Source code
Revision control
Copy as Markdown
Other Tools
Test Info: Warnings
- This test gets skipped with pattern: os == 'win' && msix OR condprof
- Manifest: security/manager/ssl/tests/unit/xpcshell.toml
// -*- indent-tabs-mode: nil; js-indent-level: 2 -*-
// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this
"use strict";
// In which we connect to a host and encounter OCSP responses with the
// Cache-Control header set, which normally Necko would cache. This test
// ensures that these responses aren't cached. PSM has its own OCSP cache, so
// Necko shouldn't also be caching them.
do_get_profile(); // must be called before getting nsIX509CertDB
const SERVER_PORT = 8888;
function add_flush_cache() {
add_test(() => {
// This appears to either fire multiple times or fire once for every
// observer that has ever been passed to flush. To prevent multiple calls to
// run_next_test, keep track of if this observer has already called it.
let observed = false;
let observer = {
observe: () => {
if (!observed) {
observed = true;
run_next_test();
}
},
};
Services.cache2.QueryInterface(Ci.nsICacheTesting).flush(observer);
});
}
function add_ocsp_necko_cache_test(loadContext) {
// Pre-testcase cleanup/setup.
add_test(() => {
Services.cache2.clear();
run_next_test();
});
add_flush_cache();
let responder;
add_test(() => {
clearOCSPCache();
clearSessionCache();
responder = startOCSPResponder(
SERVER_PORT,
"localhost",
"ocsp_certs",
["default-ee"],
[],
[],
[],
[["Cache-Control", "max-age=1000"]]
);
run_next_test();
});
// Prepare a connection that will cause an OCSP request.
add_connection_test(
"ocsp-stapling-none.example.com",
PRErrorCodeSuccess,
null,
null,
null,
loadContext.originAttributes
);
add_flush_cache();
// Traverse the cache and ensure the response was not cached.
add_test(() => {
let foundEntry = false;
let visitor = {
onCacheStorageInfo() {},
onCacheEntryInfo(aURI) {
Assert.equal(
aURI.spec,
"expected OCSP request URI should match"
);
foundEntry = true;
},
onCacheEntryVisitCompleted() {
Assert.ok(!foundEntry, "should not find a cached entry");
run_next_test();
},
QueryInterface: ChromeUtils.generateQI(["nsICacheStorageVisitor"]),
};
Services.cache2.asyncVisitAllStorages(visitor, true);
});
// Clean up (stop the responder).
add_test(() => {
responder.stop(run_next_test);
});
}
function run_test() {
Services.prefs.setIntPref("security.OCSP.enabled", 1);
add_tls_server_setup("OCSPStaplingServer", "ocsp_certs");
add_ocsp_necko_cache_test(Services.loadContextInfo.private);
add_ocsp_necko_cache_test(Services.loadContextInfo.default);
run_next_test();
}