update tasks

Author: blink1073

.evergreen/generated_configs/tasks.yml

@@ -777,8 +777,36 @@ tasks:
           OCSP_SERVER_TYPE: revoked
           TEST_NAME: ocsp
     tags: [ocsp, ocsp-ecdsa]
+  - name: test-ocsp-ecdsa-basic-tls-ocsp-disableStapling-valid-delegate
+    commands:
+      - func: run server
+        vars:
+          TEST_NAME: ocsp
+          ORCHESTRATION_FILE: ecdsa-basic-tls-ocsp-disableStapling.json
+      - func: run tests
+        vars:
+          ORCHESTRATION_FILE: ecdsa-basic-tls-ocsp-disableStapling.json
+          OCSP_SERVER_TYPE: valid-delegate
+          TEST_NAME: ocsp
+    tags: [ocsp, ocsp-ecdsa]
+  - name: test-ocsp-ecdsa-basic-tls-ocsp-disableStapling-revoked-delegate
+    commands:
+      - func: run server
+        vars:
+          TEST_NAME: ocsp
+          ORCHESTRATION_FILE: ecdsa-basic-tls-ocsp-disableStapling.json
+      - func: run tests
+        vars:
+          ORCHESTRATION_FILE: ecdsa-basic-tls-ocsp-disableStapling.json
+          OCSP_SERVER_TYPE: revoked-delegate
+          TEST_NAME: ocsp
+    tags: [ocsp, ocsp-ecdsa]
   - name: test-ocsp-ecdsa-basic-tls-ocsp-disableStapling-no-responder
     commands:
+      - func: run server
+        vars:
+          TEST_NAME: ocsp
+          ORCHESTRATION_FILE: ecdsa-basic-tls-ocsp-disableStapling.json
       - func: run tests
         vars:
           ORCHESTRATION_FILE: ecdsa-basic-tls-ocsp-disableStapling.json
@@ -809,8 +837,36 @@ tasks:
           OCSP_SERVER_TYPE: revoked
           TEST_NAME: ocsp
     tags: [ocsp, ocsp-ecdsa]
+  - name: test-ocsp-ecdsa-basic-tls-ocsp-mustStaple-disableStapling-valid-delegate
+    commands:
+      - func: run server
+        vars:
+          TEST_NAME: ocsp
+          ORCHESTRATION_FILE: ecdsa-basic-tls-ocsp-mustStaple-disableStapling.json
+      - func: run tests
+        vars:
+          ORCHESTRATION_FILE: ecdsa-basic-tls-ocsp-mustStaple-disableStapling.json
+          OCSP_SERVER_TYPE: valid-delegate
+          TEST_NAME: ocsp
+    tags: [ocsp, ocsp-ecdsa]
+  - name: test-ocsp-ecdsa-basic-tls-ocsp-mustStaple-disableStapling-revoked-delegate
+    commands:
+      - func: run server
+        vars:
+          TEST_NAME: ocsp
+          ORCHESTRATION_FILE: ecdsa-basic-tls-ocsp-mustStaple-disableStapling.json
+      - func: run tests
+        vars:
+          ORCHESTRATION_FILE: ecdsa-basic-tls-ocsp-mustStaple-disableStapling.json
+          OCSP_SERVER_TYPE: revoked-delegate
+          TEST_NAME: ocsp
+    tags: [ocsp, ocsp-ecdsa]
   - name: test-ocsp-ecdsa-basic-tls-ocsp-mustStaple-disableStapling-no-responder
     commands:
+      - func: run server
+        vars:
+          TEST_NAME: ocsp
+          ORCHESTRATION_FILE: ecdsa-basic-tls-ocsp-mustStaple-disableStapling.json
       - func: run tests
         vars:
           ORCHESTRATION_FILE: ecdsa-basic-tls-ocsp-mustStaple-disableStapling.json
@@ -841,14 +897,6 @@ tasks:
           OCSP_SERVER_TYPE: revoked
           TEST_NAME: ocsp
     tags: [ocsp, ocsp-ecdsa, ocsp-staple]
-  - name: test-ocsp-ecdsa-basic-tls-ocsp-mustStaple-no-responder
-    commands:
-      - func: run tests
-        vars:
-          ORCHESTRATION_FILE: ecdsa-basic-tls-ocsp-mustStaple.json
-          OCSP_SERVER_TYPE: no-responder
-          TEST_NAME: ocsp
-    tags: [ocsp, ocsp-ecdsa, ocsp-staple]
   - name: test-ocsp-ecdsa-basic-tls-ocsp-mustStaple-valid-delegate
     commands:
       - func: run server
@@ -897,8 +945,36 @@ tasks:
           OCSP_SERVER_TYPE: revoked
           TEST_NAME: ocsp
     tags: [ocsp, ocsp-rsa]
+  - name: test-ocsp-rsa-basic-tls-ocsp-mustStaple-disableStapling-valid-delegate
+    commands:
+      - func: run server
+        vars:
+          TEST_NAME: ocsp
+          ORCHESTRATION_FILE: rsa-basic-tls-ocsp-mustStaple-disableStapling.json
+      - func: run tests
+        vars:
+          ORCHESTRATION_FILE: rsa-basic-tls-ocsp-mustStaple-disableStapling.json
+          OCSP_SERVER_TYPE: valid-delegate
+          TEST_NAME: ocsp
+    tags: [ocsp, ocsp-rsa]
+  - name: test-ocsp-rsa-basic-tls-ocsp-mustStaple-disableStapling-revoked-delegate
+    commands:
+      - func: run server
+        vars:
+          TEST_NAME: ocsp
+          ORCHESTRATION_FILE: rsa-basic-tls-ocsp-mustStaple-disableStapling.json
+      - func: run tests
+        vars:
+          ORCHESTRATION_FILE: rsa-basic-tls-ocsp-mustStaple-disableStapling.json
+          OCSP_SERVER_TYPE: revoked-delegate
+          TEST_NAME: ocsp
+    tags: [ocsp, ocsp-rsa]
   - name: test-ocsp-rsa-basic-tls-ocsp-mustStaple-disableStapling-no-responder
     commands:
+      - func: run server
+        vars:
+          TEST_NAME: ocsp
+          ORCHESTRATION_FILE: rsa-basic-tls-ocsp-mustStaple-disableStapling.json
       - func: run tests
         vars:
           ORCHESTRATION_FILE: rsa-basic-tls-ocsp-mustStaple-disableStapling.json
@@ -929,8 +1005,36 @@ tasks:
           OCSP_SERVER_TYPE: revoked
           TEST_NAME: ocsp
     tags: [ocsp, ocsp-rsa]
+  - name: test-ocsp-rsa-basic-tls-ocsp-disableStapling-valid-delegate
+    commands:
+      - func: run server
+        vars:
+          TEST_NAME: ocsp
+          ORCHESTRATION_FILE: rsa-basic-tls-ocsp-disableStapling.json
+      - func: run tests
+        vars:
+          ORCHESTRATION_FILE: rsa-basic-tls-ocsp-disableStapling.json
+          OCSP_SERVER_TYPE: valid-delegate
+          TEST_NAME: ocsp
+    tags: [ocsp, ocsp-rsa]
+  - name: test-ocsp-rsa-basic-tls-ocsp-disableStapling-revoked-delegate
+    commands:
+      - func: run server
+        vars:
+          TEST_NAME: ocsp
+          ORCHESTRATION_FILE: rsa-basic-tls-ocsp-disableStapling.json
+      - func: run tests
+        vars:
+          ORCHESTRATION_FILE: rsa-basic-tls-ocsp-disableStapling.json
+          OCSP_SERVER_TYPE: revoked-delegate
+          TEST_NAME: ocsp
+    tags: [ocsp, ocsp-rsa]
   - name: test-ocsp-rsa-basic-tls-ocsp-disableStapling-no-responder
     commands:
+      - func: run server
+        vars:
+          TEST_NAME: ocsp
+          ORCHESTRATION_FILE: rsa-basic-tls-ocsp-disableStapling.json
       - func: run tests
         vars:
           ORCHESTRATION_FILE: rsa-basic-tls-ocsp-disableStapling.json
@@ -961,14 +1065,6 @@ tasks:
           OCSP_SERVER_TYPE: revoked
           TEST_NAME: ocsp
     tags: [ocsp, ocsp-rsa, ocsp-staple]
-  - name: test-ocsp-rsa-basic-tls-ocsp-mustStaple-no-responder
-    commands:
-      - func: run tests
-        vars:
-          ORCHESTRATION_FILE: rsa-basic-tls-ocsp-mustStaple.json
-          OCSP_SERVER_TYPE: no-responder
-          TEST_NAME: ocsp
-    tags: [ocsp, ocsp-rsa, ocsp-staple]
   - name: test-ocsp-rsa-basic-tls-ocsp-mustStaple-valid-delegate
     commands:
       - func: run server

.evergreen/scripts/generate_config.py

@@ -911,12 +911,18 @@ def create_ocsp_tasks():
     for path in config_path.glob("*ocsp*"):
         if "singleEndpoint" in path.name:
             continue
-        server_types = ["valid", "revoked", "no-responder"]
-        if "disableStapling" not in path.name:
-            server_types.extend(["valid-delegate", "revoked-delegate"])
-        for server_type in server_types:
+        # Handle the tests that start an OCSP server.
+        for server_type in ["valid", "revoked", "valid-delegate", "revoked-delegate"]:
             task = _create_ocsp_task(path.name, server_type)
             tasks.append(task)
+        # Soft Fail Test: No OCSP Responder + server that does not staple.
+        if "basic-tls-ocsp-disableStapling.json" in path.name:
+            task = _create_ocsp_task(path.name, "no-responder")
+            tasks.append(task)
+        # Malicious Server Test 2: No OCSP Responder + server w/ Must- Staple cert that does not staple.
+        elif "basic-tls-ocsp-mustStaple-disableStapling.json" in path.name:
+            task = _create_ocsp_task(path.name, "no-responder")
+            tasks.append(task)
 
     return tasks