wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

OSCP

Browse Source 
1. Made killing the OCSP server process more reliable.
2. Added attr files for the OSCP status files. Bare minimum attr.
3. Added a NL to the error string from the client regarding external tests.
This commit is contained in:
John Safranek
2018-08-02 11:32:36 -07:00
parent ddec878152
commit c71f730d67
5 changed files with 16 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
certs/ocsp/index-intermediate1-ca-issued-certs.txt.attr Normal file
View File

@ -0,0 +1 @@
unique_subject = no

1
certs/ocsp/index-intermediate2-ca-issued-certs.txt.attr Normal file
View File

@ -0,0 +1 @@
unique_subject = no

1
certs/ocsp/index-intermediate3-ca-issued-certs.txt.attr Normal file
View File

@ -0,0 +1 @@
unique_subject = no

2
examples/client/client.c
View File

@ -1454,7 +1454,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif #endif
if (done) { if (done) {
printf("external test can't be run in this mode"); printf("external test can't be run in this mode\n");
((func_args*)args)->return_code = 0; ((func_args*)args)->return_code = 0;
XEXIT_T(EXIT_SUCCESS); XEXIT_T(EXIT_SUCCESS);

30
scripts/ocsp-stapling.test
View File

@ -1,16 +1,15 @@
#!/bin/bash #!/bin/bash
#set an invalid default PID so we don't cleanup a process unexpectedly
OSSL_INT1_PID="INVALID"
# ocsp-stapling.test # ocsp-stapling.test
cleanup(){
# "jobs" is not portable for posix. Must use bash interpreter!
for i in `jobs -p`; do pkill -TERM -P $i; done
kill $OSSL_INT1_PID
}
trap cleanup INT TERM EXIT
cleanup()
{
for i in $(jobs -pr)
do
kill -s HUP "$i"
done
}
trap cleanup EXIT INT TERM HUP
server=login.live.com server=login.live.com
ca=certs/external/baltimore-cybertrust-root.pem ca=certs/external/baltimore-cybertrust-root.pem
@ -25,11 +24,9 @@ fi
#./scripts/ping.test $server 2 #./scripts/ping.test $server 2
# client test against the server # client test against the server
# external test case was never running, disable for now but retain case in event ./examples/client/client -C -h $server -p 443 -A $ca -g -W 1
# we wish to re-activate in the future. RESULT=$?
#./examples/client/client -X -C -h $server -p 443 -A $ca -g -W 1 [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
#RESULT=$?
#[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
# Test with example server # Test with example server
@ -48,10 +45,7 @@ openssl ocsp -port 22221 -nmin 1 \
-rsigner certs/ocsp/ocsp-responder-cert.pem \ -rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \ -rkey certs/ocsp/ocsp-responder-key.pem \
-CA certs/ocsp/intermediate1-ca-cert.pem \ -CA certs/ocsp/intermediate1-ca-cert.pem \
$@ \ "$@" &
&
OSSL_INT1_PID=$!
sleep 1 sleep 1
# "jobs" is not portable for posix. Must use bash interpreter! # "jobs" is not portable for posix. Must use bash interpreter!