security/manager/ssl/tests/unit/test_ocsp_stapling_with_intermediate.js@b8a032363ba2 (annotated)
security/manager/ssl/tests/unit/test_ocsp_stapling_with_intermediate.js
Thu, 22 Jan 2015 13:21:57 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 22 Jan 2015 13:21:57 +0100
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
- permissions
- -rw-r--r--
Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6
| michael@0 | 1 | // -*- Mode: javascript; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- |
| michael@0 | 2 | // This Source Code Form is subject to the terms of the Mozilla Public |
| michael@0 | 3 | // License, v. 2.0. If a copy of the MPL was not distributed with this |
| michael@0 | 4 | // file, You can obtain one at http://mozilla.org/MPL/2.0/. |
| michael@0 | 5 | "use strict"; |
| michael@0 | 6 | |
| michael@0 | 7 | // In which we connect to a server that staples an OCSP response for a |
| michael@0 | 8 | // certificate signed by an intermediate that has an OCSP AIA to ensure |
| michael@0 | 9 | // that an OCSP request is not made for the intermediate. |
| michael@0 | 10 | |
| michael@0 | 11 | let gOCSPRequestCount = 0; |
| michael@0 | 12 | |
| michael@0 | 13 | function add_ocsp_test(aHost, aExpectedResult) { |
| michael@0 | 14 | add_connection_test(aHost, aExpectedResult, |
| michael@0 | 15 | function() { |
| michael@0 | 16 | clearOCSPCache(); |
| michael@0 | 17 | clearSessionCache(); |
| michael@0 | 18 | }); |
| michael@0 | 19 | } |
| michael@0 | 20 | |
| michael@0 | 21 | function run_test() { |
| michael@0 | 22 | do_get_profile(); |
| michael@0 | 23 | Services.prefs.setBoolPref("security.ssl.enable_ocsp_stapling", true); |
| michael@0 | 24 | |
| michael@0 | 25 | let ocspResponder = new HttpServer(); |
| michael@0 | 26 | ocspResponder.registerPrefixHandler("/", function(request, response) { |
| michael@0 | 27 | gOCSPRequestCount++; |
| michael@0 | 28 | response.setStatusLine(request.httpVersion, 500, "Internal Server Error"); |
| michael@0 | 29 | let body = "Refusing to return a response"; |
| michael@0 | 30 | response.bodyOutputStream.write(body, body.length); |
| michael@0 | 31 | }); |
| michael@0 | 32 | ocspResponder.start(8080); |
| michael@0 | 33 | |
| michael@0 | 34 | add_tls_server_setup("OCSPStaplingServer"); |
| michael@0 | 35 | |
| michael@0 | 36 | add_tests_in_mode(true); |
| michael@0 | 37 | add_tests_in_mode(false); |
| michael@0 | 38 | |
| michael@0 | 39 | add_test(function () { ocspResponder.stop(run_next_test); }); |
| michael@0 | 40 | add_test(function() { |
| michael@0 | 41 | do_check_eq(gOCSPRequestCount, 0); |
| michael@0 | 42 | run_next_test(); |
| michael@0 | 43 | }); |
| michael@0 | 44 | run_next_test(); |
| michael@0 | 45 | } |
| michael@0 | 46 | |
| michael@0 | 47 | function add_tests_in_mode(useMozillaPKIX) { |
| michael@0 | 48 | add_test(function () { |
| michael@0 | 49 | Services.prefs.setBoolPref("security.use_mozillapkix_verification", |
| michael@0 | 50 | useMozillaPKIX); |
| michael@0 | 51 | run_next_test(); |
| michael@0 | 52 | }); |
| michael@0 | 53 | |
| michael@0 | 54 | add_ocsp_test("ocsp-stapling-with-intermediate.example.com", Cr.NS_OK); |
| michael@0 | 55 | } |
