source: mod_gnutls/test/test-23_TLS_reverse_proxy_mismatched_priorities.bash @ d92899e

debian/masterdebian/stretch-backportsjessie-backportsupstream
Last change on this file since d92899e was f030883, checked in by Thomas Klute <thomas2.klute@…>, 5 years ago

Set GnuTLS priorities for proxy connections separately

Until now, proxy connections were configured with the same priorities as
the server side. This commit introduces the new configuration option
"GnuTLSProxyPriorities" to set the priorities for proxy connections
separately. Note that GnuTLSProxyPriorities MUST be set when
SSLProxyEngine is enabled.

Since the parameters to GnuTLSPriorities and GnuTLSProxyPriorities need
the same processing, mgs_set_priorities has been rewritten to select the
priority cache to write to based on the option name, rather than adding
a new function to handle GnuTLSProxyPriorities.

  • Property mode set to 100755
File size: 625 bytes
Line 
1#!/bin/bash
2
3set -e
4
5testdir="./tests/23_TLS_reverse_proxy_mismatched_priorities"
6. ./proxy_backend.bash
7
8# This test checks if server and proxy priorities are applied
9# properly. The proxy server requries a TLS 1.2 connection, but the
10# back end server is configured not to use TLS 1.2. The proxy request
11# must fail and the client must receive an error message to pass.
12
13function stop_backend
14{
15    backend_apache "${dir}" "backend.conf" stop
16}
17backend_apache "${testdir}" "backend.conf" start "${BACKEND_LOCK}"
18trap stop_backend EXIT
19
20make -f TestMakefile t-23
21
22backend_apache "${testdir}" "backend.conf" stop
23trap - EXIT
Note: See TracBrowser for help on using the repository browser.