Uploaded image for project: 'C Driver'
  1. C Driver
  2. CDRIVER-3665

End-to-end test for OCSP cache

    • Type: Icon: Improvement Improvement
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 1.17.0-beta2, 1.17.0
    • Affects Version/s: None
    • Component/s: None
    • None

      There are currently no end-to-end tests for our OCSP cache. While there is no clear guidance from the OCSP Support Test Plan on how to test it, there is clear guidance on the expected behavior of the cache. We should create end-to-end tests to ensure our cache works as expected. I propose that we test our cache by:

      • Starting an invalid mock OCSP responder that revokes all certificates.
      • Running a mongod with a cert that lists that responder as it's OCSP responder.
      • Ensuring that the cert has been revoked.
      • Shutting down the invalid mock OCSP responder and starting up a valid OCSP responder with the same address.
      • Ensuring the cert is still revoked.

      We should retrieve the OCSP response information from our cache during the last step and avoid querying the valid OCSP responder.

            Assignee:
            clyde.bazile@mongodb.com Clyde Bazile III (Inactive)
            Reporter:
            clyde.bazile@mongodb.com Clyde Bazile III (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: