| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_TEST_SPAWNED_TEST_SERVER_BASE_TEST_SERVER_H_ | 5 #ifndef NET_TEST_SPAWNED_TEST_SERVER_BASE_TEST_SERVER_H_ |
| 6 #define NET_TEST_SPAWNED_TEST_SERVER_BASE_TEST_SERVER_H_ | 6 #define NET_TEST_SPAWNED_TEST_SERVER_BASE_TEST_SERVER_H_ |
| 7 | 7 |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include <memory> | 10 #include <memory> |
| (...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 74 // A certificate with invalid notBefore and notAfter times. Windows' | 74 // A certificate with invalid notBefore and notAfter times. Windows' |
| 75 // certificate library will not parse this certificate. | 75 // certificate library will not parse this certificate. |
| 76 CERT_BAD_VALIDITY, | 76 CERT_BAD_VALIDITY, |
| 77 }; | 77 }; |
| 78 | 78 |
| 79 // OCSPStatus enumerates the types of OCSP response that the testserver | 79 // OCSPStatus enumerates the types of OCSP response that the testserver |
| 80 // can produce. | 80 // can produce. |
| 81 enum OCSPStatus { | 81 enum OCSPStatus { |
| 82 OCSP_OK, | 82 OCSP_OK, |
| 83 OCSP_REVOKED, | 83 OCSP_REVOKED, |
| 84 OCSP_INVALID, | 84 OCSP_INVALID_RESPONSE, |
| 85 OCSP_UNAUTHORIZED, | 85 OCSP_UNAUTHORIZED, |
| 86 OCSP_UNKNOWN, | 86 OCSP_UNKNOWN, |
| 87 OCSP_INVALID_RESPONSE_DATA, |
| 88 OCSP_TRY_LATER, |
| 89 OCSP_MISMATCHED_SERIAL, |
| 90 }; |
| 91 |
| 92 // OCSPDate enumerates the date ranges for OCSP responses that the |
| 93 // testserver can produce. |
| 94 enum OCSPDate { |
| 95 OCSP_DATE_VALID, |
| 96 OCSP_DATE_OLD, |
| 97 OCSP_DATE_EARLY, |
| 98 OCSP_DATE_LONG, |
| 99 }; |
| 100 |
| 101 // OCSPSingleResponse is used when specifying multiple stapled responses, |
| 102 // each |
| 103 // with their own CertStatus and date validity. |
| 104 struct OCSPSingleResponse { |
| 105 OCSPStatus status; |
| 106 OCSPDate date; |
| 107 }; |
| 108 |
| 109 // OCSPProduced enumerates the validity of the producedAt field in OCSP |
| 110 // responses produced by the testserver. |
| 111 enum OCSPProduced { |
| 112 OCSP_PRODUCED_VALID, |
| 113 OCSP_PRODUCED_BEFORE_CERT, |
| 114 OCSP_PRODUCED_AFTER_CERT, |
| 87 }; | 115 }; |
| 88 | 116 |
| 89 // Bitmask of key exchange algorithms that the test server supports and that | 117 // Bitmask of key exchange algorithms that the test server supports and that |
| 90 // can be selectively enabled or disabled. | 118 // can be selectively enabled or disabled. |
| 91 enum KeyExchange { | 119 enum KeyExchange { |
| 92 // Special value used to indicate that any algorithm the server supports | 120 // Special value used to indicate that any algorithm the server supports |
| 93 // is acceptable. Preferred over explicitly OR-ing all key exchange | 121 // is acceptable. Preferred over explicitly OR-ing all key exchange |
| 94 // algorithms. | 122 // algorithms. |
| 95 KEY_EXCHANGE_ANY = 0, | 123 KEY_EXCHANGE_ANY = 0, |
| 96 | 124 |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 144 ~SSLOptions(); | 172 ~SSLOptions(); |
| 145 | 173 |
| 146 // Returns the relative filename of the file that contains the | 174 // Returns the relative filename of the file that contains the |
| 147 // |server_certificate|. | 175 // |server_certificate|. |
| 148 base::FilePath GetCertificateFile() const; | 176 base::FilePath GetCertificateFile() const; |
| 149 | 177 |
| 150 // GetOCSPArgument returns the value of any OCSP argument to testserver or | 178 // GetOCSPArgument returns the value of any OCSP argument to testserver or |
| 151 // the empty string if there is none. | 179 // the empty string if there is none. |
| 152 std::string GetOCSPArgument() const; | 180 std::string GetOCSPArgument() const; |
| 153 | 181 |
| 182 // GetOCSPDateArgument returns the value of the OCSP date argument to |
| 183 // testserver or the empty string if there is none. |
| 184 std::string GetOCSPDateArgument() const; |
| 185 |
| 186 // GetOCSPProducedArgument returns the value of the OCSP produced argument |
| 187 // to testserver or the empty string if there is none. |
| 188 std::string GetOCSPProducedArgument() const; |
| 189 |
| 154 // The certificate to use when serving requests. | 190 // The certificate to use when serving requests. |
| 155 ServerCertificate server_certificate; | 191 ServerCertificate server_certificate; |
| 156 | 192 |
| 157 // If |server_certificate==CERT_AUTO| then this determines the type of OCSP | 193 // If |server_certificate==CERT_AUTO| then this determines the type of OCSP |
| 158 // response returned. | 194 // response returned. Ignored if |ocsp_responses| is non-empty. |
| 159 OCSPStatus ocsp_status; | 195 OCSPStatus ocsp_status; |
| 160 | 196 |
| 197 // If |server_certificate==CERT_AUTO| then this determines the date range |
| 198 // set on the OCSP response returned. Ignore if |ocsp_responses| is |
| 199 // non-empty. |
| 200 OCSPDate ocsp_date; |
| 201 |
| 202 // If |server_certificate==CERT_AUTO|, contains the status and validity for |
| 203 // multiple stapled responeses. Overrides |ocsp_status| and |ocsp_date| when |
| 204 // non-empty. |
| 205 std::vector<OCSPSingleResponse> ocsp_responses; |
| 206 |
| 207 // If |server_certificate==CERT_AUTO| then this determines the validity of |
| 208 // the producedAt field on the returned OCSP response. |
| 209 OCSPProduced ocsp_produced; |
| 210 |
| 161 // If not zero, |cert_serial| will be the serial number of the | 211 // If not zero, |cert_serial| will be the serial number of the |
| 162 // auto-generated leaf certificate when |server_certificate==CERT_AUTO|. | 212 // auto-generated leaf certificate when |server_certificate==CERT_AUTO|. |
| 163 uint64_t cert_serial; | 213 uint64_t cert_serial; |
| 164 | 214 |
| 165 // True if a CertificateRequest should be sent to the client during | 215 // True if a CertificateRequest should be sent to the client during |
| 166 // handshaking. | 216 // handshaking. |
| 167 bool request_client_certificate; | 217 bool request_client_certificate; |
| 168 | 218 |
| 169 // If |request_client_certificate| is true, an optional list of files, | 219 // If |request_client_certificate| is true, an optional list of files, |
| 170 // each containing a single, PEM-encoded X.509 certificates. The subject | 220 // each containing a single, PEM-encoded X.509 certificates. The subject |
| (...skipping 193 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 364 bool no_anonymous_ftp_user_; | 414 bool no_anonymous_ftp_user_; |
| 365 | 415 |
| 366 std::unique_ptr<ScopedPortException> allowed_port_; | 416 std::unique_ptr<ScopedPortException> allowed_port_; |
| 367 | 417 |
| 368 DISALLOW_COPY_AND_ASSIGN(BaseTestServer); | 418 DISALLOW_COPY_AND_ASSIGN(BaseTestServer); |
| 369 }; | 419 }; |
| 370 | 420 |
| 371 } // namespace net | 421 } // namespace net |
| 372 | 422 |
| 373 #endif // NET_TEST_SPAWNED_TEST_SERVER_BASE_TEST_SERVER_H_ | 423 #endif // NET_TEST_SPAWNED_TEST_SERVER_BASE_TEST_SERVER_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2100303002:
Add OCSPVerifyResult for tracking stapled OCSP responses cross-platform. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@ocsp-date-check