From 8f4d3305b262da7793627e8796f7250f2704c110 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Sat, 29 Mar 2025 10:34:38 -0500 Subject: [PATCH 1/6] debug ocsp --- .evergreen/ocsp/mock_ocsp_responder.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.evergreen/ocsp/mock_ocsp_responder.py b/.evergreen/ocsp/mock_ocsp_responder.py index d135aa9c5..5bf3edfc0 100644 --- a/.evergreen/ocsp/mock_ocsp_responder.py +++ b/.evergreen/ocsp/mock_ocsp_responder.py @@ -649,6 +649,7 @@ def _handle_get(u_path): raise ValueError("Required 'Host' header not present") der = base64.b64decode(u_path) ocsp_request = responder.parse_ocsp_request(der) + logger.debug("Handled get %s", u_path) return responder.build_http_response(ocsp_request) @@ -662,4 +663,5 @@ def _handle_post(): if "Host" not in request.headers: raise ValueError("Required 'Host' header not present") ocsp_request = responder.parse_ocsp_request(request.data) + logger.debug("Handled post") return responder.build_http_response(ocsp_request) From 4d48a7a5509082f22d67e3d5d1f6a07c82942ef3 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Sun, 30 Mar 2025 15:21:14 -0500 Subject: [PATCH 2/6] await server --- .evergreen/ocsp/setup.sh | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/.evergreen/ocsp/setup.sh b/.evergreen/ocsp/setup.sh index ceef371e7..f798b944e 100755 --- a/.evergreen/ocsp/setup.sh +++ b/.evergreen/ocsp/setup.sh @@ -25,7 +25,8 @@ bash teardown.sh echo "Starting OCSP server ${OCSP_ALGORITHM}-${SERVER_TYPE}..." CA_FILE="${OCSP_ALGORITHM}/ca.pem" -ARGS="-p 8100 -v" +PORT=8100 +ARGS="-p $PORT -v" case $SERVER_TYPE in valid) @@ -67,7 +68,22 @@ $COMMAND ocsp_mock.py \ $ARGS > ocsp_mock_server.log 2>&1 & echo "$!" > ocsp.pid -sleep 1 +await_server() { + echo "Waiting on $1 server on port $2" + for _ in $(seq 10); do + # Exit code 7: "Failed to connect to host". + if curl -s "localhost:$2"; test $? -ne 7; then + echo "Waiting on $1 server on port $2...done" + return 0 + else + echo "Could not connect, sleeping." + sleep 2 + fi + done + echo "Could not detect '$1' server on port $2" + exit 1 +} +await_server ocsp_mock.py $PORT cat ocsp_mock_server.log echo "Starting OCSP server ${OCSP_ALGORITHM}-${SERVER_TYPE}... done." From 58fee809a2e86920ee590948022802280ccf39bf Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Sun, 30 Mar 2025 19:22:06 -0500 Subject: [PATCH 3/6] debug --- .evergreen/ocsp/ocsp_mock.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.evergreen/ocsp/ocsp_mock.py b/.evergreen/ocsp/ocsp_mock.py index dad22e709..66b2d11ec 100755 --- a/.evergreen/ocsp/ocsp_mock.py +++ b/.evergreen/ocsp/ocsp_mock.py @@ -65,10 +65,10 @@ def main(): ) args = parser.parse_args() - if args.verbose: - logging.basicConfig(level=logging.DEBUG) + level = logging.DEBUG if args.verbose else logging.INFO + logging.basicConfig(level=level, format="%(asctime)s %(levelname)-8s %(message)s") - print("Initializing OCSP Responder") + mock_ocsp_responder.logger.info("Initializing OCSP Responder") mock_ocsp_responder.init_responder( issuer_cert=args.ca_file, responder_cert=args.ocsp_responder_cert, @@ -78,6 +78,7 @@ def main(): ) serve(mock_ocsp_responder.app, host=args.bind_ip, port=args.port) + mock_ocsp_responder.logger.info("Shutting down OCSP Responder") if __name__ == "__main__": From e1be0aacf464b85daf1b59893e7fd6efb1f32b1c Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Sun, 30 Mar 2025 19:30:25 -0500 Subject: [PATCH 4/6] more debug --- .evergreen/ocsp/mock_ocsp_responder.py | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/.evergreen/ocsp/mock_ocsp_responder.py b/.evergreen/ocsp/mock_ocsp_responder.py index 5bf3edfc0..c2384da06 100644 --- a/.evergreen/ocsp/mock_ocsp_responder.py +++ b/.evergreen/ocsp/mock_ocsp_responder.py @@ -634,6 +634,7 @@ def init(port=8080, debug=False, host=None): @app.route("/", methods=["GET"]) def _handle_root(): + logger.debug("Handled root get") return "ocsp-responder" @@ -645,11 +646,14 @@ def _handle_get(u_path): An OCSP GET request contains the DER-in-base64 encoded OCSP request in the HTTP request URL. """ + logger.debug("Handling get %s...", u_path) if "Host" not in request.headers: - raise ValueError("Required 'Host' header not present") + message = "Required 'Host' header not present" + logger.error(message) + raise ValueError(message) der = base64.b64decode(u_path) ocsp_request = responder.parse_ocsp_request(der) - logger.debug("Handled get %s", u_path) + logger.debug("Handling get %s... done.", u_path) return responder.build_http_response(ocsp_request) @@ -660,8 +664,11 @@ def _handle_post(): An OCSP POST request contains the DER encoded OCSP request in the HTTP request body. """ + logger.debug("Handling post to /status...") if "Host" not in request.headers: - raise ValueError("Required 'Host' header not present") + message = "Required 'Host' header not present" + logger.error(message) + raise ValueError(message) ocsp_request = responder.parse_ocsp_request(request.data) - logger.debug("Handled post") + logger.debug("Handling post to /status... done.") return responder.build_http_response(ocsp_request) From 699649a458c56a45aa43d91832bd4ccdd01d82bb Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Sun, 30 Mar 2025 19:38:15 -0500 Subject: [PATCH 5/6] try a sleep --- .evergreen/ocsp/setup.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/.evergreen/ocsp/setup.sh b/.evergreen/ocsp/setup.sh index f798b944e..045a4d69f 100755 --- a/.evergreen/ocsp/setup.sh +++ b/.evergreen/ocsp/setup.sh @@ -85,5 +85,6 @@ await_server() { } await_server ocsp_mock.py $PORT cat ocsp_mock_server.log +sleep 3 echo "Starting OCSP server ${OCSP_ALGORITHM}-${SERVER_TYPE}... done." From a704e4601fc6eb18f16487afa1f14219effd465b Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Tue, 1 Apr 2025 19:08:54 -0500 Subject: [PATCH 6/6] reduce sleep --- .evergreen/ocsp/setup.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/.evergreen/ocsp/setup.sh b/.evergreen/ocsp/setup.sh index 045a4d69f..f798b944e 100755 --- a/.evergreen/ocsp/setup.sh +++ b/.evergreen/ocsp/setup.sh @@ -85,6 +85,5 @@ await_server() { } await_server ocsp_mock.py $PORT cat ocsp_mock_server.log -sleep 3 echo "Starting OCSP server ${OCSP_ALGORITHM}-${SERVER_TYPE}... done."