DescriptionExtract OCSPCertStatus::Status to standalone OCSPRevocationStatus, and add OCSPVerifyResult for tracking stapled OCSP responses cross-platform. OCSPVerifyResult is populated by CertVerifyProc, but is currently unused. In the future, it will be consumed by Expect-Staple reports.
This CL also updates mini-CA and the spawned test server to be able to send a wider range of OCSP responses. Since OCSP responses are short lived, test the new functionality in url_request_unittest.cc and dynamically generate OCSP responses.
BUG=598021
Committed: https://crrev.com/612337a1d7cadc52d0217b9f399eb1fab445d3e2
Cr-Commit-Position: refs/heads/master@{#406699}
Patch Set 1 #Patch Set 2 : Add tests for REVOKED status #
Total comments: 37
Patch Set 3 : Comments from reviewers, producedAt #Patch Set 4 : Rebase #Patch Set 5 : Clean up tests. #Patch Set 6 : Add tests with multiple stapled responses #Patch Set 7 : Rebase. #Patch Set 8 : Nits. #Patch Set 9 : Add tests for remaining values of ResponseStatus #Patch Set 10 : Extract OCSPCertStatus::Status from internal #
Total comments: 4
Patch Set 11 : Rebase. #Patch Set 12 : Fix tests on Windows. #Patch Set 13 : Fix browser_tests on ChromeOS. #Patch Set 14 : Always pass ocsp_response to verifier. #
Total comments: 8
Patch Set 15 : Comments from estark #
Total comments: 46
Patch Set 16 : Optional was optional. #
Total comments: 14
Patch Set 17 : Remaining nits. #Dependent Patchsets: Messages
Total messages: 46 (25 generated)
|