bneradt commented on code in PR #13198:
URL: https://github.com/apache/trafficserver/pull/13198#discussion_r3301096636
##########
tests/gold_tests/tls/tls_check_cert_select_plugin.test.py:
##########
@@ -170,7 +170,8 @@
tr.ReturnCode = 60
tr.StillRunningAfter = server
tr.StillRunningAfter = ts
-tr.Processes.Default.Streams.All = Testers.ContainsExpression("unknown CA",
"Failed handshake")
-tr.Processes.Default.Streams.All += Testers.ExcludesExpression("CN=bar.com",
"Cert should contain bar.com")
+tr.Processes.Default.Streams.All = Testers.ContainsExpression(r"curl: \(60\)
SSL certificate", "Failed certificate verification")
+# Older versions of curl do not print certificate subject details when
+# certificate verification fails.
tr.Processes.Default.Streams.All += Testers.ExcludesExpression("CN=foo.com",
"Cert should not contain foo.com")
tr.Processes.Default.Streams.All += Testers.ExcludesExpression("404", "Should
make an exchange")
Review Comment:
This can't be done in a backwards compatible way.
Look at the old code - it verified Excludes on bar.com. But now, the new
curl, says that bar.com fails the cert. So neither Excludes nor Contains fits
for both. And Excludes/Contains are the only options.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
