debian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
|
Last change
on this file since f030883 was
f030883,
checked in by Thomas Klute <thomas2.klute@…>, 5 years ago
|
|
Set GnuTLS priorities for proxy connections separately
Until now, proxy connections were configured with the same priorities as
the server side. This commit introduces the new configuration option
"GnuTLSProxyPriorities" to set the priorities for proxy connections
separately. Note that GnuTLSProxyPriorities MUST be set when
SSLProxyEngine is enabled.
Since the parameters to GnuTLSPriorities and GnuTLSProxyPriorities need
the same processing, mgs_set_priorities has been rewritten to select the
priority cache to write to based on the option name, rather than adding
a new function to handle GnuTLSProxyPriorities.
|
-
Property mode set to
100755
|
|
File size:
625 bytes
|
| Line | |
|---|
| 1 | #!/bin/bash |
|---|
| 2 | |
|---|
| 3 | set -e |
|---|
| 4 | |
|---|
| 5 | testdir="./tests/23_TLS_reverse_proxy_mismatched_priorities" |
|---|
| 6 | . ./proxy_backend.bash |
|---|
| 7 | |
|---|
| 8 | # This test checks if server and proxy priorities are applied |
|---|
| 9 | # properly. The proxy server requries a TLS 1.2 connection, but the |
|---|
| 10 | # back end server is configured not to use TLS 1.2. The proxy request |
|---|
| 11 | # must fail and the client must receive an error message to pass. |
|---|
| 12 | |
|---|
| 13 | function stop_backend |
|---|
| 14 | { |
|---|
| 15 | backend_apache "${dir}" "backend.conf" stop |
|---|
| 16 | } |
|---|
| 17 | backend_apache "${testdir}" "backend.conf" start "${BACKEND_LOCK}" |
|---|
| 18 | trap stop_backend EXIT |
|---|
| 19 | |
|---|
| 20 | make -f TestMakefile t-23 |
|---|
| 21 | |
|---|
| 22 | backend_apache "${testdir}" "backend.conf" stop |
|---|
| 23 | trap - EXIT |
|---|
Note: See
TracBrowser
for help on using the repository browser.
