Index: net/tools/testserver/testserver.py |
diff --git a/net/tools/testserver/testserver.py b/net/tools/testserver/testserver.py |
index 5d961a8c5fb9f53125aa8b9ba1b265cdc7ce9cbb..f50dd0c8e06c6339449996978ed95565c5a0b71f 100755 |
--- a/net/tools/testserver/testserver.py |
+++ b/net/tools/testserver/testserver.py |
@@ -136,7 +136,7 @@ |
def __init__(self, server_address, request_hander_class, pem_cert_and_key, |
ssl_client_auth, ssl_client_cas, ssl_bulk_ciphers, |
record_resume_info, tls_intolerant, signed_cert_timestamps, |
- fallback_scsv_enabled, ocsp_response): |
+ fallback_scsv_enabled): |
self.cert_chain = tlslite.api.X509CertChain().parseChain(pem_cert_and_key) |
# Force using only python implementation - otherwise behavior is different |
# depending on whether m2crypto Python module is present (error is thrown |
@@ -150,7 +150,6 @@ |
self.tls_intolerant = tls_intolerant |
self.signed_cert_timestamps = signed_cert_timestamps |
self.fallback_scsv_enabled = fallback_scsv_enabled |
- self.ocsp_response = ocsp_response |
for ca_file in ssl_client_cas: |
s = open(ca_file).read() |
@@ -185,8 +184,7 @@ |
tlsIntolerant=self.tls_intolerant, |
signedCertTimestamps= |
self.signed_cert_timestamps, |
- fallbackSCSV=self.fallback_scsv_enabled, |
- ocspResponse = self.ocsp_response) |
+ fallbackSCSV=self.fallback_scsv_enabled) |
tlsConnection.ignoreAbruptClose = True |
return True |
except tlslite.api.TLSAbruptCloseError: |
@@ -1945,21 +1943,15 @@ |
raise testserver_base.OptionError( |
'specified trusted client CA file not found: ' + ca_cert + |
' exiting...') |
- |
- stapled_ocsp_response = None |
- if self.__ocsp_server and self.options.staple_ocsp_response: |
- stapled_ocsp_response = self.__ocsp_server.ocsp_response |
- |
server = HTTPSServer((host, port), TestPageHandler, pem_cert_and_key, |
self.options.ssl_client_auth, |
self.options.ssl_client_ca, |
self.options.ssl_bulk_cipher, |
self.options.record_resume, |
self.options.tls_intolerant, |
- self.options.signed_cert_timestamps_tls_ext.decode( |
+ self.options.signed_cert_timestamps.decode( |
"base64"), |
- self.options.fallback_scsv, |
- stapled_ocsp_response) |
+ self.options.fallback_scsv) |
print 'HTTPS server started on %s:%d...' % (host, server.server_port) |
else: |
server = HTTPServer((host, port), TestPageHandler) |
@@ -2097,8 +2089,8 @@ |
'aborted. 2 means TLS 1.1 or higher will be ' |
'aborted. 3 means TLS 1.2 or higher will be ' |
'aborted.') |
- self.option_parser.add_option('--signed-cert-timestamps-tls-ext', |
- dest='signed_cert_timestamps_tls_ext', |
+ self.option_parser.add_option('--signed-cert-timestamps', |
+ dest='signed_cert_timestamps', |
default='', |
help='Base64 encoded SCT list. If set, ' |
'server will respond with a ' |
@@ -2111,12 +2103,6 @@ |
'will be enabled. This causes the server to ' |
'reject fallback connections from compatible ' |
'clients (e.g. Chrome).') |
- self.option_parser.add_option('--staple-ocsp-response', |
- dest='staple_ocsp_response', |
- default=False, action='store_true', |
- help='If set, server will staple the OCSP ' |
- 'response whenever OCSP is on and the client ' |
- 'supports OCSP stapling.') |
self.option_parser.add_option('--https-record-resume', |
dest='record_resume', const=True, |
default=False, action='store_const', |