summaryrefslogtreecommitdiff
path: root/smoketest/scripts
diff options
context:
space:
mode:
authorAlex W <embezzle.dev@proton.me>2024-04-15 18:23:05 +0100
committerMergify <37929162+mergify[bot]@users.noreply.github.com>2024-04-16 15:08:11 +0000
commitdeb92e4661106283d7951570fc9ab243e74bccd9 (patch)
tree9e75b43672d9852c30064f5ea4f0a19784bcb201 /smoketest/scripts
parentd8bca084a1f050a52bef46f5e1b589cbf89ce54d (diff)
downloadvyos-1x-deb92e4661106283d7951570fc9ab243e74bccd9.tar.gz
vyos-1x-deb92e4661106283d7951570fc9ab243e74bccd9.zip
T6242: load-balancing reverse-proxy: Ability for ssl backends to not verify server certificates
(cherry picked from commit aafe22d08bb38a579dd5075fd27a1b88beeca791)
Diffstat (limited to 'smoketest/scripts')
-rwxr-xr-xsmoketest/scripts/cli/test_load-balancing_reverse-proxy.py18
1 files changed, 18 insertions, 0 deletions
diff --git a/smoketest/scripts/cli/test_load-balancing_reverse-proxy.py b/smoketest/scripts/cli/test_load-balancing_reverse-proxy.py
index 97304da8b..d21fc762b 100755
--- a/smoketest/scripts/cli/test_load-balancing_reverse-proxy.py
+++ b/smoketest/scripts/cli/test_load-balancing_reverse-proxy.py
@@ -280,6 +280,24 @@ class TestLoadBalancingReverseProxy(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + ['backend', 'bk-01', 'ssl', 'ca-certificate', 'smoketest'])
self.cli_commit()
+ def test_04_lb_reverse_proxy_backend_ssl_no_verify(self):
+ # Setup base
+ self.configure_pki()
+ self.base_config()
+
+ # Set no-verify option
+ self.cli_set(base_path + ['backend', 'bk-01', 'ssl', 'no-verify'])
+ self.cli_commit()
+
+ # Test no-verify option
+ config = read_file(HAPROXY_CONF)
+ self.assertIn('server bk-01 192.0.2.11:9090 send-proxy ssl verify none', config)
+
+ # Test setting ca-certificate alongside no-verify option fails, to test config validation
+ self.cli_set(base_path + ['backend', 'bk-01', 'ssl', 'ca-certificate', 'smoketest'])
+ with self.assertRaises(ConfigSessionError) as e:
+ self.cli_commit()
+
if __name__ == '__main__':
unittest.main(verbosity=2)