CertificateStatus is optional. Because RFC 6066 is obnoxious like that and IIS servers actually do this when OCSP-stapling is configured, but the OCSP server cannot be reached. BUG=478947 Change-Id: I3d34c1497e0b6b02d706278dcea5ceb684ff60ae Reviewed-on: https://boringssl-review.googlesource.com/4461 Reviewed-by: Adam Langley <agl@google.com>

commit: dcd979f1a46e4316d4257c25acd5f05f4378ebd1 [log] [tgz]
author: David Benjamin <davidben@chromium.org> Mon Apr 20 18:26:52 2015 -0400
committer: Adam Langley <agl@google.com> Tue Apr 28 20:36:57 2015 +0000
tree: 8f8452726c9a2caefa590a62d46718988685f262
parent: 2c6080f1925e3043383de446a519b216fcc08cbd [diff] [blame]
diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index abed611..75fa4b4 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go

@@ -434,6 +434,11 @@
 	// HelloVerifyRequest message.
 	SkipHelloVerifyRequest bool
 
+	// SkipCertificateStatus, if true, causes the server to skip the
+	// CertificateStatus message. This is legal because CertificateStatus is
+	// optional, even with a status_request in ServerHello.
+	SkipCertificateStatus bool
+
 	// SkipServerKeyExchange causes the server to skip sending
 	// ServerKeyExchange messages.
 	SkipServerKeyExchange bool
commit	dcd979f1a46e4316d4257c25acd5f05f4378ebd1	[log] [tgz]
author	David Benjamin <davidben@chromium.org>	Mon Apr 20 18:26:52 2015 -0400
committer	Adam Langley <agl@google.com>	Tue Apr 28 20:36:57 2015 +0000
tree	8f8452726c9a2caefa590a62d46718988685f262
parent	2c6080f1925e3043383de446a519b216fcc08cbd [diff] [blame]