diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-12-14 15:41:17 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-12-15 20:12:01 +0100 |
| commit | 0ae82294ca86e42b33368a94f1b3c5b91694729f (patch) | |
| tree | 6cf6f5385a149cd4534b6169b743e6346f4bc0dd /tests | |
| parent | 2b715b9564681acb3008a5574dcf25464de8b038 (diff) | |
| download | gnutls-0ae82294ca86e42b33368a94f1b3c5b91694729f.tar.gz | |
Provide flag to identify sessions that an OCSP response was requested
That adds the flag GNUTLS_SFLAGS_CLI_REQUESTED_OCSP which can be
checked by a server application to determine whether the
client has requested stapled OCSP responses.
This includes minor cleanups in the status request handling code.
Resolves: #829
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/mini-x509.c | 3 | ||||
| -rw-r--r-- | tests/status-request.c | 6 | ||||
| -rw-r--r-- | tests/x509-cert-callback-ocsp.c | 3 |
3 files changed, 11 insertions, 1 deletions
diff --git a/tests/mini-x509.c b/tests/mini-x509.c index c26b13f716..a4fb56e991 100644 --- a/tests/mini-x509.c +++ b/tests/mini-x509.c @@ -113,6 +113,9 @@ void start(const char *prio, unsigned expect_max) HANDSHAKE(client, server); + assert((gnutls_session_get_flags(server) & GNUTLS_SFLAGS_CLI_REQUESTED_OCSP) != 0); + assert((gnutls_session_get_flags(client) & GNUTLS_SFLAGS_CLI_REQUESTED_OCSP) != 0); + /* check gnutls_certificate_get_ours() - client side */ { const gnutls_datum_t *mcert; diff --git a/tests/status-request.c b/tests/status-request.c index 0e62969ba9..07c7918524 100644 --- a/tests/status-request.c +++ b/tests/status-request.c @@ -107,7 +107,7 @@ static void client(int fd, const char *prio) /* Initialize TLS session */ - gnutls_init(&session, GNUTLS_CLIENT|GNUTLS_NO_EXTENSIONS); + assert(gnutls_init(&session, GNUTLS_CLIENT|GNUTLS_NO_EXTENSIONS)>=0); assert(gnutls_priority_set_direct(session, prio, NULL)>=0); @@ -136,6 +136,8 @@ static void client(int fd, const char *prio) success("client: Handshake was completed\n"); } + assert((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_CLI_REQUESTED_OCSP) == 0); + if (debug) success("client: TLS version is: %s\n", gnutls_protocol_get_name @@ -215,6 +217,8 @@ static void server(int fd, const char *prio) goto end; } + assert((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_CLI_REQUESTED_OCSP) == 0); + if (debug) { success("server: Handshake was completed\n"); } diff --git a/tests/x509-cert-callback-ocsp.c b/tests/x509-cert-callback-ocsp.c index 036c047af6..b0a6c87620 100644 --- a/tests/x509-cert-callback-ocsp.c +++ b/tests/x509-cert-callback-ocsp.c @@ -187,6 +187,9 @@ static void start(const char *prio) HANDSHAKE(client, server); + assert((gnutls_session_get_flags(server) & GNUTLS_SFLAGS_CLI_REQUESTED_OCSP) != 0); + assert((gnutls_session_get_flags(client) & GNUTLS_SFLAGS_CLI_REQUESTED_OCSP) != 0); + ret = gnutls_ocsp_status_request_get(client, &response); if (ret != 0) fail("no response was found: %s\n", gnutls_strerror(ret)); |