644
--- a/proxy/http/HttpConfig.h
+++ b/proxy/http/HttpConfig.h
@@ -588,7 +588,6 @@ struct OverridableHttpConfigParams {
//////////////////////////////
// server verification mode //
//////////////////////////////
- MgmtByte ssl_client_verify_server = 0;
char *ssl_client_verify_server_policy = nullptr;
char *ssl_client_verify_server_properties = nullptr;
char *ssl_client_sni_policy = nullptr;
diff --git a/src/shared/overridable_txn_vars.cc
b/src/shared/overridable_txn_vars.cc
index 398bf2b..9a903a0 100644
--- a/src/shared/overridable_txn_vars.cc
+++ b/src/shared/overridable_txn_vars.cc
@@ -149,7 +149,6 @@ const std::unordered_map<std::string_view, std::tuple<const
TSOverridableConfigK
{TS_CONFIG_HTTP_CONNECT_ATTEMPTS_MAX_RETRIES_DEAD_SERVER,
TS_RECORDDATATYPE_INT}},
{"proxy.config.http.parent_proxy.per_parent_connect_attempts",
{TS_CONFIG_HTTP_PER_PARENT_CONNECT_ATTEMPTS, TS_RECORDDATATYPE_INT}},
- {"proxy.config.ssl.client.verify.server",
{TS_CONFIG_SSL_CLIENT_VERIFY_SERVER, TS_RECORDDATATYPE_INT}},
{"proxy.config.ssl.client.verify.server.policy",
{TS_CONFIG_SSL_CLIENT_VERIFY_SERVER_POLICY, TS_RECORDDATATYPE_STRING}},
{"proxy.config.ssl.client.verify.server.properties",
{TS_CONFIG_SSL_CLIENT_VERIFY_SERVER_PROPERTIES,
TS_RECORDDATATYPE_STRING}},
diff --git a/src/traffic_server/InkAPI.cc b/src/traffic_server/InkAPI.cc
index 2cba9fa..c8246c1 100644
--- a/src/traffic_server/InkAPI.cc
+++ b/src/traffic_server/InkAPI.cc
@@ -8720,9 +8720,6 @@ _conf_to_memberp(TSOverridableConfigKey conf,
OverridableHttpConfigParams *overr
case TS_CONFIG_HTTP_FORWARD_CONNECT_METHOD:
ret = _memberp_to_generic(&overridableHttpConfig->forward_connect_method,
conv);
break;
- case TS_CONFIG_SSL_CLIENT_VERIFY_SERVER:
- ret =
_memberp_to_generic(&overridableHttpConfig->ssl_client_verify_server, conv);
- break;
case TS_CONFIG_SSL_CLIENT_VERIFY_SERVER_POLICY:
case TS_CONFIG_SSL_CLIENT_VERIFY_SERVER_PROPERTIES:
case TS_CONFIG_SSL_CLIENT_SNI_POLICY:
diff --git a/src/traffic_server/InkAPITest.cc b/src/traffic_server/InkAPITest.cc
index c553454..946d713 100644
--- a/src/traffic_server/InkAPITest.cc
+++ b/src/traffic_server/InkAPITest.cc
@@ -8687,7 +8687,6 @@ std::array<std::string_view, TS_CONFIG_LAST_ENTRY>
SDK_Overridable_Configs = {
OutboundConnTrack::CONFIG_VAR_MIN,
OutboundConnTrack::CONFIG_VAR_MAX,
OutboundConnTrack::CONFIG_VAR_MATCH,
- "proxy.config.ssl.client.verify.server",
"proxy.config.ssl.client.verify.server.policy",
"proxy.config.ssl.client.verify.server.properties",
"proxy.config.ssl.client.sni_policy",
diff --git a/tests/gold_tests/chunked_encoding/chunked_encoding.test.py
b/tests/gold_tests/chunked_encoding/chunked_encoding.test.py
index 46c68e9..ef118be 100644
--- a/tests/gold_tests/chunked_encoding/chunked_encoding.test.py
+++ b/tests/gold_tests/chunked_encoding/chunked_encoding.test.py
@@ -67,14 +67,11 @@ server3.addResponse("sessionlog.json", request_header3,
response_header3)
# add ssl materials like key, certificates for the server
ts.addDefaultSSLFiles()
-ts.Disk.records_config.update({
- 'proxy.config.diags.debug.enabled': 1,
- 'proxy.config.diags.debug.tags': 'http',
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
-})
+ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags': 'http',
+ 'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ })
ts.Disk.remap_config.AddLine(
'map http://www.example.com
http://127.0.0.1:{0}'.format(server.Variables.Port)
diff --git a/tests/gold_tests/chunked_encoding/chunked_encoding_h2.test.py
b/tests/gold_tests/chunked_encoding/chunked_encoding_h2.test.py
index 9a21c96..d9f74ee 100644
--- a/tests/gold_tests/chunked_encoding/chunked_encoding_h2.test.py
+++ b/tests/gold_tests/chunked_encoding/chunked_encoding_h2.test.py
@@ -40,7 +40,6 @@ ts.Disk.records_config.update({
'proxy.config.diags.debug.tags': 'http',
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
})
ts.Disk.remap_config.AddLine(
diff --git a/tests/gold_tests/continuations/double_h2.test.py
b/tests/gold_tests/continuations/double_h2.test.py
index d9d01ab..5251b60 100644
--- a/tests/gold_tests/continuations/double_h2.test.py
+++ b/tests/gold_tests/continuations/double_h2.test.py
@@ -57,8 +57,6 @@ ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
'proxy.config.cache.enable_read_while_writer': 0,
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.http2.max_concurrent_streams_in': 65535
})
diff --git a/tests/gold_tests/h2/h2disable.test.py
b/tests/gold_tests/h2/h2disable.test.py
index 8dddbb2..1936807 100644
--- a/tests/gold_tests/h2/h2disable.test.py
+++ b/tests/gold_tests/h2/h2disable.test.py
@@ -49,7 +49,6 @@ ts.Disk.records_config.update({
'proxy.config.diags.debug.tags': 'http|ssl',
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.url_remap.pristine_host_hdr': 1,
'proxy.config.accept_threads': 1
})
diff --git a/tests/gold_tests/h2/h2disable_no_accept_threads.test.py
b/tests/gold_tests/h2/h2disable_no_accept_threads.test.py
index 86ef6ce..b467dbb 100644
--- a/tests/gold_tests/h2/h2disable_no_accept_threads.test.py
+++ b/tests/gold_tests/h2/h2disable_no_accept_threads.test.py
@@ -49,7 +49,6 @@ ts.Disk.records_config.update({
'proxy.config.diags.debug.tags': 'http|ssl',
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.url_remap.pristine_host_hdr': 1,
'proxy.config.accept_threads': 0
})
diff --git a/tests/gold_tests/h2/h2enable.test.py
b/tests/gold_tests/h2/h2enable.test.py
index 556125a..120f4a0 100644
--- a/tests/gold_tests/h2/h2enable.test.py
+++ b/tests/gold_tests/h2/h2enable.test.py
@@ -48,7 +48,6 @@ ts.Disk.records_config.update({
'proxy.config.diags.debug.tags': 'http|ssl',
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.url_remap.pristine_host_hdr': 1,
'proxy.config.accept_threads': 1,
'proxy.config.http.server_ports': '{0}:ssl:proto=http
{1}'.format(ts.Variables.ssl_port, ts.Variables.port)
diff --git a/tests/gold_tests/h2/h2enable_no_accept_threads.test.py
b/tests/gold_tests/h2/h2enable_no_accept_threads.test.py
index 8b7245b..b7c55a0 100644
--- a/tests/gold_tests/h2/h2enable_no_accept_threads.test.py
+++ b/tests/gold_tests/h2/h2enable_no_accept_threads.test.py
@@ -48,7 +48,6 @@ ts.Disk.records_config.update({
'proxy.config.diags.debug.tags': 'http|ssl',
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.url_remap.pristine_host_hdr': 1,
'proxy.config.http.server_ports': '{0}:ssl:proto=http
{1}'.format(ts.Variables.ssl_port, ts.Variables.port),
'proxy.config.accept_threads': 0
diff --git a/tests/gold_tests/h2/h2spec.test.py
b/tests/gold_tests/h2/h2spec.test.py
index 7d889fb..f6ab102 100644
--- a/tests/gold_tests/h2/h2spec.test.py
+++ b/tests/gold_tests/h2/h2spec.test.py
@@ -50,7 +50,6 @@ ts.Disk.records_config.update({
'proxy.config.http.insert_response_via_str': 1,
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
'proxy.config.diags.debug.enabled': 0,
'proxy.config.diags.debug.tags': 'http',
})
diff --git a/tests/gold_tests/h2/http2.test.py
b/tests/gold_tests/h2/http2.test.py
index 304b52f..a90902d 100644
--- a/tests/gold_tests/h2/http2.test.py
+++ b/tests/gold_tests/h2/http2.test.py
@@ -128,8 +128,6 @@ ts.Disk.records_config.update({
'proxy.config.diags.debug.tags': 'http',
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.http2.active_timeout_in': 3,
'proxy.config.http2.max_concurrent_streams_in': 65535,
})
diff --git a/tests/gold_tests/h2/http2_priority.test.py
b/tests/gold_tests/h2/http2_priority.test.py
index 83bf797..7c7a25a 100644
--- a/tests/gold_tests/h2/http2_priority.test.py
+++ b/tests/gold_tests/h2/http2_priority.test.py
@@ -58,8 +58,6 @@ ts.Disk.records_config.update({
'proxy.config.http2.no_activity_timeout_in': 3,
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.diags.debug.enabled': 1,
'proxy.config.diags.debug.tags': 'http2',
})
diff --git a/tests/gold_tests/h2/httpbin.test.py
b/tests/gold_tests/h2/httpbin.test.py
index fe09729..5a443fe 100644
--- a/tests/gold_tests/h2/httpbin.test.py
+++ b/tests/gold_tests/h2/httpbin.test.py
@@ -55,8 +55,6 @@ ts.Disk.records_config.update({
'proxy.config.http.insert_response_via_str': 1,
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.diags.debug.enabled': 1,
'proxy.config.diags.debug.tags': 'http2',
diff --git a/tests/gold_tests/ip_allow/ip_allow.test.py
b/tests/gold_tests/ip_allow/ip_allow.test.py
index d4f41c8..477cbd5 100644
--- a/tests/gold_tests/ip_allow/ip_allow.test.py
+++ b/tests/gold_tests/ip_allow/ip_allow.test.py
@@ -89,8 +89,6 @@ ts.Disk.records_config.update({
'proxy.config.http.connect_ports': '{0}'.format(server.Variables.SSL_Port),
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.http2.active_timeout_in': 3,
'proxy.config.http2.max_concurrent_streams_in': 65535,
})
diff --git a/tests/gold_tests/pluginTest/lua/lua_watermark.test.py
b/tests/gold_tests/pluginTest/lua/lua_watermark.test.py
index 55e7ddf..10231f5 100644
--- a/tests/gold_tests/pluginTest/lua/lua_watermark.test.py
+++ b/tests/gold_tests/pluginTest/lua/lua_watermark.test.py
@@ -52,10 +52,6 @@ ts.Disk.records_config.update({
# Test for watermark debug output
ts.Streams.All = Testers.ContainsExpression(r"WMbytes\(31337\)", "Upstream
watermark should be properly set")
-# These are needed for 8.x only since Lua errors go to diags in 8.x, newer
versions go to stdout
-#ts.Disk.diags_log.Content = Testers.ContainsExpression("failed to get node's
reconfigure time while checking script registration", "This test is a failure
test")
-#ts.Disk.diags_log.Content = Testers.ContainsExpression("failed to get node's
reconfigure time while registering script", "This test is a failure test")
-
# Test if watermark upstream is set
tr = Test.AddTestRun("Lua Watermark")
tr.Processes.Default.Command = "curl -v
http://127.0.0.1:{0}".format(ts.Variables.port)
diff --git
a/tests/gold_tests/pluginTest/regex_revalidate/regex_revalidate.test.py
b/tests/gold_tests/pluginTest/regex_revalidate/regex_revalidate.test.py
index 174bbf4..3db076e 100644
--- a/tests/gold_tests/pluginTest/regex_revalidate/regex_revalidate.test.py
+++ b/tests/gold_tests/pluginTest/regex_revalidate/regex_revalidate.test.py
@@ -44,9 +44,6 @@ server = Test.MakeOriginServer("server")
# Define ATS and configure
ts = Test.MakeATSProcess("ts", command="traffic_manager", select_ports=True)
-# **testname is required**
-#testName = "regex_reval"
-
# default root
request_header_0 = {"headers":
"GET / HTTP/1.1\r\n" +
diff --git a/tests/gold_tests/pluginTest/slice/slice_regex.test.py
b/tests/gold_tests/pluginTest/slice/slice_regex.test.py
index 7bc6644..8fc8003 100644
--- a/tests/gold_tests/pluginTest/slice/slice_regex.test.py
+++ b/tests/gold_tests/pluginTest/slice/slice_regex.test.py
@@ -55,7 +55,6 @@ response_header_chk = {"headers":
server.addResponse("sessionlog.json", request_header_chk, response_header_chk)
-#block_bytes = 7
body = "lets go surfin now"
request_header_txt = {"headers":
diff --git a/tests/gold_tests/pluginTest/sslheaders/sslheaders.test.py
b/tests/gold_tests/pluginTest/sslheaders/sslheaders.test.py
index b0a7a9d..a430ed6 100644
--- a/tests/gold_tests/pluginTest/sslheaders/sslheaders.test.py
+++ b/tests/gold_tests/pluginTest/sslheaders/sslheaders.test.py
@@ -50,12 +50,6 @@ ts.Disk.records_config.update({
'proxy.config.http.server_ports': (
'ipv4:{0} ipv4:{1}:proto=http2;http:ssl ipv6:{0}
ipv6:{1}:proto=http2;http:ssl'
.format(ts.Variables.port, ts.Variables.ssl_port)),
- # 'proxy.config.ssl.client.verify.server': 0,
- # 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
- # 'proxy.config.url_remap.pristine_host_hdr' : 1,
- # 'proxy.config.ssl.client.certification_level': 2,
- # 'proxy.config.ssl.CA.cert.filename':
'{0}/signer.pem'.format(ts.Variables.SSLDir),
- # 'proxy.config.ssl.TLSv1_3': 0
})
ts.Disk.ssl_multicert_config.AddLine(
diff --git a/tests/gold_tests/pluginTest/traffic_dump/traffic_dump.test.py
b/tests/gold_tests/pluginTest/traffic_dump/traffic_dump.test.py
index e692c47..3248f2c 100644
--- a/tests/gold_tests/pluginTest/traffic_dump/traffic_dump.test.py
+++ b/tests/gold_tests/pluginTest/traffic_dump/traffic_dump.test.py
@@ -51,7 +51,6 @@ ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
'proxy.config.url_remap.pristine_host_hdr': 1,
'proxy.config.ssl.CA.cert.filename':
'{0}/signer.pem'.format(ts.Variables.SSLDir),
'proxy.config.exec_thread.autoconfig.scale': 1.0,
diff --git
a/tests/gold_tests/pluginTest/traffic_dump/traffic_dump_sni_filter.test.py
b/tests/gold_tests/pluginTest/traffic_dump/traffic_dump_sni_filter.test.py
index 43bbdaa..7fd62a1 100644
--- a/tests/gold_tests/pluginTest/traffic_dump/traffic_dump_sni_filter.test.py
+++ b/tests/gold_tests/pluginTest/traffic_dump/traffic_dump_sni_filter.test.py
@@ -45,7 +45,6 @@ ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
'proxy.config.url_remap.pristine_host_hdr': 1,
'proxy.config.ssl.CA.cert.filename':
'{0}/signer.pem'.format(ts.Variables.SSLDir),
'proxy.config.exec_thread.autoconfig.scale': 1.0,
diff --git a/tests/gold_tests/remap/remap_https.test.py
b/tests/gold_tests/remap/remap_https.test.py
index 203aed8..3876c90 100644
--- a/tests/gold_tests/remap/remap_https.test.py
+++ b/tests/gold_tests/remap/remap_https.test.py
@@ -46,8 +46,6 @@ ts.Disk.records_config.update({
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
# enable ssl port
'proxy.config.http.server_ports': '{0}
{1}:proto=http2;http:ssl'.format(ts.Variables.port, ts.Variables.ssl_port),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
})
ts.Disk.remap_config.AddLine(
diff --git a/tests/gold_tests/timeout/tls_conn_timeout.test.py
b/tests/gold_tests/timeout/tls_conn_timeout.test.py
index b28a181..e361ec7 100644
--- a/tests/gold_tests/timeout/tls_conn_timeout.test.py
+++ b/tests/gold_tests/timeout/tls_conn_timeout.test.py
@@ -68,7 +68,6 @@ tr.Processes.Default.StartBefore(Test.Processes.ts)
tr.Processes.Default.StartBefore(delay_post_connect,
ready=When.PortOpen(Test.Variables.block_connect_port))
tr.Processes.Default.Command = 'curl -H"Connection:close" -d "bob" -i
http://127.0.0.1:{0}/connect_blocked --tlsv1.2'.format(
ts.Variables.port)
-#tr.Processes.Default.TimeOut = 6
tr.Processes.Default.Streams.All = Testers.ContainsExpression(
"HTTP/1.1 502 internal error - server connection terminated", "Connect
failed")
tr.Processes.Default.ReturnCode = 0
@@ -81,7 +80,6 @@ tr = Test.AddTestRun("tr-delayed-post")
tr.Processes.Default.StartBefore(delay_post_ttfb,
ready=When.PortOpen(Test.Variables.block_ttfb_port))
tr.Processes.Default.Command = 'curl -H"Connection:close" -d "bob" -i
http://127.0.0.1:{0}/ttfb_blocked --tlsv1.2'.format(
ts.Variables.port)
-#tr.Processes.Default.TimeOut = 15
tr.Processes.Default.Streams.All = Testers.ContainsExpression("504 Connection
Timed Out", "Conntect timeout")
tr.Processes.Default.ReturnCode = 0
tr.StillRunningAfter = delay_post_ttfb
@@ -94,7 +92,6 @@ tr = Test.AddTestRun("tr-blocking-get")
tr.Processes.Default.StartBefore(delay_get_connect,
ready=When.PortOpen(Test.Variables.get_block_connect_port))
tr.Processes.Default.Command = 'curl -H"Connection:close" -i
http://127.0.0.1:{0}/get_connect_blocked --tlsv1.2'.format(
ts.Variables.port)
-#tr.Processes.Default.TimeOut = 6
tr.Processes.Default.Streams.All = Testers.ContainsExpression(
"HTTP/1.1 502 internal error - server connection terminated", "Connect
failed")
tr.Processes.Default.ReturnCode = 0
@@ -106,7 +103,6 @@ tr = Test.AddTestRun("tr-delayed-get")
tr.Processes.Default.StartBefore(delay_get_ttfb,
ready=When.PortOpen(Test.Variables.get_block_ttfb_port))
tr.Processes.Default.Command = 'curl -H"Connection:close" -i
http://127.0.0.1:{0}/get_ttfb_blocked --tlsv1.2'.format(
ts.Variables.port)
-#tr.Processes.Default.TimeOut = 15
tr.Processes.Default.Streams.All = Testers.ContainsExpression("504 Connection
Timed Out", "Conntect timeout")
tr.Processes.Default.ReturnCode = 0
tr.StillRunningAfter = delay_get_ttfb
@@ -116,8 +112,6 @@ delay_post_connect.Streams.All = Testers.ContainsExpression(
delay_post_connect.Streams.All += Testers.ExcludesExpression("TTFB delay",
"Should not reach the TTFB delay logic")
delay_post_ttfb.Streams.All = Testers.ContainsExpression("Accept try", "Should
appear one time")
delay_post_ttfb.Streams.All += Testers.ContainsExpression("TTFB delay",
"Should reach the TTFB delay logic")
-# May fail due to port ready test
-#delay_post_ttfb.Streams.All += Testers.ExcludesExpression("Failed accept",
"Accept should have succeeded")
delay_get_connect.Streams.All = Testers.ContainsExpression(
@@ -126,5 +120,3 @@ delay_get_connect.Streams.All +=
Testers.ExcludesExpression("TTFB delay", "Shoul
delay_get_ttfb.Streams.All = Testers.ContainsExpression(
"Accept try", "Should appear at least two times (may be an extra one due
to the port ready test)")
delay_get_ttfb.Streams.All += Testers.ContainsExpression("TTFB delay", "Should
reach the TTFB delay logic")
-# May fail due to port ready test
-#delay_get_ttfb.Streams.All += Testers.ExcludesExpression("Failed accept",
"Accept should have succeeded")
diff --git a/tests/gold_tests/tls/tls.test.py b/tests/gold_tests/tls/tls.test.py
index dd40273..e9eec50 100644
--- a/tests/gold_tests/tls/tls.test.py
+++ b/tests/gold_tests/tls/tls.test.py
@@ -36,7 +36,6 @@ reHost = "www.example.com"
testName = ""
header_count = 378
-#header_count = 78
header_string = "POST /post HTTP/1.1\r\nHost:
www.example.com\r\nContent-Length:1000\r\n"
@@ -67,8 +66,10 @@ ts.Disk.remap_config.AddLine(
ts.Disk.ssl_multicert_config.AddLine(
'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
)
-ts.Disk.records_config.update({'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir), 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir), 'proxy.config.exec_thread.autoconfig.scale':
1.0, 'proxy.config.ssl.server.cipher_suite':
-
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
})
+ts.Disk.records_config.update({'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.exec_thread.autoconfig.scale':
1.0,
+ })
tr = Test.AddTestRun("Run-Test")
tr.Command = './ssl-post 127.0.0.1 40 {0} {1}'.format(header_count,
ts.Variables.ssl_port)
diff --git a/tests/gold_tests/tls/tls_check_cert_selection.test.py
b/tests/gold_tests/tls/tls_check_cert_selection.test.py
index cbf7952..dfcaeca 100644
--- a/tests/gold_tests/tls/tls_check_cert_selection.test.py
+++ b/tests/gold_tests/tls/tls_check_cert_selection.test.py
@@ -53,7 +53,6 @@ ts.Disk.ssl_multicert_config.AddLines([
ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.url_remap.pristine_host_hdr': 1,
'proxy.config.dns.nameservers': '127.0.0.1:{0}'.format(dns.Variables.Port),
'proxy.config.exec_thread.autoconfig.scale': 1.0,
diff --git a/tests/gold_tests/tls/tls_client_cert.test.py
b/tests/gold_tests/tls/tls_client_cert.test.py
index 194cc94..dff91fb 100644
--- a/tests/gold_tests/tls/tls_client_cert.test.py
+++ b/tests/gold_tests/tls/tls_client_cert.test.py
@@ -75,7 +75,6 @@ ts.Disk.records_config.update({
'proxy.config.diags.debug.tags': 'ssl_verify_test',
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.ssl.client.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.client.cert.filename': 'signed-foo.pem',
'proxy.config.ssl.client.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
@@ -174,7 +173,6 @@ tr2.Disk.File(recordspath, id="records_config",
typename="ats:config:records"),
tr2.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.ssl.client.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.client.cert.filename': 'signed2-foo.pem',
'proxy.config.ssl.client.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
diff --git a/tests/gold_tests/tls/tls_client_cert2.test.py
b/tests/gold_tests/tls/tls_client_cert2.test.py
index fd917b1..5fc81f0 100644
--- a/tests/gold_tests/tls/tls_client_cert2.test.py
+++ b/tests/gold_tests/tls/tls_client_cert2.test.py
@@ -74,7 +74,6 @@ ts.Disk.records_config.update({
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.client.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.client.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.exec_thread.autoconfig.scale': 1.0,
'proxy.config.url_remap.pristine_host_hdr': 1,
})
diff --git a/tests/gold_tests/tls/tls_client_cert_override.test.py
b/tests/gold_tests/tls/tls_client_cert_override.test.py
index f04f357..e37d6ee 100644
--- a/tests/gold_tests/tls/tls_client_cert_override.test.py
+++ b/tests/gold_tests/tls/tls_client_cert_override.test.py
@@ -70,7 +70,6 @@ ts.addSSLfile("ssl/signed-bar.key")
ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.ssl.client.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.client.cert.filename': 'signed-foo.pem',
'proxy.config.ssl.client.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
diff --git a/tests/gold_tests/tls/tls_client_verify.test.py
b/tests/gold_tests/tls/tls_client_verify.test.py
index e231c01..f4b66a8 100644
--- a/tests/gold_tests/tls/tls_client_verify.test.py
+++ b/tests/gold_tests/tls/tls_client_verify.test.py
@@ -42,7 +42,6 @@ ts.addSSLfile("ssl/signer.pem")
ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.url_remap.pristine_host_hdr': 1,
'proxy.config.ssl.client.certification_level': 2,
'proxy.config.ssl.CA.cert.filename':
'{0}/signer.pem'.format(ts.Variables.SSLDir),
diff --git a/tests/gold_tests/tls/tls_client_verify2.test.py
b/tests/gold_tests/tls/tls_client_verify2.test.py
index a265af7..5168cd7 100644
--- a/tests/gold_tests/tls/tls_client_verify2.test.py
+++ b/tests/gold_tests/tls/tls_client_verify2.test.py
@@ -40,7 +40,6 @@ ts.addSSLfile("ssl/signer.pem")
ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.url_remap.pristine_host_hdr': 1,
'proxy.config.ssl.client.certification_level': 0,
'proxy.config.ssl.CA.cert.path': '',
diff --git a/tests/gold_tests/tls/tls_client_verify3.test.py
b/tests/gold_tests/tls/tls_client_verify3.test.py
index f790c23..1141a8d 100644
--- a/tests/gold_tests/tls/tls_client_verify3.test.py
+++ b/tests/gold_tests/tls/tls_client_verify3.test.py
@@ -40,7 +40,6 @@ ts.Disk.records_config.update({
'proxy.config.diags.debug.tags': 'ssl',
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.url_remap.pristine_host_hdr': 1,
'proxy.config.ssl.client.certification_level': 2,
'proxy.config.ssl.CA.cert.filename':
'{0}/ssl/aaa-ca.pem'.format(Test.TestDirectory),
diff --git a/tests/gold_tests/tls/tls_client_versions.test.py
b/tests/gold_tests/tls/tls_client_versions.test.py
index 8f1085a..db1be26 100644
--- a/tests/gold_tests/tls/tls_client_versions.test.py
+++ b/tests/gold_tests/tls/tls_client_versions.test.py
@@ -49,7 +49,6 @@ ts.Disk.ssl_multicert_config.AddLine(
ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.ssl.client.CA.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.url_remap.pristine_host_hdr': 1,
'proxy.config.ssl.TLSv1': 0,
diff --git a/tests/gold_tests/tls/tls_engine.test.py
b/tests/gold_tests/tls/tls_engine.test.py
index cb2f168..f3d5087 100644
--- a/tests/gold_tests/tls/tls_engine.test.py
+++ b/tests/gold_tests/tls/tls_engine.test.py
@@ -60,7 +60,6 @@ ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
'proxy.config.exec_thread.autoconfig.scale': 1.0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.ssl.engine.conf_file':
'{0}/ts/config/load_engine.cnf'.format(Test.RunDirectory),
'proxy.config.ssl.async.handshake.enabled': 1,
'proxy.config.diags.debug.enabled': 0,
diff --git a/tests/gold_tests/tls/tls_forward_nonhttp.test.py
b/tests/gold_tests/tls/tls_forward_nonhttp.test.py
index 1d3db0f..a34db6a 100644
--- a/tests/gold_tests/tls/tls_forward_nonhttp.test.py
+++ b/tests/gold_tests/tls/tls_forward_nonhttp.test.py
@@ -46,7 +46,6 @@ ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
'proxy.config.http.connect_ports': '{0} {1}'.format(ts.Variables.ssl_port,
ts.Variables.s_client_port),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.exec_thread.autoconfig.scale': 1.0,
'proxy.config.url_remap.pristine_host_hdr': 1
})
diff --git a/tests/gold_tests/tls/tls_hooks_client_verify.test.py
b/tests/gold_tests/tls/tls_hooks_client_verify.test.py
index 97fd4dc..cd428dc 100644
--- a/tests/gold_tests/tls/tls_hooks_client_verify.test.py
+++ b/tests/gold_tests/tls/tls_hooks_client_verify.test.py
@@ -42,7 +42,6 @@ ts.Disk.records_config.update({
'proxy.config.diags.debug.tags': 'ssl_client_verify_test',
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.exec_thread.autoconfig.scale': 1.0,
'proxy.config.ssl.CA.cert.filename':
'{0}/signer.pem'.format(ts.Variables.SSLDir),
'proxy.config.url_remap.pristine_host_hdr': 1
diff --git a/tests/gold_tests/tls/tls_hooks_verify.test.py
b/tests/gold_tests/tls/tls_hooks_verify.test.py
index 39315e6..a60146d 100644
--- a/tests/gold_tests/tls/tls_hooks_verify.test.py
+++ b/tests/gold_tests/tls/tls_hooks_verify.test.py
@@ -38,7 +38,6 @@ ts.Disk.records_config.update({
'proxy.config.diags.debug.tags': 'ssl_verify_test',
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.ssl.client.verify.server.policy': 'ENFORCED',
'proxy.config.ssl.client.verify.server.properties': 'NONE',
'proxy.config.url_remap.pristine_host_hdr': 1
diff --git a/tests/gold_tests/tls/tls_keepalive.test.py
b/tests/gold_tests/tls/tls_keepalive.test.py
index 021051f..ac51424 100644
--- a/tests/gold_tests/tls/tls_keepalive.test.py
+++ b/tests/gold_tests/tls/tls_keepalive.test.py
@@ -41,7 +41,6 @@ ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.TLSv1_3': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.exec_thread.autoconfig.scale': 1.0,
'proxy.config.log.max_secs_per_buffer': 1
})
diff --git a/tests/gold_tests/tls/tls_ocsp.test.py
b/tests/gold_tests/tls/tls_ocsp.test.py
index 12d91e4..3dbeb22 100644
--- a/tests/gold_tests/tls/tls_ocsp.test.py
+++ b/tests/gold_tests/tls/tls_ocsp.test.py
@@ -56,7 +56,6 @@ ts.Disk.records_config.update({
# enable prefetched OCSP responses
'proxy.config.ssl.ocsp.response.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.ocsp.enabled': 1,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.exec_thread.autoconfig.scale': 1.0
})
diff --git a/tests/gold_tests/tls/tls_origin_session_reuse.test.py
b/tests/gold_tests/tls/tls_origin_session_reuse.test.py
index 05ac943..f15a5bd 100644
--- a/tests/gold_tests/tls/tls_origin_session_reuse.test.py
+++ b/tests/gold_tests/tls/tls_origin_session_reuse.test.py
@@ -82,7 +82,6 @@ ts1.Disk.records_config.update({
'proxy.config.http.cache.http': 0,
'proxy.config.ssl.server.cert.path': '{0}'.format(ts1.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts1.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.exec_thread.autoconfig.scale': 1.0,
'proxy.config.ssl.session_cache': 2,
'proxy.config.ssl.session_cache.size': 4096,
@@ -100,7 +99,6 @@ ts2.Disk.records_config.update({
'proxy.config.diags.debug.tags': 'ssl.origin_session_cache',
'proxy.config.ssl.server.cert.path': '{0}'.format(ts2.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts2.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.exec_thread.autoconfig.scale': 1.0,
'proxy.config.ssl.session_cache': 2,
'proxy.config.ssl.session_cache.size': 4096,
@@ -116,7 +114,6 @@ ts3.Disk.records_config.update({
'proxy.config.http.cache.http': 0,
'proxy.config.ssl.server.cert.path': '{0}'.format(ts3.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts3.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.exec_thread.autoconfig.scale': 1.0,
'proxy.config.ssl.session_cache': 2,
'proxy.config.ssl.session_cache.size': 4096,
@@ -134,7 +131,6 @@ ts4.Disk.records_config.update({
'proxy.config.diags.debug.tags': 'ssl.origin_session_cache',
'proxy.config.ssl.server.cert.path': '{0}'.format(ts4.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts4.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.exec_thread.autoconfig.scale': 1.0,
'proxy.config.ssl.session_cache': 2,
'proxy.config.ssl.session_cache.size': 4096,
diff --git a/tests/gold_tests/tls/tls_sni_host_policy.test.py
b/tests/gold_tests/tls/tls_sni_host_policy.test.py
index 70d18fe..a05b1da 100644
--- a/tests/gold_tests/tls/tls_sni_host_policy.test.py
+++ b/tests/gold_tests/tls/tls_sni_host_policy.test.py
@@ -40,7 +40,6 @@ ts.addSSLfile("ssl/signer.pem")
ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
'proxy.config.url_remap.pristine_host_hdr': 1,
'proxy.config.ssl.CA.cert.filename':
'{0}/signer.pem'.format(ts.Variables.SSLDir),
'proxy.config.exec_thread.autoconfig.scale': 1.0,
diff --git a/tests/gold_tests/tls/tls_ticket.test.py
b/tests/gold_tests/tls/tls_ticket.test.py
index 0f057ff..2af6bbe 100644
--- a/tests/gold_tests/tls/tls_ticket.test.py
+++ b/tests/gold_tests/tls/tls_ticket.test.py
@@ -55,7 +55,6 @@ ts2.Disk.ssl_multicert_config.AddLine(
ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.exec_thread.autoconfig.scale': 1.0,
'proxy.config.ssl.server.session_ticket.enable': '1',
'proxy.config.ssl.server.ticket_key.filename': '../../file.ticket'
@@ -63,7 +62,6 @@ ts.Disk.records_config.update({
ts2.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts2.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts2.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.ssl.server.session_ticket.enable': '1',
'proxy.config.exec_thread.autoconfig.scale': 1.0,
'proxy.config.ssl.server.ticket_key.filename': '../../file.ticket'
diff --git a/tests/gold_tests/tls/tls_tunnel.test.py
b/tests/gold_tests/tls/tls_tunnel.test.py
index 2d0c715..c9aff54 100644
--- a/tests/gold_tests/tls/tls_tunnel.test.py
+++ b/tests/gold_tests/tls/tls_tunnel.test.py
@@ -25,7 +25,6 @@ ts = Test.MakeATSProcess("ts", command="traffic_manager",
select_ports=True, ena
server_foo = Test.MakeOriginServer("server_foo", ssl=True)
server_bar = Test.MakeOriginServer("server_bar", ssl=True)
server2 = Test.MakeOriginServer("server2")
-#dns = Test.MakeDNServer("dns", default=['127.0.0.1'])
dns = Test.MakeDNServer("dns")
request_foo_header = {"headers": "GET / HTTP/1.1\r\nHost: foo.com\r\n\r\n",
"timestamp": "1469733493.993", "body": ""}
@@ -57,18 +56,17 @@ ts.Disk.ssl_multicert_config.AddLine(
# Case 1, global config policy=permissive properties=signature
# override for foo.com policy=enforced properties=all
-ts.Disk.records_config.update({
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.http.connect_ports': '{0} {1}
{2}'.format(ts.Variables.ssl_port, server_foo.Variables.SSL_Port,
server_bar.Variables.SSL_Port),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
- 'proxy.config.ssl.client.CA.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.CA.cert.filename': 'signer.pem',
- 'proxy.config.exec_thread.autoconfig.scale': 1.0,
- 'proxy.config.url_remap.pristine_host_hdr': 1,
- 'proxy.config.dns.nameservers': '127.0.0.1:{0}'.format(dns.Variables.Port),
- 'proxy.config.dns.resolv_conf': 'NULL'
-})
+ts.Disk.records_config.update({'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.http.connect_ports': '{0} {1}
{2}'.format(ts.Variables.ssl_port,
+
server_foo.Variables.SSL_Port,
+
server_bar.Variables.SSL_Port),
+ 'proxy.config.ssl.client.CA.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.client.CA.cert.filename':
'signer.pem',
+ 'proxy.config.exec_thread.autoconfig.scale':
1.0,
+ 'proxy.config.url_remap.pristine_host_hdr': 1,
+ 'proxy.config.dns.nameservers':
'127.0.0.1:{0}'.format(dns.Variables.Port),
+ 'proxy.config.dns.resolv_conf': 'NULL'})
# foo.com should not terminate. Just tunnel to server_foo
# bar.com should terminate. Forward its tcp stream to server_bar
diff --git a/tests/gold_tests/tls/tls_tunnel_forward.test.py
b/tests/gold_tests/tls/tls_tunnel_forward.test.py
index c604c6a..51c9858 100644
--- a/tests/gold_tests/tls/tls_tunnel_forward.test.py
+++ b/tests/gold_tests/tls/tls_tunnel_forward.test.py
@@ -56,16 +56,16 @@ ts.Disk.ssl_multicert_config.AddLine(
# Case 1, global config policy=permissive properties=signature
# override for foo.com policy=enforced properties=all
-ts.Disk.records_config.update({
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.http.connect_ports': '{0} {1} {2}
{3}'.format(ts.Variables.ssl_port, server_foo.Variables.SSL_Port,
server_bar.Variables.Port, server_random.Variables.Port),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
- 'proxy.config.ssl.client.CA.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.CA.cert.filename': 'signer.pem',
- 'proxy.config.exec_thread.autoconfig.scale': 1.0,
- 'proxy.config.url_remap.pristine_host_hdr': 1
-})
+ts.Disk.records_config.update({'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.http.connect_ports': '{0} {1} {2}
{3}'.format(ts.Variables.ssl_port,
+
server_foo.Variables.SSL_Port,
+
server_bar.Variables.Port,
+
server_random.Variables.Port),
+ 'proxy.config.ssl.client.CA.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.client.CA.cert.filename':
'signer.pem',
+ 'proxy.config.exec_thread.autoconfig.scale':
1.0,
+ 'proxy.config.url_remap.pristine_host_hdr': 1})
# foo.com should not terminate. Just tunnel to server_foo
# bar.com should terminate. Forward its tcp stream to server_bar
diff --git a/tests/gold_tests/tls/tls_verify.test.py
b/tests/gold_tests/tls/tls_verify.test.py
index 1e14b4e..be23bc7 100644
--- a/tests/gold_tests/tls/tls_verify.test.py
+++ b/tests/gold_tests/tls/tls_verify.test.py
@@ -83,7 +83,6 @@ ts.Disk.ssl_multicert_config.AddLine(
ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
# set global policy
'proxy.config.ssl.client.verify.server.policy': 'PERMISSIVE',
'proxy.config.ssl.client.verify.server.properties': 'SIGNATURE',
diff --git a/tests/gold_tests/tls/tls_verify2.test.py
b/tests/gold_tests/tls/tls_verify2.test.py
index b218242..f95f01e 100644
--- a/tests/gold_tests/tls/tls_verify2.test.py
+++ b/tests/gold_tests/tls/tls_verify2.test.py
@@ -72,7 +72,6 @@ ts.Disk.ssl_multicert_config.AddLine(
ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
# set global policy
'proxy.config.ssl.client.verify.server.policy': 'ENFORCED',
'proxy.config.ssl.client.verify.server.properties': 'ALL',
diff --git a/tests/gold_tests/tls/tls_verify3.test.py
b/tests/gold_tests/tls/tls_verify3.test.py
index 1098870..12cc7e3 100644
--- a/tests/gold_tests/tls/tls_verify3.test.py
+++ b/tests/gold_tests/tls/tls_verify3.test.py
@@ -72,7 +72,6 @@ ts.Disk.ssl_multicert_config.AddLine(
ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
# set global policy
'proxy.config.ssl.client.verify.server.policy': 'PERMISSIVE',
'proxy.config.ssl.client.verify.server.properties': 'ALL',
diff --git a/tests/gold_tests/tls/tls_verify_base.test.py
b/tests/gold_tests/tls/tls_verify_base.test.py
index 82bd330..884f905 100644
--- a/tests/gold_tests/tls/tls_verify_base.test.py
+++ b/tests/gold_tests/tls/tls_verify_base.test.py
@@ -72,7 +72,6 @@ ts.Disk.ssl_multicert_config.AddLine(
ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.ssl.client.CA.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.client.CA.cert.filename': 'signer.pem',
'proxy.config.url_remap.pristine_host_hdr': 1,
diff --git a/tests/gold_tests/tls/tls_verify_ca_override.test.py
b/tests/gold_tests/tls/tls_verify_ca_override.test.py
index f737a37..c4b3e5d 100644
--- a/tests/gold_tests/tls/tls_verify_ca_override.test.py
+++ b/tests/gold_tests/tls/tls_verify_ca_override.test.py
@@ -78,7 +78,6 @@ ts.Disk.ssl_multicert_config.AddLine(
ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
# set global policy
'proxy.config.ssl.client.verify.server.policy': 'ENFORCED',
'proxy.config.ssl.client.verify.server.properties': 'SIGNATURE',
diff --git a/tests/gold_tests/tls/tls_verify_not_pristine.test.py
b/tests/gold_tests/tls/tls_verify_not_pristine.test.py
index 9c4aa00..14bb86e 100644
--- a/tests/gold_tests/tls/tls_verify_not_pristine.test.py
+++ b/tests/gold_tests/tls/tls_verify_not_pristine.test.py
@@ -59,7 +59,6 @@ ts.Disk.ssl_multicert_config.AddLine(
ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
# set global policy
'proxy.config.ssl.client.verify.server.policy': 'ENFORCED',
'proxy.config.ssl.client.verify.server.properties': 'ALL',
diff --git a/tests/gold_tests/tls/tls_verify_override.test.py
b/tests/gold_tests/tls/tls_verify_override.test.py
index e4daffc..9c8a649 100644
--- a/tests/gold_tests/tls/tls_verify_override.test.py
+++ b/tests/gold_tests/tls/tls_verify_override.test.py
@@ -102,7 +102,6 @@ ts.Disk.ssl_multicert_config.AddLine(
ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
# set global policy
'proxy.config.ssl.client.verify.server.policy': 'PERMISSIVE',
'proxy.config.ssl.client.verify.server.properties': 'ALL',
diff --git a/tests/gold_tests/tls/tls_verify_override_base.test.py
b/tests/gold_tests/tls/tls_verify_override_base.test.py
index 134d40e..34bde84 100644
--- a/tests/gold_tests/tls/tls_verify_override_base.test.py
+++ b/tests/gold_tests/tls/tls_verify_override_base.test.py
@@ -106,7 +106,6 @@ ts.Disk.ssl_multicert_config.AddLine(
ts.Disk.records_config.update({
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
'proxy.config.ssl.client.CA.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.client.CA.cert.filename': 'signer.pem',
'proxy.config.url_remap.pristine_host_hdr': 1,
diff --git a/tests/gold_tests/tls/tls_verify_override_sni.test.py
b/tests/gold_tests/tls/tls_verify_override_sni.test.py
index ffcd2dd..bb6ec92 100644
--- a/tests/gold_tests/tls/tls_verify_override_sni.test.py
+++ b/tests/gold_tests/tls/tls_verify_override_sni.test.py
@@ -89,7 +89,6 @@ ts.Disk.records_config.update({
'proxy.config.diags.debug.tags': 'ssl',
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
# set global policy
'proxy.config.ssl.client.verify.server.policy': 'PERMISSIVE',
'proxy.config.ssl.client.verify.server.properties': 'ALL',
diff --git a/tests/gold_tests/tls_hooks/tls_hooks.test.py
b/tests/gold_tests/tls_hooks/tls_hooks.test.py
index a4d5fc4..8d1ae9c 100644
--- a/tests/gold_tests/tls_hooks/tls_hooks.test.py
+++ b/tests/gold_tests/tls_hooks/tls_hooks.test.py
@@ -38,9 +38,7 @@ ts.Disk.records_config.update({
'proxy.config.diags.debug.tags': 'ssl_hook_test',
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
'proxy.config.ssl.TLSv1_3': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
})
ts.Disk.ssl_multicert_config.AddLine(
diff --git a/tests/gold_tests/tls_hooks/tls_hooks10.test.py
b/tests/gold_tests/tls_hooks/tls_hooks10.test.py
index b54654a..e225e04 100644
--- a/tests/gold_tests/tls_hooks/tls_hooks10.test.py
+++ b/tests/gold_tests/tls_hooks/tls_hooks10.test.py
@@ -32,14 +32,11 @@ server.addResponse("sessionlog.json", request_header,
response_header)
ts.addDefaultSSLFiles()
-ts.Disk.records_config.update({
- 'proxy.config.diags.debug.enabled': 1,
- 'proxy.config.diags.debug.tags': 'ssl_hook_test',
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
-})
+ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags':
'ssl_hook_test',
+ 'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ })
ts.Disk.ssl_multicert_config.AddLine(
'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
diff --git a/tests/gold_tests/tls_hooks/tls_hooks11.test.py
b/tests/gold_tests/tls_hooks/tls_hooks11.test.py
index a5c11c2..1bc434a 100644
--- a/tests/gold_tests/tls_hooks/tls_hooks11.test.py
+++ b/tests/gold_tests/tls_hooks/tls_hooks11.test.py
@@ -33,14 +33,11 @@ server.addResponse("sessionlog.json", request_header,
response_header)
ts.addDefaultSSLFiles()
-ts.Disk.records_config.update({
- 'proxy.config.diags.debug.enabled': 1,
- 'proxy.config.diags.debug.tags': 'ssl_hook_test',
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
-})
+ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags':
'ssl_hook_test',
+ 'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ })
ts.Disk.ssl_multicert_config.AddLine(
'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
diff --git a/tests/gold_tests/tls_hooks/tls_hooks12.test.py
b/tests/gold_tests/tls_hooks/tls_hooks12.test.py
index 2812701..0b1490f 100644
--- a/tests/gold_tests/tls_hooks/tls_hooks12.test.py
+++ b/tests/gold_tests/tls_hooks/tls_hooks12.test.py
@@ -32,14 +32,11 @@ server.addResponse("sessionlog.json", request_header,
response_header)
ts.addDefaultSSLFiles()
-ts.Disk.records_config.update({
- 'proxy.config.diags.debug.enabled': 1,
- 'proxy.config.diags.debug.tags': 'ssl_hook_test',
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
-})
+ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags':
'ssl_hook_test',
+ 'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ })
ts.Disk.ssl_multicert_config.AddLine(
'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
diff --git a/tests/gold_tests/tls_hooks/tls_hooks13.test.py
b/tests/gold_tests/tls_hooks/tls_hooks13.test.py
index de5bc62..cb69bbf 100644
--- a/tests/gold_tests/tls_hooks/tls_hooks13.test.py
+++ b/tests/gold_tests/tls_hooks/tls_hooks13.test.py
@@ -32,14 +32,11 @@ server.addResponse("sessionlog.json", request_header,
response_header)
ts.addDefaultSSLFiles()
-ts.Disk.records_config.update({
- 'proxy.config.diags.debug.enabled': 1,
- 'proxy.config.diags.debug.tags': 'ssl_hook_test',
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
-})
+ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags':
'ssl_hook_test',
+ 'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ })
ts.Disk.ssl_multicert_config.AddLine(
'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
diff --git a/tests/gold_tests/tls_hooks/tls_hooks14.test.py
b/tests/gold_tests/tls_hooks/tls_hooks14.test.py
index 3e3415b..80043bb 100644
--- a/tests/gold_tests/tls_hooks/tls_hooks14.test.py
+++ b/tests/gold_tests/tls_hooks/tls_hooks14.test.py
@@ -32,14 +32,11 @@ server.addResponse("sessionlog.json", request_header,
response_header)
ts.addDefaultSSLFiles()
-ts.Disk.records_config.update({
- 'proxy.config.diags.debug.enabled': 1,
- 'proxy.config.diags.debug.tags': 'ssl_hook_test',
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
-})
+ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags':
'ssl_hook_test',
+ 'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ })
ts.Disk.ssl_multicert_config.AddLine(
'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
diff --git a/tests/gold_tests/tls_hooks/tls_hooks15.test.py
b/tests/gold_tests/tls_hooks/tls_hooks15.test.py
index 4a75d39..1c3cbd3 100644
--- a/tests/gold_tests/tls_hooks/tls_hooks15.test.py
+++ b/tests/gold_tests/tls_hooks/tls_hooks15.test.py
@@ -32,14 +32,11 @@ server.addResponse("sessionlog.json", request_header,
response_header)
ts.addDefaultSSLFiles()
-ts.Disk.records_config.update({
- 'proxy.config.diags.debug.enabled': 1,
- 'proxy.config.diags.debug.tags': 'ssl_hook_test',
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
-})
+ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags':
'ssl_hook_test',
+ 'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ })
ts.Disk.ssl_multicert_config.AddLine(
'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
diff --git a/tests/gold_tests/tls_hooks/tls_hooks16.test.py
b/tests/gold_tests/tls_hooks/tls_hooks16.test.py
index 51f7f91..c44e6c5 100644
--- a/tests/gold_tests/tls_hooks/tls_hooks16.test.py
+++ b/tests/gold_tests/tls_hooks/tls_hooks16.test.py
@@ -36,14 +36,11 @@ server.addResponse("sessionlog.json", request_header,
response_header)
ts.addDefaultSSLFiles()
-ts.Disk.records_config.update({
- 'proxy.config.diags.debug.enabled': 1,
- 'proxy.config.diags.debug.tags': 'ssl_hook_test',
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
-})
+ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags':
'ssl_hook_test',
+ 'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ })
ts.Disk.ssl_multicert_config.AddLine(
'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
diff --git a/tests/gold_tests/tls_hooks/tls_hooks17.test.py
b/tests/gold_tests/tls_hooks/tls_hooks17.test.py
index 78e4df3..ae62586 100644
--- a/tests/gold_tests/tls_hooks/tls_hooks17.test.py
+++ b/tests/gold_tests/tls_hooks/tls_hooks17.test.py
@@ -36,14 +36,11 @@ server.addResponse("sessionlog.json", request_header,
response_header)
ts.addDefaultSSLFiles()
-ts.Disk.records_config.update({
- 'proxy.config.diags.debug.enabled': 1,
- 'proxy.config.diags.debug.tags': 'ssl_hook_test',
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
-})
+ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags':
'ssl_hook_test',
+ 'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ })
ts.Disk.ssl_multicert_config.AddLine(
'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
diff --git a/tests/gold_tests/tls_hooks/tls_hooks18.test.py
b/tests/gold_tests/tls_hooks/tls_hooks18.test.py
index 4717222..64d35d6 100644
--- a/tests/gold_tests/tls_hooks/tls_hooks18.test.py
+++ b/tests/gold_tests/tls_hooks/tls_hooks18.test.py
@@ -37,14 +37,12 @@ server.addResponse("sessionlog.json", request_header,
response_header)
ts.addDefaultSSLFiles()
-ts.Disk.records_config.update({
- 'proxy.config.diags.debug.enabled': 1,
+ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
'proxy.config.diags.debug.tags': 'ssl_hook_test',
'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
-})
+ })
+
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
})
ts.Disk.ssl_multicert_config.AddLine(
'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
@@ -56,23 +54,23 @@ ts.Disk.remap_config.AddLine(
Test.PrepareTestPlugin(os.path.join(Test.Variables.AtsTestPluginsDir,
'ssl_hook_test.so'), ts, '-client_hello=2')
-tr = Test.AddTestRun("Test two client hello hooks")
+tr=Test.AddTestRun("Test two client hello hooks")
tr.Processes.Default.StartBefore(server)
tr.Processes.Default.StartBefore(Test.Processes.ts)
-tr.StillRunningAfter = ts
-tr.StillRunningAfter = server
-tr.Processes.Default.Command = 'curl -k -H \'host:example.com:{0}\'
https://127.0.0.1:{0}'.format(ts.Variables.ssl_port)
-tr.Processes.Default.ReturnCode = 0
-tr.Processes.Default.Streams.stdout = "gold/preaccept-1.gold"
+tr.StillRunningAfter=ts
+tr.StillRunningAfter=server
+tr.Processes.Default.Command='curl -k -H \'host:example.com:{0}\'
https://127.0.0.1:{0}'.format(ts.Variables.ssl_port)
+tr.Processes.Default.ReturnCode=0
+tr.Processes.Default.Streams.stdout="gold/preaccept-1.gold"
-ts.Streams.stderr = "gold/ts-client-hello-2.gold"
+ts.Streams.stderr="gold/ts-client-hello-2.gold"
-certstring0 = "Client Hello callback 0"
-certstring1 = "Client Hello callback 1"
-ts.Streams.All = Testers.ContainsExpression(
- "\A(?:(?!{0}).)*{0}(?!.*{0}).*\Z".format(certstring0), "Cert message
appears only once", reflags=re.S | re.M)
-ts.Streams.All = Testers.ContainsExpression(
- "\A(?:(?!{0}).)*{0}(?!.*{0}).*\Z".format(certstring1), "Cert message
appears only once", reflags=re.S | re.M)
+certstring0="Client Hello callback 0"
+certstring1="Client Hello callback 1"
+ts.Streams.All=Testers.ContainsExpression(
+ "\A(?:(?!{0}).)*{0}(?!.*{0}).*\Z".format(certstring0), "Cert message
appears only once", reflags = re.S | re.M)
+ts.Streams.All=Testers.ContainsExpression(
+ "\A(?:(?!{0}).)*{0}(?!.*{0}).*\Z".format(certstring1), "Cert message
appears only once", reflags = re.S | re.M)
-tr.Processes.Default.TimeOut = 15
-tr.TimeOut = 15
+tr.Processes.Default.TimeOut=15
+tr.TimeOut=15
diff --git a/tests/gold_tests/tls_hooks/tls_hooks2.test.py
b/tests/gold_tests/tls_hooks/tls_hooks2.test.py
index 4668b5b..6b248c3 100644
--- a/tests/gold_tests/tls_hooks/tls_hooks2.test.py
+++ b/tests/gold_tests/tls_hooks/tls_hooks2.test.py
@@ -33,14 +33,11 @@ server.addResponse("sessionlog.json", request_header,
response_header)
ts.addDefaultSSLFiles()
-ts.Disk.records_config.update({
- 'proxy.config.diags.debug.enabled': 1,
- 'proxy.config.diags.debug.tags': 'ssl_hook_test',
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
-})
+ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags':
'ssl_hook_test',
+ 'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ })
ts.Disk.ssl_multicert_config.AddLine(
'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
diff --git a/tests/gold_tests/tls_hooks/tls_hooks3.test.py
b/tests/gold_tests/tls_hooks/tls_hooks3.test.py
index db82096..36cac3c 100644
--- a/tests/gold_tests/tls_hooks/tls_hooks3.test.py
+++ b/tests/gold_tests/tls_hooks/tls_hooks3.test.py
@@ -33,14 +33,11 @@ server.addResponse("sessionlog.json", request_header,
response_header)
ts.addDefaultSSLFiles()
-ts.Disk.records_config.update({
- 'proxy.config.diags.debug.enabled': 1,
- 'proxy.config.diags.debug.tags': 'ssl_hook_test',
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
-})
+ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags':
'ssl_hook_test',
+ 'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ })
ts.Disk.ssl_multicert_config.AddLine(
'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
diff --git a/tests/gold_tests/tls_hooks/tls_hooks4.test.py
b/tests/gold_tests/tls_hooks/tls_hooks4.test.py
index 6749c1d..2cf5c95 100644
--- a/tests/gold_tests/tls_hooks/tls_hooks4.test.py
+++ b/tests/gold_tests/tls_hooks/tls_hooks4.test.py
@@ -33,14 +33,11 @@ server.addResponse("sessionlog.json", request_header,
response_header)
ts.addDefaultSSLFiles()
-ts.Disk.records_config.update({
- 'proxy.config.diags.debug.enabled': 1,
- 'proxy.config.diags.debug.tags': 'ssl_hook_test',
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
-})
+ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags':
'ssl_hook_test',
+ 'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ })
ts.Disk.ssl_multicert_config.AddLine(
'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
diff --git a/tests/gold_tests/tls_hooks/tls_hooks6.test.py
b/tests/gold_tests/tls_hooks/tls_hooks6.test.py
index daaff5f..a95974c 100644
--- a/tests/gold_tests/tls_hooks/tls_hooks6.test.py
+++ b/tests/gold_tests/tls_hooks/tls_hooks6.test.py
@@ -33,14 +33,11 @@ server.addResponse("sessionlog.json", request_header,
response_header)
ts.addDefaultSSLFiles()
-ts.Disk.records_config.update({
- 'proxy.config.diags.debug.enabled': 1,
- 'proxy.config.diags.debug.tags': 'ssl_hook_test',
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
-})
+ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags':
'ssl_hook_test',
+ 'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ })
ts.Disk.ssl_multicert_config.AddLine(
'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
diff --git a/tests/gold_tests/tls_hooks/tls_hooks7.test.py
b/tests/gold_tests/tls_hooks/tls_hooks7.test.py
index 496ec70..fa5fb68 100644
--- a/tests/gold_tests/tls_hooks/tls_hooks7.test.py
+++ b/tests/gold_tests/tls_hooks/tls_hooks7.test.py
@@ -33,14 +33,11 @@ server.addResponse("sessionlog.json", request_header,
response_header)
ts.addDefaultSSLFiles()
-ts.Disk.records_config.update({
- 'proxy.config.diags.debug.enabled': 1,
- 'proxy.config.diags.debug.tags': 'ssl_hook_test',
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
-})
+ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags':
'ssl_hook_test',
+ 'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ })
ts.Disk.ssl_multicert_config.AddLine(
'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
diff --git a/tests/gold_tests/tls_hooks/tls_hooks8.test.py
b/tests/gold_tests/tls_hooks/tls_hooks8.test.py
index 4629fc7..2df7639 100644
--- a/tests/gold_tests/tls_hooks/tls_hooks8.test.py
+++ b/tests/gold_tests/tls_hooks/tls_hooks8.test.py
@@ -33,14 +33,11 @@ server.addResponse("sessionlog.json", request_header,
response_header)
ts.addDefaultSSLFiles()
-ts.Disk.records_config.update({
- 'proxy.config.diags.debug.enabled': 1,
- 'proxy.config.diags.debug.tags': 'ssl_hook_test',
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
-})
+ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags':
'ssl_hook_test',
+ 'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ })
ts.Disk.ssl_multicert_config.AddLine(
'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
diff --git a/tests/gold_tests/tls_hooks/tls_hooks9.test.py
b/tests/gold_tests/tls_hooks/tls_hooks9.test.py
index da432e4..6407a7b 100644
--- a/tests/gold_tests/tls_hooks/tls_hooks9.test.py
+++ b/tests/gold_tests/tls_hooks/tls_hooks9.test.py
@@ -33,14 +33,11 @@ server.addResponse("sessionlog.json", request_header,
response_header)
ts.addDefaultSSLFiles()
-ts.Disk.records_config.update({
- 'proxy.config.diags.debug.enabled': 1,
- 'proxy.config.diags.debug.tags': 'ssl_hook_test',
- 'proxy.config.ssl.server.cert.path': '{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
- 'proxy.config.ssl.client.verify.server': 0,
- 'proxy.config.ssl.server.cipher_suite':
'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2',
-})
+ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags':
'ssl_hook_test',
+ 'proxy.config.ssl.server.cert.path':
'{0}'.format(ts.Variables.SSLDir),
+ 'proxy.config.ssl.server.private_key.path':
'{0}'.format(ts.Variables.SSLDir),
+ })
ts.Disk.ssl_multicert_config.AddLine(
'dest_ip=* ssl_cert_name=server.pem ssl_key_name=server.key'
