Closed kenjenkins closed 10 months ago
Hi @mholt, please let me know if you have any feedback about this idea. But feel free to close if you think it's not worth bothering with something like this.
Hey @kenjenkins ! So sorry. I am actually very interested in this. We just had a baby a couple months early and she's about to come home finally, so I've been very busy accumulating a backlog of issues and PRs to review.
I've actually been wanting to review this first, since it looks solid and I love tests. I'll do that in a moment. :)
Thanks @mholt, and no need to apologize. Congratulations on your baby girl!
I thought it might be nice to add a few more unit tests for ocsp.go. (This has been at the back of my mind since #245, and I was curious to learn a little bit more about how OCSP works.) Please let me know if you have any concerns, either on the high-level approach or on specific details.
These test cases exercise some more of the logic starting from the
stapleOCSP()
method, using a few more test certificates and anhttptest.Server
acting as the OCSP responder.These tests are very simplistic:
DisableStapling
option should be honoredI haven't made any attempt to provide sensible timestamps, either in the test certificates or in the OCSP responses, as it's always a little tricky writing unit tests where
time.Now()
is involved.I believe this should bring unit test coverage for ocsp.go from 21% to 70%.