Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(61)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/tools/testserver/testserver.py

Issue 2100303002: Add OCSPVerifyResult for tracking stapled OCSP responses cross-platform. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@ocsp-date-check
Patch Set: Add tests for REVOKED status Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/tools/testserver/minica.py ('K') | « net/tools/testserver/minica.py ('k') | net/url_request/url_request_unittest.cc » ('j') | net/url_request/url_request_unittest.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 #!/usr/bin/env python 1 #!/usr/bin/env python
2 # Copyright 2013 The Chromium Authors. All rights reserved. 2 # Copyright 2013 The Chromium Authors. All rights reserved.
3 # Use of this source code is governed by a BSD-style license that can be 3 # Use of this source code is governed by a BSD-style license that can be
4 # found in the LICENSE file. 4 # found in the LICENSE file.
5 5
6 """This is a simple HTTP/FTP/TCP/UDP/BASIC_AUTH_PROXY/WEBSOCKET server used for 6 """This is a simple HTTP/FTP/TCP/UDP/BASIC_AUTH_PROXY/WEBSOCKET server used for
7 testing Chrome. 7 testing Chrome.
8 8
9 It supports several test URLs, as specified by the handlers in TestPageHandler. 9 It supports several test URLs, as specified by the handlers in TestPageHandler.
10 By default, it listens on an ephemeral port and sends the port number back to 10 By default, it listens on an ephemeral port and sends the port number back to
(...skipping 1894 matching lines...) Expand 10 before | Expand all | Expand 10 after
1905 elif self.options.ocsp == 'invalid': 1905 elif self.options.ocsp == 'invalid':
1906 ocsp_state = minica.OCSP_STATE_INVALID 1906 ocsp_state = minica.OCSP_STATE_INVALID
1907 elif self.options.ocsp == 'unauthorized': 1907 elif self.options.ocsp == 'unauthorized':
1908 ocsp_state = minica.OCSP_STATE_UNAUTHORIZED 1908 ocsp_state = minica.OCSP_STATE_UNAUTHORIZED
1909 elif self.options.ocsp == 'unknown': 1909 elif self.options.ocsp == 'unknown':
1910 ocsp_state = minica.OCSP_STATE_UNKNOWN 1910 ocsp_state = minica.OCSP_STATE_UNKNOWN
1911 else: 1911 else:
1912 raise testserver_base.OptionError('unknown OCSP status: ' + 1912 raise testserver_base.OptionError('unknown OCSP status: ' +
1913 self.options.ocsp_status) 1913 self.options.ocsp_status)
1914 1914
1915 ocsp_date = None
1916 if self.options.ocsp_date == 'valid':
1917 ocsp_date = minica.OCSP_DATE_VALID
1918 elif self.options.ocsp_date == 'old':
1919 ocsp_date = minica.OCSP_DATE_OLD
1920 elif self.options.ocsp_date == 'early':
1921 ocsp_date = minica.OCSP_DATE_EARLY
1922 elif self.options.ocsp_date == 'long':
1923 ocsp_date = minica.OCSP_DATE_LONG
1924 else:
1925 raise testserver_base.OptionError('unknown OCSP date: ' +
1926 self.options.ocsp_date)
1927
1915 (pem_cert_and_key, ocsp_der) = minica.GenerateCertKeyAndOCSP( 1928 (pem_cert_and_key, ocsp_der) = minica.GenerateCertKeyAndOCSP(
1916 subject = "127.0.0.1", 1929 subject = "127.0.0.1",
1917 ocsp_url = ("http://%s:%d/ocsp" % 1930 ocsp_url = ("http://%s:%d/ocsp" %
1918 (host, self.__ocsp_server.server_port)), 1931 (host, self.__ocsp_server.server_port)),
1919 ocsp_state = ocsp_state, 1932 ocsp_state = ocsp_state,
1933 ocsp_date = ocsp_date,
1920 serial = self.options.cert_serial) 1934 serial = self.options.cert_serial)
1921 1935
1922 if self.options.ocsp_server_unavailable: 1936 if self.options.ocsp_server_unavailable:
1923 # SEQUENCE containing ENUMERATED with value 3 (tryLater). 1937 # SEQUENCE containing ENUMERATED with value 3 (tryLater).
1924 self.__ocsp_server.ocsp_response = '30030a0103'.decode('hex') 1938 self.__ocsp_server.ocsp_response = '30030a0103'.decode('hex')
1925 else: 1939 else:
1926 self.__ocsp_server.ocsp_response = ocsp_der 1940 self.__ocsp_server.ocsp_response = ocsp_der
1927 1941
1928 for ca_cert in self.options.ssl_client_ca: 1942 for ca_cert in self.options.ssl_client_ca:
1929 if not os.path.isfile(ca_cert): 1943 if not os.path.isfile(ca_cert):
(...skipping 151 matching lines...) Expand 10 before | Expand all | Expand 10 after
2081 'should be used.') 2095 'should be used.')
2082 self.option_parser.add_option('--cert-and-key-file', 2096 self.option_parser.add_option('--cert-and-key-file',
2083 dest='cert_and_key_file', help='specify the ' 2097 dest='cert_and_key_file', help='specify the '
2084 'path to the file containing the certificate ' 2098 'path to the file containing the certificate '
2085 'and private key for the server in PEM ' 2099 'and private key for the server in PEM '
2086 'format') 2100 'format')
2087 self.option_parser.add_option('--ocsp', dest='ocsp', default='ok', 2101 self.option_parser.add_option('--ocsp', dest='ocsp', default='ok',
2088 help='The type of OCSP response generated ' 2102 help='The type of OCSP response generated '
2089 'for the automatically generated ' 2103 'for the automatically generated '
2090 'certificate. One of [ok,revoked,invalid]') 2104 'certificate. One of [ok,revoked,invalid]')
2105 self.option_parser.add_option('--ocsp-date', dest='ocsp_date',
2106 default='valid', help='The validity of the '
2107 'range between thisUpdate and nextUpdate')
2091 self.option_parser.add_option('--cert-serial', dest='cert_serial', 2108 self.option_parser.add_option('--cert-serial', dest='cert_serial',
2092 default=0, type=int, 2109 default=0, type=int,
2093 help='If non-zero then the generated ' 2110 help='If non-zero then the generated '
2094 'certificate will have this serial number') 2111 'certificate will have this serial number')
2095 self.option_parser.add_option('--tls-intolerant', dest='tls_intolerant', 2112 self.option_parser.add_option('--tls-intolerant', dest='tls_intolerant',
2096 default='0', type='int', 2113 default='0', type='int',
2097 help='If nonzero, certain TLS connections ' 2114 help='If nonzero, certain TLS connections '
2098 'will be aborted in order to test version ' 2115 'will be aborted in order to test version '
2099 'fallback. 1 means all TLS versions will be ' 2116 'fallback. 1 means all TLS versions will be '
2100 'aborted. 2 means TLS 1.1 or higher will be ' 2117 'aborted. 2 means TLS 1.1 or higher will be '
(...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after
2198 'an anonymous user.') 2215 'an anonymous user.')
2199 self.option_parser.add_option('--disable-channel-id', action='store_true') 2216 self.option_parser.add_option('--disable-channel-id', action='store_true')
2200 self.option_parser.add_option('--disable-extended-master-secret', 2217 self.option_parser.add_option('--disable-extended-master-secret',
2201 action='store_true') 2218 action='store_true')
2202 self.option_parser.add_option('--token-binding-params', action='append', 2219 self.option_parser.add_option('--token-binding-params', action='append',
2203 default=[], type='int') 2220 default=[], type='int')
2204 2221
2205 2222
2206 if __name__ == '__main__': 2223 if __name__ == '__main__':
2207 sys.exit(ServerRunner().main()) 2224 sys.exit(ServerRunner().main())
OLDNEW
« net/tools/testserver/minica.py ('K') | « net/tools/testserver/minica.py ('k') | net/url_request/url_request_unittest.cc » ('j') | net/url_request/url_request_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698