Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(60)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/test/spawned_test_server/base_test_server.cc

Issue 2100303002: Add OCSPVerifyResult for tracking stapled OCSP responses cross-platform. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@ocsp-date-check
Patch Set: Add tests for REVOKED status Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/ssl/ssl_info.h ('K') | « net/test/spawned_test_server/base_test_server.h ('k') | net/tools/testserver/minica.py » ('j') | net/tools/testserver/minica.py » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/test/spawned_test_server/base_test_server.h" 5 #include "net/test/spawned_test_server/base_test_server.h"
6 6
7 #include <stdint.h> 7 #include <stdint.h>
8 #include <limits> 8 #include <limits>
9 #include <string> 9 #include <string>
10 #include <utility> 10 #include <utility>
(...skipping 110 matching lines...) Expand 10 before | Expand all | Expand 10 after
121 values->AppendInteger(param); 121 values->AppendInteger(param);
122 } 122 }
123 return values; 123 return values;
124 } 124 }
125 125
126 } // namespace 126 } // namespace
127 127
128 BaseTestServer::SSLOptions::SSLOptions() 128 BaseTestServer::SSLOptions::SSLOptions()
129 : server_certificate(CERT_OK), 129 : server_certificate(CERT_OK),
130 ocsp_status(OCSP_OK), 130 ocsp_status(OCSP_OK),
131 ocsp_date(OCSP_VALID),
131 cert_serial(0), 132 cert_serial(0),
132 request_client_certificate(false), 133 request_client_certificate(false),
133 key_exchanges(SSLOptions::KEY_EXCHANGE_ANY), 134 key_exchanges(SSLOptions::KEY_EXCHANGE_ANY),
134 bulk_ciphers(SSLOptions::BULK_CIPHER_ANY), 135 bulk_ciphers(SSLOptions::BULK_CIPHER_ANY),
135 record_resume(false), 136 record_resume(false),
136 tls_intolerant(TLS_INTOLERANT_NONE), 137 tls_intolerant(TLS_INTOLERANT_NONE),
137 tls_intolerance_type(TLS_INTOLERANCE_ALERT), 138 tls_intolerance_type(TLS_INTOLERANCE_ALERT),
138 fallback_scsv_enabled(false), 139 fallback_scsv_enabled(false),
139 staple_ocsp_response(false), 140 staple_ocsp_response(false),
140 ocsp_server_unavailable(false), 141 ocsp_server_unavailable(false),
141 alert_after_handshake(false), 142 alert_after_handshake(false),
142 disable_channel_id(false), 143 disable_channel_id(false),
143 disable_extended_master_secret(false) {} 144 disable_extended_master_secret(false) {}
144 145
145 BaseTestServer::SSLOptions::SSLOptions( 146 BaseTestServer::SSLOptions::SSLOptions(
146 BaseTestServer::SSLOptions::ServerCertificate cert) 147 BaseTestServer::SSLOptions::ServerCertificate cert)
147 : server_certificate(cert), 148 : server_certificate(cert),
148 ocsp_status(OCSP_OK), 149 ocsp_status(OCSP_OK),
150 ocsp_date(OCSP_VALID),
149 cert_serial(0), 151 cert_serial(0),
150 request_client_certificate(false), 152 request_client_certificate(false),
151 key_exchanges(SSLOptions::KEY_EXCHANGE_ANY), 153 key_exchanges(SSLOptions::KEY_EXCHANGE_ANY),
152 bulk_ciphers(SSLOptions::BULK_CIPHER_ANY), 154 bulk_ciphers(SSLOptions::BULK_CIPHER_ANY),
153 record_resume(false), 155 record_resume(false),
154 tls_intolerant(TLS_INTOLERANT_NONE), 156 tls_intolerant(TLS_INTOLERANT_NONE),
155 tls_intolerance_type(TLS_INTOLERANCE_ALERT), 157 tls_intolerance_type(TLS_INTOLERANCE_ALERT),
156 fallback_scsv_enabled(false), 158 fallback_scsv_enabled(false),
157 staple_ocsp_response(false), 159 staple_ocsp_response(false),
158 ocsp_server_unavailable(false), 160 ocsp_server_unavailable(false),
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after
201 case OCSP_UNAUTHORIZED: 203 case OCSP_UNAUTHORIZED:
202 return "unauthorized"; 204 return "unauthorized";
203 case OCSP_UNKNOWN: 205 case OCSP_UNKNOWN:
204 return "unknown"; 206 return "unknown";
205 default: 207 default:
206 NOTREACHED(); 208 NOTREACHED();
207 return std::string(); 209 return std::string();
208 } 210 }
209 } 211 }
210 212
213 std::string BaseTestServer::SSLOptions::GetOCSPDateArgument() const {
214 if (server_certificate != CERT_AUTO)
215 return std::string();
216
217 switch (ocsp_date) {
218 case OCSP_VALID:
219 return "valid";
220 case OCSP_OLD:
221 return "old";
222 case OCSP_EARLY:
223 return "early";
224 case OCSP_LONG:
225 return "long";
226 default:
227 NOTREACHED();
228 return std::string();
229 }
230 }
231
211 const char BaseTestServer::kLocalhost[] = "127.0.0.1"; 232 const char BaseTestServer::kLocalhost[] = "127.0.0.1";
212 233
213 BaseTestServer::BaseTestServer(Type type, const std::string& host) 234 BaseTestServer::BaseTestServer(Type type, const std::string& host)
214 : type_(type), 235 : type_(type),
215 started_(false), 236 started_(false),
216 log_to_console_(false), 237 log_to_console_(false),
217 ws_basic_auth_(false), 238 ws_basic_auth_(false),
218 no_anonymous_ftp_user_(false) { 239 no_anonymous_ftp_user_(false) {
219 Init(host); 240 Init(host);
220 } 241 }
(...skipping 296 matching lines...) Expand 10 before | Expand all | Expand 10 after
517 arguments->Set("ssl-client-cert-type", client_cert_types.release()); 538 arguments->Set("ssl-client-cert-type", client_cert_types.release());
518 } 539 }
519 540
520 if (type_ == TYPE_HTTPS) { 541 if (type_ == TYPE_HTTPS) {
521 arguments->Set("https", base::Value::CreateNullValue()); 542 arguments->Set("https", base::Value::CreateNullValue());
522 543
523 std::string ocsp_arg = ssl_options_.GetOCSPArgument(); 544 std::string ocsp_arg = ssl_options_.GetOCSPArgument();
524 if (!ocsp_arg.empty()) 545 if (!ocsp_arg.empty())
525 arguments->SetString("ocsp", ocsp_arg); 546 arguments->SetString("ocsp", ocsp_arg);
526 547
548 std::string ocsp_date_arg = ssl_options_.GetOCSPDateArgument();
549 if (!ocsp_date_arg.empty())
550 arguments->SetString("ocsp-date", ocsp_date_arg);
551
527 if (ssl_options_.cert_serial != 0) { 552 if (ssl_options_.cert_serial != 0) {
528 arguments->SetInteger("cert-serial", ssl_options_.cert_serial); 553 arguments->SetInteger("cert-serial", ssl_options_.cert_serial);
529 } 554 }
530 555
531 // Check key exchange argument. 556 // Check key exchange argument.
532 std::unique_ptr<base::ListValue> key_exchange_values(new base::ListValue()); 557 std::unique_ptr<base::ListValue> key_exchange_values(new base::ListValue());
533 GetKeyExchangesList(ssl_options_.key_exchanges, key_exchange_values.get()); 558 GetKeyExchangesList(ssl_options_.key_exchanges, key_exchange_values.get());
534 if (key_exchange_values->GetSize()) 559 if (key_exchange_values->GetSize())
535 arguments->Set("ssl-key-exchange", key_exchange_values.release()); 560 arguments->Set("ssl-key-exchange", key_exchange_values.release());
536 // Check bulk cipher argument. 561 // Check bulk cipher argument.
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after
586 611
587 return GenerateAdditionalArguments(arguments); 612 return GenerateAdditionalArguments(arguments);
588 } 613 }
589 614
590 bool BaseTestServer::GenerateAdditionalArguments( 615 bool BaseTestServer::GenerateAdditionalArguments(
591 base::DictionaryValue* arguments) const { 616 base::DictionaryValue* arguments) const {
592 return true; 617 return true;
593 } 618 }
594 619
595 } // namespace net 620 } // namespace net
OLDNEW
« net/ssl/ssl_info.h ('K') | « net/test/spawned_test_server/base_test_server.h ('k') | net/tools/testserver/minica.py » ('j') | net/tools/testserver/minica.py » ('J')

Powered by Google App Engine
This is Rietveld 408576698