diff options
| author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-03-19 20:19:47 +0000 |
|---|---|---|
| committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-03-19 20:19:47 +0000 |
| commit | 131d13b8530e28cea6ae0fd5fa7e41723667ce04 (patch) | |
| tree | 57cb7f1f6d07b581b1979b96b6ab9f55d51f0f22 /net/test/base_test_server.h | |
| parent | eaf60d8ba229a9dc7344cc305ef23607ce4b52be (diff) | |
| download | chromium_src-131d13b8530e28cea6ae0fd5fa7e41723667ce04.zip chromium_src-131d13b8530e28cea6ae0fd5fa7e41723667ce04.tar.gz chromium_src-131d13b8530e28cea6ae0fd5fa7e41723667ce04.tar.bz2 | |
Revert "Revert "net: add OCSP tests.""
(First landed in r127486, reverted in r127493 because it broke on
Windows XP.)
I was getting increasingly unhappy altering EV and revocation checking
semantics without any tests. We historically haven't had tests because
online revocation checking is inherently flaky so I amended testserver
with the minimum code to be able to sign and vend OCSP responses.
These tests do not test the final EV/CRLSet/revocation checking
semantics. They are intended to be altered in future CLs.
BUG=none
TEST=net_unittests
https://chromiumcodereview.appspot.com/9663017/
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@127518 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/test/base_test_server.h')
| -rw-r--r-- | net/test/base_test_server.h | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/net/test/base_test_server.h b/net/test/base_test_server.h index 7264a65..fd04e55 100644 --- a/net/test/base_test_server.h +++ b/net/test/base_test_server.h @@ -46,6 +46,11 @@ class BaseTestServer { struct HTTPSOptions { enum ServerCertificate { CERT_OK, + + // CERT_AUTO causes the testserver to generate a test certificate issued + // by "Testing CA" (see net/data/ssl/certificates/ocsp-test-root.pem). + CERT_AUTO, + CERT_MISMATCHED_NAME, CERT_EXPIRED, // Cross-signed certificate to test PKIX path building. Contains an @@ -55,6 +60,14 @@ class BaseTestServer { CERT_CHAIN_WRONG_ROOT, }; + // OCSPStatus enumerates the types of OCSP response that the testserver + // can produce. + enum OCSPStatus { + OCSP_OK, + OCSP_REVOKED, + OCSP_INVALID, + }; + // Bitmask of bulk encryption algorithms that the test server supports // and that can be selectively enabled or disabled. enum BulkCipher { @@ -83,9 +96,17 @@ class BaseTestServer { // |server_certificate|. FilePath GetCertificateFile() const; + // GetOCSPArgument returns the value of any OCSP argument to testserver or + // the empty string if there is none. + std::string GetOCSPArgument() const; + // The certificate to use when serving requests. ServerCertificate server_certificate; + // If |server_certificate==CERT_AUTO| then this determines the type of OCSP + // response returned. + OCSPStatus ocsp_status; + // True if a CertificateRequest should be sent to the client during // handshaking. bool request_client_certificate; |