Changeset 94cb972 in mod_gnutls for test


Ignore:
Timestamp:
May 29, 2016, 6:06:59 PM (3 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, master, upstream
Children:
20f8e99
Parents:
b674e95
Message:

Minimal OCSP stapling implementation using externally provided response

Works if the configured file contains a valid and current OCSP
response. Note that the module does not yet check those conditions,
the file is just read and forwarded to GnuTLS.

Location:
test
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • test/runtests

    rb674e95 r94cb972  
    191191# check OCSP server
    192192if [ -n "${CHECK_OCSP_SERVER}" ]; then
     193    if [ -n "${OCSP_RESPONSE_FILE}" ]; then
     194        store_ocsp="--outfile ${OCSP_RESPONSE_FILE}"
     195    fi
    193196    echo "---- Testing OCSP server ----"
    194     ocsptool --ask --nonce --load-issuer authority/x509.pem --load-cert server/x509.pem
     197    ocsptool --ask --nonce --load-issuer authority/x509.pem --load-cert server/x509.pem ${store_ocsp}
    195198    echo "---- OCSP test done ----"
    196199fi
  • test/test-27_OCSP_server.bash

    rb674e95 r94cb972  
    77# trigger OCSP server test in the runtests script
    88export CHECK_OCSP_SERVER="true"
     9export OCSP_RESPONSE_FILE="$(mktemp mod_gnutls_test-XXXXXX.der)"
    910
    1011${srcdir}/runtests t-27
     12
     13ocsptool -e --load-signer authority/x509.pem --load-response ${OCSP_RESPONSE_FILE} || ret=1
     14rm "${OCSP_RESPONSE_FILE}"
     15exit ${ret}
  • test/tests/27_OCSP_server/apache.conf

    rb674e95 r94cb972  
    1414        GnuTLSKeyFile           server/secret.key
    1515        GnuTLSPriorities        NORMAL
     16        GnuTLSOCSPResponseFile  ${OCSP_RESPONSE_FILE}
    1617</VirtualHost>
Note: See TracChangeset for help on using the changeset viewer.