This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new a4d6dffca3 Add more OCSP tests
a4d6dffca3 is described below
commit a4d6dffca34564698348a63be5f1105c4cf1d135
Author: Mark Thomas <[email protected]>
AuthorDate: Wed Mar 11 22:29:47 2026 +0000
Add more OCSP tests
---
.../util/net/ocsp/TestOcspSoftFailTryLater.java | 110 +++++++++++++++++++++
1 file changed, 110 insertions(+)
diff --git a/test/org/apache/tomcat/util/net/ocsp/TestOcspSoftFailTryLater.java
b/test/org/apache/tomcat/util/net/ocsp/TestOcspSoftFailTryLater.java
new file mode 100644
index 0000000000..23fff507b5
--- /dev/null
+++ b/test/org/apache/tomcat/util/net/ocsp/TestOcspSoftFailTryLater.java
@@ -0,0 +1,110 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomcat.util.net.ocsp;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+
+import javax.net.ssl.SSLHandshakeException;
+
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.Assume;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+import org.junit.runners.Parameterized.Parameter;
+import org.junit.runners.Parameterized.Parameters;
+
+import org.apache.tomcat.util.net.ocsp.TesterOcspResponder.OcspResponse;
+
+@RunWith(Parameterized.class)
+public class TestOcspSoftFailTryLater extends OcspBaseTest {
+
+ private static TesterOcspResponder ocspResponder;
+
+ @BeforeClass
+ public static void startOcspResponder() {
+ ocspResponder = new TesterOcspResponder();
+ ocspResponder.setFixedResponse(OcspResponse.TRY_LATER);
+ try {
+ ocspResponder.start();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+
+ @AfterClass
+ public static void stopOcspResponder() {
+ if (ocspResponder != null) {
+ ocspResponder.stop();
+ ocspResponder = null;
+ }
+ }
+
+
+ @Parameters(name = "{0} with OpenSSL trust {2}: softFail {4}, clientOk
{5}")
+ public static Collection<Object[]> parameters() {
+ List<Object[]> parameterSets = new ArrayList<>();
+ Collection<Object[]> baseData = OcspBaseTest.parameters();
+
+ for (Object[] base : baseData) {
+ for (Boolean softFail : booleans) {
+ for (Boolean clientCertValid : booleans) {
+ Boolean handshakeFailureExpected;
+
+ if (softFail.booleanValue()) {
+ handshakeFailureExpected = Boolean.FALSE;
+ } else {
+ handshakeFailureExpected = Boolean.TRUE;
+ }
+
+ parameterSets.add(new Object[] { base[0], base[1],
base[2], base[3], softFail, clientCertValid,
+ handshakeFailureExpected});
+ }
+ }
+ }
+ return parameterSets;
+ }
+
+ @Parameter(4)
+ public Boolean softFail;
+
+ @Parameter(5)
+ public boolean clientCertValid;
+
+ @Parameter(6)
+ public boolean handshakeFailureExpected;
+
+ @Test
+ public void test() throws Exception {
+ Assume.assumeNotNull(ocspResponder);
+ try {
+ doTest(clientCertValid, true,
ClientCertificateVerification.ENABLED, false, softFail);
+ if (handshakeFailureExpected) {
+ Assert.fail("Handshake did not fail when expected to do so.");
+ }
+ } catch (SSLHandshakeException e) {
+ if (!handshakeFailureExpected) {
+ Assert.fail("Handshake failed when not expected to do so.");
+ }
+ }
+ }
+}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
