net: add OCSP tests.

net/test/test_server.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/test/test_server.h"
 
 #include <algorithm>
 #include <string>
 #include <vector>
 
@@ skipping 51 matching lines @@
     case CERT_CHAIN_WRONG_ROOT:
       // This chain uses its own dedicated test root certificate to avoid
       // side-effects that may affect testing.
       return FilePath(FILE_PATH_LITERAL("redundant-server-chain.pem"));
     default:
       NOTREACHED();
   }
   return FilePath();
 }
 
+std::string TestServer::HTTPSOptions::GetSpecialCertificateString() const {
+  switch (server_certificate) {
+    case OCSP_OK:
+      return "__ocsp_ok__";
+    case OCSP_REVOKED:
+      return "__ocsp_revoked__";
+    case OCSP_INVALID:
+      return "__ocsp_invalid__";
+    default:
+      return "";
+  }

[Ryan Sleevi, 2012/03/09 22:07:53]

Can you rework this not to require these sorts of magic strings?

What's wrong with having lines 399-412 simply look at the certificate type and
appending custom args to test_server.py like
--ocsp-responder=[ok,revoked,invalid] ?

[agl, 2012/03/13 22:24:29]

I had to split the certificate and key filename from the --https option to do
this. See how you like it.

+}
+
 const char TestServer::kLocalhost[] = "127.0.0.1";
 const char TestServer::kGDataAuthToken[] = "testtoken";
 
 TestServer::TestServer(Type type,
                        const std::string& host,
                        const FilePath& document_root)
     : type_(type),
       started_(false),
       log_to_console_(false) {
   Init(host, document_root);
@@ skipping 294 matching lines @@
   } else if (type_ == TYPE_SYNC) {
     command_line->AppendArg("--sync");
   } else if (type_ == TYPE_TCP_ECHO) {
     command_line->AppendArg("--tcp-echo");
   } else if (type_ == TYPE_UDP_ECHO) {
     command_line->AppendArg("--udp-echo");
   } else if (type_ == TYPE_GDATA) {
     // --auth-token will be used in tests for chrome/browser/chromeos/gdata.
     command_line->AppendArg(std::string("--auth-token=") + kGDataAuthToken);
   } else if (type_ == TYPE_HTTPS) {
-    FilePath certificate_path(certificates_dir_);
-    certificate_path = certificate_path.Append(
-        https_options_.GetCertificateFile());
-    if (!file_util::PathExists(certificate_path)) {
-      LOG(ERROR) << "Certificate path " << certificate_path.value()
-                 << " doesn't exist. Can't launch https server.";
-      return false;
+    std::string cert_option = https_options_.GetSpecialCertificateString();
+    if (!cert_option.empty()) {
+      command_line->AppendArg("--https=" + cert_option);
+    } else {
+      FilePath certificate_path(certificates_dir_);
+      certificate_path = certificate_path.Append(
+          https_options_.GetCertificateFile());
+      if (!file_util::PathExists(certificate_path)) {
+        LOG(ERROR) << "Certificate path " << certificate_path.value()
+                   << " doesn't exist. Can't launch https server.";
+        return false;
+      }
+      command_line->AppendArgNative(FILE_PATH_LITERAL("--https=") +
+                                    certificate_path.value());
     }
-    command_line->AppendArgNative(FILE_PATH_LITERAL("--https=") +
-                                  certificate_path.value());
 
     if (https_options_.request_client_certificate)
       command_line->AppendArg("--ssl-client-auth");
 
     for (std::vector<FilePath>::const_iterator it =
              https_options_.client_authorities.begin();
          it != https_options_.client_authorities.end(); ++it) {
       if (!file_util::PathExists(*it)) {
         LOG(ERROR) << "Client authority path " << it->value()
                    << " doesn't exist. Can't launch https server.";
@@ skipping 15 matching lines @@
       command_line->AppendArg(kBulkCipherSwitch + "=3des");
 
     if (https_options_.record_resume)
       command_line->AppendArg("--https-record-resume");
   }
 
   return true;
 }
 
 }  // namespace net