105 lines
3.0 KiB
Diff
105 lines
3.0 KiB
Diff
Index: chains.sh
|
|
===================================================================
|
|
RCS file: /cvsroot/mozilla/security/nss/tests/chains/chains.sh,v
|
|
retrieving revision 1.15
|
|
diff -u -9 -r1.15 chains.sh
|
|
--- chains.sh 15 Apr 2009 18:04:35 -0000 1.15
|
|
+++ security/nss/tests/chains/chains.sh 17 Apr 2009 13:02:49 -0000
|
|
@@ -689,18 +689,49 @@
|
|
if [ "${EXP_RESULT}" = "pass" -a ${RESULT} -eq 0 ]; then
|
|
html_passed "${SCENARIO}${TESTNAME}"
|
|
elif [ "${EXP_RESULT}" = "fail" -a ${RESULT} -ne 0 ]; then
|
|
html_passed "${SCENARIO}${TESTNAME}"
|
|
else
|
|
html_failed "${SCENARIO}${TESTNAME}"
|
|
fi
|
|
}
|
|
|
|
+
|
|
+check_ocsp()
|
|
+{
|
|
+ OCSP_CERT=$1
|
|
+
|
|
+ CERT_NICK=`echo ${OCSP_CERT} | cut -d: -f1`
|
|
+ CERT_ISSUER=`echo ${OCSP_CERT} | cut -d: -f2`
|
|
+
|
|
+ if [ "${CERT_ISSUER}" = "x" ]; then
|
|
+ CERT_ISSUER=
|
|
+ CERT=${CERT_NICK}.cert
|
|
+ CERT_FILE="${QADIR}/libpkix/certs/${CERT}"
|
|
+ else
|
|
+ CERT=${CERT_NICK}${CERT_ISSUER}.der
|
|
+ CERT_FILE=${CERT}
|
|
+ fi
|
|
+
|
|
+ OCSP_HOST=$(${BINDIR}/pp -t certificate -i ${CERT_FILE} | grep URI | sed "s/.*:\/\///" | sed "s/:.*//")
|
|
+
|
|
+ if [ "${OS_ARCH}" = "WINNT" ]; then
|
|
+ ping -n 1 ${OCSP_HOST}
|
|
+ return $?
|
|
+ elif [ "${OS_ARCH}" = "HP-UX" ]; then
|
|
+ ping ${OCSP_HOST} -c 1
|
|
+ return $?
|
|
+ else
|
|
+ ping -c 1 ${OCSP_HOST}
|
|
+ return $?
|
|
+ fi
|
|
+}
|
|
+
|
|
############################ parse_result ##############################
|
|
# local shell function to process expected result value
|
|
# this function was created for case that expected result depends on
|
|
# some conditions - in our case type of cert DB
|
|
#
|
|
# default results are pass and fail
|
|
# this function added parsable values in format:
|
|
# type1:value1 type2:value2 .... typex:valuex
|
|
#
|
|
@@ -859,18 +890,25 @@
|
|
LOGFILE="${LOGDIR}/${LOGNAME}"
|
|
fi
|
|
;;
|
|
"sleep")
|
|
sleep ${VALUE}
|
|
;;
|
|
"break")
|
|
break
|
|
;;
|
|
+ "check_ocsp")
|
|
+ check_ocsp ${VALUE}
|
|
+ if [ $? -ne 0 ]; then
|
|
+ echo "OCSP server not accessible, skipping OCSP tests"
|
|
+ break;
|
|
+ fi
|
|
+ ;;
|
|
"")
|
|
if [ -n "${ENTITY}" ]; then
|
|
if [ -z "${DB}" ]; then
|
|
create_entity "${ENTITY}" "${TYPE}"
|
|
fi
|
|
sign_cert "${ENTITY}" "${ISSUER}" "${TYPE}"
|
|
if [ "${TYPE}" = "Bridge" ]; then
|
|
create_pkcs7 "${ENTITY}"
|
|
fi
|
|
Index: scenarios/ocsp.cfg
|
|
===================================================================
|
|
RCS file: /cvsroot/mozilla/security/nss/tests/chains/scenarios/ocsp.cfg,v
|
|
retrieving revision 1.4
|
|
diff -u -9 -r1.4 ocsp.cfg
|
|
--- scenarios/ocsp.cfg 19 Mar 2009 09:55:31 -0000 1.4
|
|
+++ security/nss/tests/chains/scenarios/ocsp.cfg 17 Apr 2009 13:02:49 -0000
|
|
@@ -1,11 +1,13 @@
|
|
scenario OCSP
|
|
|
|
+check_ocsp OCSPEE11:x
|
|
+
|
|
db OCSPRoot
|
|
import OCSPRoot:x:CT,C,C
|
|
|
|
db OCSPCA1
|
|
import_key OCSPCA1
|
|
|
|
crl OCSPCA1
|
|
|
|
revoke OCSPCA1
|