| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/test/spawned_test_server/base_test_server.h" | 5 #include "net/test/spawned_test_server/base_test_server.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/base64.h" | 10 #include "base/base64.h" |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 54 } // namespace | 54 } // namespace |
| 55 | 55 |
| 56 BaseTestServer::SSLOptions::SSLOptions() | 56 BaseTestServer::SSLOptions::SSLOptions() |
| 57 : server_certificate(CERT_OK), | 57 : server_certificate(CERT_OK), |
| 58 ocsp_status(OCSP_OK), | 58 ocsp_status(OCSP_OK), |
| 59 cert_serial(0), | 59 cert_serial(0), |
| 60 request_client_certificate(false), | 60 request_client_certificate(false), |
| 61 bulk_ciphers(SSLOptions::BULK_CIPHER_ANY), | 61 bulk_ciphers(SSLOptions::BULK_CIPHER_ANY), |
| 62 record_resume(false), | 62 record_resume(false), |
| 63 tls_intolerant(TLS_INTOLERANT_NONE), | 63 tls_intolerant(TLS_INTOLERANT_NONE), |
| 64 fallback_scsv_enabled(false) {} | 64 fallback_scsv_enabled(false), |
| 65 staple_ocsp_response(false) {} |
| 65 | 66 |
| 66 BaseTestServer::SSLOptions::SSLOptions( | 67 BaseTestServer::SSLOptions::SSLOptions( |
| 67 BaseTestServer::SSLOptions::ServerCertificate cert) | 68 BaseTestServer::SSLOptions::ServerCertificate cert) |
| 68 : server_certificate(cert), | 69 : server_certificate(cert), |
| 69 ocsp_status(OCSP_OK), | 70 ocsp_status(OCSP_OK), |
| 70 cert_serial(0), | 71 cert_serial(0), |
| 71 request_client_certificate(false), | 72 request_client_certificate(false), |
| 72 bulk_ciphers(SSLOptions::BULK_CIPHER_ANY), | 73 bulk_ciphers(SSLOptions::BULK_CIPHER_ANY), |
| 73 record_resume(false), | 74 record_resume(false), |
| 74 tls_intolerant(TLS_INTOLERANT_NONE), | 75 tls_intolerant(TLS_INTOLERANT_NONE), |
| 75 fallback_scsv_enabled(false) {} | 76 fallback_scsv_enabled(false), |
| 77 staple_ocsp_response(false) {} |
| 76 | 78 |
| 77 BaseTestServer::SSLOptions::~SSLOptions() {} | 79 BaseTestServer::SSLOptions::~SSLOptions() {} |
| 78 | 80 |
| 79 base::FilePath BaseTestServer::SSLOptions::GetCertificateFile() const { | 81 base::FilePath BaseTestServer::SSLOptions::GetCertificateFile() const { |
| 80 switch (server_certificate) { | 82 switch (server_certificate) { |
| 81 case CERT_OK: | 83 case CERT_OK: |
| 82 case CERT_MISMATCHED_NAME: | 84 case CERT_MISMATCHED_NAME: |
| 83 return base::FilePath(FILE_PATH_LITERAL("ok_cert.pem")); | 85 return base::FilePath(FILE_PATH_LITERAL("ok_cert.pem")); |
| 84 case CERT_EXPIRED: | 86 case CERT_EXPIRED: |
| 85 return base::FilePath(FILE_PATH_LITERAL("expired_cert.pem")); | 87 return base::FilePath(FILE_PATH_LITERAL("expired_cert.pem")); |
| (...skipping 307 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 393 if (bulk_cipher_values->GetSize()) | 395 if (bulk_cipher_values->GetSize()) |
| 394 arguments->Set("ssl-bulk-cipher", bulk_cipher_values.release()); | 396 arguments->Set("ssl-bulk-cipher", bulk_cipher_values.release()); |
| 395 if (ssl_options_.record_resume) | 397 if (ssl_options_.record_resume) |
| 396 arguments->Set("https-record-resume", base::Value::CreateNullValue()); | 398 arguments->Set("https-record-resume", base::Value::CreateNullValue()); |
| 397 if (ssl_options_.tls_intolerant != SSLOptions::TLS_INTOLERANT_NONE) { | 399 if (ssl_options_.tls_intolerant != SSLOptions::TLS_INTOLERANT_NONE) { |
| 398 arguments->Set("tls-intolerant", | 400 arguments->Set("tls-intolerant", |
| 399 new base::FundamentalValue(ssl_options_.tls_intolerant)); | 401 new base::FundamentalValue(ssl_options_.tls_intolerant)); |
| 400 } | 402 } |
| 401 if (ssl_options_.fallback_scsv_enabled) | 403 if (ssl_options_.fallback_scsv_enabled) |
| 402 arguments->Set("fallback-scsv", base::Value::CreateNullValue()); | 404 arguments->Set("fallback-scsv", base::Value::CreateNullValue()); |
| 403 if (!ssl_options_.signed_cert_timestamps.empty()) { | 405 if (!ssl_options_.signed_cert_timestamps_tls_ext.empty()) { |
| 404 std::string b64_scts; | 406 std::string b64_scts_tls_ext; |
| 405 base::Base64Encode(ssl_options_.signed_cert_timestamps, &b64_scts); | 407 base::Base64Encode(ssl_options_.signed_cert_timestamps_tls_ext, |
| 406 arguments->SetString("signed-cert-timestamps", b64_scts); | 408 &b64_scts_tls_ext); |
| 409 arguments->SetString("signed-cert-timestamps-tls-ext", b64_scts_tls_ext); |
| 407 } | 410 } |
| 411 if (ssl_options_.staple_ocsp_response) |
| 412 arguments->Set("staple-ocsp-response", base::Value::CreateNullValue()); |
| 408 } | 413 } |
| 409 | 414 |
| 410 return GenerateAdditionalArguments(arguments); | 415 return GenerateAdditionalArguments(arguments); |
| 411 } | 416 } |
| 412 | 417 |
| 413 bool BaseTestServer::GenerateAdditionalArguments( | 418 bool BaseTestServer::GenerateAdditionalArguments( |
| 414 base::DictionaryValue* arguments) const { | 419 base::DictionaryValue* arguments) const { |
| 415 return true; | 420 return true; |
| 416 } | 421 } |
| 417 | 422 |
| 418 } // namespace net | 423 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 92443002:
Extract Certificate Transparency SCTs from stapled OCSP responses (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@extract_scts